WO2020010767A1 - Alliance-based unified trust anchor system for whole network, and construction method - Google Patents

Alliance-based unified trust anchor system for whole network, and construction method Download PDF

Info

Publication number
WO2020010767A1
WO2020010767A1 PCT/CN2018/115239 CN2018115239W WO2020010767A1 WO 2020010767 A1 WO2020010767 A1 WO 2020010767A1 CN 2018115239 W CN2018115239 W CN 2018115239W WO 2020010767 A1 WO2020010767 A1 WO 2020010767A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
terminal
trust
level
trusted root
Prior art date
Application number
PCT/CN2018/115239
Other languages
French (fr)
Chinese (zh)
Inventor
蒋文保
史博轩
章峰
Original Assignee
北京信息科技大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京信息科技大学 filed Critical 北京信息科技大学
Publication of WO2020010767A1 publication Critical patent/WO2020010767A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Definitions

  • the present invention relates to the field of communications, and in particular, to an alliance-based unified trust anchor system and construction method for the entire network.
  • the existing TCP / IP protocol does not have inherent security mechanisms such as address authenticity authentication, it is difficult to trace the source of the attack and the identity of the attacker.
  • the routing device forwards packets based on the destination address, and does not verify the source of the data packet.
  • a large number of address forgery-based attacks cannot be tracked, causing a large number of attacks such as source address spoofing, routing hijacking, and denial of service, which seriously threatens network security.
  • Solving the problem of network naming security including address security and building a secure and trusted Internet environment have become important issues that need to be addressed urgently.
  • PKI introduces a trusted third-party CA, which brings the costs of certificate management, storage, and calculation:
  • the certificate directory provides users with certificate download and status query services at any time, which increases the maintenance overhead.
  • Fourth, large-scale secrets The problem of key management is generally the method of physically adding CAs, and there are also problems of cross authentication and trust management among users of each CA.
  • the present invention aims to overcome at least one of the above-mentioned shortcomings and provide an alliance-based unified trust anchor system and construction method for the entire network to achieve efficient management of public keys.
  • One aspect of the present invention provides a federation-based unified trust anchor system for the entire network, including: federation area, the federation area includes n trusted root servers, and each trusted root server is connected to each other; n top-level trust server sets, each top-level The trust server set connects one trust root server, each top trust server set includes m top trust servers, and m top trust servers connect to one trust root server; n * m permission trust server sets, each permission trust server set Connects to a top-level trust server, each permission trust server set includes j permission trust servers, and j permission trust servers connect to the same top-level trust server; n * m * j terminal sets, each terminal set connects to a permission trust server Each terminal set includes i terminals, i terminals are connected to the same authority trust server; among them, each trusted root server is used to store the names and public key information of all trusted root servers, and stores the names of all top-level trusted servers , Address and public key information, and It is used to issue certificates, and the information
  • Each top-level trust server is used to store its own public key information and store the authority trusts connected to it. Server name, address, and public key information; each authority trusts the server to store its own public key information, and stores the name, address, and public key information of the terminal connected to it.
  • Another aspect of the present invention provides a method for constructing a unified trust anchor across the entire network based on a federation, which includes: building a federation area, configuring the federation area to include n trusted root servers, each trusted root server being connected to each other, and each trusted root
  • the server stores the name and public key information of all trusted root servers, and stores the name, address, and public key information of all top-level trusted servers, as well as for issuing certificates, and the information stored by each trusted root server is exactly the same.
  • Consistency of stored information build n top-level trust server sets, and configure each top-level trust server set to connect a trusted root server, each top-level trust server set includes m top-level trust servers, and m top-level trust server connections are the same
  • a trust root server each top-level trust server stores its own public key information, and stores the name, address, and public key information of the authority trust server connected to it
  • builds a set of n * m authority trust servers and configures each authority trust Server collection connects to a top-level trusted server Server, each permission trust server set includes j permission trust servers, and j permission trust servers are connected to the same top-level trust server, each permission trust server stores its own public key information, and stores the name of the terminal connected to it, Address and public key information
  • n * m * j terminal sets are constructed, and each terminal set is connected to a permission trust server, each terminal set includes i terminals, and i terminals are connected to the same permission trust server.
  • the alliance trust anchor exists in a decentralized form, and the alliance region is ensured through a consensus algorithm.
  • the data of each trust root server in the network is consistent.
  • a unified trust anchor across the entire network is established in the alliance to jointly manage the public key.
  • This decentralized organization and management method based on the alliance can ensure that the status of each trusted root server is consistent and effective.
  • the ground avoids various disadvantages in the current centralization work, realizes the efficient management of public keys, enables remote communication entities to obtain the counterpart's public key, and ensures the authenticity of the public key.
  • FIG. 1 is a schematic structural diagram of a trust model according to an embodiment of the present invention
  • FIG. 2 is a schematic structural diagram of an alliance-based unified trust anchor system throughout the network according to an embodiment of the present invention
  • FIG. 3 is a flowchart of an alliance-based full-text unified trust anchor system and a construction method according to an embodiment of the present invention.
  • the foundation of the trust model is that all trusted users have a trusted root.
  • this is a simple three-tier trust structure, which is a chain trust relationship.
  • the trusted entity A1 can be represented as such a trust chain: (R, C1, A1) It shows that A1 can be traced back to the root of trust R that generated it.
  • R, C1, A1 There is a root node R as the starting point of trust. This point of establishing a trust relationship is called a trust anchor.
  • the trust path of this model is that the path from the root node to the leaf node constitutes the trust path.
  • the present invention adopts a method of establishing an alliance trust anchor.
  • each country has a trust root server (data is consistent), and each country relies on each country's sub-cluster of trust root server to manage each country.
  • the trusted root server is maintained by the country to which it belongs.
  • the federation zone consists of the root server with the lowest depth of trust. All trusted root servers in the federation zone form an undirected graph. All trusted root servers have physical links and can communicate with each other.
  • the trusted root server nodes shown in A, X, Y, and Z in FIG. 2 form the federation area.
  • the alliance-based unified trust anchor system of the entire network provided by the embodiment of the present invention includes:
  • the alliance area includes n trusted root servers (as shown in Figure A, X, Y, Z), each trusted root server is connected to each other;
  • each top trusted server set connected to a trusted root server, each top trusted server set includes m top trusted servers (as shown in the figure B1, B2, ...), and m top trusted servers are connected The same trusted root server;
  • each permission trust server set is connected to a top-level trust server, and each permission trust server set includes j permission trust servers (as shown in the figure C1, C2 ... or C3, C4 ...) And j permission trust servers are connected to the same top-level trust server;
  • each terminal set is connected to a rights trust server, each terminal set includes i terminals (as shown in the figure D1, D2 ... or D3, D4 ... or D5, D6 ...) , I terminals connect to the same permission trust server;
  • Each trusted root server is used to store the names and public key information of all trusted root servers, and stores the name, address, and public key information of all top-level trusted servers, and information used to sign certificates, and each trusted root server stores information Exactly the same, to ensure the consistency of the stored information through a consensus algorithm;
  • Each top-level trust server is used to store its own public key information and the name, address, and public key information of the authority trust server connected to it;
  • Each authority trust server is used to store its own public key information and store the name, address, and public key information of the terminal connected to it.
  • the alliance trust anchor exists in a decentralized form.
  • the consensus algorithm is used to ensure that the data of each trust root server in the alliance area is consistent.
  • a unified trust anchor across the network is established in the alliance to jointly manage the public key.
  • the decentralized organization and management of the alliance can ensure that the status of each trusted root server is consistent, effectively avoiding various disadvantages existing in the current centralization work, and achieve efficient management of public keys, so that remote communication entities can obtain each other's Public key, and ensure the authenticity of the public key.
  • the consensus algorithm used is determined according to the specific situation. For example, the Epaxos consensus algorithm can be used.
  • each node is equal in sovereignty. Each node is only responsible for the work of the node.
  • each country can adopt, for example, multi-paxos-based cluster management.
  • each alliance node has equal rights, so no leader role is set.
  • Each trusted root server in the federation area adopts asymmetric encryption and owns the public keys of other trusted root servers.
  • the public key update, query, and authentication process between terminal subjects need to pass the resolution of the federation.
  • Each trusted root server stores the names, addresses, and public key information of all top-level trusted servers. The specific data stored by each server is shown in the following table.
  • Top server address information Top-level server public key 1 B1 addr1 Public Key1 2 B2 addr2 Public Key 2 3 E1 Addr3 Public Key3 4 ... ... ...
  • Root server public key 1 A Public Key1 2 X Public Key 2 3 Y Public Key3 4 Z Public Key 4 5 ... ...
  • Example of data stored on the authority trust server (the authority server also stores its own public key):
  • each set of top-level trust servers is connected to all trusted root servers, and each top-level trust server set includes m top-level trust servers, and m top-level trust servers are connected to each trusted root server. This ensures that the top-level trusted server can connect to any trusted root server and perform data transmission.
  • the top-level trust server is further configured to send a change request to a trusted root server connected to the top-level trust server; the trust root server is further used to propose a change resolution to the federation area, and according to a preset resolution policy, After the resolution is passed, the trust root server responds to the change request of the top trust server and updates the data stored in all the trust root servers in the federation area through a consensus algorithm; the top trust server is also used to perform the change operation. In this way, the top-level trusted root server can apply for changes to the trusted root server connected to it.
  • a resolution is made in the federation area, and only after the resolution in the federation area passes, can it be changed.
  • all the root trust servers in the alliance area perform the same modification through a consensus algorithm to ensure data consistency.
  • the specific process includes:
  • the top-level trust server B1 sends a request to update its public key to its superior trust root server A.
  • the public key of the top trusted server B1 is updated in the trusted root server A.
  • the consensus algorithm the data in each trusted root server is consistent.
  • the top trust server B1 updates its public key.
  • the specific process includes:
  • the terminal entity D1 sends a request to update its public key to its superior authority trust server C1.
  • the terminal entity D1 updates its public key.
  • the specific process includes:
  • the authority trust server C1 sends a request to update its public key to its superior top-level trust server B1.
  • the authority trust server C1 updates its public key.
  • the trusted root server is also used to propose a change resolution within the alliance, and after the resolution is passed according to a preset resolution policy, change its own data and update the area of the alliance through a consensus algorithm. All trust the data stored in the root server. In this way, if a trusted root server in the alliance region needs to make data changes, a resolution is made in the alliance region. Only after the resolution in the alliance region is passed can the change operation be performed. At the same time, all trusts in the alliance region The root server performs the same modification through a consensus algorithm to ensure data consistency.
  • the specific process includes:
  • the terminal is further configured to send a query request to the peer terminal to the authority trust server connected to the terminal;
  • the authority trust server is further configured to query the relevant information of the peer terminal without querying, Send a query request to the top-level trust server connected to it;
  • the top-level trust server is also used to send a query request to the trusted root server connected to it when no related information of the peer terminal is queried;
  • the trust root server is also used to When querying the related information of the peer terminal, it sends a query request to the trusted root server where the peer terminal connected to it, and receives the top-level trust server where the peer terminal connected in turn via the trusted root server where the peer terminal is located.
  • the authority trust server where the opposite terminal is located queries the relevant information of the opposite terminal, and sends the relevant information of the opposite terminal obtained by the query to the terminal through the top-level trust server and the authority trust server.
  • the terminal needs to query the related information of the peer terminal, it can query through the authority trust server, top-level trusted root server, and trusted root server connected to it.
  • the trusted root server does not query, then it passes The query is performed by another trusted root server in the federation area. After the query, the query is sent to the terminal through the trusted root server, the top-level trusted root server, and the permission trusted server.
  • the specific process includes:
  • the terminal body D1 queries its superior authority trust server C1.
  • the authority trust server C1 queries its upper-level top trust server B1.
  • the top-level trust server B1 When the top-level trust server B1 does not query the public key of the terminal principal G1, the top-level trust server B1 queries its upper-level trust root server A.
  • the trusted root server in the home country can also access the subordinate servers in other countries.
  • the trusted root server A queries the trusted root server X where the public key of the terminal body G1 is located.
  • the subordinate top trust server E1 that trusts the root server X is queried, and then the top trust server E1 queries its subordinate authority trust server F1, and finally queries the public key of the terminal body G1.
  • the trust root server A can directly query the subordinate top trust server E1 that trusts the root server X, and then the top trust server E1 queries its subordinate authority trust server F1, and finally queries the public key of the terminal body G1. .
  • the specific process includes:
  • the terminal body D1 queries its superior authority trust server C1.
  • the specific process includes:
  • the terminal body D1 queries its superior authority trust server C1.
  • the authority trust server C1 queries its upper-level top trust server B1.
  • the top-level trust server B1 does not query the public key of the terminal subject D5, the top-level trust server B1 queries its upper-level trust root server A.
  • the terminal is further configured to query whether the identification information of the opposite terminal is cached locally, and to query the trust of the opposite terminal when the identification information of the opposite terminal is not cached locally.
  • the root server sends a query request; the terminal is also used to query the trusted root server where the peer terminal is located to obtain the identity information of the peer terminal, and to the top level where the peer terminal connected to the trusted root server where the peer terminal is located is located.
  • the trust server sends a query request; the terminal is also used for the permission of the peer terminal connected to the top-level trust server where the peer terminal is located when the top-level trust server where the peer terminal is located obtains the identification information of the peer terminal.
  • the trust server sends a query request; the terminal is also used to receive the query response information sent by the authority trust server where the peer terminal is located when the authority trust server where the peer terminal is located obtains the identification information of the peer terminal.
  • the terminal needs to query the related information of the peer terminal, it can directly query the trusted root server, top-level trust server, and authority trust root server where the peer terminal is located to check whether there is identification information of the peer terminal.
  • the query response information is obtained after the identification information is included, and the query information is included in the query response information and sent to the terminal, thereby improving the query efficiency.
  • the terminal can query the public terminal's public key on the network where the opposite terminal is located by recursively iteratively.
  • the specific operations are as follows:
  • the terminal body D1 first locally queries whether the public key information of the peer body (for example, the terminal body D2 or the terminal body G1) has been cached.
  • the terminal subject D1 requests the root trust server where the peer subject (for example, the terminal subject D2 or the terminal subject G1) is located to query the ID information of the peer subject through an iterative query. If no ID information is queried on the root trust server, the query is terminated and returned to the terminal without information. If the ID information is queried on the root trust server, the terminal body D1 continues to query the ID information of the gateway B on the top-level trust server where the opposite body (for example, the terminal body D2 or the terminal body G1) is located.
  • the peer subject for example, the terminal subject D2 or the terminal subject G1
  • the terminal body D1 requests the top-level trust server to query the ID information of the opposite body (for example, the terminal body D2 or the terminal body G1). If the ID information is not queried on the top-level trusted server, the query is terminated and returned to the terminal body D1 with no information found. If the ID information is queried on the top-level trust server, the terminal body D1 continues to query the ID trust information of the gateway B from the authority trust server where the opposite body (for example, the terminal body D2 or the terminal body G1) is located.
  • the terminal body D1 requests the authority trust server to query the ID information of the opposite body (for example, the terminal body D2 or the terminal body G1). If the ID information is not queried on the authority trust server, the query is terminated and returned to the terminal D1. If the ID information is queried on the authority trust server, it returns the public key information of the opposite subject (for example, the terminal subject D2 or the terminal subject G1) requested by the terminal subject D1.
  • the terminal is further configured to send an authentication request to the peer terminal to the authority trust server connected to the terminal; the authority trust server is further configured to query the authentication information of the peer terminal without query. After that, it sends an authentication request to the top-level trust server connected to it; the top-level trust server is also used to send a query request to the trusted root server connected to it without querying the authentication information of the peer terminal; the trust root server is also used to When the authentication information of the peer terminal is not queried, a query request is sent to the trusted root server where the peer terminal connected to it is received, and the authentication information of the peer terminal obtained through the query of the trusted root server where the peer terminal is located passes the top level The trust server and authority trust server are sent to the terminal.
  • the terminal needs to authenticate the peer terminal, it can perform authentication through the authority trust server, top-level trust root server, and trust root server connected to it.
  • the trust root server does not query the authentication information, it passes the federation.
  • Another trusted root server in the region queries the authentication information. After querying the authentication information, it sends it to the terminal through the trusted root server, the top-level trusted root server, and the authority trusted server.
  • the terminal body D1 wants to authenticate the public key of the terminal body D5
  • the terminal body D5 needs the public key of the authority trust server C3
  • the top-level trust server B2 contains the public key information of the authority trust server C3. Therefore, only You need to find the data of the top trusted server B2.
  • the specific process includes:
  • the terminal body D1 queries its superior authority trust server C1.
  • the authority trust server C1 queries its upper-level top trust server B1.
  • the top trust server B1 does not query the public key of the authority trust server C3, the top trust server B1 queries its superior trust root server A.
  • the data of the top trusted server B2 is queried, thereby obtaining the public key of the authority trusted server C3, and completing the authentication.
  • the terminal is further configured to send an authentication request to the peer terminal to the authority trust server connected to the terminal;
  • the authority trust server is further configured to query the authentication information of the peer terminal without querying, Send an authentication request to the top-level trust server connected to it;
  • the top-level trust server is also used to send a query request to the trusted root server connected to it when no authentication information of the peer terminal is queried;
  • the trust root server is also used to When querying the authentication information of the peer terminal, it sends a query request to the trusted root server where the peer terminal connected to it, and receives the top-level trust server where the peer terminal connected in turn via the trusted root server where the peer terminal is located.
  • the authority trust server where the opposite terminal is located queries the authentication information of the opposite terminal, and sends the obtained authentication information of the opposite terminal to the terminal through the top-level trust server and the authority trust server.
  • the terminal needs to authenticate the peer terminal, it can perform authentication through the authority trust server, top-level trust root server, and trust root server connected to it.
  • the trust root server does not query the authentication information, it passes the federation.
  • Another trusted root server in the region queries the authentication information.
  • the other trusted root server queries the authentication information through the top-level trust server and authority trust server connected to itself, and passes the found authentication information through the trusted root server and top-level trusted root server.
  • the authority trust server sends it to the terminal.
  • the terminal body D1 when the terminal body D1 wants to authenticate the public key of the terminal body D5, the terminal body D1 needs to authenticate the public key of the terminal body D5.
  • the specific process includes:
  • the terminal body D1 queries its superior authority trust server C1.
  • the authority trust server C1 queries its upper-level top trust server B1.
  • the top-level trust server B1 does not query the public key of the terminal body D5, the top-level trust server B1 queries its upper-level trust root server A.
  • the trusted root server A makes a query through its subordinate top trusted server B2.
  • the subordinate authority of the top-level trust server B2 trusts the server C3, thereby obtaining the public key of the terminal body D5 and completing the authentication.
  • the alliance trust anchor exists in a decentralized form, and the consensus algorithm is used to ensure that the data of each trust root server in the alliance area is consistent, and Establish a unified trust anchor across the entire network and jointly manage the public key.
  • This alliance-based decentralized organization and management method can ensure that the status of each trusted root server is consistent, effectively avoiding various disadvantages in the current centralization work. , To achieve efficient management of public keys, so that remote communication entities can obtain each other's public keys and ensure the authenticity of public keys.
  • FIG. 3 shows a method for constructing an alliance-based unified trust anchor of the entire network provided by an embodiment of the present invention.
  • the solution is applied to the above system, and the method is only briefly described here. For other unresolved matters, please refer to the related system. Description.
  • a method for constructing a unified network-based unified trust anchor provided by an embodiment of the present invention includes:
  • the federation zone is configured to include n trusted root servers, and each trusted root server is connected to each other.
  • Each trusted root server stores the names and public key information of all trusted root servers, and stores the names of all top trusted servers. , Address, and public key information, as well as for issuing certificates, and the information stored by each trusted root server is exactly the same, and the consistency of the stored information is guaranteed by a consensus algorithm;
  • each top trusted server set includes m top trusted servers, and m top trusted servers connected to the same trusted root server.
  • Each top-level trust server stores its own public key information, and stores the name, address, and public key information of the authority trust server connected to it;
  • Each permission trust server set includes j permission trust servers, and j permission trust servers are connected to the same top-level trust.
  • Server each authority trusts the server to store its own public key information, and stores the name, address, and public key information of the terminal connected to it;
  • the alliance trust anchor exists in a decentralized form, and the consensus algorithm is used to ensure that the data of each trust root server in the alliance area is consistent.
  • the alliance establishes a unified trust anchor across the entire network and jointly manages the public key.
  • This alliance-based decentralized organization and management method can ensure that the status of each trusted root server is consistent, effectively avoiding the various existing existing centralized work.
  • the disadvantage is that the efficient management of the public key is realized, so that the remote communication entity can obtain the public key of the other party and ensure the authenticity of the public key.
  • the method for constructing a federation-based unified trust anchor for the entire network further includes: configuring each top-level trust server set to connect to all trusted root servers, and each top-level trust server set including m top-level trusts Server, and m top trusted servers connect to each trusted root server. This ensures that the top-level trusted server can connect to any trusted root server and perform data transmission.
  • the method for constructing the alliance-based unified trust anchor of the entire network further includes: a change process of the top-level trust server;
  • the change process for the top trust server includes:
  • the top-level trust server sends a change request to the trusted root server connected to it;
  • the trust root server proposes a change resolution to the federation area. After the resolution is passed according to the preset resolution policy, the trust root server responds to the change request of the top trust server and updates the storage of all trusted root servers in the federation area through the consensus algorithm.
  • the data ;
  • the top-level trust server performs the change operation.
  • the top-level trusted root server can apply for changes to the trusted root server connected to it.
  • a resolution is made in the federation area, and only after the resolution in the federation area passes, can it be changed.
  • all the root trust servers in the alliance area perform the same modification through a consensus algorithm to ensure data consistency.
  • the method for constructing the alliance-based unified trust anchor of the entire network further includes: a process of changing the trust root server:
  • the process of changing the trusted root server includes:
  • the trust root server proposes a change resolution in the alliance, and after the resolution is passed according to a preset resolution policy, changes its own data and updates the data stored in all trust root servers in the alliance area through a consensus algorithm.
  • a trusted root server in the alliance region needs to make data changes, a resolution is made in the alliance region. Only after the resolution in the alliance region is passed can the change operation be performed. At the same time, all trusts in the alliance region The root server performs the same modification through a consensus algorithm to ensure data consistency.
  • the method for constructing the alliance-based unified trust anchor of the entire network further includes a query process of the terminal:
  • the query process of the terminal includes:
  • the terminal sends a query request to the opposite terminal to the authority trust server connected to the terminal;
  • the authority trust server sends a query request to the top-level trust server connected to the peer terminal without querying the relevant information of the peer terminal;
  • the top-level trust server sends a query request to the trusted root server connected to the peer terminal without querying the relevant information of the peer terminal;
  • the trusted root server When the trusted root server does not query related information of the peer terminal, it sends a query request to the trusted root server where the peer terminal connected to it and receives the peer terminal connected in turn through the trusted root server where the peer terminal is located.
  • the top trust server and the authority trust server where the peer terminal is located query the related information of the peer terminal, and send the query related information of the peer terminal to the terminal through the top trust server and the authority trust server.
  • the terminal needs to query the related information of the peer terminal, it can query it through the authority trust server, top-level trust root server, and trust root server connected to it.
  • the query is performed by another trusted root server in the federation area. After the query, the query is sent to the terminal through the trusted root server, the top-level trusted root server, and the permission trusted server.
  • the method for constructing the alliance-based unified trust anchor of the entire network further includes a query process of the terminal:
  • the query process of the terminal includes:
  • the terminal queries whether the identification information of the opposite terminal is cached locally;
  • the terminal sends a query request to the trusted root server where the opposite terminal is located;
  • the terminal When the trusted root server where the peer terminal is located obtains the identification information of the peer terminal, the terminal sends a query request to the top trusted server where the peer terminal connected to the trusted root server where the peer terminal is located;
  • the terminal sends a query request to the authority trust server where the peer terminal connected to the top-level trust server where the peer terminal is located;
  • the terminal When the authority trust server where the opposite terminal is located obtains the identification information of the opposite terminal, the terminal receives the query response information sent by the authority trust server where the opposite terminal is located.
  • the terminal needs to query the related information of the peer terminal, it can directly query the trusted root server, top-level trust server, and authority trust root server where the peer terminal is located to check whether there is identification information of the peer terminal.
  • the query response information is obtained after the identification information is included, and the query information is included in the query response information and sent to the terminal, thereby improving the query efficiency.
  • the method for constructing the alliance-based unified trust anchor of the entire network further includes: an authentication process of the terminal;
  • the authentication process of the terminal includes:
  • the terminal is further configured to send an authentication request for the opposite terminal to the authority trust server connected to the terminal;
  • the authority trust server is also used to send an authentication request to the top-level trust server connected to the peer terminal without querying the authentication information of the peer terminal;
  • the top-level trust server is also used to send a query request to the trusted root server connected to the peer terminal without querying the authentication information of the peer terminal;
  • the trust root server is also used to send a query request to the trusted root server where the peer terminal to which it is connected when the authentication information of the peer terminal is not queried, and to receive the query obtained from the trusted root server where the peer terminal is located.
  • the authentication information of the terminal is sent to the terminal through the top-level trust server and the authority trust server.
  • the terminal needs to authenticate the peer terminal, it can perform authentication through the authority trust server, top-level trust root server, and trust root server connected to it.
  • the trust root server does not query the authentication information, it passes the federation.
  • Another trusted root server in the region queries the authentication information. After querying the authentication information, it sends it to the terminal through the trusted root server, the top-level trusted root server, and the authority trusted server.
  • the method for constructing the alliance-based unified trust anchor of the entire network further includes: an authentication process of the terminal;
  • the authentication process of the terminal includes:
  • the terminal is further configured to send an authentication request for the opposite terminal to the authority trust server connected to the terminal;
  • the authority trust server is also used to send an authentication request to the top-level trust server connected to the peer terminal without querying the authentication information of the peer terminal;
  • the top-level trust server is also used to send a query request to the trusted root server connected to the peer terminal without querying the authentication information of the peer terminal;
  • the trust root server is also used to send a query request to the trusted root server where the peer terminal is connected when no authentication information of the peer terminal is queried, and to receive connections through the trusted root server where the peer terminal is located in turn.
  • the top-level trust server where the opposite terminal is located, and the authorization trust server where the opposite terminal is located query the authentication information of the opposite terminal, and send the obtained authentication information of the opposite terminal to the terminal through the top-level trust server and authority trust server. .
  • the terminal needs to authenticate the peer terminal, it can perform authentication through the authority trust server, top-level trust root server, and trust root server connected to it.
  • the trust root server does not query the authentication information, it passes the federation.
  • Another trusted root server in the region queries the authentication information.
  • the other trusted root server queries the authentication information through the top-level trust server and authority trust server connected to itself, and passes the found authentication information through the trusted root server and top-level trusted root server.
  • the authority trust server sends it to the terminal.
  • Any process or method description in a flowchart or otherwise described herein can be understood as representing a module, fragment, or portion of code that includes one or more executable instructions for implementing a particular logical function or step of a process
  • the scope of the preferred embodiments of the present invention includes additional implementations in which the functions may be performed out of the order shown or discussed, including performing the functions in a substantially simultaneous manner or in the reverse order according to the functions involved, which should It is understood by those skilled in the art to which the embodiments of the present invention pertain.
  • a person of ordinary skill in the art can understand that all or part of the steps carried by the methods in the foregoing embodiments may be implemented by a program instructing related hardware.
  • the program may be stored in a computer-readable storage medium.
  • the program is When executed, one or a combination of the steps of the method embodiment is included.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)

Abstract

Provided in the present invention are an alliance-based unified trust anchor system for the whole network, and a construction method. The system comprises: an alliance region, the alliance region comprising n trust root servers which are connected to each other; n top-level trust server sets, wherein each top-level trust server set is connected to a trust root server, each top-level trust server set comprises m top-level trust servers, and the m top-level trust servers are connected to the same trust root server; n*m authority trust server sets, wherein each authority trust server set is connected to a top-level trust server, each authority trust server set comprises j authority trust servers, and the j authority trust servers are connected to the same top-level trust server; and n*m*j terminal sets, wherein each terminal set is connected to an authority trust server, each terminal set comprises i terminals, and the i terminals are connected to the same authority trust server.

Description

一种基于联盟的全网统一信任锚系统及构建方法Alliance-wide unified trust anchor system based on alliance and construction method
相关申请的交叉引用Cross-reference to related applications
本申请要求北京信息科技大学于2018年7月9日提交的、发明名称为“一种基于联盟的全网统一信任锚系统及构建方法”的、中国专利申请号“2018107430314”的优先权。This application claims the priority of Chinese Patent Application No. “2018107430314” filed by Beijing Information Science and Technology University on July 9, 2018, with the name of the invention “a unified alliance-based unified trust anchor system and construction method”.
技术领域Technical field
本发明涉及通信领域,尤其涉及一种基于联盟的全网统一信任锚系统及构建方法。The present invention relates to the field of communications, and in particular, to an alliance-based unified trust anchor system and construction method for the entire network.
背景技术Background technique
由于现有TCP/IP协议不具备地址真实性鉴别等内在的安全机制,导致攻击源头和攻击者身份难以追查。路由设备基于目的地址转发分组,对数据包的来源不做验证,大量基于地址伪造的攻击行为无法跟踪,造成源地址欺骗、路由劫持、拒绝服务等大量攻击的发生,严重威胁网络的安全。解决包括地址安全在内的网络命名安全问题,构建安全可信的互联网环境,已成为亟待解决的重要课题。Because the existing TCP / IP protocol does not have inherent security mechanisms such as address authenticity authentication, it is difficult to trace the source of the attack and the identity of the attacker. The routing device forwards packets based on the destination address, and does not verify the source of the data packet. A large number of address forgery-based attacks cannot be tracked, causing a large number of attacks such as source address spoofing, routing hijacking, and denial of service, which seriously threatens network security. Solving the problem of network naming security including address security and building a secure and trusted Internet environment have become important issues that need to be addressed urgently.
在网络命名安全研究方面,基于密码学的地址安全机制得到越来越多的关注,包括基于证书的公钥密码机制和自认证机制。在公钥密码体制下,公钥数字签名技术需依赖公钥基础设施(PKI)颁发的CA证书绑定实体身份和公钥,以保证实体公钥的真实性。以公钥证书的形式将用户公钥和用户身份进行绑定,形成了解决网络安全问题的成熟方案。但是,PKI通过引入可信第三方CA,由此带来证书的管理、存储和计算上的代价:一是证书的签发、发布、获取、验证、撤销等,流程较为复杂;二是需要在线的证书目录为用户随时提供证书下载和状态查询服务,增加了维护开销;三是如果用户通信的对象比较多,用户必须在本地存储和管理这些证书,增加了用户端使用开销;四是大规模密钥管理的问题一般是采用物理上增加CA的方法,而且各个CA的用户之间还存在交叉认证和信任管理的问题。In the field of network naming security research, more and more attention has been paid to cryptographic-based address security mechanisms, including certificate-based public key cryptography and self-authentication mechanisms. Under the public key cryptosystem, public key digital signature technology needs to rely on the CA certificate issued by the Public Key Infrastructure (PKI) to bind the entity identity and the public key to ensure the authenticity of the entity's public key. Binding the user's public key and user identity in the form of a public key certificate forms a mature solution to network security issues. However, PKI introduces a trusted third-party CA, which brings the costs of certificate management, storage, and calculation: First, the process of issuing, issuing, obtaining, verifying, and revoking a certificate is complicated; second, it needs to be online The certificate directory provides users with certificate download and status query services at any time, which increases the maintenance overhead. Third, if users communicate with more objects, users must store and manage these certificates locally, which increases the user's overhead. Fourth, large-scale secrets The problem of key management is generally the method of physically adding CAs, and there are also problems of cross authentication and trust management among users of each CA.
随着移动互联网、物联网的蓬勃发展,接入互联网的传感器、可穿戴设备、智能终端数量剧增,实体鉴别所需公钥数量巨大,如何实现高效公钥的管理、远程通信实体如何得到对方的公钥、并确保公钥的真实性,将成为一项挑战,也是关系到未来互联网体系结构能否落地的重要问题。With the rapid development of the mobile Internet and the Internet of Things, the number of sensors, wearable devices, and smart terminals connected to the Internet has increased dramatically. The number of public keys required for entity identification is huge. How to implement efficient public key management and how remote communication entities can obtain each other. And ensuring the authenticity of the public key will become a challenge and also an important issue related to the future landing of the Internet architecture.
发明内容Summary of the invention
本发明旨在至少克服上述缺陷之一提供一种基于联盟的全网统一信任锚系统及构建方法,以实现公钥的高效管理。The present invention aims to overcome at least one of the above-mentioned shortcomings and provide an alliance-based unified trust anchor system and construction method for the entire network to achieve efficient management of public keys.
为达到上述目的,本发明的技术方案具体是这样实现的:To achieve the above object, the technical solution of the present invention is specifically implemented as follows:
本发明的一个方面提供了一种基于联盟的全网统一信任锚系统,包括:联盟区域,联盟区域包括n个信任根服务器,各个信任根服务器互相连接;n个顶级信任服务器集合,每个顶级信任服务器集合连接一个信任根服务器,每个顶级信任服务器集合包括m个顶级信任服务器,且m个顶级信任服务器连接同一个信任根服务器;n*m个权限信任服务器集合,每个权限信任服务器集合连接一个顶级信任服务器,每个权限信任服务器集合包括j个权限信任服务器,且j个权限信任服务器连接同一个顶级信任服务器;n*m*j个终端集合,每个终端集合连接一个权限信任服务器,每个终端集合包括i个终端,i个终端连接同一个权限信任服务器;其中,每个信任根服务器,用于存储全部信任根服务器的名称和公钥信息,并存储全部顶级信任服务器的名称、地址和公钥信息,以及用于签发证书,且每个信任根服务器存储的信息完全相同,通过共识算法保证存储的信息的一致性;每个顶级信任服务器,用于存储自身的公钥信息,并存储与其连接的权限信任服务器的名称、地址和公钥信息;每个权限信任服务器,用于存储自身的公钥信息,并存储与其连接的终端的名称、地址和公钥信息。One aspect of the present invention provides a federation-based unified trust anchor system for the entire network, including: federation area, the federation area includes n trusted root servers, and each trusted root server is connected to each other; n top-level trust server sets, each top-level The trust server set connects one trust root server, each top trust server set includes m top trust servers, and m top trust servers connect to one trust root server; n * m permission trust server sets, each permission trust server set Connects to a top-level trust server, each permission trust server set includes j permission trust servers, and j permission trust servers connect to the same top-level trust server; n * m * j terminal sets, each terminal set connects to a permission trust server Each terminal set includes i terminals, i terminals are connected to the same authority trust server; among them, each trusted root server is used to store the names and public key information of all trusted root servers, and stores the names of all top-level trusted servers , Address and public key information, and It is used to issue certificates, and the information stored in each trusted root server is exactly the same. The consensus information is used to ensure the consistency of the stored information. Each top-level trust server is used to store its own public key information and store the authority trusts connected to it. Server name, address, and public key information; each authority trusts the server to store its own public key information, and stores the name, address, and public key information of the terminal connected to it.
本发明另一方面提供了一种基于联盟的全网统一信任锚的构建方法,包括:构建联盟区域,将联盟区域配置为包括n个信任根服务器,各个信任根服务器互相连接,每个信任根服务器存储全部信任根服务器的名称和公钥信息,并存储全部顶级信任服务器的名称、地址和公钥信息,以及用于签发证书,且每个信任根服务器存储的信息完全相同,通过共识算法保证存储的信息的一致性;构建n个顶级信任服务器集合,配置为每个顶级信任服务器集合连接一个信任根服务器,每个顶级信任服务器集合包括m个顶级信任服务器,且m个顶级信任服务器连接同一个信任根服务器,每个顶级信任服务器存储自身的公钥信息,并存储与其连接的权限信任服务器的名称、地址和公钥信息;构建n*m个权限信任服务器集合,配置为每个权限信任服务器集合连接一个顶级信任服务器,每个权限信任服务器集合包括j个权限信任服务器,且j个权限信任服务器连接同一个顶级信任服务器,每个权限信任服务器存储自身的公钥信息,并存储与其连接的终端的名称、地址和公钥信息;构建n*m*j个终端集合,配置为每个终端集合连接一个权限信任服务器,每个终端集合包括i个终端,i个终端连接同一个权限信任服务器。Another aspect of the present invention provides a method for constructing a unified trust anchor across the entire network based on a federation, which includes: building a federation area, configuring the federation area to include n trusted root servers, each trusted root server being connected to each other, and each trusted root The server stores the name and public key information of all trusted root servers, and stores the name, address, and public key information of all top-level trusted servers, as well as for issuing certificates, and the information stored by each trusted root server is exactly the same. Consistency of stored information; build n top-level trust server sets, and configure each top-level trust server set to connect a trusted root server, each top-level trust server set includes m top-level trust servers, and m top-level trust server connections are the same A trust root server, each top-level trust server stores its own public key information, and stores the name, address, and public key information of the authority trust server connected to it; builds a set of n * m authority trust servers and configures each authority trust Server collection connects to a top-level trusted server Server, each permission trust server set includes j permission trust servers, and j permission trust servers are connected to the same top-level trust server, each permission trust server stores its own public key information, and stores the name of the terminal connected to it, Address and public key information; n * m * j terminal sets are constructed, and each terminal set is connected to a permission trust server, each terminal set includes i terminals, and i terminals are connected to the same permission trust server.
由上述本发明提供的技术方案可以看出,通过本发明实施例提供的基于联盟的全网统 一信任锚系统及构建方法,联盟信任锚以去中心化的形式存在,通过共识算法来确保联盟区域中的各个信任根服务器的数据保持一致,在联盟中建立全网统一信任锚,共同管理公钥,这种基于联盟的去中心化的组织和管理方式可以保证各个信任根服务器的状态一致,有效地避免了目前中心化工作中存在的各种弊端,实现公钥的高效管理,使得远程通信实体可以得到对方的公钥、并确保公钥的真实性。It can be seen from the technical solution provided by the present invention that through the alliance-based unified trust anchor system and construction method based on the alliance provided by the embodiment of the present invention, the alliance trust anchor exists in a decentralized form, and the alliance region is ensured through a consensus algorithm. The data of each trust root server in the network is consistent. A unified trust anchor across the entire network is established in the alliance to jointly manage the public key. This decentralized organization and management method based on the alliance can ensure that the status of each trusted root server is consistent and effective. The ground avoids various disadvantages in the current centralization work, realizes the efficient management of public keys, enables remote communication entities to obtain the counterpart's public key, and ensures the authenticity of the public key.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
图1为本发明实施例提供的信任模型的结构示意图;FIG. 1 is a schematic structural diagram of a trust model according to an embodiment of the present invention;
图2为本发明实施例提供的基于联盟的全网统一信任锚系统的结构示意图;FIG. 2 is a schematic structural diagram of an alliance-based unified trust anchor system throughout the network according to an embodiment of the present invention; FIG.
图3为本发明实施例提供的基于联盟的全文统一信任锚系统及构建方法的流程图。FIG. 3 is a flowchart of an alliance-based full-text unified trust anchor system and a construction method according to an embodiment of the present invention.
具体实施方式detailed description
下面结合附图对本发明的实施方式进行详细说明。The embodiments of the present invention will be described in detail below with reference to the drawings.
建立信任模型的基础是所有信任用户都有一个可信任根。在信任模型中,如图1所示,这是一个简单的三层信任结构,这是一种链式信任关系,比如可信任实体A1可以表示为这样一个信任链:(R,C1,A1)说明可以由A1向上回溯到产生它的信任根R。有一个根节点R作为信任的起点,这种建立信任关系的点称为信任锚。这个模型的信任路径是从根节点到叶子节点的通路构成了信任路径。The foundation of the trust model is that all trusted users have a trusted root. In the trust model, as shown in Figure 1, this is a simple three-tier trust structure, which is a chain trust relationship. For example, the trusted entity A1 can be represented as such a trust chain: (R, C1, A1) It shows that A1 can be traced back to the root of trust R that generated it. There is a root node R as the starting point of trust. This point of establishing a trust relationship is called a trust anchor. The trust path of this model is that the path from the root node to the leaf node constitutes the trust path.
本发明采用建立联盟信任锚的方式,如图2所示,各国都有着一台信任根服务器(数据一致),各国依托于各个国家的信任根服务器的子集群由各个国家进行管理。信任根服务器由所属的国家进行维护。该联盟区域由深度最小的信任根服务器组成。联盟区域内所有的信任根服务器组成一张无向图。所有的信任根服务器之间都存在物理链路并且可以相互通信。如图2中的A、X、Y、Z所示的信任根服务器节点组成了联盟区域。The present invention adopts a method of establishing an alliance trust anchor. As shown in FIG. 2, each country has a trust root server (data is consistent), and each country relies on each country's sub-cluster of trust root server to manage each country. The trusted root server is maintained by the country to which it belongs. The federation zone consists of the root server with the lowest depth of trust. All trusted root servers in the federation zone form an undirected graph. All trusted root servers have physical links and can communicate with each other. The trusted root server nodes shown in A, X, Y, and Z in FIG. 2 form the federation area.
具体地,本发明实施例提供的基于联盟的全网统一信任锚系统,包括:Specifically, the alliance-based unified trust anchor system of the entire network provided by the embodiment of the present invention includes:
联盟区域,联盟区域包括n个信任根服务器(如图所示A、X、Y、Z),各个信任根服务器互相连接;Alliance area, the alliance area includes n trusted root servers (as shown in Figure A, X, Y, Z), each trusted root server is connected to each other;
n个顶级信任服务器集合,每个顶级信任服务器集合连接一个信任根服务器,每个顶级信任服务器集合包括m个顶级信任服务器(如图所示B1、B2……),且m个顶级信任服务器连接同一个信任根服务器;n top trusted server sets, each top trusted server set connected to a trusted root server, each top trusted server set includes m top trusted servers (as shown in the figure B1, B2, ...), and m top trusted servers are connected The same trusted root server;
n*m个权限信任服务器集合,每个权限信任服务器集合连接一个顶级信任服务器,每个权限信任服务器集合包括j个权限信任服务器(如图所示C1、C2……或者C3、C4……), 且j个权限信任服务器连接同一个顶级信任服务器;n * m permission trust server sets, each permission trust server set is connected to a top-level trust server, and each permission trust server set includes j permission trust servers (as shown in the figure C1, C2 ... or C3, C4 ...) And j permission trust servers are connected to the same top-level trust server;
n*m*j个终端集合,每个终端集合连接一个权限信任服务器,每个终端集合包括i个终端(如图所示D1、D2……或者D3、D4……或者D5、D6……),i个终端连接同一个权限信任服务器;n * m * j terminal sets, each terminal set is connected to a rights trust server, each terminal set includes i terminals (as shown in the figure D1, D2 ... or D3, D4 ... or D5, D6 ...) , I terminals connect to the same permission trust server;
其中,among them,
每个信任根服务器,用于存储全部信任根服务器的名称和公钥信息,并存储全部顶级信任服务器的名称、地址和公钥信息,以及用于签发证书,且每个信任根服务器存储的信息完全相同,通过共识算法保证存储的信息的一致性;Each trusted root server is used to store the names and public key information of all trusted root servers, and stores the name, address, and public key information of all top-level trusted servers, and information used to sign certificates, and each trusted root server stores information Exactly the same, to ensure the consistency of the stored information through a consensus algorithm;
每个顶级信任服务器,用于存储自身的公钥信息,并存储与其连接的权限信任服务器的名称、地址和公钥信息;Each top-level trust server is used to store its own public key information and the name, address, and public key information of the authority trust server connected to it;
每个权限信任服务器,用于存储自身的公钥信息,并存储与其连接的终端的名称、地址和公钥信息。Each authority trust server is used to store its own public key information and store the name, address, and public key information of the terminal connected to it.
具体地,联盟信任锚以去中心化的形式存在,通过共识算法来确保联盟区域中的各个信任根服务器的数据保持一致,在联盟中建立全网统一信任锚,共同管理公钥,这种基于联盟的去中心化的组织和管理方式可以保证各个信任根服务器的状态一致,有效地避免了目前中心化工作中存在的各种弊端,实现公钥的高效管理,使得远程通信实体可以得到对方的公钥、并确保公钥的真实性。所用的共识算法依照具体情况确定,例如可以采用Epaxos共识算法,在联盟区域中,各节点之间主权平等,每个节点只负责本节点的工作,原则上禁止申请、修改或者绑定其他顶级信任服务器的信息。在子集群之中,各个国家可以采取例如基于multi-paxos的集群管理。在联盟区域中,各个联盟节点权利平等,所以不设置leader角色。Specifically, the alliance trust anchor exists in a decentralized form. The consensus algorithm is used to ensure that the data of each trust root server in the alliance area is consistent. A unified trust anchor across the network is established in the alliance to jointly manage the public key. The decentralized organization and management of the alliance can ensure that the status of each trusted root server is consistent, effectively avoiding various disadvantages existing in the current centralization work, and achieve efficient management of public keys, so that remote communication entities can obtain each other's Public key, and ensure the authenticity of the public key. The consensus algorithm used is determined according to the specific situation. For example, the Epaxos consensus algorithm can be used. In the alliance area, each node is equal in sovereignty. Each node is only responsible for the work of the node. In principle, it is forbidden to apply, modify or bind other top-level trusts. Server information. Within the sub-cluster, each country can adopt, for example, multi-paxos-based cluster management. In the alliance area, each alliance node has equal rights, so no leader role is set.
在联盟区域中的各个信任根服务器采用非对称加密的方式,拥有其他信任根服务器的公钥,公钥更新、查询以及终端主体之间认证过程需要通过联盟的决议来通过。每个信任根服务器中保存所有顶级信任服务器的名称,地址,公钥信息,各个服务器具体存储的数据由下表所示。Each trusted root server in the federation area adopts asymmetric encryption and owns the public keys of other trusted root servers. The public key update, query, and authentication process between terminal subjects need to pass the resolution of the federation. Each trusted root server stores the names, addresses, and public key information of all top-level trusted servers. The specific data stored by each server is shown in the following table.
其中根信任服务器上存储的数据示例:Example of data stored on the root trust server:
编号Numbering 顶级服务器名字Top server name 顶级服务器地址信息Top server address information 顶级服务器公钥Top-level server public key
11 B1B1 addr1addr1 Public Key 1Public Key1
22 B2B2 addr2addr2 Public Key 2Public Key 2
33 E1E1 Addr3Addr3 Public Key 3Public Key3
44 ... ... ...
编号Numbering 根服务器名字Root server name 根服务器公钥Root server public key
11 AA Public Key 1Public Key1
22 XX Public Key 2Public Key 2
33 YY Public Key 3Public Key3
44 ZZ Public Key 4Public Key 4
55 ... ...
顶级信任服务器上存储的数据示例(顶级服务器上还存储自身公钥):Example of data stored on the top-level trusted server (their own public key is also stored on the top-level server):
编号Numbering 权限服务器名字Authorization server name 权限服务器地址信息Authorization server address information 权限服务器公钥Authorization server public key
11 C1C1 addr1addr1 Public Key 1Public Key1
22 C2C2 addr2addr2 Public Key 2Public Key 2
33 ... ... ...
权限信任服务器上存储的数据示例(权限服务器还存储自身公钥):Example of data stored on the authority trust server (the authority server also stores its own public key):
编号Numbering 终端实体名字Terminal entity name 终端实体地址信息Terminal entity address information 终端实体公钥End entity public key
11 D1D1 addr1addr1 Public Key 1Public Key1
22 D2D2 addr2addr2 Public Key 2Public Key 2
33 ……... ……... ...
作为本发明的一个可选实施方式,每个顶级信任服务器集合连接全部信任根服务器,每个顶级信任服务器集合包括m个顶级信任服务器,且m个顶级信任服务器连接每一个信任根服务器。由此以保证顶级信任服务器可以与任一个信任根服务器进行连接并进行数据传输。As an optional embodiment of the present invention, each set of top-level trust servers is connected to all trusted root servers, and each top-level trust server set includes m top-level trust servers, and m top-level trust servers are connected to each trusted root server. This ensures that the top-level trusted server can connect to any trusted root server and perform data transmission.
作为本发明的一个可选实施方式,顶级信任服务器,还用于向与其连接的信任根服务器发送变更请求;信任根服务器,还用于向联盟区域提出变更的决议,根据预设的决议策略在决议通过后,信任根服务器中响应顶级信任服务器的变更请求,并通过共识算法,更新联盟区域内的全部信任根服务器中存储的数据;顶级信任服务器,还用于执行变更操作。通过此种方式,顶级信任根服务器可以向与其连接的信任根服务器申请变更,在与其连接的信任根服务器接受并进行变更后,在联盟区域内进行决议,只有联盟区域内决议通过后,才可以执行变更操作,同时,联盟区域内的全部信任根服务器通过共识算法进行相同的修改,保证数据的一致性。As an optional embodiment of the present invention, the top-level trust server is further configured to send a change request to a trusted root server connected to the top-level trust server; the trust root server is further used to propose a change resolution to the federation area, and according to a preset resolution policy, After the resolution is passed, the trust root server responds to the change request of the top trust server and updates the data stored in all the trust root servers in the federation area through a consensus algorithm; the top trust server is also used to perform the change operation. In this way, the top-level trusted root server can apply for changes to the trusted root server connected to it. After accepting and making changes to the trusted root server connected to it, a resolution is made in the federation area, and only after the resolution in the federation area passes, can it be changed. When a change operation is performed, at the same time, all the root trust servers in the alliance area perform the same modification through a consensus algorithm to ensure data consistency.
具体地,当顶级信任服务器B1中需要更新公钥时,具体流程包括:Specifically, when the public key needs to be updated in the top-level trust server B1, the specific process includes:
1、顶级信任服务器B1向它的上级信任根服务器A发送更新公钥的请求。1. The top-level trust server B1 sends a request to update its public key to its superior trust root server A.
2、信任根服务器A向联盟内部提出更新公钥的决议。2. Trust the root server A to make a decision to update the public key to the alliance.
3、决议通过后,信任根服务器A中更新顶级信任服务器B1的公钥。通过共识算法,实现各个信任根服务器中的数据达到一致。3. After the resolution is passed, the public key of the top trusted server B1 is updated in the trusted root server A. Through the consensus algorithm, the data in each trusted root server is consistent.
4、顶级信任服务器B1更新自身的公钥。4. The top trust server B1 updates its public key.
其中,当终端实体D1中需要更新公钥时,具体流程包括:When the public key needs to be updated in the terminal entity D1, the specific process includes:
1、终端实体D1向它的上级权限信任服务器C1发送更新公钥的请求。1. The terminal entity D1 sends a request to update its public key to its superior authority trust server C1.
2、审核通过后,在权限信任服务器C1中更新终端实体D1的公钥。2. After the audit is passed, the public key of the terminal entity D1 is updated in the authority trust server C1.
3、终端实体D1更新自身的公钥。3. The terminal entity D1 updates its public key.
当权限信任服务器C1中需要更新公钥时,具体流程包括:When the public key needs to be updated in the authority trust server C1, the specific process includes:
1、权限信任服务器C1向它的上级顶级信任服务器B1发送更新公钥的请求。1. The authority trust server C1 sends a request to update its public key to its superior top-level trust server B1.
2、审核通过后,顶级信任服务器B1中更新权限信任服务器C1的公钥。2. After passing the audit, the public key of the authority trust server C1 is updated in the top trust server B1.
3、权限信任服务器C1更新自身的公钥。3. The authority trust server C1 updates its public key.
作为本发明的一个可选实施方式,信任根服务器,还用于在联盟内提出变更的决议,根据预设的决议策略在决议通过后,变更自身的数据,并通过共识算法,更新联盟区域内全部信任根服务器中存储的数据。通过此种方式,联盟区域内的某个信任根服务器如需进行数据变更,则在联盟区域内进行决议,只有联盟区域内决议通过后,才可以执行变更操作,同时,联盟区域内的全部信任根服务器通过共识算法进行相同的修改,保证数据的一致性。As an optional embodiment of the present invention, the trusted root server is also used to propose a change resolution within the alliance, and after the resolution is passed according to a preset resolution policy, change its own data and update the area of the alliance through a consensus algorithm. All trust the data stored in the root server. In this way, if a trusted root server in the alliance region needs to make data changes, a resolution is made in the alliance region. Only after the resolution in the alliance region is passed can the change operation be performed. At the same time, all trusts in the alliance region The root server performs the same modification through a consensus algorithm to ensure data consistency.
具体地,当信任根服务器A中需要更新公钥时,具体流程包括:Specifically, when the public key needs to be updated in the trusted root server A, the specific process includes:
1、信任根服务器A在联盟内提出更新公钥的决议。1. Trust the root server A to propose a resolution to update the public key within the alliance.
2、决议通过后,信任根服务器A中更新自身的公钥。通过共识算法,实现各个信任根服务器中的数据达到一致。2. After the resolution is passed, trust the root server A to update its public key. Through the consensus algorithm, the data in each trusted root server is consistent.
作为本发明的一个可选实施方式,终端,还用于向与其连接的权限信任服务器发送对对端终端的查询请求;权限信任服务器,还用于在没有查询到对端终端的相关信息后,向与其连接的顶级信任服务器发送查询请求;顶级信任服务器,还用于在没有查询到对端终端的相关信息后,向与其连接的信任根服务器发送查询请求;信任根服务器,还用于在没有查询到对端终端的相关信息时,向与其连接的对端终端所在的信任根服务器发送查询请求,并接收经由对端终端所在的信任根服务器依次通过其连接的对端终端所在的顶级信任服务器、对端终端所在的权限信任服务器查询得到的对端终端的相关信息,并将查询得到的对端终端的相关信息通过顶级信任服务器、权限信任服务器发送至终端。通过此种方式, 终端如果需要查询对端终端的相关信息,则可以通过与其连接的权限信任服务器、顶级信任根服务器以及信任根服务器进行查询,此时,信任根服务器没有查询到时,则通过联盟区域的另一信任根服务器进行查询,在查询到后,通过信任根服务器、顶级信任根服务器以及权限信任服务器发送至终端。As an optional embodiment of the present invention, the terminal is further configured to send a query request to the peer terminal to the authority trust server connected to the terminal; the authority trust server is further configured to query the relevant information of the peer terminal without querying, Send a query request to the top-level trust server connected to it; the top-level trust server is also used to send a query request to the trusted root server connected to it when no related information of the peer terminal is queried; the trust root server is also used to When querying the related information of the peer terminal, it sends a query request to the trusted root server where the peer terminal connected to it, and receives the top-level trust server where the peer terminal connected in turn via the trusted root server where the peer terminal is located. 2. The authority trust server where the opposite terminal is located queries the relevant information of the opposite terminal, and sends the relevant information of the opposite terminal obtained by the query to the terminal through the top-level trust server and the authority trust server. In this way, if the terminal needs to query the related information of the peer terminal, it can query through the authority trust server, top-level trusted root server, and trusted root server connected to it. At this time, if the trusted root server does not query, then it passes The query is performed by another trusted root server in the federation area. After the query, the query is sent to the terminal through the trusted root server, the top-level trusted root server, and the permission trusted server.
具体地,当终端主体D1想要查询终端主体G1的公钥时,具体流程包括:Specifically, when the terminal body D1 wants to query the public key of the terminal body G1, the specific process includes:
1、终端主体D1查询它的上级权限信任服务器C1。1. The terminal body D1 queries its superior authority trust server C1.
2、当权限信任服务器C1中没有查询到了终端主体G1的公钥时,权限信任服务器C1向它的上级顶级信任服务器B1查询。2. When the public key of the terminal body G1 is not queried in the authority trust server C1, the authority trust server C1 queries its upper-level top trust server B1.
3、当顶级信任服务器B1没有查询到了终端主体G1的公钥时,顶级信任服务器B1向它的上级信任根服务器A查询。3. When the top-level trust server B1 does not query the public key of the terminal principal G1, the top-level trust server B1 queries its upper-level trust root server A.
4、当信任根服务器A中没有查询到终端主体G1的公钥时,有两种考虑:4. When the public key of the terminal principal G1 is not found in the trusted root server A, there are two considerations:
(1)根据管理方式的考虑,只有本国的信任根服务器才能够访问本国的下级服务器。(1) According to the consideration of management mode, only the trusted root server in the home country can access the subordinate servers in the home country.
(2)根据效率的考虑,本国的信任根服务器也能够访问别国的下级服务器。(2) Based on efficiency considerations, the trusted root server in the home country can also access the subordinate servers in other countries.
由(1)的方式,信任根服务器A查询到终端主体G1的公钥所在的信任根服务器X。通过信任根服务器X,查询到信任根服务器X的下级顶级信任服务器E1,再由顶级信任服务器E1查询到它的下级权限信任服务器F1,最终查询终端主体G1的公钥。By way of (1), the trusted root server A queries the trusted root server X where the public key of the terminal body G1 is located. By trusting the root server X, the subordinate top trust server E1 that trusts the root server X is queried, and then the top trust server E1 queries its subordinate authority trust server F1, and finally queries the public key of the terminal body G1.
由(2)的方式,信任根服务器A可以直接查询到信任根服务器X的下级顶级信任服务器E1,再由顶级信任服务器E1查询到它的下级权限信任服务器F1,最终查询终端主体G1的公钥。From the method (2), the trust root server A can directly query the subordinate top trust server E1 that trusts the root server X, and then the top trust server E1 queries its subordinate authority trust server F1, and finally queries the public key of the terminal body G1. .
另外,如果不跨域,则通过如下示例执行相关操作:In addition, if you do not cross domains, perform the related operations through the following examples:
当终端主体D1想要查询终端主体D2的公钥时,具体流程包括:When the terminal body D1 wants to query the public key of the terminal body D2, the specific process includes:
1、终端主体D1查询它的上级权限信任服务器C1。1. The terminal body D1 queries its superior authority trust server C1.
2、当权限信任服务器C1中查询到了终端主体D2的公钥时,返回给终端主体D1查询到的D2的公钥。2. When the public key of the terminal body D2 is queried in the authority trust server C1, it is returned to the public key of D2 queried by the terminal body D1.
当终端主体D1想要查询终端主体D5的公钥时,具体流程包括:When the terminal body D1 wants to query the public key of the terminal body D5, the specific process includes:
1、终端主体D1查询它的上级权限信任服务器C1。1. The terminal body D1 queries its superior authority trust server C1.
2、当权限信任服务器C1中没有查询到了终端主体D5的公钥时,权限信任服务器C1向它的上级顶级信任服务器B1查询。2. When the public key of the terminal body D5 is not queried in the authority trust server C1, the authority trust server C1 queries its upper-level top trust server B1.
3、当顶级信任服务器B1没有查询到了终端主体D5的公钥时,顶级信任服务器B1向它的上级信任根服务器A查询。3. When the top-level trust server B1 does not query the public key of the terminal subject D5, the top-level trust server B1 queries its upper-level trust root server A.
4、信任根服务器A通过它的下级顶级信任服务器B2,然后再由顶级信任服务器B2 查询到权限信任服务器C3,在权限信任服务器C3查询到了终端主体D5的公钥,返回给终端主体D1查询到的D5的公钥。4. Trust the root server A through its subordinate top trust server B2, and then the top trust server B2 queries the authority trust server C3. The authority trust server C3 queries the public key of the terminal subject D5 and returns it to the terminal subject D1. D5 public key.
作为本发明的一个可选实施方式,终端,还用于查询本地是否缓存过对端终端的标识信息,在查询本地没有缓存过对端终端的标识信息的情况下,向对端终端所在的信任根服务器发送查询请求;终端,还用于在对端终端所在的信任根服务器查询得到对端终端的标识信息的情况下,向与对端终端所在的信任根服务器连接的对端终端所在的顶级信任服务器发送查询请求;终端,还用于在对端终端所在的顶级信任服务器查询得到对端终端的标识信息的情况下,向与对端终端所在的顶级信任服务器连接的对端终端所在的权限信任服务器发送查询请求;终端,还用于在对端终端所在的权限信任服务器查询得到对端终端的标识信息的情况下,接收对端终端所在的权限信任服务器发送的查询响应信息。通过此种方式,终端如果需要查询对端终端的相关信息,则可以直接通过对端终端所在的信任根服务器、顶级信任服务器、权限信任根服务器进行查询是否有对端终端的标识信息,在查询到标识信息后再获得查询响应信息,将所查询的信息包含在查询响应信息中发送至终端,从而可以提高查询效率。As an optional embodiment of the present invention, the terminal is further configured to query whether the identification information of the opposite terminal is cached locally, and to query the trust of the opposite terminal when the identification information of the opposite terminal is not cached locally. The root server sends a query request; the terminal is also used to query the trusted root server where the peer terminal is located to obtain the identity information of the peer terminal, and to the top level where the peer terminal connected to the trusted root server where the peer terminal is located is located. The trust server sends a query request; the terminal is also used for the permission of the peer terminal connected to the top-level trust server where the peer terminal is located when the top-level trust server where the peer terminal is located obtains the identification information of the peer terminal. The trust server sends a query request; the terminal is also used to receive the query response information sent by the authority trust server where the peer terminal is located when the authority trust server where the peer terminal is located obtains the identification information of the peer terminal. In this way, if the terminal needs to query the related information of the peer terminal, it can directly query the trusted root server, top-level trust server, and authority trust root server where the peer terminal is located to check whether there is identification information of the peer terminal. The query response information is obtained after the identification information is included, and the query information is included in the query response information and sent to the terminal, thereby improving the query efficiency.
具体地,无论是否考虑跨域问题,终端均可以通过递归迭代的方式向对端终端所在的网络进行对端终端公钥的查询,例如当终端主体D1想要查询终端主体D2或者终端主体G1的公钥信息时,具体操作如下:Specifically, regardless of whether cross-domain issues are considered, the terminal can query the public terminal's public key on the network where the opposite terminal is located by recursively iteratively. For public key information, the specific operations are as follows:
1、终端主体D1首先在本地查询是否缓存过对端主体(例如终端主体D2或者终端主体G1)的公钥信息,1. The terminal body D1 first locally queries whether the public key information of the peer body (for example, the terminal body D2 or the terminal body G1) has been cached.
2、若没有在本地查询到,则通过迭代查询,再由终端主体D1向对端主体(例如终端主体D2或者终端主体G1)所在的根信任服务器请求查询对端主体的ID信息。若在根信任服务器上没有查询到ID信息,则终止查询并返回给终端没有找到的信息。若在根信任服务器上查询到ID信息,则终端主体D1继续向对端主体(例如终端主体D2或者终端主体G1)所在的顶级信任服务器上查询网关B的ID信息。2. If the query is not performed locally, the terminal subject D1 requests the root trust server where the peer subject (for example, the terminal subject D2 or the terminal subject G1) is located to query the ID information of the peer subject through an iterative query. If no ID information is queried on the root trust server, the query is terminated and returned to the terminal without information. If the ID information is queried on the root trust server, the terminal body D1 continues to query the ID information of the gateway B on the top-level trust server where the opposite body (for example, the terminal body D2 or the terminal body G1) is located.
3、终端主体D1向顶级信任服务器请求查询对端主体(例如终端主体D2或者终端主体G1)的ID信息。若在顶级信任服务器上没有查询到ID信息,则终止查询并返回给终端主体D1没有找到的信息。若在顶级信任服务器上查询到ID信息,则终端主体D1继续向对端主体(例如终端主体D2或者终端主体G1)所在的权限信任服务器上查询网关B的ID信息。3. The terminal body D1 requests the top-level trust server to query the ID information of the opposite body (for example, the terminal body D2 or the terminal body G1). If the ID information is not queried on the top-level trusted server, the query is terminated and returned to the terminal body D1 with no information found. If the ID information is queried on the top-level trust server, the terminal body D1 continues to query the ID trust information of the gateway B from the authority trust server where the opposite body (for example, the terminal body D2 or the terminal body G1) is located.
4、终端主体D1向权限信任服务器请求查询对端主体(例如终端主体D2或者终端主体G1)的ID信息。若在权限信任服务器上没有查询到ID信息,则终止查询并返回给终端 主体D1没有找到的信息。若在权限信任服务器上查询到ID信息,则返回给终端主体D1所请求的对端主体(例如终端主体D2或者终端主体G1)的公钥信息。4. The terminal body D1 requests the authority trust server to query the ID information of the opposite body (for example, the terminal body D2 or the terminal body G1). If the ID information is not queried on the authority trust server, the query is terminated and returned to the terminal D1. If the ID information is queried on the authority trust server, it returns the public key information of the opposite subject (for example, the terminal subject D2 or the terminal subject G1) requested by the terminal subject D1.
具体地,身份标识(ID)的名字结构示例如下:Specifically, an example of the name structure of the identity (ID) is as follows:
www.bistu.edu.cnwww.bistu.edu.cn
根信任服务器上存储的数据示例:Example of data stored on the root trust server:
编号Numbering 名字first name 地址信息Address information
11 cncn addr1addr1
22 orgorg addr2addr2
33 comcom add3add3
44 govgov addr4addr4
55 netnet addr5addr5
……... ……... ……...
Cn下的顶级信任服务器上存储的数据示例:Example of data stored on top trusted server under Cn:
编号Numbering 名字first name 地址信息Address information
11 com.cncom.cn addr1addr1
22 org.cnorg.cn addr2addr2
33 gov.cngov.cn addr3addr3
44 net.cnnet.cn addr4addr4
55 edu.cnedu.cn addr5addr5
……... ……... ……...
Edu.cn下的权限信任服务器上存储的数据示例:Example of data stored on the server with permission trust under Edu.cn:
编号Numbering 名字first name 地址信息Address information 公钥Public key
11 bistu.edu.cnbistu.edu.cn addr1addr1 Public Key 1Public Key1
22 bjut.edu.cnbjut.edu.cn addr2addr2 Public Key 2Public Key 2
33 njtu.edu.cnnjtu.edu.cn addr3addr3 Public Key 3Public Key3
44 pku.edu.cnpku.edu.cn addr4addr4 Public Key 4Public Key 4
55 tsinghua.edu.cntsinghua.edu.cn addr5addr5 Public Key 5Public Key 5
……... ……... ……... ……...
具体地,终端主体之间的通讯认证考虑了两种方式:Specifically, two methods of communication authentication between terminal bodies are considered:
1、基于上级颁发证书的认证;1. Certification based on certificates issued by superiors;
2、基于同级之间公钥的认证。2. Authentication based on public key between peers.
因此,作为本发明的一个可选实施方式,终端,还用于向与其连接的权限信任服务器 发送对对端终端的认证请求;权限信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的顶级信任服务器发送认证请求;顶级信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的信任根服务器发送查询请求;信任根服务器,还用于在没有查询到对端终端的认证信息时,向与其连接的对端终端所在的信任根服务器发送查询请求,并接收经由对端终端所在的信任根服务器查询得到的对端终端的认证信息通过顶级信任服务器、权限信任服务器发送至终端。通过此种方式,终端如果需要认证对端终端,则可以通过与其连接的权限信任服务器、顶级信任根服务器以及信任根服务器进行认证,此时,信任根服务器没有查询到认证信息时,则通过联盟区域的另一信任根服务器进行认证信息的查询,在查询到认证信息后,通过信任根服务器、顶级信任根服务器以及权限信任服务器发送至终端。Therefore, as an optional implementation manner of the present invention, the terminal is further configured to send an authentication request to the peer terminal to the authority trust server connected to the terminal; the authority trust server is further configured to query the authentication information of the peer terminal without query. After that, it sends an authentication request to the top-level trust server connected to it; the top-level trust server is also used to send a query request to the trusted root server connected to it without querying the authentication information of the peer terminal; the trust root server is also used to When the authentication information of the peer terminal is not queried, a query request is sent to the trusted root server where the peer terminal connected to it is received, and the authentication information of the peer terminal obtained through the query of the trusted root server where the peer terminal is located passes the top level The trust server and authority trust server are sent to the terminal. In this way, if the terminal needs to authenticate the peer terminal, it can perform authentication through the authority trust server, top-level trust root server, and trust root server connected to it. At this time, when the trust root server does not query the authentication information, it passes the federation. Another trusted root server in the region queries the authentication information. After querying the authentication information, it sends it to the terminal through the trusted root server, the top-level trusted root server, and the authority trusted server.
具体地,当终端主体D1想要认证终端主体D5的公钥时,需要终端主体D5上级权限信任服务器C3的公钥,而顶级信任服务器B2中包含权限信任服务器C3的公钥信息,因此,只需找到顶级信任服务器B2的数据即可,具体流程包括:Specifically, when the terminal body D1 wants to authenticate the public key of the terminal body D5, the terminal body D5 needs the public key of the authority trust server C3, and the top-level trust server B2 contains the public key information of the authority trust server C3. Therefore, only You need to find the data of the top trusted server B2. The specific process includes:
1、终端主体D1查询它的上级权限信任服务器C1。1. The terminal body D1 queries its superior authority trust server C1.
2、当权限信任服务器C1中没有查询到权限信任服务器C3的公钥时,权限信任服务器C1向它的上级顶级信任服务器B1查询。2. When the public key of the authority trust server C3 is not queried in the authority trust server C1, the authority trust server C1 queries its upper-level top trust server B1.
3、当顶级信任服务器B1没有查询到权限信任服务器C3的公钥时,顶级信任服务器B1向它的上级信任根服务器A查询。3. When the top trust server B1 does not query the public key of the authority trust server C3, the top trust server B1 queries its superior trust root server A.
4、在信任根服务器A查询到了顶级信任服务器B2的数据,从而得到了权限信任服务器C3的公钥,完成认证。4. In the trusted root server A, the data of the top trusted server B2 is queried, thereby obtaining the public key of the authority trusted server C3, and completing the authentication.
作为本发明的一个可选实施方式,终端,还用于向与其连接的权限信任服务器发送对对端终端的认证请求;权限信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的顶级信任服务器发送认证请求;顶级信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的信任根服务器发送查询请求;信任根服务器,还用于在没有查询到对端终端的认证信息时,向与其连接的对端终端所在的信任根服务器发送查询请求,并接收经由对端终端所在的信任根服务器依次通过其连接的对端终端所在的顶级信任服务器、对端终端所在的权限信任服务器查询得到的对端终端的认证信息,并将查询得到的对端终端的认证信息通过顶级信任服务器、权限信任服务器发送至终端。通过此种方式,终端如果需要认证对端终端,则可以通过与其连接的权限信任服务器、顶级信任根服务器以及信任根服务器进行认证,此时,信任根服务器没有查询到认证信息时,则通过联盟区域的另一信任根服务器进行认证信息的查询,另一信任根服务器通过与自己连接的顶级信 任服务器、权限信任服务器查询认证信息,并将查询到的认证信息通过信任根服务器、顶级信任根服务器以及权限信任服务器发送至终端。As an optional embodiment of the present invention, the terminal is further configured to send an authentication request to the peer terminal to the authority trust server connected to the terminal; the authority trust server is further configured to query the authentication information of the peer terminal without querying, Send an authentication request to the top-level trust server connected to it; the top-level trust server is also used to send a query request to the trusted root server connected to it when no authentication information of the peer terminal is queried; the trust root server is also used to When querying the authentication information of the peer terminal, it sends a query request to the trusted root server where the peer terminal connected to it, and receives the top-level trust server where the peer terminal connected in turn via the trusted root server where the peer terminal is located. 3. The authority trust server where the opposite terminal is located queries the authentication information of the opposite terminal, and sends the obtained authentication information of the opposite terminal to the terminal through the top-level trust server and the authority trust server. In this way, if the terminal needs to authenticate the peer terminal, it can perform authentication through the authority trust server, top-level trust root server, and trust root server connected to it. At this time, when the trust root server does not query the authentication information, it passes the federation. Another trusted root server in the region queries the authentication information. The other trusted root server queries the authentication information through the top-level trust server and authority trust server connected to itself, and passes the found authentication information through the trusted root server and top-level trusted root server. And the authority trust server sends it to the terminal.
具体地,当终端主体D1想要认证终端主体D5的公钥时,终端主体D1需要认证终端主体D5的公钥,具体流程包括:Specifically, when the terminal body D1 wants to authenticate the public key of the terminal body D5, the terminal body D1 needs to authenticate the public key of the terminal body D5. The specific process includes:
1、终端主体D1查询它的上级权限信任服务器C1。1. The terminal body D1 queries its superior authority trust server C1.
2、当权限信任服务器C1中没有查询到终端主体D5的公钥时,权限信任服务器C1向它的上级顶级信任服务器B1查询。2. When the public key of the terminal body D5 is not queried in the authority trust server C1, the authority trust server C1 queries its upper-level top trust server B1.
3、当顶级信任服务器B1没有查询到终端主体D5的公钥时,顶级信任服务器B1向它的上级信任根服务器A查询。3. When the top-level trust server B1 does not query the public key of the terminal body D5, the top-level trust server B1 queries its upper-level trust root server A.
4、信任根服务器A通过它的下级顶级信任服务器B2进行查询。4. The trusted root server A makes a query through its subordinate top trusted server B2.
5、顶级信任服务器B2的下级权限信任服务器C3,从而得到了终端主体D5的公钥,完成认证。5. The subordinate authority of the top-level trust server B2 trusts the server C3, thereby obtaining the public key of the terminal body D5 and completing the authentication.
由此可见,通过本发明提供的基于联盟的全网统一信任锚系统,联盟信任锚以去中心化的形式存在,通过共识算法来确保联盟区域中的各个信任根服务器的数据保持一致,在联盟中建立全网统一信任锚,共同管理公钥,这种基于联盟的去中心化的组织和管理方式可以保证各个信任根服务器的状态一致,有效地避免了目前中心化工作中存在的各种弊端,实现公钥的高效管理,使得远程通信实体可以得到对方的公钥、并确保公钥的真实性。It can be seen that through the alliance-based unified trust anchor system of the entire network provided by the present invention, the alliance trust anchor exists in a decentralized form, and the consensus algorithm is used to ensure that the data of each trust root server in the alliance area is consistent, and Establish a unified trust anchor across the entire network and jointly manage the public key. This alliance-based decentralized organization and management method can ensure that the status of each trusted root server is consistent, effectively avoiding various disadvantages in the current centralization work. , To achieve efficient management of public keys, so that remote communication entities can obtain each other's public keys and ensure the authenticity of public keys.
图3示出了本发明实施例提供的基于联盟的全网统一信任锚的构建方法,该方案应用于上述系统,在此仅对方法进行简单说明,其他未尽事宜,请参照上述系统的相关描述,参见图3,本发明实施例提供的基于联盟的全网统一信任锚的构建方法,包括:FIG. 3 shows a method for constructing an alliance-based unified trust anchor of the entire network provided by an embodiment of the present invention. The solution is applied to the above system, and the method is only briefly described here. For other unresolved matters, please refer to the related system. Description. Referring to FIG. 3, a method for constructing a unified network-based unified trust anchor provided by an embodiment of the present invention includes:
S301,构建联盟区域,将联盟区域配置为包括n个信任根服务器,各个信任根服务器互相连接,每个信任根服务器存储全部信任根服务器的名称和公钥信息,并存储全部顶级信任服务器的名称、地址和公钥信息,以及用于签发证书,且每个信任根服务器存储的信息完全相同,通过共识算法保证存储的信息的一致性;S301. Construct a federation zone. The federation zone is configured to include n trusted root servers, and each trusted root server is connected to each other. Each trusted root server stores the names and public key information of all trusted root servers, and stores the names of all top trusted servers. , Address, and public key information, as well as for issuing certificates, and the information stored by each trusted root server is exactly the same, and the consistency of the stored information is guaranteed by a consensus algorithm;
S302,构建n个顶级信任服务器集合,配置为每个顶级信任服务器集合连接一个信任根服务器,每个顶级信任服务器集合包括m个顶级信任服务器,且m个顶级信任服务器连接同一个信任根服务器,每个顶级信任服务器存储自身的公钥信息,并存储与其连接的权限信任服务器的名称、地址和公钥信息;S302. Build n top trusted server sets, and configure each top trusted server set to connect to one trusted root server, each top trusted server set includes m top trusted servers, and m top trusted servers connected to the same trusted root server. Each top-level trust server stores its own public key information, and stores the name, address, and public key information of the authority trust server connected to it;
S303,构建n*m个权限信任服务器集合,配置为每个权限信任服务器集合连接一个顶级信任服务器,每个权限信任服务器集合包括j个权限信任服务器,且j个权限信任服务器连接同一个顶级信任服务器,每个权限信任服务器存储自身的公钥信息,并存储与其连接 的终端的名称、地址和公钥信息;S303. Build n * m permission trust server sets, and configure each permission trust server set to connect to a top-level trust server. Each permission trust server set includes j permission trust servers, and j permission trust servers are connected to the same top-level trust. Server, each authority trusts the server to store its own public key information, and stores the name, address, and public key information of the terminal connected to it;
S304,构建n*m*j个终端集合,配置为每个终端集合连接一个权限信任服务器,每个终端集合包括i个终端,i个终端连接同一个权限信任服务器。S304. Construct n * m * j terminal sets, and configure each terminal set to connect to a permission trust server. Each terminal set includes i terminals, and i terminals connect to the same permission trust server.
由此可见,通过本发明提供的基于联盟的全网统一信任锚构建方法,联盟信任锚以去中心化的形式存在,通过共识算法来确保联盟区域中的各个信任根服务器的数据保持一致,在联盟中建立全网统一信任锚,共同管理公钥,这种基于联盟的去中心化的组织和管理方式可以保证各个信任根服务器的状态一致,有效地避免了目前中心化工作中存在的各种弊端,实现公钥的高效管理,使得远程通信实体可以得到对方的公钥、并确保公钥的真实性。It can be seen that through the alliance-based unified trust anchor construction method provided by the present invention, the alliance trust anchor exists in a decentralized form, and the consensus algorithm is used to ensure that the data of each trust root server in the alliance area is consistent. The alliance establishes a unified trust anchor across the entire network and jointly manages the public key. This alliance-based decentralized organization and management method can ensure that the status of each trusted root server is consistent, effectively avoiding the various existing existing centralized work. The disadvantage is that the efficient management of the public key is realized, so that the remote communication entity can obtain the public key of the other party and ensure the authenticity of the public key.
作为本发明实施例的一个可选实施方式,基于联盟的全网统一信任锚的构建方法还包括:配置每个顶级信任服务器集合连接全部信任根服务器,每个顶级信任服务器集合包括m个顶级信任服务器,且m个顶级信任服务器连接每一个信任根服务器。由此以保证顶级信任服务器可以与任一个信任根服务器进行连接并进行数据传输。As an optional implementation manner of the embodiment of the present invention, the method for constructing a federation-based unified trust anchor for the entire network further includes: configuring each top-level trust server set to connect to all trusted root servers, and each top-level trust server set including m top-level trusts Server, and m top trusted servers connect to each trusted root server. This ensures that the top-level trusted server can connect to any trusted root server and perform data transmission.
作为本发明实施例的一个可选实施方式,基于联盟的全网统一信任锚的构建方法还包括:顶级信任服务器的变更流程;As an optional implementation manner of the embodiment of the present invention, the method for constructing the alliance-based unified trust anchor of the entire network further includes: a change process of the top-level trust server;
顶级信任服务器的变更流程包括:The change process for the top trust server includes:
顶级信任服务器向与其连接的信任根服务器发送变更请求;The top-level trust server sends a change request to the trusted root server connected to it;
信任根服务器向联盟区域提出变更的决议,根据预设的决议策略在决议通过后,信任根服务器中响应顶级信任服务器的变更请求,并通过共识算法,更新联盟区域内的全部信任根服务器中存储的数据;The trust root server proposes a change resolution to the federation area. After the resolution is passed according to the preset resolution policy, the trust root server responds to the change request of the top trust server and updates the storage of all trusted root servers in the federation area through the consensus algorithm. The data;
顶级信任服务器执行变更操作。The top-level trust server performs the change operation.
通过此种方式,顶级信任根服务器可以向与其连接的信任根服务器申请变更,在与其连接的信任根服务器接受并进行变更后,在联盟区域内进行决议,只有联盟区域内决议通过后,才可以执行变更操作,同时,联盟区域内的全部信任根服务器通过共识算法进行相同的修改,保证数据的一致性。In this way, the top-level trusted root server can apply for changes to the trusted root server connected to it. After accepting and making changes to the trusted root server connected to it, a resolution is made in the federation area, and only after the resolution in the federation area passes, can it be changed. When a change operation is performed, at the same time, all the root trust servers in the alliance area perform the same modification through a consensus algorithm to ensure data consistency.
作为本发明实施例的一个可选实施方式,基于联盟的全网统一信任锚的构建方法还包括:信任根服务器的变更流程:As an optional implementation manner of the embodiment of the present invention, the method for constructing the alliance-based unified trust anchor of the entire network further includes: a process of changing the trust root server:
信任根服务器的变更流程包括:The process of changing the trusted root server includes:
信任根服务器在联盟内提出变更的决议,根据预设的决议策略在决议通过后,变更自身的数据,并通过共识算法,更新联盟区域内全部信任根服务器中存储的数据。The trust root server proposes a change resolution in the alliance, and after the resolution is passed according to a preset resolution policy, changes its own data and updates the data stored in all trust root servers in the alliance area through a consensus algorithm.
通过此种方式,联盟区域内的某个信任根服务器如需进行数据变更,则在联盟区域内进行决议,只有联盟区域内决议通过后,才可以执行变更操作,同时,联盟区域内的全部 信任根服务器通过共识算法进行相同的修改,保证数据的一致性。In this way, if a trusted root server in the alliance region needs to make data changes, a resolution is made in the alliance region. Only after the resolution in the alliance region is passed can the change operation be performed. At the same time, all trusts in the alliance region The root server performs the same modification through a consensus algorithm to ensure data consistency.
作为本发明实施例的一个可选实施方式,基于联盟的全网统一信任锚的构建方法还包括:终端的查询流程:As an optional implementation manner of the embodiment of the present invention, the method for constructing the alliance-based unified trust anchor of the entire network further includes a query process of the terminal:
终端的查询流程包括:The query process of the terminal includes:
终端向与其连接的权限信任服务器发送对对端终端的查询请求;The terminal sends a query request to the opposite terminal to the authority trust server connected to the terminal;
权限信任服务器在没有查询到对端终端的相关信息后,向与其连接的顶级信任服务器发送查询请求;The authority trust server sends a query request to the top-level trust server connected to the peer terminal without querying the relevant information of the peer terminal;
顶级信任服务器在没有查询到对端终端的相关信息后,向与其连接的信任根服务器发送查询请求;The top-level trust server sends a query request to the trusted root server connected to the peer terminal without querying the relevant information of the peer terminal;
信任根服务器在没有查询到对端终端的相关信息时,向与其连接的对端终端所在的信任根服务器发送查询请求,并接收经由对端终端所在的信任根服务器依次通过其连接的对端终端所在的顶级信任服务器、对端终端所在的权限信任服务器查询得到的对端终端的相关信息,并将查询得到的对端终端的相关信息通过顶级信任服务器、权限信任服务器发送至终端。When the trusted root server does not query related information of the peer terminal, it sends a query request to the trusted root server where the peer terminal connected to it and receives the peer terminal connected in turn through the trusted root server where the peer terminal is located. The top trust server and the authority trust server where the peer terminal is located query the related information of the peer terminal, and send the query related information of the peer terminal to the terminal through the top trust server and the authority trust server.
通过此种方式,终端如果需要查询对端终端的相关信息,则可以通过与其连接的权限信任服务器、顶级信任根服务器以及信任根服务器进行查询,此时,信任根服务器没有查询到时,则通过联盟区域的另一信任根服务器进行查询,在查询到后,通过信任根服务器、顶级信任根服务器以及权限信任服务器发送至终端。In this way, if the terminal needs to query the related information of the peer terminal, it can query it through the authority trust server, top-level trust root server, and trust root server connected to it. The query is performed by another trusted root server in the federation area. After the query, the query is sent to the terminal through the trusted root server, the top-level trusted root server, and the permission trusted server.
作为本发明实施例的一个可选实施方式,基于联盟的全网统一信任锚的构建方法还包括:终端的查询流程:As an optional implementation manner of the embodiment of the present invention, the method for constructing the alliance-based unified trust anchor of the entire network further includes a query process of the terminal:
终端的查询流程包括:The query process of the terminal includes:
终端查询本地是否缓存过对端终端的标识信息;The terminal queries whether the identification information of the opposite terminal is cached locally;
在终端查询本地没有缓存过对端终端的标识信息的情况下,终端向对端终端所在的信任根服务器发送查询请求;In the case where the terminal has not locally cached the identification information of the opposite terminal, the terminal sends a query request to the trusted root server where the opposite terminal is located;
在对端终端所在的信任根服务器查询得到对端终端的标识信息的情况下,终端向与对端终端所在的信任根服务器连接的对端终端所在的顶级信任服务器发送查询请求;When the trusted root server where the peer terminal is located obtains the identification information of the peer terminal, the terminal sends a query request to the top trusted server where the peer terminal connected to the trusted root server where the peer terminal is located;
在对端终端所在的顶级信任服务器查询得到对端终端的标识信息的情况下,终端向与对端终端所在的顶级信任服务器连接的对端终端所在的权限信任服务器发送查询请求;In the case where the top-level trust server where the peer terminal is located obtains the identification information of the peer terminal, the terminal sends a query request to the authority trust server where the peer terminal connected to the top-level trust server where the peer terminal is located;
在对端终端所在的权限信任服务器查询得到对端终端的标识信息的情况下,终端接收对端终端所在的权限信任服务器发送的查询响应信息。When the authority trust server where the opposite terminal is located obtains the identification information of the opposite terminal, the terminal receives the query response information sent by the authority trust server where the opposite terminal is located.
通过此种方式,终端如果需要查询对端终端的相关信息,则可以直接通过对端终端所 在的信任根服务器、顶级信任服务器、权限信任根服务器进行查询是否有对端终端的标识信息,在查询到标识信息后再获得查询响应信息,将所查询的信息包含在查询响应信息中发送至终端,从而可以提高查询效率。In this way, if the terminal needs to query the related information of the peer terminal, it can directly query the trusted root server, top-level trust server, and authority trust root server where the peer terminal is located to check whether there is identification information of the peer terminal. The query response information is obtained after the identification information is included, and the query information is included in the query response information and sent to the terminal, thereby improving the query efficiency.
作为本发明实施例的一个可选实施方式,基于联盟的全网统一信任锚的构建方法还包括:终端的认证流程;As an optional implementation manner of the embodiment of the present invention, the method for constructing the alliance-based unified trust anchor of the entire network further includes: an authentication process of the terminal;
终端的认证流程包括:The authentication process of the terminal includes:
终端,还用于向与其连接的权限信任服务器发送对对端终端的认证请求;The terminal is further configured to send an authentication request for the opposite terminal to the authority trust server connected to the terminal;
权限信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的顶级信任服务器发送认证请求;The authority trust server is also used to send an authentication request to the top-level trust server connected to the peer terminal without querying the authentication information of the peer terminal;
顶级信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的信任根服务器发送查询请求;The top-level trust server is also used to send a query request to the trusted root server connected to the peer terminal without querying the authentication information of the peer terminal;
信任根服务器,还用于在没有查询到对端终端的认证信息时,向与其连接的对端终端所在的信任根服务器发送查询请求,并接收经由对端终端所在的信任根服务器查询得到的对端终端的认证信息通过顶级信任服务器、权限信任服务器发送至终端。The trust root server is also used to send a query request to the trusted root server where the peer terminal to which it is connected when the authentication information of the peer terminal is not queried, and to receive the query obtained from the trusted root server where the peer terminal is located. The authentication information of the terminal is sent to the terminal through the top-level trust server and the authority trust server.
通过此种方式,终端如果需要认证对端终端,则可以通过与其连接的权限信任服务器、顶级信任根服务器以及信任根服务器进行认证,此时,信任根服务器没有查询到认证信息时,则通过联盟区域的另一信任根服务器进行认证信息的查询,在查询到认证信息后,通过信任根服务器、顶级信任根服务器以及权限信任服务器发送至终端。In this way, if the terminal needs to authenticate the peer terminal, it can perform authentication through the authority trust server, top-level trust root server, and trust root server connected to it. At this time, when the trust root server does not query the authentication information, it passes the federation. Another trusted root server in the region queries the authentication information. After querying the authentication information, it sends it to the terminal through the trusted root server, the top-level trusted root server, and the authority trusted server.
作为本发明实施例的一个可选实施方式,基于联盟的全网统一信任锚的构建方法还包括:终端的认证流程;As an optional implementation manner of the embodiment of the present invention, the method for constructing the alliance-based unified trust anchor of the entire network further includes: an authentication process of the terminal;
终端的认证流程包括:The authentication process of the terminal includes:
终端,还用于向与其连接的权限信任服务器发送对对端终端的认证请求;The terminal is further configured to send an authentication request for the opposite terminal to the authority trust server connected to the terminal;
权限信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的顶级信任服务器发送认证请求;The authority trust server is also used to send an authentication request to the top-level trust server connected to the peer terminal without querying the authentication information of the peer terminal;
顶级信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的信任根服务器发送查询请求;The top-level trust server is also used to send a query request to the trusted root server connected to the peer terminal without querying the authentication information of the peer terminal;
信任根服务器,还用于在没有查询到对端终端的认证信息时,向与其连接的对端终端所在的信任根服务器发送查询请求,并接收经由对端终端所在的信任根服务器依次通过其连接的对端终端所在的顶级信任服务器、对端终端所在的权限信任服务器查询得到的对端终端的认证信息,并将查询得到的对端终端的认证信息通过顶级信任服务器、权限信任服务器发送至终端。The trust root server is also used to send a query request to the trusted root server where the peer terminal is connected when no authentication information of the peer terminal is queried, and to receive connections through the trusted root server where the peer terminal is located in turn. The top-level trust server where the opposite terminal is located, and the authorization trust server where the opposite terminal is located query the authentication information of the opposite terminal, and send the obtained authentication information of the opposite terminal to the terminal through the top-level trust server and authority trust server. .
通过此种方式,终端如果需要认证对端终端,则可以通过与其连接的权限信任服务器、顶级信任根服务器以及信任根服务器进行认证,此时,信任根服务器没有查询到认证信息时,则通过联盟区域的另一信任根服务器进行认证信息的查询,另一信任根服务器通过与自己连接的顶级信任服务器、权限信任服务器查询认证信息,并将查询到的认证信息通过信任根服务器、顶级信任根服务器以及权限信任服务器发送至终端。In this way, if the terminal needs to authenticate the peer terminal, it can perform authentication through the authority trust server, top-level trust root server, and trust root server connected to it. At this time, when the trust root server does not query the authentication information, it passes the federation. Another trusted root server in the region queries the authentication information. The other trusted root server queries the authentication information through the top-level trust server and authority trust server connected to itself, and passes the found authentication information through the trusted root server and top-level trusted root server. And the authority trust server sends it to the terminal.
流程图中或在此以其他方式描述的任何过程或方法描述可以被理解为,表示包括一个或更多个用于实现特定逻辑功能或过程的步骤的可执行指令的代码的模块、片段或部分,并且本发明的优选实施方式的范围包括另外的实现,其中可以不按所示出或讨论的顺序,包括根据所涉及的功能按基本同时的方式或按相反的顺序,来执行功能,这应被本发明的实施例所属技术领域的技术人员所理解。Any process or method description in a flowchart or otherwise described herein can be understood as representing a module, fragment, or portion of code that includes one or more executable instructions for implementing a particular logical function or step of a process And, the scope of the preferred embodiments of the present invention includes additional implementations in which the functions may be performed out of the order shown or discussed, including performing the functions in a substantially simultaneous manner or in the reverse order according to the functions involved, which should It is understood by those skilled in the art to which the embodiments of the present invention pertain.
本技术领域的普通技术人员可以理解实现上述实施例方法携带的全部或部分步骤是可以通过程序来指令相关的硬件完成,所述的程序可以存储于一种计算机可读存储介质中,该程序在执行时,包括方法实施例的步骤之一或其组合。A person of ordinary skill in the art can understand that all or part of the steps carried by the methods in the foregoing embodiments may be implemented by a program instructing related hardware. The program may be stored in a computer-readable storage medium. The program is When executed, one or a combination of the steps of the method embodiment is included.
以上的实施例仅是对本发明的优选实施方式进行描述,并非对本发明的范围进行限定,在不脱离本发明设计精神的前提下,本领域普通工程技术人员对本发明的技术方案做出的各种变形和改进,均应落入本发明的权利要求书确定的保护范围内。The above embodiments only describe the preferred embodiments of the present invention, and do not limit the scope of the present invention. Without departing from the design spirit of the present invention, various ordinary technical personnel in the field make various technical solutions of the present invention. Variations and improvements shall fall within the protection scope determined by the claims of the present invention.

Claims (16)

  1. 一种基于联盟的全网统一信任锚系统,其特征在于,包括:An alliance-based unified trust anchor system for the entire network, which is characterized by:
    联盟区域,所述联盟区域包括n个信任根服务器,各个所述信任根服务器互相连接;A federation area, where the federation area includes n trusted root servers, and each of the trusted root servers is connected to each other;
    n个顶级信任服务器集合,每个所述顶级信任服务器集合连接一个所述信任根服务器,每个所述顶级信任服务器集合包括m个顶级信任服务器,且所述m个顶级信任服务器连接同一个信任根服务器;n top-level trust server sets, each of which is connected to one of the trusted root servers, each of the top-level trust server sets includes m top-level trust servers, and the m top-level trust servers are connected to the same trust Root server
    n*m个权限信任服务器集合,每个所述权限信任服务器集合连接一个所述顶级信任服务器,每个所述权限信任服务器集合包括j个权限信任服务器,且所述j个权限信任服务器连接同一个顶级信任服务器;n * m sets of permission trust servers, each of which is connected to one of the top-level trust servers, each set of permission trust servers includes j permission trust servers, and the j permission trust servers are connected to the same A top-level trust server;
    n*m*j个终端集合,每个所述终端集合连接一个所述权限信任服务器,每个所述终端集合包括i个终端,所述i个终端连接同一个权限信任服务器;n * m * j terminal sets, each said terminal set is connected to one said authority trust server, each said terminal set includes i terminals, and said i terminals are connected to the same authority trust server;
    其中,among them,
    每个所述信任根服务器,用于存储全部信任根服务器的名称和公钥信息,并存储全部顶级信任服务器的名称、地址和公钥信息,以及用于签发证书,且每个所述信任根服务器存储的信息完全相同,通过共识算法保证存储的信息的一致性;Each of the trusted root servers is configured to store the names and public key information of all trusted root servers, and stores the name, address, and public key information of all top-level trusted servers, and is used to issue certificates, and each of the trusted roots The information stored on the server is exactly the same, and the consistency of the stored information is guaranteed by a consensus algorithm;
    每个所述顶级信任服务器,用于存储自身的公钥信息,并存储与其连接的权限信任服务器的名称、地址和公钥信息;Each of the top-level trust servers is configured to store its own public key information, and store the name, address, and public key information of an authority trust server connected to it;
    每个所述权限信任服务器,用于存储自身的公钥信息,并存储与其连接的终端的名称、地址和公钥信息。Each authority trust server is configured to store its own public key information and store the name, address, and public key information of the terminal connected to it.
  2. 根据权利要求1所述的系统,其特征在于,The system of claim 1, wherein:
    每个所述顶级信任服务器集合连接全部所述信任根服务器,每个所述顶级信任服务器集合包括m个顶级信任服务器,且所述m个顶级信任服务器连接每一个所述信任根服务器。Each of the top-level trust server sets is connected to all the trusted root servers, each of the top-level trust server sets includes m top-level trust servers, and the m top-level trust servers are connected to each of the trusted root servers.
  3. 根据权利要求1所述的系统,其特征在于,The system of claim 1, wherein:
    所述顶级信任服务器,还用于向与其连接的所述信任根服务器发送变更请求;The top-level trust server is further configured to send a change request to the trusted root server connected to the top-level trust server;
    所述信任根服务器,还用于向联盟区域提出变更的决议,根据预设的决议策略在决议通过后,所述信任根服务器中响应所述顶级信任服务器的变更请求,并通过所述共识算法,更新所述联盟区域内的全部信任根服务器中存储的数据;The trusted root server is further used to propose a change resolution to the alliance region. After the resolution is passed according to a preset resolution policy, the trusted root server responds to the change request of the top-level trusted server and passes the consensus algorithm. Update data stored in all trusted root servers in the federation area;
    所述顶级信任服务器,还用于执行变更操作。The top-level trust server is further configured to perform a change operation.
  4. 根据权利要求1所述的系统,其特征在于,The system of claim 1, wherein:
    所述信任根服务器,还用于在联盟内提出变更的决议,根据预设的决议策略在决议通 过后,变更自身的数据,并通过所述共识算法,更新所述联盟区域内全部信任根服务器中存储的数据。The trusted root server is also used to propose a change resolution in the alliance, and after the resolution is passed according to a preset resolution policy, change its own data, and update all trusted root servers in the alliance area through the consensus algorithm. Data stored in it.
  5. 根据权利要求1所述的系统,其特征在于,The system of claim 1, wherein:
    终端,还用于向与其连接的权限信任服务器发送对对端终端的查询请求;The terminal is further configured to send a query request for the opposite terminal to the authority trust server connected to the terminal;
    所述权限信任服务器,还用于在没有查询到对端终端的相关信息后,向与其连接的顶级信任服务器发送所述查询请求;The authority trust server is further configured to send the query request to a top-level trust server connected to the peer terminal after the related information of the peer terminal is not queried;
    所述顶级信任服务器,还用于在没有查询到对端终端的相关信息后,向与其连接的信任根服务器发送所述查询请求;The top-level trust server is further configured to send the query request to a trusted root server connected to the peer terminal after the related information of the peer terminal is not queried;
    所述信任根服务器,还用于在没有查询到对端终端的相关信息时,向与其连接的对端终端所在的信任根服务器发送所述查询请求,并接收经由所述对端终端所在的信任根服务器依次通过其连接的所述对端终端所在的顶级信任服务器、对端终端所在的权限信任服务器查询得到的对端终端的相关信息,并将查询得到的所述对端终端的相关信息通过所述顶级信任服务器、所述权限信任服务器发送至所述终端。The trusted root server is further configured to send the query request to a trusted root server where the peer terminal connected to it is located when no related information of the peer terminal is queried, and receive the trust via the peer terminal where the peer terminal is located. The root server queries the related information of the opposite terminal through the top-level trust server where the opposite terminal is located, and the authority trust server where the opposite terminal is located, and passes the related information of the opposite terminal obtained by the query through The top-level trust server and the authority trust server are sent to the terminal.
  6. 根据权利要求1所述的系统,其特征在于,The system of claim 1, wherein:
    终端,还用于查询本地是否缓存过对端终端的标识信息,在查询本地没有缓存过对端终端的标识信息的情况下,向所述对端终端所在的信任根服务器发送查询请求;The terminal is also used to query whether the identification information of the opposite terminal is cached locally, and when the identification information of the opposite terminal is not cached locally, sending a query request to the trusted root server where the opposite terminal is located;
    所述终端,还用于在所述对端终端所在的信任根服务器查询得到对端终端的标识信息的情况下,向与所述对端终端所在的信任根服务器连接的对端终端所在的顶级信任服务器发送所述查询请求;The terminal is further configured to query the trusted root server where the peer terminal is located to obtain the identification information of the peer terminal, and to the top level where the peer terminal connected to the trusted root server where the peer terminal is located is located. Trust the server to send the query request;
    所述终端,还用于在所述对端终端所在的顶级信任服务器查询得到对端终端的标识信息的情况下,向与所述对端终端所在的顶级信任服务器连接的对端终端所在的权限信任服务器发送所述查询请求;The terminal is further configured to, when the top-level trusted server where the peer terminal is located query for the identification information of the peer terminal, the permission to the peer terminal connected to the top-level trusted server where the peer terminal is located Trust the server to send the query request;
    所述终端,还用于在所述对端终端所在的权限信任服务器查询得到对端终端的标识信息的情况下,接收所述对端终端所在的权限信任服务器发送的查询响应信息。The terminal is further configured to receive query response information sent by the authority trust server where the peer terminal is located when the authority trust server where the peer terminal is located obtains the identification information of the peer terminal.
  7. 根据权利要求1所述的系统,其特征在于,The system of claim 1, wherein:
    终端,还用于向与其连接的权限信任服务器发送对对端终端的认证请求;The terminal is further configured to send an authentication request for the opposite terminal to the authority trust server connected to the terminal;
    所述权限信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的顶级信任服务器发送所述认证请求;The authority trust server is further configured to send the authentication request to a top-level trust server connected to the peer terminal without querying the authentication information of the peer terminal;
    所述顶级信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的信任根服务器发送所述查询请求;The top-level trust server is further configured to send the query request to a trusted root server connected to the peer terminal after no authentication information of the peer terminal is queried;
    所述信任根服务器,还用于在没有查询到对端终端的认证信息时,向与其连接的对端 终端所在的信任根服务器发送所述查询请求,并接收经由所述对端终端所在的信任根服务器查询得到的所述对端终端的认证信息通过所述顶级信任服务器、所述权限信任服务器发送至所述终端。The trusted root server is further configured to: when the authentication information of the opposite terminal is not queried, send the query request to the trusted root server where the connected opposite terminal is located, and receive the trust via the opposite terminal. The authentication information of the peer terminal obtained by the root server query is sent to the terminal through the top-level trust server and the authority trust server.
  8. 根据权利要求1所述的系统,其特征在于,The system of claim 1, wherein:
    终端,还用于向与其连接的权限信任服务器发送对对端终端的认证请求;The terminal is further configured to send an authentication request for the opposite terminal to the authority trust server connected to the terminal;
    所述权限信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的顶级信任服务器发送所述认证请求;The authority trust server is further configured to send the authentication request to a top-level trust server connected to the peer terminal without querying the authentication information of the peer terminal;
    所述顶级信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的信任根服务器发送所述查询请求;The top-level trust server is further configured to send the query request to a trusted root server connected to the peer terminal after no authentication information of the peer terminal is queried;
    所述信任根服务器,还用于在没有查询到对端终端的认证信息时,向与其连接的对端终端所在的信任根服务器发送所述查询请求,并接收经由所述对端终端所在的信任根服务器依次通过其连接的所述对端终端所在的顶级信任服务器、对端终端所在的权限信任服务器查询得到的对端终端的认证信息,并将查询得到的所述对端终端的认证信息通过所述顶级信任服务器、所述权限信任服务器发送至所述终端。The trusted root server is further configured to: when the authentication information of the opposite terminal is not queried, send the query request to the trusted root server where the connected opposite terminal is located, and receive the trust via the opposite terminal. The root server sequentially queries the authentication information of the opposite terminal through the top-level trust server where the opposite terminal is located and the authority trust server where the opposite terminal is located, and passes the obtained authentication information of the opposite terminal through the query. The top-level trust server and the authority trust server are sent to the terminal.
  9. 一种基于联盟的全网统一信任锚的构建方法,其特征在于,包括:A method for constructing a unified trust anchor for the entire network based on alliance, which is characterized by:
    构建联盟区域,将所述联盟区域配置为包括n个信任根服务器,各个所述信任根服务器互相连接,每个所述信任根服务器存储全部信任根服务器的名称和公钥信息,并存储全部顶级信任服务器的名称、地址和公钥信息,以及用于签发证书,且每个所述信任根服务器存储的信息完全相同,通过共识算法保证存储的信息的一致性;Construct a federation area, and configure the federation area to include n trusted root servers, each of which is connected to each other, and each of the trusted root servers stores the names and public key information of all trusted root servers, and stores all top-level servers The name, address, and public key information of the trust server, as well as the certificate used to sign the certificate, and the information stored by each said trust root server is exactly the same, and the consistency of the stored information is guaranteed by a consensus algorithm;
    构建n个顶级信任服务器集合,配置为每个所述顶级信任服务器集合连接一个所述信任根服务器,每个所述顶级信任服务器集合包括m个顶级信任服务器,且所述m个顶级信任服务器连接同一个信任根服务器,每个所述顶级信任服务器存储自身的公钥信息,并存储与其连接的权限信任服务器的名称、地址和公钥信息;Constructing n top trust server sets, configured to connect one said trust root server to each said top trust server set, each said top trust server set including m top trust servers, and said m top trust servers connected The same trusted root server, each of the top-level trusted servers stores its own public key information, and stores the name, address, and public key information of the authority trusted server connected to it;
    构建n*m个权限信任服务器集合,配置为每个所述权限信任服务器集合连接一个所述顶级信任服务器,每个所述权限信任服务器集合包括j个权限信任服务器,且所述j个权限信任服务器连接同一个顶级信任服务器,每个所述权限信任服务器存储自身的公钥信息,并存储与其连接的终端的名称、地址和公钥信息;Constructing n * m permission trust server sets, configured to connect one of the top trust servers to each of the permission trust server sets, each of the permission trust server sets including j permission trust servers, and the j permission trusts The server is connected to the same top-level trust server, and each said authority trust server stores its own public key information, and stores the name, address, and public key information of the terminal connected to it;
    构建n*m*j个终端集合,配置为每个所述终端集合连接一个所述权限信任服务器,每个所述终端集合包括i个终端,所述i个终端连接同一个权限信任服务器。Build n * m * j terminal sets, and configure each terminal set to connect to one of the authority trust servers, each terminal set includes i terminals, and the i terminals are connected to the same authority trust server.
  10. 根据权利要求9所述的方法,其特征在于,还包括:The method according to claim 9, further comprising:
    配置每个所述顶级信任服务器集合连接全部所述信任根服务器,每个所述顶级信任服 务器集合包括m个顶级信任服务器,且所述m个顶级信任服务器连接每一个所述信任根服务器。Each of the top-level trust server sets is configured to connect to all the trusted root servers, each of the top-level trust server sets includes m top-level trust servers, and the m top-level trust servers connect to each of the trust root servers.
  11. 根据权利要求9所述的方法,其特征在于,还包括:所述顶级信任服务器的变更流程;The method according to claim 9, further comprising: a change process of the top-level trust server;
    所述顶级信任服务器的变更流程包括:The change process of the top-level trust server includes:
    所述顶级信任服务器向与其连接的所述信任根服务器发送变更请求;The top-level trust server sends a change request to the trusted root server connected to the top-level trust server;
    所述信任根服务器向联盟区域提出变更的决议,根据预设的决议策略在决议通过后,所述信任根服务器中响应所述顶级信任服务器的变更请求,并通过所述共识算法,更新所述联盟区域内的全部信任根服务器中存储的数据;The trusted root server proposes a change resolution to the alliance region, and after the resolution is passed according to a preset resolution policy, the trusted root server responds to the change request of the top-level trusted server and updates the consensus algorithm through the consensus algorithm. The data stored in all trusted root servers in the federation area;
    所述顶级信任服务器执行变更操作。The top-level trust server performs a change operation.
  12. 根据权利要求9所述的方法,其特征在于,还包括:所述信任根服务器的变更流程:The method according to claim 9, further comprising: a change process of the trusted root server:
    所述信任根服务器的变更流程包括:The process of changing the trusted root server includes:
    所述信任根服务器在联盟内提出变更的决议,根据预设的决议策略在决议通过后,变更自身的数据,并通过所述共识算法,更新所述联盟区域内全部信任根服务器中存储的数据。The trusted root server proposes a change resolution in the alliance, and after the resolution is passed according to a preset resolution policy, changes its own data, and updates the data stored in all trusted root servers in the alliance area through the consensus algorithm. .
  13. 根据权利要求9所述的方法,其特征在于,还包括:所述终端的查询流程:The method according to claim 9, further comprising: a query process of the terminal:
    所述终端的查询流程包括:The query process of the terminal includes:
    终端向与其连接的权限信任服务器发送对对端终端的查询请求;The terminal sends a query request to the opposite terminal to the authority trust server connected to the terminal;
    所述权限信任服务器在没有查询到对端终端的相关信息后,向与其连接的顶级信任服务器发送所述查询请求;The authority trust server sends the query request to the top-level trust server connected to the peer terminal after it has not queried the relevant information of the peer terminal;
    所述顶级信任服务器在没有查询到对端终端的相关信息后,向与其连接的信任根服务器发送所述查询请求;The top-level trust server sends the query request to a trusted root server connected to the top-end trust server after the related information of the opposite terminal is not queried;
    所述信任根服务器在没有查询到对端终端的相关信息时,向与其连接的对端终端所在的信任根服务器发送所述查询请求,并接收经由所述对端终端所在的信任根服务器依次通过其连接的所述对端终端所在的顶级信任服务器、对端终端所在的权限信任服务器查询得到的对端终端的相关信息,并将查询得到的所述对端终端的相关信息通过所述顶级信任服务器、所述权限信任服务器发送至所述终端。When the trusted root server does not query related information of the opposite terminal, the trusted root server sends the query request to the trusted root server where the opposite terminal is connected, and receives the request through the trusted root server where the opposite terminal is located. The top-level trust server where the peer terminal is located, and the authority trust server where the peer terminal is located query related information of the peer terminal, and query the related information of the peer terminal through the top-level trust. The server and the authority trust server send to the terminal.
  14. 根据权利要求9所述的方法,其特征在于,还包括:所述终端的查询流程:The method according to claim 9, further comprising: a query process of the terminal:
    所述终端的查询流程包括:The query process of the terminal includes:
    所述终端查询本地是否缓存过对端终端的标识信息;Querying, by the terminal, whether the identification information of the opposite terminal has been cached locally;
    在所述终端查询本地没有缓存过对端终端的标识信息的情况下,所述终端向所述对端终端所在的信任根服务器发送查询请求;In a case where the terminal queries the identity information of the opposite terminal without being cached locally, the terminal sends a query request to the trusted root server where the opposite terminal is located;
    在所述对端终端所在的信任根服务器查询得到对端终端的标识信息的情况下,所述终端向与所述对端终端所在的信任根服务器连接的对端终端所在的顶级信任服务器发送所述查询请求;In the case where the trusted root server where the peer terminal is located obtains the identification information of the peer terminal, the terminal sends the IP address to the top trusted server where the peer terminal connected to the trusted root server where the peer terminal is located The query request;
    在所述对端终端所在的顶级信任服务器查询得到对端终端的标识信息的情况下,所述终端向与所述对端终端所在的顶级信任服务器连接的对端终端所在的权限信任服务器发送所述查询请求;In a case where the top-level trust server where the peer terminal is located obtains the identification information of the peer terminal, the terminal sends the identity trust server to the authority trust server where the peer terminal connected to the top-level trust server where the peer terminal is located. The query request;
    在所述对端终端所在的权限信任服务器查询得到对端终端的标识信息的情况下,所述终端接收所述对端终端所在的权限信任服务器发送的查询响应信息。In a case where the authority trust server where the opposite terminal is located obtains the identification information of the opposite terminal, the terminal receives the query response information sent by the authority trust server where the opposite terminal is located.
  15. 根据权利要求9所述的方法,其特征在于,还包括:所述终端的认证流程;The method according to claim 9, further comprising: an authentication process of the terminal;
    所述终端的认证流程包括:The authentication process of the terminal includes:
    终端,还用于向与其连接的权限信任服务器发送对对端终端的认证请求;The terminal is further configured to send an authentication request for the opposite terminal to the authority trust server connected to the terminal;
    所述权限信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的顶级信任服务器发送所述认证请求;The authority trust server is further configured to send the authentication request to a top-level trust server connected to the peer terminal without querying the authentication information of the peer terminal;
    所述顶级信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的信任根服务器发送所述查询请求;The top-level trust server is further configured to send the query request to a trusted root server connected to the peer terminal after no authentication information of the peer terminal is queried;
    所述信任根服务器,还用于在没有查询到对端终端的认证信息时,向与其连接的对端终端所在的信任根服务器发送所述查询请求,并接收经由所述对端终端所在的信任根服务器查询得到的所述对端终端的认证信息通过所述顶级信任服务器、所述权限信任服务器发送至所述终端。The trusted root server is further configured to: when the authentication information of the opposite terminal is not queried, send the query request to the trusted root server where the connected opposite terminal is located, and receive the trust via the opposite terminal. The authentication information of the peer terminal obtained by the root server query is sent to the terminal through the top-level trust server and the authority trust server.
  16. 根据权利要求9所述的方法,其特征在于,还包括:所述终端的认证流程;The method according to claim 9, further comprising: an authentication process of the terminal;
    所述终端的认证流程包括:The authentication process of the terminal includes:
    终端,还用于向与其连接的权限信任服务器发送对对端终端的认证请求;The terminal is further configured to send an authentication request for the opposite terminal to the authority trust server connected to the terminal;
    所述权限信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的顶级信任服务器发送所述认证请求;The authority trust server is further configured to send the authentication request to a top-level trust server connected to the peer terminal without querying the authentication information of the peer terminal;
    所述顶级信任服务器,还用于在没有查询到对端终端的认证信息后,向与其连接的信任根服务器发送所述查询请求;The top-level trust server is further configured to send the query request to a trusted root server connected to the peer terminal after no authentication information of the peer terminal is queried;
    所述信任根服务器,还用于在没有查询到对端终端的认证信息时,向与其连接的对端终端所在的信任根服务器发送所述查询请求,并接收经由所述对端终端所在的信任根服务器依次通过其连接的所述对端终端所在的顶级信任服务器、对端终端所在的权限信任服务 器查询得到的对端终端的认证信息,并将查询得到的所述对端终端的认证信息通过所述顶级信任服务器、所述权限信任服务器发送至所述终端。The trusted root server is further configured to: when the authentication information of the opposite terminal is not queried, send the query request to the trusted root server where the connected opposite terminal is located, and receive the trust via the opposite terminal. The root server sequentially queries the authentication information of the opposite terminal through the top-level trust server where the opposite terminal is located and the authority trust server where the opposite terminal is located, and passes the obtained authentication information of the opposite terminal through the query. The top-level trust server and the authority trust server are sent to the terminal.
PCT/CN2018/115239 2018-07-09 2018-11-13 Alliance-based unified trust anchor system for whole network, and construction method WO2020010767A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810743031.4 2018-07-09
CN201810743031.4A CN108881471B (en) 2018-07-09 2018-07-09 Union-based whole-network unified trust anchor system and construction method

Publications (1)

Publication Number Publication Date
WO2020010767A1 true WO2020010767A1 (en) 2020-01-16

Family

ID=64299874

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/115239 WO2020010767A1 (en) 2018-07-09 2018-11-13 Alliance-based unified trust anchor system for whole network, and construction method

Country Status (2)

Country Link
CN (1) CN108881471B (en)
WO (1) WO2020010767A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109327481B (en) * 2018-12-17 2021-12-14 北京信息科技大学 Block chain-based unified online authentication method and system for whole network
CN109753779B (en) * 2019-01-11 2020-10-30 北京信息科技大学 Whole-network unified identity authentication method and system based on biological characteristic recognition
CN110224713B (en) * 2019-06-12 2020-09-15 读书郎教育科技有限公司 Safety protection method and system based on high-safety intelligent child watch
CN110868446A (en) * 2019-08-29 2020-03-06 北京大学深圳研究生院 Back IP main power network system architecture

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7747851B1 (en) * 2004-09-30 2010-06-29 Avaya Inc. Certificate distribution via license files
CN107070644A (en) * 2016-12-26 2017-08-18 北京科技大学 A kind of decentralization public key management method and management system based on trust network
CN108055263A (en) * 2017-12-11 2018-05-18 北京理工大学 Entity authentication Rights Management System and method in a kind of satellite communication network
CN108243190A (en) * 2018-01-09 2018-07-03 北京信息科技大学 The credible management method and system of a kind of network identity

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB0428596D0 (en) * 2004-12-24 2005-08-10 Qinetiq Ltd Public key infrastructures
CN102263787B (en) * 2011-07-08 2014-04-16 西安电子科技大学 Dynamic distributed certification authority (CA) configuration method
CN103973451B (en) * 2014-05-05 2017-04-12 西南交通大学 Cross-trust-domain authentication method used for distributed network system
CN106372941B (en) * 2016-08-31 2019-07-16 江苏通付盾科技有限公司 Based on the ca authentication management method of block chain, apparatus and system
CN106301792B (en) * 2016-08-31 2019-10-18 江苏通付盾科技有限公司 Based on the ca authentication management method of block chain, apparatus and system
CN107426157B (en) * 2017-04-21 2020-04-17 杭州趣链科技有限公司 Alliance chain authority control method based on digital certificate and CA authentication system
CN107613041B (en) * 2017-09-22 2020-06-05 中国互联网络信息中心 Domain name management system, domain name management method and domain name resolution method based on block chain
CN108052530B (en) * 2017-11-10 2020-12-11 杭州云象网络技术有限公司 Decentralized CA construction method and system based on alliance chain

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7747851B1 (en) * 2004-09-30 2010-06-29 Avaya Inc. Certificate distribution via license files
CN107070644A (en) * 2016-12-26 2017-08-18 北京科技大学 A kind of decentralization public key management method and management system based on trust network
CN108055263A (en) * 2017-12-11 2018-05-18 北京理工大学 Entity authentication Rights Management System and method in a kind of satellite communication network
CN108243190A (en) * 2018-01-09 2018-07-03 北京信息科技大学 The credible management method and system of a kind of network identity

Also Published As

Publication number Publication date
CN108881471B (en) 2020-09-11
CN108881471A (en) 2018-11-23

Similar Documents

Publication Publication Date Title
Cui et al. A hybrid blockchain-based identity authentication scheme for multi-WSN
WO2020010767A1 (en) Alliance-based unified trust anchor system for whole network, and construction method
Seth et al. Practical security for disconnected nodes
US20100138907A1 (en) Method and system for generating digital certificates and certificate signing requests
CN102647394B (en) Routing device identity identifying method and device
JP2011514032A (en) Wireless multi-hop network authentication access method, apparatus and system based on ID
Xu et al. BE-RAN: Blockchain-enabled open RAN with decentralized identity management and privacy-preserving communication
Ma et al. An architecture for accountable anonymous access in the internet-of-things network
CN114629720B (en) industrial Internet cross-domain authentication method based on blockchain and Handle identification
US20180115520A1 (en) Dark virtual private networks and secure services
CN110572819B (en) Block chain-based multi-domain wireless Mesh network cross-domain authentication method and system
JP2009163546A (en) Gateway, repeating method and program
CN114189380B (en) Zero-trust-based distributed authentication system and authorization method for Internet of things equipment
JP2023525092A (en) Secure communication methods and related devices and systems
JPWO2022066227A5 (en)
JP3908982B2 (en) CUG (Closed User Group) management method, CUG providing system, CUG providing program, and storage medium storing CUG providing program
WO2016202397A1 (en) Dns based pki system
CN101997875B (en) Secure multi-party network communication platform and construction method and communication method thereof
Meier et al. Portable trust anchor for OPC UA using auto-configuration
WO2011131002A1 (en) Method and system for identity management
Singh et al. Framework for a Decentralized Web
Latah et al. DPSec: A blockchain-based data plane authentication protocol for SDNs
CN109257375B (en) Internet access authentication system and method based on trust anchor system
Laganier et al. Hipernet: a decentralized security infrastructure for large scale grid environments
Barisch et al. Integrating user identity management systems with the host identity protocol

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18925899

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18925899

Country of ref document: EP

Kind code of ref document: A1