用户注册和登录Hyperledger架构 [英] User registration & login in Hyperledger fabric
问题描述
我正在一个需要用户注册和用户登录功能的项目中.我需要一些建议.什么是完成这项任务的更好方法?
I am working on a project where I need the functionality of user registration and user login. I need some suggestion. What would be the better way of achieving this task?
A.)旧学校的电子邮件&密码或
B.)通过使用public&私钥?
我从选项B中了解到,我们需要从Fabric-SDK的CA注册一个用户.完成用户注册后,我们可以生成唯一的password-phrase,就像Meta-Mask中一样.我们可以将该用户信息及其username(结构中的默认用户名是user1,user2)与password-phrase一起存储.在用户登录期间,它将询问用户的私钥或生成的唯一密码短语为它的帐户.证书将存储在hfc-keystore(Hyperledger架构中使用的默认目录)中.每当该用户(例如用户akshay.sood)执行交易时,我们都会将该用户的上下文设置为fabric-client(如果在这种情况下我错了,请更正).
What I understand from option B is that we need to enroll a user from CA from Fabric-SDK. Once enrolment of user is done, we can generate a unique password-phrase like the same is happening in Meta-Mask. We can store that user info along with its username (the default username in fabric is user1, user2) with password-phrase.During user login, it will ask for user's private key or the unique password-phrase generated for its account. The certificates will be stored in hfc-keystore (the default dir used in Hyperledger fabric). Whenever a transaction is executed by that user say user akshay.sood, we will set the context of that user to fabric-client (Please correct if I am wrong in this case).
在这里,我的问题/查询是:
Here, My questions/queries are:
1.)您更喜欢什么(电子邮件/密码或私钥/公钥,为什么?).
2.)如果您喜欢第二种机制,那么您将如何保护存储在hfc-keystore目录中的用户密钥和证书.我的意思是它可能会被黑客入侵或数据可能被黑客窃取.
3.)如果从hfc-dir错误删除了用户私钥/公钥和证书,该如何恢复.
4.)您是否愿意使用password-phrase?如果没有,您更喜欢什么?
1.) What do you prefer (email/password or private/public keys and why?).
2.) If you prefer 2nd mechanism then how will you protect user keys and certificates stored inhfc-keystoredir. I mean it can be hacked or data can be stolen by hacker.
3.) How to recover user private/public key and certificate if it is deleted mistakenly fromhfc-dir.
4.) Would you prefer usingpassword-phrase? if no, what do you prefer?
欢迎进行编辑.
如果您有任何建议/改进,请告诉我
Edits are welcome.
Please let me know if you have any suggestion/improvements
推荐答案
您的问题是您偏好,方便&的选择.业务需求.您可以将一种或两种方法结合使用.要求用户保留或管理他的私钥需要一个被管理的钱包.但是,恕我直言,如果您担心私钥的泄漏或丢失,则需要专门为此目的设计的硬件安全模块.
Your question is a choice of your preference, convenience & business needs. You can use either or both approaches in combination. Asking the user to keep or manage his private keys calls for a managed wallet. However, IMHO, if you are concerned about leakage or loss of private keys then you would need a Hardware Security Module that is specifically designed for this purpose.
P.S.面料和为了简单起见,其示例将密钥存储在hfc文件夹中,尽管在实际情况下不建议这样做.
P.S. Fabric & its examples store the keys in hfc folder for simplicity, although not recommended in real cases.
这篇关于用户注册和登录Hyperledger架构的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
