Nothing Special   »   [go: up one dir, main page]

CN109981814A - Domain name information inquiry method and system based on block chain network service node - Google Patents

Domain name information inquiry method and system based on block chain network service node Download PDF

Info

Publication number
CN109981814A
CN109981814A CN201910210218.2A CN201910210218A CN109981814A CN 109981814 A CN109981814 A CN 109981814A CN 201910210218 A CN201910210218 A CN 201910210218A CN 109981814 A CN109981814 A CN 109981814A
Authority
CN
China
Prior art keywords
domain name
service node
address
user terminal
name service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910210218.2A
Other languages
Chinese (zh)
Inventor
路成业
王凌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Iallchain Co Ltd
Original Assignee
Iallchain Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Iallchain Co Ltd filed Critical Iallchain Co Ltd
Priority to CN201910210218.2A priority Critical patent/CN109981814A/en
Publication of CN109981814A publication Critical patent/CN109981814A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5076Update or notification mechanisms, e.g. DynDNS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention proposes a kind of domain name information inquiry methods and system based on block chain network service node, wherein method includes: that domain name service node obtains all block informations, generates the domain name/IP address mapping table of real-time update;After user terminal starting, inquiry request message is sent to domain name service node;Domain name service node is sent to user terminal passes through query response message;After user terminal receives query response message, domain name service node private key signature is verified using the public key information of domain name service node, if being verified, communication IP address is fed back into destination application, so that destination application sends access request according to communication IP address.Domain name is obtained by the block chain mode of decentralization as a result, and special domain name service node is set and provides domain name service for user terminal, user terminal memory block information is not necessarily to, alleviates the storage pressure of user terminal, improve the flexibility of block chain network.

Description

Domain name information inquiry method and system based on block chain network service node
Technical field
The present invention relates to block chain technical field more particularly to a kind of domain-name informations based on block chain network service node Querying method and system.
Background technique
In computer field, IP address is widely used as " identity card " of equipment for surfing the net, server etc..With computer The development of network technology, IP address increase significantly, and for the ease of managing the distribution with address, domain name system occur, that is, It says, is allocated in the prior art using IP address and domain name as common network address.
In the related technology, the corresponding domain name of IP address is provided by dns server, however, providing domain in current network environment The dns server more centralization of name configuration service, and the root server of dns server rests in some country or tissue In hand, the dns server of this centralization will cause to seriously threaten once maliciously being controlled to internet.
Summary of the invention
Purport of the present invention provides a kind of user terminal and its block chain domain name analytic method, to solve in the prior art, domain name By the stronger dns server configuration of centralization, cause to be easy by phishing attack, and, domain name clothes are provided by block chain network When business, the technical issues of storing pressure and resource consumption increase, is led to by user terminal memory block.
First embodiment of the invention provides a kind of domain name information inquiry method based on block chain network service node, in domain Domain name service node is set in name block chain network, which comprises domain name service node obtains domain name block All block informations of block chain account book in chain network, the domain name registration information stored in all block informations of extract real-time are raw At the domain name/IP address mapping table of real-time update;After user terminal starting, institute is obtained from the address allocation server of current network The public key information for stating the IP address of user terminal, the IP address of domain name service node and domain name service node, when Obtain destination application send the access request comprising target domain name when, according to the IP address of domain name service node to Domain name service node sends the user identity information comprising the user terminal and the inquiry request of the target domain name disappears Breath;Domain name service node parses the inquiry request message and obtains the user identity information and the target domain name, root The authorization terminal information bank being locally stored is inquired according to the user identity information, the authorization terminal information bank includes institute if knowing State user identity information, it is determined that the user terminal is legal terminal, and then according to the target inquiry of the domain name domain name IP address mapping table sends to the user terminal if obtaining communication IP address corresponding with the target domain name and passes through institute State the query response message comprising the target domain name and the communication IP address of domain name service node private key signature;The use After family terminal receives the query response message, using the public key information of domain name service node to domain name service node Private key signature is verified, if being verified, the communication IP address is fed back to the destination application, so that described Destination application sends access request according to the communication IP address.
Second embodiment of the invention provides a kind of dns query message system based on block chain network service node, described System includes domain name service node and user terminal, wherein and domain name service node is arranged in domain name block chain network, In, domain name service node, for obtaining all block informations of block chain account book in domain name block chain network, in real time The domain name registration information stored in all block informations is extracted, the domain name/IP address mapping table of real-time update is generated;The user Terminal obtains IP address, the domain name clothes of the user terminal from the address allocation server of current network after starting The IP address of node of being engaged in and the public key information of domain name service node, when obtain destination application transmission includes target When the access request of domain name, being sent according to the IP address of domain name service node to domain name service node includes the use The inquiry request message of the user identity information of family terminal and the target domain name;Domain name service node, for parsing It states inquiry request message and obtains the user identity information and the target domain name, inquired according to the user identity information local The authorization terminal information bank of storage, if knowing, the authorization terminal information bank includes the user identity information, it is determined that described User terminal is legal terminal, and then according to the target inquiry of the domain name domain name IP address mapping table, if obtain with it is described The corresponding communication IP address of target domain name then sends the packet Jing Guo domain name service node private key signature to the user terminal Query response message containing the target domain name and the communication IP address;The user terminal is rung for receiving the inquiry After answering message, domain name service node private key signature is verified using the public key information of domain name service node, if It is verified, then the communication IP address is fed back into the destination application, so that the destination application is according to institute It states communication IP address and sends access request.
Technical solution provided in an embodiment of the present invention can include the following benefits:
Domain name service node obtains all block informations of block chain account book in domain name block chain network, and extract real-time is all The domain name registration information stored in block information generates the domain name/IP address mapping table of real-time update, after user terminal starting, from The address allocation server of current network obtains IP address, the IP address and domain name service of domain name service node of user terminal The public key information of node, when obtaining the access request comprising target domain name that destination application is sent, according to domain name service The IP address of node sends the inquiry request of the user identity information comprising user terminal and target domain name to domain name service node Message, in turn, domain name service node parse inquiry request message and obtain user identity information and target domain name, according to user identifier Information inquires the authorization terminal information bank being locally stored, if knowing, authorization terminal information bank includes user identity information, it is determined that User terminal is legal terminal, and then according to target domain name nslookup IP address mapping table, if obtaining corresponding with target domain name Communication IP address, then sent to user terminal by domain name service node private key signature comprising target domain name and communication IP The query response message of location, finally, after user terminal receives query response message, using the public key information pair of domain name service node Domain name service node private key signature is verified, if being verified, communication IP address is fed back to destination application, so that Destination application sends access request according to communication IP address.Domain name is obtained by the block chain mode of decentralization as a result, And the special domain name service node of setting provides domain name service for user terminal, is not necessarily to user terminal memory block information, mitigates The storage pressure of user terminal, improves the flexibility of block chain network.
Detailed description of the invention
Above-mentioned and/or additional aspect and advantage of the invention will become from the following description of the accompanying drawings of embodiments Obviously and it is readily appreciated that, wherein
Fig. 1 is the scene interactivity schematic diagram according to an embodiment of the invention based on block chain domain name system;
Fig. 2 is the dns query message system according to an embodiment of the invention based on block chain network service node Structural schematic diagram;
Fig. 3 is the dns query message system according to an embodiment of the invention based on block chain network service node Interaction schematic diagram;
Fig. 4 is the domain name information inquiry method according to an embodiment of the invention based on block chain network service node Flow chart;
Fig. 5 is the domain name information inquiry method according to an embodiment of the invention based on block chain network service node Application scenarios schematic diagram.
Specific embodiment
The embodiment of the present invention is described below in detail, examples of the embodiments are shown in the accompanying drawings, wherein from beginning to end Same or similar label indicates same or similar element or element with the same or similar functions.Below with reference to attached The embodiment of figure description is exemplary, it is intended to is used to explain the present invention, and is not considered as limiting the invention.
In order to solve to mention in above-mentioned background technique to be configured due to network address by the stronger dns server of centralization, Cause to be easy the technical issues of being attacked, the block chain domain name mapping based on user terminal operations system that the present invention provides a kind of Method is named by the mode of decentralization to obtain, and is improved the safety that the domain name of application program is sent, is avoided hacker's The behaviors such as phishing attack.
Specifically, in order to solve the above-mentioned technical problems, the present invention provides the block chain networks that a kind of domain name generates, such as Shown in Fig. 1, the block chain domain name system that Internet Service Provider's ISP node is belonged to itself in the block chain network is taken The identity private key that business device sends Identity-based encryption IBE (identity-based encryption, Identity based encryption) is asked Seek message, wherein identity private key request message includes: the target domain name and corresponding IP address of application, in turn, block chain domain name System server, which receives identity private key request message and parses, obtains target domain name, inquires the main key being locally stored and public ginseng Number carries out main key, common parameter and target domain name according to preset algorithm to calculate the identity private key for generating ISP node, the identity Private key and ISP node are uniquely corresponding, wherein the identity public key of the entitled ISP node of aiming field, and then application ISP node is in block Node public key in chain generates the crypto identity private key of ISP node after encrypting to the identity private key of ISP node, and will encryption Identity private key transmission awards the corresponding ISP node of the corresponding IP address of aiming field name.
Further, after ISP node receives the crypto identity private key that block chain domain name system server is sent, using itself The identity private key for obtaining ISP node is decrypted in node private key pair encryption identity private key in block chain, and application identity is private Key carries out identity private key label to the server identification of target domain name and corresponding IP address and block chain domain name system server After name, domain name registration broadcast message is sent to block chain network.Accounting nodes reception domain name registration broadcast message carries out parsing and obtains Target domain name and corresponding IP address and server identification are taken, and application target domain name signs to the identity private key of ISP node It is verified, if the verification passes, then by target domain name and corresponding IP address and the clothes of block chain domain name system server The corresponding relationship of business device mark is written in newly-generated block, and charges in block chain account book.
The network address generation method of the embodiment of the present invention as a result, based on block chain domain name system based on block chain Decentralization thought generates, and on the one hand avoids phishing attack etc., on the other hand, is based on common recognition mechanism, illegal node is avoided to disturb The legal generation of random network address.
However, the generating mode of this network address, accesses block chain network in client (such as application APP etc.) When, generally using P2P broadcast addressing mutually, in order to access P2P adjacent node, need in client block chain prefabricated first Seed node (it can be appreciated that original node) address, obtains adjacent node by seed node.But in practical applications, For example, the seed node or seed node IP address of domain name block chain possibly can not be obtained when installing operating system It may change, if the corresponding block chain network of domain name accesses not yet using domain name access seed node, domain can not be carried out Name access.
Thus, when being built in the operating system kernel layer of user terminal to solve this block chain domain name mapping module, The problem of domain name can not access, the invention also provides a kind of dns query message sides based on block chain network service node Method.
Firstly, for convenience of description, the present invention concentrates on the dns query message based on block chain network service node System side describes the domain name information inquiry method of the invention based on block chain network service node.As shown in Fig. 2, area should be based on The dns query message system of block chain network service node includes the domain name service node 100 being arranged in domain name block chain network With user terminal 200, wherein domain name service node 100 is used to provide domain name service for the application program in relevant user terminal, Thus, it is possible to the memory block information in 100 node of domain name service node, avoid in the user terminal memory block information cause User terminal stores the increase of pressure and reduces the consumption of the resources such as flow, electricity, wherein obviously in order to ensure domain name service Node 100 provides the reliability of domain name service, and domain name service node 100 can be the corresponding sections such as authoritative higher tissue Point, user terminal 200 include the terminal device with operating system such as smart phone, intelligent wearable equipment, laptop.
Specifically, as shown in figure 3, in the present embodiment, domain name service node obtains block in domain name block chain network All block informations of chain account book, the domain name registration information stored in all block informations of extract real-time, generate real-time update Domain name/IP address mapping table (step 31), thus, domain name service node deposits all block informations in block chain network Storage in turn, after user terminal starting, obtains user from the address allocation server of current network in order to provide domain name service The public key information of the IP address of terminal, the IP address of domain name service node and domain name service node, when acquisition target application journey When the access request comprising target domain name that sequence is sent, is sent and wrapped to domain name service node according to the IP address of domain name service node Inquiry request message (the step 32) of user identity information and target domain name containing user terminal, i.e., provided by domain name service node Domain name service.
Domain name service node parses inquiry request message and obtains user identity information and target domain name, is believed according to user identifier The authorization terminal information bank that breath inquiry is locally stored, if knowing, authorization terminal information bank includes user identity information, it is determined that is used Family terminal is legal terminal, and then according to target domain name nslookup IP address mapping table, if obtaining corresponding with target domain name Communication IP address, then sending to user terminal by domain name service node private key signature includes target domain name and communication IP address Query response message (step 33).
Finally, after user terminal receives query response message, using the public key information of domain name service node to domain name service Node private key signature is verified, if being verified, communication IP address is fed back to destination application, so that target application Program sends access request (step 34) according to communication IP address.
As a result, in an embodiment of the present invention, it is contemplated that in the same block chain network, if each node records All block informations or multiple nodes all record all block informations, then cause very big waste of storage space.Even if Each node only records a part of block information, but also storage size is more thick and heavy, especially when the node of block chain is In the case where user terminal, every G memory space can mean that expensive cost, if some node needs also to be simultaneously other Node online service is provided, then waste the campus network of user terminal and expend a large amount of battery electric power.Therefore, it is based on one Either multiple domain name service nodes provide the inquiry of the domain name solution of safety exclusively for mobile terminal or other lightweight user terminals Analysis service etc. improves the flexibility of the domain name service of block chain network to mitigate the storage pressure of user terminal.
It secondly concentrates on being described based on the domain name information inquiry method side of block chain network service node below, Fig. 4 It is the flow chart of the domain name information inquiry method according to an embodiment of the invention based on block chain network service node, such as schemes Shown in 4, this method comprises:
Step 101, domain name service node obtains all block informations of block chain account book in domain name block chain network, in real time The domain name registration information stored in all block informations is extracted, the domain name/IP address mapping table of real-time update is generated.
Wherein, the domain name etc. generated before block information includes for the domain name request comprising IP address, domain name service Node obtains all block informations of block chain account book in domain name block chain network, and deposits in all block informations of extract real-time The domain name registration information of storage generates the domain name/IP address mapping table of real-time update, in order to be provided most based on domain name service node Comprehensive domain name service, and as described above, domain name service node is authoritative higher node, thus, domain name service The reliability that node provides domain name service is higher.
Step 102, after user terminal starting, with obtaining the IP of user terminal from the address allocation server of current network The public key information of location, the IP address of domain name service node and domain name service node, when the packet for obtaining destination application transmission When the access request of the domain name containing target, being sent according to the IP address of domain name service node to domain name service node includes user terminal User identity information and target domain name inquiry request message.
Wherein, user terminal when address allocation server is used for start provides distribution IP address, subnet mask, net It closes, the information such as the IP address of domain name service node.Wherein, in an embodiment of the present invention, user terminal can be also belonged into area A node in block chain network, it will therefore be appreciated that user terminal is also therefore the adjacent node of domain name service node is based on The public key certificate mechanism of block chain network, address server can also distribute the public key letter of domain name service node for user terminal Breath, with the legitimacy for verifying domain name service node.
Specifically, user terminal after actuation, the IP of user terminal is obtained from the address allocation server of current network The public key information of location, the IP address of domain name service node and domain name service node is sent out when getting destination application in turn When the access request comprising target domain name sent, sent to domain name service node comprising using according to the IP address of domain name service node The user identity information of family terminal and the inquiry request message of target domain name, wherein the entitled destination application of aiming field is to be checked The domain name of inquiry, for example be Sina's application program domain name www.sina.com.cn to be checked, it is mentioned as a result, by domain name service node For domain name service, the storage pressure of user terminal is alleviated.
Certainly, when block information data volume is larger, in order to guarantee the efficiency of service of domain name service node, domain name service section Point is also based on distributed service form and provides domain name service jointly, as a kind of possible implementation, domain name service Node includes multiple servers, and multiple servers store all block informations jointly, and each server storage section point domain name is infused Volume information, the domain name/IP address mapping table of generating portion real-time update.
Step 103, domain name service node parsing inquiry request message obtains user identity information and target domain name, according to The authorization terminal information bank that family identification information-enquiry is locally stored, if knowing, authorization terminal information bank includes user identity information, Then determine that user terminal is legal terminal, and then according to target domain name nslookup IP address mapping table, if acquisition and aiming field Name corresponding communication IP address then sends to user terminal and includes target domain name and logical by domain name service node private key signature Believe the query response message of IP address.
Specifically, domain name service node parsing inquiry request message obtains user identity information and target domain name, according to The authorization terminal information bank that family identification information-enquiry is locally stored, wherein the authorization terminal information bank is for limiting current domain name The user identity information for the user terminal that service node can service, as a kind of possible implementation, authorization terminal information bank The user terminal of middle storage is the user identity information with domain name service node in the user terminal of the same tissue, in turn, such as Fruit user identity information is in authorization terminal information bank, it is determined that user terminal is legal terminal, and according to target domain name inquiry field Name IP address mapping table sends to user terminal if obtaining communication IP address corresponding with target domain name and passes through domain name service The query response message comprising target domain name and communication IP address of node private key signature, is not increasing user terminal as a result, On the basis of storing pressure, without accessing block chain network you can learn that corresponding IP address carries out the request of domain name, access pair The block chain network answered.
In an embodiment of the present invention, it is emphasized that, in order to avoid illegal node pretends domain name service node, may be used also To be verified before feedback query responds, i.e., including by domain name service node private key signature to user terminal transmission Before the query response message of target domain name and communication IP address, domain name service node reflects each domain name and corresponding IP address The relationship of penetrating carries out offline private key signature, and the mapping relations Jing Guo offline private key signature are uploaded to domain name/IP address mapping Table.Only have domain name service node itself to possess its private key as a result, thus, avoid the camouflage of illegal node.
It should be noted that above-mentioned user identity information is used for the uniqueness of identifying subscriber terminal, in different examples, User identity information is different, and example is as follows:
The first example:
In this example, user identity information is the source IP address of user terminal, which is tissue point where it Match, for limiting its range that can be serviced, domain name service node inquires the authorization being locally stored according to source IP address as a result, End message library, if knowing, authorization terminal information bank includes the source IP address, it is determined that user terminal is legal terminal.
Second of example:
In this example, user identity information is hardware identifier of user terminal, for example equipment produces number etc., in turn, Domain name service node inquires the authorization terminal information bank being locally stored according to hardware identifier, if knowing, authorization terminal information bank includes Hardware identifier, it is determined that user terminal is legal terminal.
Step 104, after user terminal receives query response message, domain name is taken using the public key information of domain name service node Business node private key signature is verified, if being verified, communication IP address is fed back to destination application, so that target is answered Access request is sent according to communication IP address with program.
Specifically, user terminal is after receiving query response message, using the public key information of domain name service node to domain Name service node private key signature is verified, if being verified, shows that the response message is sent out by domain name service node itself It send, thus will, IP address feeds back to destination application, asks so that destination application sends access according to communication IP address Ask, without access block chain network you can learn that corresponding IP address carry out domain name request, access corresponding block chain network.
The domain name information inquiry method based on block chain network service node of the embodiment of the present invention as a result, such as Fig. 5 institute Show, the domain name/IP address mapping table for the real-time update that user terminal can be generated based on domain name service node, extract and applies journey The corresponding communication IP address of target domain name that sequence is sent subtracts in order to access corresponding block chain network based on communication IP address The light storage pressure of user terminal, improves the flexibility of block chain network.
To sum up, the domain name information inquiry method based on block chain network service node of the embodiment of the present invention, domain name service Node obtains all block informations of block chain account book in domain name block chain network, stores in all block informations of extract real-time Domain name registration information generates the domain name/IP address mapping table of real-time update, after user terminal starting, from the address of current network point The public key information of IP address, the IP address of domain name service node and domain name service node with server acquisition user terminal, When obtaining the access request comprising target domain name that destination application is sent, according to the IP address of domain name service node to domain Name service node sends the inquiry request message of the user identity information comprising user terminal and target domain name, in turn, domain name clothes Business node parsing inquiry request message obtains user identity information and target domain name, is locally stored according to user identity information inquiry Authorization terminal information bank, if know authorization terminal information bank include user identity information, it is determined that user terminal be legal end End, and then according to target domain name nslookup IP address mapping table, if obtaining communication IP address corresponding with target domain name, to User terminal sends the query response message comprising target domain name and communication IP address Jing Guo domain name service node private key signature, Finally, after user terminal receives query response message, using the public key information of domain name service node to domain name service node private key Signature verified, if being verified, communication IP address is fed back into destination application so that destination application according to Communication IP address sends access request.Domain name is obtained by the block chain mode of decentralization as a result, and special domain name is set Service node provides domain name service for user terminal, is not necessarily to user terminal memory block information, alleviates the storage of user terminal Pressure improves the flexibility of block chain network.
In the present invention, term " first ", " second " are used for description purposes only, and are not understood to indicate or imply opposite Importance or the quantity for implicitly indicating indicated technical characteristic.Define " first " as a result, the feature of " second " can be bright Show or implicitly include at least one this feature.In the description of the present invention, the meaning of " plurality " is at least two, such as two It is a, three etc., unless otherwise specifically defined.
In the present invention unless specifically defined or limited otherwise, fisrt feature in the second feature " on " or " down " can be with It is that the first and second features directly contact or the first and second features pass through intermediary mediate contact.Moreover, fisrt feature exists Second feature " on ", " top " and " above " but fisrt feature be directly above or diagonally above the second feature, or be merely representative of First feature horizontal height is higher than second feature.Fisrt feature can be under the second feature " below ", " below " and " below " One feature is directly under or diagonally below the second feature, or is merely representative of first feature horizontal height less than second feature.
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show The description of example " or " some examples " etc. means specific features, structure, material or spy described in conjunction with this embodiment or example Point is included at least one embodiment or example of the invention.In the present specification, schematic expression of the above terms are not It must be directed to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics described can be in office It can be combined in any suitable manner in one or more embodiment or examples.In addition, without conflicting with each other, the skill of this field Art personnel can tie the feature of different embodiments or examples described in this specification and different embodiments or examples It closes and combines.
Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example Property, it is not considered as limiting the invention, those skilled in the art within the scope of the invention can be to above-mentioned Embodiment is changed, modifies, replacement and variant.

Claims (10)

1. a kind of domain name information inquiry method based on block chain network service node, which is characterized in that in domain name block link network Domain name service node is set in network, which comprises
Domain name service node obtains all block informations of block chain account book in domain name block chain network, extract real-time The domain name registration information stored in all block informations generates the domain name/IP address mapping table of real-time update;
After user terminal starting, the IP address of the user terminal, the domain are obtained from the address allocation server of current network The name IP address of service node and the public key information of domain name service node, when obtain destination application transmission includes When the access request of target domain name, being sent according to the IP address of domain name service node to domain name service node includes institute State the user identity information of user terminal and the inquiry request message of the target domain name;
Domain name service node parses the inquiry request message and obtains the user identity information and the target domain name, root The authorization terminal information bank being locally stored is inquired according to the user identity information, the authorization terminal information bank includes institute if knowing State user identity information, it is determined that the user terminal is legal terminal, and then according to the target inquiry of the domain name domain name IP address mapping table sends to the user terminal if obtaining communication IP address corresponding with the target domain name and passes through institute State the query response message comprising the target domain name and the communication IP address of domain name service node private key signature;
After the user terminal receives the query response message, using the public key information of domain name service node to the domain Name service node private key signature is verified, if being verified, the communication IP address is fed back to the target application journey Sequence, so that the destination application sends access request according to the communication IP address.
2. the method as described in claim 1, which is characterized in that the user identity information is the source IP of the user terminal Location, it is described that the authorization terminal information bank being locally stored is inquired according to the user identity information, if knowing the authorization terminal letter Ceasing library includes the user identity information, it is determined that the user terminal is legal terminal, comprising:
Domain name service node inquires the authorization terminal information bank being locally stored according to the source IP address, if knowing described award Weighing end message library includes the source IP address, it is determined that the user terminal is legal terminal.
3. the method as described in claim 1, which is characterized in that the user identity information is the hardware mark of the user terminal Know, it is described that the authorization terminal information bank being locally stored is inquired according to the user identity information, if knowing the authorization terminal letter Ceasing library includes the user identity information, it is determined that the user terminal is legal terminal, comprising:
Domain name service node inquires the authorization terminal information bank being locally stored according to the hardware identifier, if knowing described award Weighing end message library includes the hardware identifier, it is determined that the user terminal is legal terminal.
4. the method as described in claim 1, which is characterized in that domain name service node includes multiple servers, wherein institute It states multiple servers and stores all block informations jointly, each server storage section divides domain name registration information, and generating portion is real-time The domain name/IP address mapping table of update.
5. the method as described in claim 1, which is characterized in that pass through domain name service section sending to the user terminal Before the query response message comprising the target domain name and the communication IP address of point private key signature, further includes:
Domain name service node carries out offline private key signature to the mapping relations of each domain name and corresponding IP address, and will be through The mapping relations for crossing offline private key signature are uploaded to domain name IP address mapping table.
6. a kind of dns query message system based on block chain network service node, which is characterized in that the system comprises domains Name service node and user terminal, wherein domain name service node is arranged in domain name block chain network, wherein
Domain name service node, it is real for obtaining all block informations of block chain account book in domain name block chain network When extract the domain name registration information stored in all block informations, generate the domain name/IP address mapping table of real-time update;
The user terminal, after starting, with obtaining the IP of the user terminal from the address allocation server of current network The public key information of location, the IP address of domain name service node and domain name service node, when acquisition destination application When the access request comprising target domain name sent, according to the IP address of domain name service node to domain name service node Send the inquiry request message of the user identity information comprising the user terminal and the target domain name;
Domain name service node obtains the user identity information and the aiming field for parsing the inquiry request message Name inquires the authorization terminal information bank being locally stored according to the user identity information, if knowing the authorization terminal information bank Include the user identity information, it is determined that the user terminal is legal terminal, and then according to the target inquiry of the domain name institute Domain name/IP address mapping table is stated, if obtaining communication IP address corresponding with the target domain name, is sent to the user terminal By the query response message comprising the target domain name and the communication IP address of domain name service node private key signature;
The user terminal, after receiving the query response message, using the public key information pair of domain name service node Domain name service node private key signature is verified, if being verified, the communication IP address is fed back to the target Application program, so that the destination application sends access request according to the communication IP address.
7. system as claimed in claim 6, which is characterized in that the user identity information is the source IP of the user terminal Location,
Domain name service node is also used to inquire the authorization terminal information bank being locally stored according to the source IP address, if obtaining Know that the authorization terminal information bank includes the source IP address, it is determined that the user terminal is legal terminal.
8. system as claimed in claim 6, which is characterized in that the user identity information is the hardware mark of the user terminal Know,
Domain name service node is also used to inquire the authorization terminal information bank being locally stored according to the hardware identifier, if obtaining Know that the authorization terminal information bank includes the hardware identifier, it is determined that the user terminal is legal terminal.
9. system as claimed in claim 6, which is characterized in that domain name service node includes multiple servers, wherein institute It states multiple servers and stores all block informations jointly, each server storage section divides domain name registration information, and generating portion is real-time The domain name/IP address mapping table of update.
10. system as claimed in claim 6, which is characterized in that
Domain name service node is also used to carry out offline private key label to the mapping relations of each domain name and corresponding IP address Name, and the mapping relations Jing Guo offline private key signature are uploaded to domain name IP address mapping table.
CN201910210218.2A 2019-03-19 2019-03-19 Domain name information inquiry method and system based on block chain network service node Pending CN109981814A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910210218.2A CN109981814A (en) 2019-03-19 2019-03-19 Domain name information inquiry method and system based on block chain network service node

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910210218.2A CN109981814A (en) 2019-03-19 2019-03-19 Domain name information inquiry method and system based on block chain network service node

Publications (1)

Publication Number Publication Date
CN109981814A true CN109981814A (en) 2019-07-05

Family

ID=67079581

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910210218.2A Pending CN109981814A (en) 2019-03-19 2019-03-19 Domain name information inquiry method and system based on block chain network service node

Country Status (1)

Country Link
CN (1) CN109981814A (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110445850A (en) * 2019-07-24 2019-11-12 深圳壹账通智能科技有限公司 Block chain node access method and device, storage medium, electronic equipment
CN110808841A (en) * 2019-11-08 2020-02-18 杭州增信信息技术有限公司 Communication system based on block chain network and communication method thereof
CN111641728A (en) * 2020-05-16 2020-09-08 中信银行股份有限公司 Calling method and device based on distributed system
CN112182601A (en) * 2020-09-21 2021-01-05 中国科学院计算技术研究所 Domain name data storage method and system based on block chain
WO2021012812A1 (en) * 2019-07-19 2021-01-28 南京瑞祥信息技术有限公司 Public chain-based blockchain network addressing method
FR3099326A1 (en) * 2019-07-19 2021-01-29 Aowei Information Technology (jiangsu) Co., Ltd. ADDRESS MANAGEMENT SYSTEM BASED ON THE PUBLIC CHAIN
CN112420219A (en) * 2020-12-10 2021-02-26 商丘医学高等专科学校 Nursing user inquiry method and system
CN112671779A (en) * 2020-12-25 2021-04-16 赛尔网络有限公司 DoH server-based domain name query method, device, equipment and medium
CN113055359A (en) * 2021-02-25 2021-06-29 国网信息通信产业集团有限公司 IPv6 domain name data privacy protection method based on block chain and related equipment
CN113630761A (en) * 2021-08-17 2021-11-09 中国联合网络通信集团有限公司 Session management method and device and terminal
CN113726563A (en) * 2021-08-20 2021-11-30 上海浦东发展银行股份有限公司 Block chain service access method and device, computer equipment and storage medium
CN114513489A (en) * 2022-01-11 2022-05-17 浪潮云信息技术股份公司 Method and system for realizing multi-CPU architecture domain name access container service
WO2024198419A1 (en) * 2023-03-27 2024-10-03 中国互联网络信息中心 Decentralized application access method and apparatus, electronic device and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103312724A (en) * 2013-07-05 2013-09-18 北京蓝汛通信技术有限责任公司 Domain name system (DNS) request authentication method and device
CN106506726A (en) * 2016-12-12 2017-03-15 北京云端智度科技有限公司 A kind of method of verification DNS real users
CN106936945A (en) * 2017-04-25 2017-07-07 中国联合网络通信集团有限公司 Distributed domain name analysis method and device
CN108064444A (en) * 2017-04-19 2018-05-22 北京大学深圳研究生院 A kind of domain name analysis system based on block chain
CN108768630A (en) * 2018-05-25 2018-11-06 全链通有限公司 The encryption communication method and system of block chain node

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103312724A (en) * 2013-07-05 2013-09-18 北京蓝汛通信技术有限责任公司 Domain name system (DNS) request authentication method and device
CN106506726A (en) * 2016-12-12 2017-03-15 北京云端智度科技有限公司 A kind of method of verification DNS real users
CN108064444A (en) * 2017-04-19 2018-05-22 北京大学深圳研究生院 A kind of domain name analysis system based on block chain
CN106936945A (en) * 2017-04-25 2017-07-07 中国联合网络通信集团有限公司 Distributed domain name analysis method and device
CN108768630A (en) * 2018-05-25 2018-11-06 全链通有限公司 The encryption communication method and system of block chain node

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2022534311A (en) * 2019-07-19 2022-07-28 南京瑞祥信息技術有限公司 Blockchain network addressing method based on public chain
WO2021012812A1 (en) * 2019-07-19 2021-01-28 南京瑞祥信息技术有限公司 Public chain-based blockchain network addressing method
FR3099326A1 (en) * 2019-07-19 2021-01-29 Aowei Information Technology (jiangsu) Co., Ltd. ADDRESS MANAGEMENT SYSTEM BASED ON THE PUBLIC CHAIN
FR3099327A1 (en) * 2019-07-19 2021-01-29 Aowei Information Technology (jiangsu) Co., Ltd. NETWORK ADDRESSING METHOD OF THE PUBLIC CHAIN BASED ON THE PUBLIC CHAIN
CN110445850A (en) * 2019-07-24 2019-11-12 深圳壹账通智能科技有限公司 Block chain node access method and device, storage medium, electronic equipment
CN110808841A (en) * 2019-11-08 2020-02-18 杭州增信信息技术有限公司 Communication system based on block chain network and communication method thereof
CN111641728A (en) * 2020-05-16 2020-09-08 中信银行股份有限公司 Calling method and device based on distributed system
CN112182601A (en) * 2020-09-21 2021-01-05 中国科学院计算技术研究所 Domain name data storage method and system based on block chain
CN112420219A (en) * 2020-12-10 2021-02-26 商丘医学高等专科学校 Nursing user inquiry method and system
CN112671779A (en) * 2020-12-25 2021-04-16 赛尔网络有限公司 DoH server-based domain name query method, device, equipment and medium
CN113055359A (en) * 2021-02-25 2021-06-29 国网信息通信产业集团有限公司 IPv6 domain name data privacy protection method based on block chain and related equipment
CN113630761A (en) * 2021-08-17 2021-11-09 中国联合网络通信集团有限公司 Session management method and device and terminal
CN113630761B (en) * 2021-08-17 2022-07-15 中国联合网络通信集团有限公司 Session management method and device and terminal
CN113726563A (en) * 2021-08-20 2021-11-30 上海浦东发展银行股份有限公司 Block chain service access method and device, computer equipment and storage medium
CN113726563B (en) * 2021-08-20 2023-10-27 上海浦东发展银行股份有限公司 Block chain service access method, device, computer equipment and storage medium
CN114513489A (en) * 2022-01-11 2022-05-17 浪潮云信息技术股份公司 Method and system for realizing multi-CPU architecture domain name access container service
WO2024198419A1 (en) * 2023-03-27 2024-10-03 中国互联网络信息中心 Decentralized application access method and apparatus, electronic device and storage medium

Similar Documents

Publication Publication Date Title
CN109981814A (en) Domain name information inquiry method and system based on block chain network service node
CN107613041B (en) Domain name management system, domain name management method and domain name resolution method based on block chain
CN109819061B (en) Method, device and equipment for processing cloud service in cloud system
US9961110B2 (en) Systems and methods for pre-signing of DNSSEC enabled zones into record sets
CN110061838A (en) A kind of the decentralization storage system and its realization, information retrieval method of DNS resource record
CN109819068A (en) User terminal and its block chain domain name analytic method
CN108124502A (en) A kind of top level domain management method and system based on alliance's chain
CN109951482A (en) User terminal and its block chain domain name analytic method
US20030163737A1 (en) Simple secure login with multiple-authentication providers
CN109327481A (en) A kind of unified online authentication method and system of the whole network based on block chain
CN101193103B (en) A method and system for allocating and validating identity identifier
CN103078877B (en) Based on the user authentication of DNS and domain name access control method and system
CN109714447A (en) Domain name generation method and system based on block chain domain name system
CN104079683B (en) A kind of authoritative domain name server directly in response to domain name analytic method and system
JP2022530601A (en) How to replace identity certificates in blockchain networks, equipment, storage media and computer equipment
CN109951481A (en) Information processing method and system based on block chain network adjacent node
CN106936945B (en) Distributed domain name resolution method and device
CN115021989A (en) Mutual trust and mutual recognition method and system for industrial internet heterogeneous identification analysis system
CN106790296A (en) Domain name records verification method and device
CN101436936A (en) Access authentication method and system based on DHCP protocol
Fotiou et al. Enabling self-verifiable mutable content items in IPFS using Decentralized Identifiers
US8112535B2 (en) Securing a server in a dynamic addressing environment
Zhang et al. Blockchain‐Based DNS Root Zone Management Decentralization for Internet of Things
Tehrani et al. The missing piece: On namespace management in NDN and how DNSSEC might help
CN109819069A (en) The appraisal procedure and system of inquiry of the domain name service quality

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 100191 1107c, 11 / F, Xueyuan international building, 1 Zhichun Road, Haidian District, Beijing

Applicant after: IALLCHAIN Co.,Ltd.

Address before: 100043 5158, 5 floor, 11 Shixing street, Shijingshan District, Beijing.

Applicant before: IALLCHAIN Co.,Ltd.

WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20190705