WO2022045419A1 - Procédé de service d'authentification de permis de conduire basé sur un réseau de chaîne de blocs utilisant un id décentralisé, et terminal utilisateur permettant d'effectuer un service d'authentification de permis de conduire - Google Patents

Procédé de service d'authentification de permis de conduire basé sur un réseau de chaîne de blocs utilisant un id décentralisé, et terminal utilisateur permettant d'effectuer un service d'authentification de permis de conduire Download PDF

Info

Publication number
WO2022045419A1
WO2022045419A1 PCT/KR2020/011658 KR2020011658W WO2022045419A1 WO 2022045419 A1 WO2022045419 A1 WO 2022045419A1 KR 2020011658 W KR2020011658 W KR 2020011658W WO 2022045419 A1 WO2022045419 A1 WO 2022045419A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
driver
license
vehicle mobile
vehicle
Prior art date
Application number
PCT/KR2020/011658
Other languages
English (en)
Korean (ko)
Inventor
양희선
박병주
오준택
허주승
노광석
이완섭
최재혁
Original Assignee
한국조폐공사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 한국조폐공사 filed Critical 한국조폐공사
Publication of WO2022045419A1 publication Critical patent/WO2022045419A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/26Government or public services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/26Government or public services
    • G06Q50/265Personal security, identity or safety
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Definitions

  • the present invention relates to a driver's license authentication service method using a blockchain network-based distributed ID (Decentralized Identifier, DID), and to a user terminal that performs a driver's license authentication service.
  • DID distributed ID
  • an ID card used for identity authentication has been issued offline as a plastic card in response to a request for ID card issuance through online or offline.
  • a driver's license includes information about the person's photo, name, resident registration number, address, issuance date, issuing agency information, type of license, and expiration date.
  • a driver's license includes information about the person's photo, name, resident registration number, address, issuance date, issuing agency information, type of license, and expiration date.
  • An object of the present invention is to solve all of the above problems.
  • Another object of the present invention is to enable authentication of a user without possessing a real driver's license.
  • Another object of the present invention is to prevent forgery and falsification of driver's license-related information by providing a driver's license authentication service using a distributed ID based on a blockchain network.
  • the characteristic configuration of the present invention is as follows.
  • a driver's license authentication service method using a blockchain network-based decentralized identifier (a) a user DID corresponding to a user and user public information corresponding to the user DID -
  • the user public information includes at least a user public key corresponding to the user DID - is registered in the blockchain network, and as the user information corresponding to the user DID is authenticated by the user authentication server,
  • the user terminal transmits driver's license authentication request information for authentication of the user's driver's license to the driver's license authentication server - the driver's license authentication server is the user sending to a server that manages driver's license information for each of the driver's licenses issued to each of them so that the driver's license authentication server requests user authentication information from the user terminal;
  • the user terminal in response to the request for the user authentication information from the driver's license authentication server, the user terminal, the user terminal, the user
  • the user terminal sends vehicle mobile key issuance request information including vehicle information to a vehicle mobile key server, wherein the vehicle mobile key server issues vehicle mobile keys to each of the users, and to each of the users sending the issued vehicle mobile keys to a server that manages them so that the vehicle mobile key server requests driver's license authentication information from the user terminal; and (d) in response to the request for the driver's license authentication information from the vehicle mobile key server, the user terminal signs the user DID, the user's driver's license VC, and the user's driver's license VC with the user private key.
  • the user terminal in response to a request for vehicle mobile key authentication information from a vehicle terminal of a vehicle corresponding to the vehicle information, the user terminal includes: the user DID, the vehicle mobile key VC, and the vehicle mobile key VC transmits the vehicle mobile key authentication information including the vehicle mobile key signature value signed with the user private key to the vehicle mobile key server to cause the vehicle mobile key server to retrieve the user from the blockchain network using the user DID.
  • Obtain the user public key corresponding to the DID or obtain the user DID document corresponding to the user DID from the blockchain network using the user DID through the resolver server, and the user DID document obtain the user public key from the user public key, verify the user vehicle mobile key signature value using the user public key, and authenticate the vehicle mobile key VC when the vehicle mobile key signature value is verified;
  • the mobile key VC is authenticated, transmitting vehicle control approval information for the vehicle of the user terminal to the vehicle terminal.
  • step (e) the vehicle mobile including the vehicle mobile key signature value in which the user terminal signs the user DID, the vehicle mobile key VC, and the vehicle mobile key VC with the user private key
  • a method comprising transmitting key authentication information to the vehicle mobile key server through an end-to-end (E2E) encryption channel.
  • E2E end-to-end
  • the vehicle mobile key authentication information further includes the user driver's license VC
  • step (e) when the vehicle mobile key VC is authenticated, the user terminal causes the vehicle mobile key server to
  • the user's driver's license VC is authenticated using the driver's license authentication server public key registered in the blockchain network, and when the user's driver's license VC is authenticated, the vehicle control approval information is transmitted to the vehicle terminal, characterized in that A method is disclosed.
  • the method characterized in that the request for the vehicle mobile key authentication information is obtained from the vehicle terminal by receiving an image including a QR code corresponding to the NFC tag being tagged or the vehicle terminal corresponding to the vehicle terminal is received is initiated
  • the issuance information for the user's driver's license VC is registered in the blockchain network by the driver's license authentication server, and the issuance information for the vehicle mobile key VC is transferred to the blockchain network by the vehicle mobile key server A method characterized in that it is registered is disclosed.
  • step (d) the user terminal causes the vehicle mobile key server to obtain the user's driver's license VC using the driver's license authentication server public key of the driver's license authentication server registered in the blockchain network.
  • the authentication is performed.
  • step (b) the user terminal ends-to-end the user authentication information including the user signature value that signed the user DID, the user VC, and the user VC with the user private key.
  • a method comprising transmitting to the driver's license authentication server through an End (E2E) encryption channel.
  • the user's driver's license VC discloses a method, characterized in that it includes at least a portion of license validity information, issuing agency information, and license type information.
  • a user terminal performing a driver's license authentication service using a blockchain network-based distributed ID (Decentralized Identifier, DID), at least one memory for storing instructions; and at least one processor configured to execute the instructions, wherein the processor comprises: (1) a user DID corresponding to a user and user public information corresponding to the user DID, wherein the user public information corresponds to the user DID - is registered in the blockchain network, and as user information corresponding to the user DID is authenticated by the user authentication server, a user verifiable credential (VC) for the user information is issued to the user terminal
  • the driver's license authentication request information for authentication of the user's driver's license is a driver's license authentication server -
  • the driver's license authentication server is a server that manages driver's license information for driver's licenses issued to each user IM - a process for causing the driver's license authentication server to request user authentication information from the user terminal by sending to, and (2) in response
  • the processor sends vehicle mobile key issuance request information including vehicle information to a vehicle mobile key server, wherein the vehicle mobile key server issues vehicle mobile keys to each of the users and issues to each of the users a process of sending the vehicle mobile keys to a server that manages the vehicle mobile keys to cause the vehicle mobile key server to request driver's license authentication information from the user terminal; and (4) the processor, in response to the request for the driver's license authentication information from the vehicle mobile key server, the user who signed the user DID, the user's driver's license VC, and the user's driver's license VC with the user private key.
  • the driver's license authentication information including the driver's license signature value is transmitted to the vehicle mobile key server so that the vehicle mobile key server uses the user DID to retrieve the user public key corresponding to the user DID from the blockchain network. or obtain the user DID document corresponding to the user DID from the blockchain network using the user DID through the resolver server, and obtain the user public key from the user DID document, , to verify the user's driver's license signature value using the user's public key, and if the user's driver's license signature value is verified, use the blockchain network to authenticate the user's driver's license VC, and the user's driver's license VC
  • a process of generating a vehicle mobile key VC using the vehicle information and then transmitting the vehicle mobile key VC to the user terminal is disclosed.
  • the processor in response to a request for vehicle mobile key authentication information from a vehicle terminal of a vehicle corresponding to the vehicle information, generates the user DID, the vehicle mobile key VC, and the vehicle mobile key VC
  • the vehicle mobile key authentication information including the vehicle mobile key signature value signed with the user private key is transmitted to the vehicle mobile key server so that the vehicle mobile key server uses the user DID to retrieve the user DID from the blockchain network.
  • the vehicle mobile key server uses the user DID to retrieve the user DID from the blockchain network.
  • the vehicle mobile key including the vehicle mobile key signature value that signed the user DID, the vehicle mobile key VC, and the vehicle mobile key VC with the user private key
  • a user terminal characterized in that the authentication information is transmitted to the vehicle mobile key server through an end-to-end (E2E) encryption channel.
  • E2E end-to-end
  • the vehicle mobile key authentication information further includes the user driver's license VC
  • the processor is configured to cause the vehicle mobile key server to cause the block if the vehicle mobile key VC is authenticated in the step (5).
  • a user characterized in that the user's driver's license VC is authenticated using the driver's license authentication server public key registered in the chain network, and when the user's driver's license VC is authenticated, the vehicle control approval information is transmitted to the vehicle terminal. The terminal is started.
  • a user terminal characterized in that the request for the vehicle mobile key authentication information is obtained from the vehicle terminal by receiving an image including a QR code corresponding to the NFC tag tag corresponding to the vehicle terminal or the vehicle terminal is received This is initiated.
  • the issuance information for the user's driver's license VC is registered in the blockchain network by the driver's license authentication server, and the issuance information for the vehicle mobile key VC is transferred to the blockchain network by the vehicle mobile key server
  • a user terminal characterized in that it is registered is disclosed.
  • the processor in the process (4), causes the vehicle mobile key server to authenticate the user's driver's license VC using the driver's license authentication server public key of the driver's license authentication server registered in the blockchain network.
  • the processor in the process (4), causes the vehicle mobile key server to authenticate the user's driver's license VC using the driver's license authentication server public key of the driver's license authentication server registered in the blockchain network.
  • a user terminal characterized in that to do so.
  • the processor End-to-End the user authentication information including the user signature value that signed the user DID, the user VC, and the user VC with the user private key.
  • E2E A user terminal characterized in that it is transmitted to the driver's license authentication server through an encryption channel is disclosed.
  • the user's driver's license VC is a user terminal characterized in that it includes at least a portion of license validity information, issuing agency information, and license type information is disclosed.
  • the present invention has the effect of allowing the user to be authenticated without having a real driver's license.
  • the present invention has an effect of allowing only information necessary for authentication among information included in a driver's license to be provided to a verification agency.
  • the present invention has an effect of preventing forgery and falsification of driver's license-related information by allowing a driver's license authentication service to be performed using a distributed ID based on a blockchain network.
  • FIG. 1 schematically shows a user terminal that performs a driver's license authentication service using a blockchain network-based decentralized identifier (DID) according to an embodiment of the present invention
  • FIG. 2 is a flowchart schematically illustrating a process in which a driver's license authentication service using a blockchain network-based decentralized identifier (DID) is performed according to an embodiment of the present invention
  • FIG. 3 is a flowchart schematically illustrating a process of issuing a vehicle mobile key VC using a blockchain network-based decentralized identifier (DID) according to an embodiment of the present invention
  • FIG. 4 is a flowchart schematically illustrating a process in which vehicle control approval is performed using a blockchain network-based decentralized identifier (DID) according to an embodiment of the present invention.
  • DID decentralized identifier
  • FIG. 1 schematically illustrates a user terminal performing a driver's license authentication service using a blockchain network-based decentralized identifier (DID) according to an embodiment of the present invention.
  • DID decentralized identifier
  • the user terminal 100 is a memory 110 for storing instructions for performing a driver's license authentication service using a blockchain network-based distributed ID (Decentralized Identifier, DID) and stored in the memory 110 It may include a processor 120 that performs a driver's license authentication service using a blockchain network-based distributed ID (Decentralized Identifier, DID) in response to the instructions.
  • the user terminal 100 may include a personal computer (PC), a mobile computer, a PDA/EDA, a mobile phone, a smart phone, a tablet, an IoT device, and the like.
  • the user terminal 100 is not limited thereto, and may include any device such as a portable game machine having a wired/wireless communication function, a digital camera, and a personal navigation device.
  • the user terminal 100 is typically a computing device (eg, a computer processor, memory, storage, input device and output device, a device that may include other components of a conventional computing device; electronic devices such as routers, switches, etc.)
  • a computing device eg, a computer processor, memory, storage, input device and output device, a device that may include other components of a conventional computing device; electronic devices such as routers, switches, etc.
  • NAS network attached storage
  • SANs storage area networks
  • the processor of the computing device may include a hardware configuration such as a micro processing unit (MPU) or a central processing unit (CPU), a cache memory, and a data bus.
  • the computing device may further include an operating system and a software configuration of an application for performing a specific purpose.
  • the computing device includes an integrated processor in which a medium, a processor, and a memory are integrated for implementing the present invention is not excluded.
  • a process in which a driver's license authentication service using a blockchain network-based decentralized identifier (DID) is performed by the user terminal 100 configured in this way will be described below with reference to FIG. 2 .
  • DID blockchain network-based decentralized identifier
  • the user DID corresponding to the user and user public information corresponding to the user DID are registered in the blockchain network, and as the user information corresponding to the user DID is authenticated by the user authentication server, the user verifiable credential (VC) for the user information ) may be issued and stored in the user terminal 100 .
  • VC user verifiable credential
  • the user public information may include at least a user public key corresponding to the user DID.
  • the user terminal 100 transmits the driver's license authentication request information for authentication of the user's driver's license to the driver's license authentication server 200 (S201) so that the driver's license authentication server 200 causes the user terminal 100 ) to request user authentication information (S202).
  • the driver's license authentication server 200 may be a server that manages driver's license information for driver's licenses issued to each user.
  • the user terminal 100, user DID, user VC, and user authentication including a user signature value signed by the user VC with the user private key Information may be transmitted to the driver's license authentication server 200 (S203).
  • the user terminal 100 transmits user authentication information including a user DID, a user VC, and a user signature value signed by the user VC with the user private key through an End-to-End (E2E) encryption channel to the driver's license authentication server It can be sent to (200).
  • E2E End-to-End
  • the user terminal 100 may cause the driver's license authentication server 200 to obtain a user public key corresponding to the user DID from the block chain network using the user DID.
  • the user terminal 100 causes the driver's license authentication server 200 to obtain a user DID document corresponding to the user DID from the blockchain network using the user DID through a resolver server, and from the user DID document It is possible to obtain a user public key.
  • the user terminal 100 causes the driver's license authentication server 200 to verify the user signature value using the user public key, and when the user signature value is verified, to authenticate the user VC using the blockchain network.
  • the user terminal 100 causes the driver's license authentication server 200 to generate the user's driver's license VC using the user's driver's license information corresponding to the user (S204), then the user driving The license VC may be transmitted to the user terminal 100 (S205).
  • the driver's license authentication server 200 may transmit the user's driver's license VC to the user terminal 100 through the E2E encryption channel.
  • the user's driver's license VC may include at least a portion of license validity information, issuing agency information, and license type information. However, since this is only an example, it is not limited to the above items. That is, the user's driver's license VC may include at least some of information about the user's name, address, resident registration number, and address in addition to the above items.
  • the user terminal 100 transmits the user's biometric authentication information as user authentication information to the driver's license authentication server 200, and the user's biometric authentication information is If authenticated, the user's driver's license VC may be obtained from the driver's license authentication server 200 through the E2E encryption channel.
  • the user's biometric authentication information may include at least some of iris information, vein information, fingerprint information, retina information, facial information, voice information, DNA pattern information, and hand shape information.
  • driver's license authentication server 200 may register issuance information for the user's driver's license VC and the driver's license authentication server public key in the blockchain network.
  • the user terminal 100 transmits vehicle mobile key issuance request information including vehicle information to the vehicle mobile key server 300 ( S301 ) to allow the vehicle mobile key server 300 to authenticate the driver's license with the user terminal 100 .
  • the vehicle that the user terminal 100 can control using the vehicle mobile key may be a vehicle owned by the user, but is not limited thereto, and may be a shared vehicle provided by a car sharing service or the like.
  • the user terminal 100 in response to the request for driver's license authentication information from the vehicle mobile key server 300, the user DID, the user's driver's license VC, and the user's driver's license VC, the user's driver's license signed with the user's private key
  • Driver's license authentication information including the signature value may be transmitted to the vehicle mobile key server 300 (S303).
  • the user terminal 100 may cause the vehicle mobile key server 300 to obtain a user public key corresponding to the user DID from the block chain network using the user DID.
  • the user terminal 100 causes the vehicle mobile key server 300 to obtain a user DID document corresponding to the user DID from the blockchain network using the user DID through a resolver server, and from the user DID document It is possible to obtain a user public key.
  • the user terminal 100 causes the vehicle mobile key server 300 to verify the user's driver's license signature value using the user's public key. You can have your license VC certified.
  • the user terminal 100 may cause the vehicle mobile key server 300 to authenticate the user's driver's license VC using the driver's license authentication server public key of the driver's license authentication server 200 registered in the blockchain network. there is.
  • the user terminal 100 causes the vehicle mobile key server 300 to generate the vehicle mobile key VC using vehicle information (S304), and then returns the vehicle mobile key VC to the user. It can be transmitted to the terminal 100 (S305).
  • the vehicle mobile key server 300 may register issuance information for the vehicle mobile key VC in the blockchain network.
  • the user terminal 100 When an NFC tag corresponding to the vehicle terminal is tagged or an image including a QR code corresponding to the vehicle terminal is received (S401) to request vehicle mobile key authentication information from the vehicle terminal (S402), the user terminal 100 is the vehicle In response to the request for vehicle mobile key authentication information from the vehicle terminal of the vehicle 400 corresponding to the information, the user DID, the vehicle mobile key VC, and the vehicle mobile key VC are signed with the user private key. to transmit the vehicle mobile key authentication information to the vehicle mobile key server 300 (S403).
  • the user terminal 100 transmits the vehicle mobile key authentication information including the user DID, the vehicle mobile key VC, and the vehicle mobile key signature value obtained by signing the vehicle mobile key VC with the user private key through the E2E encryption channel to the vehicle mobile key. It can be transmitted to the server 300 .
  • the user terminal 100 may cause the vehicle mobile key server 300 to obtain a user public key corresponding to the user DID from the block chain network using the user DID.
  • the user terminal 100 causes the vehicle mobile key server 300 to obtain a user DID document corresponding to the user DID from the blockchain network using the user DID through a resolver server, and from the user DID document It is possible to obtain a user public key.
  • the user terminal 100 causes the vehicle mobile key server 300 to verify the user vehicle mobile key signature value using the user public key, and to authenticate the vehicle mobile key VC when the vehicle mobile key signature value is verified. can do.
  • the user terminal 100 causes the vehicle mobile key server 300 to transmit vehicle control approval information for the vehicle 400 of the user terminal 100 to the vehicle terminal (S404) can make it
  • the mobile key server 300 should prevent vehicle control based on the vehicle mobile key issued by the user.
  • the vehicle mobile key authentication information obtained by the vehicle mobile key server 300 from the user terminal 100 may further include a user's driver's license VC.
  • the vehicle mobile key server 300 uses the driver's license authentication server public key registered in the blockchain network to be included in the vehicle mobile key authentication information.
  • the user's driver's license VC is authenticated, and when the user's driver's license VC is authenticated, vehicle control approval information may be transmitted to the vehicle terminal.
  • the user can authenticate himself without having a real driver's license.
  • the user can select only specific information used to receive the vehicle mobile key VC from among various sensitive personal information included in the driver's license and provide it to the vehicle mobile key server.
  • the issuance information for each of the user's driver's license VC and vehicle mobile key VC is registered in the blockchain network, thereby preventing forgery and falsification of driver's license-related information.
  • the embodiments according to the present invention described above may be implemented in the form of program instructions that can be executed through various computer components and recorded in a computer-readable recording medium.
  • the computer-readable recording medium may include program instructions, data files, data structures, etc. alone or in combination.
  • the program instructions recorded on the computer-readable recording medium may be specially designed and configured for the present invention, or may be known and available to those skilled in the computer software field.
  • Examples of the computer-readable recording medium include hard disks, magnetic media such as floppy disks and magnetic tapes, optical recording media such as CD-ROMs and DVDs, and magneto-optical media such as floppy disks. media), and hardware devices specially configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like.
  • Examples of program instructions include not only machine language codes such as those generated by a compiler, but also high-level language codes that can be executed by a computer using an interpreter or the like.
  • the hardware device may be configured to operate as one or more software modules for carrying out the processing according to the present invention, and vice versa.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Educational Administration (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • Economics (AREA)
  • General Business, Economics & Management (AREA)
  • Development Economics (AREA)
  • Software Systems (AREA)
  • Medical Informatics (AREA)
  • Lock And Its Accessories (AREA)

Abstract

La présente invention concerne un procédé de service d'authentification de permis de conduire basé sur un réseau de blocs utilisant un ID décentralisé (DID), ainsi qu'un terminal utilisateur permettant la mise en œuvre de ce procédé, le procédé mis en œuvre par le terminal permettant : à un serveur d'authentification de permis de conduire de demander des informations d'authentification d'utilisateur au terminal utilisateur dans un état où un DID utilisateur et des informations publiques d'utilisateur sont enregistrés dans un réseau de chaîne de blocs et où un VC utilisateur pour des informations utilisateur est émis et stocké dans le terminal utilisateur ; à des informations d'authentification d'utilisateur, comprenant le DID utilisateur, le VC utilisateur et une valeur de signature d'utilisateur signée en utilisant le VC utilisateur comme clé privée d'utilisateur, d'être transmises au serveur d'authentification de permis de conduire ; et au serveur d'authentification de permis de conduire d'acquérir une clé publique d'utilisateur à partir du réseau de chaîne de blocs en utilisant le DID utilisateur, de vérifier la valeur de signature de l'utilisateur à l'aide de la clé publique d'utilisateur, d'authentifier le VC utilisateur, de générer un VC de permis de conduire utilisateur si le VC utilisateur est authentifié, et de transmettre le VC du permis de conduire de l'utilisateur VC au terminal utilisateur.
PCT/KR2020/011658 2020-08-31 2020-08-31 Procédé de service d'authentification de permis de conduire basé sur un réseau de chaîne de blocs utilisant un id décentralisé, et terminal utilisateur permettant d'effectuer un service d'authentification de permis de conduire WO2022045419A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2020-0110389 2020-08-31
KR1020200110389A KR20220028836A (ko) 2020-08-31 2020-08-31 블록체인 네트워크 기반의 분산 아이디를 이용한 운전 면허증 인증 서비스 방법 및 운전 면허증 인증 서비스를 수행하는 사용자 단말

Publications (1)

Publication Number Publication Date
WO2022045419A1 true WO2022045419A1 (fr) 2022-03-03

Family

ID=80355224

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2020/011658 WO2022045419A1 (fr) 2020-08-31 2020-08-31 Procédé de service d'authentification de permis de conduire basé sur un réseau de chaîne de blocs utilisant un id décentralisé, et terminal utilisateur permettant d'effectuer un service d'authentification de permis de conduire

Country Status (2)

Country Link
KR (1) KR20220028836A (fr)
WO (1) WO2022045419A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220173891A1 (en) * 2020-11-30 2022-06-02 Electronics And Telecommunications Research Institute Apparatus and method for managing personal information
CN114866261A (zh) * 2022-07-06 2022-08-05 环球数科集团有限公司 一种基于区块链技术的免限行申请处理系统

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102507608B1 (ko) * 2022-06-29 2023-03-08 이승화 Did를 통해 비식별성을 확보한 멀티미디어 커뮤니케이션의 세션 생성 시스템 및 방법

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20180079805A (ko) * 2017-01-02 2018-07-11 주식회사 코인플러그 블록체인 기반의 모바일 아이디를 이용하여 사용자를 비대면 인증하는 방법, 단말 및 이를 이용한 서버
US20180294977A1 (en) * 2015-12-14 2018-10-11 Coinplug, Inc. System for issuing public certificate on basis of block chain, and method for issuing public certificate on basis of block chain by using same
US20190052453A1 (en) * 2017-08-14 2019-02-14 Honeywell International Inc. Apparatus and method for using blockchains with secure custody transfer data, sealing data, and other data associated with material transfers
KR20190138389A (ko) * 2018-06-05 2019-12-13 아이리텍 잉크 일회용 비밀번호를 적용한 신원관리가 포함된 블록체인
KR102139645B1 (ko) * 2020-04-13 2020-07-30 주식회사 한국정보보호경영연구소 블록체인 기반의 신원증명 시스템 및 그 구동방법

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20170078122A (ko) 2015-12-29 2017-07-07 박승희 모바일 신분증 및 일회용 인증번호를 이용한 모바일 신분증 구현방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180294977A1 (en) * 2015-12-14 2018-10-11 Coinplug, Inc. System for issuing public certificate on basis of block chain, and method for issuing public certificate on basis of block chain by using same
KR20180079805A (ko) * 2017-01-02 2018-07-11 주식회사 코인플러그 블록체인 기반의 모바일 아이디를 이용하여 사용자를 비대면 인증하는 방법, 단말 및 이를 이용한 서버
US20190052453A1 (en) * 2017-08-14 2019-02-14 Honeywell International Inc. Apparatus and method for using blockchains with secure custody transfer data, sealing data, and other data associated with material transfers
KR20190138389A (ko) * 2018-06-05 2019-12-13 아이리텍 잉크 일회용 비밀번호를 적용한 신원관리가 포함된 블록체인
KR102139645B1 (ko) * 2020-04-13 2020-07-30 주식회사 한국정보보호경영연구소 블록체인 기반의 신원증명 시스템 및 그 구동방법

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220173891A1 (en) * 2020-11-30 2022-06-02 Electronics And Telecommunications Research Institute Apparatus and method for managing personal information
US11791990B2 (en) * 2020-11-30 2023-10-17 Electronics And Telecommunications Research Institute Apparatus and method for managing personal information
CN114866261A (zh) * 2022-07-06 2022-08-05 环球数科集团有限公司 一种基于区块链技术的免限行申请处理系统

Also Published As

Publication number Publication date
KR20220028836A (ko) 2022-03-08

Similar Documents

Publication Publication Date Title
WO2018124857A1 (fr) Procédé et terminal d'authentification sur la base d'une base de données de chaînes de blocs d'un utilisateur sans face-à-face au moyen d'un id mobile, et serveur utilisant le procédé et le terminal
WO2022045419A1 (fr) Procédé de service d'authentification de permis de conduire basé sur un réseau de chaîne de blocs utilisant un id décentralisé, et terminal utilisateur permettant d'effectuer un service d'authentification de permis de conduire
WO2018194378A1 (fr) Procédé d'approbation de l'utilisation d'une carte à l'aide d'un identifiant de jeton basé sur une chaîne de blocs et serveur l'utilisant
WO2017111383A1 (fr) Dispositif d'authentification sur la base de données biométriques, serveur de commande relié à celui-ci, et procédé de d'ouverture de session sur la base de données biométriques
WO2021002692A1 (fr) Procédé de fourniture de service d'actifs virtuels sur la base d'un identifiant décentralisé et serveur de fourniture de service d'actifs virtuels les utilisant
WO2018101727A1 (fr) Procédé et système de prévention de violation d'informations personnelles, dans lesquels une authentification biométrique et une division de phase d'un processus d'authentification sont combinées
WO2011118871A1 (fr) Procédé d'authentification et système utilisant un terminal mobile
WO2022019693A1 (fr) Procédé d'authentification d'utilisateur non présentielle fondée sur un identifiant décentralisé (did) utilisant un justificatif d'identité vérifiable (vc) d'authentification d'utilisateur non présentielle, et serveur de prise en charge d'authentification l'utilisant
WO2018124856A1 (fr) Procédé et terminal d'authentification d'un utilisateur au moyen d'un id mobile grâce à une base de données de chaînes de blocs, et serveur utilisant le procédé et le terminal
WO2017043717A1 (fr) Procédé d'authentification biométrique d'un utilisateur
WO2021256669A1 (fr) Procédé et système de gestion de sécurité d'accès
WO2021150032A1 (fr) Procédé permettant de fournir un service d'authentification à l'aide d'une identité décentralisée, et serveur utilisant ledit procédé
WO2020117020A1 (fr) Procédé pour générer une clé pki sur la base d'informations biométriques et dispositif pour générer une clé au moyen de ce procédé
WO2017057899A1 (fr) Système d'authentification intégré pour authentification grâce à des nombres aléatoires à usage unique
WO2017105072A1 (fr) Dispositif d'authentification basé sur des informations biométriques et son procédé de fonctionnement
WO2018151480A1 (fr) Procédé et système de gestion d'authentification
WO2021137396A1 (fr) Procédé de service de certificat basé sur une preuve à connaissance nulle utilisant un réseau de chaîne de blocs, serveur de support de certification l'utilisant et terminal utilisateur l'utilisant
WO2018169150A1 (fr) Système et procédé d'authentification d'utilisateur à base d'écran verrouillé
WO2018160039A1 (fr) Procédé et système de traitement d'authentification automatique utilisant une fonction de division
WO2018026109A1 (fr) Procédé, serveur et support d'enregistrement lisible par ordinateur pour décider d'une permission d'accès à un portail au moyen d'un réseau
WO2018128237A1 (fr) Système d'authentification d'identité et équipement d'utilisateur utilisant une analyse de motif d'utilisation d'utilisateur
WO2018117398A1 (fr) Procédé et système de sécurité de véhicule utilisant une reconnaissance d'iris en combinaison avec une reconnaissance faciale
WO2017217808A1 (fr) Procédé d'authentification mobile et système correspondant
WO2017086757A1 (fr) Procédé et dispositif de maîtrise de la sécurité d'un dispositif cible à l'aide d'un tunnel sécurisé
WO2021206289A1 (fr) Procédé, dispositif et programme d'authentification d'utilisateur

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20951651

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20951651

Country of ref document: EP

Kind code of ref document: A1