KR20210032880A - Method of Decision Making Through Deliberation and Vote - Google Patents

Abstract

The present invention relates to a method for making decisions through deliberation and voting to process from topic registration to voting with one streamline. According to the present invention, a method for making decisions with respect to a specific topic is performed in an environment including a plurality of member terminals and a server capable of performing data communications with the member terminals. The method comprises: a first step of receiving a specific topic through the member terminal of at least one member, registering the specific topic in the server, and displaying the specific topic so that the specific topic can be recognized through the member terminal by data communication with the server; a second step of receiving an opinion on the specific topic through the member terminal of at least one member, registering the opinion in the server, and displaying the opinion so that the opinion can be recognized through the member terminal by data communication with the server; a third step of receiving and registering a proposal on the specific topic through the member terminal of at least one member, and displaying the registered proposal so that the registered proposal can be recognized through the member terminal; a fourth step of receiving, by the server, preference indication information for the proposal through the member terminal of at least one member; a fifth step of determining the proposal as an object of voting and registering the proposal in the server when the corresponding proposal meets a predetermined rule on the basis of the preference indicator information received in the fourth step; and a sixth step of receiving, by the server, indication information on the pros and cons of the proposal registered in the fifth step from the member terminal of at least one member.

Description

Method of Decision Making Through Deliberation and Vote}

The present invention relates to a method of making a decision by a large number of people, and more particularly, to a method of integrating the deliberation and voting process on-line and the deliberation and voting process to make a decision in one flow.

The act of gathering opinions on a specific topic and making a decision becomes more difficult as the number of related stakeholders are connected. This is because it is difficult to effectively collect and communicate opinions from many stakeholders and reach conclusions.

Terminals capable of data communication in both online and online environments, such as smartphones, tablet PCs, PCs, notebook computers, etc., are widely popular, allowing users to freely register comments on a given topic or article online through a user terminal. There is a growing situation in which a kind of public opinion is formed through activities such as etc.

In social network service (SNS), where specific users are invited to leave a message, online voting is also activated to ask for and decide the intentions of related users.

However, opinions on specific topics are presented online in a variety of ways and can be recognized by users. However, the step-by-step approach to reaching a predetermined decision is not considered, and the decision-making process goes beyond the expression of opinions. There was a limit of not being able to go.

For example, when someone posts an opinion on a specific topic on social media, there is a limit to stopping at the level in which other users express their opinions on it in the comments. Moreover, since SNS is a structure that constantly emanates, it is much more likely that opinions on a specific topic will flow in a completely wrong direction than when they converge in a specific direction.

In addition, there are problems such as unrelated or repetitive remarks, etc., which are difficult to control, and meaningful opinions may be obliterated, and as a result, it is difficult to guarantee reasonable conclusions. do.

In addition, the content of the discussion is volatilized, and it is quickly forgotten after time passes, and it is difficult to find it again.

Considering the limitations of the prior art, factors necessary for making a decision by involving many people on a specific topic are as follows.

First, no matter how many people participate and give different opinions, important opinions must be passed on to other people to obtain consent without being obliterated.

Second, opinions that are off-topic or that can be integrated with other opinions should be filtered over time and condensed into a small number of opinions that can become a core issue.

Third, opinions that have gained sympathy from many people should be exposed to more people through a predetermined selection process (curation), and the opinions should be able to emerge as a core issue.

In addition, in general, in a decision-making meeting, the meeting organizer forces participants to follow the set rules regarding the time, order, and frequency of speech, and gives attention to off-topic or inappropriate speech, or restricts the right of the participants to speak. By integrating similar opinions or highlighting issues, the so-called facilitator can increase the efficiency of meetings and increase the likelihood of reaching consensus.

At this time, the facilitator must maintain a neutral position, and do not conduct meetings in favor of or against a specific participant or specific opinion according to his or her beliefs or preferences.

However, due to lack of competence, the facilitator cannot adequately control the process of the meeting or maintain neutrality, which can lead to issues of fairness.

In other words, the quality of the decision-making process or results depends on the facilitator's capabilities and qualities.

In addition, even if the facilitator's competence is excellent and fair, smooth progress becomes difficult as the number of participants in the meeting increases.

The present invention does not depend on the capabilities and qualities of the facilitator, or minimizes the influence thereof, and is intended to allow the system to replace or supplement the role of the facilitator as a method for smooth decision making even if the size of the participant increases.

In the present invention, after a user registers a specific topic for a large number of people online, and after receiving an opinion on the topic, after registering a proposal for a specific topic based on the expressed opinion, a preference mark for the proposal Based on the information, if the proposal meets the prescribed rules, the proposal is registered as a target for voting and then voted online, thereby automating various topics, proposals, and voting activities for selected proposals. It aims to provide an online decision-making method that can proceed from topic registration to voting through the streamline of.

The method of making a decision on a specific subject according to the present invention is performed in an environment including a plurality of member terminals and a server capable of data communication with the member terminal, and the method includes at least one member terminal of a member. A first step of receiving a specific topic through a server, registering the specific topic in a server, and displaying the specific topic so that it can be recognized through a member terminal through data communication with the server; A second step of receiving an opinion on the specific subject through a member terminal of at least one member, registering it in a server, and displaying the opinion so that the opinion can be recognized through the member terminal through data communication with the server; A third step of receiving and registering a proposal for the specific subject through a member terminal of at least one member, and displaying the registered proposal to be recognizable through the member terminal; A fourth step of receiving, by a server, preference mark information for the proposal through a member terminal of at least one member; A fifth step of determining the proposal as an object of voting and registering it with a server if the proposal meets a predetermined rule based on the preference mark information received in the fourth step; And a sixth step of receiving, by the server, the pros and cons of the proposal registered in the fifth step from the member terminal of at least one member.

The method of making a decision through online according to the present invention may further include step 5-1 in which the server receives the opinions of the members on the proposal subject to voting through the member terminal.

The opinions of each member in the second step may be displayed on the member terminal in association with the contents of the proposal.

The opinions of each member in step 5-1 can be displayed on the member terminal in conjunction with the contents of the proposal subject to voting.

At least one of the number of times each member presents the opinions and the number of registrations for proposals may be limited to a predetermined number.

The method of making a decision through online according to the present invention further includes a seventh step of requesting that at least one member transfer at least part of the number of times assigned to the user to another member to the server through the member terminal. Can include.

The method of making a decision through online according to the present invention may further include an eighth step of providing a reward to a member who has registered a proposal or opinion according to a predetermined rule.

Each member may be given a nickname that is valid for at least some time before the end of the voting.

When a plurality of proposals are registered in the third step, the order of appearance of proposals may be a random order or an order determined based on a preference mark.

In the method of making a decision through online according to the present invention, in the third and fourth steps, the opinion on the proposal is received from at least one member terminal and registered in the server, and the opinion is transmitted through data communication with the server. It may further include an eighth step of appearing to be recognizable through the member terminal.

In the method of making a decision through online according to the present invention, the server receives and registers the modified proposal through the terminal of the member who registered the proposal, and the modified proposal is recognized through the member terminal through data communication with the server. It may further include a ninth step of appearing to be possible.

The present invention includes a tenth step of issuing an anonymous identity token to a member; An eleventh step of generating an anonymous ID based on the anonymous identity token; A twelfth step of generating an output value calculated by inputting the anonymous ID and at least information of each decision-making step into a one-way function as an individual anonymous ID used for each step.

The present invention includes a thirteenth step of providing a reward to a member who has registered a proposal or opinion according to a predetermined rule; A 14th step of generating a disposable wallet address paired with the individual anonymous ID; It may further include a fifteenth step of transmitting the reward to the disposable wallet address.

According to the present invention, it is possible to expand the breadth of stakeholder participation, as the scope of participation of stakeholders can be expanded since the subject registration to the proposal for the subject, and the selection and voting among the proposals can be unfolded in a single flow. It has the effect of facilitating securing legitimacy and support. In addition, the process of subject registration, opinion expression, proposal registration, and voting target registration is performed so as to be classified according to predetermined rules, so that the online decision-making process can be efficiently and accurately operated. By setting a predetermined deadline for the subject registration to the completion of the voting process, it is possible to complete a decision on a specific subject within the predetermined deadline.

In addition, by providing rewards and the like to members who actively participate in decision-making, it is possible to induce more participation and derive better decision-making by creating an effect of motivation.

In addition, it is possible to make a scarce resource by limiting the members' right to speak or register an offer within a certain range, and by providing an opportunity such as transfer or additional grant, there is an effect that the degree of freedom to design various decision-making processes is guaranteed.

By dividing the process up to decision-making in stages, it is possible to reduce the time and resources required to make a decision, and by presenting a decentralized decision-making process, it is possible to secure the possibility of developing various solutions or expanding technical ideas. In addition, since records of all processes can be left as electronic data, reliable and legitimate can be secured, and continuous development can be pursued by using them as reference materials when making other decisions in the future.

In addition, according to the present invention, it is possible to ensure the freedom of expression and expression through anonymity, secure the trust of the participants through authentication, and secure the legitimacy of the decision by ensuring equal right to speak. In addition, since the discussion process is controlled by the system, the neutrality of faciliation can be ensured, and the process of coordination of issues is enhanced by not distributing issues through feedback on opinions (comments, preferences, etc.). It can be done effectively. Furthermore, it is possible to induce active participation of members by providing compensation for participation or compensation for adopted alternatives.

1 is a diagram showing an example of an environment in which the present invention is to be practiced.
2 is a flow chart of a decision making process according to the present invention.
3 is a flowchart of a method of establishing an anonymous digital identity according to the present invention.
4 is a flowchart of account module registration in a method for establishing an anonymous digital identity according to another embodiment of the present invention.
5 is a flowchart of a process of registering in an identification information storage module after the account module is registered according to FIG. 4;
Fig. 6 is a flow chart of the first embodiment for performing user authentication after an anonymous digital identity is established.
Fig. 7 is a flow chart of a second embodiment of performing user authentication after an anonymous digital identity is established.
8 is a flow chart to which another tag value verification method is applied in the process of establishing an anonymous digital identity of FIG. 3.
9 is a flowchart in which another tag value verification method is applied in the process of registering the identification information storage module of FIG. 5.
FIG. 10 is a flowchart in which another tag value verification method is applied in the user authentication process of FIG. 6.
11 is a flowchart in which another tag value verification method is applied in the user authentication process of FIG. 7.
12 is a block diagram of an example of an electronic computing device that implements the present invention.

Encryption/decryption may be applied to the information (data) transmission/reception process performed in this specification as needed, and expressions describing the information (data) transmission process in this specification and claims are all encrypted/ It should be interpreted as including the case of decryption. In this specification, expressions in the form of "transmitted from A to B (transmitted)" or "received from A by B" include those transmitted (transmitted) or received with another medium in the middle, and directly from A to B It does not just express what is transmitted (delivered) or received. In the description of the present invention, the order of each step is to be understood without limitation, unless the preceding step must be performed logically and temporally prior to the subsequent step. That is, except for the above exceptional cases, even if a process described as a subsequent step is performed prior to a process described as a preceding step, the essence of the invention is not affected, and the scope of rights should be defined regardless of the order of the steps. And in the present specification, "A or B" is defined to mean not only selectively indicating any one of A and B, but also including both A and B. In addition, in the present specification, the term "comprising" has the meaning of encompassing a further including other elements in addition to the elements listed as including.

In this specification, the term "module" or "unit" means a logical combination of general-purpose hardware and software that performs the function.

In the present specification, only the minimum components necessary for the description of the present invention are described, and components not related to the essence of the present invention are not mentioned. In addition, it should not be interpreted as an exclusive meaning including only the mentioned components, but should be interpreted as a non-exclusive meaning that may include other components not mentioned.

The present invention is performed by an electronic computing device such as a computer capable of electronic calculation, and the mathematical calculation and calculation of each step of the present invention described below are suitable for the known coding method and/or the present invention to perform the corresponding calculation or calculation. It can be implemented as a computer operation by a coding designed in a way.

In the present specification, the term "value" is defined in a broad sense including not only scalar values, but also vectors, matrices, and polynomials.

In the present specification, the meaning of obtaining a predetermined value by performing an operation such as encryption or hashing on a specific value means not only the specific value, but also the modified value of the specific value (for example, a predetermined value is additionally calculated or It is defined as including an operation such as encryption or hash for another value calculated through a process such as changing a corresponding specific value according to a predetermined rule.

In the present specification, HE(*) means the isomorphic encryption value for the value in parentheses.

The exemplary embodiments described herein provide a general understanding of the principles of the structure, function, fabrication, and use and method of the device disclosed herein. One or more such embodiments are shown in the accompanying drawings. Those skilled in the art will understand that the apparatus and methods specifically described herein and shown in the accompanying drawings are non-limiting and exemplary embodiments, and that the scope of the present invention is defined by the claims. Features shown and described in connection with one exemplary embodiment may be combined with features of other embodiments. Such modifications or variations are intended to be included within the scope of the present invention.

The implementation of the present invention can be performed by various electronic computing devices. An example of an electronic computing device that performs each step of the present invention is shown in FIG. 12.

As shown in FIG. 12, the electronic computing device 1209 includes a processor (for example, a central processing unit (CPU) 1210), a memory 1220, a wired or wireless communication unit 1230, and at least one input. The unit 1240 and at least one output unit 1250 are included, but the included elements are not limited to the listed elements. It should be understood that the structure shown in FIG. 12 is provided simplified for illustration purposes only. The structure of the electronic computing device 1209 may be changed in an appropriate manner by a person skilled in the art according to the claims to be described later. In addition, each component of the electronic computing device 1209 may also be changed in an appropriate manner by a person skilled in the art according to the claims to be described later. Therefore, the structure of the apparatus shown in FIG. 12 is merely exemplary and should not be construed as limiting the scope of the present invention.

The processor 1210 may control the operation of the electronic computing device 1209. In more detail, the processor 1210 may be operated to control and interact with various components installed in the electronic computing device 1209 as shown in FIG. 12. For example, the memory 1220 may store program instructions or data executed by the processor 1210. The processes (steps) described herein may be stored in the form of program instructions in the memory 1220 for execution of the processor 1210. The communication unit 1230 may allow the electronic computing device 1209 to transmit data to at least one external device or to receive data from at least one external device through a communication network. The input unit 1240 may allow the electronic computing device 1209 to receive various types of inputs such as audio/video input, user input, and data input. For this purpose, the input unit 1240 is, for example, at least one camera 1242 (ie, “image acquisition unit”), a touch panel 1244, and a microphone (not shown) in order to accept various types of input. ), a sensor 1246, a keyboard, a mouse, and at least one button or switch (not shown). The output unit 1250 may display information on the display screen 1252 so that the user can see it. Display screen 1252 may be configured to accept at least one input, such as a user tapping or pressing screen 1252 through a variety of known mechanisms. The output unit 1250 may further include a light source 1254. The electronic computing device 1209 is shown as a single device, but may also consist of multiple separate devices that can be connected and interact with each other while in use.

1 shows an example of an environment in which the method of making a decision according to the present invention is performed. 1, a plurality of member terminals 10-1,..., 10-n perform data communication with the server 20 through a communication network. In the present specification, the term "member" means a subject participating in online decision making according to the present invention. A member can be registered by accessing a platform providing an online decision making method service according to the present invention and inputting predetermined information necessary for membership registration. Alternatively, the inventor of the present invention may act as a member using an anonymous identity described in Korean Patent Application No. 10-2018-0091692, in which the inventor of the present invention is registered as an inventor. By using this technology, a member submits a token issued by a separately provided anonymous identity service providing system to the server 20 to ensure anonymity and register topics, opinions, and proposals as described below, or preference mark information And/or pros and cons information. A method of issuing tokens for anonymous identity authentication will be described later. Members can be given a nickname that is valid for at least a portion of the time before the voting ends. By giving a nickname, it is possible to guarantee superficial anonymity.

2 is a flowchart of a decision making process according to the present invention. In order to participate in the online decision-making provided by the present invention, first register as a member (step 200). The process of registering as a member may be a normal member registration process in which personal information is entered and registered as described above, or a member may be registered with an anonymous identity.

Next, the member registers an agenda with the server 20 (step 205). In the present specification, the term "subject" is registered by a member as necessary for online decision making, and the type is not limited. For example, you can register as a topic, "How to help company employees' child-rearing activities." In this specification, for convenience of understanding, this subject is described as an example, and in the scope of helping understanding of the present invention, “subject” may be viewed as “a plan that is helpful in child-rearing activities of company employees”.

The subject proposed by the member through the member terminal may be registered in the server and displayed on each member terminal 10-1.,,,,10-n. Members input their opinions on the registered and displayed subject through their terminals, and the server 20 receives the opinions on the subject through a communication network (step 210). Opinions registered by members can be checked through their respective member terminals (10-1.,,,,10-n). In order to prevent unlimited comments from being registered, members can be given a limited number of comments.

In this way, by using the right to speak as a scarce resource, it is possible to think carefully and speak when speaking. If you allow an unlimited number of voices to speak, a specific member can speak more opinions, and there is a possibility that the deliberation direction may be shifted to the wrong place by making comments that are not related to the topic.

For example, an opportunity to limit opinions up to 5 times (the number of times to speak) can be granted on a topic, and opinions exceeding 5 times may be restricted so that registration is not allowed. The number of voices may be transferred between members. For example, at least a part of the number of times the person's right to speak may be transferred to another member.

If the right to speak can be transferred, the right to speak can be effectively controlled, and a certain excellent member can take over the right to speak from other members so that they can make a better speech or expression of opinion.

Alternatively, members who actively express their opinions on the subject may be given more number of voices or rewards.

In the process of expressing opinions on the subject, the member may make a predetermined proposal. (Step 215) In the process of expressing opinions on the subject as an example in this specification, the member registers a proposal such as "Introduction of Parenting Holidays" can do. The proposal may be entered into the member terminal and registered in the server 20 through a communication network. Like the right to speak, the number of times a proposal can be registered can be limited, and members who actively register proposals can be given additional registration times or rewards.

A plurality of proposals may be registered by one member or several members. For example, another member may register "Establishment of a policy for use of daycare centers near the company" as a separate additional proposal. The proposal registered in the server 20 may also be displayed through the member terminals 10-1,...,10-n. In the case of a plurality of proposals, the order of display on the member terminals 10-1,...,10-n may be randomized. When a specific proposal is exposed at the top, the members' prejudice may act, so a more objective preference mark can be obtained by randomly displaying a plurality of proposals. A plurality of randomly displayed proposals may be displayed so that they are uniformly arranged in all member terminals, or differently randomly displayed for each member terminal.

In another embodiment of the present invention, the order of appearance of proposals may be determined based on a preference mark. For example, a proposal with a large number of favorite markers can be displayed further ahead. Alternatively, the order of presentation of proposals may be determined according to other criteria set in advance by the administrator.

When the proposal is registered, members input a preference mark for the proposal through the member terminals 10-1,...,10-n, and the input preference mark is registered in the server 20 through the communication network, and the member terminal It can be confirmed through (10-1,...,10-n) (step 220). "Preference mark" means a mark for each member's preference for a registered proposal, and may be, for example, "Like". Alternatively, you can allow negative preference markers such as "I don't like".

Opinions on proposals can also be received in the proposal registration phase and the preference mark reception phase. That is, the members can check the feedback through the opinion on the proposal, and although not shown in FIG. 2, the proposal can be modified or improved through the feedback. Modification of a proposal should be understood as a concept that includes all actions that differ from the original proposal, such as changing the proposal, deleting the proposal altogether, adding contents to the original proposal, deleting some contents of the original proposal, and so on.

When the preference marks for the registered proposals are gathered and meets a predetermined rule (step 225), the proposal is registered as a voting target (step 230). A predetermined rule can be set, for example, registering as an object of voting when receiving "Like" from 50% or more of the members. This rule can be freely determined by the designer as necessary, and the scope of the present invention is not limited to the type of rule.

Among the two proposals exemplified above, if the member's preference mark for "Introduction of Parenting Holidays" received a predetermined rule, for example, 50% of the members "Like", the proposal is registered as a subject of voting (step 230). When registered as a voting target, it is displayed on the member terminals 10-1,...,10-n, and the member inputs a sign for or against the voting target and delivers it to the server 20 through the communication network (step 235). , Pros and cons can be displayed in conjunction with the proposal, that is, the subject of voting. Pros and cons can be checked through the member terminals 10-1,...,10-n.

In the process of voting, when the counting criterion is reached (step 240), the ballot for the target is counted and the voting result is registered (step 245).

According to the present invention, there is an effect that the subject registration, the proposal for the subject, and the selection and voting of the voting target among the proposals can be developed in a single flow. In addition, the process of subject registration, opinion expression, proposal registration, and voting target registration is performed so as to be classified according to predetermined rules, so that the online decision-making process can be efficiently and accurately operated. In addition, it is possible to motivate members by providing rewards, etc. to members who actively participate in decision-making. In addition, it is possible to make a scarce resource by limiting the members' right to speak or register an offer within a certain range, and by providing an opportunity such as transfer or additional grant, there is an effect that the degree of freedom to design various decision-making processes is guaranteed.

The "reward" provided by the method according to the present invention may be provided through a disposable electronic wallet address generated for each proposal registration and opinion registration. Providing rewards through such a disposable e-wallet address can prevent the member's identity from being exposed during the reward delivery process. Disposable e-wallet addresses can borrow technologies used in cryptocurrencies such as bitcoin.

When using a one-time wallet address generation technology for cryptocurrency such as Hierrachical Deterministic Wallet, etc., transactions can be anonymized, but whether the wallet address is properly generated according to a predetermined rule, and the transaction signature and address are consistent Since it only checks whether it has an electronic signature (whether or not it is digitally signed by a private key paired with the public key used when creating the address), it is possible to determine whether the owner of the wallet is actually eligible for rewards. There is no limit.

The present invention electronically signs the data of the proposal or opinion, an anonymous digital ID (for example, an anonymous digital token generated as described later, etc.), and a disposable wallet address to be described later when the user's proposal registration or transmission is transmitted. The digital signature value can be transmitted to the server. The key to be digitally signed makes it possible to check the integrity by using the secret key generated in relation to the disposable wallet address. According to this method, identification information on the target to be rewarded can also be checked, and the identity of the user receiving the reward can be prevented from being revealed.

Next, a method in which a member participating in the decision making process according to the present invention is given an anonymous identity and can participate in decision making while ensuring anonymity will be described in detail. When a user or member participating in the decision-making according to the present invention participates with an anonymous identity, an anonymous identity token issued as described below may be used.

3 is a flowchart of a method of establishing an anonymous digital identity. In the present specification, "anonymous digital identity" refers to an object that cannot specify who is offline, but can be proved as a unique identity in a digital environment, and is defined as a concept including a predetermined credential.

An environment in which the method of registering identification information is performed includes a user terminal 10, an account module 20, and an identification information storage module 30 (repository).

The account module 20 is provided with unique account module identification information, and is generated for each user. Although not necessarily the case, the account module 20 can be included in the blockchain. Users can perform online activities or tasks through the account module 20 that is uniquely assigned to each user. The account module 20 does not hold user information, and only holds a token that proves an anonymous digital identity, as described later. At the request of the user, tokens that prove various digital identities are provided to the user, allowing the user to use various online services.

The identification information storage module 30 stores a second identification ID (ID_2) and identification information generated through a process to be described later. Several identification information storage modules 30 may exist according to the type of digital identity or credential to be verified.

The user who wants to store the identification information according to the present invention in the identification information storage module 30 transmits the identification information input to the user terminal 10 to the identification information storage module 30 (step 100). The identification information includes biometric information such as an iris, fingerprint, or vein pattern, or identification card information (for example, a resident registration card, passport, driver's license, license, etc.), and is not limited to a specific type of information. And, as described later, in the present invention, since an anonymous digital identity is established, it is not exposed to whom the stored identification information is specifically. Prior to transmission of the identification information in step 100, the user terminal 10 may make a token request for identification to the account module 20. In this specification, "identity verification" is defined as a concept including not only verifying an anonymous digital identity, but also credentials such as qualification, for example, minor/adult status, or nationality verification.

The identification information storage module 30 inquires whether the received identification information is previously stored information (step 101). If the identification information is already stored, the registration is rejected because it is a duplicate registration application. Otherwise, it is determined as a registration request for new identification information and proceeds to step 102 to generate a nonce value (N_nonce).

The identification information storage module 30 digitally signs the first value Value_1 including the nonce value (step 103). In order to later verify the time validity of the generated first value, the first value may further include time information (date_r) of the identification information storage module 30 side. Time validity is used to enhance security by designating a value that is valid only for a predetermined period of time and determining it as a value that is not valid after that time has elapsed.

In the present specification, the term "validity verification value" or "digital signature" is used for convenience of description, but it should be understood that anything other than a normal electronic signature is included as long as it is a method capable of determining whether information has been forged or altered. The validation value is defined as including a normal digital signature value.

The identification information storage module 30 transmits the first value Value_1 and the first validation value Sign_1 to the user terminal 10 (step 104).

Steps 100 to 104 are for checking in advance whether identification information is stored, and unnecessary data is not duplicated in steps 109 to 115 to be described later.

The user terminal 10 generates a key required for isomorphic encryption to be described later (step 105). For homomorphic encryption, a public key method or a symmetric key method may be used. The user terminal 10 generates a 2-1 random value (Value_2-1; Re) to secure the user's randomness (step 106), and homomorphically encrypts the 2-1 random value (Value_2-1). The first isomorphic encryption value HE_1 is generated (step 107).

The user terminal 10 transmits the first value Value_1, the first isomorphic encryption value HE_1, and the first validation value Sign_1 to the account module 20 (step 108).

The account module 20 verifies the first validation value Sign_1 (step 109). If the verification is successful, the account module 20 generates a first identification ID (ID_1) and a 2-2 random value (Value_2-2; Ra) (step 110).

The account module 20 is assigned unique account module identification information for each user, and the first identification ID (ID_1) serves as its role. The 2-2 random value Value_2-2 may be used to secure the randomness of the second identification ID ID_2, which will be described later.

The account module 20 stores a first identification ID (ID_1), a 2-2 random value (Value_2-2), and a first isomorphic encryption value HE_1 (step 111).

The account module 20 digitally signs the first identification ID (ID_1) to generate a second validation value (Sign_2) (step 112). The electronic signature is not necessarily required, and any value that is generated by the account module 20 as the first identification ID (ID_1) and can verify integrity and validity may be used.

The account module 20 generates a second isomorphic encryption value HE_2, which is a value obtained by isotype-encrypting the second identification ID ID_2 (step 113).

The second identification ID (ID_2) may be calculated by performing a one-way function operation (eg, a hash operation) on a value including the first identification ID (ID_1). For example, the second identification ID (ID_2) may be calculated through the relationship as follows.

HE(ID_2) = Hash[ID_1, Value_2-2, HE(Value_2-1)] = HE[Hash(ID_1, Value_2-2, Value_2-1)]

In step 114, the account module 20 digitally signs the third value Value_3 including the second isomorphic encryption value HE_2 to generate a third validation value Sign_3. In order to later verify the validity of the time of the third value, the third value may include time information (date_a) of the account module 20 side.

The account module 20 converts a first identification ID (ID_1), a second validation value (Sign_2), a third value (Value_3), and a third validation value (Sign_3) to the user terminal 10. send.

The user terminal 10 stores a first identification ID (ID_1) and a second validation value (Sign_2) (step 116).

The user terminal 10 transmits the identification information, the third value (Value_3), and the third validation value (Sign_3) to the identification information storage module 30 to request registration of the identification information (step 117).

The identification information storage module 30 verifies the third validation value Sign_3 (step 118), and inquires whether or not the identification information exists (step 119).

The identification information storage module 30 generates a third isotype encryption value HE_3 obtained by isotype-encrypting the third identification ID (ID_3) and a fourth isotype encryption value HE_4 obtained by isotype-encrypting the tag value.

The third identification ID ID_3 may be calculated by performing a one-way function operation (eg, a hash operation) on a value including the second isomorphic encryption value HE_2. For example, a third identification ID (ID_3) may be calculated through the following relationship.

HE(ID_3) = Hash[HE_2, ID of identification information storage module] = HE[Hash(ID_2, ID of identification information storage module)]

The fourth isomorphic encryption value HE_4 may be a value obtained by calculating a random value generated by the identity information storage module 30 and a third isomorphic encryption value HE_3 by a first equation.

For example, the first equation generates two random values, that is, a first random value (r1) and a second random value (r2), and multiplies the first random value (r1) and the third isomorphic encryption value (HE_3). After that, it may be an equation that adds the second random value r2.

Then the following relationship is established.

r1*HE_3+r2 = HE(r1*ID_3+r2) = HE(tag) = HE_4

The first formula may be a formula obtained by multiplying the first random value (r1) and the third isomorphic encryption value (HE_3) and subtracting the second random value (r2), or It can also be an expression that adds or subtracts r2 to the-value of the value multiplied by the encrypted value (HE_3).

In this specification, it defines a function that _{f 1 (r1, HE_3, r2} ) = HE (f 1 (r1, ID_3, r2)) in the first formula.

The first equation may include an XOR operation. In that case, the following relationship is established.

XOR(r1, HE_3) = HE(XOR(r1, ID_3)

The identification information storage module 30 stores a session ID (S_ID), identification information, and a generated random value (step 121). As described above, the identification information includes biometric information, identification card information, and the like, and may include any information that can prove the uniqueness of the user.

The identification information storage module 30 transmits the session ID (S_ID), the third isomorphic encryption value (HE_3), and the fourth isomorphic encryption value (HE_4) to the user terminal 10 (step 122).

The user terminal 10 decodes the third isomorphic encryption value HE_3 and the fourth isomorphic encryption value HE_4 to obtain a third identification ID (ID_3) and a tag value (step 123). .

The user terminal 10 transmits the session ID (S_ID), the third identification ID (ID_3), and the tag value (tag) to the identification information storage module 30 (step 124).

The identification information storage module 30 verifies the tag value received in step 124 (step 125). That is, if the result of calculating the third identification ID (ID_3) received in step 124 and the random value by the first formula matches the tag value, it is determined that the verification is successful, otherwise it is determined that the verification has failed.

If the verification is successful, the identification information storage module 30 matches and stores the third identification ID (ID_3) with the identification information (step 126).

The identification information storage module 30 digitally signs the third identification ID (ID_3) to generate a fourth validation value (Sign_4), and transmits the fourth validation value (Sign_4) to the user terminal 10. do. It is not necessary to digitally sign, and any value that can verify integrity and validity can be used as long as the third identification ID (ID_3) is generated by the identification information storage module 30. have.

The user terminal 10 stores the third identification ID (ID_3) and the fourth validation value (Sign_4), and ends the process of storing identification information (step 129).

According to the identification information registration method according to the present invention, information that can specify who the user is is not stored in the identification information storage module 30, but since the uniqueness of the user can be guaranteed, anonymity is made online. While guaranteeing, uniqueness can also be guaranteed.

FIG. 4 shows a process of directly requesting the establishment of an anonymous digital identity to the account module 20 and registering the account module. FIG. 3 shows a flowchart of a process in which identification information registration is performed separately after registering the account module.

Steps 200 to 202 of FIG. 4 correspond to steps 105 to 107 of FIG. 1, respectively, and thus descriptions thereof will be omitted.

The user requests registration to the account module 20 through the user terminal 10 (step 203). In this case, the first isomorphic encryption value HE_1 is transmitted. Subsequent steps 204 to 210 correspond to steps 110 to 116 of FIG. 1, respectively, and thus descriptions thereof will be omitted.

After the account module registration according to FIG. 4 is completed, the identification information storage module registration procedure is performed according to the process shown in FIG. 3.

Steps 300 to 310 of FIG. 5 correspond to steps 117 to 127 of FIG. 1, respectively, and thus descriptions thereof will be omitted.

The identification information storage module 30 digitally signs the eighth value (Value_8) including the third value (Value_3) and the third validation value (Sign_3) in step 311, and the ninth validation value ( Create Sign_9). The eighth value (Value_8) may further include time information (date_r) of the identification information storage module 30 side to verify time validity later.

The identification information storage module 30 transmits the fourth validation value Sign_4 and the ninth validation value Sign_9 to the user terminal 10 (step 312). At this time, the time information (date_r) of the identification information storage module 30 may also be transmitted.

The user terminal 10 stores a third identification ID (ID_3) and a fourth validation value (Sign_4) obtained by decoding in step 306 (step 313). Then, the user terminal 10 requests the account module 20 to register the identification information storage module (step 314). At this time, the account module 20 may transmit a first identification ID (ID_1), a third value (Value_3), a third validation value (Sign_3), and a ninth validation value (Sign_9). . In this case, time information (date_r) of the identification information storage module 30 may also be transmitted.

The account module 20 verifies the third validation value Sign_3 and the ninth validation value Sign_9 (step 315), and completes registration of the identification information storage module (step 316). Subsequently, the registration completion notification is transmitted to the user terminal to complete the registration procedure (step 317).

6 and 7 are flowcharts illustrating a method of authenticating after storing identification information that guarantees anonymity through the above-described process. The first embodiment shown in FIG. 6 is a method of not authenticating using the identification information stored by the identification information storage module 30, and the method of the second embodiment shown in FIG. 7 is an identification information storage module ( This is a method of using the identification information stored in 30).

The user authenticates the identification information in the user terminal 10 (step 400). For example, identification information authentication is performed at the user terminal through fingerprint or iris recognition on a smartphone.

If authentication is successful, the first identification ID (ID_1) and the second validation value (Sign_2) are transmitted to the account module 20 to request authentication.

The account module 20 verifies the second validation value Sign_2 (step 402), and if the verification is successful, inquires the first identification ID (ID_1) in step 403.

The account module 20 hashes the first identification ID (ID_1) and the second validation value (Sign_2) to generate a first hash value (Hash_1) (step 404).

The account module 20 generates a second isomorphic encrypted value HE_2 (step 405).

The account module 20 digitally signs a fourth value (Value_4) including the first hash value (Hash_1) and the second isomorphic encryption value (HE_2) to generate a fifth validation value (Sign_5) (step 406). In order to verify time validity later, the fourth value Value_4 may include account-side time information date_a.

The account module 20 transmits the fourth value Value_4 and the fifth validation value Sign_5 to the user terminal 10 (step 407).

The user terminal 10 transmits a third identification ID (ID_3) together with the information received in step 407 to the identification information storage module 30 (step 408). In the embodiment of FIG. 5, identification information is further transmitted in this step.

The identification information storage module 30 verifies the fourth and fifth validation values (Sign_4, Sign_5) (step 409), and calculates a third isomorphic encryption value (HE_3) and a fourth isomorphic encryption value (HE_4). (Step 410), and stores the session information (Step 411). In the embodiment of FIG. 5, the identification information is further verified in step 409.

Regarding the generation of the third and fourth isomorphic encryption values HE_3 and HE_4, the description with reference to FIG. 1 is substituted.

The stored session information includes a session ID (S_ID), a random value used to generate a tag value, a third identification ID (ID_3), a fourth value (Value_4), and a fifth validation value (Sign_5). Includes.

The identification information storage module 30 transmits the session ID (S_ID), the third isomorphic encryption value (HE_3), and the fourth isomorphic encryption value (HE_4) to the user terminal 10 (step 412).

The user terminal 10 obtains a third identification ID (ID_3) and a tag value by decrypting the third isomorphic encryption value HE_3 and the fourth isomorphic encryption value HE_4 (step 413). .

The user terminal 10 transmits a session ID (ID_3), a third identification ID (ID_3), a fourth validation value (Sign_4), and a tag value to the identification information storage module 30 Do (step 414).

The identification information storage module 30 verifies the fourth validation value Sign_4 (step 415), and, if the verification is successful, verifies the third identification ID ID_3 and the tag value.

A third identification ID (ID_3) is calculated using the second isomorphic encryption value (HE_2) received in step 208, and it is determined whether the value matches the value received from the user terminal 10 3 Verifies whether the identity verification ID (ID_3) is valid.

The process of verifying the tag value is substantially the same as described in FIG. 1, and thus a description thereof will be omitted.

The identification information storage module 30 digitally signs a fifth value including the fifth validation value Sign_5 to generate a sixth validation value Sign_6 (step 417). The fifth value (Value_5) may include time information (date_r) of the identification information storage module 30 in order to determine validity of time, that is, to be valid only for a predetermined time and to determine that it is not valid after that time. .

The identification information storage module 30 transmits the fourth value Value_4, the fifth validation value Sign_5, and the sixth validation value Sign_6 to the user terminal 10 (step 418).

The user terminal 10 includes a first identification ID (ID_1), a second validation value (Sign_2), a fourth value (Value_4), a fifth value (Value_5), and a fifth validation value (Sign_5). ) And the sixth validation value Sign_6 are transmitted to the account module 20 (step 419).

The account module 20 verifies the fifth validation value (Sign_5) and the sixth validation value (Sign_6) (step 420), the first identification ID (ID_1), and the second validation value (Sign_2). ), and the first hash value (Hash_1) is verified (step 421).

If the verification is successful, the account module 20 generates a token (step 222), and transmits the generated token to the user terminal 10 (step 423).

8 to 11 illustrate another embodiment of a tag verification process in the processes of FIGS. 3 and 5 to 7, respectively. 8 to 11, the identification information storage module 30 has constants G and P.

FIG. 8 is a flowchart of another embodiment of verifying a tag value in the process of establishing an anonymous digital identity of FIG. 3. Steps 100 to 116 of FIG. 3 are the same, so the steps are omitted in FIG. 8 for convenience of illustration. In addition, a description of the steps overlapping with that of FIG. 1 will be omitted.

Prior to the registration request, the user terminal 10 generates a value Ze encrypted with 0 (step 116-1). When the anonymous digital identity registration request is made in step 117-1, the Ze value is also transmitted together with the value transmitted in step 117 of FIG. 3.

The identification information storage module 30 calculates the isotype encryption values of the third identification ID (ID_3) and the tag value (tag) as HE_3 and HE_4, respectively (step 120).

In FIG. 8, the tag value can be calculated as follows.

HE(tag) = r1*HE_3 + r2 + r3*Ze = HE(r1*ID_3 + r2 + r3*Ze)

In this case, tag = r1*ID_3 + r2 + r3*Ze

The difference from the embodiment of FIG. 3 is that one more random value is required, and that a Ze encrypted with 0 is used to generate the tag value. In generating the tag value, you can use an equation other than the above equation. For example, tag = r1*ID_3-r2 -r3*Ze can also be used. In the present specification, the embodiments of FIGS. 8 to 11 use an equation by adding or subtracting a value of r3*Z3 to the calculated value by the first equation as described above.

In this specification, an equation used in the embodiments of FIGS. 8 to 11 is defined as a second equation, and the second equation denotes a function f ₂ that satisfies the following relationship.

_{A function f 2} that satisfies f ₂ (r1, HE_3, r2, r3, Ze) = HE(f ₂ (r1, ID_3, r2, r3, Ze)) is defined as a second equation.

The identification information storage module 30 transmits the session ID (S_ID), third and fourth isomorphic encryption values, and G and P values to the user terminal 10 (step 122-1).

The user terminal 10 decodes HE_3 and HE_4 to obtain ID_3 and tag values (step 123). The user terminal 10 calculates ID_3$ and tag$ (step 123-1).

ID_3$ and tag$ mean values calculated by performing a predetermined operation on ID_3 and tag. For example, the value obtained by performing the following operation can be used.

ID_3$ = G ^ID_3 (mod P)

tag$ = G ^tag (mod P)

The user terminal 10 transmits the thus calculated ID_3$ and tag$ together with the session ID (S_ID) to the identification information storage module 30 (step 124).

The identification information storage module 30 verifies the tag value (step 125). Verification can be performed as follows.

tag$ =? ID_3$ ^r1 *G ^r2 (mod P)

The tag value verification is performed by determining whether the left value tag$ received in step 124 is the same as the value calculated on the right.

9 is a flowchart of a process to which another embodiment of tag value verification in FIG. 5 is applied, FIG. 10 is a flowchart of a process in which another embodiment of tag value verification in FIG. 6 is applied, and FIG. 11 is another implementation of tag value verification in FIG. A flow chart of the example applied process is shown.

Since the process of verifying the tag value of FIGS. 9 to 11 is substantially the same as the process of FIG. 8, the description of verifying the tag value of FIG. 8 will be replaced.

The user terminal 10 has to undergo an online activity that requires anonymity in the future, such as electronic voting or an online discussion that requires anonymity, or an online activity that requires predetermined credentials, such as adult authentication. When performing possible activities, the token can be used as a result of authentication success. According to the present invention, personal information is not exposed and anonymity is guaranteed in order to obtain such authentication.

In the embodiment of FIG. 7 in which the identification information is transmitted to the identification information storage module 30 without being checked at the user terminal to be authenticated, and then undergoes the above-described authentication process, the identification information (for example, For example, iris information or fingerprint information, identification information, etc.) are further transmitted. In addition, a process of determining whether the identification information received by the identification information storage module 30 matches the identification information stored in steps 126 and 309 may be added.

According to the method, in the process of registering identification information and authentication, the account module and the identification information storage module do not communicate directly with each other, and the first identification ID (ID_3) and the third identification identification ID (ID_3) are , Although the account module and the identity verification information storage module are created respectively, it is not known which user is related, so the anonymity of the user is guaranteed and privacy is preserved, while the uniqueness of the identification information is applied to a specific user. It is the only one that can register identity information and use it for authentication later.

When a user who has been issued a token related to an anonymous identity through the above process submits a token, an anonymous ID may be generated based on the token. An individual anonymous ID can be created based on the anonymous ID created in this way. The individual anonymous ID may be generated as an output value of an anonymous ID and a one-way function that takes a subject, a suggestion, and/or an opinion as an input value.

Individual anonymous IDs can be used according to the purpose. For example, the first individual anonymous ID can be used in a specific large group, for example, a group related to several topics that can be related to each other, and the second individual anonymous ID is used in a specific large group. It can be used for a topic, and a third individual anonymous ID can be used for comments or suggestions on a particular topic. For example, consider the following cases.

When an anonymous ID (AAID) is generated based on the token, each individual anonymous ID may be generated as follows based on the anonymous ID (AAID).

It is assumed that a specific large group is "parenting", a specific topic is "how to help company employees' parenting activities", and a specific proposal is "introducing parenting holidays". Then, each individual anonymous ID can be created as follows. "H" means a hash function which is a one-way function.

The first individual anonymous ID (AAID _g ) = H (AAID, parenting)

2nd Individual Anonymous ID (AAID _a ) = H (AAID, a way to help company employees' parenting activities)

Third Individual Anonymous ID (AAID _b ) = H (AAID, childcare holidays introduced)

Individual anonymous IDs can be created and used for comments before proposal. In the above example, each individual anonymous ID is generated by using the AAID and the information of the object to which each individual anonymous ID is used as the hash function input value, but any method can be used if the input value is not known even if the output value is recognized. It should be understood that the above method does not limit the creation of an anonymous ID.

The cryptocurrency disposable wallet address for which the above-described reward is provided is created to be paired with each individual anonymous ID, so that a reward can be provided to a user who presented a corresponding proposal or opinion. In this case, even if the cryptocurrency disposable wallet address is exposed, the identity of the owner cannot be known, so the identity of the recipient can be protected.

According to another embodiment of the present invention, in order to supplement user convenience, the seed value SEED may be used to generate the disposable wallet address and the above-described isomorphic encryption key.

The present invention can be applied to, for example, a general shareholders' meeting, a residents' meeting, a public hearing, etc. when participants gather in an offline space for decision making. When the participants gather, the decision-making process according to the present invention is performed through the participant's terminal, thereby giving the participant an opportunity to evenly express their intention and making the decision according to fair rules.

Although the present invention has been described with reference to the accompanying drawings, the scope of the present invention is determined by the claims to be described later and should not be construed as being limited to the above-described embodiments and/or drawings. And it should be clearly understood that the improvements, changes and modifications of the invention described in the claims, which are obvious to those skilled in the art, are included in the scope of the present invention.

10-1: member terminal 20: server
1209: electronic computing device 1210: processor
1220: memory 1230: communication unit
1240: input unit 1250: output unit

Claims (13)

In the method of making a decision on a specific subject, performed in an environment including a plurality of member terminals and a server capable of data communication with the member terminals,
A first step of receiving a specific topic through a member terminal of at least one member and registering it in a server, and displaying the specific topic so that it can be recognized through the member terminal through data communication with the server; and
A second step of receiving an opinion on the specific topic through at least one member terminal and registering it in a server, and displaying the opinion so that the opinion can be recognized through the member terminal through data communication with the server; and
A third step of receiving and registering a proposal for the specific subject through at least one member terminal, and displaying the registered proposal to be recognizable through the member terminal;
A fourth step of receiving, by a server, preference mark information for the proposal through a member terminal of at least one member;
A fifth step of determining the proposal as an object of voting and registering it with a server if the proposal meets a predetermined rule based on the preference mark information received in the fourth step;
Including a sixth step of receiving, by the server, the pros and cons of the proposal registered in the fifth step from the member terminal of at least one member,
How to make decisions online.
The method according to claim 1,
Further comprising step 5-1 of the server receiving the opinions of the members on the proposal subject to voting through the member terminal,
How to make decisions online.
The method according to claim 1,
The opinions of each member in the second step are displayed on the member terminal in conjunction with the contents of the proposal.
How to make decisions online.
The method according to claim 2,
The opinions of each member in step 5-1 are displayed on the member terminal in conjunction with the contents of the proposal targeted for voting.
How to make decisions online.
The method according to any one of claims 1 to 4,
At least one of the number of times each member's opinions are presented and the number of proposals registered is limited to a predetermined number of times,
How to make decisions online.
The method of claim 5,
The at least one member further comprises a seventh step of requesting the server to transfer at least part of the number of times assigned to the member to another member through the member terminal,
How to make decisions online.
The method according to any one of claims 1 to 4,
Further comprising an eighth step of providing a reward to a member who has registered a proposal or opinion according to a predetermined rule,
How to make decisions online.
The method according to any one of claims 1 to 4,
Each member is given a nickname that is valid for at least a portion of the time before voting ends,
How to make decisions online.
The method according to any one of claims 1 to 4,
When a plurality of proposals are registered in the third step, the order of appearance of proposals is a random order or an order determined based on a preference mark,
How to make decisions online.
The method according to any one of claims 1 to 4,
In the third and fourth steps, an eighth step of receiving an opinion on the proposal from at least one member terminal, registering it in the server, and displaying the opinion so that the opinion can be recognized through the member terminal through data communication with the server is further performed. Included,
How to make decisions online.
The method of claim 10,
A ninth step of receiving and registering the revised proposal through the terminal of the member who registered the proposal, and displaying the revised proposal so that the revised proposal can be recognized through the member terminal through data communication with the server.
How to make decisions online.
The method according to any one of claims 1 to 4,
Step 10 of issuing anonymous identity tokens to members,
An eleventh step of generating an anonymous ID based on the anonymous identity token,
A twelfth step of generating an output value calculated by inputting the anonymous ID and at least information of each decision-making step into a one-way function as an individual anonymous ID used for each step,
How to make decisions online.
The method of claim 12,
Further comprising a thirteenth step of providing a reward to a member who has registered a suggestion or opinion according to a predetermined rule,
A 14th step of generating a disposable wallet address paired with the individual anonymous ID,
Further comprising a fifteenth step of transmitting the reward to the disposable wallet address.
How to make decisions online.

Images