KR102037848B1 - Digital electronic device operation method based on dual block chain comprising virtual blockchain - Google Patents

Abstract

According to the present invention, an operating method of digital electronic devices based on a dual blockchain having a virtual blockchain comprises the steps of: allowing a query controller to receive a transaction request and a communication device token from a blockchain network; allowing a token validator to validate the communication device token based on information available in general blockchain or virtual blockchain; determining whether the communication device token is successfully validated; when the communication device token is successfully validated, allowing a processor to output an operation control signal for controlling operations of digital electronic devices; allowing a transaction based on successful validation of the communication device token; allowing a token generator to generate an updated communication device token; and when the communication device token fails to be validated, allowing a virtual node generator to replicate and add a virtual node in a redundancy area within the digital electronic device according to replication commands of the processor. Accordingly, the present invention provides a very high security in communications and from hacking.

Description

TECHNICAL APPLICATION OF DUAL BLOCKCHAIN-BASED DIGITAL ELECTRONICS WITH VIRTUAL BLOCKCHAIN {DIGITAL ELECTRONIC DEVICE OPERATION METHOD BASED ON DUAL BLOCK CHAIN COMPRISING VIRTUAL BLOCKCHAIN}

The present invention relates to a method of operating a dual blockchain-based digital electronic device having a virtual blockchain, and more particularly, to a distributed blockchain based on a plurality of digital electronic devices connected through a network such as a general Internet. Encryption and tampering prevention system can fundamentally solve communication security and hacking problems. In addition, by connecting with the virtual blockchain built in each digital electronic device to be authenticated multiplely, it is possible to implement an efficient and more secure system that provides quick and secure service even in the case of network disconnection such as the general Internet. The present invention relates to a dual blockchain-based digital electronic device operating method having a virtual blockchain.

In general, a door lock device, which is one of digital electronic devices, will be described as an example. As a non-contact door lock device among door lock devices, door lock devices to which new functions are applied due to the popularization of smart phones have been developed.

The door lock device using the smartphone is configured to operate the door opening and closing device of the door lock device using near field communication or commercial wireless communication.

The control method of the door lock control system disclosed in the Republic of Korea Patent Publication No. 10-1138924 is to receive the input information corresponding to the key button operation, perform authentication using the stored authentication information, and then generate the authentication result information, and then register It is configured to transmit the result information in the communication message to the door lock control terminal, the accessor is configured to open and close the door lock device according to the control command included in the message.

In addition, the door lock device using the smart phone disclosed in Korean Patent Publication No. 10-1242122 and its control method, when the accessor enters the password of the door lock, the control unit is authenticated if the error of the password after the authentication and the error degree is slight It is possible to re-enter the password, and if the error degree is large, the captured image and door lock status information is transmitted to the smartphone, and even if the unlock password is configured to enter a security state that is not unlocked.

Such conventional technologies determine whether the door is opened or closed by sending an authentication result using a smartphone to authenticate the password of the door lock device.

On the other hand, when using a network, the conventional smart door lock system has a server connected to the door lock and communicates with the user terminal through the TCP / IP protocol, and determines whether intrusion of outsiders based on the data transmitted from the sensor, but all Data transmitted and received in the process is vulnerable to forgery and hacking.

Of course, whether the user is authenticated and the data is secured by using some encryption technology or software. However, since the encryption method is relatively weak or simple and depends on specific software, the integrity and preservation of the user There is a limitation that a flaw exists in the determination of whether the authentication of the certificate.

Republic of Korea Patent Registration 10-1138924 (2012.05.14. Notification) Republic of Korea Patent Publication No. 10-1242122 (announced on March 11, 2013) Republic of Korea Patent Publication 10-1634734 (2016.07.08. Notification) Republic of Korea Patent Registration 10-1470747 (August 12, 2014)

Accordingly, the present invention for solving the above-described problems, the remote authentication mode for performing remote authentication in connection with the nodes of the digital electronic device and the self-authentication mode by authentication of the virtual block chain provided in the digital electronic device itself. By establishing a multi-authentication system through the system, we provide a dual blockchain-based digital electronics operation method that has a virtual blockchain that can fundamentally solve communication security and hacking problems through a higher encryption and anti-forgery system. There is a purpose.

In addition, the present invention provides a fast and secure service using a virtual block chain implemented in each digital electronic device in a situation that the online via the normal network is blocked due to the error, failure, power failure of the authentication server. Another purpose is to provide a dual blockchain-based digital electronic device operating method having a virtual blockchain that can reliably prevent hacking using near field communication such as Bluetooth.

The problems of the present invention are not limited to those mentioned above, and other problems not mentioned will be clearly understood by those skilled in the art from the following description.

In addition, a method for operating a dual blockchain-based digital electronic device having a virtual blockchain according to an aspect of the present invention may include: receiving, by the query controller, a request for a transaction and a communication device token in a blockchain network; Validating the communication device token based on information in which token validity data is available in a conventional blockchain or virtual blockchain; Determining whether the communication device token is successfully validated; If the communication device token is successfully validated, the processor outputting an operation control signal for controlling the operation of the digital electronic device; Allowing a transaction based on successful validation of the communication device token; Generating a updated communication device token by the token generator; And if the validation of the communication device token fails, the virtual node generator duplicating the virtual node and adding the virtual node to the redundancy area of the digital electronic device according to the duplication command of the processor.

In addition, a method for operating a dual blockchain-based digital electronic device having a virtual blockchain according to another aspect of the present invention includes the steps of: a query controller receiving a request for a transaction and a communication device token in a blockchain network; Validating the communication device token based on information in which token validity data is available in a conventional blockchain or virtual blockchain; Determining whether the communication device token is successfully validated; If the communication device token is successfully validated, the processor outputting an operation control signal for controlling the operation of the digital electronic device; Allowing a transaction based on successful validation of the communication device token; Generating a updated communication device token by the token generator; And if the validation of the communication device token fails, the virtual node generator activating a virtual node deactivated in the redundancy area of the digital electronic device according to the activation command of the processor.

According to the dual blockchain-based digital electronic device operating method having the virtual blockchain according to the present invention, by establishing a multi-authentication system in which the blockchain connected between the digital electronic devices and the virtual blockchain of the digital electronic device itself are linked, It is effective to implement high communication security and hacking security.

In addition, the present invention can also reliably prevent hacking using short-range communication such as Bluetooth in a situation in which the online server is blocked due to an error, failure or power failure of the authentication server.

The effects of the present invention are not limited to those mentioned above, and other problems not mentioned will be clearly understood by those skilled in the art from the following description.

1 is a block diagram of an access control system in a blockchain-based smart door lock according to an embodiment of the present invention,
2 is a block diagram of an access control system on a conventional blockchain network according to an embodiment of the present invention;
3A is a block diagram of an access control system when a normal blockchain network (PBN) is disconnected or a normal blockchain network is not normally operated according to an embodiment of the present invention;
3b is a block diagram of an access control system in a virtual blockchain network according to an embodiment of the present invention;
4 is a block diagram of an access control system to which a virtual node is added according to an embodiment of the present invention;
5 is a block diagram of a typical node according to an embodiment of the present invention;
6 is a block diagram of a virtual node according to an embodiment of the present invention;
7 is a scenario for a lightweight cryptographic agreement protocol for achieving blockchain agreement according to an embodiment of the present invention;
8 is a blockchain-based access control flowchart according to an embodiment of the present invention;
9 is a diagram illustrating a network to which a smart door lock is applied according to an embodiment of the present invention; and
10 is a diagram illustrating a network to which a smart door lock is applied according to another embodiment of the present invention.

Further objects, features and advantages of the present invention can be more clearly understood from the following detailed description and the accompanying drawings.

Prior to the detailed description of the present invention, the present invention may be variously modified and may have various embodiments, and the examples described below and illustrated in the drawings are intended to limit the present invention to specific embodiments. It is to be understood that the present invention includes all modifications, equivalents, and substitutes included in the spirit and technical scope of the present invention.

When a component is referred to as being "connected" or "connected" to another component, it may be directly connected to or connected to that other component, but it may be understood that other components may be present in between. Should be. On the other hand, when a component is said to be "directly connected" or "directly connected" to another component, it should be understood that there is no other component in between.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. Singular expressions include plural expressions unless the context clearly indicates otherwise. As used herein, the terms "comprise" or "have" are intended to indicate that there is a feature, number, step, action, component, part, or combination thereof described on the specification, and one or more other features. It is to be understood that the present invention does not exclude the possibility of the presence or the addition of numbers, steps, operations, components, components, or a combination thereof.

In addition, the terms "... unit", "... unit", "... module", and the like described in the specification mean a unit that processes at least one function or operation, which means hardware or software or hardware and It can be implemented in a combination of software.

In addition, in the description with reference to the accompanying drawings, the same components regardless of reference numerals will be given the same reference numerals and duplicate description thereof will be omitted. In the following description of the present invention, if it is determined that the detailed description of the related known technology may unnecessarily obscure the subject matter of the present invention, the detailed description thereof will be omitted.

Hereinafter, a dual blockchain-based digital electronic device operating method and digital electronic device system having a virtual blockchain according to an exemplary embodiment of the present invention will be described in detail with reference to the accompanying drawings.

The digital electronic device according to the present invention may be, for example, a smart door lock, a CCTV, a refrigerator, or the like, but is not limited thereto. On the other hand, in the embodiment of the present invention will be described the applicability to the smart door lock.

First, the blockchain applied to the present invention will be described. In the blockchain described in the present invention, data information transmitted on-line is connected by a block, and the data information is jointly stored in digital electronic devices of peers rather than a central management server in a P2P network distributed environment. How to manage

A general blockchain-based digital electronic node (PBDN), which is applied to the present invention, is referred to as a 'normal node', which is a conventional digital electronic device connected through a conventional wired or wireless network. Means appliance.

In addition, a conventional blockchain network (PBN) applied to the present invention means a blockchain network connected between a plurality of normal nodes through a conventional wired or wireless network.

In addition, a virtual blockchain based digital electronic node (VBDN), which is applied to the present invention, is referred to as a `` virtual node '', a virtual digital electronic implemented in software in the digital electronic device. Means appliance.

In addition, a virtual blockchain network (VBN) applied to the present invention means a blockchain network connected between a normal node and one or more virtual nodes implemented in the normal node. Accordingly, the virtual node implemented in the predetermined normal node is inherently blocked from direct connection with the normal node located outside.

In addition, a blockchain network (BN) applied to the present invention should be understood as a concept encompassing a general blockchain network (PBN) and a virtual blockchain network (VBN).

Hereinafter will be described by applying a digital electronic device to the smart door lock.

1 is a block diagram of an access control system in a blockchain-based smart door lock according to an embodiment of the present invention.

System 100 includes a plurality of nodes separated within individual smart door locks 105, 106, 107. The first smart door lock 105 is typically a node 105A, PBDN and at least one virtual node 105B, 105C, 105D, VBDN and a redundancy area (not shown) for preliminarily implementing one or more virtual nodes within the node. It includes. The second smart door lock 106 is typically a node 106A, PBDN and at least one virtual node 106B, 106C, 106D, VBDN and a redundancy area (not shown) for preliminarily implementing one or more virtual nodes within the node. It includes. The third smart door lock 107 is a normal node (107A, PBDN) and at least one virtual node (107B, 107C, 107D, VBDN) and a redundancy area (not shown) for preliminarily implementing one or more virtual nodes in the normal node. It includes. Here, at least one or more access controllers and memories configured to operate as virtual nodes (VBDNs) are disposed in the redundancy region.

1 illustrates three smart door locks, but is not limited thereto. Hundreds or hundreds of millions may be connected in a conventional blockchain network (PBN). 3 to 4 virtual nodes (VBDNs) are shown in the smart door locks 105, 106, and 107, respectively, but are not limited thereto. Hundreds to hundreds of millions of virtual nodes may be connected in a virtual blockchain network (VBN). have.

Blockchain 101 is a sequence of data blocks that are connected and protected using cryptographic techniques. Each block contains the block hash of the previous block and transaction data for connection with the previous block. Here, the block hash is data obtained by encrypting a block in a hash method. Transactional data also includes data in which the user's behavior exists with respect to the nodes in the blockchain network.

The blockchain 101 functions as a distributed ledger managed by the blockchain network BN. The blockchain 101 has a sequence form of a block including transaction data generated through the blockchain network BN. The newly constructed block based on transaction data is added to the blockchain after agreement is established between nodes based on one or a combination of token-based consensus protocol, lightweight cryptographic consensus protocol, and variable cryptographic consensus protocol. The transaction data constituting the block may include a user communication device token, digital electronic device connection request information, an operation control signal, and operation result information. Meanwhile, a public ID, a private key, and a unique ID and password may be generated and used for access. In one use, the private key (secret key) can be used to sign an electronic signature proving that you are yourself. Digital signatures verify the validity of a transaction.The node or user sending the transaction data signs the private key and the node or user receives the signature using the sender's public key to verify the presence of inappropriate forgery or tampering. Can be.

2 is a block diagram of an access control system on a conventional blockchain network according to an embodiment of the present invention, in which the conventional blockchain network 103 operates normally.

In general, when a relative visits a homeowner who is an authorized user (hereinafter referred to as an 'effective user') according to a predetermined procedure for accessing a node, the homeowner needs to release the smart door lock remotely. That is, a valid user needs to connect to the normal node 105A, PBDN using the user communication device 210 at a remote location. Here, the user communication device 210 may be a mobile phone, a tablet computer, or a smart watch, but is not limited thereto.

The user communication device 210 typically sends an access request message and a communication device token to the node 105A for a transaction. Communication device tokens are dynamically allocated based on the sequence of transaction blocks in blockchain 101.

The normal node 105A transmits the transaction data received from the user communication device 201 to a transaction pool (not shown) through a normal blockchain network, and requests authentication of the transaction data from the normal blockchain network. In the normal blockchain network, if the transaction data is authenticated, the transaction data is included in a newly constructed new block.

That is, a normal node (not shown) designated as a master so that a transaction pool includes transaction data for which authentication is requested, forms a new block, distributes it to the normal nodes 106A and 107A, and receives the normal block 106A, 107A verifies according to a predetermined procedure to determine whether to authenticate the new block based on the information available in the blockchain 101.

The normal nodes 106A and 107A return the verification result of the new block to the master normal node (not shown), and the master normal node (not shown) collects the returned verification results, and each of the agreed new blocks is It is usually updated and stored in addition to the existing blockchain stored in the node.

The normal node 105A requesting authentication outputs a unlocking control signal to a door opening / closing unit (not shown) to release the smart door lock based on the successful authentication, as a result of the agreement on the new block including the transaction data. do.

Normally, nodes 105A and PBDNs update the communication device token of the user communication device 210.

According to an embodiment of the present invention, a master normal node is randomly set among any of a plurality of normal nodes.

Here, the distribution, authentication, authentication result collection, and renewal of the communication device token are referred to as agreement.

The agreement is determined based on Token based Consensus Protocol, Lightweight Cryptographic Consensus Protocol, or A Variable Cryptographic Consensus Protocol, or a combination thereof. The updated communication device token is typically stored in nodes 105A, 106A, 107A, PBDN.

The Communication Device Token may be any data object used to authorize access to any normal node (PBDN). The communication device token may be stored in a storage of an individual node in a blockchain network (BN). The communication device token is a unique token specialized for any node in the blockchain network. The communication device token may include a plurality of attributes. The plurality of attributes may be one or a combination of unique IDs of individual nodes, unique IDs representing transactions, and unique IDs of the communication device tokens. .

On the other hand, when an invalid user accesses the normal nodes 106A and 107A using the user communication device 220 at a remote location, Token based Consensus Protocol and Lightweight Cryptographic Consensus Protocol Or a transaction is rejected according to a decision based on A Variable Cryptographic Consensus Protocol or a combination thereof.

In addition, the normal nodes 105A, 106A, and 107A periodically check the connection state of the normal blockchain network PBN. If the normal node 105A is disconnected from all or part of the normal blockchain network or if it is not possible for the normal blockchain network to operate normally, the normal node 105A is the most recent in the normal blockchain network. The blockchain updated in the distribution is distributed to the virtual nodes 105B, 105C, and 105D implemented in the normal node 105A. The virtual nodes 105B, 105C, and 105D store the distributed blockchain 301 in a storage space allocated to each of the virtual nodes 105B, 105C, and 105D, and then the normal node 105A participates as a master node. It acts as a slave node in the virtual blockchain network 303.

FIG. 3A is a block diagram of an access control system when a conventional blockchain network (PBN) is disconnected or a normal blockchain network is not normally operated according to an embodiment of the present invention, and FIG. 3B is an embodiment of the present invention. Is a block diagram of an access control system in a virtual blockchain network.

A valid user remotely accesses node 105A using user communication device 210. Here, the user communication device 210 may be a mobile phone, a tablet computer, or a smart watch, but is not limited thereto.

The user communication device 210 typically sends a connection request message and communication device token to the node 105A for a transaction. The communication device token is dynamically allocated based on the sequence of transaction blocks in the virtual blockchain 301. Normally, node 105A constructs a new block containing transaction data and distributes it to virtual nodes 105B, 105C, and 105D to request verification. The virtual nodes 105B, 105C, and 105D determine whether to authenticate the transaction, such as a request for opening / closing approval of the communication device token and the smart door lock, based on information available in the virtual blockchain 301 according to a predetermined agreement protocol procedure. To participate in the consensus process of verifying a new block containing the transaction data.

The virtual nodes 105B, 105C, and 105D return the authentication result of the communication device token to the normal node 105A, and the normal node 105A collects the authentication result, and the communication device token (Communication). Based on the successful authentication of the Device Token, the release control signal is output to the door opening and closing part (not shown) to release the smart door lock, and the transaction is allowed.

Node 105A typically distributes the agreed new block containing the transaction and the updated communication device token to virtual nodes 105B, 105C, and 105D, and adds to the existing blockchain 301 for each virtual node. Connect and update and save.

Normally, node 105A updates the communication device token of user communication device 210.

The transaction and the updated communication device token are determined based on a combination of a Token based Consensus Protocol, a Lightweight Cryptographic Consensus Protocol, and a Variable Cryptographic Consensus Protocol.

The communication device token may be any data object used to authorize access to any normal node. The communication device token may be stored in the storage of individual virtual nodes 105B, 105C, and 105D in the virtual blockchain network. The communication device token is the only token specialized for any virtual node 105B, 105C, 105D in the virtual blockchain network. The communication device token may include a plurality of attributes. The plurality of attributes refer to any one or combination of unique IDs of individual virtual nodes 105B, 105C, and 105D, unique IDs representing transactions, and unique IDs of the communication device token. Can be.

Here, individual virtual nodes 105B, 105C, and 105D may be implemented to automatically change passwords and report changed passwords to normal node 105A. Here, the change period of the password may be independent or dependent on each other. In addition, the password change period may or may not be unique to each other.

According to an embodiment of the present invention, when the normal blockchain network (PBN) is disconnected, the normal node 105A and the individual virtual nodes 105B, 105C, and 105D are connected 1: 1 to authenticate the communication device token. . That is, even if the transaction data constituting the block in which the normal node 105A is hacked is abnormally changed, the transaction of the corresponding block distributed and stored in the individual virtual nodes 105B, 105C, and 105D privately implemented in the normal node 105A. If different from the data, the individual virtual nodes 105B, 105C, and 105D send the result of authenticating the invalid data to the node 105A. Normally, the node 105A agrees with the failed authentication when the majority of the virtual nodes authenticate with invalid data based on the authentication result received from the individual virtual nodes 105B, 105C, and 105D. In this case, the transaction data is invalidated. On the other hand, if the majority of the virtual nodes authenticate with valid data, the successful authentication is agreed and the transaction data is processed effectively.

On the other hand, when the normal blockchain network (PBN) is disconnected and restored, inconsistency occurs between the blockchain stored in the normal node 105A and the blockchain stored in the other normal nodes 106A and 107A. At this time, the normal node 105A distributes some or all of the transactions in the blockchain through the virtual blockchain network to other normal nodes 106A and 107A while the normal blockchain network is disconnected, and is authenticated. If authentication is successful from 106A and 107A, normally node 105A updates the transaction. Normal node 105A distributes the updated transaction to other normal nodes 106A, 107A.

According to an embodiment of the present invention, if a normal node recognizes faults such as Byzantine faults through a normal blockchain network (PBN), at least one virtual node may be additionally created in an internal redundancy area. In addition, according to another embodiment of the present invention, a normal node may additionally generate as many as two, three, or square numbers of virtual nodes in an internal redundancy region. In addition, according to another embodiment of the present invention, whenever a normal node recognizes a fault such as a Byzantine Fault through a normal blockchain network, at least one virtual node may be additionally created in an internal redundancy area. . 4 shows a state diagram in which the virtual node 105E in the smart door lock 105 is additionally generated and connected to the virtual blockchain network. Accordingly, the security of the smart door lock can be improved.

Meanwhile, according to an embodiment of the present invention, a normal blockchain network and a virtual blockchain network may be operated independently or in cooperation with each other.

5 is a block diagram of a typical node according to an embodiment of the present invention.

Typical nodes 105A, 106A, and 107A in accordance with one embodiment of the present invention include a connection controller 510, a processor 520, and a memory 530. The connection controller 510 includes a query controller 511, token validity 512, consensus module 513, token generator 514, and virtual node generator 515.

The user communication device 210 is directly connected to the smart door lock 105 through a short range communication interface module, such as Bluetooth, Zigbee, RFID, WiFi Direct, NFC, or the like, or through a short range Internet communication interface module such as Wi-Fi. It may be indirectly connected with the smart door lock 105 via a gateway. That is, according to the present invention, the short-range communication interface module means, for example, an interface module to which a user communication device and a smart door lock can be directly connected, and the short-range internet communication interface module is, for example, a gateway is disposed between the user communication device and the smart door lock. The interface module may be indirectly connected to the user communication device and the smart door lock.

The connection controller 510 receives a connection request and a communication device token from the portable communication device for the transaction. The communication device token is validated based on the information available in the conventional blockchain 101 or the virtual blockchain 301.

For example, the validation is a change history of the public key and the password among the private key included in the original authentication information (the first mounted authentication information) and the newly generated private key and public key (in odd expression, the second private key and the public key). It is based on, and thus can be made to renew the communication device token by signing the second public key with the first private key and password change history.

In this way, the validation may be performed periodically or aperiodically by updating the N + 1 th public key with the N th private key and the password change history according to a preset rule.

If the validity of the communication device token is successfully verified, the processor 520 outputs a release control signal to the door opener (not shown) to release the smart door lock, and the transaction is allowed.

The processor 520 may be a CPU, a microprocessor, or a microcontroller, but is not limited thereto. The processor 520 is coupled with the memory 530 and the connection controller 510. The processor 520 processes a series of instructions stored in the memory 530. Any updated communication device token is stored in memory 530.

The query controller 511 receives a request for a transaction in the blockchain network. The query controller 511 may be a processing unit that receives or generates a query belonging to a transaction request through the blockchain network. For example, query controller 511 receives a connection request and a communication device token from the portable communication device. The communication device token is validated by the token validity data 512 based on the information available in the conventional blockchain 101 or the virtual blockchain 301. If validity is successfully verified, the connection controller 510 allows a transaction to be attributed to the request.

The consensus module 513 utilizes any one or a combination of a token based consensus protocol, a light weight cryptographic consensus protocol, and a variable cryptographic consensus protocol. If an agreement is reached, the transaction and the updated communication device token are added to the blockchain 101, 301. As a result, the updated communication device token is stored in the portable communication device and the memory 530.

Token generator 514 generates an updated communication device token associated with the other node. The access controller 510 dynamically updates the communication device token of the portable communication device. Associated transactions and updated communication device tokens are broadcast in a broadcast manner to individual nodes within the blockchain network.

If the communication device token is not successfully validated in the token validator 512, the processor 520 sends a replication command to the virtual node generator 515 to create a virtual node in the internal redundancy area, and the virtual node generator 515 ) Duplicates and adds a virtual node to an internal redundancy zone. In addition, according to another embodiment of the present invention, at least one potential virtual node may be disposed in an internal redundancy area, and the virtual node generator 515 may activate and add the potential virtual node.

In the present invention, the individual nodes 105A, 105B, 105C, 105D, 106A, 106B, 106C, 106D, 107A, 107B, 107C, 107D implement a blockchain, and each of the distributed information stored in each of them is kept up to date. The information may be shared.

As described above, each of the individual nodes may be implemented in the form of a terminal, but is not limited thereto and may be implemented in the form of a server operated by a specific company.

A node implemented in the form of a terminal among the normal nodes may store information shared on the blockchain in a secure area of memory, and a node implemented in the form of a server among the nodes typically may store information shared on the blockchain in a secure area of a database. have.

That is, in the present invention, a conventional blockchain in which individual nodes are composed solely of terminals, a conventional blockchain in which individual nodes are composed only of servers, and a general blockchain in which individual nodes are composed of a terminal and a server, and each node is a virtual blockchain and a conventional blockchain. It can be configured based on various types of blockchains, including blockchains composed of mixed blockchains.

6 is a block diagram of a virtual node according to an embodiment of the present invention.

Virtual nodes 105B, 105C, 105D, 106B, 106C, 106D, 107B, 107C, and 107D according to an embodiment of the present invention include an access controller 610 and a memory 630. The connection controller 610 includes a query controller 611, token validity 612, consensus module 613, and token generator 614, which may be implemented in some software. Here, according to an embodiment of the present invention, the memory 630 in the virtual node typically uses a predetermined place in the memory 530 in the node or may be disposed separately.

A virtual node according to an embodiment of the present invention may share a processor in a normal node that is directly connected on a blockchain network. In addition, the virtual node according to another embodiment of the present invention may use a processor (not shown) dedicated to the virtual node.

The connection controller 610 receives a connection request and a normal node 105A token from the normal node 105A for a transaction. The node 105A token is typically validated based on the information available in the virtual blockchain 301.

In general, if the validity of the node 105A token is successfully verified, the processor 520 outputs a release control signal to the door opener (not shown) to release the smart door lock, and allows a transaction.

The query controller 611 receives a request for a transaction in the blockchain network. The query controller 611 may be a processing unit that receives or generates a query belonging to a transaction request through the blockchain network. For example, query controller 611 typically receives a connection request and virtual node token from node 105A. The virtual node token is validated by the token validator 612 based on the information available in the virtual blockchain 301. That is, the token validity data 612 is based on information such as whether the virtual node is a node registered in the node 105A, the user ID and password PW recorded in the application mounted in the user communication device 210, and the like. Validate the node token. That is, the token validity data 612 is hacked if the virtual node is a node that is not registered with the normal node in the smart door lock to which it belongs, or if it is inconsistent with a user ID or password (PW) recorded in an application mounted in the user communication device 210. It is determined to be a node.

If validity is successfully verified, the connection controller 610 allows a transaction to be attributed to the request.

The consensus module 613 uses one or a combination of a token based consensus protocol, a light weight cryptographic consensus protocol, and a variable cryptographic consensus protocol. If an agreement is reached, the transaction and the updated virtual node token are added to the blockchain 301. As a result, the updated virtual node token is typically stored in node 105A and memory 630.

Token generator 614 generates an updated virtual node token associated with the other node. The connection controller 610 typically updates the virtual node token of node 105A dynamically. Associated transactions and updated virtual node tokens are broadcasted to individual nodes within the blockchain network.

If the virtual node token is not successfully validated in token validation 612, processor 520 in node 105A typically sends a replication command to cause virtual node generator 515 to create a virtual node in the internal redundancy zone. The virtual node generator 515 may add a virtual node by duplicating the virtual node in an internal redundancy area. In addition, according to another embodiment of the present invention, at least one potential (inactive) virtual node is disposed in an internal redundancy area, and the virtual node generator 515 may activate and add the potential virtual node.

In general, the intra-node processor 520 is coupled to the directly-connected intra-node memory 630 and the connection controller 610 to process a series of instructions stored in the memory 630. Any updated virtual node token is stored in memory 630.

As such, when the Internet is disconnected, the present invention independently utilizes multiple blockchain functions implemented between a node and a plurality of virtual nodes connected to a virtual blockchain network built therein, and independently acts as a blockchain-based door lock. By enabling the blockchain function to quickly perform the validity of transactions, the hacking prevention function can be further strengthened.

As described above, when the virtual blockchain-based smart door lock node having the automatically changed password receives a transaction including the door open / close control signal from the processor 520, the virtual blockchain-based smart door lock node presents an authentication procedure by presenting a password change history. Going through. In particular, even when the wired / wireless communication is disconnected, the authentication procedure is performed by presenting a password change history that is recently generated when the authentication request is made through short-range communication, thereby implementing a self-blockchain function to have a strong security function.

Then, when the wired / wireless communication is restored, new public key information (normal blockchain) including a recent password change history is provided to other nodes through the wired / wireless network.

As described above, the present invention allows the blockchain network door lock system to be authenticated through a virtual blockchain connected to one or more virtual nodes, even when the blockchain network doorlock system is intentionally blocked by an impure user or is blocked due to an error, failure, or power failure of a server. By doing so, a complete security system is completed, and when the normal blockchain network is normal, it is implemented to connect to normal nodes and transmit and share the changed public key.

7 is a scenario for a lightweight cryptographic agreement protocol to achieve blockchain agreement according to one embodiment of the present invention.

According to FIG. 7, a lightweight cryptographic agreement protocol in the system 700 combines a federated byzantine agreement (FBA) and a partial byzantine faults tolerance (PBFT) agreement protocol. According to one embodiment, 105A, 105B, 105C, and 105D form one node group, and 106A, 106B, 106C, and 106D form another node group. Each node group consists of a normal node and a virtual node in the smart door lock, respectively. Intra-group consensus is achieved using FBA consensus because there are many nodes in the group and a highly scalable consensus is needed between the nodes. On the other hand, inter-group consensus is achieved using PBFT consensus because the number of groups is smaller than the number of nodes in the group.

According to one embodiment, a consensus protocol based on a variable cryptographic puzzle may be used to achieve consensus on transactions involving blockchains 101 and 301. In blockchain-based technologies used for cryptocurrencies such as Bitcoin ™ or Ethererum ™, the Proof Of Work (PoW) system provides proof of work for transaction blocks where nodes are accepted by blockchain network participants. I will do it. Regarding the blockchain network and the blockchains 101 and 301, agreement is achieved based on proof of work of the user communication device 210. To validate a transaction data block, the block must be hashed to a value below the current target value. The current target value is based on the probability of successful block generation. The variable cryptographic puzzle is determined based on the probability of successful block generation. When the user communication device 210 requests a connection to the normal node 105A, the probability is determined based on the computing power of the user communication device 210 and the normal node 105A. The likelihood is typically a function of the computational power of node 105A and memory 530. The puzzle solving time is independent of the computational power and memory of the normal node 105A so that all nodes in the blockchain network can solve the puzzle at about the same time.

8 is a blockchain based access control flowchart according to an embodiment of the present invention.

The query controllers 511 and 611 receive a request for a transaction and a communication device token in the blockchain network (S801).

The communication device token is validated based on the information available in the normal blockchain 101 or the virtual blockchain 301 by token validity data 512 and 612 (S802).

It is determined whether the communication device token is successfully validated (S803), and when the communication device token is successfully validated, the processor 520 outputs an opening / closing control signal to the door opening / closing unit (not shown) to release the smart door lock, and the smart door lock. To resolve (S804).

Thereafter, the transaction is allowed based on the successful validation of the communication device token (S805).

Thereafter, the token generators 514 and 614 generate updated communication device tokens, and the connection controllers 510 and 610 dynamically update the communication device tokens of the portable communication device (S806). Associated transactions and updated communication device tokens are broadcast in a broadcast manner to individual nodes within the blockchain network.

The consensus modules 513 and 613 use any one or combination of token based consensus protocol, lightweight cryptographic consensus protocol, and a variable cryptographic consensus protocol. . The transaction and the updated communication device token are added to the blockchains 101 and 301 (S807).

The updated communication device token is stored in the individual nodes memory 530 and 630 (S808).

On the other hand, if the validation of the communication device token fails, the connection is refused (S809), and the virtual node generator 515 duplicates and adds the virtual node VBDLN to the redundancy area (S810).

Accordingly, the normal node and one or more virtual nodes go through the authentication process by presenting their own password change history, and even if the wired / wireless network is disconnected, the virtual blockchain network is implemented and has strong security function, and is disclosed through the wired / wireless network at a predetermined time. The distributed ledger function can be implemented by sending a mobile device token containing key information and providing it to other nodes.

On the other hand, the short-range communication method mentioned in the description of the present invention, in addition to Bluetooth, Beacon (Beacon), BLE (Bluetooth Low Energy), Zigbee, UWB (Ultra-WideBand), ANT, Wi-fi, etc., Personal Area Network (PAN) Various short range communication techniques may be applied.

In addition to the smart phone as the user terminal mentioned in the description of the present invention, it may be an electronic device including a communication function. For example, the electronic device may be a tablet personal computer, a mobile phone, a video phone, an e-book reader, a desktop personal computer, a laptop personal computer. , Netbook computer, personal digital assistant (PDA), portable multimedia player (PMP), MP3 player, mobile medical device, camera, or wearable device (e.g., head-like electronic glasses) mounted-device (HMD), electronic garment, electronic bracelet, electronic necklace, electronic accessory, electronic tattoo, or smartwatch.

According to the dual blockchain-based smart door lock having a virtual block chain according to the present invention as described above and its operation method, a multi-authentication system in which the block chain linked between the smart door lock and the virtual block chain of the smart door lock itself are linked. By implementing it, it is possible to realize very high communication security and hacking security, and it is also possible to reliably prevent hacking using short-range communication such as Bluetooth in a situation where the online server is blocked due to an error, failure or power failure of the authentication server. There is this.

The idea of the present invention can be applied when the digital electronic device is a CCTV, when the communication device token is successfully validated, the normal blockchain-based CCTV processor is operated by an operation control unit (not shown) to perform the operation in CCTV The control signal can be output. Here, the operation performed by the CCTV may refer to a direction change of the CCTV, a zoom-up function, a photo transmission, and the like.

9 is a network configuration to which the smart door lock according to an embodiment of the present invention is applied.

Smart door lock 910 according to an embodiment of the present invention has a block chain module 912 is added to the existing door lock 911. The blockchain module 912 includes a LAN interface module 9121, an internet interface module 9922, a normal node 105A, and one or more virtual nodes 105B,...

The existing door lock 911 means a door lock of a method that is unlocked when a password is input by a touch. The LAN interface module 9121 is a wireless communication module such as Bluetooth, Zigbee, or RF ID, and may directly communicate with the user communication device 210 without passing through a gateway. That is, when the user communication device 210 enters a predetermined distance near the smart door lock 910, the smart door lock 910 may recognize the user communication device 210 and release the locking device by a wireless communication method. . The interface module 9922 for the Internet is a wired / wireless Wi-Fi module and may be connected to the gateway 920 disposed outside. The television 930, the refrigerator 940, the CCTV 950, and the like, which are arranged in the home, may be connected to one of the IoT, respectively. Here, the gateway 920, the television 930, the refrigerator 940, the CCTV 950, etc., which are arranged in the home, may each function as a normal node in a normal blockchain network.

10 is a diagram illustrating a network to which a smart door lock is applied according to another embodiment of the present invention.

The smart door lock 1010 according to an embodiment of the present invention has a configuration in which a block chain module 1012 is added to an existing door lock 1011. The blockchain module 1012 includes a LAN interface module 10121, an internet interface module 10122, a gateway 10123, a normal node 105A, and one or more virtual nodes 105B, ....

The existing door lock 1011 means a door lock of a method that is unlocked when a password is input by a touch. The LAN interface module 10121 is a wireless communication module such as Bluetooth, Zigbee, or RF ID, and may directly communicate with the user communication device 210. That is, when the user communication device 210 enters a predetermined distance near the smart door lock 1010, the LAN interface module 10121 recognizes the user communication device 210 by a wireless communication method, and the LAN interface module 10121 is used. When the detection signal is transmitted to the processor 520 in the smart door lock 1010, the processor 520 outputs a release control signal to the door opening / closing unit (not shown). The gateway 10123 may be connected to one of the Internet of things (1030), the refrigerator 1040, the CCTV 1050, and the like using the Wi-Fi module of the Internet interface module 10122. Here, the gateway 1020, the television 1030, the refrigerator 1040, the CCTV 1050, etc. may each function as a normal node in a normal blockchain network.

The embodiments and the accompanying drawings described herein are merely illustrative of some of the technical ideas included in the present invention. Therefore, since the embodiments disclosed herein are not intended to limit the technical spirit of the present invention, but to explain, it is obvious that the scope of the technical spirit of the present invention is not limited by these embodiments. Modifications and specific embodiments that can be easily inferred by those skilled in the art within the scope of the technical idea included in the specification and drawings of the present invention should be construed as being included in the scope of the present invention.

101: normal blockchain
301: virtual blockchain
103, 303: Blockchain Network
105, 106, 107: Smart Door Lock
105A, 106A, 107A: Normal Node
105B, ..., 106B, ..., 107B, ...: virtual nodes
210: User communication device available
220: invalid user communication device
510, 610: connection controller
511, 611: query controller
512, 612: Token Validation
513, 613: consensus module
514, 614: Token Generator
515: virtual node generator
520: processor
530, 630: memory

Claims (2)

The query controller receiving a request for a transaction and a communication device token in the blockchain network;
Validating the communication device token based on information in which token validity data is available in a conventional blockchain or virtual blockchain;
Determining whether the communication device token is successfully validated;
If the communication device token is successfully validated, the processor outputting an operation control signal for controlling the operation of the digital electronic device;
Allowing a transaction based on successful validation of the communication device token;
Generating a updated communication device token by the token generator; And
If the validation of the communication device token fails, the virtual node generator duplicating and adding the virtual node to the redundancy area of the digital electronic device according to a copy instruction of the processor.
Dual blockchain-based digital electronic device operation method having a virtual blockchain comprising a.
The query controller receiving a request for a transaction and a communication device token in the blockchain network;
Validating the communication device token based on information in which token validity data is available in a conventional blockchain or virtual blockchain;
Determining whether the communication device token is successfully validated;
If the communication device token is successfully validated, the processor outputting an operation control signal for controlling the operation of the digital electronic device;
Allowing a transaction based on successful validation of the communication device token;
Generating a updated communication device token by the token generator; And
If the validation of the communication device token fails, the virtual node generator activating a virtual node which has been deactivated in the redundancy area of the digital electronic device according to an activation command of the processor.
Dual blockchain-based digital electronic device operation method having a virtual blockchain comprising a.

Images