TW201342081A - Digital content cloud storage and authentication method - Google Patents

Digital content cloud storage and authentication method Download PDF

Info

Publication number
TW201342081A
TW201342081A TW101112935A TW101112935A TW201342081A TW 201342081 A TW201342081 A TW 201342081A TW 101112935 A TW101112935 A TW 101112935A TW 101112935 A TW101112935 A TW 101112935A TW 201342081 A TW201342081 A TW 201342081A
Authority
TW
Taiwan
Prior art keywords
digital
file
certificate server
server device
digital certificate
Prior art date
Application number
TW101112935A
Other languages
Chinese (zh)
Inventor
Hui-Chung Che
Original Assignee
Hui-Chung Che
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hui-Chung Che filed Critical Hui-Chung Che
Priority to TW101112935A priority Critical patent/TW201342081A/en
Publication of TW201342081A publication Critical patent/TW201342081A/en

Links

Abstract

A Digital Content Cloud Storage and Authentication Method comprises the following steps: (1) A first server acquires a digital content file from a digital terminal. (2) The first server acquires a first attribute information. (3) The first server generates a content ciphertext based on the digital content file. (4) The first server acquires a second attribute information. (5) The first server generates an authentication file by combining the content ciphertext with the first attribute information and the second attribute information. (6) The first server delivers the authentication file to the second server. (7) The second server acquires a third attribute information. (8) The second server generates an security file by combining the authentication file with the third attribute information. (9) The second server generates a security ciphertext based on the security file file. (10) The second server delivers the security file the first server.

Description

數位內容雲存儲與存證方法Digital content cloud storage and deposit method

本發明係有關於數位內容雲存儲技術,特別是指一種數位內容數位資料傳輸與保全方法。The invention relates to a digital content cloud storage technology, in particular to a digital content digital data transmission and preservation method.

現今,數位內容檔案被越來越多領域所應用,但由於其容易被篡改、偽造,人們無法辨認其存在時間及其真實性、可靠性。在數位版權保護、智慧財產權保護等領域,如何證明數位內容檔案的原創性與時間性,是個必須嚴肅面對的議題。Nowadays, digital content files are used in more and more fields, but because they are easily falsified and forged, people cannot recognize their existence time and their authenticity and reliability. In the fields of digital copyright protection and intellectual property protection, how to prove the originality and timeliness of digital content files is an issue that must be seriously faced.

目前常見的數位內容檔案保護方式,是將數位內容檔案完整上傳至伺服器,再透過伺服器將數位內容檔案加密後同時記錄上傳的時間,以證明數位內容檔案的原創性及時間性。At present, the common digital content file protection method is to completely upload the digital content file to the server, and then encrypt the digital content file through the server and record the uploading time at the same time to prove the originality and timeliness of the digital content file.

然而,上述的應用需要將原始數位內容檔案上傳到伺服器,如果檔案較大且網路頻寬不足,則將嚴重影響上傳時間,使數位內容檔案的存證生成困難。However, the above application needs to upload the original digital content file to the server. If the file size is large and the network bandwidth is insufficient, the uploading time will be seriously affected, and the storage of the digital content file is difficult.

此外,還有另一種保護數位內容檔案的方式,是將數位內容檔案上傳至伺服器,透過伺服器端生成一個檔案指紋,再將檔案指紋與原始數位內容檔案保存在數位終端裝置的電腦中。In addition, there is another way to protect the digital content file by uploading the digital content file to the server, generating an image fingerprint through the server, and then storing the file fingerprint and the original digital content file in the computer of the digital terminal device.

此種應用除了前述上傳數位內容檔案需要足夠的網路頻寬之外,將檔案指紋及數位內容檔案保存在數位終端裝置中,檔案指紋會有被篡改的可能性,因此檔案指紋無法有效且公正的證明檔案指紋及數位內容檔案的可靠性。In addition to the above-mentioned uploading of the digital content file, the application requires sufficient network bandwidth to store the file fingerprint and digital content files in the digital terminal device, and the file fingerprint may be tampered with, so the file fingerprint cannot be effective and fair. Proof of file fingerprint and digital content file reliability.

為了改善上述現有技術的缺陷,本發明提供一種數位內容雲存儲與存證方法,用以對數位內容檔案進行存證,以確保數位內容檔案存在時間的可靠性及原創性,同時具有資料傳輸量少、頻寬使用量少的優點,能達到傳輸速率快與高效率的功效。In order to improve the above-mentioned defects of the prior art, the present invention provides a digital content cloud storage and deposit method for depositing digital content files to ensure the reliability and originality of the digital content files, and has the data transmission amount. The advantages of less bandwidth and less bandwidth can achieve fast transmission speed and high efficiency.

本發明所提供的數位內容雲存儲與存證方法,供使用在一個數位內容整合式存證設備,用以對數位內容檔案進行存證,數位內容整合式存證設備包括至少一個數位終端裝置、至少一個第一數位存證伺服器裝置、至少一個第二數位存證伺服器裝置、以及網路裝置。網路裝置連接數位終端裝置、第一數位存證伺服器裝置與第二數位存證伺服器裝置。數位內容雲存儲與存證方法包括下列步驟:The digital content cloud storage and depositing method provided by the invention is provided for use in a digital content integrated storage device for depositing a digital content file, and the digital content integrated storage device comprises at least one digital terminal device, At least one first digital certificate server device, at least one second digital certificate server device, and a network device. The network device is connected to the digital terminal device, the first digital certificate server device and the second digital certificate server device. The digital content cloud storage and deposit method includes the following steps:

a)第一數位存證伺服器裝置通過網路裝置在數位終端裝置取得一個數位內容檔案並將其儲存;a) the first digital certificate server device obtains a digital content file on the digital terminal device through the network device and stores it;

b)第一數位存證伺服器裝置通過網路裝置在數位終端裝置取得相應於數位內容檔案的第一屬性信息並將其儲存,第一屬性信息包括數位內容檔案的使用者信息與位置識別信息,位置識別信息包含地理信息及/或機器信息,地理信息為數位終端裝置的地理位置,機器信息為數位終端裝置的裝置身分碼;b) the first digital certificate server device obtains and stores the first attribute information corresponding to the digital content file in the digital terminal device through the network device, and the first attribute information includes user information and location identification information of the digital content file. The location identification information includes geographic information and/or machine information, the geographic information is a geographic location of the digital terminal device, and the machine information is a device identity code of the digital terminal device;

c)第一數位存證伺服器裝置對數位內容檔案通過壓縮加密程序,生成一個檔案金鑰並將其儲存;c) the first digital certificate server device digital content file is generated by a compression encryption program, and an archive key is generated and stored;

d)第一數位存證伺服器裝置生成相應於檔案金鑰的第二屬性信息並將其儲存,第二屬性信息包括第一數位存證伺服器裝置生成檔案金鑰的時間信息,其中時間信息包含第一時間信息及/或第二時間信息,第一時間信息是第一數位存證伺服器裝置的本地時間,第二時間信息是數位終端裝置與第一數位存證伺服器裝置以外的第三方所提供給第一數位存證伺服器裝置的時間;d) the first digital certificate server device generates second attribute information corresponding to the file key and stores it, and the second attribute information includes time information of the first digital certificate server device for generating the file key, wherein the time information The first time information is included in the first time information and/or the second time information, wherein the first time information is a local time of the first digital certificate server device, and the second time information is a number other than the digital terminal device and the first digital certificate server device. The time provided by the three parties to the first digital certificate server device;

e)第一數位存證伺服器裝置將第一屬性信息與第二屬性信息加載至檔案金鑰以形成一個憑證檔案並將其儲存;e) the first digital certificate server device loads the first attribute information and the second attribute information into the file key to form a voucher file and stores it;

f)第一數位存證伺服器裝置將憑證檔案通過網路裝置發送至第二數位存證伺服器裝置;f) the first digital certificate server device sends the certificate file to the second digital certificate server device through the network device;

g)第二數位存證伺服器裝置生成相應於憑證檔案的第三屬性信息並將其儲存,第三屬性信息包括第二數位存證伺服器裝置取得憑證檔案的第三時間信息及/或第四時間信息,第三時間信息是第二數位存證伺服器裝置的本地時間,第四時間信息是第一數位存證伺服器裝置與第二數位存證伺服器裝置以外的第三方所提供給第二數位存證伺服器裝置的時間;g) the second digital certificate server device generates third attribute information corresponding to the voucher file and stores the third attribute information, the third attribute information includes the third time information of the second digital certificate server device to obtain the voucher file and/or the third Four time information, the third time information is the local time of the second digital certificate server device, and the fourth time information is provided by a third party other than the first digital certificate server device and the second digital certificate server device The time of the second digital certificate server device;

h)第二數位存證伺服器裝置將第三屬性信息加載至憑證檔案以形成一個保全檔案並將其儲存;h) the second digital certificate server device loads the third attribute information into the voucher file to form a security file and stores it;

i)第二數位存證伺服器裝置對保全檔案通過壓縮加密程序,生成一個保全金鑰並將其儲存;以及i) the second digital certificate server device generates a security key and stores it for the security file through the compression encryption program;

j)第二數位存證伺服器裝置將保全檔案及/或保全金鑰通過網路裝置發送至第一數位存證伺服器裝置。j) The second digital certificate server device transmits the security file and/or the security key to the first digital certificate server device via the network device.

上述數位內容雲存儲與存證方法將儲存在雲端(第一數位存證伺服器裝置)的數位內容檔案壓縮加密生成檔案金鑰,檔案金鑰具有不可逆的保全特性,檔案小、且無法被還原工程破解。同時,由於將檔案金鑰結合各屬性信息形成憑證檔案儲存在第一數位存證伺服器裝置,更發送至第二存證伺服器予以加密保全,因此可有效降低檔案金鑰被竄改的可能性,增加了憑證檔案的可靠度。在進一步的優選實施例中,兼具保密與識別特性的憑證識別碼與保全識別碼回傳至數位終端裝置,數位終端裝置的使用者可以適時將憑證識別碼或與保全識別碼對外公開,以宣告其數位內容檔案已經得到第三方認證,起到人人重視智慧財產權的積極作用。The above digital content cloud storage and deposit method compresses and encrypts the digital content file stored in the cloud (the first digital certificate server device) to generate an archive key. The file key has irreversible security features, and the file is small and cannot be restored. Engineering crack. At the same time, since the file key is combined with the attribute information to form the voucher file and stored in the first digital certificate server device, and sent to the second certificate server for encryption and preservation, the possibility of the file key being falsified can be effectively reduced. , increased the reliability of the voucher file. In a further preferred embodiment, the voucher identification code and the security identification code having both the security and the identification characteristics are transmitted back to the digital terminal device, and the user of the digital terminal device can publicly disclose the voucher identification code or the security identification code to the outside. It has been announced that its digital content files have been certified by third parties, which plays an active role in the importance of intellectual property rights.

由於本發明主要係揭露一種數位內容雲存儲與存證方法,用以對數位內容檔案進行存證,其中所提及之數位內容檔案的格式、結構、種類等,已為相關技術領域具有通常知識者所能明瞭,故以下文中之說明,不再作完整描述。同時,以下文中所對照之圖式,係表達與本發明特徵有關之結構示意,並未亦不需要依據實際尺寸完整繪製,合先敘明。The present invention mainly discloses a digital content cloud storage and deposit method for authenticating a digital content file, wherein the format, structure, and type of the digital content file mentioned have common knowledge in the related technical field. The person can understand, so the description below will not be fully described. At the same time, the drawings in the following texts express the structural schematics related to the features of the present invention, and do not need to be completely drawn according to the actual size, which is described first.

本發明中,數位內容檔案可以是各種格式的靜態數位文檔,例如WORD檔、EXCEL檔、PPT檔、設計圖、數位照片/圖片等,也可以是動態數位文檔,例如數位錄影、數位錄音、數位動畫等,更可以是軟體、程式等。In the present invention, the digital content file may be a static digital document in various formats, such as a WORD file, an EXCEL file, a PPT file, a design drawing, a digital photo/picture, or a dynamic digital document, such as a digital video, a digital recording, and a digital position. Animation, etc., can be software, programs, etc.

請先參考圖2,本發明所提出的第一較佳實施例,為一種數位內容雲存儲與存證方法,供使用在如圖1所示的數位內容整合式存證設備(500)中,用以對數位內容檔案(15)進行存證。數位內容整合式存證設備(500)如圖1所示,包括多個數位終端裝置(510)、至少一個第一數位存證伺服器裝置(521)、至少一個第二數位存證伺服器裝置(522)、以及網路裝置(530)。網路裝置(530連接數位終端裝置(510)、第一數位存證伺服器裝置(521)與第二數位存證伺服器裝置(522)。為便於說明,以下僅以一個數位終端裝置(510)對應一個第一數位存證伺服器裝置(521)與一個第二數位存證伺服器裝置(522)的實施例進行解說,但並不以此為限。本發明之內容亦適用於多個數位終端裝置(510)對應一個第一數位存證伺服器裝置(521)與一個第二數位存證伺服器裝置(522)的實施方式。Referring to FIG. 2, a first preferred embodiment of the present invention is a digital content cloud storage and storage method for use in a digital content integrated storage device (500) as shown in FIG. Used to deposit digital content files (15). The digital content integrated storage device (500) includes a plurality of digital terminal devices (510), at least one first digital certificate server device (521), and at least one second digital certificate server device, as shown in FIG. (522), and a network device (530). The network device (530 is connected to the digital terminal device (510), the first digital certificate server device (521) and the second digital certificate server device (522). For convenience of explanation, only one digital terminal device (510) is used hereinafter. Corresponding to an embodiment of a first digital certificate server device (521) and a second digital certificate server device (522), but not limited thereto. The content of the present invention is also applicable to multiple The digital terminal device (510) corresponds to an embodiment of a first digital certificate server device (521) and a second digital certificate server device (522).

請參考圖2、並適當參酌圖3,本發明第一較佳實施例的數位內容雲存儲與存證方法,包括下列步驟:Referring to FIG. 2 and referring to FIG. 3 as appropriate, the digital content cloud storage and deposit method of the first preferred embodiment of the present invention includes the following steps:

(801)第一數位存證伺服器裝置(521)通過網路裝置(530)在數位終端裝置(510)取得一個數位內容檔案(15)並將其儲存。(801) The first digital certificate server device (521) retrieves a digital content file (15) from the digital terminal device (510) via the network device (530) and stores it.

(802)第一數位存證伺服器裝置(521)通過網路裝置(530)在數位終端裝置(510)取得相應於數位內容檔案(15)的第一屬性信息(410)並將其儲存,第一屬性信息(410)包括數位內容檔案(15)的使用者信息(411)與位置識別信息(412),位置識別信息(412)包含地理信息(4121)及/或機器信息(4122),地理信息(4121)為數位終端裝置(510)的地理位置,機器信息(4122)為數位終端裝置(510)的裝置身分碼。(802) the first digital certificate server device (521) obtains and stores the first attribute information (410) corresponding to the digital content file (15) at the digital terminal device (510) via the network device (530), The first attribute information (410) includes user information (411) and location identification information (412) of the digital content file (15), and the location identification information (412) includes geographic information (4121) and/or machine information (4122). The geographic information (4121) is the geographic location of the digital terminal device (510), and the machine information (4122) is the device identity code of the digital terminal device (510).

(803)第一數位存證伺服器裝置(521)對數位內容檔案(15)通過壓縮加密程序,生成一個檔案金鑰(151)並將其儲存。(803) The first digital certificate server device (521) generates an archive key (151) by storing the encrypted content program (15) and storing it.

(804)第一數位存證伺服器裝置(521)生成相應於檔案金鑰(151)的第二屬性信息(420)並將其儲存,第二屬性信息(420)包括第一數位存證伺服器裝置(521)生成檔案金鑰(151)的時間信息(421),其中時間信息(421)包含第一時間信息(4211)及/或第二時間信息(4212),第一時間信息(4211)是第一數位存證伺服器裝置(521)的本地時間,第二時間信息(4212)是數位終端裝置(510)與第一數位存證伺服器裝置(521)以外的第三方所提供給第一數位存證伺服器裝置(521)的時間。(804) The first digital certificate server device (521) generates and stores the second attribute information (420) corresponding to the archive key (151), and the second attribute information (420) includes the first digital certificate server. The device device (521) generates time information (421) of the archive key (151), wherein the time information (421) includes first time information (4211) and/or second time information (4212), first time information (4211) Is the local time of the first digital certificate server device (521), and the second time information (4212) is provided by a third party other than the digital terminal device (510) and the first digital certificate server device (521) The time of the first digital certificate server device (521).

(805)第一數位存證伺服器裝置(521)將第一屬性信息(410)與第二屬性信息(420)加載至檔案金鑰(151)以形成一個憑證檔案(18)並將其儲存。(805) The first digital certificate server device (521) loads the first attribute information (410) and the second attribute information (420) to the archive key (151) to form a voucher file (18) and stores it. .

(806)第一數位存證伺服器裝置(521)將憑證檔案(18)通過網路裝置(530)發送至第二數位存證伺服器裝置(522)。(806) The first digital certificate server device (521) transmits the certificate file (18) to the second digital certificate server device (522) via the network device (530).

(807)第二數位存證伺服器裝置(522)生成相應於憑證檔案(18)的第三屬性信息(430)並將其儲存,第三屬性信息(430)包括第二數位存證伺服器裝置(522)取得憑證檔案(18)的第三時間信息(431)及/或第四時間信息(432),第三時間信息(431)是第二數位存證伺服器裝置(522)的本地時間,第四時間信息(432)是第一數位存證伺服器裝置(521)與第二數位存證伺服器裝置(522)以外的第三方所提供給第二數位存證伺服器裝置(522)的時間。(807) The second digital certificate server device (522) generates third attribute information (430) corresponding to the voucher file (18) and stores it, and the third attribute information (430) includes the second digital certificate server The device (522) obtains third time information (431) and/or fourth time information (432) of the voucher file (18), and the third time information (431) is local to the second digital certificate server device (522). The time, fourth time information (432) is provided by the third party other than the first digital certificate server device (521) and the second digital certificate server device (522) to the second digital certificate server device (522). )time.

(808)第二數位存證伺服器裝置(522)將第三屬性信息(410)加載至憑證檔案(18)以形成一個保全檔案(14)並將其儲存。(808) The second digital certificate server device (522) loads the third attribute information (410) into the voucher file (18) to form a security file (14) and stores it.

(809)第二數位存證伺服器裝置(522)對保全檔案(14)通過壓縮加密程序,生成一個保全金鑰(142)並將其儲存。(809) The second digital certificate server device (522) generates a security key (142) for the security file (142) by compressing the encryption program and stores it.

(810)第二數位存證伺服器裝置(522)將保全檔案(14)及/或保全金鑰(142)通過網路裝置(530)發送至第一數位存證伺服器裝置(521)。(810) The second digital certificate server device (522) transmits the security file (14) and/or the security key (142) to the first digital certificate server device (521) via the network device (530).

在圖2中,步驟(803)的壓縮加密程序對數位內容檔案(15)進行壓縮加密轉換,得到唯一對應的檔案金鑰(151)。特別的是,只要數位內容檔案(15)的內容不相同,檔案金鑰(151)的內容就不會相同,且同一個數位內容檔案(15),不管經過多久,其壓縮加密轉換所得到的檔案金鑰(151)會永遠相同。在一種實施方式中,檔案金鑰(151)是指藉由散列演算法對數位內容檔案(15)進行轉換所生成的編碼資料。這種編碼資料的檔案大小遠小於數位內容檔案(15)的檔案大小,例如可以採用MD5演算法對數位內容檔案(15)進行檔案金鑰(151)轉換,得到的檔案金鑰(151)是128位元的資料,檔案小,便於儲存與利用。此外,採用如MD5等散列演算法,可以得到與數位內容檔案(15)唯一對應的檔案金鑰(151),進而可以證明數位內容檔案(15)的唯一性。也就是說,如果數位內容檔案(15)有任何修改,那麼藉由散列演算法對數位內容檔案(15)轉換所得到的檔案金鑰(151)將發生變化,即,修改前的數位內容檔案(15)轉換得到的檔案金鑰(151)不同於修改後的數位內容檔案(15)轉換得到的檔案金鑰(151),且將數位內容檔案(15)轉化成檔案金鑰(151)是一個非可逆程序,無法透過任何還原工程對檔案金鑰(151)反推出數位內容檔案(15)的內容,從而確保在散佈檔案金鑰(151)的過程中,數位內容檔案(15)不會洩漏。需注意的是,採用MD5演算法進行檔案金鑰(151)轉換只是本發明的一種實施例,除了MD5演算法以外,還可以採用如MD4、SHA-1、SHA-225、SHA-256、SHA-384、SHA-512等散列演算法來生成檔案金鑰(151)。In FIG. 2, the compression encryption program of step (803) performs compression encryption conversion on the digital content file (15) to obtain a unique corresponding file key (151). In particular, as long as the content of the digital content file (15) is different, the content of the file key (151) will not be the same, and the same digital content file (15), no matter how long, the compression encryption conversion is obtained. The file key (151) will always be the same. In one embodiment, the archive key (151) refers to the encoded material generated by the conversion of the digital content file (15) by a hash algorithm. The file size of the encoded data is much smaller than the file size of the digital content file (15). For example, the MD5 algorithm can be used to convert the file key (151) to the digital content file (15), and the obtained file key (151) is 128-bit data, small file size, easy to store and use. In addition, by using a hash algorithm such as MD5, an archive key (151) uniquely corresponding to the digital content file (15) can be obtained, thereby further demonstrating the uniqueness of the digital content file (15). That is, if there is any modification to the digital content file (15), the file key (151) obtained by the hash algorithm for the conversion of the digital content file (15) will change, that is, the digital content before the modification. The file key (151) obtained by the file (15) conversion is different from the converted file key (151) of the modified digital content file (15), and the digital content file (15) is converted into the file key (151). Is a non-reversible program, can not reverse the content of the digital content file (15) on the file key (151) through any restoration project, thus ensuring that the digital content file (15) is not in the process of distributing the file key (151). Will leak. It should be noted that the file key (151) conversion using the MD5 algorithm is only one embodiment of the present invention. In addition to the MD5 algorithm, it is also possible to adopt, for example, MD4, SHA-1, SHA-225, SHA-256, and SHA. A hash algorithm such as -384, SHA-512, etc. is used to generate an archive key (151).

本發明採用第一數位存證伺服器裝置(521)與第二數位存證伺服器裝置(522)等雙伺服器的理由,在於藉由第二數位存證伺服器裝置(522)將第一數位存證伺服器裝置(521)內的憑證檔案(18)進行備份與保全。一種實施方式中,第一數位存證伺服器裝置(521)可以是企業內部的存證伺服器,對企業內部的營業秘密做加密與憑證;第二數位存證伺服器裝置(522)是企業外部的公正客觀機構的存證伺服器,用以在企業外部對企業內部的憑證檔案(18)進行公正的保全,卻又不涉入企業的營業秘密,因為憑證檔案(18)內的檔案金鑰(151)是無法通過任何的反向工程而能還原其原始內容的。The reason why the present invention adopts the dual server such as the first digital certificate server device (521) and the second digital certificate server device (522) is that the first digital storage server device (522) will be the first The voucher file (18) in the digital certificate server device (521) is backed up and saved. In an implementation manner, the first digital certificate server device (521) may be an internal certificate server, and encrypts and vouchs the business secrets of the enterprise; the second digital certificate server device (522) is a enterprise. The external evidence-based server of the impartial and objective organization is used to carry out the fair preservation of the internal voucher file (18) outside the enterprise, but it is not involved in the business secret of the enterprise, because the file in the voucher file (18) The key (151) is unable to restore its original content through any reverse engineering.

請參考圖3,第一屬性信息(410)包括數位內容檔案(15)的使用者信息(411)與位置識別信息(412)。一種實施方式中,第一屬性信息(410)中的使用者信息(411)可以由第一數位存證伺服器裝置(521)提供。使用者信息(411)可以是數位終端裝置(510)的使用者登錄第一數位存證伺服器裝置(521)時所使用的身分信息(4111)、或是使用者對數位內容檔案(15)的備註說明信息(4112)。其中,使用者的身分信息(4111)可以是使用者帳戶暱稱、或是使用者的證件號(例如:身分證號、駕照號、社會保險號),更以用者帳戶暱稱與使用者證件號兩者同時具備為佳。Referring to FIG. 3, the first attribute information (410) includes user information (411) and location identification information (412) of the digital content file (15). In one embodiment, the user information (411) in the first attribute information (410) may be provided by the first digital certificate server device (521). The user information (411) may be identity information (4111) used by the user of the digital terminal device (510) to log in to the first digital certificate server device (521), or a user-to-digital content file (15). Remarks information (4112). The user identity information (4111) may be a user account nickname or a user's ID number (eg, an identity card number, a driver's license number, a social security number), and a user account nickname and a user ID number. Both are better at the same time.

請繼續參考圖3,一種實施方式中,第一屬性信息(410)中的位置識別信息(412)包含地理信息(4121),此地理信息(4121)可以由數位終端裝置(510)提供。例如:在附加有GPS定位功能的行動裝置(如附加有GPS定位功能的智慧型手機等)之情況下,數位終端裝置(510)的地理信息(4121)可以由行動裝置的GPS模組提供。再者,數位終端裝置(510)的地理信息(4121)可以由數位終端裝置(510)發送後,再由第一數位存證伺服器裝置(521)進行判讀。例如:在數位終端裝置(510)是電腦的情況下,第一數位存證伺服器裝置(521)可以根據終端發送的IP位址來判斷數位終端裝置(510)的位置識別信息(412),如此,位置識別信息(412)便能有助於證明數位內容檔案(15)的上傳地理位置。With continued reference to FIG. 3, in one embodiment, the location identification information (412) in the first attribute information (410) includes geographic information (4121), which may be provided by the digital terminal device (510). For example, in the case of a mobile device to which a GPS positioning function is attached (such as a smart phone with a GPS positioning function, etc.), the geographic information (4121) of the digital terminal device (510) can be provided by the GPS module of the mobile device. Furthermore, the geographic information (4121) of the digital terminal device (510) can be transmitted by the digital terminal device (510) and then interpreted by the first digital certificate server device (521). For example, in the case where the digital terminal device (510) is a computer, the first digital certificate server device (521) can determine the location identification information (412) of the digital terminal device (510) according to the IP address transmitted by the terminal. As such, the location identification information (412) can help to prove the geographic location of the digital content archive (15).

請繼續參考圖3,一種實施方式中,位置識別信息(412)包含機器信息(4122),機器信息(4122)為數位終端裝置(510)的裝置身分碼,通過對數位終端裝置(510)的裝置身分碼進行辨認,也可以知道數位終端裝置(510)的位置,即數位內容檔案(15)的上傳位置。With continued reference to FIG. 3, in one embodiment, the location identification information (412) includes machine information (4122), and the device information (4122) is a device identity code of the digital terminal device (510), through the digital terminal device (510). The device identity code is recognized, and the location of the digital terminal device (510), that is, the upload position of the digital content file (15), can also be known.

請繼續參考圖3,第二屬性信息(420)中的時間信息(421)包含第一時間信息(4211)、或第二時間信息(4212)、或為兩者的結合。第一時間信息(4211)是第一數位存證伺服器裝置(521)通過壓縮加密程序生成的檔案金鑰(151)之本地時間,可用於證明檔案金鑰(151)的存在時間。而由於檔案金鑰(151)是唯一對應於數位內容檔案(15),因此時間信息(421)能夠證明與上傳的檔案金鑰(151)唯一對應的數位內容檔案(15)之存在時間。由此可知,檔案金鑰(151)與數位內容檔案(15)的屬性信息相結合能夠證明與檔案金鑰(151)唯一對應的數位內容檔案(15)在特定時間存在的事實。第二時間信息(4212)可以由數位終端裝置(510)及第一數位存證伺服器裝置(521)以外的第三方提供給第一數位存證伺服器裝置(521)。例如,第一數位存證伺服器裝置(521)可以與國家授權的時間驗證機構或者其他可提供標準時間(例如格林威治時間、中原標準時間)的機構建立連接,由可提供標準時間的機構向第一數位存證伺服器裝置(521)提供標準的時間信息(421)或進行第一數位存證伺服器裝置(521)的時間校正,如此讓時間信息(421)更加準確和更具可靠性。With continued reference to FIG. 3, the time information (421) in the second attribute information (420) includes first time information (4211), or second time information (4212), or a combination of the two. The first time information (4211) is the local time of the file key (151) generated by the first digital certificate server device (521) by compressing the encryption program, and can be used to prove the existence time of the file key (151). Since the file key (151) is uniquely corresponding to the digital content file (15), the time information (421) can prove the existence time of the digital content file (15) uniquely corresponding to the uploaded file key (151). It can be seen that the combination of the archive key (151) and the attribute information of the digital content file (15) can prove the fact that the digital content file (15) uniquely associated with the archive key (151) exists at a specific time. The second time information (4212) may be provided to the first digital certificate server device (521) by a third party other than the digital terminal device (510) and the first digital certificate server device (521). For example, the first digital certificate server device (521) can establish a connection with a state-authorized time verification authority or other organization that can provide standard time (eg, Greenwich Mean Time, Central Plains Standard Time), by a mechanism that provides standard time. Providing standard time information (421) to the first digital certificate server device (521) or time correction of the first digital certificate server device (521), thus making the time information (421) more accurate and reliable. Sex.

請繼續參考圖3,一種實施方式中,第二屬性信息(420)更包含第一數位存證伺服器裝置(521)對檔案金鑰(151)的補充說明信息(422),藉以使第一數位存證伺服器裝置(521)的管理員、數位內容檔案(15)的使用者更容易記憶與理解檔案金鑰(151)的相關來龍去脈。With continued reference to FIG. 3, in an embodiment, the second attribute information (420) further includes supplementary description information (422) of the file key (151) by the first digital certificate server device (521), thereby enabling the first The administrator of the digital certificate server (521) and the user of the digital content file (15) are more likely to memorize and understand the context of the file key (151).

請繼續參考圖3,第三屬性信息(430)包括第三時間信息(431)、或第四時間信息(432)、或為兩者的結合。第三時間信息(431)是當第二數位存證伺服器裝置(522)取得憑證檔案(18)時的本地時間,第四時間信息(432)是當第二數位存證伺服器裝置(522)取得憑證檔案(18)時,第一數位存證伺服器裝置(521)與第二數位存證伺服器裝置(522)以外的第三方所提供給第二數位存證伺服器裝置(522)的時間,更以標準時間為佳。通過第三屬性信息(430)與憑證檔案(18)結合而成為保全檔案(14),可以達到更客觀公正的見證效果。With continued reference to FIG. 3, the third attribute information (430) includes third time information (431), or fourth time information (432), or a combination of the two. The third time information (431) is the local time when the second digital certificate server device (522) obtains the voucher file (18), and the fourth time information (432) is when the second digital certificate server device (522) When the voucher file (18) is obtained, the first digital certificate server device (521) and the third digit other than the second digital certificate server device (522) are provided to the second digital certificate server device (522). Time is better than standard time. By combining the third attribute information (430) with the voucher file (18) and becoming the preservation file (14), a more objective and fair witness effect can be achieved.

請繼續參考圖2,第一較佳實施例的一種衍生實施方式中,在步驟(805)之後,進一步包括步驟(8051):第一數位存證伺服器裝置(521)對憑證檔案(18)通過壓縮加密程序,生成一個憑證金鑰(182)並將其儲存。藉此對憑證檔案(18)的再次加密保存,可降低憑證檔案(18)被竄改而無從求證的風險。With reference to FIG. 2, in a derivative implementation of the first preferred embodiment, after step (805), the method further includes the step (8051): the first digital certificate server device (521) pairs the voucher file (18). A certificate key (182) is generated and stored by compressing the encryption program. By re-encrypting the voucher file (18), the risk of the voucher file (18) being tampered with without verification is reduced.

請繼續參考圖2,第一較佳實施例的一種衍生實施方式中,在步驟(805)之後,進一步包括With continued reference to FIG. 2, in a derivative implementation of the first preferred embodiment, after step (805), further included

步驟(8052):第一數位存證伺服器裝置(521)對憑證檔案(18)通過編譯程序,生成一個憑證識別碼(181)並將其儲存。Step (8052): The first digital certificate server device (521) generates a voucher identification code (181) for the voucher file (18) through the compiler, and stores it.

步驟(8053):第一數位存證伺服器裝置(521)通過網路裝置(530)將憑證識別碼(181)發送至數位終端裝置(510)。Step (8053): The first digital certificate server device (521) transmits the credential identification code (181) to the digital terminal device (510) via the network device (530).

步驟(8054):在數位終端裝置(510)將憑證識別碼(181)反向解析而生成其相應的憑證檔案(18)。Step (8054): The voucher identification code (181) is reversely parsed by the digital terminal device (510) to generate its corresponding voucher file (18).

較佳地,憑證識別碼(181)為二維條碼(QR Code),但並不以此為限。憑證識別碼(181)的用意是讓數位終端裝置(510)的使用者可以將憑證識別碼(181)公開發佈給其他人,其他人(或是數位終端裝置(510)的使用者本人)只要通過簡易的掃描解析裝置掃描此憑證識別碼(181),便能夠閱讀憑證檔案(18)的內容,得知數位終端裝置(510)的使用者,已經把數位內容檔案(15)在特定時間與特定地點取得檔案金鑰做第三方存證,因此數位內容檔案(15)必須經過合理的授權使用,不得隨意盜用。藉此,提高智慧財產的保護與運作效率。Preferably, the voucher identification code (181) is a QR Code, but is not limited thereto. The purpose of the voucher identification code (181) is to allow the user of the digital terminal device (510) to publicly distribute the voucher identification code (181) to other persons, as well as other persons (or the user of the digital terminal device (510)) as long as By scanning the voucher identification code (181) by a simple scanning and analyzing device, the contents of the voucher file (18) can be read, and the user of the digital terminal device (510) has already recorded the digital content file (15) at a specific time. The file key is obtained as a third-party deposit certificate at a specific location, so the digital content file (15) must be used with reasonable authorization and must not be stolen. In this way, improve the protection and operational efficiency of intellectual property.

請繼續參考圖2,第一較佳實施例的另一種衍生實施方式中,在步驟(805)之後,進一步包括:(8051)第一數位存證伺服器裝置(521)對憑證檔案(18)通過壓縮加密程序,生成一個憑證金鑰(182)並將其儲存。藉此可使得憑證檔案(18)的內容,包括第一屬性信息與第二屬性信息都得到存證與保全。With reference to FIG. 2, in another derivative implementation of the first preferred embodiment, after the step (805), the method further includes: (8051) the first digital certificate server device (521) to the voucher file (18) A certificate key (182) is generated and stored by compressing the encryption program. Thereby, the content of the voucher file (18), including the first attribute information and the second attribute information, can be verified and preserved.

請繼續參考圖2,第一較佳實施例的另一種衍生實施方式中,在步驟(810)之後,進一步包括With continued reference to FIG. 2, in another derivative implementation of the first preferred embodiment, after step (810), further including

步驟(8101):第一數位存證伺服器裝置(521)對保全檔案(14)通過編譯程序,生成一個保全識別碼(141)並將其儲存。Step (8101): The first digital certificate server device (521) generates a security identification code (141) by storing the security file (14) and stores it.

步驟(8102):第一數位存證伺服器裝置(521)通過網路裝置(530)將保全識別碼(141)發送至數位終端裝置(510)。Step (8102): The first digital certificate server device (521) transmits the security identification code (141) to the digital terminal device (510) via the network device (530).

步驟(8103):在數位終端裝置(510)將保全識別碼(141)反向解析而生成其相應的保全檔案(14)。Step (8103): The digital terminal device (510) reversely parses the security identification code (141) to generate its corresponding security file (14).

保全識別碼(141)的作用類似如前所述的憑證識別碼(181),較佳地,保全識別碼(141)為二維條碼(QR Code),但並不以此為限。保全識別碼(141)的用意是讓數位終端裝置(510)的使用者可以將保全識別碼(141)公開發佈給其他人,其他人(或是數位終端裝置(510)的使用者本人)只要通過簡易的掃描解析裝置掃描此憑證識別碼(181),便能夠得知數位終端裝置(510)的使用者,已經把數位內容檔案(15)在特定時間與特定地點取得檔案金鑰做第三方存證,因此數位內容檔案(15)必須經過合理的授權使用,不得隨意盜用。藉此,提高智慧財產的保護與運作效率。The security identification code (141) functions similarly to the voucher identification code (181) as described above. Preferably, the security identification code (141) is a QR Code, but is not limited thereto. The purpose of the security identification code (141) is to allow the user of the digital terminal device (510) to publicly distribute the security identification code (141) to other persons, as well as others (or the user of the digital terminal device (510)) as long as By scanning the voucher identification code (181) by a simple scanning and analyzing device, the user of the digital terminal device (510) can be informed that the digital content file (15) has obtained the file key at a specific time and a specific place as a third party. The certificate is stored, so the digital content file (15) must be used with reasonable authorization and must not be stolen. In this way, improve the protection and operational efficiency of intellectual property.

本發明中,網路裝置(530)可以是網際網路,也可以是數據通信網路,也可以是這兩種混和的網路;可以是企業防火牆內部的內網,也可以是內網與外網的複合網路,例如第一數位存證伺服器裝置(521)與數位終端裝置(510)之間的網路裝置(530)為內網,而第一數位存證伺服器裝置(521)與第二數位存證伺服器裝置(522)之間的網路裝置(530)為外網。數位終端裝置(510)可以是桌上型電腦、筆記型電腦、智慧型手機、平板電腦等。數位終端裝置(510)甚至可以是另一部儲存有大量數位內容檔案的伺服器,藉此使得伺服器內的大量數位內容檔案都得到存儲與存證。In the present invention, the network device (530) may be an internet network, a data communication network, or a network of the two types; the internal network of the enterprise firewall may be an intranet or an intranet. The composite network of the external network, for example, the network device (530) between the first digital certificate server device (521) and the digital terminal device (510) is an intranet, and the first digital certificate server device (521) The network device (530) between the second digital certificate server device (522) is an external network. The digital terminal device (510) may be a desktop computer, a notebook computer, a smart phone, a tablet computer, or the like. The digital terminal device (510) may even be another server that stores a large number of digital content files, thereby causing a large number of digital content files in the server to be stored and verified.

請繼續參考圖2,第一較佳實施例的一種衍生實施方式中,在步驟(803)之後,進一步包含步驟(8031):在第一數位存證伺服器裝置(521)內,搜尋並比對是否存在相同的檔案金鑰(151)。With continued reference to FIG. 2, in a derivative implementation of the first preferred embodiment, after step (803), a step (8031) is further included: searching for and comparing in the first digital certificate server device (521) Whether there is the same file key (151).

根據本實施方式,能夠辨認在第一數位存證伺服器裝置(521)內是否已經儲存過與當前前生成的檔案金鑰(151)相同的檔案金鑰(151),並能夠根據辨認的結果來執行檔案金鑰(151)的屬性信息之載入及儲存,提供警示信息,進而可以減少儲存於第一數位存證伺服器裝置(521)中的憑證檔案(18)與數位內容檔案(151)之數量,提高管理效能與資源利用率。According to the present embodiment, it is possible to recognize whether or not the same file key (151) as the currently generated file key (151) has been stored in the first digital certificate server device (521), and can be based on the result of the recognition. To perform loading and storing of the attribute information of the file key (151), providing warning information, thereby reducing the voucher file (18) and the digital content file stored in the first digital certificate server device (521) (151) The number of) to improve management efficiency and resource utilization.

上述實施例的更進一步,當在搜尋第一數位存證伺服器裝置(521)中是否已存有包含相同的檔案金鑰(151)時,可以根據其相應的第一屬性信息(410)中的使用者信息優先搜尋,當搜尋到相同使用者信息之後,再進行檔案金鑰(151)的搜尋比對,從而可以減少比對時間,提高效率。Further, in the above embodiment, when the search for the first digital certificate server device (521) contains the same file key (151), it may be according to its corresponding first attribute information (410). The user information is preferentially searched, and after searching for the same user information, the search key comparison of the file key (151) is performed, thereby reducing the comparison time and improving the efficiency.

一種實施方式中,如果第一數位存證伺服器裝置(521)辨認已存有相同的檔案金鑰(151),則第一數位存證伺服器裝置(521)可以通知數位終端裝置(510)放棄當前上傳的數位內容檔案(15)。在這種情況下,由於已經存在相同的檔案金鑰(151),則可以辨認第一數位存證伺服器裝置(521)先前曾經為使用者將同一份數位內容檔案(15)壓縮加密生成檔案金鑰(151),且在先前已經為檔案金鑰(151)載入了第一屬性信息(410)及第二屬性信息(420),記載了檔案金鑰(151)先前的生成時間。由於先前保存的檔案金鑰(151)之時間早於現在生成的檔案金鑰(151),因此可以選擇放棄當前檔案金鑰(151)的儲存,這樣可以保證在第一數位存證伺服器裝置(521)中所儲存的憑證檔案(18)中的檔案金鑰(151)及其時間信息(421)能夠代表檔案金鑰(151)先前生成的時間信息(421),進而能夠進一步表明檔案金鑰(151)所對應的數位內容檔案(15)所存在的較早時間。In one embodiment, if the first digital certificate server device (521) recognizes that the same file key (151) is stored, the first digital certificate server device (521) can notify the digital terminal device (510). Discard the currently uploaded digital content file (15). In this case, since the same file key (151) already exists, it can be recognized that the first digital certificate server device (521) has previously compressed and encrypted the same digital content file (15) for the user to generate a file. The key (151), and the first attribute information (410) and the second attribute information (420) have been previously loaded for the file key (151), and the previous generation time of the file key (151) is recorded. Since the previously saved file key (151) is earlier than the currently generated file key (151), it is optional to abandon the storage of the current file key (151), so that the first digital certificate server device can be guaranteed. The file key (151) and its time information (421) in the voucher file (18) stored in (521) can represent the time information (421) previously generated by the file key (151), thereby further indicating the file gold. The earlier time that the digital content file (15) corresponding to the key (151) exists.

更進一步,數位內容檔案(15)在儲存至數位內容伺服資料庫(325)的過程中,可以再經過一個加密的程序,使數位內容檔案(15)有更好的保密安全性,起到一個雲端保險箱的作用。Further, the digital content file (15) can be subjected to an encrypted program in the process of storing the digital content servo database (325), so that the digital content file (15) has better security and security. The role of the cloud safe.

本發明所提供的數位終端裝置(510)可以進一步設置數位攝像/錄像頭(未圖示),藉由攝像而取得數位照片而作為數位內容檔案(15),也可以藉由錄影而取得視頻而作為數位內容檔案(15)。本發明所提供的數位終端裝置(510)可以進一步設置數位錄音裝置(未圖示),藉由錄音而取得數位音頻而作為數位內容檔案(15)。The digital terminal device (510) provided by the present invention may further be provided with a digital camera/video head (not shown), and obtain a digital photo by imaging to be used as a digital content file (15), or may acquire a video by video recording. As a digital content file (15). The digital terminal device (510) provided by the present invention may further be provided with a digital recording device (not shown) for acquiring digital audio as a digital content file (15) by recording.

另一方面,儲存在數位終端裝置(510)的數位內容檔案(15),可以是藉由上述的數位攝像/錄像頭、數位錄音裝置取得的數位內容檔案;也可以是通過拷貝;有線/無線的網路傳輸(例如藍芽、或網路分享、電子郵件等)由其他裝置取得的數位內容檔案;也可以是通過數位終端裝置(510)內部設置的辦公軟件(例如:MS OFFICE WORD、MS OFFICE EXCEL、MS OFFICE POWERPOINT、MS FRONTPAGE、MS OUTLOOK)所產生的數位內容檔案(15);也可以是通過數位終端裝置(510)內部設置的專業/專用軟體(例如:PRO-E、SOLID WORKS、AUTOCAD、會計專用軟體等)所產生的數位內容檔案;也可以是通過網路瀏覽器在瀏覽畫面時擷取的網路畫面檔案等。On the other hand, the digital content file (15) stored in the digital terminal device (510) may be a digital content file obtained by the above-mentioned digital camera/video head or digital recording device; or may be copied; wired/wireless Network transmission (such as Bluetooth, or network sharing, email, etc.) digital content files obtained by other devices; or office software set by digital terminal device (510) (for example: MS OFFICE WORD, MS) Digital content file generated by OFFICE EXCEL, MS OFFICE POWERPOINT, MS FRONTPAGE, MS OUTLOOK) (15); it can also be professional/dedicated software (such as PRO-E, SOLID WORKS, which is set internally by the digital terminal device (510). Digital content files generated by AUTOCAD, accounting software, etc.; or network image files captured by a web browser while browsing the screen.

如此,根據本發明所實施的數位內容雲存儲與存證方法(500),藉由將數位內容檔案(15)轉化成檔案金鑰(151),可降低檔案的大小,便於保存與利用。此外,更進一步將各屬性信息加載至檔案金鑰(151)所形成的憑證檔案(18)保存在第一數位存證伺服器裝置(521)中可以證明數位內容檔案(15)在特定時間已存在的事實,並且確保憑證檔案(18)存在時間的可靠性。更進一步地,由於憑證檔案(18)優先儲存在於第一數位存證伺服器裝置(521)中,而且被壓縮加密生成憑證金鑰(182),因此更可以避免憑證檔案(18)中的資料被篡改,進而確保憑證檔案(18)的公正效力。As such, the digital content cloud storage and deposit method (500) implemented in accordance with the present invention can reduce the size of the file and facilitate storage and utilization by converting the digital content file (15) into the file key (151). In addition, the credential file (18) formed by further loading each attribute information into the archive key (151) is stored in the first digital certificate server device (521) to prove that the digital content file (15) has been at a specific time. The facts exist and ensure the reliability of the voucher file (18) time. Further, since the voucher file (18) is preferentially stored in the first digital certificate server device (521), and the voucher key (182) is generated by compression encryption, the data in the voucher file (18) can be avoided. It has been tampered with to ensure the fairness of the voucher file (18).

再者,必須提醒的是,根據TRIZ理論(Theoria Resheneyva Isobretatelskehuh Zadach,創新問題解決理論)之TRIZ之父:Genrich Altshuller曾經提出的五級創新理論,從第一級創新到第五級創新其中創新等級越高者,創新程度越大,而跨領域知識的轉用為第四級創新,屬於高度創新。本發明通過壓縮加密程序產生檔案金鑰使用的是“密碼學原理”,國際專利分類號為G09C,體現的具體裝置為“用於傳輸保密數位資訊之裝置”,國際專利分類號為H04L9/00,提供的人、時、地、事/物的第三方公正憑證功能又屬於“保險印鑑”的領域,國際專利分類號為G09F。因此,本發明實整合了多種不同技術與不同行業,為跨領域的整合型技術,具有高度新穎性與進步性。Furthermore, it must be reminded that according to TRIZ theory (Theoria Resheneyva Isobretatelskehuh Zadach, the theory of innovative problem solving), the father of TRIZ: Genrich Altshuller has proposed a five-level innovation theory, from the first level of innovation to the fifth level of innovation. The higher the degree, the greater the degree of innovation, and the shifting of cross-domain knowledge to the fourth level of innovation is highly innovative. The invention uses the compression encryption program to generate the file key using the "cryptographic principle", the international patent classification number is G09C, and the specific device embodied is "the device for transmitting the confidential digital information", and the international patent classification number is H04L9/00. The third-party fair voucher function of the person, time, place, and thing/object provided is also in the field of “insurance seal”, and the international patent classification number is G09F. Therefore, the present invention integrates a plurality of different technologies and different industries, and is a cross-domain integrated technology, which is highly novel and progressive.

以上所述僅為本發明之較佳實施方式及其實施例,並非用以限定本發明之權利範圍;同時以上的描述,對於相關技術領域之專門人士應可明瞭及實施,因此其他未脫離本發明所揭示之精神下所完成的等效改變或修飾,均應包含在申請專利範圍中。The above description is only the preferred embodiment of the present invention and its embodiments, and is not intended to limit the scope of the present invention. The above description should be understood and implemented by those skilled in the relevant art, so that the other Equivalent changes or modifications made by the spirit of the invention should be included in the scope of the patent application.

(500)...數位內容整合式存證設備(500). . . Digital content integrated storage device

(510)...數位終端裝置(510). . . Digital terminal device

(521)...第一數位存證伺服器裝置(521). . . First digital certificate server device

(522)...第二數位存證伺服器裝置(522). . . Second digital certificate server device

(530)...網路裝置(530). . . Network device

(15)...數位內容檔案(15). . . Digital content file

(151)...檔案金鑰(151). . . File key

(18)...憑證檔案(18). . . Voucher file

(181)...憑證識別碼(181). . . Voucher ID

(182)...憑證金鑰(182). . . Credential key

(14)...保全檔案(14). . . Security file

(141)...保全識別碼(141). . . Security identification code

(142)...保全金鑰(142). . . Security key

(410)...第一屬性信息(410). . . First attribute information

(411)...使用者信息(411). . . User information

(4111)...使用者的身分信息(4111). . . User identity information

(4112)...備註說明信息(4112). . . Remarks information

(412)...位置識別信息(412). . . Location identification information

(4121)...地理信息(4121). . . Geographic information

(4122)...機器信息(4122). . . Machine information

(420)...第二屬性信息(420). . . Second attribute information

(421)...時間信息(421). . . Time information

(4211)...第一時間信息(4211). . . First time information

(4212)...第二時間信息(4212). . . Second time information

(422)...補充說明信息(422). . . Supplementary information

(430)...第三屬性信息(430). . . Third attribute information

(431)...第三時間信息(431). . . Third time information

(432)...第四時間信息(432). . . Fourth time information

(801,802,803,804,805,806,807,808,809,810,8031,8051,8052,8053,8054,8101,8102,8103)...數位內容存證步驟(801,802,803,804,805,806,807,808,809,810,8031,8051,8052,8053,8054,8101,8102,8103). . . Digital content verification step

圖1為一種數位內容整合式存證設備。Figure 1 shows a digital content integrated depository device.

圖2為本發明提出之數位內容雲存儲與存證方法之第一較佳實施例。2 is a first preferred embodiment of a digital content cloud storage and deposit method according to the present invention.

圖3為本發明提出之第一屬性信息、第二屬性信息、時間信息、位置識別信息與使用者信息的示意圖。3 is a schematic diagram of first attribute information, second attribute information, time information, location identification information, and user information proposed by the present invention.

(510)...數位終端裝置(510). . . Digital terminal device

(521)...第一數位存證伺服器裝置(521). . . First digital certificate server device

(522)...第二數位存證伺服器裝置(522). . . Second digital certificate server device

(530)...網路裝置(530). . . Network device

(15)...數位內容檔案(15). . . Digital content file

(151)...檔案金鑰(151). . . File key

(18)...憑證檔案(18). . . Voucher file

(181)...憑證識別碼(181). . . Voucher ID

(182)...憑證金鑰(182). . . Credential key

(14)...保全檔案(14). . . Security file

(141)...保全識別碼(141). . . Security identification code

(142)...保全金鑰(142). . . Security key

(410)...第一屬性信息(410). . . First attribute information

(420)...第二屬性信息(420). . . Second attribute information

(430)...第三屬性信息(430). . . Third attribute information

(801,802,803,804,805,806,807,808,809,810,8031,8051,8052,8053,8054,8101,8102,8103)...數位內容存證步驟(801,802,803,804,805,806,807,808,809,810,8031,8051,8052,8053,8054,8101,8102,8103). . . Digital content verification step

Claims (10)

一種數位內容雲存儲與存證方法,供使用在一個數位內容整合式存證設備(500),用以對數位內容檔案(15)進行存證,該數位內容整合式存證設備(500)包括至少一個數位終端裝置(510)、至少一個第一數位存證伺服器裝置(521)、至少一個第二數位存證伺服器裝置(522)、以及網路裝置(530),該網路裝置(530連接該數位終端裝置(510)、該第一數位存證伺服器裝置(521)與該第二數位存證伺服器裝置(522),該數位內容雲存儲與存證方法包括下列步驟:
(801)該第一數位存證伺服器裝置(521)通過該網路裝置(530)在該數位終端裝置(510)取得一個數位內容檔案(15)並將其儲存;
(802)該第一數位存證伺服器裝置(521)通過該網路裝置(530)在該數位終端裝置(510)取得相應於該數位內容檔案(15)的第一屬性信息(410)並將其儲存,該第一屬性信息(410)包括該數位內容檔案(15)的使用者信息(411)與位置識別信息(412),該位置識別信息(412)包含地理信息(4121)及/或機器信息(4122),該地理信息(4121)為該數位終端裝置(510)的地理位置,該機器信息(4122)為該數位終端裝置(510)的裝置身分碼;
(803)該第一數位存證伺服器裝置(521)對該數位內容檔案(15)通過壓縮加密程序,生成一個檔案金鑰(151)並將其儲存;
(804)該第一數位存證伺服器裝置(521)生成相應於該檔案金鑰(151)的第二屬性信息(420)並將其儲存,該第二屬性信息(420)包括該第一數位存證伺服器裝置(521)生成該檔案金鑰(151)的時間信息(421),其中該時間信息(421)包含第一時間信息(4211)及/或第二時間信息(4212),該第一時間信息(4211)是該第一數位存證伺服器裝置(521)的本地時間,該第二時間信息(4212)是該數位終端裝置(510)與該第一數位存證伺服器裝置(521)以外的第三方所提供給該第一數位存證伺服器裝置(521)的時間;
(805)該第一數位存證伺服器裝置(521)將該第一屬性信息(410)與該第二屬性信息(420)加載至該檔案金鑰(151)以形成一個憑證檔案(18)並將其儲存;
(806)該第一數位存證伺服器裝置(521)將憑證檔案(18)通過該網路裝置(530)發送至該第二數位存證伺服器裝置(522);
(807)該第二數位存證伺服器裝置(522)生成相應於該憑證檔案(18)的第三屬性信息(430)並將其儲存,該第三屬性信息(430)包括該第二數位存證伺服器裝置(522)取得該憑證檔案(18)的第三時間信息(431)及/或第四時間信息(432),該第三時間信息(431)是該第二數位存證伺服器裝置(522)的本地時間,該第四時間信息(432)是該第一數位存證伺服器裝置(521)與該第二數位存證伺服器裝置(522)以外的第三方所提供給該第二數位存證伺服器裝置(522)的時間;
(808)該第二數位存證伺服器裝置(522)將該第三屬性信息(410)加載至該憑證檔案(18)以形成一個保全檔案(14)並將其儲存;
(809)該第二數位存證伺服器裝置(522)對該保全檔案(14)通過壓縮加密程序,生成一個保全金鑰(142)並將其儲存;以及
(810)該第二數位存證伺服器裝置(522)將該保全檔案(14)及/或該保全金鑰(142)通過該網路裝置(530)發送至該第一數位存證伺服器裝置(521)。A digital content cloud storage and deposit method for use in a digital content integrated storage device (500) for depositing a digital content file (15), the digital content integrated storage device (500) comprising At least one digital terminal device (510), at least one first digital certificate server device (521), at least one second digital certificate server device (522), and a network device (530), the network device ( 530 is connected to the digital terminal device (510), the first digital certificate server device (521) and the second digital certificate server device (522). The digital content cloud storage and deposit method comprises the following steps:
(801) the first digital certificate server device (521) obtains a digital content file (15) at the digital terminal device (510) through the network device (530) and stores it;
(802) the first digital certificate server device (521) obtains, by the network device (530), first attribute information (410) corresponding to the digital content file (15) at the digital terminal device (510). And storing the first attribute information (410) including user information (411) and location identification information (412) of the digital content file (15), the location identification information (412) including geographic information (4121) and / Or machine information (4122), the geographic information (4121) is the geographic location of the digital terminal device (510), and the machine information (4122) is the device identity code of the digital terminal device (510);
(803) the first digital certificate server device (521) generates an archive key (151) and stores the digital content file (15) by compressing the encryption program;
(804) the first digital certificate server device (521) generates second attribute information (420) corresponding to the file key (151) and stores it, the second attribute information (420) including the first The digital certificate server device (521) generates time information (421) of the file key (151), wherein the time information (421) includes first time information (4211) and/or second time information (4212), The first time information (4211) is a local time of the first digital certificate server device (521), and the second time information (4212) is the digital terminal device (510) and the first digital certificate server The time provided by the third party other than the device (521) to the first digital certificate server device (521);
(805) the first digital certificate server device (521) loads the first attribute information (410) and the second attribute information (420) to the file key (151) to form a voucher file (18) And store it;
(806) the first digital certificate server device (521) sends the certificate file (18) to the second digital certificate server device (522) through the network device (530);
(807) the second digital certificate server device (522) generates and stores third attribute information (430) corresponding to the voucher file (18), the third attribute information (430) including the second digit The deposit server device (522) obtains third time information (431) and/or fourth time information (432) of the voucher file (18), and the third time information (431) is the second digital voucher servo The local time of the device (522), the fourth time information (432) is provided by the third party other than the first digital certificate server device (521) and the second digital certificate server device (522) The time of the second digital certificate server device (522);
(808) the second digital certificate server device (522) loads the third attribute information (410) into the voucher file (18) to form a security file (14) and stores it;
(809) the second digital certificate server device (522) generates a security key (142) and stores the security file (142) by compressing the encryption file (14);
(810) the second digital certificate server device (522) sends the security file (14) and/or the security key (142) to the first digital certificate server through the network device (530) Device (521). 根據申請專利範圍第1項的數位內容雲存儲與存證方法,其中,在步驟(803)之後,進一步包含:
(8031)在該第一數位存證伺服器裝置(521)內,搜尋並比對是否存在相同的檔案金鑰(151)。The digital content cloud storage and deposit method according to Item 1 of the patent application scope, wherein after step (803), further comprising:
(8031) In the first digital certificate server device (521), it is searched for and compared whether the same file key exists (151). 根據申請專利範圍第1項的數位內容雲存儲與存證方法,其中,在步驟(805)之後,進一步包括:
(8051)該第一數位存證伺服器裝置(521)對該憑證檔案(18)通過壓縮加密程序,生成一個憑證金鑰(182)並將其儲存。The digital content cloud storage and deposit method according to claim 1 of the patent application scope, wherein after step (805), further comprising:
(8051) The first digital certificate server device (521) generates a voucher key (182) for the voucher file (18) by compressing the encryption program and stores it. 根據申請專利範圍第1項的數位內容雲存儲與存證方法,其中,在步驟(805)之後,進一步包括:
(8052)該第一數位存證伺服器裝置(521)對該憑證檔案(18)通過編譯程序,生成一個憑證識別碼(181)並將其儲存。The digital content cloud storage and deposit method according to claim 1 of the patent application scope, wherein after step (805), further comprising:
(8052) The first digital certificate server device (521) generates a voucher identification code (181) by storing the voucher file (18) and storing it. 根據申請專利範圍第4項的數位內容雲存儲與存證方法,其中,在步驟(8052)之後,進一步包括:
(8053)該第一數位存證伺服器裝置(521)通過該網路裝置(530)將該憑證識別碼(181)發送至該數位終端裝置(510)。The digital content cloud storage and deposit method according to item 4 of the patent application scope, wherein after step (8052), further comprising:
(8053) The first digital certificate server device (521) transmits the credential identification code (181) to the digital terminal device (510) via the network device (530). 根據申請專利範圍第5項的數位內容雲存儲與存證方法,其中,在步驟(8053)之後,進一步包括:
(8054)在該數位終端裝置(510)將該憑證識別碼(181)反向解析而生成其相應的憑證檔案(18)。The digital content cloud storage and deposit method according to item 5 of the patent application scope, wherein after step (8053), further comprising:
(8054) The digital terminal device (510) reversely parses the voucher identification code (181) to generate its corresponding voucher file (18). 根據申請專利範圍第4項的數位內容雲存儲與存證方法,其中,該憑證識別碼(181)為二維條碼。The digital content cloud storage and deposit method according to item 4 of the patent application scope, wherein the voucher identification code (181) is a two-dimensional bar code. 根據申請專利範圍第1項的數位內容雲存儲與存證方法,其中,在步驟(810)之後,進一步包括:
(8101)該第一數位存證伺服器裝置(521)對該保全檔案(14)通過編譯程序,生成一個保全識別碼(141)並將其儲存。The digital content cloud storage and deposit method according to claim 1 of the patent application scope, wherein after step (810), further comprising:
(8101) The first digital certificate server device (521) generates a security identification code (141) by storing the security file (14) and stores it. 根據申請專利範圍第8項的數位內容雲存儲與存證方法,其中,在步驟(8101)之後,進一步包括:
(8102)該第一數位存證伺服器裝置(521)通過該網路裝置(530)將該保全識別碼(141)發送至該數位終端裝置(510)。The digital content cloud storage and deposit method according to item 8 of the patent application scope, wherein after the step (8101), the method further comprises:
(8102) The first digital certificate server device (521) transmits the security identification code (141) to the digital terminal device (510) via the network device (530). 根據申請專利範圍第9項的數位內容雲存儲與存證方法,其中,在步驟(8102)之後,進一步包括:
(8103)在該數位終端裝置(510)將該保全識別碼(141)反向解析而生成其相應的保全檔案(14)。The digital content cloud storage and deposit method according to claim 9 of the patent application scope, wherein after the step (8102), the method further comprises:
(8103) The digital terminal device (510) reversely analyzes the security identification code (141) to generate a corresponding security file (14).
TW101112935A 2012-04-12 2012-04-12 Digital content cloud storage and authentication method TW201342081A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW101112935A TW201342081A (en) 2012-04-12 2012-04-12 Digital content cloud storage and authentication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW101112935A TW201342081A (en) 2012-04-12 2012-04-12 Digital content cloud storage and authentication method

Publications (1)

Publication Number Publication Date
TW201342081A true TW201342081A (en) 2013-10-16

Family

ID=49771442

Family Applications (1)

Application Number Title Priority Date Filing Date
TW101112935A TW201342081A (en) 2012-04-12 2012-04-12 Digital content cloud storage and authentication method

Country Status (1)

Country Link
TW (1) TW201342081A (en)

Similar Documents

Publication Publication Date Title
US11323272B2 (en) Electronic identification verification methods and systems with storage of certification records to a side chain
NL2012439C2 (en) A method and system for authenticating and preserving data within a secure data repository.
WO2017024934A1 (en) Electronic signing method, device and signing server
US11469897B2 (en) Integrating biometric data on a blockchain system
US20200372184A1 (en) Method and arrangement for detecting digital content tampering
WO2018145127A1 (en) Electronic identification verification methods and systems with storage of certification records to a side chain
CN110958319B (en) Method and device for managing infringement and evidence-based block chain
CN101359989A (en) Method, apparatus and mobile communication terminal generating safe digital photograph
EP3803670A1 (en) A software application and a computer server for authenticating the identity of a digital content creator and the integrity of the creator's published content
TW201325179A (en) Method and system for proving a digital file
US20230066630A1 (en) System and method for ensuring document integrity with non-fungible tokens
TW201344487A (en) Digital authentication control medium and digital terminal device having network communication function
TW201342869A (en) Digital content cloud storage and authentication method
CN106254341A (en) Data fingerprint extracting method and system for centralized electronic data safety system
JP5970193B2 (en) SEARCH SYSTEM, SEARCH METHOD, AND SEARCH PROGRAM
TW201344486A (en) Digital content security control medium, digital memory card, USB disk, and digital authentication terminal
CN113491090B (en) Trusted platform based on blockchain
KR101727582B1 (en) Evidence system and method to determine whether digital file is forged or falsified by using smart phone
JP2013157777A (en) Information processing system and information processing method
TW201342081A (en) Digital content cloud storage and authentication method
Bexheti et al. Securely Storing and Sharing Memory Cues in Memory Augmentation Systems: A Practical Approach
TW201342111A (en) Digital content authentication and security method
TW201342105A (en) Digital content authentication method
Parkavi An Efficient Improving Cloud Data Storage Security using Failure Aware Resource Scheduling Algorithm
TWI693816B (en) Digital data anti-counterfeiting device and method