| CPC H04L 9/3297 (2013.01) [H04L 9/50 (2022.05)] | 13 Claims |
|
1. A method for blockchain-based access control of Software Defined Perimeter (SDP), comprising:
transmitting, by an SDP connection accepting host, to-be-verified information to a blockchain system node, the to-be-verified information comprising host information and a supported connection policy of the SDP connection accepting host, so that the to-be-verified information will be verified by the blockchain system node, and be recorded into a blockchain ledger after the verification is successful, wherein the host information of the SDP connection accepting host comprises at least one of: an Internet Protocol (IP) address, a port, or protocol information; and the supported connection policy comprises at least one of: a login identity (ID), an IP address and a geographic location of an access user, or a blockchain node verification or endorsement policy;
receiving, by the SDP connection accepting host, a connection request transmitted by an SDP connection initiating host, the connection request comprising signature information made by the blockchain system node for the SDP connection accepting host in a list of SDP connection accepting hosts, wherein the signature information made by the blockchain system node for the SDP connection accepting host in the list of SDP connection accepting hosts comprises signatures made by one or more blockchain system nodes determined according to the blockchain node verification or endorsement policy; and
verifying, by the SDP connection accepting host, the signature information according to the supported connection policy when the SDP connection accepting host is in the list of SDP connection accepting hosts, and transmitting, by the SDP connection accepting host, a request response to the SDP connection initiating host after the verification is successful.
|