Patent Application
20220138848
The present application claims priority from Japanese application JP 2020-185357, filed on Nov. 5, 2020, the contents of which is hereby incorporated by reference into this application.
The present invention relates to a technique that conceals a portion of electronic trading data shared by a large number of participants.
In recent years, a “blockchain” has been attracting attention as a technology to support Bitcoin. Trading data (history) is referred to as a “transaction”. In the “blockchain”, a group of a plurality of transactions is referred to as a “block”, and the blocks are stored so as to be continuous.
The “blockchain” has the feature that anyone can check all of the trading histories recorded on the blockchain, such as the buying and selling of Bitcoin, from a distributed ledger. That is, the blockchain has the feature that, since the fairness of trading is guaranteed by each node constituting the blockchain, the content of the trading is basically disclosed.
Therefore, it is difficult to carry out trading and payment related to sensitive data desired to be concealed from a third party in the blockchain.
For example, JP 2019-106639 A discloses a technique that guarantees the confidentiality of transactions and the fairness of trading in a blockchain.
JP 2019-106639 A discloses an electronic trading device that constitutes a node of a blockchain related to the trading of electronic data. The electronic trading device includes: a receiving unit that receives a first transaction including electronic data encrypted by an encryption key in a terminal for transmitting the electronic data to be traded and a second transaction including the encryption key encrypted by a public key related to a terminal for receiving the electronic data; and a verification unit that, when receiving an electronic data verification request which is transmitted from the receiving terminal and includes a private key corresponding to the public key, decrypts the encryption key using the private key, decrypts the electronic data using the decrypted encryption key, and verifies the decrypted electronic data. As described above, in JP 2019-106639 A, the fairness of the trading is guaranteed without disclosing the content of the data traded by the encryption technology to all of the nodes constituting the blockchain.
However, in JP 2019-106639 A, it is necessary to manage the correspondence relationship (combination) among the encryption key, the public key, and the private key for each transaction. When the number of transactions or trading participants increases, the number of combinations of the encryption keys, the public keys, and the private keys increases explosively, which makes it difficult to manage them. In other words, it is necessary to manage the correspondence relationship among the encryption key used by the transmitting terminal to encrypt the electronic data (trading data), the public key which is related to the receiving terminal and is used by the receiving terminal to encrypt the encryption key, and the private key which corresponds to the public key related to the receiving terminal and is transmitted from the receiving terminal for each transaction in order to ensure the confidentiality of trading.
In addition, it is considered that the number of transactions increases as the number of trading participants increases. Therefore, it is considered that it becomes more difficult to manage the correspondence relationship among the encryption key, the public key, and the private key.
Further, the trading data encrypted by the encryption key is transmitted as a transaction to the blockchain and is then stored in each node. Therefore, when a cryptanalysis technology is improved in the future, there is a concern that the content of the trading data will be seen by each node.
Accordingly, an object of the invention is to provide an electronic trading system and a data concealment method for an electronic trading system that can manage the confidentiality of trading data using a blockchain with a small amount of information.
In addition, another object of the invention is to provide an electronic trading system and a data concealment method for an electronic trading system that can reduce a storage capacity for storing transactions without concern that the trading data will be decrypted.
In order to achieve the above object, according to an aspect of the invention, there is provided an electronic trading system in which a blockchain managing an electronic trading of a trading target is managed by a plurality of nodes. Each of the plurality of nodes includes: a client unit transmitting a request for the electronic trading of the trading target or a request to refer to the electronic trading; a smart contract management unit automatically performing confirmation or fulfillment of contract conditions; a blockchain management unit managing a distributed ledger of the blockchain; a first storage unit storing the distributed ledger of the blockchain; and a second storage unit storing content of the trading target to be concealed as actual data in nodes other than a specific node constituting the blockchain. The distributed ledger stored in the first storage unit is stored in all of the plurality of nodes managing the blockchain and is shared by all of the plurality of nodes. The client unit of a first node among the plurality of nodes transmits the electronic trading request to the smart contract management unit of a second node managing a first trading target. The smart contract management unit of the second node sets an access right to access the actual data of the first trading target stored in the second storage unit of the second node to the first node and stores the access right in the distributed ledger.
In addition, according to another aspect of the invention, there is provided a data concealment method for an electronic trading system in which a blockchain managing an electronic trading of a trading target is managed by a plurality of nodes. Each of the plurality of nodes includes: a client unit transmitting a request for the electronic trading of the trading target or a request to refer to the electronic trading; a smart contract management unit automatically performing confirmation or fulfillment of contract conditions; a blockchain management unit managing a distributed ledger of the blockchain; a first storage unit storing the distributed ledger of the blockchain; and a second storage unit storing content of the trading target to be concealed as actual data in nodes other than a specific node constituting the blockchain. The distributed ledger stored in the first storage unit is stored in all of the plurality of nodes managing the blockchain and is shared by all of the plurality of nodes. The client unit of a first node among the plurality of nodes transmits the electronic trading request to the smart contract management unit of a second node managing a first trading target. The smart contract management unit of the second node receiving the electronic trading request sets an access right to access the actual data of the first trading target stored in the second storage unit of the second node to the first node and stores the access right in the distributed ledger.
According to the invention, it is possible to manage the confidentiality of trading data using a blockchain with a small amount of information.
In addition, according to the invention, it is possible to reduce a storage capacity for storing transactions without concern that the trading data will be decrypted.
Hereinafter, embodiments will be described with reference to the drawings. In addition, in the following description, various kinds of information are explained by an expression such as a “table”, but may be expressed by data structures other than the table. Further, the “table” can be called “management information” in order to indicate that it does not depend on the data structure.
In addition, in some cases, a process is described using a “program” as the subject. The program is executed by a processor which is a processing unit, for example, a microprocessor (MP) or a central processing unit (CPU) and performs a predetermined process. Further, since the processor performs a process while using a storage resource (for example, a memory) and a communication interface device (for example, a communication port), the subject of the process may be the processor or the processing unit. The processor may have dedicated hardware in addition to the CPU. Computer programs may be installed in each computer from program sources. The program source may be provided by, for example, a program distribution server or a storage medium.
Further, the same portions are denoted by the same reference numerals in the drawings and explanations of the embodiments. However, the invention is not limited to the embodiments, and all application examples meeting the idea of the invention are included in the technical scope of the invention. In addition, each component may be plural or singular unless otherwise specified.
<System Configuration>
In
For the management nodes, a plurality of nodes can be created from one physical node or one management node can be created from a plurality of nodes by a virtualization technology using a virtual machine (VM) or a container technology.
In each management node 101, the processing unit executes software constituting a client application, a smart contract, and a blockchain to implement the functions of a client unit 111, a smart contract management unit 112, and a blockchain management unit 113.
The client unit 111 has a function of transmitting an electronic trading request or an electronic transaction reference request. The smart contract management unit 112 has a function of automatically performing confirmation and fulfillment of contract conditions. The blockchain management unit 113 has a function of managing a distributed ledger of the blockchain. In
The blockchain is obtained by adding an edit history sharing processing mechanism for sharing the edit history of a distributed database to the distributed database constructed by a distributed database technology and is constructed by a plurality of management nodes 101 connected by the network 150.
In addition, the blockchain is not limited to that having the processing mechanism for sharing the edit history of the distributed database on the basis of the characteristics of a one-way hash function, such as Ethereum or Bitcoin, and may be a blockchain that has a processing mechanism for sharing the edit history using another structure and shares the distributed database.
In addition, the blockchain is not limited to that having the mechanism which is added to the distributed database and adds a group of data as a block to update the data, such as Ethereum or Bitcoin, and may be a blockchain having a mechanism that sequentially adds individual data one by one to update the data, a blockchain having a mechanism that irregularly adds data to update the data, or a blockchain having a mechanism that adds data in other forms to update the data.
Furthermore, the blockchain is not limited to that which adds the data recorded on the distributed database as one-dimensional data that is continuous like a single chain, such as Ethereum or Bitcoin, and may be a blockchain which adds data to a plurality of chains in parallel, a blockchain which adds data in a network form, a blockchain which adds data in a two-dimensional plane, a blockchain which adds data multi-dimensionally, such as three-dimensionally, or a blockchain which adds data in other forms.
The blockchain is not a single node, but is a network composed of a plurality of nodes constituting the blockchain. Transmitting the transaction or the metadata stored in the distributed ledger to the entire blockchain network is referred to as broadcasting.
As illustrated in
In addition, in the management node 101, each of the client unit 111, the smart contract management unit 112, and the blockchain management unit 113 is implemented by software, and the processing unit 201 executes the software to implement the functions of the client unit 111 that transmits the electronic trading request or the electronic trading reference request, the smart contract management unit 112 that automatically performs the confirmation or fulfillment of the contract conditions, and the blockchain management unit 113. Further, in the drawings, the client unit is described as a client application, the smart contract management unit is abbreviated to a smart contract, and the blockchain management unit is abbreviated to a blockchain.
In addition, the storage device 203 of the management node 101 includes a first storage unit 121 that stores the distributed ledger of the blockchain as metadata and a second storage unit 122 that stores a transaction (trading data) which is desired to be concealed from some of the participants constituting the blockchain in the transactions. The transaction (the content of the trading data) desired to be concealed which is stored in the second storage unit is referred to as “actual data”.
In the blockchain, the fairness of the trading is guaranteed by each of the management nodes constituting the blockchain. Therefore, the blockchain has the feature that the content of the trading is basically disclosed. However, this embodiment provides a technique which conceals some of the transactions (trading data) as the actual data from some of the participants of the blockchain. Some of the participants of the blockchain from which the actual data is concealed are, for example, participants other than the participants that actually trade the trading targets.
<Management Information>
An ID 301 is, for example, information for identifying a product to be traded and is information that can specify the developer of the product.
An actual data holder 302 is information indicating the management node (participant) that stores the actual data to be concealed from other participants constituting the blockchain in the second storage unit 122.
A hash value 303 of the actual data is a hash value of the actual data managed corresponding to the ID 301 illustrated in
An access right 304 to the actual data is information indicating the management node (participant) having an access right to the actual data stored in the second storage unit 122.
A registration date and time 305 is information indicating the date and time when the entries 302 to 308 of the ID 301 were registered.
An update date and time 306 is information indicating the date and time when any of the entries 303, 304, 307, and 308 of the ID 301 was updated.
An owner 307 is information indicating the owner of the product identified by the ID 301. Other information 308 can also be included in the metadata 300.
For the metadata 300, for example, an entry 30 represented by a row shows that the Z company is added to the access right 304 to the actual data, the update date and time 306 is updated, and the owner 307 of a product A-1 is changed from the B company to the Z company by a trading in which the B company transfers the product A-1 to the Z company without processing the product A-1.
In addition, in the metadata 300, entries 31 and 32 represented by rows show that the Z company is added to the access right 304 to the actual data, the update date and time 306 is updated, and the owner 307 of a product A-2 is changed from the C company to the Z company by a trading in which the C company transfers a product C-1 obtained by processing the product A-2 to the Z company.
As described above, the entry in each row of the metadata 300 is added when the trading for the product identified by the ID 301 is confirmed. This corresponds to that a transaction is confirmed in the blockchain and is added to the blockchain stored in the distributed ledger.
In addition, the ID in
The ID 401 is, for example, information for identifying a product to be traded and is information that can specify the developer of the product, similarly to the ID 301 illustrated in
The introduced product ID 402 stores, for example, information for identifying an introduced product A-2 in a case in which the product C-1 includes the introduced product A-2. The product name 403 stores the name of a product or a part, the quantity 404 stores the number of products, and the warranty period 405 stores information of the warranty period of a product or a part. The actual data 400 illustrated in FIG. is an example. The actual data is information that is desired to be concealed from other participants constituting the blockchain.
The first storage unit 121 storing the metadata illustrated in
<Update of Metadata and Actual Data Associated with Content of Trading>
In this case, since the product A-1 has been transferred from the A company to the B company, information indicating that the access right to the product A-1 is granted to the A and B companies is stored in the metadata stored in the first storage unit 121a of the management node A 101a.
In addition, since the product A-2 has been transferred from the A company to the C company, information indicating that the access right to the product A-2 is granted to the A and C companies is stored in the metadata stored in the first storage unit 121a of the management node A 101a.
The actual data of the product A-1 and the actual data of the product A-2 are stored in the second storage unit 122a of the management node A 101a.
In addition, the same metadata as that stored in the first storage unit 121a of the management node A is stored in the first storage unit 121b of the management node B 101b, the first storage unit 121c of the management node C, and the first storage unit 121z of the management node Z. Information related to the access right is shared by all of the management nodes participating in the blockchain.
On the other hand, the actual data of the product A-1 is stored in the second storage unit 122a of the management node A and the second storage unit 122b of the management node B used by the A and B companies that actually trade the product A-1, respectively.
The actual data of the product A-2 is stored in the second storage unit 122a of the management node A and the second storage unit 122c of the management node C used by the A and C companies that actually trade the product A-2, respectively.
As described above, in this embodiment, the data (actual data) desired to be concealed is stored only in the management nodes used by the participants that carry out the trading and is not stored in the other management nodes. Therefore, the storage capacity of the electronic trading system can be reduced as compared to a case in which the actual data is stored in all of the management nodes constituting the blockchain.
In addition, as compared to a case in which concealment is performed using the encryption technology, the correspondence relationship between an encryption key, a public key, and a private key or an operation of exchanging the information of each key is not needed for each transaction, and the access right to the actual data may be stored as the metadata in the distributed ledger.
Further, since the data (actual data) desired to be concealed is stored only in the management nodes used by the participants that carry out the trading, it is possible to reduce the risk that each node will see the trading data even though the decryption technology is improved in the future.
The access right to access the actual data of the product A-1 is given to the Z company by the transaction in which the product A-1 is transferred from the B company to the Z company and is shared as the metadata by each management node.
On the other hand, since the actual data of the product A-1 has already been stored by the management node A and the management node B and the B company transfers the product A-1 to the Z company without processing the product A-1, the actual data is not stored in the management node Z and remains stored in two management nodes of the management nodes A and B.
In this stage, since the product C-1 has been produced, the product C-1 is added to the metadata. Therefore, it is desirable for the Z company to access the actual data of the product A-2, which is a material for producing the product C-1, in addition to the product C-1 that has been transferred. As a result, the Z company is given the access right to the product A-2. On the other hand, it is desirable for the actual data of the product C-1 to be accessed by the A company, which is the producer of the product A-2 that is the material of the product C-1, the C company C, which has processed the product A-2 into the product C-1 and transferred it to the Z company, and the Z company Z which has received the transfer of the product C-1. Therefore, the A company, the C company, and the Z company are given the access right.
Actual data 131 and actual data 132 of the product C-1 are stored in the second storage units 122 of the management nodes used by the C company which is the producer and the Z company that has received the transfer of the product C-1.
As described above, the actual data is stored in the management nodes used by the participants that carry out the trading and is not stored in the management nodes of the other participants that do not carry out the trading. Therefore, in a case in which the trading data are concealed using the encryption technology, it is possible to reduce the storage area for storing the actual data in the entire electronic trading system, as compared to the case in which the encrypted trading data are stored in all of the management nodes.
In addition, in the concealment technology using encryption, it is necessary to manage the correspondence relationship between the encryption key, the public key, and the private key for each trading (for each transaction). In contrast, in the metadata according to this embodiment, it is necessary to manage only the access right to the actual data.
Further, when the encrypted actual data is stored in each management node, the confidentiality of the actual data will be lost in a case in which the codes are broken in the future. However, in this embodiment, the actual data is not stored in all of the management nodes, the confidentiality of the actual data can be ensured.
<Procedure of Process>
When the process is started (Step S801), the client unit 111 transmits an update request to the smart contract management unit of the management node of the actual data holder (Step S802). The client unit 111 of the management node that carries out the trading transmits a trading request to the smart contract management unit 112 of the same management node in order to trade electronic data. Then, when receiving the trading request, the smart contract management unit 112 transmits an electronic data trading request to the smart contract management unit 112 of the management node (the management node of the actual data holder) that manages the trading target.
Hereinafter, a description will be made using a flowchart on the premise that the above-mentioned operation is performed.
For example, an operation in a case in which a first trading that transfers the product A-1 from the A company to the B company and a trading that transfers the product A-1 from the B company to the Z company after the first trading are performed is assumed.
That is, for the product A-1, the state illustrated in
In Step S801, the client unit 111b of the management node B 100b transmits a request to order the product A-1 as the trading target from the A company to the smart contract management unit 112b of the management node B 100b. Then, the smart contract management unit 112b transmits an electronic trading request to the smart contract management unit 112a of the management node A 100a.
In addition, the client unit 111b may transmit the electronic trading request to the smart contract management unit 112a. At this time, each management node 101 can specify the management node A and the management node B that store the actual data of the product A-1 from the metadata stored in the first storage unit. Hereinafter, the description will be continued in the form in which the client unit requesting the trading transmits a request to trade the trading target, that is, an update request to the smart contract management unit of the management node that stores the actual data.
In Step S802, the client unit 111b of the B company transmits the update request to the smart contract management unit 112a of the management node A and the smart contract management unit 112b of the management node B.
In Step S803, the smart contract management units 112a and 112b determine whether the product A-1 was produced by the host company. Since the product A-1 was developed by the host company, the determination result of the smart contract management unit 112a is “YES”, and the process proceeds to Step S804. Whether or not the product was developed by the host company is determined on the basis of whether or not the product A-1 was developed by the user who uses the client unit 111a, that is, whether or not the product A-1 is a product of the client of the transfer source.
Since the product A-1 does not include the introduced product, the determination result in Step S804 is “NO”, and the process proceeds to Step S805. In addition, it is possible to determine whether or not the product includes the introduced product on the basis of the introduced product ID 402 included in the actual data illustrated in
In Step S805, the actual data of the product A-1 is stored in the second storage unit 122a of the storage device 120a in the management node A. When the actual data of the product A-1 is stored in the second storage unit 122a in the state illustrated in
Further, for the smart contract management unit 112b of the management node B that has received the update request, the process in Steps 803 to 807 is the same as the process of the smart contract management unit 112a, and the actual data is stored in the second storage unit 122b of the management node B. As described above, the actual data is stored in the node used by the developer of the trading target and the node that has requested the developer to trade the trading target, and the access right to the actual data is given to the nodes.
On the other hand, in a case in which the B company wholesales the product A-1 to the Z company, since the product A-1 was developed by the A company, the determination result of the smart contract management unit 112b is “NO”, and the process proceeds to Step S806. In Step S806, the access right to the product A-1 is given to the Z company which is a wholesaler.
In order to reflect the content of the access right given in Step S806, the blockchain management unit 113b updates the metadata connected with the actual data related to the product A-1 and broadcasts the metadata to each management node such that all of the management nodes share the updated metadata (Step S808).
Next, a case in which a trading changing the state from the state illustrated in
In Step S803, the smart contract management unit 112c determines that the product C-1 is a product developed by the host company, and the process proceeds to Step S804.
In Step S804, it is determined whether or not the product C-1 includes an introduced product. Since the product C-1 includes the product A-1 as the introduced product, the process proceeds to Step S807.
In Step S807, the access right to the actual data of the product C-1 is given to the A company which is the wholesaler (the provider or transferor of the introduced product) of the product A-1 introduced from the product C-1.
Then, in Step S805, the actual data related to the product C-1 is stored in the storage device 120c of the management node C, and the management node C is given the access right to the actual data of the product C-1.
In Step S808, the updated metadata illustrated in
Further, for the smart contract management unit 112z, the process from Step 803 to Step 807 is the same as the process of the smart contract management unit 112b, and the actual data is stored in the second storage unit 122z of the management node Z. The management node Z is given the access right to the actual data of the product C-1.
In addition, in
Further, the process of storing the actual data in the storage device in Step S805 may be performed at the time when the smart contract management unit 112 trades the trading target.
In the process illustrated in
Further, in a case in which a product is processed during the distribution of the product, it is possible to appropriately give the access right to the actual data of the product to the participants that trade the product before processing and the processed product and to conceal the actual data of the product from the other participants in the blockchain.
In Step S902, the client unit 111 transmits the reference request to the smart contract management unit 112.
When receiving the reference request from the client unit 111, the smart contract management unit 112 determines whether or not there is an access right to the actual data (Step S903). In a case in which there is an access right, the smart contract management unit 112 returns information related to the holder that holds the actual data to the client unit 111 (Step S904). The information related to the holder that holds the actual data is information related to other nodes having the access right and can be understood as a node which is likely to hold the actual data. In a case in which there is no access right, the smart contract management unit 112 returns information indicating that there is no access right to the actual data to the client unit 111 (Step S905).
For example, when the client unit 111z of the Z company transmits a request to refer to the actual data of the product A-2 to the smart contract management unit 112z from the state illustrated in
On the other hand, when the client unit 111z transmits a request to refer to the actual data of the product A-1 to the smart contract management unit 112z, information indicating that there is no access right to the actual data is returned in Step S905 since the access right to the actual data of the product A-1 is not given to the Z company.
In addition, Step S902 illustrated in
In the process illustrated in
In Step S1003, the smart contract management unit 112 that has received the reference request from the client unit 111 determines whether or not the client unit 111 (the user of the management node) that has transmitted the reference request has the access right. The reason is that the metadata is supposed to be shared by each management node and a double check is performed to prevent unauthorized access caused by the falsification of the access right to the metadata. The client unit 111 that has transmitted the reference request and the smart contract management unit 112 that has received the reference request are usually present in different management nodes.
In a case in which there is no access right, the process proceeds to Step S1006, and an error caused by no access right is returned to the client unit that has transmitted the reference request. Then, the process ends.
On the other hand, in a case in which there is an access right in Step S1003, the process proceeds to Step S1004, and it is determined whether or not the actual data is present in the second storage unit 122 of the management node 101 having the smart contract management unit 112 that has received the reference request. The reason why the determination in Step S1004 is necessary is that the participant that is likely to hold the actual data can be specified only by the access right, but all of the participants given the access right do not hold the actual data.
In a case in which the requested actual data has been stored, in Step S1005, the requested actual data is acquired from the storage device 120 and is then returned to the client unit 111 which is the source of the reference request.
On the other hand, in a case in which the requested actual data has not been stored, the smart contract management unit 112 returns an error as a data acquisition failure to the client unit 111 which is the source of the reference request. In addition, when the information of the management node storing the actual data (the information related to the actual data holder) is incorrect in the process illustrated in
In
The procedures of the processes illustrated in
According to Embodiment 1, it is possible to manage the confidentiality of the data (actual data) desired to be concealed with a small amount of information in the blockchain.
Further, according to Embodiment 1, the actual data is not stored in each management node participating in the blockchain. Therefore, it is possible to reduce the risk that the transactions (trading data) will be deciphered and to reduce the storage capacity for storing the transactions (trading data).
In addition, as compared to the case in which data is concealed by the encryption technology, it is not necessary to manage the correspondence relationship among the encryption key, the public key, and the private key and to perform the operation of exchanging the information of each key for each transaction.
In Embodiment 1, the actual data is stored in two management nodes among the management nodes constituting the blockchain. However, in Embodiment 2, a management node of a third-party organization for data verification which stores all of the actual data stored in each node is added.
The management node of the third-party organization includes a third storage unit that updates the metadata of the management node of the third-party organization and stores the updated metadata when a transaction occurs between the management nodes constituting the blockchain and the metadata of each node is updated and a fourth storage unit that stores all of the actual data which is a portion of the trading content of the transaction (data desired to be concealed from persons other than the persons concerned).
The management node of the third-party organization does not participate in the trading of, for example, the actual products, but manages all transactions. Therefore, the management node of the third-party organization can verify the data falsification of the management nodes constituting the blockchain.
As described above, according to each embodiment, it is possible to manage the confidentiality of the data (actual data) desired to be concealed with a small amount of information in the blockchain.
Further, according to each embodiment, the actual data is not stored in each management node participating in the blockchain. Therefore, it is possible to reduce the risk that the transactions will be deciphered and to reduce the storage capacity for storing the transactions.
Furthermore, according to each embodiment, as compared to the case in which data is concealed by the encryption technology, it is not necessary to manage the correspondence relationship among the encryption key, the public key, and the private key and to perform the operation of exchanging the information of each key for each transaction.
| Number | Date | Country | Kind |
|---|---|---|---|
| 2020-185357 | Nov 2020 | JP | national |
