CN118656838A - Digital business system management method, platform, equipment and medium of distributed system - Google Patents
Digital business system management method, platform, equipment and medium of distributed system Download PDFInfo
- Publication number
- CN118656838A CN118656838A CN202411134188.9A CN202411134188A CN118656838A CN 118656838 A CN118656838 A CN 118656838A CN 202411134188 A CN202411134188 A CN 202411134188A CN 118656838 A CN118656838 A CN 118656838A
- Authority
- CN
- China
- Prior art keywords
- digital service
- digital
- service
- trusted device
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000007726 management method Methods 0.000 title claims abstract description 29
- 208000033748 Device issues Diseases 0.000 claims abstract description 5
- 238000010586 diagram Methods 0.000 claims description 27
- 238000000034 method Methods 0.000 claims description 24
- 238000004590 computer program Methods 0.000 claims description 19
- 238000013507 mapping Methods 0.000 claims description 17
- 238000004891 communication Methods 0.000 claims description 10
- 230000001360 synchronised effect Effects 0.000 claims description 8
- 230000006870 function Effects 0.000 description 8
- 238000011161 development Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000007405 data analysis Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000003213 activating effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a digital service system management method, a platform, equipment and a medium of a distributed system, wherein a trusted device generation node is arranged on a blockchain to generate a dedicated trusted device for a user, and the trusted device issues a digital identity for the user; the trusted device responds to the digital service requirement sent by the user and generates a corresponding service closed-loop chain; the trusted device links the service closed loop chain to trigger the intelligent contract, so that the digital service nodes corresponding to the service closed loop chain cooperatively execute the digital service demands according to the intelligent contract to obtain an execution result and store the execution result on the digital service storage nodes; the blockchain responds to a read request of a user to read an execution result from the digital service storage node. The digital service system management method of the distributed system provided by the embodiment of the invention can break through the island phenomenon among the digital service nodes, realize cooperative operation, simplify the operation flow, improve the operation efficiency, legally authorize access and improve the safety of data.
Description
Technical Field
The present invention relates to the field of digital service management technologies, and in particular, to a method, a platform, an apparatus, and a medium for managing a digital service system in a distributed system.
Background
The digital service system is taken as exclusive digital service development space of natural persons, legal persons and institutions, is a basis for realizing digital services, but the digital service systems are mutually independent, cannot realize mutual communication and interaction, so that island phenomenon exists among different digital service systems, all digital services cannot be completely transacted at one time, and repeated operation is needed. In addition, the user identity attribute information required by each digital service is different, so that the user needs to submit the identity attribute information for multiple times according to different digital service requirements.
In order to ensure the safety of the digital service data, strict and complicated verification is generally required for the applicant, so that the development and operation of the digital service are complicated, the professional of operators is required to a certain extent, the operation efficiency is low, and the rapid development of the digital service cannot be satisfied.
Therefore, how to solve the island phenomenon existing between the existing digital service systems, and how to simplify the digital service operation flow and improve the digital service operation efficiency on the premise of ensuring the data security has become a technical problem to be solved by those skilled in the art.
Disclosure of Invention
The invention provides a digital service system management method, a platform, equipment and a medium of a distributed system, which are used for solving the technical problems of island phenomenon existing between the existing digital service systems, simplifying the operation flow of the digital service and improving the operation efficiency of the digital service on the premise of ensuring the data safety, realizing the collaborative operation among different digital service systems, completing a plurality of digital services at one time and realizing the safe and reliable operation data.
In a first aspect, the present invention provides a digital service system management method of a distributed architecture, the digital service system including a digital service node, a trusted device generation node, a digital service storage node, and an intelligent contract arranged on a blockchain, the method comprising:
The trusted device generation node responds to a trusted device generation request of a user, generates a dedicated trusted device for the user, and issues a corresponding digital identity for the user by the dedicated trusted device;
The exclusive trusted device responds to the digital service requirement sent by the user to generate a corresponding service closed-loop chain according to the digital service requirement; the service closed loop comprises all the digital service nodes related to the digital service requirement;
The trusted device links the service closed-loop chain and triggers the intelligent contract, so that the digital service nodes included in the service closed-loop chain cooperatively execute the digital service demands according to the intelligent contract to obtain an execution result and store the execution result on the digital service storage nodes based on the corresponding digital identity;
The blockchain responds to the read request of the user to read the execution result from the digital service storage node.
Preferably, the trusted device issues a corresponding digital identity for the user, including:
generating a corresponding public key and private key by an asymmetric cryptography algorithm built in the trusted device;
Generating a corresponding digital identity mark based on the identity attribute information of the user, carrying out hash operation on the digital identity mark to obtain a first hash fingerprint, establishing a corresponding mapping relation between the first hash fingerprint and the public key, and then uploading the corresponding mapping relation to the blockchain, wherein the identity attribute information comprises, but is not limited to, an identity card number, a business license and an ID under a characteristic environment.
Preferably, the exclusive trusted device responds to a digital service requirement sent by the user, so as to generate a corresponding service closed-loop chain according to the digital service requirement, and the exclusive trusted device comprises:
The exclusive trusted device identifies the received digital service requirement and the identity attribute information to determine whether to send the data to the user corresponding to the trusted device;
after the identification is passed, the exclusive trusted device analyzes the digital service requirements to obtain all the related digital service nodes of the digital service requirements;
reading corresponding digital service operation requirements from all the related digital service nodes, analyzing the digital service operation requirements, and generating a digital service operation tree structure diagram;
And establishing corresponding association relations among all the related digital service nodes according to the digital service operation tree structure diagram so as to generate a service closed-loop chain.
Preferably, the analyzing the digital service operation requirement to generate a digital service operation tree structure diagram includes:
If the digital service operation requirement of one of the related digital service nodes is: establishing a hierarchical association relationship between two related digital service nodes according to the execution result of the other related digital service node, wherein the hierarchical association relationship is executed by the two related digital service nodes successively;
If the digital service operation requirement of one of the related digital service nodes is: the corresponding digital service nodes can establish synchronous association relations with any other related digital service nodes without depending on the execution results of the other related digital service nodes, and the synchronous association relations are synchronously executed by the two related digital service nodes;
If the digital service operation requirement of one of the related digital service nodes is: and if the execution result of the digital service node and the execution result of the other related digital service node are displayed on the same interface, establishing a communication relation between the two related digital service nodes, wherein the communication relation is that the execution results of the two related digital service nodes are displayed on the same interface.
Preferably, the intelligent sum is about:
And the digital service nodes involved in the service closed-loop chain execute the digital service demands according to the digital service operation tree structure diagram.
Preferably, the obtaining the execution result and storing the execution result in the digital service storage node includes:
encrypting the execution result by adopting the public key to obtain an execution result ciphertext;
and establishing a mapping relation between the execution result ciphertext and the corresponding first hash fingerprint, and then storing the mapping relation on the digital service storage node.
Preferably, the blockchain is responsive to a read request of the user to read the execution result from the digital service storage node, including:
The blockchain receives a digital identity sent by the user through the trusted device and carries out hash operation to obtain a second hash fingerprint, the second hash fingerprint is compared with the first hash fingerprint stored on the blockchain, and after the comparison is passed, the execution result ciphertext corresponding to the first hash fingerprint is read from the blockchain;
and decrypting the execution result ciphertext by adopting the private key to obtain the execution result.
In a second aspect, the present invention further provides a digital service system management platform of a distributed system, to implement the above-mentioned digital service system management method of the distributed system, where the system includes: an identity certificate issuing unit, an identity certificate verifying unit and an entity digital certificate generating unit;
The trusted device generation unit is used for responding to a trusted device generation request of a user by the trusted device generation node, generating a dedicated trusted device for the user, and issuing a corresponding digital identity for the user by the dedicated trusted device;
The service closed-loop chain generation unit is used for responding to the digital service requirement sent by the user by the exclusive trusted device so as to generate a corresponding service closed-loop chain according to the digital service requirement; the service closed loop comprises all the digital service nodes related to the digital service requirement;
The digital service demand execution unit is used for the trusted device to uplink the service closed-loop chain and trigger the intelligent contract, so that the digital service node included in the service closed-loop chain cooperatively executes the digital service demand according to the intelligent contract to obtain an execution result and stores the execution result on the digital service storage node based on the corresponding digital identity;
the execution result reading unit is used for responding to the reading request of the user by the blockchain so as to read the execution result from the digital service storage node.
In a third aspect, the present invention also provides a computer device comprising a memory, a processor and a transceiver, connected by a bus; the memory is used for storing a set of computer program instructions and data and transmitting the stored data to the processor, and the processor executes the program instructions stored in the memory to execute the digital service system management method of the distributed architecture.
In a fourth aspect, the present invention further provides a computer readable storage medium, where a computer program is stored, where the computer program, when executed, implements the method for managing a digital service system of a distributed architecture as described above.
Compared with the prior art, the embodiment of the invention has the beneficial effects that at least one of the following steps is adopted:
(1) Issuing a digital identity for a user by generating a user-specific trusted device, verifying and controlling the user accessing the trusted device, and ensuring legal authorized access of a digital service system;
(2) The trusted device generates a corresponding service closed-loop chain according to the digital service demand so as to correlate the service flow of the digital service nodes related to the digital service demand, and each digital service node not only can independently complete the operation of the digital service, but also can carry out collaborative operation with other digital service nodes, thereby breaking through the island phenomenon existing among different digital service nodes;
(3) The trusted device links the service closed-loop chain to trigger the intelligent contract so as to cooperatively execute the digital service requirement, simplify the digital service operation flow and improve the digital service operation efficiency;
(4) Storing the execution result on the blockchain, and searching the execution result by taking the hash fingerprint as an address after the user completes authentication through the trusted device so as to ensure the safety of data.
Drawings
FIG. 1 is a schematic diagram of steps of a method for managing a distributed architecture digital service system according to a preferred embodiment of the present invention;
FIG. 2 is a schematic diagram of the steps of a method for issuing digital identity according to a preferred embodiment of the present invention;
FIG. 3 is a schematic diagram of steps of a service closed loop generation rule provided by a preferred embodiment of the present invention;
FIG. 4 is a schematic diagram of the steps of generating rules for a tree structure of a digital business job according to a preferred embodiment of the present invention;
FIG. 5 is a tree structure diagram of a digital business operation provided by a preferred embodiment of the present invention;
FIG. 6 is a schematic diagram of method steps for storing execution results on a digital service storage node according to a preferred embodiment of the present invention;
FIG. 7 is a schematic diagram of method steps for reading execution results from a digital service storage node on a blockchain in accordance with a preferred embodiment of the present invention;
FIG. 8 is a schematic diagram of a distributed architecture digital business system management platform according to a preferred embodiment of the present invention;
fig. 9 is a schematic diagram of a computer device according to a preferred embodiment of the present invention.
Detailed Description
The following examples are given for illustrative purposes only and are not to be construed as limiting the invention, as embodiments of the invention are specifically illustrated by the accompanying drawings, which are included by reference and description only, and do not limit the scope of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention. In the description of the present invention, the terms "first," "second," "third," and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first", "a second", "a third", etc. may explicitly or implicitly include one or more such feature. In the description of the present invention, unless otherwise indicated, the meaning of "a plurality" is two or more.
In the description of the present invention, it should be noted that, unless explicitly specified and limited otherwise, the terms "mounted," "connected," and "connected" are to be construed broadly, and may be either fixedly connected, detachably connected, or integrally connected, for example; can be mechanically or electrically connected; can be directly connected or indirectly connected through an intermediate medium, and can be communication between two elements. The terms "vertical," "horizontal," "left," "right," "upper," "lower," and the like are used herein for descriptive purposes only and not to indicate or imply that the apparatus or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and therefore should not be construed as limiting the invention. The term "and/or" as used herein includes any and all combinations of one or more of the associated listed items. The specific meaning of the above terms in the present invention will be understood in specific cases by those of ordinary skill in the art.
In the description of the present invention, it should be noted that all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs unless defined otherwise. The terminology used in the description of the present invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention, as the particular meaning of the terms described above in the present invention will be understood to those of ordinary skill in the art in the detailed description of the invention.
Referring to fig. 1, in an embodiment of the present invention, there is provided a digital service system management method of a distributed architecture, wherein the digital service system includes a digital service node, a trusted device generation node, a digital service storage node, and an intelligent contract arranged on a blockchain, the method including:
s1, the trusted device generation node responds to a trusted device generation request of a user, generates a dedicated trusted device for the user, and the dedicated trusted device issues a corresponding digital identity for the user.
S2, the trusted device responds to the digital service requirement sent by the user to generate a corresponding service closed-loop chain according to the digital service requirement; the service closed loop includes all the digital service nodes involved in the digital service requirement.
S3, the trusted device links the service closed-loop chain and triggers the intelligent contract, so that the digital service nodes included in the service closed-loop chain cooperatively execute the digital service demands according to the intelligent contract, an execution result is obtained, and the digital service demands are stored on the digital service storage nodes based on the corresponding digital identity.
S4, the blockchain responds to the reading request of the user so as to read the execution result from the digital service storage node.
The blockchain is a block chain type storage, non-tamperable, safe and reliable decentralized distributed account book, combines the technologies of distributed storage, point-to-point transmission, consensus mechanism, cryptography and the like, records transaction and information through continuously growing data block chains (Blocks), and ensures the safety and transparency of data. The digital service system provided in the preferred embodiment of the invention is constructed based on the blockchain technology, specifically, a mechanism, a unit, an enterprise and/or a person for providing digital service are arranged on a blockchain as digital service nodes, and distributed storage is adopted for storing digital service to form digital service storage nodes of the blockchain. A trusted device generation node is also disposed on the blockchain, and is primarily configured to generate and uplink the trusted device on the blockchain.
In the preferred embodiment of the invention, the trusted device is optionally but not limited to a single chip microcomputer or a smart card chip with functions of digital identity generation, coded lock function and data analysis and judgment, or a dedicated link for realizing the functions of digital identity generation, coded lock function and data analysis and judgment by means of terminal equipment. If the trusted device is a built-in singlechip or a smart card chip, the singlechip or the smart card chip is provided with a storage space, an algorithm and a program are built in the storage space, and the corresponding digital identity can be issued for a user by using the algorithm or the program, and the digital service requirement can be processed. If the link is the exclusive link, the link can enter an exclusive storage space, an algorithm and a program are also arranged in the storage space, and the algorithm or the program can be used for issuing corresponding digital identity marks for users and processing digital business requirements.
The storage space of the trusted device in the form of a single chip microcomputer or a smart card chip or the trusted device in the form of a dedicated link comprises a user space and a built-in space, and in terms of data access, a program in the built-in space can access data in the built-in space and data in the user space, and a program in the user space can only access data in the user space and cannot access data in the built-in space and the program. The user space stores basic information such as an identity card number, a business license, an ID under a specific environment and the like which are only applied to the user, and the identity attribute information can be maintained by the user. The built-in space stores and processes non-tamperable, non-eavesdroppable authentication key data, digital service operation requirements maintained by a non-tamperable digital service node, and non-compromised algorithms and programs. Specifically, the algorithm and the program in the built-in space of the trusted device in this embodiment include a digital identity credential issuing program, a service closed-loop chain generating program, an elliptic encryption algorithm for asymmetric encryption, a secure hash algorithm applicable to digital signature standards, and the like.
In the preferred embodiment of the invention, when a user applies for digital service, the user does not directly apply for the digital service node, but firstly sends a trusted device generation request to a trusted device generation node, and the trusted device generation node generates a dedicated trusted device for the user. In the present invention, a trusted device is taken as an exclusive link for illustration, and a user enters an exclusive storage space through the trusted link, and maintains identity attribute information, such as an identity card number, a business license, an ID under a specific environment, etc., in the storage space. Activating an identity credential issuance procedure to issue a corresponding digital identity for a user, as depicted in fig. 2, the trusted device issuing a corresponding digital identity for a user comprising the steps of:
s101, generating a corresponding public key and a private key by an asymmetric cryptography algorithm built in the trusted device.
An elliptic encryption algorithm of asymmetric encryption is employed in a global generation stage of a trusted device to generate a public key and a private key specific to the trusted device.
S102, generating a corresponding digital identity mark based on the identity attribute information of the user, carrying out hash operation on the digital identity mark to obtain a first hash fingerprint, establishing a corresponding mapping relation between the first hash fingerprint and the public key, and then uploading the first hash fingerprint to the blockchain, wherein the identity attribute information comprises, but is not limited to, an identity card number, a business license and an ID under a characteristic environment.
The identity attribute information of the user and the randomly generated character string form the digital identity of the user, and the randomly generated character string can be referred to a password generation mechanism, for example: an 8-bit string consisting of upper and lower case letters, numbers and special characters randomly. The digital identity is hashed to obtain a corresponding first hashed fingerprint, the digital identity is transmitted and stored in the form of hashed fingerprints, and the digital identity is addressed, so that the security of data transmission can be ensured, meanwhile, the comparison of the digital identity can be completed by comparing hashed fingerprints, and the efficiency of identity identification is improved.
Further, after the corresponding mapping relation between the first hash fingerprint and the public key is established, the first hash fingerprint and the public key are uplink in the blockchain and stored in the corresponding digital service storage node, and other nodes in the blockchain are synchronously stored.
In a preferred embodiment of the present invention, the trusted device acts as a bridge between the user and the blockchain, and generates a corresponding service closed-loop chain according to the digital service requirement when the digital service requirement sent by the user is received, as shown in fig. 3, and includes the following steps:
S201, the exclusive trusted device identifies the received digital service requirement and the digital identity to determine whether to send the digital identity to the user corresponding to the trusted device.
In a preferred embodiment of the invention, each user has a dedicated trusted device, and the user space within the trusted device stores identity attribute information of the user. The user sends the user's digital service requirements and identity attribute information to the trusted device to request a digital service job, based on which the trusted device can identify whether the request was sent by a user specific to the trusted device. And binding by adopting a one-to-one mapping relation between the trusted devices and the users so as to improve the access security of the trusted devices and ensure the legal authorized access of the digital service system.
S202, after the identification is passed, the exclusive trusted device analyzes the digital service requirements to obtain all the related digital service nodes of the digital service requirements.
In a preferred embodiment of the present invention, after the identification is passed, a service closed loop generation program of the trusted device is activated, and the digital service requirement is analyzed to obtain a digital service node involved in executing the digital service requirement. The digital service node involved in obtaining the digital service requirement can be realized by the following method: and establishing a digital service demand and digital service node mapping database to search the received digital service demand in the digital service demand and digital service node mapping database so as to obtain all the digital service nodes related to the digital service demand.
S203, reading the corresponding digital service operation requirements from all the related digital service nodes, analyzing the digital service operation requirements, and generating a digital service operation tree structure diagram.
In a preferred embodiment of the present invention, the trusted device queries the blockchain according to all the digital service nodes involved in the obtained digital service requirements, so as to read the digital service operation requirements corresponding to each digital service node from all the digital service nodes involved in the digital service requirements. The digital business operation requirements include at least: and whether the data needed by the digital service transaction is needed to be based on the execution results of other digital service nodes or not can be combined with the execution results of other digital service nodes or not. Analyzing the digital business operation to generate a tree structure diagram of the digital business operation, as shown in fig. 4, comprising the following steps:
S2031, if the digital service operation requirement of one of the digital service nodes involved is: and establishing a hierarchical association relation between the two related digital service nodes according to the execution result of the other related digital service node, wherein the hierarchical association relation is executed successively.
As shown in fig. 5, the execution of the digital service node B must be based on the execution result of the digital service node a, and a hierarchical association relationship is established between the digital service node a and the digital service node B, that is, the digital service node a executes first and then the digital service node B executes.
S2032, if the digital service operation requirement of one of the digital service nodes involved is: and the corresponding digital service nodes can establish synchronous association relations with any other related digital service nodes without depending on the execution results of the other related digital service nodes, and the synchronous association relations are synchronous execution.
As shown in fig. 5, the digital service node C and the digital service node D do not need to depend on the execution result of any other related digital service node, so that the execution sequence of the digital service node D of the digital service node C is not constrained, and a synchronous association relationship can be established with any other related digital service node, so as to be executed synchronously with any other related digital service node.
S2033, if the digital service operation requirement of one of the digital service nodes involved is: and if the execution result of the digital service node and the execution result of the other related digital service node are displayed on the same interface, establishing a communication relation between the two related digital service nodes, wherein the communication relation is that the execution results of the two related digital service nodes are displayed on the same interface.
As shown in fig. 5, the digital service node a and the digital service node B are in a hierarchical association relationship, and if the digital service node a and the digital service node B adopt the same execution form, it indicates that the execution result of the digital service node a and the digital service node B satisfies the condition of combined display, and the execution result can be displayed on the same interface, then a communication relationship is established between the digital service node a and the digital service node B. A broken line arrow different from a solid line arrow may be used in the digital service transaction tree structure to indicate that a connectivity relationship exists between two digital service nodes. If the execution result of the digital service node C and the digital service node D also meet the condition of combined display, the execution result can be displayed on the same interface, and then a communication relation is established between the digital service node C and the digital service node D.
The digital service nodes related to the digital service demands are related according to a certain execution sequence in the form of a digital service operation tree structure diagram to form a complete digital service execution closed-loop chain which is related to each other, so that the digital service is executed more efficiently.
S204, establishing corresponding association relations of all the related digital service nodes according to the digital service handling tree structure diagram so as to generate a service closed loop chain.
In the preferred embodiment of the invention, all the related digital service nodes are associated according to the digital service operation tree structure diagram to generate a service closed-loop chain, and all the digital services related to the digital service requirements can be sequentially executed according to the service closed-loop chain, so that the flow of executing the digital service is simplified, and the efficiency of executing the digital service is improved.
After the service closed-loop chain is generated, the trusted device uplinks the service closed-loop chain on the blockchain and triggers intelligent contracts arranged on the blockchain, so that digital service nodes corresponding to the service closed-loop chain cooperatively execute digital service requirements according to the intelligent contracts. In a preferred embodiment of the present invention, the smart contract is configured to: the digital service nodes involved in the service closed loop chain execute digital service requirements according to the digital service handling tree structure diagram. The digital business handling tree structure diagram is a complete flow diagram of digital business demand execution, so that the digital business service nodes involved in the service closed-loop chain can obtain the final execution result of the digital business demand only by executing relevant steps according to the digital business handling tree structure diagram.
In a preferred embodiment of the present invention, the final execution result is stored on the digital service storage node, as shown in fig. 6, comprising the steps of:
s301, encrypting the execution result by adopting the public key to obtain an execution result ciphertext.
S302, establishing a mapping relation between the execution result ciphertext and the corresponding first hash fingerprint, and then storing the mapping relation on the digital service storage node.
After the related digital service node executes the digital service requirement to obtain an execution result, encrypting the execution result according to the public key of the corresponding trusted device uplink stored on the blockchain to obtain an execution result ciphertext. And establishing a mapping relation between the execution result ciphertext and the corresponding first hash fingerprint, and storing the mapping relation on the digital service storage node. And the situation that the execution of the digital service requirement is completed is fed back to the user through the trusted device, and if the execution is completed, the execution is completed. If the user needs to download the execution result, the user needs to send a read request to the blockchain through a trusted device to read the execution result from the digital service storage node on the blockchain, as shown in fig. 7, and the method comprises the following steps:
S401, the blockchain receives a digital identity sent by the user through the trusted device and carries out hash operation to obtain a second hash fingerprint, the second hash fingerprint is compared with the first hash fingerprint stored on the blockchain, and after the comparison is passed, the execution result ciphertext corresponding to the first hash fingerprint is read from the blockchain.
S402, decrypting the execution result ciphertext by adopting the private key to obtain the execution result.
Because the execution of the digital service requirement often cannot feed back the execution result in real time, in order to avoid leakage of the execution result stored in the trusted device, the preferred embodiment of the present invention does not adopt a conventional manner of directly sending the execution result to the trusted device and returning the execution result to the user by the trusted device, but adopts a digital service storage node storing the execution result in the blockchain, and the user can download the execution result after the verification is completed. The user sends the digital identity to the blockchain through the trusted device, the blockchain carries out hash operation on the digital identity to obtain a corresponding second hash fingerprint, the first hash fingerprint stored on the blockchain is searched by the second hash fingerprint to read the execution result ciphertext mapped and stored with the first hash fingerprint, and the private key is stored in the trusted device exclusive to the user to decrypt the execution result ciphertext so as to obtain an execution result. And (3) for downloading the execution result, addressing by using the hash fingerprint, and decrypting by using a private key special for the user, so that the safety of the data is ensured.
In the preferred embodiment of the invention, the trusted device generation node is arranged on the blockchain and is used for responding to the trusted device generation request of the user to generate a special trusted device for the user, and the special trusted device can issue a digital identity for the user, so that the user accessing the trusted device can be authenticated and access controlled, and the legal authorized access of the digital service system is ensured. The trusted device responds to the digital service demands sent by the user, and generates a corresponding service closed-loop chain according to the digital service demands so as to correlate the service flow of the digital service nodes related to the digital service demands, and each digital service node not only can independently complete the operation of the digital service, but also can carry out cooperative operation with other digital service nodes, thereby breaking through the island phenomenon existing among different digital service nodes. The trusted device links the service closed loop chain to trigger the intelligent contract, so that the digital service nodes corresponding to the service closed loop chain cooperatively execute the digital service demands according to the intelligent contract, the digital service operation flow is simplified, and the digital service operation efficiency is improved. Storing the execution result on the blockchain, and searching the execution result by taking the hash fingerprint as an address after the user completes authentication through the trusted device so as to ensure the safety of data.
Correspondingly, as shown in fig. 8, based on a digital service system management method of a distributed system, the embodiment of the invention also provides a digital service system management platform of the distributed system, which implements the digital service system management method of the distributed system disclosed in the embodiment of the invention, and includes: the device comprises a trusted device generating unit 1, a service closed loop chain generating unit 2, a digital service demand executing unit 3 and an execution result reading unit 4;
The trusted device generating unit 1 is configured to generate an exclusive trusted device for a user in response to a trusted device generating request of the user by using the trusted device generating node, where the exclusive trusted device issues a corresponding digital identity for the user.
The service closed-loop chain generation unit 2 is configured to respond to the digital service requirement sent by the user by using the dedicated trusted device, so as to generate a corresponding service closed-loop chain according to the digital service requirement of the user; the service closed loop includes all the digital service nodes involved in the digital service requirement.
The digital service requirement executing unit 3 is configured to uplink the service closed-loop chain and trigger the intelligent contract by using the trusted device, so that the digital service node included in the service closed-loop chain cooperatively executes the digital service requirement according to the intelligent contract, and an execution result is obtained and stored on the digital service storage node based on the corresponding digital identity.
The execution result reading unit 4 is configured to respond to a reading request of the user by using the blockchain to read the execution result from the digital service storage node.
For specific limitations on a distributed architecture digital service system management platform, reference may be made to the above limitations on a distributed architecture digital service system management method, which are not repeated herein. Those of ordinary skill in the art will appreciate that the various modules and steps described in connection with the disclosed embodiments of the invention may be implemented in hardware, software, or a combination of both. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
As shown in fig. 9, a computer device provided in an embodiment of the present invention includes a processor, a memory, and a computer program stored in the memory and configured to be executed by the processor, where the processor implements steps in an embodiment of a blockchain-based entity digital credential generation method as described above, such as steps S1 to S4 described in fig. 1, when executing the computer program.
It will be appreciated by those skilled in the art that the schematic diagram 9 is merely an example of a computer device, and is not meant to be limiting, and may include more or fewer components than shown, or may combine certain components, or different components, e.g., the computer device may also include input and output devices, network access devices, buses, etc.
The Processor may be a central processing unit (Central Processing Unit, CPU), but may also be other general purpose processors, digital signal processors (DIGITAL SIGNAL Processor, DSP), application SPECIFIC INTEGRATED Circuit (ASIC), off-the-shelf Programmable gate array (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like that is a control center of the computer device, connecting various parts of the overall computer device using various interfaces and lines.
The memory may be used to store the computer program and/or modules, and the processor may implement various functions of the computer device by running or executing the computer program and/or modules stored in the memory, and invoking data stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program (such as a sound playing function, an image playing function, etc.) required for at least one function, and the like; the storage data area may store data (such as audio data, phonebook, etc.) created according to the use of the handset, etc. In addition, the memory may include high-speed random access memory, and may also include non-volatile memory, such as a hard disk, memory, plug-in hard disk, smart memory card (SMART MEDIA CARD, SMC), secure Digital (SD) card, flash memory card (FLASH CARD), at least one disk storage device, flash memory device, or other volatile solid-state storage device.
Wherein the computer device integrated modules may be stored in a computer readable storage medium if implemented in the form of software functional units and sold or used as a stand alone product. Based on such understanding, the present invention may implement all or part of the flow of the method of the above embodiment, or may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when the computer program is executed by a processor, the computer program may implement the steps of each of the method embodiments described above. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth.
Those skilled in the art will appreciate that implementing all or part of the above-described methods in accordance with the embodiments may be accomplished by way of a computer program stored on a computer readable storage medium, which when executed may comprise the steps of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a random-access Memory (Random Access Memory, RAM), or the like.
Accordingly, an embodiment of the present invention provides a computer readable storage medium, where the computer readable storage medium includes a stored computer program, and when the computer program runs, the device where the computer readable storage medium is controlled to execute steps in the blockchain-based entity digital certificate generation method of the embodiment, for example, steps S1 to S4 described in fig. 1.
The digital service system management method, platform, computer equipment and storage medium of the distributed system provided in the embodiment aim at the technical problems of island phenomenon existing between the existing digital service systems, and how to simplify the digital service operation flow and improve the digital service operation efficiency on the premise of ensuring the data security. The invention is used for responding to the trusted device generation request of the user by arranging the trusted device generation node on the blockchain, generating a special trusted device for the user, wherein the special trusted device can issue a digital identity for the user, and carrying out verification and access control on the user accessing the trusted device so as to ensure the legal authorized access of the digital service system. The trusted device responds to the digital service demands sent by the user, and generates a corresponding service closed-loop chain according to the digital service demands so as to correlate the service flow of the digital service nodes related to the digital service demands, and each digital service node not only can independently complete the operation of the digital service, but also can carry out cooperative operation with other digital service nodes, thereby breaking through the island phenomenon existing among different digital service nodes. The trusted device links the service closed loop chain to trigger the intelligent contract, so that the digital service nodes corresponding to the service closed loop chain cooperatively execute the digital service demands according to the intelligent contract, thereby simplifying the digital service operation flow and improving the digital service operation efficiency. Storing the execution result on the blockchain, and searching the execution result by taking the hash fingerprint as an address after the user completes authentication through the trusted device so as to ensure the safety of data.
The foregoing examples represent only a few preferred embodiments of the present invention, which are described in more detail and are not to be construed as limiting the scope of the invention. It should be noted that modifications and substitutions can be made by those skilled in the art without departing from the technical principles of the present invention, and such modifications and substitutions should also be considered to be within the scope of the present invention. Therefore, the protection scope of the patent of the invention is subject to the protection scope of the claims.
Claims (10)
1. A digital service system management method of a distributed architecture, wherein the digital service system comprises a digital service node, a trusted device generation node, a digital service storage node, and an intelligent contract arranged on a blockchain, the method comprising:
The trusted device generation node responds to a trusted device generation request of a user, generates a dedicated trusted device for the user, and issues a corresponding digital identity for the user by the dedicated trusted device;
The exclusive trusted device responds to the digital service requirement sent by the user to generate a corresponding service closed-loop chain according to the digital service requirement; the service closed loop comprises all the digital service nodes related to the digital service requirement;
The trusted device links the service closed-loop chain and triggers the intelligent contract, so that the digital service nodes included in the service closed-loop chain cooperatively execute the digital service demands according to the intelligent contract to obtain an execution result and store the execution result on the digital service storage nodes based on the corresponding digital identity;
The blockchain responds to the read request of the user to read the execution result from the digital service storage node.
2. The method for digital service system management of a distributed architecture according to claim 1, wherein said trusted device issues a corresponding digital identification to said user, comprising:
generating a corresponding public key and private key by an asymmetric cryptography algorithm built in the trusted device;
Generating a corresponding digital identity mark based on the identity attribute information of the user, carrying out hash operation on the digital identity mark to obtain a first hash fingerprint, establishing a corresponding mapping relation between the first hash fingerprint and the public key, and then uploading the corresponding mapping relation to the blockchain, wherein the identity attribute information comprises, but is not limited to, an identity card number, a business license and an ID under a characteristic environment.
3. The method for digital service system management of a distributed architecture as recited in claim 2, wherein,
The exclusive trusted device responds to the digital service requirement sent by the user to generate a corresponding service closed-loop chain according to the digital service requirement, and the exclusive trusted device comprises:
The exclusive trusted device identifies the received digital service requirement and the identity attribute information to determine whether to send the data to the user corresponding to the trusted device;
after the identification is passed, the exclusive trusted device analyzes the digital service requirements to obtain all the related digital service nodes of the digital service requirements;
reading corresponding digital service operation requirements from all the related digital service nodes, analyzing the digital service operation requirements, and generating a digital service operation tree structure diagram;
And establishing corresponding association relations among all the related digital service nodes according to the digital service operation tree structure diagram so as to generate a service closed-loop chain.
4. The method for digital service system management of a distributed architecture according to claim 3,
The step of analyzing the digital business operation requirement to generate a digital business operation tree structure diagram comprises the following steps:
If the digital service operation requirement of one of the related digital service nodes is: establishing a hierarchical association relationship between two related digital service nodes according to the execution result of the other related digital service node, wherein the hierarchical association relationship is executed by the two related digital service nodes successively;
If the digital service operation requirement of one of the related digital service nodes is: the corresponding digital service nodes can establish synchronous association relations with any other related digital service nodes without depending on the execution results of the other related digital service nodes, and the synchronous association relations are synchronously executed by the two related digital service nodes;
If the digital service operation requirement of one of the related digital service nodes is: and if the execution result of the digital service node and the execution result of the other related digital service node are displayed on the same interface, establishing a communication relation between the two related digital service nodes, wherein the communication relation is that the execution results of the two related digital service nodes are displayed on the same interface.
5. The method for digital service system management of a distributed architecture according to claim 3,
The intelligent combination is about:
And the digital service nodes involved in the service closed-loop chain execute the digital service demands according to the digital service operation tree structure diagram.
6. The distributed architecture digital service system management method according to claim 2, wherein the obtaining the execution result and storing in the digital service storage node comprises:
encrypting the execution result by adopting the public key to obtain an execution result ciphertext;
and establishing a mapping relation between the execution result ciphertext and the corresponding first hash fingerprint, and then storing the mapping relation on the digital service storage node.
7. The method for digital business system management of distributed architecture according to claim 6, wherein,
The blockchain responding to the read request of the user to read the execution result from the digital service storage node, comprising:
The blockchain receives a digital identity sent by the user through the trusted device and carries out hash operation to obtain a second hash fingerprint, the second hash fingerprint is compared with the first hash fingerprint stored on the blockchain, and after the comparison is passed, the execution result ciphertext corresponding to the first hash fingerprint is read from the blockchain;
and decrypting the execution result ciphertext by adopting the private key to obtain the execution result.
8. A digital service system management platform of a distributed architecture, implementing the digital service system management method of a distributed architecture according to any one of claims 1-7, comprising: the system comprises a trusted device generating unit, a service closed loop chain generating unit, a digital service demand executing unit and an execution result reading unit;
The trusted device generation unit is used for responding to a trusted device generation request of a user by the trusted device generation node, generating a dedicated trusted device for the user, and issuing a corresponding digital identity for the user by the dedicated trusted device;
The service closed-loop chain generation unit is used for responding to the digital service requirement sent by the user by the exclusive trusted device so as to generate a corresponding service closed-loop chain according to the digital service requirement; the service closed loop comprises all the digital service nodes related to the digital service requirement;
The digital service demand execution unit is used for the trusted device to uplink the service closed-loop chain and trigger the intelligent contract, so that the digital service node included in the service closed-loop chain cooperatively executes the digital service demand according to the intelligent contract to obtain an execution result and stores the execution result on the digital service storage node based on the corresponding digital identity;
the execution result reading unit is used for responding to the reading request of the user by the blockchain so as to read the execution result from the digital service storage node.
9. A computer device, characterized by: the computer device comprises a memory, a processor and a transceiver, which are connected through a bus; the memory is used to store a set of computer program instructions and data and to transfer the stored data to the processor, which executes the program instructions stored in the memory to perform the digital service system management method of the distributed architecture as claimed in any one of claims 1 to 7.
10. A computer-readable storage medium, characterized by: the computer readable storage medium has stored therein a computer program which, when executed, implements the digital service system management method of the distributed architecture as claimed in any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202411134188.9A CN118656838B (en) | 2024-08-19 | 2024-08-19 | Digital business system management method, platform, equipment and medium of distributed system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202411134188.9A CN118656838B (en) | 2024-08-19 | 2024-08-19 | Digital business system management method, platform, equipment and medium of distributed system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN118656838A true CN118656838A (en) | 2024-09-17 |
| CN118656838B CN118656838B (en) | 2024-10-29 |
Family
ID=92699321
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202411134188.9A Active CN118656838B (en) | 2024-08-19 | 2024-08-19 | Digital business system management method, platform, equipment and medium of distributed system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118656838B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113450113A (en) * | 2021-06-28 | 2021-09-28 | 上海计算机软件技术开发中心 | Cross-chain interaction intelligent contract interaction model and collaborative execution system |
| CN113554421A (en) * | 2021-09-14 | 2021-10-26 | 南京烽火星空通信发展有限公司 | Police affair resource data governance cooperation method based on block chain |
| CN114254269A (en) * | 2021-12-24 | 2022-03-29 | 北京航空航天大学云南创新研究院 | System and method for determining rights of biological digital assets based on block chain technology |
| CN115510154A (en) * | 2022-09-22 | 2022-12-23 | 金蝶软件(中国)有限公司 | Block chain-based evidence storage data generation method and device and computer equipment |
| CN116996331A (en) * | 2023-09-27 | 2023-11-03 | 腾讯科技(深圳)有限公司 | Block chain-based data processing method, device, equipment and medium |
| WO2024093593A1 (en) * | 2022-11-02 | 2024-05-10 | 腾讯科技(深圳)有限公司 | Multi-blockchain-based data processing method and apparatus, and electronic device, computer-readable storage medium and computer program product |
| CN118013559A (en) * | 2024-04-09 | 2024-05-10 | 南京邮电大学 | Seal data encryption security system based on blockchain data user character model |
-
2024
- 2024-08-19 CN CN202411134188.9A patent/CN118656838B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113450113A (en) * | 2021-06-28 | 2021-09-28 | 上海计算机软件技术开发中心 | Cross-chain interaction intelligent contract interaction model and collaborative execution system |
| CN113554421A (en) * | 2021-09-14 | 2021-10-26 | 南京烽火星空通信发展有限公司 | Police affair resource data governance cooperation method based on block chain |
| CN114254269A (en) * | 2021-12-24 | 2022-03-29 | 北京航空航天大学云南创新研究院 | System and method for determining rights of biological digital assets based on block chain technology |
| CN115510154A (en) * | 2022-09-22 | 2022-12-23 | 金蝶软件(中国)有限公司 | Block chain-based evidence storage data generation method and device and computer equipment |
| WO2024093593A1 (en) * | 2022-11-02 | 2024-05-10 | 腾讯科技(深圳)有限公司 | Multi-blockchain-based data processing method and apparatus, and electronic device, computer-readable storage medium and computer program product |
| CN116996331A (en) * | 2023-09-27 | 2023-11-03 | 腾讯科技(深圳)有限公司 | Block chain-based data processing method, device, equipment and medium |
| CN118013559A (en) * | 2024-04-09 | 2024-05-10 | 南京邮电大学 | Seal data encryption security system based on blockchain data user character model |
Also Published As
| Publication number | Publication date |
|---|---|
| CN118656838B (en) | 2024-10-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109951489B (en) | Digital identity authentication method, equipment, device, system and storage medium | |
| CN109862041B (en) | Digital identity authentication method, equipment, device, system and storage medium | |
| CN109150548B (en) | Digital certificate signing and signature checking method and system and digital certificate system | |
| CN108989346B (en) | Third-party valid identity escrow agile authentication access method based on account hiding | |
| CN111787530B (en) | Block chain digital identity management method based on SIM card | |
| CN109274652B (en) | Identity information verification system, method and device and computer storage medium | |
| WO2020073513A1 (en) | Blockchain-based user authentication method and terminal device | |
| KR20210040078A (en) | Systems and methods for safe storage services | |
| US9698974B2 (en) | Method for creating asymmetrical cryptographic key pairs | |
| CN110383757A (en) | System and method for safe handling electronic identity | |
| CA2914956C (en) | System and method for encryption | |
| WO2006075917A2 (en) | Security code production method and methods of using the same, and programmable device therefor | |
| JP2009510644A (en) | Method and configuration for secure authentication | |
| WO2021190197A1 (en) | Method and apparatus for authenticating biometric payment device, computer device and storage medium | |
| CN113438088A (en) | Social network credit monitoring method and device based on block chain distributed identity | |
| JP2000222362A (en) | Method and device for realizing multiple security check point | |
| CN110675253A (en) | Block chain-based exclusive digital asset trusted keeping and transferring device and method | |
| CN109981287A (en) | A kind of code signature method and its storage medium | |
| CN112232814A (en) | Encryption and decryption method of payment key, payment authentication method and terminal equipment | |
| CN110135175A (en) | Information processing, acquisition methods, device, equipment and medium based on block chain | |
| CN109660534A (en) | Safety certifying method, device, electronic equipment and storage medium based on more trade companies | |
| KR102396824B1 (en) | Blockchain-based identity system | |
| CN113434882A (en) | Communication protection method and device of application program, computer equipment and storage medium | |
| US20220191034A1 (en) | Technologies for trust protocol with immutable chain storage and invocation tracking | |
| CN113315624A (en) | Data security management method and system based on multipoint cooperation mechanism |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |