SECURE COMMUNICATIONS IN A BLOCKCHAIN NETWORK
First Claim
1. A computer-implemented method for improving security of a blockchain network, comprising:
- obtaining, by a first node of the blockchain network, a first certificate authority (CA) trust list comprising a plurality of CA identifiers;
receiving, by the first node from a second node of the blockchain network, a communication request comprising a public key certificate of the second node;
determining a first CA identifier from the received public key certificate;
determining whether the first CA identifier matches one of the plurality of CA identifiers of the first CA trust list;
in response to determining that the first CA identifier matches one of the plurality of CA identifiers of the first CA trust list, approving, by the first node, the communication request; and
in response to determining that the first CA identifier does not match one of the plurality of CA identifiers of the first CA trust list, denying, by the first node, the communication request.
3 Assignments
0 Petitions
Accused Products
Abstract
A first certificate authority (CA) trust list comprising a plurality of CA identifiers is obtained by a first node of a blockchain network. A communication request comprising a public key certificate of the second node is received by the first node from a second node of the blockchain network. A first CA identifier is determined from the received public key certificate. A determination is made as to whether the first CA identifier matches one of the plurality of CA identifiers of the first CA trust list. In response to determining that the first CA identifier matches one of the plurality of CA identifiers of the first CA trust list, the communication request is approved by the first node. In response to determining that the first CA identifier does not match one of the plurality of CA identifiers of the first CA trust list, the communication request is denied.
5 Citations
20 Claims
-
1. A computer-implemented method for improving security of a blockchain network, comprising:
-
obtaining, by a first node of the blockchain network, a first certificate authority (CA) trust list comprising a plurality of CA identifiers; receiving, by the first node from a second node of the blockchain network, a communication request comprising a public key certificate of the second node; determining a first CA identifier from the received public key certificate; determining whether the first CA identifier matches one of the plurality of CA identifiers of the first CA trust list; in response to determining that the first CA identifier matches one of the plurality of CA identifiers of the first CA trust list, approving, by the first node, the communication request; and in response to determining that the first CA identifier does not match one of the plurality of CA identifiers of the first CA trust list, denying, by the first node, the communication request. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory, computer-readable medium storing one or more instructions executable by a computer system to perform operations comprising:
-
obtaining, by a first node of a blockchain network, a first certificate authority (CA) trust list comprising a plurality of CA identifiers; receiving, by the first node from a second node of the blockchain network, a communication request comprising a public key certificate of the second node; determining a first CA identifier from the received public key certificate; determining whether the first CA identifier matches one of the plurality of CA identifiers of the first CA trust list; in response to determining that the first CA identifier matches one of the plurality of CA identifiers of the first CA trust list, approving, by the first node, the communication request; and in response to determining that the first CA identifier does not match one of the plurality of CA identifiers of the first CA trust list, denying, by the first node, the communication request. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-implemented system, comprising:
-
one or more computers; and one or more computer memory devices interoperably coupled with the one or more computers and having tangible, non-transitory, machine-readable media storing one or more instructions that, when executed by the one or more computers, perform one or more operations comprising; obtaining, by a first node of a blockchain network, a first certificate authority (CA) trust list comprising a plurality of CA identifiers; receiving, by the first node from a second node of the blockchain network, a communication request comprising a public key certificate of the second node; determining a first CA identifier from the received public key certificate; determining whether the first CA identifier matches one of the plurality of CA identifiers of the first CA trust list; in response to determining that the first CA identifier matches one of the plurality of CA identifiers of the first CA trust list, approving, by the first node, the communication request; and in response to determining that the first CA identifier does not match one of the plurality of CA identifiers of the first CA trust list, denying, by the first node, the communication request. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification