JP2003050887A - Electronic certificate issuing method and electronic certificate issuing system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To entrust a third person with a procedure and to prevent double use and unauthorized utilization by the third person in the case of issuing various kinds of certificates or the like such as the ones issued by an administrative organ as electronic data. SOLUTION: By entering a utilization purpose to the certificate and inhibiting the alteration of the certificate, it can not be utilized for something other than the entered purpose.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method of assigning an electronic signature to computerized document data using a computer device, and in particular, prevention of double use of various electronic certificates and the like and unauthorized use by a third party. The present invention relates to a digital certificate issuing method and a digital certificate issuing system.

[0002]

2. Description of the Related Art With the full-scale development of the information society, digitized document data created by using word processors, personal computers, etc. are increasing at an explosive rate. For the purpose of improving the service even in the administrative body,
Conventionally, an electronic government concept is being realized in which various administrative documents, which were conventionally managed by paper, are managed as electronic document data, application documents in electronic data are accepted, and various certificates can be issued as electronic data.

However, compared with the conventional paper document, there is a problem that the digitized document data is easier to tamper with and no trace of tampering is left. As a means for preventing unauthorized use due to tampering, there is a method of giving an electronic signature to electronic data. In fields such as electronic commerce (EC), digital signature (Digit
al Signature) and public key certificate are used. The contents of these techniques will be described below.

Regarding the digital signature and public key certificate,
For example, "Digital Signature and Cryptography" (Warwick Ford, Michael Baum, translated by Shinichiro Yamada, 1
(Pearson Press, 997), Sections 4.3 and 6. In the digital signature technique described here, a key for encryption (private key) and a key for decryption (public key) are used as a pair. First, the sender A uses a hash function to compress the data of the message to be sent and creates a digest. The digest is encrypted with the private key of sender A to generate a signature. After that, the original message and the signature are set and transmitted to the recipient B. Recipient B, who receives this, sends the received signature to sender A
Decrypt with the public key of and generate the expected digest. Also, for the received message, a digest is generated using the hash function. Comparing the two digests, if the two are the same, it can be seen that the received data was indeed created by sender A (FIG. 1).

In document exchange using a digital signature, it is premised that the receiver obtains the sender's correct public key. There is a risk of giving out a fake public key. Public key certificates are used to solve such problems (spoofing). A public key certificate is electronic data issued by a third-party institution called a certificate authority and certifying the owner of a public key.

The data exchange procedure of the digital signature using the public key certificate will be described below with reference to FIG. First, the sender A makes a public key certificate issuance application to the certificate authority C whose public key has been registered in advance. The certificate authority C issues a public key certificate to the sender A. The sender A sets the text, the signature, and the public key certificate as a transmission document, and sends it to the receiver B. Recipient B, who has received the transmitted document, acquires the public key of certificate authority C. Since the public key certificate includes the digital signature of the certificate authority C, the digital signature is verified using the obtained public key of the certificate authority C. This proves that the public key certificate received from sender A is valid. Since the legitimate public key certificate includes the correct public key of the sender A, this is extracted. Using the extracted public key of sender A, the received text and its signature are verified. This proves that the text received from sender A is valid.

However, even if these techniques are simply used, the falsification of the document can be prevented, but the double use of the signed electronic document cannot be prevented. As a conventional technique for preventing double use or illegal use, for example, Japanese Patent Laid-Open No.
There is a method described in Japanese Patent Laid-Open No. 1-328269 (hereinafter referred to as known example 1). Known example 1 shows a method of preventing double use by the person himself or illegal use by a third party, using an electronic coupon as an example. In this method, when a coupon is issued, a user who is the issue destination inputs a password, and the irreversible conversion value of the password is embedded as coupon information. Even when using a coupon, ask the user to enter the password, compare the irreversible conversion value embedded in the coupon with the irreversible conversion value of the entered password, and check whether they match, issuing the coupon It is possible to prevent unauthorized use by a person (third party) other than the applicant at the time. Also, by giving a serial number to the coupon and checking the serial number at the time of use, double use can be prevented.

[0008]

[Problems to be Solved by the Invention] In the following, as an example of using a certificate issued by a certificate issuing organization at a certificate submitting organization, an application is made electronically to the Land Transport Bureau when purchasing a vehicle. Assuming this, the problems with issuing the resident card will be explained. Note that the public key certificate is omitted in this example.

[0009] In the process of electronically applying to the Land Transport Bureau, a local government first issues a resident's card (including a signature on the content by the local government). Next, prepare a registration application form with the Land Transport Office and send these files electronically to the Land Transport Office (Fig. 3). In this case, there is a possibility that the issued resident card will be used twice or more and that it will be used twice. For example, it is assumed that the applicant, in addition to applying to the Land Transport Office, also renews his passport, so he needed another copy of the resident card at the same time. In the conventional paper resident card, it is necessary to issue two copies in total, but since electronic data can be easily copied, issuing a resident card by making a copy of some of the issued data You can pay the fee once.

As a method for solving this problem, a known example 1
In the invention, a method of including a unique serial number in a coupon (corresponding to a resident card in this case) is shown. If the resident's card contains a unique serial number, the issuing local government will set up a management register of the issued resident's card, and the Land Transport Bureau submitted to the local government will report the resident's card with that serial number. Operate to inquire whether or not is valid.
As a result, in the case of double use, it is possible to detect the double use at the second inquiry, and thus it is possible to prevent the double use.

The issue of double use by the issuer himself is
This can be prevented by including a unique serial number in the resident's card, but there is the problem of unauthorized use by a third party as follows. That is, there is a possibility that a third party may steal the issued resident card from the storage device or communication line of the applicant terminal and use the resident card illegally. In this case also, the Land Transport Bureau inquires the issuing municipality about the serial number, so that the resident's card with the same serial number is used twice as a whole, and eventually double use is discovered. However, the Land Transport Bureau makes inquiries to the local government.
If a third party uses it fraudulently before (hereinafter referred to as a legitimate inquiry), the fraudulent use will be discovered later. That is, a third party can illegally use the resident's card during the period from the stolen resident's card until a proper inquiry is made. If you use the resident's card, you can impersonate yourself as an applicant and obtain fraudulent behavior such as obtaining a driver's license. Although the resident's card is used as an example here, various certificates issued by the local government may include a copy of the family register, an extract of the family register, etc. It turns out to be a problem.

As a method of preventing such unauthorized use by a third party, in the invention of the first known example, the irreversible conversion value of the password input at the time of issuance is included in the coupon (in this case, a resident card). The method is shown. If you use this method, you need a password to use it,
Even if a third party can steal the resident's card and electronic signature, they cannot use them without knowing the password. That is, it is possible to prevent unauthorized use by a third party.

However, in various applications using a certificate issued by an administrative body such as a local government, the procedure is often outsourced to a third party. For example, in the previous example, the applicant may issue the resident card from the local government, but entrust the dealer with subsequent processing. The flow of documents in this case is shown in FIG.

In this case, in the method according to the invention of the above-mentioned publicly known example 1, the applicant is required to disclose the password input when the resident card is issued to the dealer. It is necessary for the dealer to remember the disclosed password, and when a large number of application agents are contracted, management using a ledger will be performed. At this time, the password may be stolen from the dealer's storage device together with the resident's card and the electronic signature, and the method disclosed in the invention of the known example 1 does not necessarily ensure the security. In addition, the dealer himself does not always use the received resident's card and the disclosed password to make unauthorized use. In view of the above problems, the present invention allows a third party to request a proxy for the procedure, and the institution that receives the certificate can immediately confirm the validity of the certificate (not a post-discovery).
The purpose is to provide a method for issuing a certificate.

[0015]

In order to achieve the above object, an electronic certificate issuing method according to the present invention is an electronic certificate which receives an electronic data issuing request of a certificate and issues electronic data of a corresponding certificate. In the issuing method, the steps of receiving electronic data of the application for issuance that describes the purpose of use of the certificate, the step of generating electronic data of the corresponding certificate, and the purpose of use in the issue of application are extracted, And a step of generating an electronic signature by the issuer by using the electronic data of the certificate whose purpose of use has been transcribed as a signature target.
At this time, the applicant information of the issue applicant together with the purpose of use of the certificate may be received, and the applicant information and purpose of use of the issue applicant may be extracted and transcribed to the electronic data of the certificate.

According to this method, the purpose of use is already stated in the issued certificate in a form that cannot be tampered with at the time of issuance, and it is prevented from being used for purposes other than that purpose. You can That is, it is possible to prevent double use by the issue applicant and a third party (including a person who is entrusted to use the certificate by the issue applicant).

The electronic certificate issuance method according to the present invention is also an electronic certificate issuance method for issuing an electronic data of a corresponding certificate in response to a request for issuance of electronic data of a certificate. The electronic data of the certificate, the step of generating the electronic data of the certificate that includes the content of the issuance application as part of the content of the certificate, and the electronic signature of the issuer for the electronic data of the certificate. And a generating step.

[0018] According to this method, the purpose of use is already described in the issued certificate in a form that cannot be tampered with at the time of issuance, and it is prevented from being used for purposes other than that purpose. You can That is, it is possible to prevent double use by the issue applicant and a third party (including a person who is entrusted to use the certificate by the issue applicant).

In the electronic certificate issuing method according to the present invention, in addition, in the electronic certificate issuing method of receiving an electronic data issuing request of a certificate and issuing electronic data of a corresponding certificate, an encryption key for encryption is used. Including a step of accepting, a step of generating electronic data of a corresponding certificate, a step of encrypting the electronic data of the certificate with the encryption key, and a step of issuing the electronic data of the encrypted certificate. Is characterized by. In the step of generating the electronic data of the certificate, unique information within the certificate issuing authority,
For example, electronic data of a certificate including a serial number may be generated.

According to this method, when applying for issuance of a certificate, the public key of the applicant or the public key of the final submitting authority of the certificate is passed as the public key for encryption, so that it can be used for encryption. Since the certificate can be decrypted only by the person who possesses the private key paired with the public key, it can be prevented from being used by anyone other than the authorized user. Also, if you include unique information (serial number etc.) within the issuing organization in the certificate,
Double-use can be prevented by checking the serial number for duplication at the final submitting organization.

The electronic certificate issuing system according to the present invention is
In a digital certificate issuing system that issues electronic data of a certificate in response to a request to issue electronic data of the certificate, accept electronic data of an application for issuance that describes the purpose of use of the certificate Section, a certificate generation section that generates electronic data of the certificate, a purpose posting section that extracts the purpose of use in the application for issuance and posts it to the electronic data of the certificate, and a certificate with the purpose of use posted And a digital signature generation unit that generates a digital signature by the issuer, using the electronic data of 1.

According to this system, the purpose of use is already described in the issued certificate in a form that cannot be tampered with at the time of issuance, and it is prevented from being used for purposes other than that purpose. You can That is, it is possible to prevent double use by the issue applicant and a third party (including a person who is entrusted to use the certificate by the issue applicant).

The digital certificate issuing system according to the present invention is
In addition, in the electronic certificate issuing system that issues the electronic data of the certificate in response to the request to issue the electronic data of the certificate, the certificate issue application receiving unit that receives the electronic data of the issue application that describes the purpose of use , A certificate generation unit that generates the electronic data of the certificate that includes the contents of the issuance application as part of the contents of the certificate, and an electronic signature that generates the electronic signature of the issuer with the electronic data of the certificate as the signature target And a generation unit.

According to this system, the issued certificate will have the purpose of use already stated at the time of issuance in a form that cannot be tampered with, and the certificate will be prevented from being used for purposes other than the intended purpose. You can That is, it is possible to prevent double use by the issue applicant and a third party (including a person who is entrusted to use the certificate by the issue applicant).

The electronic certificate issuing system according to the present invention is
In addition, in a digital certificate issuing system that receives a request to issue electronic data of a certificate and issues electronic data of the corresponding certificate, a certificate issuance application acceptance unit that receives an encryption key for encryption and an electronic certificate of the certificate. A certificate generation unit that generates data, a certificate encryption unit that encrypts the electronic data of the certificate with the encryption key, and a certificate issuing unit that issues the electronic data of the encrypted certificate Is characterized by. The certificate generation unit that generates the electronic data of the certificate may generate the electronic information of the certificate including unique information within the certificate issuing organization, for example, the serial number.

According to this system, when applying for issuance of a certificate, the public key of the applicant or the public key of the final submitting authority of the certificate is passed as the public key for encryption, so that it can be used for encryption. Since the certificate can be decrypted only by the person who possesses the private key paired with the public key, it can be prevented from being used by anyone other than the authorized user. If the certificate includes unique information (serial number, etc.) within the issuing organization, duplicate use can be prevented by checking the duplicate serial number at the final submitting organization.

[0027]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described below with reference to the drawings. First, the first embodiment will be described. FIG. 5 is a diagram showing an example of the overall configuration of a vehicle registration system using an electronic certificate according to the first embodiment. Figure 5
As shown in, a vehicle registration system using a digital certificate includes a certificate issuing system (certificate issuing organization) 501, an applicant terminal 502, a dealer terminal (procedure agency) 50.
3, the Land Transport Bureau terminal (certificate submitting institution) 504, and the network 505.

The resident card issuance system 501 executes processing related to acceptance of a resident card issuance application from the applicant terminal, generation of a resident card / electronic signature, and issuance. Applicant terminal 502
Performs processing on the resident's card issuance system 501 regarding creation of a resident's card issuance application, application for issuance, use of resident's card issued by the local government, and procedure entrustment to a dealer. The dealer terminal 503 performs the registration procedure application to the Land Transport Bureau requested by the applicant. The Land Transport Office terminal 504 responds to electronic applications related to operations of the Land Transport Office. The network 505 is a wide area network
(WAN: Wide Area Network) or an Internet line, which provides a means for connecting a plurality of computer devices and mutually transferring commands and data.

Although FIG. 5 shows a configuration example in which three computers, the applicant terminal 502, the dealer terminal 503, and the Land Transport Office terminal 504 are connected to the certificate issuing system 501, the applicant terminal, the dealer terminal, There may be a plurality of terminals of the Land Transport Office.

The certificate issuing system 501, which is an application target of the electronic signature assigning method according to the present invention and is a main component of the present embodiment, will be described below. FIG. 6 is a diagram showing the configuration of the certificate issuing system 501 in this embodiment. The certificate issuing system 501 shown in FIG. 6 includes a display 601, a keyboard 602, a central processing unit (CP).
U) 603, floppy (registered trademark) disk drive 604, floppy disk 605, communication control device 60
6, a main memory 607, a magnetic disk device 608, and a system bus 609.

The display 601 displays the execution status of processing in this system. The keyboard 602 is
Accepts the input of commands that instruct the system to start / stop. The central processing unit 603 reads out and executes various programs constituting the present system stored in the main memory 607. Floppy disk drive 604
Are used for reading and writing data to and from the floppy disk 605. The floppy disk 605 is used when data is exchanged without going through a network. The communication control device 606 communicates with the applicant terminal 502 and the certificate authority 503 via the network 505,
Used to exchange commands and data. The main memory 607 holds various programs and temporary data for executing the processing in this system. The magnetic disk device 608 is used as a means for storing the registered certificate and various data used by the system for certificate management. The system bus 609 connects these various devices to each other.

The main memory 607 holds a resident's card issuance application reception program 610, a resident's card generation program 611, a resident's card issuance program 612, a resident's card issuance management program 613, and an operating system 614. A program storage area 615 and a data file storage area 616 are secured in the magnetic disk device 608. Programs 610 stored in the main memory 607
613 is transferred from the program storage area 615 by the operating system 614.

The resident card issuance application acceptance program 610 is
Perform processing to accept the application for issuance of a resident's card from the applicant. The resident's card generation program 611 performs processing for generating a resident's card and related data (signature). The resident card issuance program 612 performs processing for issuing data related to the resident card. Resident Certificate Issue Management Program 613
Receives a command from the applicant terminal 502 via the network, and receives a residence certificate issuance application reception program 610, a residence certificate generation program 611, and a residence certificate issuance program 612.
To get it up and running.

Next, the applicant terminal 502, the dealer terminal 503, and the land transportation station terminal 504 will be described. These configurations are the same as the configurations of the certificate issuing system shown in FIG. 6, but the configurations of the programs stored in the main memory 607 are different. Here, different main memory configurations will be described.

FIG. 7 is a diagram showing the main memory of the applicant terminal in this embodiment. In the main memory 701 shown in FIG. 7, a residence certificate issuance application creation program 702, a residence certificate issuance application program 703, and an additional information giving program 70
4, a procedure consignment program 705, a registration application management program 706, and an operating system 707 are held.

Resident's card issuance application creation program 702
Performs the process of creating a resident card issuance application form. The resident card issuance application program 703 performs a resident card issuance application process. The additional information adding program 704 performs a process of adding information to the resident card. Procedure consignment program 70
Step 5 entrusts the dealer with registration procedures with the Land Transport Bureau. The registration application management program 706 activates and executes a resident's card issuance application creating program 702, a resident's card issuance application program 703, an additional information giving program 704, and a procedure consignment program 705.

FIG. 8 is a diagram showing the main memory of the dealer terminal in this embodiment. Main memory 801 shown in FIG.
The registration application acceptance program 802, the registration application creation program 803, and the registration application program 80
4. The agent registration application management program 805 and operating system 806 are retained.

The registration application acceptance program 802 is
Perform the process of accepting the registration application on behalf. The registration application creation program 803 performs a process of creating a registration application to be submitted to the Land Transport Bureau. The registration application program 804 is
Perform registration application processing with the Land Transport Bureau. The agent registration application management program 805 uses the applicant terminal 5 via the network.
02, the registration application proxy acceptance program 802, the registration application creation program 803, and the registration application program 804 are activated and executed.

FIG. 9 is a diagram showing the main memory of the terminal of the Land Transport Office in this embodiment. In the main memory 901 shown in FIG. 9, a registration application acceptance program 902, an application correctness verification program 903, a registration processing program 904, a registration processing management program 905, an operating system 9
06 is retained.

The registration application acceptance program 902 performs processing for accepting a registration application. Registration processing program 90
3 performs registration processing. Registration process management program 90
5 receives a command from the dealer terminal 503 via the network, and receives a registration application acceptance program 902, an application correctness verification program 903, and a registration processing program 9
04 is started and executed.

Next, the overall processing flow of the vehicle registration system in this embodiment will be described. Figure 10
The applicant applies to the local government to issue a resident's card and has it issued, adds information to the resident's card, and entrusts the dealer with subsequent application procedures to the Land Transport Bureau.
FIG. 8 is an event trace diagram until the dealer makes an application to the Land Transport Office and is registered by the Land Transport Office.

The applicant 1001 first creates a resident card issuance application form and attaches a signature (process 1005). Next, the applicant 1001 sends a set of application forms to the local government 1002.
(Residence card issuance application form, signature by applicant) is transmitted to issue an application (process 1006). In the municipality 1002,
The sent data is received, a set of electronic data of the resident card (resident card, signature by local government) is created and issued (process 1007).

Next, the applicant 1001 adds additional information to the issued resident card (process 1008). Thereafter, the applicant 1001 transmits a set of resident's card electronic data to the dealer 1003 and entrusts the Land Transport Bureau with the procedure (process 1009). Dealer 100 who received this
3 performs registration application proxy processing to the Land Transport Bureau 1004 (processing 1010). The Land Transport Office 1004 receives the transmitted data and performs registration processing (processing 1011).
The above-described flow of the event is performed by the applicant 1001 first executing the registration application management program 706.

First, the operation procedure of the registration application management program 706 in this embodiment will be described. Figure 11
7 is a PAD (Problem Analysis Diagram) diagram showing a schematic processing procedure of the registration application management program 706. This program is executed by the applicant when the applicant performs registration processing. When this program is called, it first executes the resident card issuance application generation program 702,
A resident card issuance application is generated (step 1101). Here, a resident card issuance application form 1201 as shown in FIG.
Is generated and a signature by the applicant 1001 is added.

Next, the resident card issuance application program 703 is executed, an application for issuance of the resident card is made to the local government, and a resident card is issued (step 1102). At this time, the certificate issuing system 501 executes the resident card issuance management program 613. Details of this processing will be described later with reference to FIG. By this processing, the resident card and signature as shown in FIG. 13 are issued. This resident card is a serial number 1301, applicant information 1302, resident card description data 1303, and signature 1 by the local government 1002.
It is composed of 304.

Next, the additional information provision program 704 is executed, and the entrustee / purpose information 1 in which the entrustee and the purpose of use of the procedure as shown in FIG.
401 and a signature 1402 by the applicant 1001 are added (step 1103). Finally, the procedure consignment program 705 is executed, and FIG.
Send the resident card and the information attached to it,
Outsource the registration application to the Land Transport Bureau (Step 1
104). At this time, the agency registration application management program 805 is executed in the dealer terminal 503. Details of this processing will be described later with reference to FIG.

Next, the operation procedure of the resident certificate issuance management program 613 in this embodiment will be described. FIG. 15 is a PAD showing a general processing procedure of the resident card issuance management program 613.
It is a figure. This program is called when there is a resident card issuance application from the applicant 1001. When this program is called, first, a resident card issuance application acceptance program 6
10 is executed to receive the received data (step 1501). Here, the electronic data transmitted from the applicant is received, and whether or not the received electronic data is valid is verified using a signature.

Next, the resident card generation program 611 is executed to generate a resident card (step 1502). The resident card generated at this time is shown in FIG. The resident card is made up of a serial number 1301, applicant information 1302, resident card description data 1303, and issuance local government signature 1304.
Is given. Here, the applicant information 1302 is created based on the information of the data received in step 1501. The resident's card description content data 1303 may be newly created, a file existing in the data file storage area 616 may be used, or the data file storage area 61 may be used.
The file existing in No. 6 may be diverted and created. Finally, the resident card issuance program 612 is executed, and the resident card set is transmitted to the applicant (step 1503).

Next, the operation procedure of the proxy registration application management program 805 in this embodiment will be described. FIG. 16 shows a schematic processing procedure of the proxy registration application management program 805.
It is a PAD figure. This program is from applicant 1001
Called when there is a consignment of registration application to the Land Transport Bureau. When called, this program first executes the registration application proxy acceptance program 802 to accept the received data (step 1601). here,
The electronic data sent from the applicant is received, and the signature is used to verify whether the received electronic data is valid. Next, the registration application generation program 803 is executed to generate a registration application (step 1602).
An agent signature 1801 as shown in FIG. 18 is also added to the received resident card. Finally, the registration application program 804 is executed, and the
A resident's card with an agent signature 1801 as shown in 8 and a registration application form are sent to apply for registration. (Step 1603). At this time, the land transport station terminal 504 executes the registration processing management program 905. Details of this processing will be described later with reference to FIG.

Next, the operation procedure of the registration processing management program 905 in this embodiment will be described. FIG. 17 is a PAD diagram showing a schematic processing procedure of the registration processing management program 905. This program is called when there is a registration application from the dealer 1003. When this program is called, it first executes the registration application acceptance program 902 to accept the received data (step 170).
1). Here, the electronic data transmitted from the dealer is received, and whether or not the received electronic data is valid is verified using a signature. Next, the application validity verification program 903 is executed, and with respect to the received resident's card with the agent signature 1801 as shown in FIG. 18, the contents described therein are verified, and the application is found to be valid. It is verified whether there is any (step 1702).
Here, since the contents of the outsourcer / purpose-of-use information 1401 match the purpose of this application, it is found that the application is correct. Finally, the registration processing program 904 is executed to perform registration processing including the issuance of a license plate (step 1703).

According to the present embodiment, the resident's card has already described the purpose of use at the time of passing it to the dealer, which is a third party institution. Therefore, if the resident's card is used in a manner not suitable for this purpose, The fraud can be detected at the organization to which the resident card is submitted, which is equivalent to the Land Transport Bureau. As a result, double use of the certificate and illegal use by a third party can be prevented. A public key certificate may be sent to clarify the identity of the sender of the data.

A second embodiment to which the present invention is applied will be described below with reference to the drawings. In this embodiment, the system configuration is the same as that of the first embodiment, but the processing content of the program is different from that of the first embodiment. The difference between this embodiment and the first embodiment is shown.

In the first embodiment, when the local government generates a resident's card, the purpose of use is not described in the resident's card, but the applicant writes the purpose of use after it is issued by the local government. is doing. On the other hand, in this embodiment, when the local government generates a resident's card, it issues a resident's card that also describes the purpose of using the resident's card. As a result, the resident's card issued by the local government cannot be used for any purpose other than the purpose stated in the application for issuance of the resident's card, so double use of the certificate and illegal use by a third party can be prevented.

The processing contents of this embodiment different from those of the first embodiment are shown below. In the process (step 1502) of executing the resident card generation program in FIG. 15 to generate a resident card set, a resident card as shown in FIG. 19 is generated. The resident card is serial number 1901, applicant / contractor / purpose information 1902, resident card data 19
03, and is further provided with the issuing local government signature 1904. Here, the applicant information 1902 is step 150.
It is created based on the information of the data received in 1. The resident card description content data 1903 may be newly created, a file existing in the data file storage area 616 may be used, or a file existing in the data file storage area 616 may be diverted. Good.

In the process of executing the additional information adding program shown in FIG. 11 and adding the additional information to the resident card (step 1103), the entrustee / purpose information 1401 is not added, but only the signature by the applicant 1001 is added. To do.

According to this embodiment, the purpose of use has already been described when the resident card was issued by the local government.
If it is attempted to be used in a manner that is not suitable for this purpose, the fraud can be detected at the institution to which the resident's card, which is equivalent to the Land Transport Bureau, is submitted. This makes it possible to prevent double use of the resident's card and unauthorized use by a third party.

A third embodiment to which the present invention is applied will be described below with reference to the drawings. In this embodiment, the system configuration is the same as that of the second embodiment, but the processing content of the program is different from that of the second embodiment. The point that this embodiment is different from the second embodiment will be described.

In the second embodiment, when the local government creates a resident's card, the purpose of use of the resident's card is described based on the information described in the resident's card issuance application 1201. On the other hand, in this embodiment, as shown in FIG.
The resident card issuance application 1201 received from the applicant is embedded in the resident card as it is.

According to this embodiment, the purpose of use has already been described when the resident card was issued by the local government.
If it is attempted to be used in a manner that is not suitable for this purpose, the fraud can be detected at the institution to which the resident's card, which is equivalent to the Land Transport Bureau, is submitted. This makes it possible to prevent double use of the resident's card and unauthorized use by a third party.

A fourth embodiment to which the present invention is applied will be described below with reference to the drawings. The system configuration of this embodiment is the same as that of the first embodiment, but the processing procedure of the program is different from that of the first embodiment. The difference between this embodiment and the first embodiment is shown.

In the first embodiment, the purpose of use is described in the resident's card. Therefore, if an attempt is made to use the resident's card that does not meet this purpose, the address to which the resident's card equivalent to the Land Transport Bureau is submitted. The institution can detect the fraud, and can prevent double use of the certificate and fraudulent use by a third party. On the other hand, in this embodiment, the applicant obtains the public key of the Land Transport Office to which the resident card is submitted,
When applying for issuance of a resident card, the public key of the Land Transport Office is sent to the administrative agency. After creating a resident's card, the local government encrypts it with the public key of the Land Transport Office it received and issues the resident's card. As a result, the resident's card can be decrypted only by the Land Transport Office that possesses the private key of the Land Transport Office, which is the pair of the public key used for encryption, and therefore it is possible to prevent the certificate from being submitted to another organization. Also, since the certificate contains the serial number,
It is possible to prevent double use by checking the serial number for duplication at the Land Transport Office.

FIG. 21 is a PAD diagram showing the processing procedure of the registration application management program 706 in this embodiment. This program is executed by the applicant when the applicant performs registration processing. When this program is called, it first executes the resident's card issuance application generation program 702 to generate a resident's card issuance application (step 210).
1). Here, a resident's card issuance application 1201 as shown in FIG. 12 is generated and a signature by the applicant 1001 is added. Next, the resident card issuance application program 703 is executed, an application for issuance of the resident card is made to the local government, and a resident card is issued (step 2102). At this time, the public key of the Land Transport Office 1004, which was acquired in advance, is used by the local government 10
Pass to 02. Further, in the certificate issuing system 501, a resident card issuance management program 613 is executed. Details of this processing will be described later with reference to FIG. By this processing, a resident card and signature as shown in FIG. 22 are issued. This resident card is a serial number 2201, a resident card description data 2202, and a signature 220 by the local government 1002.
It consists of 3. Finally, the procedure consignment program 70
5 is executed, the resident's card and the information attached thereto are sent to the dealer 1003 as shown in FIG. 14, and the agency application for registration application to the Land Transport Bureau is entrusted (step 210).
3). At this time, the agency registration application management program 805 is executed in the dealer terminal 503.

FIG. 23 is a PAD diagram showing a processing procedure of the residence certificate issuance management program 613 in this embodiment. This program is called when there is a resident card issuance application from the applicant 1001. When this program is called, it first executes the resident's card issuance application acceptance program 610 to accept the received data (step 230).
1). Here, the electronic data transmitted from the applicant is received, and whether or not the received electronic data is valid is verified using a signature. At this time, the applicant 1001 also passes the public key for encryption as transmission data.

Next, the resident card generation program 611 is executed to generate a resident card (step 2302). The resident card generated at this time is shown in FIG. The resident's card is made up of a serial number 2201 and resident's card description content data 2202, to which an issuing local government signature 2203 is attached. Here, the resident card description content data 2202 may be newly created, a file existing in the data file storage area 616 may be used, or a file existing in the data file storage area 616 may be diverted. May be created.
Further, the resident's card including the serial number 2201, the resident's card description content data 2202, and the issuing local government signature 2203 is encrypted with the received public key for encryption. Finally, the resident's card issuing program 612 is executed to send the encrypted resident's card set to the applicant (step 2303).

FIG. 24 shows a PAD diagram showing the processing procedure of the registration processing management program 905 in this embodiment. This program is called when there is a registration application from the dealer 1003. When this program is called, it first executes the registration application acceptance program 902 to accept the received data (step 2401). Here, we receive the electronic data sent from the dealer,
Whether or not the received electronic data is valid is verified using a signature. Next, the application validity verification program 903 is executed to verify whether or not the application is valid with respect to the received encrypted resident card (step 2402). Here, the Land Transport Bureau 100
By decrypting with the private key of No. 4, the data becomes legible and it is proved that the application is correct. Finally,
The registration processing program 904 is executed to perform registration processing including issuance of a license plate (step 240).
3).

According to this embodiment, a unique serial number is assigned to each certificate, the public key of the Land Transport Office to which the resident's card is submitted is obtained, and the set of certificates is encrypted using this public key. By doing so, only the Land Transport Office that possesses the private key of the Land Transport Office that is the pair of the public key used for encryption can decrypt these certificate sets, and submit the certificate to other institutions. It can be prevented. Further, since the certificate includes the serial number, it is possible to prevent double use by checking the serial number for duplication on the side of the Land Transport Office.

The fifth embodiment to which the present invention is applied will be described below with reference to the drawings. The present embodiment has the same system configuration as that of the fourth embodiment, but the program processing procedure is different from that of the fourth embodiment. The difference of this embodiment from the fourth embodiment will be described.

In the fourth embodiment, the applicant obtains the public key of the Land Transport Office to which the resident's card is to be submitted, and at the time of application for issuance of the resident's card, the public key of the Land Transport Office is sent to the local government, Was encrypted with the public key of the Land Transport Office. On the other hand, in the present embodiment, the public key of the applicant is passed when applying for issuance of the resident card, and the resident card is encrypted with the public key of the applicant. And
After receiving the encrypted resident card, decrypt it using the applicant's private key and restore the original resident card. After that, the public key of the Land Transport Office, which is the final destination, is obtained, and the applicant encrypts the resident card with this public key. In the present embodiment, unlike the fourth known example, after the resident's card is issued, the institution to which it is to be submitted can be determined. (You can select the usage after issuing the resident card.)

FIG. 25 is a PAD diagram showing the processing procedure of the registration application management program 706 in this embodiment. This program is executed by the applicant when the applicant performs registration processing. When this program is called, first, the resident card issuance application generation program 702 is executed to generate a resident card issuance application (step 250).
1). Here, a resident's card issuance application 1201 as shown in FIG. 12 is generated and a signature by the applicant 1001 is added. Next, the resident card issuance application program 703 is executed, an application for issuance of a resident card is made to the local government, and a resident card is issued (step 2502). At this time, the public key of the applicant 1001 is passed to the local government 1002. Also,
In the certificate issuing system 501, a resident card issuance management program 613 is executed. It should be noted that this processing results in
It is issued after being encrypted with the public key that the resident's card and signature as shown in 2 have been passed.

Next, the additional information adding program 704 is executed to decrypt the encrypted resident's card by using the private key of the applicant 1001. Then, the resident's card that has been restored by the decryption is encrypted using the public key of the Land Transport Office prepared in advance (step 2503). Finally, the procedure consignment program 705 is executed, the resident's card encrypted with the public key of the Land Transport Office is sent to the dealer 1003, and the agency application for registration application to the Land Transport Office is entrusted (step 2504).

As a result, the resident's card can be decrypted only by the Land Transport Office that possesses the private key of the Land Transport Office that is the pair of the public key used by the applicant for encryption, and the certificate must be submitted to another organization. Can be prevented. Further, since the certificate includes the serial number, it is possible to prevent double use by checking the serial number for duplication on the side of the Land Transport Office.

[0072]

As described above, according to the electronic certificate issuing method according to the present invention, the electronic data of the certificate includes the applicant information of the issue applicant and the purpose of use, which is the target data of the electronic signature. Proof by issuing a certificate in a form encrypted with the public key of the applicant or the public key of the final submitting agency so that it cannot be used for any purpose other than the intended use stated in the application for issuance. It is possible to prevent double use of a book and unauthorized use by a third party.

[Brief description of drawings]

FIG. 1 is a diagram showing a mechanism of a digital signature authentication method.

FIG. 2 is a diagram showing a mechanism of a digital signature authentication method using a public key certificate.

[Figure 3] A resident's card electronically issued by the local government
It is a figure which shows the process which submits to the Land Transport Office.

[Figure 4] A resident's card electronically issued by the local government,
It is a figure which shows the process which submits to a land transport station via a dealer.

FIG. 5 is a diagram showing an overall configuration of a first exemplary embodiment of the present invention.

FIG. 6 is a diagram showing a configuration of a certificate issuing system in the first exemplary embodiment of the present invention.

FIG. 7 is a diagram showing a main memory of an applicant terminal in the first embodiment of the present invention.

FIG. 8 is a diagram showing a main memory of a dealer terminal in the first embodiment of the present invention.

FIG. 9 is a diagram showing a main memory of the land transportation station terminal according to the first embodiment of the present invention.

FIG. 10 is an event trace diagram from issuance of a resident card to registration processing by the Land Transport Office in the first embodiment of the present invention.

FIG. 11 is a PAD diagram showing a schematic processing procedure of a registration application management program in the first example of the present invention.

FIG. 12 is an example of a resident card issuance application form according to the first embodiment of the present invention.

FIG. 13 is a diagram showing a resident's card issued by a local government in the first embodiment of the present invention.

FIG. 14 is a diagram showing a state in which an applicant gives a purpose of use and a signature to a resident's card issued by a local government in the first embodiment of the present invention.

FIG. 15 is a PAD diagram showing a schematic processing procedure of a residence certificate issuance management program according to the first embodiment of the present invention.

FIG. 16 is a PAD showing a schematic processing procedure of a proxy registration application management program in the first example of the present invention.

FIG. 17 is a PAD diagram showing a schematic processing procedure of a registration processing management program in the first example of the present invention.

FIG. 18 is a diagram showing a state in which the applicant has given a purpose of use and a signature to the resident's card issued by the local government according to the first embodiment of the present invention, and further the dealer has given the signature. .

FIG. 19 is a diagram showing a resident's card issued by a local government in the second embodiment of the present invention.

FIG. 20 is a diagram showing a resident's card issued by a local government in a third embodiment of the present invention.

FIG. 21 is a PAD showing a schematic processing procedure of a registration application management program in the fourth example of the present invention.

FIG. 22 is a diagram showing a resident's card issued by a local government in the fourth embodiment of the present invention.

FIG. 23 is a PAD diagram showing a schematic processing procedure of a residence certificate issuance management program in a fourth embodiment of the present invention.

FIG. 24 is a PAD diagram showing a schematic processing procedure of a registration processing management program in the fourth example of the present invention.

FIG. 25 is a PAD showing a schematic processing procedure of a registration application management program in the fifth embodiment of the present invention.

[Explanation of symbols]

501 ... Certificate issuing system, 502 ... Applicant terminal, 5
03 ... Dealer terminal, 504 ... Land Transport Office terminal, 505 ...
network

Continued front page    (72) Inventor Takuya Okamoto             890 Kashimada, Sachi-ku, Kawasaki City, Kanagawa Stock             Hitachi, Ltd. Business Solutions             Within the department (72) Inventor Toru Takahashi             890 Kashimada, Sachi-ku, Kawasaki City, Kanagawa Stock             Hitachi, Ltd. Business Solutions             Within the department (72) Inventor Tatsushi Akane             Tokyo Stock Exchange, 1-6-27 Shinsuna, Koto-ku, Tokyo             Hitachi, Ltd. Public Systems Division F-term (reference) 5J104 AA09 LA04 LA06 NA02

Claims (6)

[Claims] 1. Upon receipt of a request to issue electronic data of a certificate,
In a digital certificate issuing method for issuing electronic data of a corresponding certificate, a step of receiving electronic data of an application for issuance that describes the purpose of use of the certificate, a step of generating electronic data of the corresponding certificate, Extracting the purpose of use in the issuance application form and copying it to the electronic data of the certificate; and generating an electronic signature by the issuer with the electronic data of the certificate having the purpose of use posted as a signature target. A method for issuing a digital certificate, including: 2. Upon receiving a request to issue electronic data of a certificate,
In the electronic certificate issuing method for issuing the electronic data of the corresponding certificate, the step of receiving the electronic data of the application for issuance that describes the purpose of use, and the certification including the content of the issuance application as part of the content of the certificate. And a step of generating a digital signature by the issuer with the electronic data of the certificate as a signature target. 3. Upon receiving a request to issue electronic data of a certificate,
In a digital certificate issuing method for issuing electronic data of a corresponding certificate, a step of receiving an encryption key for encryption, a step of generating electronic data of the corresponding certificate, An electronic certificate issuing method, comprising: a step of encrypting with a key; and a step of issuing electronic data of the encrypted certificate. 4. Upon receiving a request to issue electronic data of a certificate,
In a digital certificate issuing system that issues electronic data of a corresponding certificate, a certificate issuance application acceptance unit that accepts electronic data of an issuance application that describes the purpose of use of the certificate, and electronic data of the certificate is generated. A certificate generation unit, a purpose-of-use transcription unit that extracts the purpose of use in the issuance application, and transcribes it into electronic data of the certificate, and the electronic data of the certificate in which the purpose of use is transcribed, as a signature target, An electronic certificate issuing system comprising: an electronic signature generation unit that generates an electronic signature by an issuer. 5. Upon receiving a request to issue electronic data of a certificate,
In a digital certificate issuing system that issues electronic data of a corresponding certificate, a certificate issuance application receiving unit that receives electronic data of an issuance application that describes the purpose of use, and the content of the issuance application is the content of the certificate. An electronic device including a certificate generation unit that generates electronic data of a certificate included as a part, and an electronic signature generation unit that generates an electronic signature by an issuer with the electronic data of the certificate as a signature target. Certificate issuing system. 6. Upon receiving a request to issue electronic data of a certificate,
In a digital certificate issuing system that issues electronic data of a corresponding certificate, a certificate issuance application receiving unit that receives an encryption key for encryption, a certificate generating unit that generates electronic data of the certificate, and the certificate An electronic certificate issuing system, comprising: a certificate encryption unit that encrypts the electronic data of 1. with the encryption key; and a certificate issuing unit that issues the electronic data of the encrypted certificate.