JP2006018745A - Electronic data authentication system, method for verifying forgery of authentication mark, program for verifying forgery of authentication mark, browser terminal, and authentication mark generation server - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an electronic data authentication system capable of determining the forgery of an authentication mark. <P>SOLUTION: In this electronic data authentication system, an electronic data providing server, an authentication mark generation server and a browser terminal having an authentication part operated by an authentication program are mutually connected through an information communication network. The authentication mark includes a mark image having first and second areas. The authentication mark generation server buries authentication information to the first area as first electronic watermark information and buries preliminarily settable information for verifying the propriety of the authentication information and preliminarily settable specification information of the authentication mark generation server to the second area as second electronic watermark information. The authentication part, which is accessible to the first area but not to the second area, extracts the mark image from the authentication mark, and stores it. The browser terminal further includes an authentication mark forgery verification part verifying the first and second electronic watermark information to determine the authentication mark, and displaying the content according to the determination result. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to an authentication system for electronic data such as a Web page, a method for verifying forgery of an authentication mark attached to the electronic data, a program thereof, a terminal for a viewer, and an authentication mark generation server.

  As a technique for authenticating electronic data such as a web page, a technique using a mark image attached to electronic data has been proposed (for example, see Patent Document 1). Also, electronic data authentication systems to which these techniques are applied are known.

According to these techniques and systems, first, information for authenticating electronic data is embedded in the mark image as digital watermark information. The electronic data to which the mark image is attached is held in a holding server such as a WWW server so that it can be viewed on a display provided in a browser terminal such as a WWW browser. The browser terminal that has accessed the holding server downloads the electronic data and the mark image, and displays the electronic data to which the mark image is attached on the display. At the same time, the browser terminal extracts the digital watermark information embedded in the mark image based on the authentication program, and further authenticates the electronic data based on this information.
JP 11-239129 A

  By the way, a certification mark (a certification program for authenticating a mark image or a mark image and electronic data) issued by a malicious certification body or a malicious third party to a service providing site from a predetermined certification body. There is a case in which an authentication mark for displaying similar to the authentication result displayed in the authentication process is forged. If this happens, in the electronic data authentication system described above, the user using the browser terminal distinguishes between the authentication mark officially issued by the accreditation body and the authentication mark forged as described above. The problem that it is not possible arises.

  Accordingly, the present invention has been made in view of the above problems, and an object thereof is to provide an electronic data authentication system capable of determining whether or not an authentication mark is counterfeited.

  The invention for solving the problems includes an electronic data providing server for providing electronic data, an authentication mark generating server for generating an authentication mark attached to the electronic data to authenticate the electronic data, and the electronic data providing An electronic data authentication system that is operated by an authentication program provided from a server and that has an authentication unit that authenticates corresponding electronic data based on the authentication mark, and a reader terminal connected to each other through an information communication network The authentication mark includes a mark image having a first area and a second area, and the authentication mark generation server authenticates the corresponding electronic data to generate the authentication mark. Information is generated and embedded in the first area as first digital watermark information, and the authentication information can be set in advance. An embedded unit that embeds information for verifying the property and information for specifying the authentication mark generation server, which can be set in advance, as second digital watermark information in the second area, and the viewer The authentication unit of the terminal for use can access the first region of the mark image included in the authentication mark, but cannot access the second region, and the authentication mark generated by the embedding unit is In order to authenticate the electronic data provided from the electronic data providing server, the mark image is extracted from the authentication mark and stored in the storage means, and the browser terminal uses the mark stored in the storage means. A corresponding authentication mark is determined by verifying the first digital watermark information and the second digital watermark information in the image, and the contents are displayed on the display unit according to the determination result. Thereby, further comprising a certification mark forgery verification unit, characterized in that.

  According to this electronic data authentication system, for example, even when a malicious accreditation body impersonates another accreditation body and creates a fake authentication mark, the second embedded in the second area in the mark image included in the authentication mark. By verifying the digital watermark information, it is possible to identify the accreditation body that issued the certification mark. In addition, for example, when a malicious third party analyzes software that operates the authentication unit, there is a possibility that the first digital watermark information embedded in the first area accessible by the authentication unit in the mark image may be forged. Even if it exists, there is no possibility that the second digital watermark information embedded in the second area that is not accessible by the authentication unit is forged. Further, since the information for verifying the authentication information of the electronic data embedded in the first area is embedded in the second area of the mark image, the presence or absence of forgery of the authentication mark can be confirmed by verifying the information. Can be judged.

  Further, according to this electronic data authentication system, for example, a malicious third party can use software that causes the authentication unit of the browser terminal to display a false authentication result using a mark image of an officially issued authentication mark. Even in the case of forgery, it is possible to determine whether or not the authentication mark is counterfeited by verifying the authentication information by an authentication mark verification determination unit that is a means different from the authentication unit.

  In the electronic data authentication system, it is preferable that the authentication mark includes the authentication program together with the mark image.

  The electronic data authentication system further includes a program providing server that provides an embedded program for operating the embedding unit, connectable through the information communication network, and verifies validity of the authentication information. It is preferable that the information and the information for specifying the corresponding authentication mark generation server can be set in advance by the program providing server.

  In the electronic data authentication system, the information for specifying the authentication mark generation server is information on an issuer of the corresponding authentication mark, and the authentication mark forgery verification unit specifies the authentication mark generation server. By verifying the presence or absence of information to be verified, it is determined whether or not the corresponding certification mark is counterfeited, and when the information is verified to be present and the counterfeit is determined to be none, the certification mark is officially issued by the issuer. If the information is verified on the display means and it is determined that the counterfeit is present, the display means that the certification mark is not officially issued by the issuer. It is preferable to display on the means.

  In the electronic data authentication system, the embedding unit encrypts the authentication information with a public key based on a public key cryptosystem, and uses the electronic signature as information for verifying the validity of the authentication information. The program providing server has a secret key storage unit that stores a secret key corresponding to the public key in association with the corresponding authentication mark generation server, and the authentication mark forgery verification unit of the browser terminal, or the program The providing server reads a secret key associated with the corresponding authentication mark generation server from the secret key storage unit, and decrypts the electronic signature as the second digital watermark information in the mark image with the read secret key. Whether or not the corresponding authentication mark is counterfeited by verifying whether there is a match between the authentication information and the authentication information as the first digital watermark information And verifying that the match is present and determining that the counterfeit is non-related, relates to the issuer of the corresponding authentication mark based on the information of the electronic signature or the information of the authentication mark generation server associated with the secret key. It is preferable to acquire information.

  In the electronic data authentication system, the authentication information is information on an expiration date of the corresponding electronic data, and the authentication mark forgery verification unit passes the expiration date as the first electronic watermark information in the mark image. It is also possible to determine whether the authentication of the corresponding authentication mark and electronic data is established or not by verifying the presence or absence.

  In the electronic data authentication system, the authentication information is a URL of a Web page that is the corresponding electronic data, and the browser terminal further includes a URL input unit for inputting a URL of a predetermined Web page. The authentication mark forgery verification unit extracts a URL of a predetermined web page input through the URL input unit and a mark image extracted from an authentication mark to be attached to the predetermined web page and stored in the storage unit. By verifying whether or not there is a match with the URL that is the first digital watermark information, it is determined whether or not the corresponding authentication mark is improperly pasted. Is displayed on the display means that the authentication mark is attached to a predetermined web page, the match is verified as non-existent, When constant, the authentication marks applicable to be displayed on said display means the effect that is affixed to an incorrect Web pages, it is also possible.

  In the electronic data authentication system, the authentication mark generation server associates the information for specifying the authentication mark or the mark image included in the authentication mark with the information on the validity or revocation status of the authentication mark or the mark image. The browser terminal further stores a resource storage unit for storing resources of the homepage, and the viewer terminal extracts from the information specifying the authentication mark attached to the electronic data provided from the electronic data providing server or the authentication mark The information for identifying the mark image stored in the storage means is transmitted to the authentication mark generation server together with the URL of the homepage, and includes information on the corresponding valid or invalid state stored in the resource storage unit. A home page is received from the certification mark generation server and displayed on the display means. Further comprising a mark state confirmation section, it is also possible.

  In the electronic data authentication system, the URL may be embedded as the second digital watermark information in the second area of the mark image.

  In the electronic data authentication system, the program providing server further includes a feature value calculation unit that calculates a feature value of the mark image, and the authentication mark generation server generates the authentication mark by the embedding unit. Prior to the calculation, a feature value of a mark image to be included in the authentication mark is calculated, and the feature value and a mark image set in advance to be included in the authentication mark are calculated by the feature value calculation unit of the program providing server. It is also possible to further include a generation permission unit that compares the feature value and enables the embedding unit to generate the authentication mark only when the two feature values match.

  Also, a viewer who operates by an authentication program provided through the information communication network from an electronic data providing server that provides electronic data through the information communication network, and authenticates the electronic data based on an authentication mark attached to the electronic data. The authentication terminal forgery verification method for verifying counterfeiting of the authentication mark, wherein authentication information for authenticating the electronic data is embedded in the first area as first electronic watermark information and is preset. In addition, a mark image in which information for verifying the validity of the authentication information and information for specifying the setter that is set in advance are embedded in the second area as second digital watermark information A storage step of extracting from the corresponding authentication mark based on the authentication program and storing it in the storage means; and the storage step In the mark image stored in the storage means, the first digital watermark information is extracted from the first area that is accessible based on the authentication program, and the second image that is not accessible based on the authentication program Extracting the second digital watermark information from the region, and a verification determining step of determining a corresponding authentication mark by verifying the first digital watermark information and the second digital watermark information extracted in the extraction step An authentication mark forgery verification method characterized by comprising a display step of displaying the contents on a display means in accordance with a result detected and determined in the verification determination step.

  Also, a viewer who operates by an authentication program provided through the information communication network from an electronic data providing server that provides electronic data through the information communication network, and authenticates the electronic data based on an authentication mark attached to the electronic data. An authentication mark forgery verification program for causing an authentication terminal to execute an authentication mark forgery verification method for verifying forgery of the authentication mark, wherein authentication information for authenticating the electronic data is stored in the first area as first electronic watermark information Embedded and preset information for verifying the authenticity of the authentication information and preset information for specifying the corresponding setter are the second area as second digital watermark information. Embedded in, extracted from the corresponding authentication mark based on the authentication program and stored in the storage means. In the image, the first digital watermark information is extracted from the first area accessible based on the authentication program, and the second digital watermark information is extracted from the second area inaccessible based on the authentication program. Extracting, extracting, and determining the corresponding authentication mark by verifying the first digital watermark information and the second digital watermark information extracted in the extraction step, detected in the verification determination step, and the verification determination step It is also possible to assume an authentication mark forgery verification program characterized by comprising a display step of displaying the contents on the display means in accordance with the determined result.

  Further, the browser is a terminal for a reader, which is operated by an authentication program provided together with an authentication mark attached to the electronic data and authenticates the electronic data based on the authentication mark. Authentication information for authenticating the electronic data is embedded in the first area as first digital watermark information, and preset, and information for verifying the validity of the authentication information is preset. The mark image embedded in the second area as the second digital watermark information and information for specifying the corresponding setter is extracted from the corresponding authentication mark, stored in the storage means, and stored in the storage means The first digital watermark information is extracted from the first area accessible based on the authentication program in the mark image, and the mark image stored in the storage means is extracted. And extracting the second digital watermark information from the second area that is inaccessible based on the authentication program, and verifying the extracted first digital watermark information and second digital watermark information. It is also possible to assume a browser terminal that further includes an authentication mark forgery verification unit that determines a mark and displays the contents on a display unit according to the determination result.

  In addition, an authentication mark generation server connected to the browser terminal through the information communication network generates an authentication mark attached to the electronic data for authentication and provided to the browser terminal together with the authentication program. In order to generate the authentication mark including the mark image having the first area and the second area, authentication information for authenticating the corresponding electronic data is generated, and the first electronic watermark information is stored in the first area. The second region is embedded with information for verifying the validity of the authentication information that can be set in advance and information for specifying the authentication mark generation server that can be set in advance as second digital watermark information. Embedded in the first area of the mark image that is accessible on the basis of the authentication program. Authentication mark forgery verification that verifies the embedded first digital watermark information and the second digital watermark information embedded in the second area that is inaccessible based on the authentication program in the mark image It is also possible to assume an authentication mark generation server characterized by having a section.

  Whether or not the authentication mark is counterfeited can be determined.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. Note that the present invention is not limited thereby.

=== Configuration of Electronic Data Authentication System ===
FIG. 1 is a block diagram illustrating a configuration example of an electronic data authentication system according to the present embodiment. The system includes a software provider 100 that provides software for creating various certification marks, an authorized business operator 110 that issues and manages certification marks using software for creating various certification marks, This is a system used by a service provider 120 that provides a service and a browser 130 that browses service contents. Further, as illustrated in FIG. 1, the present system includes a work terminal (program providing server) 102, a mark management server (authentication mark generation server) 112, a WWW server (electronic data providing server) 122, and a viewer A terminal (browser terminal) 131 is configured to be connected to each other through a communication network (information communication network) 140 such as the Internet.

  A software provider 100 belongs to a vendor 101 that provides software for creating an authentication mark, prepares software using a work terminal 102 that is an information processing apparatus, and provides it in response to a request from an authorized provider 110. To do.

  The accredited service provider 110 belongs to a fair accreditation body 111 that can be trusted by the service provider 120, and in response to a request for issuing a mark from the service provider 120, for example, the service conforms to the accreditation standards set by the accreditation body 111. Judge whether or not The certified business operator 110 creates an authentication mark using the mark management server 112, which is an information processing apparatus in which software for creating an authentication mark is installed, and provides this to the service provider 120.

  The service provider 120 creates a Web page of the service providing site 121 managed by the service provider 120 using the WWW server 122 and stores it in an appropriate storage device of the WWW server 122. When the service provider 120 exchanges information with the certified business operator 110, the authentication mark received from the mark management server 112 is associated with the Web page and stored in an appropriate storage device.

  However, the service provider 120 may also serve as the certified business operator 110 that manages its own mark. In this case, the WWW server 122 and the mark management server 112 are configured using the same information processing apparatus. May be.

  The certification mark is issued to the service providing site 121 by the certification body 111 as a proof that conforms to the certification standard established by the certification body 111. The certification form is a certification of the mark image or the mark image and the web page. This is an authentication program.

  The mark management server 112 creates an authentication mark in which authentication information for authenticating a Web page, information for specifying the certification authority 111, and the like are embedded, and is a server or information processing apparatus having a function of issuing this to the service providing site 121 It is. Further, in response to a request from the viewer 130, the mark management server 112 confirms whether or not the authentication mark has been issued by itself, and whether or not the authentication mark is in a valid state. A function of returning the result to the browser terminal 131 is provided.

  The WWW server 122 is a server that operates based on a WWW server program, that is, an information processing apparatus. That is, the WWW server 122 has a function of transmitting a Web page managed by itself when accessed from the browser terminal 131 in which the browser program 132 is installed. The transmitted Web page is displayed on the display device (display means) of the browser terminal 131.

  The browser terminal 131 is a terminal used by the viewer 130, that is, an information processing device. The browser terminal 131 includes a display device that displays document data, image data, and the like to the viewer 130, and an input device such as a mouse and a keyboard that the viewer 130 appropriately operates to input data, commands, and the like. ing. The browser terminal 131 transmits and receives data to and from the WWW server 122 and the mark management server 112 through the communication network 140.

<<<< Authentication Program and Certification Mark Forgery Verification Program >>>>
A browser program 132 and an authentication mark forgery verification program 133 are stored in an appropriate memory of the browser terminal 131, and the processing device of the browser terminal 131 executes processing based on these programs. Note that this processing apparatus including the CPU and an authentication program described later that causes the processing apparatus to execute an operation correspond to an authentication unit, and an authentication mark counterfeit verification program that causes the processing apparatus and the processing apparatus to execute an operation is an authentication mark counterfeit verification. It corresponds to the part.

  The browser program 132 is formed so that the browser terminal 131 requests the Web page by designating the URL of the WWW server 122. On the other hand, when receiving this request, the WWW server 122 searches the storage device for the Web page and transmits it to the viewer terminal 131. Further, the Web page is interpreted based on the browser program 132, and the Web page is displayed in the display area of the browser that can be controlled by the browser program 132 in the display device. Furthermore, when an authentication mark is affixed to the Web page, an authentication program associated with the extension of the authentication mark is started based on the browser program 132. The authentication mark is processed based on this authentication program, and the authentication result is displayed on the display device. As a method for installing an authentication program in the browser terminal 131, a Plug-In method in which an authentication program is installed in the viewer terminal 131 in advance, or an authentication program is configured in JAVA (registered trademark) language, and a JAVA virtual A method such as an applet method that allows the browser terminal 131 on which the machine is installed to download the authentication program together with the mark image is possible, but it does not matter which method is used in this embodiment.

  As illustrated in the schematic diagram of FIG. 2, the authentication program, for example, when an authentication mark on the Web page is clicked by an appropriate operation of a mouse cursor, an arbitrary storage area (storage means, for example, a desktop) designated by the viewer. The mark image is stored in the area (region), and the fact is displayed so as to be displayed by the menu “save authentication mark”. When the menu “save authentication mark” is selected by further operation, the mark image in the authentication mark displayed in the display area of the browser is stored in the storage area based on the authentication program. In the example of FIG. 2, a menu for storing the authentication mark is displayed, but the present invention is not limited to this. For example, when the authentication mark is clicked by the viewer 130, the mark image included in the authentication mark may be automatically saved in the storage area without displaying such a menu. For example, the mark image may be automatically saved in the storage area when the authentication program is started. When the authentication mark includes a mark image and an authentication program, both of them may be stored.

  The authentication mark forgery verification program 133 is formed so that the browser terminal 131 acquires a stored mark image. For example, the authentication mark forgery verification program 133 may be activated to acquire the mark image when the viewer 130 appropriately operates the mouse cursor to drag and drop the mark image. Alternatively, the authentication mark forgery verification program 133 may be always started and the stored mark image may be constantly monitored and acquired.

  Further, the authentication mark forgery verification program 133 extracts whether or not the browser terminal 131 has extracted the digital watermark information embedded in the mark image and the authentication mark displayed in the display area of the browser has been forged. It is formed to display. The authentication mark forgery verification program 133 is used to confirm second digital watermark information embedded in a second area 302 of a mark image, which will be described later.

<<< mark image >>>
FIG. 3 is a schematic diagram showing a form of digital watermark information (first digital watermark information, second digital watermark information) embedded in the mark image by the mark management server 112. Software (embedding program) for creating an authentication mark is installed in the mark management server 112, and electronic watermark information is embedded in the mark image based on this software. The processing device including the CPU in the mark management server 112 and software for generating an authentication mark that causes the processing device to execute an operation correspond to the embedding unit.

  As illustrated in FIG. 3, the mark image includes a first area 301 that can be accessed based on the authentication program and a second area 302 that cannot be accessed based on the authentication program. Authentication information (authentication information for authenticating electronic data) such as a URL and an expiration date for authenticating a Web page is embedded as first digital watermark information in the first area 301, and first information is embedded in the second area 302. A certification authority 111 for specifying a feature value (hash value, information for verifying the validity of authentication information) for checking the validity of the authentication information set in the area 301 and the issuer of the mark image Character string information (information for specifying the authentication mark generation server) is embedded as second digital watermark information.

  The first digital watermark information embedded in the first area 301 is set based on software for the mark management server 112 to create an authentication mark. The second digital watermark information embedded in the second area 302 is set based on software for creating an authentication mark based on information stored in a storage medium such as an IC card provided by the vendor 101. is there. For example, it is assumed that the storage medium provided by the vendor 101 stores character string information representing the accreditation organization 111 for identifying the issuer of the mark image, so that the authentication business operator 110 cannot easily view the contents. It has become. In this way, even if the authentication program is analyzed to forge the authentication mark, there is no possibility that the second area 302 is accessed based on the authentication program. It will never be done. Therefore, the second area 302 is not forged.

  In the second area 302, an electronic signature obtained by encrypting the authentication information in the first area 301 with the public key of the certification authority 111 may be embedded. It is assumed that a secret key and a public key based on such a public key cryptosystem are created by the work terminal 102, and a pair of secret key and public key are associated with each of a plurality of certification authorities 111, that is, the mark management server 112. (Secret key storage unit). For example, the certification authority A is associated with a secret key A and a public key A, and the certification authority B is associated with a secret key B and a public key B. The public key is stored in a storage medium such as an IC card and is provided to the corresponding certification organization 111. On the other hand, the secret key is managed in the work terminal 102 in association with information for identifying the accreditation body such as the name of the accreditation body. The software for creating the authentication mark is configured such that the mark management server 11 accesses the public key, creates an electronic signature for the first area 301 using the public key, and embeds the electronic signature in the second area 302. ing. The software for creating the authentication mark is formed so that the information embedded in the second area 302 cannot be written by the certified business operator 110. When an electronic signature is embedded in the second area 302, based on the authentication mark forgery verification program 133, a value obtained by decrypting the electronic signature with a secret key, and a feature value calculated from the authentication information in the first area 301 And the presence or absence of falsification of the authentication information in the first area 301 is verified. Further, when the validity of the authentication information in the first area 301 is confirmed, the issuer of the mark image is specified from the information of the certification authority 111 associated with the secret key based on the authentication mark forgery verification program 133. It has come to be.

  Also, a malicious accreditation body that owns the software that creates the certification mark analyzes the certification mark issued by the formal accreditation body 111, and displays the mark image, menu configuration, display message, etc. When the setting information is acquired, the malicious certification authority may create a fake certification mark that looks as if it is an authentication mark issued by the official certification authority 111. When such a fake authentication mark is found, or when the user requests the software provider 100 to authenticate the authentication mark, it is possible to identify the corresponding certification body. It is like that. That is, the validity of the second area of the false authentication mark is not confirmed with the secret key associated with the certification authority 111 identified from the design of the authentication mark. On the other hand, the validity of the second area of the fake authentication mark is confirmed with the secret key of the malicious certification authority. As described above, when there are a plurality of secret keys corresponding to a plurality of certification bodies, this verification procedure is repeatedly performed with the secret key of each certification body, so that the certification mark is issued by which certification body. This can be verified. By the way, in the verification procedure using such a secret key, the browser terminal 131 or the work terminal 102 must be able to access the secret key based on the authentication mark forgery verification program 133. For example, if the authentication mark forgery verification program 133 is installed in the work terminal 102, the software provider 100 can track the accreditation organization that issued the authentication mark.

  Further, the design of the original image that is the basis of the authentication mark may be checked prior to the creation of the authentication mark. This prevents a malicious accreditation body or a malicious accreditation company from impersonating another accreditation body and creating a certification mark. Specifically, when the authentication business operator 110 requests the vendor 101 to provide software for creating an authentication mark, the authentication business operator 110 receives the original image to be used for the authentication mark from the vendor 101. Send to. The software provider 100 confirms in the original image received from the authentication event person 110 whether there is a trademark or design registration of the design, or whether the accreditation organization 111 can be specified by the design. When the software provider 100 confirms that the original image symbolizes the accreditation organization 111, the software provider 100 registers the feature value (hash value, etc.) of the original image in a storage medium such as an IC card (feature value calculation unit), and the authentication mark It is provided to the certified business operator 110 together with software for creating. The software for creating the authentication mark is such that the mark management server 112 accesses the feature value of the original image, and the software for creating the authentication mark designates the original image specified for creating the feature value of the original image and the authentication mark. It is formed so that an authentication mark can be created only when the feature values calculated from (1) and (2) match each other (generation permission unit). If the feature values do not match, the software for creating the authentication mark is formed so that the mark management server 112 cannot create the authentication mark. This makes it difficult to create a certification mark in which a malicious certification body impersonates another certification body, and prevents the certification mark from being counterfeited.

=== Electronic Data Authentication Method and Authentication Mark Forgery Verification Method ===
FIG. 4 is a flowchart showing a processing procedure of the authentication program when the menu “save authentication mark” illustrated in FIG. 2 is selected.
When the menu “save authentication mark” is selected by an appropriate operation of the viewer 130, the browser terminal 131 acquires the authentication mark from the cache area to be temporarily used based on the authentication program, and the authentication mark A mark image is extracted by analyzing the data structure or file structure (S1201).
Next, the browser terminal 131 stores the extracted mark image in an arbitrary storage area designated by the viewer (S1202).

  In this case, the mark image is extracted from the authentication mark and stored in an arbitrary storage area designated by the viewer. However, the present invention is not limited to this, and the authentication mark includes the mark image and the authentication program. If included, both may be saved. Here, when the authentication mark is stored, it is necessary to extract the mark image from the authentication mark, but the mark image may be extracted by analyzing the data structure or file structure of the authentication mark. Further, the authentication mark or mark image may be downloaded from the WWW server 122 using a URL indicating the file name of the authentication mark associated with the authentication mark, and stored in an arbitrary storage area designated by the viewer.

FIG. 5 is a flowchart showing a processing procedure of the authentication mark forgery verification program 133.
The browser terminal 131 extracts digital watermark information from the first area 301 of the mark image based on the authentication mark forgery verification program 133 (S1301).
Next, the browser terminal 131 determines the presence or absence of digital watermark information extracted from the first area 301 (S1302). In the present embodiment, in order to determine whether the mark management server 112 has embedded the digital watermark information in accordance with a regular procedure in order to determine the presence / absence of the digital watermark information, It is assumed that specific character string information for indicating the end is embedded, or that an end code or specific character string information is embedded at the end. The browser terminal 131 extracts these pieces of information based on the authentication mark forgery verification program 133 and determines the presence or absence of digital watermark information.
If there is no digital watermark information (S1302: No), the result is displayed on the display device (S1312). For example, the content illustrated in FIG. 9 described later is displayed.
When it is confirmed that the digital watermark information of the first area 301 is present (S1302: Present), the digital watermark information is extracted from the second area 302 of the mark image (S1303).

Next, the presence / absence of digital watermark information extracted from the second area is determined (S1304).
If there is no digital watermark information (S1303: No), the result is displayed on the display device (S1313). For example, the content illustrated in FIG. 10 described later is displayed.
When it is confirmed that the digital watermark information of the second area 302 exists (S1304: Present), the authentication information extracted from the first area is compared with the feature value of the authentication information extracted from the second area. (S1305).
If the authentication information does not match (S1306: mismatch), the result is displayed on the display device (S1314). For example, the content illustrated in FIG. 11 described later is displayed.
If the authentication information matches (S1306: match), the authentication information and information for identifying the authorized organization 111 are displayed on the display device (S1307). For example, the contents illustrated in FIGS. 7 and 12 described later are displayed.

  As will be described later, when there is an instruction to input a mark pasting URL (S1308: Yes), the mark pasting URL and the URL extracted from the first area 301 are verified (S1309), and the result is displayed. It is displayed on the device (S1310). If the URLs match, the content illustrated in FIG. 8 described later is displayed. If the URLs do not match, the content illustrated in FIG. 13 described later is displayed.

  Next, the history of the authentication mark forgery verification result is stored in the storage area of the browser terminal 131 as history data illustrated in FIG. 15 (S1311). In addition, when an input instruction to the mark pasting URL is given after the forgery verification result is displayed in steps S1312, S1313, and S1314 (S1315), the mark pasting URL is stored in the history table (FIG. 15) together with the result. Is done.

  As illustrated in FIG. 15, the history table stores a mark pasting URL, a mark ID, a use permission URL, an expiration date, a service provider, an authorized organization, a verification result, and a status. These pieces of information are the history of the authentication mark verified by the viewer 130 using the authentication mark forgery verification program 133 in the past, and the authentication mark once verified can be browsed in the history table. The history table is not limited to this, and for example, a file name of an authentication mark may be stored.

  If an expiration date is set as the authentication information in steps S1305 and S1309, whether or not the system time appropriately counted by a timer or the like provided in the browser terminal 131 is within the range of the extracted expiration date. And the result may be displayed on the display device.

FIG. 6 is a flowchart showing a processing procedure for status confirmation.
The status confirmation is an operation of inquiring the mark management server 112 through the communication network 140 whether the authentication mark verified based on the authentication mark forgery verification program 133 is in a valid or invalid state. A status confirmation button 406 (see FIGS. 7 and 8) is displayed on the display device of the browser terminal 131. The status confirmation button 406 is valid and can be executed only when a first verification result and a second verification result, which will be described later, are normal. The inquiry destination when the status confirmation button 406 is pressed is the mark management server 112 that operates based on a program such as CGI for performing status confirmation, and the program such as CGI is included in the authentication mark forgery verification program 133 in advance. It shall be. Based on the authentication mark forgery verification program 133, the browser terminal 131 adds a mark ID or the like, which is information for uniquely identifying the authentication mark, to the URL for accessing the mark management server 112, and the authentication mark Request confirmation of validity or revocation status of. The browser terminal 131 receives the verification result of the validity / invalidity of the authentication mark from the mark management server 112 and displays the result of status confirmation (see FIG. 14). It should be noted that the URL of the inquiry destination for status confirmation may be embedded as digital watermark information of the first area 301 of the authentication mark or as digital watermark information of the second area 302 of the authentication mark.

For example, in the case of the example illustrated in FIG. 7 described later, the browser terminal 131 receives an input of “status confirmation” by an appropriate operation of the viewer 130 (S1501: Yes). At this time, the browser terminal 131 transmits the mark ID extracted from the mark image to the mark management server 112 based on the authentication mark forgery verification program 133 (S1502).
Upon receiving the status status result of the mark ID managed by the mark management server 112 (S1503), the browser terminal 131 displays the status status in an area 406 and an area 501 described later (S1504).

  Note that the processing device including the CPU in the browser terminal 131 and software for causing the processing device to execute the operations of steps S1502 to S1504 described above correspond to the authentication mark state confirmation unit. Further, it is assumed that the mark management server 112 includes an appropriate storage device (resource storage unit) that stores resources including the above-described valid or invalid state.

=== Example of forgery verification of authentication mark ===
7 to 14 show the authentication mark authentication results (FIGS. 7A to 14) processed on the browser terminal 131 based on the browser program 132 (for example, including the authentication program) and displayed on the display device. FIG. 15A is a schematic diagram of a screen example of verification results (FIGS. 7B to 14B) of authentication marks that are processed based on the authentication mark forgery verification program 133 and displayed on the display device. .

<<< Authentic certification mark >>>
FIG. 7 is a schematic diagram of a screen example when an authentication mark officially issued by the accreditation organization 111 is pasted on a predetermined Web page of the service providing site 121 for which use permission has been obtained.

  As illustrated in FIG. 7, the mark paste URL input field 401, an area 402 for displaying a first verification result to be described later, and information on the issuer of the mark image in the second area 302 of the mark image are displayed. An area 403, an area 404 for displaying authentication information of the first area 301 of the mark image, an area 405 for displaying a status state, and a status confirmation button 406 are displayed. The mark pasting URL input field 401 is a field for receiving the URL of the Web page on which the authentication mark instructed by the viewer 130 is pasted. A region 402 for displaying a first verification result to be described later is a region for displaying the result of verifying the digital watermark information of the mark image, and is a region for displaying whether or not the authentication mark is forged. Of the second area 302 of the mark image, an area 403 for displaying information about the issuer of the mark image is an area for displaying information indicating the issuer of the mark image extracted from the second area 302 of the mark image. An area 404 for displaying the authentication information of the first area 301 of the mark image is used to indicate the URL to which the certification issuer and the authentication mark application destination indicate the issuer of the authentication mark extracted from the first area 301 of the mark image. This is an area for displaying authentication information such as a permission URL and a validity period indicating the start and end of an expiration date. An area 405 that displays the status state is an area that indicates the result of the status. The status confirmation button 406 is a button for inquiring the mark management server 112 about the status of the authentication mark.

  If the authentication mark forgery verification program 133 is used, the authentication information of the first area 301 and the information of the second area 302 can be extracted from the authentication mark officially issued by the certification authority 111, and the information of the second area 302 can be extracted. Since the validity of the authentication information in the first area 301 can be confirmed by using it, it can be obtained as a verification result that the authentication mark is officially issued by the accreditation body. For this reason, in the area 402 for displaying the first verification result, it is displayed that the certification mark is officially issued by the accreditation organization. In the area 403, the name of the extracted authorized organization is displayed. In the area 404, the extracted authentication information is displayed. By the way, since the status confirmation is not executed, the area 405 displays that it has not been confirmed.

  Since this verification example is an example of an officially issued authentication mark, it is based on the authentication mark authentication result displayed based on the browser program 132 (for example, including the authentication program) and the authentication mark forgery verification program 133. The same result as the verification result displayed.

  Even for the officially issued mark image, the authentication program may be counterfeited. In order to verify forgery of the authentication program, a mark pasting URL input field 401 is used. In the mark pasting URL input column 401, the URL of the Web page displayed based on the browser program 132 is copied and pasted by an appropriate operation of the viewer 130. Alternatively, a shortcut icon associated with the address area or URL of the browser program 132 is dragged and dropped to input the URL. When the mark pasting URL is received based on the authentication mark forgery verification program 133, the use permission URL extracted from the authentication information of the first area 301 of the mark image is compared with the mark pasting URL for which the input is accepted. Then, the presence or absence of the match is verified, and the verification result illustrated in FIG. 8 is displayed (second verification result). Note that the processing device of the browser terminal 131 and the authentication mark forgery verification program 133 that causes the processing device to execute the operation of receiving the input of the mark pasting URL described above correspond to the URL input unit.

  FIG. 8 is a schematic diagram of a screen example on which a second verification result displayed based on the authentication mark forgery verification program 133 is displayed.

  The contents redisplayed based on the authentication mark forgery verification program 133 are used in the authentication information and the second verification of the area 501 and the area 403 for displaying the second verification result, and the first area 301 of the mark image. An area 502 for displaying a mark pasting URL and the like, an area 405, and a status confirmation button 406 are formed. The area 501 in which the second verification result is displayed is a result of further verification of authentication information such as a URL when it is confirmed that the certification mark is officially issued by the accreditation body in the first verification result. Is the area where is displayed. An area 502 is an area where information used for verification such as the authentication information of the first area 301 of the mark image and the URL for the second verification is displayed.

  Since this verification example is an example in which the use permission URL, which is one of the authentication information of the first area 301 of the mark image, matches the mark paste permission URL, the authentication mark is pasted on the legitimate web page. It is verified that Therefore, in the area 501 where the second verification result is displayed, it is displayed that the Web page on which the authentication mark is pasted is a valid site and that the authentication program is normal.

  In the second verification result described above, it is described only when the URL is verified. However, when the validity period is set as the authentication information, the system time of the viewer terminal 131 is the authentication of the first area 301 of the mark image. It may be verified whether it is within the valid range of the valid period extracted from the information, and the validity result may be displayed. In this case, the area 501 may display that the URL and the validity period are normal, and the area 502 may also display the verified time.

<<< Certification mark imitating only design >>>
FIG. 9 shows that a malicious third party (service providing site: B store, etc.) imitates the design of the certification mark officially issued by the accreditation body 111 and is authorized by a certain accreditation body. It is a schematic diagram of a screen example when an authentication program is forged to display a false authentication result and the authentication mark is pasted on a Web page.

  In order not to save the authentication mark in the storage device of the browser terminal 131, it is assumed that the authentication program is forged so as not to execute the menu "save authentication mark". Therefore, the authentication mark may be stored and acquired in the storage device of the browser terminal 131 by an image storage function provided based on the browser program 132. If the image saving function is disabled, the source file of the Web page is analyzed, the URL of the authentication mark is acquired, and the authentication mark is downloaded from the WWW server 122 using the URL. Also good.

  From this authentication mark, neither authentication information nor information specifying the issuer of the authentication mark is extracted. For this reason, the area 402 displays that the authentication mark has been forged (imitated). In addition, the area 403 displays that information for identifying the issuer of the authentication mark could not be acquired. An area 404 displays that the authentication information could not be acquired.

  The notification button 501 is a button for reporting information related to the certification mark to the accreditation organization 111 or the like when forgery of the certification mark is detected. The URL for reporting to the accreditation organization 111 or the like can be stored in advance in the authentication mark forgery verification program. The authentication mark forgery verification program 133 is formed to be effective when the notification button 501 detects forgery in the first verification and the second verification.

<<< Authentication mark with counterfeit digital watermark information embedded >>>
FIG. 10 shows that a malicious third party (service providing site: C store, etc.) analyzes a mark image in a certification mark officially issued by the accreditation organization 111, and embeds digital watermark information in the mark image having the same design. FIG. 4 is a schematic diagram of a screen example when an authentication program is forged to display a false authentication result that appears to be certified by a certain certification body, and the authentication mark is pasted on a Web page.

  Although the authentication information is extracted from this authentication mark, the information specifying the issuer of the authentication mark and the feature value for checking the validity of the authentication information are not extracted. For this reason, the area 402 displays that the authentication mark is forged (authentication information is improperly embedded). An area 403 displays that information specifying the issuer of the authentication mark has not been acquired. Further, the area 404 displays that the authentication information is invalid.

<<< Authentication mark with digital watermark information rewritten >>>
FIG. 11 shows that a malicious third party (service providing site: D store, etc.) illegally rewrites the digital watermark information of the mark image in the certification mark officially issued by the accreditation body 111 and accredits it from a certain accreditation body. It is a schematic diagram of a screen example when an authentication program is forged to display a fake authentication result that appears to be displayed and the authentication mark is pasted on a Web page.

  From this authentication mark, the authentication information, the information specifying the issuer of the authentication mark, and the feature value of the authentication information are extracted, but the authentication information embedded in the first area 301 and the authentication embedded in the second area 302 are extracted. Since the feature value of the information does not match, it is detected that the authentication information has been rewritten illegally. For this reason, the area 402 displays that the authentication mark has been forged (authentication information has been illegally rewritten). In an area 403, information specifying the issuer of the extracted authentication mark is displayed. Further, the area 404 displays that the authentication information is invalid.

<<< Copyed certification mark >>>
FIG. 12 shows a fake authentication in which a malicious third party (service providing site: fake A store, etc.) copies a mark image officially issued by the accreditation body 111 and appears to be authorized by the accreditation body. It is a schematic diagram of a screen example when an authentication program is forged to display a result and the authentication mark is pasted on a Web page.

  The authentication information of the first area 301 and the information of the second area 302 are extracted from the authentication mark, and the validity of the authentication information of the first area 301 can be confirmed using the information of the second area 302. , It is displayed that the certification mark is officially issued by the accreditation body (area 402). In the area 403, the name of the extracted authorized organization is displayed. In the area 403, the extracted authentication information is displayed.

  However, the message content (FIG. 12A) of the authentication result displayed based on the browser program 132 (for example, including the authentication program) and the message content of the verification result displayed based on the authentication mark forgery verification program 133 If compared with (FIG. 12B), it can be recognized that the contents of the URL are different. Therefore, the viewer 130 can confirm that the authentication mark displayed on the Web page is forged by visually recognizing the message content.

  However, in such visual recognition, forgery such as changing one character of the URL of a Web page, it may not be noticed that the authentication mark is forged unless the URL is carefully compared. In order to cope with this, the mark pasting URL received in the mark pasting URL input field 402 is automatically compared with the URL extracted from the mark image, and if the mismatch is verified, it is illustrated in FIG. The verification result may be displayed again.

  FIG. 13 is a second verification result displayed based on the authentication mark forgery verification program 133, and is a schematic diagram of a screen example when forgery can be detected. In this case, since the URLs do not match, it is detected that the authentication mark is not pasted on the legitimate Web page. Therefore, in the area 501 for displaying the second verification result, it is displayed that the Web page on which the authentication mark is pasted is not valid and that the authentication program is forged.

<<< Certification mark in expired state >>>
FIG. 14 is a schematic diagram of a screen example when status confirmation is executed for an authentication mark that has been officially issued by the accreditation organization 111 and has been invalidated and has been pasted as it is. The certification authority 111 set in advance is inquired about the validity of the authentication mark with the URL, and the status of the authentication mark is displayed. An area 501 displays that the authentication mark is in an invalid state and that the Web page of the URL indicated in the authentication information is not valid.

=== Other Embodiments ===
The above-described embodiments of the present invention are intended to facilitate understanding of the present invention, and are not intended to limit the present invention. The present invention can be changed and improved without departing from the gist thereof, and equivalents thereof are also included in the present invention.

  The authentication mark forgery verification program 133 described above may include a proxy response function that relays data exchange between the browser program 132 and the WWW server. The authentication mark forgery verification program 133 acquires information transmitted and received by the browser program 132, determines whether or not it matches the mark pasting URL stored in the history table (FIG. 15) and the file name of the authentication mark. If the information to be detected can be detected, the corresponding forgery verification result may be displayed. Thereby, the trouble of verifying again can be saved.

  Further, the authentication mark forgery verification program 133 acquires the corresponding authentication mark when the extension associated with the authentication mark is found in the relayed Web page, performs the forgery verification process, and displays the verification result in the browser. The authentication mark forgery verification program 133 other than the display area may be displayed in a controllable area. Thereby, the mouse operation of the viewer 130 becomes unnecessary.

  In the above-described embodiment, the authentication mark forgery verification program 133 is installed in the browser terminal 131 to perform authentication mark forgery determination. However, the authentication mark forgery verification is performed on the work terminal 102 used by the software provider 100. The program 133 may be installed, and the authentication mark forgery verification program 133 may be installed in a terminal used by the certified business operator 110.

  The program in the above-described embodiment is stored in various storage media such as a floppy disk, a CD-ROM, and a DVD, and is supplied to each device that executes the program, or a network to which these devices are connected. You may make it download to the said apparatus from the other server connected to.

It is a block diagram which shows the structural example of the electronic data authentication system of this Embodiment. It is a schematic diagram which shows the example of a screen of the menu which preserve | saves an authentication mark. It is a block diagram which shows the structural example of a mark image. It is a flowchart which shows the procedure of the process by an authentication program. It is a flowchart which shows the procedure of the process by an authentication mark forgery verification program. It is a flowchart which shows the procedure of the process of status confirmation. It is a schematic diagram which shows the example of the 1st screen in a browser terminal. It is a schematic diagram which shows the 2nd example screen in a browser terminal. It is a schematic diagram which shows the 3rd example screen in a browser terminal. It is a schematic diagram which shows the example of a 4th screen in a browser terminal. It is a schematic diagram which shows the 5th example of a screen in a browser terminal. It is a schematic diagram which shows the 6th example of a screen in a browser terminal. It is a schematic diagram which shows the 7th example of a screen in a browser terminal. It is a schematic diagram which shows the 8th example screen in a browser terminal. It is a graph which shows the structural example of a log | history table.

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 Software provider 101 Vendor 102 Work terminal 110 Authorized business operator 111 Authorized organization 112 Mark management server 120 Service provider 121 Service providing site 122 WWW server 130 Browser 131 Browser terminal 132 Browser program 133 Authentication mark forgery verification program 140 Communication network 301 Digital watermark information first area 302 Digital watermark information second area 401 Mark pasting URL input field 402 First verification result display area 403 Mark image second area display area 404 Mark image first area display area 405 Status confirmation result display area 406 Status confirmation button 501 Second verification result display area 502 Second verification information display area 601 Notification button

Claims (5)

An electronic data providing server that provides electronic data, an authentication mark generating server that generates an authentication mark attached to the electronic data to authenticate the electronic data, and an authentication program provided from the electronic data providing server. An electronic data authentication system in which a reader terminal having an authentication unit for authenticating corresponding electronic data based on the authentication mark is connected to each other through an information communication network,
The authentication mark comprises a mark image having a first area and a second area,
The authentication mark generation server
In order to generate the authentication mark, authentication information for authenticating the corresponding electronic data is generated, embedded in the first area as first digital watermark information, and the validity of the authentication information that can be set in advance is verified. And an embedding unit that embeds information for specifying the authentication mark generation server, which can be set in advance, in the second area as second digital watermark information,
The authentication unit of the browser terminal is
While the first area of the mark image included in the authentication mark is accessible, the second area is inaccessible,
In order to authenticate electronic data provided from the electronic data providing server accompanied by an authentication mark generated by the embedding unit, the mark image is extracted from the authentication mark and stored in a storage unit;
The browser terminal is
Determining a corresponding authentication mark by verifying the first digital watermark information and the second digital watermark information in the mark image stored in the storage means;
An electronic data authentication system, further comprising an authentication mark forgery verification unit for displaying the contents on a display unit according to the determination result.   The electronic data authentication system according to claim 1, wherein the authentication mark includes the authentication program together with the mark image. A program providing server for providing an embedded program for operating the embedded unit, connectable through the information communication network;
The information for verifying the validity of the authentication information and the information for specifying the corresponding authentication mark generation server can be set in advance by the program providing server. Electronic data authentication system described in 1. The information for specifying the certification mark generation server is information relating to the issuer of the certification mark,
The authentication mark forgery verification unit
Determining the presence or absence of the corresponding authentication mark by verifying the presence or absence of information for identifying the authentication mark generation server,
When verifying that the information is present and determining that the counterfeit is not present, the display means displays that the authentication mark is officially issued by the issuer,
When the information is verified to be null and the counterfeit is determined to be present, the display means displays that the authentication mark is not officially issued by the issuer. 4. The electronic data authentication system according to any one of 3. The embedding unit encrypts the authentication information with a public key based on a public key cryptosystem, and uses the electronic signature as information for verifying the validity of the authentication information,
The program providing server has a secret key storage unit that stores a secret key corresponding to the public key in association with a corresponding authentication mark generation server,
The authentication mark forgery verification unit of the browser terminal, or the program providing server,
Read the secret key associated with the corresponding authentication mark generation server from the secret key storage unit,
By verifying whether or not there is a match between the information obtained by decrypting the digital signature as the second digital watermark information in the mark image with the read secret key and the authentication information as the first digital watermark information Determine whether the certification mark has been counterfeited,
If it is verified that the match is present and the forgery is determined to be absent, the information on the issuer of the corresponding authentication mark based on the information of the electronic signature or the information of the authentication mark generation server associated with the secret key The electronic data authentication system according to claim 1, wherein the electronic data authentication system is acquired.

Images