Journal of Digital Convergence (디지털융복합연구)

The Society of Digital Policy and Management (한국디지털정책학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on Smart Contract for Personal Information Protection

개인정보보호를 위한 스마트컨트랙트 연구

  • Received : 2018.12.24
  • Accepted : 2019.03.20
  • Published : 2019.03.28
Download PDF
⟨ Previous Next ⟩

Abstract

The block chain technology is a technique that prevents manipulation of data and ensures integrity and reliability. Ethereum is building a smart contract environment as a type of encryptionenabled system based on block chains. Smart contracts can be implemented when conditions are met, thus increasing confidence in digital data. However, smart contracts that are being tried in various ways are not covered by information security and personal information protection. The structure in which the network participant can view the open transaction ledger is exposed to data or personal information listed in the block chain. In this study, it is possible to manage the data of personal information recorded in the block chain directly. This study is protected personal information by preventing the exposure of personal information and by executing time code, it is possible to erase recorded information after a certain period of time has elapsed. Based on the proposed system in the future, it is necessary to study the additional management techniques of unknown code defects or personal information protection.

블록체인은 데이터의 조작을 방지하고 무결성 및 신뢰성을 보장하는 기술이다. 이더리움(Ethereum)은 블록체인을 기반으로 하는 암호화폐 시스템의 한 종류로 스마트컨트랙트의 사용 환경을 구축하고 있다. 스마트컨트랙트는 조건이 충족되면 즉시 시행되기 때문에 디지털 데이터에 대한 신뢰도를 더욱 높일 수 있다. 그러나 다양한 시도가 진행되는 스마트컨트랙트는 정보보안 및 개인정보 보호가 이루어지지 못하고 있다. 네트워크 참여자가 공개된 거래원장을 볼 수 있는 구조는 블록체인에 등재된 데이터나 개인 정보가 노출될 위험이 있다. 본 연구에서는 블록체인으로 기록되는 개인정보의 데이터를 자신이 직접 관리할 수 있도록 하였다. 개인정보의 노출을 방지했고 타임코드를 달아 일정기한이 경과하면 기록정보의 파기실행을 하도록 하여 개인정보를 보호하였다. 향후 제안한 시스템을 기반으로 알려지지 않은 코드결함이나 개인정보 보호의 추가적 관리 기술의 연구가 필요하다.

Keywords

DJTJBT_2019_v17n3_215_f0001.png 이미지

Fig. 1. Transaction process based on block chain[14]

DJTJBT_2019_v17n3_215_f0002.png 이미지

Fig. 2. Personal Information Access Code & ID control Smart Contract

DJTJBT_2019_v17n3_215_f0003.png 이미지

Fig. 3. Personal Information Protection & Privacy Control

Table 1. Comparision between Existing Systems and Proposed System

DJTJBT_2019_v17n3_215_t0001.png 이미지

References

  1. Gartner Identifies the Top 10 Strategic Technology Trends for 2018. https://www.gartner.com/newsroom/id/3812063
  2. Andres Guadamuz & Chris Marsden. (2015). Blockchanins and Betcoin: Regulatory Responses to Cryptocurrencies, First Monday-Peer Reviewed Journal on The Internet, 20(12). https://firstmonday.org/article/view/6198/5163
  3. Wood, Gavin. (2014). Ethereum: A secure decentralized generalised transaction ledger. Ethereum Project Yellow Paper.
  4. Szabo, Nick. (1997). The idea of smart contracts. Nick Szabo's Papers and Concise Tutorials.
  5. D. H. Sin & J. H. Lee. (2015). Smart contract security for Pin Tech, KIPS Review, 22(5), 54-62.
  6. B. H. Kim. (2017). Modeling Smart Contract by Timed Automata. Graduate School of Engineering & Technology, Master dissertation. Korea University, Seoul.
  7. J. W. Kim. (2017). Issues of Contract Law Application of Block Chain Technology-Focused on smart contracts. Lawyer, 67(1), 150-200.
  8. Tapscott Don & Tapscott Alex. (2016). Blockchain Revolution: How the Technology Behind Bitcoin is Changing Money, Business, and the World, New York : Penguin Random House.
  9. Y. J. Huh. (2017). A IoT control system that provides Authentication, Non-repudiation and Integrity Using a blockchain, Graduate School of Electronic Engineering, Master dissertation. Sogang University, Seoul.
  10. S. H. Yang. (2017). Proposal for Smart Contract method for domestic medical system based on the colored coin, Department of Convergence Service Security Engineering, Master dissertation. Soonchunhyang University, Asan.
  11. Financial Services Commission. (2016). Study on the introduction of the block chain technology financial sector. Corda platform. https://www.r3.com/
  12. Aron Wright & Primavera De Filippi. (2015). Decentralized Blockchain Technology and The rise of Lex Cryptographia, Working Paper. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2580664.
  13. Jeremy M. Sklaroff. (2017). Smart Contract and the Cost of Inflexibility, University of P ennsylvania Law Review, December, 263-303.
  14. Thomson Reuters. (2016). Blockchain technology: Is 2016 the year of the blockchain? https://blogs.thomsonreuters.com/answerson/blockchain-technology
  15. Nick Szabo. (1994). Smart contracts. http://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart_contracts_idea.html
  16. Online Market Protection Act of 2014: H. R. 5892), SEC.3. (i) https://www.congress.gov/bill/113th-congress/house-bill/5892/text
  17. Arizona State Law Section 44-7061. E. 2 https://www.azleg.gov/viewdocument/?docName=https://www.azleg.gov/ars/44/07061.htm
  18. Ahmed Kosba. (2016). Hawk: The blockchain model of cryptography and privacy-preserving smart contracts, Security and Privacy(SP), 2016 IEEE Symposium, San Jose, CA, USA.
  19. Etherscan, https://etherscan.io
  20. M. Park, S. Chai & M. Lee. (2018). A Study on the Establishment of Data Protection Officer(DPO) Position under DGPR Enactment, The Journal of Korean Institute of Communications and Information Sciences(J-KICS), 43(2), 427-438. https://doi.org/10.7840/kics.2018.43.2.427