CN-122027172-A - Industrial terminal security system and method integrating biological identification and blockchain certification

Abstract

The invention provides an industrial terminal security system and method integrating biological identification and blockchain certification, the method comprises the steps of carrying out feature combination based on biological features and physical environment features to obtain a biological environment combined abstract, generating a disposable asymmetric key pair based on the biological environment combined abstract, carrying out digital signature on an operation instruction to be executed based on a private key in the disposable asymmetric key pair to obtain a signature operation instruction, constructing an identity binding certificate based on a public key in the disposable asymmetric key pair and the biological environment combined abstract, initiating broadcasting to a target blockchain network by a to-be-certified operation package generated based on the identity binding certificate and the signature operation instruction, unsealing the original operation instruction and executing based on the signature operation instruction if the certification receipt is consistent with the biological environment combined abstract, and refusing to execute and clearing a temporary key if the certification receipt is not consistent with the biological environment combined abstract. The invention realizes the verifiable and non-repudiation binding of the operation behavior and the biological identification on the blockchain certification level.

Inventors

• OU ZAIHUAN

Assignees

• 深圳市触想智能股份有限公司

Dates

Publication Date

20260512

Application Date

20260326

Claims (10)

1. 1. An industrial terminal security method integrating biological identification and blockchain certification, comprising: performing feature combination based on physical environment features of a user acquired at an industrial terminal and at the time of biological feature acquisition to obtain a biological environment combination abstract; generating a one-time asymmetric key pair based on the biological environment joint digest; Performing digital signature on an operation instruction to be executed based on a private key in the disposable asymmetric key pair to obtain a signature operation instruction, and constructing an identity binding credential based on a joint abstract of a public key in the disposable asymmetric key pair and the biological environment; Initiating broadcasting to a target blockchain network based on the identity binding certificate and the to-be-stored certificate operation package generated by the signature operation instruction so as to receive a stored certificate transaction receipt returned by the target blockchain network; and if the certification transaction receipt is consistent with the biological environment joint abstract, unpacking the original operation instruction and executing the operation instruction based on the signature operation instruction, otherwise, refusing to execute and clearing the temporary key.
2. 2. The method for integrating biological recognition and blockchain certification of industrial terminal security according to claim 1, wherein the feature combination is performed based on the biological features of the user collected at the industrial terminal and the physical environmental features at the time of the biological feature collection, to obtain a biological environment combination abstract, comprising: Performing overlap interval detection based on a first signal segment between two adjacent zero crossing points in a biological characteristic signal waveform of the biological characteristic and a second signal segment between two adjacent zero crossing points in an environmental characteristic sensing time sequence signal of the physical environmental characteristic to obtain a signal overlap interval set; Waveform interception is carried out on the basis of the signal waveform of the biological characteristic signal waveform in each overlapping interval in the signal overlapping interval set, so as to obtain a biological overlapping waveform fragment set; Performing waveform interception on the signal waveform in each overlapping interval in the signal overlapping interval set based on the environmental characteristic sensing time sequence signal to obtain an environmental overlapping waveform segment set; and carrying out double-channel parallel arrangement analysis based on the biological overlapping waveform segment set and the environment overlapping waveform segment set to obtain the biological environment joint abstract.
3. 3. The method for integrating biological recognition and blockchain certification of industrial terminals according to claim 2, wherein the performing a two-channel parallel arrangement analysis based on the set of biological overlapping waveform segments and the set of environmental overlapping waveform segments to obtain the biological environment joint digest comprises: performing two-channel parallel arrangement based on each biological overlapping waveform segment in the biological overlapping waveform segment set and the environmental overlapping waveform segment in the corresponding overlapping section in the environmental overlapping waveform segment set to obtain a parallel waveform pair set; Performing equal point truncation based on each parallel waveform pair in the parallel waveform pair set and a preset fixed sampling point to obtain an equal point waveform pair sequence, and performing signal interleaving on each equal point waveform pair in the equal point waveform pair sequence by using alternate sampling interleaving to obtain an interleaving waveform sequence; Performing point-by-point symbol replacement based on each interleaved waveform in the interleaved waveform sequence and a preset amplitude symbol mapping table to obtain a biological environment symbol sequence; And linearly splicing each symbol in the biological environment symbol sequence according to the connection sequence from front to back to obtain the biological environment joint abstract.
4. 4. The method for integrating biometric and blockchain certification of claim 1, wherein generating a one-time asymmetric key pair based on the biometric environment joint digest comprises: mapping and positioning from a symbol position to a sensing time point based on a symbol sequence in the biological environment joint abstract and an environment characteristic sensing time sequence signal of the physical environment characteristic to obtain a public key environment coupler; Performing private key hidden state evolution based on a symbol sequence in the biological environment joint abstract and a safe execution environment of the industrial terminal to obtain a private key hidden state structure; and performing one-time transaction binding and submitting operation based on the public key environment coupling body and the private key hidden state structure body to obtain the one-time asymmetric key pair.
5. 5. The industrial terminal security method of integrating biometric and blockchain certification of claim 4, the method is characterized in that the step of determining the private key hidden structure comprises the following steps: Performing disturbance injection based on the symbol sequence in the biological environment joint abstract and manifold states in the safe execution environment to obtain a disturbed manifold state sequence, wherein the manifold states are a group of register values; Performing gradual state evolution based on each manifold state in the disturbed manifold state sequence and a state transfer mapping relation in the secure execution environment to obtain a converged manifold state, wherein the state transfer mapping relation is a state transfer table solidified in a Read Only Memory (ROM); performing unidirectional bit sampling based on the convergence manifold state and a state register set in the secure execution environment to obtain a private key hidden bit stream; and performing atomic writing and locking access rights based on the private key hidden state bit stream and an isolated storage page in the secure execution environment to obtain the private key hidden state structure.
6. 6. The industrial terminal security method of integrating biometric and blockchain certification of claim 4, the method is characterized in that the step of determining the public key environment coupling body comprises the following steps: Mapping and positioning from a symbol position to a sensing time point based on a symbol sequence in the biological environment joint abstract and an environment feature sensing time sequence signal of the physical environment feature to obtain an environment sensing anchor point sequence; carrying out neighborhood first-order differential calculation based on each sensing anchor point in the environment sensing anchor point sequence and the environment characteristic sensing time sequence signal to obtain an environment local change rate sequence set; Performing co-occurrence zero crossing detection based on the environmental characteristic sensing time sequence signal and the biological characteristic signal waveform to obtain a co-occurrence event time sequence; Performing amplitude difference calculation based on each co-occurrence event time point in the co-occurrence event time sequence and each adjacent sampling point of the neighborhood of the local environment change rate sequence in the local environment change rate sequence set to obtain a global environment change rate sequence set; and performing time sequence splicing based on the sequence of each environmental global change rate sequence in the environmental global change rate sequence set and the sequence of the events in the co-occurrence event time sequence to obtain the public key environment coupler.
7. 7. An integrated biometric and blockchain certification industrial terminal security system, characterized in that it is applied to the integrated biometric and blockchain certification industrial terminal security method according to any of claims 1 to 6, wherein the integrated biometric and blockchain certification industrial terminal security system comprises: The characteristic joint analysis module is used for carrying out characteristic joint based on the biological characteristics of the user acquired at the industrial terminal and the physical environment characteristics at the biological characteristic acquisition time to obtain a biological environment joint abstract; the key generation module is used for generating a disposable asymmetric key pair based on the biological environment joint digest; The data encryption module is used for carrying out digital signature on the operation instruction to be executed based on the private key in the one-time asymmetric key pair to obtain a signature operation instruction, and constructing an identity binding certificate based on the public key in the one-time asymmetric key pair and the biological environment joint abstract; The identity verification module is used for initiating broadcasting to a target blockchain network based on the identity binding certificate and the to-be-stored certificate operation package generated by the signature operation instruction so as to receive a stored certificate transaction receipt returned by the target blockchain network; and the terminal safety monitoring module is used for unsealing and executing the original operation instruction based on the signature operation instruction if the certification transaction receipt is consistent with the biological environment joint abstract, and refusing to execute and clearing the temporary key otherwise.
8. 8. An electronic device comprising a memory for storing a computer software program and a processor for reading and executing the computer software program, characterized in that the processor, when executing the computer software program, implements the industrial terminal security method integrating biometric identification and blockchain certification as defined in any one of claims 1 to 6.
9. 9. A non-transitory computer readable storage medium having stored therein a computer software program which, when executed by a processor, implements the industrial terminal security method of integrating biometric and blockchain certification as defined in any of claims 1 to 6.
10. 10. A computer software program product comprising a computer program which, when executed by a processor, implements an industrial terminal security method of integrating biometric identification and blockchain certification as claimed in any of claims 1 to 6.

Description

Industrial terminal security system and method integrating biological identification and blockchain certification Technical Field The invention relates to the technical field of computers, in particular to an industrial terminal security system and method integrating biological identification and blockchain certification. Background In the field of industrial terminal security, the prior art generally adopts a scheme that after a user completes identity verification through a biological recognition device, a system sends an operation event to a centralized log server in a structured log form, and the server writes a log hash value into a blockchain to realize certification. In the method, the biological identification is only used for access control, and the blockchain certification is only used for integrity protection of the operation log, and the two are completely decoupled in technical flow. This solution has a key drawback in that the biometric process itself is not incorporated into the chain of certificates, resulting in the failure to prove that the operation of a certain blockchain certificate is indeed triggered by the person of the particular user who is being biometric. An attacker can intercept the operation instruction of a legal user through man-in-the-middle attack, replay the instruction and forge the certification request under the condition of bypassing the local biological recognition, and the blockchain only records that a certain instruction is executed and cannot bind whether the instruction is originated from the real biological certification. Therefore, the existing method cannot realize the atomic binding of the biological identification behavior and the blockchain certification behavior in time, a main body and actions, and cannot meet the requirements of 'identity verifiable and non-repudiation' on the operation behavior in a high-safety industrial scene. Disclosure of Invention The invention provides an industrial terminal safety system and method integrating biological identification and blockchain certification, which are used for solving the technical problem that operation cannot be proven to be triggered by a real user from blockchain certification data in the background technology, and realizing verifiable and non-repudiation binding of operation behaviors and biological identification on a blockchain certification level. In a first aspect, the present invention provides an industrial terminal security method integrating biometric identification with blockchain certification, comprising: performing feature combination based on physical environment features of a user acquired at an industrial terminal and at the time of biological feature acquisition to obtain a biological environment combination abstract; generating a one-time asymmetric key pair based on the biological environment joint digest; Performing digital signature on an operation instruction to be executed based on a private key in the disposable asymmetric key pair to obtain a signature operation instruction, and constructing an identity binding credential based on a joint abstract of a public key in the disposable asymmetric key pair and the biological environment; Initiating broadcasting to a target blockchain network based on the identity binding certificate and the to-be-stored certificate operation package generated by the signature operation instruction so as to receive a stored certificate transaction receipt returned by the target blockchain network; and if the certification transaction receipt is consistent with the biological environment joint abstract, unpacking the original operation instruction and executing the operation instruction based on the signature operation instruction, otherwise, refusing to execute and clearing the temporary key. In a second aspect, the invention also provides an industrial terminal security system integrating biological identification and blockchain certification, which is applied to the industrial terminal security method integrating biological identification and blockchain certification according to the first aspect, wherein the industrial terminal security system integrating biological identification and blockchain certification comprises: The characteristic joint analysis module is used for carrying out characteristic joint based on the biological characteristics of the user acquired at the industrial terminal and the physical environment characteristics at the biological characteristic acquisition time to obtain a biological environment joint abstract; the key generation module is used for generating a disposable asymmetric key pair based on the biological environment joint digest; The data encryption module is used for carrying out digital signature on the operation instruction to be executed based on the private key in the one-time asymmetric key pair to obtain a signature operation instruction, and constructing an identity binding certificate based on the public