[go: up one dir, main page]

CN110247894A - The method and device of handle server is forged in a kind of identification - Google Patents

The method and device of handle server is forged in a kind of identification Download PDF

Info

Publication number
CN110247894A
CN110247894A CN201910407635.6A CN201910407635A CN110247894A CN 110247894 A CN110247894 A CN 110247894A CN 201910407635 A CN201910407635 A CN 201910407635A CN 110247894 A CN110247894 A CN 110247894A
Authority
CN
China
Prior art keywords
handle
target
cryptographic hash
server
code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910407635.6A
Other languages
Chinese (zh)
Other versions
CN110247894B (en
Inventor
史可
贾雪琴
邢宇龙
胡云
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN201910407635.6A priority Critical patent/CN110247894B/en
Publication of CN110247894A publication Critical patent/CN110247894A/en
Application granted granted Critical
Publication of CN110247894B publication Critical patent/CN110247894B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

本发明的实施例提供一种识别伪造handle服务器的方法及装置,涉及互联网技术领域,能够在handle系统标识的解析过程中确保handle服务器没有被篡改。该方法包括:获取客户端发送的目标handle码解析请求;若确定目标handle码解析请求中包括保密请求,则获取区块链上存储的目标handle码进行哈希变换后的第一哈希值对应的第二哈希值;根据目标handle码匹配目标home服务信息;将目标home服务信息进行哈希变换,获取第三哈希值;若确定第二哈希值与第三哈希值相同,则确定handle服务器没有被伪造。本申请实施例应用于handle系统标识的解析。

Embodiments of the present invention provide a method and device for identifying a fake handle server, which relate to the technical field of the Internet and can ensure that the handle server has not been tampered with during the resolution process of the handle system identifier. The method includes: obtaining the target handle code analysis request sent by the client; if it is determined that the target handle code analysis request includes a confidentiality request, then obtaining the first hash value corresponding to the target handle code stored on the block chain after hash transformation The second hash value; match the target home service information according to the target handle code; perform hash transformation on the target home service information to obtain the third hash value; if it is determined that the second hash value is the same as the third hash value, then Make sure the handle server is not forged. The embodiment of the present application is applied to the resolution of the handle system identifier.

Description

一种识别伪造handle服务器的方法及装置A method and device for identifying fake handle servers

技术领域technical field

本发明的实施例涉及互联网技术领域,尤其涉及一种识别伪造handle服务器的方法及装置。The embodiments of the present invention relate to the technical field of the Internet, and in particular to a method and device for identifying a fake handle server.

背景技术Background technique

Handle系统作为一种通用的名称服务系统,能够为网络中的数字对象提供永久标识、动态链接和安全管理等基础服务,近年来随着互联网的发展,以及物联网等新技术的兴起,handle系统获得了更加广阔的应用前景。As a general name service system, the Handle system can provide basic services such as permanent identification, dynamic links and security management for digital objects in the network. In recent years, with the development of the Internet and the rise of new technologies such as the Internet of Things, the handle system Gained a broader application prospect.

Handle系统的安全性依赖于客户端和handle服务器的安全性。在进行业务时,通常handle系统与客户端相互之间完全信任。handle系统的完整性在很大程度上取决于全局服务的信息的完整性,其中全局服务的信息包括本地handle服务,本地handle服务下包括home服务。无效的全局服务信息不但可能会误导客户端使用不适当的本地handle服务,而且该无效的全局服务的信息还会允许攻击者伪造handle服务器签名。除此之外,出于效率的考虑,只有在客户端特别要求的情况下,handle服务器才会为home服务响应生成或返回数字签名,并且,为了确保数据的完整性,客户端必须显式地要求handle服务器返回数字签名,在此情况下,为了保护敏感数据不被公开,客户端可以与handle服务器建立通信会话后,要求handle服务器使用会话密钥加密任何数据。The security of the Handle system depends on the security of the client and the handle server. When conducting business, usually the handle system and the client fully trust each other. The integrity of the handle system largely depends on the integrity of the information of the global service, where the information of the global service includes the local handle service, and the local handle service includes the home service. Invalid global service information may not only mislead the client to use an inappropriate local handle service, but the invalid global service information may also allow an attacker to forge the handle server signature. In addition, for the sake of efficiency, the handle server will generate or return a digital signature for the home service response only if the client specifically requests it, and, in order to ensure data integrity, the client must explicitly The handle server is required to return a digital signature. In this case, in order to protect sensitive data from being disclosed, the client can establish a communication session with the handle server and ask the handle server to encrypt any data with the session key.

因此,现有的handle系统的安全性在每一次handle服务器与客户端交互过程中都强度依赖handle服务器自身和客户端自身的安全性。而handle系统为了效率,若未收到客户端返回数字签名的要求,则handle服务器不会为每个home服务响应生成或返回数字签名,而为了确保数据的完整性,客户端必须显式地要求handle服务器返回数字签名。当数据敏感时,虽然需要客户端和handle服务器建立会话后handle服务器再使用密钥加密数据,但仍旧存在客户端显式要求handle系统返回数字签名,而无效的全局服务信息会允许攻击者伪造服务器签名,因此,现有handle系统在整体安全性上存在漏洞。Therefore, the security of the existing handle system strongly depends on the security of the handle server itself and the client itself during each interaction between the handle server and the client. For the sake of efficiency, the handle system will not generate or return a digital signature for each home service response if it does not receive a request from the client to return a digital signature. In order to ensure data integrity, the client must explicitly request The handle server returns a digital signature. When the data is sensitive, although the client needs to establish a session with the handle server and then the handle server uses the key to encrypt the data, there are still cases where the client explicitly requires the handle system to return a digital signature, and invalid global service information will allow attackers to forge the server Signature, therefore, there are loopholes in the overall security of the existing handle system.

发明内容Contents of the invention

本发明的实施例提供一种识别伪造handle服务器的方法及装置,能够在handle系统标识的解析过程中确保handle服务器没有被篡改。Embodiments of the present invention provide a method and device for identifying a fake handle server, which can ensure that the handle server has not been tampered with during the resolution process of the handle system identifier.

第一方面,提供一种识别伪造handle服务器的方法,包括如下步骤:获取客户端发送的目标handle码解析请求,其中,目标handle码解析请求中包括目标handle码;若确定目标handle码解析请求中包括保密请求,则获取区块链上存储的目标handle码进行哈希变换后的第一哈希值对应的第二哈希值,其中,第二哈希值为在区块链上预存的为目标handle码匹配的home服务信息的哈希值;根据目标handle码匹配目标home服务信息;将目标home服务信息进行哈希变换,获取第三哈希值;若确定第二哈希值与第三哈希值相同,则确定handle服务器没有被伪造,其中,目标home服务信息用来指示客户端选取handle服务器。In the first aspect, a method for identifying a fake handle server is provided, comprising the steps of: obtaining a target handle code analysis request sent by a client, wherein the target handle code analysis request includes a target handle code; Including a confidentiality request, then obtain the second hash value corresponding to the first hash value after hash transformation of the target handle code stored on the blockchain, wherein the second hash value is pre-stored on the blockchain as The hash value of the home service information matched by the target handle code; match the target home service information according to the target handle code; perform hash transformation on the target home service information to obtain the third hash value; if the second hash value and the third hash value are determined If the hash values are the same, it is determined that the handle server is not forged, wherein the target home service information is used to instruct the client to select the handle server.

上述方案中,获取客户端发送的目标handle码解析请求,其中,目标handle码解析请求中包括目标handle码;若确定目标handle码解析请求中包括保密请求,则获取区块链上存储的目标handle码进行哈希变换后的第一哈希值对应的第二哈希值,其中,第二哈希值为在区块链上预存的为目标handle码匹配的home服务信息的哈希值;根据目标handle码匹配目标home服务信息;将目标home服务信息进行哈希变换,获取第三哈希值;若确定第二哈希值与第三哈希值相同,则确定handle服务器没有被伪造。本申请中将哈希变换与区块链存储结合用于判断handle服务器是否被伪造的依据,当存储于区块链中的为目标handle码匹配的home服务信息的第二哈希值与客户端需要解析的目标handle码匹配的目标home服务信息的第三哈希值相同时,确定handle服务器没有被伪造,当数据敏感时,能够自主识别handle服务器的正确与否,避免了现有技术中在handle系统标识的解析过程中强度依赖handle服务器自身和客户端自身的安全性。In the above solution, the target handle code analysis request sent by the client is obtained, wherein the target handle code analysis request includes the target handle code; if it is determined that the target handle code analysis request includes a confidentiality request, then the target handle stored on the blockchain is obtained The second hash value corresponding to the first hash value after hash transformation of the code, wherein the second hash value is the hash value of the home service information that matches the target handle code pre-stored on the blockchain; according to The target handle code matches the target home service information; performs hash transformation on the target home service information to obtain a third hash value; if it is determined that the second hash value is the same as the third hash value, then it is determined that the handle server has not been forged. In this application, the combination of hash transformation and blockchain storage is used as the basis for judging whether the handle server is forged. When the second hash value of the home service information that matches the target handle code and the client When the third hash value of the target home service information matched by the target handle code that needs to be parsed is the same, it is determined that the handle server is not forged. When the data is sensitive, it can independently identify whether the handle server is correct or not, avoiding the problem of The strength of the resolution process of the handle system identifier depends on the security of the handle server itself and the client itself.

第二方面,提供一种识别伪造handle服务器的装置,包括:获取模块,用于获取客户端发送的目标handle码解析请求,其中,目标handle码解析请求中包括目标handle码;获取模块,还用于若确定目标handle码解析请求中包括保密请求,则获取区块链上存储的目标handle码进行哈希变换后的第一哈希值对应的第二哈希值,其中,第二哈希值为在区块链上预存的为目标handle码匹配的home服务信息的哈希值;匹配模块,用于根据获取模块获取的目标handle码匹配目标home服务信息;处理模块,用于将匹配模块匹配的目标home服务信息进行哈希变换,获取第三哈希值;确定模块,用于若确定获取模块获取的第二哈希值与处理模块得到的第三哈希值相同,则确定handle服务器没有被伪造,其中,目标home服务信息用来指示客户端选取handle服务器。In a second aspect, a device for identifying a fake handle server is provided, including: an acquisition module configured to acquire a target handle code analysis request sent by a client, wherein the target handle code analysis request includes a target handle code; the acquisition module also uses If it is determined that the target handle code parsing request includes a confidentiality request, then obtain the second hash value corresponding to the first hash value after hash transformation of the target handle code stored on the block chain, wherein the second hash value is the hash value of the home service information that matches the target handle code pre-stored on the block chain; the matching module is used to match the target home service information according to the target handle code obtained by the acquisition module; the processing module is used to match the matching module The target home service information is hash transformed to obtain the third hash value; the determination module is used to determine that the handle server does not have the same value as the third hash value obtained by the processing module Forged, where the target home service information is used to instruct the client to select the handle server.

第三方面,提供一种识别伪造handle服务器的装置,包括通信接口、处理器、存储器、总线;存储器用于存储计算机执行指令,处理器与存储器通过总线连接,当识别伪造handle服务器的装置运行时,处理器执行存储器存储的计算机执行指令,以使识别伪造handle服务器的装置执行如上述第一方面的识别伪造handle服务器的方法。In a third aspect, a device for identifying a fake handle server is provided, including a communication interface, a processor, a memory, and a bus; the memory is used to store computer-executed instructions, and the processor and the memory are connected through the bus, and when the device for identifying a fake handle server is running The processor executes the computer-executable instructions stored in the memory, so that the device for identifying a counterfeit handle server executes the method for identifying a counterfeit handle server according to the first aspect above.

第四方面,提供一种计算机存储介质,包括指令,当指令在计算机上运行时,使得计算机执行如上述的识别伪造handle服务器的方法。In a fourth aspect, a computer storage medium is provided, including instructions, and when the instructions are run on a computer, the computer is made to execute the method for identifying a fake handle server as described above.

第五方面,提供一种计算机程序产品,计算机程序产品包括指令代码,指令代码用于执行如上述的识别伪造handle服务器的方法。According to a fifth aspect, a computer program product is provided, the computer program product includes instruction codes, and the instruction codes are used to execute the method for identifying fake handle servers as described above.

可以理解地,上述提供的任一种识别伪造handle服务器的装置、计算机存储介质或计算机程序产品均用于执行上文所提供的第一方面对应的方法,因此,其所能达到的有益效果可参考上文第一方面的方法以及下文具体实施方式中对应的方案的有益效果,此处不再赘述。It can be understood that any device, computer storage medium, or computer program product provided above for identifying a counterfeit handle server is used to execute the method corresponding to the first aspect provided above, and therefore, the beneficial effects it can achieve can be Referring to the method in the first aspect above and the beneficial effects of the corresponding solution in the detailed implementation below, details are not repeated here.

附图说明Description of drawings

为了更清楚地说明本发明实施例的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the following will briefly introduce the accompanying drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only some of the present invention. Embodiments, for those of ordinary skill in the art, other drawings can also be obtained based on these drawings without any creative effort.

图1为本发明的实施例提供的一种handle系统架构示意图;Fig. 1 is a schematic diagram of a handle system architecture provided by an embodiment of the present invention;

图2为本发明的实施例提供的一种识别伪造handle服务器的方法示意图;Fig. 2 is a schematic diagram of a method for identifying a fake handle server provided by an embodiment of the present invention;

图3为本发明的实施例提供的一种识别伪造handle服务器的装置的结构示意图;FIG. 3 is a schematic structural diagram of a device for identifying a fake handle server provided by an embodiment of the present invention;

图4为本发明的另一实施例提供的一种识别伪造handle服务器的装置的结构示意图。Fig. 4 is a schematic structural diagram of an apparatus for identifying a fake handle server provided by another embodiment of the present invention.

具体实施方式Detailed ways

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

Handle系统采用分布式管理架构,实现各数据存储系统分布式管理。在Handle系统分布式管理架构下,可低成本、快速地搭建服务平台,与不同系统简单快速对接,支撑各类应用,为其提供服务。Handle系统的分布式服务系统架构,参照图1所示,顶层是由一个全局服务构成,其中,全局服务称为全局handle注册中心(global handle registry,GHR)。下层则由本地handle服务1(local handle service,LHS)、本地handle服务2等所有的本地handle服务组成,其中,每个本地handle服务拥有自己的子名称空间,例如,本地handle服务1拥有子名称空间1,本地handle服务2拥有子名称空间2。一个本地handle服务由两个部分构成:命名权限(naming authority),称为home服务,又称为前缀;以及在该命名权限之下的唯一的handle,称为后缀,即本申请中的handle码,例如,本地handle服务1在子名称空间1下拥有home服务11、home服务12,其中,home服务11之下对应唯一的handle1、home服务12之下对应唯一的handle2;本地handle服务2在子名称空间2下拥有home服务21、home服务22,其中,home服务21之下对应唯一的handle3、home服务22之下对应唯一的handle4。The Handle system adopts a distributed management architecture to realize distributed management of each data storage system. Under the distributed management architecture of the Handle system, a service platform can be built at low cost and quickly, and it can be easily and quickly connected with different systems to support various applications and provide services for them. The distributed service system architecture of the Handle system, as shown in Figure 1, the top layer is composed of a global service, where the global service is called the global handle registry (global handle registry, GHR). The lower layer is composed of all local handle services such as local handle service 1 (local handle service, LHS), local handle service 2, etc., where each local handle service has its own sub-name space, for example, local handle service 1 has a sub-name Space 1, local handle service 2 owns subnamespace 2. A local handle service consists of two parts: naming authority, called home service, also called prefix; and the unique handle under the naming authority, called suffix, which is the handle code in this application , for example, local handle service 1 has home service 11 and home service 12 under sub-namespace 1, among which, the only handle1 under home service 11 and the only handle2 under home service 12; the local handle service 2 is in sub-namespace The namespace 2 has a home service 21 and a home service 22, where the home service 21 corresponds to the unique handle3, and the home service 22 corresponds to the unique handle4.

基于上述handle系统的分布式服务系统架构,任何本地handle服务的子名称空间都可以由相应的本地handle服务、全局服务或两者同时提供服务。全局服务可用于将任何handle服务请求发送到负责的本地handle服务。Handle系统的分布式服务结构允许将任何给定的handle服务复制到多个home服务下的服务站点,每个服务站点可以进一步将其分发到单个handle服务器集群中。本地handle服务在home服务下为handle提供解析和管理服务的唯一服务,因此,在解析handle之前,客户端必须确定该handle的home服务。每个handle的home服务都在全局handle注册中心注册。客户端可以通过在全局handle注册中心查询命名权限handle来找到每个handle的home服务。客户端向全局handle注册中心发送handle解析请求;全局handle注册中心根据handle解析请求查询到home服务,向客户端返回home服务的服务信息,即home服务信息,其中,home服务信息列出给定home服务的服务站点,以及每个服务站点中每个handle服务器的接口;客户端从服务信息选择一个服务站点,在站点中找到负责的handle服务器,并将handle解析请求发送到handle服务器。例如,需要解析的handle码为"ncstrl.vatech_cs/te-93-35"。则客户端需要知道“ncstrl.vatech_cs”的home服务。可以通过handle系统在GHR查询命名权限handle“0.NA/ncstrl.vatech_cs”来获得home服务。handle系统将根据home服务返回home服务信息。从home服务信息中,客户端可以选择一个服务站点,在服务站点中找到负责的handle服务器,并将解析请求发送到handle服务器。Based on the above-mentioned distributed service system architecture of the handle system, any sub-namespace of a local handle service can be served by the corresponding local handle service, global service, or both. The global service can be used to send any handle service request to the responsible local handle service. The distributed service structure of the Handle system allows any given handle service to be replicated to service sites under multiple home services, and each service site can further distribute it to a single handle server cluster. The local handle service is the only service that provides resolution and management services for the handle under the home service. Therefore, before parsing the handle, the client must determine the home service of the handle. The home service of each handle is registered in the global handle registry. Clients can find each handle's home service by querying the global handle registry for named authority handles. The client sends a handle resolution request to the global handle registration center; the global handle registration center queries the home service according to the handle resolution request, and returns the service information of the home service to the client, that is, the home service information, where the home service information lists the given home The service site of the service, and the interface of each handle server in each service site; the client selects a service site from the service information, finds the responsible handle server in the site, and sends the handle resolution request to the handle server. For example, the handle code to be parsed is "ncstrl.vatech_cs/te-93-35". Then the client needs to know the home service of "ncstrl.vatech_cs". The home service can be obtained by querying the naming authority handle "0.NA/ncstrl.vatech_cs" in GHR through the handle system. The handle system will return home service information according to the home service. From the home service information, the client can select a service site, find the responsible handle server in the service site, and send the parsing request to the handle server.

基于上述handle系统架构以及客户端在全局handle注册中心查询handle服务器的方法,本申请提供一种识别伪造handle服务器的方法,参照图2所示,具体包括如下步骤:Based on the above-mentioned handle system architecture and the method for the client to query the handle server in the global handle registration center, this application provides a method for identifying a fake handle server, as shown in Figure 2, which specifically includes the following steps:

201、获取客户端发送的目标handle码解析请求。201. Obtain the target handle code parsing request sent by the client.

首先,由于解析与管理目标handle码是由home服务提供的,而home服务也是唯一的提供者,home服务信息会列出给定home服务的服务站点,以及每个服务站点中每个handle服务器的接口,客户端从服务信息选择一个服务站点,在站点中找到负责的handle服务器,并将handle解析请求发送到handle服务器,因此,在解析目标handle码之前,客户端需要确定home服务信息。First of all, since the parsing and management target handle code is provided by the home service, and the home service is also the only provider, the home service information will list the service sites of the given home service, and the address of each handle server in each service site Interface, the client selects a service site from the service information, finds the responsible handle server in the site, and sends the handle resolution request to the handle server. Therefore, the client needs to determine the home service information before parsing the target handle code.

因此,优选的,在目标handle码申请后第一次使用时,为目标handle码匹配home服务信息。即,handle系统第一次获取到目标handle码时,在全局handle注册中心为目标handle码查询home服务,并获取home服务信息。Therefore, preferably, when the target handle code is used for the first time after application, the target handle code is matched with the home service information. That is, when the handle system obtains the target handle code for the first time, it queries the home service for the target handle code in the global handle registration center and obtains the home service information.

进一步,将目标handle码进行哈希变换(hash),获取第一哈希值,此时,将全局唯一的目标handle码进行hash,生成一串目前技术不能逆向破解的256位字符串,即第一哈希值。Further, the target handle code is hashed to obtain the first hash value. At this time, the globally unique target handle code is hashed to generate a string of 256-bit strings that cannot be reversed by current technology, that is, the first hash value a hash value.

进一步,将home服务信息进行哈希变换,获取第二哈希值。包括:若确定home服务信息的生存时间超时,则重新为目标handle码匹配新的home服务信息,将新的home服务信息进行哈希变换,获取第二哈希值。例如,home服务信息的生存时间为24小时,则home服务信息存活24小时之后,handle系统重新在全局handle注册中心为目标handle码查询匹配新的home服务,再将该home服务的服务信息进行hash,获取第二哈希值。Further, hash transformation is performed on the home service information to obtain a second hash value. Including: if it is determined that the lifetime of the home service information is overtime, re-match the target handle code with new home service information, perform hash transformation on the new home service information, and obtain a second hash value. For example, if the survival time of home service information is 24 hours, after the survival time of home service information for 24 hours, the handle system will query and match the new home service for the target handle code in the global handle registration center, and then hash the service information of the home service , get the second hash value.

进一步,关联第一哈希值与第二哈希值,生成关联结果。Further, associate the first hash value with the second hash value to generate an association result.

优选的,可以采用传统数据库表的形式将第一哈希值与第二哈希值进行关联,生成关联表。当然,也可以采用json的键值对形式将第一哈希值与第二哈希值进行关联,生成关联键值对。Preferably, the first hash value can be associated with the second hash value in the form of a traditional database table to generate an association table. Of course, the first hash value and the second hash value may also be associated in the form of a json key-value pair to generate an associated key-value pair.

进一步,将关联结果存入区块链。Further, the association results are stored in the blockchain.

其次,当客户端需要进行目标handle码解析时,向handle系统发送目标handle码解析请求,handle系统获取客户端发送的目标handle码解析请求,其中,目标handle码解析请求中包括目标handle码。Secondly, when the client needs to analyze the target handle code, it sends a target handle code analysis request to the handle system, and the handle system obtains the target handle code analysis request sent by the client, wherein the target handle code analysis request includes the target handle code.

202、若确定目标handle码解析请求中包括保密请求,则获取区块链上存储的目标handle码进行哈希变换后的第一哈希值对应的第二哈希值。202. If it is determined that the target handle code parsing request includes a confidentiality request, obtain a second hash value corresponding to the first hash value of the target handle code stored on the blockchain after hash transformation.

其中,第二哈希值为在区块链上预存的为目标handle码匹配的home服务信息的哈希值,即步骤201中的第二哈希值。Wherein, the second hash value is the hash value of the home service information that matches the target handle code pre-stored on the block chain, that is, the second hash value in step 201 .

203、根据目标handle码匹配目标home服务信息。203. Match the target home service information according to the target handle code.

具体的,handle系统根据目标handle码在全局handle注册中心查询目标home服务,并获取目标home服务信息。Specifically, the handle system queries the target home service in the global handle registration center according to the target handle code, and obtains the target home service information.

204、将目标home服务信息进行哈希变换,获取第三哈希值。204. Perform hash transformation on the target home service information to obtain a third hash value.

205、若确定第二哈希值与第三哈希值相同,则确定handle服务器没有被伪造。205. If it is determined that the second hash value is the same as the third hash value, determine that the handle server is not forged.

具体的,第二哈希值为在区块链上预存的为目标handle码匹配的home服务信息的哈希值,第三哈希值为客户端发送的目标handle码最新匹配的目标home服务信息的哈希值;由于两次是为同一个目标handle码匹配home服务信息,因此,若home服务信息的第二哈希值与目标home服务信息的第三哈希值相同,则可确定目标home服务信息中携带的服务站点以及服务器的接口没有被修改,即handle服务器没有被伪造。Specifically, the second hash value is the hash value of the home service information that matches the target handle code pre-stored on the blockchain, and the third hash value is the latest target home service information that matches the target handle code sent by the client hash value; since the two times match the home service information for the same target handle code, if the second hash value of the home service information is the same as the third hash value of the target home service information, the target home can be determined The service site and server interface carried in the service information have not been modified, that is, the handle server has not been forged.

其中,目标home服务信息用来指示客户端选取handle服务器。Wherein, the target home service information is used to instruct the client to select a handle server.

具体的,由于目标home服务信息会列出给定目标home服务的服务站点,以及每个服务站点中每个handle服务器的接口。handle系统将目标home服务信息反馈给客户端,客户端从服务信息选择一个服务站点,在站点中找到负责的handle服务器,并将handle解析请求发送到handle服务器。Specifically, because the target home service information will list the service sites of the given target home service, and the interface of each handle server in each service site. The handle system feeds back the target home service information to the client. The client selects a service site from the service information, finds the responsible handle server in the site, and sends the handle resolution request to the handle server.

进一步的,本申请中与目标handle码的哈希值进行关联的也可以为home服务内其他存在全局唯一标识的信息、服务。Further, in this application, what is associated with the hash value of the target handle code may also be other information and services with globally unique identifiers in the home service.

上述方案中,获取客户端发送的目标handle码解析请求,其中,目标handle码解析请求中包括目标handle码;若确定目标handle码解析请求中包括保密请求,则获取区块链上存储的目标handle码进行哈希变换后的第一哈希值对应的第二哈希值,其中,第二哈希值为在区块链上预存的为目标handle码匹配的home服务信息的哈希值;根据目标handle码匹配目标home服务信息;将目标home服务信息进行哈希变换,获取第三哈希值;若确定第二哈希值与第三哈希值相同,则确定handle服务器没有被伪造。本申请中将哈希变换与区块链存储结合用于判断handle服务器是否被伪造的依据,当存储于区块链中的为目标handle码匹配的home服务信息的第二哈希值与客户端需要解析的目标handle码匹配的目标home服务信息的第三哈希值相同时,确定handle服务器没有被伪造,当数据敏感时,能够自主识别handle服务器的正确与否,避免了现有技术中在handle系统标识的解析过程中强度依赖handle服务器自身和客户端自身的安全性。In the above solution, the target handle code analysis request sent by the client is obtained, wherein the target handle code analysis request includes the target handle code; if it is determined that the target handle code analysis request includes a confidentiality request, then the target handle stored on the blockchain is obtained The second hash value corresponding to the first hash value after hash transformation of the code, wherein the second hash value is the hash value of the home service information that matches the target handle code pre-stored on the blockchain; according to The target handle code matches the target home service information; performs hash transformation on the target home service information to obtain a third hash value; if it is determined that the second hash value is the same as the third hash value, then it is determined that the handle server has not been forged. In this application, the combination of hash transformation and blockchain storage is used as the basis for judging whether the handle server is forged. When the second hash value of the home service information that matches the target handle code and the client When the third hash value of the target home service information matched by the target handle code that needs to be parsed is the same, it is determined that the handle server is not forged. When the data is sensitive, it can independently identify whether the handle server is correct or not, avoiding the problem of The strength of the resolution process of the handle system identifier depends on the security of the handle server itself and the client itself.

本发明实施例可以根据上述的方法实施例对识别伪造handle服务器的装置进行功能模块的划分,例如,可以对应各个功能划分各个功能模块,也可以将两个或两个以上的功能集成在一个处理模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。需要说明的是,本发明实施例中对模块的划分是示意性的,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。The embodiment of the present invention can divide the functional modules of the device for identifying fake handle servers according to the above-mentioned method embodiments, for example, each functional module can be divided corresponding to each function, or two or more functions can be integrated into one processing module. The above-mentioned integrated modules can be implemented in the form of hardware or in the form of software function modules. It should be noted that the division of modules in the embodiment of the present invention is schematic, and is only a logical function division, and there may be another division manner in actual implementation.

在采用对应各个功能划分各个功能模块的情况下,图3给出了上述实施例中涉及的识别伪造handle服务器的装置的一种可能的结构示意图。用于实施上述的识别伪造handle服务器的方法,其中,识别伪造handle服务器的装置应用于handle系统。具体的,包括:In the case of dividing each functional module corresponding to each function, FIG. 3 shows a possible structural diagram of the device for identifying a fake handle server involved in the above embodiment. For implementing the above method for identifying a fake handle server, wherein the device for identifying a fake handle server is applied to a handle system. Specifically, including:

获取模块31,用于获取客户端发送的目标handle码解析请求,其中,所述目标handle码解析请求中包括目标handle码;所述获取模块31,还用于若确定所述目标handle码解析请求中包括保密请求,则获取区块链上存储的所述目标handle码进行哈希变换后的第一哈希值对应的第二哈希值,其中,所述第二哈希值为在所述区块链上预存的为所述目标handle码匹配的home服务信息的哈希值;匹配模块32,用于根据所述获取模块31获取的所述目标handle码匹配目标home服务信息;处理模块33,用于将所述匹配模块32匹配的所述目标home服务信息进行哈希变换,获取第三哈希值;确定模块34,用于若确定所述获取模块31获取的所述第二哈希值与所述处理模块33得到的所述第三哈希值相同,则确定所述handle服务器没有被伪造,其中,所述目标home服务信息用来指示客户端选取handle服务器。The obtaining module 31 is used to obtain the target handle code analysis request sent by the client, wherein the target handle code analysis request includes the target handle code; the obtaining module 31 is also used to determine the target handle code analysis request includes a confidentiality request, then obtain the second hash value corresponding to the first hash value after the hash transformation of the target handle code stored on the block chain, wherein the second hash value is in the The hash value of the home service information pre-stored on the block chain for the target handle code matching; the matching module 32 is used to match the target home service information according to the target handle code obtained by the acquisition module 31; the processing module 33 , used to perform hash transformation on the target home service information matched by the matching module 32 to obtain a third hash value; a determining module 34, used to determine the second hash obtained by the obtaining module 31 If the value is the same as the third hash value obtained by the processing module 33, it is determined that the handle server is not forged, wherein the target home service information is used to instruct the client to select the handle server.

可选的,所述获取模块31,还用于获取所述目标handle码;所述匹配模块32,还用于为所述目标handle码匹配home服务信息;所述处理模块33,还用于将所述目标handle码进行哈希变换,获取第一哈希值;所述处理模块33,还用于将所述home服务信息进行哈希变换,获取第二哈希值;关联模块35,用于关联所述第一哈希值与所述第二哈希值,生成关联结果;所述处理模块33,还用于将所述关联结果存入区块链。Optionally, the obtaining module 31 is also used to obtain the target handle code; the matching module 32 is also used to match the home service information for the target handle code; the processing module 33 is also used to The target handle code is subjected to hash transformation to obtain a first hash value; the processing module 33 is also configured to perform hash transformation on the home service information to obtain a second hash value; the association module 35 is used to Associating the first hash value with the second hash value to generate an association result; the processing module 33 is further configured to store the association result in a block chain.

可选的,所述关联模块35,具体用于采用传统数据库表的形式将所述第一哈希值与所述第二哈希值进行关联,生成关联表。Optionally, the association module 35 is specifically configured to associate the first hash value with the second hash value in the form of a traditional database table to generate an association table.

可选的,所述关联模块35,具体用于采用json的键值对形式将所述第一哈希值与所述第二哈希值进行关联,生成关联键值对。Optionally, the association module 35 is specifically configured to associate the first hash value with the second hash value in the form of a json key-value pair to generate an associated key-value pair.

可选的,所述匹配模块32,还用于若确定所述home服务信息的生存时间超时,则重新为所述目标handle码匹配新的home服务信息;所述处理模块33,还用于将所述新的home服务信息进行哈希变换,获取第二哈希值。Optionally, the matching module 32 is further configured to re-match new home service information for the target handle code if it is determined that the lifetime of the home service information is overtime; the processing module 33 is also configured to Perform hash transformation on the new home service information to obtain a second hash value.

在采用集成的模块的情况下,识别伪造handle服务器的装置包括:存储单元、处理单元以及接口单元。处理单元用于对识别伪造handle服务器的装置的动作进行控制管理。接口单元,用于识别伪造handle服务器的装置与其他设备的信息交互。存储单元,用于存储识别伪造handle服务器的装置的程序代码和数据。In the case of using an integrated module, the device for identifying a fake handle server includes: a storage unit, a processing unit, and an interface unit. The processing unit is used to control and manage actions of the device for identifying a fake handle server. The interface unit is used to exchange information between the device for identifying the fake handle server and other devices. The storage unit is used for storing the program code and data of the device for identifying the counterfeit handle server.

其中,以处理单元为处理器,存储单元为存储器,接口单元为通信接口为例。其中,识别伪造handle服务器的装置参照图4中所示,包括通信接口401、处理器402、存储器403和总线404,通信接口401、处理器402通过总线404与存储器403相连。Wherein, the processing unit is a processor, the storage unit is a memory, and the interface unit is a communication interface as an example. Wherein, the device for identifying a fake handle server is shown in FIG.

处理器402可以是一个通用中央处理器(Central Processing Unit,CPU),微处理器,特定应用集成电路(Application-Specific Integrated Circuit,ASIC),或一个或多个用于控制本申请方案程序执行的集成电路。The processor 402 may be a general-purpose central processing unit (Central Processing Unit, CPU), a microprocessor, a specific application integrated circuit (Application-Specific Integrated Circuit, ASIC), or one or more devices used to control the execution of the program program of this application. integrated circuit.

存储器403可以是只读存储器(Read-Only Memory,ROM)或可存储静态信息和指令的其他类型的静态存储设备,随机存取存储器(Random Access Memory,RAM)或者可存储信息和指令的其他类型的动态存储设备,也可以是电可擦可编程只读存储器(ElectricallyErasable Programmable Read-only Memory,EEPROM)、只读光盘(Compact Disc Read-Only Memory,CD-ROM)或其他光盘存储、光碟存储(包括压缩光碟、激光碟、光碟、数字通用光碟、蓝光光碟等)、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。存储器可以是独立存在,通过总线与处理器相连接。存储器也可以和处理器集成在一起。The memory 403 may be a read-only memory (Read-Only Memory, ROM) or other types of static storage devices that can store static information and instructions, and a random access memory (Random Access Memory, RAM) or other types that can store information and instructions It can also be an electrically erasable programmable read-only memory (Electrically Erasable Programmable Read-only Memory, EEPROM), a CD-ROM (Compact Disc Read-Only Memory, CD-ROM) or other optical disk storage, optical disk storage ( including compact discs, laser discs, optical discs, digital versatile discs, blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or can be used to carry or store desired program code in the form of instructions or data structures and can be stored by a computer Any other medium, but not limited to. The memory can exist independently and be connected to the processor through the bus. Memory can also be integrated with the processor.

其中,存储器403用于存储执行本申请方案的应用程序代码,并由处理器402来控制执行。通信接口401用于与其他设备进行信息交互,例如支持识别伪造handle服务器的装置与其他设备的信息交互,例如从其他设备获取数据或者向其他设备发送数据。处理器402用于执行存储器403中存储的应用程序代码,从而实现本申请实施例中所述的方法。Wherein, the memory 403 is used to store the application program code for executing the solution of the present application, and the execution is controlled by the processor 402 . The communication interface 401 is used for information exchange with other devices, for example, information exchange between an apparatus supporting identification of a fake handle server and other devices, for example, acquiring data from other devices or sending data to other devices. The processor 402 is configured to execute the application program code stored in the memory 403, so as to implement the method described in the embodiment of the present application.

此外,还提供一种计算存储媒体(或介质),包括在被执行时进行上述实施例中的识别伪造handle服务器的装置执行的方法操作的指令。另外,还提供一种计算机程序产品,包括上述计算存储媒体(或介质)。In addition, a computing storage medium (or medium) is also provided, including instructions for performing the method operations performed by the apparatus for identifying a fake handle server in the above embodiment when executed. In addition, a computer program product including the above computing storage medium (or medium) is also provided.

其中,上述方法实施例涉及的各步骤的所有相关内容均可以援引到对应功能模块的功能描述,其作用在此不再赘述。Wherein, all relevant content of each step involved in the above method embodiment can be referred to the function description of the corresponding function module, and its function will not be repeated here.

应理解,在本发明的各种实施例中,上述各过程的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本发明实施例的实施过程构成任何限定。It should be understood that in various embodiments of the present invention, the sequence numbers of the above-mentioned processes do not mean the order of execution, and the execution order of each process should be determined by its functions and internal logic, rather than by the embodiment of the present invention. The implementation process constitutes any limitation.

本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本发明的范围。Those skilled in the art can appreciate that the units and algorithm steps of the examples described in conjunction with the embodiments disclosed herein can be implemented by electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are executed by hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art may use different methods to implement the described functions for each specific application, but such implementation should not be regarded as exceeding the scope of the present invention.

所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统、装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the above-described system, device and unit can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.

在本申请所提供的几个实施例中,应该理解到,所揭露的系统、设备和方法,可以通过其它的方式实现。例如,以上所描述的设备实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,设备或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed systems, devices and methods may be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components can be combined or May be integrated into another system, or some features may be ignored, or not implemented. In another point, the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of devices or units may be in electrical, mechanical or other forms.

所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place, or may be distributed to multiple network units. Part or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.

另外,在本发明各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, each unit may exist separately physically, or two or more units may be integrated into one unit.

所述功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(英文全称:read-only memory,英文简称:ROM)、随机存取存储器(英文全称:random access memory,英文简称:RAM)、磁碟或者光盘等各种可以存储程序代码的介质。If the functions described above are realized in the form of software function units and sold or used as independent products, they can be stored in a computer-readable storage medium. Based on this understanding, the essence of the technical solution of the present invention or the part that contributes to the prior art or the part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including Several instructions are used to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in various embodiments of the present invention. The aforementioned storage media include: U disk, mobile hard disk, read-only memory (English full name: read-only memory, English abbreviation: ROM), random access memory (English full name: random access memory, English abbreviation: RAM), magnetic Various media that can store program codes such as discs or optical discs.

以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应以所述权利要求的保护范围为准。The above is only a specific embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Anyone skilled in the art can easily think of changes or substitutions within the technical scope disclosed in the present invention. Should be covered within the protection scope of the present invention. Therefore, the protection scope of the present invention should be determined by the protection scope of the claims.

Claims (13)

1. a kind of method that handle server is forged in identification, which is characterized in that
Obtain the target handle code analysis request that client is sent, wherein include in the target handle code analysis request Target handle code;
If it is determined that including requested privacy in the target handle code analysis request, then the target stored on block chain is obtained Handle code carries out corresponding second cryptographic Hash of the first cryptographic Hash after hash conversion, wherein second cryptographic Hash is in institute State prestored on block chain be the matched home information on services of the target handle code cryptographic Hash;
Target home information on services is matched according to the target handle code;
The target home information on services is subjected to hash conversion, obtains third cryptographic Hash;
If it is determined that second cryptographic Hash is identical as the third cryptographic Hash, it is determined that the handle server is not pseudo- It makes, wherein the target home information on services is used to refer to client and chooses handle server.
2. the method that handle server is forged in identification according to claim 1, which is characterized in that obtaining client hair Before the target handle code analysis request sent, the method also includes:
Obtain the target handle code;
Home information on services is matched for the target handle code;
The target handle code is subjected to hash conversion, obtains the first cryptographic Hash;
The home information on services is subjected to hash conversion, obtains the second cryptographic Hash;
It is associated with first cryptographic Hash and second cryptographic Hash, generates association results;
The association results are stored in block chain.
3. the method that handle server is forged in identification according to claim 2, which is characterized in that association described first is breathed out Uncommon value and second cryptographic Hash, generate association results, comprising:
First cryptographic Hash and second cryptographic Hash are associated using the form of traditional database table, generate association Table.
4. the method that handle server is forged in identification according to claim 2, which is characterized in that association described first is breathed out Uncommon value and second cryptographic Hash, generate association results, comprising:
First cryptographic Hash and second cryptographic Hash are associated using the key-value pair form of json, generate association key assignments It is right.
5. the method that handle server is forged in identification according to claim 2, which is characterized in that
If it is determined that the life span time-out of the home information on services, then match new home again for the target handle code Information on services;
The new home information on services is subjected to hash conversion, obtains the second cryptographic Hash.
6. the device that handle server is forged in a kind of identification, which is characterized in that
Module is obtained, for obtaining the target handle code analysis request of client transmission, wherein the target handle code solution It include target handle code in analysis request;
The acquisition module is also used to if it is determined that then obtaining area including requested privacy in the target handle code analysis request The target handle code stored on block chain carries out corresponding second cryptographic Hash of the first cryptographic Hash after hash conversion, wherein Second cryptographic Hash be prestored on the block chain be the matched home information on services of the target handle code Kazakhstan Uncommon value;
Matching module, the target handle code for being obtained according to the acquisition module match target home information on services;
Processing module obtains for the matched target home information on services of the matching module to be carried out hash conversion Three cryptographic Hash;
Determining module, for if it is determined that described obtain second cryptographic Hash that module obtains and the institute that the processing module obtains It is identical to state third cryptographic Hash, it is determined that the handle server is not forged, wherein the target home information on services is used To indicate that client chooses handle server.
7. the device that handle server is forged in identification according to claim 6, which is characterized in that
The acquisition module is also used to obtain the target handle code;
The matching module is also used to match home information on services for the target handle code;
The processing module is also used to the target handle code carrying out hash conversion, obtains the first cryptographic Hash;
The processing module is also used to the home information on services carrying out hash conversion, obtains the second cryptographic Hash;
Relating module generates association results for being associated with first cryptographic Hash and second cryptographic Hash;
The processing module is also used to the association results being stored in block chain.
8. the device that handle server is forged in identification according to claim 7, which is characterized in that
The relating module, specifically in the form of traditional database table by first cryptographic Hash and second Hash Value is associated, and generates contingency table.
9. the device that handle server is forged in identification according to claim 7, which is characterized in that
The relating module, specifically for using the key-value pair form of json by first cryptographic Hash and second cryptographic Hash It is associated, generates association key-value pair.
10. the device that handle server is forged in identification according to claim 7, which is characterized in that
The matching module is also used to the life span time-out if it is determined that the home information on services, is then again the target Handle code matches new home information on services;
The processing module is also used to the new home information on services carrying out hash conversion, obtains the second cryptographic Hash.
11. it is a kind of identification forge handle server device, which is characterized in that including communication interface, processor, memory, Bus;For storing computer executed instructions, the processor is connect with the memory by the bus memory, When the device operation of handle server is forged in the identification, the computer that the processor executes the memory storage is held Row instruction, so that the device execution identification as described in any one in claim 1-5 that handle server is forged in the identification is pseudo- The method for making handle server.
12. a kind of computer storage medium, including instruction, which is characterized in that when described instruction is run on computers, so that The computer executes the method that handle server is forged in identification as described in any one in claim 1-5.
13. a kind of computer program product, which is characterized in that the computer program product includes instruction code, described instruction Code is used to execute the method that handle server is forged in identification as described in any one in claim 1-5.
CN201910407635.6A 2019-05-16 2019-05-16 A method and device for identifying counterfeit handle servers Active CN110247894B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910407635.6A CN110247894B (en) 2019-05-16 2019-05-16 A method and device for identifying counterfeit handle servers

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910407635.6A CN110247894B (en) 2019-05-16 2019-05-16 A method and device for identifying counterfeit handle servers

Publications (2)

Publication Number Publication Date
CN110247894A true CN110247894A (en) 2019-09-17
CN110247894B CN110247894B (en) 2021-06-18

Family

ID=67884530

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910407635.6A Active CN110247894B (en) 2019-05-16 2019-05-16 A method and device for identifying counterfeit handle servers

Country Status (1)

Country Link
CN (1) CN110247894B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111082941A (en) * 2019-11-22 2020-04-28 天翼物联科技有限公司 IoT data sharing method and system based on blockchain technology
CN111209596A (en) * 2020-04-21 2020-05-29 国网电子商务有限公司 Block chain-based industrial internet identification analysis access control method
CN112256706A (en) * 2020-11-19 2021-01-22 中国联合网络通信集团有限公司 Method and device for determining handle reference state
CN112491855A (en) * 2020-11-19 2021-03-12 中国联合网络通信集团有限公司 Method and device for determining handle identifier analysis state
CN112667929A (en) * 2020-12-11 2021-04-16 北京中数创新科技股份有限公司 Prefix and identification data secure pushing method and system based on Handle system
CN112667930A (en) * 2020-12-18 2021-04-16 北京中数创新科技股份有限公司 Prefix convergence method and system based on Handle system
CN112948876A (en) * 2021-02-26 2021-06-11 中国联合网络通信集团有限公司 Tracing method and device

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2104305A1 (en) * 2008-03-21 2009-09-23 Koninklijke KPN N.V. Call service handling in an IMS-based system
CN103546502A (en) * 2012-07-11 2014-01-29 中国电信股份有限公司 Metadata sharing method and cloud storage server
CN104219232A (en) * 2014-08-26 2014-12-17 浙江大学 Method for controlling file security of block distributed file system
CN105247529A (en) * 2013-04-30 2016-01-13 微软技术许可有限责任公司 Synchronizing credential hashes between directory services
CN107181747A (en) * 2017-05-19 2017-09-19 北京中数创新科技股份有限公司 A kind of Handle resolution systems comprising top mode
CN107197001A (en) * 2017-05-05 2017-09-22 工业和信息化部电信研究院 A kind of industry internet module information method
WO2018125989A2 (en) * 2016-12-30 2018-07-05 Intel Corporation The internet of things
CN108462692A (en) * 2018-01-30 2018-08-28 合肥工业大学 A kind of data tamper resistant systems and its method based on block chain
US20180287791A1 (en) * 2017-03-28 2018-10-04 Dell Products, Lp Chassis-Based Cryptographic Affinities
CN109033405A (en) * 2018-08-03 2018-12-18 华为技术有限公司 Safeguard method and apparatus, server and the computer readable storage medium of block chain
CN109714408A (en) * 2018-12-20 2019-05-03 中国科学院沈阳自动化研究所 A kind of semantization industrial network service interface system based on Handle mark

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2104305A1 (en) * 2008-03-21 2009-09-23 Koninklijke KPN N.V. Call service handling in an IMS-based system
CN103546502A (en) * 2012-07-11 2014-01-29 中国电信股份有限公司 Metadata sharing method and cloud storage server
CN105247529A (en) * 2013-04-30 2016-01-13 微软技术许可有限责任公司 Synchronizing credential hashes between directory services
CN104219232A (en) * 2014-08-26 2014-12-17 浙江大学 Method for controlling file security of block distributed file system
WO2018125989A2 (en) * 2016-12-30 2018-07-05 Intel Corporation The internet of things
US20180287791A1 (en) * 2017-03-28 2018-10-04 Dell Products, Lp Chassis-Based Cryptographic Affinities
CN107197001A (en) * 2017-05-05 2017-09-22 工业和信息化部电信研究院 A kind of industry internet module information method
CN107181747A (en) * 2017-05-19 2017-09-19 北京中数创新科技股份有限公司 A kind of Handle resolution systems comprising top mode
CN108462692A (en) * 2018-01-30 2018-08-28 合肥工业大学 A kind of data tamper resistant systems and its method based on block chain
CN109033405A (en) * 2018-08-03 2018-12-18 华为技术有限公司 Safeguard method and apparatus, server and the computer readable storage medium of block chain
CN109714408A (en) * 2018-12-20 2019-05-03 中国科学院沈阳自动化研究所 A kind of semantization industrial network service interface system based on Handle mark

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
SUN,ETL AL: "Handle System Namespace and Service Definition", 《IETF RFC 3651》 *
张青禾: "区块链中的身份识别和访问控制技术研究", 《中国优秀硕士学位论文全文数据库信息科技辑》 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111082941A (en) * 2019-11-22 2020-04-28 天翼物联科技有限公司 IoT data sharing method and system based on blockchain technology
CN111082941B (en) * 2019-11-22 2022-12-20 天翼物联科技有限公司 Internet of things data sharing method and system based on block chain technology
CN111209596A (en) * 2020-04-21 2020-05-29 国网电子商务有限公司 Block chain-based industrial internet identification analysis access control method
CN112256706A (en) * 2020-11-19 2021-01-22 中国联合网络通信集团有限公司 Method and device for determining handle reference state
CN112491855A (en) * 2020-11-19 2021-03-12 中国联合网络通信集团有限公司 Method and device for determining handle identifier analysis state
CN112256706B (en) * 2020-11-19 2023-01-24 中国联合网络通信集团有限公司 Method and device for determining handle reference state
CN112667929A (en) * 2020-12-11 2021-04-16 北京中数创新科技股份有限公司 Prefix and identification data secure pushing method and system based on Handle system
CN112667929B (en) * 2020-12-11 2023-11-03 北京中数创新科技股份有限公司 Prefix and identification data safe pushing method and system based on Handle system
CN112667930A (en) * 2020-12-18 2021-04-16 北京中数创新科技股份有限公司 Prefix convergence method and system based on Handle system
CN112667930B (en) * 2020-12-18 2024-09-06 北京中数创新科技股份有限公司 Prefix aggregation method and system based on Handle system
CN112948876A (en) * 2021-02-26 2021-06-11 中国联合网络通信集团有限公司 Tracing method and device

Also Published As

Publication number Publication date
CN110247894B (en) 2021-06-18

Similar Documents

Publication Publication Date Title
CN110247894A (en) The method and device of handle server is forged in a kind of identification
CN110268677B (en) Cross-chain interaction using domain name scheme in blockchain system
CN111434085B (en) Domain name management scheme for cross-chain interaction in blockchain systems
CN110199307B (en) Domain name scheme for cross-chain interaction in blockchain system
CN113204532B (en) System and method for identity resolution across heterogeneous immutable distributed ledger networks
JP5587732B2 (en) Computer-implemented method, computer program, and system for managing access to a domain name service (DNS) database
US9270646B2 (en) Systems and methods for generating a DNS query to improve resistance against a DNS attack
CN110730225A (en) Data processing method of Internet of things based on block chain, Internet of things and storage medium
CN111291043A (en) Identification value query method, identification resolution server and storage medium
CN102427427B (en) Method for querying resolution server in Hash network and index server
CN113986835B (en) FastDFS distributed file management method, fastDFS distributed file management device, fastDFS distributed file management equipment and storage medium
JP2004537080A (en) Apparatus, method and system for tracking information access
US20070271393A1 (en) System and Methods for Domain Name Acquisition and Management
US9479490B2 (en) Methods and systems for single sign-on while protecting user privacy
CN104506487A (en) Credible execution method for privacy policy in cloud environment
CN111597537B (en) Block chain network-based certificate issuing method, related equipment and medium
US10205679B2 (en) Resource object resolution management
CN107786594A (en) Service request processing method and device
JP6233846B2 (en) Variable-length nonce generation
CN112261059A (en) Interface method and system based on universality of java gateway technology platform
AU2016253706A1 (en) Data structure and algorithm to track machines
US9876677B1 (en) System and method for connection efficiency
JP7721000B2 (en) Privacy-protected Domain Name Service (DNS)
CN114978740A (en) Block chain-based identification association and verification analysis method
WO2021012815A1 (en) Digital asset authentication processing system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant