[go: up one dir, main page]

CN113194082B - Identity verification method based on block chain, block chain platform and operator platform - Google Patents

Identity verification method based on block chain, block chain platform and operator platform Download PDF

Info

Publication number
CN113194082B
CN113194082B CN202110455089.0A CN202110455089A CN113194082B CN 113194082 B CN113194082 B CN 113194082B CN 202110455089 A CN202110455089 A CN 202110455089A CN 113194082 B CN113194082 B CN 113194082B
Authority
CN
China
Prior art keywords
user
private key
information
application program
block chain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110455089.0A
Other languages
Chinese (zh)
Other versions
CN113194082A (en
Inventor
田新雪
蒙睿
肖征荣
马书惠
杨子文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN202110455089.0A priority Critical patent/CN113194082B/en
Publication of CN113194082A publication Critical patent/CN113194082A/en
Application granted granted Critical
Publication of CN113194082B publication Critical patent/CN113194082B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present disclosure provides an identity verification method, a block chain platform and an operator platform based on a block chain, wherein the method comprises: receiving an identity authentication request sent by a server of a first application program, and acquiring a private key in the identity authentication request; responding to a public key and a private key signature corresponding to the private key which are inquired in the block chain account book, and sending a verification request carrying the private key to an operator platform; and responding to the received verification passing message carrying the user digital identity information returned by the operator platform, and sending the verification passing message carrying the user digital identity information to the server of the first application program. Anonymous login is realized, and the digital identity information of the user is ensured not to be tampered. The method has the advantages that the safety and controllability in the authorized login scene are greatly improved, the privacy and safety of the personal information of the user are protected, meanwhile, a convenient and efficient mode is provided for the user to register and login a new application program, the user experience is improved, and the application of the block chain technology is promoted.

Description

基于区块链的身份验证方法、区块链平台及运营商平台Block chain-based authentication method, block chain platform and operator platform

技术领域technical field

本公开属于通信技术领域,具体涉及一种基于区块链的身份验证方法、区块链平台及运营商平台。The disclosure belongs to the field of communication technology, and specifically relates to a blockchain-based identity verification method, a blockchain platform, and an operator platform.

背景技术Background technique

调查显示,80%的人不喜欢网页注册的繁琐过程,35%的在线购物者因为没有账户放弃了他们的购物车。一项调查表明,截止到2020 年,我们将拥有超过200个数字账户。现阶段,我们每个人都有很多个账号,登录各种各样的网站,注册各种各样的应用程序。随着而来就是用户隐私被无限的扩散,每天接到各种各样的骚扰电话,更有甚者因为用户隐私泄露而导致财产损失。Surveys show that 80% of people don't like the cumbersome process of web registration, and 35% of online shoppers abandon their shopping carts because they don't have an account. According to a survey, by 2020, we will have more than 200 digital accounts. At this stage, each of us has many accounts, logs in to various websites, and registers in various applications. Then comes the unlimited proliferation of user privacy, receiving all kinds of harassing calls every day, and what's more, the leakage of user privacy leads to property losses.

对此情况,现有的技术主要是通过社交媒体来进行登录,利用第三方授权机制,采用OAuth 2.0协议完成的。OAuth 2.0协议关注客户端开发者的简易性,要么通过组织在资源拥有者和HTTP (HyperText Transfer Protocol,超文本传输协议)服务商之间的被批准的交互动作代表用户,要么允许第三方应用代表用户获得访问的权限。协议同时为Web应用,桌面应用和手机,和起居室设备提供专门的认证流程。2012年10月,OAuth 2.0协议正式发布为RFC 6749。像我们常用的微信,支付宝登录都是采用OAuth 2.0协议完成的。以微信为例,在进行微信OAuth2.0授权登录接入之前,在微信开放平台注册开发者帐号,并拥有一个已审核通过的移动应用,并获得相应的应用账号和密码,申请微信登录且通过审核后,可开始接入流程。用户登录其他应用程序时,会显示微信登录按钮,如果用户手机没有安装微信则会提示安装微信客户端。具体步骤如下:In this case, the existing technology is mainly to log in through social media, using a third-party authorization mechanism, and using the OAuth 2.0 protocol to complete. The OAuth 2.0 protocol focuses on the simplicity of client developers, either by organizing approved interactions between resource owners and HTTP (HyperText Transfer Protocol) service providers on behalf of users, or by allowing third-party applications to represent The user is granted access. The protocol also provides dedicated authentication processes for web applications, desktop applications and mobile, and living room devices. In October 2012, the OAuth 2.0 protocol was officially published as RFC 6749. Like our commonly used WeChat, Alipay login is completed using the OAuth 2.0 protocol. Taking WeChat as an example, before performing WeChat OAuth2.0 authorized login access, register a developer account on the WeChat open platform, have a mobile application that has been approved, and obtain the corresponding application account and password, apply for WeChat login and pass After review, the admission process can begin. When the user logs in to other applications, the WeChat login button will be displayed. If the user's mobile phone does not have WeChat installed, it will prompt to install the WeChat client. Specific steps are as follows:

1.第三方的服务器发起微信授权登录请求,微信用户允许授权第三方应用后,微信的服务器会拉起应用或重定向到第三方网站,并且带上授权临时票据code参数;1. The third-party server initiates a WeChat authorization login request. After the WeChat user authorizes the third-party application, the WeChat server will launch the application or redirect to the third-party website with the authorization temporary ticket code parameter;

2.第三方的服务器通过code参数加上账号和密码等,通过API 换取access_token;2. The third-party server adds the account number and password through the code parameter, and exchanges the access_token through the API;

3.第三方的服务器通过access_token进行接口调用,获取用户基本数据资源或帮助用户实现基本操作。3. The third-party server calls the interface through the access_token to obtain the user's basic data resources or help the user to implement basic operations.

这些步骤对于用户来说,只是简单地点几下按钮就可以完成操作,省去了注册用户的一系列流程,所以在现阶段应用非常广泛。社交媒体账户登录已经成为替代在线注册的主流选择。这个过程让互联网用户使用单点登录,使用平台中现存信息,比如微信,支付宝等。其中主要使用的是OAuth2.0方案。该方案虽然有很多优势,例如简单,开放及安全。但是该方案也是存在不少弊端,例如在安全性上面存在一定的漏洞。2016年11月,中国的香港中文大学的三名研究人员发表文章称,“使用OAuth 2.0协议可以毫不费力地登录十亿移动应用程序账户”。研究人员发现通过第三方应用,错误地使用OAuth 2.0协议,能在用户不知情的情况下,被黑客远程利用。For users, these steps can be completed by simply clicking a few buttons, which saves a series of procedures for registering users, so it is widely used at this stage. Social media account logins have become a mainstream alternative to online registration. This process allows Internet users to use single sign-on and use existing information in the platform, such as WeChat, Alipay, etc. Among them, the OAuth2.0 scheme is mainly used. Although the program has many advantages, such as simplicity, openness and security. However, this solution also has many disadvantages, such as certain loopholes in security. In November 2016, three researchers from the Chinese University of Hong Kong in China published an article stating that "one billion mobile application accounts can be logged in effortlessly using the OAuth 2.0 protocol." Researchers have found that third-party applications that incorrectly use the OAuth 2.0 protocol can be remotely exploited by hackers without the user's knowledge.

此外,用户的个人信息如何被保护也是重中之重。企业都尽全力去保护用户的个人信息,但是成本昂贵。根据用户注意力市场营销解决方案提供商Ctrl-Shift表示,英国身份确认成本超过每年33亿英镑,等同于220亿美元。这还不包括由储存、保护、违约、管理等行为导致的成本。In addition, how to protect users' personal information is also a top priority. Enterprises try their best to protect users' personal information, but the cost is expensive. According to Ctrl-Shift, a provider of user attention marketing solutions, the cost of identity verification in the UK exceeds £3.3 billion a year, equivalent to $22 billion. This does not include the costs incurred by storage, protection, default, management, etc.

发明内容Contents of the invention

本公开针对现有技术中存在的上述不足,提供一种基于区块链的身份验证方法、区块链平台及运营商平台。Aiming at the above-mentioned deficiencies in the prior art, the present disclosure provides a blockchain-based identity verification method, a blockchain platform, and an operator platform.

作为本公开的第一个方面,提供一种基于区块链的身份验证方法,包括:As a first aspect of the present disclosure, a blockchain-based authentication method is provided, including:

接收第一应用程序的服务器发送的身份验证请求,并获取其中的私钥,所述身份验证请求是所述第一应用程序的服务器向第二应用程序的服务器发送授权登录请求,在第一应用程序的服务器接收到第二应用程序的服务器返回的用户授权登录消息,并从所述用户的终端设备获取所述私钥之后发送的;Receive the identity verification request sent by the server of the first application program, and obtain the private key therein. The identity verification request is that the server of the first application program sends an authorized login request to the server of the second application program. The server of the program receives the user authorization login message returned by the server of the second application program, and obtains the private key from the user's terminal device and then sends it;

响应于在区块链账本中查询到所述私钥对应的公钥和私钥签名,向运营商平台发送携带所述私钥的验证请求;In response to querying the public key and private key signature corresponding to the private key in the blockchain account book, sending a verification request carrying the private key to the operator platform;

响应于接收到所述运营商平台返回的携带用户数字身份信息的验证通过消息,向所述第一应用程序的服务器发送携带所述用户数字身份信息的身份验证通过消息。In response to receiving the verification passed message carrying the user's digital identity information returned by the operator platform, sending the identity verification passed message carrying the user's digital identity information to the server of the first application program.

优选地,所述方法还包括:Preferably, the method also includes:

响应于接收到区块链中的运营商平台广播的公钥和私钥签名,将所述公钥和所述私钥签名保存在区块链账本中。In response to receiving the public key and the private key signature broadcast by the operator platform in the block chain, the public key and the private key signature are saved in the block chain ledger.

作为本公开的第二个方面,提供一种基于区块链的身份验证方法,包括:As a second aspect of the present disclosure, a blockchain-based authentication method is provided, including:

接收区块链平台发送的验证请求,并获取其中的私钥;Receive the verification request sent by the blockchain platform and obtain the private key;

响应于在本地查询出所述私钥对应的用户数字身份信息,向所述区块链平台发送携带所述用户数字身份信息的验证通过消息。In response to locally querying the user's digital identity information corresponding to the private key, a verification pass message carrying the user's digital identity information is sent to the blockchain platform.

优选地,所述方法还包括:Preferably, the method also includes:

响应于监测到用户登录归属于本运营商平台的应用程序,在本地获取所述用户的用户信息,并根据所述用户信息生成所述用户数字身份信息;In response to detecting that the user logs in to an application program belonging to the operator platform, locally obtain the user information of the user, and generate the user digital identity information according to the user information;

生成与所述用户数字身份信息对应的私钥和公钥;Generate a private key and a public key corresponding to the user's digital identity information;

根据所述私钥和所述用户信息生成所述私钥签名;generating the private key signature according to the private key and the user information;

将所述私钥发送至所述用户的终端设备,并在区块链中广播所述公钥和所述私钥签名。Send the private key to the user's terminal device, and broadcast the signature of the public key and the private key in the block chain.

优选地,所述根据所述用户信息生成所述用户数字身份信息,包括:Preferably, said generating said user digital identity information according to said user information includes:

计算所述用户信息的哈希值,并将所述哈希值作为默克尔树的叶子节点信息;Calculate the hash value of the user information, and use the hash value as the leaf node information of the Merkle tree;

根据所述叶子节点信息计算默克尔树的根节点信息,并将所述根节点信息确定为所述用户数字身份信息。calculating the root node information of the Merkle tree according to the leaf node information, and determining the root node information as the user digital identity information.

作为本公开的第三个方面,提供一种区块链平台,包括:As a third aspect of the present disclosure, a blockchain platform is provided, including:

接收模块,用于接收第一应用程序的服务器发送的身份验证请求,所述身份验证请求是所述第一应用程序的服务器向第二应用程序的服务器发送授权登录请求,在第一应用程序的服务器接收到第二应用程序的服务器返回的用户授权登录消息,并从所述用户的终端设备获取所述私钥之后发送的;The receiving module is configured to receive the identity verification request sent by the server of the first application program. The identity verification request is that the server of the first application program sends an authorization login request to the server of the second application program. The server receives the user authorization login message returned by the server of the second application program, and sends it after obtaining the private key from the user's terminal device;

获取模块,用于获取所述身份验证请求中的私钥;An acquisition module, configured to acquire the private key in the identity verification request;

发送模块,用于响应于在区块链账本中查询到所述私钥对应的公钥和私钥签名,向运营商平台发送携带所述私钥的验证请求;响应于接收到所述运营商平台返回的携带用户数字身份信息的验证通过消息,向所述第一应用程序的服务器发送携带所述用户数字身份信息的身份验证通过消息。A sending module, configured to send a verification request carrying the private key to the operator platform in response to querying the public key and private key signature corresponding to the private key in the blockchain ledger; The verification pass message carrying the user's digital identity information returned by the platform sends the identity verification pass message carrying the user's digital identity information to the server of the first application program.

优选地,还包括:Preferably, it also includes:

保存模块,用于响应于接收到区块链中的运营商平台广播的公钥和私钥签名,将所述公钥和所述私钥签名保存在区块链账本中。The storage module is configured to save the public key and the private key signature in the blockchain account book in response to receiving the public key and the private key signature broadcast by the operator platform in the blockchain.

作为本公开的第四个方面,提供一种运营商平台,包括:As a fourth aspect of the present disclosure, an operator platform is provided, including:

接收模块,用于接收区块链平台发送的验证请求;The receiving module is used to receive the verification request sent by the blockchain platform;

第一获取模块,用于获取验证请求中的私钥;The first obtaining module is used to obtain the private key in the verification request;

发送模块,用于响应于在本地查询出所述私钥对应的用户数字身份信息,向所述区块链平台发送携带所述用户数字身份信息的验证通过消息。A sending module, configured to send a verification pass message carrying the user digital identity information to the blockchain platform in response to locally querying the user digital identity information corresponding to the private key.

优选地,还包括:Preferably, it also includes:

第二获取模块,用于响应于监测到用户登录归属于本运营商平台的应用程序,在本地获取所述用户的用户信息;The second obtaining module is used to obtain the user information of the user locally in response to monitoring that the user logs in to the application program belonging to the operator platform;

第一生成模块,用于根据所述用户信息生成所述用户数字身份信息;A first generating module, configured to generate the user digital identity information according to the user information;

第二生成模块,用于生成与所述用户数字身份信息对应的私钥和公钥;A second generating module, configured to generate a private key and a public key corresponding to the user's digital identity information;

第三生成模块,用于根据所述私钥和所述用户信息生成所述私钥签名;A third generating module, configured to generate the private key signature according to the private key and the user information;

发送模块,用于将所述私钥发送至所述用户的终端设备;a sending module, configured to send the private key to the user's terminal device;

广播模块,用于在区块链中广播所述公钥和所述私钥签名。The broadcast module is used to broadcast the signature of the public key and the private key in the block chain.

优选地,所述第一生成模块,具体用于:Preferably, the first generating module is specifically used for:

计算所述用户信息的哈希值,并将所述哈希值作为默克尔树的叶子节点信息;Calculate the hash value of the user information, and use the hash value as the leaf node information of the Merkle tree;

根据所述叶子节点信息计算默克尔树的根节点信息,并将所述根节点信息确定为所述用户数字身份信息。calculating the root node information of the Merkle tree according to the leaf node information, and determining the root node information as the user digital identity information.

本公开实施例提供的基于区块链的身份验证方法,当区块链平台接收到第一应用程序的服务器发送的身份验证请求,若在区块链账本中查询出与私钥对应的公钥和私钥签名,并且通过运营商平台查询到该用户的用户数字身份信息,说明该用户预先在运营商平台注册用户数字身份信息,对用户身份验证通过,向第一应用程序的服务器发送携带用户数字身份信息的身份验证通过消息,从而实现匿名登录。结合区块链来对用户进行身份验证,确保用户数字身份信息不被篡改。对于授权登录的场景中安全性和可控性方面有了较大的提升,保护了用户的个人信息的隐私安全的同时,为用户注册和登录新的应用程序也提供了便捷高效的方式,提升了用户体验,推动了区块链技术的应用。In the blockchain-based identity verification method provided by the embodiments of the present disclosure, when the blockchain platform receives the identity verification request sent by the server of the first application program, if the public key corresponding to the private key is found in the blockchain ledger Sign with the private key, and query the user's digital identity information through the operator platform, indicating that the user has registered the user's digital identity information on the operator platform in advance, and the user identity verification is passed, and the server of the first application program sends a Authentication of digital identity information through messages, enabling anonymous logins. Combining blockchain to authenticate users to ensure that user digital identity information is not tampered with. The security and controllability of authorized login scenarios have been greatly improved. While protecting the privacy and security of users' personal information, it also provides a convenient and efficient way for users to register and log in to new applications. It improves the user experience and promotes the application of blockchain technology.

附图说明Description of drawings

图1为本公开实施例提供的区块链平台侧的一种基于区块链的身份验证方法的流程图;FIG. 1 is a flow chart of a blockchain-based identity verification method on the blockchain platform side provided by an embodiment of the present disclosure;

图2为本公开实施例提供的运营商平台侧的一种基于区块链的身份验证方法的流程图;FIG. 2 is a flow chart of a blockchain-based identity verification method on the operator platform side provided by an embodiment of the present disclosure;

图3为本公开实施例提供的运营商平台侧的一种基于区块链的身份验证方法的另一流程图;FIG. 3 is another flow chart of a blockchain-based identity verification method on the operator platform side provided by an embodiment of the present disclosure;

图4为本公开实施例提供的图3中步骤S302的一种可选实施方式;FIG. 4 is an optional implementation manner of step S302 in FIG. 3 provided by an embodiment of the present disclosure;

图5为本公开实施例提供的一种区块链平台的结构示意图;FIG. 5 is a schematic structural diagram of a blockchain platform provided by an embodiment of the present disclosure;

图6为本公开实施例提供的一种运营商平台的结构示意图。Fig. 6 is a schematic structural diagram of an operator platform provided by an embodiment of the present disclosure.

具体实施方式Detailed ways

为使本领域技术人员更好地理解本发明的技术方案,下面结合附图和具体实施方式对本发明作进一步详细描述。In order to enable those skilled in the art to better understand the technical solutions of the present invention, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

为了解决授权登录的场景中OAuth2.0方案缺乏安全性的问题,以及如何减少用户的个人信息保护的成本的问题。本公开提供一种基于区块链的身份验证方法、区块链平台及运营商平台。以下分别结合本公开提供的实施例的附图逐一进行详细说明。In order to solve the problem of lack of security in the OAuth2.0 scheme in the scenario of authorized login, and how to reduce the cost of protecting the user's personal information. The disclosure provides a blockchain-based identity verification method, a blockchain platform, and an operator platform. The following will be described in detail one by one with reference to the drawings of the embodiments provided in the present disclosure.

图1示出本公开实施例提供的区块链平台侧的基于区块链的身份验证方法的流程图。如图1所示,本实施例提供的基于区块链的身份验证方法包括以下步骤。FIG. 1 shows a flow chart of a blockchain-based identity verification method provided by an embodiment of the present disclosure on the blockchain platform side. As shown in Figure 1, the blockchain-based identity verification method provided by this embodiment includes the following steps.

步骤S101,接收第一应用程序的服务器发送的身份验证请求。Step S101, receiving an identity verification request sent by a server of a first application program.

步骤S102,获取身份验证请求中的私钥。Step S102, obtaining the private key in the identity verification request.

步骤S103,响应于在区块链账本中查询到私钥对应的公钥和私钥签名,向运营商平台发送携带私钥的验证请求。Step S103, in response to querying the public key and private key signature corresponding to the private key in the blockchain ledger, send a verification request carrying the private key to the operator platform.

步骤S104,响应于接收到运营商平台返回的携带用户数字身份信息的验证通过消息,向第一应用程序的服务器发送携带用户数字身份信息的身份验证通过消息。Step S104, in response to receiving the verification passed message carrying the user's digital identity information returned by the operator platform, sending an identity verification passed message carrying the user's digital identity information to the server of the first application program.

其中,所述身份验证请求是第一应用程序的服务器向第二应用程序的服务器发送授权登录请求,在第一应用程序的服务器接收到第二应用程序的服务器返回的用户授权登录消息,并从用户的终端设备获取私钥之后发送的。第一应用程序是用户需要登录的应用程序,第一应用程序预先在运营商平台中注册过,第二应用程序是用户登录第一应用程序时跳转的授权登录平台(例如,微信可以授权登录其他应用程序)。具体的,第一应用程序的服务器向第二应用程序的服务器发送授权登录请求,第二应用程序的服务器重定向到第二应用程序的地址,在用户点击授权登录的控件(是否允许登录第一应用程序,是否允许第一应用程序使用用户的个人信息等)或者输入在第二应用程序的账号和密码之后,第二应用程序的服务器重定向到第一应用程序的地址,并且第一应用程序的服务器从用户的终端设备获取该终端设备预先存储的私钥。Wherein, the identity verification request is that the server of the first application program sends an authorization login request to the server of the second application program, and the server of the first application program receives the user authorization login message returned by the server of the second application program, and sends the request from the server of the second application program It is sent after the user's terminal device obtains the private key. The first application program is the application program that the user needs to log in. The first application program is pre-registered on the operator platform, and the second application program is the authorized login platform that the user jumps to when logging in to the first application program (for example, WeChat can authorize login other applications). Specifically, the server of the first application program sends an authorization login request to the server of the second application program, and the server of the second application program redirects to the address of the second application program. application, whether to allow the first application to use the user's personal information, etc.) or after entering the account number and password of the second application, the server of the second application redirects to the address of the first application, and the first application The server obtains the private key pre-stored in the terminal device from the user's terminal device.

本公开实施例提供的基于区块链的身份验证方法,运营商平台预先为用户创建用户数字身份信息,以替代用户真实的账号信息,区块链平台的区块链账本中预先存储与用户数字身份信息对应的私钥,以及与私钥对应的公钥和私钥签名。当区块链平台接收到第一应用程序的服务器发送的身份验证请求,若在区块链账本中查询出与私钥对应的公钥和私钥签名,并且通过运营商平台查询到该用户的用户数字身份信息,说明该用户预先在运营商平台注册用户数字身份信息,对用户身份验证通过,向第一应用程序的服务器发送携带用户数字身份信息的身份验证通过消息。In the blockchain-based identity verification method provided by the embodiments of the present disclosure, the operator platform creates user digital identity information for the user in advance to replace the user's real account information, and the blockchain ledger of the blockchain platform pre-stores the user digital identity information. The private key corresponding to the identity information, and the public key and private key signature corresponding to the private key. When the blockchain platform receives the identity verification request sent by the server of the first application program, if the public key and private key signature corresponding to the private key are found in the blockchain ledger, and the user's identity is found through the operator platform The user's digital identity information indicates that the user pre-registers the user's digital identity information on the operator's platform, passes the user identity verification, and sends an identity verification pass message carrying the user's digital identity information to the server of the first application program.

现有技术中,在第一应用程序的服务器接收到第二应用程序的服务器返回的用户授权登录消息之后,第一应用程序的服务器会获取用户真实的个人信息(例如,用户注册第二应用程序时填写的用户的信息),而本公开中当对用户身份验证通过后,区块链平台向第一应用程序的服务器发送的是用户数字身份信息,从而实现匿名登录,该用户为认证用户。如果区块链平台没有向第一应用程序的服务器发送携带用户数字身份信息的身份验证通过消息,则用户不能登录第一应用程序。In the prior art, after the server of the first application program receives the user authorization login message returned by the server of the second application program, the server of the first application program will obtain the real personal information of the user (for example, the user registers the second application program In this disclosure, after the user identity verification is passed, the blockchain platform sends the user's digital identity information to the server of the first application program, so as to realize anonymous login, and the user is an authenticated user. If the blockchain platform does not send an identity verification pass message carrying the user's digital identity information to the server of the first application program, the user cannot log in to the first application program.

本公开实施例中,用户数字身份信息可以代替用户真实的账号信息,实现匿名登录,并结合区块链来对用户进行身份验证,确保用户数字身份信息不被篡改。对于授权登录的场景中安全性和可控性方面有了较大的提升,保护了用户的个人信息的隐私安全的同时,为用户注册和登录新的应用程序也提供了便捷高效的方式,提升了用户体验,推动了区块链技术的应用。In the embodiment of the present disclosure, the user's digital identity information can replace the user's real account information to realize anonymous login, and combine the blockchain to verify the user's identity to ensure that the user's digital identity information is not tampered with. The security and controllability of authorized login scenarios have been greatly improved. While protecting the privacy and security of users' personal information, it also provides a convenient and efficient way for users to register and log in to new applications. It improves the user experience and promotes the application of blockchain technology.

此外,该用户数字身份信息不仅可以用来进行第三方合作伙伴验证,还可以用于需要实名注册的地方,车站,门禁,银行等等,在保护用户隐私的同时,极大的方便了用户,同时监管层也可以定位到具体用户。In addition, the user's digital identity information can be used not only for third-party partner verification, but also for places that require real-name registration, such as stations, access control, banks, etc., which greatly facilitates users while protecting user privacy. At the same time, the supervisory layer can also target specific users.

在一些实施例中,所述方法还包括:响应于接收到区块链中的运营商平台广播的公钥和私钥签名,将公钥和私钥签名保存在区块链账本中。In some embodiments, the method further includes: storing the public key and the private key signature in the blockchain ledger in response to receiving the public key and the private key signature broadcast by the operator platform in the blockchain.

在该步骤中,运营商平台广播的公钥和私钥签名预先保存在区块链账本中,以用于当用户登录第一应用程序时,对用户进行身份认证时在区块链平台进行验证,保护用户隐私,避免用户的信息泄露。In this step, the public key and private key signatures broadcast by the operator platform are pre-saved in the blockchain ledger for verification on the blockchain platform when the user logs in to the first application program and authenticates the user , to protect user privacy and avoid user information leakage.

需要说明的是,只要加入了区块链的第一应用程序的服务器均可以共享认证用户。假设第一应用程序也有自己的认证用户数据库,则第一应用程序对应的认证用户可以直接登录区块链中的其他第一应用程序,用户登录其他第一应用程序时也需要执行本实施例的步骤 101-步骤S104。It should be noted that as long as the server of the first application program that has joined the blockchain can share the authenticated user. Assuming that the first application program also has its own authentication user database, the authenticated user corresponding to the first application program can directly log in to other first application programs in the blockchain, and the user also needs to execute the method of this embodiment when logging in to other first application programs Step 101-step S104.

图2示出本公开实施例提供的运营商平台侧的基于区块链的身份验证方法的流程图。如图2所示,本实施例提供的基于区块链的身份验证方法包括以下步骤。Fig. 2 shows a flow chart of a blockchain-based identity verification method on the operator platform side provided by an embodiment of the present disclosure. As shown in Figure 2, the blockchain-based identity verification method provided by this embodiment includes the following steps.

步骤S201,接收区块链平台发送的验证请求。Step S201, receiving a verification request sent by the blockchain platform.

步骤S202,获取验证请求中的私钥。Step S202, obtaining the private key in the verification request.

步骤S203,响应于在本地查询出私钥对应的用户数字身份信息,向区块链平台发送携带用户数字身份信息的验证通过消息。Step S203, in response to locally querying the user's digital identity information corresponding to the private key, sending a verification pass message carrying the user's digital identity information to the blockchain platform.

本公开实施例提供的基于区块链的身份验证方法,运营商平台预先为用户创建用户数字身份信息,以替代用户真实的账号信息。运营商平台预先存储与所述用户数字身份信息对应的私钥。运营商平台接收区块链平台发送的验证请求,获取其中的私钥,若在本地查询出私钥对应的用户数字身份信息,则向区块链平台发送携带用户数字身份信息的验证通过消息。用户在区块链平台和运营商平台均验证成功时,区块链平台向第一应用程序的服务器发送携带用户数字身份信息的身份验证通过消息,从而实现匿名登录,该用户为认证用户。如果区块链平台没有向第一应用程序的服务器发送携带用户数字身份信息的身份验证通过消息,则用户不能登录第一应用程序。In the blockchain-based identity verification method provided by the embodiments of the present disclosure, the operator platform creates user digital identity information for the user in advance to replace the user's real account information. The operator platform pre-stores the private key corresponding to the user's digital identity information. The operator platform receives the verification request sent by the blockchain platform, obtains the private key in it, and if the user's digital identity information corresponding to the private key is queried locally, it sends a verification pass message carrying the user's digital identity information to the blockchain platform. When the user is successfully verified on both the blockchain platform and the operator platform, the blockchain platform sends an identity verification pass message carrying the user's digital identity information to the server of the first application program, thereby realizing anonymous login, and the user is an authenticated user. If the blockchain platform does not send an identity verification pass message carrying the user's digital identity information to the server of the first application program, the user cannot log in to the first application program.

本公开实施例中,用户数字身份信息可以代替用户真实的账号信息,实现匿名登录,并结合区块链来对用户进行身份验证,确保用户数字身份信息不被篡改。对于授权登录的场景中安全性和可控性方面有了较大的提升,保护了用户的个人信息的隐私安全的同时,为用户注册和登录新的应用程序也提供了便捷高效的方式,提升了用户体验,推动了区块链技术的应用。In the embodiment of the present disclosure, the user's digital identity information can replace the user's real account information to realize anonymous login, and combine the blockchain to verify the user's identity to ensure that the user's digital identity information is not tampered with. The security and controllability of authorized login scenarios have been greatly improved. While protecting the privacy and security of users' personal information, it also provides a convenient and efficient way for users to register and log in to new applications. It improves the user experience and promotes the application of blockchain technology.

此外,该用户数字身份信息不仅可以用来进行第三方合作伙伴验证,还可以用于需要实名注册的地方,车站,门禁,银行等等,在保护用户隐私的同时,极大的方便了用户,同时监管层也可以定位到具体用户。In addition, the user's digital identity information can be used not only for third-party partner verification, but also for places that require real-name registration, such as stations, access control, banks, etc., which greatly facilitates users while protecting user privacy. At the same time, the supervisory layer can also target specific users.

图3示出本公开实施例提供的运营商平台侧的基于区块链的身份验证方法的另一流程图。如图3所示,在一些实施例中,所述方法还包括:FIG. 3 shows another flow chart of the blockchain-based identity verification method on the operator platform side provided by an embodiment of the present disclosure. As shown in Figure 3, in some embodiments, the method also includes:

步骤S301,响应于监测到用户登录归属于本运营商平台的应用程序,在本地获取用户的用户信息。Step S301, in response to detecting that the user logs in to an application program belonging to the operator's platform, obtain user information of the user locally.

步骤S302,根据用户信息生成用户数字身份信息。Step S302, generating user digital identity information according to user information.

在步骤S301-步骤S302中,若检测到用户登录归属于本运营商平台的应用程序时,在本地获取用户的用户信息(包括用户的姓名、身份证号码、性别、手机号码、运营商vip等级信息、用户归属地信息、主副卡标识、用户入网时长等信息)。根据用户的用户信息为用户生成唯一的用户数字身份信息。In step S301-step S302, if it is detected that the user logs in to the application program belonging to the operator's platform, the user's user information (including the user's name, ID number, gender, mobile phone number, operator VIP level) is obtained locally information, user attribution information, primary and secondary card identification, user network access duration, etc.). Generate unique user digital identity information for the user based on the user information of the user.

步骤S303,生成与用户数字身份信息对应的私钥和公钥。Step S303, generating a private key and a public key corresponding to the user's digital identity information.

步骤S304,根据私钥和用户信息生成私钥签名。Step S304, generating a private key signature according to the private key and user information.

步骤S305,将私钥发送至用户的终端设备,并在区块链中广播公钥和私钥签名。Step S305, sending the private key to the user's terminal device, and broadcasting the public key and private key signature in the block chain.

在步骤S303-步骤S305中,通过算法加密,生成与用户数字身份信息对应的私钥和公钥,利用私钥和用户信息生成私钥签名。其中,私钥发送至用户的终端设备保存,公钥和私钥签名在区块链中广播。In step S303-step S305, algorithm encryption is used to generate a private key and a public key corresponding to the user's digital identity information, and a private key signature is generated using the private key and user information. Among them, the private key is sent to the user's terminal device for storage, and the public key and private key signature are broadcast in the blockchain.

图4示出本公开实施例提供的图3中步骤S302的一种可选实施方式。FIG. 4 shows an optional implementation manner of step S302 in FIG. 3 provided by an embodiment of the present disclosure.

在一些实施例中,如图4所示,所述根据用户信息生成用户数字身份信息(即步骤S302),包括:In some embodiments, as shown in FIG. 4 , the generation of user digital identity information according to user information (that is, step S302) includes:

步骤S401,计算用户信息的哈希值,并将哈希值作为默克尔树的叶子节点信息。Step S401, calculate the hash value of the user information, and use the hash value as the leaf node information of the Merkle tree.

步骤S402,根据叶子节点信息计算默克尔树的根节点信息,并将根节点信息确定为用户数字身份信息。Step S402, calculating the root node information of the Merkle tree according to the leaf node information, and determining the root node information as the user's digital identity information.

在步骤S401-步骤S402中,利用默克尔树算法为用户创建用户数字身份信息。默认按照预先约定的规则和顺序,针对每条用户信息计算一个哈希值,作为默克尔树的叶子节点信息,逐级按照预先约定的算法,根据叶子节点信息计算默克尔树的子节点信息。例如统一层级的叶子节点或者子节点循环执行加减乘除等操作或者是根据递归到叶子节点的层级数来执行不同的类型的操作,计算出两个不同的叶子节点的哈希值的相应位置的操作结果,然后生成这两个叶子节点共同对应的子节点信息。根据子节点信息逐级进行计算最后计算出默克尔树的根节点信息,最后形成默克尔树。将根节点信息确定为用户数字身份信息。In step S401-step S402, user digital identity information is created for the user using the Merkle tree algorithm. By default, according to the pre-agreed rules and order, a hash value is calculated for each user information as the leaf node information of the Merkle tree, and the child nodes of the Merkle tree are calculated according to the leaf node information step by step according to the pre-agreed algorithm information. For example, leaf nodes or sub-nodes at the same level perform operations such as addition, subtraction, multiplication, and division cyclically, or perform different types of operations according to the number of levels recursive to leaf nodes, and calculate the corresponding positions of the hash values of two different leaf nodes. Operate the result, and then generate the child node information corresponding to the two leaf nodes. Calculate step by step according to the child node information, finally calculate the root node information of the Merkle tree, and finally form the Merkle tree. The root node information is determined as user digital identity information.

需要说明的是,只要加入了区块链的第一应用程序的服务器均可以共享认证用户。假设第一应用程序也有自己的认证用户数据库,则第一应用程序对应的认证用户可以直接登录区块链中的其他第一应用程序,用户登录其他第一应用程序时也需要执行图2-图4对应的实施例中的所有步骤。It should be noted that as long as the server of the first application program that has joined the blockchain can share the authenticated user. Assuming that the first application program also has its own authentication user database, the authenticated user corresponding to the first application program can directly log in to other first application programs in the blockchain, and the user also needs to execute Figure 2-Diagram when logging in to other first application programs 4 corresponds to all the steps in the examples.

图5示出本公开实施例提供的区块链平台的结构示意图。基于与图1对应的实施例相同的技术构思,如图5所示,本公开实施例提供的区块链平台,包括如下模块。Fig. 5 shows a schematic structural diagram of a blockchain platform provided by an embodiment of the present disclosure. Based on the same technical concept as the embodiment corresponding to FIG. 1 , as shown in FIG. 5 , the blockchain platform provided by the embodiment of the present disclosure includes the following modules.

接收模块11,用于接收第一应用程序的服务器发送的身份验证请求,所述身份验证请求是所述第一应用程序的服务器向第二应用程序的服务器发送授权登录请求,在第一应用程序的服务器接收到第二应用程序的服务器返回的用户授权登录消息,并从所述用户的终端设备获取所述私钥之后发送的;The receiving module 11 is configured to receive the identity verification request sent by the server of the first application program. The identity verification request is that the server of the first application program sends an authorization login request to the server of the second application program. The server receives the user authorization login message returned by the server of the second application program, and sends it after obtaining the private key from the user's terminal device;

获取模块12,获取所述身份验证请求中的私钥;Obtaining module 12, obtaining the private key in the identity verification request;

发送模块13,用于响应于在区块链账本中查询到所述私钥对应的公钥和私钥签名,向运营商平台发送携带所述私钥的验证请求;响应于接收到所述运营商平台返回的携带用户数字身份信息的验证通过消息,向所述第一应用程序的服务器发送携带所述用户数字身份信息的身份验证通过消息。The sending module 13 is used to send a verification request carrying the private key to the operator platform in response to querying the public key and private key signature corresponding to the private key in the blockchain account book; The merchant platform returns a verification pass message carrying the user's digital identity information, and sends the identity verification pass message carrying the user's digital identity information to the server of the first application program.

优选地,还包括:Preferably, it also includes:

保存模块,用于响应于接收到区块链中的运营商平台广播的公钥和私钥签名,将所述公钥和所述私钥签名保存在区块链账本中。The storage module is configured to save the public key and the private key signature in the blockchain account book in response to receiving the public key and the private key signature broadcast by the operator platform in the blockchain.

图6示出本公开实施例提供的区块链平台的结构示意图。基于与图2对应的实施例相同的技术构思,如图6所示,本公开实施例提供的运营商平台,包括如下模块。FIG. 6 shows a schematic structural diagram of a blockchain platform provided by an embodiment of the present disclosure. Based on the same technical concept as the embodiment corresponding to FIG. 2 , as shown in FIG. 6 , the operator platform provided by the embodiment of the present disclosure includes the following modules.

接收模块21,用于接收区块链平台发送的验证请求。The receiving module 21 is configured to receive the verification request sent by the blockchain platform.

第一获取模块22,获取验证请求中的私钥。The first acquiring module 22 acquires the private key in the verification request.

发送模块22,用于响应于在本地查询出所述私钥对应的用户数字身份信息,向所述区块链平台发送携带所述用户数字身份信息的验证通过消息。The sending module 22 is configured to send a verification pass message carrying the user's digital identity information to the blockchain platform in response to locally querying the user's digital identity information corresponding to the private key.

优选地,还包括:Preferably, it also includes:

第二获取模块,用于响应于监测到用户登录归属于本运营商平台的应用程序,在本地获取所述用户的用户信息;The second obtaining module is used to obtain the user information of the user locally in response to monitoring that the user logs in to the application program belonging to the operator platform;

第一生成模块,用于根据所述用户信息生成所述用户数字身份信息;A first generating module, configured to generate the user digital identity information according to the user information;

第二生成模块,用于生成与所述用户数字身份信息对应的私钥和公钥;A second generating module, configured to generate a private key and a public key corresponding to the user's digital identity information;

第三生成模块,用于根据所述私钥和所述用户信息生成所述私钥签名;A third generating module, configured to generate the private key signature according to the private key and the user information;

发送模块,用于将所述私钥发送至所述用户的终端设备;a sending module, configured to send the private key to the user's terminal device;

广播模块,用于在区块链中广播所述公钥和所述私钥签名。The broadcast module is used to broadcast the signature of the public key and the private key in the block chain.

优选地,所述第一生成模块,具体用于:Preferably, the first generating module is specifically used for:

计算所述用户信息的哈希值,并将所述哈希值作为默克尔树的叶子节点信息;Calculate the hash value of the user information, and use the hash value as the leaf node information of the Merkle tree;

根据所述叶子节点信息计算默克尔树的根节点信息,并将所述根节点信息确定为所述用户数字身份信息。calculating the root node information of the Merkle tree according to the leaf node information, and determining the root node information as the user digital identity information.

可以理解的是,以上实施方式仅仅是为了说明本发明的原理而采用的示例性实施方式,然而本发明并不局限于此。对于本领域内的普通技术人员而言,在不脱离本发明的精神和实质的情况下,可以做出各种变型和改进,这些变型和改进也视为本发明的保护范围。It can be understood that, the above embodiments are only exemplary embodiments adopted for illustrating the principle of the present invention, but the present invention is not limited thereto. For those skilled in the art, various modifications and improvements can be made without departing from the spirit and essence of the present invention, and these modifications and improvements are also regarded as the protection scope of the present invention.

Claims (8)

1. An identity authentication method based on a block chain is characterized by comprising the following steps:
receiving an authentication request sent by a server of a first application program, and acquiring a private key therein, wherein the authentication request is sent after the server of the first application program sends an authorized login request to a server of a second application program, and a user authorized login message returned by the server of the second application program is received by the server of the first application program, and the private key is acquired from a terminal device of the user;
responding to a public key and a private key signature corresponding to the private key which are inquired in a block chain account book, and sending a verification request which carries the private key and corresponds to the identity verification request to an operator platform;
in response to receiving a verification passing message which is returned by the operator platform and carries the user digital identity information, sending the identity verification passing message which carries the user digital identity information to a server of the first application program;
wherein the user digital identity information is determined by the operator platform from root node information of the mercker tree; the root node information is obtained by taking a hash value of user information of a user as leaf node information of the Merckel tree and calculating according to the leaf node information.
2. The blockchain-based identity authentication method according to claim 1, further comprising:
and responding to the received public key and private key signature broadcasted by the operator platform in the block chain, and storing the public key and the private key signature in a block chain account book.
3. An identity authentication method based on a block chain is characterized by comprising the following steps:
receiving an authentication request which is sent by a block chain platform and corresponds to an identity authentication request received by the block chain platform, and acquiring a private key in the authentication request, wherein the identity authentication request is sent to the block chain platform by a server of a first application program;
responding to the user digital identity information corresponding to the private key inquired locally, and sending a verification passing message carrying the user digital identity information to the block chain platform;
wherein the user digital identity information is determined according to root node information of the Mercker tree; the root node information is obtained by taking a hash value of user information of a user as leaf node information of the Mercker tree and calculating according to the leaf node information.
4. The blockchain-based identity authentication method according to claim 3, wherein the method further comprises:
in response to monitoring that a user logs in an application program belonging to the operator platform, locally acquiring user information of the user, and generating the user digital identity information according to the user information;
generating a private key and a public key corresponding to the user digital identity information;
generating the private key signature according to the private key and the user information;
and sending the private key to the terminal equipment of the user, and broadcasting the public key and the private key signature in a block chain.
5. A blockchain platform, comprising:
the system comprises a receiving module, a sending module and a sending module, wherein the receiving module is used for receiving an identity authentication request sent by a server of a first application program, the identity authentication request is sent by the server of the first application program to a server of a second application program, and the identity authentication request is sent after the server of the first application program receives a user authorization login message returned by the server of the second application program and acquires a private key of a user from terminal equipment of the user;
the obtaining module is used for obtaining the private key in the identity authentication request;
the sending module is used for responding to a public key and a private key signature which correspond to the private key and are inquired in a block chain account book, and sending a verification request which carries the private key and corresponds to the identity verification request to an operator platform; in response to receiving a verification passing message which is returned by the operator platform and carries the user digital identity information, sending the identity verification passing message which carries the user digital identity information to a server of the first application program;
wherein the user digital identity information is determined by the operator platform from root node information of the mercker tree; the root node information is obtained by taking a hash value of user information of a user as leaf node information of the Merckel tree and calculating according to the leaf node information.
6. The blockchain platform of claim 5, further comprising:
and the storage module is used for responding to the public key and the private key signature which are received from the operator platform broadcast in the block chain, and storing the public key and the private key signature in the block chain account book.
7. An operator platform, comprising:
the system comprises a receiving module, a judging module and a processing module, wherein the receiving module is used for receiving an authentication request which is sent by a block chain platform and corresponds to an identity authentication request received by the block chain platform, and the identity authentication request is sent to the block chain platform by a server of a first application program;
the first acquisition module is used for acquiring a private key in the verification request;
the sending module is used for responding to the user digital identity information corresponding to the private key inquired locally and sending a verification passing message carrying the user digital identity information to the block chain platform;
wherein the user digital identity information is determined according to root node information of the Mercker tree; the root node information is obtained by taking a hash value of user information of a user as leaf node information of the Mercker tree and calculating according to the leaf node information.
8. The operator platform of claim 7, further comprising:
the second acquisition module is used for responding to the monitored application program of the user login belonging to the operator platform and locally acquiring the user information of the user;
the first generation module is used for generating the user digital identity information according to the user information;
the second generation module is used for generating a private key and a public key corresponding to the user digital identity information;
the third generation module is used for generating the private key signature according to the private key and the user information;
the sending module is used for sending the private key to the terminal equipment of the user;
a broadcast module to broadcast the public key and the private key signature in a blockchain.
CN202110455089.0A 2021-04-26 2021-04-26 Identity verification method based on block chain, block chain platform and operator platform Active CN113194082B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110455089.0A CN113194082B (en) 2021-04-26 2021-04-26 Identity verification method based on block chain, block chain platform and operator platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110455089.0A CN113194082B (en) 2021-04-26 2021-04-26 Identity verification method based on block chain, block chain platform and operator platform

Publications (2)

Publication Number Publication Date
CN113194082A CN113194082A (en) 2021-07-30
CN113194082B true CN113194082B (en) 2022-12-02

Family

ID=76979000

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110455089.0A Active CN113194082B (en) 2021-04-26 2021-04-26 Identity verification method based on block chain, block chain platform and operator platform

Country Status (1)

Country Link
CN (1) CN113194082B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115051848B (en) * 2022-06-08 2023-12-22 西安工业大学 A blockchain-based identity authentication method
CN117014146B (en) * 2023-06-16 2025-08-15 中国科学院软件研究所 Unified identity authentication method based on double factors
CN117768245B (en) * 2024-02-22 2024-05-10 暨南大学 A full-link data security protection method and system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112235290A (en) * 2020-10-13 2021-01-15 中国联合网络通信集团有限公司 Block chain-based Internet of things equipment management method and first Internet of things equipment
WO2021063963A1 (en) * 2019-09-30 2021-04-08 Bpce Process for managing the rights and assets of a user in a block chain

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11115418B2 (en) * 2016-12-23 2021-09-07 Cloudminds (Shanghai) Robotics Co., Ltd. Registration and authorization method device and system
CN107547514A (en) * 2017-07-17 2018-01-05 招商银行股份有限公司 Identity identifying method, system and computer-readable recording medium
CN109768865A (en) * 2019-01-18 2019-05-17 深圳市威赫科技有限公司 Block chain upper body part under credible performing environment digitizes realization method and system
CN110071808A (en) * 2019-04-09 2019-07-30 郭浩 A kind of the secure digital identity verification method and device of block chain user

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021063963A1 (en) * 2019-09-30 2021-04-08 Bpce Process for managing the rights and assets of a user in a block chain
CN112235290A (en) * 2020-10-13 2021-01-15 中国联合网络通信集团有限公司 Block chain-based Internet of things equipment management method and first Internet of things equipment

Also Published As

Publication number Publication date
CN113194082A (en) 2021-07-30

Similar Documents

Publication Publication Date Title
US10594696B2 (en) Network-based authentication and security services
US9871791B2 (en) Multi factor user authentication on multiple devices
Fett et al. A comprehensive formal security analysis of OAuth 2.0
CN103581108B (en) Login authentication method, login authentication client, login authentication server and login authentication system
US9374369B2 (en) Multi-factor authentication and comprehensive login system for client-server networks
US9491155B1 (en) Account generation based on external credentials
WO2022262078A1 (en) Access control method based on zero-trust security, and device and storage medium
CN103944900B (en) It is a kind of that attack prevention method and its device are asked across station based on encryption
CN101291228B (en) Generating, authenticating method for super code, system and device thereof
Shetty et al. Are you dating danger? an interdisciplinary approach to evaluating the (in) security of android dating apps
US20120047560A1 (en) Social Age Verification Engine
US20130305325A1 (en) Methods for Thwarting Man-In-The-Middle Authentication Hacking
CN113194082B (en) Identity verification method based on block chain, block chain platform and operator platform
US9973491B2 (en) Determining an identity of a third-party user in an SAML implementation of a web-service
CN111355726A (en) Identity authorization login method and device, electronic equipment and storage medium
WO2017076214A1 (en) A sms-based website login method and login system thereof
CN102811228A (en) Network service login method, device and system
US9332432B2 (en) Methods and system for device authentication
WO2016054924A1 (en) Identity authentication method, third-party server, merchant server and user terminal
Huang et al. A token-based user authentication mechanism for data exchange in RESTful API
US10033719B1 (en) Mobile work platform for remote data centers
CN114491435A (en) A secure access method and device based on an industrial Internet platform
US9553863B2 (en) Computer implemented method and system for an anonymous communication and computer program thereof
Yang et al. Context-aware phishing-resistant authentication for federated identity in Internet of Things platforms
CN115051848A (en) Identity authentication method based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant