WO2020255382A1 - Système de transaction de contenu, procédé de transaction de contenu, dispositif de gestion de clé et programme de gestion de clé - Google Patents

Système de transaction de contenu, procédé de transaction de contenu, dispositif de gestion de clé et programme de gestion de clé Download PDF

Info

Publication number
WO2020255382A1
WO2020255382A1 PCT/JP2019/024742 JP2019024742W WO2020255382A1 WO 2020255382 A1 WO2020255382 A1 WO 2020255382A1 JP 2019024742 W JP2019024742 W JP 2019024742W WO 2020255382 A1 WO2020255382 A1 WO 2020255382A1
Authority
WO
WIPO (PCT)
Prior art keywords
content
key
transfer
encryption
encrypted
Prior art date
Application number
PCT/JP2019/024742
Other languages
English (en)
Japanese (ja)
Inventor
俊也 清水
藤本 真吾
Original Assignee
富士通株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 富士通株式会社 filed Critical 富士通株式会社
Priority to PCT/JP2019/024742 priority Critical patent/WO2020255382A1/fr
Priority to JP2021528602A priority patent/JPWO2020255382A1/ja
Publication of WO2020255382A1 publication Critical patent/WO2020255382A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • the present invention relates to a content trading system, a content trading method, a key management device, and a key management program.
  • the asset when transferring an asset (hereinafter sometimes referred to as content), in the transfer source blockchain, the asset is frozen in order to make the original user unable to use the asset in the transfer source blockchain, that is, Encrypt the content.
  • the transferred content is encrypted with the content recipient's public key so that users other than the content recipient cannot decrypt the content without permission.
  • the transferred content is encrypted with the content recipient's public key so that users other than the content recipient cannot decrypt the content without permission.
  • one or more transaction approvers, etc. can use the secret sharing technology that divides the key into multiple people as fragments and restores the key only when some of the fragments are complete. It is also conceivable to take a mechanism to distribute the keys and decrypt them when some of the keys are available. However, in such a secret sharing technology, there are cases where the key can be restored when the content sender and the content receiver collude, or when a plurality of approvers collude with each other, and an appropriate key according to the process. Is difficult to disperse.
  • the present invention was devised in view of such a problem, and an object of the present invention is to recover the content in the event of a transaction failure.
  • the content trading system that realizes the transaction of contents between the transfer source and the transfer destination is an encryption processing unit that generates encrypted contents in which the contents are encrypted using a content key.
  • an encrypted content key generation unit that generates an encrypted content key in which the content key is encrypted using the public key of the transfer source of the content, the public key of the transfer destination of the content, and the public key for transaction authentication.
  • a transfer processing unit that transfers the encrypted content and the encrypted content key to the depository, and a confirmation unit that confirms the completion of the transfer of the encrypted content from the transfer source to the transfer destination. It is provided with a recovery processing unit that executes a recovery process for returning the content to the transfer source when the completion of the transfer of the encrypted content from the transfer source to the transfer destination is not confirmed.
  • the content can be recovered when the transaction fails.
  • FIG. 1 It is a figure which illustrates the hardware configuration of the content trading system as an example of an embodiment. It is a figure which illustrates the hardware configuration of the intermediary system in the content trading system as an example of an embodiment. It is a figure which illustrates the hardware configuration of the cooperation node in the content trading system as an example of an embodiment. It is a figure which illustrates the hardware configuration of the client computer in the content trading system as an example of an embodiment. It is a figure which illustrates the hardware configuration of the key management system in the content trading system as an example of an embodiment. It is a figure which illustrates the hardware configuration of the approver computer in the content trading system as an example of an embodiment. It is a figure which illustrates the functional structure of the intermediary system in the content trading system as an example of an embodiment.
  • FIG. 1 is a diagram illustrating a hardware configuration of a content trading system 1 as an example of an embodiment.
  • the content trading system 1 includes blockchains 10, 20, and 25. These blockchains 10, 20, and 25 are also simply referred to as BC10, BC20, and BC25, respectively. Although FIG. 1 illustrates a case where three blockchains are provided, the content trading system 1 may have four or more blockchains.
  • these BC10 and BC20 include client computers 50A and 50B used by users of each blockchain, respectively.
  • client computers 50A and 50B used by users of each blockchain, respectively.
  • the reference numerals 50A and 50B are used when it is necessary to specify one of the plurality of client computers, but the reference numeral 50 is used when referring to an arbitrary client computer.
  • FIG. 1 illustrates a case where BC10 and BC20 each include one user, that is, one client computer 50, but two or more users, that is, two or more users, respectively.
  • a client computer 50 may be provided.
  • communication peer-to-peer connection
  • peer-To-Peer peer-to-peer technology
  • Blockchains 10 and 20 are realized.
  • the content trading system 1 illustrated in FIG. 1 realizes the transaction of assets between the user of BC10 and the user of BC20.
  • the transfer of assets (contents) in the transaction of assets is taken up, and the transfer of assets from the user of BC10 to the user of BC20 is illustrated.
  • the user who is the transfer source of the asset or the computer used by the user is also referred to as the content sender A.
  • the user to whom the asset is transferred or the computer used by the user is also referred to as content receiver B.
  • the asset to be transferred is not limited to a numerical type such as currency, and may be a non-numerical electronic content such as license information.
  • the BC25 includes approver computers 70C1 and 70C2 used by the user of the BC25.
  • the code indicating the approver computer the code 70C1 and 70C2 are used when it is necessary to specify one of the plurality of approver computers, but the code 70 is used when referring to an arbitrary approver computer.
  • the user of the approver computer 70 is referred to as an approver.
  • FIG. 1 illustrates a case where the BC 25 includes two approvers, that is, a case where the BC 25 includes two approver computers 70, but the present invention is not limited to this.
  • BC10 and BC20 each include cooperation nodes 40A and 40B, respectively.
  • the reference numerals indicating the cooperation nodes the reference numerals 40A and 40B are used when it is necessary to specify one of the plurality of cooperation nodes, but the reference numerals 40 are used when referring to any cooperation node.
  • This cooperation node 40 performs content transfer processing between different blockchains on behalf of the user.
  • the cooperation nodes 40A and 40B are also referred to as a transfer source cooperation node 40A and a transfer destination cooperation node 40B, respectively, and the cooperation node 40 is also simply referred to as a node.
  • an intermediary system 30 is provided between these BC10 (cooperation node 40A) and BC20 (cooperation node 40B).
  • the mediation system 30 mediates communication between different blockchains (between BC10 and BC20 in FIG. 1). Further, the cooperation node 40 and the intermediary system 30 are connected to each other via a network such as the Internet.
  • the cooperation node 40A receives a transfer processing execution request from the user (content sender A) of the blockchain (BC10) to which it belongs. Then, the cooperation node 40A performs the transfer process via the intermediary system 30. Then, the intermediary system 30 transfers the content to the content receiver B via the cooperation node 40B (transfer destination cooperation node 40B) belonging to the transfer destination blockchain (BC20).
  • BC10 and BC20 are provided with key management systems 60A and 60B, respectively.
  • the codes 60A and 60B are used when it is necessary to specify one of the plurality of key management systems, but the code 60 is used when referring to an arbitrary key management system.
  • the key management system 60 generates a key used for encryption, issues a transaction described later, and the like. Then, the key management system 60 is connected to the cooperation node 40, the client computer 50, and the intermediary system 30 via a network such as the Internet.
  • key management systems 60A and 60B are also referred to as a transfer source key management system 60A and a transfer destination key management system 60B, respectively.
  • the approver computer 70 generates the approver key required for content encryption.
  • the approver computers 70C1 and 70C2 are used by the approver C1 and C2, respectively, but the present invention is not limited to this.
  • the cooperation node 40, the mediation system 30, the key management system 60, and the approver computer 70 described above may be realized by a computer having a server function. Further, the mediation system 30 may be constructed by using a known smart contract technology of the blockchain.
  • FIG. 2 is a diagram illustrating the hardware configuration of the intermediary system 30 in the content trading system 1 as an example of the embodiment.
  • the intermediary system 30 is, for example, a computer (information processing device) having a server function, and may optionally include a CPU (Central Processing Unit) 31, a storage unit 320, a ledger storage unit 321 and a key information storage unit 322. .. Further, the intermediary system 30 may include, for example, a memory 33, an IF unit 34, an input unit 35, and a display unit 36.
  • a CPU Central Processing Unit
  • the CPU 31 executes an OS (Operating System) or a program stored in the storage unit 320 described later. Then, the CPU 31 controls, for example, the intermediary system 30 to execute access to the cooperation node 40B in response to a request input from the cooperation node 40A or the key management system 60A. Further, for example, the intermediary system 30 is controlled to realize the communication in the content trading system 1. In this embodiment, the CPU 31 executes the intermediary program 38 described later.
  • OS Operating System
  • the intermediary program 38 described later.
  • the storage unit 320, the ledger storage unit 321 and the key information storage unit 322 are examples of hardware for storing various data, programs, and the like.
  • the storage unit 320, the ledger storage unit 321 and the key information storage unit 322 may be used as a secondary storage device in the intermediary system 30, and programs such as an OS, firmware, and applications, and various data are stored. You can.
  • the storage unit 320, the ledger storage unit 321 and the key information storage unit 322 include, for example, a magnetic disk device such as an HDD (Hard Disk Drive), an SSD (Solid State Drive), an SCM (Storage Class Memory), or the like. Examples include semiconductor storage devices.
  • the storage unit 320 may store a program that realizes all or a part of various functions of the intermediary system 30. At least two of the storage unit 320, the ledger storage unit 321 and the key information storage unit 322 may be the same hardware.
  • the memory 33 is an example of hardware for storing various data and programs. Examples of the memory 33 include a volatile memory, for example, a RAM such as a DRAM (Dynamic RAM). RAM is an abbreviation for Random Access Memory.
  • the IF unit 34 is an example of a communication interface that controls each connection and each communication with the cooperation node 40 and the key management system 60 via a network such as the Internet.
  • the IF unit 34 includes an adapter compliant with Ethernet (registered trademark), optical communication (for example, Fiber Channel), and the like.
  • the intermediary system 30 may be provided with a communication interface for controlling connection and communication with a management terminal of an administrator (not shown), and the intermediary program 38 may be downloaded using the communication interface.
  • the input unit 35 may include at least one of input devices such as a mouse, a keyboard, a touch panel, and operation buttons.
  • the display unit 36 may include, for example, at least one of a display and an output device such as a projector, a speaker, and a printer.
  • FIG. 3 is a diagram illustrating the hardware configuration of the cooperation node 40 in the content trading system 1 as an example of the embodiment.
  • the cooperation node 40 is, for example, a computer (information processing device) having a server function, and may optionally include a CPU 41, a storage unit 42, a memory 43, an IF unit 44, an input unit 45, and a display unit 46. ..
  • the storage unit 42, the memory 43, the input unit 45, and the display unit 46 are the storage unit 320, the memory 33, the input unit 35, and the display unit 36 of the intermediary system 30 described with reference to FIG. 2, respectively. Since it is almost the same, the description thereof will be omitted.
  • the CPU 41 executes an OS or a program stored in the storage unit 42, and controls, for example, the cooperation node 40 in order to execute access to, for example, the intermediary system 30 in response to a request input from the key management system 60.
  • the CPU 41 executes the cooperation program 47 described later.
  • the IF unit 44 is an example of a communication interface that controls connection and communication with the key management system 60 and the intermediary system 30 via a network such as the Internet.
  • the cooperation node 40 may be provided with a communication interface for controlling connection and communication with a management terminal of an administrator (not shown), and the cooperation program 47 may be downloaded using the communication interface.
  • FIG. 4 is a diagram illustrating the hardware configuration of the client computer 50 in the content trading system 1 as an example of the embodiment.
  • the client computer 50 is, for example, a computer (information processing device) such as a mobile phone, and may include a CPU 51, a storage unit 52, a memory 53, an IF unit 54, an input unit 55, and a display unit 56, for example. ..
  • the storage unit 52, the memory 53, the input unit 55, and the display unit 56 are the storage unit 320, the memory 33, the input unit 35, and the display unit 36 of the intermediary system 30 described with reference to FIG. 2, respectively. Since it is almost the same, the description thereof will be omitted.
  • the CPU 51 executes an OS or a program stored in the storage unit 52, and controls, for example, the client computer 50 in response to a request input from a user of the client computer 50, for example.
  • the CPU 51 executes the client program 57, which will be described later.
  • the IF unit 54 is a communication interface that controls each connection and each communication between the key management system 60 and the blockchain (another client computer 50) to which it belongs via a network such as the Internet. This is an example.
  • the client computer 50 may be provided with a communication interface for controlling connection and communication with a management terminal of an administrator (not shown), and the client program 57 may be downloaded using the communication interface.
  • FIG. 5 is a diagram illustrating the hardware configuration of the key management system 60 in the content trading system 1 as an example of the embodiment.
  • the key management system 60 is, for example, a computer (information processing device) having a server function, and includes, for example, a CPU 61, a storage unit 62, a memory 63, an IF unit 64, an input unit 65, and a display unit 66. Good.
  • the storage unit 62, the memory 63, the input unit 65, and the display unit 66 are the storage unit 320, the memory 33, the input unit 35, and the display unit 36 of the mediation system 30 described with reference to FIG. 2, respectively. Since it is almost the same, the description thereof will be omitted.
  • the CPU 61 executes an OS or a program stored in the storage unit 62, and controls, for example, the key management system 60 in response to requests input from the cooperation node 40, the client computer 50, and the intermediary system 30.
  • the CPU 61 executes the key management program 67 described later.
  • the IF unit 64 is an example of a communication interface that controls connection and communication between the cooperation node 40, the client computer 50, and the intermediary system 30 via a network such as the Internet.
  • the key management system 60 may be provided with a communication interface for controlling connection and communication with a management terminal of an administrator (not shown), or the key management program 67 may be downloaded using the communication interface. Good.
  • FIG. 6 is a diagram illustrating the hardware configuration of the approver computer 70 in the content trading system 1 as an example of the embodiment.
  • the approver computer 70 is, for example, a computer (information processing device), and may include, for example, a CPU 71, a storage unit 72, a memory 73, an IF unit 74, an input unit 75, and a display unit 76.
  • the storage unit 72, the memory 73, the input unit 75, and the display unit 76 are the storage unit 320, the memory 33, the input unit 35, and the display unit 36 of the mediation system 30 described with reference to FIG. 2, respectively. Since it is almost the same, the description thereof will be omitted.
  • the CPU 71 executes an OS or a program stored in the storage unit 72, and controls, for example, the approver computer 70 in response to a request input from the intermediary system 30. In this embodiment, the CPU 71 executes the approval program 77 described later.
  • the IF unit 74 is a communication interface that controls connection and communication with the intermediary system 30 via a network such as the Internet.
  • the approver computer 70 may be provided with a communication interface for controlling connection and communication with a management terminal of an administrator (not shown), and the approval program 77 may be downloaded using the communication interface. ..
  • FIG. 7 is a diagram illustrating the functional configuration of the intermediary system 30 in the content trading system 1 as an example of the embodiment.
  • the intermediary system 30 may optionally include a blockchain communication unit 81, a blockchain control unit 82, and a key management unit 83.
  • the ledger storage unit 321 of the intermediary system 30 may include the ledger 90D
  • the key information storage unit 322 of the intermediary system 30 may include the key information 91.
  • the ledger 90D and the key information 91 may be provided in the same storage unit.
  • the blockchain communication unit 81 of the intermediary system 30 communicates with the cooperation node 40, the key management system 60, and the approver computer 70 provided in the content trading system 1.
  • the blockchain communication unit 81 may include a transaction transmission / reception unit 811 and a block detection unit 812.
  • the transaction transmission / reception unit 811 of the blockchain communication unit 81 issues and transmits transactions, and receives (detects) transactions.
  • the transaction is a transaction history, and when a transaction for transferring an asset is performed, for example, a transfer source user or a transfer destination user is recorded as a history.
  • the transaction generated by the transaction transmission / reception unit 811 will be described later with reference to FIG.
  • the transaction transmission / reception unit 811 also has a function of adding the information included in the key information 91 stored in the key information storage unit 322 to the transaction when transmitting the transaction.
  • the secret key of the approver which will be described later, is stored in the key information 91 provided in the key information storage unit 322 of the intermediary system 30.
  • the key information 91 will be described later.
  • the block detection unit 812 of the blockchain communication unit 81 periodically or as necessary (for example, when it is necessary to confirm that the asset is not frozen, which will be described later), of a predetermined block. Perform detection.
  • the block detection unit 812 monitors its own ledger storage unit 321 provided with the ledger 90D, and the storage unit 42 in which the ledger 90A of BC10 and the ledger 90B of BC20 described later are stored at a fixed timing. Then, the block detection unit 812 may detect information indicating a predetermined transaction (a block including a predetermined transaction).
  • a block is, for example, a collection of data.
  • the reference numerals 90A, 90B, and 90D are used when it is necessary to specify one of the plurality of ledgers, but the reference numeral 90 is used when referring to an arbitrary ledger.
  • the block detection unit 812 determines, for example, by detecting a block including a predetermined transaction, whether or not the transaction has been incorporated into the predetermined blockchain. In other words, when the block detection unit 812 detects a block containing a predetermined transaction in the ledger 90D, the ledger 90A of BC10 described later, and the ledger 90B of BC20 described later, the transaction is normally completed (confirmed). to decide. That is, the block detection unit 812 determines that the transaction has been successfully incorporated into the predetermined blockchain. Then, when the block detection unit 812 determines that the end has not been completed normally, the block detection unit 812 notifies the content sender A to that effect via the key management system 60.
  • the blockchain control unit 82 of the intermediary system 30 causes another blockchain to transfer assets between accounts described later, for example, transferring assets from a supply account (described later) to a transfer destination account (described later) or depositing assets. Have the assets transferred from the account (described later) to the frozen account (described later).
  • the blockchain control unit 82 also controls the ledger 90D (described later) stored in the ledger storage unit 321 or the information of the ledger 90D.
  • the ledger 90 is a set of data in which transactions are recorded, and may be managed by using a data management system such as a database, or in a storage device such as an HDD or SSD. It may be managed by management (memory).
  • the ledger 90 may include a user's account, a deposit account, a frozen account, a supply account, and information on these accounts, which will be described later.
  • the BC10 ledger 90A which will be described later, preferably includes, but is not limited to, the user's account, the deposit account, the frozen account, and information on these accounts, which will be described later.
  • the ledger 90B of BC20 which will be described later, includes a supply account and information on the supply account, but the present invention is not limited to this.
  • the user's account (not shown) is an area in which each user's assets held by the blockchain user are stored, and may be a virtual area. Further, the account of the content sender A is also referred to as a transfer source account, and the account of the content receiver B is also referred to as a transfer destination account.
  • the asset transfer from the content sender A to the content receiver B is successful, the asset of the content sender A is transferred from the content sender A's account (transfer source account) to the content receiver B's account (the transfer source account). Transferred to the transfer destination account).
  • the storage and transfer of the assets are not limited to those that are physically executed, and may be virtually realized on a server using, for example, a cloud service.
  • the deposit account (not shown) is an area in which the assets to be transferred are temporarily stored in the intermediary system 30, and may be a virtual area.
  • the deposit account (not shown) is an area where the assets to be transferred are stored until it is transferred to the transfer destination account, and may be a virtual area. If the assets are transferred to this frozen account, the content sender A cannot recover the assets (cannot be used), but can recover the assets transferred to the deposit account (can be used). That is, by providing not only a frozen account but also a deposit account, the content sender A can recover the asset if the transfer process fails before the asset is transferred to the transfer destination. ..
  • the deposit account is also called a deposit destination.
  • the supply account (not shown) is an area in which the asset is stored in order to supply the asset, and may be a virtual area.
  • the blockchain control unit 82 may include a ledger control unit 821.
  • the ledger control unit 821 acquires (reads) data from the ledger 90D described above. Further, the ledger control unit 821 writes (records, updates, writes) data to the ledger 90D.
  • the key management unit 83 of the intermediary system 30 manages the keys used for encryption and decryption stored in the key information 91 of its own key information storage unit 322.
  • the details of the key information 91 and the management of the key information 91 will be described later.
  • the key management unit 83 may include a key transmission unit 831.
  • the key transmission unit 831 transmits the secret key of the approver stored in the key information 91 of its own key information storage unit 322 to the key management system 60.
  • the cooperation node 40 performs content transfer processing between blockchains.
  • FIG. 8 is a diagram illustrating the functional configuration of the cooperation node 40 in the content trading system 1 as an example of the embodiment.
  • the cooperation node 40 may optionally include a blockchain communication unit 48 and a blockchain control unit 49. Further, the storage unit 42 of the cooperation node 40 may include a ledger 90A or a ledger 90B.
  • ledger 90A the ledger provided by the linkage node 40A of BC10
  • ledger 90B the ledger provided by the linkage node 40B of BC20
  • the blockchain communication unit 48 of the cooperation node 40 communicates with the mediation system 30 and the key management system 60 provided in the content transaction system 1.
  • the blockchain communication unit 48 may include a transaction transmission / reception unit 481 as illustrated in FIG.
  • the transaction transmission / reception unit 481 transmits a transaction and also receives (detects) a transaction transmitted from the key management system 60 described later.
  • the blockchain control unit 49 of the cooperation node 40 controls the ledger 90A or ledger 90B stored in its own storage unit 42, or the information of the ledger 90A or ledger 90B.
  • transaction information of the transaction in BC10 is recorded in the ledger 90A stored in the storage unit 42 of the cooperation node 40A of BC10. Further, transaction information of the transaction in BC20 is recorded in the ledger 90B stored in the storage unit 42 of the cooperation node 40B of BC20. That is, it is assumed that the ledgers 90A and 90B provided in each device store the same information in synchronization between the nodes of the blockchain to which the node holding the ledger belongs.
  • the blockchain control unit 49 may include a ledger control unit 491.
  • the ledger control unit 491 acquires (reads) data from the ledgers 90A and 90B and writes (records, updates, and writes data to the ledgers 90A and 90B) based on the information received by the transaction transmission / reception unit 481 described above. Light).
  • FIG. 9 is a diagram illustrating the functional configuration of the client computer 50 in the content trading system 1 as an example of the embodiment.
  • the client computer 50 may optionally include a key management system communication unit 58.
  • the key management system communication unit 58 of the client computer 50 communicates with the key management system 60, and for example, generates (issues) a key used for encryption, issues a transaction, and decrypts contents to the key management system 60. Ask.
  • the key management system 60 may optionally include a blockchain communication unit 68 and an encryption control unit 69. Further, the storage unit 62 of the key management system 60 may include the key information 91.
  • the blockchain communication unit 68 of the key management system 60 communicates with the mediation system 30, the cooperation node 40, and the client computer 50 provided in the content transaction system 1.
  • the blockchain communication unit 68 may include a transaction issuing unit 681 as illustrated in FIG.
  • This transaction issuing unit 681 issues a predetermined transaction.
  • the transaction issued by the transaction issuing unit 681 will be described later with reference to FIG.
  • the encryption control unit 69 of the key management system 60 performs the encryption process described later.
  • the encryption control unit 69 generates, for example, a key required for encryption, encrypts predetermined information using the generated key, and decrypts information using the key.
  • the encryption control unit 69 includes an encryption / decryption unit 691, and the encryption / decryption unit 691 is a key required to encrypt the content to be transferred. May be generated, predetermined information may be encrypted, and information may be decrypted using a key.
  • the encryption / decryption unit 691 generates a common key for encrypting the content to be transferred, and also generates an encryption key necessary for generating the common key.
  • the encryption and decryption processes performed by the encryption / decryption unit 691 will be described later with reference to FIGS. 12 and 13.
  • the encryption / decryption unit 691 stores the key used for encryption in the key information 91 described later in the storage unit 62.
  • the key information 91 stores the key generated by the encryption / decryption unit 691, and may be managed using, for example, a data management system such as a database, or an HDD. It may be managed by management (storage) in a storage device such as SSD or SSD. Therefore, the key stored in the key information 91 is used for encrypting and decrypting the information in the content trading system 1.
  • the key information 91 provided in the key management system 60's own storage unit 62 stores the public key and the private key of the user of the client computer 50.
  • the key information 91 provided in the key management system 60 includes, as an example, the public key pk_A and the private key sk_A of the content sender A, and the disclosure of the content receiver B.
  • the key pk_B and the private key sk_B are stored.
  • the key management system 60A and the key management system 60B may store the public key and the private key of the blockchain user to which they belong in their own key information 91.
  • the key management system 60A stores the public key pk_A and the private key sk_A of the content sender A in its own key information 91
  • the key management system 60B stores the public key pk_B and the private key sk_B of the content receiver B. Is stored in its own key information 91.
  • the key management system 60A and the key management system 60B may exchange public keys stored in the key information 91, respectively.
  • each key is not limited to this.
  • the private key of the user of the blockchain to which they belong is stored in their own key information 91, and the public key of the user other than the blockchain to which they belong is also stored. It may be stored in the key information 91 of.
  • the key information 91 included in the key management system 60 may store the public key pk_C1 of the approver C1 and the public key pk_C2 of the approver C2.
  • the secret key sk_C1 of the approver C1 and the secret key sk_C2 of the approver C2 are stored in the key information 91 provided in the key information storage unit 322 of the intermediary system 30.
  • the same of the key information 91 provided in the key information storage unit 322 of the intermediary system 30 described above is the same.
  • the information may be updated.
  • FIG. 11 is a diagram illustrating the functional configuration of the approver computer 70 in the content trading system 1 as an example of the embodiment.
  • the approver computer 70 may optionally include a key management system communication unit 78.
  • the key management system communication unit 78 communicates with the intermediary system 30, and receives a request from the intermediary system 30, for example, issues or transmits a key of an approver who uses the approver computer 70.
  • FIG. 12 is a diagram illustrating the use of the key related to the content trading system 1 in the present embodiment
  • FIG. 13 is a diagram illustrating encryption in the content trading system 1 in the present embodiment.
  • FIG. 12 shows a case where a BC10 user (content sender A) transfers his / her own content to another blockchain (BC20) user (content receiver B) in the content trading system 1. Is illustrated. Further, it is assumed that there are two approvers at that time, the approver C1 and the approver C2, who belong to (the user of) BC25.
  • the content to be transferred is encrypted using a private key or a common key, and a key is also required when decrypting the encrypted content (encrypted content).
  • a key is also required when decrypting the encrypted content (encrypted content).
  • the public key pk_A and the private key sk_A of the content sender A and the public key pk_B and the private key sk_B of the content receiver B are used.
  • the public key pk_C1 and the private key sk_C1 of the approver C1 and the public key pk_C2 and the private key sk_C2 of the approver C2 are used in the encryption and decryption of the content.
  • the public key pk_C1 of the approver C1 and the public key pk_C2 of the approver C2 are also referred to as a transaction authentication public key
  • the private key sk_C1 of the approver C1 and the private key sk_C1 of the approver C2 are also referred to as a transaction authentication private key.
  • the public key pk_C1 of the approver C1 and the public key pk_C2 of the approver C2 are stored in the key information 91 in the storage unit 62 of the key management system 60. Then, the private key sk_C1 of the approver C1 and the private key sk_C2 of the approver C2 are stored in the key information 91 provided in the key information storage unit 322 of the intermediary system 30.
  • This storage form is an example, and can be modified in various ways.
  • the encryption process is executed by the encryption / decryption unit 691 of the key management system 60.
  • the encryption / decryption unit 691 of the key management system 60A combines the public key pk_A of the content sender A, the public key pk_C1 of the approver C1, and the public key pk_C2 of the approver C2.
  • To generate one encryption key K_AC In the present embodiment, for example, even if one encryption key K_AC is generated from three public keys pk_A, pk_C1, pk_C2 by using a known 3of3 threshold type public key cryptography such as DTPKE (Dynamic Threshold Public Key Encryption).
  • DTPKE Dynamic Threshold Public Key Encryption
  • the encryption key K_AC is also referred to as a first encryption key.
  • the encryption / decryption unit 691 generates one encryption key K_BC by combining the public key pk_B of the content receiver B, the public key pk_C1 of the approver C1, and the public key pk_C2 of the approver C2.
  • one encryption key K_BC is similarly generated from the three public keys pk_B, pk_C1, pk_C2 by using a known 3of3 threshold type public key cryptography such as DTPKE. It may be, but it is not limited to this.
  • the private keys corresponding to each of the three public keys pk_B, pk_C1, and pk_C2 are restored.
  • the encryption key K_BC is also referred to as a second encryption key.
  • the encryption / decryption unit 691 combines the generated encryption key K_AC and the encryption key K_BC to generate one encryption key K_ABC.
  • one encryption key K_ABC may be generated from two encryption keys K_AC and K_AC by using a known 1of2 threshold type public key cryptography, but the method for generating the encryption key K_ABC is this. Not limited to.
  • the encryption key K_ABC is also referred to as a hierarchical encryption key.
  • the encryption / decryption unit 691 generates a common key K for encrypting the content to be transferred. Then, the encryption / decryption unit 691 encrypts the content to be transferred by using the generated common key K. Further, the transaction issuing unit 681 of the key management system 60A issues a transaction Tx1 (described later) for transferring the content encrypted by the encryption / decryption unit 691 to the deposit account. Further, the transaction issuing unit 681 adds information (encryption common key K') created by encrypting the common key K with the encryption key K_ABC. This encryption common key K'is also referred to as an encrypted content key.
  • the content trading system 1 encrypts the content by hierarchically using the threshold-type public key encryption technology of 3of3 and the threshold-type public key encryption technology of 1of2.
  • the encryption key K_AC or the encryption key K_BC it is sufficient to have the encryption key K_AC or the encryption key K_BC. This means that, for example, when restoring the content encrypted by the encryption key K_AC, the private key sk_A and the approver's private keys sk_C1 and sk_C2 are sufficient.
  • the content sender A decrypts the content
  • his / her own private key sk_A does not need to acquire the private key sk_B of the content receiver B.
  • Content can be decrypted using. Therefore, as long as the content sender A can acquire the approver's private keys sk_C1 and sk_C2, the content sender A can recover the content even if the content transfer fails.
  • FIG. 14 shows the processing of steps S1 to S8
  • FIG. 17 shows the processing of steps S9, S11 to S18
  • FIG. 18 shows the processing of steps Q1 to Q3, respectively.
  • FIGS. 15 and 16 are diagrams illustrating transactions in the content trading system 1 of the present embodiment.
  • a user of BC10 (content sender A) transfers his / her own content to a user of another blockchain (BC20). Take the case of transferring to (content recipient B) as an example. Further, it is assumed that there are two approvers at that time, the approver C1 and the approver C2, who belong to (the user of) BC25.
  • step S1 shown in FIG. 14 the key management system communication unit 58 of the content sender A accesses the key management system 60A of the blockchain BC10 to which the content sender B belongs in order to transfer the content to the content receiver B.
  • the encryption / decryption unit 691 of the key management system 60A generates a common key K for encrypting the content to be transferred.
  • the encryption / decryption unit 691 obtains the public key pk_A of the content sender A, the public key pk_B of the content receiver B, the public key pk_C1 of the approver C1, and the approver C2 from the key information 91. Obtain the public key pk_C2.
  • the encryption / decryption unit 691 combines the public key pk_A of the content sender A and the public keys pk_C1 and pk_C2 of the approvers C1 and C2, for example, by using the threshold type public key cryptography of 3of3. Generates one encryption key K_AC.
  • the encryption / decryption unit 691 uses the threshold-type public key cryptography of 3of3 to combine the public key pk_B of the content receiver B with the public keys pk_C1 and pk_C2 of the approvers C1 and C2. Generate the encryption key K_BC.
  • the encryption / decryption unit 691 generates one encryption key K_ABC by combining the generated encryption key K_AC and the encryption key K_BC, for example, by using the threshold type public key cryptography of 1of2.
  • the encryption / decryption unit 691 encrypts the common key K using the encryption key K_ABC to create the encryption common key K'. In addition, the encryption / decryption unit 691 uses the common key K to encrypt the content to be transferred.
  • the transaction issuing unit 681 of the key management system 60A issues a transaction Tx1 for transferring the encrypted content to the deposit account.
  • the transaction issuing unit 681 adds the encrypted common key K', which is the common key K encrypted with the encryption key K_ABC, to the transaction Tx1.
  • the transaction Tx1 issued by the transaction issuing unit 681 of the key management system 60A will be described with reference to FIG.
  • FIG. 15 illustrates the information included (stored) in the transaction Tx1 issued by the transaction issuing unit 681 of the key management system 60A in step S5 described above.
  • the information included in the transaction Tx1 is not limited to the information illustrated in FIG.
  • transaction Tx1 includes, for example, information on a "transfer source account”, a “transfer destination account”, a “transfer asset”, and an "encryption key”.
  • the "content sender A's account” is stored as the "transfer source account”
  • the "deposit account” is stored as the "transfer destination account”.
  • “contents encrypted with common key K” is stored as “transfer assets”
  • “common key K (encryption common key K') encrypted with encryption key K_ABC” is stored as "encryption key”. Will be done.
  • transaction Tx1 is not limited to the table, and can be implemented by various modifications.
  • the transaction transmission / reception unit 481 of the cooperation node 40A in BC10 to which the content sender A belongs receives the transaction Tx1 issued in the above step S5.
  • the ledger control unit 491 of the cooperation node 40A records (stores) the transaction Tx1 in the ledger 90A provided in its own storage unit 42.
  • the ledger 90A may be written by updating the information.
  • the transaction Tx1 is stored in the ledger 90A as BC10 information. Specifically, the transaction Tx1 is stored in the ledger of BC10 included in the ledger 90A of the cooperation node 40A.
  • the block detection unit 812 of the intermediary system 30 constants, for example, the ledger 90D provided in its own ledger storage unit 321, the ledger 90A of the linked node 40A of BC10, and the ledger 90B of the linked node 40B of BC20. Monitor at the timing of. Then, when the block detection unit 812 detects the block including the transaction Tx1, that is, when it detects that the transaction Tx1 issued by the key management system 60 is recorded in the ledger of the BC10, it determines that the transaction Tx1 has been confirmed. ..
  • the ledger control unit 821 of the intermediary system 30 records the result (transaction) that the transaction Tx1 is confirmed in the ledger of BC25 included in the ledger 90D stored in its own ledger storage unit 321.
  • the transaction transmission / reception unit 811 of the intermediary system 30 issues transaction Tx2 for transferring the content to be transferred encrypted using the common key K to the account of the content receiver B of BC20. Further, when issuing the transaction Tx2, the transaction transmission / reception unit 811 adds the encryption common key K'in which the common key K is encrypted with the encryption key K_ABC to the transaction Tx2.
  • the common key K, the encryption key K_ABC, or the encryption common key K' may be stored in the key information 91 stored in the storage unit 62 of the key management system 60A.
  • the key information 91 stored in the storage unit 62 of the key management system 60A may be written in the key information 91 of the key information storage unit 322 of the intermediary system 30 at a predetermined timing.
  • the transaction transmission / reception unit 811 of the intermediary system 30 may add the encryption common key K'to the transaction Tx2 by using the written information.
  • transaction Tx2 issued by the transaction transmission / reception unit 811 of the intermediary system 30 will be described with reference to FIG.
  • the transaction Tx2 includes (stores) information as illustrated in FIG. 16 as an example.
  • the information included in the transaction Tx2 is not limited to the information illustrated in FIG.
  • transaction Tx2 includes, for example, information about a "transfer destination account”, a "transfer asset”, and an "encryption key”.
  • the “content recipient B account” is stored as the “transfer destination account”.
  • “contents encrypted with common key K” is stored as “transfer assets”
  • “common key K (encryption common key K') encrypted with encryption key K_ABC” is stored as “encryption key”. Will be done.
  • step S9 shown in FIG. 17 the block detection unit 812 of the intermediary system 30 determines whether the transaction Tx2 has been normally incorporated into the BC20.
  • the block detection unit 812 detects a block containing the transaction Tx2 in the ledger 90B of the storage unit 42 of the cooperation node 40B of the BC20, it determines that the transaction Tx2 has been normally incorporated into the BC20. That is, the block detection unit 812 determines that the process has ended normally.
  • step S9 If it is determined in step S9 that the content has been normally captured in BC20 (“Yes” route in step S9), that is, if the content transfer from the content sender A to the content receiver B side is successful, the process is step S11. And step Q1 (described later). On the other hand, when it is determined that the content has not been normally imported into the BC20 (“No” route in step S9), that is, when the transfer of the content from the content sender A to the content receiver B fails, the process proceeds to step S13. Transition.
  • step S11 the transaction transmission / reception unit 811 of the intermediary system 30 issues transaction Tx3 for transferring the encrypted content from the deposit account to the frozen account.
  • the block detection unit 812 detects a block containing the transaction Tx3 in the ledger 90A of the storage unit 42 of the cooperation node 40A of the BC10. Then, the block detection unit 812 records the result (transaction) that the transaction Tx3 is confirmed in the ledger of BC25 included in the ledger 90D.
  • the transaction Tx3 By recording this transaction Tx3 in the ledger, it is clearly shown that the transfer of the content from the content sender A to the content receiver B side is completed. Therefore, if it is known that the transaction Tx3 is recorded in the ledger, it is known that the content is frozen for the content sender A, that is, the content sender A can no longer decrypt the content. After that, the process ends.
  • step S13 the block detection unit 812 of the intermediary system 30 indicates that the transfer has failed. , Notify the content sender A via the key management system 60A. Then, the content trading system 1 starts a process of retrieving the content to the content sender A.
  • step S14 the key management system communication unit 58 of the content sender A requests the key management system 60A to issue an asset recovery transaction in order to recover the content.
  • step S15 the encryption / decryption unit 691 of the key management system 60A requests the intermediary system 30 for the private key sk_C1 of the approver C1 and the private key sk_C2 of the approver C2.
  • the block detection unit 812 of the intermediary system 30 confirms that the block containing the transaction Tx2 is not detected in the ledger 90B provided in the cooperation node 40B of the BC20 in order to confirm that the content is not frozen. Then, when it is confirmed that the contents are not frozen, the key transmission unit 831 of the intermediary system 30 keys the private keys sk_C1 and sk_C2 of the approver C1 and C2 stored in the key information 91 of the key information storage unit 322. It is transmitted to the encryption / decryption unit 691 of the management system 60A. In this way, the encryption / decryption unit 691 of the key management system 60A acquires the private keys sk_C1 and sk_C2 of the approver C1 and C2.
  • the encryption / decryption unit 691 of the key management system 60A has the secret keys sk_C1 and sk_C2 acquired in step S15 and the private key sk_A of the content sender A stored in its own key information 91. And, the encryption common key K'is decrypted. As a result, the content sender A decrypts the encrypted content.
  • step S17 the transaction transmission / reception unit 811 of the intermediary system 30 issues a transaction Tx4 for regaining the content. Then, this transaction Tx4 is recorded in the ledger of BC10.
  • the block detection unit 812 of the intermediary system 30 detects a block containing the transaction Tx4 in the ledger 90A provided in the cooperation node 40A of the BC10. Then, the block detection unit 812 records the result (transaction) that the transaction Tx4 is confirmed in the ledger of BC25 included in the ledger 90D. By recording this transaction Tx4 in the ledger, it can be seen that the content sender A has recovered the content, that is, the content has been decrypted. After that, the process ends.
  • step S9 when it is determined in step S9 that the image has been normally incorporated into BC20 (“Yes” route in step S9), the process proceeds to step S11 and step Q1 described above. Next, the process when the process proceeds to step Q1 will be described.
  • step Q1 the content receiver B requests the key management system 60B to decrypt the encrypted content in order to decrypt the received content.
  • the encryption / decryption unit 691 of the key management system 60B requests the intermediary system 30 for the private key sk_C1 of the approver C1 and the private key sk_C2 of the approver C2.
  • the block detection unit 812 of the intermediary system 30 confirms that the transaction Tx3 is confirmed in the ledger of BC25 included in the ledger 90D of the ledger storage unit 321 in order to confirm that the content is frozen (transaction). Check if it can be detected.
  • the key transmission unit 831 of the intermediary system 30 acquires the private keys sk_C1 and sk_C2 of the approver C1 and C2 from the key information 91 of the key information storage unit 322, and obtains the key. It is transmitted to the encryption / decryption unit 691 of the management system 60B. In this way, the encryption / decryption unit 691 of the key management system 60B acquires these private keys sk_C1 and sk_C2.
  • the encryption / decryption unit 691 of the key management system 60B has the private keys sk_C1 and sk_C2 acquired in step S15 and the private key sk_B of the content receiver B stored in its own key information 91. And, the encryption common key K'is decrypted. As a result, the content recipient B decrypts the encrypted content. Then, the process ends.
  • the content sender A can retrieve the content. Further, by going through the processes shown in steps S9, S11, S12, Q1 to Q3, even if the content transfer process is successful, the content can be frozen and the content can be decrypted on the content receiver B side. Will be.
  • the threshold type public key cryptography of 3of3 and the threshold type public key cryptography of 1of2 are used hierarchically.
  • the content can be restored using the private key sk_A of the content sender A.
  • the content sender A can recover the content by using the own private key sk_A.
  • the encryption strength can be increased.
  • the content sender A, the content receiver B, and the approvers C1 and C2 do not have the same authority required for recovery and decryption.
  • the combination of users to be authorized can be changed according to the processing of the transaction.
  • the content can be recovered or decrypted only when a predetermined key combination according to the processing of the transaction is prepared. For example, fraud due to the collusion between the content sender A and the content receiver B. Content transfer can be avoided.
  • the intermediary system 30 may be constructed by using a known smart contract technology of the blockchain, but the present invention is not limited to this, and various modifications are made. Can be carried out.
  • the user of the client computer 50 is supposed to access the key management system 60 and the blockchain by using his / her own client computer 50.
  • the hardware and functional configuration of the content trading system 1 are not limited to those described above, and for example, the key management system 60 may be realized as an application in the client computer 50.
  • the user of the client computer 50 may access the intermediary system 30 and the cooperation node 40 by using his / her own client computer 50.
  • the present invention is not limited to the configuration illustrated in FIG. 1, and can be modified in various ways.
  • the number of linked blockchains may be three or more, and the system may be provided with other computers.
  • FIG. 19 is a diagram illustrating a hardware configuration in the content trading system 1 as a modified example.
  • the same reference numerals as those described above indicate the same parts, and thus detailed description thereof will be omitted.
  • one blockchain is provided with a cooperation node 40A, a client computer 50A, and a key management system 60A.
  • the other blockchain is provided with a cooperation node 40B, a client computer 50B, and a key management system 60B.
  • the intermediary system 30 mediates the transfer of assets across these blockchains.
  • a plurality of cooperation nodes 40A or 40B are provided. Although some configurations of the cooperation nodes 40A and 40B are omitted in FIG. 19, these cooperation nodes 40A and 40B cooperate to perform the content transfer process between the blockchains on behalf of the user. You may do it.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

L'invention concerne un système de transaction de contenu qui effectue une transaction d'un contenu entre une source de transfert et une destination de transfert. Le système de transaction de contenu comprend : une unité de traitement de chiffrement pour générer un contenu de chiffrement acquis par chiffrement d'un contenu à l'aide d'une clé de contenu ; une unité de génération de clé de contenu de chiffrement pour générer une clé de contenu de chiffrement acquise par chiffrement de la clé de contenu en utilisant une clé publique d'une source de transfert de contenu, une clé publique d'une destination de transfert de contenu, et une clé publique d'authentification de transaction ; une unité de traitement de transfert pour transférer le contenu de chiffrement et la clé de contenu de chiffrement à une destination de dépositaire ; une unité de confirmation pour confirmer l'achèvement du transfert du contenu de chiffrement de la source de transfert à la destination de transfert ; et une unité de traitement de retour pour mettre en œuvre un traitement de retour pour renvoyer le contenu à la source de transfert dans le cas où l'achèvement du transfert du contenu de chiffrement de la source de transfert à la destination de transfert n'est pas confirmé.
PCT/JP2019/024742 2019-06-21 2019-06-21 Système de transaction de contenu, procédé de transaction de contenu, dispositif de gestion de clé et programme de gestion de clé WO2020255382A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2019/024742 WO2020255382A1 (fr) 2019-06-21 2019-06-21 Système de transaction de contenu, procédé de transaction de contenu, dispositif de gestion de clé et programme de gestion de clé
JP2021528602A JPWO2020255382A1 (ja) 2019-06-21 2019-06-21 コンテンツ取引システム、コンテンツ取引方法、鍵管理装置、及び鍵管理プログラム

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2019/024742 WO2020255382A1 (fr) 2019-06-21 2019-06-21 Système de transaction de contenu, procédé de transaction de contenu, dispositif de gestion de clé et programme de gestion de clé

Publications (1)

Publication Number Publication Date
WO2020255382A1 true WO2020255382A1 (fr) 2020-12-24

Family

ID=74040412

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2019/024742 WO2020255382A1 (fr) 2019-06-21 2019-06-21 Système de transaction de contenu, procédé de transaction de contenu, dispositif de gestion de clé et programme de gestion de clé

Country Status (2)

Country Link
JP (1) JPWO2020255382A1 (fr)
WO (1) WO2020255382A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022224365A1 (fr) * 2021-04-20 2022-10-27 富士通株式会社 Procédé de commande, programme de commande, et dispositif de traitement d'informations
WO2024013856A1 (fr) * 2022-07-12 2024-01-18 富士通株式会社 Programme de coordination, procédé de coordination et dispositif de traitement d'informations

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2018536957A (ja) * 2015-11-30 2018-12-13 シェイプシフト・アーゲーShapeShift AG ブロックチェーン資産取引におけるセキュリティを向上させるためのシステム及び方法
WO2019082442A1 (fr) * 2017-10-27 2019-05-02 日本電信電話株式会社 Procédé d'enregistrement de données, procédé de décodage de données, structure de données, ordinateur, et programme

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2018536957A (ja) * 2015-11-30 2018-12-13 シェイプシフト・アーゲーShapeShift AG ブロックチェーン資産取引におけるセキュリティを向上させるためのシステム及び方法
WO2019082442A1 (fr) * 2017-10-27 2019-05-02 日本電信電話株式会社 Procédé d'enregistrement de données, procédé de décodage de données, structure de données, ordinateur, et programme

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
FUJIMOTO, SHINGO ET AL.: "Proposal of secure interwork between blockchains", ABSTRACTS OF 2018 SYMPOSIUM ON CRYPTOGRAPHY AND INFORMATION SECURITY, 23 January 2018 (2018-01-23), pages 1 - 6 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022224365A1 (fr) * 2021-04-20 2022-10-27 富士通株式会社 Procédé de commande, programme de commande, et dispositif de traitement d'informations
WO2024013856A1 (fr) * 2022-07-12 2024-01-18 富士通株式会社 Programme de coordination, procédé de coordination et dispositif de traitement d'informations

Also Published As

Publication number Publication date
JPWO2020255382A1 (ja) 2021-12-09

Similar Documents

Publication Publication Date Title
JP4996757B1 (ja) 秘密分散システム、装置及びプログラム
US6118874A (en) Encrypted data recovery method using split storage key and system thereof
JP4728060B2 (ja) ストレージ装置
JP3820777B2 (ja) 秘密鍵寄託システムおよび方法
JP4334580B2 (ja) 鍵管理システム及び鍵管理方法
US11943350B2 (en) Systems and methods for re-using cold storage keys
KR102205654B1 (ko) 분산 환경에서의 신원 인증 방법
KR20120029424A (ko) 신뢰성있는 컴퓨팅 및 데이터 서비스들을 위한 안전하고 사적인 백업 저장부 및 프로세싱
CN102687133A (zh) 用于可信计算和数据服务的无容器数据
JP6296630B1 (ja) 分散型台帳システムおよびプログラム
JP2005191755A (ja) コンテンツ受信蓄積装置およびコンテンツ配信システム
KR20170081504A (ko) 암호 데이터의 중복 제거 방법 및 장치
JP6426520B2 (ja) 暗号鍵管理システムおよび暗号鍵管理方法
CN1745393B (zh) 一种终端装置、服务器装置、数字内容分发系统及事项处理方法
WO2020255382A1 (fr) Système de transaction de contenu, procédé de transaction de contenu, dispositif de gestion de clé et programme de gestion de clé
KR20210064675A (ko) 블록체인 기반 데이터 거래 및 보관을 위한 보안 시스템 및 그 방법
US11893577B2 (en) Cryptographic key storage system and method
KR20210099814A (ko) 블록체인을 기반으로 한 디지털 자산 관리 시스템 및 방법
JP2019146088A (ja) 計算機システム、接続装置、及びデータ処理方法
WO2021048331A1 (fr) Procédé et système de partage sécurisé d'un fichier numérique
JP2011227673A (ja) ファイル管理システム、ストレージサーバ、クライアント、ファイル管理方法およびプログラム
JP6272546B2 (ja) データ保管装置及びデータ処理方法及びデータ処理プログラム
JP6901373B2 (ja) ユーザ管理装置、ユーザ管理システム
KR20200134187A (ko) 분산 환경에서의 신원 인증 방법
JPH11331145A (ja) 情報共有システム、情報保管装置およびそれらの情報処理方法、並びに記録媒体

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19933623

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2021528602

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19933623

Country of ref document: EP

Kind code of ref document: A1