CN113872816B - Equipment management system for industrial Internet - Google Patents

Equipment management system for industrial Internet Download PDF

Info

Publication number
CN113872816B
CN113872816B CN202111164257.7A CN202111164257A CN113872816B CN 113872816 B CN113872816 B CN 113872816B CN 202111164257 A CN202111164257 A CN 202111164257A CN 113872816 B CN113872816 B CN 113872816B
Authority
CN
China
Prior art keywords
node
target
network
feature
connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111164257.7A
Other languages
Chinese (zh)
Other versions
CN113872816A (en
Inventor
请求不公布姓名
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Block Express Technology Co ltd
Original Assignee
Beijing Block Express Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Block Express Technology Co ltd filed Critical Beijing Block Express Technology Co ltd
Priority to CN202111164257.7A priority Critical patent/CN113872816B/en
Publication of CN113872816A publication Critical patent/CN113872816A/en
Application granted granted Critical
Publication of CN113872816B publication Critical patent/CN113872816B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/30Computing systems specially adapted for manufacturing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application relates to a device management system for the industrial internet, comprising: the device verification platform is respectively in communication connection with the user terminal and the device; the device verification platform comprises: the system comprises a graph construction module, a network division module, a feature extraction module and a database, wherein the modules are in communication connection. The feature extraction module generates a graph structure feature matrix for each directed acyclic graph sample based on the graph structure features of each obtained directed acyclic graph sample, and then generates a timing feature matrix based on all the graph structure feature matrices. The network dividing module divides the industrial blockchain network into a plurality of blockchain sub-networks according to the time sequence feature matrix, and identifies a target blockchain sub-network corresponding to the target device based on the device type identifier. The target blockchain subnetwork authenticates the target device based on the received device authentication request.

Description

Equipment management system for industrial Internet
Technical Field
The application relates to the field of blockchains and industrial Internet, in particular to a device management system for the industrial Internet.
Background
Blockchains are accounting techniques, also known as distributed ledger techniques, that are commonly maintained by multiple parties, use cryptography to secure transmissions and accesses, and enable consistent storage of data, difficult tampering, and protection from repudiation. In a typical blockchain system, parties store information together and agree on rules agreed in advance.
With the rise of various industrial internet applications, the demand for secure and trusted digital identities at the industrial internet equipment end is increasing. The following problems exist in the digital identity of the equipment end in the current industrial Internet: firstly, the management of the mapping relationship between the digital identity of the equipment end and the identity of the owner or user thereof requires that the equipment end can verify the identity of the requesting party so as to realize the efficient, reliable and safe exchange of equipment state information between people and equipment and between equipment. Secondly, the whole life cycle management process of the equipment needs to perform trusted and tamper-resistant traceability inquiry on the subordinate relations and the like of the equipment so as to obtain the basis when the responsibility is acknowledged due to the use of the equipment.
Thus, there is an urgent need for a distributed scalable identity management solution for the industrial internet.
Disclosure of Invention
In view of this, the present application provides a device management system for the industrial internet, comprising: the device verification platform is respectively in communication connection with the user terminal and the device, and the user terminal is in communication connection with the device; the device verification platform comprises: the system comprises a graph construction module, a network division module, a feature extraction module and a database, wherein the modules are in communication connection.
The graph construction module traverses all network nodes in the industrial blockchain network, takes the traversing network nodes as central nodes, and takes other network nodes except the central nodes in the industrial blockchain network as radiating nodes of the central nodes.
The graph construction module acquires the communication area of the center node and the communication area of each radiation node of the center node, and generates a directed connection network of the center node according to the communication area of the center node and the communication area of each radiation node of the center node.
The above steps are repeated until all network nodes in the finished industrial blockchain network are traversed to generate a directed connection network of all network nodes in the industrial blockchain network.
The graph construction module generates a directed acyclic graph of the industrial blockchain network based on the directed connection networks of all network nodes in the industrial blockchain network.
The diagram construction module acquires the directed acyclic graphs of the industrial block chain network at each moment, performs diagram sampling on all the directed acyclic graphs of the industrial block chain network based on a preset time step to acquire a plurality of directed acyclic graph samples, and then arranges all the directed acyclic graph samples according to a time sequence to generate a time sequence diagram sequence of the industrial block chain network.
The feature extraction module obtains the graph structure features of each directed acyclic graph sample in the time sequence graph sequence of the industrial blockchain network, generates a graph structure feature matrix of each directed acyclic graph sample based on the graph structure features of each directed acyclic graph sample, and then generates the time sequence feature matrix of the industrial blockchain network according to the graph structure feature matrices of all the directed acyclic graph samples.
The network dividing module divides the industrial blockchain network into a plurality of blockchain sub-networks based on the time sequence feature matrix, marks each blockchain sub-network to obtain a network identifier of each blockchain sub-network, and then maps the network identifiers of the blockchain sub-networks and node identifiers of all network nodes in the blockchain sub-networks to generate blockchain distribution information.
The user terminal obtains the equipment type identification of the target equipment based on the equipment basic information of the target equipment, identifies the corresponding blockchain sub-network of the target equipment in the industrial blockchain network based on the equipment type identification and the blockchain distribution information, and then takes the blockchain sub-network as a target blockchain sub-network.
The user terminal generates a device verification request of the target device through the device state information and the device basic information of the target device, and sends the device verification request to the target blockchain sub-network.
And the target blockchain sub-network performs identity verification on the target equipment according to the equipment verification request.
Further, the user terminal is an intelligent device with a communication function and a data transmission function, which is used by a device manager, and the intelligent device comprises: smart phones, tablet computers, notebook computers, and desktop computers. The target device is a device which is undergoing identity verification, and the device is a device with communication capability, network connection capability or production capability in the industrial Internet. The time sequence feature matrix consists of graph structure feature matrices of all directed acyclic graph samples in the time sequence graph sequence; the graph structure feature matrix of the directed acyclic graph sample is composed of path feature vectors of all feature paths of the directed acyclic graph sample.
Further, the target blockchain sub-network performing identity verification on the target device according to the device verification request includes:
a first network node in a target blockchain sub-network receives the device verification request; the first network node is a network node for synchronizing all block header data in the industrial block chain network;
a second network node in the target block chain sub-network generates a block header based on the device basic information of the target device and generates a block body based on the device state information of the target device;
a second network node in the target block chain sub-network generates a new block based on the block header and the block body, takes the new block as a target block, and then issues the target block to the target block chain sub-network; the second network node is other network nodes except the first network node and the third network node in the industrial blockchain network;
verifying the target block by a third network node in the target block chain sub-network; the third network node is a network node for synchronizing all block header data and block body data in the industrial block chain network;
adding the target block into the target block chain sub-network when the target block passes the verification; discarding the target block when the target block fails the verification.
Further, the graph construction module generating a directed connection network of the center node from the communication area of the center node and the communication area of the radiating node of the center node includes:
the graph construction module traverses all radiation nodes of the central node, takes the traversed radiation node as the central radiation node, and then respectively acquires a communication area of the central node and a communication area of the central radiation node;
the method comprises the steps that a diagram construction module obtains an overlapping area of a communication area of a central node and a communication area of a central radiation node, the ratio of the area of the overlapping area to the area of the communication area of the central node is used as a first connection value, and then the ratio of the area of the overlapping area to the area of the communication area of the central radiation node is used as a second connection value;
generating a directed connection from the central node to the central radiating node when the first connection value is greater than the first connection threshold and the second connection value is greater than the second connection threshold;
the graph construction module acquires a node feature vector of the central node and a node feature vector of the central radiation node, calculates the Euclidean distance between the node feature vector of the central node and the node feature vector of the central radiation node to obtain the node similarity of the central node and the central radiation node, and then determines the weight of the directed connection between the central node and the central radiation node based on the first connection value, the second connection value and the node similarity;
repeating the steps until all the radiation nodes of the center node are traversed, thereby generating a plurality of directional connections of the center node and weights of each directional connection of the center node, and generating a directional connection network of the center node according to the plurality of directional connections of the center node and the weights of each directional connection of the center node.
Further, the feature extraction module obtaining the graph structure feature matrix of the directed acyclic graph sample includes:
the feature extraction module randomly selects one network node from all network nodes in the directed acyclic graph sample as a target node, and generates a feature path taking the target node as an initial node according to the target node and a radiation node which is in directed connection with the target node;
the feature extraction module counts the number of feature paths and compares the number of feature paths with a first stop threshold; and when the number of the characteristic paths is smaller than the first stop threshold value, repeating the steps until the number of the characteristic paths is larger than or equal to the first stop threshold value to generate a plurality of characteristic paths of the directed acyclic graph sample.
Further, the feature extraction module obtaining the graph structure feature matrix of the directed acyclic graph sample includes:
the feature extraction module traverses all feature paths of the directed acyclic graph sample, takes the traversed feature paths as target feature paths, and then acquires all associated node pairs in the target feature paths;
the feature extraction module extracts node distribution features of all associated node pairs of the target feature path, and maps the node distribution features of all associated node pairs to a low-dimensional vector space to obtain node distribution feature vectors of each associated node pair;
the feature extraction module performs feature fusion on node distribution feature vectors of all associated node pairs of the target feature path to obtain a path feature vector of the target feature path;
and repeating the steps until all the characteristic paths of the directed acyclic graph sample are traversed to obtain the path characteristic vector of each characteristic path of the directed acyclic graph sample, and generating a graph structure characteristic matrix of the directed acyclic graph sample according to the path characteristic vectors of all the characteristic paths of the directed acyclic graph sample.
Further, the feature extraction module obtains all associated node pairs in the target feature path, including:
the feature extraction module randomly selects a network node from a target feature path as a target node, then sets a sliding window, acquires a context node of the target node based on the sliding window, and maps the target node and the context node of the target node to generate an associated node pair of the target node;
repeating the steps to obtain the associated node pair of each network node in the target characteristic path.
Further, the feature extraction module generating a feature path with the target node as an initial node according to the target node and a radiation node with a directional connection with the target node comprises:
the feature extraction module takes the target node as a target first-stage node, and takes a radiation node which is in directional connection with the target first-stage node as a candidate node of the target first-stage node based on a directional connection network of the target first-stage node;
the feature extraction module obtains the weight value of directed connection between the target first-stage node and each candidate node of the target first-stage node, takes the candidate node with the largest weight value in all candidate nodes of the target first-stage node as a target second-stage node, and then connects the target first-stage node with the target second-stage node;
the feature extraction module takes the radiation node with directional connection with the target second-level node as a candidate node of the target second-level node based on the directional connection network of the target second-level node, and counts the number of the candidate nodes of the target second-level node;
the feature extraction module takes the ratio of the number of candidate nodes of the target second-level node to the total number of network nodes in the directed acyclic graph sample as the node complexity of the target second node, and then compares the node complexity of the target second node with a second stop threshold;
when the node complexity of the target second node is larger than the stop threshold, the feature extraction module acquires the weight of each candidate node of the target second level node and each candidate node of the target second level node, and takes the candidate node with the largest weight in all candidate nodes of the target second level node as a target third level node;
repeating the steps until the node complexity is less than or equal to the second stopping threshold value to obtain the characteristic path taking the target node as the initial node.
The application has the following beneficial effects: in the application, the user terminal generates the equipment verification request by generating the equipment basic information and the equipment state information of the target equipment and sends the equipment verification request to the target block chain sub-network, thereby realizing the real-time verification of whether the identity of the target equipment accords with the preset identity clause, and preventing the potential risk of bypassing an identity authentication mechanism and the like caused by unsafe network communication by forging an identity authentication result.
Drawings
Fig. 1 is a block diagram of a device management system for an industrial internet according to an exemplary embodiment.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments.
Referring to fig. 1, in one embodiment, a device management system for the industrial internet may include: the device verification platform is respectively in communication connection with the user terminal and the device, and the user terminal is in communication connection with the device; the device verification platform comprises: the system comprises a graph construction module, a network division module, a feature extraction module and a database, wherein the modules are in communication connection;
the graph construction module traverses all network nodes in the industrial block chain network, takes the traversed network nodes as central nodes, and takes other network nodes except the central nodes in the industrial block chain network as radiation nodes of the central nodes;
the method comprises the steps that a diagram construction module obtains a communication area of a center node and a communication area of each radiation node of the center node, and a directed connection network of the center node is generated according to the communication area of the center node and the communication area of each radiation node of the center node;
repeating the steps until all network nodes in the finished industrial blockchain network are traversed so as to generate a directed connection network of all network nodes in the industrial blockchain network;
the graph construction module generates a directed acyclic graph of the industrial blockchain network based on the directed connection networks of all network nodes in the industrial blockchain network;
the method comprises the steps that a graph construction module obtains directed acyclic graphs of an industrial block chain network at each moment, performs graph sampling on all directed acyclic graphs of the industrial block chain network based on a preset time step to obtain a plurality of directed acyclic graph samples, and then arranges all the directed acyclic graph samples according to a time sequence to generate a time sequence graph sequence of the industrial block chain network;
the characteristic extraction module acquires the graph structure characteristics of each directed acyclic graph sample in the time sequence graph sequence of the industrial blockchain network, generates a graph structure characteristic matrix of each directed acyclic graph sample based on the graph structure characteristics of each directed acyclic graph sample, and then generates a time sequence characteristic matrix of the industrial blockchain network according to the graph structure characteristic matrices of all the directed acyclic graph samples;
the network dividing module divides the industrial blockchain network into a plurality of blockchain sub-networks based on the time sequence feature matrix, marks each blockchain sub-network to obtain a network identifier of each blockchain sub-network, and then maps the network identifiers of the blockchain sub-networks and node identifiers of all network nodes in the blockchain sub-networks to generate blockchain distribution information;
the user terminal obtains the equipment type identification of the target equipment based on the equipment basic information of the target equipment, identifies the corresponding block chain sub-network of the target equipment in the industrial block chain network based on the equipment type identification and the block chain distribution information, and then takes the block chain sub-network as a target block chain sub-network;
the user terminal generates a device verification request of the target device through the device state information and the device basic information of the target device, and sends the device verification request to the target block chain sub-network;
and the target blockchain sub-network performs identity verification on the target equipment according to the equipment verification request.
The working principle of the present application will be described below. In one embodiment, a method performed by a device management system for an industrial internet includes:
s1, a graph construction module generates a directed acyclic graph of an industrial block chain network at each moment based on the interaction relation of the industrial block chain network at each moment network node, performs graph sampling on all the directed acyclic graphs of the industrial block chain network based on a preset time step to obtain a plurality of directed acyclic graph samples, and then arranges all the directed acyclic graph samples according to a time sequence to generate a time sequence graph sequence of the industrial block chain network.
In one embodiment, the graph construction module generating the directed acyclic graph of the industrial blockchain network based on the interactions of the network nodes of the industrial blockchain network includes:
the graph construction module traverses all network nodes in the industrial block chain network, takes the traversed network nodes as central nodes, and takes other network nodes except the central nodes in the industrial block chain network as radiation nodes of the central nodes;
the method comprises the steps that a diagram construction module obtains a communication area of a center node and a communication area of each radiation node of the center node, and a directed connection network of the center node is generated according to the communication area of the center node and the communication area of each radiation node of the center node;
repeating the steps until all network nodes in the finished industrial blockchain network are traversed so as to generate a directed connection network of all network nodes in the industrial blockchain network; a directed acyclic graph of the industrial blockchain network is generated based on the directed connection networks of all network nodes in the industrial blockchain network.
Further, the graph construction module generating a directed connection network of the center node from the communication area of the center node and the communication area of the radiating node of the center node includes:
the graph construction module traverses all radiation nodes of the central node, takes the traversed radiation node as the central radiation node, and then respectively acquires a communication area of the central node and a communication area of the central radiation node;
the method comprises the steps that a diagram construction module obtains an overlapping area of a communication area of a central node and a communication area of a central radiation node, the ratio of the area of the overlapping area to the area of the communication area of the central node is used as a first connection value, and then the ratio of the area of the overlapping area to the area of the communication area of the central radiation node is used as a second connection value;
generating a directed connection from the central node to the central radiating node when the first connection value is greater than the first connection threshold and the second connection value is greater than the second connection threshold;
the graph construction module acquires a node feature vector of the central node and a node feature vector of the central radiation node, calculates the Euclidean distance between the node feature vector of the central node and the node feature vector of the central radiation node to obtain the node similarity of the central node and the central radiation node, and then determines the weight of the directed connection between the central node and the central radiation node based on the first connection value, the second connection value and the node similarity;
repeating the steps until all the radiation nodes of the center node are traversed, thereby generating a plurality of directional connections of the center node and weights of each directional connection of the center node, and generating a directional connection network of the center node according to the plurality of directional connections of the center node and the weights of each directional connection of the center node.
The first connection threshold and the second connection threshold are critical values for judging whether the central node and the radiation node are set in advance according to actual conditions.
S2, a feature extraction module acquires the graph structure features of each directed acyclic graph sample in the time sequence of the industrial block chain network, generates a graph structure feature matrix of each directed acyclic graph sample based on the graph structure features of each directed acyclic graph sample, and then generates a time sequence feature matrix of the industrial block chain network according to the graph structure feature matrices of all the directed acyclic graph samples.
The time sequence feature matrix consists of the graph structure feature matrices of all the directed acyclic graph samples in the time sequence graph sequence; the graph structure feature matrix of the directed acyclic graph sample is composed of path feature vectors of all feature paths of the directed acyclic graph sample.
Specifically, the feature extraction module obtaining the graph structure feature matrix of the directed acyclic graph sample includes:
the feature extraction module randomly selects one network node from all network nodes in the directed acyclic graph sample as a target node, and generates a feature path taking the target node as an initial node according to the target node and a radiation node which is in directed connection with the target node;
the feature extraction module counts the number of feature paths and compares the number of feature paths with a first stop threshold; and when the number of the characteristic paths is smaller than the first stop threshold value, repeating the steps until the number of the characteristic paths is larger than or equal to the first stop threshold value to generate a plurality of characteristic paths of the directed acyclic graph sample.
In one embodiment, the feature extraction module obtains a graph structure feature matrix of the directed acyclic graph sample comprising:
the feature extraction module traverses all feature paths of the directed acyclic graph sample, takes the traversed feature paths as target feature paths, and then acquires all associated node pairs in the target feature paths;
the feature extraction module extracts node distribution features of all associated node pairs of the target feature path, and maps the node distribution features of all associated node pairs to a low-dimensional vector space to obtain node distribution feature vectors of each associated node pair;
feature fusion is carried out on node distribution feature vectors of all associated node pairs of the target feature path so as to obtain a path feature vector of the target feature path;
and repeating the steps until all the characteristic paths of the directed acyclic graph sample are traversed to obtain the path characteristic vector of each characteristic path of the directed acyclic graph sample, and generating a graph structure characteristic matrix of the directed acyclic graph sample according to the path characteristic vectors of all the characteristic paths of the directed acyclic graph sample.
In one embodiment, the feature extraction module obtains all associated node pairs in the target feature path including:
the feature extraction module randomly selects a network node from a target feature path as a target node, then sets a sliding window, acquires a context node of the target node based on the sliding window, and maps the target node and the context node of the target node to generate an associated node pair of the target node;
repeating the steps to obtain the associated node pair of each network node in the target characteristic path.
In one embodiment, the feature extraction module generating a feature path with the target node as an initial node from the target node and a radiating node having a directed connection with the target node comprises:
the feature extraction module takes the target node as a target first-stage node, and takes a radiation node which is in directional connection with the target first-stage node as a candidate node of the target first-stage node based on a directional connection network of the target first-stage node;
the feature extraction module obtains the weight value of directed connection between the target first-stage node and each candidate node of the target first-stage node, takes the candidate node with the largest weight value in all candidate nodes of the target first-stage node as a target second-stage node, and then connects the target first-stage node with the target second-stage node;
the feature extraction module takes the radiation node with directional connection with the target second-level node as a candidate node of the target second-level node based on the directional connection network of the target second-level node, and counts the number of the candidate nodes of the target second-level node;
the feature extraction module takes the ratio of the number of candidate nodes of the target second-level node to the total number of network nodes in the directed acyclic graph sample as the node complexity of the target second node, and then compares the node complexity of the target second node with a second stop threshold;
the feature extraction module acquires the weight of each candidate node of the target second-level node and the target second-level node when the node complexity of the target second-level node is larger than a stop threshold value, and takes the candidate node with the largest weight in all candidate nodes of the target second-level node as a target third-level node;
repeating the steps until the node complexity is less than or equal to the second stopping threshold value to obtain the characteristic path taking the target node as the initial node.
The first stopping threshold value and the second stopping threshold value are critical values, and are preset according to actual conditions.
And S3, the network dividing module divides the industrial blockchain network into a plurality of blockchain sub-networks based on the time sequence feature matrix, marks each blockchain sub-network to obtain a network identifier of each blockchain sub-network, and then maps the network identifiers of the blockchain sub-networks and node identifiers of all network nodes in the blockchain sub-networks to generate blockchain distribution information.
The network identifier is used for uniquely identifying the blockchain subnetwork, and the node identifier is used for uniquely identifying the network node. The blockchain distribution information is used to characterize the distribution of each blockchain sub-network in the industrial blockchain network and the distribution of all network nodes in each blockchain sub-network.
S4, the user terminal obtains the equipment type identification of the target equipment based on the equipment basic information of the target equipment, identifies the corresponding blockchain sub-network of the target equipment in the industrial blockchain network based on the equipment type identification and the blockchain distribution information, and then takes the blockchain sub-network as a target blockchain sub-network.
The user terminal is intelligent equipment with a communication function and a data transmission function, which is used by equipment management personnel, and comprises: smart phones, tablet computers, notebook computers, and desktop computers.
The target device is a device undergoing authentication, and the device is a device having communication capability, network connection capability, or production capability in the industrial internet. The device type identifier is used to identify the type of device, which includes production devices, communication devices, data transmission devices, and the like.
S5, the user terminal generates a device verification request of the target device through the device state information and the device basic information of the target device, and sends the device verification request to the target blockchain sub-network.
The device authentication request is used for requesting the industrial blockchain network to carry out identity authentication on the target device, and the device authentication request comprises device state information and device basic information.
S6, the first network node in the target block chain sub-network receives the equipment verification request. A second network node in the target block chain sub-network generates a block header based on the device basic information of the target device and generates a block body based on the device state information of the target device; and the second network node in the target block chain sub-network generates a new block based on the block head and the block body, takes the new block as a target block, and then distributes the target block to the target block chain sub-network.
The industrial block chain network generates a block corresponding to the target equipment according to the equipment state information and the equipment basic information of the target equipment, and verifies the block corresponding to the target equipment so as to carry out identity authentication on the target equipment.
S7, verifying the target block by a third network node in the target block chain sub-network; adding the target block into the target block chain sub-network when the target block passes the verification; discarding the target block when the target block fails the verification.
The first network node is a network node for synchronizing all block header data in the industrial block chain network; the second network node is other network nodes except the first network node and the third network node in the industrial blockchain network; the third network node is a network node that synchronizes all block header data and block body data in the industrial blockchain network.
In the application, the user terminal generates the equipment verification request by generating the equipment basic information and the equipment state information of the target equipment and sends the equipment verification request to the target block chain sub-network so as to realize the real-time verification of whether the identity of the target equipment accords with the preset identity clause, thereby preventing the potential risk of bypassing an identity authentication mechanism and the like caused by unsafe network communication by forging an identity authentication result.
The foregoing embodiments are merely illustrative of the technical concept and features of the present application, and are intended to enable those skilled in the art to understand the present application and to implement the same according to the present application, not to limit the scope of the present application. All changes and modifications that come within the meaning and range of equivalency of the application are to be embraced within their scope.

Claims (9)

1. A device management system for the industrial internet, comprising: the device verification platform is respectively in communication connection with the user terminal and the device, and the user terminal is in communication connection with the device; the device verification platform comprises: the system comprises a graph construction module, a network division module, a feature extraction module and a database, wherein the modules are in communication connection;
the graph construction module traverses all network nodes in the industrial block chain network, takes the traversed network nodes as central nodes, and takes other network nodes except the central nodes in the industrial block chain network as radiation nodes of the central nodes;
the method comprises the steps that a diagram construction module obtains a communication area of a center node and a communication area of each radiation node of the center node, and a directed connection network of the center node is generated according to the communication area of the center node and the communication area of each radiation node of the center node;
repeating the steps until all network nodes in the finished industrial blockchain network are traversed so as to generate a directed connection network of all network nodes in the industrial blockchain network;
the graph construction module generates a directed acyclic graph of the industrial blockchain network based on the directed connection networks of all network nodes in the industrial blockchain network;
the method comprises the steps that a graph construction module obtains directed acyclic graphs of an industrial block chain network at each moment, performs graph sampling on all directed acyclic graphs of the industrial block chain network based on a preset time step to obtain a plurality of directed acyclic graph samples, and then arranges all the directed acyclic graph samples according to a time sequence to generate a time sequence graph sequence of the industrial block chain network;
the characteristic extraction module acquires the graph structure characteristics of each directed acyclic graph sample in the time sequence graph sequence of the industrial blockchain network, generates a graph structure characteristic matrix of each directed acyclic graph sample based on the graph structure characteristics of each directed acyclic graph sample, and then generates a time sequence characteristic matrix of the industrial blockchain network according to the graph structure characteristic matrices of all the directed acyclic graph samples;
the network dividing module divides the industrial blockchain network into a plurality of blockchain sub-networks based on the time sequence feature matrix, marks each blockchain sub-network to obtain a network identifier of each blockchain sub-network, and then maps the network identifiers of the blockchain sub-networks and node identifiers of all network nodes in the blockchain sub-networks to generate blockchain distribution information;
the user terminal obtains the equipment type identification of the target equipment based on the equipment basic information of the target equipment, identifies the corresponding block chain sub-network of the target equipment in the industrial block chain network based on the equipment type identification and the block chain distribution information, and then takes the block chain sub-network as a target block chain sub-network;
the user terminal generates a device verification request of the target device through the device state information and the device basic information of the target device, and sends the device verification request to the target block chain sub-network;
and the target blockchain sub-network performs identity verification on the target equipment according to the equipment verification request.
2. The system of claim 1, wherein the user terminal is a smart device having a communication function and a data transmission function for use by a device manager, comprising: smart phones, tablet computers, notebook computers, and desktop computers.
3. The system of claim 2, wherein the target device is an authentication-ongoing device; the equipment is equipment with production function, communication function or data transmission function in the industrial Internet.
4. A system according to any one of claims 1 to 3, wherein the target blockchain subnetwork authenticating the target device in response to the device authentication request comprises:
a first network node in a target blockchain sub-network receives the device verification request; the first network node is a network node for synchronizing all block header data in the industrial block chain network;
a second network node in the target block chain sub-network generates a block header based on the device basic information of the target device and generates a block body based on the device state information of the target device;
a second network node in the target block chain sub-network generates a new block based on the block header and the block body, takes the new block as a target block, and then issues the target block to the target block chain sub-network; the second network node is other network nodes except the first network node and the third network node in the industrial blockchain network;
verifying the target block by a third network node in the target block chain sub-network; the third network node is a network node for synchronizing all block header data and block body data in the industrial block chain network;
adding the target block into the target block chain sub-network when the target block passes the verification; discarding the target block when the target block fails the verification.
5. The system of claim 4, wherein the graph construction module generating the directed connection network of the center node from the communication area of the center node and the communication area of the radiating node of the center node comprises:
the graph construction module traverses all radiation nodes of the central node, takes the traversed radiation node as the central radiation node, and then respectively acquires a communication area of the central node and a communication area of the central radiation node;
the method comprises the steps that a diagram construction module obtains an overlapping area of a communication area of a central node and a communication area of a central radiation node, the ratio of the area of the overlapping area to the area of the communication area of the central node is used as a first connection value, and then the ratio of the area of the overlapping area to the area of the communication area of the central radiation node is used as a second connection value;
generating a directed connection from the central node to the central radiating node when the first connection value is greater than the first connection threshold and the second connection value is greater than the second connection threshold;
the graph construction module acquires a node feature vector of the central node and a node feature vector of the central radiation node, calculates the Euclidean distance between the node feature vector of the central node and the node feature vector of the central radiation node to obtain the node similarity of the central node and the central radiation node, and then determines the weight of the directed connection between the central node and the central radiation node based on the first connection value, the second connection value and the node similarity;
repeating the steps until all the radiation nodes of the center node are traversed, thereby generating a plurality of directional connections of the center node and weights of each directional connection of the center node, and generating a directional connection network of the center node according to the plurality of directional connections of the center node and the weights of each directional connection of the center node.
6. The system of one of claims 1 to 5, wherein the feature extraction module obtaining a graph structure feature matrix of the directed acyclic graph sample comprises:
the feature extraction module randomly selects one network node from all network nodes in the directed acyclic graph sample as a target node, and generates a feature path taking the target node as an initial node according to the target node and a radiation node which is in directed connection with the target node;
the feature extraction module counts the number of feature paths and compares the number of feature paths with a first stop threshold; and when the number of the characteristic paths is smaller than the first stop threshold value, repeating the steps until the number of the characteristic paths is larger than or equal to the first stop threshold value to generate a plurality of characteristic paths of the directed acyclic graph sample.
7. The system of claim 6, wherein the feature extraction module obtaining a graph structure feature matrix of directed acyclic graph samples comprises:
the feature extraction module traverses all feature paths of the directed acyclic graph sample, takes the traversed feature paths as target feature paths, and then acquires all associated node pairs in the target feature paths;
the feature extraction module extracts node distribution features of all associated node pairs of the target feature path, and maps the node distribution features of all associated node pairs to a low-dimensional vector space to obtain node distribution feature vectors of each associated node pair;
the feature extraction module performs feature fusion on node distribution feature vectors of all associated node pairs of the target feature path to obtain a path feature vector of the target feature path;
and repeating the steps until all the characteristic paths of the directed acyclic graph sample are traversed to obtain the path characteristic vector of each characteristic path of the directed acyclic graph sample, and generating a graph structure characteristic matrix of the directed acyclic graph sample according to the path characteristic vectors of all the characteristic paths of the directed acyclic graph sample.
8. The system of claim 7, wherein the feature extraction module obtaining all associated node pairs in the target feature path comprises:
the feature extraction module randomly selects a network node from a target feature path as a target node, then sets a sliding window, acquires a context node of the target node based on the sliding window, and maps the target node and the context node of the target node to generate an associated node pair of the target node;
repeating the steps to obtain the associated node pair of each network node in the target characteristic path.
9. The system of claim 8, wherein the feature extraction module generating a feature path with the target node as an initial node from the target node and a radiating node having a directed connection with the target node comprises:
the feature extraction module takes the target node as a target first-stage node, and takes a radiation node which is in directional connection with the target first-stage node as a candidate node of the target first-stage node based on a directional connection network of the target first-stage node;
the feature extraction module obtains the weight value of directed connection between the target first-stage node and each candidate node of the target first-stage node, takes the candidate node with the largest weight value in all candidate nodes of the target first-stage node as a target second-stage node, and then connects the target first-stage node with the target second-stage node;
the feature extraction module takes the radiation node with directional connection with the target second-level node as a candidate node of the target second-level node based on the directional connection network of the target second-level node, and counts the number of the candidate nodes of the target second-level node;
the feature extraction module takes the ratio of the number of candidate nodes of the target second-level node to the total number of network nodes in the directed acyclic graph sample as the node complexity of the target second node, and then compares the node complexity of the target second node with a second stop threshold;
when the node complexity of the target second node is larger than the stop threshold, the feature extraction module acquires the weight of each candidate node of the target second level node and each candidate node of the target second level node, and takes the candidate node with the largest weight in all candidate nodes of the target second level node as a target third level node;
repeating the steps until the node complexity is less than or equal to the second stopping threshold value to obtain the characteristic path taking the target node as the initial node.
CN202111164257.7A 2021-09-30 2021-09-30 Equipment management system for industrial Internet Active CN113872816B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111164257.7A CN113872816B (en) 2021-09-30 2021-09-30 Equipment management system for industrial Internet

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111164257.7A CN113872816B (en) 2021-09-30 2021-09-30 Equipment management system for industrial Internet

Publications (2)

Publication Number Publication Date
CN113872816A CN113872816A (en) 2021-12-31
CN113872816B true CN113872816B (en) 2023-08-25

Family

ID=79001323

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111164257.7A Active CN113872816B (en) 2021-09-30 2021-09-30 Equipment management system for industrial Internet

Country Status (1)

Country Link
CN (1) CN113872816B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114520810B (en) * 2022-01-27 2024-06-14 浪潮工业互联网股份有限公司 Block data transmission method, equipment and medium based on block chain
CN115328744B (en) * 2022-10-14 2022-12-30 中国信息通信研究院 Block chain-based equipment monitoring method, device, equipment and medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109302491A (en) * 2018-11-13 2019-02-01 爱普(福建)科技有限公司 A kind of industry internet framework and its operation method based on block chain
CN112417037A (en) * 2020-11-05 2021-02-26 杭州云象网络技术有限公司 Block chain construction method for distributed identity authentication in industrial field
CN112597544A (en) * 2020-12-24 2021-04-02 北京工业大学 Block chain-based industrial internet data security management system and method
CN113014577A (en) * 2021-02-24 2021-06-22 中国科学院数学与***科学研究院 Mixed block chain system and trusted block identification method thereof

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10873625B2 (en) * 2018-02-26 2020-12-22 International Business Machines Corpora ! Ion Service management for the infrastructure of blockchain networks

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109302491A (en) * 2018-11-13 2019-02-01 爱普(福建)科技有限公司 A kind of industry internet framework and its operation method based on block chain
CN112417037A (en) * 2020-11-05 2021-02-26 杭州云象网络技术有限公司 Block chain construction method for distributed identity authentication in industrial field
CN112597544A (en) * 2020-12-24 2021-04-02 北京工业大学 Block chain-based industrial internet data security management system and method
CN113014577A (en) * 2021-02-24 2021-06-22 中国科学院数学与***科学研究院 Mixed block chain system and trusted block identification method thereof

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
When Internet of Things Meets Blockchain: Challenges in Distributed Consensus;Bin Cao等;《IEEE》;全文 *

Also Published As

Publication number Publication date
CN113872816A (en) 2021-12-31

Similar Documents

Publication Publication Date Title
CN109104413B (en) Method for solving intersection of private data for secure multi-party computation and verification method
CN113872816B (en) Equipment management system for industrial Internet
CN110138560B (en) Double-proxy cross-domain authentication method based on identification password and alliance chain
Khan et al. [Retracted] An Efficient Certificate‐Based Aggregate Signature Scheme for Internet of Drones
CN117097489B (en) Lightweight double-factor agriculture Internet of things equipment continuous authentication method and system
CN112199412B (en) Payment bill processing method based on block chain and block chain bill processing system
CN113378148A (en) Internet of things equipment identity authentication system and method based on block chain
Zhang et al. Towards verifiable federated learning
CN114205816B (en) Electric power mobile internet of things information security architecture and application method thereof
CN109829271A (en) Method for authenticating and Related product
Fang et al. Zero‐Trust‐Based Protection Scheme for Users in Internet of Vehicles
CN114866248A (en) Distributed credible identity authentication method and system in edge computing environment
Khan et al. Features-based IoT security authentication framework using statistical aggregation, entropy, and MOORA approaches
HanataniI et al. A study on computational formal verification for practical cryptographic protocol: the case of synchronous RFID authentication
CN104700137B (en) A kind of information processing method based on Internet of Things
CN114900294A (en) Credibility measurement and remote certification method and system for sensing layer of Internet of things
CN110266708B (en) Terminal security verification system and method based on equipment cluster
CN114172742A (en) Layered authentication method for power internet of things terminal equipment based on node map and edge authentication
Wei et al. An authentication and key agreement mechanism for OPC Unified Architecture in industrial Internet of Things
Kim et al. A machine learning approach to peer connectivity estimation for reliable blockchain networking
CN113836518A (en) Equipment identity management method based on block chain and industrial internet
Wu et al. Multi-client verifiable computation service for outsourced data
Cong et al. Trusted connection architecture of Internet of Things oriented to perception layer
CN104717244B (en) A kind of various dimensions credit management method based on distributed computing
CN111526012B (en) AMI system intelligent terminal key management method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20230801

Address after: No. 135, No. 1 Courtyard C, Beiwu Road, Beishicao Town, Shunyi District, Beijing, 101399

Applicant after: Beijing Block Express Technology Co.,Ltd.

Address before: Electronic Information Industry Building, No. 159, East 1st Section of 1st Ring Road, Chenghua District, Chengdu City, Sichuan Province, 610000

Applicant before: Zhao Jing

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant