Trusted identity authentication method and system, storage medium and cloud computing terminal

Abstract

The invention belongs to the technical field of identity authentication, and discloses a trusted identity authentication method and system, a storage medium and a cloud computing terminal, which establish a trust relationship among multiple CAs by using a blockchain technology to complete quick response of distributed identity authentication among cross-domain PKI users. Aiming at the problems ofcomplex construction and large query time overhead of a plurality of independent PKI cross-domain identity authentication trust chains, the multi-PKI fusion certificate service system construction method enables the plurality of independent PKI systems to complete cross-authentication through a blockchain mode, and realizes credible authentication of cross-domain user identities. Aims at the spaceoverhead pressure brought to an authentication node due to the fact that the length of a blockchain is increased due to multi-domain PKI certificate chain fusion, a digital certificate authenticationquery method based on a block head node is provided, a block structure suitable for a multi-domain PKI certificate chain is designed, time expenditure caused by block-by-block query of a long chain is reduced, and distributed certificate verification in a multi-domain scene is achieved.

Description

technical field [0001] The invention belongs to the technical field of identity authentication, and in particular relates to a trusted identity authentication method, system, storage medium, and cloud computing terminal. Background technique [0002] Currently, when two users do not belong to the same trust domain, that is, do not trust the same authoritative certification authority (CA, Certificate Authority), mutual identity authentication needs to establish a trust relationship across trust domains. The traditional public key infrastructure (Public Key Infrastructure, PKI) cross-domain trust relationship establishment method is to issue cross-certificates through multiple mutual signatures between two authoritative certification authority CAs in advance, so that the authoritative certification authority CAs can trust each other and establish mutual trust. The corresponding trust model completes the trusted authentication of cross-domain user identities by constructing com...

AI Technical Summary

Problems solved by technology

[0003] Existing networks contain multiple trust models such as strict hierarchy, mesh, bridge, and hybrid. Different public key infrastructures (PKIs) may adopt the same or different trust models. When building cross-domain trust relationships, different trust models need to be established. The certification authority CAs issue cross-certificates to each other, which makes the search of the certificate trust chain path very complicated, and the validity and authenticity of the certificate cannot be quickly verified.

When the number of CAs participating in the trust model increases, there may be problems such as circular trust paths, which will make it impossible to build an available trust chain, making cross-domain identity authentication impossible.

[0004] Through the above analysis, the existing problems and defects of the existing technology are as follows: the cross-domain trusted authentication process of user identity in multi-cloud and multi-domain converged computing is complicated and time-consuming

[0005] The difficulty in solving the above problems and defects is: the existing network contains a wide variety of trust models, different trust models may be adopted between different PKIs, and it is very complicated and difficult to build trust relationships in cross-domain scenarios

The block structure in the traditional blockchain is fixed, and the consumption of additional storage resources required for the certificate increases with the increase of the chain length, and the efficiency of linear block-by-block query is low

Images