Resource conflict detection method of resource public key infrastructure based on block chain

Abstract

The invention discloses a resource conflict detection method of a resource public key infrastructure based on a block chain, and aims to improve the detection efficiency of resource conflicts in a resource certificate issuing process. According to the technical scheme, a block chain-based resource public key infrastructure system composed of a resource issuer, a resource transaction application client, a resource receiver and a block chain network is constructed, wherein the resource transaction application client is composed of a resource transaction module, a resource certificate generation module and a display module; a resource transaction structure and a resource tree are constructed; a resource certificate generation module of the resource issuer issues the RC, and performs conflict check on RC resources; the smart contract or chain code of the block chain performs resource conflict check on the RC issuing transaction; a resource certificate generation module of the resource issuer issues ROA, and performs resource conflict check on ROA resources; and the intelligent contract or the chain code performs resource conflict check on the ROA issuing transaction. According to the invention, the self-security of the resource certificate system can be improved, and the detection efficiency is high.

Description

technical field [0001] The invention belongs to the field of network information security, and in particular relates to a method for detecting resource public key infrastructure resource conflicts based on block chains to improve the security of RPKI (Resource Public Key Infrastructure, namely resource public key infrastructure). Background technique [0002] BGP (Border Gateway Protocol, Border Gateway Protocol) is an inter-domain routing protocol in the Internet. However, the traditional BGP protocol is vulnerable to many security threats, and one of the most common BGP attacks is prefix hijacking. By forging the origin AS (Autonomous system, that is, autonomous system, origin AS, that is, the AS that initiated the route advertisement information) in the BGP route advertisement information, the traffic corresponding to these IP address prefixes is intercepted or discarded by the hijacker's AS. Resource Public Key Infrastructure (RPKI) is an infrastructure used to support ...

AI Technical Summary

Problems solved by technology

Although this method has the advantages of two-way authorization and preventing single point of failure, it is more suitable for the management of Internet resource certificates than the previous two methods. It is the latest technical solution in the field of Internet routing and communication. However, the main disadvantage of this method is Using a one-by-one traversal method, each resource that has been issued and the resource certificate resource to be verified are checked for resource duplication, resource coverage, and resource crossover. The detection efficiency is low; the second is that this method mainly detects RC resource conflicts. Detect ROA resource conflicts; third, this method completely relies on the verification contract deployed on the blockchain, and does not consider a comprehensive solution that combines CA resource anomaly detection with blockchain smart contracts or blockchain chain codes

Images