KR102204428B1 - Blockchain system for personal information management - Google Patents

Abstract

The present invention relates to a blockchain system for personal information management which does not store personal information of users all together in a service server, but distributes and stores the same in blocks of a blockchain, thereby securely storing the personal information of the users. In addition, there is no discomfort when using a service. To this end, the blockchain system for personal information management comprises a user terminal and a main net.

Description

Blockchain system for personal information management

The present invention relates to a block chain system for personal information management.

The user subscribes to the service by entering an ID and password, and stores a lot of information about himself in the server of the service by entering various information in the ID and password.

In such a service server, personal information is leaked due to an attempt such as hacking, and users are suffering a lot of damage, but since the information on the individual must be stored somehow, a fundamental solution has not been achieved.

For the above reasons, there is a problem that users are using various services at the risk of personal information leakage, even though there is a risk.

Korean Registered Patent Publication No. 10-2008668 (2019.08.02)

In the present invention for solving the above-described problem, when personal information to be used in a specific service server is input from a user terminal, it is distributed and stored in a block of the mainnet using a block chain, and used in the service server.

The problems to be solved by the present invention are not limited to the problems mentioned above, and other problems that are not mentioned will be clearly understood by those skilled in the art from the following description.

Blockchain system for personal information management according to an embodiment of the present invention for solving the above-described problems is installed on a portable terminal owned by a user to participate in the user terminal as an ultra light node in the blockchain, and A unique address capable of indexing the block in which information is stored and a private key capable of decrypting the loaded personal information are stored using the unique address, and the ultra light node uses the nonce value of the block header as a transaction (Tracnsaction). A service application, arranged in order of occurrence and stored, but not the transaction; And a mainnet that encrypts and stores personal information of the user in a block of a full node participating in the block chain.

In addition, the personal information of the user stored in the block chain is characterized in that it is used to perform at least one of membership registration, login, identification, and withdrawal of a specific service.

In addition, when a first unique address generation request signal is received from the service application, a first unique address is generated, the private key is signed and encrypted, and the first unique address is transferred to the user terminal and the blockchain peer of the mainnet. Save it to.

In addition, it is characterized in that storing the private key in the user terminal.

In addition, when a second unique address generation request signal for signing up for a specific service is received from the service application using the private key, a second unique address assigned to the specific service is generated, and the user terminal and the mainnet are It stores in a blockchain peer, receives personal information of the user to be used in the specific service through the service application, encrypts it in the blockchain peer of the mainnet, and stores it distributedly, and the second unique address is the second unique address and It is possible to load the personal information of the connected and distributedly stored user, and the private key is capable of decrypting the personal information of the user loaded through the second unique address.

In addition, the second unique address is stored as a subtree in the first unique address.

In addition, different second unique addresses are created for each service server, and a plurality of second unique addresses are included and stored in the subtree of the first unique address, and each second unique address is at least partially different. It is characterized in that information is connected.

In addition, when a user's personal information request is received from the server of the specific service, a private key signature for the second unique address is requested through the service application, and the private key for the second unique address is received through the service application. Upon completion of the signature, the user's personal information is decrypted and provided to the server of the specific service.

In addition, the mainnet is characterized in that it provides the personal information selected through the service application from the decrypted user's personal information to the server of the specific service.

In addition, when a request for deleting personal information in response to a request for withdrawal of the specific service is received from the service application, a private key signature for the second unique address is requested from the service application, and when the signature is completed, the second unique address is It is characterized in that the indexed personal information is deleted.

In addition to this, another method for implementing the present invention, another system, and a computer-readable recording medium for recording a computer program for executing the method may be further provided.

According to the present invention as described above, since the service server does not store all of the user's personal information, it is distributed in blocks of the block chain, so that the user's personal information is safely stored and there is no inconvenience in using the service. There is an effect.

The effects of the present invention are not limited to the effects mentioned above, and other effects not mentioned will be clearly understood by those skilled in the art from the following description.

1 is a schematic diagram of a block chain system for personal information management according to an embodiment of the present invention.
2 to 4 are flowcharts of a personal information management method using a block chain system for managing personal information according to an embodiment of the present invention.
5 is a diagram illustrating the storage of personal information in the user's first unique address and second unique address.

Advantages and features of the present invention, and a method of achieving them will become apparent with reference to the embodiments described below in detail together with the accompanying drawings. However, the present invention is not limited to the embodiments disclosed below, but may be implemented in a variety of different forms, only the present embodiments are intended to complete the disclosure of the present invention, It is provided to fully inform the technician of the scope of the present invention, and the present invention is only defined by the scope of the claims.

The terms used in the present specification are for describing exemplary embodiments and are not intended to limit the present invention. In this specification, the singular form also includes the plural form unless specifically stated in the phrase. As used in the specification, “comprises” and/or “comprising” do not exclude the presence or addition of one or more other elements other than the mentioned elements. Throughout the specification, the same reference numerals refer to the same elements, and “and/or” includes each and all combinations of one or more of the mentioned elements. Although "first", "second", and the like are used to describe various elements, it goes without saying that these elements are not limited by these terms. These terms are only used to distinguish one component from another component. Therefore, it goes without saying that the first component mentioned below may be the second component within the technical idea of the present invention.

Unless otherwise defined, all terms (including technical and scientific terms) used in the present specification may be used as meanings that can be commonly understood by those of ordinary skill in the art to which the present invention belongs. In addition, terms defined in a commonly used dictionary are not interpreted ideally or excessively unless explicitly defined specifically.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.

However, in some embodiments, the server may include fewer or more components than the components illustrated in FIG. 1.

1 is a schematic diagram of a block chain system 10 for personal information management according to an embodiment of the present invention, and FIGS. 2 to 4 are a block chain system 10 block for personal information management according to an embodiment of the present invention A flowchart of a method for managing personal information using a chain, and FIG. 5 is a diagram illustrating storing personal information in a user's first and second unique addresses.

Referring to FIGS. 1 to 5, a block chain system 10 for personal information management according to an embodiment of the present invention will be described.

Blockchain system 10 for personal information management according to an embodiment of the present invention includes a service application and a mainnet 100.

In this case, the service application is an application or program that is installed and driven in the user terminal 200 and is installed in the storage space of the user terminal 200 and implemented as a block chain. Hereinafter, in the embodiment of the present invention, the term "user terminal 200" may mean that it is operated based on a service application installed in the user terminal 200.

In addition, the user terminal 200 refers to a portable (mobile) terminal owned by the user, and in the main embodiment of the present invention, it refers to a hand-held terminal that the user directly carries, but is limited thereto. As shown in FIG. 1, it may mean a desktop that is not normally carried.

Accordingly, in the embodiment of the present invention, the user terminal 200 broadly refers to a computer owned by a user, and may include a smartphone, a PDA, a tablet PC, a laptop, a handheld device, a desktop computer, and the like.

The service application is installed on the user terminal 200, that is, a portable terminal owned by the user, and participates the user terminal 200 as an ultra light node in the blockchain-based mainnet 100, and indexing the block in which the user's personal information is stored. This possible unique address and a private key capable of decrypting personal information loaded using the unique address are stored.

At this time, the ultra light node means a node that can be operated using less data than the existing light node, and is a node optimized for portable and mobile terminals.

To be more specific about nodes, nodes are usually divided into full nodes and light nodes, and full nodes store all transaction information in the network and manage users' wallets. In contrast, the advantage of storing all information is that it takes up a lot of storage space, so it is difficult for portable and mobile terminals to be in charge of full nodes.

In addition, the light node copies and stores only part of the network data, and among them, only the header of the blockchain ledger is stored. The header of the blockchain stores the password hash value of the previous block head, the creation time of the block, the password hash of the block body, and the nonce value.

With these features, light nodes occupy significantly less capacity than full nodes, but the applicant uses less capacity and utilizes the benefits of blockchain to the fullest to prevent data tampering and tampering. (Ultra Light Node) was developed.

In addition, the ultra light node according to an embodiment of the present invention arranges and stores a nonce value among many values of a block header in the order in which transactions occur.

Such an ultra light node can be implemented in a much lighter form than a light node because the existing light node does not store transactions and writes, and stores only the nonce value among block headers.

According to the above description, it can be seen that the ultra light node according to the embodiment of the present invention is much lighter than the light node, and there is no difference in performance because it can monitor whether or not for modulation.

In the embodiment of the present invention, it is referred to as an ultra light node, but may also be referred to as a second light node. Accordingly, an existing light node may be referred to as a first light node, and an ultra light node according to an embodiment of the present invention may be referred to as a second light node.

The mainnet 100 encrypts and stores personal information of users in blocks of full nodes participating in the blockchain.

Users use their own terminal to distribute and store personal information to be used in a specific service on the mainnet 100 by using a block chain, and to use it in the service or use it only when necessary, and encrypt it in the block chain and store it distributedly. Personal information is loaded and decrypted using a private key stored in the user terminal 200 to enable use of the personal information.

Until recently, numerous service companies request input of personal information and store personal information in DBs, and this often leads to personal information leakage accidents. This is a problem that occurs because personal information is directly stored and managed by the service company, and the fundamental problem has not been solved despite numerous leaks.

However, if the embodiment of the present invention is used, all personal information is not stored in the various service servers 300 as the personal information is used as described above.

In addition, even if the user's personal information that is stored distributedly is loaded, decryption cannot proceed without the private key stored in the user terminal 200, so that leakage of user's personal information is fundamentally blocked. do.

In an embodiment of the present invention, the personal information of the user stored in the block chain may be used to perform at least one of membership registration, login, identification, and withdrawal of a specific service.

Hereinafter, embodiments of the present invention will be described in more detail with reference to FIGS. 2 to 5.

When the mainnet 100 receives the first unique address generation request signal from the user terminal 200 (step S100), the first unique address is generated, and the private key signature is encrypted to obtain the first unique address. 200) and the mainnet 100's blockchain peers. (S200 step)

Then, the mainnet 100 stores the private key in the user terminal 200 on which the service application is installed. (S170 step)

When going through the above process, the user completes the subscription to the blockchain system 10 for personal information management according to an embodiment of the present invention, and now can store his/her personal information by designating a specific service.

In more detail, next, when the mainnet 100 receives a second unique address generation request signal for membership registration of a specific service using a private key from the service application installed in the user terminal 200, (step S200) The second unique address assigned to the specific service is generated and stored in the blockchain peer of the user terminal 200 and the mainnet 100. (S250 step)

And, when the system 10 receives the personal information of the user to be used in a specific service through the service application, and receives a private key signature through the service application (step S400), the personal information of the user is stored in the block of the mainnet 100. Distributed storage in chain peers. (S450 step)

At this time, as shown in FIG. 5, the second unique address is stored as a subtree of the first unique address.

And, as shown in FIG. 5, a different second unique address is generated for each service server used by the user, and a plurality of second unique addresses are included and stored in the subtree of the first unique address, and each second unique address Is characterized in that at least some of the different personal information is connected.

This means that different personal information can be used in different service servers, the personal information of the user's name, birth date, and phone number is used in the service server of A, and the user's name and address in the service server of B. This means that personal information such as occupation, etc. can be used.

For example, when the user stores personal information to be used in the first service server 300, it is stored in the second unique address #1, and when the personal information to be used in the second service server 300 is stored, the second unique address It is stored in #2, and when personal information to be used in the third service server 300 is stored, it means that it is stored in the second unique address #3.

In addition, the personal information input from the user is encrypted and stored as shown in FIG. 5, and can be decrypted only through a private key stored in the user terminal 200.

Therefore, briefly described, in the embodiment of the present invention, the first unique address and the second unique address play a role of loading personal information of the user that is encrypted and distributedly stored in the mainnet 100, and the user terminal It plays the role of decrypting the personal information loaded with the private key stored in (200). Therefore, if neither of the two is present or not satisfied, the user's personal information cannot be loaded or viewed.

In one embodiment, the second unique address is connected to the second unique address to load the distributedly stored personal information of the user. In more detail, since the second unique address is assigned to the specific service, the use of the second unique address means that the location where personal information of a user to be used and used in a specific service is distributed and stored.

In addition, as described above, the user terminal 200 participates as an ultra light node in the block chain through the service application, and the nonce value of the block header is arranged and stored in the order of transaction occurrence, so attempts to forgery the user's personal information Even when an event occurs, it can be detected.

In addition, when the mainnet 100 receives the second unique address request signal from the server of a specific service (step S300), the mainnet 100 may provide the user's second unique address to the server of the service. (S350 step)

In one embodiment, when a request for personal information of a user is received from a server of a specific service (step S500), the mainnet 100 requests a private key signature for a second unique address through a service application. (S520 step)

Then, when signing the private key for the second unique address through the service application is completed, the user's personal information is provided to the server of the specific service. (S540, S560 steps)

More specifically, as described above, the mainnet 100 requests a private key signature through a service application installed on the user terminal 200, and when the private key signature is completed, the first unique address and the second unique address are The personal information of the user that is encrypted and distributedly stored in a block of the mainnet 100 is loaded, decrypted using a private key, and the personal information of the user is provided to the specific service server 300.

Through such a process, the user may sign up for a specific service or log in after that, or may proceed with identity verification, or may proceed with withdrawal.

As an embodiment, a further description will be given of withdrawal from the service server 300 using the blockchain system 10 for personal information management according to an embodiment of the present invention.

When the mainnet 100 receives a request for deletion of personal information according to a request for withdrawal of a specific service from the service application (S600), the mainnet 100 requests the service application to sign the private key for the second unique address, and when the private key signing is completed (Step S620) The personal information indexed in the second unique address is deleted, and (Step S640) a notification that the personal information deletion has been completed is provided to the service application. (S660 step)

Conventional systems using a blockchain do not provide a function of deleting distributed information, but the blockchain system 10 for personal information management according to an embodiment of the present invention distributes the mainnet at the request of the user as above. Saved personal information can be deleted.

More specifically, the use of the second unique address means that the mainnet 100 can load the personal information of the user in which the mainnet 100 is distributed and stored, but the authority to not only decrypt but also delete is possible only with a private key. do.

In addition, the block chain-based personal information management method according to the embodiment of the present invention differs only from the block chain system 10 for personal information management described with reference to FIGS. 1 to 5 and the category of the invention. Description and examples will be omitted.

The method according to the embodiment of the present invention described above may be implemented as a program (or application) to be executed in combination with a server, which is hardware, and stored in a medium.

The above-described program is C, C++, JAVA, machine language, etc. that can be read by the computer's processor (CPU) through the device interface of the computer in order for the computer to read the program and execute the methods implemented as a program. It may include a code (Code) coded in the computer language of. Such code may include a functional code related to a function defining necessary functions for executing the methods, and a control code related to an execution procedure necessary for the processor of the computer to execute the functions according to a predetermined procedure. can do. In addition, such code may further include additional information required for the processor of the computer to execute the functions or code related to a memory reference to which location (address address) of the internal or external memory of the computer should be referenced. have. In addition, when the processor of the computer needs to communicate with any other computer or server in the remote in order to execute the functions, the code uses the communication module of the computer to determine how It may further include a communication-related code for whether to communicate or what information or media to transmit and receive during communication.

The stored medium is not a medium that stores data for a short moment, such as a register, cache, memory, etc., but a medium that stores data semi-permanently and can be read by a device. Specifically, examples of the storage medium include, but are not limited to, ROM, RAM, CD-ROM, magnetic tape, floppy disk, optical data storage device, and the like. That is, the program may be stored in various recording media on various servers to which the computer can access, or on various recording media on the user's computer. Further, the medium may be distributed over a computer system connected through a network, and computer-readable codes may be stored in a distributed manner.

The steps of a method or algorithm described in connection with an embodiment of the present invention may be implemented directly in hardware, implemented as a software module executed by hardware, or a combination thereof. Software modules include Random Access Memory (RAM), Read Only Memory (ROM), Erasable Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), Flash Memory, hard disk, removable disk, CD-ROM, or It may reside on any type of computer-readable recording medium well known in the art to which the present invention pertains.

In the above, embodiments of the present invention have been described with reference to the accompanying drawings, but those of ordinary skill in the art to which the present invention pertains can be implemented in other specific forms without changing the technical spirit or essential features. You can understand. Therefore, the embodiments described above are illustrative in all respects, and should be understood as non-limiting.

10: Blockchain system for personal information management
100: mainnet
200: user terminal
300: service server

Claims (10)

In a system for managing personal information based on a block chain,
A user terminal owned by a user with a service application installed; And
It includes a mainnet that encrypts and stores personal information of the user in a block of a full node participating in the blockchain,
The service application engages the user terminal as an ultra light node of the block chain, and decrypts the loaded personal information using the unique address and the unique address that can index the block on the block chain where the user's personal information is stored. The private key for is stored, but the ultra light node arranges and stores the nonce value of the block header in the order of transaction occurrence and does not store the transaction,
The personal information of the user stored in the block chain is used to perform at least one of membership registration, login, identification, and withdrawal of a specific service,
When the mainnet receives a first unique address generation request signal from the user terminal, it generates a first unique address, signs and encrypts a private key therefor, and converts the first unique address to the block of the user terminal and the mainnet. Store in a chain peer, store the private key in the user terminal,
When a second unique address generation request signal for signing up for a specific service is received from the service application installed in the user terminal using the private key, a second unique address assigned to the specific service is generated and Stored in the blockchain peer of the mainnet, receive personal information of the user to be used in the specific service through the service application, encrypt it in the blockchain peer of the mainnet, and store it distributedly,
The second unique address is connected to the second unique address and capable of loading personal information of a distributedly stored user,
The private key is for decrypting the personal information of the user loaded through the second unique address,
The second unique address is a block chain system for personal information management that is stored as a subtree in the first unique address. delete delete delete delete delete The method of claim 1,
A different second unique address is created for each service server, a plurality of second unique addresses are included and stored in the subtree of the first unique address, and each second unique address contains at least some different personal information. Blockchain system for managing connected personal information. The method of claim 1,
When the mainnet receives the user's personal information request from the server of the specific service, it requests the private key signature for the second unique address through the service application,
Blockchain system for personal information management that decrypts the user's personal information and provides it to the server of the specific service when the signing of the private key for the second unique address is completed through the service application. The method of claim 8,
The mainnet,
Blockchain system for personal information management that provides personal information selected through the service application from the decrypted user's personal information to the server of the specific service. The method of claim 1,
When a request to delete personal information according to a request to withdraw from the specific service is received from the service application,
A blockchain system for personal information management, characterized in that the service application requests a private key signature for the second unique address, and when the signature is completed, the personal information indexed in the second unique address is deleted.

Images