KR102193608B1 - A drone security management system and method based on drone certification with convergence block chain - Google Patents

Abstract

According to one embodiment of the present invention, a drone security management system based on drone certification with a convergence blockchain applied thereto comprises: a drone of which an operation is activated based on drone certification information; a control terminal which controls the operation of the drone based on the drone certification information; and a drone security management server which monitors networking between the drone and the control terminal and positions of the drone and the control terminal, distributes, stores, and manages hash values of the drone certification information in a private blockchain, a public blockchain, or consortium blockchain according to a subject that has registered the drone certification information, and distributes, stores, registers, and manages management and operation information generated in the drone and the control terminal registered under the name of the subject in the corresponding blockchain. When a drone certification error is transmitted from any one of the drone and the control terminal, the drone security management server provides robbery/loss information to the terminal registered by the subject and then blocks networking and Bluetooth pairing between the drone and the control terminal, and the drone certification information is any one of pieces of bio information including iris, face, fingerprint, vein, and voice or at least one combination thereof or includes a certificate, a security number, a hash value, and the like. According to the present invention, it is possible to more systematically manage the drone.

Description

A drone security management system and method based on drone certification with convergence block chain.

The present invention relates to a drone security management system and method based on drone authentication to which a convergence block chain is applied.

Drones are drones that can fly and manipulate by induction of wireless electromagnetic waves, and can also incorporate artificial intelligence technology. Drones were initially used for military use for reconnaissance purposes, but they are gradually being used as attack weapons to destroy enemies by equipping various weapons. These drones are recently used for commercial purposes as drones with various types and performances depending on the purpose of use. As the era of the 4th industrial revolution enters, the drone industry is emerging as one of the core industries of the future. In particular, the core application fields where drones are used are not only various military weapons fields, but also logistics, information and communication, agriculture and fisheries, and atmosphere. Observation, public transportation, daily life, leisure, etc. In addition, in the field of filming such as broadcast movies, disaster safety, infrastructure inspection such as bridges, steel towers, construction sites, cadastral surveys, coastline surveys, 3D mapping, acquisition of geospatial information, and agriculture, including pesticide spraying and growth status checks. Until now, the scope of use of drones is expanding.

At this time, a method of providing various services using drones has been researched and developed. In this regard, Korean Patent Publication No. 2019-0110189 (published on September 30, 2019) and Korean Patent Publication No. 2018-0115938 ( On October 24, 2018), when the drone rental management application is activated through the user terminal, the location information of the user terminal is collected, information on the drone station located near the user terminal is provided, and drone station selection When information is entered, information on drones that can be rented is provided, and when reservation input information is entered, a configuration that provides reservation confirmation information for the entered drone, authentication for the user who requested the drone service provision, and drone service Identify the type of mission related to the request for provision, the location to perform the mission, and the drone to perform the mission, maneuver the target drone to perform the mission, provision the information required for the mission to the target drone, and perform the mission Each of the configurations for collecting information acquired during the mission of the target drone after being dispatched to the site is disclosed.

However, most people who only want to use drones without purchasing drones are ordinary people, not experts, so even if they rent it, they do not know how to control and are not familiar with it, so they cannot control and manipulate suitable for the purpose.

In addition, in order to use a drone, permission and approval from a licensing agency are required, and documents accordingly cannot be properly prepared. Therefore, there is no platform that can solve related services in a one-stop way, even though customers cannot use it properly by simply renting a drone.

In addition, accidents often occur in which the drones that were rented due to high wind speeds when renting without seeing or considering the weather, such as weather conditions, fall. Accordingly, research and development of a platform that comprehensively provides drone-related services is required.

Registered Patent No. 10-1802811

An object to be solved by the present invention is to provide a drone security management system and method based on drone authentication to which a fusion blockchain is applied that can solve the conventional problem.

A drone security management system based on drone authentication to which a fusion block chain is applied according to an embodiment of the present invention for solving the above problem includes: a drone whose operation is activated based on drone authentication information; A control terminal for controlling the operation of the drone based on the drone authentication information; And network docking information including the number of times of access between the drone and the control terminal, access time, and current location information, and the location of the drone and the control terminal, and a hash of the drone authentication information according to a subject registering the drone authentication information. A drone security management server that distributes and manages values in a private blockchain, public blockchain, or consortium blockchain, and registers and manages operation and operation information generated by drones and control terminals registered under the subject name in the corresponding blockchain. Including, the drone security management server, when a drone authentication error is transmitted from any one of the drone and the control terminal, after providing theft/lost information to the terminal registered by the subject, networking between the drone and the control terminal, Bluetooth The pairing is blocked, and the drone authentication information is any one or a combination of at least one of bio-information including iris, face, fingerprint, vein, and voice, or includes a certificate, security number, hash value, and the like.

The drone and the control terminal are characterized in that the user authentication information is processed into a hash value based on a hash function and then stored in a blockchain encrypted electronic wallet.

When a preset situation occurs, the drone and the control terminal temporarily release the security lock function set to activate the operation with the drone authentication information, and then provide the event situation information to the terminal set by the user in a short-range communication method. To do.

The drone security management server is characterized by registering and managing a hash value based on a hash function of drone authentication information registered by the company, organization or group in a consortium block chain when the subject of using the drone is a company or institution.

The drone security management server is characterized by registering and managing a hash value based on the hash sum of the isoron authentication information registered by the user in a private blockchain or a public blockchain, when the subject of using the drone is an individual.

The control terminal is characterized by controlling the flight of the drone after performing network docking with the drone based on drone authentication information.

The drone security management server is characterized in that it checks whether the drone is stolen based on drone confirmation information and network docking, interlocking, or Bluetooth pairing information transmitted from the control terminal.

When a report of loss or theft is received from a user terminal or a drone device, the drone security management server stores the location, altitude, route, recorded, and recorded data recorded by the drone from the time it is recognized as theft or loss to the time the report is received. It is characterized in that it is provided to the terminal.

The control terminal transmits the network docking information to the drone security management server, and when the user fails to authenticate for a predetermined number of times, transmits the current location information and the theft report information to the drone security management server.

The drone is characterized in that, after generating flight record information for flight speed, acceleration, rotation angle, position and altitude, it is provided to the control terminal and the drone security management server.

When the drone detects a preset dangerous situation, it automatically operates according to the preset manual and performs manual operation according to the situation, and the preset dangerous situation is the location, altitude, route according to the abnormal weather, electromagnetic wave, capture, external situation, etc. It is characterized by any one of departure and strategy, tactics, and command errors.

The control terminal controls the flight of the drone in one of a personal control flight mode and a multi-party control flight mode, and in the multi-party control flight mode, at least one or more users located within a preset radius access the same drone and correspond to a relay method. It is characterized by performing a multi-access control function for controlling (adjusting) the drone.

The control terminal provides the ID of at least one sub-control terminal to control the drone in a relay method to the drone security management server, and the drone security management server is transmitted from the control terminal when the multi-person control flight mode is selected. A multi-party network connection approval, information and Bluetooth pairing connection approval, a virtual network group IP is generated and transmitted based on the information, and the connection information and GPS location information of the transmitted virtual network group IP are checked in real time. To do.

In order to solve the above problems, the drone security management method based on drone authentication to which a fusion block chain is applied according to an embodiment of the present invention is provided in the drone security management server according to the registration request of the user terminal, drone information, control terminal information, and drones. Registering and storing drone authentication information for activating the control terminal in a block chain; Monitoring the loss/theft of the drone and the control terminal in real time by the drone security management server; When a theft/lost message is received from the user terminal, the location, recorded, and recorded data recorded by the drone are provided to the user terminal from the time it is recognized as stolen or lost to the time the report is received, and distributed and stored in the blockchain. In the registering step, the hash value of the drone authentication information is distributed and stored and managed in a private blockchain, a public blockchain, or a consortium blockchain according to the subject who registered the drone authentication information, and the operation generated by the drone and the control terminal registered under the subject name And registering and managing the operation information distributedly stored in the corresponding block chain, wherein the drone security management server is stolen/lost to the terminal registered by the subject when a drone authentication error is transmitted from one of the drone and the control terminal. After providing the information, the network docking, interlocking, or Bluetooth pairing information between the drone and the control terminal is blocked, and the drone authentication information includes any one or at least one of bio-information including iris, face, fingerprint, vein, and voice. It is characterized by including a combination or certificate, security number, hash value.

When using the drone security management system and method based on drone authentication to which the fusion blockchain is applied according to an embodiment of the present invention, network docking between the drone and the control terminal (control terminal) based on the drone authentication to which the fusion blockchain is applied By implementing whether or not, even if the drone or the control terminal is stolen, the use of the stolen drone or the control terminal can be blocked.

In addition, if the drone security management system and method based on drone authentication to which the fusion block chain is applied according to an embodiment of the present invention is used, the network docking position and the Bluetooth pairing state between the drone and the control terminal are identified, thereby reaching a restricted flight area. It is possible to grasp the information of the appearing drone and the information of the user who used it in real time. This provides the advantage of being able to eradicate the illegal shooting behavior of secretly approaching and filming in military or private protection facilities.

In addition, the drone security management system based on drone authentication to which the fusion block chain is applied according to an embodiment of the present invention stores drone and drone authentication information in private, public, and consortium blockchains according to the registration subject and manages registration. There is an advantage that the drone management can be managed more systematically.

1 is a network configuration diagram of a drone security management system based on drone authentication to which a fusion block chain is applied according to an embodiment of the present invention.
2 is a block diagram of the drone shown in FIG. 1.
3 is a block diagram showing a detailed configuration of the control terminal shown in FIG. 1.
4 is an exemplary diagram of a color coordinate system used in an authentication processing unit.
5 is an exemplary view showing the relaxation and contraction distances of the iris and pupil used in the authentication processing unit.
6 is an exemplary diagram showing characteristic points of a fingerprint.
7 is a detailed configuration diagram of the drone security management server shown in FIG. 1.
8A to 8C are exemplary diagrams of a fusion blockchain applied to the present invention.
9A to 9D are exemplary diagrams for explaining a multilateral flight control process.
10 is a flowchart illustrating a drone security management method based on drone authentication to which a fusion block chain is applied according to an embodiment of the present invention.
11 is a diagram illustrating an exemplary computing environment in which one or more embodiments disclosed herein may be implemented.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those of ordinary skill in the art can easily implement the present invention. However, the present invention may be implemented in various different forms and is not limited to the embodiments described herein. In the drawings, parts irrelevant to the description are omitted in order to clearly describe the present invention, and similar reference numerals are assigned to similar parts throughout the specification.

Throughout the specification, when a part is said to be "connected" to another part, this includes not only "directly connected" but also "electrically connected" with another element interposed therebetween. . In addition, when a part "includes" a certain component, it means that other components may be further included, and one or more other features, not excluding other components, unless specifically stated to the contrary. It is to be understood that it does not preclude the presence or addition of any number, step, action, component, part, or combination thereof.

The terms "about", "substantially" and the like, as used throughout the specification, are used in or close to the numerical value when manufacturing and material tolerances specific to the stated meaning are presented, and are used in the sense of the present invention. To assist, accurate or absolute figures are used to prevent unfair use of the stated disclosure by unscrupulous infringers. As used throughout the specification of the present invention, the term "step (to)" or "step of" does not mean "step for".

In the present specification, the term "unit" includes a unit realized by hardware, a unit realized by software, and a unit realized using both. Further, one unit may be realized using two or more hardware, or two or more units may be realized using one hardware. Meanwhile,'~ unit' is not meant to be limited to software or hardware, and'~ unit' may be configured to be in an addressable storage medium or configured to reproduce one or more processors. Thus, as an example,'~ unit' refers to components such as software components, object-oriented software components, class components, and task components, processes, functions, properties, and procedures. , Subroutines, segments of program code, drivers, firmware, microcode, circuits, data, databases, data structures, tables, arrays and variables. The components and functions provided in the'~ units' may be combined into a smaller number of elements and'~ units', or may be further divided into additional elements and'~ units'. In addition, components and'~ units' may be implemented to play one or more CPUs in a device or a security multimedia card.

In this specification, some of the operations or functions described as being performed by the terminal, device, or device may be performed instead in a server connected to the terminal, device, or device. Likewise, some of the operations or functions described as being performed by the server may also be performed by a terminal, device, or device connected to the server.

In this specification, some of the operations or functions described as mapping or matching with the terminal means mapping or matching the unique number of the terminal or the identification information of the individual, which is the identification information of the terminal. Can be interpreted as.

In the present specification, an embodiment of the present invention is not limited to simply a drone, and may be used in the overall authentication part of the industry such as identity authentication, payment, contract, and transmission.

In the present specification, the term drone should be understood as a concept encompassing both manned aircraft and unmanned aircraft.

In this specification, the term service is not limited to platform services, and includes essential control and security systems that must be used in the entire drone control part in relation to defense (military) and civilian (flight flight, etc.).

In this specification, a drone is defined as a concept including both manned aircraft and unmanned aircraft.

Hereinafter, the present invention will be described in detail with reference to the accompanying drawings.

1 is a network configuration diagram of a drone security management system based on drone authentication to which a fusion block chain is applied according to an embodiment of the present invention, FIG. 2 is a configuration diagram of the drone shown in FIG. 1, and FIG. It is a block diagram showing the detailed configuration of the control terminal shown in, Figure 4 is an exemplary diagram of the color coordinate system used in the authentication processing unit, Figure 5 is an example showing the relaxation and contraction distances of the iris and pupil used in the authentication processing unit Fig. 6 is an exemplary diagram showing the characteristic points of a fingerprint, Fig. 7 is a detailed configuration diagram of the drone security management server shown in Fig. 1, and Figs. 8A to 8C are an example of a fusion block chain applied to the present invention. FIG. 9A to FIG. 9D are exemplary views for explaining a multilateral flight control process.

First, as shown in FIG. 1, the drone management system 100 based on user authentication to which a fusion block chain according to an embodiment of the present invention is applied includes a drone 200, a control terminal 300, and a drone management server ( 400).

At this time, you can add more platforms or servers for public blockchain, private blockchain, and consortium blockchain. However, since the drone security management system 100 based on drone authentication to which the fusion block chain of FIG. 1 is applied is only an embodiment of the present invention, the present invention is not limitedly interpreted through FIG. 1.

Communication between the components of the drone security management system 100 based on drone authentication to which the convergence blockchain is applied is satellite communication, LAN (Local Area Network), MAN (Metropolitan Area Network), GSM (Global System for Mobile Network). ), EDGE(Enhanced Data GSM Environment), HSDPA(High Speed Downlink Packet Access), W-CDMA(Wideband Code Division Multiple Access), CDMA(Code Division Multiple Access), TDMA(Time Division Multiple Access), Bluetooth(Bluetooth) , Zigbee, VoIP (Voice over Internet Protocol), LTE Advanced, IEEE802.16m, WirelessMAN-Advanced, HSPA+, 3GPP Long Term Evolution (LTE), Mobile WiMAX (IEEE 802.16e), UMB (formerly EV-DO Rev) C), Flash-OFDM, iBurst and MBWA (IEEE 802.20) systems, HIPERMAN, Beam-Division Multiple Access (BDMA), Wi-MAX (World Interoperability for Microwave Access), and an arbitrary selected from the group consisting of ultrasonic communication It can be done in a communication manner.

On the other hand, the network can provide an environment to enable communication between each configuration. For example, the TCP/IP protocol and various services existing in the upper layer, namely HTTP (Hyper Text Transfer Protocol), Telnet, FTP ( File Transfer Protocol), DNS(Domain Name System), SMTP(Simple Mail Transfer Protocol), SNMP(Simple Network Management Protocol), NFS(Network File Service), NIS(Network Information Service), etc. I can.

The drone 200 is an unmanned and/or manned aerodrome operated based on the user's drone authentication information, and includes a means for inputting or receiving the user's drone authentication information. Here, the drone authentication information may be bio-information including an iris, a face, a fingerprint, a vein, and a voice. The bio-information mentioned in the present invention may include all types of human body information that can be provided by a user in addition to iris, face, fingerprint, vein, and voice.

In addition, the drone 200 processes the user's biometric information into blockchain-based encryption information, and stores and manages the hash value in the encrypted information in the blockchain encryption electronic wallet. At this time, the drone 200 Encryption hash value for biometric information can be stored.

In addition, the drone 200 can perform short-range communication with the user terminal, and when a preset situation occurs, temporarily release the security lock function set to activate the operation with the drone authentication information, and then the user can use the short-range communication method. The event situation information can be provided to the set terminal.

In addition, the drone 200 may generate flight record information for flight speed, acceleration, rotation angle, position and altitude, and then provide it to the control terminal and the drone security management server.

In addition, when the drone 200 detects a preset dangerous situation, the drone 200 automatically operates according to a preset manual and performs manual operation according to the situation, and the preset dangerous situation is based on extreme weather, electromagnetic waves, capture, and external situations. It can be any one of location, altitude, path deviation and strategy, tactics, and command errors.

In addition, the drone 200 may provide an abnormal message to a user terminal and/or a control terminal when receiving an external shock.

In addition, the drone 200 may share flight data with other drones in a relay manner according to the command of the drone security management server 500 to be described later. The drone 200 may share flight data with other drones.

Meanwhile, the drone 200 may include a flight control device 201, a communication device 202, a drone authentication unit 203, and an electronic wallet 204.

Each of the flight control device 201, the communication device 202, the drone authentication unit 203, and the electronic wallet 204 may be physically and/or functionally independent devices.

That is, each device may receive power from an independent power source, and even if one of the devices does not operate, the other may operate normally.

The flight control device 201 is the flight of the drone 200 (eg, take-off/landing, altitude control, direction control, speed control) and functions (for example, according to a control signal for remote control received from the control terminal 300). Video shooting, temperature measurement, object capture, etc.) can be controlled. To this end, the flight control device 201 is a UHF/VHF/3G/4G/5G transceiver for communication with the control terminal 300, a power supply supplying operation power, a driving unit for controlling the flight of the drone, and performing functions. It may include a function control unit for.

Here, the driving unit may include a plurality of motors and propellers, and each motor may rotate a corresponding propeller at a speed determined by a control signal.

In addition, according to an embodiment, the flight control device 201 may further include a configuration capable of monitoring the flight control state of the drone 200 and transmitting the monitored result to the flight information processing server 500.

The communication unit 202 communicates with the control terminal 300 and the drone security management server 400 through a network. The network includes satellite communication, LAN (Local Area Network), MAN (Metropolitan Area Network), GSM (Global System for Mobile Network), EDGE (Enhanced Data GSM Environment), HSDPA (High Speed Downlink Packet Access), W-CDMA ( Wideband Code Division Multiple Access), CDMA (Code Division Multiple Access), TDMA (Time Division Multiple Access), Bluetooth, Zigbee, VoIP (Voice over Internet Protocol), LTE Advanced, IEEE802.16m, WirelessMAN- Advanced, HSPA+, 3GPP Long Term Evolution (LTE), Mobile WiMAX (IEEE 802.16e), UMB (formerly EV-DO Rev. C), Flash-OFDM, iBurst and MBWA (IEEE 802.20) systems, HIPERMAN, Beam-Division Multiple Access (BDMA), Wi-MAX (World Interoperability for Microwave Access), and may be performed in an arbitrary communication method selected from the group consisting of ultrasonic communication. On the other hand, the network can provide an environment to enable communication between each configuration. For example, the TCP/IP protocol and various services existing in the upper layer, namely HTTP (Hyper Text Transfer Protocol), Telnet, FTP ( File Transfer Protocol), DNS(Domain Name System), SMTP(Simple Mail Transfer Protocol), SNMP(Simple Network Management Protocol), NFS(Network File Service), NIS(Network Information Service), etc. I can.

Next, the drone authentication unit 203 may be configured to recognize and determine the user's biometric information.

The drone authentication unit 203 may include a first biometric unit, a second biometric unit, a third biometric unit, a fourth biometric unit, a fifth biometric unit, and a verification unit.

The first biometric recognition unit uses light whose brightness varies during a preset exposure time or light containing a specific pattern or letter or number to determine the location and shape of the user's face, eyes (iris), eyebrows, nose, mouth, and ears. It may be a configuration that recognizes information in a non-contact manner (see FIGS. 4 and 5).

The second biometric recognition unit may be configured to recognize the entire shape of the user's hand, the color and shape of the back of the hand, a finger fingerprint, a gap between a finger joint and a node, a shape of a fingernail, a location of a blood vein, and a wrinkle on the back of the hand by a contact method (see FIG. 6 ). ).

일 수 있다.The second biometric recognition unit may include a configuration (transparent panel) that is in contact with the fingers and palms of the hands and provides an optical path for acquiring fingerprints of the fingers and palm prints of the palms. Here, the transparent panel may be manufactured in a structure to be in close contact with a specific joint of a palm and a finger. For example, the shape of the first vertical cross section of the transparent panel may be manufactured in a ○ shape, a U shape, a b shape, or a c shape. In addition, the transparent panel may be a panel made of a flexible material having bending properties. In addition, the shape of the second vertical section is

Can be

The second biometric unit may include a configuration in which light having a short wavelength of 320 nm to 450 nm is irradiated under the transparent panel.

In addition, the second biometric recognition unit may include a plurality of sensors, and one of the plurality of sensors may be a sensor that detects the shape of the palm of the palm using light, and one of the sensors uses light or ultrasonic waves. It may be a sensor that detects wrinkles on the back of the hand and wrinkles such as fingers, and one of them may be a sensor that detects the shape of blood veins on the back of the hand using ultrasonic waves, and one of them may be a shape of a fingernail and a finger joint using light or ultrasonic waves. It may be a sensor that detects the shape of, and any one may be a sensor that detects the color of the back of the hand using light.

The third biometric recognition unit may be configured to recognize a user's voice, and more specifically, may be configured to recognize feature information (eg, a groove) according to a specific word utterance. Here, the characteristic information may be Mel-Frequency Cepstral Coefficients, Short Time Energy, Zero Crossing Rate, Spectral Rolloff, Spectral Flux, Spectral Centroid of the user's voice.

The fourth biometric recognition unit may be configured to recognize motion information of a user, and may be configured to recognize a motion of a user based on an image or a motion of a drone according to a motion of the user. Here, the fourth biometric recognition unit may include a gyro sensor or the like for detecting a user's movement.

The fifth recognition module (not shown) may be configured to recognize genes from saliva of a user.

Next, the verification unit may be configured to determine whether the biometric information provided by the user is identical to the previously registered biometric information.

Next, the blockchain encryption unit 204 converts the drone authentication information into a hash value based on a hash function according to the user, and then converts the drone authentication information to the blockchain encryption electronic wallet to block the leakage of the drone authentication information from external hacking. It may be a configuration that registers and stores. The drone authentication information is any one or a combination of at least one of bio-information including iris, face, fingerprint, vein and voice, or includes a certificate, a security number, and a hash value.

Here, the blockchain encryption unit 204 registers and manages the hash value based on the hash function of the drone authentication information registered in the consortium blockchain in the consortium block chain when the drone user is a company or institution, and , If the drone's user is an individual or private group, a hash value based on the hash sum of the isoron authentication information registered by the user is registered and managed in a private blockchain or a public blockchain.

Here, a detailed description of private, public and consortium blockchains will be described later.

Meanwhile, the drone 200 may be designed to receive user authentication information from a control terminal or a user terminal that is an external terminal.

That is, the drone 200 may form a two-way network between the control terminal 300 and the user terminal. In addition, user authentication information and control information transmitted to the drone 200 may be provided in combination with a block chain and hard setting technology for security.

3 is a block diagram showing a detailed configuration of the control terminal shown in FIG. 1.

As shown in Figure 3, the control terminal 300 disclosed in the present invention is linked to the drone using a web page, app page, program or application related to a drone management service based on a convergence block chain, and a flight required to control the drone It may be a terminal that receives and outputs data, weather data, and location data.

In addition, the control terminal 300 may be a terminal that sets personal or public drone authentication data for accessing the drone in order to control the drone 200.

And, the control terminal 300 may be any one node constituting a public blockchain, a private blockchain, or a consortium blockchain, and the initial generated key generated after setting personal or public drone authentication data is a drone security management server. It may be a terminal provided and stored from 500.

Here, the control terminal 300 may be implemented as a computer that can access a remote server or terminal through a network. Here, the computer may include, for example, a navigation system, a notebook equipped with a web browser, a desktop, a laptop, and the like. The control terminal 300 may be implemented as a terminal capable of accessing a remote server or terminal through a network. The control terminal 300, for example, as a wireless communication device that is guaranteed portability and mobility, navigation, PCS (Personal Communication System), GSM (Global System for Mobile communications), PDC (Personal Digital Cellular), PHS ( Personal Handyphone System), PDA (Personal Digital Assistant), IMT (International Mobile Telecommunication)-2000, CDMA (Code Division Multiple Access)-2000, W-CDMA (W-Code Division Multiple Access), Wibro (Wireless Broadband Internet) terminal , All kinds of handheld-based wireless communication devices, such as a smartphone, a smart pad, and a tablet PC.

The control terminal 300 may be configured to control the flight operation of the drone 200 by performing network access with the drone 200 based on drone authentication information, which is the user's biometric information.

In addition, the control terminal 300 may include at least one recognition means capable of identifying at least one of bio-information such as facial information, eye information, blood vein information, fingerprint information, saliva information, etc. have.

In addition, the control terminal 300 processes the user's biometric information into a hash value based on a hash function, and then stores and manages the user's biometric information in a blockchain-encrypted electronic wallet.

In addition, when a preset situation occurs, the control terminal 300 temporarily releases the security lock function set to activate the operation with drone authentication information, and then provides the event situation information to the terminal set by the user in a short-range communication method. do.

In addition, the control terminal 300 registers and manages a hash value based on the hash function of the drone authentication information registered by the company, institution, or group in the consortium blockchain in the case that the drone user is a company or institution, and the drone If the user of is an individual, a hash value based on the hash sum of the isometric authentication information registered by the user is registered and managed in a private blockchain or a public blockchain.

In addition, the control terminal 300 may be a terminal that controls the flight of the drone after performing network docking with the drone based on drone authentication information.

In addition, the control terminal 300 transmits network docking information (access number, access time, current location information) to the drone security management server, and if the user fails to authenticate during a preset number of times, the current location information and the theft report The information is transmitted to the drone security management server.

In addition, the control terminal 300 may be a terminal that performs a multi-access control function in which at least one or more users located within a preset radius access the same drone and control (adjust) the drone in a relay manner.

In addition, the control terminal is a repeater function that relays control information and flight information transmitted from the flight control device 201 and the flight record transmission device 202 of the drone to a flight information processing server to be described later when a network connection with the drone is connected. You can also do

In addition, the control terminal 300 controls the flight of the drone in one of a personal control flight mode and a multi-person flight mode, and in the multi-party control flight mode, at least one or more users located within a preset radius access the same drone. Thus, it may be a terminal that performs a multi-access control function for controlling (adjusting) the drone in a relay manner. Here, the control terminal may provide the ID of at least one sub-control terminal to control the drone in a relay manner to the drone security management server when the multi-person control flight mode is selected.

More specifically, the control terminal 300 includes an operation unit 310, an authentication unit 320, a network docking unit 330, a communication unit 340, a display unit 350, a multi-connection control unit 360, and a block chain encryption unit. Includes 370.

The operation unit 310 may be provided with a pair of control sticks for controlling the operation of a plurality of rotational actuators of the drone, and provides a flight control signal of the drone according to the angle and displacement according to the operation of the pair of control sticks.

As an example, of a pair of control sticks, one of the control sticks generates a flight control signal required for rotation of the drone based on the Z-axis or movement in the Z-axis direction for lifting and lowering the aircraft, but manipulating one control stick. The displacement value according to is reflected in the flight control signal in direct proportion to the rotational speed based on the Z-axis of the aircraft or the moving speed in the Z-axis direction for elevation.

In addition, the control stick on the other side generates a flight control signal required for movement in the forward/backward (Y-axis) left/right (X-axis) direction based on the Z-axis, but the displacement value according to the operation of the other control stick is the speed of movement of the aircraft 11 It is reflected in the flight control signal in direct proportion to.

Next, the authentication unit 320 may include a plurality of authentication means for identifying at least one or more of biometric information, motion information, and voice information provided by the user.

Also, the authentication unit 320 may receive and set the authentication order of a plurality of authentication modules from a user. For example, ① biometric information recognition → ② motion information recognition → ③ voice recognition can be performed in the order of authentication, and authentication in an order other than the above-described order or additional authentication methods can be applied.

More specifically, the authentication unit 320 may include a plurality of biometric information recognition units.

The first biometric recognition unit uses light whose brightness varies during a preset exposure time or light containing a specific pattern or letter or number to determine the location and shape of the user's face, eyes (iris), eyebrows, nose, mouth, and ears. It may be a configuration that recognizes information in a non-contact manner (see FIGS. 4 and 5).

The second biometric recognition unit may be configured to recognize the entire shape of the user's hand, the color and shape of the back of the hand, a finger fingerprint, a gap between a finger joint and a node, a shape of a fingernail, a location of a blood vein, and a wrinkle on the back of the hand by a contact method (see FIG. 6 ). ).

일 수 있다.The second biometric recognition unit may include a configuration (transparent panel) that is in contact with the fingers and palms of the hands and provides an optical path for acquiring fingerprints of the fingers and palm prints of the palms. Here, the transparent panel may be manufactured in a structure to be in close contact with a specific joint of a palm and a finger. For example, the shape of the first vertical cross section of the transparent panel may be manufactured in a ○ shape, a U shape, a b shape, or a c shape. In addition, the transparent panel may be a panel made of a flexible material having bending properties. In addition, the shape of the second vertical section is

Can be

The second biometric unit may include a configuration in which light having a short wavelength of 320 nm to 450 nm is irradiated under the transparent panel.

In addition, the second biometric recognition unit may include a plurality of sensors, and one of the plurality of sensors may be a sensor that detects the shape of the palm of the palm using light, and one of the sensors uses light or ultrasonic waves. It may be a sensor that detects wrinkles on the back of the hand and wrinkles such as fingers, and one of them may be a sensor that detects the shape of blood veins on the back of the hand using ultrasonic waves, and one of them may be a shape of a fingernail and a finger joint using light or ultrasonic waves. It may be a sensor that detects the shape of, and any one may be a sensor that detects the color of the back of the hand using light.

The third biometric recognition unit may be configured to recognize a user's voice, and more specifically, may be configured to recognize feature information (eg, a groove) according to a specific word utterance. Here, the characteristic information may be Mel-Frequency Cepstral Coefficients, Short Time Energy, Zero Crossing Rate, Spectral Rolloff, Spectral Flux, Spectral Centroid of the user's voice.

The fourth biometric recognition unit may be configured to recognize motion information of a user, and may be configured to recognize a motion of a user based on an image or a motion of a drone according to a motion of the user. Here, the fourth biometric recognition unit may include a gyro sensor or the like for detecting a user's movement.

The fifth recognition module (not shown) may be configured to recognize genes from saliva of a user.

Next, the verification unit may be configured to determine whether the biometric information provided by the user is identical to the previously registered biometric information.

For example, the verification unit extracts the image of the iris and pupil area from the shape image of the eye, nose, mouth, ear, etc. and/or the eyeball image from the face shape image acquired by the first biometric information recognition unit), Can be processed.

As another example, the verification unit extracts feature points of image information such as palm palm, fingerprint, back part of the finger, back part of the entire hand, hand joint spacing, nail shape, blood vein, etc. from the image information detected by the second biometric information recognition unit. And process it into a two-dimensional code.

A feature point refers to a point generated at a point where each ridge has the largest curvature in an image related to fingerprints, palm prints, wrinkles, etc. among a plurality of sensors, and each feature point includes coordinate information corresponding to a location.

The feature point of the present application may be a point assigned by searching for the curvature of the ridge displayed on the back of the hand and a partial image of a specific finger (nail, finger back wrinkles, finger joint intervals).

The present application uses the FAST (Features from Accelerated Segment Test) algorithm as a feature point setting algorithm, and when feature points are extracted from each image, the feature points on the image are stored as x and y coordinates. The feature point setting algorithm provides a descriptor to each set feature point, and the descriptor defines a feature for the feature point with pixels around the feature point. For example, characteristic information such as a change in flow direction and size of a ridge is defined.

Next, the blockchain encryption unit 370 converts the drone authentication information into a hash value based on a hash function according to the user, and then converts the drone authentication information to the blockchain encryption electronic wallet to block the leakage of the drone authentication information from external hacking. It may be a configuration that registers and stores.

Here, the block chain encryption unit 370 registers and manages a hash value based on the hash function of the drone authentication information registered by the company, institution or group in the consortium block chain when the subject of use of the control terminal is a company or institution. And, when the subject of using the drone is an individual or a private group, a hash value based on the hash sum of the isoron authentication information registered by the user is registered and managed in a private blockchain or a public blockchain.

Here, a detailed description of private, public and consortium blockchains will be described later.

Meanwhile, the control terminal 300 may be designed to receive user authentication information from a user terminal that is an external terminal.

That is, a two-way network between the control terminal and the user terminal can be formed. In addition, user authentication information and control information transmitted to the drone 200 may be provided in combination with a block chain and hard setting technology for security.

Next, when the identity authentication process of the identity authentication unit 320 is completed, the network docking unit 230 communicates with the drone through a unique network IP between the drone assigned (set) to the control terminal 300 and the communication unit. And traces the unique network IP within the preset communication area.

In addition, when the network docking unit 330 selects the multi-party flight mode through the multi-access control unit 360 to be described later, after receiving a virtual network IP group from the network unit 430 to be described later, the existing network docking is blocked. Then, retry docking the drone with the network with the virtual network group IP.

The communication unit 340 may be a configuration for communicating with the drone and the drone security management server 400 through a network network.

Here, the network is satellite communication, LAN (Local Area Network), MAN (Metropolitan Area Network), GSM (Global System for Mobile Network), EDGE (Enhanced Data GSM Environment), HSDPA (High Speed Downlink Packet Access), W-CDMA (Wideband Code Division Multiple Access), CDMA (Code Division Multiple Access), TDMA (Time Division Multiple Access), Bluetooth, Zigbee, VoIP (Voice over Internet Protocol), LTE Advanced, IEEE802.16m, WirelessMAN -Advanced, HSPA+, 3GPP Long Term Evolution (LTE), Mobile WiMAX (IEEE 802.16e), UMB (formerly EV-DO Rev. C), Flash-OFDM, iBurst and MBWA (IEEE 802.20) systems, HIPERMAN, Beam-Division It may be performed by any communication method selected from the group consisting of Multiple Access (BDMA), World Interoperability for Microwave Access (Wi-MAX), and ultrasonic communication.

On the other hand, the network can provide an environment to enable communication between each configuration. For example, the TCP/IP protocol and various services existing in the upper layer, namely HTTP (Hyper Text Transfer Protocol), Telnet, FTP ( File Transfer Protocol), DNS(Domain Name System), SMTP(Simple Mail Transfer Protocol), SNMP(Simple Network Management Protocol), NFS(Network File Service), NIS(Network Information Service), etc. I can.

The display unit 350 may display a photographed image captured by a drone, flight status information of the drone, and geographic information of a region in which the drone is flying.

In addition, the display unit 350 may display a network docking state between the control terminal and the drone, and a flight mode (individual flight mode or multi-party flight mode).

In addition, the display unit 350 may include a function of displaying a screen to flash when the drone enters the flight restriction zone.

Liquid Crystal Display (LCD), Thin Film Transistor-Liquid Crystal Display (TFT LCD), Organic Light-Emitting Diode (OLED), Flexible Display, 3D Display It may include at least one of a (3D display), an e-ink display, and a light emitting diode (LED).

The multi-access control unit 360 may be a configuration for selecting a mode for flight control of one drone with a plurality of control terminals and a relay method.

The multi-connection control unit 360 may include an input means for inputting an ID of a sub-control terminal for multi-party flight adjustment. Here, the input means may include a function of recalling the ID of a pre-registered sub-control terminal stored in the memory.

In addition, the multi-access control unit 360 is interlocked with the network docking unit 330, after receiving the virtual network group IP from the drone security management server 400 to be described later, releasing the network docking connected to the drone, and receiving Performs the function of providing re-dock instruction information to one network group IP.

That is, the network docking unit 330 may attempt and release network docking, for example, wired/wireless network docking or Bluetooth pairing (connection, interlocking) under the control of the multi-access control unit 360.

Next, the drone security management server 400 may be a server that provides a drone management service web page, an app page, a program, or an application based on a convergence block chain.

And, the drone security management server 400 monitors the networking and location between the drone 200 and the control terminal 300, and converts the hash value of the drone authentication information into a private blockchain according to the entity that registered the drone authentication information. , Distributed storage and management in the public blockchain or consortium blockchain, and the operation and operation information generated by the drone and control terminal registered under the subject name are distributed and stored in the corresponding blockchain for registration and management.

The drone security management server 400 registers and manages the hash value based on the hash function of the drone authentication information registered by the company, organization or group in the consortium blockchain in case the user of the drone 200 is a company or an institution. Ha, and, when the subject of using the drone is an individual, it may be a server that registers and manages a hash value based on the hash sum of the isoron authentication information registered by the user in a private blockchain or a public blockchain.

When a drone authentication error is transmitted from any one of the drone 200 and the control terminal 300, the drone security management server 400 provides theft/lost information to the terminal registered by the subject, and then the drone and control Networking between terminals can be blocked.

When a report of loss or theft is received from the user terminal, the drone security management server 400 provides the location, recorded, and recorded data recorded by the drone from the point when the report is received from the point when it is recognized as theft or loss to the user terminal. I can.

In addition, the drone security management server 400 generates and transmits a virtual network group IP based on the multi-party network connection approval, information and Bluetooth pairing connection approval, and information transmitted from the control terminal, and the transmitted virtual network group IP It may be a configuration that checks the access information and the GPS location information in real time.

In addition, the drone security management server 400 generates and transmits a virtual shared network IP based on the multi-party network access approval information transmitted from the control terminal 300, and transmits access information of the transmitted virtual shared network IP in real time. It may be a configuration to check.

In addition, when the drone 200 enters the flight restriction area, the drone security management server 400 forcibly blocks the network connection between the drone and the control terminal remotely, and remotely controls the flight control of the drone 200 Thus, it may be configured to control to land on a nearby ground.

Here, the drone security management server 400 may be implemented as a computer that can access a remote server or terminal through a network. Here, the computer may include, for example, a navigation system, a notebook equipped with a web browser, a desktop, a laptop, and the like.

More specifically, referring to FIGS. 7 to 10, the drone security management server 400 includes an authentication management server 410, a flight information processing server 420, and a network unit 430.

Another server (not shown) operating in conjunction with the drone security management server 400 according to an embodiment of the present invention is a convergence block chain-based drone management service application, program, and app page with at least one control terminal 300 , When transmitting a web page, the control terminal 300 may install or open a drone management service application, a program, an app page, a web page, etc. based on a convergence block chain. In addition, a service program may be driven in at least one user terminal by using a script executed in a web browser. Here, the web browser is a program that allows you to use the Web (WWW: World Wide Web) service, which means a program that receives and displays hypertext described in HTML (Hyper Text Mark-up Language). For example, Netscape , Explorer, Chrome, etc. In addition, the application refers to an application program on the terminal, and includes, for example, an app running on a mobile terminal (smartphone).

On the other hand, the authentication management server 410 may be a configuration that distributes and stores an encryption hash value for the drone authentication information of a corresponding drone in a block chain according to a user using a registered drone.

For example, the authentication management server 410 registers and manages a hash value based on the hash function of the drone authentication information registered in the consortium block chain in the consortium block chain when the drone user is a company or institution, and the drone If the user of is an individual, a hash value based on the hash sum of the isometric authentication information registered by the user is registered and managed in a private blockchain or a public blockchain.

Hereinafter, a simple concept of the private, public and consortium blockchain used in the present application will be first described.

The public blockchain is a blockchain that allows nodes to participate in the network at the free will of the node without authorization from an authoritative organization. In order for an organization to conduct business using blockchain, it must consider whether the business satisfies the seven business requirements: effectiveness, efficiency, confidentiality, integrity, availability, conformity, and reliability. However, when an organization conducts business using a public blockchain, it cannot satisfy business requirements due to the inherent four limitations of the public blockchain. The four limitations of the public blockchain are as follows.

First, the effectiveness, efficiency and availability of the business are degraded due to low transaction throughput and high latency. In Ethereum, a public blockchain, 20 transactions per second are processed and there is a delay of 10 to 20 seconds per transaction. Compared to 2000 transactions per second by credit card payment, public blockchain has a big limitation in performing business that requires rapid payment. Second, the confidentiality and conformity of business are degraded due to the lack of privacy and confidentiality protection. In a public blockchain, each node stores and processes blocks containing personal identification information and organizational transaction information for the integrity and transparency of the block. This violates the personal information handling requirements stipulated in the Personal Information Protection Act, as well as the confidential information of the organization's transaction activity being disclosed to network participants, which greatly hinders business performance.

Third, the effectiveness, efficiency and conformity of the business are degraded due to the absence of blockchain governance. A public blockchain capable of hard fork and difficult to control nodes makes it impossible for organizations to conduct business with strong and consistent strategies and policies. This environment not only makes it difficult for organizations to conduct business effectively and efficiently, but also makes it difficult to meet the requirements of their stakeholders. Fourth, business efficiency decreases due to inefficient energy consumption. Public blockchain consumes energy such as computing power and power to prove work. Considering that the Bitcoin network consumes 14.96 Twh of electricity per year as proof-of-work and $740 million per year, excessive energy consumption and non-environmental factors lead to inefficient business. Because of these limitations of public blockchains, organizations must choose a blockchain that can satisfy all business requirements to conduct business.

The greatest significance of blockchain technology is that transactions between individuals are possible without an intermediary that guarantees trust in a network environment where each other cannot be trusted. In this environment, in order to guarantee the trust that transactions between individuals have not been tampered with, public blockchains have fatal limitations in terms of efficiency, confidentiality, and availability, which are essential for business execution. However, the actual environment in which an organization conducts business and transacts is not as extreme as the unreliable network presumed by a public blockchain. This is because organizations do business by doing business with and collaborating with what they normally consider to be trusted. In other words, the root cause of the limitations that occur when public blockchains are used in business is due to the extreme premise of trustlessness, and converting the premise to a reliable environment can solve the existing limitations.

Next, the basic premise of the consortium blockchain is a reliable environment among network members. In the consortium blockchain, members who trust each other make decisions through consensus and cooperate to operate the network in a decentralized manner. In addition, the consortium consists only of organizations that are trustworthy and legally liable while meeting the network goals. Since it is a trusted environment made up of authorized and clear members, the consortium blockchain allows business to be carried out effectively and efficiently without being bound by the fundamental limitations inherent in the public blockchain. The consortium blockchain can comply with the reliability, efficiency, availability, integrity, and confidentiality of business requirements due to a trusted environment. Organizations can maximize transaction processing speed by using an efficient consensus algorithm and perform business that requires immediate payment. In addition, since it is not necessary to use a consensus algorithm that requires excessive energy consumption, blocks can be efficiently verified while maintaining integrity. Because transaction details are disclosed only to authorized stakeholders, the problem of privacy or confidentiality can be solved.

In addition to the five business requirements described above, the consortium blockchain can achieve the organization's goals with effectiveness and conformity. In the consortium blockchain, members can decentralize and cooperate to perform governance so that the organization's blockchain utilization strategy and policy are linked to the organization's goals and value is delivered to stakeholders. Governance, which complies with external requirements, evaluates strategies and policies, directs and supervises the network to operate effectively, may be best suited for a consortium blockchain operated through consensus and voting among members in a trusted environment.

IT governance refers to the leadership, organizational structure, and processes that enable IT to maintain and expand the organization's strategy and objectives as part of corporate governance under the responsibility of the board and management. The international standard ISO/IEC 38500:2015 defines IT governance as an activity directed and controlled by top management for the current and future use of IT. Top management assesses current and future IT use, directs through strategy and policy to ensure that IT use achieves business objectives, and monitors performance against policy compliance and strategy. Accordingly, the drone control service according to an embodiment of the present invention, in the case of public data or data that can be shared by anyone, is distributed and stored in a public blockchain and shared, but is not a full node so that the speed is not slowed down, Stored in the node, personal information such as personal drone authentication data and biometric information are included, and data that should not be hijacked are stored in the full node of the private chain, and the initial generated key generated as personal drone authentication data is It should be stored, but if it is lost or forgotten, each information is dualized into a full node-right node by recovering and resetting it in the trust institution consortium blockchain. It can provide reliable drone control services.

The Consortium Blockchain is operated by two entities: Governor and Members. The governor is a subject that makes key decisions through the decentralized governance of the consortium blockchain and performs six functions of the consortium blockchain governance. As the actual operation and management entity of the consortium blockchain, members perform seven functions of development, operation, security, protection of personal identification information and confidentiality, node management, ledger management and transaction management. In addition, the members cooperate to operate the consortium through consensus, and report the proposal and plan for the use of blockchain and the suitability of performance to the governor. Accordingly, the governor directs strategies and policies to members and controls the consortium's use of blockchain. Each member owns a private key (initial generated key) and public key, and is identified as the operating entity of the blockchain network through the keys and has the right to create and verify blocks. General users who are not the subject of the consortium blockchain cannot directly transmit transactions to the network, but can perform business or use services through the member's service system.

When a general user transmits a transaction to the service system of a specific member, the service system transmits the transaction to the consortium network using the member's private key. As such, general users cannot directly act as the subject of the consortium blockchain, but they can transact and conduct business through members. The consortium block chain according to an embodiment of the present invention is a block chain managed by a military or public institution, and is defined as a block chain that stores and manages personal information and authentication information of each individual and recovers it. The relationships, roles and responsibilities among the consortium blockchain governance entities are shown in Table 1 below.

Governor Members Roles Decide the configuration & ongoing enforcement of the systems Trusted partyDecide of the revision to use for the node update
Decide of the transactions & code execution
At 51% power of decision on global security of the ledger content
Initiate the business model
Business as a Service Responsibilities To maintain the blockchain platform safe & operational for business logic To verify the identity/authenticity of theusers
Update & maintenance of their devices
Responsible of the transactions and data handled
To include the correct transactions
ledger & to eliminate the improper transactions without errors
Responsible of consensus
To provide safe code &'user-friendly'
interfaces
Quality of Service Accou
ntabilit
ies Should serve the interest of the whole blockchain
actors Accountable of the information treated
Non repudiation of the data
Non repudiation of the process of verification
Non repudiation of the blockchain
The code provided should be without bug
Provide software & hardware without botnet, spy, virus

As described above, in an embodiment of the present invention, data that must have a short and fast access time or speed are stored in a light node, and other data that must maintain confidentiality even if a speed such as personal information or authentication information is slow is a full node ( Full Blockchain Node).

At this time, the light node is a node that participates in the blockchain and performs transactions, and performs the function of verifying individual transactions by requesting transaction data from the full node. Like a full node, it does not have the original source of all block information, but only retains some kind of summary, that is, important data in the block header. In the case of smartphones, there are not many phones with 100GB storage space yet, so the Android mobile Bitcoin wallet is used as a light node. For reference, the desktop computer's Bitcoin wallet is used as a full node. Since the light node does not have all the block information, it cannot be verified that this transaction is normal when it receives some new transaction information. Conversely, in the case of a full node, since it has all the data, it can be verified by inquiring the block information in the local. Therefore, the light node uses SPV (Simple Payment Verify) to verify transactions for individual transactions. SPV is a method of verifying a transaction in a light node by requesting block information from a full node to check whether this transaction is a verified transaction through Merkle Tree.

Blockchain does not store and manage transaction records on a centralized server, but individual servers participating in transactions gather to maintain and manage the network. This individual server, or participant, is called a node. Since there is no central administrator, the role of the node distributing blocks is important, and a new block is created only when more than half of the participating nodes agree. Nodes store the blockchain in their computers, and even if some nodes are hacked and the existing contents are changed, data remains in multiple nodes, so data can be preserved continuously. If you have all the transaction information of the blockchain network, it is called a Full Blockchain Node, and if you have Merkle Tree, it is called a Lightweight Node.

Therefore, all nodes of the blockchain are divided into full nodes and light nodes. Full nodes store all transaction information on the network and manage users' wallets. Light nodes store user wallets, but rely on full nodes for network access. It can be understood that a node is a component of a network, a full node is to maintain a blockchain, and a light node is to give access rights for participants. Taking the analogy of a vault and a watchman, for example, a full node is a military-grade reinforced watchman, and a light node can be seen as a passage for attempting deposit and withdrawal using a vault. Among the full nodes and the light nodes, the full nodes are also the most contributing to the blockchain network. Eventually, the light node and individual nodes read the blockchain stored in the node and participate in the network.

The advantage of full nodes is, for example, full security for bitcoin transfers. Since the transmission data is sent from its own node, no one knows where this transmission originated. Light nodes are not completely secure because the transmitted data goes out through the central server. However, just because it is not completely secure does not mean that the risk of bitcoin hacking increases. The information that can be exposed means that information about which address was sent from which IP can be left on the server. On the other hand, the full node does not know which address was sent from which IP. This is because, when an arbitrary node transmits a coin transmission to another PC, the PC that received the random broadcast does not know whether this transmission is from me or something else. In addition, the full node allows easy input and output of private keys. This method can be easily used in full node Bitcoin Core.When making a paper wallet, it is necessary to extract the private key, but it is simpler to extract and enter the private key compared to other light node wallets.

On the contrary, the advantage of Light Node is that it is easy to use. It is a method that checks how much my balance is in the central server rather than using its own block. Therefore, it takes little time from installation to use of the program, and it is easy to use. In the case of a full node, the block data reaches 140 GB, so it can take from 2 to 7 days to receive all of these blocks. Also, light nodes are easy to restore. Since the address is managed using the seed method, it is easy to restore the wallet. If you write down 12/18/24 English words well, even if your wallet is lost, you can use these words to recover your wallet. On the contrary, a full node needs to be somewhat proficient in using PC commands to be able to use it safely without losing the wallet.

Next, the flight information processing server 420 monitors the flight status information of the control terminal and the network-docked drone, and transmits an adjustment restriction message to the control terminal when entering the flight restriction zone. In addition, the flight information processing server 420 distributes and stores the flight operation information of the drone transmitted from the control terminal 300 in real time in a block chain in the same form as the block chain in which the drone authentication information is distributed and stored.

When a report of loss or theft is received from a user terminal or a drone device, the flight information processing server 420 stores the location, recorded, and recorded data recorded by the drone from the time it is recognized as theft or loss to the time of receipt of the report. Can be provided as

In addition, when network docking information (access number, access time, current location information) is received from the control terminal, and the user fails authentication during a preset number of times, current location information and theft report information may be provided to the user terminal.

The network unit 430 generates and transmits a virtual shared network IP based on the multi-party network access approval information transmitted from the control terminal 300, and checks the transmitted virtual network group IP access information in real time.

Meanwhile, the network unit 430 may check whether the drone is stolen based on the drone confirmation information and network docking, interlocking, or Bluetooth pairing information transmitted from the control terminal.

The network unit 430 may provide a shared network IP for controlling the flight of the drone in one of a personal control flight mode and a multi-person flight mode in a control terminal or a user terminal. The multi-person piloting flight mode is a mode in which at least one or more users located within a preset radius access the same drone and control (adjust) the drone in a relay manner.

11 is a flowchart illustrating a drone management method based on user authentication to which a fusion block chain is applied according to an embodiment of the present invention.

As shown in FIG. 10, the drone management method (S700) based on user authentication to which the fusion block chain is applied according to an embodiment of the present invention is provided in the drone security management server according to the registration request of the user terminal. If the information and drone authentication information for activating the drone and the control terminal are distributed and stored in a block chain and registered (S710), the drone security management server monitors the loss/theft of the drone and the control terminal in real time (S720). .

Thereafter, when a theft/lost message is received from the user terminal, the location, recorded, and recorded data recorded by the drone are provided to the user terminal from the point when it is recognized as stolen or lost to the point when the report is received (S730).

In the step of distributed storage and registration in the blockchain, the hash value of the drone authentication information is distributed and stored and managed in a private blockchain, a public blockchain, or a consortium blockchain according to the entity that registered the drone authentication information, and registered under the subject name. Including the step of registering and managing the operation and operation information generated by the drone and the control terminal distributedly stored in a corresponding block chain, and the drone security management server, when a drone authentication error is transmitted from one of the drone and the control terminal, the After providing theft/lost information to the terminal registered by the subject, networking and Bluetooth pairing between the drone and the control terminal are blocked, and the drone authentication information is any one of bio information including iris, face, fingerprint, vein and voice. Alternatively, it may be a combination of at least one or include a certificate, a security number, a hash value, and the like.

Here, the drone and the control terminal process user authentication information into a hash value based on a hash function, and then store it in a blockchain encrypted electronic wallet.

When a preset situation occurs, the drone and the control terminal temporarily release the security lock function set to activate the operation with the drone authentication information, and then provide the event situation information to the terminal set by the user in a short-range communication method.

The step of registering and storing distributed in the block chain includes registering and managing a hash value based on the hash function of the drone authentication information registered by the company, institution or group in the consortium block chain when the subject of using the drone is a company or institution. It may include steps.

In addition, the step of registering and storing distributed in the block chain includes registering and managing a hash value based on the hash sum of the isoron authentication information registered by the user in a private block chain or public block chain when the subject of using the drone is an individual. It may be a step to do.

On the other hand, the drone management method (S700) based on user authentication to which the fusion blockchain is applied according to an embodiment of the present invention performs wired/wireless network docking or Bluetooth pairing (connection, interlocking) with the drone based on the drone authentication information. After performing, control the flight of the drone, transmit network docking information (number of access, access time, current location information) to the drone security management server, and if the user fails to authenticate during a preset number of times, the current location information And transmitting the theft report information to the drone security management server, and checking whether the drone is stolen based on the drone confirmation information and network docking information transmitted from the control terminal in the drone security management server. I can.

Here, the drone security management server generates and transmits a virtual network group IP based on the multi-party network connection approval, information and Bluetooth pairing connection approval, and information transmitted from the control terminal, and accesses the transmitted virtual network group IP. Information and/or GPS location information can be checked in real time.

Therefore, if the drone management system and method based on user authentication according to an embodiment of the present invention is used, the drone or the control terminal is stolen by performing network docking between the drone and the control terminal (control terminal) based on user authentication. Even if it does, the use of stolen drones or control terminals can be blocked.

In addition, if the drone management system and method based on user authentication according to an embodiment of the present invention is used, information of drones appearing in flight restricted areas and information of users using the same as the network docking position between the drone and the control terminal is identified. Can be grasped in real time. This provides the advantage of being able to eradicate the illegal shooting behavior of secretly approaching and filming in military or private protection facilities.

11 is a diagram illustrating an exemplary computing environment in which one or more embodiments disclosed herein may be implemented, and an illustration of a system 1000 including a computing device 1100 configured to implement one or more embodiments described above. Shows. For example, the computing device 1100 may be a personal computer, a server computer, a handheld or laptop device, a mobile device (mobile phone, PDA, media player, etc.), a multiprocessor system, a consumer electronic device, a mini computer, a mainframe computer, Distributed computing environments including, but not limited to, any of the aforementioned systems or devices.

The computing device 1100 may include at least one processing unit 1110 and a memory 1120. Here, the processing unit 1110 may include, for example, a central processing unit (CPU), a graphic processing unit (GPU), a microprocessor, an application specific integrated circuit (ASIC), Field Programmable Gate Arrays (FPGA), and the like. Can have a plurality of cores. The memory 1120 may be a volatile memory (eg, RAM, etc.), a nonvolatile memory (eg, ROM, flash memory, etc.), or a combination thereof. Further, the computing device 1100 may include an additional storage 1130. Storage 1130 includes, but is not limited to magnetic storage, optical storage, and the like. The storage 1130 may store computer-readable instructions for implementing one or more embodiments disclosed herein, and other computer-readable instructions for implementing an operating system, an application program, and the like. Computer-readable instructions stored in storage 1130 may be loaded into memory 1120 for execution by processing unit 1110.

Further, the computing device 1100 may include an input device(s) 1140 and an output device(s) 1150. Here, the input device(s) 1140 may include, for example, a keyboard, a mouse, a pen, a voice input device, a touch input device, an infrared camera, a video input device, or any other input device. Further, the output device(s) 1150 may include, for example, one or more displays, speakers, printers, or any other output device, and the like. Further, the computing device 1100 may use an input device or an output device provided in another computing device as the input device(s) 1140 or the output device(s) 1150. In addition, computing device 1100 may include communication connection(s) 1160 that enable computing device 1100 to communicate with other devices (eg, computing device 1300 ). Here, the communication connection(s) 1160 is a modem, a network interface card (NIC), an integrated network interface, a radio frequency transmitter/receiver, an infrared port, a USB connection, or other computing device for connecting the computing device 1100 to another computing device. May contain interfaces. Further, the communication connection(s) 1160 may include a wired connection or a wireless connection. Each component of the computing device 1100 described above may be connected by various interconnections such as a bus (eg, peripheral component interconnection (PCI), USB, firmware (IEEE 1394), optical bus structure, etc.). And may be interconnected by network 1200. As used herein, terms such as "component" and "system" generally refer to hardware, a combination of hardware and software, software, or a computer-related entity that is running software.

As such, those skilled in the art to which the present invention pertains will be able to understand that the present invention can be implemented in other specific forms without changing the technical spirit or essential features. Therefore, the embodiments described above are illustrative in all respects and should be understood as non-limiting. The scope of the present invention is indicated by the claims to be described later rather than the detailed description, and all changes or modified forms derived from the meaning and scope of the claims and their equivalent concepts should be interpreted as being included in the scope of the present invention. do.

100: Drone security management system based on user authentication to which convergence blockchain is applied
200: drone
201: flight control unit
202: flight record transmission device
300: control terminal
310: control panel
320: Identity authentication department
330: network docking unit
340: Ministry of Communications
350: display
360: multi-connection control unit
370: Blockchain encryption unit
400: drone security management server
410: authentication processing server
420: flight information processing server
430: network unit

Claims (22)

A drone whose operation is activated based on drone authentication information;
A control terminal for controlling the operation of the drone based on the drone authentication information; And
Network docking information including the number of times of access between the drone and the control terminal, access time, and current location information, and the hash value of the drone authentication information according to the subject that registered the drone and the control terminal, and monitors the location of the drone and the control terminal A drone security management server that distributes storage and management in a private blockchain, public blockchain, or consortium blockchain, and registers and manages the operation and operation information generated by the drone and control terminal registered under the subject name in the corresponding blockchain. Including,
The drone security management server
When a drone authentication error is transmitted from either the drone or the control terminal, theft/lost information is provided to the terminal registered by the subject, and then networking and Bluetooth pairing between the drone and the control terminal are blocked, and the drone authentication information is Drone security based on drone authentication applied with a fusion blockchain characterized in that it is any one or at least one combination of bioinformation including iris, face, fingerprint, vein, and voice, or includes a certificate, security number, hash value, etc. Management system.
The method of claim 1,
The drone and control terminal
A drone security management system based on drone authentication applied with a converged blockchain, characterized in that the user's biometric information is processed into a hash value based on a hash function and then stored in a blockchain encrypted electronic wallet.
The method of claim 1,
The drone and control terminal
Convergence blockchain, characterized in that when a preset situation occurs, the security lock function set to activate the operation with drone authentication information is temporarily released, and the event situation information is provided to a terminal set by the user in a short-range communication method. A drone security management system based on drone authentication.
The method of claim 1,
The drone security management server
When the drone's user is a company or institution, a drone with a convergence block chain, characterized in that the hash value based on the hash function of the drone authentication information registered by the company, institution or group is registered and managed in the consortium blockchain. Drone security management system based on authentication.
The method according to any one of claims 1 to 4,
The drone security management server
When the drone's user is an individual, drone authentication with a convergence block chain, characterized in that the hash value based on the hash sum of the isoron authentication information registered by the user is registered and managed in a private blockchain or a public blockchain. Based drone security management system.
The method of claim 1,
The control terminal is
A drone security management system based on drone authentication applied with a fusion blockchain, characterized in that after performing network docking with the drone based on drone authentication information, the flight of the drone is controlled.
The method of claim 6,
The drone security management server
The drone security management server checks whether the drone is stolen based on the drone confirmation information and network docking, interlocking, or Bluetooth pairing information transmitted from the control terminal. Security management system.
The method of claim 6,
The drone security management server
When a report of loss or theft is received from a user terminal or a drone device, the location, altitude, route, recording, and recorded data recorded by the drone are provided to the user terminal from the point when the report is recognized as stolen or lost to the point of receipt of the report. A drone security management system based on drone authentication with a converged blockchain.
The method of claim 8,
The control terminal is
Drone authentication base applied with a converged blockchain that transmits the network docking information to the drone security management server and transmits the current location information and theft report information to the drone security management server if the user fails to authenticate for a preset number of times Drone security management system.
The method of claim 1,
The drone is
Drone security management based on drone authentication applied with a fusion blockchain, characterized in that after generating flight record information on flight speed, acceleration, rotation angle, location and altitude, and providing it to the control terminal and the drone security management server system.
The method of claim 10,
The drone is
When a preset dangerous situation is detected, it operates according to the preset manual,
It operates automatically according to a preset manual and performs manual operation according to the situation, and the preset danger situation is any one of location, altitude, route deviation and strategy, tactics, and command errors according to extreme weather, electromagnetic waves, capture, and external conditions. A drone security management system based on drone authentication to which a convergence block chain is applied, characterized in that.
The method of claim 6,
The control terminal is
Control the flight of the drone in one of a personal control flight mode and a multi-person flight mode,
The multi-person control flight mode is a drone authentication based drone authentication-based application in which at least one or more users located within a preset radius access the same drone and perform a multi-access control function to control (adjust) the drone in a relay method. Drone security management system.
The method of claim 12,
The control terminal is
In the case of selecting the multi-person control flight mode, the ID of at least one sub-control terminal to control the drone in a relay method is provided to the drone security management server,
The drone security management server
A virtual network group IP is generated and transmitted based on the multi-party network connection approval, information and Bluetooth pairing connection approval, and information transmitted from the control terminal, and the transmitted virtual network group IP access information and GPS location information are transmitted in real time. A drone security management system based on drone authentication to which a fusion block chain is applied, characterized in that it is checked.
Distributing and storing drone information, control terminal information, and drone authentication information for activating the drone and the control terminal in the drone security management server in accordance with the registration request of the user terminal in a block chain and registering;
Monitoring the loss/theft of the drone and the control terminal in real time by the drone security management server;
When a theft/lost message is received from the user terminal, the location, recorded, and recorded data recorded by the drone are provided to the user terminal from the time it is recognized as theft or loss to the time the report is received, and
The step of decentralized storage and registration in the blockchain
Depending on the entity that registered the drone authentication information, the hash value of the drone authentication information is distributed and stored and managed in a private blockchain, public blockchain, or consortium blockchain, and operation and operation information generated by the drone and control terminal registered under the subject name Including the step of decentralized storage and registration management in the corresponding blockchain,
When a drone authentication error is transmitted from one of the drone and the control terminal, the drone security management server provides theft/lost information to the terminal registered by the subject, and then network docking, interlocking or Bluetooth pairing between the drone and the control terminal. Blocking, and the drone authentication information is a convergence block chain, characterized in that the combination of any one or at least one of bio information including iris, face, fingerprint, vein, and voice, or including a certificate, security number, and hash value Drone security management method based on drone authentication.
The method of claim 14,
The drone and control terminal
A drone security management method based on drone authentication applied with a converged blockchain, characterized in that the user authentication information is processed into a hash value based on a hash function and then stored in a blockchain encrypted electronic wallet.
The method of claim 14,
The drone and control terminal
Convergence blockchain, characterized in that when a preset situation occurs, the security lock function set to activate the operation with drone authentication information is temporarily released, and the event situation information is provided to a terminal set by the user in a short-range communication method. Drone security management method based on drone authentication.
The method of claim 14,
The step of decentralized storage and registration in the blockchain
When the drone's user is a company or institution, a drone with a convergence block chain, characterized in that the hash value based on the hash function of the drone authentication information registered by the company, institution or group is registered and managed in the consortium blockchain. Authentication-based drone security management method.
The method of claim 14,
The step of decentralized storage and registration in the blockchain
When the drone's user is an individual, drone authentication with a convergence block chain, characterized in that the hash value based on the hash sum of the isoron authentication information registered by the user is registered and managed in a private blockchain or a public blockchain. Based drone security management method.
The method of claim 14,
The control terminal performs network docking with the drone based on the drone authentication information, and then controls the flight of the drone,
Network docking information including access count, access time, and current location information is transmitted to the drone security management server, and if the user fails to authenticate for a preset number of times, current location information and theft report information are transferred to the drone security management server. Transmitting and
A drone authentication-based drone with a fusion blockchain, characterized in that the drone security management server further comprises the step of checking whether the drone is stolen based on the drone confirmation information and the network docking information transmitted from the control terminal. How to manage security.
The method of claim 19,
The drone is
When a preset dangerous situation is detected, it operates according to the preset manual,
The preset danger situation is
It operates automatically according to the preset manual and performs manual operation according to the situation, and the preset danger situation is any of the location, altitude, route deviation and strategy, tactics, and command errors according to extreme weather, electromagnetic waves, capture, and external conditions. Characterized by being one. A drone security management method based on drone authentication applied with a convergence blockchain.
The method of claim 20,
The control terminal is
Control the flight of the drone in one of a personal control flight mode and a multi-person flight mode,
The multi-person control flight mode is a drone authentication based drone authentication-based application in which at least one or more users located within a preset radius access the same drone and perform a multi-access control function to control (adjust) the drone in a relay method. Of drone security management.
The method of claim 21,
The control terminal is
In the case of selecting the multi-person control flight mode, the ID of at least one sub-control terminal to control the drone in a relay method is provided to the drone security management server,
The drone security management server
A virtual network group IP is generated and transmitted based on the multi-party network connection approval, information and Bluetooth pairing connection approval, and information transmitted from the control terminal, and the transmitted virtual network group IP access information and GPS location information are transmitted in real time. A drone security management method based on drone authentication to which a fusion block chain is applied, characterized in that it is checked.

Images