WO2018076763A1 - Method and system for transaction on block chain, electronic device, and storage medium - Google Patents
Method and system for transaction on block chain, electronic device, and storage medium Download PDFInfo
- Publication number
- WO2018076763A1 WO2018076763A1 PCT/CN2017/091253 CN2017091253W WO2018076763A1 WO 2018076763 A1 WO2018076763 A1 WO 2018076763A1 CN 2017091253 W CN2017091253 W CN 2017091253W WO 2018076763 A1 WO2018076763 A1 WO 2018076763A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- certificate
- transaction
- blockchain
- revocation list
- certificate information
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
Definitions
- the present invention relates to the field of blockchain technology, and in particular, to a method, system, electronic device and computer readable storage medium for transaction on a blockchain.
- APIs application programming interfaces
- One of the mainstream solutions is to write user rights in a digital certificate that has been certified by a Certification Authority (CA) and then send it to the user.
- CA Certification Authority
- a user wants to initiate a transaction for a smart contract the user will send the signed transaction and certificate together to the smart contract, and the smart contract will check the permissions on the certificate to decide whether to continue running.
- the revocation list of certificates is stored in a central control system, if the nodes on the blockchain are to verify whether a certificate is verified.
- Have authority the purpose of verifying the certificate is to determine whether to permit the execution of a transaction
- the node on the blockchain must check from the CA through a trusted mechanism whether the certificate is revoked, which makes each transaction happen, It is necessary to obtain the latest certificate revocation list through the central control system to determine whether the transaction related party has the right to trade, which makes the transaction operation cumbersome and the system overhead.
- the present invention provides a method for trading on a blockchain, and the method for trading on the blockchain includes:
- the blockchain synchronizes the certificate revocation list to each node of the blockchain;
- the present invention also provides a system for trading on a blockchain, the system for trading on the blockchain comprising:
- a synchronization module configured to: after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;
- a transaction module configured to access a privilege revocation system on the blockchain after the smart contract on the node receives a transaction request carrying a transaction parameter, based on the privilege revocation system, the transaction parameter, and the node
- the certificate revocation list on the verification verifies the authority of the transaction request, and responds or refuses to respond to the transaction request according to the verification result.
- the present invention also provides an electronic device including a memory and a processor coupled to the memory, wherein the memory stores a blockchain transaction operable on the processor
- the system when the system on the blockchain transaction is executed by the processor, implements the following steps:
- the blockchain synchronizes the certificate revocation list to each node of the blockchain;
- the present invention also provides a computer readable storage medium having stored on a blockchain transaction system, the system of transactions on the blockchain being implemented by a processor The following steps:
- the blockchain synchronizes the certificate revocation list to each node of the blockchain;
- the blockchain synchronizes it to each node of the blockchain, that is, the certificate revocation list is directly stored in the blockchain, when the smart contract is received.
- the certificate revocation list can be obtained in real time directly on the blockchain, and the transaction parameters and the certificate revocation list carried in the transaction request are verified according to the accessed authority revocation system, and the permission of the transaction request is verified.
- the trusted mechanism queries the transaction authority of the transaction from the CA, making the transaction operation simple and quick, and reducing system overhead.
- FIG. 1 is a schematic diagram of an optional application environment according to various embodiments of the present invention.
- FIG. 2 is a schematic flow chart of an embodiment of a method for transaction on a blockchain according to the present invention
- FIG. 3 is a schematic diagram showing the refinement process of step S2 shown in FIG. 2;
- step S24 is a schematic diagram of a refinement process of step S24 shown in FIG. 3;
- FIG. 5 is a schematic structural diagram of an embodiment of a system for transaction on a blockchain according to the present invention.
- FIG. 1 is a schematic diagram of an optional application environment according to various embodiments of the present invention.
- the application environment diagram includes an electronic device 1 and a terminal device 2 .
- the electronic device 1 can perform data interaction with the terminal device 2 through a suitable technology such as a network or a near field communication technology.
- the terminal device 2 includes, but is not limited to, any electronic product that can interact with a user through a keyboard, a mouse, a remote controller, a touch panel, or a voice control device, for example, a personal computer, a tablet computer, or a smart phone.
- PDA Personal Digital Assistant
- game consoles Internet Protocol Television (IPTV)
- IPTV Internet Protocol Television
- smart wearable devices navigation devices, etc.
- mobile devices such as digital TVs, desktop computers, Fixed terminal for notebooks, servers, etc.
- the electronic device 1 is an apparatus capable of automatically performing numerical calculation and/or information processing in accordance with an instruction set or stored in advance.
- the electronic device 1 may be a computer, a single network server, a server group composed of multiple network servers, or a cloud-based cloud composed of a large number of hosts or network servers, where cloud computing is a type of distributed computing.
- a super virtual computer consisting of a group of loosely coupled computers.
- the electronic device 1 may include, but is not limited to, a memory 11, a processor 12 and a network interface 13 communicably connected to each other through a system bus, and the memory 11 stores a blockchain operable on the processor 12.
- the system of trading It should be noted that FIG. 1 only shows the electronic device 1 having the components 11-13, but it should be understood that not all illustrated components are required to be implemented, and more or fewer components may be implemented instead.
- the storage device 11 includes a memory and at least one type of readable storage medium.
- the memory provides a cache for the operation of the electronic device 1;
- the readable storage medium may be, for example, a flash memory, a hard disk, a multimedia card, a card type memory (eg, SD or DX memory, etc.), a random access memory (RAM), a static random access memory (SRAM).
- a non-volatile storage medium such as a read only memory (ROM), an electrically erasable programmable read only memory (EEPROM), a programmable read only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, or the like.
- the readable storage medium may be an internal storage unit of the electronic device 1, such as a hard disk of the electronic device 1; in other embodiments, the non-volatile storage medium may also be external to the electronic device 1.
- a storage device such as a plug-in hard disk equipped with an electronic device 1, a smart memory card (SMC), a Secure Digital (SD) card, a flash card, or the like.
- the readable storage medium of the storage device 11 is generally used to store an operating system installed in the electronic device 1 and various types of application software, such as a program code of a system for transaction on a blockchain in an embodiment of the present invention. . Further, the storage device 11 can also be used to temporarily store various types of data that have been output or are to be output.
- the processor 12 may be a Central Processing Unit (CPU), controller, microcontroller, microprocessor, or other data processing chip in some embodiments.
- CPU Central Processing Unit
- the device 12 is generally used to control the overall operation of the electronic device 1, for example, performing control and processing related to data interaction or communication with the terminal device 2.
- the processor 12 is configured to run program code or process data stored in the memory 11, such as a system running a transaction on a blockchain.
- the network interface 13 may comprise a wireless network interface or a wired network interface, which is typically used to establish a communication connection between the electronic device 1 and other electronic devices.
- the network interface 13 is mainly used to connect the electronic device 1 with one or more terminal devices 2, and establish a data transmission channel and a communication connection between the electronic device 1 and one or more terminal devices 2.
- the block chain transaction system is stored in the memory 11 and includes at least one computer readable instruction stored in the memory 11, the at least one computer readable instruction being executable by the processor 12 to implement various embodiments of the present invention
- the method of trading on the blockchain; as described later, the at least one computer readable instruction can be classified into different logic modules depending on the functions implemented by the various parts thereof.
- the system on the blockchain transaction is implemented by the processor 12: after the certificate revocation list is released to the blockchain, the blockchain synchronizes it to each node of the blockchain, that is, the certificate revocation list is directly stored in In the blockchain, when the smart contract receives the transaction request, the certificate revocation list can be obtained in real time directly on the blockchain, and the transaction request and the certificate revocation list carried in the transaction request are revoked according to the accessed authority.
- the authority to verify does not need to query the transaction authority from the CA through a trusted mechanism, making the transaction operation simple and fast, reducing system overhead.
- FIG. 2 is a schematic flowchart of an embodiment of a method for transaction on a blockchain according to the present invention.
- the method for transaction on the blockchain is applied to an electronic device, and includes the following steps:
- Step S1 after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;
- Blockchain is composed of a series of data blocks generated by cryptography. Each block contains the hash of the previous block, starting from the genesis block. To the current block, form a blockchain.
- the blockchain is also a distributed database system involving nodes. It is essentially a decentralized database book that records all transaction records. Take the bitcoin blockchain as an example.
- Each participating trader is a block network. Nodes, each node has a complete public account book backup that records all transaction information since the birth of Bitcoin. Any node initiated transaction behavior needs to pass relevant information to each node in the block network, so that the books on all nodes can verify the transaction behavior and update accurately.
- the books are stored in partition blocks. As the transaction increases, new data blocks are attached to the existing chains to form a chain structure.
- the blockchain can use its peer-to-peer (P2P) network and consensus algorithm to synchronize the certificate revocation list to each node of the blockchain.
- P2P peer-to-peer
- the certificate revocation list is spread to each node of the blockchain.
- the certificate revocation list contains the information of the revoked certificate revoked by the certificate authority and the revoked certificate information that has not been revoked. If the certificate information has been revoked, there is no right to execute the corresponding smart contract, that is, there is no permission to conduct the transaction. If the certificate information has not been revoked, that is, in the certificate revocation list Without the certificate information, there is permission to execute the corresponding smart contract, that is, the right to conduct the transaction.
- the revoked certificate information in the certificate revocation list may change.
- the certificate authority will issue an updated certificate revocation list to the blockchain, and the blockchain will replace the stored certificate revocation list with the update.
- the subsequent certificate revocation list or change the stored certificate revocation list based on the updated certificate revocation list.
- Step S2 after the smart contract on the node receives the transaction request carrying the transaction parameter, accessing the authority revocation system on the blockchain, based on the authority revocation system, the transaction parameter, and the node
- the certificate revocation list verifies the authority of the transaction request, and responds or refuses to respond to the transaction request according to the verification result.
- each node on the blockchain stores a smart contract on the running blockchain.
- a smart contract is a set of promises defined in digital form, including the contract participants can implement these commitments on them. Agreement.
- a transaction request carrying a transaction parameter is transmitted to a node of the blockchain, the transaction parameter is recorded on the transaction record corresponding to the node and simultaneously transmitted to the smart contract corresponding to the transaction parameter to run, and The code on the smart contract corresponding to the transaction parameter updates the smart contract's own data.
- the transaction parameters include certificate information and corresponding certificate authority, and the certificate information includes a certificate authority, a certificate serial number, a certificate validity period, and a certificate owner user information.
- the system revokes the system by accessing the authority on the blockchain to obtain the certificate information and the corresponding certificate authority in the transaction parameter, but the transaction parameter may have the certificate authority. It is also possible that there is no certificate authority.
- the privilege revocation system is used to handle related privilege issues, such as the privilege revocation system can perform parsing of transaction parameters.
- verifying the authority of the transaction request if the certificate information and the certificate authority can be obtained from the transaction parameter, the certificate information is compared with the revoked certificate information in the certificate revocation list on the node corresponding to the smart contract, Verify that the certificate information is the revoked certificate information. If the certificate information is the revoked certificate information, the transaction request has no permission to conduct the transaction. If the certificate information is not the revoked certificate information, the transaction request has the right to conduct the transaction.
- the blockchain synchronizes it to each node of the blockchain, that is, the certificate revocation list is directly stored in the blockchain, when the smart contract is
- the certificate revocation list can be obtained in real time directly from the blockchain, and the transaction request and the certificate revocation list carried in the transaction request are verified according to the accessed authority revocation system, and the permission of the transaction request is verified.
- the authority of the transaction is queried from the CA through a trusted mechanism, which makes the transaction operation simple and quick, and reduces system overhead.
- the foregoing step S2 further includes:
- the authorization revocation system on the blockchain chain may be accessed through the predetermined address to request the transaction.
- the permission is verified.
- the transaction revocation system analyzes the transaction parameters. If the certificate information is parsed but the certificate authority is not resolved, the transaction request is If there is no permission to conduct the transaction, the smart contract rejects the transaction request; if the certificate information and the certificate authority are obtained, the certificate information is further analyzed whether the certificate information belongs to the revoked certificate information in the certificate revocation list.
- the certificate information and the certificate revocation list may be The revoked certificate information is compared one by one to determine whether the certificate information belongs to the revoked certificate information in the revocation list. If the certificate information belongs to the revoked certificate information in the certificate revocation list, the transaction request has no permission to conduct the transaction, and the smart contract refuses to respond to the transaction request; if the certificate information does not belong to the revoked certificate information in the certificate revocation list, the transaction request Have permission to trade, smart contract responds to the transaction request.
- the transaction request has no permission to conduct the transaction.
- the authority revocation system when verifying the authority of the transaction request, by accessing the authority revocation system on the blockchain, the authority revocation system parses the transaction parameters, and when analyzing the certificate information and the certificate authority, analyzes whether the certificate information belongs to The certificate revocation information in the certificate revocation list is used to verify the authority of the transaction request, which can improve the transaction data processing rate.
- the certificate revocation list may also record information about whether the sub-rights corresponding to the unrevoked certificate information are revoked.
- the step S24 may further include the following steps:
- Step S241 Compare each sub-rights corresponding to the unrevoked certificate information with the certificate authority corresponding to each unrevoked certificate information in the certificate revocation list, and determine whether the sub-rights have been revoked. If yes, go to step S242, otherwise, go to step S243.
- Step S242 responding to the transaction request.
- Step S243 refusing to respond to the transaction request.
- the information in the certificate revocation list records whether the sub-rights corresponding to the unrevoked certificate information are revoked, that is, the information that the sub-rights have been revoked or not revoked is recorded.
- a certificate information corresponds to multiple sub-rights.
- the embodiment records in the certificate revocation list. If the certificate information is not revoked, if the certificate information is not revoked, the license rights corresponding to the revoked certificate information in the certificate revocation list are further respectively performed. Compare, if there is decentralization If the limit is not revoked, the transaction request is responded to, and if the rights are revoked, the transaction request is refused.
- FIG. 5 is a schematic structural diagram of an embodiment of a system for transaction on a blockchain according to the present invention.
- the system for trading on the blockchain can be divided into multiple functional modules according to different functions, including:
- the synchronization module 101 is configured to: after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;
- Blockchain is composed of a series of data blocks generated by cryptography. Each block contains the hash of the previous block, starting from the genesis block. To the current block, form a blockchain.
- the blockchain is also a distributed database system involving nodes. It is essentially a decentralized database book that records all transaction records. Take the bitcoin blockchain as an example.
- Each participating trader is a block network. Nodes, each node has a complete public account book backup that records all transaction information since the birth of Bitcoin. Any node initiated transaction behavior needs to pass relevant information to each node in the block network, so that the books on all nodes can verify the transaction behavior and update accurately.
- the books are stored in partition blocks. As the transaction increases, new data blocks are attached to the existing chains to form a chain structure.
- the blockchain can use its peer-to-peer (P2P) network and consensus algorithm to synchronize the certificate revocation list to each node of the blockchain.
- P2P peer-to-peer
- the certificate revocation list is spread to each node of the blockchain.
- the certificate revocation list contains the information of the revoked certificate revoked by the certificate authority and the revoked certificate information that has not been revoked. If the certificate information has been revoked, there is no right to execute the corresponding smart contract, that is, there is no permission to conduct the transaction. If the certificate information is not revoked, that is, the certificate information is not in the certificate revocation list, then the corresponding smart contract is authorized to execute, that is, the transaction is authorized.
- the revoked certificate information in the certificate revocation list may change.
- the certificate authority will issue an updated certificate revocation list to the blockchain, and the blockchain will replace the stored certificate revocation list with the update.
- the subsequent certificate revocation list or change the stored certificate revocation list based on the updated certificate revocation list.
- the transaction module 102 is configured to, after the smart contract on the node receives the transaction request carrying the transaction parameter, access the authorization revocation system on the blockchain, based on the authorization revocation system, the transaction parameter, and the The certificate revocation list on the node verifies the authority of the transaction request, and responds or refuses to respond to the transaction request according to the verification result.
- each node on the blockchain stores a smart contract on the running blockchain.
- a smart contract is a set of promises defined in digital form, including the contract participants can implement these commitments on them. Agreement.
- a transaction request carrying a transaction parameter is transmitted to a node of the blockchain, the transaction parameter is recorded on the transaction record corresponding to the node and simultaneously transmitted to the smart contract corresponding to the transaction parameter to run, and The code on the smart contract corresponding to the transaction parameter updates the smart contract's own data.
- the transaction parameters include certificate information and corresponding certificate authority, and the certificate information includes a certificate authority, a certificate serial number, a certificate validity period, and a certificate owner user information.
- the system After the smart contract on the node receives the transaction request carrying the transaction parameter, the system revokes the system by accessing the authority on the blockchain to obtain the certificate information and the corresponding certificate authority in the transaction parameter, but the transaction parameter may have the certificate authority. It is also possible that there is no certificate authority, and the authority revocation system is used to handle related authority matters, for example, the authority revocation system can perform parsing of transaction parameters.
- the certificate information is compared with the revoked certificate information in the certificate revocation list on the node corresponding to the smart contract, Verify that the certificate information is the revoked certificate information. If the certificate information is the revoked certificate information, the transaction request has no permission to conduct the transaction. If the certificate information is not the revoked certificate information, the transaction request has the right to conduct the transaction.
- the transaction module 102 further includes:
- An access unit configured to parse the transaction parameter by using the authorization revocation system
- a verification unit configured to analyze whether the certificate information belongs to the revoked certificate information in the certificate revocation list when the certificate information and the certificate authority are obtained, to verify the authority of the transaction request;
- a first processing unit configured to refuse to respond to the transaction request if the certificate information belongs to the revoked certificate information in the certificate revocation list
- a second processing unit configured to respond to the transaction request if the certificate information belongs to the revoked certificate information in the certificate revocation list.
- the authorization revocation system on the blockchain chain may be accessed through the predetermined address to request the transaction.
- the permission is verified.
- the transaction revocation system analyzes the transaction parameters. If the certificate information is parsed but the certificate authority is not resolved, the transaction request is If there is no permission to conduct the transaction, the smart contract rejects the transaction request; if the certificate information and the certificate authority are obtained, the certificate information is further analyzed whether the certificate information belongs to the revoked certificate information in the certificate revocation list.
- the certificate information and the certificate revocation list may be The revoked certificate information is compared one by one to determine whether the certificate information belongs to the revoked certificate information in the revocation list. If the certificate information belongs to the revoked certificate information in the certificate revocation list, the transaction request has no permission to conduct the transaction, and the smart contract refuses to respond to the transaction request; if the certificate information does not belong to the revoked certificate information in the certificate revocation list, the transaction request Have permission to trade, smart contract responds to the transaction request.
- the transaction request has no permission to conduct the transaction.
- the authority revocation system when verifying the authority of the transaction request, by accessing the authority revocation system on the blockchain, the authority revocation system parses the transaction parameters, and when analyzing the certificate information and the certificate authority, analyzes whether the certificate information belongs to The certificate revocation information in the certificate revocation list is used to verify the authority of the transaction request, which can improve the transaction data processing rate.
- the certificate revocation list further records information about whether the sub-rights corresponding to the unrevoked certificate information are revoked, and if the certificate information belongs to the unrevoked certificate information,
- the second processing unit includes:
- the comparison sub-unit is configured to compare each sub-rights corresponding to the unrevoked certificate information with the certificate authority corresponding to each unrevoked certificate information in the certificate revocation list;
- a third processing sub-unit configured to respond to the transaction request if the sub-rights are not revoked
- the fourth processing sub-unit is configured to refuse to respond to the transaction request if each of the sub-rights has been revoked.
- a certificate information corresponds to multiple sub-rights.
- the embodiment records in the certificate revocation list. If the certificate information is not revoked, if the certificate information is not revoked, the license rights corresponding to the revoked certificate information in the certificate revocation list are further respectively performed. If the sub-rights are not revoked, the transaction request is responded to, and if the sub-rights are revoked, the transaction request is rejected.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Economics (AREA)
- Physics & Mathematics (AREA)
- Development Economics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- Technology Law (AREA)
- Signal Processing (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Computer And Data Communications (AREA)
- Storage Device Security (AREA)
Abstract
A method and system for transaction on a block chain, an electronic device, and a computer readable storage medium. The method for transaction on a block chain comprises: after a certificate authority (CA) issues a certificate revocation list to a block chain, the block chain synchronizes the certificate revocation list to each node of the block chain (S1); after an intelligent contract on the node receives a transaction request carrying a transaction parameter, access a permission revocation system on the block chain, verify the permission of the transaction request according to the permission revocation system, the transaction parameter, and the certificate revocation list on the node, and respond to or refuse to respond to the transaction request according to the verification result (S2). According to the method, when transaction is carried out on a block chain, a certificate revocation list can be directly obtained on the block chain in real time without the need to inquire the transaction permission from a CA by means of a credible mechanism, so that the transaction operation becomes simple, convenient and rapid and the system costs are lowered.
Description
优先权申明Priority claim
本申请基于巴黎公约申明享有2016年10月27日递交的申请号为CN201610968783.1、名称为“区块链上交易的方法及装置”中国专利申请的优先权,该中国专利申请的整体内容以参考的方式结合在本申请中。This application is based on the Paris Convention's priority to apply for the Chinese patent application filed on October 27, 2016, with the application number CN201610968783.1, entitled "Method and Device for Transaction on Blockchain", the overall content of which is The manner of reference is incorporated in the present application.
本发明涉及区块链技术领域,尤其涉及一种区块链上交易的方法、系统、电子装置及计算机可读存储介质。The present invention relates to the field of blockchain technology, and in particular, to a method, system, electronic device and computer readable storage medium for transaction on a blockchain.
当智能合约置于区块链上后,一个必须考虑的问题是对权限的管理问题。智能合约本身就是在区块链网络上运行的一串代码,因此智能合约里有很多应用程序编程接口(Application Programming Interface,API)。如何管理哪个API能在何时能被哪个用户使用是一个在区块链领域常被提及的问题。其中一个主流的解决方案是把用户权限写在被证书认证机构(Certification Authority,CA)认证过的数字证书里面,然后发给用户。当用户要对一个智能合约发起交易时,该用户会把认签过的交易及证书一起发给智能合约,智能合约会核对证书上的权限来决定是否继续运行。When a smart contract is placed on a blockchain, one issue that must be considered is the management of permissions. The smart contract itself is a series of code running on the blockchain network, so there are many application programming interfaces (APIs) in the smart contract. How to manage which API can be used by which user is a problem often mentioned in the blockchain field. One of the mainstream solutions is to write user rights in a digital certificate that has been certified by a Certification Authority (CA) and then send it to the user. When a user wants to initiate a transaction for a smart contract, the user will send the signed transaction and certificate together to the smart contract, and the smart contract will check the permissions on the certificate to decide whether to continue running.
然而,用户权限不是永恒不变的,在公钥基础设施(Public Key Infrastructure,PKI)体系中,证书的吊销列表会存储在一个中心管制系统中,如果区块链上的节点要验证一个证书是否有权限(验证证书的目的是确定是否准许某项交易的执行),区块链上的节点必须通过一个可信的机制从CA那里查询这个证书是否被吊销,这就使得每个交易发生时,均需要通过中心管制系统中得到最新证书吊销列表,以确定交易相关方是否具备交易的权限,使得交易操作繁琐、系统开销大。However, user rights are not permanent. In the Public Key Infrastructure (PKI) system, the revocation list of certificates is stored in a central control system, if the nodes on the blockchain are to verify whether a certificate is verified. Have authority (the purpose of verifying the certificate is to determine whether to permit the execution of a transaction), the node on the blockchain must check from the CA through a trusted mechanism whether the certificate is revoked, which makes each transaction happen, It is necessary to obtain the latest certificate revocation list through the central control system to determine whether the transaction related party has the right to trade, which makes the transaction operation cumbersome and the system overhead.
发明内容Summary of the invention
本发明的目的在于提供一种区块链上交易的方法、系统、电子装置及计算机可读存储介质,旨在解决区块链上的交易操作繁琐、系统开销大的问题。It is an object of the present invention to provide a method, system, electronic device and computer readable storage medium for transaction on a blockchain, which aims to solve the problem of cumbersome transaction operation and large system overhead on the blockchain.
为实现上述目的,本发明提供一种区块链上交易的方法,所述区块链上交易的方法包括:To achieve the above object, the present invention provides a method for trading on a blockchain, and the method for trading on the blockchain includes:
S1,当证书认证机构将证书吊销清单发布到区块链上后,所述区块链同步所述证书吊销清单至所述区块链的各个节点;S1, after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;
S2,当所述节点上的智能合约接收到携带交易参数的交易请求后,访问所述区块链上的权限吊销系统,基于所述权限吊销系统、所述交易参数及所述节点上的证书吊销清单对所述交易请求的权限进行验证,根据验证结果响应或拒绝响应所述交易请求。
S2, after the smart contract on the node receives the transaction request carrying the transaction parameter, accessing the privilege revocation system on the blockchain, based on the privilege revocation system, the transaction parameter, and the certificate on the node The revocation list verifies the authority of the transaction request, and responds or refuses to respond to the transaction request according to the verification result.
为实现上述目的,本发明还提供一种区块链上交易的系统,所述区块链上交易的系统包括:To achieve the above object, the present invention also provides a system for trading on a blockchain, the system for trading on the blockchain comprising:
同步模块,用于当证书认证机构将证书吊销清单发布到区块链上后,所述区块链同步所述证书吊销清单至所述区块链的各个节点;a synchronization module, configured to: after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;
交易模块,用于当所述节点上的智能合约接收到携带交易参数的交易请求后,访问所述区块链上的权限吊销系统,基于所述权限吊销系统、所述交易参数及所述节点上的证书吊销清单对所述交易请求的权限进行验证,根据验证结果响应或拒绝响应所述交易请求。a transaction module, configured to access a privilege revocation system on the blockchain after the smart contract on the node receives a transaction request carrying a transaction parameter, based on the privilege revocation system, the transaction parameter, and the node The certificate revocation list on the verification verifies the authority of the transaction request, and responds or refuses to respond to the transaction request according to the verification result.
为实现上述目的,本发明还提供一种电子装置,所述电子装置包括存储器及与所述存储器连接的处理器,所述存储器中存储有可在所述处理器上运行的区块链上交易的系统,所述区块链上交易的系统被所述处理器执行时实现如下步骤:To achieve the above object, the present invention also provides an electronic device including a memory and a processor coupled to the memory, wherein the memory stores a blockchain transaction operable on the processor The system, when the system on the blockchain transaction is executed by the processor, implements the following steps:
S1,当证书认证机构将证书吊销清单发布到区块链上后,所述区块链同步所述证书吊销清单至所述区块链的各个节点;S1, after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;
S2,当所述节点上的智能合约接收到携带交易参数的交易请求后,访问所述区块链上的权限吊销系统,基于所述权限吊销系统、所述交易参数及所述节点上的证书吊销清单对所述交易请求的权限进行验证,根据验证结果响应或拒绝响应所述交易请求。S2, after the smart contract on the node receives the transaction request carrying the transaction parameter, accessing the privilege revocation system on the blockchain, based on the privilege revocation system, the transaction parameter, and the certificate on the node The revocation list verifies the authority of the transaction request, and responds or refuses to respond to the transaction request according to the verification result.
为实现上述目的,本发明还提供一种计算机可读存储介质,所述计算机可读存储介质上存储有区块链上交易的系统,所述区块链上交易的系统被处理器执行时实现以下步骤:To achieve the above object, the present invention also provides a computer readable storage medium having stored on a blockchain transaction system, the system of transactions on the blockchain being implemented by a processor The following steps:
S1,当证书认证机构将证书吊销清单发布到区块链上后,所述区块链同步所述证书吊销清单至所述区块链的各个节点;S1, after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;
S2,当所述节点上的智能合约接收到携带交易参数的交易请求后,访问所述区块链上的权限吊销系统,基于所述权限吊销系统、所述交易参数及所述节点上的证书吊销清单对所述交易请求的权限进行验证,根据验证结果响应或拒绝响应所述交易请求。S2, after the smart contract on the node receives the transaction request carrying the transaction parameter, accessing the privilege revocation system on the blockchain, based on the privilege revocation system, the transaction parameter, and the certificate on the node The revocation list verifies the authority of the transaction request, and responds or refuses to respond to the transaction request according to the verification result.
本发明的有益效果是:本发明的证书吊销清单发布到区块链后,区块链将其同步至区块链的各个节点,即将证书吊销清单直接存储在区块链上,当智能合约接收到交易请求时,可以直接在区块链上实时获取证书吊销清单,根据所访问的权限吊销系统、交易请求中携带的交易参数与证书吊销清单对该交易请求的权限进行验证,不需要通过一个可信的机制从CA中查询交易的权限,使得交易操作简便快捷,减轻系统开销。The beneficial effects of the present invention are: after the certificate revocation list of the present invention is released to the blockchain, the blockchain synchronizes it to each node of the blockchain, that is, the certificate revocation list is directly stored in the blockchain, when the smart contract is received. When the transaction request is made, the certificate revocation list can be obtained in real time directly on the blockchain, and the transaction parameters and the certificate revocation list carried in the transaction request are verified according to the accessed authority revocation system, and the permission of the transaction request is verified. The trusted mechanism queries the transaction authority of the transaction from the CA, making the transaction operation simple and quick, and reducing system overhead.
图1为本发明各个实施例一可选的应用环境示意图;FIG. 1 is a schematic diagram of an optional application environment according to various embodiments of the present invention; FIG.
图2为本发明区块链上交易的方法一实施例的流程示意图;2 is a schematic flow chart of an embodiment of a method for transaction on a blockchain according to the present invention;
图3为图2所示步骤S2的细化流程示意图;FIG. 3 is a schematic diagram showing the refinement process of step S2 shown in FIG. 2;
图4为图3所示步骤S24的细化流程示意图;
4 is a schematic diagram of a refinement process of step S24 shown in FIG. 3;
图5为本发明区块链上交易的系统一实施例的结构示意图。FIG. 5 is a schematic structural diagram of an embodiment of a system for transaction on a blockchain according to the present invention.
以下结合附图对本发明的原理和特征进行描述,所举实例只用于解释本发明,并非用于限定本发明的范围。The principles and features of the present invention are described in the following with reference to the accompanying drawings.
如图1所示,图1为本发明各个实施例一可选的应用环境示意图,该应用环境示意图包括电子装置1及终端设备2。电子装置1可以通过网络、近场通信技术等适合的技术与终端设备2进行数据交互。As shown in FIG. 1 , FIG. 1 is a schematic diagram of an optional application environment according to various embodiments of the present invention. The application environment diagram includes an electronic device 1 and a terminal device 2 . The electronic device 1 can perform data interaction with the terminal device 2 through a suitable technology such as a network or a near field communication technology.
所述终端设备2包括,但不限于,任何一种可与用户通过键盘、鼠标、遥控器、触摸板或者声控设备等方式进行人机交互的电子产品,例如,个人计算机、平板电脑、智能手机、个人数字助理(Personal Digital Assistant,PDA)、游戏机、交互式网络电视(Internet Protocol Television,IPTV)、智能式穿戴式设备、导航装置等等的可移动设备,或者诸如数字TV、台式计算机、笔记本、服务器等等的固定终端。The terminal device 2 includes, but is not limited to, any electronic product that can interact with a user through a keyboard, a mouse, a remote controller, a touch panel, or a voice control device, for example, a personal computer, a tablet computer, or a smart phone. , Personal Digital Assistant (PDA), game consoles, Internet Protocol Television (IPTV), smart wearable devices, navigation devices, etc., or mobile devices such as digital TVs, desktop computers, Fixed terminal for notebooks, servers, etc.
所述电子装置1是一种能够按照事先设定或者存储的指令,自动进行数值计算和/或信息处理的设备。所述电子装置1可以是计算机、也可以是单个网络服务器、多个网络服务器组成的服务器组或者基于云计算的由大量主机或者网络服务器构成的云,其中云计算是分布式计算的一种,由一群松散耦合的计算机集组成的一个超级虚拟计算机。The electronic device 1 is an apparatus capable of automatically performing numerical calculation and/or information processing in accordance with an instruction set or stored in advance. The electronic device 1 may be a computer, a single network server, a server group composed of multiple network servers, or a cloud-based cloud composed of a large number of hosts or network servers, where cloud computing is a type of distributed computing. A super virtual computer consisting of a group of loosely coupled computers.
本实施例中,电子装置1可包括,但不仅限于,可通过系统总线相互通信连接的存储器11、处理器12及网络接口13,存储器11存储有可在处理器12上运行的区块链上交易的系统。需要指出的是,图1仅示出了具有组件11-13的电子装置1,但是应理解的是,并不要求实施所有示出的组件,可以替代的实施更多或者更少的组件。In this embodiment, the electronic device 1 may include, but is not limited to, a memory 11, a processor 12 and a network interface 13 communicably connected to each other through a system bus, and the memory 11 stores a blockchain operable on the processor 12. The system of trading. It should be noted that FIG. 1 only shows the electronic device 1 having the components 11-13, but it should be understood that not all illustrated components are required to be implemented, and more or fewer components may be implemented instead.
其中,存储设备11包括内存及至少一种类型的可读存储介质。内存为电子装置1的运行提供缓存;可读存储介质可为如闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘等的非易失性存储介质。在一些实施例中,可读存储介质可以是电子装置1的内部存储单元,例如该电子装置1的硬盘;在另一些实施例中,该非易失性存储介质也可以是电子装置1的外部存储设备,例如电子装置1上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。本实施例中,存储设备11的可读存储介质通常用于存储安装于电子装置1的操作系统和各类应用软件,例如本发明一实施例中的区块链上交易的系统的程序代码等。此外,存储设备11还可以用于暂时地存储已经输出或者将要输出的各类数据。The storage device 11 includes a memory and at least one type of readable storage medium. The memory provides a cache for the operation of the electronic device 1; the readable storage medium may be, for example, a flash memory, a hard disk, a multimedia card, a card type memory (eg, SD or DX memory, etc.), a random access memory (RAM), a static random access memory (SRAM). A non-volatile storage medium such as a read only memory (ROM), an electrically erasable programmable read only memory (EEPROM), a programmable read only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, or the like. In some embodiments, the readable storage medium may be an internal storage unit of the electronic device 1, such as a hard disk of the electronic device 1; in other embodiments, the non-volatile storage medium may also be external to the electronic device 1. A storage device, such as a plug-in hard disk equipped with an electronic device 1, a smart memory card (SMC), a Secure Digital (SD) card, a flash card, or the like. In this embodiment, the readable storage medium of the storage device 11 is generally used to store an operating system installed in the electronic device 1 and various types of application software, such as a program code of a system for transaction on a blockchain in an embodiment of the present invention. . Further, the storage device 11 can also be used to temporarily store various types of data that have been output or are to be output.
所述处理器12在一些实施例中可以是中央处理器(Central Processing Unit,CPU)、控制器、微控制器、微处理器、或其他数据处理芯片。该处理
器12通常用于控制所述电子装置1的总体操作,例如执行与所述终端设备2进行数据交互或者通信相关的控制和处理等。本实施例中,所述处理器12用于运行所述存储器11中存储的程序代码或者处理数据,例如运行区块链上交易的系统等。The processor 12 may be a Central Processing Unit (CPU), controller, microcontroller, microprocessor, or other data processing chip in some embodiments. This treatment
The device 12 is generally used to control the overall operation of the electronic device 1, for example, performing control and processing related to data interaction or communication with the terminal device 2. In this embodiment, the processor 12 is configured to run program code or process data stored in the memory 11, such as a system running a transaction on a blockchain.
所述网络接口13可包括无线网络接口或有线网络接口,该网络接口13通常用于在所述电子装置1与其他电子设备之间建立通信连接。本实施例中,网络接口13主要用于将电子装置1与一个或多个终端设备2相连,在电子装置1与一个或多个终端设备2之间建立数据传输通道和通信连接。The network interface 13 may comprise a wireless network interface or a wired network interface, which is typically used to establish a communication connection between the electronic device 1 and other electronic devices. In this embodiment, the network interface 13 is mainly used to connect the electronic device 1 with one or more terminal devices 2, and establish a data transmission channel and a communication connection between the electronic device 1 and one or more terminal devices 2.
所述区块链上交易的系统存储在存储器11中,包括至少一个存储在存储器11中的计算机可读指令,该至少一个计算机可读指令可被处理器12执行,以实现本发明各实施例的区块链上交易的的方法;如后续所述,该至少一个计算机可读指令依据其各部分所实现的功能不同,可被划为不同的逻辑模块。The block chain transaction system is stored in the memory 11 and includes at least one computer readable instruction stored in the memory 11, the at least one computer readable instruction being executable by the processor 12 to implement various embodiments of the present invention The method of trading on the blockchain; as described later, the at least one computer readable instruction can be classified into different logic modules depending on the functions implemented by the various parts thereof.
所述区块链上交易的系统被所述处理器12执行时实现:证书吊销清单发布到区块链后,区块链将其同步至区块链的各个节点,即将证书吊销清单直接存储在区块链上,当智能合约接收到交易请求时,可以直接在区块链上实时获取证书吊销清单,根据所访问的权限吊销系统、交易请求中携带的交易参数与证书吊销清单对该交易请求的权限进行验证,不需要通过一个可信的机制从CA中查询交易的权限,使得交易操作简便快捷,减轻系统开销。The system on the blockchain transaction is implemented by the processor 12: after the certificate revocation list is released to the blockchain, the blockchain synchronizes it to each node of the blockchain, that is, the certificate revocation list is directly stored in In the blockchain, when the smart contract receives the transaction request, the certificate revocation list can be obtained in real time directly on the blockchain, and the transaction request and the certificate revocation list carried in the transaction request are revoked according to the accessed authority. The authority to verify, does not need to query the transaction authority from the CA through a trusted mechanism, making the transaction operation simple and fast, reducing system overhead.
如图2所示,图2为本发明区块链上交易的方法一实施例的流程示意图,该区块链上交易的方法应用于电子装置中,包括以下步骤:As shown in FIG. 2, FIG. 2 is a schematic flowchart of an embodiment of a method for transaction on a blockchain according to the present invention. The method for transaction on the blockchain is applied to an electronic device, and includes the following steps:
步骤S1,当证书认证机构将证书吊销清单发布到区块链上后,所述区块链同步所述证书吊销清单至所述区块链的各个节点;Step S1, after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;
区块链(Blockchain)是由一串使用密码学方法产生的数据块组成的,每个区块都包含了上一个区块的哈希值(hash),从创始区块(genesis block)开始连接到当前区块,形成块链。区块链也是由节点参与的分布式数据库系统,本质上是一个去中心化的数据库账本,记载所有的交易记录,以比特币的区块链为例,每一个参与交易者都是区块网络的节点,每个节点都有一份完整的公共账簿备份,上面记载着自比特币诞生以来所有的交易信息。任何一个节点发起交易行为都需要将相关信息传递到区块网络中的每一个节点,从而所有节点上的账簿都能验证这一笔交易行为并准确更新。此外,账簿是分区块存储的,随着交易的增加,新的数据块会附加到已存在的链上,形成链状结构。Blockchain is composed of a series of data blocks generated by cryptography. Each block contains the hash of the previous block, starting from the genesis block. To the current block, form a blockchain. The blockchain is also a distributed database system involving nodes. It is essentially a decentralized database book that records all transaction records. Take the bitcoin blockchain as an example. Each participating trader is a block network. Nodes, each node has a complete public account book backup that records all transaction information since the birth of Bitcoin. Any node initiated transaction behavior needs to pass relevant information to each node in the block network, so that the books on all nodes can verify the transaction behavior and update accurately. In addition, the books are stored in partition blocks. As the transaction increases, new data blocks are attached to the existing chains to form a chain structure.
当证书认证机构将证书吊销清单发布到区块链上后,区块链可以利用自身的对等(Peer-to-peer,P2P)网络及共识算法将证书吊销清单同步到区块链的各个节点上,即将证书吊销清单传播至区块链的各个节点上。其中,证书吊销清单中保存有被证书认证机构吊销的各个已吊销证书信息及未被吊销的未吊销证书信息,如果证书信息已经被吊销,则没有权限执行对应的智能合约,即没有权限进行交易,如果证书信息未被吊销,即证书吊销清单中
没有该证书信息,则有权限执行对应的智能合约,即有权限进行交易。After the certificate authority issues the certificate revocation list to the blockchain, the blockchain can use its peer-to-peer (P2P) network and consensus algorithm to synchronize the certificate revocation list to each node of the blockchain. On the other hand, the certificate revocation list is spread to each node of the blockchain. The certificate revocation list contains the information of the revoked certificate revoked by the certificate authority and the revoked certificate information that has not been revoked. If the certificate information has been revoked, there is no right to execute the corresponding smart contract, that is, there is no permission to conduct the transaction. If the certificate information has not been revoked, that is, in the certificate revocation list
Without the certificate information, there is permission to execute the corresponding smart contract, that is, the right to conduct the transaction.
另外,证书吊销清单中的已吊销证书信息可能会发生变化,此时,证书认证机构会发布一携带更新后的证书吊销清单至区块链,区块链再将存储的证书吊销清单替换为更新后的证书吊销清单,或者根据更新后的证书吊销清单更改存储的证书吊销清单。In addition, the revoked certificate information in the certificate revocation list may change. At this time, the certificate authority will issue an updated certificate revocation list to the blockchain, and the blockchain will replace the stored certificate revocation list with the update. The subsequent certificate revocation list, or change the stored certificate revocation list based on the updated certificate revocation list.
步骤S2,当所述节点上的智能合约接收到携带交易参数的交易请求后,访问所述区块链上的权限吊销系统,基于所述权限吊销系统、所述交易参数及所述节点上的证书吊销清单对所述交易请求的权限进行验证,根据验证结果响应或拒绝响应所述交易请求。Step S2, after the smart contract on the node receives the transaction request carrying the transaction parameter, accessing the authority revocation system on the blockchain, based on the authority revocation system, the transaction parameter, and the node The certificate revocation list verifies the authority of the transaction request, and responds or refuses to respond to the transaction request according to the verification result.
本实施例中,区块链上的每个节点都会存储运行区块链上的智能合约,一个智能合约是一套以数字形式定义的承诺(promises),包括合约参与方可以在上面执行这些承诺的协议。当一个携带交易参数的交易请求传到区块链的节点上时,这个交易参数会被记录到该节点对应的事务记录上并同时传给与该交易参数对应的智能合约去运行,并由该交易参数对应的智能合约上的代码对智能合约的自身数据进行更新。In this embodiment, each node on the blockchain stores a smart contract on the running blockchain. A smart contract is a set of promises defined in digital form, including the contract participants can implement these commitments on them. Agreement. When a transaction request carrying a transaction parameter is transmitted to a node of the blockchain, the transaction parameter is recorded on the transaction record corresponding to the node and simultaneously transmitted to the smart contract corresponding to the transaction parameter to run, and The code on the smart contract corresponding to the transaction parameter updates the smart contract's own data.
其中,交易参数包括证书信息及对应的证书权限,证书信息包括证书颁发机构、证书序列号、证书有效期、证书所有者的用户信息等。The transaction parameters include certificate information and corresponding certificate authority, and the certificate information includes a certificate authority, a certificate serial number, a certificate validity period, and a certificate owner user information.
当节点上的智能合约接收到携带交易参数的交易请求后,通过访问区块链上的权限吊销系统以获取交易参数中的证书信息及对应的证书权限,但该交易参数中有可能有证书权限也有可能没有证书权限。权限吊销系统用于处理相关的权限事宜,例如权限吊销系统可以执行对交易参数进行解析等。在对交易请求的权限进行验证时,如果能够从交易参数中获取到证书信息及证书权限,则将证书信息与智能合约对应的节点上的证书吊销清单中的已吊销证书信息进行比对,以验证该证书信息是否为已吊销证书信息,如果该证书信息是已吊销证书信息,则该交易请求无权限进行交易,如果该证书信息不是已吊销证书信息,则该交易请求有权限进行交易。After the smart contract on the node receives the transaction request carrying the transaction parameter, the system revokes the system by accessing the authority on the blockchain to obtain the certificate information and the corresponding certificate authority in the transaction parameter, but the transaction parameter may have the certificate authority. It is also possible that there is no certificate authority. The privilege revocation system is used to handle related privilege issues, such as the privilege revocation system can perform parsing of transaction parameters. When verifying the authority of the transaction request, if the certificate information and the certificate authority can be obtained from the transaction parameter, the certificate information is compared with the revoked certificate information in the certificate revocation list on the node corresponding to the smart contract, Verify that the certificate information is the revoked certificate information. If the certificate information is the revoked certificate information, the transaction request has no permission to conduct the transaction. If the certificate information is not the revoked certificate information, the transaction request has the right to conduct the transaction.
与现有技术相比,本实施例的证书吊销清单发布到区块链后,区块链将其同步至区块链的各个节点,即将证书吊销清单直接存储在区块链上,当智能合约接收到交易请求时,可以从直接在区块链上实时获取证书吊销清单,根据所访问的权限吊销系统、交易请求中携带的交易参数与证书吊销清单对该交易请求的权限进行验证,不需要通过一个可信的机制从CA中查询交易的权限,使得交易操作简便快捷,减轻系统开销。Compared with the prior art, after the certificate revocation list of the embodiment is released to the blockchain, the blockchain synchronizes it to each node of the blockchain, that is, the certificate revocation list is directly stored in the blockchain, when the smart contract is When receiving the transaction request, the certificate revocation list can be obtained in real time directly from the blockchain, and the transaction request and the certificate revocation list carried in the transaction request are verified according to the accessed authority revocation system, and the permission of the transaction request is verified. The authority of the transaction is queried from the CA through a trusted mechanism, which makes the transaction operation simple and quick, and reduces system overhead.
在一优选的实施例中,如图3所示,在上述图2的实施例的基础上,上述步骤S2进一步包括:In a preferred embodiment, as shown in FIG. 3, based on the foregoing embodiment of FIG. 2, the foregoing step S2 further includes:
S21,通过所述权限吊销系统对所述交易参数进行解析;S21: parsing the transaction parameter by using the privilege revocation system;
S22,当解析得到证书信息及证书权限时,分析所述证书信息是否属于所述证书吊销清单中的已吊销证书信息,以对所述交易请求的权限进行验证;
S22, when parsing the certificate information and the certificate authority, analyzing whether the certificate information belongs to the revoked certificate information in the certificate revocation list, to verify the authority of the transaction request;
S23,若所述证书信息属于所述证书吊销清单中的已吊销证书信息,则拒绝响应所述交易请求;S23. If the certificate information belongs to the revoked certificate information in the certificate revocation list, rejecting the response to the transaction request;
S24,若所述证书信息属于所述证书吊销清单中的未吊销证书信息,则响应所述交易请求。S24. If the certificate information belongs to the revoked certificate information in the certificate revocation list, respond to the transaction request.
本实施例中,如果区块链的节点上运行或存储的智能合约接收到携带交易参数的交易请求后,可以通过预先确定的地址访问该区块链链上的权限吊销系统以对该交易请求的权限进行校验,具体地,在访问该区块链链上的权限吊销系统时,由权限吊销系统对交易参数进行解析,如果解析得到证书信息但未解析得到证书权限,则说明该交易请求无权限进行交易,智能合约拒绝该交易请求;如果解析得到证书信息及证书权限,则进一步分析证书信息是否属于证书吊销清单中的已吊销证书信息,具体地,可以将证书信息与证书吊销清单中的已吊销证书信息一一进行比对,以确定该证书信息是否属于吊销清单中的已吊销证书信息。若证书信息属于证书吊销清单中的已吊销证书信息,则该交易请求无权限进行交易,智能合约拒绝响应该交易请求;如果证书信息不属于证书吊销清单中的已吊销证书信息,则该交易请求有权限进行交易,智能合约响应该交易请求。In this embodiment, if the smart contract running or stored on the node of the blockchain receives the transaction request carrying the transaction parameter, the authorization revocation system on the blockchain chain may be accessed through the predetermined address to request the transaction. The permission is verified. Specifically, when accessing the authority revocation system on the blockchain, the transaction revocation system analyzes the transaction parameters. If the certificate information is parsed but the certificate authority is not resolved, the transaction request is If there is no permission to conduct the transaction, the smart contract rejects the transaction request; if the certificate information and the certificate authority are obtained, the certificate information is further analyzed whether the certificate information belongs to the revoked certificate information in the certificate revocation list. Specifically, the certificate information and the certificate revocation list may be The revoked certificate information is compared one by one to determine whether the certificate information belongs to the revoked certificate information in the revocation list. If the certificate information belongs to the revoked certificate information in the certificate revocation list, the transaction request has no permission to conduct the transaction, and the smart contract refuses to respond to the transaction request; if the certificate information does not belong to the revoked certificate information in the certificate revocation list, the transaction request Have permission to trade, smart contract responds to the transaction request.
另外,如果从交易参数中只能解析得到证书信息,但解析后未能够得到证书权限,则该交易请求也无权限进行交易。In addition, if the certificate information can only be parsed from the transaction parameters, but the certificate authority is not obtained after parsing, the transaction request has no permission to conduct the transaction.
本实施例在对交易请求的权限进行验证时,通过访问区块链上的权限吊销系统,由权限吊销系统对交易参数进行解析,在解析得到证书信息及证书权限时,通过分析证书信息是否属于证书吊销清单中的已吊销证书信息来对交易请求的权限进行验证,能够提高交易数据处理的速率。In the embodiment, when verifying the authority of the transaction request, by accessing the authority revocation system on the blockchain, the authority revocation system parses the transaction parameters, and when analyzing the certificate information and the certificate authority, analyzes whether the certificate information belongs to The certificate revocation information in the certificate revocation list is used to verify the authority of the transaction request, which can improve the transaction data processing rate.
在一优选的实施例中,如图4所示,在上述图3的实施例的基础上,证书吊销清单中还可以记录有未吊销证书信息对应的各分权限是否被吊销的信息,在该实施例中,若检测到所述证书信息不属于所述证书吊销清单中的已吊销证书信息,则所述步骤S24还可以进一步包括如下步骤:In a preferred embodiment, as shown in FIG. 4, on the basis of the foregoing embodiment of FIG. 3, the certificate revocation list may also record information about whether the sub-rights corresponding to the unrevoked certificate information are revoked. In the embodiment, if it is detected that the certificate information does not belong to the revoked certificate information in the certificate revocation list, the step S24 may further include the following steps:
步骤S241,将未吊销证书信息对应的各分权限分别与所述证书吊销清单中各未吊销证书信息对应的证书权限进行比对,确定所述分权限是否均已被吊销。若是,则进入步骤S242,否则,执行步骤S243。Step S241: Compare each sub-rights corresponding to the unrevoked certificate information with the certificate authority corresponding to each unrevoked certificate information in the certificate revocation list, and determine whether the sub-rights have been revoked. If yes, go to step S242, otherwise, go to step S243.
步骤S242,响应所述交易请求。Step S242, responding to the transaction request.
步骤S243,拒绝响应所述交易请求。Step S243, refusing to respond to the transaction request.
本实施例中,证书吊销清单中记录有未吊销证书信息对应的各分权限是否被吊销的信息,即记录各分权限已吊销或者未吊销的信息。In this embodiment, the information in the certificate revocation list records whether the sub-rights corresponding to the unrevoked certificate information are revoked, that is, the information that the sub-rights have been revoked or not revoked is recorded.
本实施例中,一个证书信息对应多个分权限,为了使得用户在部分分权限被吊销后,还可以通过证书信息在区块链上执行其他证书权限事务,本实施例在证书吊销清单中记录了证书信息下对应的各分权限是否被吊销的信息,如果证书信息未被吊销,则进一步将未吊销证书信息对应的各分权限分别与证书吊销清单中各未吊销证书信息对应的证书权限进行比对,若有分权
限未吊销,则响应交易请求,若各分权限均已吊销,则拒绝响应交易请求。In this embodiment, a certificate information corresponds to multiple sub-rights. In order to enable the user to perform other certificate authority transactions on the blockchain through the certificate information after the partial rights are revoked, the embodiment records in the certificate revocation list. If the certificate information is not revoked, if the certificate information is not revoked, the license rights corresponding to the revoked certificate information in the certificate revocation list are further respectively performed. Compare, if there is decentralization
If the limit is not revoked, the transaction request is responded to, and if the rights are revoked, the transaction request is refused.
如图5所示,图5为本发明区块链上交易的系统一实施例的结构示意图,该区块链上交易的系统根据其不同的功能,可以划分为多个功能模块,包括:As shown in FIG. 5, FIG. 5 is a schematic structural diagram of an embodiment of a system for transaction on a blockchain according to the present invention. The system for trading on the blockchain can be divided into multiple functional modules according to different functions, including:
同步模块101,用于当证书认证机构将证书吊销清单发布到区块链上后,所述区块链同步所述证书吊销清单至所述区块链的各个节点;The synchronization module 101 is configured to: after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;
区块链(Blockchain)是由一串使用密码学方法产生的数据块组成的,每个区块都包含了上一个区块的哈希值(hash),从创始区块(genesis block)开始连接到当前区块,形成块链。区块链也是由节点参与的分布式数据库系统,本质上是一个去中心化的数据库账本,记载所有的交易记录,以比特币的区块链为例,每一个参与交易者都是区块网络的节点,每个节点都有一份完整的公共账簿备份,上面记载着自比特币诞生以来所有的交易信息。任何一个节点发起交易行为都需要将相关信息传递到区块网络中的每一个节点,从而所有节点上的账簿都能验证这一笔交易行为并准确更新。此外,账簿是分区块存储的,随着交易的增加,新的数据块会附加到已存在的链上,形成链状结构。Blockchain is composed of a series of data blocks generated by cryptography. Each block contains the hash of the previous block, starting from the genesis block. To the current block, form a blockchain. The blockchain is also a distributed database system involving nodes. It is essentially a decentralized database book that records all transaction records. Take the bitcoin blockchain as an example. Each participating trader is a block network. Nodes, each node has a complete public account book backup that records all transaction information since the birth of Bitcoin. Any node initiated transaction behavior needs to pass relevant information to each node in the block network, so that the books on all nodes can verify the transaction behavior and update accurately. In addition, the books are stored in partition blocks. As the transaction increases, new data blocks are attached to the existing chains to form a chain structure.
当证书认证机构将证书吊销清单发布到区块链上后,区块链可以利用自身的对等(Peer-to-peer,P2P)网络及共识算法将证书吊销清单同步到区块链的各个节点上,即将证书吊销清单传播至区块链的各个节点上。其中,证书吊销清单中保存有被证书认证机构吊销的各个已吊销证书信息及未被吊销的未吊销证书信息,如果证书信息已经被吊销,则没有权限执行对应的智能合约,即没有权限进行交易,如果证书信息未被吊销,即证书吊销清单中没有该证书信息,则有权限执行对应的智能合约,即有权限进行交易。After the certificate authority issues the certificate revocation list to the blockchain, the blockchain can use its peer-to-peer (P2P) network and consensus algorithm to synchronize the certificate revocation list to each node of the blockchain. On the other hand, the certificate revocation list is spread to each node of the blockchain. The certificate revocation list contains the information of the revoked certificate revoked by the certificate authority and the revoked certificate information that has not been revoked. If the certificate information has been revoked, there is no right to execute the corresponding smart contract, that is, there is no permission to conduct the transaction. If the certificate information is not revoked, that is, the certificate information is not in the certificate revocation list, then the corresponding smart contract is authorized to execute, that is, the transaction is authorized.
另外,证书吊销清单中的已吊销证书信息可能会发生变化,此时,证书认证机构会发布一携带更新后的证书吊销清单至区块链,区块链再将存储的证书吊销清单替换为更新后的证书吊销清单,或者根据更新后的证书吊销清单更改存储的证书吊销清单。In addition, the revoked certificate information in the certificate revocation list may change. At this time, the certificate authority will issue an updated certificate revocation list to the blockchain, and the blockchain will replace the stored certificate revocation list with the update. The subsequent certificate revocation list, or change the stored certificate revocation list based on the updated certificate revocation list.
交易模块102,用于当所述节点上的智能合约接收到携带交易参数的交易请求后,访问所述区块链上的权限吊销系统,基于所述权限吊销系统、所述交易参数及所述节点上的证书吊销清单对所述交易请求的权限进行验证,根据验证结果响应或拒绝响应所述交易请求。The transaction module 102 is configured to, after the smart contract on the node receives the transaction request carrying the transaction parameter, access the authorization revocation system on the blockchain, based on the authorization revocation system, the transaction parameter, and the The certificate revocation list on the node verifies the authority of the transaction request, and responds or refuses to respond to the transaction request according to the verification result.
本实施例中,区块链上的每个节点都会存储运行区块链上的智能合约,一个智能合约是一套以数字形式定义的承诺(promises),包括合约参与方可以在上面执行这些承诺的协议。当一个携带交易参数的交易请求传到区块链的节点上时,这个交易参数会被记录到该节点对应的事务记录上并同时传给与该交易参数对应的智能合约去运行,并由该交易参数对应的智能合约上的代码对智能合约的自身数据进行更新。In this embodiment, each node on the blockchain stores a smart contract on the running blockchain. A smart contract is a set of promises defined in digital form, including the contract participants can implement these commitments on them. Agreement. When a transaction request carrying a transaction parameter is transmitted to a node of the blockchain, the transaction parameter is recorded on the transaction record corresponding to the node and simultaneously transmitted to the smart contract corresponding to the transaction parameter to run, and The code on the smart contract corresponding to the transaction parameter updates the smart contract's own data.
其中,交易参数包括证书信息及对应的证书权限,证书信息包括证书颁发机构、证书序列号、证书有效期、证书所有者的用户信息等。
The transaction parameters include certificate information and corresponding certificate authority, and the certificate information includes a certificate authority, a certificate serial number, a certificate validity period, and a certificate owner user information.
当节点上的智能合约接收到携带交易参数的交易请求后,通过访问区块链上的权限吊销系统以获取交易参数中的证书信息及对应的证书权限,但该交易参数中有可能有证书权限也有可能没有证书权限,权限吊销系统用于处理相关的权限事宜,例如权限吊销系统可以执行对交易参数进行解析等。在对交易请求的权限进行验证时,如果能够从交易参数中获取到证书信息及证书权限,则将证书信息与智能合约对应的节点上的证书吊销清单中的已吊销证书信息进行比对,以验证该证书信息是否为已吊销证书信息,如果该证书信息是已吊销证书信息,则该交易请求无权限进行交易,如果该证书信息不是已吊销证书信息,则该交易请求有权限进行交易。After the smart contract on the node receives the transaction request carrying the transaction parameter, the system revokes the system by accessing the authority on the blockchain to obtain the certificate information and the corresponding certificate authority in the transaction parameter, but the transaction parameter may have the certificate authority. It is also possible that there is no certificate authority, and the authority revocation system is used to handle related authority matters, for example, the authority revocation system can perform parsing of transaction parameters. When verifying the authority of the transaction request, if the certificate information and the certificate authority can be obtained from the transaction parameter, the certificate information is compared with the revoked certificate information in the certificate revocation list on the node corresponding to the smart contract, Verify that the certificate information is the revoked certificate information. If the certificate information is the revoked certificate information, the transaction request has no permission to conduct the transaction. If the certificate information is not the revoked certificate information, the transaction request has the right to conduct the transaction.
在一优选的实施例中,在上述图5的实施例的基础上,上述交易模块102进一步包括:In a preferred embodiment, based on the foregoing embodiment of FIG. 5, the transaction module 102 further includes:
访问单元,用于通过所述权限吊销系统对所述交易参数进行解析;An access unit, configured to parse the transaction parameter by using the authorization revocation system;
验证单元,用于当解析得到证书信息及证书权限时,分析所述证书信息是否属于所述证书吊销清单中的已吊销证书信息,以对所述交易请求的权限进行验证;a verification unit, configured to analyze whether the certificate information belongs to the revoked certificate information in the certificate revocation list when the certificate information and the certificate authority are obtained, to verify the authority of the transaction request;
第一处理单元,用于若所述证书信息属于所述证书吊销清单中的已吊销证书信息,则拒绝响应所述交易请求;a first processing unit, configured to refuse to respond to the transaction request if the certificate information belongs to the revoked certificate information in the certificate revocation list;
第二处理单元,用于若所述证书信息属于所述证书吊销清单中的未吊销证书信息,则响应所述交易请求。And a second processing unit, configured to respond to the transaction request if the certificate information belongs to the revoked certificate information in the certificate revocation list.
本实施例中,如果区块链的节点上运行或存储的智能合约接收到携带交易参数的交易请求后,可以通过预先确定的地址访问该区块链链上的权限吊销系统以对该交易请求的权限进行校验,具体地,在访问该区块链链上的权限吊销系统时,由权限吊销系统对交易参数进行解析,如果解析得到证书信息但未解析得到证书权限,则说明该交易请求无权限进行交易,智能合约拒绝该交易请求;如果解析得到证书信息及证书权限,则进一步分析证书信息是否属于证书吊销清单中的已吊销证书信息,具体地,可以将证书信息与证书吊销清单中的已吊销证书信息一一进行比对,以确定该证书信息是否属于吊销清单中的已吊销证书信息。若证书信息属于证书吊销清单中的已吊销证书信息,则该交易请求无权限进行交易,智能合约拒绝响应该交易请求;如果证书信息不属于证书吊销清单中的已吊销证书信息,则该交易请求有权限进行交易,智能合约响应该交易请求。In this embodiment, if the smart contract running or stored on the node of the blockchain receives the transaction request carrying the transaction parameter, the authorization revocation system on the blockchain chain may be accessed through the predetermined address to request the transaction. The permission is verified. Specifically, when accessing the authority revocation system on the blockchain, the transaction revocation system analyzes the transaction parameters. If the certificate information is parsed but the certificate authority is not resolved, the transaction request is If there is no permission to conduct the transaction, the smart contract rejects the transaction request; if the certificate information and the certificate authority are obtained, the certificate information is further analyzed whether the certificate information belongs to the revoked certificate information in the certificate revocation list. Specifically, the certificate information and the certificate revocation list may be The revoked certificate information is compared one by one to determine whether the certificate information belongs to the revoked certificate information in the revocation list. If the certificate information belongs to the revoked certificate information in the certificate revocation list, the transaction request has no permission to conduct the transaction, and the smart contract refuses to respond to the transaction request; if the certificate information does not belong to the revoked certificate information in the certificate revocation list, the transaction request Have permission to trade, smart contract responds to the transaction request.
另外,如果从交易参数中只能解析得到证书信息,但解析后未能够得到证书权限,则该交易请求也无权限进行交易。In addition, if the certificate information can only be parsed from the transaction parameters, but the certificate authority is not obtained after parsing, the transaction request has no permission to conduct the transaction.
本实施例在对交易请求的权限进行验证时,通过访问区块链上的权限吊销系统,由权限吊销系统对交易参数进行解析,在解析得到证书信息及证书权限时,通过分析证书信息是否属于证书吊销清单中的已吊销证书信息来对交易请求的权限进行验证,能够提高交易数据处理的速率。
In the embodiment, when verifying the authority of the transaction request, by accessing the authority revocation system on the blockchain, the authority revocation system parses the transaction parameters, and when analyzing the certificate information and the certificate authority, analyzes whether the certificate information belongs to The certificate revocation information in the certificate revocation list is used to verify the authority of the transaction request, which can improve the transaction data processing rate.
在一优选的实施例中,在上述的实施例的基础上,证书吊销清单中还记录有未吊销证书信息对应的各分权限是否被吊销的信息,若所述证书信息属于未吊销证书信息,所述第二处理单元包括:In a preferred embodiment, on the basis of the foregoing embodiment, the certificate revocation list further records information about whether the sub-rights corresponding to the unrevoked certificate information are revoked, and if the certificate information belongs to the unrevoked certificate information, The second processing unit includes:
比对子单元,用于将未吊销证书信息对应的各分权限分别与所述证书吊销清单中各未吊销证书信息对应的证书权限进行比对;The comparison sub-unit is configured to compare each sub-rights corresponding to the unrevoked certificate information with the certificate authority corresponding to each unrevoked certificate information in the certificate revocation list;
第三处理子单元,用于若有分权限未吊销,则响应所述交易请求;a third processing sub-unit, configured to respond to the transaction request if the sub-rights are not revoked;
第四处理子单元,用于若各分权限均已吊销,则拒绝响应所述交易请求。The fourth processing sub-unit is configured to refuse to respond to the transaction request if each of the sub-rights has been revoked.
本实施例中,一个证书信息对应多个分权限,为了使得用户在部分分权限被吊销后,还可以通过证书信息在区块链上执行其他证书权限事务,本实施例在证书吊销清单中记录了证书信息下对应的各分权限是否被吊销的信息,如果证书信息未被吊销,则进一步将未吊销证书信息对应的各分权限分别与证书吊销清单中各未吊销证书信息对应的证书权限进行比对,若有分权限未吊销,则响应交易请求,若各分权限均已吊销,则拒绝响应交易请求。In this embodiment, a certificate information corresponds to multiple sub-rights. In order to enable the user to perform other certificate authority transactions on the blockchain through the certificate information after the partial rights are revoked, the embodiment records in the certificate revocation list. If the certificate information is not revoked, if the certificate information is not revoked, the license rights corresponding to the revoked certificate information in the certificate revocation list are further respectively performed. If the sub-rights are not revoked, the transaction request is responded to, and if the sub-rights are revoked, the transaction request is rejected.
以上所述仅为本发明的较佳实施例,并不用以限制本发明,凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。
The above are only the preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalents, improvements, etc., which are within the spirit and scope of the present invention, should be included in the protection of the present invention. Within the scope.
Claims (20)
- 一种区块链上交易的方法,其特征在于,所述区块链上交易的方法包括:A method of trading on a blockchain, characterized in that the method of trading on the blockchain comprises:S1,当证书认证机构将证书吊销清单发布到区块链上后,所述区块链同步所述证书吊销清单至所述区块链的各个节点;S1, after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;S2,当所述节点上的智能合约接收到携带交易参数的交易请求后,访问所述区块链上的权限吊销系统,基于所述权限吊销系统、所述交易参数及所述节点上的证书吊销清单对所述交易请求的权限进行验证,根据验证结果响应或拒绝响应所述交易请求。S2, after the smart contract on the node receives the transaction request carrying the transaction parameter, accessing the privilege revocation system on the blockchain, based on the privilege revocation system, the transaction parameter, and the certificate on the node The revocation list verifies the authority of the transaction request, and responds or refuses to respond to the transaction request according to the verification result.
- 根据权利要求1所述的区块链上交易的方法,其特征在于,所述步骤S2包括:The method of transaction on a blockchain according to claim 1, wherein said step S2 comprises:S21,通过所述权限吊销系统对所述交易参数进行解析;S21: parsing the transaction parameter by using the privilege revocation system;S22,当解析得到证书信息及证书权限时,分析所述证书信息是否属于所述证书吊销清单中的已吊销证书信息,以对所述交易请求的权限进行验证;S22, when parsing the certificate information and the certificate authority, analyzing whether the certificate information belongs to the revoked certificate information in the certificate revocation list, to verify the authority of the transaction request;S23,若所述证书信息属于所述证书吊销清单中的已吊销证书信息,则拒绝响应所述交易请求;S23. If the certificate information belongs to the revoked certificate information in the certificate revocation list, rejecting the response to the transaction request;S24,若所述证书信息属于所述证书吊销清单中的未吊销证书信息,则响应所述交易请求。S24. If the certificate information belongs to the revoked certificate information in the certificate revocation list, respond to the transaction request.
- 根据权利要求2所述的区块链上交易的方法,其特征在于,所述证书吊销清单中还记录有未吊销证书信息对应的各分权限是否被吊销的信息,所述步骤S24还包括:The method of the blockchain transaction according to claim 2, wherein the certificate revocation list further records information of whether the sub-rights corresponding to the unrevoked certificate information are revoked, and the step S24 further includes:S241,将未吊销证书信息对应的各分权限分别与所述证书吊销清单中各未吊销证书信息对应的证书权限进行比对;S241. Compare each sub-rights corresponding to the unrevoked certificate information with the certificate authority corresponding to each unrevoked certificate information in the certificate revocation list;S242,若有分权限未被吊销,则响应所述交易请求;S242, if the sub-rights are not revoked, responding to the transaction request;S243,若各分权限均被吊销,则拒绝响应所述交易请求。S243. If each of the sub-rights is revoked, the transaction request is refused.
- 根据权利要求2所述的区块链上交易的方法,其特征在于,所述步骤S21之后,还包括:The method of the blockchain transaction according to claim 2, wherein after the step S21, the method further comprises:若解析后未得到所述证书权限,则拒绝响应所述交易请求。If the certificate authority is not obtained after parsing, the transaction request is refused.
- 根据权利要求2所述的区块链上交易的方法,其特征在于,所述S22包括:将证书信息与所述证书吊销清单中的已吊销证书信息一一进行比对,以确定该证书信息是否属于所述吊销清单中的已吊销证书信息。The method for transaction on a blockchain according to claim 2, wherein said S22 comprises: comparing the certificate information with the revoked certificate information in the certificate revocation list to determine the certificate information. Whether it belongs to the revoked certificate information in the revocation list.
- 一种区块链上交易的系统,其特征在于,所述区块链上交易的系统包括:A system for trading on a blockchain, characterized in that the system for trading on the blockchain comprises:同步模块,用于当证书认证机构将证书吊销清单发布到区块链上后,所述区块链同步所述证书吊销清单至所述区块链的各个节点;a synchronization module, configured to: after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;交易模块,用于当所述节点上的智能合约接收到携带交易参数的交易请求后,访问所述区块链上的权限吊销系统,基于所述权限吊销系统、所述交 易参数及所述节点上的证书吊销清单对所述交易请求的权限进行验证,根据验证结果响应或拒绝响应所述交易请求。a transaction module, configured to access a privilege revocation system on the blockchain after the smart contract on the node receives a transaction request carrying a transaction parameter, based on the privilege revocation system, the intersection The easy parameter and the certificate revocation list on the node verify the authority of the transaction request, and respond or refuse to respond to the transaction request according to the verification result.
- 根据权利要求6所述的区块链上交易的系统,其特征在于,所述交易模块包括:The system for trading on a blockchain according to claim 6, wherein said transaction module comprises:访问单元,用于通过所述权限吊销系统对所述交易参数进行解析;An access unit, configured to parse the transaction parameter by using the authorization revocation system;验证单元,用于当解析得到证书信息及证书权限时,分析所述证书信息是否属于所述证书吊销清单中的已吊销证书信息,以对所述交易请求的权限进行验证;a verification unit, configured to analyze whether the certificate information belongs to the revoked certificate information in the certificate revocation list when the certificate information and the certificate authority are obtained, to verify the authority of the transaction request;第一处理单元,用于若所述证书信息属于所述证书吊销清单中的已吊销证书信息,则拒绝响应所述交易请求;a first processing unit, configured to refuse to respond to the transaction request if the certificate information belongs to the revoked certificate information in the certificate revocation list;第二处理单元,用于若所述证书信息属于所述证书吊销清单中的未吊销证书信息,则响应所述交易请求。And a second processing unit, configured to respond to the transaction request if the certificate information belongs to the revoked certificate information in the certificate revocation list.
- 根据权利要求7所述的区块链上交易的系统,其特征在于,所述证书吊销清单中还记录有未吊销证书信息对应的各分权限是否被吊销的信息,所述第二处理单元还包括:The system for transaction on a blockchain according to claim 7, wherein the certificate revocation list further records information on whether the sub-rights corresponding to the unrevoked certificate information are revoked, and the second processing unit further include:比对子单元,用于将未吊销证书信息对应的各分权限分别与所述证书吊销清单中各未吊销证书信息对应的证书权限进行比对;The comparison sub-unit is configured to compare each sub-rights corresponding to the unrevoked certificate information with the certificate authority corresponding to each unrevoked certificate information in the certificate revocation list;第三处理子单元,用于若有分权限未被吊销,则响应所述交易请求;a third processing subunit, configured to respond to the transaction request if the sub-rights are not revoked;第四处理子单元,用于若各分权限均被吊销,则拒绝响应所述交易请求。The fourth processing sub-unit is configured to refuse to respond to the transaction request if each of the sub-rights is revoked.
- 根据权利要求7所述的区块链上交易的系统,其特征在于,所述交易模块进一步包括:第五处理单元,用于若解析后未得到所述证书权限,则拒绝响应所述交易请求。The system for transaction on a blockchain according to claim 7, wherein the transaction module further comprises: a fifth processing unit, configured to refuse to respond to the transaction request if the certificate authority is not obtained after parsing .
- 根据权利要求7所述的区块链上交易的系统,其特征在于,所述验证单元具体用于将证书信息与所述证书吊销清单中的已吊销证书信息一一进行比对,以确定该证书信息是否属于所述吊销清单中的已吊销证书信息。The system for transaction on a blockchain according to claim 7, wherein the verification unit is specifically configured to compare the certificate information with the revoked certificate information in the certificate revocation list to determine the Whether the certificate information belongs to the revoked certificate information in the revocation list.
- 一种电子装置,其特征在于,所述电子装置包括存储器及与所述存储器连接的处理器,所述存储器中存储有可在所述处理器上运行的区块链上交易的系统,所述区块链上交易的系统被所述处理器执行时实现如下步骤:An electronic device, comprising: a memory and a processor coupled to the memory, the memory storing a system operable on a blockchain running on the processor, The system that is traded on the blockchain is implemented by the processor to implement the following steps:S1,当证书认证机构将证书吊销清单发布到区块链上后,所述区块链同步所述证书吊销清单至所述区块链的各个节点;S1, after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;S2,当所述节点上的智能合约接收到携带交易参数的交易请求后,访问所述区块链上的权限吊销系统,基于所述权限吊销系统、所述交易参数及所述节点上的证书吊销清单对所述交易请求的权限进行验证,根据验证结果响应或拒绝响应所述交易请求。S2, after the smart contract on the node receives the transaction request carrying the transaction parameter, accessing the privilege revocation system on the blockchain, based on the privilege revocation system, the transaction parameter, and the certificate on the node The revocation list verifies the authority of the transaction request, and responds or refuses to respond to the transaction request according to the verification result.
- 根据权利要求11所述的电子装置,其特征在于,所述步骤S2包括:The electronic device according to claim 11, wherein the step S2 comprises:S21,通过所述权限吊销系统对所述交易参数进行解析;S21: parsing the transaction parameter by using the privilege revocation system;S22,当解析得到证书信息及证书权限时,分析所述证书信息是否属于所述证书吊销清单中的已吊销证书信息,以对所述交易请求的权限进行验证; S22, when parsing the certificate information and the certificate authority, analyzing whether the certificate information belongs to the revoked certificate information in the certificate revocation list, to verify the authority of the transaction request;S23,若所述证书信息属于所述证书吊销清单中的已吊销证书信息,则拒绝响应所述交易请求;S23. If the certificate information belongs to the revoked certificate information in the certificate revocation list, rejecting the response to the transaction request;S24,若所述证书信息属于所述证书吊销清单中的未吊销证书信息,则响应所述交易请求。S24. If the certificate information belongs to the revoked certificate information in the certificate revocation list, respond to the transaction request.
- 根据权利要求12所述的电子装置,其特征在于,所述证书吊销清单中还记录有未吊销证书信息对应的各分权限是否被吊销的信息,所述步骤S24还包括:The electronic device according to claim 12, wherein the certificate revocation list further records information of whether the sub-rights corresponding to the unrevoked certificate information are revoked, and the step S24 further includes:S241,将未吊销证书信息对应的各分权限分别与所述证书吊销清单中各未吊销证书信息对应的证书权限进行比对;S241. Compare each sub-rights corresponding to the unrevoked certificate information with the certificate authority corresponding to each unrevoked certificate information in the certificate revocation list;S242,若有分权限未被吊销,则响应所述交易请求;S242, if the sub-rights are not revoked, responding to the transaction request;S243,若各分权限均被吊销,则拒绝响应所述交易请求。S243. If each of the sub-rights is revoked, the transaction request is refused.
- 根据权利要求12所述的电子装置,其特征在于,所述步骤S21之后,还包括:The electronic device according to claim 12, wherein after the step S21, the method further comprises:若解析后未得到所述证书权限,则拒绝响应所述交易请求。If the certificate authority is not obtained after parsing, the transaction request is refused.
- 根据权利要求12所述的电子装置,其特征在于,所述S22包括:将证书信息与所述证书吊销清单中的已吊销证书信息一一进行比对,以确定该证书信息是否属于所述吊销清单中的已吊销证书信息。The electronic device according to claim 12, wherein said S22 comprises: comparing the certificate information with the revoked certificate information in the certificate revocation list to determine whether the certificate information belongs to the revocation The certificate information has been revoked in the list.
- 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质上存储有区块链上交易的系统,所述区块链上交易的系统被处理器执行时实现以下步骤:A computer readable storage medium, characterized in that the computer readable storage medium stores a system for transaction on a blockchain, and the system for trading on the blockchain is executed by a processor to implement the following steps:S1,当证书认证机构将证书吊销清单发布到区块链上后,所述区块链同步所述证书吊销清单至所述区块链的各个节点;S1, after the certificate certification authority issues the certificate revocation list to the blockchain, the blockchain synchronizes the certificate revocation list to each node of the blockchain;S2,当所述节点上的智能合约接收到携带交易参数的交易请求后,访问所述区块链上的权限吊销系统,基于所述权限吊销系统、所述交易参数及所述节点上的证书吊销清单对所述交易请求的权限进行验证,根据验证结果响应或拒绝响应所述交易请求。S2, after the smart contract on the node receives the transaction request carrying the transaction parameter, accessing the privilege revocation system on the blockchain, based on the privilege revocation system, the transaction parameter, and the certificate on the node The revocation list verifies the authority of the transaction request, and responds or refuses to respond to the transaction request according to the verification result.
- 根据权利要求16所述的计算机可读存储介质,其特征在于,所述步骤S2包括:The computer readable storage medium of claim 16, wherein the step S2 comprises:S21,通过所述权限吊销系统对所述交易参数进行解析;S21: parsing the transaction parameter by using the privilege revocation system;S22,当解析得到证书信息及证书权限时,分析所述证书信息是否属于所述证书吊销清单中的已吊销证书信息,以对所述交易请求的权限进行验证;S22, when parsing the certificate information and the certificate authority, analyzing whether the certificate information belongs to the revoked certificate information in the certificate revocation list, to verify the authority of the transaction request;S23,若所述证书信息属于所述证书吊销清单中的已吊销证书信息,则拒绝响应所述交易请求;S23. If the certificate information belongs to the revoked certificate information in the certificate revocation list, rejecting the response to the transaction request;S24,若所述证书信息属于所述证书吊销清单中的未吊销证书信息,则响应所述交易请求。S24. If the certificate information belongs to the revoked certificate information in the certificate revocation list, respond to the transaction request.
- 根据权利要求17所述的计算机可读存储介质,其特征在于,所述证书吊销清单中还记录有未吊销证书信息对应的各分权限是否被吊销的信息,所述步骤S24还包括: The computer readable storage medium according to claim 17, wherein the certificate revocation list further records information of whether the sub-rights corresponding to the unrevoked certificate information are revoked, and the step S24 further includes:S241,将未吊销证书信息对应的各分权限分别与所述证书吊销清单中各未吊销证书信息对应的证书权限进行比对;S241. Compare each sub-rights corresponding to the unrevoked certificate information with the certificate authority corresponding to each unrevoked certificate information in the certificate revocation list;S242,若有分权限未被吊销,则响应所述交易请求;S242, if the sub-rights are not revoked, responding to the transaction request;S243,若各分权限均被吊销,则拒绝响应所述交易请求。S243. If each of the sub-rights is revoked, the transaction request is refused.
- 根据权利要求17所述的计算机可读存储介质,其特征在于,所述步骤S21之后,还包括:The computer readable storage medium according to claim 17, wherein after the step S21, the method further comprises:若解析后未得到所述证书权限,则拒绝响应所述交易请求。If the certificate authority is not obtained after parsing, the transaction request is refused.
- 根据权利要求17所述的计算机可读存储介质,其特征在于,所述S22包括:将证书信息与所述证书吊销清单中的已吊销证书信息一一进行比对,以确定该证书信息是否属于所述吊销清单中的已吊销证书信息。 The computer readable storage medium according to claim 17, wherein said S22 comprises: comparing the certificate information with the revoked certificate information in the certificate revocation list to determine whether the certificate information belongs to The revoked certificate information in the revocation list.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610968783.1 | 2016-10-27 | ||
CN201610968783.1A CN106504091B (en) | 2016-10-27 | 2016-10-27 | The method and device merchandised on block chain |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2018076763A1 true WO2018076763A1 (en) | 2018-05-03 |
Family
ID=58322818
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2017/091253 WO2018076763A1 (en) | 2016-10-27 | 2017-06-30 | Method and system for transaction on block chain, electronic device, and storage medium |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN106504091B (en) |
WO (1) | WO2018076763A1 (en) |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109218029A (en) * | 2018-09-27 | 2019-01-15 | 深圳壹账通智能科技有限公司 | The credible querying method of network credentials, device and storage medium based on block chain |
CN109615529A (en) * | 2019-02-25 | 2019-04-12 | 中国农业银行股份有限公司 | A kind of credit investigation system based on block chain |
CN110163751A (en) * | 2019-04-15 | 2019-08-23 | 广州致链科技有限公司 | Block chain access system and its implementation towards alliance's chain |
CN110598482A (en) * | 2019-09-30 | 2019-12-20 | 腾讯科技(深圳)有限公司 | Block chain-based digital certificate management method, device, equipment and storage medium |
CN110620776A (en) * | 2019-09-24 | 2019-12-27 | 腾讯科技(深圳)有限公司 | Data transfer information transmission method and device |
CN110992035A (en) * | 2019-12-13 | 2020-04-10 | 中国工商银行股份有限公司 | Block chain link point management method, device and system |
US10742423B1 (en) | 2019-09-02 | 2020-08-11 | Alibaba Group Holding Limited | Managing blockchain-based centralized ledger systems |
CN112418854A (en) * | 2020-10-09 | 2021-02-26 | 深圳华工能源技术有限公司 | Energy-saving certificate management method based on block chain technology |
CN113141257A (en) * | 2021-03-26 | 2021-07-20 | 深圳国实检测技术有限公司 | Revocation list updating method and storage medium |
CN113504978A (en) * | 2021-07-14 | 2021-10-15 | 上海点融信息科技有限责任公司 | Method, apparatus and readable storage medium for determining out-of-block time of block chain |
US11218327B2 (en) * | 2017-07-26 | 2022-01-04 | Advanced New Technologies Co., Ltd. | Digital certificate management method and apparatus, and electronic device |
US11250428B2 (en) | 2020-04-22 | 2022-02-15 | Alipay (Hangzhou) Information Technology Co., Ltd. | Managing transaction requests in ledger systems |
US11455631B2 (en) | 2020-04-22 | 2022-09-27 | Alipay (Hangzhou) Information Technology Co., Ltd. | Managing transaction requests in ledger systems |
US11455297B2 (en) | 2020-04-22 | 2022-09-27 | Alipay (Hangzhou) Information Technology Co., Ltd. | Managing transaction requests in ledger systems |
CN116827648A (en) * | 2023-07-07 | 2023-09-29 | 亚数信息科技(上海)有限公司 | Website effectiveness detection method, device, equipment and storage medium |
Families Citing this family (46)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9185095B1 (en) | 2012-03-20 | 2015-11-10 | United Services Automobile Association (Usaa) | Behavioral profiling method and system to authenticate a user |
US10979410B1 (en) | 2015-05-04 | 2021-04-13 | United Services Automobile Association (Usaa) | Systems and methods for utilizing cryptology with virtual ledgers in support of transactions and agreements |
US11032286B1 (en) | 2015-12-02 | 2021-06-08 | United Services Automobile Association (Usaa) | Block chain authentication systems and methods |
US10454677B1 (en) | 2016-02-24 | 2019-10-22 | United Services Automobile Associate (USAA) | Cryptographic key generation from biometric data |
US11854011B1 (en) | 2016-07-11 | 2023-12-26 | United Services Automobile Association (Usaa) | Identity management framework |
CN106504091B (en) * | 2016-10-27 | 2018-06-29 | 深圳壹账通智能科技有限公司 | The method and device merchandised on block chain |
CN108241968B (en) * | 2017-03-26 | 2020-08-14 | 杭州复杂美科技有限公司 | Method for leading processor to participate block chain consensus |
CN108696356B (en) * | 2017-04-05 | 2020-08-18 | 中国移动通信有限公司研究院 | Block chain-based digital certificate deleting method, device and system |
CN108737348A (en) * | 2017-04-21 | 2018-11-02 | 中国科学院信息工程研究所 | A kind of internet of things equipment access control method of the intelligent contract based on block chain |
US10762506B1 (en) | 2017-05-11 | 2020-09-01 | United Services Automobile Association | Token device for distributed ledger based interchange |
CN112929383A (en) * | 2017-05-16 | 2021-06-08 | 江峰 | Multi-center authentication system with block issuing mechanism |
CN107194587A (en) * | 2017-05-24 | 2017-09-22 | 暨南大学 | It is a kind of to be circulated based on block chain and the art work of expert system and identification register method |
CN107193672B (en) * | 2017-05-31 | 2020-01-14 | 无锡井通网络科技有限公司 | Cross-block asynchronous contract calling system |
CN107425981B (en) * | 2017-06-12 | 2020-11-03 | 湖南岳麓山数据科学与技术研究院有限公司 | Block chain-based digital certificate management method and system |
CN107360001B (en) * | 2017-07-26 | 2021-12-14 | 创新先进技术有限公司 | Digital certificate management method, device and system |
CN107592293A (en) | 2017-07-26 | 2018-01-16 | 阿里巴巴集团控股有限公司 | The means of communication, digital certificate management method, device and electronic equipment between block chain node |
US10805085B1 (en) | 2017-08-24 | 2020-10-13 | United Services Automobile Association (Usaa) | PKI-based user authentication for web services using blockchain |
CN107507091A (en) * | 2017-09-07 | 2017-12-22 | 复旦大学 | Enhanced data Right protection method based on block chain and intelligent contract |
CN107590659A (en) * | 2017-09-07 | 2018-01-16 | 中链科技有限公司 | Allocation of landownership and land use right data processing method, system and computer-readable recording medium |
CN110019972A (en) * | 2017-09-25 | 2019-07-16 | 航天信息股份有限公司 | The restoration methods and electronic device of the storage method of electronic invoice, chain of keeping accounts |
CN107749847A (en) * | 2017-10-23 | 2018-03-02 | 济南浪潮高新科技投资发展有限公司 | A kind of method of block chain quadrature digital up-converter |
CN107707410B (en) * | 2017-10-26 | 2021-04-27 | 上海点融信息科技有限责任公司 | Method for configuring system audit service, information processing device and readable storage medium |
CN108074177B (en) * | 2017-12-05 | 2022-01-11 | 深圳前海微众银行股份有限公司 | Data reconciliation method, system and computer-readable storage medium |
CN108537666A (en) * | 2018-04-09 | 2018-09-14 | 深圳市云蚂蚁科技有限责任公司 | A kind of block catenary system and block chain network method of commerce |
CN108616578A (en) * | 2018-04-09 | 2018-10-02 | 上海点融信息科技有限责任公司 | Method for processing business, equipment and the computer readable storage medium of transregional piece of platform chain |
CN108805702B (en) * | 2018-04-19 | 2022-04-01 | 深圳市迅雷网络技术有限公司 | Transaction buffering/accelerating method based on block chain and block chain transaction processing system |
CN108737106B (en) * | 2018-05-09 | 2021-06-01 | 深圳壹账通智能科技有限公司 | User authentication method and device on block chain system, terminal equipment and storage medium |
CN108683539B (en) * | 2018-05-21 | 2022-03-25 | 腾讯科技(深圳)有限公司 | Block chain network management method, block chain network management device, block chain network management medium and electronic equipment |
CN108923928B (en) * | 2018-05-31 | 2024-04-02 | 金华航大北斗应用技术有限公司 | Digital certificate revocation system and method based on block chain |
CN108924092B (en) * | 2018-06-07 | 2020-11-20 | 北京航空航天大学 | Public arbitration distributed cloud storage method and system based on block chain |
CN109035019B (en) * | 2018-07-11 | 2023-06-16 | 平安科技(深圳)有限公司 | Bill transaction method, system, computer device and storage medium |
CN109102401B (en) * | 2018-07-23 | 2021-04-27 | 上海点融信息科技有限责任公司 | Method and device for operating intelligent contracts in block chain network |
CN111091467A (en) * | 2018-10-23 | 2020-05-01 | 上海交通大学 | Stock right transaction management computer simulation system based on block chain and deep learning |
CN109493020B (en) * | 2018-11-08 | 2022-02-11 | 众安信息技术服务有限公司 | Block chain based secure transaction method and device |
CN110032885B (en) * | 2019-02-19 | 2020-03-06 | 阿里巴巴集团控股有限公司 | Method, node and storage medium for implementing privacy protection in block chain |
CN111612452A (en) * | 2019-02-22 | 2020-09-01 | 中细软集团有限公司 | Intellectual property management system and method based on block chain |
KR102203758B1 (en) * | 2019-03-04 | 2021-01-18 | 알리바바 그룹 홀딩 리미티드 | Method and device for handling certificates in blockchain system |
CN110598394B (en) * | 2019-03-28 | 2021-12-21 | 腾讯科技(深圳)有限公司 | Authority verification method and device and storage medium |
CN110163756B (en) * | 2019-05-28 | 2023-07-18 | 深圳市迅雷网络技术有限公司 | Transaction method, system, server and blockchain system based on alliance chain |
CN110601858B (en) * | 2019-09-27 | 2021-05-28 | 腾讯科技(深圳)有限公司 | Certificate management method and device |
CN110807189B (en) * | 2019-11-15 | 2023-07-07 | 内蒙古大学 | Authority segmentation method in block chain access control |
CN111030826A (en) * | 2019-12-06 | 2020-04-17 | 杭州溪塔科技有限公司 | Certificate revocation method and device for block chain network and electronic equipment |
CN110730081B (en) * | 2019-12-17 | 2020-04-14 | 腾讯科技(深圳)有限公司 | Block chain network-based certificate revocation method, related equipment and medium |
CN111538783B (en) * | 2020-04-20 | 2023-05-05 | 成都质数斯达克科技有限公司 | Method, device, terminal and storage medium for intelligent contract execution constraint |
CN111930847B (en) * | 2020-09-16 | 2021-01-08 | 深圳壹账通智能科技有限公司 | Data processing method and device based on block chain and storage medium |
CN115388931B (en) * | 2022-10-27 | 2023-02-03 | 河北省科学院应用数学研究所 | Credible monitoring method, monitoring terminal and storage medium for sensor abnormal data |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6385725B1 (en) * | 1998-08-24 | 2002-05-07 | Entrust Technologies Limited | System and method for providing commitment security among users in a computer network |
CN101316273A (en) * | 2008-05-12 | 2008-12-03 | 华中科技大学 | Distributed safety memory system |
CN102487383A (en) * | 2010-12-02 | 2012-06-06 | 上海可鲁系统软件有限公司 | Industrial internet distributed system safety access control device |
CN105591753A (en) * | 2016-01-13 | 2016-05-18 | 杭州复杂美科技有限公司 | Application method of CA certificate on block chain |
CN106504091A (en) * | 2016-10-27 | 2017-03-15 | 上海亿账通区块链科技有限公司 | The method and device that concludes the business on block chain |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104036033A (en) * | 2014-06-30 | 2014-09-10 | 北京数字认证股份有限公司 | Certificate revocation list caching and checking method of digital certificate |
KR101661930B1 (en) * | 2015-08-03 | 2016-10-05 | 주식회사 코인플러그 | Certificate issuance system based on block chain |
CN105592059A (en) * | 2015-10-14 | 2016-05-18 | 杭州华三通信技术有限公司 | Digital certificate verification method and device |
CN105488722B (en) * | 2015-11-30 | 2019-11-26 | 布比(北京)网络技术有限公司 | Asset data processing method and processing device based on derivative chain |
CN105488431B (en) * | 2015-11-30 | 2019-12-13 | 布比(北京)网络技术有限公司 | Block chain system authority management method and device |
CN105701372B (en) * | 2015-12-18 | 2019-04-09 | 布比(北京)网络技术有限公司 | A kind of building of block chain identity and verification method |
CN105931052A (en) * | 2016-04-21 | 2016-09-07 | 四川大学 | Virtual currency transaction validation method based on block chain multi-factor cross-validation |
-
2016
- 2016-10-27 CN CN201610968783.1A patent/CN106504091B/en active Active
-
2017
- 2017-06-30 WO PCT/CN2017/091253 patent/WO2018076763A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6385725B1 (en) * | 1998-08-24 | 2002-05-07 | Entrust Technologies Limited | System and method for providing commitment security among users in a computer network |
CN101316273A (en) * | 2008-05-12 | 2008-12-03 | 华中科技大学 | Distributed safety memory system |
CN102487383A (en) * | 2010-12-02 | 2012-06-06 | 上海可鲁系统软件有限公司 | Industrial internet distributed system safety access control device |
CN105591753A (en) * | 2016-01-13 | 2016-05-18 | 杭州复杂美科技有限公司 | Application method of CA certificate on block chain |
CN106504091A (en) * | 2016-10-27 | 2017-03-15 | 上海亿账通区块链科技有限公司 | The method and device that concludes the business on block chain |
Cited By (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11218327B2 (en) * | 2017-07-26 | 2022-01-04 | Advanced New Technologies Co., Ltd. | Digital certificate management method and apparatus, and electronic device |
CN109218029A (en) * | 2018-09-27 | 2019-01-15 | 深圳壹账通智能科技有限公司 | The credible querying method of network credentials, device and storage medium based on block chain |
CN109218029B (en) * | 2018-09-27 | 2023-04-21 | 深圳壹账通智能科技有限公司 | Block chain-based network certificate trusted query method, device and storage medium |
CN109615529A (en) * | 2019-02-25 | 2019-04-12 | 中国农业银行股份有限公司 | A kind of credit investigation system based on block chain |
CN109615529B (en) * | 2019-02-25 | 2023-02-24 | 中国农业银行股份有限公司 | Credit investigation system based on block chain |
CN110163751A (en) * | 2019-04-15 | 2019-08-23 | 广州致链科技有限公司 | Block chain access system and its implementation towards alliance's chain |
CN110163751B (en) * | 2019-04-15 | 2023-07-04 | 广州致链科技有限公司 | Block chain access system oriented to alliance chain and implementation method thereof |
US10742423B1 (en) | 2019-09-02 | 2020-08-11 | Alibaba Group Holding Limited | Managing blockchain-based centralized ledger systems |
US10924288B2 (en) | 2019-09-02 | 2021-02-16 | Advanced New Technologies Co., Ltd. | Managing blockchain-based centralized ledger systems |
WO2021042246A1 (en) * | 2019-09-02 | 2021-03-11 | Advanced New Technologies Co., Ltd. | Managing blockchain-based centralized ledger systems |
CN110620776B (en) * | 2019-09-24 | 2021-11-26 | 腾讯科技(深圳)有限公司 | Data transfer information transmission method and device |
CN110620776A (en) * | 2019-09-24 | 2019-12-27 | 腾讯科技(深圳)有限公司 | Data transfer information transmission method and device |
CN110598482B (en) * | 2019-09-30 | 2023-09-15 | 腾讯科技(深圳)有限公司 | Digital certificate management method, device, equipment and storage medium based on blockchain |
CN110598482A (en) * | 2019-09-30 | 2019-12-20 | 腾讯科技(深圳)有限公司 | Block chain-based digital certificate management method, device, equipment and storage medium |
CN110992035A (en) * | 2019-12-13 | 2020-04-10 | 中国工商银行股份有限公司 | Block chain link point management method, device and system |
US11250428B2 (en) | 2020-04-22 | 2022-02-15 | Alipay (Hangzhou) Information Technology Co., Ltd. | Managing transaction requests in ledger systems |
US11455631B2 (en) | 2020-04-22 | 2022-09-27 | Alipay (Hangzhou) Information Technology Co., Ltd. | Managing transaction requests in ledger systems |
US11455297B2 (en) | 2020-04-22 | 2022-09-27 | Alipay (Hangzhou) Information Technology Co., Ltd. | Managing transaction requests in ledger systems |
CN112418854A (en) * | 2020-10-09 | 2021-02-26 | 深圳华工能源技术有限公司 | Energy-saving certificate management method based on block chain technology |
CN113141257A (en) * | 2021-03-26 | 2021-07-20 | 深圳国实检测技术有限公司 | Revocation list updating method and storage medium |
CN113141257B (en) * | 2021-03-26 | 2022-06-07 | 深圳国实检测技术有限公司 | Revocation list updating method and storage medium |
CN113504978A (en) * | 2021-07-14 | 2021-10-15 | 上海点融信息科技有限责任公司 | Method, apparatus and readable storage medium for determining out-of-block time of block chain |
CN116827648A (en) * | 2023-07-07 | 2023-09-29 | 亚数信息科技(上海)有限公司 | Website effectiveness detection method, device, equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN106504091B (en) | 2018-06-29 |
CN106504091A (en) | 2017-03-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2018076763A1 (en) | Method and system for transaction on block chain, electronic device, and storage medium | |
CN116112274B (en) | Blockchain, management group rights and integration of access in an enterprise environment | |
US10771240B2 (en) | Dynamic blockchain system and method for providing efficient and secure distributed data access, data storage and data transport | |
WO2019205849A1 (en) | Authentication method and apparatus for blockchain access, and storage medium and electronic apparatus | |
JP6859506B2 (en) | Digital certificate management methods, devices, and systems | |
TWI713840B (en) | Digital certificate management method, device and electronic equipment | |
CN108370318B (en) | Method and system for blockchain variants using digital signatures | |
TWI741314B (en) | Block chain-based data storage method and device, and electronic equipment | |
CN110516474B (en) | User information processing method and device in blockchain network, electronic equipment and storage medium | |
US10956614B2 (en) | Expendable access control | |
WO2020207233A1 (en) | Permission control method and apparatus for blockchain | |
JP2023029895A (en) | System, methods and apparatus for embodying model with intelligent consent, smart consent, and weighting consent for distributed ledger technology in cloud-based computing environment | |
EP4002758A1 (en) | Security token validation | |
US20180225466A1 (en) | Access control | |
US20170316497A1 (en) | Method for creating, registering, revoking authentication information and server using the same | |
CN111935094A (en) | Database access method, device, system and computer readable storage medium | |
CN110543545B (en) | File management method, device and storage medium based on block chain | |
WO2019114097A1 (en) | Blockchain-based distributed storage method | |
US12052259B2 (en) | Blockchain folding | |
WO2017054985A1 (en) | Access control | |
WO2020108114A1 (en) | Blockchain-based data attestation method and apparatus, and electronic device | |
US20230370265A1 (en) | Method, Apparatus and Device for Constructing Token for Cloud Platform Resource Access Control | |
CN108334595B (en) | Data sharing method and device | |
GB2540976A (en) | Access control | |
US11057368B2 (en) | Issuing a certificate based on an identification of an application |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 17864953 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 13/08/2019) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 17864953 Country of ref document: EP Kind code of ref document: A1 |