KR102335000B1 - A system for managing access user identifications with respect to facilities accessed by multi users - Google Patents

Abstract

A computer readable storage medium having one or more computer readable instructions recorded thereon, the one or more computer readable instructions comprising: a system for managing occupant identification information of a facility accessed by multiple users, the system comprising: A facility manager device for receiving and storing predetermined identification information about the user from the user terminal of the user when entering the When read and executed by the management server of Receive the occupant identification information obtained on the predetermined date or period from the facility manager device in response to the request - The resident identification information is received from each user terminal of each user who entered the facility on the predetermined date or period, and Including the stored identification information, each identification information is stored in the facility manager device in an encrypted state, and is transmitted to the management server as it is in the encrypted state - and from the facility manager device Provided is a computer-readable storage medium that operates to decrypt each of the identification information received in an encrypted state using a decryption key prepared in advance, wherein the decryption key is secretly managed by a person having a predetermined authority. do.

Description

A system for managing the identification information of each person in a facility that can be accessed by multiple users

The present disclosure relates to facilities (eg, various multi-use facilities such as public facilities or commercial facilities) to which multiple users can access, digitally conveniently collects identification information of users entering and exiting each such facility, and quarantine It relates to a system that supports the timely and appropriate use of the collected information for special purposes for the public interest, such as, in particular, to prevent illegal leakage and misuse of each user's personal information while preventing the public interest It relates to a system that supports the use of such information promptly on the premise of the user's consent to provide information when it is unavoidably necessary for this purpose.

In recent years, more and more frequent national and global epidemics of infectious diseases have occurred. In particular, a pandemic caused by a new type of virus or bacteria for which no preventive or therapeutic drug has been developed makes people around the world terrified of infection and causes great chaos in our society and the economy as a whole. In the case of an infectious disease outbreak, quarantine measures to prevent or stop the spread of such an infectious disease are very important. It is especially important to timely isolate those who have been exposed and who are not yet infected but who may be in the incubation period.

However, in a complex modern society where many people visit various places/facilities that anyone can enter, and also meet many people, it is very difficult to find infected persons and risk-taking persons (and their movement routes, etc.) It's difficult. For example, even if an infected person is identified, the memory of the infected person's movement route may be insufficient (in addition, the infected person may not cooperate with the quarantine authorities to identify the movement route), and the card usage record of the infected person or the base station of the mobile terminal Using auxiliary means such as access history is not only time-consuming but also insufficient in itself, so it is often difficult for quarantine authorities to find the movement of infected people (and contacts). In addition, even if the movement route of the infected person is specified, it requires greater effort to find people who have visited each facility along the movement route, that is, potential contacts. .

Recently, in connection with the pandemic of coronavirus infection-19, quarantine authorities (eg, the Centers for Disease Control and Prevention), among places on the movement path of a specific infected person, have access to facilities (eg, hospitals or public facilities) , clubs, and various commercial facilities such as entertainment establishments), it has been difficult to identify those at risk of infection who may have come into contact with infected persons in such facilities. In response to this, various countermeasures have been introduced at each facility, such as requiring the names and contact information of visitors to be recorded. There are many regrets

Accordingly, the present disclosure provides for convenient digital collection and storage of identification information for each access user for each facility that multiple users can access, but to minimize the risk of leakage and misuse of personal information. Collect and store information, and only when there is a special purpose for the public good, such as quarantine, the identification information collected and stored for each facility is re-collected and timely by an administrator with special authority (e.g., a quarantine authority administrator) There is a need to provide a system that can support it so that it can be utilized.

According to one feature of the present disclosure, there is a computer readable storage medium on which one or more computer readable instructions are recorded, wherein the one or more computer readable instructions are a system for managing occupant identification information of a facility accessed by multiple users - the system When a user enters the facility, a facility manager device for receiving and storing predetermined identification information about the user from the user terminal of the user, and receiving the occupant identification information from the facility manager device and When read and executed by the management server, the management server requests the facility manager device to provide the occupant identification information acquired on a predetermined date or period to the facility manager device via a communication network. and, through the communication network, receive the occupant identification information obtained on the predetermined date or period from the facility manager device in response to the request. Includes each of the identification information received and stored from each user terminal of the user, and each identification information is stored in the facility manager device in an encrypted state, and transmitted to the management server in the encrypted state - and decrypting each of the identification information received in the encrypted state from the facility manager device using a pre-prepared decryption key, the decryption key being secretly managed by a person having a predetermined authority. , a computer-readable storage medium is provided.

According to an embodiment of the present disclosure, the one or more computer readable instructions, when read and executed by the management server, cause the management server to: each user of each user associated with the decrypted respective identification information The terminal may operate to transmit a notification indicating that the management server has received each of the identification information.

According to an embodiment of the present disclosure, the one or more computer readable instructions, when read and executed by the management server, cause the management server to: each user of each user associated with the decrypted respective identification information request to transmit, to a terminal, contact information of the user terminal in the facility, stored on each user terminal, from each user terminal in response to the request, stored on each user terminal, within the facility may operate to receive the contact information at - the contact information is transmitted in an encrypted state.

According to an embodiment of the present disclosure, the one or more computer-readable instructions, when read and executed by the management server, cause the management server to cause the facility manager device, from the management server, to the predetermined date or the Prior to receiving the request for provision of the occupant identification information obtained in a period, the facility manager device obtains and stores the occupant identification information obtained on the predetermined date or period by applying a predetermined hash function, and The first result that was present is received and stored from the facility manager device through the communication network, and when the occupant identification information obtained on the predetermined date or period is received from the facility manager device, the received predetermined date or The predetermined hash function may be applied to the occupant identification information obtained during the period, and a second result obtained therefrom may be operated to be compared with the first result.

According to an embodiment of the present disclosure, the one or more computer readable instructions, when read and executed by the management server, cause the management server to: In response to an input from the outside notifying the occurrence of an emergency related to the facility , to the facility manager device through the communication network to provide an alarm notifying the occurrence of the emergency situation. The emergency situation may be, for example, a situation in which it is necessary to temporarily close the facility when a specific infectious disease confirmed person who is a person entering the facility comes out.

According to another feature of the present disclosure, there is a computer-readable storage medium on which one or more computer-readable instructions are recorded, wherein the one or more computer-readable instructions are a system for managing occupant identification information of a facility that can be accessed by multiple users- The system includes a facility manager device for receiving and storing predetermined identification information about the user from a user terminal of the user when a certain user enters the facility, and a facility manager device for receiving the occupant identification information from the facility manager device and a management server that receives and manages - when read and executed by the facility manager device, causes the facility manager device to: Receives a request for providing resident identification information, and in response to the request, transmits the resident identification information acquired on the predetermined date or period to the management server via the communication network - The resident identification information is on the predetermined date or each of the identification information received and stored from each user terminal of each user who entered the facility during the period, wherein each identification information is stored on the facility manager device in an encrypted state, the A computer-readable storage medium is provided, which is transmitted to the management server in an encrypted state, and operates to automatically delete each of the identification information that has passed a predetermined time period after being stored in the facility manager device.

According to an embodiment of the present disclosure, the one or more computer readable instructions, when read and executed by the facility manager device, cause the facility manager device to: Before receiving the request for providing the visitor identification information about the facility, a first result of applying a predetermined hash function to the visitor identification information about the facility acquired on the predetermined date or period is generated, and the generation The first result obtained may be operated to be transmitted to the management server through the communication network.

According to an embodiment of the present disclosure, when an arbitrary user enters the facility, the facility manager device may include, from the user terminal of the user, the predetermined identification regarding the user, stored in advance on the user terminal. operable to receive and store information, wherein the reception of the predetermined identification information is performed by presenting the predetermined identification information as a QR code on a display of the user terminal, and reading the presented QR code by the facility manager device can be

According to an embodiment of the present disclosure, when an arbitrary user enters the facility, the facility manager device may include, from the user terminal of the user, the predetermined identification regarding the user, stored in advance on the user terminal. Receive and store information, wherein the reception of the identification information may be performed by directly transmitting the predetermined identification information from the user terminal to the facility manager device through a local area network.

According to an embodiment of the present disclosure, when an arbitrary user enters the facility, the facility manager device may include, from the user terminal of the user, the predetermined identification regarding the user, stored in advance on the user terminal. operable to receive and store information, wherein the reception of the predetermined identification information by the facility manager device may be performed after confirmation of the user's consent regarding the provision of the predetermined identification information is performed on the user terminal. have.

According to another feature of the present disclosure, there is provided a computer-readable storage medium in which one or more computer-readable instructions are recorded, wherein the one or more computer-readable instructions are configured to manage occupant identification information of each of a plurality of facilities accessed by multiple users. When read and executed on each of the user terminals of a system, the system including each user terminal of each of a plurality of users, each facility manager device of each of the plurality of facilities, and a management server, the user terminal causes the user terminal to: , on the user terminal, generating and storing predetermined identification information about the corresponding user, wherein the identification information generated and stored on the user terminal is encrypted and generated and stored according to a predetermined protocol, and the user When entering any of the plurality of facilities, according to the user's operation or automatically, generating an indication asking whether or not you agree to provide the identification information on the user terminal to the facility manager device of the facility, When presenting through the user terminal and receiving an indication of consent to provide the identification information from the user on the user terminal, the identification information is transmitted to the facility manager device - delivered from the user terminal to the facility manager device and wherein the identifying information is transmitted in the encrypted state - operative to enable.

According to an embodiment of the present disclosure, the one or more computer readable instructions, when read and executed on the user terminal, cause the user terminal to remain in the facility after the user enters the facility and then exits the facility. while, without intervention of the user, according to a predetermined wireless communication protocol, for another user terminal approaching the user terminal within a predetermined distance, the user terminal provides unique information of the user terminal, and also provides the other user from the other user terminal It can operate to receive and store unique information of the terminal.

According to an embodiment of the present disclosure, the one or more computer-readable instructions, when read and executed on the user terminal, cause the user terminal to access the user terminal within the predetermined distance from the other user terminal within the facility. The unique information of the user terminal provided to and the unique information of the other user terminal received and stored from the other user terminal are all provided or received and stored in an encrypted state, and the unique information of the user terminal is, It may be one of the identification information on the user terminal or a unique identification number assigned to the user terminal.

According to an embodiment of the present disclosure, the user terminal includes a position detection sensor, and the one or more computer readable instructions, when read and executed on the user terminal, cause the user terminal to: Based on the detected location information of the user terminal, the user terminal may be operated to confirm that the user has left the facility.

According to an embodiment of the present disclosure, the one or more computer readable instructions, when read and executed on the user terminal, cause the user terminal to remain in the facility after the user enters the facility and then exits the facility. During the operation, the power-off function of the user terminal may be turned off.

According to an embodiment of the present disclosure, the one or more computer-readable instructions, when read and executed on the user terminal, cause the user terminal to cause the other user within the facility to approach the user terminal within the predetermined distance. The unique information of the other user terminal received and stored from the terminal may be automatically deleted after a predetermined period has elapsed after the storage.

According to an embodiment of the present disclosure, the one or more computer readable instructions, when read and executed on the user terminal, cause the user terminal to cause the identification information transmitted from the user terminal to the facility manager device to be managed When receiving a notification indicating that it has been collected by the server or a request to provide predetermined information, the unique information of the other user terminal received and stored from the other user terminal that has approached the user terminal within the predetermined distance within the facility is transferred to the communication network Through, it is possible to operate to provide to the management server.

According to an embodiment of the present disclosure, the user terminal is provided with a position detection sensor, and stores the movement path of the user terminal detected through the position detection sensor on the user terminal, and the one or more computer readable instructions When read and executed on the user terminal, causing the user terminal to receive a notification or a predetermined information provision request indicating that the identification information transmitted from the user terminal to the facility manager device has been collected by the management server. In this case, the movement path of the user terminal stored on the user terminal may be operated to be provided to the management server through a communication network, subject to the user's consent to provide through the user terminal.

According to the present disclosure, when there is an urgent and serious need to identify each individual who has visited a specific facility and the contact of each individual (eg, when it is necessary to identify the facility visited by an infected person and their contacts during an epidemic), promptly and can conveniently collect such information, thereby achieving the most important rapid response measures in quarantine. According to the present disclosure, it is possible to properly protect the public interest such as rapid quarantine in the event of an infectious disease outbreak without compromising the value of protection of each individual's personal information according to the Personal Information Protection Act. According to the present disclosure, it can effectively contribute to the prevention and suppression of the epidemic, and can contribute to minimizing the socioeconomic loss caused by the epidemic.

1 is a diagram illustrating a schematic configuration of a system for managing occupant identification information of each of a plurality of facilities to which multiple users can access, according to an embodiment of the present disclosure.
FIG. 2 is a diagram schematically illustrating a functional configuration of the user terminal 110 shown in FIG. 1 , according to an embodiment of the present disclosure.
3 is a diagram schematically illustrating a functional configuration of the facility manager apparatus 120 shown in FIG. 1 , according to an embodiment of the present disclosure.
4 is a diagram schematically illustrating a functional configuration of the management server 130 shown in FIG. 1 , according to an embodiment of the present disclosure.
5 is a user terminal 110, a facility manager device 120, and a management server of the system 100 for managing resident identification information of each of a plurality of facilities that can be accessed by multiple users shown in FIG. 1; 130) is a diagram schematically showing a part of an operation flow by transmission and reception of information between each other.

Hereinafter, embodiments of the present disclosure will be described in detail with reference to the accompanying drawings. Hereinafter, when it is determined that there is a risk of unnecessarily obscuring the subject matter of the present disclosure, detailed descriptions of already known functions and configurations will be omitted. In addition, it should be understood that the contents described below are only related to one embodiment of the present disclosure, and the present disclosure is not limited thereto.

The terms used in the present disclosure are only used to describe specific embodiments and are not intended to limit the present disclosure. For example, an element expressed in a singular should be understood as a concept including a plurality of elements unless the context clearly means only the singular. It should be understood that the term "and/or" as used in this disclosure is intended to encompass any and all possible combinations by one or more of the listed items. Terms such as 'comprise' or 'have' used in the present disclosure are only intended to designate that the features, numbers, steps, operations, components, parts, or combinations thereof described in the present disclosure exist, and the terms It is not intended to exclude the possibility of addition or existence of one or more other features or numbers, steps, operations, components, parts, or combinations thereof.

In an embodiment of the present disclosure, a 'module' or 'unit' means a functional part that performs at least one function or operation, and may be implemented as hardware or software, or a combination of hardware and software. In addition, the plurality of 'modules' or 'units' may be integrated into at least one software module and implemented by at least one processor, except for 'modules' or 'units' that need to be implemented with specific hardware. have.

Hereinafter, with reference to the accompanying drawings, an embodiment of the present disclosure will be described in detail.

FIG. 1 is a diagram illustrating a schematic configuration of a system 100 for managing occupant identification information of each of a plurality of facilities to which multiple users can access, according to an embodiment of the present disclosure. As illustrated, the resident identification information management system 100 includes a plurality of user terminals 110 , a plurality of facility manager devices 120 , a management server 130 , and a communication network 140 .

According to an embodiment of the present disclosure, each of the user terminals 110 may be a portable communication terminal owned by an unspecified user. According to an embodiment of the present disclosure, each of the user terminals 110 may be a smartphone, a tablet, a laptop, etc. mainly owned by each user, but the present disclosure is not limited thereto, and all other various types of communication terminals are used. may include In this figure, only three user terminals 110 are shown, but the present disclosure is not limited thereto. According to another embodiment of the present disclosure, the occupant identification information management system 100 may include more or fewer user terminals 110 , and each user terminal 110 has the same or different types of portable devices. It should be noted that it may be a communication terminal.

According to an embodiment of the present disclosure, each user may include, on the user terminal 110 , identification information that can identify the user, for example, a user name, address, phone number, date of birth (or resident number), and the like. A variety of possible identification information may be stored in an encrypted form according to a predetermined encryption protocol. According to an embodiment of the present disclosure, the aforementioned various types of identification information may be stored in an encrypted state after being de-identified according to the Personal Information Protection Act, but the present disclosure is not limited thereto. According to an embodiment of the present disclosure, each user receives and installs a predetermined quarantine management app from the management server 130 (or other server not shown) to be described later on, for example, the user terminal 110, and the corresponding The above-described encrypted identification information may be generated and stored through the app. According to an embodiment of the present disclosure, in the process of receiving and installing the quarantine management app, each user may enter various types of identification information about the user and go through a self-authentication procedure, but the present disclosure is not limited thereto. According to an embodiment of the present disclosure, since the user identification information stored on the user terminal 110 is stored in an encrypted form as described above, a person with a predetermined authority (eg, preventive and quarantine of infectious diseases, etc.) It can be decrypted only through a decryption protocol and a decryption key managed by a person who has been granted the right to collect and utilize personal information for a public purpose, for example, the manager of the management server 130 to be described later. However, without going through a decryption process using such a decryption protocol and decryption key, no one on the user terminal 110 may be able to decrypt and verify the information (thereby, the personal identification information stored on the user terminal 110, the user terminal It can prevent unauthorized leakage by anyone who has access to (110)).

According to an embodiment of the present disclosure, the quarantine management app may be executed by a user operation (or automatically when the user terminal 110 detects that the terminal 110 is at a predetermined location), and the user terminal The user identification information stored on the 110 may be presented, for example, as visually readable information such as a QR code, through the display of the user terminal 110 , but the present disclosure is not limited thereto. According to an embodiment of the present disclosure, as will be described later, user identification information visually presented on the display of the user terminal 110 may be read by the facility manager device 120 (with a QR code reading function). . According to another embodiment of the present disclosure, the user identification information stored on the user terminal 110 may include a direct user intervention (eg, when the user terminal 110 approaches one of the facility manager devices 120 within a predetermined distance). It may be transmitted to the facility manager device 120 through a short-distance communication method such as NFC without operation such as running an app). According to an embodiment of the present disclosure, the transmission/reading of user identification information from the user terminal 110 to the facility manager device 120 according to the above-described various methods provides explicit information of the user through the user terminal 110 . It may be performed on the premise of consent (eg, clicking a consent confirmation button, etc.).

According to an embodiment of the present disclosure, while the user is in a certain facility, the user terminal 110 is located within the facility between other user terminals close to the user terminal 110 within a predetermined distance. Through any short-distance wireless communication method, unique information stored by each other may be exchanged and stored. According to an embodiment of the present disclosure, the exchange and storage of unique information with other user terminals may be automatically performed without any user intervention. According to an embodiment of the present disclosure, the unique information exchanged between the user terminal 110 and other user terminals may be each of the above-described identification information stored in an encrypted state by each terminal. It may be assigned unique information (eg, MAC address of each terminal, etc.). According to an embodiment of the present disclosure, the unique information of the other user terminal 110 close to the corresponding user terminal 110 stored on the user terminal 110 may be stored in an encrypted state, and may be stored in an encrypted state. It may be automatically deleted after the expiration of the period (eg, a predetermined period in consideration of the incubation period of infectious diseases, etc.). According to an embodiment of the present disclosure, the unique information of the other user terminal 110 close to the corresponding user terminal 110 stored on the user terminal 110 is, as will be described later, at the request of the management server 130 . In response, it may be transmitted to the management server 130 through the communication network 140 . According to an embodiment of the present disclosure, the user terminal 110 is configured such that the power-off of the user terminal 110 is cut off while the user terminal 110 enters a specific facility and then stays in the facility before leaving. , it is possible to prevent the user terminal 110 from avoiding exchanging unique information with another user terminal 110 in contact with the user terminal 110 .

According to an embodiment of the present disclosure, each of the facility manager devices 120 is an operator or manager of each facility (eg, an employee in charge of managing access to the facility in the case of a public facility, and a commercial facility operator or access manager in the case of a commercial facility) etc.) may be a communication terminal possessed. According to an embodiment of the present disclosure, the facility manager device 120 may be a desktop, a laptop, a PDA, a smart phone, a portable communication terminal, etc. owned by each facility manager, but the present disclosure is not limited thereto. In this figure, only three facility manager devices 120 are shown, but the present disclosure is not limited thereto. According to another embodiment of the present disclosure, the occupant identification information management system 100 may include more or fewer facility manager devices 120 , and each facility manager device 120 is of the same or different type. It should be noted that it may be a terminal of

According to an embodiment of the present disclosure, each of the facility manager devices 120 can read/receive and store identification information on the user terminal 110 from the user terminal 110 close to the facility manager device 120 . have. According to an embodiment of the present disclosure, the facility manager device 120 is, for example, a reading device having a QR code reading function, which is presented in the form of a QR code on the display of the user terminal 110 of the user who wants to enter the facility. It may be a device capable of reading and storing user identification information. According to an embodiment of the present disclosure, the facility manager device 120 receives user identification information from the user terminal 110 close to the facility manager device 120 through, for example, short-range wireless communication with the user terminal 110 . It can be any communication terminal that can read and store. According to an embodiment of the present disclosure, the facility manager device 120 may store user identification information read/received from the user terminal 110 of each user entering the facility in an encrypted state. According to an embodiment of the present disclosure, the facility manager device 120 may automatically delete user identification information read/received from each user terminal 110 and stored after a predetermined time period has elapsed from the storage time. have. According to an embodiment of the present disclosure, the identification information of each user terminal 110 stored on the facility manager device 120 is, as will be described later, in response to a request from the management server 130 , the communication network 140 . through, it may be transmitted to the management server 130 .

According to an embodiment of the present disclosure, the facility manager device 120 may be configured to be included in an entrance gate device (not specifically shown) of a predetermined facility. According to an embodiment of the present disclosure, an entrance gate device through which a user who wants to enter the facility must pass may be installed at the entrance of each facility, and the facility manager device 120 is a part of the entrance gate device. included and can be installed. According to an embodiment of the present disclosure, the access gate device (not specifically shown) may include various devices for prevention, for example, the body temperature of the occupant in a non-contact manner (eg, thermal imaging camera, etc.) A body temperature measuring/analyzing device for measuring and analyzing, a sterilizing device for sterilizing the hands, body, and clothes of the user entering and leaving (for example, a device with functions such as spraying sterilizing solution, spraying sterilizing water harmless to the human body, etc.) Also, the facility manager device 120 may be included and disposed as a part provided on one side of the entrance gate device having various devices for such prevention.

According to an embodiment of the present disclosure, the management server 130 may be a communicable computer device owned by the manager of the resident identification information management system 100 . According to an embodiment of the present disclosure, the management server 130 may be, for example, a server device owned by an institution such as the Korea Centers for Disease Control and Prevention that supervises national quarantine management. According to an embodiment of the present disclosure, the management server 130, when necessary for a national public interest purpose such as prevention and quarantine of infectious diseases (eg, identify the movement of confirmed patients and contacts during an epidemic of infectious diseases such as coronavirus infection-19) and when management is required), through the communication network 140 , to each facility manager device 120 , user identification information regarding the occupants stored by the facility manager device 120 may be requested. According to an embodiment of the present disclosure, for example, when a confirmed person who needs movement management during an epidemic of a specific infectious disease and the facility/date of the confirmed person's visit are identified, the manager (eg, the head of the Centers for Disease Control and Prevention, etc.) Through the, it is possible to request the identification information of the access user stored in the facility manager device 120 in response to the date (or a predetermined period including the date) to the facility manager device 120 of each facility visited by the confirmed person have. According to an embodiment of the present disclosure, it is possible to receive the requested access user identification information from the facility manager device 120 that has sent the above-mentioned request, and at this time, information transmitted from the facility manager device 120 to the management server 130 . can be transmitted/received in an encrypted state. According to an embodiment of the present disclosure, the management server 130 may store a predetermined decryption key, and decrypts user identification information received in an encrypted state from each facility manager device 120 using the decryption key. can do. According to an embodiment of the present disclosure, the management server 130 collects and utilizes each user's personal information for a specific public purpose such as prevention and quarantine of infectious diseases, and therefore, the personal information of users for other purposes. In order to prevent leakage or misuse, the above-mentioned decryption key may be secretly maintained/managed under the management of a person with specific authority.

According to an embodiment of the present disclosure, the management server 130 obtains the identification information of each user received from each facility manager device 120 and decrypted using the decryption key, and then added to the identification information of each user. Accordingly, a notification indicating that the corresponding information has been collected by the management server 130 may be provided to the user terminal 110 of each corresponding user. According to an embodiment of the present disclosure, the management server 130 may transmit such a notification to each user terminal 110 through the communication network 140 in various forms such as SMS, MMS, Instant Message, and the like. According to an embodiment of the present disclosure, the management server 130, according to the obtained identification information, to the user terminal 110 of each corresponding user, the contact user identification information stored in the user terminal 110 (eg, , may request to transmit the unique information transmitted from the other user terminal 110 in close contact within the facility to the corresponding user terminal 110 and stored on the user terminal 110), and the user terminal responding to the request The contact user identification information may be received from 110 .

According to an embodiment of the present disclosure, the communication network 140 may include one or more wired/wireless communication networks supporting one or more arbitrary communication protocols. According to an embodiment of the present disclosure, the communication network 140 is, for example, a local area network such as NFC, Bluetooth, Wi-Fi, and TCP/IP networks such as LAN and WAN, various mobile communication networks including CDMA, OFDM, GSM, etc. and the like, and the present disclosure is not limited thereto.

FIG. 2 is a diagram schematically illustrating a functional configuration of the user terminal 110 shown in FIG. 1 , according to an embodiment of the present disclosure. As illustrated, the user terminal 110 may include a communication unit 112 , an input/output interface 114 , an information storage unit 116 , and a location sensor 118 .

According to an embodiment of the present disclosure, the communication unit 112, according to one or more communication protocols, the user terminal 110, each other user terminal 110, each facility manager device 130, and the management server 130 ) can be supported to communicate with According to an embodiment of the present disclosure, the user terminal 110 may access the management server 130 according to a predetermined communication protocol (eg, TCP/IP protocol, etc.) through the communication unit 112, It is possible to perform transmission and reception of predetermined information (eg, reception of quarantine management app information, etc.) with the management server 130 . According to an embodiment of the present disclosure, the user terminal 110 also, through the communication unit 112, according to a predetermined communication protocol (eg, NFC protocol, Bluetooth protocol, etc.), each facility manager device 120 and Communication (eg, provision of user terminal 110 identification information, etc.) may be performed. According to an embodiment of the present disclosure, the user terminal 110 also, through the communication unit 112, according to a predetermined communication protocol (eg, NFC protocol, Bluetooth protocol, etc.), close to the user terminal 110 It can communicate with other user terminals 110 (eg, exchange identification information between the user terminals 110 , etc.).

According to an embodiment of the present disclosure, the input/output interface 114 may be a user interface that receives information input from a user and provides predetermined information in a form that the user can recognize. According to an embodiment of the present disclosure, the input/output interface 114 may include a touch pad capable of receiving a user's touch input, a predetermined operation key/keyboard capable of receiving a user's key input, and the like, The present disclosure is not limited thereto. According to an embodiment of the present disclosure, the input/output interface 114 includes a display, a speaker, a haptic generator, etc. capable of providing predetermined output information to a user in a recognizable form (though not specifically shown). and the present disclosure is not limited thereto.

According to an embodiment of the present disclosure, the information storage unit 116 may include any type of non-volatile storage device capable of storing predetermined information. According to an embodiment of the present disclosure, as described above, the user terminal 110 may access the management server 130 through the communication unit 112 to receive/install the quarantine management app from the management server 130 . , the received/installed app information may be stored in the information storage unit 116 . According to an embodiment of the present disclosure, the user terminal 110 receives/installs the quarantine management app, user identification information (eg, user one or more information for specifying a user, such as name, address, phone number, date of birth, resident number, etc.) may be received, and the received user identification information may be stored in the information storage unit 116 in conjunction with the quarantine management app . According to an embodiment of the present disclosure, user identification information may be encrypted and stored according to a predetermined encryption protocol. The encrypted and stored user specific information uses a decryption key on the management server 130 as described above. It can only be deciphered. According to an embodiment of the present disclosure, the user terminal 110 communicates with another user terminal 110 close to the corresponding user terminal 110 through the communication unit 112 as described above (eg, the user Identification information exchange between terminals 110 , etc.) may be performed, and identification information received from another user terminal 110 may be stored in the information storage unit 116 . According to an embodiment of the present disclosure, identification information from another user terminal 110 received and stored on the user terminal 110 may be stored in an encrypted state, and the information in the encrypted state is stored in the management server ( 130), it can be decrypted only by using the decryption key. According to an embodiment of the present disclosure, identification information received from another user terminal 110 stored in the information storage unit 116 may be automatically deleted after a predetermined time period elapses.

According to an embodiment of the present disclosure, the location sensor 118 may be a location sensor such as a GPS sensor that detects the current location of the user terminal 110 . According to an embodiment of the present disclosure, the user terminal 110 may collect the movement path of the corresponding user terminal 110 through the location sensor 118 , and display the collected movement path on the user terminal 110 . can be stored in According to an embodiment of the present disclosure, the collected movement route may be automatically deleted after a predetermined time period has elapsed.

3 is a diagram schematically illustrating a functional configuration of the facility manager apparatus 120 shown in FIG. 1 , according to an embodiment of the present disclosure. As illustrated, the facility manager device 12 may include a communication unit 122 , an information reading unit 124 , an information storage unit 126 , and a hash generating unit 128 .

According to an embodiment of the present disclosure, the communication unit 122 may support the facility manager device 120 to communicate with the management server 130 and each user terminal 110 according to one or more communication protocols. have. According to an embodiment of the present disclosure, the facility manager device 120 may access the management server 130 through the communication unit 122 according to a predetermined communication protocol (eg, TCP/IP protocol, etc.) , it is possible to perform transmission and reception of predetermined information with the management server 130 . According to an embodiment of the present disclosure, a facility manager (eg, a business owner, etc.) may turn on the facility manager device 120 when starting operation (business) of the facility, and The turn-on may be transmitted to the management server 130 as a signal indicating the start of operation (business) of the corresponding facility (eg, business site) on the corresponding day. According to an embodiment of the present disclosure, the facility manager device 120 also receives the information from each user terminal 110 according to a predetermined communication protocol (eg, NFC protocol, Bluetooth protocol, etc.) through the communication unit 122 . The provided user identification information may be received. According to an embodiment of the present disclosure, the facility manager device 120 may receive a request for providing user identification information collected and stored from the management server 130 through the communication unit 122 , and the received request In response, the stored user identification information may be provided to the management server 130 . According to an embodiment of the present disclosure, when the facility manager device 120 provides user identification information stored on the facility manager device 120 to the management server 130 through the communication unit 122 , , a result of applying a hash function, which is stored in association with the corresponding user identification information, to be described later may be transmitted together to the management server 130 .

According to an embodiment of the present disclosure, the information reading unit 124 reads the user identification information stored on the corresponding user terminal 110 from the user terminal 110 of each user who wants to enter the facility managed by the facility manager. can According to an embodiment of the present disclosure, user identification information stored in advance on the user terminal 110 may be presented in the form of a QR code or the like through the user input/output interface 114 , specifically, the display. 124 may be a reading device capable of reading such a QR code or the like. According to an embodiment of the present disclosure, the information reading unit 124 receives user identification information from the user terminal 110 close to the facility manager device 120 through short-range wireless communication with the user terminal 110 . It may be a wireless communication information reading unit that receives

According to an embodiment of the present disclosure, the information storage unit 126 may include any type of recording device that stores identification information of each user terminal 110 read through the information reading unit 124 . . According to an embodiment of the present disclosure, in the information storage unit 126 , as described above, identification information of each user terminal 110 may be stored in an encrypted state. According to an embodiment of the present disclosure, the identification information of each user terminal 110 stored in the information storage unit 126 is stored for a predetermined period (eg, in consideration of the incubation period of a specific infectious disease) from the time the information is stored. It may be automatically deleted after a predetermined period of time, etc.)

According to an embodiment of the present disclosure, the hash generator 128 may bundle the information stored in the information storage unit 126 for each predetermined unit, apply a predetermined hash function, obtain and store the result. According to an embodiment of the present disclosure, the hash generator 128 is, for example, at the time of terminating the operation (business) of the corresponding facility (eg, the time of turning off the facility manager device 120 by date) on the corresponding date Identification information (encrypted state) from each user terminal 110 obtained and stored in the information storage unit 126 is bundled and viewed as a unit, and the result of applying it to a predetermined hash function is stored in the information storage unit 126 It may be stored together with the aforementioned identification information. According to another embodiment of the present disclosure, the hash generating unit 128 may group identification information (encrypted state) obtained during the period in units of any other period other than each date, and view it as a unit, and this The result applied to the hash function of , may be stored together with the above-described identification information in the information storage unit 126 .

4 is a diagram schematically illustrating a functional configuration of the management server 130 shown in FIG. 1 , according to an embodiment of the present disclosure. As shown, the management server 130 includes a facility manager device management unit 131 , a quarantine management app providing unit 132 , a communication unit 133 , an access information requesting/receiving unit 134 , a tampering check unit 135 , It may include an access information decoding/storing unit 136 and an access information analyzing unit 137 .

According to an embodiment of the present disclosure, the facility manager device management unit 131 is configured to provide a plurality of facilities to which an unspecified number of users can access, for example, various public facilities such as various sports facilities, parks, etc. Registers each of the above-described facility manager devices 120 installed in business facilities (but not limited thereto), etc., and receives information about each facility manager device 120 , for example, name, address, communication address, etc. and can be stored. According to an embodiment of the present disclosure, as described above, the quarantine management app providing unit 132 provides and supports installation of the quarantine management app to each user terminal 110 that has accessed the management server 130 . can

According to an embodiment of the present disclosure, the communication unit 133 supports the management server 130 to communicate with each facility manager device 120 and each user terminal 110 according to a predetermined communication protocol. can According to an embodiment of the present disclosure, the management server 130 may access the facility manager device 130 through the communication unit 133 according to a predetermined communication protocol (eg, TCP/IP protocol, etc.) , it is possible to perform transmission and reception of predetermined information with the facility manager device 130 . According to an embodiment of the present disclosure, the management server 130, through the communication unit 133, to each facility manager device 130, the facility manager device 130 is acquired and stored for a predetermined date or period. A request may be made to provide identification information of a user who has entered the facility, and the user identification information may be received from the facility manager device 130 in response to the request. According to an embodiment of the present disclosure, the management server 130 also, through the communication unit 133, from each facility manager device 130, along with the user identification information described above, applying a hash function associated with the user identification information A result (information stored together in the facility manager device 130 ) may be received.

According to an embodiment of the present disclosure, the access information request/receiver unit 134 is configured to, when necessary for a national public interest purpose such as prevention and quarantine of infectious diseases, for example, a confirmed person who needs flow management during an epidemic of a specific infectious disease and the confirmed person. When the visited facility/date is identified, according to the request input of the manager (eg, the head of the Center for Disease Control, etc.), the facility manager device 120 stores the facility manager device 120 as described above through the communication unit 133 It is possible to request user identification information about the visitor. According to an embodiment of the present disclosure, the access information requesting/receiving unit 134 may also receive the requested access user identification information from the facility manager device 120 that has sent the above-mentioned request, in which case the facility manager device 120 ), the user identification information transmitted to the management server 130 may be transmitted/received in an encrypted state.

According to an embodiment of the present disclosure, when receiving user identification information from each facility manager device 130 through the communication unit 133 , the falsification confirmation unit 135 receives the user identification information on a predetermined date Alternatively, a predetermined hash function may be applied in units of a period. According to one embodiment of the present disclosure, the tampering confirmation unit 135 is, for example, a hash function such as that applied to the hash function in the facility manager device 120 described above, and that applied when the hash function is applied in the facility manager device 120 . It can be applied to information by the same date or period unit. According to an embodiment of the present disclosure, the tampering check unit 135, through the communication unit 133, from each facility manager device 130, the hash function application result associated with the user identification information received together with the user identification information (that is, information transmitted from the facility manager device 130) can be compared with a result obtained as a result of application of the same hash function in the tampering confirmation unit 135, and whether the access user identification information received from the result is falsified (For example, if the result of applying the hash function to the same period information is different, it can be considered that the information has been tampered with).

According to an embodiment of the present disclosure, the access information decryption/storage unit 136 may store a predetermined decryption key. According to an embodiment of the present disclosure, the access information decryption/storage unit 136 may decrypt and store user identification information received in an encrypted state from each facility manager device 120 using a corresponding decryption key. According to an embodiment of the present disclosure, the management server 130 collects and utilizes each user's personal information for a specific public purpose such as prevention and quarantine of infectious diseases, and therefore, the personal information of users for other purposes. In order to prevent leakage or misuse, the above-mentioned decryption key may be secretly maintained/managed under the management of a person with specific authority. According to an embodiment of the present disclosure, the access information decoding/storing unit 136 may decode the information received from the facility manager device 120 and according to each user identification information obtained, the user terminal 110 of each corresponding user. ), through the communication unit 133, a notification indicating that the corresponding identification information has been collected by the management server 130 (eg, together with the purpose of collecting the corresponding user identification information) may be provided. According to an embodiment of the present disclosure, such a notification may be delivered as various types of messages such as SMS, MMS, IM, and DM to each user terminal, but the present disclosure is not limited thereto. According to an embodiment of the present disclosure, the access information decoding/storing unit 136 is configured to perform analysis by the access information analysis unit 137 to be described later and use it according to a purpose and/or after a predetermined period has elapsed. The received and stored information can be automatically discarded.

According to an embodiment of the present disclosure, the access information requesting/receiving unit 134 decodes the information received from the facility manager device 120 by the access information decoding/storing unit 136 to obtain each user identification information. Accordingly, to the user terminal 110 of each corresponding user, contact user identification information stored in the corresponding user terminal 110 (eg, from another user terminal 110 in close contact within the facility to the corresponding user terminal 110 is transmitted to the user terminal 110 ) to transmit the unique information stored on the user terminal 110). According to an embodiment of the present disclosure, the access information requesting/receiving unit 134 may receive the contact user identification information from the user terminal 110 in response to the above-described request. According to an embodiment of the present disclosure, the contact user identification information obtained by the access information requesting/receiving unit 134 may be received in an encrypted state, and the access information decoding/storing unit 136 may use a predetermined decryption key. can be used to perform decoding and store the decoded result information. According to an embodiment of the present disclosure, the decryption of the information received from the facility manager device 120 and the decryption of the information received from each user terminal 110 may be performed according to the same or different decryption keys and protocols.

According to an embodiment of the present disclosure, the access information analyzing unit 137 may analyze each user's identification information stored in the access information decoding/storing unit 136 . According to an embodiment of the present disclosure, the access information analyzer 137 also receives and stores user identification information (indicating the user's access to each facility) received/stored from the plurality of facility manager devices 120 . Based on the , it is possible to analyze the movement of each user. According to an embodiment of the present disclosure, the access information analysis unit 137 may draw, for example, a movement line graph of each user based on each user identification information obtained/stored and received from each facility manager device 120 . . According to an embodiment of the present disclosure, the access information analysis unit 137 may be configured to, based on each user identification information received and acquired/stored from each facility manager device 120 , for example, at a time when a confirmed person with a specific infectious disease is at risk of infection. It can be confirmed that a specific facility has been visited, and in such a case, a notification informing of a danger (such as a recommendation to stop business) can be provided to the facility manager device 120 of the specific facility through the communication unit 133 .

5 is a user terminal 110 and a facility manager device ( 120), and a diagram schematically showing a part of an operation flow by information transmission/reception between the management server 130 .

First, in step 502 , a pre-prepared quarantine management app may be activated by a user operation on the user terminal 110 . According to an embodiment of the present disclosure, the quarantine management app is a program that the user terminal 110 that has previously accessed the management server 130 receives from the management server 130 and installs it on the user terminal 110 . In the installation process, various information related to the user (eg, contact information such as user name, address, phone number, date of birth, resident number, etc.) is received and encrypted, and the encrypted user identification information may be stored. According to an embodiment of the present disclosure, a user who arrives at an entrance to a predetermined facility to which a large number of unspecified users can enter may activate the quarantine management app on the user terminal 110 to enter the facility.

When the quarantine management app is activated, in step 504, on the display of the user terminal 110, the aforementioned user identification information may be presented in the form of a QR code, and at this time, the information is provided to the user for a predetermined purpose / Inquiries regarding whether or not to agree to use (eg, inquiry regarding whether to agree to provide and utilize to the management server 130 when necessary for public interest, such as quarantine) may be presented together. In step 506 , an indication of consent to the provision/use of such information may be received from the user terminal 110 . When the user terminal 110 is presented in front of the facility manager device 120 of the facility by the user in step 508, the facility manager terminal 120 reads the QR code in step 510, and the user terminal ( 110) may receive and store user identification information. As mentioned several times, user identification information may be stored in the facility manager device 120 in an encrypted state. In step 512 , the facility manager device 120 includes the user identification information obtained in step 510 , and bundles the user identification information obtained during a predetermined period (eg, the corresponding date) with a predetermined hash function. can be applied, and the application result can be stored together with the corresponding user identification information.

In step 514, the user terminal 110 of the user who has entered the facility, with respect to another user terminal 110 that is close to the user terminal 110 within a predetermined distance within the facility, the user terminal ( At the same time providing the encrypted identification information on the 110) through short-range wireless communication, it is possible to receive and store the encrypted identification information stored in the other user terminal 110 from the other user terminal 110 through short-range wireless communication. In step 516 , the user terminal 110 confirms that the user terminal 110 has left the facility through the location sensor installed inside the user terminal 110 , and uses the quarantine management app that was in the activated state. It can be returned to inactive state.

Meanwhile, in step 518 , the facility manager device 120 may receive, from the management server 130 , a request for user identification information for a predetermined period (or date). The facility manager device 120 may transmit the requested information to the management server 130 through the communication network 140 together with the hash function application result corresponding thereto in step 520 . In step 522, the management server 130 may decrypt the received user identification information in an encrypted state using a predetermined decryption key, and based on the information obtained therefrom, It is possible to provide a notification informing the collection of the corresponding information to each user terminal 110 in accordance with the information. In step 524, the management server 130 also, to each user terminal 110 according to each obtained user identification information, the user terminal 110 is stored, the user terminal 110 and short-distance contact It is possible to request the provision of identification information about the other user terminal 110, and may receive the requested information in step 526. In step 528 , the management server 130 may analyze the obtained information in various ways, and use it for a predetermined purpose, for example, a quarantine management purpose. In step 530 , the management server 130 (and the facility manager device 120 and the user terminal 110 ) use the previously collected All information can be discarded.

As will be apparent to those skilled in the art, the present invention is not limited to the examples described in the present disclosure, and various modifications, reconstructions and substitutions may be made without departing from the scope of the present disclosure. It should be understood that the various techniques described herein may be implemented by hardware or software, or a combination of hardware and software.

Claims (18)

A computer readable storage medium having one or more computer readable instructions recorded thereon, wherein the one or more computer readable instructions are a system for managing user identification information of users entering and leaving each facility in relation to a plurality of facilities, the system comprising: a facility manager device configured to receive and store predetermined user identification information prepared in advance from a user terminal of the user when any user enters any of the plurality of facilities; a management server configured to receive identification information; when read and executed by the management server of
Requesting, to the facility manager device through a communication network, to provide a plurality of user identification information accumulated and stored for a specific period in the facility manager device,
Receive the plurality of user identification information accumulated and stored for the specific period from the facility manager device through the communication network - Each of the user identification information is stored in the facility manager device in an encrypted state, the Transmitted to the management server in an encrypted state - and
Decrypting the user identification information received from the facility manager device using a decryption key prepared in advance - the decryption key is secretly managed by a person having a predetermined authority;
Check each user terminal associated with each of the user identification information based on the decoded user identification information,
request to transmit contact information stored on the user terminal to one or more user terminals among the identified user terminals through the communication network, contact information in the facility;
and receive, via the communication network, the contact-related information, the contact-related information being transmitted in an encrypted state, from the user terminal in response to the request. According to claim 1,
The one or more computer readable instructions, when read and executed by the management server, cause the management server to:
send, to each of the identified user terminals, a notification indicating that the user identification information associated with the user terminal has been received by the management server. delete According to claim 1,
The one or more computer readable instructions, when read and executed by the management server, cause the management server to:
Before the facility manager device receives the request for provision of a plurality of user identification information accumulated and stored for the specific period from the management server, the facility manager device identifies the user accumulated and stored for the specific period Receive and store a first result obtained and stored by applying a predetermined hash function to information from the facility manager device through the communication network,
When receiving the user identification information accumulated and stored for the specific period from the facility manager device, the predetermined hash function is applied to the received user identification information, and a second result obtained therefrom is obtained as the first result A computer readable storage medium operable to compare with According to claim 1,
The one or more computer readable instructions, when read and executed by the management server, cause the management server to:
and in response to an input from the outside notifying the occurrence of an emergency related to the facility, provide an alarm to the facility manager device via the communication network announcing the occurrence of the emergency. delete delete delete delete delete A computer readable storage medium having one or more computer readable instructions recorded thereon, wherein the one or more computer readable instructions are a system for managing user identification information of users entering and leaving each facility in relation to a plurality of facilities, the system comprising: a plurality of user terminals, each facility manager device of each of the plurality of facilities, and a management server; when read and executed on each of the user terminals, causes the corresponding user terminals to:
generating and storing, on the user terminal, predetermined user identification information about a corresponding user, wherein the user identification information generated and stored on the user terminal is encrypted and generated and stored according to a predetermined protocol;
When the user enters any facility among the plurality of facilities, in response to the user's operation or automatically, asking whether the user agrees to provide the user identification information on the user terminal to the facility manager device of the facility generating an indication and presenting it on the user terminal;
When receiving an indication of consent to provide the user identification information from the user on the user terminal, the user identification information is transmitted to the facility manager device via a communication network - the user transferred from the user terminal to the facility manager device Identification information is transmitted in an encrypted state - and
For another user terminal that automatically approaches the user terminal within a predetermined distance according to a predetermined wireless communication protocol without the user's intervention while the user is in the facility after entering the facility until leaving the facility, providing unique information of the user terminal, and receiving and storing unique information of the other user terminal from the other user terminal;
When receiving a request from the management server through the communication network, the unique information of the other user terminal received and stored from the other user terminal in the facility is operated to provide the management server through the communication network , a computer readable storage medium. delete 12. The method of claim 11,
The unique information of the user terminal provided to the other user terminal in the facility and the unique information of the other user terminal received and stored from the other user terminal are all provided or received and stored in an encrypted state,
wherein the unique information of the user terminal is one of the user identification information on the user terminal or a unique identification number assigned to the user terminal. 12. The method of claim 11,
The user terminal is provided with a position detection sensor,
The one or more computer readable instructions, when read and executed on the user terminal, cause the user terminal to:
and confirm that the user terminal has left the facility based on the location information of the user terminal detected through the location sensor. 12. The method of claim 11,
The one or more computer readable instructions, when read and executed on the user terminal, cause the user terminal to:
operatively to shut off a power-off function of the user terminal while the user is in the facility after entering the facility and until exiting the facility. 12. The method of claim 11,
The one or more computer readable instructions, when read and executed on the user terminal, cause the user terminal to:
and automatically delete, within the facility, the unique information of the other user terminal received and stored from the other user terminal after a predetermined period of time has elapsed since the storage. delete 12. The method of claim 11,
The user terminal is provided with a position detection sensor, and stores the movement path of the user terminal detected through the position detection sensor on the user terminal,
The one or more computer readable instructions, when read and executed on the user terminal, cause the user terminal to:
When receiving, from the management server, a notification indicating that the user identification information transmitted from the user terminal to the facility manager device has been collected by the management server or a request for providing predetermined information, the user terminal stored on the user terminal to the management server through a communication network, subject to the user's consent to provide through the user terminal, to operate to provide the movement path of

Images