YD/T 4566-2023
Overall technical requirements for blockchain-based IoT device identification and authentication systems (English Version)
- Standard No.
- YD/T 4566-2023
- Language
- Chinese, Available in English version
- Release Date
- 2023
- Published By
- Professional Standard - Post and Telecommunication CN / YD
- Latest
- YD/T 4566-2023
- Introduction
Analysis of Standard Technical Framework
This document establishes the technical system of the IoT device identification and authentication system (BIAS) based on blockchain. Its core architecture consists of the identity resolution agent (IDR agent), the identity object storage agent (IOS agent) and three groups of functional components:
Functional modules Core capabilities Technical features IR-FC Identity lifecycle management Support for cross-solution identity exchange AM-FC Authentication policy execution Multi-solution authentication module compatibility PM-FC Storage policy control Support distributed/cloud hybrid storage
Key technical requirements
1. Identity management system
The system supports the composite identity structure of primary identity + alias. The identity object is encapsulated in JSON format, including:
- Public Key Infrastructure (PKI) information
- Authentication system digital signature
- Storage location metadata
2. Storage architecture design
Adopt the identity-object separation storage mode:
Storage location Data type Security requirements Blockchain system Identification package Tamper-proof storage Cloud storage Identification object Customer-defined encryption
Key points for security implementation
Commercial cryptographic algorithm support
The standard explicitly requires support for the SM2/SM3/SM4 series of cryptographic algorithms to achieve security protection in the following links:
- Identification object transmission encryption
- Digital signature generation and verification
- Decentralized storage data protection
Privacy protection mechanism
Through the identification and naming mechanism:
- The main identity is isolated from the business system
- Alias can be revoked dynamically
- Support hierarchical access control
Typical application scenarios
Cross-operator device authentication
For example, in the Intelligent Transportation System (ITS), vehicle equipment is implemented through BIAS:
Business process Traditional solution BIAS solution Cross-domain authentication Centralized PKI interaction required End-to-end direct verification Identity update Full-link synchronization Blockchain single-point write
Analysis of Standard Evolution
Compared with traditional identification solutions, BIAS is innovative in the following aspects:
- Decentralized trust: Ensure that identification cannot be tampered with through blockchain
- Hybrid storage architecture: Balance performance and security requirements
- Multi-solution compatibility: Support interoperability of different identification systems such as DID
This standard forms technical synergy with YD/T 3905-2021 to jointly build a decentralized IoT infrastructure.
YD/T 4566-2023 Referenced Document
- GB/T 25069 Information security techniques—Terminology
- YD/T 3905-2021 Decentralized IoT business platform framework based on blockchain technology
YD/T 4566-2023 history
- 2023 YD/T 4566-2023 Overall technical requirements for blockchain-based IoT device identification and authentication systems
