CN118199896A - Staff digital identity management device and method based on blockchain - Google Patents

Staff digital identity management device and method based on blockchain Download PDF

Info

Publication number
CN118199896A
CN118199896A CN202410598348.9A CN202410598348A CN118199896A CN 118199896 A CN118199896 A CN 118199896A CN 202410598348 A CN202410598348 A CN 202410598348A CN 118199896 A CN118199896 A CN 118199896A
Authority
CN
China
Prior art keywords
staff
employee
identity
message
digital identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202410598348.9A
Other languages
Chinese (zh)
Other versions
CN118199896B (en
Inventor
陈百顺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Laozi Chain Technology Co ltd
Original Assignee
Beijing Laozi Chain Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Laozi Chain Technology Co ltd filed Critical Beijing Laozi Chain Technology Co ltd
Priority to CN202410598348.9A priority Critical patent/CN118199896B/en
Publication of CN118199896A publication Critical patent/CN118199896A/en
Application granted granted Critical
Publication of CN118199896B publication Critical patent/CN118199896B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of message encryption, and discloses a staff digital identity management device and method based on a blockchain, wherein the device comprises the following steps: the registration module is used for carrying out identity registration on the identity information of each staff to obtain a digital identity public key and a digital identity private key of each staff; the authentication adding module is used for carrying out identity authentication on the staff applying for login based on the digital identity public key of the staff, adding a friend list of the staff based on an identity authentication result, and obtaining an interconnection list of each staff; the staff interconnection module is used for encrypting the message transmission process of the interconnection parties based on the interconnection list of each staff to obtain an interconnection transmission encryption result; and the message sharing module is used for sharing the messages based on the interconnection list of each employee, encrypting the message sharing transmission process and obtaining the sharing transmission encryption result. The invention realizes the encryption of the information transmitted between the staff of the enterprise, and ensures the safety of the company data by adopting the encryption technology.

Description

Staff digital identity management device and method based on blockchain
Technical Field
The invention relates to the technical field of message encryption, in particular to a staff digital identity management device and method based on a blockchain.
Background
Currently, conventional internet identity management models rely on a trusted third party organization, where personal identity information is not in the user's own hands, but rather in a centralized third party organization. However, with the development of society, the cost of maintaining the identity of the user by the centralization mechanism is greater, and the problem of disclosure of personal information and message transmission of the user exposed by the centralization service structure is solved, so that people attach more and more importance to private information of the people, and the problems faced by the traditional identity management are urgently needed to be solved. The blockchain is used as an emerging comprehensive technology, the blockchain technology and identity management are combined, the blockchain technology and the identity management are a one-time leap, particularly companies which need to keep certain data secret, such as big data companies, the data of the companies need to ensure the safety and traceability, the information transmission among employees of the companies is complicated to copy by using equipment such as a USB flash disk, the safety and the confidentiality are difficult to ensure by using social platform transmission, and the aim of encrypting and transmitting the information among the employees needs to be achieved by means of the blockchain technology.
However, the existing staff digital identity management device and method based on the blockchain only fuses the blockchain with the human resource management work in the traditional enterprise, establishes a staff credit management system, quantitatively tracks the personal work behavior of staff through credit points, does not consider how to encrypt messages transmitted between staff of the enterprise, and also does not consider the adoption of encryption technology to ensure the safety of related company data. For example, publication number "CN114579943a", patent name "a blockchain-based employee digital identity management system and method", the method includes the following steps: the system comprises a common staff personal terminal, an upper-level organization management terminal, a background cloud server and a blockchain upper intelligent contract and blockchain lower distributed database. The invention fuses the blockchain with the human resource management work in the traditional enterprise, establishes a staff credit management system, and quantitatively tracks the personal work behavior of staff through credit points. The problems that personnel personal evaluation standards are not quantized enough in traditional enterprise management work, the employee archive information circulation process is complex, a trusted environment is lacking, data are easy to tamper with and leak are solved, and the safety and the credibility of employee information in the recording and circulation process are ensured by the advantages that the blockchain technology is not tamperable, traceability is achieved, the distributed trusted environment is built at low cost, and the like. However, only the blockchain is integrated with the human resource management work in the traditional enterprise, a staff credit management system is established, the personal work behavior of staff is quantitatively tracked through credit points, how to encrypt messages transmitted between staff of the enterprise is not considered, and the encryption technology is not considered to ensure the safety of related company data.
Therefore, the invention provides a staff digital identity management device and a staff digital identity management method based on a blockchain, which are used for encrypting messages transmitted among staff of an enterprise, and the security of related company data is ensured by adopting an encryption technology.
Disclosure of Invention
The invention provides a blockchain-based employee digital identity management device and method, which are used for realizing safer and more accurate message transmission process and encryption of message sharing transmission process of the interconnected parties based on the generation of an allocated digital identity public key and a digital identity private key for each employee, and realizing confidentiality and security of information or data exchange among employees.
The invention provides a staff digital identity management device based on a blockchain, which comprises:
the registration module is used for carrying out identity registration on the identity information of each staff to obtain a digital identity public key and a digital identity private key of each staff;
the authentication adding module is used for carrying out identity authentication on the staff logged in by each application system based on the digital identity public key of the staff to obtain an identity authentication result, and adding a friend list of each staff based on the identity authentication result to obtain an interconnection list of each staff;
The staff interconnection module is used for encrypting the message transmission process of the interconnection parties based on the interconnection list of each staff to obtain an interconnection transmission encryption result;
and the message sharing module is used for sharing the messages based on the interconnection list of each employee, encrypting the message sharing transmission process and obtaining the sharing transmission encryption result.
Preferably, the blockchain-based employee digital identity management device, the registration module, comprises:
the identity information acquisition sub-module is used for acquiring the identity information uploaded by each person and carrying out authenticity verification on the information uploaded by each person to acquire an authenticity verification result of each person;
And the key generation sub-module is used for registering the identity of the staff based on the auditing result of each staff and generating the key of each staff completing the identity registration.
Preferably, the staff digital identity management device based on blockchain, the identity information obtaining sub-module includes:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring the identity information uploaded by each person, and the identity information comprises: name, identification card number, department position, job number;
And the auditing unit is used for receiving the manual auditing result of the identity information uploaded by the personnel in real time, calibrating the corresponding personnel as personnel when the received manual auditing result is passed, and calibrating the corresponding personnel as non-personnel when the received manual auditing result is not passed and calibrating the auditing not to be passed as the authenticity auditing result of the corresponding personnel.
Preferably, the blockchain-based employee digital identity management apparatus, the key generation sub-module, comprises:
The registration unit is used for registering identities of all employees with the verification result of authenticity passing through, randomly generating a digital string with a preset length as an account number of each employee with the verification result of authenticity passing through, and carrying out random generation of the digital string again when the randomly generated digital string is completely overlapped with all the historically generated digital strings;
And the generating unit is used for generating and distributing the secret keys of all staff marked as staff to obtain the digital identity public key and the digital identity private key of each staff.
Preferably, the generating unit performs a method of generating and distributing keys to all staff marked as staff based on the staff digital identity management device of the blockchain, and the method comprises the following steps:
randomly selecting two prime numbers m and n from a preset prime number set, wherein the interval between the two prime numbers m and n in the preset prime number set is not more than the preset number interval;
Determining a public key set number based on the selected prime numbers m and n All values satisfying the following formulas:
Wherein, Maximum common divisor of two positive integers,/>A number is set for the public key and,For/>And/>Least common multiple of,/>For prime numbers m and/>Performing remainder of division operation;
Setting the public key to a number The minimum value in all the values of (a) is set as the digital identity public key of the staff, and the/>, based on the final values of prime numbers m and n, is determinedAs the employee's digital identity private key.
Preferably, the blockchain-based employee digital identity management device, the authentication adding module comprises:
The identity authentication sub-module is used for carrying out identity authentication on the staff logging in each application system based on the digital identity public key of the staff to obtain an identity authentication result, wherein the identity authentication result is that authentication is passed and authentication is not passed;
The friend adding sub-module is used for acquiring the identity authentication results of the applying party and the identity authentication results of the applied party of all the added friend applying parties, and when the identity authentication results of the applying party and the identity authentication results of the applied party are all authentication passing, updating the corresponding friend lists of the applying party and the applied party based on the corresponding added friend applying of the corresponding strip, so as to acquire the interconnection list of each employee.
Preferably, the method for obtaining the identity authentication result by the identity authentication submodule for carrying out identity authentication on the staff logged in by each application system based on the digital identity public key of the staff based on the staff digital identity management device of the blockchain comprises the following steps:
Storing all employee accounts and digital identity public keys of the employees in the system to a system data terminal, and receiving input information of login employees in real time, wherein the input information comprises employee accounts;
acquiring a digital identity public key of a login employee from a system data terminal based on input information, encrypting optional topics in a preset login topic library based on the digital identity public key of the login employee, and transmitting the encrypted topics from a system background to the login employee side;
when the system background receives the correct answer of the encrypted questions from the login staff end within the preset time, the authentication is passed as an identity authentication result of the corresponding login staff, and when the system background does not receive the correct answer of the encrypted questions from the login staff end within the preset time, the authentication is not passed as the identity authentication result of the corresponding login staff.
Preferably, in the staff digital identity management device based on the blockchain, the staff interconnection module encrypts the message transmission process of the interconnection parties based on the interconnection list of each staff, and the method comprises the following steps:
Acquiring a transmission message of a message transmission party in the two interconnected parties, and performing binary conversion on the transmission message to acquire a binary representation of the transmission message;
if the account numbers of the other parties exist in the interconnection lists of the two parties applying for interconnection are detected, the respective digital identity public keys are sent to the other parties based on the blockchain, and the message transmission process of the two parties of interconnection is encrypted based on the public keys of the two parties of interconnection, namely:
Wherein, For a binary representation of an encrypted message after encrypting a binary representation of a transmitted message,/>For transmitting a binary representation of a message,/>Public key for digital identity of the party receiving the message of the interconnected parties,/>Is prime/>And/>Remainder of division operation,/>And/>Corresponding two prime numbers,/>, when a digital identity public key is acquired for one of the interconnected parties receiving the messageIs natural logarithm, and the value of the natural constant e is 2.718.
Preferably, the method for carrying out message sharing by the message sharing module based on the interconnection list of each employee and encrypting the message sharing transmission process comprises the following steps:
Obtaining a sharing message of an employee applying for message sharing, and performing binary conversion on the sharing message to obtain a binary representation of the sharing message;
acquiring an interconnection list of employees applying for message sharing, and sending digital identity public keys of the employees performing message sharing to all friends in the interconnection list based on a blockchain;
message sharing is carried out based on the interconnection list of each employee, and the message sharing transmission process is encrypted, namely:
Wherein, Binary representation of an encrypted message for encrypting the binary representation of the shared message,/>To share the binary representation of the transmission,/>Digital identity private key for staff sharing messages,/>Is prime/>AndRemainder of division operation,/>And/>Corresponding two prime numbers when acquiring digital identity private key for message sharing party,/>, andIs natural logarithm, and the value of the natural constant e is 2.718.
The invention provides a blockchain-based employee digital identity management method, which is applied to any one of the blockchain-based employee digital identity management devices in embodiments 1 to 9, and comprises the following steps:
S1: carrying out identity registration on the identity information of each staff to obtain a digital identity public key and a digital identity private key of each staff;
S2: authenticating the identities of the employees logged in by each application system based on the digital identity public key of the employee, obtaining an identity authentication result, adding a friend list of each employee based on the identity authentication result, and obtaining an interconnection list of each employee;
S3: encrypting the message transmission process of the interconnected parties based on the interconnection list of each employee to obtain an interconnection transmission encryption result;
s4: and carrying out message sharing based on the interconnection list of each employee, and encrypting the message sharing transmission process to obtain a sharing transmission encryption result.
Compared with the prior art, the invention has the following beneficial effects: based on the distributed digital identity public key and the distributed digital identity private key generated for each employee, the message transmission process and the encryption of the message sharing transmission process of the two interconnected parties are safer and more accurate, and confidentiality and security of information or data communication among the employees are realized.
Additional features and advantages of the application will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the application. The objects and other advantages of the application may be realized and obtained by means of the instrumentalities particularly pointed out in the written description of the application.
The technical scheme of the invention is further described in detail through the drawings and the embodiments.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate the invention and together with the embodiments of the invention, serve to explain the invention. In the drawings:
FIG. 1 is a schematic diagram of a blockchain-based employee digital identity management device in accordance with an embodiment of the present invention;
FIG. 2 is a flowchart of a blockchain-based employee digital identity management method in accordance with an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described below with reference to the accompanying drawings, it being understood that the preferred embodiments described herein are for illustration and explanation of the present invention only, and are not intended to limit the present invention.
Example 1:
the invention provides a staff digital identity management device based on a blockchain, which referring to fig. 1, comprises:
the registration module is used for carrying out identity registration on the identity information of each staff to obtain a digital identity public key and a digital identity private key of each staff;
the authentication adding module is used for carrying out identity authentication on the staff logged in by each application system based on the digital identity public key of the staff to obtain an identity authentication result, and adding a friend list of each staff based on the identity authentication result to obtain an interconnection list of each staff;
The staff interconnection module is used for encrypting the message transmission process of the interconnection parties based on the interconnection list of each staff to obtain an interconnection transmission encryption result;
and the message sharing module is used for sharing the messages based on the interconnection list of each employee, encrypting the message sharing transmission process and obtaining the sharing transmission encryption result.
In this embodiment, the identity information includes the name, identification number, department position, job number of each person.
In the embodiment, the identity registration is a process of receiving a manual checking result of the identity information uploaded by a person, and registering the identity of the staff passing the checking result to obtain the staff account.
In this embodiment, the digital identity public key and the digital identity private key are algorithms assigned to all personnel calibrated to staff to encrypt or decrypt the transmitted information.
In this embodiment, the application system login is the process of logging in or accessing an application to a blockchain-based employee digital identity management device.
In the embodiment, the identity authentication is a process of verifying the identity authenticity of the staff applying for the system login based on the digital identity public key of the staff and the system data terminal.
In this embodiment, the authentication result includes both cases of authentication passing and authentication failing.
In this embodiment, the buddy list is a list of people for which each employee may perform message transmission and message sharing in the blockchain-based employee digital identity management.
In this embodiment, the addition is a process of updating a list of people for which each employee can perform message transmission and message sharing in the blockchain-based employee digital identity management apparatus based on the addition of the friend application.
In this embodiment, the interconnection list is the latest personnel list capable of transmitting and sharing messages, which is obtained after the friend list of each employee is updated.
In this embodiment, the interconnected parties are the parties that are in communication with each other.
In this embodiment, message transmission is a process of sending a message between two interconnected parties.
In this embodiment, encrypting the message transmission process of the interconnected parties is a process of encrypting a binary representation of a message sent between the interconnected parties based on the digital identity public keys of the interconnected parties.
In this embodiment, the interconnection transmission encryption result is a result of encrypting a binary representation of a message sent between the interconnected parties based on the digital identity public keys of the interconnected parties.
In this embodiment, message sharing is a process of sharing messages for all friends in the interconnection list of each employee.
In this embodiment, encrypting the message sharing transmission process is a process of encrypting a binary representation of the message sharing transmission based on the digital identity private key of each employee.
In this embodiment, the shared transmission encryption result is the result of encrypting a binary representation of the shared transmission message based on the digital identity private key of each employee.
The beneficial effects of the technology are as follows: based on the distributed digital identity public key and the distributed digital identity private key generated for each employee, the message transmission process and the message sharing transmission process of the two interconnected parties are more safely and more accurately encrypted, and confidentiality and security of information or data communication among the employees are realized.
Example 2: on the basis of embodiment 1, the blockchain-based employee digital identity management apparatus, a registration module, includes:
the identity information acquisition sub-module is used for acquiring the identity information uploaded by each person and carrying out authenticity verification on the information uploaded by each person to acquire an authenticity verification result of each person;
And the key generation sub-module is used for registering the identity of the staff based on the auditing result of each staff and generating the key of each staff completing the identity registration.
In this embodiment, the authenticity verification is a manual verification for judging whether the uploaded identity information is a company employee or not for the identity information uploaded by each employee.
In this embodiment, the authenticity verification results include verification passed and verification failed.
In this embodiment, the employee's key is the public digital identity key and the private digital identity key of each employee.
The beneficial effects of the technology are as follows: based on the identity information uploaded by each person, whether the uploaded identity information is a company employee or not is judged more accurately, and the personnel judged as the employee are distributed with account numbers and keys more accurately.
Example 3:
Based on embodiment 2, the staff digital identity management device based on blockchain, the identity information obtaining sub-module includes:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring the identity information uploaded by each person, and the identity information comprises: name, identification card number, department position, job number;
And the auditing unit is used for receiving the manual auditing result of the identity information uploaded by the personnel in real time, calibrating the corresponding personnel as personnel when the received manual auditing result is passed, and calibrating the corresponding personnel as non-personnel when the received manual auditing result is not passed and calibrating the auditing not to be passed as the authenticity auditing result of the corresponding personnel.
In the embodiment, the manual auditing result is that an auditing person carries out auditing based on receiving the identity information uploaded by the person in real time to judge whether the uploaded identity information is a company employee, wherein the manual auditing result comprises passing and failing.
In this embodiment, the calibration is the identification determination of the identity of the person corresponding to the uploaded identity information, wherein the identity includes staff and non-staff.
The beneficial effects of the technology are as follows: based on the identity information uploaded by all the personnel received in real time, the personnel with the identity being the staff and the personnel with the identity being the non-staff are more accurately marked, and the subsequent identity registration is facilitated.
Example 4:
On the basis of embodiment 2, the staff digital identity management device based on blockchain, the key generation sub-module includes:
The registration unit is used for registering identities of all employees with the verification result of authenticity passing through, randomly generating a digital string with a preset length as an account number of each employee with the verification result of authenticity passing through, and carrying out random generation of the digital string again when the randomly generated digital string is completely overlapped with all the historically generated digital strings;
And the generating unit is used for generating and distributing the secret keys of all staff marked as staff to obtain the digital identity public key and the digital identity private key of each staff.
In this embodiment, the preset length is the total number of characters contained in the employee account set in advance, for example, 12 characters.
In this embodiment, the accounts of the employees are the number strings that are required by each employee to log in the blockchain-based employee digital identity management device and that characterize the identity of each employee, and each employee corresponds to one account, so that the accounts do not overlap.
In this embodiment, the number string is a string of a number consisting of a plurality of pure numbers.
In this embodiment, the historically generated number string is all the number strings previously generated by the registration unit as employee accounts.
In this embodiment, the fully registered randomly generated digit strings are identical to at least one of all the historically generated digit strings.
In this embodiment, the generation is assigned to a process of generating keys for all persons calibrated as employees based on randomly selecting two prime numbers in a preset prime number set.
The beneficial effects of the technology are as follows: the distribution of account numbers to all employees is realized, and the secret key of each employee is generated more accurately, so that the binary representation of the transmission message and the binary representation of the sharing message can be encrypted later.
Example 5:
on the basis of embodiment 4, a method for generating and distributing keys by a generating unit to all staff marked as staff based on a staff digital identity management device of a blockchain comprises the following steps:
randomly selecting two prime numbers m and n from a preset prime number set, wherein the interval between the two prime numbers m and n in the preset prime number set is not more than the preset number interval;
Determining a public key set number based on the selected prime numbers m and n All values satisfying the following formulas:
Wherein, Maximum common divisor of two positive integers,/>A number is set for the public key and,For/>And/>Least common multiple of,/>For prime numbers m and/>Performing remainder of division operation;
Setting the public key to a number The minimum value in all the values of (a) is set as the digital identity public key of the staff, and the/>, based on the final values of prime numbers m and n, is determinedAs the employee's digital identity private key.
In this embodiment, the preset prime number set is a prime number set preset to generate a key for each employee.
In this embodiment, the preset number interval is a prime number interval preset to ensure that randomly selecting two prime numbers does not affect key generation, for example, the total number of prime numbers existing in the preset prime number set between the two prime numbers m and n is not more than 8.
In this embodiment, the public key is set to a number that is used to determine the digital identity public key and the intermediate number of digital identity private keys for each employee.
The beneficial effects of the technology are as follows: the embodiment provides a method for determining the digital identity public key and the digital identity private key of each employee based on the selected prime numbers m and n, more accurately obtaining all public key set numbers and more accurately obtaining the digital identity public key and the digital identity private key of each employee based on the minimum value in all values of the public key set numbers.
Example 6:
based on embodiment 1, the blockchain-based employee digital identity management apparatus, an authentication adding module, includes:
The identity authentication sub-module is used for carrying out identity authentication on the staff logging in each application system based on the digital identity public key of the staff to obtain an identity authentication result, wherein the identity authentication result is that authentication is passed and authentication is not passed;
The friend adding sub-module is used for acquiring the identity authentication results of the applying party and the identity authentication results of the applied party of all the added friend applying parties, and when the identity authentication results of the applying party and the identity authentication results of the applied party are all authentication passing, updating the corresponding friend lists of the applying party and the applied party based on the corresponding added friend applying of the corresponding strip, so as to acquire the interconnection list of each employee.
In this embodiment, an add friends application applies for each employee a request to add other employees to the interconnection list based on the employee digital identity management apparatus.
The beneficial effects of the technology are as follows: based on the identity authentication result, the friend lists of the applicant and the applied party are updated more timely, and the embodiment provides a method for updating the interconnection list of staff in real time.
Example 7:
based on embodiment 6, the method for obtaining an identity authentication result by the identity authentication submodule performing identity authentication on the staff logging in each application system based on the digital identity public key of the staff based on the staff digital identity management device of the blockchain comprises the following steps:
Storing all employee accounts and digital identity public keys of the employees in the system to a system data terminal, and receiving input information of login employees in real time, wherein the input information comprises employee accounts;
acquiring a digital identity public key of a login employee from a system data terminal based on input information, encrypting optional topics in a preset login topic library based on the digital identity public key of the login employee, and transmitting the encrypted topics from a system background to the login employee side;
when the system background receives the correct answer of the encrypted questions from the login staff end within the preset time, the authentication is passed as an identity authentication result of the corresponding login staff, and when the system background does not receive the correct answer of the encrypted questions from the login staff end within the preset time, the authentication is not passed as the identity authentication result of the corresponding login staff.
In this embodiment, the system data terminal is a sub-device that stores all employee accounts and the digital identity public keys of the employees in the blockchain-based employee digital identity management device.
In this embodiment, the preset login question library is a preset question library for authenticating the login employee, for example, 1+1=? .
In this embodiment, the encrypted title is a title obtained by encrypting a title selected from a preset login title library.
In this embodiment, the correct answer is the answer of the added question in the preset login question library.
The beneficial effects of the technology are as follows: the embodiment provides a method for authenticating the login staff based on the preset login question bank and the digital identity public key of the staff, which is convenient for updating a friend list in the follow-up process.
Example 8:
Based on embodiment 5, the staff digital identity management device based on the blockchain, the staff interconnection module encrypts the message transmission process of the interconnection parties based on the interconnection list of each staff, including:
Acquiring a transmission message of a message transmission party in the two interconnected parties, and performing binary conversion on the transmission message to acquire a binary representation of the transmission message;
if the account numbers of the other parties exist in the interconnection lists of the two parties applying for interconnection are detected, the respective digital identity public keys are sent to the other parties based on the blockchain, and the message transmission process of the two parties of interconnection is encrypted based on the public keys of the two parties of interconnection, namely:
Wherein, For a binary representation of an encrypted message after encrypting a binary representation of a transmitted message,/>For transmitting a binary representation of a message,/>Public key for digital identity of the party receiving the message of the interconnected parties,/>Is prime/>And/>Remainder of division operation,/>And/>Corresponding two prime numbers,/>, when a digital identity public key is acquired for one of the interconnected parties receiving the messageIs natural logarithm, and the value of the natural constant e is 2.718.
In this embodiment, the binary representation of the transmission message is a binary representation obtained by binary converting the message transmitted by the two parties to each other by the interconnection.
In this embodiment, the binary number and the decimal number in the formula may be directly subjected to a bit-level multiplication operation, which is called bitwise and in the field of computer science, when the binary value and the decimal value are subjected to the bit-level multiplication operation, the binary value and the decimal value are firstly converted into binary representations, then the binary values are subjected to bitwise multiplication and summation according to a rule of binary bit levels, and finally the result is converted back into decimal or binary representation.
The beneficial effects of the technology are as follows: the encryption of the binary representation of the transmission message of the interconnected parties is realized based on the public key of the interconnected parties, thereby realizing confidentiality and security of the message transmission.
Example 9:
Based on embodiment 1, the method for carrying out message sharing by the message sharing module based on the interconnection list of each employee and encrypting the message sharing transmission process includes:
Obtaining a sharing message of an employee applying for message sharing, and performing binary conversion on the sharing message to obtain a binary representation of the sharing message;
acquiring an interconnection list of employees applying for message sharing, and sending digital identity public keys of the employees performing message sharing to all friends in the interconnection list based on a blockchain;
message sharing is carried out based on the interconnection list of each employee, and the message sharing transmission process is encrypted, namely:
Wherein, Binary representation of an encrypted message for encrypting the binary representation of the shared message,/>To share the binary representation of the transmission,/>Digital identity private key for staff sharing messages,/>Is prime/>AndRemainder of division operation,/>And/>Corresponding two prime numbers when acquiring digital identity private key for message sharing party,/>, andIs natural logarithm, and the value of the natural constant e is 2.718.
In this embodiment, the binary representation of the shared message is a binary representation obtained by binary converting the shared message that the employee shares the message based on the interconnection list.
The beneficial effects of the technology are as follows: the embodiment provides a method for encrypting the binary representation of the shared message, which encrypts the binary representation of the shared message based on the digital identity private key of the employee performing message sharing to realize confidentiality and security of message sharing.
Example 10:
The invention provides a blockchain-based employee digital identity management method, which is applied to any one of the blockchain-based employee digital identity management devices in embodiments 1 to 9, and referring to fig. 2, the method comprises the following steps:
S1: carrying out identity registration on the identity information of each staff to obtain a digital identity public key and a digital identity private key of each staff;
S2: authenticating the identities of the employees logged in by each application system based on the digital identity public key of the employee, obtaining an identity authentication result, adding a friend list of each employee based on the identity authentication result, and obtaining an interconnection list of each employee;
S3: encrypting the message transmission process of the interconnected parties based on the interconnection list of each employee to obtain an interconnection transmission encryption result;
s4: and carrying out message sharing based on the interconnection list of each employee, and encrypting the message sharing transmission process to obtain a sharing transmission encryption result.
The beneficial effects of the technology are as follows: based on the distributed digital identity public key and the distributed digital identity private key generated for each employee, the message transmission process and the message sharing transmission process of the two interconnected parties are more safely and more accurately encrypted, and confidentiality and security of information or data communication among the employees are realized.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims (10)

1. A blockchain-based employee digital identity management apparatus, comprising:
the registration module is used for carrying out identity registration on the identity information of each staff to obtain a digital identity public key and a digital identity private key of each staff;
the authentication adding module is used for carrying out identity authentication on the staff logged in by each application system based on the digital identity public key of the staff to obtain an identity authentication result, and adding a friend list of each staff based on the identity authentication result to obtain an interconnection list of each staff;
The staff interconnection module is used for encrypting the message transmission process of the interconnection parties based on the interconnection list of each staff to obtain an interconnection transmission encryption result;
and the message sharing module is used for sharing the messages based on the interconnection list of each employee, encrypting the message sharing transmission process and obtaining the sharing transmission encryption result.
2. A blockchain-based employee digital identity management apparatus as in claim 1 wherein the registration module includes:
the identity information acquisition sub-module is used for acquiring the identity information uploaded by each person and carrying out authenticity verification on the information uploaded by each person to acquire an authenticity verification result of each person;
And the key generation sub-module is used for registering the identity of the staff based on the auditing result of each staff and generating the key of each staff completing the identity registration.
3. A blockchain-based employee digital identity management apparatus as in claim 2 wherein the identity information acquisition sub-module includes:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring the identity information uploaded by each person, and the identity information comprises: name, identification card number, department position, job number;
And the auditing unit is used for receiving the manual auditing result of the identity information uploaded by the personnel in real time, calibrating the corresponding personnel as personnel when the received manual auditing result is passed, and calibrating the corresponding personnel as non-personnel when the received manual auditing result is not passed and calibrating the auditing not to be passed as the authenticity auditing result of the corresponding personnel.
4. A blockchain-based employee digital identity management apparatus as in claim 2, wherein the key generation sub-module includes:
The registration unit is used for registering identities of all employees with the verification result of authenticity passing through, randomly generating a digital string with a preset length as an account number of each employee with the verification result of authenticity passing through, and carrying out random generation of the digital string again when the randomly generated digital string is completely overlapped with all the historically generated digital strings;
And the generating unit is used for generating and distributing the secret keys of all staff marked as staff to obtain the digital identity public key and the digital identity private key of each staff.
5. A blockchain-based employee digital identity management apparatus as in claim 4 wherein the means for generating generates and distributes keys to all staff members calibrated to employees, comprising:
randomly selecting two prime numbers m and n from a preset prime number set, wherein the interval between the two prime numbers m and n in the preset prime number set is not more than the preset number interval;
Determining a public key set number based on the selected prime numbers m and n All values satisfying the following formulas:
Wherein, Maximum common divisor of two positive integers,/>A number is set for the public key and,For/>And/>Least common multiple of,/>For prime numbers m and/>Performing remainder of division operation;
Setting the public key to a number The minimum value in all the values of (a) is set as the digital identity public key of the staff, and the/>, based on the final values of prime numbers m and n, is determinedAs the employee's digital identity private key.
6. A blockchain-based employee digital identity management apparatus as in claim 1 wherein the authentication add-on module comprises:
The identity authentication sub-module is used for carrying out identity authentication on the staff logging in each application system based on the digital identity public key of the staff to obtain an identity authentication result, wherein the identity authentication result is that authentication is passed and authentication is not passed;
The friend adding sub-module is used for acquiring the identity authentication results of the applying party and the identity authentication results of the applied party of all the added friend applying parties, and when the identity authentication results of the applying party and the identity authentication results of the applied party are all authentication passing, updating the corresponding friend lists of the applying party and the applied party based on the corresponding added friend applying of the corresponding strip, so as to acquire the interconnection list of each employee.
7. The blockchain-based employee digital identity management apparatus of claim 6, wherein the method for the identity authentication submodule to authenticate the employee logged in by each application system based on the employee's digital identity public key to obtain the identity authentication result comprises:
Storing all employee accounts and digital identity public keys of the employees in the system to a system data terminal, and receiving input information of login employees in real time, wherein the input information comprises employee accounts;
acquiring a digital identity public key of a login employee from a system data terminal based on input information, encrypting optional topics in a preset login topic library based on the digital identity public key of the login employee, and transmitting the encrypted topics from a system background to the login employee side;
when the system background receives the correct answer of the encrypted questions from the login staff end within the preset time, the authentication is passed as an identity authentication result of the corresponding login staff, and when the system background does not receive the correct answer of the encrypted questions from the login staff end within the preset time, the authentication is not passed as the identity authentication result of the corresponding login staff.
8. The blockchain-based employee digital identity management apparatus of claim 5, wherein the employee interconnect module encrypts the message transmission process for both parties of the interconnect based on the interconnect list for each employee, comprising:
Acquiring a transmission message of a message transmission party in the two interconnected parties, and performing binary conversion on the transmission message to acquire a binary representation of the transmission message;
if the account numbers of the other parties exist in the interconnection lists of the two parties applying for interconnection are detected, the respective digital identity public keys are sent to the other parties based on the blockchain, and the message transmission process of the two parties of interconnection is encrypted based on the public keys of the two parties of interconnection, namely:
Wherein, For a binary representation of an encrypted message after encrypting a binary representation of a transmitted message,/>For transmitting a binary representation of a message,/>Public key for digital identity of the party receiving the message of the interconnected parties,/>Is prime numberAnd/>Remainder of division operation,/>And/>Two corresponding prime numbers,/>, of the two interconnected parties when one party receiving the message obtains the digital identity public keyIs natural logarithm, and the value of the natural constant e is 2.718.
9. The blockchain-based employee digital identity management apparatus of claim 1, wherein the message sharing module performs message sharing based on the interconnection list of each employee, and the method for encrypting the message sharing transmission process comprises:
Obtaining a sharing message of an employee applying for message sharing, and performing binary conversion on the sharing message to obtain a binary representation of the sharing message;
acquiring an interconnection list of employees applying for message sharing, and sending digital identity public keys of the employees performing message sharing to all friends in the interconnection list based on a blockchain;
message sharing is carried out based on the interconnection list of each employee, and the message sharing transmission process is encrypted, namely:
Wherein, Binary representation of an encrypted message for encrypting the binary representation of the shared message,/>To share the binary representation of the transmission,/>Digital identity private key for staff sharing messages,/>Is prime/>And/>Remainder of division operation,/>And/>For a party performing message sharing to obtain two corresponding prime numbers when the digital identity private key,Is natural logarithm, and the value of the natural constant e is 2.718.
10. A blockchain-based employee digital identity management method, applied to perform a blockchain-based employee digital identity management apparatus as claimed in any of claims 1 to 9, comprising:
S1: carrying out identity registration on the identity information of each staff to obtain a digital identity public key and a digital identity private key of each staff;
S2: authenticating the identities of the employees logged in by each application system based on the digital identity public key of the employee, obtaining an identity authentication result, adding a friend list of each employee based on the identity authentication result, and obtaining an interconnection list of each employee;
S3: encrypting the message transmission process of the interconnected parties based on the interconnection list of each employee to obtain an interconnection transmission encryption result;
s4: and carrying out message sharing based on the interconnection list of each employee, and encrypting the message sharing transmission process to obtain a sharing transmission encryption result.
CN202410598348.9A 2024-05-15 2024-05-15 Staff digital identity management device and method based on blockchain Active CN118199896B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410598348.9A CN118199896B (en) 2024-05-15 2024-05-15 Staff digital identity management device and method based on blockchain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410598348.9A CN118199896B (en) 2024-05-15 2024-05-15 Staff digital identity management device and method based on blockchain

Publications (2)

Publication Number Publication Date
CN118199896A true CN118199896A (en) 2024-06-14
CN118199896B CN118199896B (en) 2024-08-13

Family

ID=91402949

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410598348.9A Active CN118199896B (en) 2024-05-15 2024-05-15 Staff digital identity management device and method based on blockchain

Country Status (1)

Country Link
CN (1) CN118199896B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102946603A (en) * 2012-10-31 2013-02-27 重庆市电力公司 Uniform identity authentication method based on social characteristics in power cloud system
CN113169876A (en) * 2018-11-27 2021-07-23 区块链控股有限公司 System and method for efficiently and securely processing, accessing and transmitting data over a blockchain network
CN114579943A (en) * 2022-03-15 2022-06-03 云南红岭云科技股份有限公司 Employee digital identity management system and method based on block chain
US11769577B1 (en) * 2020-01-15 2023-09-26 Ledgerdomain Inc. Decentralized identity authentication framework for distributed data

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102946603A (en) * 2012-10-31 2013-02-27 重庆市电力公司 Uniform identity authentication method based on social characteristics in power cloud system
CN113169876A (en) * 2018-11-27 2021-07-23 区块链控股有限公司 System and method for efficiently and securely processing, accessing and transmitting data over a blockchain network
US11769577B1 (en) * 2020-01-15 2023-09-26 Ledgerdomain Inc. Decentralized identity authentication framework for distributed data
CN114579943A (en) * 2022-03-15 2022-06-03 云南红岭云科技股份有限公司 Employee digital identity management system and method based on block chain

Also Published As

Publication number Publication date
CN118199896B (en) 2024-08-13

Similar Documents

Publication Publication Date Title
US20230087557A1 (en) System for privacy protection during iot secure data sharing and method thereof
CN103679436B (en) A kind of electronic contract security system and method based on biological information identification
US7676433B1 (en) Secure, confidential authentication with private data
US8995655B2 (en) Method for creating asymmetrical cryptographic key pairs
US20080170693A1 (en) Format-preserving cryptographic systems
CN109714169B (en) Data credible circulation platform based on strict authorization and circulation method thereof
EP3185465A1 (en) A method for encrypting data and a method for decrypting data
WO2018220541A1 (en) Protocol-based system and method for establishing a multi-party contract
Cheng et al. A permissioned blockchain-based platform for education certificate verification
CN103281180B (en) User is protected to access the bill generation method of privacy in a kind of network service
CN114500093A (en) Safe interaction method and system for message information
CN113783690B (en) Authentication-based bidding method and device
CN116108410A (en) Identity credential generation method and device
EP1164745A2 (en) System and method for usage of a role certificate in encryption, and as a seal, digital stamp, and a signature
US20050076213A1 (en) Self-enrollment and authentication method
CN107196965B (en) Secure network real name registration method
CN118199896B (en) Staff digital identity management device and method based on blockchain
US20060271482A1 (en) Method, server and program for secure data exchange
CN114862388A (en) Identity management method based on digital wallet, computer equipment and storage medium
CN112560057B (en) Business social system based on block chain and IPFS technology
WO2022219605A1 (en) Platform for building decentralized applications
CN110971392B (en) Decentralizing electronic academic certificate acquisition method and system
Sivanantham et al. Reliable Data Storage and Sharing using Block chain Technology and Two Fish Encryption
CN112257084A (en) Personal information storage and monitoring method, system and storage medium based on block chain
Reddy et al. Enhancing Secure and Reliable Data Transfer through Robust Integrity

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant