KR102633218B1 - User's register and login method for cloud-based artificial intelligence system - Google Patents

Abstract

The present invention includes a 100th step in which the computer system registers with the cloud platform and a 200th step in which the computer system logs in to the cloud platform, and the 100th step includes a 101st step in which the computer system prepares a hash value H1. , Step 102, where the computer system transmits registration request information Tx1 including the blockchain address of the computer system Addr_u and the hash value H1 to the first smart contract, the first smart contract transmits the blockchain address Addr_u of the computer system and step 103 of recording the hash value H'1 in the blockchain, in which the first smart contract transmits the blockchain address Addr_u and the hash value H'1 of the computer system to the management module and all nodes of the blockchain. Step 104, the management module stores the blockchain address Addr_u and hash value H'1 of the computer system received from the first smart contract in a local database. Step 105, the computer system stores the digital signature S1 and encryption information R2. A 106th step of calculating , a 107th step of the management module performing a verification process for the encryption information R'2, and upon completion of the verification process for the encryption information R'2, the management module generates computer system allocation information U_rl. Step 108 of setting and storing R'1 and the computer system allocation information U_rl in the local database; Step 109 of the management module preparing a computer system certificate U_cred from R'1 and the computer system allocation information U_rl; Step 110, where the management module transmits transaction information Tx2 including the blockchain address Addr_u of the computer system and the computer system certificate U_cred to the first smart contract, and the first smart contract transmits transaction information Tx2 including the blockchain address Addr_u of the computer system to the first smart contract. And step 111, the computer stores the computer system certificate U'_cred in the blockchain and broadcasts the blockchain address Addr_u and the computer system certificate U'_cred of the computer system to the management module and all nodes of the blockchain. In step 112, the system stores the blockchain address Addr_u and the computer system certificate U'_cred of the computer system broadcast by the first smart contract in local storage, and the management module allocates the computer system certificate U_cred and the computer system. A 113th step of generating a response message including information U_rl and a digital signature Su, and a 114th step of the computer system verifying the response message received from the management module.

Description

{User's register and login method for cloud-based artificial intelligence system}

The present invention relates to a method for registering and logging in to a computer system, and more specifically, to a cloud-based artificial intelligence system that uses blockchain and smart contracts to strengthen data integrity and improve security. This relates to methods for registering and logging in computer systems for artificial intelligence systems.

Artificial Intelligence (Artificial Intelligence) has continued to develop since its introduction in 1956. The artificial intelligence AlphaGo defeated the world Go champion five times in a row in 2016. And, in 2018, Google launched Waymosa's self-driving taxi service, which was spun off from Phoenix, Arizona. And artificial intelligence can also transform other fields, such as national security, finance, healthcare, criminal justice, transportation, and smart cities.

However, artificial intelligence can be applied in adversarial cases, such as attacks on self-driving cars. For example, artificial intelligence could misclassify a stop sign image with a few pixels changed, causing a car accident. And, attacks on multiple robots controlled by artificial intelligence on a central server can cause large-scale fatal failures. Therefore, when developing an artificial intelligence system, more effort should be put into the security of the artificial intelligence system.

Recently, cloud-based artificial intelligence systems that can learn machine learning models using learning data are being actively introduced.

However, existing cloud-based artificial intelligence systems have the problem of being vulnerable to data integrity and protection of personal information.

Additionally, in existing cloud-based artificial intelligence systems, there was a problem that vulnerabilities in cloud computing could adversely affect the security of artificial intelligence services and potentially damage data.

KR 10-1914416 B1

The present invention was created to solve the above problems, and the purpose of the present invention is to strengthen the integrity of the machine learning pipeline of a cloud-based artificial intelligence system by integrating an architecture based on blockchain and smart contracts. The goal is to provide computer system registration and login methods for cloud-based artificial intelligence systems.

In addition, the purpose of the present invention is to provide a computer system registration and login method for a cloud-based artificial intelligence system that can prevent an attacker from intruding into a cloud-based artificial intelligence system by impersonating an actual computer system. .

Additionally, the purpose of the present invention is to provide a method for registering and logging in to a computer system for a cloud-based artificial intelligence system that can track the integrity of data and prevent data manipulation.

In order to solve the above technical problems, the registration and login method of a computer system for a cloud-based artificial intelligence system according to the present invention includes a 100th step of registering the computer system to the cloud platform and the computer system registering to the cloud platform. A 200th step of logging in, wherein the 100th step is a 101st step where the computer system prepares a hash value H1, and the computer system sends a registration request including a blockchain address Addr_u of the computer system and the hash value H1. Step 102 of transmitting information Tx1 to the first smart contract, Step 103 of the first smart contract recording the blockchain address Addr_u and hash value H'1 of the computer system in the blockchain, the first smart contract Step 104, transmitting the blockchain address Addr_u and the hash value H'1 of the computer system to the management module and all nodes of the blockchain, the blockchain address of the computer system received by the management module from the first smart contract Step 105 of storing Addr_u and the hash value H'1 in a local database; Step 106 of the computer system calculating the digital signature S1 and encryption information R2; and the management module performing a verification process on the encryption information R'2. Step 107, upon completion of the verification process for the encryption information R'2, the management module sets computer system allocation information U_rl and stores R'1 and the computer system allocation information U_rl in the local database. Step 109, wherein the management module prepares a computer system certificate U_cred from the R'1 and computer system allocation information U_rl, wherein the management module prepares transaction information including a blockchain address Addr_u and a computer system certificate U_cred of the computer system. Step 110 of transmitting Tx2 to the first smart contract, the first smart contract stores the blockchain address Addr_u and the computer system certificate U'_cred of the computer system in the blockchain, and the management module and the blockchain Step 111, broadcasting the blockchain address Addr_u and the computer system certificate U'_cred of the computer system to all nodes, the computer system broadcasting the blockchain address Addr_u and the computer system certificate U'_cred by the first smart contract. Step 112 of storing the system certificate U'_cred in local storage; step 113 of the management module generating a response message including the computer system certificate U_cred, computer system allocation information U_rl, and digital signature Su; and the computer system A 114th step of verifying the response message transmitted from the management module, wherein the hash value H'1 is the hash value when the first smart contract receives the hash value H1 generated by the computer system. It is information used in place of the hash value H1 to distinguish it from the value H1, and the encryption information R'2 is distinguished from the encryption information R2 when the management module receives the encryption information R2 generated by the computer system. This is information used instead of the encryption information R2, and the computer system certificate U'_cred is the computer system certificate U_cred when the first smart contract receives the computer system certificate U_cred generated by the management module. It is characterized as information used in place of the computer system certificate U_cred for differentiation.

In addition, step 101 is step 101-1 in which the computer system prepares R1 using (mathematical formula) R1=Addr_u||name||H(pass)||email||t and the computer system It includes a step 101-2 of preparing a hash value H1 of the R1 using this (mathematical formula) H1=H(R1), where the name is the name of the computer system, and the pass is the password of the computer system. , wherein H(pass) is a hash value of the password pass of the computer system, the email is an email address of the computer system, and the t is the current timestamp.

In addition, step 106 is step 106-1 in which the computer system generates the digital signature S1 for the hash value H1 using the secret key SK_u of the computer system with (mathematical formula) S1 = Sign_SK_u(H1). Step and the computer system calculates the encryption information R2 by encrypting the information concatenating the R1 and the digital signature S1 using the public key PK_idma of the management module as (mathematical formula) R2=E_PK_idma(R1||S1). It is characterized in that it includes the 106-2 step.

In addition, in step 107, the management module decrypts the encryption information R'2 with the secret key SK_idma of the management module in (mathematical formula) D_SK_idma(R'2) → R'1||S'1, Step 107-1 of acquiring R'1 and digital signature S'1, the management module uses (mathematical formula) H""1=H(R'1) to obtain the hash value H" of R'1. In step 107-2 of calculating "1, the management module compares the hash value H""1 calculated in step 107-2 and the hash value H'1 broadcast by the first smart contract. Thus, in step 107-3 of checking whether the hash values H""1 and H'1 match, the management module generates the encryption information R'2 when the hash values H""1 and H'1 match. Step 107-4 of continuing the verification process for and stopping the verification process for the encryption information R'2 when the hash values H""1 and H'1 do not match, and the management module (Equation) Step 107-5 of inputting the digital signature S'1 and the hash value H""1 into the PKVer_Addr_u function using PKVer_Addr_u(S'1,H""1) → True or False, and PKVer_Addr_u(S'1,H""1) is characterized as a function that verifies whether the address Addr_u of the blockchain of the computer system signed the hash value H""1 with the digital signature S'1.

In addition, the 109th step is the 109-1 in which the management module calculates the R3 by concatenating the R'1 and the computer system allocation information U_rl using (mathematical formula) R3=R'1||U_rl. Step 109-2, where the management module calculates the computer system certificate U_cred, which is a hash value of R3, using (mathematical formula) U_cred=H(R3), and the management module calculates the computer system certificate U_cred It is characterized in that it includes a step 109-3 of storing in the local database.

In addition, in step 113, the management module uses the secret key SK_idma of the management module as (mathematical formula) Su=Sign_SK_idma(U_cred||H(U_rl)) to signify the U_cred||H(U_rl). Step 113-1 of generating a digital signature Su and step 113-2 of the management module transmitting the response message including the computer system certificate U_cred, computer system allocation information U_rl, and digital signature Su to the computer system, respectively. It is characterized by including.

In addition, the 114th step is a 114-1 step in which the computer system receives the computer system certificate U""_cred, computer system allocation information U'_rl, and digital signature S'u from the management module. Step 114-2 of comparing the computer system certificate U""_cred transmitted from the management module and the computer system certificate U'_cred transmitted from the first smart contract, where the computer system receives the computer system certificate U""_cred and step 114-3 of continuing the verification process for the response message when U'_cred matches, and stopping the verification process for the response message when the computer system certificate U""_cred and U'_cred do not match. , Step 114-4 in which the computer system verifies the digital signature S'u using (mathematical formula) PKVer_PK_idma(S'u,U""_cred||H(U'_rl)) → True or False. And if the output value of step 114-4 is true, the computer system includes a step 114-5 of terminating the verification process for the digital signature S'u, and the digital signature S'u is (equation) Sign_SK_idma(U_cred||H(U_rl))', which is a digital signature generated for the (U_cred||H(U_rl))' using the secret key SK_idma of the management module, and the PKVer_PK_idma(S'u,U ""_cred||H(U'_rl)) is a function that verifies whether the public key PK_idma of the management module signed U""_cred||H(U'_rl) with the digital signature S'u, and the computer The system certificate U""_cred is information used in place of the computer system certificate U_cred to distinguish it from the computer system certificate U_cred when the computer system receives the computer system certificate U_cred generated by the management module, Computer system allocation information U'_rl is used instead of the computer system allocation information U_rl to distinguish it from the computer system allocation information U_rl when the computer system receives the computer system allocation information U_rl generated by the management module. Information, and the digital signature S'u is information used instead of the digital signature Su to distinguish it from the digital signature Su when the computer system receives the digital signature Su generated by the management module. Do it as

In addition, the 200th step is the 201st step in which the computer system prepares a hash value H2 for login, and the computer system prepares the transaction information Tx3 including the blockchain address Addr_u of the computer system and the hash value H2. 1 Step 202 of transmitting to a smart contract, the first smart contract records the address Addr_u and the hash value H'2 of the blockchain of the computer system in the blockchain, and sends the information to the management module and all nodes of the blockchain. In step 203, broadcasting the address Addr_u and the hash value H'2 of the blockchain of the computer system, the management module broadcasts the address Addr_u and the hash value H'2 of the blockchain of the computer system received from the first smart contract. Step 204 of storing in the local database, step 205 of the computer system calculating the digital signature S2 and encryption information R5, the computer system transmitting the encryption information R5 to the management module, and sending the encryption information R5 to the management module. Step 206 of requesting login to the cloud platform, step 207 of the management module performing a verification process for the encryption information R'5, and upon completion of the verification process for the encryption information R'5, the management module performs 'login' Step 208 of outputting the notification message Msg of 'success', wherein the management module transmits the notification message Msg, the hash value Hm, and the digital signature Se to the computer system to notify that the computer system has logged in to the cloud platform. Step 209 and step 210 where the computer system verifies the digital signature S'e, and the hash value H'2 is the hash value H2 generated by the computer system received by the first smart contract. In this case, it is information used instead of the hash value H2 to distinguish it from the hash value H2, and the encryption information R'5 is the encryption information R'5 when the management module receives the encryption information R5 generated by the computer system. It is information used in place of the encryption information R5 to distinguish it from the information R5, and the digital signature S'e is distinguished from the digital signature Se when the computer system receives the digital signature Se generated by the management module. It is characterized in that it is information used in place of the digital signature Se to do this.

In addition, the 201st step is a 201-1 step in which the computer system prepares the pwd, which is a hash value of the password pass of the computer system, using (mathematical formula) pwd=H(pass), and the computer system prepares the pwd, which is a hash value of the password pass of the computer system. Step 201-2 of preparing the R4 using (mathematical expression) R4=email||pwd||U_cred||t and the computer system using (mathematical expression) H2=H(R4) It includes a step 201-3 of preparing a hash value H2 of R4, where the pass is a password of the computer system, the email is an email address of the computer system, the U_cred is a computer system certificate, and the t is the current time. It is a stamp, and the R4 is characterized in that it is information that concatenates the email address of the computer system email, the password pwd of the computer system, the computer system certificate U_cred, and the current timestamp t.

In addition, step 205 is step 205-1 in which the computer system generates the digital signature S2 for the hash value H2 using the secret key SK_u of the computer system with (mathematical formula) S2 = Sign_SK_u(H2). Step and the computer system calculates the R5 by encrypting information concatenating the R4 and the digital signature S2 using the public key PK_idma of the management module with (mathematical formula) R5=E_PK_idma(R4||S2) It is characterized by including step 205-2.

In addition, in step 207, the management module decrypts the encryption information R'5 with the secret key SK_idma of the management module in (mathematical formula) D_SK_idma(R'5) → R'4||S'2, and generates R' 4 and step 207-1 of obtaining the digital signature S'2, step 207-2 of the management module checking whether computer system information is registered in the local database, and the management module receives the information received from the computer system. Step 207-3, which compares the computer system information and the computer system information stored in the local database to check whether they match, and if steps 207-2 and 207-3 are all true, the management module generates the encryption information. Step 207-4 of continuing the verification process for R'5, step 207-5 of the management module checking the computer system allocation information U_rl in the local database, if the computer system has access authority, In step 207-6, the management module calculates the hash value H""2 of the R'4 using (mathematical formula) H""2=H(R'4), where the management module calculates the hash value H""2 of the R'4. A system that checks whether the hash values H""2 and H'2 match by comparing the hash value H""2 calculated by and the hash value H'2 broadcast by the first smart contract. Step 207-7, when the hash values H""2 and H'2 match, the management module continues the verification process for the encryption information R'5, and the hash values H""2 and H'2 are If there is a mismatch, step 207-8 stops the verification process for the encryption information R'5 and the management module verifies PKVer_Addr_u using (mathematical formula) PKVer_Addr_u(S'2,H""2) → True or False. Step 207-9 of inputting the digital signature S'2 and the hash value H""2 into a function, and the computer system information includes an email address of the computer system, a password of the computer system pass, and a computer system certificate U_cred. It is information containing, and the PKVer_Addr_u(S'2,H""2) is a function that verifies whether the address Addr_u of the blockchain of the computer system signed the hash value H""2 with the digital signature S'2. It is characterized by

In addition, step 209 is a step 209-1 in which the management module prepares a hash value Hm of the notification message Msg using (mathematical expression) Hm=H(Msg), and the management module prepares a hash value Hm of the notification message Msg using (mathematical expression) Se =Sign_SK_idma(Hm), comprising a step 209-2 of generating the digital signature Se for the hash value Hm using the secret key SK_idma of the management module.

In addition, in step 210, the computer system inputs the digital signature S'e and the hash value H'm into the PKVer_PK_idma function using (mathematical formula) PKVer_PK_idma(S'e,H'm) → True or False. It includes step 210-1, wherein the PKVer_PK_idma(S'e, H'm) is a function that verifies whether the public key PK_idma of the management module has signed the hash value H'm with the digital signature S'e. , The hash value H'm is characterized in that when the computer system receives the hash value Hm generated by the management module, it is information used instead of the hash value Hm to distinguish it from the hash value Hm. .

The registration and login method of a computer system for a cloud-based artificial intelligence system according to the present invention integrates an architecture based on blockchain and smart contracts to strengthen the integrity of the machine learning pipeline of the cloud-based artificial intelligence system. There is a possible effect.

In addition, the method of registering and logging in to a computer system for a cloud-based artificial intelligence system according to the present invention has the effect of preventing an attacker from intruding into a cloud-based artificial intelligence system by impersonating an actual computer system.

In addition, the method of registering and logging in to a computer system for a cloud-based artificial intelligence system according to the present invention is effective in tracking integrity and preventing data manipulation.

Figure 1 is a configuration diagram of a cloud-based artificial intelligence system according to the present invention.
Figure 2 is a flowchart of a computer system registration and login method for a cloud-based artificial intelligence system according to the present invention.
FIG. 3 is a flowchart of steps S101 to S107 in the step of registering the computer system shown in FIG. 2 to the cloud platform.
FIG. 4 is a flow chart for steps S108 to S114 in the step of registering the computer system shown in FIG. 2 to the cloud platform.
FIG. 5 is a flowchart of step S101 in which the computer system shown in FIG. 3 prepares hash value H1.
FIG. 6 is a flow chart for step S106 in which the computer system shown in FIG. 3 calculates S1 and R2.
FIG. 7 is a flow chart for step S107 in which the computer system shown in FIG. 3 performs a verification process for R'2.
FIG. 8 is a flowchart of step S109 in which the management module shown in FIG. 4 prepares U_cred from R'1, U_rl.
FIG. 9 is a flowchart of step S113 in which the management module shown in FIG. 4 generates a response message including U_cred, U_rl, and Su.
FIG. 10 is a flowchart of step S114 in which the computer system shown in FIG. 4 verifies the response message.
FIG. 11 is a flowchart of steps S201 to S205 in step S200 in which the computer system shown in FIG. 2 logs into the cloud platform.
FIG. 12 is a flow chart for steps S206 to S210 in step S200 in which the computer system shown in FIG. 2 logs into the cloud platform.
FIG. 13 is a flowchart of step S201 in which the computer system shown in FIG. 11 prepares hash value H2.
FIG. 14 is a flow chart for step S205 in which the computer system shown in FIG. 11 calculates S2 and R5.
FIG. 15 is a flowchart of step S207 in which the management module shown in FIG. 12 performs a verification process for R'5.
FIG. 16 is a flowchart of step S209 in which the management module shown in FIG. 12 transmits Msg, Hm, and Se to the computer system.
FIG. 17 is a flowchart of step S210 in which the computer system shown in FIG. 12 verifies the digital signature S'e.

Hereinafter, in order to explain the present invention in detail so that a person skilled in the art can easily implement the technical idea of the present invention, embodiments of the present invention will be described with reference to the accompanying drawings.

However, the following example is only an example to aid understanding of the present invention, and the scope of the present invention is not reduced or limited thereby. Additionally, the present invention may be implemented in many different forms and is not limited to the embodiments described herein.

First, the notation used in the computer system registration and login method for the cloud-based artificial intelligence system according to the present invention will be described.

First, Addr_x is the blockchain address of x.

And, X||Y is the concatenation of X and Y.

And, SK_x and PK_x are the private key and public key of x, respectively.

And, Sign_SK_x(Y) is a function that creates a digital signature for Y using the secret key (SK_x) of x.

And, PKVer_Addr_x(M,N) is a function that verifies whether x's blockchain address Addr_x signed data N with digital signature M. At this time, PKVer_Addr_x(M,N) outputs true if Addrx, the blockchain address of x, signed data N with digital signature M; otherwise, it outputs false.

And, E_PK_x(Y) is a function that asymmetrically encrypts data Y using the public key PK_x of x.

And, D_SK_x(Y) is a function that asymmetrically decrypts data Y using x's secret key SK_x.

And, H(Y) is a function that generates a hash value of data Y.

And, SC_z is a smart contract for module z.

And, JWTVer(O, SK_x) is a function that verifies the access token O using x's secret key SK_x.

Figure 1 is a configuration diagram of a cloud-based artificial intelligence system according to the present invention.

Referring to Figure 1, the cloud-based artificial intelligence system according to the present invention is comprised of a computer system, a smart contract, and a cloud platform.

First, the computer system calls the cloud's API to the cloud platform to use artificial intelligence services on the client side.

Then, the computer system uploads the machine learning dataset in a secure environment and trains the machine learning system on the cloud platform.

Additionally, smart contracts reside in the blockchain network and serve as a trustworthy service level contract so that computer systems and cloud platforms can trust each other.

And, the cloud platform provides multiple services to computer systems.

Referring to Figure 1, the cloud platform is comprised of a management module, an API gateway, an integrity module, a logging/monitoring unit, and a storage management unit.

First, the management module (IDMA Module, Identity Management and Access Control Module) manages the registration and login process of the computer system. At this time, each computer system is given the role of limiting its own activities and preventing arbitrary actions.

Additionally, the management module provides a computer system certificate (U_cred, User Credential) to the computer system. At this time, the computer system certificate is used as a token to authenticate the computer system. The computer system can use the computer system certificate for computer system authentication when logging into the cloud platform.

Additionally, the management module cooperates with the smart contract to verify information transmitted and received between the management module and the smart contract.

Additionally, the API (Application Programming Interface) gateway processes API requests from computer systems that wish to use cloud services. Additionally, the API gateway provides a token to the computer system before the computer system uses the cloud service.

Additionally, the API gateway cooperates with the smart contract to record the computer system's request for an API token and the value of the API token. Both computer systems and cloud platforms can verify the legitimacy of tokens for smart contracts.

Additionally, the Integrity Module (IM) uses blockchain to maintain the integrity of the learning model and learning data.

Therefore, the computer system and the cloud platform can each verify the integrity of the training data for the smart contract.

And, the logging/monitoring unit records data flow and computer system activity. Additionally, the logging/monitoring unit monitors the cloud platform and raises an alarm for malicious actions.

Additionally, the storage management unit manages the backup data process of the system. Specifically, the storage management unit encrypts and stores backup data to ensure confidentiality of the backup data.

Meanwhile, the cloud-based artificial intelligence system according to the present invention further includes a local storage where the computer system can store data and a local database where the management module can store data.

Next, methods for registering and logging in to a computer system for a cloud-based artificial intelligence system according to the present invention will be described.

Figure 2 is a flowchart of a computer system registration and login method for a cloud-based artificial intelligence system according to the present invention.

Referring to Figure 2, the method of registering and logging in to a computer system for a cloud-based artificial intelligence system according to the present invention includes the steps of registering the computer system to the cloud platform (S100) and logging in the computer system to the cloud platform (S200). ) It is composed of steps.

First, the step (S100) in which the computer system registers with the cloud platform will be described.

FIG. 3 is a flow chart for steps S101 to S107 in the step of registering the computer system shown in FIG. 2 to the cloud platform, and FIG. 4 is a flowchart of steps S108 to S114 in the step to register the computer system shown in FIG. 2 to the cloud platform. This is the flow chart.

Referring to FIGS. 3 and 4, the computer system prepares a hash value H1 for the computer system (S101).

FIG. 5 is a flowchart of step S101 in which the computer system shown in FIG. 3 prepares hash value H1.

Referring to Figure 5, the computer system prepares R1 using (mathematical formula) R1=Addr_u||name||H(pass)||email||t (S101-1)

Here, Addr_u is the blockchain address of the computer system, name is the name of the computer system, pass is the password of the computer system, H(pass) is the hash value of pass, email is the email address of the computer system, and t is the email address of the computer system. This is the current timestamp.

And, R1 is information that concatenates the computer system's blockchain address Addr_u, the computer system's name name, H (pass), the computer system's email address email, and the current timestamp t.

After that, the computer system calculates the hash value H1 of R1 using (mathematical formula) H1=H(R1). (S101-2)

Afterwards, the computer system transmits registration request information Tx1, including the computer system's blockchain address Addr_u and hash value H1, to the first smart contract (S102).

Here, the first smart contract (SC_idma) is a smart contract for the management module.

After that, the first smart contract records the computer system's blockchain address Addr_u and hash value H'1 in the blockchain (S103).

Here, the hash value H'1 is information used instead of the hash value H1 to distinguish it from the hash value H1 when the first smart contract receives the hash value H1 generated by the computer system.

After that, the first smart contract transmits the computer system's blockchain address Addr_u and hash value H'1 to the management module and all nodes of the blockchain (S104).

Here, every node in the blockchain includes a computer system. Meanwhile, the reason why the first smart contract transmits the computer system's blockchain address Addr_u and hash value H'1 to the computer system is that the computer system's blockchain address Addr_u and hash value H'1 have been successfully stored in the blockchain. This is to notify the computer system.

Afterwards, the management module stores the blockchain address Addr_u and hash value H'1 of the computer system received from the first smart contract in the local database (S105).

Afterwards, the computer system calculates the digital signature S1 and encryption information R2 (S106).

FIG. 6 is a flow chart for step S106 in which the computer system shown in FIG. 3 calculates S1 and R2.

Referring to FIG. 6, the computer system generates a digital signature S1 for the hash value H1 using the secret key SK_u of the computer system with (mathematical formula) S1 = Sign_SK_u(H1) (S106-1).

Afterwards, the computer system encrypts the information concatenated between R1 and the digital signature S1 using the public key PK_idma of the management module using the equation (mathematical formula) R2=E_PK_idma(R1||S1) to calculate the encryption information R2. (S106-2)

After that, the management module performs a verification process for the encryption information R'2 (S107).

Here, the encryption information R'2 is information used instead of the encryption information R2 to distinguish it from the encryption information R2 when the management module receives the encryption information R2 generated by the computer system.

FIG. 7 is a flowchart of step S107 in which the computer system shown in FIG. 3 performs a verification process for encryption information R'2.

Referring to FIG. 7, the management module decrypts the encryption information R'2 using the secret key SK_idma of the management module in (mathematical formula) D_SK_idma(R'2) → R'1||S'1, and generates R'1 and acquire digital signature S'1. (S107-1)

Here, R'1 is information generated by the management module and is information used instead of R1 to distinguish it from R1 generated by the computer system. And, the digital signature S'1 is information generated by the management module, and is information used instead of the digital signature S1 to distinguish it from the digital signature S1 generated by the computer system.

After that, the management module calculates the hash value H"1 of R'1 using (mathematical formula) H"1=H(R'1). (S107-2)

Afterwards, the management module compares the hash value H"1 calculated in step S107-2 and the hash value H'1 broadcast by the first smart contract. (S107-3)

If the hash values H"1 and H'1 match, the management module continues the verification process for the encryption information R'2. However, if the hash values H"1 and H'1 do not match, the management module Stop the verification process for encryption information R'2. (S107-4)

Afterwards, the management module uses (mathematical formula) PKVer_Addr_u(S'1,H"1) → True or False to verify the signature, and inputs the digital signature S'1 and hash value H"1 into the PKVer_Addr_u function. .(S107-5)

Here, PKVer_Addr_u(S'1,H"1) is a function that verifies whether the blockchain address Addr_u of the computer system signed the hash value H"1 with the digital signature S'1.

Step S107-5 is used to prove that the sender of the encryption information R'2 for the management module matches the sender of the registration request information Tx1 for the first smart contract. Additionally, step S107-5 is used to prevent attackers from impersonating the computer system.

When the verification process for encryption information R'2 is completed, the management module sets computer system allocation information U_rl and stores R'1 and computer system allocation information U_rl in the local database (S108).

At this time, the computer system allocation information U_rl is composed of the role, scope, and access information of the computer system. And, the computer system allocation information U_rl refers to the authority of the computer system to prevent the computer system from acting arbitrarily on the cloud platform.

Afterwards, the management module prepares a computer system certificate U_cred from R'1 and computer system allocation information U_rl (S109).

FIG. 8 is a flowchart of step S109 in which the management module shown in FIG. 4 prepares U_cred from R'1 and U_rl.

Referring to FIG. 8, the management module calculates R3 using (mathematical formula) R3=R'1||U_rl (S109-1)

Here, R'1||U_rl is information that concatenates R'1 and computer system allocation information U_rl.

After that, the management module calculates the hash value U_cred of R3 using (mathematical formula) U_cred=H(R3). (S109-2)

After that, the management module stores the computer system certificate U_cred in the local database (S109-3).

Afterwards, the management module transmits transaction information Tx2, including the computer system's blockchain address Addr_u and computer system allocation information U_cred, to the first smart contract (S110).

After that, the first smart contract stores the blockchain address Addr_u and the computer system certificate U'_cred received from the management module in the blockchain, and sends the blockchain address Addr_u and the computer system certificate to the management module and all nodes of the blockchain. Broadcast the certificate U'_cred (S111)

Here, the computer system certificate U'_cred is information used instead of the computer system certificate U_cred to distinguish it from the computer system certificate U_cred when the first smart contract receives the computer system certificate U_cred generated by the management module.

Afterwards, the computer system stores the blockchain address Addr_u and the computer system certificate U'_cred of the computer system broadcast by the first smart contract in local storage (S112).

And, the management module receives the blockchain address Addr_u and the computer system certificate U'_cred of the computer system broadcast by the first smart contract. This means that the computer system certificate U_cred has been successfully stored in the blockchain.

Afterwards, the management module generates a response message containing the computer system certificate U_cred, computer system allocation information U_rl, and digital signature Su (S113).

FIG. 9 is a flowchart of step S113 in which the management module shown in FIG. 4 generates a response message including U_cred, U_rl, and Su.

Referring to Figure 9, the management module generates a digital signature Su for U_cred||H(U_rl) using the secret key SK_idma of the management module with (mathematical formula) Su=Sign_SK_idma(U_cred||H(U_rl)). (S113-1)

Here, U_cred||H(U_rl) is information that concatenates the hash value of the computer system certificate U_cred and the computer system allocation information U_rl.

Afterwards, the management module transmits a response message containing the computer system certificate U_cred, computer system allocation information U_rl, and digital signature Su to the computer system, respectively (S113-2).

Afterwards, the computer system verifies the response message received from the management module (S114).

FIG. 10 is a flowchart of step S114 in which the computer system shown in FIG. 4 verifies the response message.

Referring to Figure 10, first, the computer system receives the computer system certificate U"_cred, computer system allocation information U'_rl, and digital signature S'u from the management module (S114-1).

Here, the computer system certificate U"_cred is information used instead of the computer system certificate U_cred to distinguish it from the computer system certificate U_cred when the computer system receives the computer system certificate U_cred generated by the management module.

In addition, the computer system allocation information U'_rl is information used instead of the computer system allocation information U_rl to distinguish it from the computer system allocation information U_rl when the computer system receives the computer system allocation information U_rl generated by the management module.

And, the digital signature S'u is information used instead of the digital signature Su to distinguish it from the digital signature Su when the computer system receives the digital signature Su created by the management module.

Then, the computer system compares the computer system certificate U"_cred transmitted from the management module and the computer system certificate U'_cred transmitted from the first smart contract. (S114-2)

Afterwards, the computer system continues the verification process for the response message when the computer system certificates U"_cred and U'_cred match, and the verification process for the response message when the computer system certificates U"_cred and U'_cred do not match. Stop (S114-3)

After that, the computer system verifies the digital signature S'u using (mathematical formula) PKVer_PK_idma(S'u,U"_cred||H(U'_rl)) → True or False. (S114-4)

Here, S'u is (mathematical formula) Sign_SK_idma(U_cred||H(U_rl))', which is a digital signature generated for (U_cred||H(U_rl))' using the secret key SK_idma of the management module.

And, PKVer_PK_idma(S'u,U"_cred||H(U'_rl)) is a function that verifies whether the public key PK_idma of the management module signed U"_cred||H(U'_rl) with S'u. .

Afterwards, if the output value of step S114-4 is true, the computer system ends verification of the digital signature S'u (S114-5).

If the output value of step S114-4 is true, it can be known that the actual sender of the computer system certificate U"_cred is the management module.

Therefore, the computer system can use the computer system certificate U'_cred received from the first smart contract. Additionally, the computer system can log into the cloud platform using the computer system certificate U'_cred.

After the computer system registers on the cloud platform, it can own the computer system certificate U_cred stored in local storage. Therefore, the computer system can use the computer system certificate U_cred when logging into the cloud platform.

Next, the step (S200) of logging in the computer system to the cloud platform will be described.

FIG. 11 is a flowchart of steps S201 to S205 in step S200 when the computer system shown in FIG. 2 logs into the cloud platform, and FIG. 12 is a flowchart of steps S206 to S210 in step S200 where the computer system shown in FIG. 2 logs in to the cloud platform. This is a flowchart of the steps.

Referring to FIGS. 11 and 12, the computer system prepares hash value H2 for login (S201).

FIG. 13 is a flowchart of step S201 in which the computer system shown in FIG. 11 prepares hash value H2.

Referring to FIG. 13, the computer system prepares pwd, which is the hash value of pass, using (mathematical formula) pwd=H(pass) (S201-1).

Here, pass is the computer system password, and pwd is the hash value of the computer system password pass.

After that, the computer system prepares R4 using (mathematical formula) R4=email||pwd||U_cred||t (S201-2)

Here, email is the email address of the computer system, U_cred is the computer system certificate, and t is the current timestamp. And, R4 is information that concatenates the computer system's email address email, the computer system's password hash value pwd, the computer system certificate U_cred, and the current timestamp t.

After that, the computer system prepares the hash value H2 of R4 using (mathematical formula) H2=H(R4). (S201-3)

Afterwards, the computer system transmits transaction information Tx3, including the computer system's blockchain address Addr_u and the hash value H2, to the first smart contract (S202).

After that, the first smart contract records the computer system's blockchain address Addr_u and hash value H'2 on the blockchain. And, the first smart contract broadcasts the computer system's blockchain address Addr_u and hash value H'2 to the management module and all nodes of the blockchain. (S203)

Here, the hash value H'2 is information used instead of H2 to distinguish it from H2 when the first smart contract receives the hash value H2 generated by the computer system.

Afterwards, the management module stores the blockchain address Addr_u and hash value H'2 of the computer system received from the first smart contract in the local database (S204).

Here, every node in the blockchain includes a computer system. Meanwhile, the reason why the first smart contract transmits the computer system's blockchain address Addr_u and hash value H'2 to the computer system is that the computer system's blockchain address Addr_u and hash value H'2 have been successfully stored in the blockchain. It is intended to notify the computer system.

Afterwards, the computer system calculates the digital signature S2 and encryption information R5 (S205).

FIG. 14 is a flow chart for step S205 in which the computer system shown in FIG. 11 calculates S2 and R5.

Referring to FIG. 14, the computer system generates a digital signature S2 for the hash value H2 using the secret key SK_u of the computer system with (mathematical formula) S2 = Sign_SK_u(H2) (S205-1).

Afterwards, the computer system uses the public key PK_idma of the management module as (mathematical formula) R5=E_PK_idma(R4||S2) to encrypt the information concatenated with R4 and the digital signature S2, and calculates the encryption information R5. (S205-2)

Afterwards, the computer system transmits encryption information R5 to the management module and requests login to the cloud platform through the management module (S206).

After that, the management module starts the verification process for encryption information R'5 (S207).

Here, the encryption information R'5 is encryption information used instead of the encryption information R5 to distinguish it from the encryption information R5 when the management module receives the encryption information R5 generated by the computer system.

FIG. 15 is a flowchart of step S207 in which the management module shown in FIG. 12 performs a verification process for encryption information R'5.

Referring to FIG. 15, the management module decrypts the encryption information R'5 using the secret key SK_idma of the management module in D_SK_idma(R'5) → R'4||S'2, and generates R'4 and digital signature S. 'Acquire 2. (S207-1)

Here, R'4 is information generated by the management module and is information used instead of R4 to distinguish it from R4 generated by the computer system.

And, the digital signature S'2 is information generated by the management module, and is information used instead of the digital signature S2 to distinguish it from the digital signature S2 generated by the computer system.

After that, the management module checks the following two conditions.

First, the management module checks whether computer system information is registered in the local database (S207-2).

Here, the computer system information is information including the computer system's email address email, the computer system's password pass, and the computer system certificate U_cred.

Afterwards, the management module compares the computer system information received from the computer system and the computer system information stored in the local database to check whether they match (S207-3).

If either of the above two conditions is false, the management module rejects the computer system's login request. However, if both of the above two conditions are true, the management module continues the verification process for encryption information R'5 (S207-4).

Afterwards, the management module checks the computer system allocation information U_rl in the local database (S207-5).

If the computer system has access rights, the management module calculates the hash value H"2 of R'4 using (mathematical formula) H"2=H(R'4). (S207-6)

After that, the management module compares the hash value H"2 calculated by the management module and the hash value H'2 broadcast by the first smart contract to determine whether the hash values H"2 and H'2 match. Check (S207-7)

If the hash values H"2 and H'2 match, the management module continues the verification process for the encryption information R'5. If the hash values H"2 and H'2 do not match, the management module continues the verification process for the encryption information R'5. Stop the verification process for R'5. (S207-8)

Afterwards, to verify the signature, the management module uses (mathematical formula) PKVer_Addr_u(S'2,H"2) → True or False and inputs the digital signature S'2 and hash value H"2 into the PKVer_Addr_u function. (S207-9)

Here, PKVer_Addr_u(S'2,H"2) is a function that verifies whether the computer system's blockchain address Addr_u signed the hash value H"2 with the digital signature S'2.

Step S207-9 is used to prove that the sender of R'5 for the management module and the sender of transaction information Tx3 for the first smart contract match. Additionally, step S207-9 is used to prevent an attacker from impersonating a computer system.

When the verification process for encryption information R'5 is completed, the management module outputs the notification message Msg saying 'Login successful' (S208).

Afterwards, the management module transmits a notification message Msg, a hash value Hm, and a digital signature Se to the computer system to notify that the computer system has successfully logged in to the cloud platform (S209).

FIG. 16 is a flowchart of step S209 in which the management module shown in FIG. 12 transmits Msg, Hm, and Se to the computer system.

Referring to Figure 16, the management module prepares the hash value Hm of the notification message Msg using (mathematical formula) Hm=H(Msg) (S209-1).

After that, the management module generates a digital signature Se for the hash value Hm using the secret key SK_idma of the management module with (mathematical formula) Se = Sign_SK_idma(Hm) (S209-2).

Afterwards, the computer system verifies the digital signature S'e (S210).

Here, the digital signature S'e is information used instead of the digital signature Se to distinguish it from the digital signature Se when the computer system receives the digital signature Se generated by the management module.

FIG. 17 is a flowchart of step S210 in which the computer system shown in FIG. 12 verifies the digital signature S'e.

Referring to FIG. 17, the computer system inputs the digital signature S'e and hash value H'm into the PKVer_PK_idma function using (mathematical formula) PKVer_PK_idma(S'e,H'm) → True or False. ( S210-1)

Here, PKVer_PK_idma(S'e,H'm) is a function that verifies whether the public key PK_idma of the management module signed the hash value H'm with the digital signature S'e.

And, the hash value H'm is information used instead of the hash value Hm to distinguish it from the hash value Hm when the computer system receives the hash value Hm generated by the management module.

The registration and login method of a computer system for a cloud-based artificial intelligence system according to the present invention integrates an architecture based on blockchain and smart contracts to strengthen the integrity of the machine learning pipeline of the cloud-based artificial intelligence system. There is a possible effect.

In addition, the method of registering and logging in to a computer system for a cloud-based artificial intelligence system according to the present invention has the effect of preventing an attacker from intruding into a cloud-based artificial intelligence system by impersonating an actual computer system.

In addition, the method of registering and logging in to a computer system for a cloud-based artificial intelligence system according to the present invention is effective in tracking integrity and preventing data manipulation.

As described above, the main technical idea of the present invention is to provide a method for registering and logging in to a computer system for a cloud-based artificial intelligence system according to the present invention, and the embodiment described above with reference to the drawings is only one implementation. This is only an example, and the true scope of rights of the present invention is based on the patent claims, but also extends to various equivalent embodiments that may exist.

100: Method of registering and logging in to a computer system for a cloud-based artificial intelligence system

Claims (13)

Step 100, where the computer system registers with the cloud platform; and
In step 200, the computer system logs into the cloud platform;
The 100th step is
Step 101, the computer system prepares a hash value H1;
Step 102, where the computer system transmits registration request information Tx1 including the blockchain address Addr_u of the computer system and the hash value H1 to the first smart contract;
Step 103, where the first smart contract records the blockchain address Addr_u and the hash value H'1 of the computer system in the blockchain;
Step 104, where the first smart contract transmits the blockchain address Addr_u and the hash value H'1 of the computer system to the management module and all nodes of the blockchain;
Step 105, where the management module stores the blockchain address Addr_u and the hash value H'1 of the computer system received from the first smart contract in a local database;
Step 106, where the computer system calculates digital signature S1 and encryption information R2;
Step 107, wherein the management module performs a verification process for encryption information R'2;
Step 108, upon completion of the verification process for the encryption information R'2, the management module sets computer system allocation information U_rl and stores R'1 and the computer system allocation information U_rl in the local database;
Step 109, wherein the management module prepares a computer system certificate U_cred from the R'1 and computer system allocation information U_rl;
Step 110, wherein the management module transmits transaction information Tx2 including the blockchain address Addr_u of the computer system and the computer system certificate U_cred to the first smart contract;
The first smart contract stores the blockchain address Addr_u and the computer system certificate U'_cred of the computer system in the blockchain, and sends the blockchain address Addr_u and the computer system certificate to the management module and all nodes of the blockchain. Step 111, broadcasting certificate U'_cred;
Step 112, wherein the computer system stores the blockchain address Addr_u and the computer system certificate U'_cred of the computer system broadcast by the first smart contract in local storage;
Step 113, wherein the management module generates a response message including the computer system certificate U_cred, computer system allocation information U_rl, and digital signature Su; and
Including a step 114 in which the computer system verifies the response message received from the management module,
The hash value H'1 is information used instead of the hash value H1 to distinguish it from the hash value H1 when the first smart contract receives the hash value H1 generated by the computer system,
The encryption information R'2 is information used instead of the encryption information R2 to distinguish it from the encryption information R2 when the management module receives the encryption information R2 generated by the computer system,
The computer system certificate U'_cred is information used instead of the computer system certificate U_cred to distinguish it from the computer system certificate U_cred when the first smart contract receives the computer system certificate U_cred generated by the management module. Method for registering and logging in to a computer system for a cloud-based artificial intelligence system, characterized in that: According to clause 1,
The 101st step is
Step 101-1 in which the computer system prepares R1 using (mathematical formula) R1=Addr_u||name||H(pass)||email||t; and
A step 101-2 in which the computer system prepares a hash value H1 of R1 using the equation H1=H(R1),
The name is the name of the computer system, the pass is the password of the computer system, the H (pass) is a hash value of the password pass of the computer system, the email is the email address of the computer system, and the t is the current password. A computer system registration and login method for a cloud-based artificial intelligence system characterized by a timestamp. According to clause 1,
The 106th step is
Step 106-1 in which the computer system generates the digital signature S1 for the hash value H1 using the secret key SK_u of the computer system with (mathematical formula) S1=Sign_SK_u(H1); and
The computer system calculates the encryption information R2 by encrypting the information concatenated between the R1 and the digital signature S1 using the public key PK_idma of the management module as (mathematical formula) R2=E_PK_idma(R1||S1). A computer system registration and login method for a cloud-based artificial intelligence system, comprising step 106-2. According to clause 1,
The 107th step is
The management module decrypts the encryption information R'2 with the secret key SK_idma of the management module in (mathematical formula) D_SK_idma(R'2) → R'1||S'1, and generates the R'1 and digital signature S. 'Step 107-1 to obtain 1;
Step 107-2 in which the management module calculates the hash value H"1 of R'1 using (mathematical formula) H"1=H(R'1);
The management module compares the hash value H"1 calculated in step 107-2 and the hash value H'1 broadcast by the first smart contract, and generates the hash values H"1 and H'1. Step 107-3 to check whether there is a match;
When the hash values H"1 and H'1 match, the management module continues the verification process for the encryption information R'2, and when the hash values H"1 and H'1 do not match, the encryption information R 'Step 107-4, which suspends the verification process for 2; and
Step 107-5 in which the management module inputs the digital signature S'1 and the hash value H"1 into the PKVer_Addr_u function using (mathematical formula) PKVer_Addr_u(S'1,H"1) → True or False. Contains :,
The PKVer_Addr_u(S'1,H"1) is a cloud-based artificial intelligence, characterized in that it is a function that verifies whether the address Addr_u of the blockchain of the computer system signed the hash value H"1 with the digital signature S'1. Methods for registering and logging in computer systems to intelligent systems. According to clause 1,
The 109th step is
Step 109-1 in which the management module calculates the R3 by concatenating the R'1 and the computer system allocation information U_rl using (mathematical formula) R3=R'1||U_rl;
Step 109-2 in which the management module calculates the computer system certificate U_cred, which is a hash value of the R3, using (mathematical formula) U_cred=H(R3); and
Step 109-3, wherein the management module stores the computer system certificate U_cred in the local database. A computer system registration and login method for a cloud-based artificial intelligence system, comprising: According to clause 1,
The 113th step is
The management module generates the digital signature Su for the U_cred||H(U_rl) using the secret key SK_idma of the management module with (mathematical formula) Su=Sign_SK_idma(U_cred||H(U_rl)). 113-Step 1; and
A cloud-based artificial intelligence system comprising a step 113-2, wherein the management module transmits the response message including the computer system certificate U_cred, computer system allocation information U_rl, and digital signature Su to the computer system, respectively. Methods for registering and logging in computer systems to intelligent systems. According to clause 1,
The 114th step is
Step 114-1, in which the computer system receives a computer system certificate U"_cred, computer system allocation information U'_rl, and digital signature S'u from the management module;
Step 114-2 in which the computer system compares the computer system certificate U"_cred received from the management module with the computer system certificate U'_cred received from the first smart contract;
If the computer system certificate U"_cred and U'_cred match, the computer system continues the verification process for the response message, and if the computer system certificate U"_cred and U'_cred do not match, the computer system continues the verification process for the response message. Step 114-3, stopping the verification process;
Step 114-4 in which the computer system verifies the digital signature S'u using (mathematical formula) PKVer_PK_idma(S'u,U"_cred||H(U'_rl)) → True or False; and
A step 114-5 in which the computer system terminates the verification process for the digital signature S'u if the output value of step 114-4 is true,
The digital signature S'u is (mathematical formula) Sign_SK_idma(U_cred||H(U_rl))', a digital signature generated for (U_cred||H(U_rl))' using the secret key SK_idma of the management module. It is a signature,
The PKVer_PK_idma(S'u,U"_cred||H(U'_rl)) verifies whether the public key PK_idma of the management module signed U"_cred||H(U'_rl) with the digital signature S'u. It is a function that does,
The computer system certificate U"_cred is information used instead of the computer system certificate U_cred to distinguish it from the computer system certificate U_cred when the computer system receives the computer system certificate U_cred generated by the management module,
The computer system allocation information U'_rl is used instead of the computer system allocation information U_rl to distinguish it from the computer system allocation information U_rl when the computer system receives the computer system allocation information U_rl generated by the management module. This is information,
The digital signature S'u is information used instead of the digital signature Su to distinguish it from the digital signature Su when the computer system receives the digital signature Su generated by the management module. How to register and log in to a computer system for an artificial intelligence-based system. According to clause 1,
The 200th step is
Step 201, the computer system prepares a hash value H2 for login;
Step 202, wherein the computer system transmits transaction information Tx3 including the blockchain address Addr_u of the computer system and the hash value H2 to the first smart contract;
The first smart contract records the address Addr_u and the hash value H'2 of the blockchain of the computer system in the blockchain, and sends the address Addr_u and the hash of the blockchain of the computer system to the management module and all nodes of the blockchain. Step 203: broadcasting the value H'2;
Step 204, where the management module stores the address Addr_u and the hash value H'2 of the blockchain of the computer system received from the first smart contract in the local database;
Step 205, the computer system calculates a digital signature S2 and encryption information R5;
Step 206, where the computer system transmits the encryption information R5 to the management module and requests login to the cloud platform through the management module;
Step 207, wherein the management module performs a verification process for encryption information R'5;
Step 208, when the verification process for the encryption information R'5 is completed, the management module outputs a notification message Msg indicating 'login successful';
Step 209, wherein the management module transmits the notification message Msg, the hash value Hm, and the digital signature Se to the computer system to notify that the computer system has logged in to the cloud platform; and
Including a step 210 in which the computer system verifies the digital signature S'e,
The hash value H'2 is information used instead of the hash value H2 to distinguish it from the hash value H2 when the first smart contract receives the hash value H2 generated by the computer system,
The encryption information R'5 is information used instead of the encryption information R5 to distinguish it from the encryption information R5 when the management module receives the encryption information R5 generated by the computer system,
The digital signature S'e is information used instead of the digital signature Se to distinguish it from the digital signature Se when the computer system receives the digital signature Se generated by the management module. How to register and log in to a computer system for an artificial intelligence-based system. According to clause 8,
The 201st step is
Step 201-1 in which the computer system prepares the pwd, which is a hash value of the password pass of the computer system, using (mathematical formula) pwd=H(pass); and
Step 201-2 in which the computer system prepares R4 using (mathematical formula) R4=email||pwd||U_cred||t; and
Including a step 201-3 in which the computer system prepares a hash value H2 of the R4 using the equation H2=H(R4),
The pass is the password of the computer system, the email is the email address of the computer system, the U_cred is the computer system certificate, the t is the current timestamp, and the R4 is the email address of the computer system, email, the email address of the computer system. A computer system registration and login method for a cloud-based artificial intelligence system, characterized in that the information is a concatenation of password pwd, computer system certificate U_cred, and current timestamp t. According to clause 8,
The 205th step is
Step 205-1 in which the computer system generates the digital signature S2 for the hash value H2 using the secret key SK_u of the computer system with (mathematical formula) S2=Sign_SK_u(H2); and
205- where the computer system calculates the R5 by encrypting information concatenating the R4 and the digital signature S2 using the public key PK_idma of the management module as (mathematical formula) R5=E_PK_idma(R4||S2) A computer system registration and login method for a cloud-based artificial intelligence system comprising: step 2; According to clause 8,
The 207th step is
The management module decrypts the encryption information R'5 with the secret key SK_idma of the management module in (mathematical formula) D_SK_idma(R'5) → R'4||S'2, and generates R'4 and digital signature S'2. Step 207-1 to obtain;
Step 207-2 in which the management module checks whether computer system information is registered in the local database;
Step 207-3, wherein the management module compares computer system information received from the computer system and computer system information stored in the local database to check whether they match;
If both steps 207-2 and 207-3 are true, step 207-4 in which the management module continues the verification process for the encryption information R'5;
Step 207-5 in which the management module checks the computer system allocation information U_rl in the local database;
If the computer system has access rights, the management module calculates the hash value H"2 of R'4 using (mathematical formula) H"2=H(R'4). step;
The management module compares the hash value H"2 calculated by the management module and the hash value H'2 broadcast by the first smart contract, and the hash values H"2 and H'2 match. Step 207-7 to check whether;
When the hash values H"2 and H'2 match, the management module continues the verification process for the encryption information R'5, and when the hash values H"2 and H'2 do not match, the encryption information R Step 207-8 suspending the verification process for '5; and
Step 207-9, where the management module inputs the digital signature S'2 and the hash value H"2 into the PKVer_Addr_u function using (mathematical formula) PKVer_Addr_u(S'2,H"2) → True or False; Including,
The computer system information includes the computer system's email address email, the computer system's password pass, and the computer system certificate U_cred,
The PKVer_Addr_u(S'2,H"2) is a cloud-based artificial intelligence, characterized in that it is a function that verifies whether the address Addr_u of the blockchain of the computer system signed the hash value H"2 with the digital signature S'2. Methods for registering and logging in computer systems to intelligent systems. According to clause 8,
Step 209 above is
Step 209-1 in which the management module prepares a hash value Hm of the notification message Msg using (mathematical formula) Hm=H(Msg); and
A 209-2 step in which the management module generates the digital signature Se for the hash value Hm using the secret key SK_idma of the management module with (mathematical formula) Se = Sign_SK_idma(Hm). Method for registering and logging in to a computer system for a cloud-based artificial intelligence system. According to clause 8,
The 210th step is
Step 210-1, where the computer system inputs the digital signature S'e and the hash value H'm into the PKVer_PK_idma function using (mathematical formula) PKVer_PK_idma(S'e, H'm) → True or False; Including,
The PKVer_PK_idma(S'e,H'm) is a function that verifies whether the public key PK_idma of the management module signed the hash value H'm with the digital signature S'e,
The hash value H'm is information used instead of the hash value Hm to distinguish it from the hash value Hm when the computer system receives the hash value Hm generated by the management module. How to register and log in to a computer system for an artificial intelligence-based system.