JP7282293B2 - A document digitization method that can ensure legal reliability, and a system therefor - Google Patents

Description

The present invention relates to a document digitization method and a system therefor, and more specifically, digitizes a paper document. The present invention relates to a computerization method and system capable of ensuring the legal reliability of documents.

With the rapid development of electronic products and the spread of network infrastructure, it seems that our society has become more accustomed to digital media than the traditional media of the past. In other words, today's society is dominated by digital media such as viewing news from smart phones or desktop computers, creating documents using word processors, and drawing pictures using electronic pens.

On the other hand, despite this shift to a digital society, paper documents still exist as a kind of important media in the real world. Among them, especially in the case of paper documents that include seals and signatures, they themselves have legal effect, and in many cases, general users are the first to create them in order to prove their legal effect. We keep the paper documents as they are.

Financial companies such as banks, securities firms, and insurance companies produce 100 million paper documents every year, but they convert them into electronic documents and store them for convenience in business. In reality, it is impossible to dispose of existing paper documents, and it is still necessary to store them in duplicate. .

There is still a social atmosphere in which paper documents are recognized as the most credible medium for evidence of certain legal effects, and a society in which it is difficult to accept the storage of electronic versions of paper documents in a database. The reason for this ambiguity is that there is a question as to whether electronic documents have the same legal effect as existing paper documents. This is because it is believed that security issues that may arise during the process will not be resolved.

In spite of this, the resources, costs, etc. required to store paper documents in duplicate continue to pose an extremely heavy burden on society. There is an increasing need for methods and systems therefor.

The present invention has been made with a focus on such problems, and by maintaining a state in which access to data from the outside is fundamentally disabled immediately after a paper document is scanned, security is improved. It is characterized in that it is greatly enhanced, and thereby it is possible to ensure the legal reliability of electronic documents. In addition to solving the above technical problems, the present invention was invented to provide additional technical elements that cannot be easily invented by those who have ordinary knowledge in this technical field. .

Japanese Patent No. 4665865 (registered on January 21, 2011)

It is an object of the present invention to provide an environment in which documents can be digitized to any number of users, and to ensure the legal reliability of the paper documents as they are when the paper documents are digitized. .

In order to achieve this, in the present invention, encryption is performed while being loaded only on memory or secure storage so that image data, which is the result of scanning a paper document, cannot be accessed from the outside. It is intended to be

In addition, the present invention minimizes falsification and falsification of image data by providing multiple encryption steps and verification steps, so that the original paper document can be converted into an electronic document while maintaining its legal validity. The purpose is to

Another object of the present invention is to enable any user having a user terminal connected by a network to easily use the document digitization service according to the present invention.

On the other hand, the technical problems of the present invention are not limited to the technical problems described above, and other technical problems not mentioned will be clearly understood by those of ordinary skill in the art from the following description. .

In order to solve the above-mentioned problems, a document electronic document that digitizes a paper document into an electronic document having legal reliability via a user terminal according to the present invention--the user terminal includes a central processing unit and a memory-- (a) receiving source image data generated by a scanner; and (b) loading said source image data onto a volatile memory and performing a primary encryption of said source image data on said memory. (c) storing first image data, wherein said first image data is image data after primary encryption of said original image data, in secure storage; and (d) said (e) second image data--the second image data being image data after the first image data has been secondarily encrypted; and sending the a - to a networked document storage server or cloud server.

Also, the document digitization method may further include storing the second image data in a local storage.

Further, in the document digitization method, the secondary encryption includes the step of encrypting a first encryption parameter and a second encryption parameter with a first encryption algorithm to generate a first encryption key; One encryption parameter includes at least one of a plurality of information defining any data group containing at least one image data, and the second encryption parameter includes information about image data to be updated. The information may include at least one piece of information extracted from what is stored over any period of time.

Further, in the document digitization method, the secondary encryption further includes the step of encrypting a third encryption parameter with a second encryption algorithm to generate a second encryption key, wherein the third encryption parameter may be characterized as being a user-specific key given to the user.

The document digitization method may further include encrypting the first encryption key, the second encryption key, and the first image data using a third encryption algorithm to generate second image data.

Further, in the document digitization method, the user unique key may be shared by users in a preset group.

Further, in the document digitization method, at least one of the steps (d) and (e) is executed only when an input of confirmation of completion is received from the user after the step (c). It may be characterized by being

On the other hand, a document digitization method for digitizing a paper document into an electronic document having legal reliability via a user terminal--the user terminal includes a central processing unit and a memory--according to still another embodiment of the present invention. (a) receiving source image data produced by a scanner; (b) loading said source image data onto a volatile memory; and encrypting said source image data on said memory; (c) sending first image data, said first image data being image data after said original image data has been encrypted, to a cloud server.

Further, a method for relaying image data obtained by digitizing a paper document by an authentication server--the authentication server including a central processing unit and a memory--according to still another embodiment of the present invention comprises: (a) any user terminal; (b) performing a security verification on the image data; and (c) transmitting the image data to a document storage server.

Also, the image data relay method may further include the step of (d) generating third image data that is the same as the image data and transmitting the generated copy to a supplementary service server.

Meanwhile, in a computer-readable recording medium storing a command for executing a document digitizing method according to another embodiment of the present invention, the document digitizing method includes (a) an original image generated by a scanner; (b) loading said source image data onto a volatile memory and primary encrypting said source image data on said memory; (c) first image data--said (d) secondarily encrypting the first image data in the secure storage; (e) transferring second image data, wherein said second image data is image data after said first image data has been secondarily encrypted, to a networked document storage server or cloud server; and sending to.

Meanwhile, in a computer-readable recording medium storing a command for executing a document digitizing method according to another embodiment of the present invention, the document digitizing method includes (a) an original image generated by a scanner; (b) loading said source image data onto a volatile memory and encrypting said source image data on said memory; (c) first image data- said first and sending the image data to a cloud server, which is the image data after the original image data has been encrypted.

According to the present invention, there is an effect that paper documents can be digitized while legal reliability is ensured.

In particular, according to the present invention, image data is basically processed in a state in which it cannot be accessed from the outside. Since encryption and subsequent processing are performed, there is an effect of ensuring legal credibility.

Further, according to the present invention, if a general user having a user terminal has only software configured with commands for executing this document digitization method, legal credibility can be easily secured. There is an effect that a document digitization service can be used.

Moreover, according to the present invention, there is an effect that the cost and labor required for storing paper documents can be greatly reduced, and furthermore, there is an effect that electronic documents can be easily managed.

In particular, paper documents will deteriorate over time and the cost of storage will continue to increase, whereas electronic documents will not change forever and will hardly increase in cost. From the point of view, there is an effect that documents can be managed efficiently.

On the other hand, the effects of the present invention are not limited to those described above, and other technical effects not mentioned will be clearly understood by those of ordinary skill in the art from the following description.

1 is a schematic diagram showing an overall appearance of a system in which a document digitizing method according to the present invention is executed; FIG. It is a figure which shows the document digitization method by 1st Embodiment. FIG. 4 is a diagram showing encryption operation steps; FIG. 11 shows a message for receiving confirmation of input completion from the user; FIG. 10 is a diagram showing a document digitization method according to the second embodiment; FIG. 4 is a diagram showing a process of processing image data by an authentication server; FIG. 10 is a diagram showing how an authentication server verifies image data; FIG. 13 is a diagram showing another document digitization method according to the third embodiment;

Detailed matters concerning the objective, technical configuration, and effects associated therewith of the present invention will be more clearly understood by the following detailed description based on the drawings attached to the specification of the present invention. Embodiments according to the present invention will be described in detail with reference to the accompanying drawings.

The embodiments disclosed in this specification should not be interpreted or utilized as limiting the scope of the present invention. It will be appreciated by those of ordinary skill in the art that the description, including the embodiments herein, have a variety of applications. Accordingly, any embodiments set forth in the detailed description of the invention are exemplary for purposes of further describing the invention and are not intended to limit the scope of the invention to the embodiments. .

The functional blocks shown in the drawings and described below are only examples of possible implementations. Other functional blocks may be used in other implementations without departing from the spirit and scope of the detailed description. It should be noted that although one or more functional blocks of the present invention are shown as separate blocks, one or more of the functional blocks of the present invention may be combinations of various hardware and software configurations that perform the same functions. good.

Also, the phrase "comprising an element" is an "open-ended" expression that merely indicates the presence of that element and should not be understood to exclude additional elements.

Further, when a component is referred to as being “coupled” or “connected” to another component, it may be directly coupled or connected to the other component, and these It should be understood that there may be other components in between.

FIG. 1 is a schematic diagram showing a system (hereinafter referred to as a document digitization system) required when the document digitization method according to the present invention is actually realized. It may include a terminal 100 , a scanner 200 connected thereto by wire or wirelessly, an authentication server 300 and a document storage server 400 . However, in the configuration shown in FIG. 1, the authentication server 300 may be omitted when the document digitization method is realized as necessary. 300 is eliminated, the document digitization method is realized.

Each configuration will be described in further detail below.

First, the user terminal 100 is a device operated by a user who wants to digitize a paper document. An example of the user terminal 100 is a desktop personal computer used by an employee of a financial company who intends to convert it into an electronic document whose legal credibility is ensured.

On the other hand, when looking at the user terminal 100 from the hardware aspect, the above description refers to an example in which the user terminal is a desktop personal computer, but it is not necessarily limited to this, and a terminal owned or carried by the user can be used. For example, mobile terminals such as smart phones, PDAs, tablet PCs, etc., and terminals such as desktop PCs that are fixedly arranged in a fixed place may be included. Such user terminals are assumed to include a central processing unit (CPU) and memory, which may also be called a controller, microcontroller, microprocessor, microcomputer, or the like. In addition, the central processing unit may be realized by hardware or firmware, software, or a combination of these. ), DSPD (digital signal processing device), PLD (programmable logic device), FPGA (field programmable gate array), etc. When implemented using firmware or software, modules and procedures that perform the above functions or operations Alternatively, firmware or software may be configured to include functions and the like. Also, the memory may be realized by RAM (Random Access Memory), flash memory, SRAM (Static RAM), HDD (Hard Disk Drive), SSD (Solid State Drive), or the like.

Additionally, the user terminal may include a display and a touch-sensitive surface, and may further be coupled with other physical means for user input, such as a stylus. Also, the user terminal may further include means for sensing and recording sound or voice. On the other hand, various applications running on the user terminal may optionally use at least one universal physical means for user input, such as a touch-sensitive surface. At least one function of the touch-sensitive surface, as well as the corresponding information displayed on the user terminal, is/are optionally coordinated from one application to the next and/or within individual applications. may be changed or changed. In this way, the user terminal's universal physical architecture (such as a touch-sensitive surface) optionally provides the user with an intuitive and clear user interface to support a variety of applications. be able to.

For reference, this detailed description assumes that the user terminal is a desktop personal computer of an employee of a financial company, in order to facilitate understanding of the invention.

Next, the scanner 200 may be understood as a device that scans a document to be digitized, or more precisely, as a device that optically recognizes image information and converts it into digital data. may be The scanner 200 may be connected to the user terminal 100 by wire such as a USB connection or wirelessly such as a Bluetooth connection. to scan.

The authentication server 300 serves to relay image data between the user terminal 100 and the document storage server 400, and the authentication server 300 basically includes a CPU and a memory in terms of hardware. is assumed. On the other hand, as will be described later, the authentication server 300 according to the present invention not only transmits the image data, but also verifies the security of the image data, and is also used to provide additional services. It also plays a role of creating separate image data to be displayed and providing it to the supplementary service server side.

Next, the document storage server 400 is configured to store image data received directly from the user terminal 100 or received from the user terminal 100 via the authentication server 300. The document storage server 400 also has a CPU and memory. may contain.

The system environment in which the document digitization method according to the present invention is realized has been described above with reference to FIG.

FIG. 2 is a diagram showing a document digitization method according to the first embodiment of the present invention. The first embodiment will be described on the assumption that it is executed within a system consisting of the user terminal 100, the scanner 200, and the document storage server 400, and each step of the first embodiment will be described below.

The document digitization method according to the first embodiment may first start with a step (S101) in which the user terminal 100 transmits a scan command to the scanner 200. FIG. A set of commands, that is, software for executing the document digitizing method according to the present invention may be installed in the user terminal 100, and such software is executed by the CPU to provide an interface to the user. Of course, it also receives input from the user through the interface and executes data processing accordingly. This scan command transmission step may also be performed via an interface provided by the software. For example, after the user places a paper document on the scanner 200, the user presses a "scan" button on the interface of the desktop computer. is clicked, step S101 is performed.

After step S101, the scanner 200 acquires the original image data by scanning the paper document (S102), and transmits the acquired original image data to the user terminal 100 side. Original image data means that the image or text image information on the paper document has been optically recognized and converted into digital data. Please understand that this is for emphasizing that the image data is generated first after being digitally converted. The original image data may consist of numbers, letters, or a string of numbers and letters, and the original image data may not be defined as a separate extension. On the other hand, step S103 is a step of transmitting the original image data to the user terminal 100. In this step, the original image data is transmitted through the network connection line and stored in the memory 110 of the user terminal 100. may be loaded.

After step S103, the memory 110 in the user terminal 100 performs a primary encryption operation on the original image data (S104). At this time, the memory 110 may be a volatile memory that requires electricity to maintain stored information, such as a random access memory (RAM). The user terminal 100 may cause memory control instructions necessary for access to memory 110 to be executed, such memory control instructions being executed without the original image data being saved to local storage. It may be encrypted using the encryption key. Also, the user terminal 100 may internally store an encryption engine or an encryption algorithm for encryption on the memory 110 so that it can be used for the primary encryption operation of the original image data. may On the other hand, the memory 110 may include a security area for encryption and a non-security area other than the security area, and only the security area is used as a storage space for encryption. may be

One of the special features associated with the memory 100 is that in this step, the original image data received from the scanner 200 is only physically stored in the volatile memory 110, such as SSD, HDD, etc. In other words, the original image data is not stored in any local storage, and this method can fundamentally block external access to the original image data.

In addition, when the volatile memory 110 is divided into a secure area and a non-secure area, the original image data is always stored only in the secure area, and is also stored in the secure area during the encryption operation. By encrypting the original image data using parameters, algorithms, etc., it is also possible to double block access to the original image data by anyone outside. Thus, this step is characterized by enhancing security by allowing the encryption operation to be performed on the volatile memory 110 without the original image data being passed through or saved in local storage. and

After step S104, the first image data (the first image data is the image data after the primary image data has undergone the primary encryption operation) is transmitted to the secure storage 120 (S105), and the secure storage 120 , a secondary encryption operation is performed (S106). The secure storage 120 is a security disk area provided in the user terminal 100. In actual implementation, it is installed in the user terminal 100 or a storage means (e.g., SSD, HDD etc.) by virtually realizing a file management system. Although the terms local storage and secure storage are used interchangeably in this detailed description, the physical principles are the same, even though the two storages use electrical or magnetic properties to store data. However, secure storage differs from general local storage in that it is formed by a completely separate file management system realized within a partitioned disk area (raw disk area) within the storage means. is understood. For reference, such a secure storage 120 is also inaccessible from the outside. It exists in such a state that security is guaranteed.

After step S106, the second image data is transmitted to the document storage server 400 (S107), and the transmitted second image data is stored in the document storage server 400. FIG. For reference, an electronic signature is performed in the secure storage 120 immediately before performing step S107. Also, for reference, the user terminal 100 and the document storage server 400 are generally remote from each other, and transmission of the second image data is performed via a network. Meanwhile, the second image data is also stored in the local storage 130 of the user terminal 100 separately from step S107.

Each step of the document digitization method according to the first embodiment has been described above with reference to FIG.

FIG. 3 shows how the secondary encryption operation (S106) described above is performed.

The secondary encryption operation is roughly divided into three steps. a step of generating (S1061), the second step is a step of encrypting the third encryption parameter with a second encryption algorithm to generate a second encryption key (S1063), and the third step is and a step of encrypting the generated first encryption key, second encryption key, and first image data with a third encryption algorithm to generate second image data (S1065).

The encryption parameters referred to here can also be understood as source values for encrypting certain data, but if they consist of letters, numbers, or a combination of letters and numbers, is unlimited.

However, an exemplary explanation of each encryption parameter in the present invention is as follows.

First, the first encryption parameter may be any one of a plurality of pieces of information defining any first data group containing at least one image data. That is, in the document digitization method according to the present invention, at least one image data is defined and managed by an arbitrary data group, just as one or more files are managed in units of folders in a general file management system. For convenience, the present invention refers to any such first data group as a binder. That is, the first encryption parameter may be any one of a plurality of pieces of information defining such a binder, such as a binder name, a binder associated with the binder, or stored in the binder. Information that can define an arbitrary binder, or information that can distinguish an arbitrary binder from other binders, such as a unique encryption key, the order of image data in the binder, the time when the binder was generated, or the order in which the binder was generated. may be used as the first encryption parameter. Also, the first encryption parameter does not necessarily mean only one piece of information, and several pieces of information exist as the first encryption parameter, or several pieces of information are combined into one. , may be present as the first encryption parameter.

Then, the second encryption parameter may be any one of the information associated with the second data group defined to manage the first data group updated for any period of time. That is, the second data group may include a plurality of first data groups, or more precisely, first data groups that are updated for any period of time, and the second encryption parameters are: It may be any one of a plurality of pieces of information defining the second data group. Also, at this time, a plurality of pieces of information may exist in the form of one virtual table. In this detailed description, for convenience, said arbitrary second data group will be referred to as a box. That is, the second encryption parameter may be any one of a plurality of pieces of information that can define one box. At least one of information that can define the box, such as an encryption key, or information that can distinguish any box from other boxes may be used as a second encryption parameter. It is also understood that, like the first encryption parameter, the second encryption parameter may also be a combination of several pieces of information into one and exist as a second encryption parameter.

Alternatively, the third encryption parameter may be a unique key given to the user. That is, when a user intends to use the document digitization method or document digitization service according to the present invention, the user can receive a unique key from the service operator, and the unique key functions as a third encryption parameter. good too. On the other hand, the unique key may be given to each user who uses the document digitization service, but may be shared by a plurality of users in a preset group. In this case, said unique key is also referred to as a group key. In general, when considering the form of users who use document digitization services, organizations in companies are often organized in units of teams or departments, and members of individual teams or departments work with each other. Considering that sharing is common, rather than giving unique keys to individual members, it is more efficient for business processing to allow members within a team or department to share and use unique keys. target. In the document digitization method according to the present invention, considering from this aspect, the third encryption parameter, in other words, the user unique key is given not to one person but to a plurality of users in a preset group as a group key. You may give On the other hand, at this time, even though the unique key can be shared by all members, the unique keys are not all the same, and the unique keys given to members in the same team or department are all different. However, they may be recognized as the same in the process of using the document digitization service.

On the other hand, the first encryption algorithm, the second encryption algorithm, and the third encryption algorithm used in the secondary encryption process are preferably implemented by different algorithms, but are not necessarily limited to this. Alternatively, at least two of the encryption algorithms may be the same algorithm.

On the other hand, in relation to FIG. 2 above, the secondary encryption operation is performed in the secure storage 120 formed in the user terminal 100, or the secure storage 120 performs the second encryption operation after the secondary encryption operation is performed. The step of transmitting the 2 image data to the outside or storing it in the local storage (S106, S107, S108) has been described. This is intended to emphasize that a separate disk area called the secure storage 120 formed in the user terminal 100 is utilized as a means for enhancing security in the document digitization process. The secure storage 120 in the invention does not have the significance of existence only for the purpose of ensuring security. The secure storage 120 also serves as a kind of temporary storage location while the user is using the document digitization service, but for example, before the image data is finally sent to the document storage server 400 or the local storage 130 is stored. Secure storage 120 can also serve as a temporary storage location to allow users to edit or review fully electronic documents before the image data is finally stored in the . A document digitization method that can ensure legal reliability cannot be done unless the security in the process of digitizing paper documents is extremely enhanced. , it cannot be obtained unless it is in a state where no one can access and damage it. In other words, in order to maintain the legal credibility that the electronic document is the same as the original paper document, it is necessary to store the final image data in the document storage server 400 or to the local storage 130 when the final image data is finally stored. It must be absolutely impossible to edit or modify the electronic document from the time the final image data is saved.

In order to ensure the legal credibility of electronic documents, it is necessary to have irreversibility. If necessary, an environment that allows partial editing must be provided. From this aspect, the secure storage 120 may be utilized as a temporary storage location necessary to provide the above environment to the user. Specifically, when trying to digitize a large amount of paper documents, the high-performance scanner 200 continuously scans the paper documents and then transmits them to the user terminal 100 side. The volatile memory 110, which primarily receives data, has a limited capacity and cannot store a large amount of image data. Here, in the document digitization method according to the present invention, the secure storage 120 takes charge of the buffer function, that is, the image data continuously transmitted from the scanner 200 is stored in the secure storage 120 through the memory for a while. is responsible for the function of the buffer. On the other hand, with respect to the image data temporarily stored in the secure storage 120, the secondary encryption operation is started or the second image data is transmitted to the outside only after receiving the final confirmation input from the user. The image data temporarily stored in the secure storage 120 may be processed by allowing the image data to be processed. Based on FIG. 2, by inserting a step of receiving an input of confirmation of completion from the user between steps S105 and S106 or between steps S106 and S107, the temporary storage location of the secure storage 120 function can be realized. For reference, FIG. 4 shows an embodiment of receiving completion confirmation input from the user, where the number of pages of the paper document finally scanned by the user is the number of paper pages originally intended to be digitized. A guidance message for confirming whether or not the number of pages matches the number of pages of the document is described, and a guidance message for confirming whether or not there is an image that requires simple image editing such as image rotation is described. Also, for reference, in the document digitization method according to the present invention, it is a rule that the front and back sides of a paper document must be scanned. An abnormality may be automatically recognized and a warning message may be displayed to the user.

The first embodiment of the present invention has been described above with reference to FIGS.

FIG. 5 is a diagram showing a document digitization method according to a second embodiment of the present invention. The second embodiment differs from the first embodiment in that the authentication server 300 intervenes in the transmission process of the second image data. The second image data that has undergone secondary encryption in the user terminal 100 may be sent directly to the document storage server 400 or sent via the authentication server 300, but the second embodiment relates to the latter. It is.

The authentication server 300 helps to further improve the security of the document digitization process, and may provide additional services other than simple document digitization.

FIG. 6 is a diagram for explaining the functions performed by the authentication server 300. Referring to this, the authentication server 300 receives the second image data (S601), then performs hash verification (S602) on the second image data, Also, other verification (S603) that can determine whether or not the second image data is forged or altered can be performed. The other verification (S603) step includes a step of verifying whether the file electronically signed with the same certificate as the electronic signature made in the secure storage 120 of the user terminal 100 has not been forged or altered. It's okay.

A hash refers to a value obtained by mapping data having various lengths with data having a fixed length, and the hash may be used to ensure the integrity of data. The authentication server 300 in the present invention can determine whether or not the second image data has been forged or altered by performing hash verification on the second image data. As a reference, FIG. 7 shows a screen in which the image data forgery/falsification inspection is actually realized, and such forgery/falsification inspection is performed by the hash verification described above.

On the other hand, the electronic signature is performed when the second image data is transmitted to the authentication server 300 or the document storage server 400 on the secure storage 120 of the user terminal 100, and is used to authenticate a specific user. used for The authentication server 300 can verify whether the data file (including the second image data) received from the user terminal 100 has been forged or altered. The same certificate may be used to verify whether the data file is forged or falsified.

The second image data may be sent to the document storage server 400 side (S604) when all the series of verification procedures have been performed on the authentication server 300. FIG.

On the other hand, the authentication server 300 separates the second image data transmitted to the document storage server 400 from the third image data used for providing additional services-the third image data is the second image data. -, which includes the same information as the data, but may not have undergone verification for ensuring legal reliability, and provides this to the supplementary service server 600 side, whereby the third image Various kinds of services based on data will be possible. The supplementary service server 600 may include, for example, an OCR service server that recognizes and extracts text from images, and the types of supplementary services are not limited to this and may be more diverse.

Thus, the presence of the authentication server 300 is significant in enhancing the security in the entire document digitization process, and based on the result (image data) obtained after scanning the paper document, the user can It is of great significance to derive various additional services that can provide convenience.

FIG. 8 is a diagram showing a document digitization method according to a third embodiment of the present invention. The third embodiment is different from the above-described embodiments in that the image data is transmitted to the cloud server 500. be.

Referring to FIG. 8, the document digitizing method according to the third embodiment comprises steps of transmitting a scan command from the user terminal 100 to the scanner 200 (S801), acquiring original image data from the scanner 200 (S802), and The process starts with a step in which terminal 100 receives original image data from scanner 200 (S803).

After step S803, the user terminal 100 receives a confirmation of completion from the user (S804) and then performs a full-scale encryption operation (S805) for the first time. Image data (first image data) is transmitted.

According to the third embodiment, the original image data is encrypted in the volatile memory 110 of the user terminal 100, and the encrypted image data is immediately sent to the cloud server 500 side. , it is confirmed that illegal access to the image data itself becomes impossible by immediately uploading the image data to the cloud server 500 without saving it in the local storage.

The document digitization method and the system therefor according to the present invention have been described above. In addition, various modifications are possible for those who have ordinary knowledge in the technical field to which the invention belongs, and those modifications are not understood apart from the technical idea and outlook of the present invention. it won't work.

In particular, structures that implement technical features of the present invention contained in the block diagrams and flow charts shown in the drawings attached hereto represent logical boundaries between these structures. However, in accordance with software or hardware embodiments, the illustrated structure and its functionality can be implemented in freestanding software modules, monolithic software structures, code, services, and combinations of these executed and stored program code, commands, etc. All such embodiments are to be considered within the scope of the present invention, as they can be stored in a computer-executable medium with a processor capable of executing, etc. is.

Accordingly, the accompanying drawings and the art to which the accompanying drawings illustrate the technical features of the present invention should not be simply inferred unless the specific arrangement of software for implementing such technical features is explicitly mentioned. not. In other words, there may be various embodiments described above, which have the same technical features as the present invention, but which may be partially modified, and which also fall within the scope of the present invention. should be considered.

Also, although the flowcharts depict actions in a particular order, this is done to obtain the most desirable results, and the actions must be performed in the specific order or sequential order shown. It should not be interpreted as a requirement that all illustrated acts must be performed. In certain cases, multitasking capabilities and parallel processing may be advantageous. In addition, the separation of various system components in the above-described embodiments should not be understood to require such separation in all embodiments, and the described program components and systems are generally It should be understood that they may be integrated together into software products or packaged into multiple software products.

As such, the specification is not intended to limit the invention by the specific terms provided. Therefore, although the present invention has been described in detail with reference to the above-described embodiments, a person having ordinary knowledge in the technical field to which the present invention pertains can make modifications to the present embodiments without departing from the scope of the present invention. Modifications, changes and variations may be made to The scope of the invention is indicated by the appended claims rather than by the foregoing detailed description, and all modifications or variations deriving from the meaning and scope of the claims and their equivalents are not subject to the right of the invention. should be construed as included in the scope.

100 User Terminal 200 Scanner 300 Authentication Server 400 Document Storage Server 500 Cloud Server

Claims (7)

In a document digitization method for digitizing a paper document into an electronic document having legal reliability via a user terminal, the user terminal including a central processing unit and a memory,
(a) receiving original image data generated by a scanner;
(b) loading the source image data onto a volatile memory and primary encrypting the source image data on the memory;
(c) storing in a secure storage the first image data, which is image data after primary encryption of the original image data;
(d) secondary encrypting the first image data in the secure storage;
(e) transmitting the second image data, which is image data after the first image data is secondary encrypted, to a document storage server or a cloud server connected via a network; and a document digitization method characterized by comprising: 2. The document digitizing method according to claim 1, further comprising the step of storing said second image data in a local storage. The secondary encryption is
encrypting the first encryption parameter and the second encryption parameter with a first encryption algorithm to generate a first encryption key;
the first encryption parameter includes at least one of a plurality of pieces of information defining any data group containing at least one image data;
2. The document digitization according to claim 1, wherein the second encryption parameter includes at least one piece of information extracted from information about image data to be updated that is stored in an arbitrary period. Method. The secondary encryption is
further comprising encrypting the third encryption parameter with a second encryption algorithm to generate a second encryption key;
4. The document digitization method according to claim 3, wherein said third encryption parameter is a user unique key given to the user. 5. The electronic document of claim 4, further comprising encrypting the first encryption key, the second encryption key, and the first image data with a third encryption algorithm to generate second image data. conversion method. 5. The document digitizing method according to claim 4, wherein the user-specific key can be shared by users in a preset group. At least one of the (d) step or (e) step,
2. The document digitizing method according to claim 1, wherein after said step (c), said step is executed only when a completion confirmation input is received from a user.

Images