Search

CN-122027177-A - Authorization information reverse authentication method, device, equipment, medium and product

CN122027177ACN 122027177 ACN122027177 ACN 122027177ACN-122027177-A

Abstract

The embodiment of the application provides a method, a device, equipment, a medium and a product for reverse authentication of authorization information. The method comprises the steps of obtaining authorization information of second terminal equipment, wherein the authorization information comprises a mobile phone number and authorization data of the second terminal equipment, conducting desensitization processing on the mobile phone number to obtain a unique user identifier, generating an authorization report request according to the unique user identifier and the authorization data, sending the authorization report request to an authorization evidence storage platform to enable the authorization evidence storage platform to generate authorization evidence information according to the authorization report request, and uploading the authorization evidence information to a blockchain, wherein the authorization evidence information is used for responding to an authorization evidence inquiry request sent by a supervision party by the authorization evidence storage platform. So as to improve the security of the authorization information authentication mode.

Inventors

  • SHEN CHAO
  • LIANG BIN
  • GAO JUN
  • HUANG XIAOLEI
  • CHENG FUXING
  • CHEN HAO

Assignees

  • 中国联合网络通信集团有限公司
  • 联通在线信息科技有限公司

Dates

Publication Date
20260512
Application Date
20241111

Claims (13)

  1. 1. A method for reverse authentication of authorization information, applied to a first terminal device, the method comprising: acquiring authorization information of a second terminal device, wherein the authorization information comprises a mobile phone number and authorization data of the second terminal device; desensitizing the mobile phone number to obtain a unique user identifier; Generating an authorization report request according to the unique user identifier and the authorization data; And sending the authorization report request to an authorization and certification storage platform so that the authorization and certification storage platform generates authorization credential information according to the authorization report request and uploads the authorization credential information to a blockchain, wherein the authorization credential information is used for responding an authorization credential inquiry request sent by a supervisor by the authorization and certification storage platform.
  2. 2. The method of claim 1, wherein the desensitizing the mobile phone number to obtain a unique user identifier comprises: Generating a random number; And a hash algorithm is adopted to desensitize the random number and the mobile phone number so as to obtain a unique user identifier.
  3. 3. The method of claim 2, further comprising, after said sending the authorization report request to an authorization accounting platform: Receiving a random number inquiry request sent by the authorization and certification platform, wherein the random number inquiry request is generated after the authorization and certification platform receives an authorization and certification inquiry request sent by a supervision party, and the authorization and certification inquiry request and the random number inquiry request both comprise mobile phone numbers of users to be inquired; extracting a mobile phone number in the random number inquiry request, and inquiring a unique user identifier corresponding to the mobile phone number according to the mobile phone number; transmitting the unique user identifier to the authorization and certification platform; the user unique identifier is used for the authorization evidence storage platform to generate an authorization evidence inquiry response, the authorization evidence inquiry response is sent to the supervision party, and/or the user unique identifier is used for the authorization evidence storage platform to inquire a storage address of corresponding authorization evidence information in a blockchain, and the storage address is sent to the supervision party.
  4. 4. The method of claim 3, further comprising, prior to said transmitting said user unique identification to said authorization and certification platform: extracting a mobile phone number in the random number inquiry request, and inquiring a random number corresponding to the mobile phone number according to the mobile phone number; correspondingly, the step of sending the unique user identifier to the authorized evidence-storing platform comprises the following steps: And sending the user unique identifier and the random number to the authorization and certification platform so that the authorization and certification platform performs security verification according to the user unique identifier, the random number and the mobile phone number to determine whether to send an authorization certificate inquiry response and/or a storage address of authorization certificate information to the supervision party.
  5. 5. The method according to any one of claims 1 to 4, wherein the obtaining authorization information of the second terminal device includes: responding to a user authorization request initiated by second terminal equipment at an application program or website service corresponding to the first terminal equipment, and acquiring authorization information sent by the second terminal equipment; and storing the authorization information and returning a user authorization result to the second terminal equipment.
  6. 6. A method for reverse authentication of authorization information, applied to an authorization authentication platform, the method comprising: Receiving an authorization report request sent by a first terminal device, wherein the authorization report request acquires authorization information of a second terminal device for the first terminal device, desensitizes a mobile phone number to obtain a unique user identifier, and generates the authorization information according to the unique user identifier and authorization data, wherein the authorization information comprises the mobile phone number and the authorization data of the second terminal device; generating authorization credential information according to the authorization report request; Uploading the authorization credential information to a blockchain; And receiving an authorization credential query request sent by the supervisor, and responding to the authorization credential query request.
  7. 7. The method of claim 6, wherein responding to the authorization credential query request comprises: Generating a random number query request according to the authorization credential query request, wherein the authorization credential query request and the random number query request both comprise mobile phone numbers of users to be queried; the random number inquiry request is sent to the first terminal equipment, so that the first terminal equipment extracts the mobile phone number in the random number inquiry request, and inquires a unique user identifier corresponding to the mobile phone number according to the mobile phone number; Receiving the unique user identifier sent by the first terminal equipment; and generating an authorization credential query response according to the unique user identifier, and sending the authorization credential query response to the supervisor.
  8. 8. The method of claim 7, wherein after generating an authorization credential query response from the user unique identification and sending the authorization credential query response to the supervisor, further comprising: receiving an authorized evidence obtaining query request sent by a supervision party; Inquiring the storage address of the corresponding authorization credential information in the blockchain according to the unique user identifier; sending the storage address to the supervisor; receiving an authorized certificate file downloading request sent by the supervisor, wherein the authorized certificate file downloading request is generated by the supervisor according to the storage address; and acquiring the authorization document file from the blockchain according to the authorization document file downloading request, and sending the authorization document file to the supervisor.
  9. 9. An apparatus for reverse authentication of authorization information, applied to a first terminal device, comprising: The first acquisition module is used for acquiring the authorization information of the second terminal equipment, wherein the authorization information comprises the mobile phone number and the authorization data of the second terminal equipment; The first processing module is used for carrying out desensitization processing on the mobile phone number so as to obtain a unique user identifier; the second processing module is used for generating an authorization report request according to the unique user identifier and the authorization data; and the third processing module is used for sending the authorization report request to an authorization evidence storage platform so that the authorization evidence storage platform generates authorization evidence information according to the authorization report request and uploads the authorization evidence information to a blockchain, wherein the authorization evidence information is used for responding an authorization evidence inquiry request sent by a supervision party by the authorization evidence storage platform.
  10. 10. An apparatus for reverse authentication of authorization information, applied to an authorization authentication platform, the apparatus comprising: The mobile terminal comprises a first receiving module, a second receiving module and a first receiving module, wherein the first receiving module is used for receiving an authorization report request sent by first terminal equipment, the authorization report request is used for obtaining authorization information of second terminal equipment for the first terminal equipment, desensitizing treatment is carried out on a mobile phone number to obtain a unique user identifier, and the authorization information comprises the mobile phone number and authorization data of the second terminal equipment according to the unique user identifier and the authorization data; the fourth processing module is used for generating authorization credential information according to the authorization report request; a fifth processing module for uploading the authorization credential information to a blockchain; And the sixth processing module is used for receiving an authorization credential query request sent by the supervision party and responding to the authorization credential query request.
  11. 11. An authorization information reverse authentication device, comprising: at least one processor, and A memory communicatively coupled to the at least one processor, wherein, The memory stores instructions executable by the at least one processor to enable the at least one processor to perform the authorization information de-authorization method of any one of claims 1 to 5 or any one of claims 6 to 8.
  12. 12. A computer readable storage medium having stored therein computer executable instructions which when executed by a processor are for implementing the authorization information de-authorization method according to any one of claims 1 to 5 or for performing the authorization information de-authorization method according to any one of claims 6 to 8.
  13. 13. A computer program product comprising a computer program which, when executed by a processor, implements the method of any one of claims 1 to 5 or performs the method of reverse authentication of authorization information according to any one of claims 6 to 8.

Description

Authorization information reverse authentication method, device, equipment, medium and product Technical Field The present application relates to the field of communications technologies, and in particular, to a method, an apparatus, a device, a medium, and a product for reverse authentication of authorization information. Background Authorization information refers to the rights granted to a service or application to access personal data or to perform certain operations while the service or application is in use, and is typically maintained in an authentication platform for each party to extract for authentication. In the related technology, a user authorization protocol is signed between a terminal user and an enterprise, after the user authorization protocol is signed, the enterprise can upload all information of the user to an authorization evidence-storing platform for storage, and after the information is stored by the authorization evidence-storing platform, authorization checking and evidence-obtaining inquiry service can be provided, and after an authorization checking or evidence-obtaining inquiry request is received, the information of the user is directly sent to a request initiator so as to realize authentication of authorization information. However, the authorization information authentication mode in the prior art is easy to reveal the information of the user, and has low security. Disclosure of Invention The embodiment of the application provides a method, a device, equipment, a medium and a product for reverse authentication of authorization information, which are used for achieving the effect of improving the security of an authorization information authentication mode. In a first aspect, an embodiment of the present application provides a method for reverse authentication of authorization information, which is applied to a first terminal device, including: acquiring authorization information of the second terminal equipment, wherein the authorization information comprises a mobile phone number and authorization data of the second terminal equipment; Desensitizing the mobile phone number to obtain a unique user identifier; generating an authorization report request according to the unique user identifier and the authorization data; and sending the authorization report request to an authorization document storage platform so that the authorization document storage platform generates authorization document information according to the authorization report request, and uploading the authorization document information to a blockchain, wherein the authorization document information is used for responding to an authorization document inquiry request sent by a supervisor by the authorization document storage platform. In one possible implementation, the desensitizing the mobile phone number to obtain the unique user identifier includes: Generating a random number; and (3) carrying out desensitization treatment on the random number and the mobile phone number by adopting a hash algorithm to obtain a unique user identifier. In one possible implementation, after sending the authorization report request to the authorization accounting platform, the method further includes: Receiving a random number inquiry request sent by an authorization and evidence storage platform, wherein the random number inquiry request is generated after the authorization and evidence storage platform receives an authorization and evidence inquiry request sent by a supervision party, and the authorization and evidence inquiry request and the random number inquiry request both comprise mobile phone numbers of users to be inquired; Extracting a mobile phone number in the random number inquiry request, and inquiring a unique user identifier corresponding to the mobile phone number according to the mobile phone number; Transmitting the unique user identification to an authorization and certification platform; The user unique identifier is used for the authorization and certification platform to generate an authorization and certification inquiry response, the authorization and certification inquiry response is sent to the supervision party, and/or the user unique identifier is used for the authorization and certification platform to inquire the storage address of the corresponding authorization and certification information in the blockchain, and the storage address is sent to the supervision party. In one possible embodiment, before sending the user unique identification to the authorized forensic platform, the method further comprises: Extracting a mobile phone number in the random number inquiry request, and inquiring a random number corresponding to the mobile phone number according to the mobile phone number; Correspondingly, the method for sending the unique user identification to the authorized certification platform comprises the following steps: And transmitting the unique user identifier and the random number to the au