问题描述

我有一个要求，任何数量的客户都可以登录一个公司网站，他们将上载一些用于身份证明的文件，并且公司可以通过打开文件来验证文件并接受文件是否还可以，否则拒绝文件是假的.当用户再次登录该站点时，他必须查看上载的文档是否被公司批准/拒绝.

I have a requirement that, any number of customers can log into one company site and they will upload some documents for identity proofs, And the company can verify the documents by opening and accepts if documents are fine otherwise reject of documents are fake.When the user login again into the site, he has to see whether the uploaded docs are approved/rejected by company.

我们如何在Hyperledger Fabric 1.0和即使我们使用分布式分类帐，如何限制其他用户的用户详细信息?

How do we achieve this requirement in hyperledger fabric 1.0 andHow the user details are restricted from other users even though we are using distributed ledger?

有人可以建议我解决这个问题的方法吗?

Can anyone suggest me the solutions for this?

推荐答案

我想一种方法是，公司拥有一个链码，该链码可以访问(硬编码或通过其他方式)其相应私钥的公钥.用户使用的频道不可用.

I guess one approach would be that the company has a chaincode that has access to (either hardcoded or by some other means) a public key that its corresponding private key is unavailable to the channel in which the users are using.

用户提交交易:

• 其文档

• Its document

由用户生成并通过瞬态映射传递的AES密钥.

An AES key - generated by the user and passed via the transient map.

链码，然后:

• 使用AES密钥加密文档

• Encrypts the document with the AES key

• 将加密的(使用AES)文档存储在链码中

• Stores the encrypted (with AES) document in the chaincode

存储加密的AES密钥(带有公司的公共密钥)

Stores the encrypted AES key (with the company's public key)

现在，公司拥有私钥-因此它可以解密每个用户的公钥，然后解密文档.

Now, the company has the private key - so it can decrypt the public key of each user and then decrypt the document.

这是一个高级解决方案.如果您对详细信息有疑问，请随时在评论中添加问题，或在chat.hyperledger.org中对我进行ping操作(名称与此处的用户名相同)

That's a high level solution. If you have questions on the details feel free to add a question in a comment, or ping me in chat.hyperledger.org (name is same as username here)

这篇关于Hyperledger Fabric 1.0中的用户级别限制的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！