作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2020, Vol. 46 ›› Issue (9): 44-53. doi: 10.19678/j.issn.1000-3428.0056795

• 热点与综述 • 上一篇    下一篇

一种基于区块链的多应用证书系统模型

刘亚雪1, 杨小宝2, 刘圆1, 惠小强2   

  1. 1. 西安邮电大学 电子工程学院, 西安 710121;
    2. 西安邮电大学 物联网与两化融合研究院, 西安 710061
  • 收稿日期:2019-12-04 修回日期:2020-02-26 发布日期:2020-03-05
  • 作者简介:刘亚雪(1995-),女,硕士研究生,主研方向为区块链技术、身份认证技术;杨小宝,博士;刘圆,硕士研究生;惠小强,教授、博士。
  • 基金资助:
    国家自然科学基金(61741216)。

A Blockchain-based Multi-Application Certificate System Model

LIU Yaxue1, YANG Xiaobao2, LIU Yuan1, XI Xiaoqiang2   

  1. 1. School of Electronic Engineering, Xi'an University of Posts and Telecommunications, Xi'an 710121, China;
    2. Institute of Internet of Things and IT-based Industrialization, Xi'an University of Posts and Telecommunications, Xi'an 710061, China
  • Received:2019-12-04 Revised:2020-02-26 Published:2020-03-05

摘要: 实现跨行业和跨平台的资源整合是当前社会发展的新趋势,集成的多应用证书管理系统能够提供多个行业的身份认证服务。传统中心化的公钥基础设施认证体系由于存在单点故障问题,给行业和用户带来了系统性风险。针对多行业的安全认证问题,利用去中心化和防篡改的分布式区块链技术构建一种多应用证书系统模型BMCS。该模型在区块链中构建跨行业的分布式信任结构,在获得多行业授权的BMCS区块链网络上部署各行业管理证书操作的智能合约,同时利用多应用文件系统在终端设备上存储多行业证书。实验结果表明,BMCS模型能够实现多行业证书的全生命周期管理,同时避免传统认证系统中的单点故障问题,能够为多行业终端设备的身份认证提供系统性的安全保障,实现具有低成本和高效性的证书服务。

关键词: 区块链技术, 多应用设备, 证书系统, 分布式信任结构, 智能合约, 单点故障

Abstract: It is a new trend of society development to realize cross-industry and cross-platform resource integration,the integrated multi-application certificate management systems should be able to provide identity authentication for multiple industries.However,the single point of failure of traditional centralized Public Key Infrastructure(PKI) authentication systems pose a systematic threat to industries and users.To address the security authentication problem of multiple industries,this paper uses the decentralized and tamper-resistant blockchain technology to construct a multi-application certificate system model,BMCS.The model establishes a cross-industry distributed trust structure in blockchain,and deploys multiple smart contracts on the BMCS blockchain network that has been authorized by multiple industries,so as to manage the certificate operations in industries.Also,the multi-application file system is used to realize the storage of multi-industry certificates on terminal devices.Experimental results show that BMCS can achieve the life-cycle management of multi-industry certificates and avoid the single point of failure in traditional authentication systems.It can ensure systematic security for the identity authentication of terminal devices in multiple industries,reduce the cost and improve the efficiency of certificate services.

Key words: blockchain technology, multi-application devices, certificate system, distributed trust structure, smart contract, single point of failure

中图分类号: