KR102193711B1 - Terminal device and computer program - Google Patents

Abstract

The present invention realizes a new method of technology that allows non-authorized persons to block reproduction of an image while allowing an authorized person to receive a guaranteed original image that is not forged/modified.

Description

Terminal device and computer program {TERMINAL DEVICE AND COMPUTER PROGRAM}

The present invention relates to a data storage technology for storing image data, and more specifically, data storage that enables an authorized person to receive a guaranteed original image that is not forged or altered while being able to block an unauthorized person from playing an image. It's about technology.

Recently, cases of installing and using a photographing device (eg, IP-CAM) in a place desired by individuals in homes or small/medium businesses are increasing.

In the video service provided based on a photographing device (e.g. IP-CAM), each image is stored/stored on the server by transmitting the image captured by the photographing device (e.g. IP-CAM) to the server, which is permanently stored. Or temporarily stored and then provided to users in the form of streaming.

At this time, the IP-CAM manufacturer or the video service provider provides access control methods (eg, Access Control List, etc.) using their own ID/PASSWORD so that only authorized users can access the video. , Hacking, etc., bypassing such access control, directly accessing video files, and stealing video files.

That is, with the existing access control method alone, there is a problem that it is not possible to completely block a non-authorized person from playing a hijacked video in an illegal manner.

On the other hand, some videos stored with IP-CAM contain crime facts, and in order to adopt this as evidence, it is necessary to be able to prove that the video is the original that has not been forged or altered. Of course, in addition to the above reasons, a legitimate user with authority must be able to reproduce the original video that is not forged/modified.

However, the currently used original image determination (certification) technology is a method of proving that the image is the original image by determining whether the image has not been forged or altered based on the image's hash value or equivalent metadata. to be.

That is, the existing technology can prove that the image is an original image that is not forged/modified, but there is a problem in that it cannot guarantee the original image by preventing forgery/modulation.

Accordingly, in the present invention, it is intended to realize a technology that allows the unauthorized person to completely block the reproduction of the image while allowing the authorized person to reproduce the guaranteed original image that is not forged/modified.

The present invention was created in view of the above circumstances, and an object to be reached in the present invention is to allow an authorized person to receive a guaranteed original video that is not forged/modified while being able to block an unauthorized person from playing an image. It is to provide a new method of technology.

A terminal device according to a first aspect of the present invention for achieving the above object comprises: a data dividing unit for dividing specific data to be stored; An encryption unit that encrypts some of the data divided from the specific data based on a specific encryption key; And storage of transmitting and storing the remaining data other than the partial data among the divided data from the specific data to a first storage location, and transmitting and storing the encrypted partial data to a second storage location different from the first storage location. It includes a control unit.

Specifically, the second storage location may be a block chain network.

Specifically, the partial data may be data of a minimum size in which normal reproduction or output of the specific data is impossible when reproduced or outputted except for the specific data among data constituting the specific data.

Specifically, the specific encryption key may be an encryption key generated in a pair with a decryption key held by a device that is mapped and registered with the terminal device on the first storage location.

Specifically, the second storage location may provide storage location information indicating a storage location in which the encrypted partial data is stored, as the first storage location.

A terminal device according to a second aspect of the present invention for achieving the above object includes: a response receiver configured to transmit a request signal for specific data to a first storage location and receive a response according to the request signal; A data acquisition unit for acquiring encrypted partial data of the divided data of the specific data from a second storage location based on the storage location information checked in the response; A decryption unit that decrypts the encrypted partial data based on a specific decryption key; And a restoration unit configured to restore the specific data by combining the other data other than the partial data among the divided data of the specific data received through the response and the decoded partial data.

Specifically, when the restored specific data is normally reproduced or output, a determination unit for determining the specific data as original data may be further included.

Specifically, the second storage location may be a block chain network.

Specifically, the specific decryption key may be a decryption key generated in a pair with an encryption key held by a device that is mapped and registered with the terminal device on the first storage location.

A computer program according to a third aspect of the present invention for achieving the above object includes the steps of, in combination with hardware, dividing specific data to be stored; Encrypting some of the data divided from the specific data based on a specific encryption key; And transmitting and storing data other than the partial data among the divided data from the specific data to a first storage location, and transmitting and storing the encrypted partial data to a second storage location different from the first storage location. Is stored on the medium to execute.

Specifically, the second storage location may be a block chain network.

Specifically, the partial data may be data of a minimum size in which normal reproduction or output of the specific data is impossible when reproduced or outputted except for the specific data among data constituting the specific data.

A computer program according to a fourth aspect of the present invention for achieving the above object includes the steps of: being combined with hardware, transmitting a request signal for specific data to a first storage location, and receiving a response according to the request signal; Acquiring, from a second storage location, some encrypted data of the divided data of the specific data based on the storage location information confirmed in the response; Decrypting the encrypted partial data based on a specific decryption key; And combining data other than the partial data among the divided data of the specific data received through the response, and combining the decoded partial data and restoring the partial data into the specific data.

Specifically, when combined with hardware and the restored specific data is normally reproduced or output, the step of determining the specific data as original data may be further performed.

Specifically, the second storage location may be a block chain network.

According to the terminal device and the computer program of the present invention, it is possible to block the reproduction of the video by the non-authorized person, while enabling the authorized person to reproduce the guaranteed original video that is not forged/modified, resulting in an effect of realizing a differentiated technology.

1 is an exemplary view showing an existing scenario in which a captured image is stored and reproduced in an imaging device-based video service.
2 is an exemplary diagram showing a system configuration for realizing the technology proposed in the present invention.
3 and 4 are block diagrams showing the configuration of a terminal device according to a preferred embodiment of the present invention.
5 is an exemplary diagram showing a scenario in which an image is stored and reproduced according to the technology proposed by the present invention.
6 and 7 are flowcharts showing an operation of executing a computer program in hardware (terminal device) according to a preferred embodiment of the present invention.

Hereinafter, preferred embodiments of the present invention will be described with reference to the accompanying drawings.

The present invention relates to a technique for storing and reproducing (outputting) video data.

Recently, cases of installing and using a photographing device (eg, IP-CAM) in a place desired by individuals in homes or small/medium businesses are increasing.

In the video service provided based on a photographing device (e.g. IP-CAM), each image is stored/stored on the server by transmitting the image captured by the photographing device (e.g. IP-CAM) to the server, which is permanently stored. Or temporarily stored and then provided to users in the form of streaming.

Referring to FIG. 1, a brief description of an existing scenario in which a photographed image is stored and reproduced in a photographing device-based image service is as follows.

The photographing apparatus 10 (eg, IP-CAM) transmits the photographed image to the server 30 (S1, S2).

Accordingly, the image transmitted from each photographing apparatus is stored/stored in the server 30 (S3).

The user 20 (Uesr) of the photographing apparatus 10 side accesses the server 30 after authentication according to an access control method (eg, Access Control List, etc.) supported by the server 30 (S4), A specific image among the images captured by the photographing apparatus 10 may be requested (S5).

In the server 30, through an initial authentication process performed at the initial installation of the photographing device 10, authentication information for authenticating the user 20, a device mapping for mapping the photographing device 10 as a device of the user 20 Information, etc. will be registered.

Accordingly, the server 30 may query a specific image requested from the user 20 among images stored/stored in the photographing apparatus 10 (S6), and provide the specific image to the user 20 ( S7).

Accordingly, on the user 20 side, for example, a mobile terminal or a computer, the provided image can be played back (S8).

As described with reference to FIG. 1, the IP-CAM manufacturer or the provider providing the video service uses its own authentication information (e.g. ID/PASSWORD) so that only legitimate users with authority can access the video. (Example: Access Control List, etc.) is provided.

However, there has been an act of hijacking the image file by directly accessing the image file by bypassing such access control due to hacking or the like.

That is, with the existing access control method alone, there is a problem that it is not possible to completely block a non-authorized person from playing a hijacked video in an illegal manner.

On the other hand, some videos stored with IP-CAM contain crime facts, and in order to adopt this as evidence, it is necessary to be able to prove that the video is the original that is not forged/modified. Of course, in addition to the above reasons, a legitimate user with authority must be able to reproduce the original video that is not forged/modified.

However, the currently used original image determination (certification) technology is a method of proving that the image is the original image by determining whether the image has not been forged or altered based on the image's hash value or equivalent metadata. to be.

That is, the existing technology can prove that the image is an original image that is not forged/modified, but there is a problem in that it cannot guarantee the original image by preventing forgery/modulation.

Accordingly, in the present invention, it is intended to propose a technology that allows an authorized person to reproduce a guaranteed original video that is not forged/modified while being able to almost completely block an unauthorized person from playing an image.

Specifically, it is intended to propose a computer program that is combined with a terminal device and hardware (terminal device) capable of realizing the technology proposed in the present invention to execute the proposed technology function of the present invention.

First, referring to FIG. 2, a system configuration for realizing the technology proposed in the present invention will be described.

As shown in Fig. 2, the system in which the proposed technology of the present invention is implemented includes a terminal device 100, which may be a photographing device (eg, IP-CAM) or a user terminal (eg, mobile terminal, computer), and a terminal. It is a configuration including a server 200 and a block chain network 300 in which specific data (eg, an image) of the device 100 is divided and stored.

The specific data to be stored referred to in the present invention may be digital data in various forms, such as image data, but document data or audio data.

However, in the following embodiments, for convenience of description, it is assumed that specific data to be stored is image data.

Blockchain is a distributed data storage environment based on a chain-type connection in which small data called'blocks' are created based on a peer to peer (P2P) method at each storage node. As a storage technology, it is a data forgery prevention technology based on distributed computing technology that no one can arbitrarily modify and anyone can view the results of changes.

Blockchain network 300 refers to a network that stores/stores transmitted data based on the above-described blockchain technology.

Accordingly, when the proposed technology of the present invention is described in terms of data storage, the terminal device 100 divides specific data to be stored, that is, image data, encrypts some of the divided data, and then encrypts the divided data. Data other than one part of the data can be transmitted and stored in a first storage location, that is, the server 200, and some encrypted data can be transmitted and stored in a second storage location different from the server 200, that is, the blockchain network 300. have.

Meanwhile, when describing the proposed technology of the present invention in terms of data reproduction (output), the terminal device 100 transmits a request signal for specific data, that is, image data, to a first storage location, that is, the server 200, and Upon receiving the response, the encrypted partial data of the divided data of the image data is obtained from the second storage location, that is, the blockchain network 300 based on the storage location information confirmed in the received response.

Accordingly, the terminal device 100 decodes some of the encrypted data, and then combines the remaining data and some of the decoded data among the divided data of the image data received through the previously received response to restore the original image data. I can.

In the following, Figures 3 and 4 will be described in more detail the configuration of a terminal device according to a preferred embodiment of the present invention.

First, with reference to FIG. 3, the configuration of the terminal device 100 that performs the proposed technology of the present invention, particularly the data storage technology, will be described.

In addition, it is preferable that the terminal device 100 of FIG. 3 performing the data storage technology of the present invention is a photographing device (eg, IP-CAM).

As shown in FIG. 3, the terminal device 100 (photographing device) according to an embodiment of the present invention includes a data splitting unit 110, an encryption unit 120, and a storage control unit 130.

Further, the terminal device 100 according to an embodiment of the present invention, in addition to the above-described configuration, is a communication unit 140, which is an RF module responsible for a practical communication function with the server 200 and the blockchain network 300. It may further include a configuration of.

Here, the communication unit 140 includes, for example, an antenna system, an RF transceiver, one or more amplifiers, a tuner, one or more oscillators, a digital signal processor, a codec (CODEC) chipset, and a memory, but is not limited thereto. Any known circuit to be performed may be included.

All or at least part of the configuration of the terminal device 100 may be implemented in the form of a hardware module or a software module, or may be implemented in a form in which a hardware module and a software module are combined.

Here, the software module may be understood as, for example, a command executed by a processor that controls an operation in the terminal device 100, and such a command may have a form mounted in a memory in the terminal device 100. .

As a result, the terminal device 100 according to an embodiment of the present invention, through the above-described configuration, can almost completely block the reproduction of the image by an unauthorized person, and a guaranteed original image that is not forged/modified by the authority. A technology (mechanism) that enables reproduction of the data is realized, in particular, a data storage technology. Hereinafter, each configuration in the terminal device 100 (photographing device) for realizing this will be described in more detail.

The data dividing unit 110 divides specific data to be stored, such as image data.

That is, the data dividing unit 110 divides each image data to be stored into two or more pieces of data (hereinafter, divided data).

In this case, the method, ratio, number, etc. of dividing the image data into two or more divided data types are not limited, and any of the existing division techniques may be employed in the present invention.

However, according to an embodiment, it is preferable to employ a segmentation technique in which image data is not normally reproduced or outputted by only each segmented data divided from one image data.

The encryption unit 120 encrypts some data of data divided from specific data, such as image data, that is, divided data, based on a specific encryption key.

In this case, it is preferable that some data is data of a minimum size in which normal reproduction or output of the image data is impossible when reproduced or outputted except from the image data, among data constituting the image data.

In addition, it is preferable that the specific encryption key is an encryption key generated in a pair with a decryption key held by a device that is mapped and registered with the terminal device 100 on the server 200, that is, in the first storage location.

Specifically, the terminal device 100 (photographing device) generates and stores a pair of encryption keys and decryption keys in the initial authentication process performed with the server 200 at the beginning of installation, but the terminal device 100, photographing Device), a decryption key may be provided to a first storage location, that is, a device that is mapped and registered in the server 200.

In this case, a method of generating a pair of encryption keys and decryption keys in the terminal device 100 (photographing apparatus) may be a symmetric key algorithm or an asymmetric key algorithm.

If it is generated based on an asymmetric key algorithm, the encryption key, that is, the private key and the decryption key, that is, the public key will be different from each other, and if it is generated based on the symmetric key algorithm, the encryption key and the decryption key will be the same.

For example, in the initial authentication process performed at the initial installation of the photographing device, the server 200 receives authentication information and photographing device information to be used for subsequent authentication after initial authentication/access from the user (user terminal) managing the photographing device. You will be input.

Accordingly, device mapping information for mapping a photographing device as a device of a user (user terminal) is registered in the server 200, and the server 200 may provide information on the user terminal to the photographing device.

Accordingly, in the initial authentication process performed with the server 200, the terminal device 100 transmits a decryption key among the encryption keys and decryption keys generated as a pair to the user terminal according to the information provided from the server 200. Provide and retain.

On the other hand, a method in which the terminal device (100, photographing device) generates an encryption key and a decryption key and provides/retains it to a user (user terminal) is an embodiment, and generates an encryption key and a decryption key based on a symmetric key algorithm. In this case, it may be possible for the user terminal to directly generate the decryption key without a separate key exchange process using the serial number of the terminal device 100 (photographing device).

Referring to the encryption unit 120 again, the encryption unit 120 includes, among the divided data (hereinafter, data A and B) divided from the image data, some data of the smallest size in which normal reproduction or output of the image data is impossible when excluded. (Hereinafter, data B) may be encrypted based on an encryption key among encryption keys and decryption keys generated as a pair.

In this way, the reason for encrypting some data of the minimum size that makes it impossible to reproduce or output the image data normally is the computational load that the terminal device 100, which is the subject of the encryption, must bear for encryption. It is to reduce the size, and also to reduce the size of data stored in the blockchain network 300.

The storage control unit 130 transmits and stores the divided data divided from the image data, for example, the remaining data A except for some data B among data A and B to the first storage location, that is, the server 200.

Meanwhile, the storage control unit 130 transmits and stores some data B encrypted by the encryption unit 120 to a second storage location, that is, the blockchain network 300.

That is, the storage control unit 130 stores a part (data A) of the divided data divided from one image data in the server 200 as it is and encrypts a part (data B) to the blockchain network 300 To save it.

More specifically, when the encryption unit 120 encrypts data B based on an encryption key, identification information for identifying the terminal device 100 (photographing device) may be encrypted together. In this case, in the blockchain network 300, encrypted data B and identification information will be stored together.

In the present invention, it is preferable that the block chain network 300 provides storage location information indicating a storage location in which some encrypted data, that is, data B, is stored to the first storage location, that is, the server 200.

In this case, the server 200 may match and store the storage location information received from the blockchain network 300 with data A provided and stored from the terminal device 100 (photographing device).

As described above, according to the proposed technology of the present invention, particularly the data storage technology, some of the segmented data (Data B) divided from the image data are encrypted and stored in the blockchain network 300, even if an unauthorized person is hacked. Even if an act of accessing and hijacking video files in the server 200 by bypassing the access control of the server 200, etc. occurs, only a part of the video data (data A) exists in the hijacked video file, so that the non-authorized person You can block video playback.

Hereinafter, with reference to FIG. 4, the configuration of the terminal device 100 that performs the proposed technology of the present invention, particularly the data reproduction (output) technology, will be described.

In addition, the terminal device 100 of FIG. 3 performing the data storage technology of the present invention is preferably a user terminal (eg, a mobile terminal, a computer, etc.).

As shown in FIG. 4, a terminal device 100 (user terminal) according to an embodiment of the present invention includes a response receiving unit 150, a data acquisition unit 160, a decoding unit 170, and a restoration unit 180. Includes.

Furthermore, the terminal device 100 (user terminal) according to an embodiment of the present invention may further include a determination unit 190.

As a result, the terminal device 100 according to an embodiment of the present invention, through the above-described configuration, can block the reproduction of the image by the unauthorized person, while the authorized person can reproduce the guaranteed original image that is not forged/modified. A technology (mechanism) that enables, in particular, a data reproduction (output) technology is realized. Hereinafter, each configuration in the terminal device 100 (user terminal) for realizing this will be described in more detail.

The response receiver 150 transmits a request signal for specific data to the first storage location, and receives a response according to the request signal.

Hereinafter, for convenience of description, image data will be referred to as specific data as in the assumption described above.

Specifically, the terminal device 100 (user terminal) may access the server 200 through input and authentication authentication information according to an access control method supported by the server 200 (eg, an Access Control List, etc.).

Accordingly, the response receiver 150 may transmit a request signal for specific data specified by a user, that is, specific image data to the server 200, and receives a response according to the request signal from the server 200.

In the present invention, the server 200, based on the device mapping information, searches for requested specific image data among images stored/stored in the photographing device registered as a device of the terminal device 100, and Image data (eg, data A) and storage location information matching/stored therewith may be returned as a response.

Based on the storage location information confirmed in the response received from the server 200, the data acquisition unit 160 stores specific data, that is, some encrypted data among the divided data of the requested specific image data, to a second storage location, that is, a blockchain network. Obtained from 300.

That is, the data acquisition unit 160 requests the data stored in the storage location according to the storage location information to the block chain network 300 based on the storage location information, and thereby responds to the request from the block chain network 300. It is possible to receive/acquire data B according to

Here, according to an embodiment, in the blockchain network 300, in order to prove that there is no forgery/modulation in the transmission section, the encrypted identification information of the photographing apparatus stored together when receiving and storing the encrypted data B is provided, The data B according to the request may be provided to the terminal device 100 (user terminal) prior to or together.

In this case, the terminal device 100 (user terminal) checks the identification information received from the blockchain network 300 based on the decryption key previously provided and retained, so that the identification information matches the identification information of the photographing device. Depending on whether or not, it may be determined whether or not the data B is forged or altered in the transmission section, and the data B obtained this time from the blockchain network 300 may be forged or altered.

The decryption unit 170 decrypts some data in the encrypted state obtained by the data acquisition unit 160, that is, data B, based on a specific decryption key.

The specific decryption key at this time is a decryption key generated in a pair with an encryption key held by a device (photographing apparatus) that is mapped and registered with the terminal device (100, user terminal) on the first storage location, that is, the server 200. It is desirable.

For example, in the initial authentication process performed between the photographing device and the server 200 that provided the data acquired from the blockchain network 300 this time, the photographing as a device of the terminal device 100 (user terminal) on the server 200 Device mapping information for mapping devices is registered.

And, the terminal device 100 (user terminal), in the initial authentication process performed between the photographing device and the server 200 that provided the data acquired from the blockchain network 300 this time, the terminal device 100 (user terminal) A specific decryption key, that is, an encryption key used for encryption by the photographing apparatus, and a decryption key generated as a pair are provided and held from the photographing device mapped to the device.

Of course, this is according to one embodiment, and when generating an encryption key and a decryption key based on a symmetric key algorithm, the terminal device (100, user terminal) decrypts without a separate key exchange process using the serial number of the photographing device. It would also be possible to generate the keys yourself.

Accordingly, referring to the decryption unit 170 again, the decryption unit 170 may decrypt some data in the encrypted state obtained by the data acquisition unit 160, that is, data B, based on a previously held decryption key.

The restoration unit 180 stores data other than some data B among the divided data of the specific image data received through the response from the server 200, that is, data A, and some data B decoded by the decoder 170. By combining, the original specific data, that is, image data is restored.

Accordingly, the terminal device 100 (user terminal) may directly reproduce specific image data or output it to another device.

When the reconstructed specific data, that is, image data, is normally reproduced or output, the determination unit 190 may determine the specific data, that is, image data, as original data.

If the data B obtained from the blockchain network 300 is not normally decrypted by the decryption unit 170, the image data restored by combining the data A received from the server 200 and the decrypted data B is normally played or It will not be printed.

Alternatively, even if the data B obtained from the blockchain network 300 is normally decoded by the decoder 170, the image data restored by combining the data A received from the server 200 and the decoded data B is normally played or If the output is not possible, there will be a high possibility that there has been forgery/modulation in the server 200 or in the transmission section with the server 200, the transmission section with the blockchain network 300, etc.

Accordingly, the determination unit 190 suspects forgery/modulation without determining the image data as the original data when the restored specific data, that is, the image data is not normally reproduced or output, and the restored image data is normally reproduced or outputted. Only in case, the image data can be determined as the original data.

As described above, according to the proposed technology of the present invention, particularly the data reproduction (output) technology, in a storage environment in which some (data B) of divided data of image data is encrypted and stored in the blockchain network 300, non-privileged Even if it bypasses the access control of the server 200 by self-hacking, accesses and steals video files in the server 200, and even steals data B on the blockchain, it is impossible to restore data B without each decryption key. Therefore, it is possible to block an unauthorized person from playing the video.

In addition, according to the proposed technology of the present invention, particularly the data reproduction (output) technology, in a storage environment in which some (data B) of divided data of image data is encrypted and stored in the blockchain network 300, the decryption/restore process is all performed. If the rough image data is reproduced (output) normally, it can be determined/guaranteed that the data is original data without forgery/modulation.

According to the present invention, an effect of realizing a differentiated technology that allows an authorized person to reproduce a guaranteed original video that is not forged/modified while being able to almost completely block an unauthorized person from playing an image is derived.

Hereinafter, with reference to FIG. 5, an overall scenario in which an image is stored and reproduced according to the technology proposed in the present invention will be described.

Hereinafter, for convenience of description, a photographing device and a user terminal are used as the terminal device 100 to be described.

The photographing apparatus 100 generates and stores a pair of encryption keys and decryption keys in the initial authentication process performed with the server 200 at the initial stage of installation (S10).

The server 200 receives authentication information and photographing device information to be used for subsequent authentication after initial authentication/access from the user terminal 100 in the initial authentication process performed at the initial stage of installation of the photographing device (S30).

Accordingly, device mapping information for mapping a photographing device as a device of the user terminal 100 is registered on the server 200, and the server 200 may provide information on the user terminal 100 to the photographing device (S35). ).

Accordingly, in the initial authentication process performed with the server 200, the photographing apparatus 100 provides a decryption key among the encryption and decryption keys generated as a pair to the user terminal according to the information provided from the server 200 It is made to be held by the user terminal (S40).

Thereafter, the photographing apparatus 100 divides the image data to be stored into two or more pieces of data (hereinafter, divided data) (50).

And, the photographing apparatus 100, of the divided data (hereinafter, data A and B) divided from the image data, the remaining data A except for some data to be encrypted is transmitted to the server 200 as it is to the server 200 (S60), It is stored in the server 200 (S65).

On the other hand, the photographing apparatus 100 may encrypt some data B of the smallest size in which normal reproduction or output of the image data is impossible among the divided data A and B divided from the image data, based on the encryption key ( S70).

In addition, the photographing apparatus 100 transmits the encrypted partial data B to the blockchain network 300 (S80), so that it is stored in the blockchain network 300 (S85).

The blockchain network 300 may provide the server 200 with storage location information indicating a storage location in which some encrypted data, that is, data B is stored (S90).

In this case, the server 200 may match and store the storage location information received from the blockchain network 300 with the data A provided and stored by the photographing apparatus 100 (S95).

Meanwhile, the user terminal 100 may access the server 200 through input and authentication of authentication information according to an access control method (eg, an Access Control List) supported by the server 200 (S100).

Accordingly, the user terminal 100 may transmit a request signal for specific image data designated by the user to the server 200 (S110).

The server 200 receiving the request signal, on the basis of the device mapping information, inquires the requested specific image data among images stored/stored in the photographing device registered as a device of the user terminal 100 (S120), The inquired image data (eg, data A) and storage location information matched/stored therewith may be returned as a response (S130).

The user terminal 100 may acquire some encrypted data B from the block chain network 300 among the divided data of the requested specific image data based on the storage location information confirmed in the response received from the server 200. (S140).

Accordingly, the user terminal 100 decrypts the encrypted data B obtained in step S140 with a decryption key shared with the photographing apparatus (S150).

Then, the user terminal 100 combines the data A received through a response from the server 200 in step S130 and the data B decoded in step S150, and restores the original specific image data (S160).

Accordingly, the user terminal 100 may directly reproduce specific image data or may output it to another device.

Hereinafter, with reference to FIGS. 6 and 7, an operation in which a computer program according to a preferred embodiment of the present invention is executed in hardware (terminal device) will be described.

For convenience of explanation, it will be described as an operating method of a terminal device in which the computer program of the present invention is executed.

First, referring to FIG. 6, the proposed technique of the present invention will be described in terms of data storage.

In the method of operating a terminal device in which the computer program of the present invention is executed, the terminal device 100 (photographing device), when the data to be stored, such as a photographed image, is generated (S200), the data, that is, two or more data (hereinafter , Divided data) (S210).

In the method of operating a terminal device on which the computer program of the present invention is executed, the terminal device 100 (photographing device) includes data other than some data to be encrypted among divided data (hereinafter, data A and B) divided from the image data. A is transmitted to the server 200 as it is and stored in the server 200 (S220).

On the other hand, in the operating method of the terminal device in which the computer program of the present invention is executed, the terminal device 100 is unable to reproduce or output the image data normally when excluded from the divided data A and B divided from the image data. Some data B of the minimum size may be encrypted based on the encryption key (S230).

And, in the operating method of the terminal device in which the computer program of the present invention is executed, the terminal device 100 (photographing device) transmits some encrypted data B to the blockchain network 300 and stores it in the blockchain network 300. Make it possible (S240).

The blockchain network 300 may provide storage location information indicating a storage location in which some encrypted data, that is, data B, is stored to the server 200 (S250).

In this case, on the server 200 side, the storage location information received from the block chain network 300 may be matched with data A to be provided and stored from the photographing device 100 and store.

In the method of operating a terminal device in which the computer program of the present invention is executed, the terminal device 100 (photographing device) is, unless the operation is turned off (S260 No), every time data to be stored, such as a photographed image, is generated (S200), described above. Steps after S210 will be performed.

In the following, with reference to FIG. 7, the proposed technique of the present invention will be described in terms of data reproduction (output).

In the method of operating a terminal device on which the computer program of the present invention is executed, the terminal device 100 (user terminal) inputs authentication information according to an access control method (eg, Access Control List, etc.) supported by the server 200 and After authentication, it is possible to access the server 200 (S300).

Accordingly, in the method of operating a terminal device in which the computer program of the present invention is executed, the terminal device 100 (user terminal) may transmit a request signal for specific data specified by the user, for example, specific image data, to the server 200. Yes (S310).

The server 200 receiving the request signal, based on the device mapping information, inquires the requested specific image data among images stored/stored in the photographing device registered as a device of the terminal device 100 (user terminal), The inquired image data (eg, data A) and the storage location information matched/stored therewith may be returned as a response (S320).

In the method of operating a terminal device in which the computer program of the present invention is executed, the terminal device 100 (user terminal) receives a response according to the request signal of step S310 from the server 200 (S330).

In the operating method of the terminal device on which the computer program of the present invention is executed, the terminal device 100 (user terminal) is based on the storage location information identified in the received response, and the block chain network 300 according to the storage location information. Data stored in the storage location may be requested, and data B according to the request may be received/acquired from the blockchain network 300 (S340).

Accordingly, in the method of operating the terminal device on which the computer program of the present invention is executed, the terminal device 100 (user terminal) decrypts the data B in the encrypted state obtained in step S340 with a decryption key shared with the photographing device (S350). .

And, in the operating method of the terminal device in which the computer program of the present invention is executed, the terminal device 100 (user terminal) includes data A received through a response from the server 200 in step S330, and decrypted in step S350. The data B is combined and the original specific image data is restored (S360).

Accordingly, in the operating method of the terminal device on which the computer program of the present invention is executed, the terminal device 100 (user terminal) is not normally restored or data A and decrypted data obtained from the blockchain network 300 When the image data reconstructed by combining B is not normally reproduced or output (S370 No), it may be determined as forgery/modulated data other than the original data (S390).

On the other hand, in the operating method of the terminal device in which the computer program of the present invention is executed, the terminal device 100 (user terminal) restores the data B obtained from the blockchain network 300 normally and restores the data A and the decrypted data B. When the combined and restored image data is normally reproduced or output (S370 Yes), the restored image data will be determined as the original data (S380).

As described above, according to the operating method of the terminal device on which the computer program of the present invention is executed, it is possible to almost completely block the reproduction of the image by the non-authorized, while the authorized person can reproduce the guaranteed original image that is not forged/modified. It derives the effect of realizing differentiated technologies that enable it.

A computer program or a method of operating a terminal device on which a computer program is executed according to an embodiment of the present invention may be implemented in the form of program commands that can be executed through various computer means and recorded in a computer-readable medium. The computer-readable medium may include program instructions, data files, data structures, and the like alone or in combination. The program instructions recorded in the medium may be specially designed and configured for the present invention, or may be known and usable to those skilled in computer software. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic media such as floptical disks. -A hardware device specially configured to store and execute program instructions such as magneto-optical media, and ROM, RAM, flash memory, and the like. Examples of the program instructions include not only machine language codes such as those produced by a compiler, but also high-level language codes that can be executed by a computer using an interpreter or the like. The above-described hardware device may be configured to operate as one or more software modules to perform the operation of the present invention, and vice versa.

Although the present invention has been described in detail with reference to preferred embodiments so far, the present invention is not limited to the above-described embodiments, and the technical field to which the present invention belongs without departing from the gist of the present invention claimed in the following claims. Anyone of ordinary skill in the art will say that the technical idea of the present invention extends to the range in which various modifications or modifications are possible.

According to the terminal device and computer program according to the present invention, it exceeds the limitations of the existing technology in that it is possible to block the reproduction of the image by the non-authorized and the authorized person can receive the guaranteed original image that is not forged/modified. According to this invention, it is an invention that has industrial applicability because it is not only the use of the related technology, but also the possibility of commercialization or business of the applied device is sufficient as well as the degree to be practically obvious.

100: terminal device (photographing device, user terminal)
110: data division unit 120: encryption unit
130: storage control unit 150: response receiver
160: data acquisition unit 170: decoding unit
180: restoration unit 190: determination unit
200: server
300: Blockchain network

Claims (15)

As a recording device that encrypts and provides specific data so that it can be reproduced or output from a user terminal mapped to a server,
A data dividing unit for dividing specific data;
An encryption unit for encrypting some data of the data divided from the specific data and identification information of the photographing device based on a specific encryption key;
Among the data divided from the specific data, the remaining data other than the partial data is transmitted to the server and stored, and the encrypted partial data and the identification information of the encrypted photographing device are transmitted to a blockchain network different from the server. A storage control unit to store;
A response receiver that transmits a request signal for the specific data to the server, and receives storage location information indicating a location where the encrypted partial data is stored in the blockchain network as a response;
A data acquisition unit that acquires the encrypted partial data and identification information of the encrypted photographing device from the block chain network based on the storage location information;
A decryption unit that decrypts the encrypted partial data based on a specific decryption key;
A restoration unit for restoring the specific data by combining the remaining data with some data decoded by the decoding unit
Including,
The specific encryption key for encrypting the partial data is generated in a pair with a decryption key shared with a user terminal mapped to the photographing device during an authentication process between the photographing device and the server,
The identification information of the encrypted photographing device received from the blockchain network is decrypted with the specific decryption key and is used to determine whether forgery or alteration in the transmission section according to whether it matches the identification information of the photographing device,
And the data dividing unit divides the specific data so that the reproduction or output of the specific data is possible only when the partial data and the remaining data are combined. delete The method of claim 1,
Some of the above data,
A photographing apparatus, characterized in that, among data constituting the specific data, data of a minimum size in which normal reproduction or output of the specific data is impossible when the specific data is excluded from the specific data and reproduced or output. delete delete As a user terminal that restores specific data provided by encryption by a registered recording device mapped to the server,
A response receiver configured to transmit a request signal for the specific data to the server and, as a response, receive storage location information indicating a location where some encrypted data among the divided data of the specific data are stored in the blockchain network;
A data acquisition unit for acquiring the encrypted partial data and identification information of the encrypted photographing device from the block chain network based on the storage location information;
A decryption unit that decrypts the encrypted partial data based on a specific decryption key; And
And a restoration unit for restoring the partial data of the specific data received through the response by combining the remaining data other than the partial data and the decoded partial data,
The specific decryption key for decrypting the encrypted partial data is shared with the photographing device that is mapped and registered with the user terminal in the server, and an encryption key stored by the photographing device during an authentication process between the photographing device and the server Are created in pairs,
The identification information of the encrypted photographing device received from the blockchain network is decrypted with the specific decryption key and is used to determine whether forgery or alteration in the transmission section according to whether it matches the identification information of the photographing device,
And the specific data is divided so that the reproduction or output of the specific data is possible only by combining the decoded partial data and the remaining data. The method of claim 6,
And when the restored specific data is normally reproduced or output, a determination unit configured to determine the specific data as original data. delete delete Dividing the specific data by a photographing apparatus that is combined with hardware and encrypts and provides specific data so that it can be reproduced or output from a user terminal mapped to the server;
Encrypting some of the data divided from the specific data and identification information of the photographing apparatus based on a specific encryption key;
Among the data divided from the specific data, the remaining data other than the partial data is transmitted to the server and stored, and the encrypted partial data and the identification information of the encrypted photographing device are transmitted to a blockchain network different from the server. Storing;
Transmitting a request signal for the specific data to the server, and receiving storage location information indicating a location where the encrypted partial data is stored in the blockchain network as a response thereof;
Acquiring the encrypted partial data and identification information of the encrypted photographing device from the block chain network based on the storage location information;
Decrypting the encrypted partial data based on a specific decryption key; And
Restoring the specific data by combining the remaining data with the decoded partial data
Run
The specific encryption key for encrypting the partial data is generated as a pair with a decryption key shared with a user terminal mapped to the photographing device during an authentication process between the photographing device and the server,
The identification information of the encrypted photographing device received from the blockchain network is decrypted with the specific decryption key and is used to determine whether or not forgery or alteration in the transmission section matches the identification information of the photographing device
In the step of dividing the specific data, the specific data is divided so that the specific data can be reproduced or output only when the partial data and the remaining data are combined. delete The method of claim 10,
Some of the above data,
A computer program stored in a medium, characterized in that, among the data constituting the specific data, data of a minimum size in which normal reproduction or output of the specific data is impossible when reproduced or outputted except for the specific data. Combined with hardware, a user terminal that restores specific data that is encrypted and provided by a recording device mapped to the server transmits a request signal for the specific data to the server, and as a response, the specific data is Receiving storage location information indicating a location where some encrypted data is stored among the divided data;
Acquiring the encrypted partial data and identification information of the encrypted photographing device from the block chain network based on the storage location information;
Decrypting the encrypted partial data based on a specific decryption key; And
Performing a step of combining the partial data of the specific data received through the response, except for the partial data, and the decoded partial data to restore the specific data,
The specific decryption key for decrypting the encrypted partial data is shared with the photographing device that is mapped and registered with the user terminal in the server, and an encryption key stored by the photographing device during an authentication process between the photographing device and the server Are created in pairs,
The identification information of the encrypted photographing device received from the blockchain network is decrypted with the specific decryption key and is used to determine whether forgery or alteration in the transmission section according to whether it matches the identification information of the photographing device,
The specific data is divided so that the reproduction or output of the specific data is possible only when the decoded partial data and the remaining data are combined. The method of claim 13,
A computer program stored in a medium that is combined with hardware and further executes the step of determining the specific data as original data when the restored specific data is normally reproduced or output. delete

Images