Patent Application
20230410125
The present disclosure claims the priority of the Chinese patent application filed on Jan. 16, 2021 before the China National Intellectual Property Administration with the application number of 202110058583.3 and the title of “BLOCKCHAIN-BASED TRANSPARENT SUPPLY CHAIN AUTHENTICATION METHOD AND APPARATUS, AND DEVICE AND MEDIUM”, the content of which is incorporated herein in its entirety by reference.
The present disclosure relates to the field of server technology, and in particular, to a method for authenticating a transparent supply chain based on a blockchain, and an apparatus, a device and a medium thereof.
Concerns have grown in recent years that counterfeit electronic parts could cause failure of business-critical applications. For example, in 2011, the US Congress passed new legislation requiring procurement to be governed by Cost Accounting Standards (CAS) to “detect and avoid counterfeit electronic parts”. Further for example, in 2015, the Department of Defense Federal Acquisition Regulation Supplement (DFARS) expanded these requirements. In order to facilitate monitoring traceability of the procurement of individual parts, to enable end users to trace original part manufacturers of these parts, a transparent supply chain (TSC for short) has been proposed.
According to a first aspect of the present disclosure, a method for authenticating a transparent supply chain based on a blockchain is provided, and the method includes:
In an embodiment, the method further includes:
In an embodiment, the querying in the blockchain storage system by using the feature value of the blockchain to obtain the target transparent-supply-chain certificate and the target original asset information and comparing the current asset information with the target original asset information, includes:
In an embodiment, the method further includes:
In an embodiment, the method further includes:
In an embodiment, the preset nonvolatile storage space is an EEPROM electronic tag in a field replaceable unit (FRU) provided in the server.
In an embodiment, the current asset information includes model categories and SN numbers of every part in the server.
According to a second aspect of the present disclosure, an apparatus for authenticating a transparent supply chain based on a blockchain is provided, and the device includes:
According to a third aspect of the present disclosure, a computer device is further provided, and the computer device includes:
According to a fourth aspect of the present disclosure, a computer-readable storage medium storing a computer program is further provided, wherein, when a processor executes the computer program, the processor implements the aforementioned method for authenticating the transparent supply chain based on the blockchain.
In addition, the present disclosure further provides the apparatus for authenticating the transparent supply chain based on the blockchain, the computer device, and the computer-readable storage medium, which may realize the above technical effects as well, and will not be repeated here.
In order to more clearly illustrate technical solutions of the embodiments of the disclosure and prior art, following will briefly introduce drawings needed to be used in illustrating the embodiments of the disclosure and the prior art. Apparently, the drawings in the following description are merely some embodiments of the present disclosure, and for those ordinary skilled in the field, they may further obtain other embodiments according to the provided drawings without paying creative labor.
In order to make purposes, technical solutions and advantages of the present disclosure clearer, the following will further describe the embodiments of the present disclosure in detail in combination with the concrete embodiments and with reference to the accompanying drawings.
It should be noted that every expression using “first” and “second” in the embodiments of the present disclosure are for a purpose of distinguishing two different entities or parameters with the same name. It may be seen that the “first” and “second” are merely for convenience of expression and should not be construed as a limitation on the embodiments of the present disclosure, which will not illustrated one by one in the subsequent embodiments.
The existing authentication method for the transparent supply chain has following defects: first, whether original information of the transparent supply chain is stored in a central server or a local server, there is a risk of being lost or tampered with; second, except the SN of the mainboard and the TPM, there is a lack of inspection on whether assets of other parts in equipment comply with data of the supply chain; third, a transmission of the transparent-supply-chain certificate is a manual transmission, so there is a risk of error.
In view of the above, it is necessary to provide a method for authenticating a transparent supply chain based on a blockchain, and an apparatus, a device and a medium thereof, having higher security and being capable of automatic authentication, for the above technical problems.
In an embodiment, referring to that shown in
S100, storing a transparent-supply-chain certificate and original asset information, assigned to a server at an ex-factory time of the server, in a blockchain storage system, to obtain a feature value of the blockchain, and storing the feature value of the blockchain in a preset nonvolatile storage space of the server.
Among them, a manner of the blockchain storage system has characteristics of decentralization, traceability, and non-tamperability, which ensures that information of the supply chain will not be lost or tampered with. The feature value of the blockchain may be assigned to a server at an ex-factory time of the server.
S200, in response to that the server is started, reading current asset information of the server, and reading the feature value of the blockchain in the preset nonvolatile storage space of the server.
S300, querying in the blockchain storage system by using the feature value of the blockchain, to obtain a target transparent-supply-chain certificate and target original asset information, and comparing the current asset information with the target original asset information.
S400, in response to that the current asset information is consistent with the target original asset information, assigning the target transparent-supply-chain certificate to the server, to make the server obtain a work authority based on the target transparent-supply-chain certificate.
The above-mentioned method for authenticating the transparent supply chain based on the blockchain obtains the feature value of the blockchain by storing the transparent-supply-chain certificate and the original asset information, assigned to the server at an ex-factory time of the server, in the blockchain storage system, and stores the feature value of the blockchain in the preset nonvolatile storage space of the server. The method reads the current asset information and the feature value of the blockchain of the server in response to that the server is started. The method queries in the blockchain storage system by using the feature value of the blockchain to obtain the target transparent-supply-chain certificate and the target original asset information. In response to that the current asset information is consistent with the target original asset information, the method assigns the target transparent-supply-chain certificate to the server, so that the server may obtain the work authority based on the target transparent-supply-chain certificate. The information of the supply chain is saved in a manner the blockchain, to ensure that the information of the supply chain will not be lost or tampered with, which realizes automation and credibility of authentication for the transparent supply chain for the server.
In another embodiment, referring to that shown in
S510A, obtaining maintenance record data of the server, and determining the asset-information-change record according to the maintenance record data.
S520A, storing the asset-information-change record in the blockchain storage system.
In another embodiment, referring to that shown in
S310, determining a target block based on the feature value of the blockchain.
S320, in response to that no asset-information-change record is presented in the target block, using the original asset information stored in the target block as the target asset information.
S330, in response to that the asset-information-change record is presented in the target block, determining the target asset information according to the original asset information stored in the target block and the asset-information-change record.
S340, using the transparent-supply-chain certificate stored in the target block as the target transparent-supply-chain certificate.
The above-mentioned method for authenticating the transparent supply chain based on the blockchain, may use the feature value of the blockchain of the server to synchronously obtain equipment asset information, the transparent-supply-chain certificate, process information of the supply chain and the asset-information-change record, by inputting the change record into the blockchain storage system and interrelating the change record with the feature value of the blockchain of the server in response to that the asset information of the parts of the server is changed due to the maintenance or expansion of the server. The control center uses the asset information of the server to compare it with the equipment asset information in the blockchain storage system and the asset-information-change record, to realize a function for inspecting asset.
In an embodiment, the method further includes:
S510B, in response to that the current asset information is inconsistent with the target original asset information, obtaining the maintenance record data of the server, and determining the asset-information-change record according to the maintenance record data.
S520B, determining whether the current asset information inconsistent with the target original asset information is consistent with the asset-information-change record.
S530B, in response to that the current asset information inconsistent with the target original asset information is consistent with the asset-information-change record, sending the target transparent-supply-chain certificate to the server, to make the server obtain the work authority based on the target transparent-supply-chain certificate.
It should be noted that, unlike the previous embodiments, in this embodiment, in response to that the asset information of the parts of the server changes due to the maintenance or expansion of the server, the change record is input into a maintenance-change-record database. In response to that the equipment asset information in the blockchain storage system, the transparent-supply-chain certificate, and the process information of the supply chain are obtained, the asset-information-change record is obtained from maintenance-change-record database as well. The method may use the control center to use the asset information of the server to compare it with the equipment asset information in the blockchain storage system, and the asset-information-change record in the maintenance-change-record database, to realize the function for inspecting the asset.
In another embodiment, the method further includes:
S610, storing a local certificate in a trusted platform module (TPM) of the server in advance, and comparing the target transparent-supply-chain certificate with the local certificate stored in the trusted platform module of the server.
S620, in response to that the target transparent-supply-chain certificate is the same as the local certificate, allowing the server to use the target transparent-supply-chain certificate to obtain the work authority.
S630, in response to that the target transparent-supply-chain certificate is not the same as the local certificate, preventing the server from using the target transparent-supply-chain certificate to obtain the work authority.
In an embodiment, the preset nonvolatile storage space is an EEPROM (Electrically Erasable Programmable Read-Only Memory) electronic tag in a field replaceable unit (FRU) provided in the server.
In an embodiment, the current asset information includes model categories and SN numbers of every part in the server.
For example, the server has a nonvolatile storage space for storing the feature value of the blockchain of the server, the model category and an SN asset number, of a mainboard, and the model categories and SN asset numbers, of respective sub-parts. The nonvolatile storage space may be implemented by the EEPROM electronic tag in the field replaceable unit (FRU), or by other means, which supports being accessed and read through an I2C (Inter-Integrated Circuit) channel of a BMC (Baseboard Management Controller) of the server, or through other means.
In another embodiment, in order to facilitate understanding of the technical solutions of the present disclosure, the following will be described by taking the control center as a main body of execution. For details, referring to that shown in
Step 1: in response to that the server is produced, entering the information of the supply chain, the equipment asset information of the respective parts, and the transparent-supply-chain certificate, of the server, into a system; and uploading the information of the supply chain, the equipment asset information of the respective parts, and the transparent-supply-chain certificate, of the server, to the blockchain storage system, to obtain a unique feature value of the blockchain corresponding to the server, wherein information related to the server may be retrieved in the blockchain storage system according to the feature value.
Step 2, in response to that the server is produced, assigning the feature value of the blockchain together with the server, and storing the feature value of the blockchain in the nonvolatile storage space of the server.
Step 3: in response to that the server is started, automatically reading, by the server, the feature value of the blockchain and the SN asset information (including the category and number) of the mainboard in the nonvolatile storage space of the mainboard of the equipment (the server), and reading, by the server, the SN asset information (including the categories and numbers) of the respective sub-parts in the nonvolatile storage spaces of the respective sub-parts.
Step 4, automatically initiating, by the server, an authentication application for the transparent supply chain to the control center, and sending, by the server, the feature value of the blockchain of the transparent supply chain, and the SN asset information of the mainboard and the respective parts of the server.
Step 5, accessing, by the control center, the blockchain storage system through the feature value of the blockchain, and automatically obtaining, by the control center, the equipment asset information, the transparent-supply-chain certificate, and the process information of the supply chain in the blockchain storage system.
Step 6: in response to that the control center automatically compares the equipment asset information in the blockchain storage system with the equipment asset information uploaded by the server, and determines that the equipment asset information in the blockchain is consistent with the equipment asset information uploaded by the serve, sending, by the control center, the transparent-supply-chain certificate to the server.
Step 7, obtaining, by the server, the transparent-supply-chain certificate, to have the corresponding work authority.
Step 8: maintaining, by the control center, a maintenance-record-change table, to record changes of the asset information of the sub-parts of the server due to the maintenance or expansion of the server, wherein, in response to that the control center compares consistency of the asset information, a change process of the asset information of the parts in the maintenance-record-change table needs to be considered.
Step 9: in a condition that a local certificate corresponding to the transparent-supply-chain certificate is saved in a TPM module of the server, in response to that the local certificate of the server is verified to be matched with the transparent-supply-chain certificate, making the server to have the corresponding work authority.
In the above-mentioned method for authenticating the transparent supply chain based on the blockchain, information of the transparent supply chain is saved in a form of the blockchain, and the feature value of the blockchain is assigned together with the server, which ensures that the information of the supply chain will not be lost or tampered with. Every asset is verified to realize that there is no omission of supply information of the server. After the server is powered on, the feature value of the blockchain and key asset information are automatically uploaded, and the control center automatically obtains information of the blockchain, checks compliance of the asset, and assigns a certificate to the server, to realize automation and credibility of authentication of the transparent supply chain of the server.
In another embodiment, the present disclosure further provides an apparatus for authenticating a transparent supply chain based on a blockchain, and the apparatus includes:
A storage module, configured to store a transparent-supply-chain certificate and original asset information, assigned to a server at an ex-factory time of the server, in a blockchain storage system, to obtain a feature value of the blockchain, and store the feature value of the blockchain in a preset nonvolatile storage space of the server.
A reading module, configured to, in response to that the server is started, read current asset information of the server, and read the feature value of the blockchain in the preset nonvolatile storage space of the server.
A query module, configured to query in the blockchain storage system by using the feature value of the blockchain, to obtain a target transparent-supply-chain certificate and target original asset information, and compare the current asset information with the target original asset information.
A certificate-assigning module, configured to, in response to that the current asset information is consistent with the target original asset information, assign the target transparent-supply-chain certificate to the server, to make the server obtain a work authority based on the target transparent-supply-chain certificate.
It should be noted that, for concrete definitions of the apparatus for authenticating the transparent supply chain based on the blockchain, please refer to the above definitions of the method for authenticating the transparent supply chain based on the blockchain, which will not be repeated here. The respective modules in the above-mentioned apparatus for authenticating the transparent supply chain based on the blockchain may be implemented in whole or in part by software, hardware and combinations thereof. The above respective modules may be embedded in or separate of a processor in a computer device in a form of hardware, or stored in a storage in the computer device in a form of software, such that the processor may invoke them and execute operations corresponding to the above modules.
According to another aspect of the present disclosure, a computer device is provided, and the computer device may be a server. A schematic diagram of an internal structure of the computer device may be referred to
Those of ordinary skill in the art may understand that a whole or a part of processes in the methods of the above embodiments may be implemented by instructing relevant hardware through the computer program. The computer program may be stored in a nonvolatile computer-readable storage medium, and in response to the computer program is executed by a processer, the processor implements the processes of the respective embodiments of the above-mentioned method. Among them, any reference to the memory, the storage, the database or other medium used in the respective embodiments provided in the disclosure may include a nonvolatile and/or volatile storage. The nonvolatile storage may include read-only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory. The volatile memory may include random access memory (RAM) or external cache memory. By way of illustration and not limitation, the RAM is available in various forms, for example, static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous chain Road (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), memory bus dynamic RAM (RDRAM), and so on.
Respective technical features of the above embodiments may be combined arbitrarily. For sake of brevity, the above embodiments do not describe every possible combination of the respective technical features. However, as long as there is no contradiction in the combination of these technical features, the combination shall be considered to be a range described in the specification.
The above-mentioned embodiments merely represent several embodiments of the present disclosure, and descriptions thereof are relatively concrete and detailed, but should not be construed as a limitation on the scope of the patent application. It should be noted that, for those skilled in the art, without departing from concept of the present disclosure, several modifications and improvements may be made, every one of which belong to a protection scope of the present disclosure. Therefore, the protection scope of the patent of the present disclosure shall be subject to the appended claims.
| Number | Date | Country | Kind |
|---|---|---|---|
| 202110058583.3 | Jan 2021 | CN | national |
| Filing Document | Filing Date | Country | Kind |
|---|---|---|---|
| PCT/CN2021/143255 | 12/30/2021 | WO |
