Disclosure of Invention
(One) solving the technical problems
Aiming at the defects of the prior art, the invention provides a digital currency identity authentication system based on a blockchain technology, when trading is carried out on the blockchain, by acquiring the trade frequency difference, the trade time difference and the association degree data of a trade counter party and a blacklist address in an evaluation data set, building a corresponding model for calculation, generating an accurate and effective abnormal degree predicted value Ead1, and according to a subsequent comparison result, efficiently detecting abnormal trading behavior; when the cross-block chain is used for trading, the evaluation data set and the network fluctuation coefficient Q in the user trading process are synchronously acquired, the abnormal degree predicted value Ead of the trade is calculated based on the preprocessed data set, and the abnormal degree of the trade in different scenes can be obtained according to the subsequent comparison results, so that the cross-block chain trading is conducive to evaluating the safety and the reliability of the cross-block chain trading, the possible risks and abnormal situations are identified, and the problems in the background technology are solved.
(II) technical scheme
In order to achieve the above purpose, the invention is realized by the following technical scheme:
a blockchain technology-based digital currency identity authentication system, comprising:
the user registration and identity verification module is used for acquiring identity information and proving material data of a user during registration and performing primary identity verification;
The data acquisition and storage module extracts identity information and proving material data of the user after the user identity is initially verified, creates a digital identity of the user and stores the digital identity on the blockchain;
before a user performs a transaction, the identity authentication and verification module encrypts and signs identity information provided by the user by adopting a public key encryption and digital signature technology, and provides a digital signature to verify the identity of the user and an authentication result when the user performs the transaction on the blockchain, and synchronously acquires an evaluation data set in the user transaction process;
The cross-chain identity authentication and interoperation module is used for transmitting the identity information and the proving material data of the user to the target blockchain through a cross-chain identity authentication and interoperation mechanism when the user carries out transactions on other blockchains, and synchronously acquiring an evaluation data set and a network fluctuation coefficient Q in the user transaction process;
The abnormal risk assessment early warning module builds an abnormal risk assessment calculation model according to the preprocessed assessment data set when carrying out transactions on the blockchain, generates an abnormal degree predicted value Ead1 of the transactions, and compares the abnormal degree predicted value Ead1 with a preset first assessment threshold value Comparing, if the abnormality degree predicted value Ead exceeds the first evaluation thresholdSending out a first-level early warning signal; otherwise, no response action is performed;
When trading is carried out through a block-crossing chain, an abnormal risk assessment calculation model is built for the second time according to the pretreated assessment data set and the network fluctuation coefficient Q, an abnormal degree predicted value Ead2 of the trade is generated, and the abnormal degree predicted value Ead2 is compared with a preset second assessment threshold value Comparing, if the abnormality degree predicted value Ead exceeds the second evaluation thresholdSending out a secondary early warning signal; otherwise, do not respond.
Further, the identity information of the user comprises the name, the identification card number and the contact phone of the user, the identity information of the user is filled in and provided by the user during registration, and the certification material data comprises a passport, a driving license and a photo of the user.
Further, the primary identity verification is performed by the following steps: and comparing with a legal organization database.
Further, the evaluation data set comprises a trade frequency difference, a trade time difference and a correlation degree of a trade counter party and a blacklist address, wherein the trade frequency difference represents a difference between the trade frequency and a historical trade frequency, and the historical trade frequency represents a trade frequency of the last month; the transaction time difference represents the difference between the current transaction time and the normal working time range, and the normal working time range is 9 points earlier to 5 points later.
Further, the association degree of the transaction counter-party and the blacklist address represents an association index I of the network IP address of the counter-party and the blacklist address preset by the system;
The specific association index I is obtained using the following steps:
S201, creating a blacklist address list preset by a system, wherein the list comprises addresses known to be marked as untrusted;
S202, in the transaction process, the IP address of the transaction counter party is acquired by any one of a weblog, an access log and an audit record;
s203, comparing the IP address of the transaction partner with a preset blacklist address list, directly comparing the IP address of the transaction partner with each address in the blacklist address list, and taking the IP address of the transaction partner as associated data if the IP address of the transaction partner is matched with each address in the blacklist address list;
s204, after the matched IP address is found, calculating a correlation index I by using the following formula:
Where Ps represents the number of matching IP addresses and Zs represents the total number of IP addresses.
Further, the network fluctuation coefficient Q is obtained as follows:
collecting network transmission rate of transaction at each moment in a preset time period T Calculating the average value of the network transmission rate at different moments in the T time period, and according to the average value and the network transmission rateThe network fluctuation coefficient Q is calculated according to the following formula:
;
In the method, in the process of the invention, The average value of the network transmission rate at different moments in time within T time periods is represented, t=1, 2, …, n being a positive integer, and n=t.
Further, the preprocessing of the evaluation data set comprises the following steps: and carrying out dimensionless treatment on each data.
Further, when the transaction is performed on the blockchain, the abnormal degree predicted value Ead1 of the transaction is calculated according to the following formula:
In the method, in the process of the invention, Trade frequency difference and trade time difference,/>, respectivelyPreset proportionality coefficients of trade frequency difference, trade time difference and associated index I respectively, and;
When a transaction is carried out by a cross-block chain, calculating an abnormal degree predicted value Ead of the transaction according to the following formula:
In the method, in the process of the invention, Is a constant correction coefficient.
(III) beneficial effects
The invention provides a digital currency identity authentication system based on a blockchain technology, which has the following beneficial effects:
When trading is carried out on the blockchain, through acquiring the trade frequency difference, the trade time difference and the association degree data of the trade counter party and the blacklist address in the evaluation data set, building a corresponding model calculation, generating an accurate and effective abnormal degree predicted value Ead1, and according to a subsequent comparison result, the abnormal trade behavior can be efficiently detected, so that the trading risk is reduced; when the cross-block chain is used for trading, the evaluation data set and the network fluctuation coefficient Q in the user trading process are synchronously acquired, the abnormal degree predicted value Ead of the trade is calculated based on the preprocessed data set, and the abnormal degree of the trade in different scenes can be obtained according to the subsequent comparison results, so that the cross-block chain trading is conducive to evaluating the safety and the reliability of the cross-block chain trading, and possible risks and abnormal situations are identified;
2. the invention adopts public key encryption, digital signature technology and method for evaluating data set, can improve the integrity, authenticity and authentication accuracy of data, and simultaneously detect and prevent abnormal transaction behavior, enhance the safety and credibility of cross-chain transaction, and is beneficial to protecting user privacy, preventing risks and maintaining the safe operation of the whole system.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
Referring to fig. 1, the present embodiment provides a digital currency identity authentication system based on a blockchain technology, where the system includes a user registration and identity verification module, a data acquisition and storage module, an identity authentication and verification module, a cross-chain identity authentication and interoperability module, and an abnormal risk assessment early warning module, and the system performs abnormal detection processing on identity authentication and transaction performed under different conditions, and performs effective assessment on risks existing in the transaction process, so as to prompt a user and perform remote supervision through an online supervisor, thereby ensuring security of digital currency transaction performed under different identity authentication conditions;
the user registration and identity verification module is used for acquiring identity information and proving material data of a user during registration and performing primary identity verification;
The identity information of the user comprises the name, the ID card number and the contact telephone of the user, the identity information of the user is automatically filled and provided when the user registers, and the certification material data comprises a passport, a driving license and a photo of the user;
The mode of carrying out the preliminary identity authentication is as follows: the conventional identity verification method is used, such as comparing with legal organization databases or using a third party identity verification service, and the identity verification method used in the scheme is as follows: comparison with legal authorities databases, this approach typically involves comparison with other legal authorities' identity verification databases to verify the accuracy and validity of the identity information provided by the individual;
The specific implementation mode comprises the following steps:
collecting identity information: when the user performs identity verification, personal identity information such as name, birth date and ID card number needs to be provided; database query: the authentication service provider will compare the identity information provided by the user with corresponding legal authorities databases, which may include national population registration databases, driver's license databases, passport databases; data comparison: the identity verification service compares identity information provided by a user with corresponding information stored in a database, and the comparison process generally involves verifying the consistency, validity and legitimacy of data; for example, verifying if the identification number is valid, if the name matches the database record; verification result: according to the comparison result, the identity verification service generates a verification result which indicates whether the provided identity information passes verification, and the verification result can pass, fails or needs further verification; notably, the particular authentication means and legal authorities databases used may vary from country to country and region to region; in some countries it is possible to provide an authentication interface allowing online authentication by third party service providers; and elsewhere, the user may be required to provide a copy of the identification document and manually verify by the service provider.
The data acquisition and storage module extracts identity information and proving material data of the user after the user identity is initially verified, creates a digital identity of the user and stores the digital identity on the blockchain;
The method for creating the digital identity of the user and storing the digital identity on the blockchain is a mode for protecting the privacy of the user and ensuring the safety of identity information, and comprises the following specific processes:
S101, a user successfully passes basic identity verification, provides a mobile phone number and a mailbox address, and verifies the validity of the mobile phone number and the mailbox address;
s102, providing identification materials such as an identification card, a passport and a driver license by a user, and extracting key information such as a name, an identification card number, nationality and the like from the identification materials by a platform by utilizing an OCR technology or other means;
S103, using an encryption algorithm to encode the identity information of the user into a unique digital identity identifier, for example, a Hash function can be used to Hash the identity information to obtain a unique digital identifier;
S104, storing the digital identity of the user on a blockchain to ensure that the data cannot be tampered and deleted, and selecting a public blockchain such as an Ethernet or a private blockchain to store the digital identity of the user, wherein the digital identity of the user depends on specific requirements and security requirements;
S105, in order to protect the privacy of the user, the digital identity stored on the blockchain can be encrypted, and only the user with the corresponding private key can decrypt and access the personal identity information;
for example, assuming XX is a new user, she successfully passes preliminary verification by providing a cell phone number and mailbox address, then XX provides her identification material, including an identification card photo, the platform extracts the name, identification card number and nationality information of the identification card using OCR technology; then, using an encryption algorithm, such as SHA-256, to encode XX identity information into a unique digital identity identifier, for example, by hashing, alice's identity information generates a digital identifier of "abc123"; finally, the platform stores abc123 on the blockchain to ensure the non-falsification and security of the data; only XX and other authorized users with corresponding private keys can decrypt and access the information, and when other service parties need to verify the identity of XX, the necessary identity information can be obtained by requesting digital identity data on the blockchain, and verification is performed.
Before a user performs a transaction, the identity authentication and verification module encrypts and signs identity information provided by the user by adopting a public key encryption and digital signature technology so as to ensure the integrity and the authenticity of data, and is convenient for requiring the user to provide a digital signature to verify the identity and the authentication result when the user performs the transaction on the blockchain; synchronously acquiring an evaluation data set in the user transaction process, wherein the evaluation data set comprises a transaction frequency difference, a transaction time difference and the association degree of a transaction counter party and a blacklist address;
Among them, public key encryption and digital signature techniques are two encryption and verification techniques commonly used in cryptography, which can be used to ensure confidentiality, integrity and identity authentication of data;
Public key encryption: public key encryption is an encryption technology, which uses a pair of keys, including a public key and a private key, the public key can be distributed to anyone in public, the private key is kept secret by the owner of the key, the public key encryption algorithm is used, the public key can be used for encrypting the message, and only the person holding the corresponding private key can decrypt the message; in short, if X1 wants to send an encrypted message to X2, X2 can provide X1 with its public key, and X1 will encrypt the message using the public key to get a ciphertext that can only be decrypted by X2, even if other people get the encrypted message during transmission, they cannot decrypt it because only X2 holds the private key, common public key encryption algorithms are RSA and elliptic curve encryption algorithm ECC;
Digital signature: digital signature is a technique for verifying data integrity and identity authentication, based on a pair of keys, including a private key and a public key, which is used to sign data, unlike public key encryption, while the public key is used to verify the authenticity of the signature, when X1 is to send a signed message to X2, X1 first signs the message using her private key, creating a unique digital signature, and then she sends the message and digital signature to X2, X2 can verify the authenticity of the signature using the public key of X1, which means that the message is indeed signed by X1 and is not tampered with during transmission, the digital signature is often used to ensure the originality of the file, verify the identity (through public key authentication), or to ensure that the data is not tampered with during transmission; common digital signature algorithms include RSA and elliptic curve digital signature algorithm ECDSA;
summarizing, public key encryption technology is used for data encryption and decryption, and digital signature technology is used for data integrity verification and identity authentication, and the two technologies are used in combination, so that confidentiality, integrity and identity authenticity of data can be ensured in network communication;
Trade frequency difference: analyzing the transaction frequency of the user, detecting whether abnormal frequent transaction behaviors exist or not, wherein the transaction frequency difference represents the difference between the transaction frequency of the time and the historical transaction frequency, and the historical transaction frequency represents the transaction frequency of the last month; for example: the trade frequency is 10 times/day, the trade frequency of the last month is 5 times/day, and the difference value is 5
Transaction time difference: checking whether the transaction time is in a normal working range or not so as to prevent abnormal transaction behaviors, wherein the transaction time difference represents the difference value between the transaction time and the normal working time range, and the normal working time range is 9 points early to 5 points late; for example: the transaction time is 8 hours in the morning, and the transaction time difference is 9-8=1 hours;
correlation of transaction counter-parties to blacklist addresses: analyzing the transaction counter-party, and detecting the association index I of the network IP address of the counter-party and the system preset blacklist address;
The specific association index I is obtained using the following steps:
S201, collecting a blacklist address list: firstly, a system preset blacklist address list needs to be created, wherein the list contains known malicious IP addresses or addresses marked as distrust;
S202, acquiring the IP address of a transaction counter party: in the transaction process, the IP address of the transaction counter party is acquired, and the IP address can be acquired in a weblog, an access log or an audit record and the like;
s203, comparing the IP addresses: comparing the IP address of the transaction partner with a preset blacklist of addresses, one of two methods may be used: a) And (3) accurate matching: directly comparing the IP address of the transaction counter party with each address in the blacklist address list, and taking the address as one of the associated indexes if matching exists; b) Sub-network matching: according to the subnet mask of the IP address, carrying out subnet matching on the IP address of the transaction counter party and the address in the blacklist address list, and if the matching exists, taking the matching as one of the association indexes;
S204, calculating a correlation coefficient: after finding a matching IP address, the association index I can be calculated using the following formula:
wherein Ps represents the number of matching IP addresses, zs represents the total number of IP addresses;
The association index I indicates the association degree of the IP address of the transaction counter party and the blacklist address preset by the system, and if the association coefficient is close to or reaches 1, the association degree indicates that the IP address of the transaction counter party is highly associated with the blacklist address, and risks can exist; it should be noted that, the association coefficient only represents the matching degree between the IP addresses, and cannot directly determine the credibility of the transaction counterpart, and may have a false positive or false negative condition; therefore, the final judgment can be made by comprehensively evaluating other security measures and authentication modes.
The cross-chain identity authentication and interoperation module is used for transmitting the identity information and the proving material data of the user to the target blockchain through a cross-chain identity authentication and interoperation mechanism when the user carries out transactions on other blockchains, and synchronously acquiring an evaluation data set and a network fluctuation coefficient Q in the user transaction process;
The cross-chain identity authentication and interoperation mechanism is a technical solution for implementing identity authentication and information sharing between different block chains, and the following is an implementation manner in the embodiment, which shows a process of cross-chain identity authentication and interoperation:
Cross-chain identity authentication: a) The user initiates an identity authentication request: when a user needs to conduct transaction or use service on a target blockchain, firstly, an identity authentication request is sent to the target blockchain, wherein the request comprises identity information of the user and information needing to be verified; b) Cross-chain identity authentication mechanism: the target blockchain uses a specific cross-chain identity authentication mechanism to verify the identity of the user, which may involve communication verification with the original blockchain of the user, or uses a specific cross-chain identity verification protocol, after verification is successful, the target blockchain confirms the identity of the user; c) And returning an identity authentication result: the target blockchain returns an identity authentication result, typically an identity authentication token or other identifier, to the user;
Cross-chain information sharing: a) User request information sharing: after the user completes identity authentication on the target blockchain, the user can send an information sharing request which comprises the data expected to be shared and the address of the receiver; b) Cross-chain interoperation mechanism: the target blockchain uses a cross-chain interoperation mechanism to pass requests to the source blockchain to obtain the data that needs to be shared, which may involve invocation of a particular cross-chain communication protocol or smart contract; c) Source blockchain data sharing: after the source blockchain receives the sharing request, corresponding data is shared to the target blockchain according to the legality and authority of the request, which may require the use of specific data conversion or encryption technology to ensure the security and consistency of the data in the cross-chain process; d) Returning a sharing result: the source blockchain transmits the shared data to the target blockchain and returns a sharing result, and the target blockchain can continue to conduct transaction or service after receiving the data;
Specific cross-chain identity authentication and interoperation mechanisms can vary from one blockchain platform to another, and some open-source cross-chain solutions, such as Cosmos, polkadot and INTERLEDGER, provide specific protocols and mechanisms to implement cross-chain identity authentication and sharing; summarizing, the cross-chain identity authentication and interoperability mechanism allows users to perform identity authentication and information sharing among different blockchains, ensures security and consistency through specific protocols and mechanisms, provides users with seamless experience among the cross-region blockchains, and promotes interoperability and data sharing among blockchains;
The network fluctuation coefficient Q represents the fluctuation degree of the network in the system during the transaction, and the higher the fluctuation degree is, the more unstable the transaction is in the transmission process, and the greater the risk of external network access during the transaction is;
The network fluctuation coefficient Q is obtained as follows:
collecting network transmission rate of transaction at each moment in a preset time period T Calculating the average value of the network transmission rate at different moments in the T time period, and according to the average value and the network transmission rateThe network fluctuation coefficient Q is calculated according to the following formula:
In the method, in the process of the invention, The average value of the network transmission rate at different moments in time within T time periods is represented, t=1, 2, …, n being a positive integer, and n=t.
The abnormal risk assessment early warning module builds an abnormal risk assessment calculation model according to the preprocessed assessment data set when carrying out transactions on the blockchain, generates an abnormal degree predicted value Ead1 of the transactions, and compares the abnormal degree predicted value Ead1 with a preset first assessment threshold valueComparing, if the abnormality degree predicted value Ead exceeds the first evaluation thresholdIf the transaction is abnormal, a first-level early warning signal is sent; otherwise, the system does not respond;
When trading is carried out through a block-crossing chain, an abnormal risk assessment calculation model is built for the second time according to the pretreated assessment data set and the network fluctuation coefficient Q, an abnormal degree predicted value Ead2 of the trade is generated, and the abnormal degree predicted value Ead2 is compared with a preset second assessment threshold value Comparing, if the abnormality degree predicted value Ead exceeds the second evaluation thresholdIf the transaction is abnormal, a secondary early warning signal is sent; otherwise, the system does not respond;
the preprocessing of the evaluation data set comprises the following steps: carrying out dimensionless treatment on each data;
When the transaction is carried out on the block chain, the abnormal degree predicted value Ead1 of the transaction is calculated according to the following formula:
In the method, in the process of the invention, Trade frequency difference and trade time difference,/>, respectivelyPreset proportionality coefficients of trade frequency difference, trade time difference and associated index I respectively, and,The value ranges of the two are all 0-1;
When a transaction is carried out by a cross-block chain, calculating an abnormal degree predicted value Ead of the transaction according to the following formula:
In the method, in the process of the invention, Is a constant correction coefficient, and its specific value can be set by user adjustment, or generated by analysis function fitting, andThe value range of (2) is 1-2;
It should be noted that, the primary early warning signal and the secondary early warning signal are only used for distinguishing the early warning signal form;
When the staff receives the first-level early warning signal and the second-level early warning signal, the response action is made to immediately close the current transaction process and save evidence, so that the follow-up investigation and evidence collection are facilitated.
Specifically, when the transaction is performed on the blockchain, by acquiring the transaction frequency difference, the transaction time difference and the association degree data of the transaction counter party and the blacklist address in the evaluation data set, building a corresponding model calculation, generating an accurate and effective abnormal degree predicted value Ead1, and according to the subsequent comparison result, efficiently detecting abnormal transaction behaviors, thereby being beneficial to reducing transaction risks; when the cross-block chain is used for trading, the evaluation data set and the network fluctuation coefficient Q in the user trading process are synchronously acquired, the abnormal degree predicted value Ead of the trade is calculated based on the preprocessed data set, and the abnormal degree of the trade in different scenes can be obtained according to the subsequent comparison results, so that the cross-block chain trading is conducive to evaluating the safety and the reliability of the cross-block chain trading, and possible risks and abnormal situations are identified;
By integrating the whole scheme of the embodiment, the public key encryption, the digital signature technology and the method for evaluating the data set are adopted, so that the integrity, the authenticity and the accuracy of identity verification of the data can be improved, abnormal transaction behaviors can be detected and prevented, the safety and the credibility of the cross-chain transaction are enhanced, and the privacy of users, the prevention risk and the safe operation of a block chain system can be protected.
Referring to fig. 2, the digital currency identity authentication system based on the blockchain technology is required to be used by the corresponding electronic device, and the electronic device includes a processor and a memory for executing the digital currency identity authentication system based on the blockchain technology.
Example 2
Based on embodiment 1, this embodiment also provides a process of digital currency identity authentication based on blockchain technology: s1, acquiring identity information and proving material data of a user during registration, and performing primary identity verification;
S2, after the user identity is initially verified, extracting identity information and proving material data of the user, creating a digital identity of the user, and storing the digital identity on a blockchain;
S3, before a user performs transaction, encrypting and signing identity information provided by the user by adopting a public key encryption and digital signature technology, and providing a digital signature to verify the identity and authentication result of the user and synchronously acquiring an evaluation data set in the user transaction process when the user performs the transaction on the blockchain;
S4, when a user carries out transactions on other blockchains, transmitting the identity information and the proving material data of the user to a target blockchain through a cross-chain identity authentication and interoperation mechanism, and synchronously acquiring an evaluation data set and a network fluctuation coefficient Q in the user transaction process;
S5, when a transaction is carried out on the blockchain, an abnormal risk assessment calculation model is built according to the preprocessed assessment data set, an abnormal degree predicted value Ead1 of the transaction is generated, and the abnormal degree predicted value Ead1 is compared with a preset first assessment threshold value Comparing, if the abnormality degree predicted value Ead exceeds the first evaluation thresholdSending out a first-level early warning signal; otherwise, no response action is performed;
When trading is carried out through a block-crossing chain, an abnormal risk assessment calculation model is built for the second time according to the pretreated assessment data set and the network fluctuation coefficient Q, an abnormal degree predicted value Ead2 of the trade is generated, and the abnormal degree predicted value Ead2 is compared with a preset second assessment threshold value Comparing, if the abnormality degree predicted value Ead exceeds the second evaluation thresholdSending out a secondary early warning signal; otherwise, do not respond.
In the application, the related formulas are all the numerical calculation after dimensionality removal, and the formulas are one formulas for obtaining the latest real situation by software simulation through collecting a large amount of data, and the formulas are set by a person skilled in the art according to the actual situation.
The above embodiments may be implemented in whole or in part by software, hardware, firmware, or any other combination. When implemented in software, the above-described embodiments may be implemented in whole or in part in the form of a computer program product. Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present application.