KR102166233B1 - Certificate issuance system based on blockchain technology and control method thereof - Google Patents

Abstract

The present invention relates to a system for issuing documents based on blockchain technology, and more specifically, in a system for issuing electronic documents, a main blockchain composed of a plurality of main nodes, a plurality of sub nodes A sub-blockchain consisting of, a certificate request server for requesting issuance of a certificate, and a certificate issuing server for generating a certificate in response to an issuance request from the certificate request server, wherein the certificate issuing server generates the certificate A first transaction related to (transaction) is transmitted to a first main node, the main block chain transfers the first transaction received to the first main node to the sub-blockchain, and the certificate request server, the It relates to an electronic document issuing system, characterized in that the verification query of the first transaction is transmitted to the first sub-node.

Description

Electronic document issuing system using blockchain technology and its control method {CERTIFICATE ISSUANCE SYSTEM BASED ON BLOCKCHAIN TECHNOLOGY AND CONTROL METHOD THEREOF}

The present invention relates to a verification system, and more particularly, to an authentication system capable of improving reliability by recording and viewing operations related to user authentication or document authentication as a transaction of a block chain.

Blockchain technology refers to a data distributed processing technology that distributes and stores all the data that are subject to management by all users participating in the network. It is also referred to as'distributed ledger technology (DLT)' or'public transaction ledger' in that the ledger containing transaction information is not owned by the transaction entity or a specific institution, but is shared by all network participants. . Blockchain is a name given as a chain of blocks containing transaction details.

These blockchains can be divided into a public blockchain and a private blockchain. The public blockchain corresponds to the public transaction ledger described above, and generally refers to the public blockchain when referring to the blockchain. Private blockchain is a relative concept, and is also referred to as enterprise blockchain because it is mainly used by companies. Consortium blockchain, in which several companies (or institutions) jointly participate, also belongs to the category of private blockchain in a broad sense.

Unlike public blockchains, which are open to anyone and anyone can create transactions, private blockchains can only participate with approval of a service provider (company or institution), and only legally responsible organizations can create transactions. In addition, unlike the public blockchain, in which transaction details are open to all, and all nodes participating in the network verify it and approve the transaction, in the private blockchain, only authorized organizations verify the transaction and approve the transaction.

The public blockchain has a high reliability through mutual verification of all participants, but it has the disadvantage that the processing speed is slow to record and share transaction records of all participants. On the other hand, the private blockchain is much faster because only authorized nodes participate and there is no need to seek verification of other nodes. However, since the users of the private blockchain must completely rely on the service provider, the reliability is limited compared to the public blockchain.

Such a blockchain can be used in a variety of industrial fields, and it will be most suitable especially for fields where reliability against forgery and alteration must be secured. Verification work, such as authentication for users or verification of documents, is a work that is inevitably exposed to the risk of forgery or alteration, and securing reliability will be more urgent than work in other industries. Nevertheless, research on such a proof system using blockchain technology has not been properly conducted.

It is an object of the present invention to solve the above and other problems. Another object is to provide an authentication system that can improve the reliability of user authentication or document authentication.

Another purpose is to provide a certification system that enables verification of the entire process of issuance, distribution, and destruction of documents subject to certification, and anyone can verify the process.

The technical problems to be achieved in the present invention are not limited to the technical problems mentioned above, and other technical problems that are not mentioned will be clearly understood by those of ordinary skill in the technical field to which the present invention belongs from the following description. I will be able to.

In order to achieve the above or other objects, according to an aspect of the present invention, there is provided a system for performing verification of an electronic document, comprising: a main block chain comprising a plurality of main nodes; A sub-blockchain composed of a plurality of sub-nodes; A certificate request server that requests issuance of a certificate; And a certificate issuing server that generates a certificate in response to an issuance request from the certificate request server, wherein the certificate issuing server transmits a first transaction related to generation of the certificate to a first main node, The main blockchain transmits the first transaction received to the first main node to the sub-blockchain, and the certificate request server transmits a verification query of the first transaction to the first sub-node. It is characterized in that it provides a system for verifying the electronic document.

The effect of the authentication system according to the present invention will be described as follows.

According to at least one of the embodiments of the present invention, there is an advantage of improving the reliability of user authentication based on a block chain technology.

In addition, according to at least one of the embodiments of the present invention, in recording the authentication procedure from the authentication requesting authority as a block chain transaction, even if the number of authentication requesting authorities increases, there is an advantage that it can be recorded effectively and without problems without a bottleneck. have.

Further scope of applicability of the present invention will become apparent from the detailed description below. However, since various changes and modifications within the spirit and scope of the present invention can be clearly understood by those skilled in the art, specific embodiments such as the detailed description and preferred embodiments of the present invention should be understood as being given by way of example only.

1 is a diagram showing the structure of a block chain according to an embodiment of the present invention.
FIG. 2 is a diagram illustrating an extension relationship between a main block chain and a sub block chain according to an embodiment of the present invention.
3 is a diagram showing a procedure for verifying a document according to an embodiment of the present invention.
4 is a diagram illustrating a process of requesting a certificate between certification authorities according to an embodiment of the present invention.
5 is a diagram illustrating a user authentication procedure according to an embodiment of the present invention.

Hereinafter, exemplary embodiments disclosed in the present specification will be described in detail with reference to the accompanying drawings, but identical or similar elements are denoted by the same reference numerals regardless of reference numerals, and redundant descriptions thereof will be omitted. The suffixes "module" and "unit" for components used in the following description are given or used interchangeably in consideration of only the ease of preparation of the specification, and do not have meanings or roles that are distinguished from each other by themselves. In addition, in describing the embodiments disclosed in the present specification, when it is determined that a detailed description of related known technologies may obscure the subject matter of the embodiments disclosed herein, the detailed description thereof will be omitted. In addition, the accompanying drawings are for easy understanding of the embodiments disclosed in the present specification, and the technical idea disclosed in the present specification is not limited by the accompanying drawings, and all modifications included in the spirit and scope of the present invention It should be understood to include equivalents or substitutes.

Terms including ordinal numbers, such as first and second, may be used to describe various elements, but the elements are not limited by the terms. These terms are used only for the purpose of distinguishing one component from another component.

When a component is referred to as being "connected" or "connected" to another component, it is understood that it may be directly connected or connected to the other component, but other components may exist in the middle. Should be. On the other hand, when a component is referred to as being "directly connected" or "directly connected" to another component, it should be understood that there is no other component in the middle.

Singular expressions include plural expressions unless the context clearly indicates otherwise.

In the present application, terms such as "comprises" or "have" are intended to designate the presence of features, numbers, steps, actions, components, parts, or combinations thereof described in the specification, but one or more other features. It is to be understood that the presence or addition of elements or numbers, steps, actions, components, parts, or combinations thereof, does not preclude in advance.

Blockchain technology is currently being actively used in financial systems. Hereinafter, a method applied in the financial system will be described.

Blockchain is a core concept of decentralization, which aims for P2P (Peer to Peer) transactions, away from the existing financial system that secures and manages all transactions in financial institutions. P2P refers to a communication network that connects personal computers without a server or client, and each connected computer acts as a server and a client and shares information.

In the existing financial system, financial companies have kept transaction records on a central server, whereas in a block chain based on the P2P method, transaction information is stored in blocks and connected in sequence, which is shared by all participants.

Blockchain technology processing for the transaction process (transaction, transaction) in the financial system is performed as follows. ① A requests for a transaction, such as a request for remittance, to B. ② A block containing the transaction information is created. ③ When the block is transmitted to all participants on the network, the participants mutually verify the validity of the transaction information. ④ The transaction details that match the data of the majority of participants are checked with the normal ledger, and the verified block is linked to the previous block, and a copy is made and distributed to each user's computer. ⑤ A transfers money to B and the transaction is completed. At this time, all transactions that occur within a preset period (for example, about 10 minutes) can be generated as one block.

Through this process, by checking whether the data of the majority of participants match or not, the reliability of blocks can be secured even when creating blocks, as well as counterfeiting by storing copies of completed blocks individually in each computer (node). Makes it practically impossible.

In the proof system in the present invention, instead of the proof of the transaction used in the financial system as above, various actions related to the user's authentication and/or the first proof of the electronic document (hereinafter, all actions recorded in the blockchain are referred to as transactions. ).

Hereinafter, terms related to blockchain will be described.

· Block

A block is a unit that stores data and is divided into a body and a header. The body contains the transaction content, and the header contains encryption codes such as merkle hash (merclout) or nonce (an arbitrary number related to encryption). Blocks are created every about 10 minutes, and they are connected to the previous block to form a block chain while collecting transaction records and creating blocks to verify reliability. The block that starts here is called the genesis block. That is, the genesis block refers to the first block in which no block has been created before it.

· Node

Blockchain does not store and manage transaction records on a centralized server, but individual servers participating in transactions gather to maintain and manage the network. This individual server, or participant, is called a node. Since there is no central administrator, the role of the node distributing blocks is important, and a new block is created only when more than half of the participating nodes agree. Nodes store the blockchain in their computers, and even if some nodes are hacked and the existing contents are changed, data remains in multiple nodes, so data can be preserved continuously.

· Hash function

It is a function that produces results of the same length no matter what data is entered. It is unlikely that the resulting result will be duplicated, and it is difficult to inversely estimate the input value as the result value. For this reason, by comparing the hash values, it is possible to determine whether data has been changed. As for the hash function, SHA-2 (SHA 256) in a more advanced form came out after SHA (Secure Hash Algorithm)-1 was first devised, which is being used in the blockchain. SHA-2 results in 256 bits no matter what length value is entered.

1 is a diagram showing the structure of a block chain according to an embodiment of the present invention. FIG. 2 is a diagram illustrating an extension relationship between a main block chain and a sub block chain according to an embodiment of the present invention.

The proof system according to an embodiment of the present invention includes a main blockchain 110 in which at least two main nodes 111-1 to 111-3 participate and at least two sub-nodes 121-1 to 121-4 It may include a sub-blockchain 120 to participate in.

The main block chain 110 may form a main block at a preset cycle based on the main transaction, and the sub block chain 120 may form a sub block at a preset cycle based on the sub transaction. That is, the blocks generated between the main blockchain 110 and the sub-blockchain 120 are not connected to each other or a verification procedure is performed.

However, the main blockchain 110 and the sub-blockchain 120 may be selectively connected, and when selectively connected, a verification procedure may be required.

For example, as will be described later in detail below, when a certificate generating transaction occurs in the main blockchain 110, information on the corresponding transaction may be shared in the sub-blockchain. Based on the certificate generation transaction shared in this way, the sub-blockchain 120 may perform a verification query for the transaction.

In this way, the relationship between the blocks is blocked, but the main blockchain 110 and the sub-blockchain 120 may transmit and receive data by a connection node. At least one of the main nodes 111-1 to 111-3 participating in the main blockchain 110 is the main connection node 111-3, and the sub-nodes 121-1 to participating in the sub-blockchain 120 121-4), at least one is a sub-connection node 121-1, and the main and sub-connection nodes 111-3 and 121-1 are provided to connect the main and sub-block chains to each other.

In this case, being connected to each other may mean exchanging data.

In one embodiment of the present invention, it is proposed to exchange data between the connection nodes only under specific conditions. This is because the main blockchain is a private blockchain, and information stored in the main blockchain should not be disclosed to the outside.

For example, only data transmission/reception in the case of receiving only a preset query from the sub-blockchain 120 or replying to the preset query may be performed through the connection node. A preset query and a response thereto will be described in detail later.

According to an embodiment of the present invention, the main blockchain 110 may be a private blockchain. That is, the main nodes 111-1 to 111-3, which are nodes of the main blockchain 110, are not disclosed to anyone, and only authorized or designated organizations can participate.

On the other hand, the sub-blockchain 120 may be a private blockchain or a public blockchain. Although it is not completely blocked, it may be a private blockchain in a broad sense, where only verified or authenticated subjects (pre-set some subjects) can participate in a limited manner. Accordingly, the sub-nodes 121-1 to 121-4, which are nodes of the sub-blockchain 120, may participate in additional sub-nodes 122-1, 122-2, ....

In this way, the main block chain 110 and the sub block chain 120 are separated because security for the proof system is required. According to the blockchain technology, all transactions are open to the public, because user authentication or the contents of the document itself must not be disclosed to the public. For example, the certificate of graduation should be disclosed only to the recipient organization (e.g., a company wishing to receive a certificate for the applicant) requested by the requestor (e.g., an applicant from a company), and to a company other than that recipient, This is because it is information that should not be disclosed to third parties such as financial institutions or others.

Another reason why the main blockchain 110 and the sub-blockchain 120 are separated is to secure the scalability of the recipient institution. In the case of the main blockchain 110, since it is a private blockchain whose contents should not be disclosed, it is bound to be limited in terms of its scalability.

If a company that wants to participate as a node of the block chain additionally occurs, the system according to an embodiment of the present invention is provided to participate in the node of the sub-block chain.

A plurality of organizations (hereinafter referred to as recipient organizations) requesting user authentication or document authentication may correspond to the sub-nodes 121-1 to 121-4. That is, the recipient organization may be matched to and connected to one sub-node, and one recipient organization may be connected to one sub-node.

On the other hand, in the main blockchain 110, a certification authority may be connected to at least one of the plurality of main nodes 111-1 to 111-3. In other words, one integrated certification authority can use multiple nodes.

Furthermore, the sub-blockchain 120 can expand the number of blockchains themselves. As shown in FIG. 2, a plurality of sub-blockchains 120-1, 120-2, 120-3, ... may be connected to one main blockchain 110 to operate. At this time, the main connection node 111-3 of the main blockchain 110 is in a '1 to many' relationship with a plurality of sub-connection nodes (121-1, 130-1, 130-2 in FIG. 2). Each could be connected.

Hereinafter, a specific method of performing document authentication and user authentication based on this structure of the present invention will be described.

3 is a diagram showing a procedure for verifying a document according to an embodiment of the present invention.

The certificate request server 391 may mean a server managed by a recipient organization (or individual) that wants to check the authenticity of a document related to the requester 390, for example, the certificate request server 391 It is a server operated by a company, and the requestor 390 may be an applicant who applies for employment in the company, and a graduation certificate to check the academic information of the requester 390 through the certificate request server 391 in the company You can assume a situation where you want to check the authenticity of.

The certification institution 393 refers to a subject that performs the corresponding certification, and in the example above, the requestor 390 may be a university bachelor's certificate or academic certificate system. It will be apparent that the term “certification authority 393” used in the present invention is only a term used to make the concept easier to understand, and can be interpreted as a device, system, or server operated by the certification authority 393.

The certificate issuing server 392 is an organization for collectively managing certification-related procedures of a plurality of certification authorities 393, and refers to a subject that issues the matters certified by the certification authority 393 as encrypted documents. . For example, if each of a number of universities is the certification authority 393, the certificate issuing server 392 may play a role of integrating the contents verified/certified by the numerous universities, encrypting it, and issuing it as a certificate.

However, the present invention is not limited to generating certificates directly by the certificate issuing server 392, and the case where certificates are issued by a plurality of certification authorities 393 and the collection and management of the issued certificates is also included in the present invention. will be.

In addition, the certificate issuing server 392 may be provided separately from the certification authority 393, but may be provided as a single organization without being distinguished from the certification authority 393.

The term server used in the detailed description for carrying out the present invention is a term including all devices capable of transmitting and receiving data online and offline, and the content of the present invention is not limited to the term server itself.

In addition, the term “certificate” in the specific content for carrying out the present invention is a term encompassing all electronic documents that can be issued, distributed, and stored electronically.

According to the existing certification system, the requestor 390 directly requests a graduation certification document from the certification authority 393 or the certificate issuing server 392 to print the graduation certification document through a printer and print the graduation certification document output to the recipient institution. Confirmed by the method of submission.

According to such an existing certification system, there was always a risk of forgery and alteration in the process of the requester printing the document and submitting it to the recipient agency.

However, in an embodiment of the present invention, based on the request of the requestor 390, an institution that wants to verify the certificate using blockchain technology (for example, a company that wants to check the registration information of the requestor) We propose a method of carrying out and delivering requests for direct certificate issuance.

In step S301, the requester 390 requests the certificate request server 391 to generate a document (certificate) that he or she wants to prove. In step S302, the certificate request server 391 delivers the request to the certificate issuing server 392. In step S303, the certificate issuing server 392 designates the name of the certificate file to be generated, and returns the designated file name to the certificate request server 391.

In step S304, the certificate issuing server 392 transmits a request for generating a certificate to the certification authority 393. The certification authority 393 may generate a certificate based on the received request. Subsequently, the certificate issuing server 392 transfers the transaction for generating the certificate to the node of the main blockchain 110 (S305). The transferred transaction may be stored in the main block as described above, and further, may be selectively transmitted to the sub-blockchain 120 and stored in the sub-block.

Furthermore, it is proposed that the transaction according to an embodiment of the present invention be transferred to a sub-chain and stored as a sub-block. This is because the verification is performed in step S307 to be described later. In this case, the transaction may be transmitted through a connection between the main connection node 111-3 and the sub connection node 121-1. That is, the transaction for generating the certificate may be recorded in the sub-block of the sub-blockchain sequentially through the main connection node 111-3 and the sub-connection node 121-1.

In step S306, the certificate request server 391 continuously checks the generated contract with the certificate issuing server 392. That is, based on the file name returned in step S303, it is continuously checked whether a certificate having the corresponding file name has been generated. If it is confirmed that the certificate is generated, a verification query is transmitted to see if the certificate has been generated through the sub-blockchain 120 (S307). In other words, it is to check whether the certificate was generated correctly.

In this case, the checking process (S307) may be performed based on the contents stored in the sub-block. That is, a transaction for generating a certificate is stored in a subblock, and verification is performed by checking the transaction recorded in the subblock.

The confirmation result, which is a response to the query, may be returned to the certificate request server 391 again.

Then, the generated certificate is transmitted to the certification authority 393, the certificate issuing server 392, and the certificate request server 391 through steps S308 and S309, so that the certificate request server 391 can receive (download) it. Upon completion of receipt of the certificate, the certificate request server 391 transmits a transaction for completion of receipt to the sub-node 121-4 in step S310. The transmitted transaction will be stored in the sub-block of the sub-blockchain 120.

Subsequently, in step S311, the requester 390 receives (downloads) a certificate from the certificate request server 391. The certificate request server 391 transmits a transaction for issuing a certificate (i.e., completion of delivery to the requester) to the sub-node 121-4 of the sub-blockchain 120 (step S312) and stores it in the sub-block. There will be. In addition, it is possible to transfer not only the completion of the transfer of the certificate, but also all operations such as copying, destruction, or transfer of the certificate as a transaction to the sub-node 121-4.

According to the procedure in FIG. 3, the certificate request server 391 receiving the certificate can verify with high reliability whether the received certificate has been correctly generated, and the requester 390 receives the generated certificate by the receiving organization. It has the advantage of being able to check with high reliability whether it has been done, whether it is delivered to a third party, or whether it is destroyed.

4 is a diagram illustrating a process of requesting a certificate between certification authorities according to an embodiment of the present invention.

In some cases, it may be necessary to issue certificates between certification authorities. For example, if a student at University A applies for credit transfer to University B, or is going to graduate school at University B, then University B may require proof of whether or not he is attending University A. Since the certification authorities collectively manage the contents of the certificate issuance through the certificate issuing server 392 described above, the procedure of FIG. 3 can be performed slightly differently.

4 shows a process of requesting a certificate from the first certification authority 393-1 to the second certification authority 393-2 based on the requestor's request. In other words, in the example above, if a student who wants to apply for credit exchange makes a request to University B as a requester, University B may become the first certification institution (393-1), and the requestor is currently attending University A Can become the second certification body (393-2).

In step S401, the first certification authority 393-1 transmits a request to generate a certificate to the certificate issuing server 392. Next, the certificate issuing server 392 designates the name of the certificate file to be generated, and returns the designated file name to the first certification authority 393-1. In step S403, the certificate issuing server 392 transmits a certificate generation request to the second certification authority 393-2, and the second certification authority 393-2 generates the requested certificate.

When a certificate is generated, the certificate issuing server 392 may transmit a transaction for generating the certificate to the main node of the main blockchain 110.

In step S405, the first certification authority 393-1 continuously checks the creation contract with the certificate issuing server 392. Based on the file name returned in step S402, it is continuously checked whether a certificate having the corresponding file name has been generated.

In step S406, the second certification authority 393-2 transmits the generated certificate to the certificate issuing server 392. Upon receiving the certificate, the certificate issuing server 392 generates a transaction for receiving the certificate, and transmits it to the main node of the main block chain 110 (step S407).

Subsequently, the certificate issuing server 392 delivers the received certificate to the first certification authority (step S408). Then, upon completion of the certificate transfer, a transaction for certificate transfer is generated and transferred to the main node of the main blockchain 110 (step S409).

In the following, a process of performing user authentication using blockchain technology will be described.

5 is a diagram illustrating a user authentication procedure according to an embodiment of the present invention.

The authentication request server 591 may refer to a server that attempts to perform authentication for the requestor 390, and for example, may refer to a server of a homepage to which the requestor 390 wishes to subscribe.

The certification body 393 ′ refers to a subject that performs authentication for the requester 390, for example, the authentication request server 591 provides academic information (attendance, graduation, etc.) for the requester 390. ) Certification may be requested from the certification authority 393'. In this case, the certification body 393 ′ may be a system of university bachelor's certificate or academic record certificate from which the requestor 390 graduated. The certification authority 393 ′ may be an organization belonging to the certification authority 393 described above in FIGS. 3 and 4, or may be an organization separate from the certification authority 393.

The integrated authentication server 592 refers to a subject for collectively managing procedures related to user authentication of a plurality of authentication authorities 393'. For example, if each of a number of universities is an authentication authority 393', the integrated authentication server 592 may play a role of integrating authentications performed at numerous universities, encrypting them, and issuing them as user identification information.

In step S501, the requester 390 may request the authentication request server 591 to generate user identification information, and in step S502, the authentication request server 591 may forward this request to the integrated authentication server 592. have.

The integrated authentication server 592 may transmit the transaction for the above request to the main blockchain 110 (step S503).

The integrated authentication server 592 receiving the request to generate user identification information transmits the request back to the authentication authority 393', and the authentication authority 393' performs user authentication (step S504) based on the received request. can do. In the user authentication step of S504, the authentication authority 393' may search the database for the requester 390 and perform the authentication operation. For example, the requestor 390 is a university student, and the certification body 393' is a corresponding university registration system, and through a registration database inquiry, the requestor 390 performs registration authentication, and the result of the performance is integrated with the authentication server. It can be delivered to (592).

The integrated authentication server 592 may generate user identification information for a user whose authentication has been completed, and transmit a transaction for the generation of user identification information to the main node of the main blockchain (step S505). Here, the user identification information may refer to a unique code assigned to the requester 390, and may refer to a user ID (Identication information) or a token value (token value). At this time, the subject generating the user identification information may be the integrated authentication server 592, but the authentication authority 393' may generate user identification information and transmit it to the integrated authentication server 592.

Meanwhile, in the system according to an embodiment of the present invention, as in step S503, a transaction for a request is sent to the first main node 111-1, and a transaction for generating identification information is a second main node 111- It is proposed to block by passing to 2) The transaction for generating identification information may eventually be an authentication response to the S503 request.

In a blockchain system, at least 3 nodes are basically required. This is because the verification of the newly created block is performed at all nodes together, and a new block can be generated only when the verification result exceeds the majority, and two nodes cannot form a majority result. Therefore, the main blockchain 110 shown in FIG. 5 also requires at least three nodes.

Since the integrated authentication server 592 plays a role of integrating authentication procedures for numerous authentication authorities 393', there is a concern that a bottleneck may occur. Accordingly, in the present invention, the types of transactions that may occur in the integrated authentication server 592 are classified, and one type of transaction is assigned to the first main node 111-1, and the other type of transaction is assigned to the second main node ( 111-2). In other words, due to the nature of the blockchain in which at least three nodes must be formed, it is intended to allocate roles among nodes to alleviate bottlenecks.

The integrated authentication server 592 may transmit the user identification information generated in step S506 to the authentication request server 591. The authentication request server 591 may transmit a transaction for receiving user identification information to a sub node of the sub-blockchain (step S507).

Then, in step S508, the user identification number may be transmitted to the requester 390, or a notification (guide) may be given to the fact that the user identification number has been issued.

The embodiment of the proof system and its control method according to the present invention has been described above, but this is described as at least one embodiment, and the technical idea of the present invention and its configuration and operation are not limited thereto, The scope of the technical idea of the present invention is not limited/limited by the drawings or the description referring to the drawings. In addition, the concepts and embodiments of the invention presented in the present invention may be used by those of ordinary skill in the art as a basis for modifying or designing other structures in order to perform the same object of the present invention. , Modified or changed equivalent structure by a person of ordinary skill in the technical field to which the present invention belongs is bound by the technical scope of the present invention described in the claims, and the spirit or scope of the invention described in the claims Various changes, substitutions, and changes are possible within the limit that does not deviate.

Claims (14)

In a system for issuing electronic documents,
A main blockchain consisting of a plurality of main nodes;
A sub-blockchain composed of a plurality of sub-nodes;
A certificate request server that requests issuance of a certificate; And
Including a certificate issuing server for generating a certificate in response to the issuance request from the certificate request server,
The main blockchain is a private blockchain,
The main block chain generates a main block at a preset cycle, the sub block chain generates a sub block at a preset cycle, and the generated main block and the sub block are connected to each other or no verification procedure is performed,
At least one of the plurality of main nodes is a main connection node,
At least one of the plurality of sub-nodes is a sub-connection node,
The main and sub connection nodes are connected to exchange data between the main and sub blockchains,
The main blockchain and the sub-blockchain are connected through the main and sub-connected nodes only under predetermined conditions and when data transmission/reception is blocked from each other,
The certificate issuing server transmits a first transaction related to the generation of the certificate to a first main node,
The main blockchain forms a main block based on the received first transaction,
The main blockchain transfers the first transaction received to the first main node to the sub-blockchain through the connection of the main and sub-connected nodes,
The sub-blockchain forms a sub-block based on the received first transaction,
The certificate request server transmits a verification query of the first transaction to a first sub-node,
The first sub-node, which has received the verification query, performs verification on the first transaction based on the first transaction stored in the sub-block,
Characterized in that the response (response) the performed verification result to the certificate request server,
Electronic document issuing system. delete delete delete delete The method of claim 1,
When the certificate request server receives the generated certificate, it transmits a second transaction for certificate reception to the first sub-node,
The sub-blockchain is characterized in that to form a sub-block based on a second transaction received by the first sub-node,
Electronic document issuing system. The method of claim 6,
The certificate request server, characterized in that for transmitting an operation related to issuance, destruction, etc. of the received certificate to the first sub-node in a third transaction,
Electronic document issuing system.
A main blockchain composed of a plurality of main nodes, a sub-blockchain composed of a plurality of sub-nodes, a certificate request server that requests issuance of a certificate, and a certificate issuing server that generates a certificate in response to an issuance request from the certificate request server. In the control method of a system for issuing an electronic document comprising a,
The main blockchain is a private blockchain,
The main block chain generates a main block at a preset cycle, the sub block chain generates a sub block at a preset cycle, and the generated main block and the sub block are connected to each other or no verification procedure is performed,
At least one of the plurality of main nodes is a main connection node,
At least one of the plurality of sub-nodes is a sub-connection node,
The main and sub connection nodes are connected to exchange data between the main and sub blockchains,
The main blockchain and the sub-blockchain are connected through the main and sub-connected nodes only under predetermined conditions and when data transmission/reception is blocked from each other,
Transmitting, by the certificate issuing server, a first transaction related to generation of the certificate to a first main node;
Forming, by the main block chain, a main block based on the received first transaction;
The main blockchain, transmitting the first transaction received to the first main node to the sub-blockchain through the connection of the main and sub-connected nodes; the sub-blockchain, the first transaction received Forming a sub-block based on the;
The certificate request server, transmitting a verification query of the first transaction to a first sub-node;
Performing, by the first sub-node receiving the verification query, verifying the first transaction based on the first transaction stored in the sub-block; And
It characterized in that it comprises the step of replying (response) the performed verification result to the certificate request server,
Control method of electronic document issuing system. delete delete delete delete The method of claim 8,
Transmitting, by the certificate request server, a second transaction for receiving a certificate to the first sub-node upon receiving the generated certificate; And
The sub-blockchain further comprises the step of forming a sub-block based on a second transaction received by the first sub-node,
Control method of electronic document issuing system. The method of claim 13,
The certificate request server, further comprising the step of transmitting an operation related to issuance, destruction, etc. of the received certificate to the first sub-node in a third transaction,
Control method of electronic document issuing system.

Images