Search

CN-118842646-B - Distributed power supply terminal access authentication method and system based on block chain

CN118842646BCN 118842646 BCN118842646 BCN 118842646BCN-118842646-B

Abstract

A distributed power supply terminal access authentication method and system based on block chain. The method comprises the steps of receiving an authentication request sent by a distributed power supply terminal node, extracting a terminal public key in the authentication request, carrying out signature verification on the distributed power supply terminal node at a master node, searching a block chain node matched with the distributed power supply terminal in an authentication block chain network by utilizing a terminal identifier in the authentication request when the signature verification is passed, forming a distributed authentication group by a plurality of block chain nodes, broadcasting the authentication request to the distributed authentication group, indicating all nodes in the distributed authentication group to carry out consensus authentication on the authentication request based on a consensus algorithm, and accessing the distributed power supply terminal into the master node when the consensus authentication is passed, and updating the authentication block chain network. The scheme of the invention provides a safer, more reliable and more efficient solution for grid-connected access of the distributed power terminals.

Inventors

  • CHEN MINGLIANG
  • XU ZAIDE
  • ZHANG GUANGZHOU
  • SHAO LISONG
  • WU YUE
  • LU ZHIXUE
  • HE JICHENG
  • BAI JIEYIN
  • PAN BENREN
  • YU YINGTING
  • GAO YINGJIAN
  • LI BO
  • WU QUN
  • ZHOU SHIHAO
  • TIAN HUI
  • ZHANG TAO
  • LIANG YE
  • WANG CHUNYAN
  • REN HAO
  • XIE GUOQIANG
  • WANG MING
  • LI PENGCHENG
  • ZHANG XIAO

Assignees

  • 国家电网有限公司
  • 国网江西省电力有限公司电力科学研究院
  • 国网电力科学研究院有限公司
  • 北京科东电力控制系统有限责任公司

Dates

Publication Date
20260505
Application Date
20240819

Claims (8)

  1. 1. The distributed power supply terminal access authentication method based on the block chain is characterized by comprising the following steps of: Receiving an authentication request sent by a distributed power supply terminal node, extracting a terminal public key in the authentication request, and performing signature verification on the distributed power supply terminal node at a master node; When the signature verification is passed, searching a block chain node matched with the distributed power supply terminal in an authentication block chain network by utilizing a terminal identifier in the authentication request, and forming a distributed authentication group by a plurality of block chain nodes; broadcasting the authentication request to the distributed authentication group, indicating all nodes in the distributed authentication group to perform consensus authentication on the authentication request based on a consensus algorithm, accessing the distributed power supply terminal to the master node when the consensus authentication is passed, and updating the authentication blockchain network; the performing consensus authentication on the authentication request based on the consensus algorithm further comprises: the master node sends the request number n, the request message m of the client and the digital signature sig_primary of the master node to all the copy nodes; Each copy node verifies the validity of the signature and the message after receiving the message, and if the signature and the message pass the verification, the copy node enters a preparation stage; each copy node sends a preparation message to all other nodes, wherein the message comprises a request number n, a request message m, a signature sig_primary of a dispatching master station and a signature sig_replica of the dispatching master station, and when one copy node receives the preparation message exceeding 2f+1 identical request numbers n, identical request messages m and valid signatures, the preparation message enters a submitting stage, wherein f is the number of tolerable Bayesian error nodes; In the submitting stage, the replica node sends a submitting message to all other nodes, wherein the message comprises a request number n, a request message m, a signature sig_primary of a dispatching master station, a signature sig_replica of the self and a received preparation message set; the retrieving a blockchain node that matches the distributed power terminals further comprises: The master node retrieves attribute information of legal nodes from the blockchain, wherein the attribute information comprises access time, service type, running state and node type, predefines a series of matching conditions according to service requirements, compares information of a distributed power supply terminal to be accessed with information of the legal nodes, and judges whether the information meets the predefining matching conditions; The method further comprises the steps of: Each node is assigned a dynamic weight based on its performance, stability, and historical behavior: Weight i =α·Performance i +β· Stability i + γ· History i Wherein Weight i is the Weight of node i, performance i 、Stability i and History i represent Performance, stability and historical behavior scores of the node respectively, α, β and γ are Weight coefficients, and nodes with high dynamic weights are preferentially selected in the consensus process; When a node joins the system, an initial weight W_init is given according to the initial performance and the historical behavior of the node: W_init = α * Perf + β * Hist perf is the initial performance score of the node, hist is the historical behavior score of the node, and alpha and beta are weight coefficients; in the consensus process, dynamically adjusting the weight of the node according to the actual performance of the node; for each consensus Round, the node generates a performance score Perf round ; After each consensus round is finished, updating the weight of the node according to the node performance score: W new = W old * (1 + ΔW) W old is the weight at the end of the previous round, Δw is the weight adjustment factor calculated from Perf round , Δw=γ (Perf round - Avg Perf ) / Avg Perf ; Perf round is the performance score of the current round node, avg Perf is the average performance score of all the participating nodes of the current round, gamma is an adjustment coefficient, and the sensitivity of weight adjustment is controlled; before each consensus round starts, the main node and the backup node are selected according to the weights of all the current nodes, the main node selects the node with the highest weight, and the backup nodes are sequentially selected from high to low according to the weights.
  2. 2. The blockchain-based distributed power terminal access authentication method of claim 1, wherein the signature verification is performed on the distributed power terminal node at a master node, further comprising: The distributed power supply terminal node sends an authentication request to the master node through a secure channel, wherein the authentication request comprises a unique identification character string of a terminal type field, a terminal public key and a digital certificate issued by an authorization mechanism and is used for confirming the identity and authorization of equipment; And after receiving the authentication request, the master node confirms the validity of the terminal signature by using the terminal public key.
  3. 3. The blockchain-based distributed power terminal access authentication method of claim 2, wherein the retrieving the blockchain node matching the distributed power terminal in the authenticated blockchain network using the terminal identification in the authentication request further comprises: Searching in the authentication blockchain network for sufficient electric quantity and processing capacity which are successfully accessed into the power dispatching service system and have a predefined threshold value for running an authentication algorithm, and enabling the distributed power supply terminal to be accessed into the power dispatching service system to belong to legal nodes of the same class or service; and extracting information of the legal nodes, including access time, service type, running state and node type, and comprehensively matching with the distributed power supply terminal to be accessed.
  4. 4. A blockchain-based distributed power terminal access authentication system, comprising: The signature verification module is used for receiving an authentication request sent by the distributed power supply terminal node, extracting a terminal public key in the authentication request, and carrying out signature verification on the distributed power supply terminal node at a master node; the block chain retrieval module is used for retrieving the block chain nodes matched with the distributed power supply terminal in an authentication block chain network by utilizing the terminal identification in the authentication request when the signature verification passes, and forming a distributed authentication group by a plurality of block chain link points; The consensus module is used for broadcasting the authentication request to the distributed authentication group and indicating all nodes in the distributed authentication group to perform consensus authentication on the authentication request based on a consensus algorithm, and when the consensus authentication is passed, the distributed power supply terminal is accessed to the master node and the authentication blockchain network is updated; The consensus module is further configured to: the master node sends the request number n, the request message m of the client and the digital signature sig_primary of the master node to all the copy nodes; Each copy node verifies the validity of the signature and the message after receiving the message, and if the signature and the message pass the verification, the copy node enters a preparation stage; each copy node sends a preparation message to all other nodes, wherein the message comprises a request number n, a request message m, a signature sig_primary of a dispatching master station and a signature sig_replica of the dispatching master station, and when one copy node receives the preparation message exceeding 2f+1 identical request numbers n, identical request messages m and valid signatures, the preparation message enters a submitting stage, wherein f is the number of tolerable Bayesian error nodes; In the submitting stage, the replica node sends a submitting message to all other nodes, wherein the message comprises a request number n, a request message m, a signature sig_primary of a dispatching master station, a signature sig_replica of the self and a received preparation message set; the retrieving a blockchain node that matches the distributed power terminals further comprises: The master node retrieves attribute information of legal nodes from the blockchain, wherein the attribute information comprises access time, service type, running state and node type, predefines a series of matching conditions according to service requirements, compares information of a distributed power supply terminal to be accessed with information of the legal nodes, and judges whether the information meets the predefining matching conditions; The consensus module is further configured to: Each node is assigned a dynamic weight based on its performance, stability, and historical behavior: Weight i =α·Performance i +β· Stability i + γ· History i Wherein Weight i is the Weight of node i, performance i 、Stability i and History i represent Performance, stability and historical behavior scores of the node respectively, α, β and γ are Weight coefficients, and nodes with high dynamic weights are preferentially selected in the consensus process; When a node joins the system, an initial weight W_init is given according to the initial performance and the historical behavior of the node: W_init = α * Perf + β * Hist perf is the initial performance score of the node, hist is the historical behavior score of the node, and alpha and beta are weight coefficients; in the consensus process, dynamically adjusting the weight of the node according to the actual performance of the node; for each consensus Round, the node generates a performance score Perf round ; After each consensus round is finished, updating the weight of the node according to the node performance score: W new = W old * (1 + ΔW) W old is the weight at the end of the previous round, Δw is the weight adjustment factor calculated from Perf round , Δw=γ (Perf round - Avg Perf ) / Avg Perf ; Perf round is the performance score of the current round node, avg Perf is the average performance score of all the participating nodes of the current round, gamma is an adjustment coefficient, and the sensitivity of weight adjustment is controlled; before each consensus round starts, the main node and the backup node are selected according to the weights of all the current nodes, the main node selects the node with the highest weight, and the backup nodes are sequentially selected from high to low according to the weights.
  5. 5. The blockchain-based distributed power terminal access authentication system of claim 4, wherein the signature verification module is further configured to: The distributed power supply terminal node sends an authentication request to the master node through a secure channel, wherein the authentication request comprises a unique identification character string of a terminal type field, a terminal public key and a digital certificate issued by an authorization mechanism and is used for confirming the identity and authorization of equipment; And after receiving the authentication request, the master node confirms the validity of the terminal signature by using the terminal public key.
  6. 6. The blockchain-based distributed power terminal access authentication system of claim 5, wherein the blockchain retrieval module is further configured to: Searching in the authentication blockchain network for sufficient electric quantity and processing capacity which are successfully accessed into the power dispatching service system and have a predefined threshold value for running an authentication algorithm, and enabling the distributed power supply terminal to be accessed into the power dispatching service system to belong to legal nodes of the same class or service; and extracting information of the legal nodes, including access time, service type, running state and node type, and comprehensively matching with the distributed power supply terminal to be accessed.
  7. 7. A terminal comprises a processor and a storage medium, and is characterized in that: The storage medium is used for storing instructions; The processor is configured to operate in accordance with the instructions to perform the steps of the blockchain-based distributed power terminal access authentication method of any of claims 1-3.
  8. 8. A computer readable storage medium having stored thereon a computer program, characterized in that the program when executed by a processor implements the steps of the blockchain based distributed power terminal access authentication method of any of claims 1-3.

Description

Distributed power supply terminal access authentication method and system based on block chain Technical Field The invention belongs to the field of terminal access authentication, and particularly relates to a distributed power supply terminal access authentication method and system based on a block chain. Background In recent years, with the rapid development of distributed power supplies, the problem of grid-connected access authentication is also increasingly prominent. Traditional centralized authentication modes such as authentication schemes based on public key infrastructure (Public Key Infrastructure, PKI), authentication schemes based on identity authentication, authentication schemes based on digital certificates and the like have the problems that certificate management is complex, security is difficult to guarantee, expandability is poor and the like, so that the authentication requirement is difficult to meet. Disclosure of Invention In order to solve the defects in the prior art, the invention provides a distributed power terminal access authentication method and system based on a block chain, so as to provide a safer, more reliable and more efficient solution for grid-connected access of the distributed power terminal. In order to solve the technical problems, the invention adopts the following technical scheme. The invention firstly discloses a distributed power supply terminal access authentication method based on a block chain, which comprises the following steps: Receiving an authentication request sent by a distributed power supply terminal node, extracting a terminal public key in the authentication request, and performing signature verification on the distributed power supply terminal node at a master node; When the signature verification is passed, searching a block chain node matched with the distributed power supply terminal in an authentication block chain network by utilizing a terminal identifier in the authentication request, and forming a distributed authentication group by a plurality of block chain nodes; Broadcasting the authentication request to the distributed authentication group, indicating all nodes in the distributed authentication group to perform consensus authentication on the authentication request based on a consensus algorithm, and accessing the distributed power supply terminal to the master node and updating the authentication blockchain network when the consensus authentication is passed. The invention further comprises the following preferable schemes: The step of performing signature verification on the distributed power supply terminal node at the master node further comprises the following steps: The distributed power supply terminal node sends an authentication request to the master node through a secure channel, wherein the authentication request comprises a unique identification character string of a terminal type field, a terminal public key and a digital certificate issued by an authorization mechanism and is used for confirming the identity and authorization of equipment; And after receiving the authentication request, the master node confirms the validity of the terminal signature by using the terminal public key. The searching the blockchain node matched with the distributed power supply terminal in the authentication blockchain network by using the terminal identification in the authentication request further comprises the following steps: Searching in the authentication blockchain network for sufficient electric quantity and processing capacity which are successfully accessed into the power dispatching service system and have a predefined threshold value for running an authentication algorithm, and enabling the distributed power supply terminal to be accessed into the power dispatching service system to belong to legal nodes of the same class or service; and extracting information of the legal nodes, including access time, service type, running state and node type, and comprehensively matching with the distributed power supply terminal to be accessed. The performing consensus authentication on the authentication request based on the consensus algorithm further comprises: the master node sends the request number n, the request message m of the client and the digital signature sig_primary of the master node to all the copy nodes; Each copy node verifies the validity of the signature and the message after receiving the message, and if the signature and the message pass the verification, the copy node enters a preparation stage; each copy node sends a preparation message to all other nodes, wherein the message comprises a request number n, a request message m, a signature sig_primary of a dispatching master station and a signature sig_replica of the dispatching master station, and when one copy node receives the preparation message exceeding 2f+1 identical request numbers n, identical request messages m and valid signatures, the preparation message