WO2020119506A1 - Procédé d'authentification d'identité basé sur une chaîne d'alliance, et dispositif terminal - Google Patents

Procédé d'authentification d'identité basé sur une chaîne d'alliance, et dispositif terminal Download PDF

Info

Publication number
WO2020119506A1
WO2020119506A1 PCT/CN2019/122453 CN2019122453W WO2020119506A1 WO 2020119506 A1 WO2020119506 A1 WO 2020119506A1 CN 2019122453 W CN2019122453 W CN 2019122453W WO 2020119506 A1 WO2020119506 A1 WO 2020119506A1
Authority
WO
WIPO (PCT)
Prior art keywords
blockchain node
alliance chain
node
name
item information
Prior art date
Application number
PCT/CN2019/122453
Other languages
English (en)
Chinese (zh)
Inventor
冯承勇
Original Assignee
深圳壹账通智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳壹账通智能科技有限公司 filed Critical 深圳壹账通智能科技有限公司
Publication of WO2020119506A1 publication Critical patent/WO2020119506A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates

Definitions

  • the present application relates to the field of blockchain technology, and in particular, to an identity authentication method and terminal device based on alliance chain.
  • digital certificates are usually used for trusted identity authentication (digital certificates are issued by electronic certification authorities (CA, Certificate Authority)).
  • CA electronic certification authorities
  • the commonly adopted scheme is to build a separate root CA for each organization to represent an organization in the alliance chain, and this The root CA issues digital certificates for each node in the organization to prove the identity of the node in the organization.
  • the alliance chain determines which organization the node belongs to by verifying the effective issuing root CA of the node's digital certificate.
  • An organization may participate in multiple different alliance chains, that is, an organization may have multiple root CAs, then each node in the organization will have different digital certificates issued by the root CA, that is, each node corresponds to multiple Digital certificates, which will lead to a higher error rate in the identity authentication of the nodes in the organization, which in turn leads to lower reliability of identity authentication.
  • One of the objectives of the embodiments of the present application is to provide an identity authentication method and terminal device based on the alliance chain, to solve the problem of low reliability of the existing identity authentication method based on the alliance chain.
  • the first aspect of the embodiments of the present application provides an identity authentication method based on alliance chain, which may include [0008] Submit the identity identification data of the first blockchain node and a join request to the genesis block in the alliance chain, where the join request is used to instruct the genesis block to verify A blockchain node performs identity authentication, and returns authentication pass information to the blockchain node after the identity authentication is passed, where the authentication pass information is used to indicate that the genesis block has used the identity identification data to The first blockchain node joins the corresponding alliance chain organization;
  • the identity identification data of the second blockchain node is obtained from the communication request, and according to the identity identification of the second blockchain node The data authenticates the identity of the second blockchain node;
  • an identity authentication device based on an alliance chain includes:
  • a submission unit for submitting the identity identification data of the first blockchain node and a join request to the genesis block in the alliance chain, where the join request is used to instruct the genesis block according to the identity
  • the data authenticates the identity of the first blockchain node, and returns the authentication passed information to the blockchain node after the identity authentication is passed, where the authentication passed information is used to indicate that the genesis block has based on the identity
  • the identification data adds the first blockchain node to the corresponding alliance chain organization
  • a monitoring unit configured to monitor whether a communication request of a second blockchain node is received if the authentication passing information returned by the genesis block is received;
  • the authentication unit is configured to, if a communication request of the second blockchain node is received, acquire the identification data of the second blockchain node from the communication request, and according to the second block The identity identification data of the chain node authenticates the second blockchain node;
  • a return unit configured to return data corresponding to the communication request to the second blockchain node if the identity authentication of the second blockchain node is passed.
  • a third aspect of the embodiments of the present application provides a computer-readable storage medium, the computer-readable
  • the storage medium stores computer-readable instructions, which when executed by the processor implement the following steps:
  • the identity identification data of the second blockchain node is acquired from the communication request, and according to the identity identification of the second blockchain node The data authenticates the identity of the second blockchain node;
  • a fourth aspect of the embodiments of the present application provides a terminal device, including a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor, the processor The following steps are realized when the computer-readable instructions are executed:
  • the identity identification data of the second blockchain node is obtained from the communication request, and according to the identity identification of the second blockchain node The data authenticates the identity of the second blockchain node;
  • FIG. 1 is a schematic diagram of an implementation process of an identity authentication method based on alliance chain provided by an embodiment of the present application
  • FIG. 2 is a schematic diagram of an identity authentication device based on alliance chain provided by an embodiment of the present application
  • FIG. 3 is a schematic diagram of a terminal device provided by an embodiment of the present application.
  • the term “if” may be interpreted as “when” or “once” or “in response to a determination” or “in response to” detected”.
  • the phrase “if determined” or “if [described condition or event] is detected” can be interpreted in the context to mean “once determined” or “in response to determination” or “once detected [described condition or event ]” or “In response to detection of [the described condition or event]”.
  • FIG. 1 is a schematic diagram of an implementation process of a federation chain-based identity authentication method provided by an embodiment of the present application. As shown in the figure, the method may include the following steps:
  • Step S101 Submit the identity identification data of the first blockchain node and a join request to the genesis block in the alliance chain, where the join request is used to instruct the genesis block to match the identity data according to the identity data
  • the first blockchain node performs identity authentication, and returns authentication passed information to the blockchain node after the identity authentication is passed, where the authentication passed information is used to indicate that the genesis block has based on the identity identification data Add the first blockchain node to the corresponding alliance chain organization.
  • Blockchain node A sends a join request to join the alliance chain to the alliance chain system. After the alliance chain system genesis block receives the join request, it acquires the identity identification data of the blockchain node A and records it with the alliance chain genesis block. The authentication rules are correct.
  • the identity identification data of the blockchain node A may be a digital certificate issued by a CA structure representing the membership of the alliance chain organization, and the node identification data may be placed in a digital certificate DN project or a custom digital certificate Extensions.
  • the identity identification data is extended item information in the digital certificate of the blockchain node.
  • the extended item information includes:
  • the name of the alliance chain indicates the alliance chain network to which the blockchain node belongs
  • the identity of the alliance chain organization indicates the alliance chain organization to which the blockchain node belongs
  • the name of the blockchain node indicates that the blockchain node is in the organization
  • the type of blockchain node indicates the type of transaction that the blockchain node can handle. For example, blockchain node A can perform payment transactions and blockchain node B can perform payment transactions.
  • other digital certificate extensions can also be added, as long as the information that can be used to explain the identity of the blockchain node can be used as an extension.
  • a legal CA organization cannot create a legal root CA without restriction, but there is no requirement for extension item information. Therefore, the identity identification data of the blockchain node is placed in the digital certificate extension. When an organization has multiple root CAs, only one digital certificate is required for the nodes in the organization.
  • This digital certificate extension can be Including the information of all root CAs to which this node belongs, which is beneficial to the management of blockchain nodes.
  • the genesis block performs identity authentication on the first blockchain node according to the identity identification data, including:
  • the name of the alliance chain in the identity identification data is the same as the name of the alliance chain corresponding to the genesis block, it is determined whether the identity identification data exists in the preset organization member list stored in the genesis block The logo of the China Alliance Chain Organization.
  • the genesis block performs identity authentication on the first blockchain node, which is the first identity authentication based on the alliance chain. Only after being authenticated by the genesis block can the first blockchain node be added to the alliance chain to which the genesis block belongs, and only if the first blockchain node is added to the alliance chain can it be linked to each block in the alliance chain Chain nodes perform data interaction.
  • Step S102 If the authentication passing information returned by the genesis block is received, monitor whether a communication request of the second blockchain node is received.
  • the first blockchain node After the genesis block passes the identity authentication of the first blockchain node, the first blockchain node can join the alliance chain to which the genesis block belongs, and then the first blockchain node can contact the alliance The other nodes in the chain, the second blockchain nodes, perform data interaction. However, before performing data interaction, the first blockchain node needs to perform identity authentication on the second blockchain node, that is, second identity authentication.
  • Step S103 If a communication request of the second blockchain node is received, acquire the identification data of the second blockchain node from the communication request, and according to the second blockchain node ID identification data of the second blockchain node for identity authentication.
  • the identity authentication of the second blockchain node according to the identity identification data of the second blockchain node includes:
  • S1031 Verify whether the name of the alliance chain in the extension item information of the second blockchain node is the same as the name of the alliance chain in the extension item information of the first blockchain node.
  • This step is used to verify whether the first blockchain node and the second blockchain node belong to the same alliance chain.
  • the verifying whether the name of the alliance chain in the extension item information of the second blockchain node is the same as the name of the alliance chain in the extension item information of the first blockchain node includes:
  • each character of the first character string is the same as the corresponding character in the second character string, it is determined that the name of the alliance chain and the first The name of the alliance chain in the expansion item information of a blockchain node is the same.
  • This step is used to verify whether the first blockchain node and the second blockchain node belong to the same alliance chain organization.
  • This step is used to verify whether the request behavior currently initiated by the second blockchain node is consistent with its own node behavior. For example, assuming that the node type of blockchain node B is a payment transaction, but blockchain node B initiates a payment transaction to blockchain node A, then the behavior of blockchain node B does not match its node type, it is not allowed transaction.
  • the judging whether the behavior of the node corresponding to the communication request conforms to the second blockchain node includes:
  • the request code exists in the behavior list, it is determined that the node behavior corresponding to the communication request conforms to the node behavior corresponding to the type of the blockchain node in the extension information of the second blockchain node.
  • the request information corresponding to the payment transaction is 002
  • the behavior list of the blockchain node B is only 001, indicating that the blockchain node B is not allowed to initiate payment transactions .
  • Step S104 If the identity authentication of the second blockchain node is passed, return the data corresponding to the communication request to the second blockchain node.
  • the embodiment of the present application submits identity identification data to the genesis block in the alliance chain through the first blockchain node and requests to join the alliance chain, so as to realize the authentication of the genesis block on the first blockchain node; After the block authentication is passed, the communication request of the second blockchain node in the alliance chain is monitored, and the identity authentication of the second blockchain node is performed according to the identity identification data of the second blockchain node to realize the first blockchain node Authentication of the second blockchain node; after the authentication is passed, the data is returned to the second blockchain node.
  • the data interaction between the first blockchain node and the second blockchain node can be realized after double authentication, which effectively improves the reliability of the identity authentication method based on the alliance chain.
  • FIG. 2 is a schematic diagram of an identity authentication device based on a federation chain provided by an embodiment of the present application. For ease of description, only parts related to the embodiment of the present application are shown.
  • the identity authentication device based on the alliance chain shown in FIG. 2 may be software built into an existing terminal device
  • the unit, the hardware unit, or the unit combining hardware and software may also be integrated into the terminal device as an independent pendant, or may exist as an independent terminal device.
  • the identity authentication device 2 based on the alliance chain includes:
  • the submitting unit 21 is configured to submit the identity identification data of the first blockchain node and a join request to the genesis block in the alliance chain, where the join request is used to instruct the genesis block according to the identity
  • the identification data performs identity authentication on the first blockchain node, and returns authentication passing information to the blockchain node after the identity authentication is passed, where the authentication passing information is used to indicate that the genesis block has
  • the identification data adds the first blockchain node to the corresponding alliance chain organization.
  • the monitoring unit 22 is configured to, if receiving the authentication passing information returned by the genesis block, monitor whether a communication request of the second blockchain node is received.
  • the authentication unit 23 is configured to obtain the identification data of the second blockchain node from the communication request if a communication request of the second blockchain node is received, and according to the second area
  • the identity identification data of the blockchain node authenticates the identity of the second blockchain node.
  • the return unit 24 is configured to return data corresponding to the communication request to the second blockchain node if the identity authentication of the second blockchain node is passed.
  • the identity identification data is extended item information in the digital certificate of the blockchain node.
  • the extended item information includes:
  • the authentication unit 23 includes:
  • the first verification module is configured to verify whether the name of the alliance chain in the extension item information of the second blockchain node is the same as the name of the alliance chain in the extension item information of the first blockchain node.
  • a second verification module configured to verify if the name of the alliance chain in the extension item information of the second blockchain node is the same as the name of the alliance chain in the extension item information of the first blockchain node Whether the identifier of the alliance chain organization in the extended item information of the second blockchain node exists in the preset organization member list stored in the genesis block.
  • a third verification module configured to determine the communication if the identity of the alliance chain organization in the extension item information of the second blockchain node exists in the preset organization member list stored in the genesis block Whether the corresponding node behavior of the request corresponds to the type of the blockchain node in the extension information of the second blockchain node Node behavior.
  • the first passing module is configured to: if the node behavior corresponding to the communication request matches the node behavior corresponding to the type of blockchain node in the extension item information of the second blockchain node, The identity authentication of the blockchain node is passed.
  • the first verification module includes:
  • a conversion submodule configured to convert the name of the alliance chain in the extension item information of the first blockchain node into a first character string, and convert the alliance item information in the extension item information of the second blockchain node The name of the chain is converted to the second string.
  • a comparison submodule configured to compare each character in the first character string with the corresponding character in the second character string, respectively.
  • a first determination submodule configured to determine the extension item information of the second blockchain node if each character of the first character string is the same as the corresponding character in the second character string
  • the name of the alliance chain is the same as the name of the alliance chain in the expansion item information of the first blockchain node.
  • the third verification submodule includes:
  • an acquisition submodule configured to acquire a behavior list corresponding to the type of the blockchain node in the extension item information of the second blockchain node, and acquire the request code included in the communication request.
  • a search submodule configured to search whether the request code exists in the behavior list.
  • a second determination submodule configured to determine that the behavior of the node corresponding to the communication request conforms to the blockchain in the extension item information of the second blockchain node if the request code exists in the behavior list The node behavior corresponding to the type of node.
  • the submission unit 21 includes:
  • the first judgment module is used to judge whether the name of the alliance chain in the identity identification data is the same as the name of the alliance chain corresponding to the genesis block.
  • a second judgment module for judging the list of preset organization members stored in the genesis block if the name of the alliance chain in the identity identification data is the same as the name of the alliance chain corresponding to the genesis block Whether the ID of the alliance chain organization in the ID data exists in.
  • a second passing module is used to authenticate the identity of the first blockchain node if the identity of the alliance chain organization in the identity identification data exists in the preset organization member list stored in the genesis block by.
  • the above integrated unit may use hardware It can also be implemented in the form of software functional units.
  • the specific names of the functional units and modules are only for the purpose of distinguishing each other, and are not used to limit the protection scope of the present application.
  • FIG. 3 is a schematic diagram of a terminal device provided by an embodiment of the present application.
  • the terminal device 3 of this embodiment includes: a processor 30, a memory 31, and computer-readable instructions 32 stored in the memory 31 and executable on the processor 30.
  • the processor 30 executes the computer-readable instruction 32
  • the steps in the above embodiments of the alliance chain-based identity authentication method are implemented, for example, steps S101 to S104 shown in FIG. 1.
  • the processor 30 executes the computer-readable instructions 32
  • the functions of the modules/units in the foregoing device embodiments are realized, for example, the functions of the modules 21 to 24 shown in FIG. 2.
  • the computer-readable instructions 32 may be divided into one or more modules/units, the one or more modules/units are stored in the memory 31, and are processed by the processor 30 execute to complete this application.
  • the one or more modules/units may be an instruction segment of a series of computer-readable instructions capable of performing specific functions, and the instruction segment is used to describe the execution process of the 32 in the terminal device 3.
  • the computer-readable instruction 32 may be divided into a submission unit, a monitoring unit, an authentication unit, and a return unit. The specific functions of each unit are as follows:
  • the submission unit is used to submit the identity identification data of the first blockchain node and a join request to the genesis block in the alliance chain, where the join request is used to instruct the genesis block according to the identity
  • the data authenticates the identity of the first blockchain node, and returns the authentication passed information to the blockchain node after the identity authentication is passed, where the authentication passed information is used to indicate that the genesis block has based on the identity
  • the identification data adds the first blockchain node to the corresponding alliance chain organization.
  • a monitoring unit configured to monitor whether the received authentication information returned by the genesis block is received The communication request of the second blockchain node.
  • the authentication unit is configured to, if a communication request of the second blockchain node is received, acquire the identification data of the second blockchain node from the communication request, and according to the second block The identity identification data of the chain node authenticates the identity of the second blockchain node.
  • a returning unit configured to return data corresponding to the communication request to the second blockchain node if the identity authentication of the second blockchain node is passed.
  • the identity identification data is extended item information in the digital certificate of the blockchain node.
  • the extended item information includes:
  • the authentication unit includes:
  • the first verification module is used to verify whether the name of the alliance chain in the extension item information of the second blockchain node is the same as the name of the alliance chain in the extension item information of the first blockchain node.
  • a second verification module configured to verify if the name of the alliance chain in the extension item information of the second blockchain node is the same as the name of the alliance chain in the extension item information of the first blockchain node Whether the identifier of the alliance chain organization in the expansion item information of the second blockchain node exists in the list of preset organization members stored in the genesis block.
  • a third verification module configured to determine the communication if the identity of the alliance chain organization in the extension item information of the second blockchain node exists in the preset organization member list stored in the genesis block Whether the corresponding node behavior of the request conforms to the node behavior corresponding to the type of the blockchain node in the extension item information of the second blockchain node.
  • a first passing module configured to: if the node behavior corresponding to the communication request matches the node behavior corresponding to the type of blockchain node in the extension item information of the second blockchain node, The identity authentication of the blockchain node is passed.
  • the first verification module includes:
  • a conversion submodule configured to convert the name of the alliance chain in the extension item information of the first blockchain node into a first character string, and convert the alliance item information in the extension item information of the second blockchain node The name of the chain is converted to the second string.
  • a comparison sub-module for respectively comparing each character in the first character string with the second character string The characters should be compared.
  • a first determination submodule configured to determine the extension item information of the second blockchain node if each character of the first character string is the same as the corresponding character in the second character string
  • the name of the alliance chain is the same as the name of the alliance chain in the expansion item information of the first blockchain node.
  • the third verification submodule includes:
  • an acquisition submodule configured to acquire a behavior list corresponding to the type of the blockchain node in the extension item information of the second blockchain node, and acquire the request code included in the communication request.
  • a search submodule configured to search whether the request code exists in the behavior list.
  • a second determination sub-module for determining that the behavior of the node corresponding to the communication request complies with the blockchain in the extension item information of the second blockchain node if the request code exists in the behavior list The node behavior corresponding to the type of node.
  • the submission unit includes:
  • the first judgment module is used to judge whether the name of the alliance chain in the identity identification data is the same as the name of the alliance chain corresponding to the genesis block.
  • a second judgment module for judging the list of preset organization members stored in the genesis block if the name of the alliance chain in the identity identification data is the same as the name of the alliance chain corresponding to the genesis block Whether the ID of the alliance chain organization in the ID data exists in.
  • a second pass module for identifying the identity of the first blockchain node if the identity of the alliance chain organization in the identity identification data exists in the preset organization member list stored in the genesis block by.
  • the terminal device 3 may be a computing device such as a desktop computer, a notebook, a palmtop computer and a cloud server.
  • the terminal device may include, but is not limited to, the processor 30 and the memory 31.
  • FIG. 3 is only an example of the terminal device 3, and does not constitute a limitation on the terminal device 3, and may include more or less components than the illustration, or a combination of certain components, or different components.
  • the terminal device may further include an input and output device, a network access device, a bus, and so on.
  • the processor 30 may be a central processing unit (Central Processing Unit, CPU), or may be other general-purpose processors, digital signal processors (Digital Signal Processor, DSP), and application specific integrated circuits (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array
  • CPU Central Processing Unit
  • DSP Digital Signal Processor
  • ASIC Application Specific Integrated Circuit
  • the general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
  • the memory 31 may be an internal storage unit of the terminal device 3, such as a hard disk or a memory of the terminal device 3.
  • the memory 31 may also be an external storage device of the terminal device 3, for example, a plug-in hard disk equipped on the terminal device 3, a smart memory card (Smart Media Card,
  • the memory 31 may also include both an internal storage unit of the terminal device 3 and an external storage device.
  • the memory 31 is used to store the computer-readable instructions and other programs and data required by the terminal device.
  • the memory 31 can also be used to temporarily store data that has been or will be output.
  • the disclosed device/terminal device and method may be implemented in other ways.
  • the device/terminal device embodiments described above are only schematic.
  • the division of the module or unit is only a logical function division, and in actual implementation, there may be another division manner, such as multiple units Or components can be combined or integrated into another system, or some features can be ignored, or not implemented.
  • the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
  • each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit.
  • the above integrated unit may be implemented in the form of hardware, or in the form of a software functional unit.
  • the integrated module/unit is implemented in the form of a software functional unit and sold or used as an independent product, it may be stored in a computer-readable storage medium.
  • the present application implements all or part of the processes in the methods of the foregoing embodiments, and can also be completed by instructing relevant hardware through computer-readable instructions, which can be stored in a computer-readable storage medium
  • the computer readable instructions include computer readable instruction codes
  • the computer readable instruction codes may be in source code form, object code form, executable file or some intermediate form, etc.
  • the computer-readable medium may include: any entity or device capable of carrying the computer-readable instruction code, a recording medium, a USB flash drive, a mobile hard disk, a magnetic disk, an optical disc, a computer memory, a read-only memory (R OM, Read- Only Memory), Random Access Memory (RAM, Random Access Memory), electrical carrier signals, telecommunication signals, and software distribution media.
  • R OM Read- Only Memory
  • RAM Random Access Memory
  • electrical carrier signals telecommunication signals
  • software distribution media software distribution media.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

La présente invention peut s'appliquer au domaine technique des chaînes de blocs. L'invention concerne un procédé d'authentification d'identité basé sur une chaîne d'alliance, et un dispositif terminal. Le procédé comprend les étapes suivantes : soumettre des données d'identification d'identité et une demande d'ajout d'un premier noeud de chaîne de blocs à un bloc de genèse dans une chaîne d'alliance ; si des informations de réussite d'authentification renvoyées par le bloc de genèse sont reçues, surveiller si une demande de communication d'un second noeud de chaîne de blocs est reçue ; si la demande de communication du second noeud de chaîne de blocs est reçue, acquérir des données d'identification d'identité du second noeud de chaîne de blocs à partir de la demande de communication, et effectuer une authentification d'identité sur le second noeud de chaîne de blocs selon les données d'identification d'identité du second noeud de chaîne de blocs ; et si l'authentification d'identité effectuée sur le second noeud de chaîne de blocs est réussie, renvoyer des données correspondant à la demande de communication au second noeud de chaîne de blocs. Au moyen du procédé, la fiabilité du procédé d'authentification d'identité basé sur une chaîne d'alliance est efficacement améliorée.
PCT/CN2019/122453 2018-12-14 2019-12-02 Procédé d'authentification d'identité basé sur une chaîne d'alliance, et dispositif terminal WO2020119506A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811529919.4A CN109815657B (zh) 2018-12-14 2018-12-14 基于联盟链的身份认证方法、装置、计算机可读存储介质及终端设备
CN201811529919.4 2018-12-14

Publications (1)

Publication Number Publication Date
WO2020119506A1 true WO2020119506A1 (fr) 2020-06-18

Family

ID=66602943

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/122453 WO2020119506A1 (fr) 2018-12-14 2019-12-02 Procédé d'authentification d'identité basé sur une chaîne d'alliance, et dispositif terminal

Country Status (2)

Country Link
CN (1) CN109815657B (fr)
WO (1) WO2020119506A1 (fr)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112633878A (zh) * 2020-08-31 2021-04-09 上海添玑网络服务有限公司 一种不动产联盟链终端应用平台及应用方法
CN112733121A (zh) * 2021-01-13 2021-04-30 京东数科海益信息科技有限公司 数据获取方法、装置、设备及存储介质
CN113225736A (zh) * 2021-03-24 2021-08-06 湖南宸瀚信息科技有限责任公司 无人机集群节点认证方法、装置、存储介质及处理器
CN113972991A (zh) * 2020-07-23 2022-01-25 南京理工大学 一种基于多级联盟链的跨域身份认证方法
CN114095246A (zh) * 2021-11-18 2022-02-25 国网河北省电力有限公司电力科学研究院 配电终端的入网身份认证方法
CN115601053A (zh) * 2022-12-16 2023-01-13 山东浪潮质量链科技有限公司(Cn) 一种背对背原产地证明安全可信防护方法及设备

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109815657B (zh) * 2018-12-14 2022-10-28 深圳壹账通智能科技有限公司 基于联盟链的身份认证方法、装置、计算机可读存储介质及终端设备
CN110177109B (zh) * 2019-06-04 2020-05-12 北京理工大学 一种基于标识密码和联盟链的双代理跨域认证系统
CN110278255B (zh) * 2019-06-13 2021-10-15 深圳前海微众银行股份有限公司 一种基于区块链的物联网iot设备间通信的方法及装置
CN112003703B (zh) 2019-06-28 2023-08-22 创新先进技术有限公司 一种跨链发送可认证消息的方法和装置
CN110430235B (zh) * 2019-06-28 2020-11-03 创新先进技术有限公司 跨链发送可认证消息的方法、装置、存储介质和计算设备
US11356282B2 (en) 2019-06-28 2022-06-07 Advanced New Technologies Co., Ltd. Sending cross-chain authenticatable messages
US11251966B2 (en) 2019-06-28 2022-02-15 Advanced New Technologies Co., Ltd. Sending cross-chain authenticatable messages
CN110602051B (zh) * 2019-08-15 2022-03-29 深圳壹账通智能科技有限公司 基于共识协议的信息处理方法及相关装置
CN110620776B (zh) * 2019-09-24 2021-11-26 腾讯科技(深圳)有限公司 一种数据转移信息传输方法及其装置
CN113206817B (zh) * 2020-02-03 2022-07-12 中移物联网有限公司 一种设备连接确认方法和区块链网络
CN111294356B (zh) * 2020-02-11 2022-09-06 深圳壹账通智能科技有限公司 基于区块链的组织节点上链方法和系统
CN111737707B (zh) * 2020-05-14 2022-09-27 云南云烁巴克云科技有限公司 基于区块链的验证包生成、验证方法、服务器和电子设备
CN111985929A (zh) * 2020-09-03 2020-11-24 深圳壹账通智能科技有限公司 区块链中的交易验证方法、装置、节点设备及存储介质
CN112287361A (zh) * 2020-09-11 2021-01-29 杭州鸽子蛋网络科技有限责任公司 数据治理方法、系统、电子设备和存储介质
CN112861090B (zh) * 2021-03-18 2023-01-31 深圳前海微众银行股份有限公司 信息处理方法、装置、设备、存储介质及计算机程序产品
CN113114634A (zh) * 2021-03-24 2021-07-13 武汉卓尔信息科技有限公司 一种基于联盟链的可信数据管理方法及联盟链
CN114978529A (zh) * 2022-05-10 2022-08-30 平安国际智慧城市科技股份有限公司 基于区块链的身份核验方法及相关设备
CN114640475B (zh) * 2022-05-19 2022-09-06 广东省绿算技术有限公司 去中心化的身份认证方法、装置、计算机设备及存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050114447A1 (en) * 2003-10-24 2005-05-26 Kim Cameron Method and system for identity exchange and recognition for groups and group members
CN106789920A (zh) * 2016-11-25 2017-05-31 深圳前海微众银行股份有限公司 区块链的节点连接方法及装置
CN108389130A (zh) * 2018-03-02 2018-08-10 合肥学院 一种多交易模式联盟链
CN108416589A (zh) * 2018-03-08 2018-08-17 深圳前海微众银行股份有限公司 区块链节点的连接方法、系统及计算机可读存储介质
CN109815657A (zh) * 2018-12-14 2019-05-28 深圳壹账通智能科技有限公司 一种基于联盟链的身份认证方法及终端设备

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3472970A4 (fr) * 2016-06-17 2019-11-27 Weimer, Jonathan Systèmes de chaînes de blocs et procédés d'authentification d'utilisateur
CN107426157B (zh) * 2017-04-21 2020-04-17 杭州趣链科技有限公司 一种基于数字证书以及ca认证体系的联盟链权限控制方法
CN107592292B (zh) * 2017-07-26 2019-08-09 阿里巴巴集团控股有限公司 一种区块链节点间通信方法及装置
CN107733855B (zh) * 2017-08-31 2019-11-05 中国科学院信息工程研究所 一种可同时支持公有链、联盟链及私有链的区块链系统及应用方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050114447A1 (en) * 2003-10-24 2005-05-26 Kim Cameron Method and system for identity exchange and recognition for groups and group members
CN106789920A (zh) * 2016-11-25 2017-05-31 深圳前海微众银行股份有限公司 区块链的节点连接方法及装置
CN108389130A (zh) * 2018-03-02 2018-08-10 合肥学院 一种多交易模式联盟链
CN108416589A (zh) * 2018-03-08 2018-08-17 深圳前海微众银行股份有限公司 区块链节点的连接方法、系统及计算机可读存储介质
CN109815657A (zh) * 2018-12-14 2019-05-28 深圳壹账通智能科技有限公司 一种基于联盟链的身份认证方法及终端设备

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
JIANYI ZHAMG ET AL: "A Regulatable Digital Currency Model Based on Blockchain", JOURNAL OF COMPUTER RESEARCH AND DEVELOPMENT, vol. 55, no. 10, 15 October 2018 (2018-10-15), pages 2219 - 2232, XP009521511, ISSN: 1000-1239 *
WENTONG WANG ET AL: "BlockCAM: A Blockchain-based Cross-domain Authentication Model", 2018 IEEE THIRD INTERNATIONAL CONFERENCE ON DATA SCIENCE IN CYBERSPACE (DSC), 18 June 2018 (2018-06-18), pages 896 - 901, XP033375463, DOI: 10.1109/DSC.2018.00143 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113972991A (zh) * 2020-07-23 2022-01-25 南京理工大学 一种基于多级联盟链的跨域身份认证方法
CN112633878A (zh) * 2020-08-31 2021-04-09 上海添玑网络服务有限公司 一种不动产联盟链终端应用平台及应用方法
CN112733121A (zh) * 2021-01-13 2021-04-30 京东数科海益信息科技有限公司 数据获取方法、装置、设备及存储介质
CN113225736A (zh) * 2021-03-24 2021-08-06 湖南宸瀚信息科技有限责任公司 无人机集群节点认证方法、装置、存储介质及处理器
CN113225736B (zh) * 2021-03-24 2024-02-02 湖南宸瀚信息科技有限责任公司 无人机集群节点认证方法、装置、存储介质及计算机设备
CN114095246A (zh) * 2021-11-18 2022-02-25 国网河北省电力有限公司电力科学研究院 配电终端的入网身份认证方法
CN114095246B (zh) * 2021-11-18 2024-01-23 国网河北省电力有限公司电力科学研究院 配电终端的入网身份认证方法
CN115601053A (zh) * 2022-12-16 2023-01-13 山东浪潮质量链科技有限公司(Cn) 一种背对背原产地证明安全可信防护方法及设备
CN115601053B (zh) * 2022-12-16 2023-08-22 浪潮云洲工业互联网有限公司 一种背对背原产地证明安全可信防护方法及设备

Also Published As

Publication number Publication date
CN109815657A (zh) 2019-05-28
CN109815657B (zh) 2022-10-28

Similar Documents

Publication Publication Date Title
WO2020119506A1 (fr) Procédé d'authentification d'identité basé sur une chaîne d'alliance, et dispositif terminal
TWI741314B (zh) 基於區塊鏈的資料存證方法及裝置、電子設備
US11196772B2 (en) Data access policies
CN110543545B (zh) 基于区块链的档案管理方法、装置及存储介质
WO2018076763A1 (fr) Procédé et système de transaction sur chaîne de blocs, dispositif électronique et support d'informations
US11509655B2 (en) Authentication system and authentication method
WO2020155761A1 (fr) Procédé de connexion à de multiples grappes de services, appareil, dispositif informatique et support de stockage
TWI700606B (zh) 基於區塊鏈存證的識別證據真實性的方法、裝置及電腦設備
WO2021232590A1 (fr) Procédé et appareil de vérification d'utilisateur basés sur une chaîne privée, et dispositif informatique et support de stockage
CN111612600A (zh) 区块链拍卖方法、设备、存储介质及区块链系统
US11258771B2 (en) Systems and methods for sending user data from a trusted party to a third party using a distributed registry
US11190519B2 (en) Dock administration using a token
CN112837023A (zh) 机构的业务协同平台、方法、装置及电子设备
CN112712452A (zh) 基于区块链的审批信息处理方法和装置
CN111431908A (zh) 一种访问处理方法、装置及可读存储介质
JP7447127B2 (ja) 分散型台帳システムへのデータの記録の誤ったコピーの送信を防止する
US20150101059A1 (en) Application License Verification
WO2022052780A1 (fr) Procédé et appareil de vérification d'identité et dispositif et support de stockage
CN112037062A (zh) 交易共识方法、装置、电子设备及可读存储介质
WO2020119477A1 (fr) Procédé d'authentification d'identité utilisant une chaîne de blocs, et appareil terminal
CN110968632B (zh) 一种数据统一交换的方法与系统
CN112507395A (zh) 信息验证方法、系统、装置、服务器及介质
CN112286881A (zh) 一种文档的认证溯源方法及装置
WO2024217351A1 (fr) Procédé et appareil d'authentification d'identité basés sur une chaîne de blocs
US11941053B1 (en) Secure data interactions performed by an internet of things (IoT) device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19895578

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 29/09/2021)

122 Ep: pct application non-entry in european phase

Ref document number: 19895578

Country of ref document: EP

Kind code of ref document: A1