WO2021095926A1

WO2021095926A1 - Complex iot device and sharing service providing method using same, and method for recognizing external information through blockchain application and providing information

Info

Publication number: WO2021095926A1
Application number: PCT/KR2019/015544
Authority: WO
Inventors: 임호정; 이명수
Original assignee: 전자부품연구원
Priority date: 2019-11-11
Filing date: 2019-11-14
Publication date: 2021-05-20

Abstract

One embodiment of the present invention: provides a sharing service providing method using a complex IoT device, so as to register various types of shared resources in a blockchain network so that the shared resources can be used, and can provide a sharing service so that the shared resources are used on the basis of use authority; and provides a method for recognizing external information through blockchain application and providing information, so as to ensure the confidentiality and integrity of data and privacy of information users when exchanging data while providing a bidirectional data exchange for bringing data that exists outside an Oracle blockchain into the Oracle blockchain and providing data stored in the Oracle blockchain to the outside of the Oracle blockchain.

Description

Complex IOT device and method of providing shared service using it, and method of recognizing external information and providing information by blockchain application

The present invention relates to a complex IoT device, a method for providing a shared service using the same, and a method for recognizing external information and providing information using a block chain application.

The current sharing service is performed in the form of a company brokering an individual and an individual and receiving a fee, and the service is provided based on a centralized sharing service provision system operated by the company. The current shared service has a form of providing a service to share a single item. For example, Uber provides a vehicle-sharing service, and Airbnb provides a lodging-sharing service. These existing shared services have limitations in that they cannot provide various types of products or services.

In addition, since the current shared service uses a centralized system for providing the shared service, there is a problem that there is a single point of failure that makes it difficult to provide the service when it is hacked or attacked on the server.

Blockchain technology is a distributed ledger technology that distributes and stores/manages ledgers recording transaction details across multiple nodes. Blockchain has a structure in which multiple transaction records are recorded in one block, and the previous block and the next block are connected to each other in a chain. Blockchain technology is being applied in various fields based on the characteristics that it is difficult to forge or falsify records stored in the blockchain. In other words, it is difficult to forge or alter the information recorded in the blockchain, in other words, it is difficult to modify the information that has already been recorded, and problems may arise if incorrect information is initially recorded in the blockchain.

Blockchain technology can provide smart contract functions. Smart contract is a technology that creates an electronic contract document by programming the contents previously negotiated by the contracting party, and automatically executes the contract contents when all the contract conditions are satisfied. If the contract condition of the smart contract is information that cannot be obtained from the blockchain network, it is necessary to obtain information from outside the blockchain. Once information outside the blockchain is recorded on the blockchain, it is difficult to modify it, so it is necessary to determine whether the information outside the blockchain is reliable.

[Prior technical literature]

[Patent Literature]

(Patent Document 1) KR 10-2013-0047915 A

(Patent Document 2) KR 10-2018-0102269 A

An object according to an embodiment of the present invention is to provide a blockchain-based sharing and trading platform capable of sharing and transacting various types of shared resources.

In addition, an object according to an embodiment of the present invention is a complex IoT that can be combined with various types of shared resources and allows access to shared resources only to those with permission by interacting with the blockchain network and user terminals. It is to provide a device.

An object according to an embodiment of the present invention is to ensure the confidentiality and integrity of data when the Oracle blockchain exchanges information with an external system.

In addition, an object according to an embodiment of the present invention is to secure information access paths, verify external information providers, ensure the privacy of acquired data and information users, so that the Oracle blockchain can exchange information with external systems, It is to provide a smart contract type of Oracle framework that can provide data storage functions.

The complex IoT device according to an embodiment of the present invention includes a lock module that is coupled to various types of shared resources to physically or electrically open and close the shared resource, a communication module that transmits and receives data to and from a user terminal or a blockchain network, and the It may include a controller module that determines whether the user terminal has the right to use the shared resource based on a key received from the blockchain network, and controls to open and close the lock module.

In addition, the controller module may start a procedure of determining whether the user terminal has the use right only when the user terminal approaches a predetermined distance using GPS information or short-range communication between the communication module and the user terminal.

In addition, the complex IoT device according to an embodiment of the present invention generates usage status information by monitoring the usage status of the shared resource using at least one of a motion sensor, a human body detection sensor, an infrared sensor, an ultrasonic sensor, and a touch sensor. And a gateway module provided to the controller module. The gateway module may be physically formed as a separate device, and may be coupled to the shared resource at a location capable of monitoring the state of use of the shared resource.

In addition, the locking module may be installed in an add-on method to the locking device so that the user must open the locking module based on the permission to use the shared resource to access another locking device previously installed on the shared resource. In addition, the controller module may provide a key for opening the locking device to the user terminal when opening the locking module based on the right to use the shared resource.

A method of providing a shared service using a complex IoT device according to an embodiment of the present invention, wherein a manager terminal provides information of a shared resource and information of a complex IoT device coupled to the shared resource to a blockchain network through a manager dApp. Shared resource registration step of providing shared resources to be shared, a user terminal requests permission to use the shared resource registered in the blockchain network through a user dApp, and the manager terminal uses it based on a smart contract designated in advance. It may include a use permission acquisition step in which the permission is granted, and a use start step of opening a lock to allow access to the shared resource by determining whether the use permission exists in the user terminal by the composite IoT device.

In addition, in the step of registering the shared resource, the manager terminal provides the information of the shared resource and the information of the complex IoT device to the blockchain network through a dApp for a manager, and based on a smart contract for an administrator of the blockchain network. Thus, the information on the shared resource and the information on the complex IoT device may be recorded in a block generated by the blockchain network, and the block may be shared.

In addition, in the step of acquiring the use right, when the user terminal requests a search for shared resources recorded in the blockchain distributedly stored in the blockchain network through the dApp for the user, the dApp for the user is shared recorded in the blockchain. Searching for a resource and providing a list of available shared resources to the user terminal, selecting a shared resource from a list of shared resources that can be provided by the user terminal and requesting acquisition of use rights, and the administrator of the blockchain network The smart contract for use may include determining whether or not the requested shared resource is available and, if available, recording in the blockchain that the user terminal has been given permission to use it.

In addition, the use start step is a step of requesting, by a user terminal, to unlock the complex IoT device based on usage rights to the blockchain network through a dApp for the user, whether the complex IoT device is located within a predetermined distance. Determining, when the complex IoT device and the user terminal are located within a predetermined distance, the complex IoT device and the user terminal each requesting execution of a one-time authentication protocol from the blockchain network, the blockchain network According to the one-time authentication protocol, generating a one-time key and transmitting it to the composite IoT device and the user terminal, respectively, when the one-time key received by the composite IoT device and the one-time key received from the user terminal match It may include the step of opening the lock by determining that the user terminal has permission to use.

In addition, the blockchain network stores a block chain including information necessary for sharing the shared resource, a record of the use of the shared resource, and information on an administrator or user of the shared resource, and functions related to the sharing of the shared resource It may include a plurality of nodes that perform at least some of them.

In addition, the complex IoT device includes a locking module that physically or electrically opens and closes the shared resource by being coupled to various types of shared resources, a communication module that transmits and receives data to and from a user terminal or a blockchain network, and the user terminal is the shared resource. It may include a controller module that determines whether or not to have the right to use of, based on a key received from the blockchain network, and controls to open and close the lock module.

Blockchain application external information recognition and information provision method according to an embodiment of the present invention, a data acquisition step of acquiring data from an information source existing outside the Oracle blockchain network, by verifying the trust of the information source, the The reliability determination step of determining the reliability of the data, the parsing step of parsing the data, the data protection step of providing protection according to the type of the data, and the data storage history while storing the data in a distributed data storage are stored in the Oracle blockchain. It may include a storage step of storing in.

In addition, the method for recognizing external information and providing information on a blockchain application according to an embodiment of the present invention includes a loading step of acquiring data requested from the inside or outside of the Oracle blockchain network from the distributed data storage, the requested A protection change step of removing or changing the protection given to data, a reconfiguration step of organizing the requested data in a required format based on the data supply request, and providing the requested data and providing the data provision details to the Oracle block It may further include a provision step of storing in the chain.

In addition, the method for recognizing and providing information outside the blockchain application according to an embodiment of the present invention determines whether the requested data exists in the decentralized data storage by searching the data storage details, and It may further include a request determination step of performing the loading step when data exists in the distributed data storage, and performing the data acquisition step when the requested data does not exist in the distributed data storage.

In addition, the reliability determination step is a first determination step of determining whether the information source is trusted using the SSL certificate provided by the information source, and the information source obtained through the Whois service based on the domain of the information source. A second determination step of determining whether or not the information source is trusted using domain registration information, and an Oracle node voting in a delegated stake-proof method regarding whether or not the information source is trusted, and the information source based on the Oracle node vote. At least one of the third determination steps of determining whether or not is trusted may be performed.

In addition, the method for recognizing and providing information outside the blockchain application according to an embodiment of the present invention includes the untrusted information source in the source-blacklist when it is determined as an untrusted information source as a result of performing the reliability determination step. A source-blacklist adding step of adding a may be further included.

In addition, the method for recognizing and providing information on external information applied to a block chain according to an embodiment of the present invention is to determine the reliability of a new node that has requested to join the Oracle blockchain network, the increase amount per unit time of the new node is a reference value. If exceeded, the joining of the new node is stopped for a predetermined period, and if there is an oracle block created in the new node, it is determined as an untrusted oracle node, and the joining is blocked and added to the node-blacklist, and the new node is In the case of being included in the node-blacklist, the step of determining the reliability of an Oracle node may further include blocking the joining.

In addition, the Oracle blockchain network is composed of a plurality of oracle nodes, the oracle node includes an enclave for operating at least a part of the oracle block chain program code, and determining the reliability of the oracle node within the enclave, and The Oracle block generation consensus process can be performed.

In addition, the data protection step may be to anonymize or delete information corresponding to personal information from the data, or to perform de-identification in which only necessary data is categorized or aggregated, and if necessary, the de-identified data may be encrypted. .

Features and advantages of the present invention will become more apparent from the following detailed description based on the accompanying drawings.

Prior to this, terms or words used in the present specification and claims should not be interpreted in a conventional and dictionary meaning, and the inventor may appropriately define the concept of the term in order to describe his own invention in the best way. It should be interpreted as a meaning and concept consistent with the technical idea of the present invention on the basis of the principle that there is.

According to an embodiment of the present invention, anyone can register various types of shared resources and use or trade shared resources registered in the blockchain by using a blockchain-based sharing and transaction platform.

In addition, an object according to an embodiment of the present invention is to use a complex IoT device that can be combined with various types of shared resources, and to use or trade various types of shared resources by using a smart contract provided by a blockchain network. can do.

According to an embodiment of the present invention, it is possible to provide a two-way data exchange that brings data existing outside of the Oracle blockchain into the inside of the Oracle blockchain and provides data stored inside the Oracle blockchain to the outside of the Oracle blockchain. I can.

In addition, according to an embodiment of the present invention, data confidentiality, integrity, and privacy of information users can be guaranteed when exchanging data.

In addition, according to an embodiment of the present invention, it is possible to provide a smart contract oracle capable of performing data acquisition, storage, processing, and scheduling for accessing various external data in an Oracle blockchain network.

In addition, according to an embodiment of the present invention, various mainnet connectors and dApps can be serviced, and a service that gives reliability to data can be provided.

1 shows an environment for providing a method of providing a shared service using a complex IoT device according to an embodiment of the present invention.

2 is a diagram showing the functions of a smart contract for a manager according to an embodiment of the present invention.

3 is a diagram showing the functions of a smart contract for a user according to an embodiment of the present invention.

4 is a diagram illustrating a composite IoT device according to an embodiment of the present invention.

5A is a diagram illustrating a composite IoT device coupled with an add-on method according to an embodiment of the present invention.

5B is a diagram illustrating a gateway module of a composite IoT device according to an embodiment of the present invention.

6 is a flowchart illustrating a method of providing a shared service using a complex IoT device according to an embodiment of the present invention.

7 is a diagram showing an Oracle blockchain network that performs a method of recognizing external information and providing information applied to a block chain according to an embodiment of the present invention.

8 is a diagram showing each step of a method for recognizing external information and providing information applied to a block chain according to an embodiment of the present invention.

9 is a diagram showing a framework structure of a program code that performs a method of recognizing external information and providing information applied to a block chain according to an embodiment of the present invention.

10 is a diagram illustrating a step of determining reliability of an information source according to an embodiment of the present invention.

11 is a diagram illustrating a node reliability verification step of a new node according to an embodiment of the present invention.

Objects, specific advantages and novel features of an embodiment of the present invention will become more apparent from the following detailed description and preferred embodiments associated with the accompanying drawings. In adding reference numerals to elements of each drawing in the present specification, it should be noted that, even though they are indicated on different drawings, only the same elements are to have the same number as possible. In addition, terms such as “one side”, “the other side”, “first” and “second” are used to distinguish one component from other components, and the component is limited by the terms no. Hereinafter, in describing an embodiment of the present invention, a detailed description of related known techniques that may unnecessarily obscure the subject matter of the embodiment of the present invention will be omitted.

Hereinafter, with reference to the accompanying drawings, an embodiment of the present invention will be described in detail.

A method of providing a shared service using a complex IoT device according to an embodiment of the present invention may be performed using a complex IoT device 20, a manager terminal 31, a user terminal 32, and a block chain network 50. .

The blockchain network 50 is a network in which a plurality of nodes 51 are connected in a peer-to-peer (P2P) method. The blockchain network 50 may perform a method of providing a shared service using a complex IoT device based on information processing between a plurality of nodes 51 and information processing of each node 51. The blockchain network 50 stores a block chain 60 that can store information necessary for sharing the shared resource 10, the use record of the shared resource 10, and information about the administrator or user of the shared resource 10. And, it may be composed of a plurality of nodes 51 that perform at least some of the functions related to the sharing of the shared resource (10).

The node 51 may include a communication unit 51a, a control unit 51b, and a storage unit 51c. The node 51 includes an information processing device such as a server computer, a PC, a notebook PC, a tablet PC, and a smart phone. The communication unit 51a may transmit and receive data to and from the other node 51, the manager terminal 31, the user terminal 32, and the complex IoT device 20. The communication unit 51a may configure the block chain network 50 by connecting the node 51 and another node 51. The storage unit 51c may store all or part of the block chain 60. The storage unit 51c may store a program code for performing a method of providing a shared service using a complex IoT device according to an embodiment of the present invention. The control unit 51b may include a processor capable of executing a program code for performing a method of providing a shared service using a complex IoT device according to an embodiment of the present invention.

The block chain 60 may be composed of a continuous connection of blocks 61 including the hash value of the previous block 61 as a configuration of the magnetic block 61. The block 61 includes the hash value and storage space of the previous block 61. The block chain 60 is stored in a plurality of nodes 51 constituting the block chain network 50, respectively, and the block chains 60 stored in the plurality of nodes 51 have the same data. In the storage space of the block 61, information about the shared resource 10, information about the complex IoT device 20, information about the administrator, information about the user, usage records of the shared resource 10, etc. may be stored. have.

The manager terminal 31 and the user terminal 32 are information processing devices that can connect to the blockchain network 50 to transmit and receive data. The manager terminal 31 and the user terminal 32 may include portable electronic devices such as a smart phone, a notebook PC, a tablet PC, and a wearable computer. The manager terminal 31 and the user terminal 32 may transmit and receive data to and from the blockchain network 50 through a dApp.

The dApp (distributed application) is a front-end interface that users and managers access through the manager terminal 31 and the user terminal 32 in order to use a method of providing a shared service using a complex IoT device. The dApp may be installed and executed on the administrator terminal 31 and the user terminal 32, or provided to the administrator terminal 31 and the user terminal 32 in the form of a web page operated on a server separate from the blockchain network 50 It can be, and it can also be executed on the node 51 of the blockchain network 50. The dApp may include a dApp 41 for an administrator and a dApp 42 for a user. The dApp 41 for the manager provides information on the shared resource 10, the registration function of the information on the complex IoT device 20, the monitoring function of the shared resource 10, and various management permission functions to the manager terminal 31. Can provide. The user dApp 42 may provide functions such as a search function for the shared resource 10, a request for use permission, and a request for unlocking the complex IoT device 20 to the manager terminal 31.

The dApp transfers data or commands received from the manager terminal 31 and the user terminal 32 to a smart contract existing in the blockchain network 50. Smart contracts running on the blockchain network 50 include a smart contract 41a for administrators and a smart contract 42a for users. The manager smart contract 41a may operate based on data and commands received from the manager dApp 41. The user's smart contract 42a may operate based on data and commands received from the user's dApp 42.

FIG. 2 is a diagram showing the functions of the manager's smart contract 41a according to an embodiment of the present invention, and FIG. 3 is a diagram showing the functions of the user's smart contract 42a according to an embodiment of the present invention.

As shown in FIG. 2, the manager's smart contract 41a may perform shared resource information management, shared resource access management, user status information management, and location-based access management functions. The shared resource information management function may include functions such as adding shared resources, modifying shared resource information, and deleting shared resources, and a list of shared resources required to perform the function, devices (compound IoT device 20, manager terminal ( 31), information such as the Mac Address of the user terminal 32, etc.), the sensor type of the gateway module 27, and the sensor measurement interval of the gateway module 27 can be stored in a table format. The shared resource access management function can include functions such as adding an access-allowing device, deleting an access-allowing device, and adding an access log, and devices such as the Mac Address of the access device, connected user ID, and additional time required to perform the function. Information such as connection status, such as status, device ID, connection route, and connection time, can be saved in a table format. The user status information management function can include functions such as member blocking, and information such as user status such as ID, age, gender, and region necessary to perform the function, and membership registration time, etc., in a table format. Can be saved. The location-based access management function can perform functions such as inserting access records and modifying indoor/outdoors. Sender device ID, receiver device ID, latitude/longitude, access point, indoor/outdoor, indoor Location data information such as coordinates can be stored in a table format. The manager's smart contract 41a may perform a function of registering the shared resource 10 in the blockchain network 50, a function of monitoring the state of use of the shared resource 10, and the like.

As shown in FIG. 3, the smart contract 42a for a user may include a user function, a device function, and a location function. User functions may include functions such as membership registration, member information modification, and withdrawal, and user data information such as ID, age, gender, region, and user data information necessary to perform the function is tabled. Can be saved in a format. Device functions may include functions such as registering access devices and checking device status, and device data such as the Mac Address of the access device to perform the function, connection user ID, and additional time, and device ID, access route, and access Information such as access status, such as time, can be saved in a table format. The location function may include functions such as inserting access location data and querying logs, and information such as sender device ID, receiver device ID, latitude/longitude, access point, indoor/outdoor, indoor coordinates, etc. necessary to perform the function. Can be saved in a table format. Information used by the manager's smart contract 41a and the user's smart contract 42a may be stored in the storage space of the block 61, and may be encrypted and stored.

4 is a diagram illustrating a composite IoT device 20 according to an embodiment of the present invention.

As shown in FIG. 4, the complex IoT device 20 according to an embodiment of the present invention is coupled to various types of shared resources 10 to physically or electrically open and close the shared resources 10. ), the user terminal 32 or the communication module 22 for transmitting and receiving data with the blockchain network 50, and whether the user terminal 32 has the right to use the shared resource 10 or not, the blockchain network 50 ), and may include a controller module 23 for controlling to open and close the locking module 21, based on a key received from). In addition, the composite IoT device 20 according to an embodiment of the present invention includes a display module 25 capable of visually or aurally providing information to a user or an administrator, a command or a touch of a user or an administrator, and the like. It may include an input module 24 that can receive input and a power module 26 such as a battery that supplies power to components of the composite IoT device 20. Each of the modules 21 to 27 included in the composite IoT device 20 may be configured as a physically independent device, or some modules may be configured as a single device.

The locking module 21 may be opened or closed under the control of the controller module 23. The locking module 21 may be physically coupled to the shared resource 10 to block a user from accessing a part of the shared resource 10 required when using the shared resource 10. For example, when the shared resource 10 is a conference room or a lodging facility, the lock module 21 may be physically coupled to a door lock or lock of a door to block the user from arbitrarily opening the door. Alternatively, when the shared resource 10 is an electronic device, the locking module 21 is coupled to an input device or an output device of the electronic device, or is integrally combined with the electronic device to prevent the user from using all or part of the electronic device. Alternatively, you can perform electrical restrictions. Alternatively, the locking module 21 may be integrally formed with a door lock or a lock. The locking module 21 may be coupled to various shared resources 10.

The communication module 22 can transmit and receive data with the manager terminal 31, the user terminal 32, and the blockchain network 50. The communication module 22 may use a short-range communication method such as Wi-Fi, Bluetooth, and NFC. The communication module 22 may recognize its own location using GPS information.

The controller module 23 may control opening and closing of the locking module 21. The controller module 23 may check the usage rights of the user terminal 32 that has requested the use of the shared resource 10. The controller module 23 compares the key received from the blockchain network 50 with the key transmitted through the communication module 22 by the user terminal 32 according to the one-time authentication protocol to determine the right to use the user terminal 32. I can confirm. If the key received from the blockchain network 50 and the key transmitted by the user terminal 32 through the communication module 22 match, the controller module 23 determines that the user terminal 32 has permission to use it. can do. The controller module 23 controls to open the locking module 21 when the existence of the right to use the user terminal 32 is confirmed. The controller module 23 may control to lock the locking module 21 when a predetermined period of use has elapsed or a necessary condition is satisfied.

The controller module 23 may start a procedure to determine whether the user terminal 32 has the right to use only when the user terminal 32 approaches a predetermined distance using GPS information or short-range communication between the communication module 22 and the user terminal 32. have. The proximity determination is an additional safety device in that the user terminal 32 and the communication module 22 must be unlocked when the user terminal 32 and the communication module 22 are approached by a predetermined distance to prevent the use of a person without permission. The communication module 22 performs a distance determination based on the intensity of radio waves such as Wi-Fi, Bluetooth, and NFC, or compares its GPS coordinates with the GPS information of the user terminal 32 received from the user terminal 32 to provide proximity. You can judge whether or not. When it is determined that the user terminal 32 has approached the communication module 22 by a predetermined distance, the controller module 23 may request the block chain network 50 to check usage rights based on a one-time authentication protocol.

The controller module 23 may further perform a procedure required to use the shared resource 10 based on information input by a user or an administrator to the input module 24. The controller module 23 may provide a key for opening the locking device to the user terminal 32 when opening the locking module 21 based on the right to use the shared resource 10. When it is determined that the user terminal 32 has the right to use, the controller module 23 provides information such as a password required to use the shared resource 10 to the user terminal 32 or through the display module 25. It can be provided to the user. For example, when the lock module 21 is physically connected to the door lock, the controller module 23 controls to open the lock module 21 when the user terminal 32 is authorized to use the door lock and opens the door lock. The door lock password required for this may be provided to the user terminal 32 or may be provided to the user through the display module 25.

5A is a diagram illustrating a composite IoT device 20 coupled in an add-on method according to an embodiment of the present invention. Arrow A shows that the locking module 21 is coupled to a portion indicated by a dotted line on the door lock.

As shown in FIG. 5A, the lock module 21 of the composite IoT device 20 is preinstalled on the shared resource 10 only when the user opens the lock module 21 based on the permission to use the shared resource 10. In order to be able to access the other locking device 100 that has been set, it may be installed in the locking device 100 in an add-on method. In the add-on method, the locking device 100 installed on the shared resource 10 is maintained as it is, and the complex IoT device 20 is additionally coupled to the locking device 100. The locking module 21 of the complex IoT device 20 is coupled to cover a keypad, a keyhole, a dial, etc. necessary to open the locking device 100, and when the locking module 21 is opened, the user , It can be formed in a way that opens a space for access to the dial, etc. For example, the complex IoT device 20 is coupled to the door lock, which is the locking device 100 installed on the door entering the space as the shared resource 10, so that the locking module 21 covers the keypad 110 of the door lock. It is coupled, and when the open area 21a of the locking module 21 is opened in a slide manner or a hinge manner that moves along the arrow B, it may be formed so that the user can access the keypad 110 of the door lock.

5B is a diagram showing the gateway module 27 of the composite IoT device 20 according to an embodiment of the present invention.

As shown in FIG. 5B, the composite IoT device 20 according to an embodiment of the present invention may further include a gateway module 27. The gateway module 27 monitors the usage status of the shared resource 10 using at least one of a motion sensor, a human body detection sensor, an infrared sensor, an ultrasonic sensor, and a touch sensor to generate usage status information, and the controller module 23 Can be provided to. The gateway module 27 monitors whether or not a person 32a using the shared resource 10 exists. The gateway module 27 may be physically formed as a separate device, and may be coupled to the shared resource 10 at a location capable of monitoring the state of use of the shared resource 10. For example, when the shared resource 10 is a space such as a conference room or a lodging facility, the gateway module 27 may be installed at a location where it is possible to check whether a person 32a exists in the space. At this time, the gateway module 27 is formed as a physically separate device from the lock module 21, and the state of use of the shared resource 10 detected by the gateway module 27 is determined by the controller module 23 through the communication module 22. ) Can be passed on. The controller module 23 may determine whether the person 32a using the shared resource 10 is an intruder or a legitimate user based on the use right. The controller module 23 may provide an alarm to the administrator terminal 31 when it is determined as an intruder. When the usage time based on the usage authority expires, the controller module 23 checks whether there is no person 32a using the shared resource 10 based on the usage state received from the gateway module 27, and accesses the shared resource 10. If there is no person 32a to use, the locking module 21 can be controlled to be locked.

The complex IoT device 20 according to an embodiment of the present invention as described above may be coupled to various shared resources 10, and the locking module 21 is provided only to a user who has the right to use the shared resource 10. It can be opened to provide the use of the shared resource (10).

As shown in Figure 6, the method of providing a shared service using a complex IoT device according to an embodiment of the present invention, the manager terminal 31 through the manager dApp (41) information and sharing of the shared resource (10) The shared resource registration step (S10) of providing information of the complex IoT device 20 coupled to the resource 10 to the blockchain network 50 so that the shared resource 10 can be shared, the user terminal 32 The usage right is granted based on the smart contract designated by the administrator terminal 31 by requesting the right to use the shared resource 10 registered in the blockchain network 50 through the user dApp 42 It may include an acquisition step (S20), and a use start step (S30) in which the composite IoT device 20 determines whether the user terminal 32 has permission to use it and opens the lock so that the shared resource 10 can be accessed. have. In the method of providing a shared service using a complex IoT device according to an embodiment of the present invention, when the usage time set based on the usage permission expires, when it is determined that the usage is terminated by checking the usage status of the shared resource 10 It may include a use end step (S40) of controlling the locking module 21 to be locked. A method of providing a shared service using a complex IoT device may be performed in a system including a complex IoT device 20, a manager terminal 31, a user terminal 32, and a block chain network 50. In order to use the shared service using the composite IoT device 20 according to an embodiment of the present invention, the administrator and the user may register as a member and register predetermined information.

The shared resource registration step (S10) is a step in which the manager terminal 31 provides the information of the shared resource 10 and the information of the complex IoT device 20 to the blockchain network 50 through the dApp 41 for the manager, And, based on the smart contract 41a for the manager of the blockchain network 50, the information of the shared resource 10 and the information of the complex IoT device 20 are recorded in the block 61 generated by the blockchain network 50. And block 61 is shared.

First, the administrator installs the composite IoT device 20 on the shared resource 10. The manager executes the manager dApp 41 using the manager terminal 31 or accesses the manager dApp 41 to input information about the shared resource 10 and the complex IoT device 20. The information on the shared resource 10 includes information necessary for the user to use the shared resource 10, such as the type, characteristics, rental cost, available rental time, minimum available rental time of the shared resource 10. Information on the complex IoT device 20 includes the device ID, Mac Address, sensor type of the gateway module 27, sensor addition time, etc. The user terminal 32 and the blockchain network 50 recognize the complex IoT device 20. And includes information that enables data to be transmitted and received. The information on the shared resource 10 and the information on the complex IoT device 20 input to the manager terminal 31 is transmitted to the smart contract 41a for the manager of the blockchain network 50 through the dApp.

The manager dApp 41 provides information on the shared resource 10 and the complex IoT device 20 received by calling the manager smart contract 41a of the blockchain network 50. The dApp 41 for administrators can transmit and receive data with the blockchain network 50 using Restful API.

The manager's smart contract 41a registers the shared resource 10 on the blockchain network 50 so that the user can use the shared resource 10 by performing a shared resource information management function. The manager's smart contract 41a configures the blockchain network 50 to store information on the shared resource 10 and information on the complex IoT device 20 in the storage space of the block 61 in a table format. It can be shared with the constituent nodes 51. Information on the shared resource 10 and information on the complex IoT device 20 are stored in the block 61 through a verification and consensus process.

When the user terminal 32 requests the search for the shared resource 10 recorded in the block chain 60 that is distributed and stored in the block chain network 50 through the user's dApp 42 in the use right acquisition step (S20), , The step of providing a list of available shared resources 10 to the user terminal 32 by searching for the shared resources 10 recorded in the block chain 60 by the user dApp 42, the user terminal 32 Selecting a shared resource 10 from the list of available shared resources 10 and requesting the acquisition of usage rights, and the smart contract 41a for the administrator of the blockchain network 50 It may include the step of determining whether or not the availability is available and, if available, recording in the block chain 60 that the user terminal 32 has been given permission to use it.

In order to use the shared resource 10, the user must first obtain the right to use. The user may request a search of the shared resource 10 registered in the blockchain network 50 by executing the dApp 42 for the user on the user terminal 32 or by accessing the dApp 42 for the user. The dApp may provide an interface for searching the shared resource 10 by selecting conditions such as the type, location, usage period, and rental cost of the shared resource 10. The dApp may request a search from any node 51 constituting the blockchain network 50 based on the search condition received from the user terminal 32. Since each of the plurality of nodes 51 stores the same blockchain 60, it is possible to perform a search requested by the dApp 42 for a user and return a result. The user terminal 32 may receive a result of performing a search in a node 51 through the dApp 42 for a user. The user terminal 32 displays the received search result to the user.

The user may select the shared resource 10 from the list of shared resources 10 provided as a result of the search and request the acquisition of permission to use the shared resource 10. The user terminal 32 may request to obtain the permission to use the shared resource 10 selected by the user through the dApp 42 for the user to the smart contract 41a for the administrator of the blockchain network 50.

When the manager's smart contract 41a receives the request for acquiring the use rights of the shared resource 10 received from the user dApp 42, it determines whether the shared resource 10 is available. Whether or not the shared resource 10 is available may be determined based on conditions included in the request for obtaining use rights of the shared resource 10. It is possible to determine whether there is another user already reserved at the time requested by the user, and to determine whether the user is registered in the blacklist and is not entitled to obtain use rights. The manager's smart contract 41a records in the block chain 60 that, when the requested shared resource 10 is available, the permission is granted to the user terminal 32 requesting the permission. That is, the manager's smart contract 41a shares the content that the user terminal 32 has the right to use at the requested time to the blockchain network 50, and the blockchain network 50 through verification and consensus It is stored in block 61 that the user has been given permission to use it. The manager's smart contract 41a may provide the user terminal 32 that the use right has been granted through the dApp 42 for the user.

When the user terminal 32 obtains the use right, the user may open the lock of the complex IoT device 20 through the user terminal 32 and start using the shared resource 10. In the use start step (S30), the user terminal 32 requests the block chain network 50 to unlock the complex IoT device 20 based on the usage rights through the user dApp 42, the complex IoT device Determining whether the user terminal 32 is located within a predetermined distance, when the complex IoT device 20 and the user terminal 32 are located within a predetermined distance, the complex IoT device 20 and the user terminal ( 32) each requesting execution of a one-time authentication protocol to the blockchain network 50, the blockchain network 50 generates a one-time key according to the one-time authentication protocol, and the composite IoT device 20 and the user Delivering each to the terminal 32, and permission to use the user terminal 32 when the disposable key received by the composite IoT device 20 and the disposable key received from the user terminal 32 match. It may include the step of opening the lock by determining that there is.

The user may request the unlocking of the complex IoT device 20 coupled to the shared resource 10 that has obtained the use right through the user terminal 32. The user terminal 32 may request the complex IoT device 20 to open the lock directly or through a dApp or a blockchain network 50.

Upon receiving a lock release request, the composite IoT device 20 may perform proximity determination to determine whether the user terminal 32 is located within a predetermined distance. If the user terminal 32 is not near the shared resource 10 and the lock module 21 is opened based on the use right, there is a risk that another person without the use right will use the shared resource 10, It is determined whether the user is located within a predetermined distance to the shared resource 10. Determination of proximity has been described in the process of describing the controller module 23 of the composite IoT device 20, and therefore, overlapping content will be omitted. The user terminal 32 may transmit and receive signals to the complex IoT device 20 using short-range communication such as Wi-Fi, bluetooth, and NFC. The user terminal 32 transmits its GPS coordinates to the complex IoT device 20 so that the complex IoT device 20 can determine whether or not the complex IoT device 20 is in proximity.

When it is determined that the user terminal 32 is located within a predetermined distance to the complex IoT device 20, the complex IoT device 20 may provide a signal indicating that the proximity determination has passed to the user terminal 32. When the proximity determination is passed, the complex IoT device 20 and the user terminal 32 may request the blockchain network 50 to execute a one-time authentication protocol. When the execution request of the one-time authentication protocol received from the composite IoT device 20 and the user terminal 32 match, the blockchain network 50 executes the one-time authentication protocol.

The one-time authentication protocol searches for the use permission record stored in the block chain 60, determines whether the user terminal 32 has permission to use the shared resource 10 at a predetermined time, and if the use permission exists, the one-time authentication protocol Generates and provides a one-time key to the composite IoT device 20 and the user terminal 32. The disposable key may be a randomly generated value, and may be encrypted with public keys of the composite IoT device 20 and the user terminal 32 and transmitted. When the one-time key received by the composite IoT device 20 is compared with the one-time key received by the user terminal 32 and match, the composite IoT device 20 determines that the user terminal 32 has the right to use the lock module. (21) The lock can be opened. The user can use the shared resource 10 when the lock module 21 is opened. When the locking module 21 is combined with the existing locking device of the shared resource 10 in an add-on method, the complex IoT device 20 provides the password of the existing locking device to the user terminal 32, and the user The shared resource 10 can be used by entering the password displayed in 32) into the existing locking device.

The gateway module 27 may monitor the state of the shared resource 10 while the user uses the shared resource 10. When the shared resource 10 is a space such as a conference room or accommodation facility, when the lock module 21 is opened, the gateway module 27 can sense whether a person enters or exits the space that is the shared resource 10. . The gateway module 27 may continuously sense the state of use of the shared resource 10 at a predetermined period or when the lock module 21 is opened. The gateway module 27 may transmit the state of use of the shared resource 10 to the complex IoT device 20.

The manager terminal 31 may perform an access management function of the shared resource 10 through the dApp 41 for the manager. The manager terminal 31 can monitor information about users who have applied for use of the shared resource 10, information about the use status of the shared resource 10, and the use record and reservation record of the shared resource 10. have. The manager dApp 41 can request the manager's smart contract 41a to monitor the current status of the shared resource 10, and the manager's smart contract 41a is provided by the gateway module 27 from the complex IoT device 20 The usage status of one shared resource 10 may be received and provided to the manager terminal 31 through the dApp 41 for managers.

The user stops the use of the shared resource 10 when the use time based on the use right ends. The complex IoT device 20 receives information on the state of use of the shared resource 10 from the gateway module 27 when the usage time based on the usage permission ends, and operates the lock module 21 to enable the user and the shared resource ( Determine if it is okay to block 10). For example, when the shared resource 10 is a space such as a conference room or a lodging facility, the gateway module 27 can sense whether a user exists in the space that is the shared resource 10, and the space that is the shared resource 10 When there is no user therein, the composite IoT device 20 may perform a use end step (S40) of controlling the locking module 21 to be locked.

When the use of the user is terminated by controlling the composite IoT device 20 to lock the lock module 21, the composite IoT device 20 transmits the end of use fact to the blockchain network 50. The user's usage record may be stored in the blockchain 60.

7 is a diagram showing an Oracle blockchain network 1020 that performs a method of recognizing external information and providing information applied to a block chain according to an embodiment of the present invention.

Blockchain application external information recognition and information provision method according to an embodiment of the present invention may be performed in a plurality of oracle nodes 1030 constituting the Oracle blockchain network 1020. The Oracle blockchain network 1020 performs a method of recognizing and providing information outside of the blockchain application, acquiring data from an information source 1010 outside the Oracle blockchain network 1020 to obtain a distributed data storage 1040. ), and upon receiving a data request, data stored in the distributed data storage 1040 may be provided to the information user 1050.

The Oracle blockchain network 1020 is a network in which a plurality of Oracle nodes 1030 are connected in a peer-to-peer (P2P) method. The Oracle blockchain network 1020 recognizes external information and provides information applied to the blockchain according to an embodiment of the present invention based on information processing between a plurality of oracle nodes 1030 and information processing of each oracle node 1030. Method can be carried out.

The oracle node 1030 may include a communication unit 1031, a control unit 1032, and a storage unit 1033. The Oracle node 1030 includes information processing devices such as a server computer, a PC, a notebook PC, a tablet PC, and a smart phone. The communication unit 1031 may transmit and receive data between the Oracle node 1030 and another Oracle node 1030 to connect the Oracle blockchain network 1020. The storage unit 1033 may store all or part of the Oracle blockchain 1060. The storage unit 1033 may store a program code for performing a method of recognizing external information and providing information in a block chain application according to an embodiment of the present invention. The control unit 1032 may include a processor capable of executing a program code that performs a method of recognizing external information and providing information in a block chain application according to an embodiment of the present invention.

The Oracle blockchain 1060 may be configured by successive connections of oracle blocks 1060a including the hash value of the previous oracle block 1060a as a configuration of the own oracle block 1060a. The oracle block 1060a includes a storage space for storing the hash value and data of the previous oracle block 1060a. The Oracle blockchain 1060 is stored in a plurality of Oracle nodes 1030 constituting the Oracle blockchain network 1020, and the Oracle blockchains 1060 stored in the plurality of Oracle nodes 1030 have the same data. . In the storage space of the oracle block 1060a, the storage details 1061 and the provision details 1062 may be stored. The storage details 1061 may include the execution result of the storage process S1030 in which the Oracle blockchain network 1020 obtains, verifies and stores data from the information source 1010. The provision details 1062 may include the execution result of the provision process S1040 in which the Oracle blockchain network 1020 receives a data request from the information user 1050 and provides the data.

The information source 1010 refers to a device that exists outside of the Oracle blockchain network 1020 and can provide data. The information source 1010 may include a web server, a cloud storage, a database, an external blockchain network (Ethereum, EOS, etc.) other than the Oracle blockchain network 1020 according to an embodiment of the present invention, an IoT device, and the like. have. The IoT device may be a complex IoT device that includes a lock function to allow or block a user's access by being connected to a shared resource, and a gateway module capable of detecting the presence or absence of a person using the shared resource. The information source 1010 may be a payment institution that mediates financial services, or may be a data provider of various types. The Oracle node 1030 constituting the Oracle blockchain network 1020 may access the information source 1010 and collect data.

The information user 1050 refers to a subject who requests data necessary for the Oracle node 1030 constituting the Oracle blockchain network 1020 and receives and uses the requested data. Information users 1050 are various smart contract accounts operating inside the Oracle blockchain network 1020, and other blockchain networks (Ethereum, EOS, etc.) that exist outside the Oracle blockchain network 1020. , Terminal devices of personal information users 1050 who request data by accessing an arbitrary Oracle node 1030 of the Oracle blockchain network 1020 may be included.

The Oracle blockchain network 1020 may receive data from the information source 1010. In addition, the Oracle blockchain network 1020 may provide the requested data to the information user 1050 upon receiving a data request from the information user 1050. In this case, the information source 1010 and the information user 1050 may be the same target outside the Oracle blockchain network 1020. That is, the information source 1010 may provide data to the Oracle blockchain network 1020, and the information source 1010 is an information user 1050 who requests data from the Oracle blockchain network 1020 when data is needed. May be. For example, the Ethereum blockchain network may be an information source 1010 that provides data to the Oracle blockchain network 1020, or the Ethereum blockchain network requests necessary information from the Oracle blockchain network 1020 and It may be an information user 1050 who receives necessary information from the Oracle blockchain network 1020.

The distributed data storage 1040 is a data distributed storage system based on the Oracle blockchain 1060. The distributed data storage 1040 divides data into a plurality of pieces and stores them in a storage space of nodes constituting the distributed data storage 1040. ), a distributed storage method such as IPFS (Interplanetary File Storage), Corda, etc. can be used. The distributed data storage 1040 stores data received from the Oracle blockchain network 1020 and transmits the requested data from the Oracle blockchain network 1020.

8 is a diagram showing each step of a method for recognizing external information and providing information applied to a block chain according to an embodiment of the present invention, and FIG. 9 is a method for recognizing external information and providing information applied to a block chain according to an embodiment of the present invention. It is a diagram showing a framework structure 1100 of a program code that performs an operation.

As shown in FIG. 8, the method of recognizing external information and providing information applied to a block chain according to an embodiment of the present invention includes acquiring data from an information source 1010 external to the Oracle blockchain network 1020. The data acquisition step (S1031), the reliability determination step (S1032) of verifying the reliability of the information source (1010), the parsing step (S1033) of parsing the data, and providing protection according to the type of data It may include a data protection step (S1034), and a storage step (S1035) of storing the data storage details 1061 in the Oracle blockchain 1060 while storing the data in the distributed data storage 1040.

In addition, a method for recognizing external information and providing information applied to a block chain according to an embodiment of the present invention is to obtain data requested from the inside or outside of the Oracle blockchain network 1020 from the decentralized data storage 1040. Step (S1041), a protection change step (S1042) of removing or changing the protection given to the requested data, a reconfiguration step (S1043) of organizing the requested data into a required format based on a data supply request, and the requested data A provision step (S1044) of providing and storing the data provision details 1062 in the Oracle blockchain 1060 may be further included.

9, the access module 1110 includes an API 1111, a parser 1112, a malicious oracle node prevention algorithm 1113, and a BFT consensus algorithm 1114. The information source verification module 1120 includes an SSL certificate-based trust judgment model 1121, a Whois-based trust judgment model 1122, and a voting-based trust judgment model 1123. The data management module 1130 includes a scheduler 1131, a de-identification algorithm 1132, and an encryption unit 1133. The Oracle smart contract module 1140 includes a data storage usage record smart contract 1141 and an Oracle blockchain network operation unit 1142.

8 and 9, a method of recognizing external information and providing information applied to a block chain according to an embodiment of the present invention will be described.

First, in the data request receiving step (S1010), an arbitrary Oracle node 1030 of the Oracle blockchain network 1020 receives a data request from the information user 1050. The data request includes information on data required by the information user 1050 and may include whether or not the data is to be accessed only by the specified information user 1050. The data request may be received through the API 1111 of the access module 1110. API 1111 may utilize Restful API or SDK API. The API 1111 may be connected to the information source 1010 to receive data, and may be connected to the information user 1050 to provide a channel for requesting and receiving data.

Upon receiving the data request, the Oracle node 1030 performs a request determination step S1020 of determining whether the requested data exists in the distributed data storage 1040. In the request determination step S1020, whether the requested data exists in the distributed data storage 1040 is determined by searching the data storage details 1061, and when the requested data exists in the distributed data storage 1040 A loading step (S1041) is performed to start the provision process (S1040), and a data acquisition step (S1031) is performed to perform a storage process (S1030) when the requested data does not exist in the distributed data storage 1040. Carry out. The storage process S1030 is a process of acquiring data that does not exist in the distributed data storage 1040 and the Oracle blockchain network 1020 from the information source 1010 existing outside the Oracle blockchain network 1020. The providing process S1040 is a process of providing data existing in the distributed data storage 1040 to the information user 1050.

In the request determination step (S1020), the Oracle node 1030 searches the storage details 1061 stored in the Oracle blockchain 1060 to determine whether the requested data matches the previously stored data to determine the existence of the requested data. can do. The storage details 1061 include the type of data, the name, the name of the acquired information source 1010, the content of protection, acquisition time, reliability determination information of the information source 1010, and storage location information of the distributed data storage 1040. And the like. Since the storage details 1061 are stored in the Oracle blockchain 1060 stored in the storage unit 1033 of the Oracle node 1030, the request determination step (S1020) does not go through the consensus or verification process of the Oracle blockchain network 1020. Can be operated without.

If the requested data does not exist in the distributed data storage 1040, a storage process (S1030) is performed to bring the requested data into the Oracle blockchain network 1020. The data acquisition step (S1031) is to acquire data from an information source 1010 existing outside the Oracle blockchain network 1020. The data collection method applied may vary depending on the type of the information source 1010. The data collection method may be different when the information source 1010 is an external blockchain network and an external device other than a blockchain network. For example, if the information source 1010 is the EOS blockchain network, the EOS blockchain network stores data in a table manner, so data is collected by reading a table, and the information source 1010 is an Ethereum block. In the case of a chain network, data can be collected using the View function provided by the Ethereum blockchain network. At this time, when the Oracle blockchain network 1020 acquires data from the information source 1010, only data according to the request of the information user 1050 may be selectively collected.

The data acquisition step (S1031) may be performed in such a way that the Oracle node 1030 that has received the data request accesses the data of the information source 1010 through the API 1111. The Oracle node 1030 searches whether or not the requested data exists in the information source 1010, and if the data exists, fetches the data. The scheduler 1131 of the data management module 1130 may manage a schedule for collecting data that should be collected on a regular basis. The scheduler 1131 may operate the storage process S1130 to collect data when a predetermined time is reached.

When data is imported from the information source 1010, a reliability determination step (S1032) is performed to determine the reliability of the data. In the reliability determination step (S1032), the Oracle blockchain network 1020 determines the reliability of the data provided by the information source 1010 by determining the reliability of the information source 1010 itself. The information source 1010 generates or receives and provides a result performed, generated, or determined in the real world outside the Oracle blockchain network 1020 in a data format that can be recognized by a computer device, and provides the World Wide Web (WWW). ), etc., it provides the result data that is performed, generated, or determined in the network. Since the information source 1010 exists based on a physical computer device, the reliability of the information source 1010 may be determined by verifying information on a real subject providing information using a physical computer device. The reliability determination step S1032 is a process of verifying information about the information source 1010 itself provided by the information source 1010 to the Oracle blockchain network 1020. That is, in the reliability determination step (S1032), who is the subject operating the information source 1010, whether the subject operating the information source 1010 exists, and the subject operating the information source 1010 can be trusted in the real world. It is judged whether or not it has been verified. The reliability determination step S1032 may be omitted when it is determined that the information source 1010 is already reliable. The reliability determination step S1032 may be performed to determine the reliability of the information source 1010 again when a predetermined period has elapsed after the information source 1010 is determined to be reliable.

If it is determined that the information source 1010 is reliable, a parsing step (S1033) is performed. The parsing step (S1033) is to parse the data acquired from the information source (1010). The parsing step S1033 may be performed by the parser 1112 of the access module 1110. The parser 1112 may analyze data acquired from the information source 1010 and classify it by detailed type. The parser 1112 may classify detailed data by applying various parsing algorithms according to the type of data acquired from the information source 1010. For example, if data "A to B 1000 EOS" is acquired from the EOS Oracle blockchain (1060) information source (1010), the parser (1112) is "Serial Number = XXX1", "Sender = A", " Recipient = B", "Amount = 1000", "Unit = EOS", you can classify detailed data and determine the type of detailed data.

After data parsing is performed, a data protection step (S1034) is performed. The data protection step S1034 is to provide protection according to the type of data. Since the data contains personal information, it is necessary to protect the privacy, or it is necessary to protect the data so that only the information user 1050 requesting the data can access it. The protection that can be given to data includes anonymization, categorization, aggregation, encryption, etc.

Anonymization, categorization, and aggregate processing may be performed through the de-identification algorithm 1132 of the data management module 1130. Anonymization is the modification or removal of some or all of the names of people in the data so that they cannot be recognized. For example, a part of the name "Hong Gil-dong" may be transformed into "Hong*Dong", or all may be transformed, such as "Customer 1". Total processing is to calculate the total amount when there are multiple values of a specific item. For example, if the number of transactions of "Hong*Dong" is "20/40/10", the total number of transactions can be counted as "70". Categorization is the aggregation according to the range in which a specific value is included. For example, if the number of transactions for "Hong*Dong" is "13", it can be counted as "10-20 times", which is a predetermined range.

Encryption is encryption so that only the specified information user 1050 can view the data. Encryption may be performed in the encryption unit 1133 of the data management module 1130. Encryption may be performed by receiving a public key of the information user 1050 and encrypting data using the public key of the information user 1050. Encryption may be performed by encrypting a symmetric key using the public key of the information user 1050, encrypting data using the symmetric key, and then storing or providing the encrypted symmetric key and data together. If personal information protection is unnecessary or data that can be disclosed, protection may not be provided in the data protection step (S1034).

The data that has undergone the protection phase is shared with the Oracle nodes 1030 constituting the Oracle blockchain network 1020 to reach consensus.

After performing the data protection step S1034, the storage step S1035 may be performed. In the storage step (S1035), the data storage details 1061 are stored in the Oracle blockchain 1060 while storing the data in the distributed data storage 1040. In the data storage step S1035, the operation of storing the data storage details 1061 in the Oracle blockchain 1060 may be performed according to the data storage usage record smart contract 1141 of the Oracle smart contract module 1140. The data storage usage record smart contract 1141 may perform an operation of storing data in the distributed data storage 1040 and an operation of storing the storage details 1061 in the Oracle blockchain 1060. When the Oracle smart contract module 1140 performs an operation of providing data to the distributed data storage 1040, the distributed data storage 1040 may store the received data.

The Oracle smart contract module 1140 may record and manage the storage details 1061 and the provision details 1062. The Oracle smart contract module 1140 may define a table inside for data management, record and manage all storage details 1061 and provision details 1062, and update data storage and provision details. The storage details 1061 and the provision details 1062 are shared and verified by at least some of the Oracle nodes 1030 participating in the Oracle blockchain network 1020 according to a consensus algorithm such as BFT, and the Oracle block 1060a according to the consensus. Can be stored in the storage space of.

Data can be of various sizes. Since it is difficult to store all data in the storage space of the Oracle block 1060a, the data may be stored in the distributed data storage 1040. The distributed data storage 1040 can guarantee the integrity of files by managing the storage of files based on a block chain. The decentralized data storage 1040 receives a data storage request from the Oracle blockchain network 1020 through the API 1111, selects a category suitable for the data, indexes it, and stores this content in the decentralized data storage 1040 After sharing it to some of the nodes that make up its own blockchain network, it is recorded in the storage medium of the shared node.

When the requested data exists in the distributed data storage 1040 or when the storage step (S1035) is performed, performing a provision process (S1040) of providing data corresponding to the requested data to the information user 1050 In order to perform the loading step (S1041). The loading step (S1041) is to acquire data requested from the inside or outside of the Oracle blockchain network 1020 from the distributed data storage 1040. Since the storage details 1061 include information related to a location where data is stored in the distributed data storage 1040, requested data may be obtained based on the storage details 1061.

When the requested data is acquired in the loading step S1041, the protection change step S1042 is performed. The protection change step S1042 is to remove or change the protection given to the requested data. The protection change step S1042 may be performed using the de-identification algorithm 1132 or the encryption unit 1133 of the data management module 1130. When de-identification or encryption protection is given to the data, the protection may be removed or changed according to a data request so that the information user 1050 can use the data. For example, when encrypted using the public key of the information user 1050, the data may be decrypted by receiving the private key of the information user 1050. In the protection change step S1042, it may be determined whether to remove or change the protection according to the characteristics of the data and the data request content.

If the protection is removed or changed in the protection change step S1042, the reconfiguration step S1043 is performed. The reconfiguration step is a process of reconstructing data parsed and stored in the distributed data storage 1040 into a data format based on a data request. The reconfiguration step may be performed in the parser 1112 of the access module. When the information user 1050 is another Oracle blockchain network 1020, the transaction details stored in the distributed data storage 1040 may be processed into a data format that can be used in another Oracle blockchain network 1020. For example, when the transaction details stored in the decentralized data storage 1040 are "Sender = A, Recipient = B, Amount = 1000, Unit = EOS", according to the data request, "A->B/1000/EOS It can be reconstructed into one continuous data such as ".

When performing the reconfiguration step, a providing step (S1044) of providing the reconstructed data to the information user 1050 is performed. In the providing step (S1044), the requested data is provided and the data provision details 1062 are stored in the Oracle blockchain 1060. The providing step S1044 may be performed according to the data storage usage record smart contract 1141 of the Oracle smart contract module 1140. As a result of performing the provision process (S1040) of finding and reading data from the distributed data storage 1040 and providing the data to the information user 1050, important data is stored as a provision history 1062 in the storage space of the Oracle block 1060a. Is saved. The provision details 1062 may include the contents of the data request, the type, name, and format of the requested data, the information of the information user 1050, the contents of protection removal or change, and the like.

As described above, by receiving a data request, determining whether the requested data exists in the distributed data storage 1040, and performing a storage process (S1030) and a provision process (S1040), It can recognize existing data and provide it to other Oracle blockchain networks 1020. By performing this process, an embodiment of the present invention can service various Mainnet connectors and dApps that can connect the blockchain and the blockchain to each other, and the reliability of the data exchanged between the blockchains It can provide a service that grants.

In performing the storage process (S1030) and the provision process (S1040), there is a difference in detailed execution steps according to data access rights. In the case of data that is open to the public, de-identification of the data is performed and encryption is not performed in the data protection step (S1034) of the storage process (S1030). In other words, the encryption is not performed so that the data can be used, but de-identification is performed to protect personal information, etc. existing in the data. In the case of data that is not disclosed to the public and only needs to be accessed by a specific information user 1050, encryption is performed after de-identification in the data protection step (S1034) of the storage process (S1030). Encryption may be performed using a public key/private key encryption method, and data may be encrypted with the public key of a specific information user 1050. Alternatively, encryption may be encrypted with the public key of a specific Oracle node 1030 and stored in the distributed data storage 1040.

In the case of data that is open to the public, since it is not encrypted, the protection change step (S1042) of the provision process (S1040) may be omitted. If the data is not disclosed to the public and only needs to be accessed by a specific information user 1050, the data can be decrypted with the private key of a specific Oracle node 1030 in the protection change step (S1042) of the storage process (S1030) to decrypt the data. have. Alternatively, when data is encrypted with the public key of a specific information user 1050 in the data protection step (S1034) of the storage process (S1030), the information user 1050 can decrypt the data with his own private key to recognize the data, so the protection is changed. Decryption may not be performed in step S1042.

10 is a diagram showing a reliability determination step (S1032) of the information source 1010 according to an embodiment of the present invention.

10, the reliability determination step (S1032) is a first determination step of determining whether the information source 1010 is trusted using an SSL certificate provided by the information source 1010, the information source 1010 A second determination step of determining whether the information source 1010 is trusted by using the domain registration information of the information source 1010 obtained through the Whois service based on the domain, and the trust of the information source 1010 This is a process of performing at least one of the third determination steps of determining whether or not the information source 1010 is trusted based on the vote of the Oracle node 1030 in the proof-of-stake method and based on the vote of the Oracle node 1030. In the reliability determination step S1032, all of the first to third determination steps may be performed.

The first determination step may determine whether the information source 1010 is operated by a trusted subject using an SSL certificate provided in an HTTPS environment. Based on the SSL certificate, information such as the address, domain, etc. in which the information source 1010 is operated can be recognized, and the SSL certificate is certified by a certificate authority (CA). Reality can be recognized, and the information source 1010 can be trusted by trusting the certification authority.

In the second determination step, reliability is determined using domain registration information of the information source 1010. The domain registration information includes information such as a domain name, a registrant address, a registrant email, and an IP address, and may be obtained using a Whois search service that provides domain registration information. In the second determination step, trust of the information source 1010 by checking whether the SSL certificate and domain registration information are the same or related, whether the access IP and the domain registration information are the same or similar, and whether the domain nationality and IP nationality are the same. You can judge whether or not.

In the third determination step, the Oracle nodes 1030 participating in the Oracle blockchain network 1020 may vote to determine the reliability of the information source 1010. Voting can be conducted in a delegated proof-of-stake (DPoS) method. When the third determination step is performed, the oracle nodes 1030 select a legislative oracle node 1030 to conduct a vote to determine the reliability of the information source 1010. Clinician Oracle nodes 1030 may be selected with an odd number of 11, 21, 99, and so on. When the SSL certificate information of the information source 1010, domain registration information, and information related to the requested data are shared with the elected legislator Oracle nodes 1030, the legislator Oracle nodes 1030 can trust the information source 1010. The information source 1010 is trusted when a vote is made on whether or not there is a vote in favor of more than the reference value.

The reliability determination step (S1032) of the method for recognizing external information and providing information applied to a block chain according to an embodiment of the present invention is determined as an unreliable information source 1010 as a result of performing the reliability determination step (S1032). -A source-blacklist adding step of adding the untrusted information source 1010 to the blacklist may be further included. If any one of the first to third determination steps is not passed, the information source 1010 cannot be trusted, and the unreliable information source 1010 is added to the source-blacklist. The data acquired from the source-blacklisted information source 1010 is unreliable, so the data is collected from another information source 1010. The information source 1010 registered in the source-blacklist may be deleted after a predetermined period of time elapses. If it has already passed the reliability determination step S1032 and is recognized as a reliable information source 1010, the data obtained from the information source 1010 may be trusted without performing the reliability determination step S1032 for a predetermined period of time.

Oracle nodes 1030 constituting the Oracle blockchain network 1020 may be added or removed. When a new node wants to join the Oracle blockchain network 1020, it is necessary to determine whether the node can be trusted. Oracle node reliability determination steps (S1101 to S1106) may be performed when a new node requests to join the Oracle blockchain network 1020. The Oracle node reliability determination step (S1101 to S1106) is a process of allowing or blocking the joining by determining the reliability of a new node requesting the joining.

Oracle node reliability determination step (S1101 to S1106) is to determine the reliability of a new node that has requested to join the Oracle blockchain network 1020, when the increment per unit time of the new node exceeds the reference value (Y in S1101) for a predetermined period. During the period, the joining of the new node is stopped (S1105), and if there is an oracle block 1060a already created in the new node (Y of S1102), it is determined as an untrusted oracle node 1030 and the joining is blocked (S1105). The node-blacklist is added (S1106), and when a new node is included in the node-blacklist (Y of S1103), the joining may be blocked (S1105).

When malicious oracle nodes 1030 occupy more than half or more than 66% of all network servers and attempt a so-called majority attack that distorts or falsifies data, the number of new nodes rapidly increases. If more than half of the Oracle nodes 1030 are occupied, an attacker can gain an advantage by replacing the Oracle blockchain 1060. For such an attack, a longer chain must be created in advance than the current main Oracle blockchain (1060) before the new node joins the Oracle blockchain network (1020). Therefore, if there is an Oracle blockchain 1060 created in advance at the time a new node wants to join, it is regarded as a hacking attempt and the access should be blocked (S1102). In order to prevent such a majority attack, the Oracle blockchain network 1020 can control the growth rate of new nodes (S1101), and the new node in which the pre-created Oracle blockchain 1060 exists is determined as a malicious oracle node 1030. The joining can be blocked by (S1102).

A rapid increase in the number of oracle nodes 1030, or an organization that has performed an attack in which the pre-storing oracle blockchain 1060 exists, or has a history of attacking in the past, such as Antminer, can be added to the node-blacklist. In addition, organizations added to the node-blacklist can block related IPs or domains.

It is not common for the number of new nodes to increase suddenly, and the number of new nodes rapidly increases compared to the number of Oracle nodes 1030 constituting the existing Oracle blockchain network 1020. Since the possibility of joining increases, the joining of a new node can be stopped for a predetermined period (S1105). Checks whether the Oracle block 1060a exists in the storage unit 1033 of the new node (S1102), and if there is an Oracle block 1060a already created and stored in the storage unit 1033, the Oracle Blockchain 1060 Since there is a possibility of damaging the health of the node, it is judged as a malicious oracle node 1030 and the joining can be blocked. If it is determined as a malicious oracle node 1030, it may be added to the node-blacklist (S1106) to block the same oracle node 1030 from continuing to perform the join request. If the Oracle node 1030 already included in the node-blacklist makes a request to join, the joining of the malicious Oracle node 1030 can be immediately blocked.

The Oracle blockchain network 1020 may be composed of a plurality of Oracle nodes 1030. The Oracle node 1030 includes an enclave 1032a that operates at least a part of the Oracle block chain program code, and the Oracle node reliability determination steps (S1101 to S1106) and the Oracle block creation consensus process are performed within the enclave 1032a. Can be done. The control unit 1032 of the oracle node 1030 may include an enclave 1032a. The enclave 1032a is an information processing space that is physically/software separated from the control unit 1032 so that external access is impossible. In the enclave 1032a, all or part of the program code for performing the method for recognizing external information and providing information in a block chain application according to an embodiment of the present invention may be executed. The program code operating in the enclave 1032a is reliable that it has not been forged or tampered with, and consensus between the oracle nodes 1030, verification of transactions, etc. may be performed in the enclave 1032a.

Among the steps according to an embodiment of the present invention, a reliability determination step of determining the reliability of the information source 1010 (S1032), an Oracle node reliability determination step of determining whether or not a new node is joined (S1101 to S1106), and data The storage step (S1035) of storing the distributed data storage 1040 and the providing step (S1044) of providing the data to the information user 1050 are performed between the Oracle nodes 1030 constituting the Oracle blockchain network 1020. This can be done with verification and agreement. Verification and agreement between the Oracle nodes 1030 constituting the Oracle blockchain network 1020 may be performed based on the program code included in the operation unit 1142 of the Oracle blockchain network 1020.

The Oracle blockchain network 1020 can perform consensus or voting based on the Byzantine Fault Tolerance (BFT) algorithm. The Oracle blockchain network 1020 can conduct consensus or voting in a distributed proof-of-stake (DPoS) method. When the reliability determination step (S1032) starts, the Oracle nodes 1030 elect a legislator Oracle node 1030 to proceed with the voting (S1201). When information (IP address, etc.) that can access the information source 1010 from which the data is acquired is shared between the legislator Oracle nodes 1030 (S1202), the legislator Oracle nodes 1030 are individually assigned to the information source 1010. Approach to and perform the first or second judgment step, and share the result. If all of the information that can access the information source 1010 is not shared with the legislator Oracle node 1030, it may wait until they are shared (S1205). When the number of oracle nodes 1030 determined to be reliable as a result of performing the first or second determination step is greater than the reference value (S1203), it may be determined that the information source 1010 is reliable (S1204). Alternatively, if the number of oracle nodes 1030 determined to be reliable is less than the reference value (S1203), consensus or voting has failed, and it is determined that the information source 1010 is not trusted and can be recorded in the source-blacklist (S1206). . If the agreement fails, the shared data may be discarded (S1206).

In the same way, the Oracle node reliability determination steps S1101 to S1106 may be performed. When the Oracle node reliability determination step (S1101 to S1106) begins, the Oracle nodes 1030 elect the legislator Oracle node 1030 (S1201), and the legislator Oracle node 1030 is the number of requests to join the Oracle node 1030 per hour, Determine whether there is an oracle block 1060a created in advance in the new node, or whether it is a malicious node registered in the node-blacklist, and share the result (S1202), and the number of oracle nodes 1030 that the new node determines to be reliable is a reference value. In more cases (S1203), a new node may be joined (S1204). If the number of oracle nodes 1030 determined to be reliable by the new node is less than the reference value, it is determined that consensus or voting has failed (S1206), and the joining of the new node is blocked, and the new node can be registered in the node-blacklist. Source-blacklist and node-blacklist can be shared.

The result of performing the storage process S1030 and the provision process S1040 is shared and verified with the Oracle nodes 1030 to be stored in the Oracle block 1060a as the storage details 1061 and the provision details 1062. The oracle nodes 1030 may perform verification and consensus for generating the oracle block 1060a including the storage details 1061 or the provision details 1062 at a predetermined time in a delegated proof-of-stake (DPoS) method.

As described above, according to an embodiment of the present invention, data existing outside the Oracle blockchain 1060 is imported into the Oracle blockchain 1060, and data stored inside the Oracle blockchain 1060 is transferred to the Oracle block chain 1060. Two-way data exchange provided to the outside of the blockchain 1060 may be provided.

Further, according to an embodiment of the present invention, it is possible to guarantee the confidentiality and integrity of data, and the privacy of the information user 1050 during data exchange.

In addition, according to an embodiment of the present invention, it is possible to provide a smart contract oracle capable of performing data acquisition, storage, processing, and scheduling for accessing various external data in the Oracle blockchain network 1020.

Although the present invention has been described in detail through specific examples, this is for explaining the present invention in detail, and the present invention is not limited thereto, and within the technical scope of the present invention, by those of ordinary skill in the art. It would be clear that the transformation or improvement is possible.

All simple modifications to changes of the present invention belong to the scope of the present invention, and the specific scope of protection of the present invention will be made clear by the appended claims.

[Explanation of code]

10: shared resources

20: complex IoT device

21: locking module

21a: open area

22: communication module

23: controller module

24: input module

25: display module

26: power module

27: gateway module

31: manager terminal

32: user terminal

41: dApp for administrators

42: dApp for users

41a: Smart contract for managers

42a: Smart contract for users

50: Blockchain network

51: node

51a: communication department

51b: control unit

51c: storage

60: Blockchain

61: block

1010: Information source

1020: Oracle Blockchain Network

1030: Oracle node

1031: Ministry of Communications

1032: control unit

1032a: Enclave

1033: storage

1040: distributed data storage

1050: information user

1060: Oracle Blockchain

1060a: Oracle block

1061: storage history

1062: offer details

1100: Framework structure

1110: access module

1111: API

1112: parser

1113: Malicious Oracle Node Prevention Algorithm

1114: BFT consensus algorithm

1120: information source verification module

1121: SSL certificate-based trust judgment model

1122: Whois-based trust judgment model

1123: Voting-based trust judgment model

1130: data management module

1131: scheduler

1132: de-identification algorithm

1133: encryption unit

1140: Oracle Smart Contract Module

1141: Data storage usage record smart contract

1142: Oracle Blockchain Network Operations Department

Claims

A locking module that is coupled to various types of shared resources to physically or electrically open and close the shared resources;

A communication module for transmitting and receiving data to and from a user terminal or a blockchain network; And

A complex IoT device comprising a controller module that determines whether the user terminal has permission to use the shared resource based on a key received from the blockchain network, and controls to open and close the lock module.
The method according to claim 1,

The controller module

Initiating a procedure for determining whether or not the user terminal has the use right only when the user terminal approaches a predetermined distance by using short-range communication or GPS information between the communication module and the user terminal.
The method according to claim 1,

Further comprising a gateway module for generating usage status information by monitoring the usage status of the shared resource using at least one of a motion sensor, a human body detection sensor, an infrared sensor, an ultrasonic sensor, and a touch sensor, and providing the usage status information to the controller module,

The gateway module is

A complex IoT device that is physically formed as a separate device, and is coupled to the shared resource at a location capable of monitoring the state of use of the shared resource.
The method according to claim 1,

The locking module is

It is installed in an add-on method in the locking device so that the user must open the locking module based on the permission to use the shared resource to access another locking device previously installed in the shared resource,

The controller module

When the lock module is opened based on the permission to use the shared resource, a key capable of opening the lock device is provided to the user terminal.
A shared resource registration step in which a manager terminal provides information on a shared resource and information on a complex IoT device coupled to the shared resource to a blockchain network through a manager dApp so that the shared resource can be shared;

A use permission acquisition step in which a user terminal requests permission to use the shared resource registered in the blockchain network through a user dApp, and a permission is granted based on a smart contract previously designated by the manager terminal; And

A method for providing a shared service using a complex IoT device comprising a use start step of opening a lock so that the complex IoT device can access the shared resource by determining whether the user terminal has permission to use it.
The method of claim 5,

The shared resource registration step

Providing, by a manager terminal, information on the shared resource and information on the complex IoT device to the blockchain network through a manager dApp; And

Comprising the step of recording the information of the shared resource and the information of the complex IoT device in a block generated by the blockchain network and sharing the block based on a smart contract for an administrator of the blockchain network, a complex IoT device and A method of providing shared services using this.
The method of claim 5,

The step of obtaining the above permission is

When the user terminal requests a search for shared resources recorded in the blockchain distributedly stored in the blockchain network through the user dApp, the dApp for the user searches for shared resources recorded in the blockchain and provides a shared resource. Providing a list of to the user terminal;

Selecting a shared resource from a list of shared resources that can be provided by the user terminal and requesting acquisition of usage rights; And

The smart contract for the administrator of the blockchain network includes determining whether the requested shared resource is available and, if available, recording in the block chain that the user terminal has been granted permission to use it. How to provide shared services.
The method of claim 5,

The above steps to start using

Requesting, by a user terminal, to unlock the complex IoT device based on permission to the blockchain network through the dApp for the user;

Determining whether the composite IoT device is located within a predetermined distance of the user terminal;

When the complex IoT device and the user terminal are located within a predetermined distance, each of the complex IoT device and the user terminal requesting execution of a one-time authentication protocol from the blockchain network;

The blockchain network generating a one-time key according to the one-time authentication protocol and transmitting the generated one-time key to the complex IoT device and the user terminal, respectively;

Comprising the step of opening a lock by determining that the user terminal has permission to use when the one-time key received by the composite IoT device and the one-time key received from the user terminal match. How to provide shared services.
The method of claim 5,

The blockchain network is

A plurality of blocks that store the information necessary for sharing the shared resource, the use record of the shared resource, and information on the administrator or user of the shared resource, and perform at least part of the functions related to the sharing of the shared resource. A complex IoT device including a node and a method of providing a shared service using the same.
The method of claim 5,

The composite IoT device is

A locking module that is coupled to various types of shared resources to physically or electrically open and close the shared resources;

A communication module for transmitting and receiving data to and from a user terminal or a blockchain network; And

A complex IoT device including a controller module that determines whether the user terminal has permission to use the shared resource based on a key received from the blockchain network, and controls to open and close the lock module, and a shared service using the same How to provide.
A data acquisition step of acquiring data from an information source existing outside of the Oracle blockchain network;

A reliability determination step of determining the reliability of the data by verifying whether the information source is trusted;

A parsing step of parsing the data;

A data protection step of providing protection according to the type of data; And

A method for recognizing and providing information outside of a blockchain application, including a storage step of storing the data in a distributed data storage and storing the data storage details in the Oracle blockchain.
The method of claim 11,

A loading step of acquiring data requested from the inside or outside of the Oracle blockchain network from the distributed data storage;

A protection change step of removing or changing the protection given to the requested data;

A reconfiguration step of organizing the requested data in a required format based on the data supply request; And

A method for recognizing and providing information outside of a blockchain application, further comprising a providing step of providing the requested data and storing the data provision details in the Oracle blockchain.
The method of claim 12,

It is determined by searching the data storage details whether the requested data exists in the distributed data storage, and if the requested data exists in the distributed data storage, the loading step is performed, and the requested data A method for recognizing external information and providing information on a blockchain application, further comprising a request determination step of performing the data acquisition step if the is not present in the distributed data storage.
The method of claim 11,

The reliability determination step is

A first determination step of determining whether the information source is trusted using the SSL certificate provided by the information source,

A second determination step of determining whether or not the information source is trusted using domain registration information of the information source obtained through the Whois service based on the domain of the information source, and

Outside the blockchain application, performing at least one of the third judgment steps of determining whether or not the information source is trusted based on the Oracle node voting in the delegated proof-of-stake method for the trust of the information source. How to recognize and provide information.
The method of claim 11,

Blockchain application external information recognition and information, further comprising a source-blacklist adding step of adding the untrusted information source to a source-blacklist when it is determined as an untrusted information source as a result of performing the reliability determination step How to provide.
The method of claim 11,

In order to determine the reliability of a new node that has requested to join the Oracle blockchain network, if the increase per unit time of the new node exceeds the reference value, the joining of the new node is stopped for a predetermined period, and the Oracle block created in the new node. In the presence of an untrusted Oracle node, the joining is blocked and added to the node-blacklist, and if the new node is included in the node-blacklist, the Oracle node reliability determination step is further included. How to recognize and provide information outside the blockchain application.
The method of claim 11,

The Oracle blockchain network consists of a plurality of Oracle nodes,

The Oracle node is

Including an enclave for operating at least a part of the Oracle block chain program code, wherein the Oracle node reliability determination step and the Oracle block generation consensus process are performed within the enclave.
The method of claim 11,

The data protection step

Blockchain application external information recognition and de-identification by anonymizing or deleting information corresponding to personal information from the above data, categorizing or totalizing only necessary data, and encrypting the de-identified data if necessary. How to provide information.