阅读说明：本技术 信息交易方法、信息使用者终端及程序 (Information transaction method, information user terminal, and program ) 是由 西田直央 海上勇二 于 2020-05-13 设计创作，主要内容包括：本公开的信息交易方法包括信息提供者经由认证服务器装置的分布式账本提供信息使用者请求的信息的信息提供阶段。在信息提供阶段,信息提供者终端(100)取得被写入到分布式账本中的第1事务数据,该第1事务数据包含信息使用者终端(200)生成的加密密钥、信息使用者ID、信息提供者ID、以及第2信息目录,该第2信息目录表示由信息提供者在分布式账本中公开的第1信息目录所示的信息中的信息使用者请求的第1信息的目录(S303)。信息提供者终端(100)生成利用加密密钥对由第2信息目录指定的第1信息进行了加密的第1加密信息(S305),生成包含信息提供者ID、信息使用者ID、以及第1加密信息的第2事务数据(S306),发送给认证服务器装置(320)(S307)。(The information transaction method of the present disclosure includes an information providing stage in which an information provider provides information requested by an information user via a distributed ledger of an authentication server apparatus. In the information providing phase, the information provider terminal (100) acquires 1 st transaction data written in the distributed account, the 1 st transaction data including the encryption key generated by the information user terminal (200), the information user ID, the information provider ID, and a 2 nd information directory, the 2 nd information directory representing a directory of 1 st information requested by the information user among information shown in the 1 st information directory disclosed in the distributed account by the information provider (S303). The information provider terminal (100) generates 1 st encrypted information in which 1 st information specified by a 2 nd information directory is encrypted with an encryption key (S305), generates 2 nd transaction data including an information provider ID, an information user ID, and the 1 st encrypted information (S306), and transmits the data to the authentication server device (320) (S307).)

1. An information transaction method of a system including an information provider terminal used by an information provider, an information user terminal used by an information user, and a plurality of authentication server devices capable of communicating with the information provider terminal and the information user terminal via a network,

the method comprises the following steps: an information providing step in which the information provider provides information requested by the information user via distributed accounts of 1 or more authentication server devices among the plurality of authentication server devices,

in the above-mentioned information provision phase,

the information provider terminal acquires 1 st transaction data written in the distributed ledger, the 1 st transaction data including an encryption key generated by the information user terminal, an information user ID that is an identifier uniquely identifying the information user, an information provider ID that is an identifier uniquely identifying the information provider, and a 2 nd information directory indicating a directory of 1 st information requested by the information user among information shown in the 1 st information directory disclosed in the distributed ledger by the information provider,

the information provider terminal generates 1 st encrypted information in which the 1 st information specified by the 2 nd information directory is encrypted by the encryption key,

the information provider terminal generates 2 nd transaction data including the information provider ID, the information user ID, and the 1 st encrypted information,

the information provider terminal transmits the 2 nd transaction data to the 1 or more authentication server devices;

the 1 or more authentication server apparatuses update the distributed ledger after performing the verification of the 2 nd transaction data, and thereby the 2 nd transaction data is written into the distributed ledger.

2. The information transaction method according to claim 1,

further comprising:

an information requesting step of requesting the 1 st information from the information provider via the distributed ledger by the information consumer before the information providing step; and

an information decryption step of, after the information provision step, decrypting the 1 st encrypted information provided by the information provider via the distributed ledger by the information consumer,

in the above-mentioned information request phase,

the information user terminal generates the 1 st transaction data,

the information user terminal transmits the 1 st transaction data to the 1 or more authentication server devices,

the 1 st or more authentication server devices transmit the 1 st transaction data to authentication server devices other than the 1 st or more authentication server devices among the plurality of authentication server devices,

the plurality of authentication server devices update the distributed ledger after performing verification of the 1 st transaction data, thereby writing the 1 st transaction data into the distributed ledger,

in the above-mentioned information decryption phase,

the information user terminal acquires the 2 nd transaction data written in the distributed ledger,

the information user terminal decrypts the 1 st encrypted information included in the acquired 2 nd transaction data with a decryption key different from the encryption key generated by the information user terminal together with the encryption key, thereby acquiring the 1 st information.

3. The information transaction method according to claim 2,

the information provider terminal acquires the 1 st transaction data written in the distributed book based on the information provider ID when acquiring the 1 st transaction data,

the information user terminal acquires the 2 nd transaction data written in the distributed ledger based on the information user ID when acquiring the 2 nd transaction data.

4. The information transaction method according to claim 2,

the authentication server apparatus described above has a transaction data transmission function,

in the information providing stage, when the information provider terminal acquires the 1 st transaction data, the authentication server apparatus transmits the 1 st transaction data written in the distributed ledger to the information user terminal based on the information provider ID, and the information provider terminal acquires the 1 st transaction data,

in the information decryption stage, when the information user terminal acquires the 2 nd transaction data, the authentication server apparatus transmits the 2 nd transaction data written in the distributed ledger to the information user terminal based on the information user ID, and the information user terminal acquires the 2 nd transaction data.

5. The information transaction method according to any one of claims 2 to 4,

the 1 st information directory represents a list of 1 or more pieces of information that can be provided via the distributed book among the pieces of information held by the information providers,

the information transaction method further comprises the following steps: an access right setting step of setting, by the information provider, an access right to each of the 1 or more pieces of information in the list before the information requesting step,

in the above-mentioned access right setting phase,

the information provider terminal generates 3 rd transaction data including the 1 st information list, access right information indicating access rights set for each of the 1 or more pieces of information in the list, a date and time, and a signature of the information provider,

the information provider terminal transmits the 3 rd transaction data to the 1 or more authentication server devices,

the 1 st or more authentication server apparatuses update the distributed ledger after performing the verification of the 3 rd transaction data, and the 3 rd transaction data is written into the distributed ledger, thereby disclosing the 1 st information directory in the distributed ledger.

6. The information transaction method according to claim 5,

in the above-mentioned information request phase,

the information user terminal confirms whether the information user has the access right set for the 1 st information before generating the 1 st transaction data,

when the information user has an access right set to the 1 st information, the information user terminal generates the 1 st transaction data.

7. The information transaction method according to claim 6,

in the above-mentioned information request phase,

the 1 st or more authentication server devices, when acquiring the 1 st transaction data, checks whether or not the information user has an access right set for the 1 st information,

when the information user does not have the access right set for the 1 st information, the 1 or more authentication server devices discard the acquired 1 st transaction data and do not verify the 1 st transaction data.

8. The information transaction method according to any one of claims 5 to 7,

in the above-mentioned access right setting phase,

the information provider terminal further includes hash values calculated for the 1 or more pieces of information in the list in the 3 rd transaction data to generate the 3 rd transaction data,

the 1 or more authentication server apparatuses update the distributed ledger after performing the verification of the 3 rd transaction data, the 3 rd transaction data being written into the distributed ledger to disclose the 1 st information directory and the hash value in the distributed ledger,

in the above-mentioned information decryption stage, further,

the information user terminal obtains the 1 st information by decrypting the 1 st encrypted information, and then calculates the 1 st hash value of the 1 st information,

the information user terminal compares a 2 nd hash value corresponding to the 1 st information among the hash values disclosed in the distributed book with the 1 st hash value.

9. The information transaction method according to claim 8,

comparing the 2 nd hash value with the 1 st hash value, and if the 2 nd hash value is different from the 1 st hash value, the information user terminal regenerates the 1 st transaction data,

the information user terminal transmits the 1 st transaction data generated again to the 1 or more authentication server devices,

the 1 st or more authentication server devices transmit the 1 st transaction data to authentication server devices other than the 1 st or more authentication server devices among the plurality of authentication server devices,

the plurality of authentication server devices update the distributed ledger after performing the verification of the 1 st transaction data, and thereby the 1 st transaction data is written into the distributed ledger.

10. The information transaction method according to any one of claims 2 to 9,

in the above-mentioned information decryption stage, further,

when the 1 st information is acquired, the information user pays a price for the information provider.

11. The information transaction method according to claim 10,

when the information user acquires the 1 st information for a predetermined number of times when paying the consideration, the information user pays the consideration corresponding to the predetermined number of times to the information provider.

12. The information transaction method according to any one of claims 2 to 9,

in the above-mentioned information decryption stage, further,

the information user pays a price corresponding to the 1 st information acquired in the predetermined period to the information provider every predetermined period.

13. The information transaction method according to any one of claims 10 to 12,

when paying the consideration, the information user pays the consideration to the information provider using the smart contract written in the distributed book.

14. The information transaction method according to any one of claims 1 to 13,

the system also comprises an information transaction examination device for examining the information transaction,

the information transaction method also comprises a transaction examination stage of examining the abnormity of the transaction written into the distributed ledger by the information transaction examination device,

in the transaction review stage described above,

the information transaction examination device confirms whether or not there is an abnormality in all the transaction confirmations written in the distributed ledger by confirming the distributed ledger,

and notifying at least one of the information provider and the information user as a party of the 1 st transaction having an abnormality among all the transactions written in the distributed ledger that the 1 st transaction has an abnormality.

15. The information transaction method according to any one of claims 1 to 13,

the system also comprises an information transaction examination device for examining the information transaction,

the information transaction method also comprises a transaction examination stage of examining the abnormity of the transaction written into the distributed ledger by the information transaction examination device,

in the transaction review stage described above,

the information transaction examination device confirms whether or not there is an abnormality in all the transaction confirmations written in the distributed ledger by confirming the distributed ledger,

the information transaction examination device generates 4 th transaction data including information on the 1 st transaction in which an abnormality occurs among all transactions written in the distributed ledger,

the information transaction examination device transmits the 4 th transaction data to the 1 or more authentication server devices,

the 1 or more authentication server apparatuses update the distributed ledger after performing the verification of the 4 th transaction data, thereby writing the 4 th transaction data into the distributed ledger,

at least one of the information provider and the information user who is a party of the 1 st transaction acquires the 4 th transaction data written in the distributed ledger and confirms that the 1 st transaction is abnormal.

16. The information transaction method according to claim 15,

in the transaction review stage described above,

the information transaction examination device generates 5 th transaction data including information on 2 nd transaction which is not abnormal among all transactions written in the distributed ledger,

the information transaction examination device transmits the 5 th transaction data to the 1 or more authentication server devices,

the 1 or more authentication server apparatuses update the distributed ledger after performing the verification of the 5 th transaction data, thereby writing the 5 th transaction data into the distributed ledger,

at least one of the information provider and the information user who is a party of the 2 nd transaction acquires the 5 th transaction data written in the distributed ledger and confirms that the 2 nd transaction is not abnormal.

17. An information transaction method comprising 1 or more information provider terminals used by 1 or more information providers, an information user terminal used by an information user, and a plurality of authentication server devices capable of communicating with the information provider terminals and the information user terminal via a network,

encryption information obtained by encrypting 1 or more pieces of information held by the information provider with an encryption key generated by each of the 1 or more information user terminals and an encryption information ID for uniquely identifying each piece of the encryption information are written in the distributed account book of the plurality of authentication server devices,

the information provider terminal acquires 1 st transaction data written in the distributed ledger, the 1 st transaction data including a 1 st information user ID which is an identifier uniquely identifying a 1 st information user, an information provider ID which is an identifier uniquely identifying the information provider, and a 2 nd information directory indicating a directory of 1 st information requested by the 1 st information user among information shown in the 1 st information directory disclosed in the distributed ledger by the information provider,

the information provider terminal generates 2 nd transaction data including an encryption information ID for identifying 1 st encryption information encrypted with an encryption key generated by an information user terminal of the 1 st information user among 1 or more pieces of encryption information corresponding to the 1 st information specified by the 2 nd information directory, the information provider ID, and the 1 st information user ID,

the information provider terminal transmits the 2 nd transaction data to the 1 or more authentication server devices,

the 1 or more authentication server apparatuses update the distributed ledger after performing the verification of the 2 nd transaction data, and thereby the 2 nd transaction data is written into the distributed ledger.

18. An information user terminal of a system including an information provider terminal used by an information provider, an information user terminal used by an information user, and a plurality of authentication server devices capable of communicating with the information provider terminal and the information user terminal via a network, comprising:

a communication unit that acquires 1 st transaction data written in a distributed account of the authentication server apparatus, the 1 st transaction data including an encryption key generated by the information user terminal, an information user ID that is an identifier that uniquely identifies the information user, an information provider ID that is an identifier that uniquely identifies the information provider, and a 2 nd information directory that indicates a directory of 1 st information requested by the information user among information indicated by the 1 st information directory disclosed by the information provider in the distributed account;

an information encryption unit that generates 1 st encrypted information in which the 1 st information specified by the 2 nd information directory is encrypted by the encryption key; and

a transaction data generating unit for generating 2 nd transaction data including the information provider ID, the information user ID, and the 1 st encryption information,

the communication unit transmits the 2 nd transaction data to 1 or more authentication server devices among the plurality of authentication server devices, thereby causing the 1 or more authentication server devices to write the 2 nd transaction data into the distributed ledger.

19. A program for causing a computer to execute an information transaction method of a system including an information provider terminal used by an information provider, an information user terminal used by an information user, and a plurality of authentication server devices capable of communicating with the information provider terminal and the information user terminal via a network,

the program causes a computer to execute the following information transaction method:

the information transaction method comprises the following steps: an information providing step in which the information provider provides information requested by the information user via distributed accounts of 1 or more authentication server devices among the plurality of authentication server devices,

in the above-mentioned information provision phase,

the information provider terminal acquires 1 st transaction data written in the distributed ledger, the 1 st transaction data including an encryption key generated by the information user terminal, an information user ID that is an identifier uniquely identifying the information user, an information provider ID that is an identifier uniquely identifying the information provider, and a 2 nd information directory indicating a directory of 1 st information requested by the information user among information shown in the 1 st information directory disclosed in the distributed ledger by the information provider,

the information provider terminal generates 1 st encrypted information in which the 1 st information specified by the 2 nd information directory is encrypted by the encryption key,

the information provider terminal generates 2 nd transaction data including the information provider ID, the information user ID, and the 1 st encrypted information,

the information provider terminal transmits the 2 nd transaction data to the 1 or more authentication server devices,

the 1 or more authentication server apparatuses update the distributed ledger after performing the verification of the 2 nd transaction data, and thereby the 2 nd transaction data is written into the distributed ledger.

Technical Field

The present disclosure relates to an information transaction method, an information user terminal, and a program, and more particularly, to an information transaction method for information transaction using a block chain, and an information user terminal and a program used therein.

Background

In recent years, services utilizing blockchains have been proposed by various enterprises.

Here, the block chain is a technique generated from a bitcoin (for example, see non-patent document 1). In the block chain, data units called blocks are generated and linked as a chain to store transaction histories. Therefore, by using a block chain, transaction history (transaction data) is shared and monitored with a Peer-to-Peer (P2P) network in which anyone can participate, thereby ensuring reliability and preventing falsification of data.

For example, as a service for securing a transaction history using a blockchain, a service for transacting information via a blockchain, such as a service in which an information provider registers information in a blockchain and a user acquires the registered information via the blockchain, may be considered.

Documents of the prior art

Non-patent document

Non-patent document 1: satoshi Nakamoto, "Bitcoin: a Peer-to-Peer Electronic Cash System ", (https:// bitcoin. org/bitcoin. pdf)

Non-patent document 2: ronald Linn Rivest and other 2, "A Method for organizing Digital Signatures and Public-Key cryptography", (https:// peer. csail.mit.edu/Rivest/Rsapaper. pdf)

Non-patent document 3: neal Koblitz, "Elliptic current cryptosystems", (https:// www.ams.org/journals/mcom/1987-48-177/S0025-5718-

Disclosure of Invention

Problems to be solved by the invention

However, when the information provider registers information in the block chain, since the information registered in the block chain is public information, it is possible to acquire information without leaving history for any user. Therefore, a technique for making it impossible to acquire information without leaving history on a block chain is desired.

The present disclosure has been made in view of the above circumstances, and an object thereof is to provide an information transaction method and the like in which information cannot be acquired without leaving a history on a block chain.

Means for solving the problems

In order to solve the above problem, an information transaction method according to an aspect of the present disclosure is an information transaction method of a system including an information provider terminal used by an information provider, an information user terminal used by an information user, and a plurality of authentication server devices capable of communicating with the information provider terminal and the information user terminal via a network, the information transaction method including: an information providing step in which the information provider provides information requested by the information user via a distributed account book of 1 or more authentication server devices among the plurality of authentication server devices, wherein in the information providing step, the information provider terminal acquires 1 st transaction data written in the distributed account book, the 1 st transaction data including an encryption key generated by the information user terminal, an information user ID that is an identifier for uniquely identifying the information user, an information provider ID that is an identifier for uniquely identifying the information provider, and a 2 nd information directory, the 2 nd information directory indicating a directory of 1 st information requested by the information user among information shown in a 1 st information directory disclosed in the distributed account book by the information provider, and the information provider terminal generates the 1 st information specified by the 2 nd information directory using the encryption key Encrypted 1 st encrypted information, the information provider terminal generating 2 nd transaction data including the information provider ID, the information user ID, and the 1 st encrypted information, the information provider terminal transmitting the 2 nd transaction data to the 1 or more authentication server devices, the 1 or more authentication server devices updating the distributed ledger after performing verification of the 2 nd transaction data, and the 2 nd transaction data being written into the distributed ledger.

These general and specific technical aspects may be implemented by a system, a method, an integrated circuit, a computer program, a computer-readable recording medium such as a CD-ROM, or any combination of a system, a method, an integrated circuit, a computer program, and a recording medium.

Effects of the invention

According to the information transaction method and the like of the present disclosure, it is possible to make it impossible to acquire information without leaving a history on a block chain.

Drawings

Fig. 1 is a diagram schematically showing the overall configuration of an information transaction system according to an embodiment.

Fig. 2 is a diagram showing an example of a functional configuration of the information provider terminal according to the embodiment.

Fig. 3A is a diagram conceptually showing an example of the data structure of the 3 rd transaction data according to the embodiment.

Fig. 3B is a diagram conceptually showing an example of the data structure of the 3 rd transaction data according to the embodiment.

Fig. 4 conceptually shows an example of the data structure of the transaction data item 2 according to the embodiment.

Fig. 5 is a diagram showing an example of a functional configuration of an information user terminal according to the embodiment.

Fig. 6 is a diagram conceptually showing an example of the data structure of the 1 st transaction data according to the embodiment.

Fig. 7 is a diagram showing an example of a functional configuration of the authentication server device according to the embodiment.

Fig. 8 is an explanatory diagram showing a data structure of a block chain.

Fig. 9 is a diagram showing an example of a functional configuration of the information transaction examination apparatus according to the embodiment.

Fig. 10 is a sequence diagram showing an example of the operation in the access right setting stage according to the embodiment.

Fig. 11 is a sequence diagram showing an example of an operation at an information request stage according to the embodiment.

Fig. 12 is a sequence diagram showing an example of the operation at the information providing stage according to the embodiment.

Fig. 13 is a sequence diagram showing an example of the operation of the information decryption stage according to the embodiment.

Fig. 14 is a diagram showing an example of a functional configuration of the information transaction examination apparatus according to modification 1.

Fig. 15 is a sequence diagram showing an example of the operation in the transaction audit phase according to modification 1.

Fig. 16 is a diagram showing an example of a functional configuration of the information provider terminal according to modification 2.

Fig. 17 is a diagram showing an example of a functional configuration of an information user terminal according to modification 2.

Fig. 18 is a sequence diagram showing an example of the operation in the access right setting stage according to modification 2.

Fig. 19 is a sequence diagram showing an example of the operation at the information decryption stage according to modification 2.

Fig. 20 is a sequence diagram showing an example of the operation in the consideration payment stage according to modification 3.

Fig. 21 is a sequence diagram showing an example of the operation of the smart contract setting stage according to modification 4.

Fig. 22 is a sequence diagram showing an example of the operation at the information decryption stage according to modification 4.

Detailed Description

(recognition as a basis for the present disclosure)

As a service using a block chain, for example, a service that secures a transaction history by transacting information held by an individual or an organization via the block chain is conceivable.

In this case, the information provider registers, for example, information held by the information provider, such as its Web browsing history or purchase history, in the block chain. On the other hand, a user who wants to use the information acquires the information via the block chain and leaves the acquisition history in the block chain. In this way, by trading information via the block chain, a third party can check the information using the trade history left in the block chain, and therefore, the user and the information provider cannot actually do no trading of information or pretend to have a trade despite no actual trading, and thus the trade history can be secured.

However, when the information provider registers information in the block chain, the information registered in the block chain is public information, and therefore, it is possible to acquire information without leaving history for any user. That is, a malicious user can perform an unauthorized act of acquiring information via the block chain without leaving acquisition history in the block chain.

Therefore, a technique for making it impossible to acquire information without leaving history on a block chain is desired.

In order to solve the above-described problems, an information transaction method according to an aspect of the present disclosure is an information transaction method for a system including an information provider terminal used by an information provider, an information user terminal used by an information user, and a plurality of authentication server devices capable of communicating with the information provider terminal and the information user terminal via a network, the information transaction method including: an information providing step in which the information provider provides information requested by the information user via a distributed account book of 1 or more authentication server devices among the plurality of authentication server devices, wherein in the information providing step, the information provider terminal acquires 1 st transaction data written in the distributed account book, the 1 st transaction data including an encryption key generated by the information user terminal, an information user ID that is an identifier for uniquely identifying the information user, an information provider ID that is an identifier for uniquely identifying the information provider, and a 2 nd information directory, the 2 nd information directory indicating a directory of 1 st information requested by the information user among information shown in a 1 st information directory disclosed in the distributed account book by the information provider, and the information provider terminal generates the 1 st information specified by the 2 nd information directory using the encryption key Encrypted 1 st encrypted information, the information provider terminal generating 2 nd transaction data including the information provider ID, the information user ID, and the 1 st encrypted information, the information provider terminal transmitting the 2 nd transaction data to the 1 or more authentication server devices, the 1 or more authentication server devices updating the distributed ledger after performing verification of the 2 nd transaction data, and the 2 nd transaction data being written into the distributed ledger.

This makes it possible to prevent information from being acquired without leaving a history on the block chain.

Further, the present invention may further include: an information requesting step of requesting the 1 st information from the information provider via the distributed ledger by the information consumer before the information providing step; and an information decryption step in which the information user decrypts the 1 st encrypted information provided by the information provider via the distributed ledger after the information provision step, the information user terminal generates the 1 st transaction data, the information user terminal transmits the 1 st transaction data to the 1 or more authentication server apparatuses, the 1 or more authentication server apparatuses transmit the 1 st transaction data to authentication server apparatuses other than the 1 or more authentication server apparatuses among the plurality of authentication server apparatuses, the plurality of authentication server apparatuses update the distributed ledger after performing verification of the 1 st transaction data, and the 1 st transaction data is written in the distributed ledger, in the information decryption step, the information user terminal acquires the 2 nd transaction data written in the distributed ledger, and the information user terminal decrypts the 1 st encrypted information included in the acquired 2 nd transaction data with a decryption key different from the encryption key generated by the information user terminal together with the encryption key, thereby acquiring the 1 st information.

Further, the information provider terminal may acquire the 1 st transaction data written in the distributed ledger based on the information provider ID when acquiring the 1 st transaction data, and the information user terminal may acquire the 2 nd transaction data written in the distributed ledger based on the information user ID when acquiring the 2 nd transaction data.

In addition, the authentication server device may have a transaction data transmission function, and in the information providing stage, when the information provider terminal acquires the 1 st transaction data, the authentication server device may transmit the 1 st transaction data written in the distributed ledger to the information user terminal based on the information provider ID, so that the information provider terminal acquires the 1 st transaction data, and in the information decrypting stage, when the information user terminal acquires the 2 nd transaction data, the authentication server device may transmit the 2 nd transaction data written in the distributed ledger to the information user terminal based on the information user ID, so that the information user terminal acquires the 2 nd transaction data.

Further, the 1 st information list may indicate a list of 1 or more pieces of information that can be provided via the distributed book among the pieces of information held by the information providers, and the information transaction method may further include: an access right setting step of setting, by the information provider, an access right to each of the 1 or more pieces of information in the list before the information requesting step, wherein the information provider terminal generates 3 rd transaction data, the 3 rd transaction data includes the 1 st information list, access right information indicating access rights set for each of the 1 or more pieces of information in the list, a date and time, and a signature of the information provider, the information provider terminal transmits the 3 rd transaction data to the 1 or more authentication server devices, the 1 or more authentication server apparatuses update the distributed ledger after performing the verification of the 3 rd transaction data, the 3 rd transaction data is written into the distributed ledger, thereby disclosing the 1 st information directory in the distributed ledger.

In the information requesting phase, the information user terminal may check whether the information user has an access right set to the 1 st information before generating the 1 st transaction data, and the information user terminal may generate the 1 st transaction data when the information user has an access right set to the 1 st information.

In the information requesting phase, the 1 or more authentication server devices may check whether or not the information user has an access right set to the 1 st information when the 1 st transaction data is acquired, and in a case where the information user does not have an access right set to the 1 st information, the 1 or more authentication server devices may discard the acquired 1 st transaction data and not verify the 1 st transaction data.

In the access right setting step, the information provider terminal may further include hash values calculated for the 1 or more pieces of information in the list in the 3 rd transaction data to generate the 3 rd transaction data, the 1 or more authentication server devices may update the distributed book after the 3 rd transaction data is verified, the 3 rd transaction data may be written in the distributed book to disclose the 1 st information directory and the hash values in the distributed book, the information user terminal may further calculate a 1 st hash value of the 1 st information after acquiring the 1 st information by decrypting the 1 st encrypted information in the information decryption step, and the information user terminal may compare a 2 nd hash value corresponding to the 1 st information among the hash values disclosed in the distributed book with the 1 st hash value to generate the 3 rd transaction data Then the obtained product is obtained.

Further, when the 2 nd hash value is compared with the 1 st hash value and the 2 nd hash value is different from the 1 st hash value, the information user terminal may regenerate the 1 st transaction data, the information user terminal may transmit the 1 st transaction data regenerated by the information user terminal to the 1 or more authentication server apparatuses, the 1 or more authentication server apparatuses may transmit the 1 st transaction data to an authentication server apparatus other than the 1 or more authentication server apparatuses among the plurality of authentication server apparatuses, and the plurality of authentication server apparatuses may update the ledger after performing verification of the 1 st transaction data, so that the 1 st transaction data may be written in the ledger.

In the information decryption stage, when the 1 st information is acquired, the information user may pay a price to the information provider.

In addition, when the information user acquires the 1 st information a predetermined number of times at the time of paying the price, the information user may pay the price corresponding to the predetermined number of times to the information provider.

In the information decryption stage, the information user may pay the information provider a price corresponding to the 1 st information acquired in the predetermined period for each predetermined period.

In addition, when paying the consideration, the information user may pay the consideration to the information provider using an intelligent contract written in the distributed book.

In addition, the system may further include an information transaction auditing device that audits an information transaction, and the information transaction method may further include a transaction auditing step in which the information transaction auditing device audits an abnormality of a transaction written in the distributed ledger, and in the transaction auditing step, the information transaction auditing device may confirm whether or not there is an abnormality in all transactions written in the distributed ledger by confirming the distributed ledger, and may notify at least one of the information provider and the information user that is a party of a 1 st transaction having an abnormality among all transactions written in the distributed ledger that there is an abnormality that the 1 st transaction has an abnormality.

Further, the system may further include an information transaction examination device that examines an information transaction, wherein the information transaction method further includes a transaction examination stage in which the information transaction examination device examines an abnormality of a transaction written in the distributed ledger, and in the transaction examination stage, the information transaction examination device confirms whether or not there is an abnormality in all transactions written in the distributed ledger by confirming the distributed ledger, and the information transaction examination device may generate 4 th transaction data including information related to a 1 st transaction having an abnormality among all transactions written in the distributed ledger, the information transaction examination device may transmit the 4 th transaction data to the 1 or more authentication server devices, and the 1 or more authentication server devices may update the distributed ledger after performing verification of the 4 th transaction data, accordingly, the 4 th transaction data is written in the distributed ledger, and at least one of the information provider and the information user who is a party of the 1 st transaction acquires the 4 th transaction data written in the distributed ledger, and confirms that there is an abnormality in the 1 st transaction.

In the transaction audit phase, the information transaction audit device may generate 5 th transaction data including information on a 2 nd transaction having no abnormality among all transactions written in the distributed ledger, the information transaction audit device may transmit the 5 th transaction data to the 1 or more authentication server devices, the 1 or more authentication server devices may update the distributed ledger after verifying the 5 th transaction data, the 5 th transaction data may be written in the distributed ledger, and at least one of the information provider and the information user who is a party of the 2 nd transaction may acquire the 5 th transaction data written in the distributed ledger to confirm that the 2 nd transaction has no abnormality.

An information transaction method according to an aspect of the present disclosure is an information transaction method including 1 or more information provider terminals used by 1 or more information providers, an information user terminal used by an information user, and a plurality of authentication server devices capable of communicating with the information provider terminal and the information user terminal via a network, wherein encrypted information obtained by encrypting 1 or more pieces of information held by the information providers using encryption keys generated by the 1 or more information user terminals, and an encryption information ID for uniquely identifying each piece of the encrypted information are written in a distributed ledger of the plurality of authentication server devices, the information provider terminal acquires 1 st transaction data written in the distributed ledger, and the 1 st transaction data includes a 1 st information user ID that is an identifier for uniquely identifying a 1 st information user, An information provider ID that is an identifier for uniquely identifying the information provider, and a 2 nd information directory that indicates a directory of 1 st information requested by the 1 st information user among information shown by a 1 st information directory disclosed in the distributed book by the information provider, wherein the information provider terminal generates 2 nd transaction data including an encrypted information ID for identifying 1 st encrypted information encrypted with an encryption key generated by an information user terminal of the 1 st information user among 1 or more encrypted information corresponding to the 1 st information specified by the 2 nd information directory, the information provider terminal transmits the 2 nd transaction data to the 1 or more authentication server devices, the 1 or more authentication server apparatuses update the distributed ledger after performing the verification of the 2 nd transaction data, and thereby the 2 nd transaction data is written into the distributed ledger.

Further, an information user terminal according to an aspect of the present disclosure is an information user terminal of a system including an information provider terminal used by an information provider, an information user terminal used by an information user, and a plurality of authentication server devices capable of communicating with the information provider terminal and the information user terminal via a network, the information user terminal including: a communication unit that acquires 1 st transaction data written in a distributed account of the authentication server apparatus, the 1 st transaction data including an encryption key generated by the information user terminal, an information user ID that is an identifier that uniquely identifies the information user, an information provider ID that is an identifier that uniquely identifies the information provider, and a 2 nd information directory that indicates a directory of 1 st information requested by the information user among information indicated by the 1 st information directory disclosed by the information provider in the distributed account; an information encryption unit that generates 1 st encrypted information in which the 1 st information specified by the 2 nd information directory is encrypted by the encryption key; and a transaction data generating unit that generates 2 nd transaction data including the information provider ID, the information user ID, and the 1 st encryption information, wherein the communication unit causes the 1 or more authentication server devices to write the 2 nd transaction data into the distributed ledger by transmitting the 2 nd transaction data to 1 or more authentication server devices among the plurality of authentication server devices.

Hereinafter, embodiments will be described with reference to the drawings. The embodiments described below all show preferred specific examples of the present disclosure. In other words, the numerical values, shapes, materials, constituent elements, arrangement and connection forms of the constituent elements, steps, order of the steps, and the like shown in the following embodiments are examples, and do not limit the present disclosure. The present disclosure is determined based on the description of the claims. Therefore, among the constituent elements of the following embodiments, constituent elements that are not described in the independent claims representing the uppermost concept are not necessarily required to achieve the object of the present disclosure, but are described as constituent elements constituting a more preferable form. The drawings described below are not necessarily strictly illustrated. In the drawings, substantially the same components are denoted by the same reference numerals, and redundant description may be omitted or simplified.

(embodiment mode)

Hereinafter, an information transaction system according to the present embodiment will be described with reference to the drawings.

[1. construction of information transaction System ]

In the information transaction system relating to the present disclosure, the information provider obtains, via the distributed book, the catalog of information requested by the information user and the encryption key provided from the information user. The information provider provides the encrypted information, which is obtained by encrypting the information requested by the information user using the acquired encryption key, to the information user via the distributed account book. This makes it possible for the information user to not obtain information provided by the information provider without leaving a history on the block chain.

[1.1 Overall configuration of information transaction method ]

Fig. 1 is a diagram schematically showing the overall configuration of an information transaction system according to the present embodiment.

As shown in fig. 1, the information transaction system according to the present embodiment includes an information provider terminal 100, an information user terminal 200, 3 authentication server devices 300, 310, and 320, and an information transaction auditing device 400. They are communicatively connected. Any communication may be used as long as the communication is wired, such as internet line, wireless communication, and private communication. Further, their communication may not be real-time communication. For example, the information user terminal 200 may collect transaction data to some extent and transmit the transaction data to the plurality of authentication server devices 300, 310, and 320 at the same time.

Fig. 1 shows an example in which the information transaction system according to the present embodiment includes 1 information provider terminal 100, 1 information user terminal 200, and 3 authentication server devices 300, but the present invention is not limited to this. That is, the information transaction system according to the present embodiment may include two or more information provider terminals 100, or two or more information user terminals 200. The information transaction system according to the present embodiment may include 1 or more authentication server devices 300, or may include 4 or more authentication server devices.

[1.2 information provider terminal 100]

The information provider terminal 100 is a terminal used by an information provider for providing information held by the information provider via a block chain. The information provider may be, for example, an individual or an organization such as a business. The information provider terminal 100 may be a personal computer, or may be a mobile terminal such as a smartphone or a tablet computer. The information provider terminal 100 provides the encrypted information, in which the information requested by the information consumer is encrypted using the encryption key provided from the information consumer via the distributed ledger, to the information consumer via the distributed ledger.

Fig. 2 is a diagram showing an example of a functional configuration of the information provider terminal 100 according to the present embodiment.

The information provider terminal 100 includes a processor, a memory storing a program for causing the processor to execute predetermined processing, a communication interface, and the like. That is, the information provider terminal 100 is realized by executing a prescribed program by a processor using a memory.

In the present embodiment, as shown in fig. 2, the information provider terminal 100 includes an owned information storage unit 101, a public information selection unit 102, an access right setting unit 103, a transaction data request unit 104, an information encryption unit 105, a transaction data generation unit 106, and a communication unit 107. Hereinafter, each constituent element will be described.

[1.2.1 holding information storage 101]

The held information storage unit 101 stores information held by an information provider. For example, in the case where the information provider is an individual, the information held by the information provider includes the name, the year, month, day, address, interest, purchase history, Web browsing history, information obtained from a biosensor, and the like of the information provider.

[1.2.2 public information selector 102]

The public information selection unit 102 selects 1 or more pieces of information that can be provided via the distributed book among the pieces of information held by the information provider. In the present embodiment, the public information selecting unit 102 includes an interface for receiving an input from an information provider. The public information selecting unit 102 displays, for example, a list (also referred to as a directory) of a plurality of pieces of information stored in the held information storage unit 101 through an interface, and selects 1 or more pieces of information that can be disclosed via the block chain from the displayed list. The public information selecting unit 102 creates a 1 st publicly available information list indicating a list of the selected 1 or more pieces of information. In addition, the 1 st information list indicates the names and IDs of 1 or more pieces of information.

[1.2.3 Access rights setting section 103]

The access right setting unit 103 sets access rights to 1 or more pieces of information in the 1 st information list (list of 1 or more pieces of information) that may be disclosed via the block chain.

In the present embodiment, the access right setting unit 103 sets access rights indicating what kind of information the user can access to each of 1 or more pieces of information shown in the 1 st information list selected by the public information selecting unit 102.

The access right may be set for each information user or for each attribute of the information user. Here, the attribute of the information user is, for example, a work place, nationality, sex, age, or the like of the information user. The access right may be set for 1 or more pieces of information indicated in the 1 st information list, or may be set for each of the 1 or more pieces of information by previously classifying the information. The access right may be set for all of 1 or more pieces of information shown in the 1 st information list.

The access right setting unit 103 also transmits the 1 st information list selected by the public information selecting unit 102 and access right information indicating access rights set for each of the 1 st or more pieces of information shown in the 1 st information list to the transaction data generating unit 106.

[1.2.4 transaction data request section 104]

The transaction data requesting unit 104 requests, via the communication unit 107, at least 1 of the authentication server devices 300, 310, and 320, transaction data that is registered in the blockchain, that is, written in the distributed ledger.

Here, the transaction data requested by the transaction data requesting unit 104 may be all transaction data recorded in the distributed ledger, or may be only transaction data newly recorded from the time of the previous request. The transaction data requested by the transaction data requesting unit 104 may be transaction data related to itself, such as transaction data indicating a request for the information indicated in the disclosed 1 st information directory.

When transaction data (hereinafter, referred to as "1 st transaction data") requesting information on the transaction data requesting unit 104 is acquired via the communication unit 107, the acquired 1 st transaction data is transmitted to the information encryption unit 105. In the present embodiment, the acquired 1 st transaction data includes the encryption key generated by the information user terminal 200, the information user ID, the information provider ID, and the 2 nd information directory indicating the directory of the 1 st information requested by the information user among the information shown in the 1 st information directory disclosed in the distributed account book. The information user ID is an identifier that uniquely identifies the information user, and the information provider ID is an identifier that uniquely identifies the information provider.

The transaction data requesting unit 104 may acquire the 1 st transaction data based on the information provider ID. More specifically, the transaction data requesting unit 104 can acquire the 1 st transaction data by specifying the 1 st transaction data including the information provider ID from among the plurality of transaction data written in the distributed ledger.

The transaction data requesting unit 104 may request the 1 st transaction data including the information provider ID from at least 1 authentication server device among the authentication server devices 300, 310, and 320 via the communication unit 107. Thus, if there is the 1 st transaction data written in the distributed ledger, it is possible to cause at least 1 of the authentication server apparatuses 300, 310, and 320 to transmit the 1 st transaction data to the transaction data requesting section 104. Thereby, the transaction data requesting unit 104 can acquire the 1 st transaction data.

[1.2.5 information encryption section 105]

The information encryption unit 105 generates 1 st encrypted information in which the 1 st information specified by the 2 nd information list included in the 1 st transaction data is encrypted by the encryption key included in the 1 st transaction data.

In the present embodiment, the information encryption unit 105 refers to the 2 nd information list included in the 1 st transaction data transmitted from the transaction data requesting unit 104, and acquires the 1 st information requested by the information user from the held information storage unit 101. The information encryption unit 105 generates 1 st encrypted information in which the acquired 1 st information is encrypted using an encryption key included in the 1 st transaction data transmitted from the transaction data request unit 104. The information encryption unit 105 transmits the generated 1 st encrypted information to the transaction data generation unit 106.

[1.2.6 transaction data generating section 106]

The transaction data generating unit 106 generates transaction data (hereinafter, referred to as 3 rd transaction data) including the 1 st information list and the access right information transmitted from the access right setting unit 103. More specifically, the transaction data generating unit 106 generates 3 rd transaction data including the 1 st information list, access right information indicating access rights set for 1 or more pieces of information in the list indicated in the 1 st information list, the date and time, and the signature of the information provider.

Fig. 3A and 3B conceptually show an example of the data structure of the 3 rd transaction data according to the present embodiment. Fig. 3A shows an example in which the 3 rd transaction data includes an information provider ID, a 1 st information directory, access right information, and a signature of an information provider. Specifically, fig. 3A shows an example of a data structure for allowing the information provider indicated by the information provider ID of P001 to provide the 3 rd transaction data, such as the age, sex, and purchase history of P001 indicated as the 1 st information directory, via a block chain (distributed book).

More specifically, fig. 3A shows an example of setting the access right corresponding to the age, sex, and purchase history for each information user as the access right information. In the example shown in fig. 3A, the access right indicating that the information user indicated by the information user ID of U001, U002, and U003 can access is set for the age. Similarly, the access right to which the information user indicated by the information user ID of U002 can access is set for the gender, and the access right to which the information user indicated by the information user ID of U001 can access is set for the purchase history. Fig. 3B shows an example of setting the access right indicated by the access right information according to the attribute of the information user, and the rest of the description is the same as that in fig. 3A.

The transaction data generation unit 106 generates transaction data (hereinafter, referred to as "2 nd transaction data") including the 1 st encrypted information transmitted from the information encryption unit 105. More specifically, the transaction data generating unit 106 generates the 2 nd transaction data including the information provider ID, the information user ID, and the 1 st encryption information.

Fig. 4 is a diagram conceptually showing an example of the data structure of the 2 nd transaction data according to the present embodiment. Fig. 4 shows an example in which the transaction data item 2 includes an information user ID, an information provider ID, provided information, and a signature of an information provider. Specifically, fig. 4 shows an example of the data structure of the 2 nd transaction data for providing information to the information consumer indicated by the information consumer ID of U001 via the block chain (distributed book) using the 1 st encryption information by the information provider indicated by the information provider ID of P001. More specifically, fig. 4 shows an example in which information indicating age and information indicating a purchase history are encrypted as the provided information included in the 2 nd transaction data.

When the 1 st transaction data or the 2 nd transaction data is generated, the transaction data generation unit 106 transmits the generated data to at least 1 of the authentication server devices 300, 310, and 320 via the communication unit 107.

[1.2.7 communication section 107]

The communication unit 107 transmits the 2 nd transaction data or the 3 rd transaction data generated by the transaction data generation unit 106 to 1 or more authentication servers.

In the present embodiment, the communication unit 107 transmits the transaction data generated by the transaction data generation unit 106 to 1 or more of the authentication server devices 300, 310, and 320. Further, the communication unit 107 requests at least 1 authentication server device out of the authentication server devices 300, 310, and 320 for transaction data in accordance with the request of the transaction data requesting unit 104, and transmits the acquired transaction data to the transaction data requesting unit 104.

[1.3 information user terminal 200]

Next, the information user terminal 200 will be explained.

The information user terminal 200 is used by an information user to acquire information that the information user wants to use from information shown in the 1 st information list disclosed by an information provider through a block chain. The information user may be, for example, an individual or an organization such as a business. The information user terminal 200 may be a personal computer, or may be a mobile terminal such as a smartphone or a tablet computer.

The information user terminal 200 selects information that the information user wants to use from the information shown in the 1 st information directory that the information provider discloses via the blockchain, requests the selected information from the information provider via the blockchain, and provides the generated encryption key. The information user terminal 200 decrypts the encrypted requested information provided by the information provider via the block chain, and acquires the requested information.

Fig. 5 is a diagram showing an example of a functional configuration of the information user terminal 200 according to the present embodiment.

The information user terminal 200 includes a processor, a memory storing a program for causing the processor to execute predetermined processing, a communication interface, and the like. That is, the information user terminal 200 is realized by executing a predetermined program by a processor using a memory.

In the present embodiment, as shown in fig. 5, the information user terminal 200 includes an encryption key generation unit 201, an encryption key storage unit 202, a request information selection unit 203, a transaction data generation unit 204, a transaction data request unit 205, an encryption information decryption unit 206, and a communication unit 207. Hereinafter, each constituent element will be described.

[1.3.1 encryption key generation section 201]

The encryption key generation unit 201 generates an encryption key to be used when the information requested by the information user is delivered, and transmits the generated encryption key to the encryption key storage unit 202.

Here, the encryption key generated by the encryption key generation unit 201 is, for example, a public key and a secret key, but is not limited thereto. The encryption key generated by the encryption key generation unit 201 may be any encryption key different from the encryption key for encryption and the encryption key for decryption (hereinafter referred to as an encryption key and a decryption key).

The public key and the secret key may be generated using, for example, the RSA cipher described in non-patent document 2, or may be generated using the elliptic Elgamal cipher described in non-patent document 3. The public key may be generated only once when the information consumer activates the information consumer terminal 200, and only one generated public key may be used later. Note that the public key may be generated every time the transaction data generation unit 204 generates the transaction data.

[1.3.2 encryption Key storage section 202]

The encryption key storage unit 202 stores the encryption key and the decryption key generated by the encryption key generation unit 201, such as the public key and the secret key.

When the transaction data generation unit 204 generates transaction data (i.e., the 1 st transaction data) requesting information from the information provider, the encryption key storage unit 202 transmits an encryption key such as a public key to the transaction data generation unit 204. When the encrypted information decryption unit 206 decrypts the 1 st encrypted information, the encrypted key storage unit 202 transmits a decryption key such as a secret key to the encrypted information decryption unit 206.

[1.3.3 request information selecting section 203]

The request information selection unit 203 selects the 2 nd information directory, which is a directory of the 1 st information requested by the information user for use, among the information indicated by the 1 st information directory disclosed in the distributed account book by the information provider. In the present embodiment, the request information selection unit 203 may include an interface for receiving an input from an information user. The request information selection unit 203 displays, for example, the 1 st information list, which is a list of information disclosed in the distributed book by the information provider, through an interface, and the information user selects the 2 nd information list, which is a list of 1 or more pieces of information to be used, from among the information shown in the 1 st information list.

The request information selecting unit 203 acquires the 1 st information directory disclosed in the distributed ledger by the information provider from the block chain, that is, the distributed ledger. More specifically, the request information selection unit 203 can acquire the 1 st information directory by requesting transaction data including the 1 st information directory written in the distributed ledger from at least 1 of the authentication server devices 300, 310, and 320 via the communication unit 207.

The request information selecting unit 203 transmits the selected 2 nd information list to the transaction data generating unit 204.

[1.3.4 transaction data generating section 204]

The transaction data generation unit 204 generates transaction data (i.e., 1 st transaction data) including the 2 nd information list transmitted from the request information selection unit 203 and the encryption key (e.g., public key) transmitted from the encryption key storage unit 202. More specifically, the transaction data generation unit 204 generates 1 st transaction data of a 2 nd information directory including an encryption key such as a public key, an information user ID, an information provider ID, and a directory indicating 1 st information requested by an information user among information indicated in a 1 st information directory disclosed in the distributed account book. Here, the 2 nd information list is a list of 1 or more pieces of information composed of the names of 1 or more pieces of information and their IDs that the information user wants to use.

Fig. 6 is a diagram conceptually showing an example of the data structure of the 1 st transaction data according to the present embodiment. Fig. 6 shows an example in which the 1 st transaction data includes an information user ID, an information provider ID, request information, an encryption key, and a signature of an information user. That is, fig. 6 shows an example of the data structure of the 1 st transaction data including the encryption key together with request information for requesting information to be used by the information consumer indicated by the information consumer ID of U001 to the information provider indicated by the information provider ID of P001 via the distributed book. More specifically, fig. 6 shows an example of a case where the request information included in the 1 st transaction data is information indicating an age and information indicating a purchase history.

When the 1 st transaction data is generated, the transaction data generation unit 204 transmits the generated 1 st transaction data to at least 1 of the authentication server devices 300, 310, and 320 via the communication unit 207.

[1.3.5 transaction data request section 205]

The transaction data requesting unit 205 acquires the 2 nd transaction data written in the distributed ledger from at least 1 of the authentication server apparatuses 300, 310, and 320 via the communication unit 207.

Here, the transaction data requesting unit 205 may request, via the communication unit 207, the 2 nd transaction data including the information user ID and including the 1 st encrypted information generated by the information provider, from at least 1 of the authentication server devices 300, 310, and 320. Thus, if there is the 2 nd transaction data written in the distributed ledger, at least 1 of the authentication server apparatuses 300, 310, and 320 can be caused to transmit the 2 nd transaction data to the transaction data requesting section 205. Thereby, the transaction data requesting unit 205 can acquire the 2 nd transaction data.

The transaction data requesting unit 205 may acquire the 2 nd transaction data based on the information provider ID. More specifically, the transaction data requesting unit 205 may obtain the 2 nd transaction data by specifying the 2 nd transaction data including the information user ID and the 1 st encryption information generated by the information provider from among the plurality of transaction data written in the distributed ledger.

When the transaction data request unit 205 acquires the 2 nd transaction data written in the distributed ledger, it transmits the 1 st encryption information included in the 2 nd transaction data to the encryption information decryption unit 206.

[1.3.6 encrypted information decryption section 206]

The encrypted information decryption unit 206 decrypts the encrypted information included in the 2 nd transaction data with a decryption key different from the encryption key, which is generated by the encryption key generation unit 201 together with the encryption key, to obtain the 1 st information. The decryption key may be a secret key as described above, and stored in the encryption key storage unit 202. That is, the encrypted information decryption unit 206 may decrypt the encrypted information included in the 2 nd transaction data with the secret key stored in the encrypted key storage unit 202.

[1.3.7 communication section 207]

The communication unit 207 transmits the 1 st transaction data generated by the transaction data generation unit 204 to 1 or more authentication servers. In the present embodiment, the communication unit 207 transmits the 1 st transaction data generated by the transaction data generation unit 204 to 1 or more of the authentication server devices 300, 310, and 320 and the information provider terminal 100.

Further, the communication unit 207 requests the 2 nd transaction data or the latest distributed ledger from at least 1 of the authentication server apparatuses 300, 310, and 320 in accordance with the request of the transaction data request unit 205. The communication unit 207 transmits the 2 nd transaction data or the latest distributed ledger acquired from the at least 1 authentication server apparatus to the transaction data requesting unit 205.

[1.4 authentication Server 300]

Next, the authentication server 300 and the like will be described.

As shown in fig. 1, the authentication server devices 300, 310, and 320 are cloud servers, for example, and can communicate with the information provider terminal 100 and the information user terminal 200 via a network. In addition, the information transaction system according to the present disclosure may include 1 or more authentication server devices. Since the authentication server apparatuses 300, 310, and 320 have the same configuration, the authentication server apparatus 300 will be described below as an example.

The authentication server 300 verifies the transaction data acquired from the information provider terminal 100 and the information user terminal 200, updates the distributed ledger, and registers the transaction data in the blockchain. In response to the request, the authentication server 300 transmits the latest account book or the requested transaction data to the information provider terminal 100 and the information user terminal 200.

Fig. 7 is a diagram showing an example of a functional configuration of the authentication server device 300 according to the present embodiment.

The authentication server apparatus 300 can be realized by executing a prescribed program by a processor using a memory. In the present embodiment, the authentication server device 300 includes, as shown in fig. 7, a transaction data storage unit 301, a transaction data verification unit 302, a ledger update unit 303, and a communication unit 304. Hereinafter, each constituent element will be described.

[1.4.1 transaction data holding section 301]

The transaction data storage unit 301 functions as a transaction pool of transaction data of the pool block chain that has not yet been verified.

In the present embodiment, the transaction data storage unit 301 stores and temporarily holds the 2 nd transaction data or the 3 rd transaction data acquired from the information provider terminal 100. The transaction data storage unit 301 also stores the 1 st transaction data acquired from the information user terminal 200.

[1.4.2 transaction data verification section 302]

The transaction data verification unit 302 verifies the validity of the transaction data acquired from the information provider terminal 100 or the information user terminal 200. For example, the transaction data verification unit 302 verifies whether or not the acquired transaction data is given an electronic signature generated by a correct method, whether or not necessary information is written in the acquired transaction data, or the like. Here, for example, when the 3 rd transaction data including the access right information is acquired from the information provider terminal 100, the necessary information is information indicating which information has the access right set therein correctly.

When the verification of the validity of the transaction data is successful, the transaction data verification unit 302 transmits the result to the other authentication server devices 310 and 320. In addition, the verification may also be skipped.

The transaction data verification unit 302 executes a consensus algorithm for agreeing on the validity of the transaction data, together with other authentication server devices.

In this way, the transaction data verification unit 302 executes the consensus algorithm together with the plurality of authentication server apparatuses.

Here, the consensus algorithm may be PBFT (Practical Byzantine Fault Tolerance algorithm) or other known consensus algorithm. Examples of well-known consensus algorithms include PoW (Proof of Work) and PoS (Proof of stamp). When the PBFT is used in the consensus algorithm, the transaction data verification unit 302 receives reports indicating whether or not the verification of the transaction data has succeeded from each of the other authentication server devices 310 and 320, and determines whether or not the number of reports exceeds a predetermined number. When the number of reports exceeds a predetermined number, the transaction data verification unit 302 may determine that the validity of the transaction data is verified by the consensus algorithm.

[1.4.3 Account book update section 303]

The ledger updating section 303 writes the transaction data to the distributed ledger by updating the distributed ledger after the verification of the transaction data by the transaction data verification section 302.

In the present embodiment, the ledger update unit 303 is a processing unit that saves the transaction data verified as valid by the transaction data verification unit 302 into the distributed ledger. The ledger update section 303 generates a block including the transaction data verified as valid by the transaction data verification section 302, updates the distributed ledger, and saves (writes) the generated block to the distributed ledger. In other words, the ledger update unit 303 generates a block including the transaction data for which validity has been verified by the transaction data verification unit 302, and registers the generated block in connection with the block chain stored in the distributed ledger.

The ledger update unit 303 transmits the latest ledger or the requested transaction data to the information provider terminal 100 or the information user terminal 200 in response to a request from the information provider or the information user.

Here, a data structure of the block chain is explained.

Fig. 8 is an explanatory diagram showing a data structure of a block chain.

The block chain is formed by connecting blocks as recording units in a chain (chain) shape. Each chunk has a plurality of transaction data, and a hash value of an immediately preceding chunk. Specifically, the hash value of the block B1 preceding the block B2 is included in the block B2. A hash value calculated from the transaction data included in the block B2 and the hash value of the block B1 is included in the block B3 as a hash value of the block B2. In this way, the contents of the previous blocks are included as hash values, and the blocks are connected in a chain, thereby effectively preventing falsification of the connected transaction data.

If the past transaction data is changed, the hash value of the block is different from the hash value before the change, and in order to disguise the tampered block as a correct block, it is necessary to newly create all blocks thereafter, which is very difficult in reality.

[1.4.4 communication section 304]

The communication unit 304 performs communication with other authentication server devices 310 and 320, or communication with the information provider terminal 100 or the information user terminal 200.

In the present embodiment, for example, when transaction data is acquired from the information provider terminal 100 or the information user terminal 200, the communication unit 304 transmits the acquired transaction data to the transaction data storage unit 301. When the information provider or the information user requests the latest account book or the latest transaction data, for example, the communication unit 304 receives the latest account book or the requested transaction data from the account book updating unit 303 and transmits the latest account book or the requested transaction data to the information provider terminal 100 or the information user terminal 200.

For example, when the information provider terminal 100 requests the 1 st transaction data, the communication unit 304 may transmit the 1 st transaction data written in the distributed ledger specified based on the information provider ID to the information provider terminal 100. When the 2 nd transaction data is requested from the information user terminal 200, the communication unit 304 may transmit the 2 nd transaction data written in the distributed ledger specified based on the information user ID to the information user terminal 200.

[1.5 information transaction examination device 400]

Next, the information transaction review device 400 will be described.

As shown in fig. 1, the information transaction audit device 400 is a device independent of the information provider terminal 100 and the information user terminal 200. The information transaction auditing apparatus 400 may also have the function of an authentication server.

The information transaction review device 400 reviews anomalies of transactions written into the distributed ledger. More specifically, the information transaction checking device 400 monitors whether or not the information transaction is correctly performed by monitoring a distributed account book shared by the authentication server device 300 and the like.

Fig. 9 is a diagram showing an example of a functional configuration of the information transaction examination apparatus 400 according to the present embodiment.

The information transaction review device 400 may be implemented by a processor executing a prescribed program using a memory. In the present embodiment, the information transaction checking device 400 includes a ledger keeping unit 401, a transaction verification unit 402, and a communication unit 403 as shown in fig. 9. Hereinafter, each constituent element will be described.

[1.5.1 account book holder 401]

The account book holding unit 401 acquires the latest distributed account book (also referred to as the latest account book) from at least 1 of the authentication server devices 300, 310, and 320, and holds the latest distributed account book in the storage device. When the information transaction checking device 400 has the function of an authentication server device, the function of the account book storage unit 401 may be the function of the account book update unit 303 in the authentication server device 300.

[1.5.2 transaction verification section 402]

The transaction verification section 402 confirms whether or not there is an abnormality with respect to all transactions written into the distributed ledger by confirming the distributed ledger held in the ledger holding section 401.

In the present embodiment, the transaction verification unit 402 confirms the latest to past distributed ledgers stored in the ledger storage unit 401, and confirms whether or not an abnormal transaction has occurred.

Here, the transaction verification unit 402 may confirm the distributed ledger, and for example, when the information provider does not respond for a certain period or more despite a request from the information user, it is regarded that the information transaction is an abnormal transaction. In this way, the transaction verification unit 402 may regard a transaction that has not completed within a certain period of time as an abnormal transaction.

The transaction verification unit 402 may check the distributed ledger, and, for example, consider an abnormal transaction when transaction data of an information provision from an information provider is written, although transaction data of an information request from an information user is not written.

The verification method and content of the verification regarding whether or not an abnormal transaction has occurred based on the distributed ledger is not limited to the above.

In addition, when there is an abnormal transaction, the transaction verification unit 402 may transmit the transaction content of the abnormal transaction to the communication unit 403, and notify the information provider or the information user about the transaction. More specifically, the transaction verification unit 402 may notify at least one of the information provider and the information user, which is the party of the 1 st transaction having an abnormality among all the transactions written in the distributed ledger, that there is an abnormality in the 1 st transaction.

In addition, the transaction verification unit 402 may notify the information provider or the information user related to the transaction that there is no abnormality in the transaction even when there is no abnormality in the transaction. The transaction verification unit 402 may generate transaction data including information on an abnormal transaction, and transmit the transaction data to the authentication server devices 300, 310, and 320 when it is confirmed that the abnormal transaction exists.

[1.5.3 communication section 403]

The communication unit 403 performs communication with the authentication server devices 310 and 320, or performs communication with the information provider terminal 100 or the information user terminal 200.

In the present embodiment, the communication unit 403 acquires the distributed account book from the authentication server devices 300, 310, and 320, and stores the distributed account book in the account book storage unit 401. The communication unit 403 may receive the verification result from the transaction verification unit 402 and transmit the result to the information provider terminal 100 or the information user terminal 200.

[2. actions of information transaction System ]

Next, an example of the operation of the information transaction system configured as described above will be described. The operation of the information transaction system includes 5 stages, namely, an access right setting stage, an information requesting stage, an information providing stage, an information decrypting stage, and a transaction examining stage. The following describes operations of the information transaction system in the access right setting stage, the information requesting stage, the information providing stage, and the information decrypting stage.

[2.1 Access rights setting phase ]

First, the operation of the information transaction system in the access right setting stage will be described. In the access right setting step, the information provider sets access rights for 1 or more pieces of information in an information directory, which is a list disclosed in the block chain. The access right setting phase is performed before the information providing phase.

Fig. 10 is a sequence diagram showing an example of the operation in the access right setting stage according to the present embodiment.

First, the information provider terminal 100 selects 1 or more pieces of information from the information held by the information provider, and sets access rights to each of the selected 1 or more pieces of information (S101). More specifically, the information provider selects 1 or more pieces of information that can be traded via the blockchain among the pieces of information held by the information provider using the information provider terminal 100. The information provider uses the information provider terminal 100 to set access rights associated with each of the selected 1 or more pieces of information.

Next, the information provider terminal 100 generates 3 rd transaction data including the directory of 1 or more pieces of information selected in step S101 (i.e., the 1 st information directory) and the access right information (S102). More specifically, the information provider uses the information provider terminal 100 to generate the 3 rd transaction data including the 1 st information list indicating the names and IDs of the selected 1 or more pieces of information, and the access right information indicating the access rights set for each of the 1 or more pieces of information.

Next, the information provider terminal 100 transmits the 3 rd transaction data generated in step S102 to the authentication server devices 300, 310, and 320 (S103).

Next, the authentication server devices 300, 310, and 320 store the acquired 3 rd transaction data (S104).

Next, the authentication server devices 300, 310, 320 execute a consensus algorithm for agreeing on the validity of the 3 rd transaction data (S105). The authentication server devices 300, 310, and 320 generate blocks containing the 3 rd transaction data if the 3 rd transaction data is verified for validity. Here, it is assumed that the authentication server apparatuses 300, 310, 320 follow the method disclosed in non-patent document 1, for example. In this case, the authentication server that first generates the block among the authentication server devices 300, 310, and 320 transmits the generated block to another authentication server, and the other authentication server confirms whether the transmitted and acquired block is correctly generated.

Next, the authentication server apparatuses 300, 310, and 320 write the block generated by executing the consensus algorithm in step S105 into the distributed ledger, thereby updating the distributed ledger (S106).

[2.2 information request phase ]

Next, the operation of the information transaction system in the information request phase will be described. In the information requesting phase, the information provider provides the information requested by the information user via the distributed account (i.e., blockchain) of 1 or more authentication server devices among the plurality of authentication server devices. The information request phase is performed before the information provision phase.

Fig. 11 is a sequence diagram showing an example of the operation at the information request stage according to the present embodiment.

First, the information user terminal 200 confirms, for example, the latest distributed account book of the authentication server device 300 (S201). In the example shown in fig. 11, for example, the information user terminal 200 requests the authentication server apparatus 300 for the latest account book (i.e., the latest distributed account book), acquires the latest account book transmitted from the authentication server apparatus 300, and confirms the latest distributed account book.

Next, the information user terminal 200 refers to (confirms) the block of the acquired latest distributed account book, and confirms whether or not there is information requested by the information user for use (S202). Specifically, the information user terminal 200 checks whether or not there is a 2 nd information list indicating a list of 1 st information requested by the information user for use, among the information shown in the 1 st information list of the acquired latest distributed account disclosure.

If the requested information is present in step S202 (yes in S202), the information user terminal 200 generates an encryption key and a decryption key for use in the transaction of the requested information (S203). If the requested information is not present in step S202 (no in S202), the process returns to step S201 and the process is repeated.

Next, the information user terminal 200 generates 1 st transaction data including the information user ID, the information provider ID, the 2 nd information directory, and the encryption key (S204).

Next, the information user terminal 200 transmits the 1 st transaction data generated in step S204 to the authentication server devices 300, 310, and 320 (S205).

Next, the authentication server devices 300, 310, and 320 store the acquired 1 st transaction data (S206).

Next, the authentication server devices 300, 310, 320 execute a consensus algorithm for agreeing on the validity of the 1 st transaction data (S207). The authentication server devices 300, 310, and 320 generate blocks containing the 1 st transaction data if the validity of the 1 st transaction data is verified.

Next, the authentication server apparatuses 300, 310, and 320 update the distributed ledger by writing the block generated by executing the consensus algorithm in step S207 to the distributed ledger (S208).

[2.3 information providing stage ]

Next, the operation of the information transaction system in the information providing stage will be described. In the information providing stage, an action is performed in which the information consumer requests the 1 st information from the information provider via the distributed ledger.

Fig. 12 is a sequence diagram showing an example of the operation at the information providing stage according to the present embodiment.

First, the information provider terminal 100 confirms, for example, the latest distributed ledger of the authentication server apparatus 320 (S301). In the example shown in fig. 12, the information provider terminal 100 requests, for example, the authentication server device 320 for the latest account book (i.e., the latest distributed account book), acquires the latest account book transmitted from the authentication server device 320, and confirms the latest distributed account book. The timing at which the information provider terminal 100 confirms the latest distributed account book may be regular or irregular. The information provider terminal 100 confirms the latest distributed ledger transmitted from the authentication server apparatus 320 at this timing.

Next, the information provider terminal 100 confirms whether or not there is a request for the information shown in the disclosed 1 st information directory using the information provider ID (S302). More specifically, the information provider terminal 100 confirms whether there is 1 st transaction data including an information provider ID and requesting information shown in the 1 st information directory disclosed among the transaction data written in the latest distributed ledger.

If a request for information indicated by the 1 st directory is made in step S302 (yes in S302), the information provider terminal 100 acquires the 1 st transaction data including the 2 nd directory written in the latest distributed ledger (S303). If there is no request for the information indicated in the 1 st information directory disclosed in step S302 (no in S302), the process returns to step S301 and the process is repeated.

Next, the information provider terminal 100 confirms whether or not the information (i.e., the 1 st information) indicated in the 1 st information list in which the request is made has an access right (S304). More specifically, the information provider terminal 100 checks whether or not the 1 st information requested by the information user, which is indicated by the 2 nd information list included in the 1 st transaction data acquired in step S303, has an access right. In step S304, if there is no access right to the information indicated in the requested 1 st information directory (no in S304), the information provider terminal 100 discards the acquired 1 st transaction data, returns to step S301, and performs the processing again.

If the requested information indicated in the 1 st information list has access right in step S304 (if "in S304), the information provider terminal 100 generates encrypted information (that is, the 1 st encrypted information) obtained by encrypting the requested 1 st information (S305). More specifically, the information provider terminal 100 generates encrypted information (i.e., the 1 st encrypted information) obtained by encrypting the requested 1 st information with the encryption key generated by the information user terminal 200 included in the 1 st transaction data acquired in step S303.

Next, the information provider terminal 100 generates the 2 nd transaction data including at least the 1 st encrypted information and the information user ID generated in step S305 (S306).

Next, the information provider terminal 100 transmits the 2 nd transaction data generated in step S306 to the authentication server devices 300, 310, and 320 (S307).

Next, the authentication server devices 300, 310, and 320 store the acquired 2 nd transaction data (S308).

Next, the authentication server devices 300, 310, 320 execute a consensus algorithm for agreeing on the validity of the 1 st transaction data (S309). The authentication server devices 300, 310, and 320 generate blocks containing the 2 nd transaction data if the validity of the 2 nd transaction data is verified.

Next, the authentication server apparatuses 300, 310, and 320 update the distributed ledger by writing the block generated by executing the consensus algorithm in step S309 into the distributed ledger (S310).

[2.4 information decryption stage ]

Next, the operation of the information transaction system in the information decryption stage will be described. In the information decryption stage, the information consumer decrypts the 1 st encrypted information provided by the information provider via the distributed account book. The information decryption stage follows the information provision stage.

Fig. 13 is a sequence diagram showing an example of the operation of the information decryption stage according to the present embodiment.

First, the information user terminal 200 confirms, for example, the latest distributed ledger of the authentication server apparatus 300 (S401). In the example shown in fig. 13, for example, the information user terminal 200 requests the authentication server apparatus 300 for the latest account book (i.e., the latest distributed account book), acquires the latest account book transmitted from the authentication server apparatus 300, and confirms the latest distributed account book. The timing at which the information user terminal 200 confirms the latest distributed account book may be regular or irregular. The information user terminal 200 confirms the latest distributed ledger transmitted from the authentication server apparatus 300 at this timing.

Next, the information user terminal 200 refers to (confirms) the block of the latest distributed account book acquired, and confirms whether or not there is a response from the information provider using the information user ID (S402). More specifically, the information consumer terminal 200 confirms whether there is the 2 nd transaction data including the information consumer ID and the 1 st encryption information generated by the information provider among the transaction data written in the latest distributed ledger.

If there is a response from the information provider in step S402 (yes in S402), the information consumer terminal 200 acquires the 2 nd transaction data containing the information consumer ID and the 1 st encrypted information, which is written in the latest distributed ledger (S403). If there is no response from the information provider in step S402 (no in S402), the process returns to step S401 and the process is repeated.

Next, the information user terminal 200 decrypts the 1 st encrypted information included in the 2 nd transaction data acquired in step S403, using the decryption key generated in step S203 in the information request phase (S404). Thus, the information user can acquire the 1 st information requested in the information requesting stage.

[3. effects, etc. ]

As described above, according to the information transaction method and the like according to the embodiment, the information provider does not disclose information itself that can be provided by itself, but writes the 3 rd transaction data including the 1 st information directory, which is a directory indicating the names and IDs of the information that can be provided, into the distributed ledger (registers in the blockchain). Transaction data indicating information requested by the information user is written to the blockchain together with transaction data including the requested information encrypted by the information provider using the encryption key provided from the information user. In this way, it is possible to realize a transaction method in which a transaction of information requested by an information user cannot be performed if no history is left in the block chain. That is, it is possible to realize an information transaction method and the like that cannot acquire information without leaving history in a block chain.

The information user terminal 200 selects information to be used from the 1 st information list disclosed by the information provider, and transmits a list of the selected information (the 2 nd information list) to the information provider via the distributed book. Further, when the 2 nd information directory is transmitted to the information provider via the distributed book, the encryption key (public key) generated by the information consumer is handed over, so that people other than the information consumer cannot peep the information.

More specifically, the information consumer refers to the 1 st information directory written in the distributed ledger as the public information. If the information user has the name of the desired information in the 1 st information directory, the information user randomly generates an encryption key and a decryption key, and writes the 1 st transaction data containing the ID of the desired information and the encryption key into the distributed ledger. The information provider acquires the 1 st transaction data written in the latest distributed ledger, and if it is known that the information of the information provider is requested, writes into the distributed ledger the 2 nd transaction data including the 1 st encryption information obtained by encrypting the 1 st information corresponding to the ID included in the 1 st transaction data with the encryption key included in the 1 st transaction data. The information user acquires the 2 nd transaction data written in the latest distributed account book, and if the 1 st encrypted information encrypted by the encryption key of the information user is included in the 2 nd transaction data, decrypts the transaction data with the decryption key held by the information user, thereby obtaining the desired information.

Therefore, an information transaction method and the like are realized in which information is not stolen from the information user and information cannot be acquired without leaving a history on the block chain.

(modification 1)

In the above-described embodiment, the information transaction examination apparatus 400 has been described as notifying at least one of the information provider and the information user who are parties to the corresponding transaction of the message when the abnormal transaction is present, but the present invention is not limited to this. When the abnormal transaction is confirmed, the information transaction check device 400 may generate and transmit transaction data including information on the abnormal transaction to the authentication server devices 300, 310, and 320. This case will be described as a modification 1 centering on differences from the above embodiment.

[ information transaction examination device 400a ]

Fig. 14 is a diagram showing an example of a functional configuration of the information transaction examination device 400a according to modification 1. The same elements as those in fig. 9 are assigned the same reference numerals, and detailed description thereof is omitted.

The information transaction verification apparatus 400a shown in fig. 14 differs from the information transaction verification apparatus 400 shown in fig. 9 in that it further includes a transaction data generation unit 404. The following description will focus on differences from the above embodiments.

[ transaction data generating section 404]

When the transaction verification unit 402 confirms that an abnormal transaction has occurred, the transaction data generation unit 404 generates transaction data (hereinafter, referred to as 4 th transaction data) including information relating to the abnormal transaction. That is, the transaction data generation unit 404 generates 4 th transaction data including information on the 1 st transaction having an abnormality among all transactions written in the distributed ledger.

In addition, when the transaction verification unit 402 confirms that there is no abnormal transaction, the transaction data generation unit 404 may generate transaction data (hereinafter, referred to as "5 th transaction data") including the transaction that has no abnormality. That is, the transaction data generation unit 404 may generate 5 th transaction data including information on the 2 nd transaction having no abnormality among all the transactions written in the distributed ledger.

When the 4 th transaction data or the 5 th transaction data is generated, the transaction data generation unit 404 transmits the generated data to at least 1 of the authentication server devices 300, 310, and 320 via the communication unit 403.

Thus, at least one of the information provider and the information user who is the party of the 1 st transaction can confirm that there is an abnormality in the 1 st transaction by acquiring the 4 th transaction data written in the distributed ledger. Similarly, at least one of the information provider and the information user who is the party of the 2 nd transaction can confirm that there is no abnormality in the 2 nd transaction by acquiring the 5 th transaction data written in the distributed ledger.

[ operation of information transaction System according to modification 1]

Next, as an example of the operation of the information transaction system according to modification 1, the operation of the information transaction system in the transaction review stage will be described.

[ transaction examination stage ]

The following describes the operation of the transaction review stage. In the transaction review stage, the information transaction review device performs an operation of reviewing an abnormality of the transaction written in the distributed ledger.

Fig. 15 is a sequence diagram showing an example of the operation in the transaction audit phase according to modification 1.

First, the information transaction checking device 400a acquires, for example, the latest distributed ledger of the authentication server device 320 (S501). In the example shown in fig. 15, the information transaction checking device 400a requests the authentication server device 320 for, for example, the latest ledger (i.e., the latest distributed ledger), and acquires the latest ledger transmitted by the authentication server device 320. Note that the timing at which the information transaction checking device 400a acquires the latest distributed account book is regular.

Next, the information transaction checking device 400a saves the latest distributed ledger acquired in step S501 (S502).

Next, the information transaction checking device 400a confirms whether or not there is an abnormal transaction among all the transactions written in the distributed ledger by confirming the already-stored distributed ledger from the latest distributed ledger stored in step S502 (S503). More specifically, the information transaction checking device 400a extracts all of the 1 st transaction data and the 2 nd transaction data included in the distributed ledger, and checks whether all transactions have been completed correctly or passed correctly, thereby checking whether an abnormal transaction exists.

In step S503, if there is no abnormal transaction (no in S503), the information transaction checking device 400a returns to step S501 and repeats the processing.

On the other hand, if there is an abnormal transaction in step S503 (if "in S503), the information transaction check device 400a generates 4 th transaction data including information on the 1 st transaction having an abnormality (S504).

Next, the information transaction checking device 400a transmits the 4 th transaction data generated in step S504 to the authentication server devices 300, 310, and 320 (S505).

Next, the authentication server devices 300, 310, and 320 store the acquired 4 th transaction data (S506).

Next, the authentication server devices 300, 310, 320 execute a consensus algorithm for agreeing on the validity of the 4 th transaction data (S507). The authentication server apparatuses 300, 310, and 320 generate blocks containing the 4 th transaction data if the validity of the 4 th transaction data is verified.

Next, the authentication server apparatuses 300, 310, and 320 update the distributed ledger by writing the block generated by executing the consensus algorithm in step S507 into the distributed ledger (S508).

Thus, at least one of the information provider and the information user who is the party of the 1 st transaction can confirm that there is an abnormality in the 1 st transaction by acquiring the 4 th transaction data written in the distributed ledger.

(modification 2)

In the above-described embodiment, the description has been given by the information provider terminal 100 generating the 3 rd transaction data including the directory of 1 or more pieces of information that can be provided via the distributed book among the information held by the information provider and the access right thereof, but the invention is not limited thereto. The information provider terminal 100a may include a hash value of 1 or more pieces of information that can be provided via the distributed ledger in the 3 rd transaction data. This case will be described as modification 2 below.

[ information provider terminal 100a ]

Fig. 16 is a diagram showing an example of a functional configuration of the information provider terminal 100a according to modification 2. Elements similar to those in fig. 2 are given the same reference numerals, and detailed description thereof is omitted.

The information provider terminal 100a shown in fig. 16 differs from the information provider terminal 100 shown in fig. 2 in that it further includes a hash value calculation unit 108. The following description will focus on differences from the above-described embodiments.

[ Hash value calculation section 108]

The hash value calculation unit 108 calculates a hash value for each of 1 or more pieces of information in a list of 1 or more pieces of information that can be provided via a distributed book among pieces of information held by an information provider.

Thus, in the present modification, the transaction data generation unit 106 can generate the 3 rd transaction data by further including hash values calculated for 1 or more pieces of information in the list of 1 or more pieces of information (1 st information table) that can be provided via the distributed book.

As a result, the 1 st directory of information, and the hash values respectively calculated for more than 1 information in the 1 st directory of information, are disclosed by the distributed ledger.

[ information user terminal 200a ]

Fig. 17 is a diagram showing an example of a functional configuration of the information user terminal 200a according to modification 2. The same elements as those in fig. 5 are assigned the same reference numerals, and detailed description thereof is omitted.

The information user terminal 200a shown in fig. 17 differs from the information user terminal 200 shown in fig. 5 in that it further includes a hash value verification unit 208. The following description will focus on differences from the above-described embodiments.

[ Hash value verification section 208]

The hash value verification unit 208 obtains the 1 st information by decrypting the 1 st encrypted information by the encrypted information decryption unit 206, and then calculates a hash value (hereinafter, referred to as the 1 st hash value) of the 1 st information.

The hash value verification unit 208 compares the calculated 1 st hash value with the 2 nd hash value corresponding to the 1 st information among the hash values for each of the 1 or more pieces of information disclosed in the distributed book.

The hash value verification unit 208 compares the 2 nd hash value with the 1 st hash value, and causes the transaction data generation unit 204 to generate the 1 st transaction data again when the 2 nd hash value and the 1 st hash value are different.

In this way, the information user terminal 200a compares the 1 st hash value of the acquired 1 st information with the 2 nd hash value disclosed in the ledger. If the 1 st hash value matches the 2 nd hash value, the information consumer terminal 200a ends the transaction of the 1 st message, and if not, the information consumer terminal 200a requests the information provider terminal 100a to retransmit the 1 st message.

[ operation of information transaction System according to modification 2]

Next, as an example of the operation of the information transaction system according to modification 2, the operation of the information transaction system in the access right setting stage and the information decryption stage will be described.

[ Access rights setting stage ]

The following describes operations in the access right setting stage in modification 2.

Fig. 18 is a sequence diagram showing an example of the operation in the access right setting stage according to modification 2. The same elements as those in fig. 10 are assigned the same reference numerals, and detailed description thereof is omitted. The operation in the access right setting stage shown in fig. 18 is different from the operation in the access right setting stage shown in fig. 10 in the operation in step S102 a.

That is, in step S102a, the information provider terminal 100a generates the 3 rd transaction data including the directory (i.e., the 1 st information directory) of the 1 or more pieces of information selected in step S101, the access right information, and the hash value. As described above, the hash value is calculated for each of 1 or more pieces of information in the 1 st information list.

[ information decryption stage ]

Next, the operation of the information decryption stage in modification 2 will be described.

Fig. 19 is a sequence diagram showing an example of the operation at the information decryption stage according to modification 2. The same elements as those in fig. 13 are assigned the same reference numerals, and detailed description thereof is omitted. The operation in the information decryption stage shown in fig. 19 is added with the operations from step S405 onward, compared with the operation in the information decryption stage shown in fig. 13.

That is, first, in step S404, the information consumer terminal 200a decrypts the 1 st encrypted information included in the 2 nd transaction data with the decryption key, thereby acquiring the 1 st information requested in the information requesting phase.

Next, the information user terminal 200a calculates the 1 st hash value of the 1 st information decrypted in step S404 (S405).

Next, the information user terminal 200a acquires the 2 nd hash value corresponding to the 1 st information disclosed in the distributed ledger (S406).

Next, the information user terminal 200a compares the hash values (S407). More specifically, the information user terminal 200a compares the 1 st hash value of the 1 st information calculated in step S405 with the 2 nd hash value of the 1 st information acquired in step S406.

In step S407, if the compared hash values match (match in S407), the process ends.

On the other hand, if the compared hash values do not match in step S407 (no match in S407), the information user terminal 200a transmits (retransmits) the 1 st transaction data generated in step S204 in the information request phase to the authentication server devices 300, 310, and 320 (S408).

Then, the authentication server devices 300, 310, and 320 store the acquired 1 st transaction data (S409).

Next, the authentication server device 300, 310, 320 executes a consensus algorithm for agreeing on the validity of the 1 st transaction data (S410). The authentication server devices 300, 310, and 320 generate blocks containing the 1 st transaction data if the validity of the 1 st transaction data is verified.

Next, the authentication server apparatuses 300, 310, and 320 update the distributed ledger by writing the block generated by executing the consensus algorithm in step S410 into the distributed ledger (S411).

In this way, the information consumer terminal 200a ends the transaction of the 1 st information if the 1 st hash value matches the 2 nd hash value, and requests the information provider terminal 100a to retransmit the 1 st information if the 1 st hash value does not match the 2 nd hash value. Therefore, the information user terminal 200a can reliably acquire the correct 1 st information requested by the information user.

(modification 3)

In the above-described embodiment and modification, the information user terminal 200 may acquire the 1 st information by decryption in the information decryption stage and pay a price to the information provider. That is, as the operation of the information transaction system, the operation of the price payment stage may be further performed in the information decryption stage. This case will be described below as a modification 3 centering on differences from the above-described embodiment and the like.

[ Payment of price stage ]

Fig. 20 is a sequence diagram showing an example of the operation in the consideration payment stage according to modification 3.

First, the information user terminal 200 confirms whether or not the 1 st information requested in the information requesting stage is acquired (S501).

If it is confirmed in step S501 that the requested 1 st information is acquired (yes in S501), the information user terminal 200 generates the 6 th transaction data for paying the price to the information provider (S502). The consideration here may be an encrypted asset such as bitcoin, cash, an independent point that can be used only in the information transaction system, or an object having a corresponding value. Further, data indicating a certificate certifying payment may be included in the 6 th transaction data after the information user pays a cost, for example, by bank transfer or the like.

Next, the information user terminal 200 transmits the 6 th transaction data generated in step S502 to the authentication server devices 300, 310, and 320 (S503).

Next, the authentication server devices 300, 310, and 320 store the acquired 6 th transaction data (S504).

Next, the authentication server device 300, 310, 320 executes a consensus algorithm for agreeing on the validity of the 6 th transaction data (S505). The authentication server devices 300, 310, and 320 generate blocks containing the 6 th transaction data if the validity of the 6 th transaction data is verified.

Next, the authentication server apparatuses 300, 310, and 320 update the distributed ledger by writing the block generated by executing the consensus algorithm in step S506 into the distributed ledger (S506).

In the above description, the information user terminal 200 has been described as paying a consideration to the information provider every time the 1 st information requested in the information requesting stage is acquired, but the present invention is not limited to this. The information user terminal 200 may collectively pay the consideration to the information provider when the 1 st information is acquired a predetermined number of times, for example, once in 10 times or every certain number of transactions. The information user terminal 200 may collectively pay the information provider for the consideration corresponding to the 1 st information acquired in a predetermined period, for example, once in 1 month.

(modification 4)

In modification 3, the description has been made on the assumption that the 6 th transaction data generated by the information user terminal 200 and used for paying the consideration to the information provider is written in the distributed ledger, and the consideration is paid from the information user to the information provider via the distributed ledger. The information user can also pay a price to the information provider using an intelligent contract made by the information provider terminal 100. In this case, the information consumer may generate transaction data to which the information consumer obtains the 1 st information in the information consumer terminal 200 and send the transaction data to the distributed ledger. This case will be described below as a modification 4, focusing on differences from the above-described modification 3.

[ Intelligent contract setting stage ]

Fig. 21 is a sequence diagram showing an example of the operation of the smart contract setting stage according to modification 4.

First, the information provider terminal 100 makes an intelligent contract for paying a consideration to the information provider (S601). The intelligent contract made here is an intelligent contract obtained by executable programming of an action of paying a consideration to an information provider by using a distributed ledger.

Next, the information provider terminal 100 generates transaction data including the smart contract created in step S601 and, for example, an electronic signature associated with the information provider (S602).

Next, the information provider terminal 100 transmits the transaction data generated in step S602 to the authentication server devices 300, 310, and 320 (S603).

Next, the authentication server devices 300, 310, and 320 store the acquired transaction data (S604).

Next, the authentication server device 300, 310, 320 executes a consensus algorithm for agreeing on the validity of the transaction data (S605). The authentication server devices 300, 310, and 320 generate blocks containing the transaction data if the validity of the transaction data is verified.

Next, the authentication server devices 300, 310, and 320 update the distributed ledger by writing the block generated by executing the consensus algorithm in step S605 into the distributed ledger (S606).

In this way, the intelligent contract made by the information provider terminal 100 is written into the distributed ledger.

And, the smart contract becomes executable, i.e., run, by being written into the distributed ledger (S607).

[ information decryption stage ]

In this modification, in the information decryption stage, the information user terminal 200 obtains the 1 st information by decryption, and then writes the transaction data for which the 1 st information is obtained into the distributed ledger. Thus, the smart contract can pay a consideration to the information provider. This will be described below with reference to fig. 22.

Fig. 22 is a sequence diagram showing an example of the operation at the information decryption stage according to modification 4.

First, the information user terminal 200 confirms whether or not the 1 st information requested in the information request step is acquired (S701).

If it is confirmed in step S701 that the requested 1 st information is acquired (yes in S701), information user terminal 200 generates transaction data indicating that the 1 st information is acquired (S702).

Next, the information user terminal 200 transmits the transaction data generated in step S702 to the authentication server devices 300, 310, and 320 (S703).

Next, the authentication server devices 300, 310, and 320 store the acquired transaction data (S704).

Next, the authentication server device 300, 310, 320 executes a consensus algorithm for agreeing on the validity of the transaction data (S705). The authentication server devices 300, 310, and 320 generate blocks containing the transaction data if the validity of the transaction data is verified.

Next, the authentication server apparatuses 300, 310, and 320 update the distributed ledger by writing the block generated by executing the consensus algorithm in step S705 to the distributed ledger (S706).

Then, the authentication server apparatuses 300, 310, 320 respectively execute the smart contracts for executing the payments (S707). Thus, the smart contract can pay a consideration to the information provider.

As described above, the information consumer can pay the information provider a price for the consideration using the intelligent contract written in the distributed ledger. In addition, in the case of a system using a block chain, the most time-consuming process is a process of executing a consensus algorithm. In the present modification, the number of execution times of the consensus algorithm can be reduced by using the smart contract as compared with modification 3 described above, and therefore the time taken for trading can be shortened.

(modification 5)

In the above-described embodiment and modification, the information written in the distributed account book and disclosed is the 1 st information directory indicating a list of 1 or more pieces of information that can be provided via the distributed account book among the information held by the information provider, but the present invention is not limited to this. The encrypted information may be information obtained by encrypting information which is public and can be provided via the distributed account by 1 or more pieces of information using the public key of each information user.

More specifically, the encrypted information obtained by encrypting 1 or more pieces of information held by the information provider with the encryption key generated by each of the 1 or more information user terminals 200 and the encryption information ID for uniquely identifying the encrypted information may be written in the distributed account book of the plurality of authentication server devices.

In this case, the information provider terminal 100 may acquire the 1 st transaction data including the following contents written in the distributed ledger. Here, the 1 st transaction data includes a 1 st information user ID which is an identifier uniquely identifying the 1 st information user, an information provider ID which is an identifier uniquely identifying the information provider, and a 2 nd information directory representing a directory of the 1 st information requested by the 1 st information user among the 1 st information directories disclosed by the information provider in the distributed ledger.

The information provider terminal 100 may generate the 2 nd transaction data including the following contents. That is, the 2 nd transaction data includes an encryption information ID for identifying the 1 st encryption information encrypted with the encryption key generated by the information user terminal 200 of the 1 st information user among the 1 st or more pieces of encryption information corresponding to the 1 st information specified by the 2 nd information directory, an information provider ID, and a 1 st information user ID.

(other embodiments)

As described above, the information transaction system according to the present disclosure has been described based on the embodiments, but the present disclosure is not limited to the above-described embodiments. The present disclosure also includes various modifications of the embodiments and other embodiments in which some of the constituent elements of the embodiments are combined, which will occur to those skilled in the art, without departing from the spirit of the present disclosure. For example, the following cases are also included in the present disclosure.

(1) In the above-described embodiment and modification, the information provider terminal 100 and the like, the information user terminal 200 and the information transaction verification apparatus 400 transmit the generated transaction data to all the authentication server apparatuses, i.e., the authentication server apparatuses 300, 310, 320, but the present invention is not limited thereto.

The information provider terminal 100 and the like, the information user terminal 200 and the like, and the information transaction verification device 400 may be transmitted to 1 or more of the authentication server devices. In this case, the authentication server apparatus that has received the transaction data transmits to 1 or more of the other authentication server apparatuses, and thereby the transaction data can be shared by all the authentication server apparatuses.

(2) In the above-described embodiment and modification, the case where the information provider confirms the access right of the information user in the information request phase has been described as an example, but the present invention is not limited to this. The authentication server 300, 310, 320 may also perform confirmation of the access right when executing the consensus algorithm in the information request phase. In this case, the acquired transaction data may be discarded even if the information user does not have access right.

More specifically, in the information requesting phase, when 1 or more authentication server apparatuses acquire the 1 st transaction data, it may be checked whether or not the information user has the access right set for the 1 st information. In addition, when the information user does not have the access right set for the 1 st information, 1 or more authentication server devices may discard the acquired 1 st transaction data and not verify the 1 st transaction data.

(3) Each device of the above embodiments is specifically a computer system configured by a microprocessor, a ROM, a RAM, an SSD, a hard disk unit, a display unit, a keyboard, a mouse, and the like. A computer program is recorded in the RAM or the hard disk unit. By operating the microprocessor according to the computer program, each device achieves its function. Here, the computer program is configured by combining a plurality of command codes indicating instructions to the computer in order to achieve a predetermined function.

(4) Some or all of the components constituting each device of the above embodiments may be constituted by 1 system LSI (Large Scale Integration). The system LSI is a super-multifunctional LSI manufactured by integrating a plurality of components on 1 chip, and specifically is a computer system including a microprocessor, a ROM, a RAM, and the like. The RAM is recorded with a computer program. The system LSI achieves its functions by the microprocessor operating in accordance with the computer program.

Each of the components constituting each of the devices may be individually formed into a single chip, or may be formed into a single chip so as to include a part or all of them.

Note that the system LSI is used here, but depending on the difference in integration level, the system LSI may be referred to as an IC, LSI, super LSI, or super LSI. The method of integration is not limited to LSI, and may be realized by a dedicated circuit or a general-purpose processor. An FPGA (Field Programmable Gate Array) that can be programmed after LSI manufacturing or a reconfigurable processor that can reconfigure connection and setting of circuit cells inside LSI may be used.

Furthermore, if a technique for realizing an integrated circuit instead of the LSI appears due to the progress of the semiconductor technology or another derivative technique, it is needless to say that the functional blocks may be integrated using this technique. Possibly biotechnological applications, etc.

(5) Some or all of the components constituting each of the devices may be constituted by an IC card or a single module that is detachable from each device. The IC card or the module is a computer system including a microprocessor, a ROM, a RAM, and the like. The IC card or the module may include the above-described super multifunctional LSI. The IC card or the module achieves its function by the microprocessor operating according to the computer program. The IC card or the module may also have tamper resistance.

(6) The present disclosure may also be the method shown above. The present invention may be a computer program for realizing these methods by a computer, or may be a digital signal constituted by the computer program.

The present disclosure may also record the computer program or the digital signal in a recording medium that can be read by a computer, such as a flexible disk, a hard disk, a CD-ROM, an MO, a DVD-ROM, a DVD-RAM, a BD (Blu-ray (registered trademark) Disc), a semiconductor memory, or the like. Further, the digital signal may be recorded in these recording media.

In addition, the present disclosure may also be configured to transmit the computer program or the digital signal via an electric communication line, a wireless or wired communication line, a network typified by the internet, data broadcasting, or the like.

The present disclosure may be a computer system including a microprocessor and a memory, the memory storing the computer program, and the microprocessor operating according to the computer program.

The program or the digital signal may be recorded in the recording medium and transferred, or may be transferred via the network or the like and implemented by another independent computer system.

(7) The above embodiment and the above modification may be combined.

Industrial applicability

The present disclosure can be used for an information transaction method, a terminal, and a program, and can be used for an information transaction method, a terminal, and a program that are used in a service for securing a transaction history by transacting information via a block chain, for example.

Description of the reference symbols

100. 100a information provider terminal

101 holds an information storage unit

102 public information selecting unit

103 access right setting part

104. 205 transaction data request section

105 information encryption unit

106. 204, 404 transaction data generating part

107. 207, 304, 403 communication unit

108 hash value calculation unit

200. 200a information user terminal

201 encryption key generation unit

202 encryption key storage unit

203 request information selecting unit

206 encrypted information decryption unit

208 hash value verification section

300. 310, 320 authentication server device

301 transaction data storage unit

302 transaction data verification section

303 ledger updating part

400. 400a information transaction examination device

401 ledger book holding unit

402 transaction verification section