KR20190142168A - The Method to protect and use Private Information utilizing Shared Nickname Identification - Google Patents

Abstract

The present invention relates to personal identification technology and personal information security technology in relation to non-facing transactions. According to an advisable embodiment, the present invention includes the following steps of: transmitting predetermined first payment approval request information including ′a payment amount and a predetermined shared nickname ID as seller identification information′ from a customer terminal owned by a predetermined seller to a service server of a specific PG which is a service provider; enabling a service server of the PG to store payment approval information including the payment amount and the shared nickname ID in an assumed name transaction DB; transmitting predetermined settlement request information including the shared nickname ID and ′a predetermined settlement amount calculated based on the payment amount′ to a personal information server; enabling the personal information server to search an anonymization DB for a personal information ID matched with the shared nickname ID, search a personal information DB for a general-purpose account number matched with the personal information ID, search a service provider DB for a settlement account number matched with the PG identification information, perform an operation for withdrawing the settlement amount from the settlement account number and perform an operation for depositing the settlement amount into the general-purpose account number; transmitting predetermined search request information including predetermined search item identification information from the service server to the personal information server; enabling the personal information server to extract ′data matched with both the shared nickname ID and the search item identification information′ from ′at least one of the personal information DB and the assumed name transaction DB′; and transmitting the extracted data to the service server as a reply to the search request information.

Description

The method to protect and use Private Information utilizing Shared Nickname Identification}

The present invention relates to personal identification technology and personal information security technology in non-face-to-face transactions.

Recently, social needs to foster the big data industry, artificial intelligence industry, and the Internet of Things business have gained consensus. These needs are based on the premise of effective access to personal information. There are inconveniences that conflict with the needs (hereinafter referred to as "conflict between privacy protection and personal information utilization").

In order to recognize such "conflicts between personal information protection and the use of personal information" and to settle the conflicting needs, the Financial Services Commission and the Ministry of Public Administration and Government have recently announced the "Privacy Guidelines" in the financial sector. In order to remove an individual from an identified DB by using a non-identifying action method recognized by the guidelines, the identifier or attribute of the individual is removed (hereinafter referred to as "non-identifying action"). One personal information was allowed to be provided only to those who are absolutely necessary for the purpose of using the data. In addition, as the above-mentioned non-identifying measures recognized, "anonymization method" in which an individual's identifier or attribute is replaced with another value that cannot be directly identified, and the identifier or attribute of each individual is converted into statistical values of grouped individuals. "Total processing method" to replace, "Data deletion method" to delete all or part of the identifier information, and "Data to replace the identifier or attribute information of each individual with the representative value or section value of the group containing the identifier or attribute information. Categorization methods "and" data masking methods "for replacing parts of data constituting identifiers or attributes with spaces or adding random noise to the data.

On the other hand, there is a growing number of startups that want to enter into businesses that utilize personal information, such as big data technology, artificial intelligence technology, or the Internet of Things business.In the case of small capital startups, personal information security including the above de-identification measures Inconvenient to invest in the construction of a system for implementing various methods required for the following (hereinafter referred to as "inconvenient personal information protection investment").

In order to solve the burden of personal information security investment, a method of storing and using customer information using a cloud server having the necessary system has been proposed. However, these methods are also in conflict with the privacy protection needs. Recently, the government's Financial Information Security Agency issued the "Guideline for Using Financial Services for Financial Services" and the supervisory authorities cited the above guidelines. The storage and processing of personal credit information is virtually prohibited. Therefore, in fact, personal information cannot be stored in the cloud server or analyzed using the cloud server.

An object of the present invention is to reduce the "conflict between the protection of personal information and the utilization of personal information" and "inconvenient burden of personal information protection investment".

One embodiment of a method for protecting and utilizing personal information using a shared alias ID according to a feature of the present invention for solving the technical problem is a service server of a specific PIG, which is a service company, in a predetermined seller-owned client terminal as 'seller identification information'. Transmitting predetermined first payment approval application information including predetermined sharing alias ID ', predetermined purchaser identification information, and predetermined payment amount; When the service server of the mouse receives the first payment approval application information, the server of the payment company matched with the buyer identification information sends the predetermined second payment approval application information including the buyer identification information and the payment amount. Transmitting; Upon receiving a predetermined second payment approval ID matched with the second payment approval application information from the server of the payment company, the predetermined first payment approval information is transmitted as a reply to the first payment approval application information, and a pseudonym transaction Storing predetermined payment approval information including the shared alias ID and the payment amount in a DB; When the service server receives the payment account number, 'payment company identification information as remittance identification information', and predetermined payment information including remittance amount and settlement target identification information from the system of the transaction bank of the mouse, the pseudonym transaction DB The 'payment amount and share alias ID' of each record matching the identification information is extracted, and the predetermined settlement application information including the 'predetermined settlement amount calculated using the settlement amount' and the share alias ID is stored in the personal information server. Transmitted to; When the settlement request information is received from the personal information server, an anonymous DB is searched for a personal information ID matched with the shared alias ID, a general account number matching the personal information ID is searched for in the personal information DB, and the service company DB is searched for. The settlement account number matching the pig identification information is retrieved, and the settlement amount is withdrawn from the settlement account number and the settlement amount is deposited in the universal account number. An operation of causing a name to be recorded; Storing the settlement account number as payer identification information, the general purpose account number as payee identification information, the settlement amount as remittance amount, and a timestamp for the remittance time in the rat real name transaction DB matched with the rat identification information; It includes.

In addition, when the service company needs the personal information stored in the personal information server, a predetermined search request including 'search condition matching predetermined search condition item identification information and a predetermined condition variable' and predetermined search item identification information Transmitting the information to the personal information server; When the search request information is received from the personal information server, the field identification information matching the search condition item identification information is extracted from the 'personal information DB and the real name transaction DB', and the 'field identification information is matched to the condition variable. Extracting matching data 'and extracting shared alias IDs matching the respective data; Extracting 'data matching both the search item identification information and the shared alias ID' from at least one of a personal information DB and a real name transaction DB; Transmitting the extracted data to the service server as a reply to the search request information by matching the matched and searched matching alias ID and search item identification information; It includes.

In the above embodiment, the service company Puzzi does not store personal information of the seller, which is a customer, on its own server, nor transmit or receive the personal information. Even if the transaction information of the seller is stored, since the information identifying the seller is an anonymous shared alias ID, it is not possible to know who the transaction information is. Therefore, even if a mouse establishes a mouse server using a cloud server, the cloud service may be used without storing or transmitting or transmitting an individual's unique identification information or personal credit information, which is prohibited in the Financial Services Guide. Electronic payment agency service for 'customer seller' becomes possible.

On the other hand, the personal information server is a server that already stores the unique identification information of the seller, such as the account number of the seller. For example, if the server is a system operated by a trading bank of a 'personal business registered seller', it is legal to store and process the 'personal identification information such as account number' and 'personal credit information such as payment authorization' of the seller. .

Therefore, according to the above embodiment, the rat can provide an electronic payment agent service for the anonymous seller without storing or transmitting 'unique identification information or personal credit information' of the seller who is the individual operator. That is, the "conflict inconsistency between personal information protection and personal information utilization" in the conventional payment method of collecting bills of mice is reduced.

In addition, it is possible to build their own server on the cloud server while complying with the 'financial cloud service usage guide', thereby reducing the "inconvenience of personal information protection investment".

1 is a block diagram of an apparatus for implementing a method of protecting and utilizing personal information using a shared alias ID according to an embodiment of the present invention.
2 is a preferred embodiment of a method for protecting and utilizing personal information using a shared alias ID of the present invention, in which a shared alias ID is shared between a personal information holder, a predetermined service company, and a 'customer to subscribe to the service company'; 1 is a view illustrating an embodiment.
3 is a preferred embodiment of a method for protecting and utilizing personal information using a shared alias ID of the present invention, in which a shared alias ID is shared between a personal information holder, a predetermined service company, and a 'customer to join the service company'; FIG. 1 is a view illustrating another embodiment.
4 is a preferred embodiment of the method for protecting and utilizing personal information using the shared alias ID of the present invention, in which a customer who registers a shared alias ID to an operator providing a predetermined service receives a predetermined service to receive the predetermined service. It is a figure explaining the operation of connecting to a server.
5 is a preferred embodiment of a method for protecting and utilizing personal information using a shared alias ID of the present invention, a service provider for providing an electronic payment agent service (hereinafter referred to as "pizu") of his service server (hereinafter referred to as "piju server) By using "", the customer who sets up a personal customer terminal and a separate customer terminal for the seller (hereinafter referred to as "seller terminal") and "the seller assigned a predetermined shared alias ID" (hereinafter referred to as "seller") Is a diagram illustrating an operation of providing an electronic payment agency service to the user.
6 is a preferred embodiment of a method for protecting and utilizing personal information using a shared alias ID of the present invention, a provider providing a remittance service (hereinafter referred to as a "transmitter company") is his service server (hereinafter referred to as "remittance server"). Is a diagram illustrating an operation of providing a remittance service to a customer who is a remitter (hereinafter referred to as a "remitter") who installs a dedicated app for transaction and registers a shared alias ID.
FIG. 7 is a diagram illustrating an operation of retrieving personal information of a specific customer from a service company in a preferred embodiment of the method for protecting and using personal information using the shared alias ID of the present invention.
8 is a view illustrating an operation of a service company inquiring and utilizing 'anonymous statistics' in a preferred embodiment of the method for protecting and using personal information using the shared alias ID of the present invention.
9 is a view illustrating an operation of exerting a movement right for a user's personal information stored in a personal information server in a preferred embodiment of the method for protecting and utilizing personal information using the shared alias ID of the present invention.
10 is a preferred embodiment of a method for protecting and utilizing personal information using a shared alias ID of the present invention, in order to conveniently exercise a movement right for a user's personal information stored in a plurality of personal information servers, the individual Operation of storing information centrally in a personal information management server is a diagram illustrating an embodiment.
Figure 11 is a preferred embodiment of the method of protecting and utilizing personal information using the shared alias ID of the present invention, an embodiment in which a customer receives a payment and exercises his / her right to move his personal information stored in a personal information management server. It is a figure explaining.
12 is a view for explaining an embodiment of an operation of purchasing target personal information stored in a personal information management server by a service server in a preferred embodiment of the method for protecting and utilizing personal information using the shared alias ID of the present invention.
13 is a simplified example of a combination DB exemplified in the specific operational steps illustrated herein.
14 and 19 are brief examples of the price DB exemplified in each operation step illustrated herein.
15 is a simplified example of the sellable information table illustrated in the specific operational steps illustrated herein.
16 is a simplified example of a customer terminal output illustrated at a particular operational step illustrated herein.
17 is a simplified example of a sales application table illustrated at a particular operational step illustrated herein.
18 is a simplified example of a combination DB exemplified in the specific operational steps illustrated herein.
20 is a simplified example of an offer table illustrated at a particular operational step illustrated herein.
21 is a simplified example of a purchase request table illustrated in a specific operational step illustrated herein.
22 and 23 are brief examples of the reply information list illustrated in each operation step illustrated in the present specification.

Hereinafter, the present invention will be described in detail through preferred embodiments described with reference to the accompanying drawings. Embodiments of the invention may be variously modified without departing from the spirit and scope of the invention. The detailed description below is not intended to limit the invention, and the terms used in the description are selected for readability or convenience of description.

In addition, the “personal credit information” referred to herein refers to information specified by relevant laws and regulations in order to control the outflow before third parties as necessary information when determining the individual's creditworthiness and the ability to trade credit. Names, addresses and telephones of individuals, as defined in Article 2 (1) of the Act on the Use and Protection of Credit Information, and Article 2 (1) and (2) of the Enforcement Decree of the Act, among the information on individuals held by the information holding institutions. Contact information such as numbers, unique identification information, domestic residence report number of overseas Koreans, gender, nationality, loans and guarantees and collateral provisions, current transactions, credit cards and installment financing, facility rentals and financial transactions Delays, defaults and counterpayments and payments, false and deceptive and other unlawful means arising in relation to commerce such as financial transactions, including types, periods, amounts and limits, etc. Matters concerning the amount and timing of occurrence and dissolution of a disorderly credit order, the total amount of occupation, property and debt and income, performance of taxes, judgments relating to adult guardianship, limited guardianship, and specific guardianship, and judgments relating to missing persons; Information relating to decisions related to auctions, including decisions regarding bankruptcy, immunity, lottery, registration and termination of defaults, determination of initiation of auctions, and decision to authorize auction; information on nonpayment of national taxes, local taxes, customs duties or national bonds; Information related to arrears, such as penalties, fines or penalties, information related to social insurance premiums, public charges or fees, information on the birth, death, immigration and absence of an individual, information on changes in resident registration number and name, credit of the credit reporting company Matters related to the information providing record, credit recovery of the credit information subject, re-identifiable information, etc. may be examples of the personal credit information.

In addition, the term “personal information” referred to herein refers to information held by a personal information holding institution, and refers to information that controls provision before third parties in related laws and regulations. "Information" and "personal credit information" may be one embodiment of personal information. However, the "shared alias ID" referred to in this specification, even if the regulation is provided in front of a third party in related laws, It is defined as not the personal information cited in.

In addition, the term “personal information holding institution” referred to herein refers to an institution that stores personal information about one or more individuals, and therefore, “personal information holding institution” as well as “personal information management institution” in the consultation cited herein. Also may be an embodiment of the "personal information holding institution".

In addition, the "personal information server" referred to in this specification means a system operated by the personal information holding institution for storing and retrieving personal information.

In addition, as used herein, the term “personal information ID” refers to identification information that a personal information holder has given to identify an individual with another person. Therefore, Bank A presents personal information to Bank A and opens an account. If the 'Hong Gil-dong' is assigned to 'requested deposit account number', the requested deposit account number may be an embodiment of the personal information ID of the present specification. If an e-mail address is registered, the e-mail address may be one embodiment of the personal information ID herein.

In addition, the "transaction ID" referred to herein refers to information given to identify a specific transaction and other transactions processed by one or more of the "personal information server, service server, customer terminal and seller terminal." Therefore, approval application identification information for identifying various approval application information, approval identification information for identifying various approval information, and the like may be an embodiment of the transaction ID.

In addition, the "payment company" referred to in the present specification is given a predetermined member identification information to its members, and when the fact that the member presented the member identification information to the seller for payment of the purchase price is proved by a predetermined method, Means a company that pays the purchase price of the member to the seller on behalf of the member, and provides a service for receiving the purchase price from the member in a predetermined manner. Thus, a company that issues one or more of a credit card, debit card, debit card, and prepaid payment means is an embodiment of a "payment company."

In addition, the "payment member" referred to in this specification means a person who has made a predetermined agreement with the payment company and received predetermined member identification information in order to receive the service provided by the "payment company".

In addition, the term "customer" referred to in the present specification means a person who has made a predetermined agreement with the service company on the method of using the service by using a service such as agreement of a condition to use a service provided by a specific service company.

In addition, the term "customer terminal" referred to herein refers to a communication device that the "customer" cited in the present specification is provided for using a service provided by a specific service company. A "seller terminal", which is a communication device provided by a specific seller to use a service as a customer of the PIG, may also be an embodiment of the customer terminal, except that the seller terminal is cited separately from other customer terminals. Reference is made to the reference numeral "400".

In addition, the “unique identification information” referred to in this specification means identification information assigned to uniquely distinguish individuals, and information specified by related laws and regulations in order to control a leak before a third party. Among the information on the individual possessed by them, the resident registration number, passport number, driver's license number, and alien registration number as set forth in Article 24 of the Personal Information Protection Act and Article 19 of the Enforcement Decree of the Act may be one embodiment of the unique identification information. have.

In addition, the term "public key" and "secret key" referred to in the present specification mean two pairs of keys, which are characterized by being able to decrypt information encrypted by one of the other with the other of the two. The key kept secretly by the owners of the two keys is called a "secret key", and a key that is disclosed to the outside is called a "public key."

In addition, the term "shared variable" referred to herein refers to information that can be equally calculated in each counterpart communication device communicating with each other using a predetermined network. Therefore, the service server and the customer terminal constitute an accurate timer. If present, the current time value calculated by each timer may be an embodiment of the shared variable.

In addition, the "shared alias ID" cited in the present specification is information for identifying the individual in a transaction with a specific transaction counterpart of a specific individual, and means information that is not personal information.

Therefore, Bank A presents the bank account number 1001 to Hong Gil-dong, which presented personal information including real name information to Bank A and opened an account, to identify the Hong-gil-dong to be used in transactions between Market B and Hong-gil. If a virtual account number 2011 is assigned as information to identify C remittance company and Hong Gil-dong, the virtual account number numbers are limited to 'between Hong Gil-dong and A bank and B market' and 'between Hong Gil-dong and A bank and C remittance company', respectively. It may be an embodiment of a shared alias ID for identifying the Hong Gil-dong only in a transaction in a range.

In addition, the "shared alias ID category" referred to in the present specification means a set of shared alias IDs that are collectively assigned to a service company by a personal information holder. If Bank A pre-assigns 1,000 shared alias IDs from 'BMK1000 to BMK1999' as a 'Private Alias ID' between BMarket and A Bank and BMarket Customers, as a personal information holder, The set of 10,000 shared alias IDs from -2012-0000 to 010-2012-9999 is an embodiment of the shared alias ID category.

In addition, the "master password" referred to in the present specification is any secret information that is not exposed to any server, stored on any storage device, and memorized by a customer, and used as a key when decrypting a user's secret information (for example, a password). Means information to use.

In addition, the "universal account number" as used herein refers to an account number other than "dedicated account number". Therefore, the account number of the conventional unsolicited bank account that can be used for a transfer transaction with an unspecified number of counterparts may be an embodiment of the "universal account number".

"Category definition", as used herein, also means a period defined by any minimum and maximum value.

In addition, the term "block" referred to herein means predetermined structured information including a block ID, a hash value of transaction data, and a digital signature of a transaction data creator. According to an additional aspect of the present invention, the block may further include a previous block ID.

In addition, the "block ID" referred to herein is information for identifying a specific block from other blocks. If the probability that the 'hash value of transaction data' included in each block overlaps with each other is extremely low, the 'hash value of transaction data' may be an embodiment of the block ID.

In addition, the term "distributed ledger" referred to herein refers to a storage unit for storing blocks generated in a specific block chain network in accordance with a predetermined structure.

In addition, the "usage code" referred to herein refers to information for identifying a record that a particular 'matched shared alias ID has been matched to a particular customer'. Therefore, the combined information of the date and time value in which the shared alias ID is matched to a specific customer becomes one embodiment of the use code.

In addition, the term "service contract" referred to herein refers to the record of the agreement between the individual and the service provider about how any individual uses a service provided by a service company other than the personal information holder. Therefore, if an individual accesses the service server of a specific service company and reads the terms of use of the service and checks the agreement box, the read terms become one embodiment of the service contract.

In addition, the term "service company" referred to herein is a subject that enters into a service contract with any individual and provides a service specified in the service contract, and refers to a subject that is not a personal information holding institution. Accordingly, a subject that enters into a service contract related to online shopping with a specific individual and provides a service for allowing the individual to shop online may be an embodiment of the service company.

In addition, as used herein, the term "attribute" refers to information related to an individual and information that may recognize a specific individual when combined with other information. Therefore, gender, age, nationality, address up to the county and district, postal code, military service, marital status, religion, hobby, identification information of the affiliated club, online site, member of the club, online site, Smoking status, drinking status, vegetarian status, interests, blood type, height, weight, waist circumference, blood pressure, eye color, disability type, disability grade, disease name, sickness code, medication code, medical history, tax payment amount, credit rating, income Income level identification information, such as quartiles, asset level identification information, and donations. Health insurance payments, medical benefits, school name, department name, grade, grade, education, career, occupation, occupation, job name, department name, job title, former job name, cookie information, access date, visit date, service usage record, access log, Internet access records, mobile phone usage records, store identifiers and purchase product category identification information, purchase records including one or more of the price and purchase date, GPS data, family information such as spouses, children, parents, and brothers, and legal representative information. May be one embodiment of the attribute.

In addition, the "identifier" cited in the present specification is a unique identification information, including the real name number, name, full address including the Gumi only, birthday, anniversary, certificate acquisition date, telephone number, medical record number, health insurance number, welfare recipient number , Account number, credit card number, license and license number, car number, registration number or serial number of various devices, photos, biometric information, e-mail address, IP address, Mac address, url, ID, employee number , Customer number, serial number, business registration number of individual business owner, and other unique identification number.

In addition, the "application information" referred to herein refers to information for applying for a predetermined operation. Therefore, the settlement request information, remittance request information, search request information, personal information movement request information and personal information sales request information cited in the present specification may be an embodiment of the application information.

In addition, the "real name number" referred to in this specification is information for identifying a specific person or corporation with another person or corporation, and means information given by a government agency in a manner that does not overlap with the "real name number" of another individual or corporation. . Therefore, the resident registration number, passport number, driver's license number, alien registration card number, corporation number, business number, etc. may be one embodiment of the real name number.

In addition, the term "app" referred to herein refers to an application program driven by the OS of the personal terminal, and a box for executing the application program is separately output to the output of the personal terminal.

In addition, the "exclusive account number" as used herein refers to the 'number of the account opened for use only for remittance transactions between a specific customer and a specific service company'. Therefore, the 'virtual account number opened only for the purpose of remitting the electricity bill of a specific individual to the Korea Electric Power Corporation' may be an embodiment of the dedicated account number.

In addition, the "available code", "consent required code" and "disabled code" cited in the present specification are 'information identifying information that can be provided without consent' and 'information identifying customer's consent for provision'. And 'information that identifies non-providable information' respectively.

In addition, the term "condition variable" referred to herein is a variable that matches specific search condition item identification information. When the condition variable matches the search condition item identification information, the search condition item identification information is added to the condition variable. Only requests information from the corresponding record. '

In addition, the "specified variable input field" referred to in the present specification means an input field for inputting one data.

In addition, the "previous block ID" referred to in the present specification is a transaction data matching the "hash value of the transaction data" included in the specific block and the transaction data matched to the "hash value of the transaction data" included in another specific block In a case where there is a causal relationship, a hash value of 'previous transaction data of the two transaction data' included in a block including a hash value of 'trailing transaction data of the two transaction data' to indicate the causal relationship. This means the block ID of the included block.

In addition, the term "timestamp" referred to herein refers to information including the date on which the operation occurred to identify a time point at which the specific information is received or transmitted by the specific server. Therefore, the information including the date and hour, minute and second where the operation occurred may be an embodiment of the time stamp.

In addition, the "statistic method identification information" referred to herein refers to information for identifying a method for calculating the statistics of the data corresponding to a specific search item included in the records extracted by a predetermined method. Accordingly, the sum, mean, median, mode, range of 90%, maximum, minimum, and the like may be examples of the statistical method identification information.

In addition, the term "communication device" referred to herein refers to a device connected to a predetermined communication network and capable of electronic communication with another communication device. Therefore, the personal information server, the service server, the customer terminal, the seller terminal, the payment server, the nodes, the nuclear power station server, and the personal information management server cited herein may be one embodiments of the communication device.

In addition, the "communication ID" referred to herein refers to identification information that is called to communicate electronically. Accordingly, a telephone number, an e-mail address, a messenger service ID, and the like may be embodiments of the communication ID.

In addition, the "seller terminal" referred to herein refers to a customer terminal provided by the seller 'customer of the predetermined service company' to communicate with the service server operated by the service company.

In addition, the term "piju" referred to herein refers to a service (hereinafter referred to as "e-payment service") that acts for receiving the payment from the payment company the seller sold to the 'payment member presenting the member identification information'. Means a company that has entered into a predetermined contract with a payment company for provision;

In addition, the "member identification information" referred to herein refers to unique identification information assigned to each member by the payment company to identify each member to receive their services. Therefore, credit card number, check card number, debit card number and prepaid payment step number, etc. may be one embodiment of the "member identification information".

In addition, the "OO box" referred to in the present specification is an area in which information meaning "OO" is displayed among the screen areas output to the output unit of the personal terminal of the present invention. It means an area configured to input information for selecting "OO box". Therefore, an icon area configured to input information for selecting an OO app, a menu area configured for inputting information for selecting "OO", a box area, a button area, etc. may be embodiments of the "OO box". Can be.

In addition, the "OO name" referred to in this specification means a name of a specific "OO", and it may be rare that the same "OO name" is given to a plurality of "OO". Abbreviations, aliases, trade names, etc. may be embodiments of the "OO name".

In addition, the "OO identification information" referred to herein refers to the information given to identify a specific "OO" and other "OO" of the same type, so that "OO name" and "OO identification code" is "OO identification" Information ".

In addition, the "OO identification code" referred to herein is a generic term that is not the "OO name" of "OO identification information".

In addition, the term "select OO" referred to in the present specification refers to the "OO" by an individual using an input unit to touch or click an area where "OO" is output among the regions output to the output unit. Therefore, touching the “OO” box on a specific screen of the smart phone may be an embodiment of “selecting an OO box”.

1 is a block diagram of an apparatus for implementing a method of protecting and utilizing personal information using a shared alias ID according to an embodiment of the present invention.

The personal information server 100 is a computer system operated by a personal information holding institution to store and manage personal information. The service server 200, the customer terminal 300, and the seller terminal 400 are provided through a predetermined communication network. Communicating with one or more of the nodes 600, the public power station server 700 and the personal information management server 800, personal information DB 110, anonymization DB 120 and real name transaction DB 130 and shared variable calculation unit 140, the inquiry reason DB 160, the service company DB 170, the node DB 180, and the block generator 190 are included as components.

The personal information DB 110 may store a real name number, a communication ID, a universal account number, a 'hashed password', and a communication key, matching the personal information ID. According to an additional aspect of the present invention, the personal information ID may match one of a real name number and a communication ID. According to another aspect of the present invention, the communication ID includes at least one of a telephone number, an e-mail address, a messenger account ID, and a residence address, wherein the communication key is a one-time communication key.

On the other hand, according to an additional aspect of the present invention, the personal information DB 110 is matched with the personal information ID, birthday, anniversary, specific certificate acquisition date, medical record number, health insurance number, welfare beneficiary number, various licenses and license numbers , Car number, photo, biometric information, Mac address, group number, sex, age, nationality, military service, marital status, religion, hobby category identification information, registered group identification information, registered online site identification information, the group or Member of the website, smoking, drinking, vegetarian, blood type, height, weight, waist circumference, blood pressure, eye color, disability type, disability level, disease name, sickness code, medication code, medical history, tax payment, credit Grade, income level identification information, asset level identification information, average monthly payment amount, average monthly remittance amount, average monthly payment amount, average monthly remittance amount, previous year's health insurance premium payment, medical payment status, graduation (or current) school name, Up (or served) hakgwamyeong, graduation grade, education, profession, occupation, employer, department, position, former employer, spouse information, child information, parent information, brethren information, at least one of the legal representatives More information can be saved.

The anonymization DB 120 stores one or more shared alias IDs by matching the personal information IDs. Each of the shared alias IDs is matched with a specific service ID code, and the shared alias IDs matched with a specific service ID code. No duplication is possible. According to an additional aspect of the present invention, overlapping is possible between shared alias IDs matched with different service IDs.

The real name transaction DB 130 may be configured with a lower level DB. In one embodiment, a step 1 for each real name transaction type, such as real name transaction DB (not shown), real name transaction DB (not shown), real name transaction DB (not shown), and real name transaction DB (not shown) of cryptocurrency exchanges. The sub-DB may be configured, and each sub-DB of the first-level sub-DB for each real name transaction type may be configured to have a second-stage sub-DB matched to each service ID code for the real-name transaction. In an embodiment, a real name realization transaction DB (not shown), which is one of the first level sub-DBs for each real name transaction type, may configure a second level sub-DB matched with each of the identification information information.

In the second sub-DB, one or more trading party identification information, transaction essential property information, transaction date and transaction time information may be stored by matching the transaction ID of each step.

According to an additional aspect of the present invention, the transaction essential attribute information includes cookie information, service usage record, access log, internet access record, mobile phone use record, store identifier and purchase product category identification information, purchase amount, GPS data, and the like. For example, the transaction date and the transaction time information may illustrate the connection date, visit time, purchase date and the like.

In the real name realization transaction DB (not shown) matched with the specific pig identification information, which is an embodiment of the second stage sub-DB, the specific settlement company identification information, the specific settlement company member identification information, and the settlement amount are matched as 'stage 1 transaction ID'. Second payment approval application ID 'and' Approval application date and approval application time information matched with the second payment approval application ID 'and' Second payment approval ID, second payment approval date and second payment as second-stage transaction ID ' Authorization time information ”may be stored, and the“ first payment approval ID and first payment approval date and first payment approval time information and first payment approval time information ”and“ 4th transaction date ”and“ 4 steps transaction ” The remittance time information as the time information, the payer identification information, the payee identification information, and the remittance amount may be stored.

In the real name transaction DB (not shown) matched to the specific remittance company identification information, which is an embodiment of the second stage sub-DB, the payer identification information, the recipient identification information, the remittance company identification information, the remittance fee, the remittance fee, remittance date and remittance time Information can be stored.

The shared variable calculation unit 140 outputs a predetermined shared variable. When the personal information server 100 communicates with the customer terminal 300, if a timer (not shown) for outputting a time value is configured in the customer terminal 300, a timer configured in the personal information server 100. May be an embodiment of the shared variable calculation unit 140.

One or more search item identification information may be stored in the search reason DB 160, and one or more search reason identification codes may be stored in a manner that matches each search item identification information, and the 'specific search item identification information and search reason identification' may be used. The open condition identification information is stored in accordance with the pair of codes.

According to an additional aspect of the present invention, the method of storing one or more search reason identification codes as a method of matching each search item identification information includes storing one or more specific statistical method identification information by matching each search item identification information. At least one inquiry reason identification code is stored by matching the 'pair of specific search item identification information and specific statistical method identification information', and the group of the 'specific search item identification information, statistical method identification information and inquiry reason identification code'. 'May be a method of storing the open condition identification information.

According to an additional aspect of the present invention, the search reason description information is stored in accordance with the search reason identification code.

The statistical method identification information may include "list", "number", "sum", "average", "median value", "mode", "minimum value", "maximum value", and the like. The information includes the identification information (hereinafter referred to as "unnecessary consent code") and the "identification information required to consent" (hereinafter referred to as "consent required code") and the "consent required". It is possible to exemplify the identification information (hereinafter referred to as "unavailable code") of the gist of 'impossible irrespective of'.

The service company DB 170 stores a service company name, a settlement account number, a communication ID, and a public key by matching the service company identification code.

According to an additional aspect of the present invention, a personal information management authority identification code may be stored as one of the service identification codes, and at least one of a telephone number and an address, an e-mail address, an IP address, and a messenger account ID as a communication ID. This can be stored.

The node DB 180 stores the access addresses of the nodes 600.

The block generation unit 190 generates predetermined transaction data, calculates a hash value of the transaction data, generates a predetermined block ID, and secrets a 'personal information holding institution that operates the personal information server 100'. Encrypting the hash value of the transaction data with a key to generate a digital signature of the personal information holding institution for the transaction data, retrieving the immediately preceding block ID, and searching for the immediately preceding block ID, the hash value of the transaction data, and the digital. A predetermined block header including a signature is generated, and a block of a song is generated by including the block header and the transaction data.

One embodiment of the transaction data is information including 'personal information holding institution identification information as sender identification information', 'predetermined communication ID as receiver identification information' and predetermined transmission target information.

The service server 200 is a computer system of a service company to which a service company customer needs to access in order to use a service provided by a service company. The personal information server 100, the customer terminal 300, and the seller terminal 400 through a predetermined network. Communication with one or more of the payment server 500 and the nodes 600 and the public power station server 700 and the personal information management server 800, the service company information DB 210 and the member DB 220 The DB 230, the shared variable calculator 240, the communication key generator 250, and the inquiry reason DB 260 are included as components.

The service company information DB 210 stores the service company's 'login ID and account identification information for accessing the personal information management server' and the communication ID of the service server 200, and the 'one or more personal information management institution identification information and one or more individuals'. Each public key may be stored by matching each of the information holding institution identification information.

The member DB 220 stores 'shared alias IDs with a personal information holding institution belonging to a shared alias ID category previously assigned by a personal information holding institution', and matches one or more of the respective shared alias IDs. A predetermined usage code, a "hashed password" and a communication key can be stored. According to an additional aspect of the present invention, the communication key is a one-time communication key.

The pseudonym transaction DB 230 is provided with the service company operating the service server 200 and the 'shared alias ID given to the customer who is a party of the transaction matched with the transaction ID' by matching a predetermined transaction ID to the customer. A summary of a service 'and a' date and time value at which the service is provided 'are stored.

According to an additional aspect of the present invention, each record of the pseudonym transaction DB 230 matches a specific shared alias ID and a payment amount, and stores a separate 'trade ID, service summary, date, and time value' for each service step. Can be.

According to an exemplary embodiment when the service server 200 is a server operated by a particular mouse, the first payment approval application ID and the second step are matched with a specific shared alias ID and a payment amount. The second payment approval application ID as the transaction ID, the second payment approval ID as the transaction ID in the third stage, the first payment approval ID as the transaction ID in the fourth stage, and the date at which one or more of the above steps were operated, and The time value can be stored as predetermined approval date information.

According to an embodiment when the service server 200 is a server operated by a specific remittance company, the matching alias ID and personal information holding institution identification information, the receipt identification information, the remittance fee and the remittance fee Settlement application date and remittance settlement application time information are stored

The shared variable calculating unit 240 outputs a predetermined shared variable. When the service server 200 communicates with the customer terminal 300, if a timer (not shown) configured to output a time value to the customer terminal 300, the timer configured in the service server 200 is It may be an embodiment of the shared variable calculation unit 240.

The communication key generation unit 250 randomly generates a one-time communication key by a known method. Using a function for calculating a random value such as "RN ()" may be an embodiment of the known method.

One or more inquiry reasons are stored in the inquiry reason DB 260, and an inquiry reason identification code is stored to match each inquiry reason.

The inquiry reason may be, for example, "confirmation of settlement error" and "provide product information".

The customer terminal 300 is a communication device provided by a customer to use a specific service provided by a specific service company, and communicates with at least one personal information server 100 and at least one service server 200 through a predetermined network. Anonymization app 310 is installed.

The anonymization app 310 is a predetermined application software that is operated by the operating software of the customer terminal 300, personal information DB 311 and anonymization DB 312, password generation unit 313 and shared variable calculation unit ( 314, the node DB 318, and the block generator 319 are included as components.

The personal information DB 311 includes at least one of a real name number of 'communication ID matched to the customer terminal 300' and 'a customer who is a valid owner of the customer terminal 300' and the 'encrypted secret key' of the customer. Stored.

The anonymization DB 312 includes a site identification information field, a site name field, an ID field, a password field, a connection address field, a communication key field, and a public key field.

When the service identification code is stored in the site identification information field, the service company name is stored in the site name field, and the service company and the personal information holding institution are located in the ID field matched with the site identification information. 300) The shared alias ID jointly assigned to identify the owner 'is stored, and in the communication key field, the anonymization app 310 configuring the service server 200 operated by the service company and the anonymization DB 312. 'Shared communication key is stored, the password field is stored in the' customer owns the customer terminal 300 'the password registered by the service company with the' master password of the customer 'is stored in the access address field The access address of the service server 200 is stored, and the public key of the service company is stored in the public key field.

On the other hand, when the personal information holding institution identification code is stored in the site identification information field, the personal information ID assigned by the personal information holding institution is stored in the ID field matched with the personal information holding institution identification information, and in the communication key field, The shared communication key is stored between the personal information server 100 operated by the personal information holding institution and the anonymization app 310 constituting the anonymization DB 312, and the customer terminal 300 is stored in the password field. Is stored by the customer owning the 'Password registered in the personal information holding institution with the master password of the customer', the access address of the personal information server 100 is stored in the access address field, The key field stores the public key of the personal information holding organization.

On the other hand, when the personal information management institution identification information is stored in the site identification information field, the ID field matched with the personal information management institution identification information is stored in the login ID assigned by the personal information management institution, and the communication key field is A communication key shared between the personal information management server 800 operated by the personal information management institution and the anonymization app 310 constituting the anonymization DB 312 is stored, and the customer terminal 300 is stored in the password field. ) Is stored by the customer owning the 'Password registered in the personal information management institution' master password of the customer 'is stored, the access address field of the personal information management server 800 is stored, The public key field stores the public key of the personal information management institution.

The password generation unit 313 randomly generates a password by a known method. To illustrate one known method, a predetermined algorithm for generating a random variable is used.

The shared variable calculation unit 314 outputs a predetermined shared variable. When the customer terminal 300 communicates with one or more of the personal information server 100, the service server 200 and the personal information management server 800, the 'personal information server 100 and the service server 200 and the individual If a timer (not shown) configured to output a time value is configured in one or more of the information management server 800, the timer configured in the customer terminal 300 may be an embodiment of the shared variable calculation unit 314. have.

The node DB 318 stores the connection addresses of the nodes 600.

According to an additional aspect of the present invention, the nodes 600 may be a limited number of master nodes selected and agreed upon by the private information holding institutions of the present invention, and the master nodes may use public trust and capital power among the personal information holding institutions. It consists of a personal information server 100 operated by some equipped, and a public information station server 700 operated by representative public power stations, and a personal information management server 800 operated by representative personal information management companies. The justification of the block can be determined.

The block generation unit 319 generates predetermined transaction data, calculates a hash value of the transaction data, generates a predetermined block ID, and hashes the 'transaction data' using a 'secret key input in a predetermined method'. Value 'is encrypted to generate a digital signature of the customer, and a predetermined block including the digital signature and the transaction data is generated.

According to an additional aspect of the present invention, the transaction data includes sender identification information of a predetermined form, receiver identification information of a predetermined form and transmission contents of a predetermined form.

The seller terminal 400 communicates with the service server 200 operated by the service company in order to request a specific service company to settle the Daejeon, which provides goods or services to a member of a predetermined payment company, and manages the information necessary for the settlement. In order to, as a kind of customer terminal 300 provided by the seller of the customer of the service company, the personal information server 100, the service server 200, the public power station server 700 and the personal information through a predetermined network It communicates with one or more of the management server 800, and includes anonymization DB 420 and payment DB 440 as a component.

The anonymization DB 420 may store one or more site identification information including specific mouse identification information, and may store a shared alias ID and a communication key by matching each site identification information.

The payment DB 440 may store payment company member identification information, payment amount, first payment approval ID, settlement completion date and settlement completion time information by matching the settlement approval application ID.

According to an additional aspect of the present invention, the payment company member identification information may be implemented as 'encrypted payment company member identification information'. According to an additional aspect of the additional aspect, the 'encrypted payment company member identification information' is a one-time payment company member identification information, and the encrypted payment company member identification information is encrypted every time the same payment company member identification information is encrypted. Are different from each other unless they coincide.

The payment server 500 is a computer system of a payment company, which includes a payment approval application ID, a specific payment company member identification information, and a payment amount in a 'method that can match the mouse identification information' from the service server 200. Upon receiving the predetermined second payment approval request information, it is determined whether to approve it by a known method, and when it is determined that it is the subject of approval, the predetermined second payment approval by 'a method that can match the received payment approval application ID'. Return the ID.

In the known method, a method of determining whether a balance matched with the member identification information is equal to or greater than the payment amount, and a bank or card company matched with the member identification information indicates an account number or card number matched with the member identification information. And a method of receiving approval for payment by transmitting a payment amount.

The nodes 600 are computing devices that receive blocks written in at least one of the personal information server 100, the service server 200, and the customer terminal 300, and include a distributed ledger 620 as a component.

According to an additional aspect of the present invention, one or more of the nodes 600 may serve as one or more of the personal information server 100, the public power station server 700, and the personal information management server 800.

According to another additional aspect of the present invention, the nodes 600 may be a limited number of master nodes selected in a predetermined method according to a Proof Of Share or other consensus algorithm in a blockchain network. According to another additional aspect of this aspect, the master nodes may determine whether or not to acknowledge the received blocks according to a majority vote between the mast nodes.

In the distributed ledger 620, blocks received by each node 600 are stored according to a predetermined structure. According to an additional aspect of the present invention, the received block includes 'an incomplete block in which the previous block ID is not cited' and 'complete block including the previous block ID'.

According to an additional aspect of the present invention, the completed block is composed of a predetermined block header and transaction data, and the block header includes a previous block ID and a root in which hash values of the respective transaction data are compressed into a Merkle tree structure. Hash value ', predetermined difficulty information, predetermined nonce and predetermined timestamp.

According to an additional aspect of the present invention, the completed block is designated as a block immediately preceding the block corresponding to the immediately preceding block ID and arranged as a block immediately after the previous block, and some of the information required for the completed block is insufficient. The block is determined as an incomplete block to search for or generate the insufficient information to form a completed block, and then arranged as described above.

The public power station server 700 is a computing device operated by an authorized electronic document repository, and through a predetermined network, a personal information server 100, a service server 200, a customer terminal 300, a seller terminal 400, and personal information management. It communicates with one or more of the servers 800 and includes a content verification DB 720 as a component.

The contents verification DB 720 stores the caller identification information, the caller identification information, and the 'information transmitted from the sender to the receiver' in accordance with a predetermined time stamp composed of a date and a time value of a communication relay time point.

The personal information management server 800 is a computing device operated by a personal information management institution. The personal information server 100, the service server 200, the customer terminal 300, the nodes 600 and the public power station through a predetermined network. Communicating with one or more of the server 700, combined with the customer information DB 810 and distributed ledger 820 and personal information holding agency DB 850 DB 860 and price DB 870 and node DB 880 Include as a component.

The customer information DB 810 constitutes a login ID field, a mapping anonymous ID field, a password field, a communication key field, a communication ID field, a public key field, and an account identification information field. Matched fields' and 'fields matched with each service identification code'. The password field stores the hashed password, and each of the 'fields matched with the personal information holding institution identification information' is 'the personal information holding institution corresponding to the personal information holding institution identification information' is the 'personal information management server'. A shared alias ID for identifying a 'customer matching the record' is stored in cooperation with the 'personal information management institution' which operates the 800, and the 'fields matched with the service ID codes' are stored in the 'service company'. A service alias corresponding to an identification code is stored in a shared alias ID for identifying a 'customer matching the record' in collaboration with the personal information management institution.

Meanwhile, according to another aspect of the present invention, in which each personal information holder trusts the personal information management organ, each of the 'fields matched with the personal information holder ID' includes 'the customer matching each record'. The personal information ID assigned by the personal information holding institution corresponding to the personal information holding institution identification information may be stored.

In the distributed ledger 820, 'received blocks verified in a predetermined method' are stored according to a predetermined scheme corresponding to the distributed ledger 820 configured in the nodes 600.

The personal information holding institution DB (850) includes a personal information holding institution name field, a personal information holding institution identification code field, an access address field, a public key field, and a search item identification for various search items that can be provided by the personal information holding institution. Search item identification information fields matching 'information'.

In each search item identification information field matched with a specific personal information holding institution identification code stored in the personal information holding institution identification code field, the personal information holding institution corresponding to the personal information holding institution identification code is the search item. Personal information of a specific individual matching the identification information field may be stored in information about whether or not it can be provided to the personal information holding institution according to the exercise of the information movement right of the individual.

According to an additional aspect of the present invention, if information (hereinafter referred to as "information providing attribute") representing an attribute capable of providing the information is stored in the field, 'person who matched the information providing attribute It means that the personal information holding institution corresponding to the information holding institution identification code 'can provide the information, and the personal information for the information matching the search item identification information corresponding to the field in which the information providing attribute is not stored. It means that the holder cannot provide this information.

In the combining DB 860, fields mapped to the mapping anonymous ID field and one or more search item identification information are configured as illustrated in FIG. 13, wherein the mapping anonymous ID field includes 'mapping anonymous data stored in the customer information DB 810'. ID 'is stored, and' information matching the search item identification information of the customer matching the mapping anonymous ID 'is stored in the field matched with each search item identification information. In addition, the field matched with each of the search item identification information is further configured to match the sale availability field, if a predetermined information providing attribute is stored in the 구성된 configured in each of the sellability field, 'search item matched to the 쎌 It is determined that the information stored in the 쎌 'of the identification information field is sellable.

Meanwhile, according to another aspect of the present invention, the marketability field may not be configured separately. In this case, if predetermined information is stored in each field configured in the field matched with each search item identification information, it is determined that the marketability is available for sale. do.

As illustrated in FIG. 14, the price DB 870 includes fields in which the mapping anonymous ID stored in the customer information DB 810 is stored, and fields matched with each field identification information configured in the combining DB 860. do. For a specific match that matches both the specific mapping anonymous ID and the specific field identification information stored in the mapping anonymous ID field, the 'personal information stored by matching the mapping anonymous ID and the field identification information in the combined DB 860' The price selected by the customer matching the mapping anonymous ID is stored.

The node DB 880 stores connection addresses of the nodes 600.

2 is a preferred embodiment of a method for protecting and utilizing personal information using a shared alias ID of the present invention, in which a shared alias ID is shared between a personal information holder, a predetermined service company, and a 'customer to subscribe to the service company'; 1 is a view illustrating an embodiment.

In step 120, the customer terminal 300 is connected to the member registration request page of the service server 200.

According to an additional aspect of the present invention, a predetermined shared alias ID category is assigned to a service company operating the service server 200 from a personal information holding institution by a known method before the operation of step 120. According to an additional aspect of the present invention, the known method is a method of holding a copy by each contracting party after the conclusion of a written contract and sharing alias ID category information from the personal information server 100 to the service server 200 It may be one of the methods for transmitting.

In step 125, the service server 200 accesses the information regarding the 'prescribed screen including the terms and conditions search agreement, agreement agreement input field, password input field, and membership application box' (hereinafter termed 'service member registration application screen'). The customer terminal 300 is transmitted.

When receiving the information on the service member registration request screen transmitted in step 125 (or step 225 in FIG. 3) in the customer terminal 300 in step 130, the service member registration request screen is displayed on the output unit (not shown). Is output.

According to an additional aspect of the present invention, in step 130, the 'matching password automatic generation box and password output column' with each other may be further output to the output unit (not shown).

In step 135, the customer terminal 300 transmits the predetermined agreement agreement information, the predetermined password as the service server password of the customer, and the predetermined membership registration information to the service server 200.

According to an additional aspect of the present invention, step 135 may include: step 135a of a customer inputting an agreement agreement terms using an input unit (not shown) of the customer terminal 300; Step 135b, in which the customer inputs a 'predetermined password as a password for the service server of the customer' in the password input field by using an input unit (not shown) of the customer terminal 300; Step 135c, wherein the customer selects a member registration request box using an input unit (not shown) of the customer terminal 300; It includes.

According to another aspect of the present invention, in step 135b, when the customer selects a password input field using an input unit (not shown) of the customer terminal 300, the password generation unit 313 randomly generates a password in a known method. Step 135d; And 135e outputting the generated password to the password input field. Can be replaced with

According to another aspect of the present invention, step 135b includes: step 135f of the password generation unit 313 randomly generating a password in a known method; Can be replaced with

According to another aspect of the present invention, the step 135b may include: selecting, by the customer, a password automatic generation box output as an additional aspect of step 130 using an input unit (not shown) of the customer terminal 300; Generating a password at random by a password generation unit 313 in a known method; Outputting the generated password to the password output column; And the customer inputs the agreement agreement terms using the input unit (not shown) of the customer terminal 300 and inputting the 'password output in the password output field' in the password input field; It includes.

According to an additional aspect of the present invention, the step 135d may include a step in which the customer touches and releases the password input field for an arbitrary period using an input unit (not shown) of the customer terminal 300; Calculating a variable value matching the arbitrary period; The shared variable calculating unit 314 outputting a predetermined shared variable; And generating a password by inputting the calculated variable value and the output shared variable as independent variables to a predetermined password calculation function. It includes.

In step 140, when the service server 200 receives the 'agreement agreement information, password and member registration request information transmitted in step 135', the communication key generator 250 randomly generates a one-time communication key by a known method. Generate and hash the received password, and in the member DB 220 'sharing IDs with a personal information holding institution, belonging to the shared alias ID category previously assigned by a personal information holding institution,' still use ' Storing a predetermined use code by matching one shared alias ID that does not match a code, and storing the hashed password and the generated one-time communication key by matching the shared alias ID; The one-time communication key and predetermined registration completion information are transmitted to the customer terminal 300 connected to the server 120, matching the shared alias ID.

According to an additional aspect of the present invention, 'the shared alias ID stored by matching the use code' is stored in the service identification code other than the service identification code in the anonymized DB 120 configured in the personal information server 100. It may be duplicated with other shared alias IDs' that have already been matched and stored.

In step 145, the service server 200 calls the shared alias ID registration page of the personal information server 100, and the shared alias ID stored by matching the use code in step 140 as a 'method that can be matched with the service identification code'. 'To the personal information server 100, and according to the call,' the customer terminal 300 connected in step 120 'is connected to the shared alias ID registration page of the personal information server 100.

In step 150, the personal information server 100 receives the 'shared alias ID transmitted in step 145', and in the service company DB 175, 'service identification code matching the service server 200 called in step 145' The service company name matched with is searched for, and the 'shared alias ID, service company identification code and service company name' are transmitted to the 'customer terminal 300 connected' in step 145.

In step 155, the customer terminal 300 receives the one-time communication key and registration completion information matched with the shared alias ID transmitted in step 140, and the shared alias ID and the service company transmitted in step 150 When the identification code and the service company name 'is received, the anonymization app 310 is started and determines whether the' shared alias ID transmitted in step 140 'and' shared alias ID transmitted in step 150 'match.

If the determination in step 155 is affirmative, step 160 is operated.

In step 160, the 'shared alias ID, service identification code and service company name', the master password input box and the confirmation box are output from the customer terminal 300 to an output unit (not shown).

In step 165, when the customer inputs the master password of the customer by using an input unit (not shown) of the customer terminal 300 and selects the confirmation box, the anonymization DB 312 identifies an ID matched with the personal information holding institution identification information. The personal information ID stored in the field 'is extracted, and the service company received in step 155 in the anonymization DB 312 is encrypted by using the input master password as the encryption key,' password for the service server of the customer, 'which is transmitted in step 135. Matched with the identification code 'stored the service name and shared alias ID and one-time communication key' and 'encrypted, the customer's service server password' received in step 155, the customer terminal 300 is the 'sharing' The 'personal information ID' of the customer may be transmitted to the personal information server 100 in a manner of matching the alias ID.

According to an additional aspect of the present invention, 'the method of matching the shared alias ID' is a method of transmitting the shared alias ID by matching the 'personal information ID of the customer'.

In step 170, when the personal information server 100 receives the customer's personal information ID, which is transmitted in a method that can be matched to a specific shared alias ID in step 160, the anonymization DB 120 receives in step 155 The service identification number 'and the' personal information ID of the customer 'matching' store the shared alias ID '.

In step 175, the client terminal 300 matches the service identification code received in step 155 to the anonymization DB 312 as the service identification code, and matches the service identification code in step 150 as the shared alias ID. The received shared alias ID 'is stored.

3 is a preferred embodiment of a method for protecting and utilizing personal information using a shared alias ID of the present invention, in which a shared alias ID is shared between a personal information holder, a predetermined service company, and a 'customer to join the service company'; FIG. 1 is a view illustrating another embodiment.

When the customer terminal 300 is connected to the shared alias ID request page of the personal information server 100 in step 205, the service name input field and the shared alias ID request box are included in the output unit (not shown) of the customer terminal 300. A predetermined screen (hereinafter referred to as "first shared alias ID application screen") is output.

According to an additional aspect of the present invention, step 205, when the customer selects the anonymization app box output to the output unit (not shown) using the input unit (not shown) of the customer terminal 300, the anonymization app 310 Starting and outputting a predetermined anonymized app main screen including a personal information holding institution connection box; And outputting a first shared alias ID request screen when a customer selects the personal information holding institution access box by using an input unit (not shown) of the customer terminal 300. It includes.

According to another additional aspect of the present invention, step 205, a customer inputs an access address required for calling a shared alias ID application page of the personal information server 100 using an input unit (not shown) of the customer terminal 300. Making; The customer terminal 300 is connected to the shared alias ID request page, and a predetermined screen including a personal information ID input box, a service company name input field, and a shared alias ID request box in the personal information server 100 (hereinafter referred to as “the Transmitting information about the " 2 shared alias ID application screen " to the connected customer terminal 300; Receiving, by the customer terminal 300, the information and outputting the second shared alias ID request screen to an output unit (not shown); It includes.

In step 210, when the customer inputs or selects the service company name using the input unit (not shown) of the customer terminal 300, the anonymization DB 312 is entered in the 'alias shared ID field matched with the personal information holding institution identification information'. The stored personal information ID is extracted, and the service identification code matched with the input or selected service company name is transmitted to the personal information server 100.

According to an additional aspect of the present invention, step 210 includes a step in which a customer selects a service name input field using an input unit (not shown) of the customer terminal 300; Transmitting, by the customer terminal 300, the information on which the service company name input field is selected to the personal information server 100; When the personal information server 100 receives the 'transmitted information, the service company name input field is selected,' extracting the 'service company identification code and service company name pair' matched from the service company DB 170; Transmitting, by the personal information server 100, the extracted 'matched service identification codes and service company name pairs' to the customer terminal 300; Outputting the service company names to an output unit (not shown) when the customer terminal 300 receives the 'matched service company identification code and service company name pair'; Selecting, by the customer, a specific service company name among the outputted service company names by using an input unit (not shown) of the customer terminal 300; Outputting the service company name in the service company name input field; Extracting the personal information ID stored in the 'alias shared ID field matched with the personal information holding institution identification information' from the anonymization DB 312; And transmitting, by the customer terminal 300, the 'personal information ID of the customer' and the 'service identification code matching the selected service company name' to the personal information server 100; It includes.

In step 215, when the personal information server 100 receives the 'personal information ID and service identification code of the customer, transmitted in step 210', the anonymization DB 120 matches the service identification code, 'the service The personal information ID is stored to match the predetermined shared alias ID, characterized in that the identification ID code and other shared information IDs are stored at the same time.

According to an additional aspect of the present invention, step 215 is matched with the service identification code and the customer's personal information ID in the anonymization DB 120, the service identification code in the anonymization DB 120 It may include the operation of storing a predetermined shared alias ID, characterized in that it does not overlap with other shared alias IDs that are already stored.

According to another additional aspect of the present invention, the stored shared alias ID is different from the other shared alias IDs already stored by matching the service identification code other than the service identification code in the anonymization DB 120. May overlap.

In step 215, the personal information server 100 calls the member registration request page of the service server 200, and in step 205 transmits the shared alias ID stored in the anonymized DB 120 to the service server 200, the call In accordance with the 'customer terminal 300 connected in step 205' is connected to the member registration request page of the service server 200.

In step 225, the service server 200 receives the shared alias ID transmitted in step 220, and transmits the information about the service member registration request screen to the customer terminal 300 connected in step 220.

'Step 230 and step 235', which coincide with 'step 130 and step 135' in Fig. 2, respectively, is operated.

In step 240, when the service server 200 receives the 'agreement agreement information, password and membership registration information transmitted in step 235', the communication key generation unit 250 randomly generates a one-time communication key by a known method. Generate, hash the received password, and store the 'shared alias ID received in step 240' as the 'shared alias ID with the personal information holding institution' of the customer in the member DB 220, and the share alias Match the ID to store the hashed password and the generated one-time communication key, and match the shared alias ID with the customer terminal 300 connected in step 220 to the predetermined one-time communication key Send membership complete information.

In step 260, when the customer terminal 300 receives the one-time communication key and the registration completion information, matching the matching alias ID transmitted in step 240, the anonymization app 310 is activated and output unit (not shown) The master password input box and a confirmation box are displayed on the screen.

In step 265, when the customer inputs the master password of the customer by using the input unit of the customer terminal 300 and selects the confirmation box, the input master password is transmitted as the encryption key in step 235. Is encrypted, and matched with the service identification code transmitted in step 210 to the anonymization DB (312) received in step 260, the shared alias ID and one-time communication key and the encrypted, the customer's password for the service server 'Is stored.

4 is a preferred embodiment of the method for protecting and utilizing personal information using the shared alias ID of the present invention, in which a customer who registers a shared alias ID to an operator providing a predetermined service receives a predetermined service to receive the predetermined service. It is a figure explaining the operation of connecting to a server.

In step 305, the customer terminal 300 connects to a predetermined screen including a predetermined ID input field and a user authentication information input field (hereinafter referred to as an "identification screen") of the service server 200 by a known method.

According to an additional aspect of the present invention, step 305, when the customer selects the anonymization app box using the input unit (not shown) of the customer terminal 300, the anonymization app 310 is activated, anonymization DB 312 Extracting the service name names from and outputting them to an output unit (not shown); When the customer selects 'one of the output service company names' using an input unit (not shown) of the customer terminal 300, the service identification code matched to the selected service company name in the anonymization DB 312; Searching for the identity screen access address; And connecting the customer terminal 300 to the identity screen access address. It includes.

According to another aspect of the present invention, step 305 includes a step in which a customer selects or inputs an identification screen access address of the service server 200 using an input unit (not shown) of the customer terminal 300; And connecting the customer terminal 300 to the identity screen access address. It includes.

In step 310, the service server 200 transmits the information on the identity screen to the customer terminal 300 in a way that can match the service identification information.

According to an additional aspect of the present invention, an embodiment of the 'method that can be matched with the service identification information' is a method in which 'service server access address as the service identification information' is included in the information on the identification screen. .

In step 315, when the customer terminal 300 receives 'information on the identification screen transmitted in step 310', the identification screen, the master password input field and the confirmation box are output to an output unit (not shown).

In step 320, when the customer enters the master password by using an input unit (not shown) of the customer terminal 300 and selects a confirmation box, the anonymization DB 312 displays the information on the identification screen received in step 315. A 'shared alias ID, an encrypted password and a communication key' matched with a matching service ID code are searched, 'the searched, encrypted password' is decrypted using the input master password as a decryption key, and a shared variable calculation unit ( 314 outputs a predetermined shared variable, calculates predetermined identity information using 'one or more of the decrypted password, the communication key, and the output shared variable', and the service server at the customer terminal 300. Matching with the predetermined service application information to 200 transmits the 'shared alias ID and the identity authentication information'.

According to an additional aspect of the present invention, the transmitted personal authentication information is the decrypted password.

According to another additional aspect of the present invention, the communication key is a one-time communication key, and the transmitted personal authentication information is one-time authentication information of the 'encrypted password' with the communication key.

According to yet another aspect of the present invention, the transmitted personal authentication information is one-time authentication information calculated by substituting 'decoded password, one-time communication key and shared variable' into a predetermined function.

According to an additional aspect of the present invention the 'prescribed service application information', 'information for requesting service server login permission to retrieve information' and 'information for applying for electronic contract conclusion requiring identification' and ' It may be one or more of the predetermined payment application information including the seller identification information, the purchase product identification information and the payment amount, and the 'receiving identification information, the receiving account identification information and the remittance application information including the remittance amount'.

In step 325, when the service server 200 receives the predetermined service application information, the shared alias ID and the user authentication information transmitted in step 320, the member DB 220 matches the shared alias ID with the 'hashed'. Searched password and communication key ', the shared variable calculator 240 outputs a predetermined shared variable, and determines whether the searched' hashed password 'matches the' received authentication information '.

According to an additional aspect of the present invention, the authentication information received in step 325 is 'password for the service server of the customer', and step 325 hashes the received service server password and the hashed service server password is retrieved. Determining whether it matches a 'hashed password'; It includes.

According to another additional aspect of the present invention, the identity authentication information received in step 325 is the one-time authentication information of the person encrypted with the 'customer's service server password' with the 'customer's one-time communication key', and step 325 is the received information. Calculating the 'password for the service server of the customer' by decrypting the retrieved communication key with the decryption key; Hashing the decrypted password and determining whether the hashed password matches the retrieved 'hashed password'; It includes.

According to yet another aspect of the present invention, the personal authentication information received in step 325 is a one-time personal authentication calculated by substituting the customer's service server password and the customer's one-time communication key and the predetermined shared variable into a predetermined function. Information, and step 325 includes: 'receiving the one-time personal identification information received', the searched communication key, and the output shared variable into a predetermined inverse function, thereby inverting the 'customer's service server password'; And hashing the inverted service server password and determining whether the hashed service server password matches the retrieved 'hashed password'. It includes.

If the determination in step 325 is affirmative, step 330 is operated.

In step 330, the one-time communication key is randomly generated in the service server 200, the communication key matching the 'shared alias ID received in step 325' in the member DB 220 is updated with the generated one-time communication key, the customer Screen for inputting information necessary for a predetermined service application matching the generated one-time communication key and 'service application information received in step 325' in a 'method that can be matched with a service identification code' to the terminal 300 It transmits information about '(hereinafter referred to as "service application screen").

According to an additional aspect of the present invention, the 'method that can be matched to the service identification code' is a 'method of matching the service identification code to the one-time communication key to transmit to the customer terminal 300'.

According to an additional aspect of the present invention, the 'service application screen' is a 'search screen including a search target information input box for retrieving information' and 'field for inputting the main points of the contract subject to the application for contract conclusion' Contract request screen including the user 'and' Payment approval application screen including a buyer identification information input field and a payment amount input field necessary for applying for a transfer of a predetermined payment amount to a settlement account matched to predetermined seller identification information 'and' It may be one of a remittance request screen including a remittance identification information input field and a remittance amount input field required to apply for remittance of a predetermined remittance before a predetermined remittee.

When the customer terminal 300 receives the one-time communication key transmitted in step 330 (or step 530 of FIG. 6) in step 335, the communication key matched with the service ID code in the anonymization DB 312 is received. Updated one-time communication key.

In operation 340, the service server 200 operates a service matching the 'prescribed service application information transmitted in operation 320', and the current date and current time are queried in a timer (not shown), and an anonymous transaction DB ( 230, the summary of the 'operated service' and the 'current date and time value' are stored in accordance with the shared alias ID.

According to an additional aspect of the present invention, the 'matching service' is a 'service for searching for information on information input in a predetermined search target information input field and transmitting the searched information to the customer terminal 300' and ' Recalling the full text of applying for payment of the payment amount entered in the payment amount input field according to the service for receiving a predetermined contract application defined in accordance with the main points entered in each field and the buyer identification information entered in the purchaser identification information input box. Service for the collection and transfer in front of the payment company matching the buyer identification information, and 'Receiving identification information entered in the shared alias ID and the recipient identification information input box and the predetermined settlement application information including the remittance amount entered in the remittance amount input box. Service to send to the information server.

5 is a preferred embodiment of the personal information protection and utilization method using a shared alias ID of the present invention, using a mouse Juji installed a personal customer terminal and a separate customer terminal and the electronic payment agent services to the seller It is a figure explaining the operation to provide.

In step 405, the customer terminal owned by the predetermined seller (hereinafter referred to as "seller terminal") 400, the identification information of the first member of the specific payment company (hereinafter referred to as "first member identification information") in a predetermined method The shared alias ID and the communication key which are read and matched with the service identification code (hereinafter, referred to as the "pig identification information") of the 'Pig' which is an embodiment of the service company in the present invention are retrieved from the anonymization DB 420, and The first member identification information is encrypted with the one-time communication key as an encryption key, a predetermined first payment approval application ID is generated, and the service server 200 (hereinafter referred to as a "judgment server") of a particular mugi service server is called. 1 The predetermined first payment approval application information including 'the shared alias ID as the seller identification information', 'the encrypted first member identification information as the buyer identification information' and a predetermined payment amount is matched with the payment approval application ID. Transmitted, and the payment DB (440) 1 The payment amount is stored in accordance with the payment approval application ID.

According to an additional aspect of the present invention, the shared alias ID is a franchise number shared by a mouse and a personal information holding institution.

At step 410, the mouse server, which is the service server 200 of the mouse, includes a shared alias ID, encrypted first member identification information and a predetermined payment amount, matched with the first payment approval application ID transmitted in step 405. When receiving the predetermined first payment approval request information ', the communication key matching the shared alias ID is retrieved from the member DB 220, the encrypted first member identification information is decrypted with the decryption key, A predetermined second payment approval application ID is generated and is matched with the server of the payment company (hereinafter referred to as "payment server") and the personal information server 100 matched with the first member identification information as the purchaser identification information. The predetermined second payment approval application information including the second payment approval application ID, the first member identification information, which is the purchaser identification information, and the payment amount, may be matched with the service identification code, 'PJU identification information'. "And the current day in a timer (not shown) And current time information is inquired, matching the first payment approval application ID in the pseudonym transaction DB 230, the second payment approval application ID, the payment amount, the shared alias ID and the second payment approval application As the time stamp, 'the current date as the second payment approval application date' and 'current time information as the second payment approval application time information' are stored.

According to an additional aspect of the present invention, the 'method of matching the mouse identification information' is 'a method of including the mouse identification information in the second payment approval application information'.

In step 415, a predetermined second payment including the second payment approval application ID, the first member identification information, and the payment amount is transmitted in step 410 in a manner that the personal information server 100 can match the identification information of the mouse. Upon receiving the approval request information, the current date and the current time information are retrieved from a timer (not shown), and the subordinate DB configured in the real name transaction transaction DB (not shown) of the subordinate DB configured in the real name transaction DB 130 is The second payment approval application ID, the first member identification information, the payment amount, the current date, and the like in the real name transaction DB matched with the identification information (hereinafter referred to as "PJM real name transaction DB (not shown)"). The current time information is saved.

In operation 420, the payment server 500 may match the identification information of the mouse, and the predetermined second payment approval application information including the payment approval application ID, the first member identification information, and the payment amount is transmitted in step 410. 'Is received, it is determined whether or not approved by a known method.

If it is determined as approved in step 420, step 425 is operated.

In operation 425, the payment server 500 transmits the predetermined second payment approval ID in a manner that may match the second payment approval application ID received in step 415 from the payment server 500.

In operation 430, when the server server 200, which is a service server, receives the 'second payment approval ID transmitted in step 420' in a manner that can match the second payment approval application ID, a current date is displayed in a timer (not shown). And current time information is queried, the first payment approval application ID matching the second payment approval application ID is searched in the pseudonym transaction DB 230, and a predetermined first payment approval ID is generated. As a reply to the received first payment approval application information, the seller terminal 400 that has transmitted the first payment approval application information receives the predetermined first payment approval information including the first payment approval ID. Transmitting, matching the second payment approval application ID to the pseudonym transaction DB 230 as the time stamp of the first payment approval ID, the second payment approval ID, and the second payment approval, Current date 'and' the current time information as second payment approval time information ', Injeongbo to the server 100 by matching to the second payment authorization application ID and transmits the 'payment company identification information matched to the payment server 500, and the second payment authorization ID.

In step 435, when the personal information server 100 receives the 'payment company identification information and the second payment approval ID matched to the second payment approval application ID, transmitted in step 425', the current date and the timer are not shown. The current time information is inquired and the second real name in the real name realization transaction DB (not shown) matched with the subjugation information of the subordinate DB configured in the real name realization transaction DB (not shown), which is a sub-DB configured in the real name transaction DB (130) The payment company identification information, the second payment approval ID, the current date as the second payment approval date, and the current time information as the second payment approval time information are stored according to the payment approval application ID.

In step 436, if the seller terminal 400 receives the 'prescribed first payment approval information including the first payment approval ID transmitted in step 430 as a reply to the first payment approval application information sent in step 405', In the payment DB 440, the first payment approval ID is stored according to the first payment approval application information '.

In step 440, a server including a service server of the mouse, a mouse server 200, a predetermined account including the receipt account number, 'payment company identification information as remittance identification information' and the transfer amount and settlement target identification information from the system of the transaction bank of the mouse (not shown) Upon receipt of the payment information, the payment amount matching the settlement target identification information is extracted from the pseudonym transaction DB 230, it is determined whether the total amount of the extracted payment amount is matched with the transfer amount.

According to an additional aspect of the present invention, the settlement target identification information is predetermined settlement target period identification information (for example, settlement date when settlement of every business day), and the approval date and approval in the pseudonym transaction DB 230 in step 440. Payment amounts corresponding to a period of time information corresponding to the settlement target period identification information are extracted.

According to an additional aspect of the present invention, step 440 may include a step in which the rat server 200 logs into a system of a trading bank of the rat (not shown) and inputs the receiving account number as a transaction history inquiry target account number; It may include.

If the determination in step 440 is affirmative, step 445 is operated.

In the server server 200 which is a service server of the mouse in step 445, the first payment approval application ID and the second payment of each record matching the 'target identification information received in step 440' in the pseudonym transaction DB 230 The approval application ID, the first payment approval ID, the second payment approval ID, the payment amount, and the shared alias ID 'are extracted, and a predetermined settlement amount is calculated by deducting a fee calculated in a predetermined manner from the payment amount. The predetermined settlement request information including the first payment approval application ID, the second payment approval application ID, the first payment approval ID, the second payment approval ID, the settlement amount and the share alias ID may be matched with the 'pigment identification information'. Can be transmitted to the personal information server 100.

According to an additional aspect of the present invention, an embodiment of the 'method that can be matched with the mouse identification information' is a method of specifying the mouse identification information in the header area of the settlement request information.

In step 450, the personal information server 100 transmits the first payment approval application ID, the second payment approval application ID, the first payment approval ID, the second payment approval ID, the settlement amount, and the shared alias ID transmitted in step 445. When the predetermined settlement request information, including the 'method of matching the mouse identification information' is received, the 'second payment approval ID and payment amount matched with the second payment approval application ID in the real name transaction DB 130 And the shared alias ID, and determine whether the received 'second payment approval ID, payment amount and sharing alias ID' matches the extracted 'second payment approval ID, payment amount and sharing alias ID', respectively. .

According to an additional aspect of the present invention, step 450 includes calculating a settlement amount by deducting a fee calculated by a predetermined method from the settlement amount extracted from the pseudonym transaction DB 230; It includes.

If the determination at step 450 is affirmative, step 455 is operated.

In step 455, a personal information ID matched with the shared alias ID is searched for in the anonymization DB 120 of the personal information server 100, and a communication ID and a real name number matched with the personal information ID in the personal information DB 110. The general account number is searched for, and the service company DB 170 checks the settlement account number matching the identification information of the mouse and the name of the 'business company name as the service company name', and retrieves the current date and current time information from a timer (not shown). Inquiry is made, withdraw the settlement amount received in step 450 from the settlement account number and deposit the settlement amount in the universal account number, but the name of the mouse is recorded in one or more of the remarks column and remittance column The operation is performed, and the seller terminal 400 matching the communication ID is matched with the first payment approval ID received in step 450 as a 'method capable of matching the personal information holding institution identification information'. Amount and A predetermined settlement confirmation message including the name of the mouse and the current date and time information of the time point at which the deposit and withdrawal operation proceeds as a timestamp for the time of the transfer is transmitted, and is configured in the real name transaction DB (130). The general account number as the settlement account number as the payer identification information and the payer identification information in the Jujube real name transaction DB (not shown) matched with the jujube identification information that is a subordinate DB configured in the DB real name transaction transaction DB (not shown) And the settlement amount as a remittance amount and the current date as remittance date and the current time information as remittance time information as a timestamp at the time of remittance.

According to an additional aspect of the present invention, the personal information holding institution is a bank in which an account corresponding to the settlement account number is opened, and step 455, wherein the settlement amount is withdrawn from the account and remitted to the general account number; It includes.

According to an additional aspect of the present invention, an embodiment of the 'method capable of matching the personal information holding institution identification information' is a method of recording the personal information holding institution identification information in the header area of the settlement confirmation message.

In step 460, the seller terminal 400 matches the first payment approval ID, which is transmitted in a manner that can be matched to the personal information holding institution identification information in step 455, the settlement amount and the name of the mouse and the current date and current time. When a predetermined settlement confirmation message including information 'is received, a settlement amount matched with the first settlement approval ID is extracted from the settlement DB 440, and a fee calculated by a predetermined method is deducted from the settlement amount. The amount is calculated, and it is determined whether the calculated settlement amount matches the received settlement amount.

If the determination at step 460 is affirmative, step 465 is operated.

In step 465, the settlement amount received from the step 460, the payment company name and the current date and current time information and the payment amount extracted in step 460 to the output unit (not shown) of the seller terminal 400 In the timer (not shown), the current date and current time information are inquired, and the payment DB 440 matches the 'first payment approval ID' received in step 460 as a timestamp for the completion date of settlement as 'complete settlement date'. The current date 'and the current time information as the settlement completion time information are stored.

6 is a preferred embodiment of the method for protecting and utilizing personal information using the shared alias ID of the present invention, a remittance company uses a remittance server, installs a dedicated app for its transaction, and provides a remittance service to a remitter who registers a shared alias ID. It is a figure explaining the operation to provide.

In step 505, when the first sender selects the anonymization app box by using an input unit (not shown) of the customer terminal 300 occupied by him, an anonymization app dedicated to the transfer service (hereinafter referred to as "transfer app") 310 Then, a predetermined remittance request screen including a receipt identification information input field, a remittance amount input field, a master password input field and a confirmation box is output.

According to another aspect of the present invention, the recipient identification information input field may be replaced with a recipient alias list.

In step 510, when the customer inputs the identification information, the remittance amount and the master password by using the input unit (not shown) of the customer terminal 300 and selects a confirmation box, anonymization DB 312 identifies the service company of a predetermined remittance company. A 'shared alias ID, an encrypted password and a communication key' matched to a code (hereinafter referred to as a "transmitter identification code") are retrieved, and the retrieved encrypted password is decrypted using the input master password as a decryption key. The shared variable calculating unit 314 outputs a predetermined shared variable, calculates predetermined personal authentication information using 'one or more of the decrypted password, the communication key and the output shared variable', and the customer terminal. A predetermined remittance including the 'shared alias ID, the recipient identification information, the remittance amount and the personal authentication information' to the service server (hereinafter referred to as "transfer server") 200 of the remittance company which is one of the service companies at 300 Send the application information.

According to another aspect of the present invention, the operation of inputting the recipient identification information may be replaced with an operation of selecting a specific recipient alias from the recipient alias list output in another aspect of step 505.

According to an additional aspect of the present invention, 'recipient identification information included in the remittance application information' is 'a payee account number, a recipient institution identification information, a payee name, a payee phone number, and a payee address'.

According to an additional aspect of the present invention, step 510 may include a payee account number, a payee identification number, a payee name, a payee phone number, and the like that match the input or selected payee identification information in a predetermined payee DB (not shown). Extracting at least one of the payee addresses; It may include.

In step 525, when the remittance server 200 receives 'the predetermined remittance request information including the shared alias ID, the receipt identification information, the remittance amount and the identity authentication information' transmitted in step 410, the sharing in the member DB 220 The hashed password and communication key matched with the alias ID are searched, the shared variable calculator 240 outputs a predetermined shared variable, and the retrieved hashed password is the received authentication information. Is matched with '.

One additional aspect different from the one at step 325 of FIG. 4 also applies to the step 525.

If the determination in step 425 is affirmative, step 530 is operated.

In step 530, the one-time communication key is randomly generated in the remittance server 200, the communication key matching the 'shared alias ID received in step 525' in the member DB 220 is updated with the generated one-time communication key, the customer The generated disposable communication key is transmitted to the terminal 300 in a 'method that can be matched with the remittance company identification information'.

According to an additional aspect of the present invention, the 'method that can be matched to the remittance company identification information' is a 'method for matching the remittance company identification information to the one-time communication key to transmit to the customer terminal 300'.

Step 335 in FIG. 4 is operated.

In step 540, a remittance request reception ID is generated in the remittance server 200, and a remittance fee corresponding to the remittance amount received in step 525 is calculated, and the shared alias ID and the recipient received in step 525. The predetermined settlement application information including the identification information and the remittance amount and the remittance fee are transmitted to the personal information server 100 in a 'method capable of matching the remittance company identification information', and the current date and time in the timer (not shown). The current time value is inquired, matching the remittance application reception ID to the pseudonym transaction DB 230, the shared alias ID and 'personal information holding institution identification information matching the personal information server 100' and the 'receipt identification' Information, remittance amount and remittance fee ',' the current date as the remittance settlement application date 'and' the current time value as the remittance settlement application time information '.

In step 555, the personal information server 100, 'the predetermined settlement application information, including the shared alias ID, the receipt identification information, the remittance fee and the remittance fee, transmitted in a way that can be matched to the remittance company identification information in step 540' When received, the personalization ID matching the shared alias ID is retrieved from the anonymization DB 120, the communication ID, real name number and universal account number matching the personal information ID is retrieved from the personal information DB 110, In the service company DB 170, the settlement account number matching the remittance company identification information and the name of the remittance company as the service company name are retrieved, and the current date and current time information are retrieved from the timer (not shown). The remittance fee and the remittance fee are withdrawn from the account number, an operation necessary for depositing the remittance amount in front of the identification information is performed, and the remittance fee is required to be deposited in front of the settlement account number. One operation is performed, and the 'payer identification information' in the real name transaction DB (not shown) matched with the remittance company identification information, which is a sub-DB configured in the real name transaction DB (not shown), which is a sub-DB configured in the real name transaction DB (130). As the date of remittance as the time-to-date for the universal account number and the remittance identification information as the remittee identification information and the remittance company identification information as the remittance company identification information, the remittance amount and the remittance fee and the time point of remittance. The current date 'and the current time information as the remittance time information are stored.

According to an additional aspect of the present invention, a personal information holding institution is a bank in which an account corresponding to the universal account number is opened, and step 555, wherein the remittance is withdrawn from the account and remitted before the identification information; It includes.

Meanwhile, according to another aspect of the present invention, steps 510 and 555 may be replaced with the following steps 510-1, 555-1, 560-1, and 565-1.

In step 510-1, when the customer inputs the receipt identification information, the remittance amount and the master password using an input unit (not shown) of the customer terminal 300, selects a confirmation box, the anonymization DB 312 matches the remittance company identification information. 'Shared Alias ID and encrypted password and one-time communication key' and 'Personal Information ID and encrypted password and one-time communication key' matched with the personal information holding institution identification information are searched, and the input master password is decrypted as' The retrieved encrypted passwords are decrypted, and the shared variable calculation unit 314 outputs a predetermined shared variable, and among the decrypted remittance company password, disposable communication key for remittance company and the output shared variable. Calculating the personal authentication information for a predetermined remittance company using one or more, and using the decrypted password for the personal information holding institution and the one-time communication key for the personal information holding institution; Calculate the personal authentication information for a predetermined personal information holding institution using one or more of the shared variables that have been output, and from the customer terminal 300 to the service server of the remitting company (hereinafter referred to as "transfer server") 200 Sends remittance application information including 'shared alias ID', 'receipt identification information' and 'money amount and remittance company's authentication information', and transmits the 'personal information ID, remittance company identification information, remittance amount and Send the specified remittance request information including the personal authentication information for the personal information holder

In step 555-1, in the personal information server 100, the predetermined information including the personal information ID, the remittance company identification information, the remittance amount, and the personal authentication information for the personal information holder is transmitted from the customer terminal 300 in step 510-1. When the remittance request information is received, and the predetermined settlement request information including the shared alias ID, the recognizing identification information, the remittance amount and the remittance fee, which is transmitted in a method capable of matching the remittance company identification information at step 540, is received, Search for the personal information ID matched with the shared alias ID in the anonymization DB 120, and the 'communication ID, real name number, universal account number, hashed password and the personal information ID matched with the personal information ID in the personal information DB 110; The one-time communication key 'is searched, the shared variable calculating unit 140 outputs a predetermined shared variable, and it is determined whether the searched' hashed password 'matches the' received personal information for personal information holder '. .

One additional aspect at step 325 of FIG. 4 also applies to step 555-1.

If the determination in step 555-1 is affirmative, step 560-1 is operated.

In step 560-1, a one-time communication key is randomly generated in the personal information server 100, and in the personal information DB 110, a communication key matched with the 'personal information ID received in step 555-1' is generated. Updated with a communication key, the generated one-time communication key is transmitted to the customer terminal 300 in a 'method of matching personal information holding institution identification information', and is matched with the remittance company identification information in the service company DB 170. Settlement account number and 'remittance company name as service company name' is searched, the current date and current time information is retrieved from a timer (not shown), and the 'transfer amount and remittance fee' is withdrawn from the universal account number, An operation necessary for depositing the transfer amount in front of the receipt identification information is performed, and an operation required for depositing the transfer amount in front of the settlement account number is performed, and the lower DB configured in the real name transaction DB 130 is transferred. In the real name transaction DB (not shown) matched with the remittance company identification information, which is a sub-DB configured in the real name transaction DB (not shown), the 'universal account number as payer identification information' and 'the recipient identification information as the recipient identification information' And the remittance company identification information as remitter identification information, the remittance amount, the remittance fee, and the current date as remittance date, and the current time information as remittance time information.

According to an additional aspect of the present invention, the 'method which can be matched to the personal information holding institution identification information' is' matching the personal information holding institution identification information to the one-time communication key to transmit to the customer terminal (300) It's how.

Meanwhile, according to another aspect of the present invention, step 560-1 may be replaced with step 560-2 below.

In step 560-2, a one-time communication key is randomly generated in the personal information server 100, and in the personal information DB 110, a communication key matched with the 'personal information ID received in step 555-1' is generated. Updated with a communication key, the generated one-time communication key is transmitted to the customer terminal 300 in a 'method that can be matched to the personal information holding institution identification information,' matching the remittance company identification information in the service company DB (170) Settlement account number and 'remittance company name as service company name' is searched, the current date and current time information is retrieved from a timer (not shown), and the 'transfer amount and remittance fee' is withdrawn from the universal account number, An operation required for depositing the remittance amount and the remittance fee is carried out in front of the settlement account number, and the remittance amount is withdrawn from the settlement account number, and the remittance amount is deposited before the identification information. The operation required to proceed, and the payer identification in the real name transaction DB (not shown) matched to the remittance company identification information, which is a sub-DB configured in the real name transaction transaction DB (not shown), which is a sub-DB configured in the real name transaction DB (130) Remittance date as the time stamp for the general purpose account number as information, the remittee identification information as recipient identification information, and the remittance company identification information as remittance company identification information, the remittance amount, the remittance fee, and the time of remittance. The current date 'and' the current time information as remittance time information 'are stored.

When the customer terminal 300 receives the one-time communication key transmitted in step 560-1 in step 565-1, the communication key matched to the personal information holding institution identification information in the anonymization DB 312 is 'the received one-time use'. Communication key '.

FIG. 7 is a diagram illustrating an operation of retrieving personal information of a specific customer from a service company in a preferred embodiment of the method for protecting and using personal information using the shared alias ID of the present invention.

If the search box is selected by using an input unit (not shown) of the service server 200 in step 605, the search box matches 'search condition item identification information and search item identification information' and the search reason input field and predetermined confirmation. The box is printed.

According to an additional aspect of the present invention, the search condition item identification information and the search item identification information each include one or more identifiers and one or more attributes, and among the check boxes matched to the output search condition item identification information; 'One of the check boxes matched with the output search item identification information' is selected and outputted as default, and 'identification information meaning all output search condition item identification information' and 'all output search items' are output. A check box is also outputted even if each of the pieces of 'identification information' means identification information.

To illustrate an example of the operation 605 in the case where the service server 200 is one of the mouse servers (hereinafter referred to as the case of the mouse), the shared alias ID, the first payment approval application ID, and the first as the search condition item identification information are used. 2Payment approval application ID, approval date, approval time, settlement target identification information, settlement amount and settlement amount are printed, and shared identification ID, real name number, telephone number, email address, address, and purchase goods category as search item identification information. The identification information, the average monthly payment amount, the average price of the settlement amount and the balance of the deposit amount are output.

To illustrate an example of the operation 605 in the case where the service server 200 is one of the remittance servers (hereinafter referred to as "remittance transfer"), the shared alias ID, the recipient identification information, the remittance amount and the remittance settlement as the search condition item identification information The application date, remittance date and remittance time information are displayed, and as search item identification information, the shared alias ID, real name number, universal account number, real name number, phone number, e-mail address, address, average monthly remittance amount, average remittance amount and deposit amount Will output

In operation 610, one or more of the check boxes matched to the search condition item identification information are selected using an input unit (not shown) of the service server 200, and one or more of the check boxes matched to the search item identification information are selected. Is selected.

According to an additional aspect of the present invention, in step 610, whenever a check box matching the search condition item identification information is selected, a predetermined designated variable field, a minimum value field, and a maximum value field are matched with the search condition item identification information. Is output.

In the case of the mouse case and the transfer case illustrated in step 605, if a check box matching the first payment approval application ID is selected, the designated variable input field, the minimum value input field and the maximum value input field are matched with the first payment approval application ID. Can be output.

Meanwhile, according to another aspect of the present invention, in step 605, the 'check box matched, search condition item identification information and search item identification information' 'one or more search condition item identification information input fields and one or more The search item identification information input fields' may be output, and at least one search condition item identification information and one or more search item identification information may be input to each of the input fields in step 610.

When a predetermined condition variable is selected or input by matching each of the search condition item identification information matching the check box selected in step 610 in step 615, the search condition item identification information and the condition variable are matched to search one. A condition is configured, and a predetermined search condition list is created using the configured search conditions, and a predetermined search item list is created using 'search item identification information matching the check box selected in step 610'.

As an additional aspect of the present invention, when predetermined data is input to the designated variable input field output in step 610, one search condition is matched with the search condition item identification information as the condition variable. It is composed.

For example, if a check box matching the first payment approval ID is selected and "2018052000011" is input in the designated variable input field as a case of a mouse, the first payment approval application ID is 201805200001. It is composed.

On the other hand, in another additional aspect of the present invention, when predetermined data is input to each of the output minimum value input field and the maximum value input field, data input to the minimum value input field (hereinafter referred to as "minimum value") and maximum value A search condition is constructed by matching the search condition item identification information as a condition variable with a category definition defined as data input in the input field (hereinafter referred to as "maximum value").

For example, when a check box matching the remittance settlement date is selected and "20180520" and "20180521" are entered in the minimum value input field and the maximum value input field, as an example of the remittance settlement date, '20th to May 20th, 2018' constitutes one of the search conditions.

When the inquiry reason identification information is input in step 620, a predetermined search request including an inquiry reason identification code matching the inquiry reason identification information, 'search condition list created in step 615' and 'search item list created in step 615' Information is transmitted to the personal information server 100 in a way that can be matched to the service identification code.

According to an additional aspect of the present invention, step 620 may include selecting an inquiry reason field; Extracting the reason list from the inquiry reason DB 260 and outputting it to an output unit (not shown); Selecting a predetermined reason from the output inquiry reason list; And extracting, from the inquiry reason DB 260, an inquiry reason identification code matching the selected inquiry reason. It includes.

In the case of the mouse, the step of selecting "Check whether the settlement error" from the output reason list output; And extracting "06" as an inquiry reason identification code matched with the selected "confirmation of error of settlement" in the inquiry reason DB 260; It may include.

In addition, in the case of remittance, the step of selecting "provide product information" from the output reason list; And extracting "07" as an inquiry reason identification code matching the selected "product information provision" in the inquiry reason DB 260; It may include.

According to an additional aspect of the present invention, the 'method capable of matching the service identification code' is a method of including the service identification code in the search application information.

In step 625, the personal information server 100 'predetermined search request information including a search condition list, a search item list, and a search reason identification code transmitted in a method capable of matching the service identification code in step 620' When received, the search reason DB 160 retrieves the open condition identification information matched with the received search reason identification code for each search item identification information included in the search item list.

In the case of the case of the mouse and the transfer case, when the 'phone number as one of the search item identification information included in the search item list' and '06 as the received reason ID code received ', the reason for inquiry DB (160) In the 'phone number as the search item identification information' and 'unnecessary consent code' can be searched as the open condition identification information matched with '06 as the company identification code.

As another example of a case of a mouse and a wire transfer, when a 'phone number as one of the search item identification information included in the search item list' and '07 as the received inquiry reason identification code 'are received, the inquiry reason DB 160 ), The consent required code can be searched as the open condition identification information matched with the 'phone number as the search item identification information' and '07 as the company identification code '.

If at least one of the 'open condition identification information retrieved in step 625' is a consent required code, step 660 is operated after steps 630 to 655 below are operated.

In step 630, the service company name and the communication ID matched to the 'service identification code that can match the information received in step 625' in the service company DB 170 in the personal information server 100 is extracted, 'step 625 'Matched search condition item identification information and condition variables' constituting each search condition included in the search condition list received at 'A' are extracted from the 'personal information DB 110 and the real name transaction DB 130'. Field identification information matching the search condition item identification information is extracted, and data matching the 'condition variable matching the search condition item identification information' is matched with the field identification information, and is matched with each data. Shared alias IDs are extracted, personal IDs matched with the shared alias IDs are extracted from the anonymization DB 120, and communication IDs matched with the extracted personal information IDs are stored in the personal information DB 110. Extracted, query reason DB (160) In the search reason description information matching the 'inquiry reason identification code received in step 625' is extracted.

According to an additional aspect of the present invention, step 630 may include: 'condition variable matching with search condition item identification information matching' field identification information 'and' field identification information 'in' DB where the field identification information is extracted '; Extracting records including data matching all of the records; Extracting shared alias IDs from the records; It may include.

As an example of the case of a mouse, the service company identification code received in step 625 is "PG011" and in the service company DB 170, the service company name and communication ID matched to "PG011", respectively, "Daejuju" and If "02-3456-7890", the "Korean rat" and "02-3456-7890" will be extracted.

As an example of the case of a mouse, the search condition list includes only one search condition, and the 'matched search condition item identification information and condition variables' constituting the search condition are "first payment approval application ID" and " 201805200001 ", the" first payment approval application "as the field identification information matching the" first payment approval application ID "in a predetermined sub-DB matching the" service identification code PG011 "of the real name transaction DB 130 ID " is extracted, and a record in which the data stored in the " first payment approval request ID " field is " 201805200001 " is extracted from the sub-DB, and a 'virtual account' as a specific shared alias ID stored in the shared alias ID field of the record. Number 226-000296-00107 'is extracted, and "resident registration number 760821-2065321" is extracted as the personal information ID matched to the virtual account number 226-000296-00107 as the shared alias ID in the anonymization DB 120, In the personal information DB (110) 'extracted residents, etc. 'Messenger Account ID moonlight@google.com' matching 'lock number 760821-2065321' may be extracted.

In addition, in the inquiry reason DB 160, "confirmation of whether or not a settlement error" may be extracted as the inquiry reason description information matched with the inquiry reason identification code 06 received in step 625.

In addition, as an example of remittance, the service company identification code received in step 625 is "RM003", and in the service company DB 175, the service company name and communication ID matched to "RM003" are "World Remittance" and If "02-1588-4455" "World remittance" and "02-1588-4455" will be extracted.

In the case of remittance, only one search condition is included in the search condition list, and 'matched search condition item identification information and condition variables' constituting the search condition are "remittance settlement application date" and "20180520-". 20180521 "," remittance settlement application date "is extracted as field identification information matching the" remittance settlement application date "from a predetermined sub-DB matching the" service identification code RM003 "of the real name transaction DB 130 And records in which the data stored in the "remittance settlement application date" field in the sub-DB is 'May 20, 2018 to May 20, 2018', and are stored in the shared alias ID field of the records. As the shared alias IDs, 'virtual account number 101-114936-00107' and 'virtual account number 335-003245-00107' are extracted, and the virtualized account number 101-114936- as the 'shared alias ID' in the anonymization DB 120. Individuals matching 00107 and 335-003245-00107 'respectively "Resident registration number 800305-2032434 and 761107-1020321" is extracted as the security ID, and 'animal@hanmail.net' as the communication IDs matched to the extracted resident registration numbers 800305-2032434 and 761107-1020321, respectively, in the personal information DB (110). And locus@naver.com 'can be extracted.

In addition, in the inquiry reason DB 160, "product information provision" may be extracted as the inquiry reason description information matched with the inquiry reason identification code 07 received in step 625.

In step 635, each search item identification information included in the search item list received in step 625 as the service name extracted in step 630 as the information providing application identification information from the personal information server 100 and the target information identification information. And the predetermined consent request information including the inquiry reason explanatory information extracted in step 630 and the predetermined consent request phrase, are transmitted to the communication ID extracted by matching with the personal information ID in step 630.

According to an additional aspect of the present invention, the communication ID is one of a phone number, an e-mail address, and a messenger account ID. In step 635, the block generation unit 190 of the personal information server 100 is connected to the consent request information. Generate predetermined transaction data including 'personal information holding institution identification information' as sender identification information 'and' the communication ID as receiver identification information ', calculate a hash value of the transaction data, and determine the immediately preceding block ID on the blockchain network. Search and encrypt the 'hash value of the transaction data' with the private key of the personal information holding institution to generate a digital signature of the personal information holding institution, and the last block ID, the 'hash value of the transaction data' and the digital signature Generates a predetermined block header to include, generates a hash value of the block header with a predetermined block ID, and includes a block header and the transaction data Generating a definition block and retrieving the connection addresses of the nodes 600 from the node DB 180 and transmitting the generated blocks to the connection addresses of the nodes 600; And storing the block in the distributed ledger when the nodes 600 receive the block. It includes.

On the other hand, according to another aspect of the present invention, the communication ID is an address, and the information transmitted is registered in the content certificate to the address.

Meanwhile, according to another aspect of the present invention, the communication ID extracted by matching the personal information ID in step 630 is one of a phone number, an e-mail address, and a messenger account ID. In step 635, the consent request information is the communication. Not directly transmitted to the ID, but matched with the communication ID of the personal information server as the caller identification information and the communication ID as the reception identification information is transmitted to the public power station server 700, step 635, the public power station server 700 is said Upon receiving the consent request information matched with the communication ID ', the current date and current time value are queried from a timer (not shown), and a predetermined timestamp composed of the current date and current time value is displayed in the contents verification DB 720. 'Communication ID of the personal information server as caller identification information', 'the communication ID as the receiver identification information' and 'the consent application information as the transmission information' are stored, and the public utility server 700 matches the 'number'. Relaying the consent application information to the communication ID 'as new identification information; It includes.

In step 640, when the 'consent request information transmitted in step 635' is received in the 'customer terminal 300 matching the communication ID in step 635', under the control of the anonymization app 310, an output unit (not shown) On the received 'consent request statement, information provision applicant information, target information identification information and inquiry reason explanation information, and consent box and rejection box are output.

According to an additional aspect of the present invention, the consent request information transmitted in step 635 includes a predetermined code, and when the customer terminal 300 receives the code, the anonymization app 310 is activated, and the output unit is output. The information is output to (not shown).

In the case of the case of the mice illustrated in the step 625 and step 630, whether the settlement error as the customer information (300) as a service name, 'the telephone number as the service identification information identification information' and 'company description information' When a predetermined consent request information including 'confirmation' and 'prescribed consent request statement' is received, the consent request information is displayed on the output unit (not shown), 'the Korean subject as information provision applicant information' and 'target information identification information'. Telephone number as', 'confirmation of settlement error as company description information', consent box and reject box will be displayed.

In the case of the remittance case illustrated in steps 625 and 630, the customer terminal 300 provides a 'world remittance as a service name' and 'phone number as a target information identification information' and 'commodity description information' When receiving the 'prescribed consent request information' including 'prescribed consent request sentence' and the consent request information on the output unit (not shown), 'world remittance as information providing applicant information' and 'a target information identification information' Phone number 'and' Provide product information as company description information ', consent box and reject box will be output.

When the customer selects the consent box using the input unit (not shown) of the customer terminal 300 in step 645, the master password input box and the confirmation box are output to the output unit (not shown).

In step 650, when the customer enters the master password using an input unit (not shown) of the customer terminal 300 and selects a confirmation box, the personalized information ID and 'matched to the personal information holding institution identification information in the anonymization DB 312 is selected. The encrypted password 'and the communication key are retrieved, the' encrypted password 'is decrypted with the decryption key of the master password, and the current shared variable is output from the shared variable calculating unit 314, and the' decrypted password and the At least one of the communication key and the output shared variable is substituted into a predetermined personal authentication information calculation function, and the personal authentication information is calculated. The personal information ID and the real name are transmitted from the customer terminal 300 to the personal information server 100. At least one of a communication ID matched with a number and a customer terminal ', and predetermined consent information including' a calculated identity authentication information 'and a' prescribed consent statement 'is transmitted.

According to an additional aspect of the present invention, step 650 may include: retrieving one or more of a 'communication ID matched to a customer terminal' and a real name number in the personal information DB 311; It may include.

An additional aspect and another aspect related to the authentication information illustrated in step 320 of FIG. 4 may be applicable to step 650.

According to an additional aspect of the present invention, step 650 is a step in which the 'communication ID of the customer' and the 'encrypted customer's private key' are retrieved from the personal information DB 311 of the customer terminal 300; Retrieving a communication ID matched with the personal information holding institution identification information from the anonymization DB 312; Decrypting the 'encrypted customer's secret key' with the decryption key; The block generation unit 319 generates predetermined transaction data including the consent information, the communication ID of the customer as the sender identification information, and the communication ID matched to the personal information holding institution identification information as the receiver identification information. Calculate a hash value of the transaction data, encrypt the hash value of the transaction data with the decrypted secret key of the customer, generate a digital signature of the customer, and generate a hash value of the transaction data. Generating a predetermined block header including the digital signature and generating a predetermined block including the block header and the transaction data; Retrieving connection addresses of nodes 600 from node DB 318; Transmitting the generated block to access addresses of the nodes (600); Calculating a hash value of 'transaction data extracted from the received block' when the nodes 600 receive the block; Decrypting the calculated hash value and 'digital signature extracted from the received block' with the 'public key of the owner of the client terminal 300'; Determining whether the decoded digital signature matches the hash value; If it is determined to match, extract the transaction data, the root hash value and the digital signature from the received block, search for the previous block ID on the blockchain network, search the previous block ID, the root hash value, the digital signature and the predetermined signature. Generating a predetermined block header including difficulty information, a predetermined nonce and a predetermined timestamp, generating a predetermined completed block including the block header and the extracted transaction data, and storing the predetermined block header in the distributed ledger 620 Arranging the completed block into a subsequent block of 'block matching the previous block ID' on the block chain network; It includes.

According to another aspect of the present invention, in step 650, the consent information is not directly transmitted to the personal information server 100, but the communication ID of the customer terminal as the caller identification information and the communication ID of the personal information server as the reception identification information. Is transmitted to the public power station server 700 and step 650, when the public power station server 700 receives the agreement application information matched with the communication IDs, a current date and a current time value are generated from a timer (not shown). Is retrieved and matched to the current date and time value in the content verification DB 720, 'communication ID of the customer terminal as call identification information' and 'communication ID of the personal information server as reception identification information' and 'transmission information'. Relaying the consent information to the 'communication ID of the personal information server as the reception identification information' by the public power station server 700; It includes.

In step 655, the personal information server 100 includes one or more of a personal information ID, a real name number, and a communication ID matched to the customer terminal, and a predetermined personal identification information and a predetermined consent statement. When the "consent information" is received, the "hashed password and communication key" matched with "one or more of the personal information ID, real name number and the communication ID matched to the customer terminal" is retrieved from the personal information DB 110, The shared variable calculator 140 outputs a predetermined shared variable, and determines whether the retrieved 'hashed password' matches the 'received authentication information'.

Additional aspects illustrated in step 325 of FIG. 4 are also applicable to step 655.

If the determination in step 655 is affirmative, step 660 is operated.

In step 660, a one-time communication key is randomly generated in the personal information server 100, at least one of the personal information ID and real name number and the communication ID matched to the customer terminal received in step 655 in the personal information DB 110 The communication key matched with 'is updated with the generated one-time communication key, the generated one-time communication key is transmitted to the customer terminal 300,' one or more of personal information DB 110 and real name transaction DB 130 Data matching all of the " search item identification information included in the search item list received in step 625 " and " at least one of the personal information ID, real name number and communication ID matched to the customer terminal " The extracted data is matched with each shared alias ID extracted in step 630 and the searched item identification information matched and searched to form a reply information list, and the reply information list is the information received in step 625. Times for As it is transmitted to the service server 200.

For example, in step 660, the personal information server 100 may randomly generate “10” as a one-time communication key.

If the case is an example of the case of the case illustrated in step 640, the communication key matched to the virtual account number 226-000296-00107, which is the shared alias ID extracted in step 630 in the personal information DB (110) 'the It is updated to the generated one-time communication key 10 ', the '10 as a newly generated one-time communication key' is transmitted to the customer terminal 300, the virtual account number 226 'the shared alias ID' in the anonymization DB 120 'Resident Registration Number 760821-2065321', which is a personal information ID matched with '000296-00107', is extracted, and the phone number, which is the only search item identification information included in the search item list received in step 625, in the personal information DB 110 '010-1234-4567' may be extracted as data matching both 'and' the resident registration number 760821-2065321 which is the personal information ID. In this case, the extracted '010-1234-4567' is matched with 'the shared alias ID 226-000296-00107 and the search item identification information phone number' to form a reply information list, and the reply information list is 'step' 'Information received at 625' will be sent to the service server 200.

If the case is an example of the remittance case illustrated in step 640, the 'personal information ID resident registration number 800305-2032434' matching the 'virtual account number 101-114936-00107, the shared alias ID' in the anonymization DB 120 is The extracted communication key is matched with the 'personal information ID of the resident registration number 800305-2032434' in the personal information DB 110 is updated to 'the generated one-time communication key 10', the 'new' to the customer terminal 300 The generated one-time communication key 10 'is transmitted, and the personal information DB 110,' the phone number, which is the only search item identification information included in the search item list received in step 625 'and the resident registration number 800305, which is the personal information ID. '010-4321-4456' may be extracted as data matching all of -2032434 '. In this case, the extracted '010-4321-4456' is matched with the 'matched and searched', the shared alias ID 101-114936-00107 and the search item identification information, the telephone number 'to form a reply information list, and the reply information The list will be sent to the service server 200 as a reply to the 'information received in step 625'.

The predetermined shared alias IDs transmitted from the personal information server 100 in step 660 as a response to the search request information transmitted from the service server 200 to the personal information server 100 in step 620. And a predetermined reply information list including predetermined data matched with the predetermined search item identification information, 'matched with the predetermined search item identification information matched with each shared alias ID included in the reply list. The predetermined analysis operation is performed using the predetermined data '.

According to an additional aspect of the present invention, step 665, in the pseudonym transaction DB 230, the data matched with the respective shared alias ID and the field identification information matched with the respective data, and the 'shared alias ID' Step 665a of matching the received matching data with the search item identification information by integrating the shared alias ID into a mapping key; It includes.

According to an additional aspect of the above aspect, the step 665a may extract a predetermined internal source DB by extracting 'data matching the predetermined field identification information' matched with the respective shared alias IDs from the pseudonym transaction DB 230. Generating; And a shared alias including 'data matched to predetermined search item identification information' (hereinafter referred to as " external source DB ") and the internal source DB that are matched to each shared alias ID. Integrating the ID field as a mapping key; It includes.

When the customer terminal 300 receives the 'one-time communication key transmitted in step 660' in step 670, the communication key matched to the personal information holding organization identification information in the anonymization DB 312 is 'the received one-time communication key' Is updated.

On the other hand, if all of the open condition identification information retrieved in step 625 is a code that does not require consent, step 630 to step 655 is omitted, and steps 630-1 and 660-1 are operated below.

In step 630-1, 'matched search condition item identification information and condition variables' that constitute each search condition are extracted from the search condition list included in the search request information received in step 625 by the personal information server 100. The field identification information matching the search condition item identification information is extracted from the 'personal information DB 110 and the real name transaction transaction DB 130', and is matched with the field identification information. Data matching the matching condition variable 'is extracted, shared alias IDs matching the respective data are extracted, and personalization IDs matching the shared alias IDs are extracted from the anonymization DB 120.

In step 660-1, at least one of the personal information DB 110 and the real name transaction DB 130 in the personal information server 100, and the respective search item identification information included in the search item list received in step 625. Data matching all of the shared alias ID (or personal information ID) extracted in step 630-1 is extracted, and the extracted data is matched with the 'matched and searched shared alias ID and search item identification information'. A reply information list is constructed, and the reply information list is transmitted to the service server 200 as a reply to the 'search request information received from the service server 200 in step 625'.

After step 660-1 is operated, step 665 is operated.

On the other hand, if the 'open condition identification information retrieved in step 625' is not available code 'step 630 to step 655' is omitted and step 660-2 is operated.

In operation 660-2, the message matching the search item identification information included in the search item list received in operation 625 is transmitted to the service server 200.

8 is a view illustrating an operation of a service company inquiring and utilizing 'anonymous statistics' in a preferred embodiment of the method for protecting and using personal information using the shared alias ID of the present invention.

Steps 605 to 610 of FIG. 7 are operated.

In step 615-3, a predetermined condition variable is selected or input by matching each of the search condition item identification information matching the check box selected in step 610, and each search item identification information matching the check box selected in step 610. When the statistical method identification information matched with the field 'is selected, each search condition item identification information and each condition variable are matched to form one search condition, and a predetermined search condition list is prepared from the configured search conditions. Each matched search item identification information and each statistical method identification information are matched to define one search item statistics amount, and a predetermined search item statistics list is created by the search item statistics definitions.

An additional aspect and example at step 615 of FIG. 7 also applies to step 615-3.

In the case of the remittance case illustrated in step 615, 'the remittance settlement application date from May 20, 2018 to May 20, 2018' was configured as one of the search conditions. It may be illustrated. In this case, if the check box matching the "monthly average remittance amount" as the search item identification information is selected by the operation of step 615-3 and "average" is selected as the statistical method identification information, the 'average of the monthly average remittance amount' is the search processing statistic. It will form one of the definitions, and it will be possible to create a search item statistics list as the search item statistics definition.

When the inquiry reason identification information is input in step 620-3, the inquiry reason identification code matching the inquiry reason identification information, the search condition list created in step 615-3, and the inspection item statistics list prepared in step 615-3 The predetermined search request information including a is transmitted to the personal information server 100 in a way that can be matched to the service company identification code.

Additional aspects and examples in step 620 of FIG. 7 are also possible in step 620-3.

In step 625-3, the personal information server 100 includes a predetermined condition including a search condition list, a search item statistics list, and a search reason identification code, which are transmitted in a manner that can be matched with the service identification code in step 620-3. When the search request information 'is received, the search reason DB 160 matches the search item identification information and the statistical method identification information that match each of the search item statistics definitions included in the search item statistics list. Public condition identification information matching 'private identification code' is searched.

In the case of the remittance case illustrated in step 615-3, the personal information server 100 in step 625-3 is the only one search condition constituting the search condition list, and the remittance settlement request date starts from May 20, 2018. Search request including 'Average of average monthly remittance amount,' and '06 (or 07) as a company's identification code 'as the only search item statistics definition constituting the search item statistics list until May 20, 2018' ' The information will be received and corresponds to the 'average average amount of money as search item identification information' and 'average' as 'statistic method identification information' matching the 'search item statistics definition, average of monthly average amount of money remitted' in inquiry reason DB 160. The public condition identification information matching '06 (or 07) as the company identification code will be searched. For example, if it matches '06 as a company's identification code ', the consent-unnecessary code will be searched, and if it matches '07 as the company's identification code', the consent-needed code may be searched.

If at least one of the 'open condition identification information retrieved in step 625-3' is a consent required code, after steps 630, 635-3, and 640-3 in FIG. 7 are operated, steps 645 to FIG. Step 655 and below step 660-3 are operated.

In step 635-3, 'the service name extracted in step 630' and 'provided target information identification information and matching statistical method identification information' as the information provision application identification information in the personal information server 100; 'Pairs of search item identification information and statistical method identification information' constituting each search item statistics definition included in the search item statistics list received from the 'search reason explanation information extracted in step 630' and 'prescribed consent' The predetermined consent application information including the phrase 'is transmitted to the communication ID extracted by matching with the personal information ID in step 630.

In step 640-3, when the 'consent request information transmitted in step 635-3' is received in the 'customer terminal 300 matching the communication ID in step 635-3', according to the control of the anonymization app 310, In the output unit (not shown), the received consent request sentence, information providing applicant information, 'providing target information identification information and matching statistical method identification information', inquiry reason explanation information, consent box and reject box are output.

In step 660-3, a one-time communication key is randomly generated in the personal information server 100, and in the personal information DB 110, among the communication IDs matched with the personal information ID, the real name number, and the customer terminal received in step 655. The communication key matched with one or more 'is updated with the generated one-time communication key, the generated one-time communication key is transmitted to the customer terminal 300, the' personal information DB 110 and the real name transaction DB 130 At least one search item identification information matching the search item statistics constituting the search item statistics list received at step 625-3 and the data matching both the shared alias ID extracted at step 630 are extracted. And a statistical method that is matched with 'statistic method identification information matched with each search item identification information' is applied to the 'data extracted by matching each search item identification information' to calculate a predetermined statistics. This said 'hawk The reply list is created by matching the identification information, each of the search items, the returned list is transmitted to the service server (200).

For example, in step 660, the personal information server 100 may randomly generate “10” and “25” as single-use communication keys.

If the case is an example of the remittance case illustrated in step 640, in the anonymization DB 120 'virtual account number 101-114936-00107 and virtual account number 335-003245-00107 which is the shared alias ID extracted in step 630' "Resident registration numbers 800305-2032434 and 761107-1020321" are extracted as the personal information IDs respectively matched to, and the communication key matched to the extracted resident registration numbers 800305-2032434 and 761107-1020321, respectively, in the personal information DB 110 is' The generated one-time communication keys 10 and 25, respectively, are updated to the 'customer terminal 300 matching the resident registration number 800305-2032434' and the 'customer terminal 300 matching the resident registration number 761107-1020321' respectively. '10 and 25 as a newly generated one-time communication key 'is transmitted, and in the personal information DB 110, the monthly average remittance amount, which is the only search item statistics definition, which constitutes the search item statistics list received in step 625-3 Search term expression matching "Average" '600,000 won' is extracted as data matching both the "monthly average remittance amount" and "personal identification number 800305-2032434" information, and "the average monthly remittance amount of the search item identification information" and "resident registration number 761107" are the personal information ID. '1,400,000 won' may be extracted as data matching all of '-1020321'. In this case, a statistical method matching "average" as statistical method identification information is applied to the extracted '600,000 won and 1,400,000 won' to 'monthly average remittance amount as the search item identification information', and thus, '1,000,000 won' Will be calculated. Then, a reply list is prepared by matching the 'monthly average remittance amount as search item identification information' with '1,000,000 as a matched statistic', and the reply list is transmitted to the service server 200.

After step 660-3 is operated, step 665 and step 670 of FIG.

If the 'open condition identification information retrieved in step 625-3' is all of the 'unnecessary consent code', steps '630 to 655' are omitted and the following steps 630-4 and 660-4 are operated.

In step 630-4, 'matched search condition item identification information and condition variables', which constitute 'each search condition included in the search condition list received in step 625-3', is extracted from the personal information server 100, The field identification information matching the search condition item identification information is extracted from the 'personal information DB 110 and the real name transaction DB 130', and is matched with the search condition item identification information while matching the field identification information. The data matching the condition variable 'is extracted, the shared alias IDs matching the respective data are extracted, and the personalization IDs matching the shared alias IDs are extracted from the anonymization DB 120.

Each search item statistics constituting the search item statistics list received in step 625-3 in 'one or more of the personal information DB 110 and the real name transaction DB 130' in the personal information server 100 in step 660-4 Data matching both the search item identification information matching the 'definition' and the 'shared alias ID (or personal information ID) extracted in step 630-4' are extracted, and the data extracted by matching the 'search item identification information' Is applied to a statistical method matching 'statistic method identification information matched to the respective search item identification information' to calculate a predetermined statistics, and matching the respective 'matched statistics' to each search item identification information. A reply list is created, and the reply list is transmitted to the service server 200.

In the case of the remittance case illustrated in step 640, the personalization ID matched to the virtual account number 101-114936-00107 and 335-003245-00107 as the shared alias ID extracted in step 630 in the anonymization DB 120, respectively. "Resident registration number 800305-2032434 and 761107-1020321" will be extracted, and in the personal information DB 110 of the average monthly remittance amount, which is the only search item statistics definition constituting the search item statistics list received in step 625-3 '600,000 won' is extracted as the data matching both the "monthly average amount of remittance", which is the search item identification information matching "average", and the resident registration number 800305-2032434, which is the extracted personal information ID, and the "monthly average of the search item identification information" is extracted. '1,400,000 won' may be extracted as data that matches both the remittance amount 'and the' resident registration number 761107-1020321 ', which is the personal information ID extracted in step 630. In this case, a statistical method matching "average" as statistical method identification information is applied to the extracted '600,000 won and 1,400,000 won' to 'monthly average remittance amount as the search item identification information' and thus, '1,000,000 won' as a predetermined statistics. Will be calculated. Then, a reply list is prepared by matching the 'monthly average remittance amount as search item identification information' with '1,000,000 as a matched statistic', and the reply list is transmitted to the service server 200.

After step 660-3 is operated, step 665 of FIG. 7 is operated.

On the other hand, if the 'open condition identification information retrieved in step 625-3' is 'not available code', step '630 to step 655' are omitted and step 660-5 is operated.

In step 660-5, the message matching the search item identification information included in the search item list received in step 625-3 is transmitted to the service server 200.

9 is a view illustrating an operation of exerting a movement right for a user's personal information stored in the personal information server 100 in a preferred embodiment of the method for protecting and utilizing personal information using the shared alias ID of the present invention.

In operation 705, when the client terminal 300 accesses the personal information movement request page of the personal information server 100 by using a known method, one or more 'check boxes' are matched to an output unit (not shown) of the client terminal 300. Search item identification information ', a received service identification information input field, and a predetermined confirmation box are output.

According to one embodiment of the invention, the personal information server 100 is a server of the bank that stores the deposit transaction information of individuals, the server of the tax authority storing the tax payment records, the national pension payment records of individuals It is one of the server of the National Pension Service, the server of the Medical Insurance Corporation, which stores the medical insurance payment records of individuals, and the server of the telecommunications company, which stores the communication bill payment records. The search item identification information is the previous year. At least one of income tax payment, last year's property tax payment, last year's national pension payment, last three years' communication fee payment, last three years' communication fee delinquency, last three years' communication fee delinquency, telecommunication service member and delinquent performance information.

According to an additional aspect of the present invention, step 705, the customer selects the anonymized app box output to the output unit (not shown) of the customer terminal 300, using the input unit (not shown) of the customer terminal 300. Step 705a; A step 705b in which the site names stored in the site name field are extracted from the anonymization DB 312 and output to an output unit (not shown) of the customer terminal 300; The customer selects a site name corresponding to a specific personal information holding institution among the outputted site names by using an input unit (not shown) of the customer terminal 300: Step 705c in the anonymization DB 312 (step 705c ( Or step 705d of searching for an access address matching 'site name selected in step 705c-1 of FIG. 10; The access address corresponding to the personal information movement request page of the personal information server 100 operated by the personal information holding institution corresponding to the site name selected in step 705c, the client terminal 300 is the access address retrieved in step 705d. Connected to step 705e; Step 705f, 'information about the personal information movement request page accessed in step 705e' is transmitted from the personal information server 100 to the customer terminal 300; And a field for inputting the names of 'search item identification information matched with a check box' and 'service company to receive personal information' (hereinafter referred to as 'receiving service company') in the customer terminal 300 (hereinafter referred to as “receive service”). A step 705g of outputting a predetermined personal information moving request page including a "person name input field" and a confirmation box; It includes.

In operation 725, the customer selects one or more of the checkboxes matching the search item identification information output in operation 705 using the input unit (not shown) of the customer terminal 300.

In operation 730, when the customer selects a predetermined service company name as a reception service company name by matching the reception service identification information input field using an input unit (not shown) of the customer terminal 300, and selects a confirmation box, The service identification code matched with the name of the reception service company is extracted as the service identification code of the reception service company, and a master password input field and a confirmation box are output to an output unit (not shown).

According to an additional aspect of the present invention, step 730, the customer uses the input unit (not shown) of the customer terminal 300 to insert a part of the 'characters constituting the receiving service company name' in the receiving service identification information input field; Input step 730a; Step 730b, wherein the inputted information is transmitted to the personal information server 100; When the personal information server 100 receives the 'information transmitted in step 730a', the service company names including 'the received information' are extracted from the service company name field of the service company DB 170; A step 730d of extracting a service company identification code matching the extracted service company names from the service company DB 170; 'Matching and extracted service identification codes' matched to the extracted service company names, respectively, to form a predetermined service identification information list and transmitting the service identification information list to the customer terminal 300. 730e; When the customer terminal 300 receives the 'service identification information list transmitted in step 730e', the service names extracted from the service identification information list are matched with the 'receive service company name input field output in step 705'. 'Is output 730f; Step 730g, wherein the customer selects one of the output service company names as the service company name of the receiving service company using an input unit (not shown) of the customer terminal 300; In step 730h, the service terminal identification code matching the 'service company name selected in step 730g' in the 'service service identification information list received in step 730f' is extracted as 'the service identification code of the receiving service company' in the customer terminal 300. ; It includes.

When the master password is input to the customer terminal 300 in step 735 and the confirmation box is selected, the 'access address of the personal information server 100' matching the 'page address accessed in step 705' in the anonymization DB 312 is entered. Searched, the login ID for the personal information server matched with the access address, the 'encrypted password' for the personal information server, the communication key for the personal information server, and the public key of the personal information holding institution are searched, and the 'encrypted password' is the master. The password is decrypted with a decryption key, and the current shared variable is output from the shared variable calculation unit 314, and 'one or more of the decrypted password, the communication key for the personal information server, and the output shared variable' is predetermined. The identity authentication information is calculated by substituting the information output function, and 'identification information for the person who receives the predetermined personal information movement application information' (hereinafter referred to as 'personal information movement application information receiver identification'). "The access address of the personal information server 100" and "identification information for the person sending the personal information movement request information" (hereinafter referred to as "personal information movement application information caller identification information") 'The retrieved login ID', 'the calculated identity authentication information' and 'information for identifying personal information subject to the personal information movement application' (hereinafter referred to as 'mobile application subject identification information information') As the 'search item identification information matched to the check boxes selected in step 725' and 'information for identifying the person who will receive the personal information subject to the personal information movement application' (hereinafter referred to as 'personal information recipient identification information') In step 730, the predetermined personal information movement request information including the service identification code extracted as the received service identification code is created, and the created personal information movement application information is referred to as 'personal information movement request'. Maintenance faithful identifying the public key matches the access address "in the personal information server 100 as the information is encrypted (hereinafter" personal mobile information application recipient's public key "referred to).

According to an additional aspect of the present invention, since the access address accessed in step 705 is the access address of the personal information movement request page of the specific personal information server 100, in step 735, the 'login ID' matched to the access address is searched. And the encrypted password, the communication key and the public key, respectively, are 'personal information ID registered by the customer in the personal information holding institution operating the personal information server 100' and 'login password registered by the customer in the personal information holding institution'. 'Encrypted value' and 'communication key stored by matching the personal information ID in the personal information server 100' and 'public key of the personal information holding institution'.

Meanwhile, according to another aspect of the present invention, in step 705, a receiver identification information input field and a receiver public key input field may be output in place of the reception service identification information input field, and in this aspect, the customer identifies the receiver identification information input field in step 730. Enter the recipient's communication ID (e.g., at least one of a mobile phone number, an e-mail address, and a messenger account) into the recipient's public key input field in step 735, and in step 735 as the received service identification code in step 730, In place of the extracted service ID number, the communication ID of the receiver as the receiver identification information and the public key of the receiver are included in the personal information transfer application information.

An additional aspect and another aspect related to the authentication information illustrated in step 320 of FIG. 4 may also be applied to step 735.

In step 740, the communication ID and the 'encrypted secret key' of the client terminal 300 are retrieved from the personal information DB 311, and the encrypted secret key is decrypted with the master password input in step 735, and a block is generated. The unit 319 prepares predetermined transaction data including 'personal information movement request information encrypted in step 735', 'the communication ID as the sender identification information' and 'the access address retrieved in step 735 as the receiver identification information'. Calculate a hash value of the transaction data, encrypt the 'hash value of the transaction data' with the 'decrypted secret key' to generate a digital signature of the customer, and generate a hash value of the transaction data, the transaction data, and the A predetermined block including a digital signature is generated, and the access addresses of the nodes 600 are retrieved in the node DB 318, and the generated block is the 'access address retrieved in step 735'. It is sent to the "address of the access nodes 600 '.

According to an additional aspect of the present invention, prior to step 740, a step of generating or inputting a secret key of a 'customer matching the customer terminal 300' in a predetermined method in the customer terminal 300; Inputting the master password of the customer to the customer terminal 300; Encrypting the secret key with the input master password; Storing the encrypted secret key in a personal information database (311); Is operated.

In step 745, when the nodes 600 receive the 'block transmitted in step 740 (or step 740-1 of FIG. 10)', the block is stored in the distributed ledger 620.

According to an additional aspect of the present invention, step 745 includes: calculating a hash value of 'transaction data extracted from the received block' at each node 600; Decrypting the 'digital signature extracted from the received block' with the 'public key of the owner of the client terminal 300'; Determining whether the decoded digital signature matches the hash value; If a match is found, a root hash value of transaction data including transaction data included in the received block is calculated, a previous block ID is searched on a blockchain network, the previous block ID, the root hash value, and a predetermined value are determined. Generate a block header including difficulty information, a nonce and a timestamp, and include a predetermined completed block including the block header and 'transaction data including the extracted transaction data used for calculating the root hash value'. Generating and storing the completed block in a distributed ledger 620 as a subsequent block of 'block matching the previous block ID' on the block chain network; It includes.

When the personal information server 100 receives the 'block transmitted in step 740' in step 760, transaction data is extracted from the block, 'encrypted personal information movement request information' is extracted from the transaction data, and the encryption is performed. The personal information movement request information is decrypted with the decryption key of the 'secret key of the personal information holding institution, which is retrieved by a predetermined method,' and the personal information movement application information recipient identification information and the 'personal information movement' The predetermined personal information ID as the application information sender identification information, the predetermined personal identification information, 'the predetermined search item identification information as the personal information item identification information to be moved' and the predetermined personal information receiver identification information are extracted. In the information DB 110, a 'hashed password and communication key' matched with the extracted personal information ID 'is retrieved, and the shared variable calculating unit 140 determines a predetermined shared variable. Output, and the searched 'a hashed password, it is determined that the matching and "the received identity authentication information.

Additional aspects illustrated in step 325 of FIG. 4 are also applicable to step 760.

Meanwhile, in step 735, 'communication ID and public key of the personal information receiver' is replaced by 'service identification code extracted as a reception service identification code' in step 730 as personal information receiver identification information to be included in the personal information movement request information. If included, in step 760 the 'communication ID and public key' will be extracted by substituting the service identification code from the decrypted personal information movement request information.

If the determination in step 760 is affirmative, step 765 is operated.

In step 765, the personal information DB 110 and the real name transaction DB 130, the personal information ID extracted in step 760 (or step 760-1 of FIG. 10) and step 760 (or step 760-1 of FIG. 10). Data matching all the extracted 'search item identification information' are extracted, and the extracted data and the 'matched search item identification information' are matched with each other to create predetermined target information, and randomly The communication key is generated, the communication key matched with the personal information ID in the personal information DB 110 is updated with the generated communication key, and the communication ID matched with the personal information ID is retrieved from the personal information DB 110. In addition, the updated communication key is transmitted to the customer terminal 300 matched with the communication ID in a 'method capable of matching the personal information holding institution identification information'.

According to an additional aspect of the present invention, in step 765, when the customer terminal 300 receives the updated communication key in a 'method of matching personal information holding institution identification information', the anonymizing app 310 Starting and updating the communication key matched with the personal information holding institution identification information in the anonymization DB 312 with the received communication key; It includes.

In step 780, the 'public key and communication ID' matched with the 'service company identification code as personal information receiver identification information extracted in step 760' in the service company DB 170 is retrieved, and in the anonymization DB 120 The shared alias ID matching both the information ID and the service ID code is searched, predetermined personal information moving information including the shared alias ID and 'provided information provided in step 765' is created, and the searched public key is used as the search key. The personal information movement information is encrypted, and the encrypted personal information movement information is transmitted to a communication ID matching the recipient identification information.

Meanwhile, according to another aspect of the present invention, the personal information moving information may include the personal information ID in addition to the shared alias ID or in addition to the shared alias ID.

On the other hand, in the case of the aspect in which the communication ID and the public key of the receiver are extracted by replacing the received service identification code in the decrypted personal information movement request information in step 760, the service company DB 170 in step 780 The operation of retrieving the public key and communication ID matched with the received service identification code will be omitted, and the personal information movement information will be encrypted with the extracted public key of the recipient, and the encrypted personal information movement information Is transmitted to the communication ID of the extracted receiver.

Hereinafter, "transmitted with a communication ID matching the receiver identification information" means that the service company DB 170 transmits the received communication ID matched with the received service ID code and retrieves the received ID of the receiver. Commonly transmitted to the communication ID '.

When the service server 200 receives the 'encrypted personal information movement information' transmitted in step 780 in step 785, the service key 200 searched by a predetermined method is used as the decryption key as the decryption key. The encrypted personal information movement information is decrypted, and a predetermined operation is performed using the decoded information.

According to an additional aspect of the present invention, the service server 200 is one server of a financial company and a credit rating company, and the customer terminal 300 is to obtain a loan from the financial company or credit from the credit rating company The decoded information is one of the tax payment performance information, the national pension payment performance information, and the communication fee payment performance information of the customer, and the predetermined operation is performed by the customer. Evaluate.

10 is a preferred embodiment of the method for protecting and utilizing personal information using the shared alias ID of the present invention, in order for the customer to conveniently exercise the right to move his / her personal information stored in the plurality of personal information servers 100. FIG. 1 is a view for explaining an embodiment of an operation of centrally storing the personal information in the personal information management server 800.

In step 705-1, when the customer terminal 300 accesses the personal information collection request page of the personal information management server 800 by a known method, one or more personal information is retained in an output unit (not shown) of the customer terminal 300. A predetermined personal information collection request screen including an organization name input field and a predetermined confirmation box is output.

According to an additional aspect of the present invention, step 705-1 may include steps 705a and 705b in FIG. 9; A step in which the customer selects a site name corresponding to the personal information management institution from the output site names by using an input unit (not shown) of the customer terminal 300; step 705-1c: step 705d in FIG. 9; Step 705 in which the customer terminal 300 is connected to the main page of the personal information management server 800 operated by the personal information management institution corresponding to the site name selected in step 705-1c, which is the access address found in step 705d. -1e; Step 705-1f, in which 'information about the main page accessed in step 705-1e' is transmitted from the personal information management server 800 to the customer terminal 300; Step 705-1g of outputting a 'predetermined main screen including a personal information collecting box and a personal information selling box' to the customer terminal 300; In step 705-1h, the customer selects the output personal information collection box by using an input unit (not shown) of the customer terminal 300. The information on the personal information collection box is transmitted to the personal information management server 800. Step 705-1i; In step 705, when the personal information management server 800 receives the information of selecting the personal information collection box, the information on the personal information collection application screen is transmitted from the personal information management server 800 to the customer terminal 300. -1j; And a step 705-1k outputting a predetermined personal information collection request screen including one or more personal information holding institution name input fields and a confirmation box to the customer terminal 300; It includes.

In step 710-1, when the customer selects or inputs a predetermined personal information holding institution name by using an input unit (not shown) of the customer terminal 300, matches a personal information holding institution name input box, and selects a confirmation box, ' The personal information holding institution identification code matching the selected or input personal information holding institution name is transmitted to the personal information management server 800.

According to an additional aspect of the present invention, step 710-1 includes a 'characters constituting a personal information holding institution name' in a personal information holding institution name input field by a customer using an input unit (not shown) of the customer terminal 300. Inputting a portion of 710-1a; Step 710b, wherein the inputted information is transmitted to the personal information management server 800; When the personal information management server 800 receives the 'information transmitted in step 710-1a', the personal information holding authority includes the 'received information' in the personal information holding institution name field of the personal information holding institution DB 850. Step 710-1c where the engine names are extracted; Extracting, from the personal information holding institution DB 850, the personal information holding institution identification codes matching the extracted personal information holding institution names; Matching the extracted personal information holding institution names with the extracted personal information holding institution identification codes, respectively, and creating a predetermined personal information holding institution identification information list to be transmitted to the customer terminal 300. 710-1e; When the customer terminal 300 receives the 'personal information holding institution identification information list transmitted in step 710-1e' and matches the 'personal information holding institution name input field output in step 705-1', the personal information holding institution 710-1f outputting personal information holding organization names extracted from the identification information list; Step 710-1g, wherein the customer selects one of the output personal information holding institution names using an input unit (not shown) of the customer terminal 300; Step 710, the personal information holding institution identification code matching the 'personal information holding institution name selected in step 710-1g' is extracted from the 'personal information holding institution identification information list received in step 710-1f' in the customer terminal 300 -1 h; It includes.

In step 715-1, when the personal information management server 800 receives the 'personal information holding institution identification code transmitted in step 710-1', the personal information holding institution DB 850 matches the personal information holding institution identification code. The field identification information of the field in which the information providing attribute is stored is extracted as search item identification information, and the extracted search item identification information is transmitted to the customer terminal 300.

When the customer terminal 300 receives the 'search item identification information transmitted in step 715-1' in step 720-1, the search item identification information is matched with a predetermined check box in an output unit (not shown). The moving period identification information is output in correspondence with a predetermined check box, and a master password input field and a confirmation box are output.

According to an additional aspect of the present invention, one of the search item identification information may include 'identification information for selecting all search items' (eg, “all”).

According to an additional aspect of the present invention, the movement period identification information includes information for identifying a one-time movement (for example, "only once") and information for identifying a repetitive movement period (for example, "monthly"); Information that identifies a specific event (e.g., a personal information change event, an event requested by a personal information management agency, etc.), and identifies a deadline for which such event is valid (e.g. "1 year from today") One or more of the information (eg, “June 30, 2019”) may be included to identify the expiration date of such request delegate.

According to an additional aspect of the present invention, one or more of the checkboxes output in step 720-1 may be selected as the default.

In step 725-1, information for selecting the predetermined search item identification information, information for selecting the predetermined movement period identification information, and the master password are input from the customer terminal 300, and a confirmation box is selected.

For example, in operation 725-1, the customer may use the input unit (not shown) of the customer terminal 300 to check boxes matched to each search item identification information output in step 720-1. And one or more of the check boxes matched with each movement period identification information ', input the master password and select the confirmation box.

In step 730-1, each of the personal information holding institution identifications matched with the personal information holding institution name in the anonymization DB 312 by the 'personal information holding institution names selected in step 710-1' in the customer terminal 300 The personal information ID matched with the codes', the encrypted password and the communication key are retrieved, and each of the retrieved 'encrypted passwords' is decrypted with the decryption key of the master password, respectively, and is shared by the shared variable calculation unit 314. A variable is output, and for each of the decrypted passwords, at least one of 'the respective decrypted passwords', 'communication key retrieved by matching the password with the encrypted value', and 'the shared variable output' are predetermined identity authentication information. The personal authentication information is calculated by substituting the calculation function, and the name of each personal information holding institution and 'personal information moving application information recipient identification information' for each personal information holding institution name are calculated. Personal information holding institution identification code matching the name of the information holding institution 'and' the searched personal information ID 'as' personal information moving application information sender identification information', 'the calculated personal authentication information' and 'personal information subject to mobile application' As information, the search item identification information matched to the check boxes selected in step 725-1, and the 'information for identifying a person who will receive the personal information subject to the personal information movement request' (hereinafter referred to as "personal information receiver"). Predetermined personal information movement request information including "access address of personal information management server 800 accessed in step 705-1" as "identification information" is created, and the personal information receiver is received in anonymized DB 312. The public key (hereinafter referred to as "personal information receiver public key") matched with the "access address of the personal information management server 800" as identification information, and the personal information as the personal information movement application information receiver identification information. The public keys (hereinafter referred to as "personal information movement request information receiver public key") matching the holding institution identification code "are searched, and each said personal information movement request information is encrypted with each said personal information movement request information receiver public key. After the first encryption, after each of the 'Personal Information Retention Organization Identification Code as the recipient of the personal information movement request information recipient' is matched with the 'Personal encrypted information movement request information', the respective 'personal information movement request' The first encrypted personal information movement request information matched with the personal information holding institution identification code as the information receiver identification information is second encrypted using the personal information recipient public key as an encryption key.

An additional aspect and another aspect related to the authentication information illustrated in step 320 of FIG. 4 may be applicable to step 730-1.

In step 735-1, the hash value of each of the second encrypted personal information movement request information in the step 730-1 is calculated in the customer terminal 300, and the 'encrypted secret key' in the personal information DB 311. The communication ID of the customer terminal 300 is retrieved, the 'encrypted secret key' is decrypted with the decryption key of the 'master password input in step 725-1', and the second encrypted personal information in each 'step 730-1'. Each predetermined transaction including the communication ID as the mobile application information and the personal information mobile application information sender identification information, and the personal information holding institution identification code in step 730-1 as the personal information mobile application information receiver identification information. Compose data, calculate hash values of the transaction data, integrate the hash values in a known method to calculate a root hash value, and encrypt the root hash value with the 'decrypted secret key' to route the data. Generate digital signature And a predetermined block including the root hash value, the root digital signature, and the transaction data.

A known method of calculating a root hash value by integrating hash values of the respective transaction data may include calculating a hash value of data by combining the hash values of the respective transaction data, and then calculating the hash values again. The operation of calculating the hash value of the data combined by two is repeated until only one hash value remains, and the last remaining hash value is defined as the root hash value.

According to an additional aspect of the present invention, when there is one transaction data, the hash value of the transaction data becomes a root hash value.

In step 740-1, the connection addresses of the nodes 600 are retrieved from the node DB 318, and the block generated in step 735-1 is received in step 735-1 (or step 835 in FIG. 11). It is transmitted to the access address of the personal information management server 800 and the access addresses of the nodes 600 included in the transaction data as identification information.

Step 745 of FIG. 9 is operated.

When the personal information management server 800 receives the 'block transmitted in the step 740-1' in step 750-1, the 'personal information movement request information sender identification' is commonly included in the 'transaction data read in the block'. Read the communication ID as information, search for the public key matched with the communication ID in the customer information DB 810, and decode the root digital signature read in the block with the public key in the block. It is determined whether it matches the root hash value of each read transaction data '.

According to an additional aspect of the present invention, step 750-1 includes calculating a root hash value of 'transactional data read from the block'; Determining whether the calculated root hash value corresponds to a root hash value read from the block; Decrypting the root digital signature with the public key; Determining whether the decoded root digital signature matches a 'root hash value read in the block'; It may include.

If the determination in step 750-1 is affirmative, step 755-1 is operated.

In step 755-1, 'the block received in step 750-1' is stored in the distributed ledger 820 in the personal information management server 800, and each second encrypted individual read from each transaction data included in the block. The information transfer application information is first decrypted with the decryption key using the 'secret key of the personal information management institution, retrieved by a predetermined method, and the personal information holding institution corresponding to each of the first decrypted private information movement application information. The personal information holding institution identification codes are read from the information matching the identification code, and the personal information holding institution identification codes as the personal information moving application information recipient identification information are read from the personal information holding institution DB 850. Matched access addresses (hereinafter referred to as " personal information movement request information receiver access address ") are searched, and each of the 'primary encrypted personal information movement request information' corresponds to the personal information movement request information receiver access address. Each personal information server 100, which is a device, is transmitted in a 'method that can be matched with personal information management institution identification information'.

An embodiment of the method of matching with the personal information management institution identification information is a method of transmitting the personal information management institution identification information to the encrypted personal information movement application information and transmitting the same.

In step 760-1, when the personal information server 100 receives the 'primary encrypted personal information movement request information transmitted in a method capable of matching the personal information management institution identification information in step 755-1', the ' The first encrypted personal information transfer request information is decrypted with the decryption key of the private key held by the predetermined method, and the private information transfer request information sender is decoded from the decrypted personal information transfer request information. Personal information ID 'as identification information, identity authentication information, and search item identification information are extracted, and a' hashed password and communication key 'matched to the personal information ID is searched in personal information DB 110, and a shared variable is calculated. The unit 140 outputs a predetermined shared variable and determines whether the retrieved 'hashed password' matches the 'received authentication information'.

Additional aspects illustrated in step 325 of FIG. 4 are also applicable to step 760-1.

If the judgment at step 760-1 is affirmative, step 765 of FIG. 9 and below step 770-1 are operated.

In step 770-1, the private information server 100's public key and the personal information server match the 'personal information management institution identification information matching the information received in step 760-1' in the service company DB 170 in the personal information server 100. The communication ID of the information management authority is retrieved, and the anonymization DB 120 searches for the "personal information ID extracted from the personal information movement application information in step 760-1" and the "personal information management institution identification information as a service identification code." All matching alias IDs are searched, predetermined personal information moving information including the shared alias ID and 'provided information provided in step 765' is created, and the searched 'public key of the personal information management institution' is used. The personal information movement information is encrypted and the encrypted personal information movement information can be matched with 'personal information holding institution identification information matched with the personal information server 100' in the search of the 'personal information management institution'. It is transmitted to the personal information management server 800 matching the ID '.

Meanwhile, according to another aspect of the present invention, the personal information holding institution operating the personal information server 100 trusts the customer information protection method of the 'personal information management institution operating the personal information management server 800'. The personal information moving information may include the personal information ID by replacing the shared alias ID.

An embodiment of the 'method of matching personal information holding institution identification information' is a method of transmitting the personal information holding institution identification information by matching the encrypted personal information moving information.

In step 775-1, when the personal information management server 800 receives the encrypted personal information moving information, which is transmitted in a method capable of matching the personal information holding institution identification information in step 770-1, the 'encryption' The personal information movement information, which is retrieved by a predetermined method, is decrypted with the decryption key, and the one of the personal information ID and the shared alias ID and the subject of the provision in the decrypted personal information movement information. The information is extracted, 'information matched with the search item identification information' is extracted from the provision target information, and the 'shared alias ID (or personal information) matched with the personal information holding institution identification information in the customer information DB 810. ID) is extracted, and the mapping anonymous ID is extracted from the record, and the search is performed by matching the mapping anonymous ID with the 'field identification information matching the search item identification information' in the combining DB 860. Item expression It is stored in the information "matched with the information.

11 is a preferred embodiment of a method for protecting and utilizing personal information using a shared alias ID of the present invention, wherein the customer receives a payment and exercises the right to move his or her personal information stored in the personal information management server 800. It is a figure explaining an Example.

When the customer terminal 300 accesses the personal information sales application page of the personal information management server 800 in a known method in step 805, predetermined personal information is transmitted from the personal information management server 800 to the customer terminal 300. Information about the sales application screen is transmitted.

According to an additional aspect of the present invention, step 805 includes steps 705a to 705-1g in FIG. 10; A customer selects the output personal information selling box using an input unit (not shown) of the customer terminal 300. Step 705-1m: Information on the personal information selling box is transmitted to the personal information management server 800. Step 705-1n; In step 705- when the personal information management server 800 receives the 'information for selecting the personal information selling box', the information on the personal information selling application screen is transmitted from the personal information management server 800 to the customer terminal 300. 1o; It includes.

When the information regarding the personal information sale request screen is received at the customer terminal 300 in step 810, the access address matching the 'page accessed in step 805' in the anonymization DB 312 under the control of the anonymization app 310 The login ID matched to the access address of the personal information management server 800 is retrieved, and the login ID is transmitted to the personal information management server 800.

In step 815, when the 'login ID transmitted in step 810' is received by the personal information management server 800, the mapping anonymous ID matching the login ID is retrieved from the personal information DB 810, and in the combining DB 860 The field identification information of the fields in which the information of the record matching the mapping anonymous ID is stored is extracted, and the price DB 870 matches both one or more of the login ID and the mapping anonymous ID and each of the field identification information. The prices are searched, and the searchable information table is created by matching the searched prices with the 'field identification information as search item identification information' and the sellable information table is transmitted to the customer terminal 300.

13 and 14 illustrate examples of the combination DB 860 and the price DB 870. In this case, if the mapping anonymous ID matched to the 'login ID transmitted in step 810' in the personal information DB 810 is “0002”, the field in which the information of the record matching the mapping anonymous ID is stored in the combining DB 860. As the field identification information of the mobile phones, "mobile phone number" and "deposit", "last three months payment amount", "address1", "detail address" and "gender" will be extracted. In addition, in the price DB 870, "200" is a price that matches both "0002" and "mobile phone number", and "200" is a price that matches both "0002" and "last 3 months payment amount." A price that is searched for each and matches all of the "0002" and other extracted field identification information will not be searched. Thus, a sellable information table as illustrated in FIG. 15 will be created. The unit of the price may be both a legal currency display (eg, "won") and a display currency of points and cryptocurrencies, but the present example exemplifies the case of a display currency of a cryptocurrency.

When the customer terminal 300 receives the sellable information table in step 820, the matched search item identification information and the price included in the sellable information table are matched with the check box, and the master password input box and the check box are output. Is output.

In the case illustrated in step 815, if step 820 is operated, it will be output as illustrated in FIG.

In step 825, when the information on selecting one or more of the search item identification information and the master password are input from the customer terminal 300 and a confirmation box is selected, the selected search item identification information is respectively identified as the search item identification. Predetermined sales application tables are created that are matched with each other and included in the price "

One embodiment of the operation of inputting 'information for selecting one or more of the search item identification information' is an operation in which a customer selects one or more of the check boxes by using an input unit of the customer terminal 300.

According to an additional aspect of the present invention, step 825 may include: correcting the output price by a customer using an input unit of the customer terminal 300; It may include, in this case, the sales application table includes the modified price.

In the example illustrated in step 820, a check box matching the "mobile phone", a check box matching the "last 3 months payment amount" and a check box matching the "gender" are selected in step 825, and "gender" is selected. If the matched price is updated to 100 coins, the sales application table as illustrated in FIG. 17 will be created.

In step 830, the login ID and the 'encrypted password', the communication key and the personal information matched to the access address of the personal information management server 800, which is the access address that matches the page accessed in step 805, in the anonymization DB 312. The public key of the management institution is searched, the 'encrypted password' is decrypted using the master password as the decryption key, and the current shared variable is output from the shared variable calculator 314, and the 'decrypted password and the communication key' are output. And at least one of the output shared variables is substituted into a predetermined identity authentication information calculation function to calculate identity authentication information, and includes a login ID, the identity authentication information, and a 'sales application table created in step 825'. Personal information selling application information is created, and the personal information selling application information is encrypted with the encryption key of the public key of the personal information management institution.

An additional aspect and another aspect related to the authentication information illustrated in step 320 of FIG. 4 may be applicable to step 830.

11 is a view illustrating an embodiment of selling one's personal information stored in the personal information management server 800. In step 830, the personal information selling application information is encrypted with a public key of the personal information management institution. However, the operation described in FIG. 11 may be similarly applied to a method of selling his or her personal information stored in the personal information server 100. In the case corresponding to step 830 in the case, the personal information selling application information is encrypted with the public key of the personal information holding institution.

In step 835, the hash value of the 'personal information sale request information encrypted in step 830' is calculated in the customer terminal 300, and the 'encrypted secret key' and the communication ID of the customer terminal 300 in the personal information DB 311. Is searched for, and the 'encrypted secret key' is decrypted with 'decryption master password input' in step 825, and each of the 'personal information sales application information encrypted in step 830' and the communication ID and caller identification information as caller identification information. Each predetermined transaction data including 'access address of the personal information management institution matching the accessed page in step 805' as identification information is generated, a hash value of the transaction data is generated, and the hash value is used as the secret key. Encryption generates a digital signature, and generates a predetermined block including the digital signature, the hash value, and the transaction data.

If another aspect of step 830 is applied, in step 835, the transaction data includes the access address of the personal information holding institution in place of the 'access address of the personal information management institution' as the recipient identification information.

Steps 740-1 and 745 in FIG. 10 are operated.

In step 850, when the personal information management server 800 receives the 'block transmitted in step 740-1', 'read the communication ID as the caller identification information included in the transaction data read in the block', and the customer The information DB 810 retrieves the public key matched with the communication ID, decrypts the digital signature read in the block with the public key, and uses the transaction data read in the block as the decrypted value. Determine if it matches the calculated hash value.

According to an additional aspect of the present invention, step 850 may include determining whether a hash value calculated using the transaction data read in the block coincides with the hash value read in the block; And determining whether the calculated hash value coincides with a hash value read from the block. It may include.

If the determination in step 850 is affirmative, step 855 is operated.

In step 855, the 'block received in step 850' is stored in the distributed ledger 820 in the personal information management server 800, and the 'encrypted personal information sales application information' read from the transaction data included in the block is' The private key of the personal information management institution, retrieved by a predetermined method, is decrypted with a decryption key, and 'login ID, identity authentication information and sales application table' are extracted from each of the decrypted personal information sales application information, and a customer information DB ( In step 810, the 'hashed password and communication key' matched with the login ID is searched, a shared variable calculator (not shown) outputs a predetermined shared variable, and the searched 'hashed password' is' It is determined whether it matches with the received personal authentication information.

Additional aspects illustrated in step 325 of FIG. 4 are also applicable to step 855.

If the determination in step 855 is affirmative, step 865 is operated.

In step 865, the mapping anonymous ID matching the login ID extracted in step 855 is retrieved from the customer information DB 810, and the mapping anonymous ID and the sales request table extracted in step 855 are combined in the combining DB 860. "Information provision attribute" is stored in the sellable field matching all of the field identification information that matches the included search item identification information, and at least one of the login ID and the mapping anonymous ID in the price DB 870. And update the price matched with each of the field identification information to the 'price matched to the search item identification information matched to the field identification information in the sales application table', randomly generated one-time communication key, customer information The communication key matched with the login ID is updated in the DB 810 with the generated universal communication key, the communication ID matched with the login ID is retrieved from the customer information DB 810, and the customer matches the communication ID. Personal information to the terminal 300 The updated communication key is transmitted in a 'could be matched to the holding organ identification information'.

If step 865 is operated in the example illustrated in step 825, 'search item identification information included in the sales application table extracted in step 855' will be "mobile phone number", "last 3 months payment amount", and "gender". Accordingly, in the combined DB 860 illustrated in FIG. 13, the mapping anonymous ID "0002" and "marketing availability field matched with each of the mobile phones, last 3 months payment amount, and gender" as "information providing attribute". Storing "1" will cause the combining DB 860 to be updated as illustrated in FIG. And the price DB 870 illustrated in FIG. 14 will be updated as illustrated in FIG.

In addition, according to an additional aspect of the present invention, step 865, when the customer terminal 300 receives the updated communication key in a 'method that can be matched to the personal information holding institution identification information, anonymizing app 310 Starting and updating the communication key matched with the personal information holding institution identification information with the received communication key in the anonymization DB 312; It includes.

12 is a preferred embodiment of the method for protecting and utilizing personal information using the shared alias ID of the present invention, in which the service server 200 purchases the target personal information stored in the personal information management server 800 according to one embodiment. It is a figure explaining.

When the service server 200 accesses the personal information sales page of the personal information management server 800 in a known method in step 905, the one or more search items are transmitted from the personal information management server 800 to the service server 200. The information about the predetermined personal information selling screen is transmitted to the identification information including the predetermined target item search item table whose price statistics, prices and check boxes are matched with each other.

According to an additional aspect of the present invention, step 905 may include identifying information in which at least one 'information providing attribute matched information' of each field identification information configured in the combination DB 860 is matched with stored field identification information. Extracting them as 'provided target search item identification information'; Calculating, by the price DB 870, statistics of stored prices matching the provided search item identification information by a predetermined method; Calculating a default price using the statistics; And generating a predetermined search target search item table in which the statistics of the price, the 'price matching the default price' and the check box are matched with the search item identification information. It includes.

According to an additional aspect of the present invention, the method of calculating the statistics of the prices includes the average, median, mode, minimum and maximum values, the top 10% quartile, the 20% quartile and the bottom 10% quartile of the prices. And at least one of 20% quartile values.

In the example illustrated in step 865 of FIG. 11, if step 905 of the additional aspects is operated, one or more 'information providing attributes' of each field identification information configured in the combination DB 860 illustrated in FIG. 18 match. "Mobile phone", "deposit", "last 3 months payment amount" and "gender" are extracted as field identification information stored therein, and the field identification information will be extracted as search item identification information to be provided. In this case, if the price DB 970 is illustrated in Fig. 19, and an average is used as the statistic, then "300" as the average matching the "mobile phone" and "200" as the average matching the "deposit" In addition, "150" is calculated as an average matching the "last 3 months payment amount" and "100" as the statistics matched with the "gender", and an average matching "address 1" and "detail address" cannot be calculated. will be. If the average multiplied by 110% is calculated as the default price, the provision item table illustrated in FIG. 20 may be prepared.

In operation 920, when the service server 200 receives the information on the personal information selling screen, the provision item table, the login ID input field, the password input field, and the confirmation box are output to an output unit (not shown).

In step 925, when the information on which one or more pieces of search item identification information are selected is input from the service server 200, 'the price output by matching the search item identification information' is matched to each of the selected search item identification information, and a predetermined purchase request is made. The table is created.

According to an additional aspect of the present invention, step 925 comprises: modifying a price included in the received offer table; It may include, in this case, the purchase request table includes the modified price.

In the example illustrated in step 905, if " mobile phone " and " last 3 months payment amount " are selected as search item identification information in step 925, and a price matching the " last 3 months payment amount " is modified to " 130 " The purchase requisition table illustrated in FIG.

According to another aspect of the present invention, the price may be omitted in the purchase request table, in which case the personal information management server 800 replaces the price by the default price calculated in a predetermined manner.

In step 930, in the service company information DB 210, 'login ID of the service company for accessing the personal information management server' and 'communication ID of the service server 200' and 'personal information management operating the personal information management server 800'. The public key of the institution 'is searched, predetermined personal information purchase request information is prepared, including the login ID of the service company and the' purchase request table created in step 925 ', and the personal information purchase request information encrypts the public key. Encrypted with the key.

In step 935, the service server 200 calculates a hash value of 'personal information purchase application information encrypted in step 930', and in the step 930, the service server 200 as encrypted personal information purchase application information and caller identification information. Predetermined transaction data including a communication ID of < RTI ID = 0.0 >) < / RTI > and an address address matching a page accessed in step 905 as recipient identification information is created, a hash value of the transaction data is calculated, and the hash value is " predetermined " The digital signature is calculated by encrypting the secret key of the service company extracted by the method with an encryption key, and a predetermined block including the digital signature and the transaction data is generated.

In step 940, the connection addresses of the nodes 600 are retrieved from the node DB (not shown), and the 'block generated in step 935' is included in the transaction data as the recipient identification information in step '935. The access address of the node 800 and the access addresses of the nodes 600.

When the nodes 600 receive the block transmitted in step 940 in step 945, the block is stored in the distributed ledger 620.

According to an additional aspect of the present invention, step 945 may include: calculating a hash value of 'transaction data extracted from the received block' at each node 600; Decrypting the calculated hash value and 'digital signature extracted from the received block' with a 'public key of a service company matching the service server 200'; Determining whether the decoded digital signature matches the hash value; If a match is found, a predetermined nonce is calculated, a previous block ID is searched on the blockchain network, a root hash value of one or more transaction data including transaction data read from the block is calculated, and the root hash value is calculated. And generate a predetermined block header including the last block ID, the nonce and a predetermined timestamp, generate a completed block including the block header and the transaction data, and store the generated block header in the distributed ledger 620. Arranging the completed block as a 'following block of the block matching the previous block ID' on the blockchain network by transmitting the completed block to nodes; It includes.

When the personal information management server 800 receives the block transmitted in step 940 in step 950, the communication ID of the service server 200 as the caller identification information included in the transaction data read in the block. Read and retrieve the public key of the service company matched with the communication ID of the service server 200 in the customer information DB 810, calculate a hash value of the transaction data read from the block, and use the public key to read the public key. It is determined whether the value obtained by decoding the digital signature 'read in the block matches the hash value.

If the judgment at step 950 is affirmative, step 955 is operated.

In step 955, the 'block received in step 950' is stored in the distributed ledger 820 in the personal information management server 800, and the encrypted personal information purchase request information read from the transaction data included in the block is 'predetermined'. The secret key of the personal information management institution extracted by the method is decrypted with the decryption key, and the login ID and the purchase request table of the service company are extracted from the decrypted personal information purchase request information.

According to an additional aspect of the present invention, step 955 comprises receiving a completed block containing the transaction data from nodes 600; Storing the received completed block in a distributed ledger (820); It includes.

In the combination DB 860 in step 965, among the information matched with the 'search item identification information included in the purchase request table extracted in step 955', the price DB 870 corresponds to each piece of information that matches the information provision attribute. ), And prices within 'the price matched to the search item identification information matching the field identification information in the purchase request table' (hereinafter, referred to as 'purchase desired price') among the prices are extracted as the sellable price. And a predetermined selling price is calculated using the respective sellable prices and the desired purchase price, and the data of the combined DB 860 matching the extracted price of each sellable price is respectively the mapping anonymous ID and the mapping. The reply information list is created so as to match the search item identification information at the same time.

According to an additional aspect of the present invention, step 965 is a sellable field matched with 'field identification information matching the search item identification information included in the purchase request table extracted in step 955' in the combination DB 860. Extracting records in which the information providing attribute is stored; Extracting mapping anonymous IDs of the extracted records from a combined DB (860); Extracting prices matching both the mapping anonymous ID and the field identification information in a price database 870; Extracting a price within the "purchase desired price" among the prices as a sellable price; Defining data of the combination DB 860 matching the extracted prices for each sellable price as sellable data; Calculating the desired purchase price as a selling price; Creating a reply information list such that the extracted information matches 'matched search item identification information' and 'matched mapping anonymous ID' respectively; It includes.

According to an additional aspect of the present invention, the selling price is expressed in one unit of a legal currency, a point, and a cryptocurrency.

In the case illustrated in step 925, if step 965 is operated, 'search item identification information included in the purchase request table extracted in step 955' is "mobile phone" and "last 3 months payment amount", and the example illustrated in FIG. The field identification information matching the search item identification information in the combination DB 860 is also "mobile phone" and "last 3 months payment amount," and "information providing attribute" in the sellable field matching the "mobile phone". Records stored with '1' as a ruler are extracted with a record storing '0002' in the mapping anonymous ID field, and records with '1 as information providing attribute' stored in the sellability field matching the 'last 3 months payment amount'. A record in which "0001" is stored in the mapping anonymous ID field and a record in which "0002" is stored in the mapping anonymous ID field will be extracted. In the price DB 870 illustrated in FIG. 19, "300" is extracted as a price matching both "the mapping anonymous ID 0002" and the "field identification information mobile phone", and the "0001" and the " "100" will be extracted as a price that matches all of the "last three months" amount, and "200" will be extracted as a price that matches both "0002" and "the last three months". In this case, if "purchase desired price" is illustrated in FIG. 21, "300" is extracted as a sellable price matched with "mobile phone", and as a sellable price matched with "last 3 months payment amount". "100" will be extracted. However, since the 'sellable price 300 matched to the mobile phone' is information matched to 'Mapping Anonymous ID 0002' in the price DB 870, the 'search item identification' in the combining DB 860 illustrated in FIG. Information "010-6382-7532" matching both the mobile phone as the information and '0002 as the mapping anonymous ID' will be extracted as the salable data. In addition, since the 'saleable price 100 matched to the last three months' payment amount is information matched to 'mapping anonymous ID 0001' in the price DB 870, the 'search' in the combining DB 860 illustrated in FIG. The information "4,232,345" that matches both the "last 3 months payment amount as item identification information" and "0001 as mapping anonymous ID" will be extracted as salable data, and a reply information list as illustrated in FIG. 22 will be created.

On the other hand, according to another aspect of the present invention, step 965 is that each extracted information is 'search item identification information matched with each piece of information,' to 'selection of service company that is an information buyer' or 'personal information management server 800'. Calculating the statistics by applying a function matched to the one or more statistics identification information selected according to the stored predetermined logic; In addition, the reply information list prepared in the step may be prepared by matching the 'statistic matching the search item identification information' to the search item identification information.

In this case, if the above aspect is applied, and "average" is selected as the statistical identification information only by matching the "last three months payment amount" among the search item identification information, as shown in Figure 23, the search item identification information "mobile For the "Phone", the mapping anonymous ID is matched and included, and for the search item identification information "last 3 months payment amount", the reply information list will be prepared including the "average of extracted information" without the mapping anonymous ID.

On the other hand, according to another aspect of the present invention, by replacing or adding the mapping anonymous ID to the reply information list, the shared alias ID matched with the login ID extracted from the personal information purchase request information may be matched with the data. In this case, in step 965, the customer information DB 810 extracts the service company identification code matching the 'login ID of the service company extracted in step 955', and the mapping anonymous ID in the customer information DB 810. Searching for a shared alias ID matched with the service identification code; It includes.

In step 970, the public key of the service provider matching the 'login ID of the service company extracted in step 955' and the communication ID of the service provider are retrieved from the customer information DB 810, and the personal information management institution identification information and the recipient identification as the caller identification information are retrieved. Predetermined personal information providing information including the communication ID as the information and the reply information list created in step 965 is created, and the personal information providing information is encrypted with the encryption key.

In step 975, the personal information management server 800 stores the encrypted personal information providing information in step 970, the personal information management institution identification information as the caller identification information, and the communication ID of the service company retrieved as the recipient identification information in step 970. Predetermined transaction data is created, a hash value of the transaction data is calculated, and the digital signature is calculated by encrypting the hash value with a secret key of the personal information management authority, which is extracted in a predetermined manner, with an encryption key. And a predetermined block including the digital signature and the transaction data is generated.

In step 980, the access addresses of the nodes 600 are retrieved from the node DB 880, and the 'block generated in step 975' corresponds to the 'communication ID of the service company included in the transaction data as the receiver identification information' in step 975. Are transmitted to access addresses of nodes 600.

According to an additional aspect of the present invention, step 980 includes: step 980a of searching for account identification information matching the mapping anonymous ID extracted in step 965 in the customer information DB 810; The communication ID of the service server 200 as the caller identification information read out in step 950, the predetermined payment request information including the searched account identification information as the deposit account identification information and the 'sale price calculated in step 965' as the charge amount. Sent to step 980b; When the service server 200 receives the 'billing application information transmitted in step 980b', the service company's account identification information is retrieved from the service company information DB 210, and 'the searched account identification information' as the withdrawal account identification information. A step 980c, in which predetermined transaction data including 'account identification information read from the payment request information' as the payment account identification information and 'bill amount read from the payment application information' as the remittance amount is created; Generating a predetermined digital signature by calculating a hash value of the transaction data and encrypting the hash value with a 'secret key of the service company found by a predetermined method'; Generating a predetermined block including the digital signature and the transaction data; Step 980f, in the service server 200, the block is transmitted to the personal information management server 800 and the nodes 600; Upon receiving the block, the personal information management server 800 extracts the account identification information of the service company as the withdrawal account identification information from the transaction data read from the block in response to the block, and hashes the transaction data. Calculate a value, retrieve the public key matched with the withdrawal account identification information from the customer information DB 810, decrypt the 'digital signature read in the block' with the public key, and read the decrypted digital signature in the 'block. Determining whether or not the coincides with the generated hash value 980g; And if the determination is affirmative, the node DB 880 retrieves the 'access addresses of the nodes 600' and the 'block generated in step 975' is included in the transaction data as recipient identification information in step '975. Step 980h transmitted to the communication ID 'and the access addresses of the nodes 600; It includes.

Meanwhile, according to another aspect of the present invention, in which the personal information purchaser pays the personal information purchase price to the personal information management institution and the personal information management institution selects the method to pay the personal information seller, the payment request information at step 980b. As the deposit account identification information included in the account identification information retrieved in step 980a is replaced with the 'account number of the predetermined personal information management agency'.

When the nodes 600 receive the block transmitted in step 980 in step 985, the block is stored in the distributed ledger 620.

Steps illustrated as an additional aspect in step 945 of FIG. 9 may also be included in step 985.

In step 990, when the service server 200 receives the 'block transmitted in step 980', the service server 200 reads 'personal information management institution identification information as the caller identification information' included in the transaction data read in the block, and the service The private information DB 210 searches for a public key matching the 'personal information management institution identification information as the caller identification information', decrypts the 'digital signature read in the block' with the public key, and the decrypted value is It is determined whether it matches the hash value of the transaction data read in the block.

If the judgment at step 990 is affirmative, step 995 is operated.

In step 995, the block is stored in the distributed ledger (not shown) in the service server 200, 'encrypted personal information providing information' is extracted from 'transactional data read in step 990', and the 'encrypted personal information' The 'provided information' is decrypted with 'the private key of the service company searched in a predetermined method', a reply information list is extracted from the decrypted personal information providing information, and the 'mapping anonymous ID' and the search item matched with each other in the reply information list. Identification information and data 'are read, and a predetermined analysis operation is performed using the read information.

If the sharing alias ID is matched with the data in the reply information list by replacing or adding the mapping anonymous ID in step 965, the sharing alias ID matches the 'search item identification information and data' in step 995. In this aspect, step 965 performs a predetermined analysis operation by combining the received data with information matching the shared alias ID in one or more of the member DB 220 and the pseudonym transaction DB 230. It may include.

100: personal information server
110: Personal Information DB
120: anonymized DB
130: Real Name Transaction DB
140: shared variable calculation unit
160: Viewing Reason DB
170: service company DB
180: node DB
190: block generation unit
200: service server
210: service company information DB
220: member DB
230: pseudonym transaction DB
240: shared variable calculation unit
250: communication key generation unit
260: Reason DB
300: customer terminal
310: Anonymous app
311: Personal Information DB
312: Anonymization DB
313: password generation unit
314: shared variable calculation unit
318: Node DB
319: block generation unit
400: seller's terminal
420: Anonymization DB
440: Payment DB
500: payment server
600: nodes
620: distributed ledger
700: public power station server
720: Content proof DB
800: personal information management server
810: Customer Information DB
820: distributed ledger
850: DB for holding personal information
860: Combined DB
870: Price DB
880: node dB

Claims (30)

In a given personal information server,
In response to a call to a predetermined service server, connecting any arbitrary client terminal that has been connected to the service server to a predetermined shared alias ID registration page;
Receiving an arbitrary shared alias ID from the service server;
Receiving a predetermined personal information ID from the customer terminal;
Storing the shared alias ID by matching 'predetermined service identification information matched with the service server' and the personal information ID in a predetermined DB; And
Receiving predetermined application information including the shared alias ID from the service server; Personal information protection and utilization method using a shared alias ID, including

In a given personal information server,
Receiving predetermined settlement request information including a predetermined sharing alias ID and a predetermined settlement amount in a 'method capable of matching the service identification information matched with the service server' from a predetermined service server;
Searching for a universal account number that can be matched with the shared alias ID; And
Storing the universal account number as the recipient identification information and the amount matching the settlement amount as the remittance amount in a predetermined DB matched with the service ID information; Personal information protection and utilization method using a shared alias ID, including
In a given personal information server,
The predetermined settlement request information including the predetermined sharing alias ID, the predetermined remittance amount, and the receiving identification information is received from the predetermined service server in a 'method capable of matching the service identification information matched with the service server'. step;
Searching for a universal account number that can be matched with the shared alias ID; And
Storing the universal account number as payer identification information, the payee identification information as payee identification information, and the remittance amount in a predetermined DB matched with the service ID information; Personal information protection and utilization method using a shared alias ID, including
In a given personal information server,
Receiving predetermined search request information including a predetermined shared alias ID and predetermined search item identification information as a 'method capable of matching service identification information matched with the service server' from a predetermined service server. ;
Extracting data that may match the shared alias ID while matching the search item identification information from a predetermined DB; And
Transmitting the extracted data to the service server as a reply to the search request information; Personal information protection and utilization method using a shared alias ID, including
In a given personal information server,
A method of matching the service identification information matched with the service server from a predetermined service server includes information on a predetermined search condition, information on a predetermined search item, and predetermined search reason identification information. Receiving predetermined search request information;
Extracting one or more communication IDs matching 'information on the search condition';
'Information matching the service identification information as the information providing application identification information' and 'Information matching the search item identification information as the target information identification information' and 'Predetermined to match the identification reason identification information' Transmitting predetermined consent application information including the inquiry reason explanation information of 'to the communication ID;
Receiving predetermined consent information matching the agreement application information from a customer terminal that can match the communication ID;
Extracting data matching the search item identification information while matching the communication ID from a predetermined DB; And
Transmitting the extracted data to the service server as a reply to the search request information; Personal information protection and utilization method using a shared alias ID, including
In a given personal information server,
'Search method item identification information and condition variables matched with each other' and 'Search item identification information and statistical method matched with each other' as a 'method that can be matched with service identification information matching the service server' from a predetermined service server Receiving predetermined search request information including information;
Extracting records including data corresponding to the condition variable from a field matching the search condition item identification information in a predetermined DB;
Extracting data matching the search item identification information from the records;
Calculating a predetermined statistics by applying a 'statistic method matching the statistical method identification information' to the extracted data; And
Transmitting the calculated statistics to the service server as a reply to the search request information; Personal information protection and utilization method using a shared alias ID, including
In a given personal information server,
Receiving information including predetermined personal information movement request information encrypted with a 'public key of a personal information holding institution matched with the personal information server';
Decrypting the 'encrypted personal information movement request information' with the 'secret key of the personal information holding institution' as a decryption key;
Extracting 'predetermined personal information ID as personal information movement request information sender identification information', predetermined personal information receiver identification information, predetermined personal authentication information, and predetermined search item identification information from the decrypted personal information movement request information; ;
Retrieving a 'hashed password' matching the personal information ID from a predetermined DB;
Determining whether the 'hashed password' matches the 'received authentication information':
Extracting data matching both the personal information ID and the search item identification information from a predetermined DB; And
Transmitting the information including the extracted data to a device matching the personal information receiver identification information; Personal information protection and utilization method using a shared alias ID, including
In a given personal information server,
Receiving information including predetermined personal information movement request information, characterized in that it comprises a predetermined personal information ID, predetermined personal information receiver identification information, public key of predetermined personal information receiver and predetermined search item identification information. step;
Extracting data matching both the personal information ID and the search item identification information from a predetermined DB;
Encrypting the information including the extracted data with the public key of the personal information receiver; And
Transmitting the encrypted information to a device matching the personal information receiver identification information; Personal information protection and utilization method using a shared alias ID, including
In a given personal information server,
Receiving a predetermined block including 'predetermined transaction data including encrypted personal information movement request information, sender identification information, and recipient identification information' and a predetermined digital signature;
Decrypting the 'encrypted personal information movement request information' with a decryption key 'secret key of the personal information holding institution matched to the personal information holding server';
Extracting 'predetermined personal information ID as personal information moving request information sender identification information', predetermined personal information receiver identification information, and predetermined search item identification information from the decrypted personal information moving request information;
Retrieving a public key matching the personal information ID from a predetermined DB;
Decrypting the digital signature into a decryption key;
Calculating a hash value of the transaction data;
Determining whether the hash value matches the decoded digital signature '
Extracting data matching both the personal information ID and the search item identification information from a predetermined DB; And
Transmitting the information including the extracted data to a device matching the personal information receiver identification information; Personal information protection and utilization method using a shared alias ID, including
On a given server,
In response to a call from a predetermined personal information server, connecting any customer terminal that has been connected to the personal information server to a predetermined member registration request page;
Receiving an arbitrary shared alias ID from the personal information server;
Receiving a password for a service server from the customer terminal;
Storing the shared alias ID by matching 'personal information holding organization identification information that can be matched with the personal information server' and 'information that matches the password' in a predetermined DB; And
Transmitting predetermined application information including the shared alias ID to the personal information server; Personal information protection and utilization method using a shared alias ID, including
On a given server,
Receiving a predetermined shared alias ID and predetermined personal authentication information from a predetermined customer terminal;
Searching for 'information matching a password' matching the shared alias ID in a predetermined DB;
Determining whether the retrieved information matches the received personal authentication information;
Transmitting predetermined application information including the shared alias ID to a predetermined personal information server matching the shared alias ID; And
Storing a predetermined service summary by matching the shared alias ID to a predetermined DB; Personal information protection and utilization method using a shared alias ID, including
On a given server,
Receiving predetermined payment approval application information including predetermined sharing alias ID, predetermined purchaser identification information, and predetermined payment amount from a predetermined customer terminal;
Transmitting predetermined payment approval information to the customer terminal by matching the payment approval application information; And
Transmitting predetermined settlement request information including the shared alias ID and the settlement amount matching the settlement amount to a predetermined personal information server matching the sharing alias ID; Personal information protection and utilization method using a shared alias ID, including
On a given server,
Selecting or inputting one or more search condition item identification information;
Selecting or inputting a predetermined condition variable by matching the search condition item identification information;
Selecting or inputting one or more search item identification information;
Transmitting predetermined search request information including the search condition item identification information and condition variable and the search item identification information to a predetermined personal information server; And
In response to the transmission from the personal information server, 'predetermined data matching the search item identification information while matching the condition variable matched with the search condition item identification information' is received by matching a predetermined shared alias ID. step; Personal information protection and utilization method using a shared alias ID, including
On a given server,
Creating predetermined transaction data including 'prescribed account identification information of a service company matching the service server', predetermined deposit account identification information, and a predetermined remittance amount as the withdrawal account identification information;
Calculating a hash value of the transaction data;
Encrypting the hash value with the private key of the service company to generate a predetermined digital signature;
Generating a predetermined block including the transaction data and the digital signature;
Transmitting the block to a predetermined server that can be matched with the deposit account identification information; And
In response to the block, receiving predetermined personal information from the server; Personal information protection and utilization method using a shared alias ID, including
On a given server,
'Predetermined transaction data' including 'prescribed personal information providing information encrypted with a public company's public key matching the service server' and 'prescribed caller identification information' from a predetermined server and 'predetermined digital matching the transaction data' Receiving information including the signature ';
Calculating a hash value of the transaction data;
Retrieving a public key matching the caller identification information;
Decrypting the digital signature with the public key;
Determining whether the decoded digital signature matches the calculated hash value;
Decrypting the 'encrypted predetermined personal information providing information' into a 'secret key of the service company'; And
Extracting predetermined data that can be matched with at least one of a predetermined mapping anonymous ID and a shared alias ID from the decrypted personal information providing information and search item identification information; Personal information protection and utilization method using a shared alias ID, including
At a given customer terminal,
Inputting a master password of the customer terminal owner;
Retrieving the 'shared alias ID and the password for the encrypted service server' matching the specific service identification information from the predetermined DB;
Decrypting the encrypted password for the service server using the input master password as a decryption key; And
Transmitting predetermined application information including the shared alias ID and 'identification information calculated using the decrypted password' to a 'service server capable of matching the service identification information'; Personal information protection and utilization method using a shared alias ID, including
At a given customer terminal,
Receiving predetermined consent application information including predetermined information provision request identification information and provision target information identification information from a predetermined server;
Inputting a master password of the customer terminal owner;
Retrieving at least one of 'personal information ID matched to the server', 'real name number of the client terminal owner' and 'communication ID matched to the customer terminal' and 'encrypted password matched to the server';
Decrypting the 'encrypted password' with the decryption key of the master password;
Calculating predetermined personal authentication information using the decrypted password; And
Transmitting predetermined consent information including the at least one of the personal information ID, the real name number, and the communication ID, and the calculated personal authentication information to the server; Personal information protection and utilization method using a shared alias ID, including
At a given customer terminal,
Receiving predetermined consent application information including predetermined information provision request identification information and provision target information identification information from a predetermined personal information server;
Generating predetermined transaction data including predetermined consent information, predetermined sender identification information, and predetermined predetermined receiver identification information matching the sender of the agreement application information;
Calculating a hash value of the transaction data;
Generating a digital signature by encrypting the hash value of the transaction data with a secret key of the customer terminal owner;
Generating a predetermined block including the transaction data and the digital signature; And
Transmitting the block to the personal information server as a reply to the consent request information; Personal information protection and utilization method using a shared alias ID, including
At a given customer terminal,
Step of inputting the master password of the customer terminal owner:
Retrieving the encrypted 'owner's private key';
Decrypting the 'encrypted secret key' with the decryption key of the master password;
Generating predetermined transaction data;
Calculating a hash value of the transaction data;
Generating a predetermined digital signature by encrypting the hash value with the decrypted secret key; And
Generating a predetermined block including the transaction data and the digital signature; Personal information protection and utilization method using a shared alias ID, including
At a given customer terminal,
Creating predetermined personal information movement request information including predetermined search item identification information and predetermined recipient identification information;
Encrypting the personal information movement request information with a 'public key of a predetermined personal information holding institution';
Creating predetermined transaction data including the encrypted personal information movement request information and the recipient identification information;
Calculating a hash value of the transaction data;
Generating a digital signature by encrypting the hash value with a secret key of the owner of the client terminal;
Generating a predetermined block including the transaction data and a digital signature; And
Transmitting the block to a server of the personal information holding institution; Personal information protection and utilization method using a shared alias ID, including
At a given customer terminal,
Creating personal information movement request information including personal information movement request information receiver identification information, predetermined search item identification information, and predetermined personal information receiver identification information;
Encrypting the personal information movement request information by using an encryption key of a 'public key matching the personal information movement application information receiver identification information';
Creating predetermined transaction data including the encrypted personal information movement request information, predetermined caller identification information, and predetermined personal information movement application information receiver identification information;
Calculating a hash value of the transaction data;
Generating a digital signature by encrypting the hash value with a secret key of the owner of the client terminal; And
Generating a predetermined block including the transaction data and the digital signature; Personal information protection and utilization method using a shared alias ID, including
At a given customer terminal,
A predetermined personal information movement request information including a predetermined personal information movement application information recipient identification information and a 'personal information ID as predetermined caller identification information', a predetermined search item identification information and a predetermined personal information receiver identification information is prepared. Becoming;
Retrieving a 'public key matching the personal information receiver identification information' and a 'public key matching the personal information movement application information receiver identification information' from a predetermined DB;
Firstly encrypting the personal information movement request information using an 'public key matched with the personal information movement application information receiver identification information' using an encryption key;
'Information in which the personal information movement request information recipient identification information is matched to the first encrypted personal information movement request information' is 'secondly encrypted with a public key matching the personal information movement application information receiver identification information'. step; And
Transmitting predetermined information including the second encrypted personal information movement request information to a 'predetermined device matching the personal information receiver identification information'; Personal information protection and utilization method using a shared alias ID, including
At a given customer terminal,
Creating predetermined personal information selling application information including predetermined search item identification information;
Encrypting the personal information selling application information by using an encryption key of the 'public key of the institution that will receive the personal information selling application information';
Creating predetermined transaction data including the encrypted personal information sales application information, predetermined caller identification information, and predetermined receiver identification information;
Calculating a hash value of the transaction data;
Generating a digital signature by encrypting the hash value with a secret key of the owner of the client terminal; And
Generating a predetermined block including the digital signature and the transaction data; Personal information protection and utilization method using a shared alias ID, including
On a given server,
The transaction information and the predetermined transaction data comprising the personal information movement request information encrypted with the 'public key of the personal information management institution matched to the personal information management server' and the predetermined personal information movement application information sender identification information. Receiving (A) a predetermined block comprising a digital signature 'matched with transaction data';
Retrieving a public key matched with the personal information movement request information caller identification information from a predetermined DB;
Decrypting the digital signature with the public key (B);
Calculating a hash value of the transaction data;
Determining whether the decoded digital signature and the hash value coincide with each other (D); And
(E) decrypting the 'encrypted personal information movement request information' with a decryption key 'secret key of the personal information management institution matched to the personal information management server'; Personal information protection and utilization method using a shared alias ID, including
In claim 24,
The transaction data further includes a predetermined personal information transfer application information recipient identification information,
'Personal information movement request information encrypted with the public key of the personal information management institution' included in the transaction data is 'personal information movement request information encrypted with the public key of the personal information management institution',

In step (E),
Firstly decrypting the second encrypted personal information movement request information with a 'secret key of the personal information management institution' as a decryption key;
Reading predetermined personal information moving application information recipient identification information and 'primary encrypted personal information moving application information' from the first decoded information; And
Transmitting the 'primary encrypted personal information movement request information' to the 'device matching the personal information movement application information receiver identification information'; Personal information protection and utilization method using a shared alias ID, including
On a given server,
Receiving predetermined personal information movement information transmitted in a 'method capable of matching predetermined personal information holding institution identification information';
In the personal information moving information, 'identification information assigned to identify a specific individual between the personal information management server and the server matching the personal information holding institution identification information as the joint identification information, characterized in that not the personal information of the individual Extracting data matching the predetermined search alias identification information while matching the predetermined shared alias ID '; And
Storing the data by matching the 'predetermined ID matching the shared alias ID' and 'predetermined identification information matching the search item identification information' in a predetermined DB; Personal information protection and utilization method using a shared alias ID, including
On a given server,
Receiving information including 'prescribed personal information selling application information' encrypted with 'public key matching the server';
Decrypting the 'encrypted personal information selling application information' with a decryption key 'secret key matching the server';
Extracting 'predetermined login ID, predetermined personal identification information, and predetermined search item identification information' from the decrypted personal information selling application information;
Searching for 'information matching a password' matching the login ID in a predetermined DB;
Determining whether the personal authentication information matches the 'information matching the password'; And
Storing a predetermined information providing attribute by matching information matched with both 'ID that can match the login ID' and 'predetermined identification information that matches the search item identification information' in a predetermined DB; Personal information protection and utilization method using a shared alias ID, including
On a given server,
Predetermined transaction data including 'predetermined personal information sales application information' encrypted with 'public key matching the server' and predetermined sender identification information, and predetermined digital data including 'digital signature matching the transaction data' Receiving a block;
Retrieving a public key matching the caller identification information from a predetermined DB;
Decrypting the digital signature with the public key;
Calculating a hash value of the transaction data; And
Determining whether the hash value and the 'decoded digital signature'match;
Decrypting the 'encrypted personal information selling application information' with a decryption key 'secret key matching the server';
Extracting 'predetermined login ID and predetermined search item identification information' from the decrypted personal information selling application information; And
Storing a predetermined information providing attribute by matching information matched with both 'ID that can match the login ID' and 'predetermined identification information that matches the search item identification information' in a predetermined DB; Personal information protection and utilization method using a shared alias ID, including
On a given server,
Receiving, from a predetermined communication device, predetermined blocks including 'prescribed purchase application information including predetermined caller identification information and predetermined search item identification information' and predetermined blocks including predetermined digital signatures;
Retrieving a public key matching the caller identification information from a predetermined DB;
Decrypting the digital signature with the public key;
Calculating a hash value of the transaction data; And
Determining whether the hash value and the 'decoded digital signature'match;
Extracting data in which both "predetermined identification information matching the search item identification information" and "information providing attribute" are matched in a predetermined DB; And
Transmitting information including 'prescribed personal information providing information including the extracted information' to the communication device; Personal information protection and utilization method using a shared alias ID, including
On a given server,
Extracting predetermined information from a predetermined DB;
Retrieving the account identification information matched with 'a predetermined ID that can match the extracted information';
Receiving a predetermined block including 'prescribed withdrawal account identification information and predetermined transaction data including a predetermined remittance amount' and a predetermined digital signature from a predetermined communication device;
Calculating a hash value of the transaction data;
Retrieving a public key matching the withdrawal account identification information;
Determining whether the hash value is identical to the value obtained by decoding the digital signature with the public key; And
Transmitting the extracted information to the communication device when it is determined to match; Personal information protection and utilization method using a shared alias ID, including

Images