摘要
面对当前联盟链系统身份管理机制不完善的问题,提出一种联盟链分布式证书管理解决方案。将区块链的系统链与证书管理链进行融合设计,基于证书准入机制,结合智能合约和共识算法技术,构建联盟链分布式CA协同管理机制,联盟链参与组织自签生成组织根证书,并通过各自CA系统管理组织内的节点和用户,组织之间通过证书管理链共享根证书、撤销列表等数据,实现组织间互信互通、节点用户跨组织的身份认证和授权。
To address the problem of imperfect certificate management mechanism of current blockchain system,this paper proposes a distributed certificate management solution for consortium chain.The scheme integrates and designs the system chain and certificate management chain of blockchain,based on the certificate access mechanism,combines the smart contract and consensus algorithm technology,to build a distributed CA collaborative management mechanism for consortium chain.The participating organizations of the consortium chain self-sign to generate organization root certificates and manage nodes and users in the organization through their respective CA systems.Organizations share root certificates,revocation lists and other data through the certificate management chain to achieve mutual trust and intercommunication between organizations,and the identity authentication and authorization of node users across organizations.
作者
李亚荣
杨艳梅
白健
杨文兵
邱锋
LI Yarong;YANG Yanmei;BAI Jian;YANG Wenbing;QIU Feng(China Electronics Technology Cyber Security Co.,Ltd.,Chengdu Sichuan 610041,China;The Third Military Representative Office of the Army Armament Department in Chengdu,Chengdu Sichuan 610041,China)
出处
《信息安全与通信保密》
2023年第7期100-109,共10页
Information Security and Communications Privacy
基金
国家重点研发计划资助项目(No.2020YFB1005700)。
关键词
区块链
联盟链
证书管理
公开密钥基础设施
blockchain
consortium blockchain
certificate management
public key infrastructure
