KR102549385B1 - Method and system for providing data access control - Google Patents

Abstract

The present disclosure relates to a system for providing data access control. A system for providing data access control according to an embodiment of the present disclosure includes a blockchain server that stores and manages a plurality of block states updated according to one or more transactions, and a storage that stores and manages data. receives second data generated by encrypting the first data of the data owner with the symmetric key from the data owner, transmits the path where the second data is stored to the data owner, and the blockchain server determines the first data of the worker candidates. Information associated with the public key and information associated with the second public key of the selector are transmitted to the data owner, and the path where the second data is stored, the first ciphertext in which the symmetric key is encrypted, and the re-encryption key list are encrypted with the second public key of the selector. and receives the second ciphertext generated by the data owner from the data owner.

Description

Method and system for providing data access control {METHOD AND SYSTEM FOR PROVIDING DATA ACCESS CONTROL}

The present disclosure relates to a method and system for providing data access control, and more specifically, to a method and system for enabling selectors to control access of workers to data of data owners by utilizing data encryption and blockchain.

Recently, machine learning models having problem-solving capabilities, such as artificial neural network models, are widely used in various fields. In order to train such a machine learning model, a large amount of training data associated with the model is required. The amount of training data required to train a machine learning model with sufficient performance is getting larger over time, and the number of workers requesting training data to train the model is also rapidly increasing.

In accordance with this trend, in the case of a system in which the owner of learning data directly controls whether or not data access is allowed for each worker, the workload of the data owner becomes excessive, and it is difficult to ensure reliability and transparency of data access control.

On the other hand, blockchain technology is a technology that records and stores the contents of transactions made on network communication in a reliable and safe way. By storing data in a distributed data storage environment, anyone can view the results of changes, so that the transaction Reliability and transparency can be guaranteed.

The present disclosure provides a data access control providing method, a computer program stored in a recording medium, and a system (apparatus) to solve the above problems.

The present disclosure may be implemented in a variety of ways, including a method, system (apparatus) or computer program stored on a readable storage medium.

According to an embodiment of the present disclosure, a system for providing data access control includes a blockchain server for storing and managing a plurality of block states updated according to one or more transactions, a storage for storing and managing data, The storage receives from the data owner second data generated by encrypting the first data of the data owner with the symmetric key, transmits the path where the second data is stored to the data owner, and the blockchain server determines the second data of the worker candidate. 1 transmits information associated with the public key and information associated with the second public key of the selector to the data owner, and the path where the second data is stored, the first cipher text encrypted with the symmetric key, and the re-encryption key list are used as the second public key of the selector The second cipher text generated by the encryption is received from the data owner.

According to an embodiment of the present disclosure, the first ciphertext is generated by encrypting a symmetric key with a third public key of a data owner, and a list of re-encryption keys is based on the third private key and the first public key of the data owner. is created

According to an embodiment of the present disclosure, the blockchain server transmits the first cipher text and the second cipher text to the selector, and the first cipher text is proxy re-encrypted with the re-encryption key of the selected worker, thereby generating re-encryption. Receives the ciphertext from the selector.

According to an embodiment of the present disclosure, the blockchain server transmits information associated with a path in which the re-encrypted text and the second data are stored to the operator, and the storage unit transmits the second data to the operator.

According to an embodiment of the present disclosure, the second data is decrypted based on a symmetric key obtained by the operator decrypting the re-encrypted text with the operator's first secret key.

According to an embodiment of the present disclosure, the selector has an authority to select a worker from among worker candidates.

According to an embodiment of the present disclosure, a method for providing data access control, executed by at least one processor of a data owner, includes information associated with a first public key of a worker candidate and information associated with a second public key of a selector on a blockchain. Receiving from the server, transmitting the second data generated by encrypting the first data of the data owner with the symmetric key to the storage, receiving the path where the second data is stored from the storage, encrypting the symmetric key to generate the first ciphertext generating, generating second ciphertext by encrypting the re-encryption key list with a second public key, and transmitting the path where the second data is stored, the first ciphertext, and the second ciphertext to the blockchain server.

According to one embodiment of the present disclosure, generating the first ciphertext by encrypting the symmetric key includes generating the first ciphertext by encrypting the symmetric key with a third public key of the data owner.

According to an embodiment of the present disclosure, the re-encryption key list is generated based on the data owner's third private key and first public key.

According to an embodiment of the present disclosure, the selector receives the first ciphertext and the second ciphertext from the blockchain server, and proxy re-encrypts the first ciphertext with the re-encryption key of the selected operator, thereby sending the re-cipher text to the blockchain server. transmit

According to an embodiment of the present disclosure, a worker receives information associated with a path in which re-encrypted text and second data are stored from a blockchain server, and receives second data from a storage.

According to an embodiment of the present disclosure, the operator decrypts the second data using a symmetric key obtained by decrypting the re-encrypted text with the first secret key.

According to one embodiment of the present disclosure, a computer program stored in a computer readable recording medium is provided to execute the above-described method on a computer.

According to one embodiment of the present disclosure, an information processing system includes a communication module, a memory, and at least one processor connected to the memory and configured to execute at least one computer-readable program included in the memory, the communication module comprising: , Information associated with the first public key of the worker candidate and information associated with the second public key of the selector are received from the blockchain server, and second data generated by encrypting the first data of the data owner with the symmetric key is transmitted to the storage, , Receives the path where the second data is stored from the storage, transmits the path where the second data is stored, the first cipher text, and the second cipher text to the blockchain server, and at least one program encrypts the symmetric key to generate the first cipher text. and instructions for generating a second cipher text by encrypting the re-encryption key list with the second public key.

In various embodiments of the present disclosure, the workload of the data owner may be relieved by allowing the data owner to delegate operator selection authority to the selector.

In various embodiments of the present disclosure, reliability and transparency in providing data access control may be ensured by utilizing a blockchain server.

In various embodiments of the present disclosure, storage-agnostic data access control that is not dependent on a specific type of storage and can be used without separate storage knowledge may be provided.

The effects of the present disclosure are not limited to the effects mentioned above, and other effects not mentioned are those having ordinary knowledge in the art to which the present disclosure belongs from the description of the claims (hereinafter referred to as 'ordinary technicians') will be clearly understandable.

Embodiments of the present disclosure will be described with reference to the accompanying drawings described below, wherein like reference numbers indicate like elements, but are not limited thereto.
1 is a diagram illustrating a system for providing data access control according to an embodiment of the present disclosure.
2 is a schematic diagram illustrating a configuration in which an information processing system is communicatively connected with a plurality of user terminals in order to provide a data access control providing service according to an embodiment of the present disclosure.
3 is a block diagram showing internal configurations of a user terminal and an information processing system according to an embodiment of the present disclosure.
4 is a block diagram illustrating an internal configuration of a data owner-side processor according to an embodiment of the present disclosure.
5 is a block diagram illustrating an internal configuration of a selector-side processor according to an embodiment of the present disclosure.
6 is a block diagram illustrating an internal configuration of a worker-side processor according to an embodiment of the present disclosure.
7 is a flowchart illustrating a proxy re-encryption process according to an embodiment of the present disclosure.
8 is a flowchart illustrating data transmission/reception and encryption/decryption processes according to an embodiment of the present disclosure.
9 is a flowchart illustrating a method for providing data access control according to an embodiment of the present disclosure.

Hereinafter, specific details for the implementation of the present disclosure will be described in detail with reference to the accompanying drawings. However, in the following description, if there is a risk of unnecessarily obscuring the gist of the present disclosure, detailed descriptions of well-known functions or configurations will be omitted.

In the accompanying drawings, identical or corresponding elements are given the same reference numerals. In addition, in the description of the following embodiments, overlapping descriptions of the same or corresponding components may be omitted. However, omission of a description of a component does not intend that such a component is not included in an embodiment.

Advantages and features of the disclosed embodiments, and methods of achieving them, will become apparent with reference to the following embodiments in conjunction with the accompanying drawings. However, the present disclosure is not limited to the embodiments disclosed below and may be implemented in various different forms, but only the present embodiments make the present disclosure complete, and the present disclosure does not extend the scope of the invention to those skilled in the art. It is provided only for complete information.

Terms used in this specification will be briefly described, and the disclosed embodiments will be described in detail. The terms used in this specification have been selected from general terms that are currently widely used as much as possible while considering the functions in the present disclosure, but they may vary according to the intention of a person skilled in the related field, a precedent, or the emergence of new technologies. In addition, in a specific case, there is also a term arbitrarily selected by the applicant, and in this case, the meaning will be described in detail in the description of the invention. Therefore, the terms used in the present disclosure should be defined based on the meaning of the terms and the general content of the present disclosure, not simply the names of the terms.

Expressions in the singular number in this specification include plural expressions unless the context clearly dictates that they are singular. Also, plural expressions include singular expressions unless the context clearly specifies that they are plural. When it is said that a certain part includes a certain component in the entire specification, this means that it may further include other components without excluding other components unless otherwise stated.

Also, the term 'module' or 'unit' used in the specification means a software or hardware component, and the 'module' or 'unit' performs certain roles. However, 'module' or 'unit' is not meant to be limited to software or hardware. A 'module' or 'unit' may be configured to reside in an addressable storage medium and may be configured to reproduce one or more processors. Thus, as an example, a 'module' or 'unit' includes components such as software components, object-oriented software components, class components, and task components, processes, functions, and attributes. , procedures, subroutines, segments of program code, drivers, firmware, microcode, circuitry, data, databases, data structures, tables, arrays, or variables. Functions provided within components and 'modules' or 'units' may be combined into a smaller number of components and 'modules' or 'units', or further components and 'modules' or 'units'. can be further separated.

According to one embodiment of the present disclosure, a 'module' or 'unit' may be implemented with a processor and a memory. 'Processor' should be interpreted broadly to include general-purpose processors, central processing units (CPUs), microprocessors, digital signal processors (DSPs), controllers, microcontrollers, state machines, and the like. In some circumstances, 'processor' may refer to an application specific integrated circuit (ASIC), programmable logic device (PLD), field programmable gate array (FPGA), or the like. 'Processor' refers to a combination of processing devices, such as, for example, a combination of a DSP and a microprocessor, a combination of a plurality of microprocessors, a combination of one or more microprocessors in conjunction with a DSP core, or a combination of any other such configurations. You may. Also, 'memory' should be interpreted broadly to include any electronic component capable of storing electronic information. 'Memory' includes random access memory (RAM), read-only memory (ROM), non-volatile random access memory (NVRAM), programmable read-only memory (PROM), erasable-programmable read-only memory (EPROM), It may also refer to various types of processor-readable media, such as electrically erasable PROM (EEPROM), flash memory, magnetic or optical data storage, registers, and the like. A memory is said to be in electronic communication with the processor if the processor can read information from and/or write information to the memory. Memory integrated with the processor is in electronic communication with the processor.

In the present disclosure, a 'data owner' may refer to a subject that owns or has management authority over a storage medium storing data to be controlled for access, and a storage medium, information providing system or process that stores, manages, or computes such data. can also refer to

In the present disclosure, 'selector' refers to a subject having authority to select an operator to allow access to data owned by a data owner, or may refer to a storage medium, information providing system, or process related thereto.

In the present disclosure, 'worker' may refer to a subject permitted to access data of a data owner, or may refer to a storage medium, information providing system, or process related thereto.

In the present disclosure, 'storage' may refer to a space capable of storing and managing data or a device provided with such a space.

In the present disclosure, a 'blockchain server' may refer to a server capable of storing and managing a plurality of block states updated according to one or more transactions. In the present disclosure, information or data transmitted by a 'blockchain server' may be transmitted in the form of a block including such information or data, and information or data received may be updated in the form of a block.

1 is a diagram illustrating a system for providing data access control according to an embodiment of the present disclosure. As shown, the data access control providing system includes a blockchain server 130 and a storage 120, and the blockchain server 130 and the storage 120 include a data owner 110, a selector 140, and a data owner 110, respectively. Data may be transmitted to or received from the worker 150 .

The data owner 110 may refer to a subject who owns or manages the first data that is to be controlled for access. The storage 120 receives from the data owner 110 second data generated by encrypting the first data of the data owner 110 with a symmetric key, and transmits path information where the second data is stored to the data owner 110. can be sent The second data and the path where the second data is stored may then be transmitted to the worker 150 and decrypted based on the symmetric key, whereby the worker 150 may obtain the first data.

In one embodiment, storage 120 may include a public cloud. Data owners 110 may upload data to any public cloud as long as they provide a link to the uploaded data. Through this configuration, storage-agnostic data access control that is not dependent on a specific type of storage and can be used without separate storage knowledge can be provided.

The blockchain server 130 may transmit information associated with the first public key of the worker candidate and information associated with the second public key of the selector 140 to the data owner 110 .

Thereafter, the blockchain server 130 converts the path where the second data is stored, the first ciphertext generated by encrypting the symmetric key, and the second ciphertext generated by encrypting the list of re-encryption keys with the second public key of the selector 140 to the data It can be received from the owner 110. Specifically, the first cipher text is generated by encrypting the symmetric key with the third public key of the data owner 110, and the re-encryption key list is based on the third private key and the first public key of the data owner 110. may have been created.

The blockchain server 130 transmits the first cipher text and the second cipher text to the selector 140, and the first cipher text is proxy re-encrypted with the re-encryption key of the worker 150, thereby generating re-cipher text. It can be received from the selector 140. In this case, the re-encryption key of the operator 150 may be generated by decrypting the second cipher text with the second secret key of the selector 140 . Thereafter, the blockchain server 130 may transmit information related to the path in which the re-encrypted text and the second data are stored to the operator 150 .

2 is a schematic diagram illustrating a configuration in which an information processing system 230 is communicatively connected to a plurality of user terminals 210_1, 210_2, and 210_3 in order to provide a data access control providing service according to an embodiment of the present disclosure. The information processing system 230 may correspond to a storage or blockchain server, and the user terminal 210 may correspond to a terminal of a data owner, selector, or operator.

Information processing system 230 may include system(s) capable of providing data access control providing services. In one embodiment, information processing system 230 is one or more server devices and/or databases capable of storing, providing, and executing computer-executable programs (eg, downloadable applications) and data related to data access control providing services. , or one or more distributed computing devices and/or distributed databases based on cloud computing services. For example, the information processing system 230 may include separate systems (eg, servers) for providing data access control services.

The data access control provision service provided by the information processing system 230 may be provided to users through applications installed in each of the plurality of user terminals 210_1, 210_2, and 210_3.

A plurality of user terminals 210_1 , 210_2 , and 210_3 may communicate with the information processing system 230 through the network 220 . The network 220 may be configured to enable communication between the plurality of user terminals 210_1, 210_2, and 210_3 and the information processing system 230. Depending on the installation environment, the network 220 may be, for example, a wired network such as Ethernet, a wired home network (Power Line Communication), a telephone line communication device and RS-serial communication, a mobile communication network, a wireless LAN (WLAN), It may consist of a wireless network such as Wi-Fi, Bluetooth, and ZigBee, or a combination thereof. The communication method is not limited, and the user terminals (210_1, 210_2, 210_3) as well as a communication method utilizing a communication network (eg, mobile communication network, wired Internet, wireless Internet, broadcasting network, satellite network, etc.) that the network 220 may include ), short-range wireless communication between them may also be included.

In FIG. 2 , a mobile phone terminal 210_1 , a tablet terminal 210_2 , and a PC terminal 210_3 are illustrated as examples of user terminals, but are not limited thereto. The user terminals 210_1, 210_2, and 210_3 may be any computing device capable of wired and/or wireless communication and capable of installing and executing a data access control providing application. For example, the user terminal includes a smartphone, a mobile phone, a navigation device, a computer, a laptop computer, a digital broadcasting terminal, a personal digital assistant (PDA), a portable multimedia player (PMP), a tablet PC, a game console, and a wearable device ( wearable device), internet of things (IoT) device, virtual reality (VR) device, augmented reality (AR) device, and the like.

In addition, although three user terminals 210_1, 210_2, and 210_3 are shown in FIG. 2 to communicate with the information processing system 230 through the network 220, it is not limited thereto, and a different number of user terminals may be connected to the network ( 220) to communicate with the information processing system 230.

Figure 3 is a block diagram showing the internal configuration of the user terminal 210 and the information processing system 230 according to an embodiment of the present disclosure. The user terminal 210 may refer to any computing device capable of executing a data access control providing application and the like and capable of wired/wireless communication. For example, the mobile phone terminal 210_1 or the tablet terminal 210_2 of FIG. 2 , PC terminal 210_3, and the like. As shown, the user terminal 210 may include a memory 312 , a processor 314 , a communication module 316 and an input/output interface 318 . Similarly, the information processing system 230 may include a memory 332 , a processor 334 , a communication module 336 and an input/output interface 338 . As shown in FIG. 3, the user terminal 210 and the information processing system 230 are configured to communicate information and/or data through the network 220 using respective communication modules 316 and 336. It can be. In addition, the input/output device 320 may be configured to input information and/or data to the user terminal 210 through the input/output interface 318 or output information and/or data generated from the user terminal 210.

The memories 312 and 332 may include any non-transitory computer readable media. According to one embodiment, the memories 312 and 332 are non-perishable mass storage devices such as read only memory (ROM), disk drive, solid state drive (SSD), flash memory, etc. can include As another example, a non-perishable mass storage device such as a ROM, SSD, flash memory, or disk drive may be included in the user terminal 210 or the information processing system 230 as a separate permanent storage device separate from memory. Also, the memory 312 or 332 may store an operating system and at least one program code (eg, code for an application related to a data access control providing service).

These software components may be loaded from a computer readable recording medium separate from the memories 312 and 332 . A recording medium readable by such a separate computer may include a recording medium directly connectable to the user terminal 210 and the information processing system 230, for example, a floppy drive, a disk, a tape, a DVD/CD- It may include a computer-readable recording medium such as a ROM drive and a memory card. As another example, software components may be loaded into the memories 312 and 332 through the communication modules 316 and 336 rather than computer-readable recording media. For example, the at least one program is a computer program (eg, data access control providing service and may be loaded into memory 312, 332 based on an associated application, etc.).

The processors 314 and 334 may be configured to process instructions of a computer program by performing basic arithmetic, logic, and input/output operations. Instructions may be provided to processors 314 and 334 by memories 312 and 332 or communication modules 316 and 336 . For example, processors 314 and 334 may be configured to execute instructions received according to program codes stored in a recording device such as memory 312 and 332 .

The communication modules 316 and 336 may provide configurations or functions for the user terminal 210 and the information processing system 230 to communicate with each other through the network 220, and the user terminal 210 and/or information processing. System 230 may provide configurations or functions for communicating with other user terminals or other systems (eg, separate cloud systems, etc.). For example, a request or data generated according to a program code stored in a recording device such as a memory 312 by the processor 314 of the user terminal 210 is information through the network 220 under the control of the communication module 316. It can be delivered to processing system 230 . Conversely, a control signal or command provided under the control of the processor 334 of the information processing system 230 passes through the communication module 336 and the network 220 and through the communication module 316 of the user terminal 210. It may be received by the user terminal 210 .

The input/output interface 318 may be a means for interfacing with the input/output device 320 . As an example, the input device may include a device such as a camera, keyboard, microphone, mouse, etc. including an audio sensor and/or image sensor, and the output device may include a device such as a display, speaker, haptic feedback device, or the like. can As another example, the input/output interface 318 may be a means for interface with a device in which a configuration or function for performing input and output is integrated into one, such as a touch screen. Although the input/output device 320 is not included in the user terminal 210 in FIG. 3 , it is not limited thereto, and the user terminal 210 and the user terminal 210 may be configured as one device. In addition, the input/output interface 338 of the information processing system 230 is connected to the information processing system 230 or means for interface with a device (not shown) for input or output that the information processing system 230 may include. can be In FIG. 3, the input/output interfaces 318 and 338 are shown as separate elements from the processors 314 and 334, but are not limited thereto, and the input/output interfaces 318 and 338 may be included in the processors 314 and 334. there is.

The user terminal 210 and the information processing system 230 may include more components than those shown in FIG. 3 . However, there is no need to clearly show most of the prior art components. In one embodiment, the user terminal 210 may be implemented to include at least some of the aforementioned input/output devices 320 . In addition, the user terminal 210 may further include other components such as a transceiver, a global positioning system (GPS) module, a camera, various sensors, and a database. For example, when the user terminal 210 is a smartphone, it may include components that are generally included in a smartphone, for example, an acceleration sensor, a gyro sensor, a microphone module, a camera module, and various physical Various components such as a button, a button using a touch panel, an input/output port, and a vibrator for vibration may be implemented to be further included in the user terminal 210 .

According to one embodiment, the processor 314 of the user terminal 210 may be configured to operate an application or web browser application providing a data access control providing service. At this time, a program code associated with the corresponding application may be loaded into the memory 312 of the user terminal 210 . While the application is running, the processor 314 of the user terminal 210 receives information and/or data provided from the input/output device 320 through the input/output interface 318 or through the communication module 316 the information processing system ( 230), and may process and store the received information and/or data in the memory 312. Additionally, such information and/or data may be provided to information processing system 230 via communication module 316 .

While the application is running, the processor 314 inputs or selects voice data, text, and images through an input device such as a camera or microphone including a touch screen, keyboard, audio sensor, and/or image sensor connected to the input/output interface 318. , It is possible to receive an image, and the received voice data, text, image and / or video, etc. are stored in the memory 312 or provided to the information processing system 230 through the communication module 316 and the network 220. can do. In one embodiment, the processor 314 receives user input through an input device to select a graphical object displayed on the display, and transmits data/requests corresponding to the received user input to the network 220 and communication module. It can be provided to the information processing system 230 through 316.

The processor 314 of the user terminal 210 may transmit and output information and/or data to the input/output device 320 through the input/output interface 318 . For example, the processor 314 of the user terminal 210 processes the information processed through the output device 320, such as a display output capable device (eg, a touch screen, a display, etc.) or an audio output capable device (eg, a speaker). and/or output data.

The processor 334 of the information processing system 230 may be configured to manage, process, and/or store information and/or data received from a plurality of user terminals 210 and/or a plurality of external systems. Information and/or data processed by processor 334 may be provided to user terminal 210 via communication module 336 and network 220 .

4 is a block diagram illustrating an internal configuration of a data owner side processor 400 according to an embodiment of the present disclosure. As shown, the processor 400 may include an encryption key generator 410, a data encryption unit 420, and the like.

The encryption key generator 410 may generate a symmetric key for encrypting the first data of the data owner. The symmetric key generated by the encryption key generation unit 410 is encrypted by the third public key of the data owner, proxy re-encrypted again by the worker's re-encryption key, and then decrypted by the worker's private key, so that the worker can obtain it.

The encryption key generation unit 410 may generate a re-encryption key for proxy re-encryption based on the data owner's secret key and the operator candidate's public key. The re-encryption key of each worker candidate may constitute a re-encryption key list.

The data encryption unit 420 may encrypt data or a symmetric key. The data encryption unit 420 may generate second data by encrypting the first data using the symmetric key generated by the encryption key generation unit 410 . The generated second data may be transmitted to storage.

The data encryption unit 420 generates first ciphertext by encrypting the symmetric key with the public key of the data owner, and generates second ciphertext by encrypting the re-encryption key list generated by the encryption key generator 410 with the public key of the selector. can do. The generated first ciphertext and second ciphertext may be transmitted to the blockchain server.

The internal configuration of the processor 400 shown in FIG. 4 is just an example, and in some embodiments, other configurations other than the illustrated internal configuration may be additionally included, and some configurations may be omitted. In addition, although the internal configuration of the processor 400 has been described in FIG. 4 by being classified according to functions, this does not necessarily mean that they are physically separated. Although the encryption key generation unit 410 and the data encryption unit 420 have been separately described above, this is for helping understanding of the invention, and is not limited thereto.

5 is a block diagram illustrating an internal configuration of a selector-side processor 500 according to an embodiment of the present disclosure. As shown, the processor 500 may include a decryption unit 510, an operator selection unit 520, a proxy re-encryption unit 530, and the like.

The decryption unit 510 may decrypt the second ciphertext received from the blockchain server using the secret key of the selector. Through this configuration, the selector can obtain the re-encryption key list, and other than the selector cannot obtain the re-encryption key list.

The worker selection unit 520 may select a worker having authority to access the first data from among worker candidates. In one embodiment, worker selector 520 may be configured to select a worker based on predetermined conditions and information associated with the worker candidate. For example, the worker selector 520 may be configured to select a worker candidate having a pre-input network address as a worker. The predetermined condition may be changed by a selector or a system manager.

The proxy re-encryption unit 530 may generate re-encryption text by proxy re-encrypting the first cipher text with the operator's re-encryption key included in the re-encryption key list obtained from the decryption unit 510 . The worker's re-encryption key, which is the basis for re-encryption, can be published to the blockchain, and the re-encryption text can be transmitted to the blockchain server.

The internal configuration of the processor 500 shown in FIG. 5 is only an example, and in some embodiments, other configurations other than the illustrated internal configuration may be additionally included, and some configurations may be omitted. In addition, although the internal configuration of the processor 500 has been described in FIG. 5 by being classified according to functions, this does not necessarily mean that they are physically separated. The decryption unit 510 and the proxy re-encryption unit 530 have been separately described above, but this is to aid understanding of the invention, and is not limited thereto.

6 is a block diagram showing an internal configuration of a worker-side processor 600 according to an embodiment of the present disclosure. As shown, the processor 600 may include a re-encryption text decoding unit 610, a data decoding unit 620, and the like.

The re-encryption text decryption unit 610 may obtain a symmetric key by decrypting the re-encryption text received from the blockchain server with the operator's secret key.

The data decryption unit 620 may obtain the first data by decoding the second data using the symmetric key acquired by the re-ciphertext decryption unit 610 .

The internal configuration of the processor 600 shown in FIG. 6 is only an example, and in some embodiments, other configurations other than the illustrated internal configuration may be additionally included, and some configurations may be omitted. In addition, in FIG. 6, the internal configuration of the processor 600 has been described by dividing it by function, but this does not necessarily mean that it is physically separated. The re-encryption text decryption unit 610 and the data decryption unit 620 have been separately described above, but this is to aid understanding of the invention, and is not limited thereto.

7 is a flowchart illustrating a proxy re-encryption process 700 according to an embodiment of the present disclosure. The asymmetric key generator 710 may generate a worker public key, a worker private key, a data owner public key, and a data owner private key. The re-encryption key generator 720 may generate a re-encryption key necessary for proxy re-encryption based on the private key and the public key generated by the asymmetric key generator 710 .

Meanwhile, the encryption unit 730 may generate cipher text by encrypting the symmetric key with the data owner public key. Then, the re-encryption unit 740 may generate re-encryption text by encrypting the ciphertext generated by the encryption unit 730 with the re-encryption key generated by the re-encryption key generation unit 720 .

Thereafter, the decryption unit 750 may generate a symmetric key by decrypting the re-encrypted text with the operator's secret key. That is, the decryption unit 750 may generate a symmetric key through decryption of the re-encrypted text without using the data owner's private key.

8 is a flowchart illustrating data transmission/reception and encryption/decryption processes according to an embodiment of the present disclosure. The data owner 830 may fetch information associated with the first public key of the worker candidate and information associated with the second public key of the selector 850 from the blockchain server 840 . After generating a symmetric key, the data owner 830 may generate second data by encrypting first data to be accessed by the operator 810 with the symmetric key. Thereafter, the data owner 830 may transmit the generated second data to the storage 820, and the storage 820 may transmit a path where the second data is stored to the data owner 830.

The data owner 830 generates a re-encryption key list, encrypts the symmetric key with the data owner's 830 public key to generate a first cipher text, and encrypts the re-encryption key list with the selector's public key to generate a second cipher text. can do. In this case, the re-encryption key list may refer to a bundle of re-encryption keys generated based on the private key of the data owner 830 and the public key of the worker candidate.

The data owner 830 transmits the path where the second data is stored, the first ciphertext, and the second ciphertext to the blockchain server 840 to publish to the blockchain, and the selector 850 blocks the first ciphertext and the second ciphertext. You can fetch from the chain server 840.

The selector 850 may obtain a re-encryption key list by decrypting the second ciphertext with the selector's secret key. The selector 850 selects the worker 810 having the task authority from among the worker candidates, and then proxy-re-encrypts the first ciphertext with the re-encryption key of the worker 810 from the re-encryption key list, thereby generating the re-cipher text. The selector 850 may publish the generated re-encrypted text to the blockchain by transmitting it to the blockchain server 840 .

The worker 810 may fetch the path where the second data is stored and the re-encrypted text from the blockchain server 840 and download the second data from the storage 820 . The operator 810 may obtain the first data by generating a symmetric key by decrypting the re-ciphertext with the operator's secret key and then decrypting the second data with the symmetric key.

It is not limited to that shown in FIG. 8, and the order of each step shown in FIG. 8 may be different from that shown in the range that does not deviate from the logical flow. For example, the step of fetching the first public key and the second public key by the data owner 830 from the blockchain server 840 may be temporally subordinated to the step of generating the symmetric key and encrypting the first data of the data owner 830. can In another example, the path where the second data is stored may be transmitted to the worker 810 immediately after the data owner 830 transmits it to the blockchain server 840, in which case the re-encrypted text is separately sent to the worker 810 later. can be sent

9 is a flow diagram illustrating a method 900 of providing data access control according to an embodiment of the present disclosure. In one embodiment, the method 900 of providing data access control may be performed by a processor (eg, at least one processor of a computing device). The method 900 for providing data access control may be initiated by at least one processor of a data owner receiving information associated with a first public key of a worker candidate and information associated with a second public key of a selector from a blockchain server (S910). ).

Thereafter, the processor of the data owner may transmit second data generated by encrypting the first data of the data owner with the symmetric key to the storage (S920). Then, the processor of the data owner may receive the path where the second data is stored from the storage (S930).

Thereafter, the processor of the data owner may generate a first cipher text by encrypting the symmetric key (S940). In one embodiment, the processor may generate the first ciphertext by encrypting the symmetric key with the data owner's third public key.

Thereafter, the processor of the data owner may generate second cipher text by encrypting the re-encryption key list with the second public key (S950). In one embodiment, the re-encryption key list may be generated based on the data owner's third private key and first public key.

After that, the processor of the data owner may transmit the path where the second data is stored, the first ciphertext, and the second ciphertext to the blockchain server (S960).

After that, the selector's processor may receive the first ciphertext and the second ciphertext from the blockchain server, proxy re-encryption of the first ciphertext with the operator's re-encryption key, and transmit the generated re-encryption text to the blockchain server.

Thereafter, the operator's processor may obtain the first data by receiving the re-encryption text and the information associated with the path where the second data is stored from the blockchain server, receiving the second data from the storage, and then decrypting the second data. there is.

The above method may be provided as a computer program stored in a computer readable recording medium to be executed on a computer. The medium may continuously store programs executable by a computer or temporarily store them for execution or download. In addition, the medium may be various recording means or storage means in the form of a single or combined hardware, but is not limited to a medium directly connected to a certain computer system, and may be distributed on a network. Examples of the medium include magnetic media such as hard disks, floppy disks and magnetic tapes, optical recording media such as CD-ROM and DVD, magneto-optical media such as floptical disks, and ROM, RAM, flash memory, etc. configured to store program instructions. In addition, examples of other media include recording media or storage media managed by an app store that distributes applications, a site that supplies or distributes various other software, and a server.

The methods, acts or techniques of this disclosure may be implemented by various means. For example, these techniques may be implemented in hardware, firmware, software, or combinations thereof. Those skilled in the art will appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the disclosure herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchange of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends on the particular application and design requirements imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementations should not be interpreted as causing a departure from the scope of the present disclosure.

In a hardware implementation, the processing units used to perform the techniques may include one or more ASICs, DSPs, digital signal processing devices (DSPDs), programmable logic devices (PLDs) ), field programmable gate arrays (FPGAs), processors, controllers, microcontrollers, microprocessors, electronic devices, and other electronic units designed to perform the functions described in this disclosure. , a computer, or a combination thereof.

Accordingly, the various illustrative logical blocks, modules, and circuits described in connection with this disclosure may be incorporated into a general-purpose processor, DSP, ASIC, FPGA or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or may be implemented or performed in any combination of those designed to perform the functions described in A general purpose processor may be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing devices, eg, a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other configuration.

In firmware and/or software implementation, the techniques include random access memory (RAM), read-only memory (ROM), non-volatile random access memory (NVRAM), PROM ( on a computer readable medium, such as programmable read-only memory (EPROM), erasable programmable read-only memory (EPROM), electrically erasable PROM (EEPROM), flash memory, compact disc (CD), magnetic or optical data storage device, or the like. It can also be implemented with stored instructions. Instructions may be executable by one or more processors and may cause the processor(s) to perform certain aspects of the functionality described in this disclosure.

Although the embodiments described above have been described as utilizing aspects of the presently-disclosed subject matter in one or more stand-alone computer systems, the disclosure is not limited thereto and may be implemented in conjunction with any computing environment, such as a network or distributed computing environment. . Further, aspects of the subject matter in this disclosure may be implemented in a plurality of processing chips or devices, and storage may be similarly affected across multiple devices. These devices may include PCs, network servers, and portable devices.

Although the present disclosure has been described in relation to some embodiments in this specification, various modifications and changes may be made without departing from the scope of the present disclosure that can be understood by those skilled in the art. Moreover, such modifications and variations are intended to fall within the scope of the claims appended hereto.

110: data owner 120: blockchain server
130: storage 140: selector
150: worker

Claims (10)

A system for providing data access control, comprising:
A blockchain server that stores and manages a plurality of block states updated according to one or more transactions; and
Including storage for storing and managing data,
The storage is
Receiving from the data owner second data generated by encrypting the first data of the data owner with a symmetric key;
Transmitting a path where the second data is stored to the data owner;
The blockchain server,
sending information associated with a first public key of an operator candidate and information associated with a second public key of a selector to the data owner;
The path where the second data is stored, the first ciphertext in which the symmetric key is encrypted, and the second ciphertext generated by encrypting the re-encryption key list with the second public key of the selector are received from the data owner and published to the blockchain, ,
sending the first ciphertext and the second ciphertext to the selector;
Receiving a re-encryption text generated by proxy re-encryption of the first cipher text with a re-encryption key of a selected operator from the selector;
the first ciphertext is generated by encrypting the symmetric key with a third public key of the data owner;
The re-encryption key list is generated based on the third private key and the first public key of the data owner.
Data Access Control Provision System.
delete delete According to claim 1,
The blockchain server,
Transmitting information related to the path in which the re-encrypted text and the second data are stored to the operator;
The storage is
and transmits the second data to the operator.
According to claim 4,
The second data,
and decryption based on the symmetric key obtained by the operator decrypting the re-ciphertext with the operator's secret key.
A method of providing data access control, executed by at least one processor of a data owner, comprising:
Receiving information associated with a first public key of a worker candidate and information associated with a second public key of a selector from a blockchain server;
transmitting second data generated by encrypting the first data of the data owner with a symmetric key to a storage;
receiving a path where the second data is stored from the storage;
generating a first cipher text by encrypting the symmetric key;
generating a second ciphertext by encrypting a re-encryption key list with the second public key; and
Transmitting the path where the second data is stored, the first cipher text, and the second cipher text to the blockchain server,
Generating a first cipher text by encrypting the symmetric key,
generating a first ciphertext by encrypting the symmetric key with a third public key of the data owner;
The re-encryption key list is generated based on the data owner's third private key and the first public key;
The selector,
Receiving the first cipher text and the second cipher text from the blockchain server;
A method for providing data access control, wherein re-encryption generated by proxy re-encryption of the first cipher text with a re-encryption key of a selected operator is transmitted to the blockchain server.
delete delete delete According to claim 6,
The worker,
Receiving the re-encryption text and the information associated with the path where the second data is stored from the blockchain server;
receiving the second data from the storage.

Images