JP2018121125A - Wireless communication device, and telecommunication system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a wireless communication device and a telecommunication system capable of increasing security when using data for use in conveyance.SOLUTION: A wireless communication device 10 that is attached to an article of conveyance target includes a display unit 11 having a nonvolatile information display function, a control unit including a storage region storing a key for use in cryptocommunication, and a radio communication unit performing close range radiocommunication with an external terminal. The radio communication unit receives data containing conveyance information Ib for use in transportation of an article, which is encryption data including authentication data created by using a key corresponding to the above-mentioned key, from a terminal, and the control unit authenticates legitimacy of the conveyance information Ib, based on the authentication of the authentication data by using the key stored in the storage region, and displays the conveyance information Ib, legitimacy of which was confirmed, in the display unit 11.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a wireless communication device used as a tag attached to an article to be transported, and an information communication system.

  A part of the baggage held by the passengers of the aircraft is carried on the aircraft separately from the passengers. In general, a paper tag is attached to the luggage, and the flight number of the aircraft, the airport code of the destination airport, identification information of the luggage, and the like are printed on the tag. When loading and unloading packages at the departure airport and arrival airport, the packages are sorted based on the information printed on the tags.

  In recent years, a system using an electronic tag that stores information as electronic data instead of a paper tag has been proposed. In such a system, transportation data including information necessary for transportation such as the flight number of the aircraft described above is transmitted from a predetermined terminal to the electronic tag by wireless communication and stored in the electronic tag. At the airport at the departure point and the airport at the arrival point, the sorting of the luggage is performed based on the reading of the transportation data from the electronic tag (for example, see Patent Document 1).

JP 2003-104562 A

  By the way, in the system in which the electronic tag receives the transportation data from the external terminal, it is important to increase the security of using the received transportation data in the electronic tag in order to carry the goods accurately. In other words, when an electronic tag receives fake data created by a person different from the authorized administrator of transportation or data falsified by a malicious person, the electronic tag It is necessary to avoid handling as transportation data.

  In particular, in the modern times when the use of electronic terminals is becoming increasingly multifunctional and the transmission of information using electronic data is remarkable, passengers have not only a system that uses a dedicated terminal installed at an airport to transmit transport data to an electronic tag. Adoption of a system that transmits transportation data to an electronic tag from any terminal such as a smartphone is also desired. For this reason, it is highly important to enhance security for transmission / reception of transport data and its use.

Such a problem is not limited to the electronic tag attached to the baggage of the passenger of the aircraft, but a device used as an electronic tag in a system that manages the transportation of the article based on the data stored in the electronic tag attached to the article. In common.
An object of this invention is to provide the radio | wireless communication device and information communication system which can raise the security at the time of utilization of the data used for conveyance.

  A wireless communication device that solves the above problem is a wireless communication device attached to an article to be transported, and includes a display unit having a nonvolatile information display function and a storage area in which a key used for encryption communication is stored. A wireless communication unit that performs wireless communication at a short distance with an external terminal, wherein the wireless communication unit is data including transport information that is information used for transporting the article, Receiving encrypted data including authentication data generated using a key corresponding to the key from the terminal, and the control unit verifying the authentication data using the key stored in the storage area Based on the above, the validity of the transport information is verified, and the transport information whose validity has been confirmed is displayed on the display unit.

  An information communication system that solves the above-described problem is an information communication system that includes a wireless communication device attached to an article to be transported, and a server that holds a key used for cryptographic communication. Data including transport information, which is information used for transport, and generating encrypted data including authentication data generated using the key and transmitting the data to an external terminal. A display unit having an information display function; a control unit including a storage area storing a key corresponding to the key held by the server; and a wireless communication unit that performs wireless communication at a short distance with the terminal; The wireless communication unit receives the encrypted data from the terminal, and the control unit verifies the authentication information using the key stored in the storage area, and validates the transport information. Verifies and displays the delivery information confirmed the validity on the display unit.

  According to the above configuration, the validity is confirmed based on the fact that the wireless communication device verifies the authentication data included in the encrypted data received from the external terminal using the key stored in the storage area. The transportation information is displayed on the display unit. Therefore, security when using data used for transportation is enhanced, and reliability of transportation information displayed on the wireless communication device is enhanced.

  In the above configuration, the authentication data may be data in which a message digest generated from data including transport data indicating the transport information is encrypted.

According to the above configuration, by verifying the authentication data, it is possible to confirm the creator of the encrypted data and confirm whether the transport data has been tampered with. Therefore, since it is possible to suppress the display of information on the display unit using fake data or falsified data, the reliability of the transport information displayed on the wireless communication device is preferably enhanced. Moreover, the load required for the calculation using the key in the wireless communication device is small compared with the configuration in which the authentication data is data obtained by encrypting the transport data.
In the above configuration, the authentication data may be data obtained by encrypting a message digest generated from data indicating identification information unique to the wireless communication device during a period in which the article is being transported.
According to the above configuration, it is possible to confirm the creator of the encrypted data by verifying the authentication data. In addition, the authentication data uses the key in the wireless communication device as compared to the configuration in which the transport data is encrypted data or the configuration in which the message digest generated from the data including the transport data is encrypted data. The load required for the required computation is small.
In the above configuration, the authentication data may be data obtained by encrypting data including transport data indicating the transport information.

  According to the above configuration, it is possible to confirm the creator of the encrypted data by verifying the authentication data, and it is possible to suppress the leakage of the conveyance information when the conveyance data is intercepted.

  In the above configuration, the wireless communication device may hold unique identification information for each wireless communication device, and the identification information may be acquired by an external terminal before receiving the encrypted data.

  According to the above configuration, it is possible to manage information regarding identification of a wireless communication device and transportation of an article performed using the wireless communication device, using the acquired identification information.

  In the above-described configuration, a sensor unit that converts a change in environment around the wireless communication device into a signal and outputs the signal, and the wireless communication unit is generated based on an output of the sensor unit during transportation of the article. Data indicating a change in environment may be transmitted to an external terminal.

  According to the said structure, the change of the environment around the wireless communication device during conveyance of articles | goods can be analyzed by analyzing the data which the external terminal acquired from the wireless communication device.

  ADVANTAGE OF THE INVENTION According to this invention, the security at the time of utilization of the data used for conveyance in a wireless communication device can be improved.

The perspective view which shows the external appearance structure of a wireless communication device about 1st Embodiment of a wireless communication device. The figure which shows the structure of the radio | wireless communication device and information communication system in 1st Embodiment. The flowchart which shows the flow of a process until a user terminal acquires a public key certificate in the information communication system of 1st Embodiment. The sequence diagram which shows the flow of a process until a wireless communication device acquires a public key in the information communication system of 1st Embodiment. In the information communication system of 1st Embodiment, the sequence diagram which shows the flow of a process until a wireless communication device displays conveyance information. The sequence diagram which shows the flow of the process which a wireless communication device transmits sensor data in the information communication system of 1st Embodiment. The flowchart which shows the flow of a process until a wireless communication device acquires a common key about 2nd Embodiment of an information communication system. The sequence diagram which shows the flow of a process until a wireless communication device displays conveyance information in the information communication system of 2nd Embodiment.

(First embodiment)
A first embodiment of a wireless communication device and an information communication system will be described with reference to FIGS. The wireless communication device according to the first embodiment functions as a tag attached to a baggage deposited by a user who is a passenger of an aircraft and carried by the aircraft.

[Configuration of wireless communication device]
With reference to FIG. 1, an external configuration of a wireless communication device will be described. As shown in FIG. 1, the wireless communication device 10 includes a display unit 11. The display unit 11 displays transport information Ib. The transport information Ib is information used for transporting luggage, for example, the airport code of the airport at the departure point, waypoint or destination, the flight number of the aircraft on which the luggage is loaded, identification information assigned to the luggage, etc. including. The transport information Ib is the same type of information as that described in the paper tag that has been used for transporting passengers' luggage by aircraft, and the display format is not particularly limited. It is expressed in the same format as the tag, that is, in a format using a barcode, number, alphabet, or the like.

  The wireless communication device 10 is attached to a baggage that the user deposits at the airport when boarding the aircraft, that is, a baggage to be transported. The external shape of the wireless communication device 10 is not particularly limited. For example, the wireless communication device 10 may be integrated with a load by being incorporated into a side wall of a suitcase, or may be connected using a connection component. It may be connected to a handle or the like.

  With reference to FIG. 2, the electrical configuration of the wireless communication device and the configuration of the information communication system including the wireless communication device will be described.

  As illustrated in FIG. 2, the wireless communication device 10 includes a wireless communication unit 12, a control unit 13, a sensor unit 14, and a power supply unit 15 in addition to the display unit 11 described above.

  The display unit 11 includes electronic paper and its drive circuit, and has a nonvolatile information display function. The electronic paper may be a matrix type electronic paper that forms display information with pixels arranged in a matrix, or a segment type electronic paper that forms display information by a combination of patterns arranged in advance. Also good. While matrix-type electronic paper can express characters and images freely, segment-type electronic paper is used if the transport information Ib is information expressed in a limited format such as numbers or barcodes. Thereby, the structure of the display part 11 can be made into a simple structure.

  The wireless communication unit 12 executes a connection process between the user terminal 20 operated by the user who is the owner of the package and the wireless communication device 10, and transmits and receives data between the user terminal 20 and the wireless communication device 10. Do. Examples of wireless communication used for communication between the wireless communication device 10 and the user terminal 20 include non-contact communication using the HF band such as NFC (Near Field Communication), non-contact communication using the UHF band, and BLE (Bluetooth). Low Energy: Bluetooth is a registered trademark), Bluetooth 5, Ant communication, communication using a mobile communication network, communication using other various mesh networks, and the like. The wireless communication unit 12 may be configured to be able to transmit and receive data corresponding to a plurality of communication methods among these wireless communication. For example, the wireless communication unit 12 is preferably configured to be capable of non-contact communication using at least one of the HF band and the UHF band and communication using BLE.

  In addition, the wireless communication unit 12 uses these wireless communications to process the connection between the terminal used for managing the transportation and the wireless communication device 10 during the transportation of the package and the data between these devices. Transmission and reception may be performed.

  The control unit 13 includes an MCU (Micro Controller Unit), and performs control and arithmetic processing of each unit included in the wireless communication device 10 according to a program stored in a storage area included in the control unit 13. The MCU constituting the control unit 13 is preferably a secure MCU that ensures the security of information processing. Specifically, the MCU conforms to the EMV standard, or EAL (Evaluation Assurance) in ISO / IEC15408. It is preferable that the MCU satisfies Level 4 or higher of (Level). Further, the control unit 13 may include a support MCU that assists such connection according to the necessity of a terminal for connection between the MCU and each element included in the wireless communication device 10.

  The control unit 13 verifies the validity of the data acquired from the external device, stores the data acquired from the external device in the storage area, and collects data stored in the storage area and the sensor unit 14. Control of transmission of data to an external apparatus by the wireless communication unit 12 is performed. Furthermore, the control part 13 displays the conveyance information Ib on the display part 11 using the data acquired from the external apparatus.

  The control unit 13 stores a device ID that is identification information of the wireless communication device 10 in a storage area included in the control unit 13. The device ID is a unique identifier for each wireless communication device 10 and is assigned to the wireless communication device 10 or generated based on a predetermined algorithm by the control unit 13 and stored in the storage area in advance.

  As the device ID, for example, a GUID (Globally Unique Identifier) is used. Instead of the GUID, a UID (Unique Identifier), TID (Tag Identifier), or EPC (Electronic Product Code) that functions as an identifier of the RFID tag may be used. Alternatively, arbitrary identification information other than such an identifier may be created and used as a device ID, or another IC connected to the MCU via a bus such as I2C in the wireless communication device 10 may be used. Identification information that can be held or stored may be used as the device ID. In short, the device ID may be unique for each wireless communication device 10.

  The sensor unit 14 includes a sensor that converts a change in the environment around the wireless communication device 10 into a signal and outputs the signal. Examples of such sensors include a temperature sensor that detects the ambient temperature of the wireless communication device 10, a pressure sensor that detects the magnitude of the pressure received by the wireless communication device 10, and the magnitude of acceleration of the wireless communication device 10 that moves by transportation. Examples include an acceleration sensor for detecting, an impact sensor for detecting the application and magnitude of an impact to the wireless communication device 10. The sensor included in the sensor unit 14 may be a sensor that detects the atmospheric pressure and humidity around the wireless communication device 10. Such a sensor is provided at an appropriate position of the wireless communication device 10 according to the detection target of the sensor. The sensor unit 14 may include a plurality of sensors with different detection targets.

  The power supply unit 15 supplies power to each unit such as the display unit 11 and the control unit 13 included in the wireless communication device 10. The power supply unit 15 includes a primary battery and a secondary battery, and may supply power from the battery to each unit. The power supply unit 15 includes an antenna for non-contact power feeding and is supplied by non-contact power feeding. Power may be supplied to each unit based on the above. In addition, the power supply unit 15 may include an energy generation element that converts energy obtained from an environment such as light, heat, and vibration into power, and may supply power to each unit based on power generation by the energy generation element. .

  The information communication system includes a wireless communication device 10, a user terminal 20, and a management server 30, and exchanges data such as package data including transport information Ib between these devices using encryption. System. In the first embodiment, public key encryption is used as the encryption method.

  The wireless communication device 10 and the user terminal 20 mutually transmit and receive data by wireless communication using the wireless communication unit 12 described above. The user terminal 20 and the management server 30 are connected to a general-purpose communication line network such as the Internet, and transmit and receive data to and from each other through the network.

  The user terminal 20 is a computer terminal such as a smartphone or a tablet terminal. The user terminal 20 includes a communication unit 21, a control unit 22, and a storage unit 23.

  The communication unit 21 performs a connection process between the user terminal 20 and the wireless communication device 10 by a communication method corresponding to the wireless communication unit 12, and transmits and receives data between these devices. In addition, the communication unit 21 performs connection processing between the user terminal 20 and the management server 30 through the network, and transmits and receives data between these devices.

The control unit 22 includes a volatile memory such as a CPU and a RAM, and performs control of each unit in the user terminal 20 and arithmetic processing. As processing in the information communication system, the control unit 22 transmits data such as a device ID received from the wireless communication device 10 to the management server 30 and wireless communication of data including the public key and package data received from the management server 30. Transmission to the device 10 is performed through the communication unit 21.
The storage unit 23 has a configuration including a non-volatile memory such as a flash memory, and stores programs and data necessary for processing executed by the control unit 22.

  The function of the control unit 22 in the information communication system is embodied by, for example, software that gives a plurality of functions to one common hardware, and such software is stored in the storage unit 23. For example, the software is included in an application program provided for the user by the airline, and is installed in the user terminal 20 via downloading through a network.

  In addition to the above-described configuration, the user terminal 20 includes a display unit configured by a liquid crystal panel or the like to display information, and an operation unit configured by a touch panel or the like that receives a user operation.

  The management server 30 is a server managed by a transportation manager who is an administrator of the transportation of luggage. The transportation manager is, for example, an airline. The management server 30 includes a communication unit 31, a control unit 32, and a storage unit 33.

  The communication unit 31 performs connection processing between the management server 30 and the user terminal 20 through the network, and transmits and receives data between these devices.

  The control unit 32 has a configuration including a volatile memory such as a CPU and a RAM, and performs control of each unit in the management server 30 and arithmetic processing. The control unit 32 transmits the public key certificate to the user terminal 20 through the communication unit 31 as processing in the information communication system. In addition, the control unit 32 generates the above-described package data, and further generates encrypted data including an electronic signature generated using the secret key held by the management server 30 from the package data. Then, the control unit 32 transmits the encrypted data to the user terminal 20 through the communication unit 31.

  Furthermore, as a process in the information communication system, the control unit 32 stores the device ID received from the user terminal 20 in the storage unit 33 as device management data in association with user information that is information about the user.

  The storage unit 33 has a configuration including a nonvolatile memory such as a hard disk drive, and stores programs and data necessary for processing executed by the control unit 32. The storage unit 33 stores the above-described secret key and device management data as an example of such data.

  The function of the control unit 32 in the information communication system may be embodied separately by various hardware such as a plurality of CPUs, a memory such as a RAM, and software that allows them to function, or a common 1 It may be embodied by software that provides a plurality of functions to one piece of hardware. Note that the functions of the management server 30 may be realized by a plurality of servers.

  In the information communication system, the wireless communication device 10 acquires, via the user terminal 20, a public key that is paired with a secret key that the management server 30 uses to generate encrypted data, and stores the public key in the storage area of the control unit 13. The public key is preferably stored in a tamper-resistant area in the storage area of the control unit 13, that is, an area that is difficult to analyze from the outside. Then, the wireless communication device 10 verifies the encrypted data received via the user terminal 20 using the public key to confirm the validity of the package data, and then uses the package data to transfer the transport information to the display unit 11. Ib is displayed.

[Operation of Information Communication System]
The operation of the information communication system will be described with reference to FIGS. In the processing of the information communication system, the wireless communication device 10 acquires a public key, the wireless communication device 10 acquires package data and displays the transport information Ib, and the wireless communication device 10 uses the sensor unit 14 to And transmitting the collected data to the outside.
<Obtain public key>
With reference to FIG. 3 and FIG. 4, a processing procedure until the wireless communication device 10 acquires a public key will be described.

  FIG. 3 is a flowchart showing a procedure until the user terminal 20 acquires a public key certificate. First, the transportation manager generates a secret key and a public key for realizing public key cryptography through a server or the like, or obtains these keys based on a request for the generation and sends them to an organization that functions as a certificate authority. A public key is provided and an application for issuing a public key certificate is made (step S10). The secret key and the public key may be generated so as to correspond to a publicly-known algorithm for realizing public key encryption, and are, for example, keys corresponding to RSA 2048 bits. The organization that functions as a certificate authority may be an organization that issues digital certificates. For example, an organization that supports and supervises transportation operations by a transportation manager, such as an industry organization to which an airline belongs, It may serve as a certificate authority. The secret key is stored in the storage unit 33 of the management server 30.

  The certificate authority that received the application, for example, after confirming that the transportation manager is a reliable organization based on confirming that the transportation manager is an airline that has received the prescribed certification, A public key certificate is issued (step S11).

The issued public key certificate is delivered to the transportation manager and transmitted from the management server 30 to the user terminal 20 (step S12). The transmission of the public key certificate may be performed, for example, when the passenger application that is the application program is installed in the user terminal 20, or the user performs wireless communication through the operation of the passenger application. The notification that the user wishes to carry the package using the device 10 may be sent when the user terminal 20 sends the notification to the management server 30.
FIG. 4 is a sequence diagram illustrating a procedure for transmitting a public key from the user terminal 20 to the wireless communication device 10.

  As shown in FIG. 4, when the user terminal 20 receives the public key certificate, the control unit 22 of the user terminal 20 acquires the public key included in the public key certificate (step S20). At this time, the control unit 22 verifies the digital signature of the certificate authority included in the public key certificate using the public key of the certificate authority, so that the public key included in the public key certificate is guaranteed by the certificate authority. Confirm that it is the public key of the transporter.

  The public key certificate for acquiring the public key of the certificate authority may be acquired from a server or the like managed by the certificate authority, or may be stored in advance in the storage unit 23 of the user terminal 20. When there is a higher-order certificate authority, the user terminal 20 acquires the public key certificate of the higher-order certificate authority up to the root certificate authority, and uses the public key of the higher-order certificate authority to The public key of the transportation manager is obtained by verifying the electronic signature in the public key certificate of the certificate authority and acquiring the public key of the lower certificate authority in order from the upper level to the lower level.

  Wireless communication with the user terminal 20 based on the user performing a predetermined operation such as placing the user terminal 20 in the vicinity of the wireless communication device 10 according to a display or the like based on the operation of the passenger application installed in the user terminal 20 Communication with the device 10 starts.

  When the user terminal 20 recognizes the wireless communication device 10 for the first time, that is, when data is transmitted and received for the first time between these devices, the user terminal 20 first transmits a device ID to the wireless communication device 10. A request is made (step S21). Upon receiving the request for transmitting the device ID, the control unit 13 of the wireless communication device 10 acquires the device ID from the storage area, and transmits the device ID to the user terminal 20 through the wireless communication unit 12 (step S22).

  When the device ID is received, the control unit 22 of the user terminal 20 transmits the device ID to the management server 30 through the communication unit 21 (step S23). The control unit 32 of the management server 30 associates the received device ID with the user information and stores them in the storage unit 33 as device management data (step S24). The user information includes at least personal information such as the name and address of the user. In addition, the user information may include information indicating the usage status of the service by the user, such as a user's boarding history.

  The management server 30 acquires user information as follows. For example, before step S21, registration of a member who uses a service provided by an airline is performed using transmission / reception of data based on the operation of a Web page or a passenger application. At this time, user information is input to a terminal such as the user terminal 20 based on a user operation, and the input user information is transmitted from the terminal to the management server 30 and stored in the storage unit 33 of the management server 30. . A user ID, which is user identification information, is assigned to a user as a member, and the user ID is managed in association with the user information and notified to the user through the terminal. The user terminal 20 acquires a user ID based on an input by a user operation or the like, and stores it as necessary.

  When transmitting the device ID to the management server 30, the user terminal 20 also transmits the user ID to the management server 30. The management server 30 identifies user information corresponding to the user based on the user ID, associates the identified user information with the device ID, and stores them in the storage unit 33 as device management data.

  Alternatively, before or after the user terminal 20 acquires the device ID, the user is requested to input user information to the user terminal 20, and the input user information is transmitted to the management server 30 together with the device ID. Also good. In this case, the management server 30 associates the received user information with the device ID and stores them in the storage unit 33 as device management data.

  When acquiring the device ID, the user terminal 20 requests the wireless communication device 10 for processing for pairing (step S25). Upon receiving this request, the wireless communication device 10 performs processing required for pairing and returns a response to the user terminal 20 (step S26). In response to this response, the user terminal 20 performs processing such as storing data for establishing pairing (step S27). Through such processing, the user terminal 20 and the wireless communication device 10 exchange and store data used for authentication and communication encryption between these devices, and each of the user terminal 20 and the wireless communication device 10 Register each other as a pairing partner.

  When communication by pairing is established, the control unit 22 of the user terminal 20 transmits the public key of the transportation manager to the wireless communication device 10 through the communication unit 21 (step S28). When receiving the public key, the control unit 13 of the wireless communication device 10 stores the public key in the storage area (step S29).

  As described above, transmission of the public key from the user terminal 20 to the wireless communication device 10 and subsequent transmission / reception of data between the user terminal 20 and the wireless communication device 10 use communication by pairing. Done. Thereby, the security of communication between the user terminal 20 and the wireless communication device 10 is enhanced. Specifically, for example, in the above-described flow, the device ID is exchanged by non-contact communication using the HF band or UHF band or by BLE communication that does not require pairing. Transfer to communication and pairing is performed.

  Note that pairing between the user terminal 20 and the wireless communication device 10 may be performed before the device ID is exchanged, and the device ID may be exchanged using communication by pairing. Also, device ID exchange and pairing between the user terminal 20 and the wireless communication device 10, that is, the processing of steps S21 to S27 in FIG. It may be performed before acquisition, that is, before the processing of step S20.

  Further, the transmission of the device ID from the user terminal 20 to the management server 30 may be performed at an arbitrary timing until the management server 30 generates the encrypted data.

<Acquisition of package data>
With reference to FIG. 5, a processing procedure until the wireless communication device 10 acquires the package data and displays the transport information Ib will be described.
A user who intends to board an aircraft makes a reservation for boarding an aircraft by using the transmission and reception of data based on the operation of a Web page or passenger application through the input of necessary information to a terminal such as the user terminal 20. Thereby, reservation data is generated and stored in the storage unit 33 of the management server 30. The reservation data includes, for example, information such as the name of the user, the flight of the aircraft scheduled to be boarded, the airport at the departure and arrival points, the scheduled departure date and time, and the scheduled arrival date and time. The information included in the reservation data may be associated with the user information and the device ID included in the device management data described above, for example, through user identification using identification information such as a user ID.

  Note that the reservation for boarding the aircraft by the user, that is, the generation of the reservation data, may be performed before or after the registration of the device ID in the device management data. In addition, before or after the user terminal 20 acquires the device ID, information necessary for the reservation is input by the user to the user terminal 20, and the input information is transmitted to the management server 30 together with the device ID. The reservation data may be generated together with the management data.

  The control unit 32 of the management server 30 generates package data based on the reservation data (step S30). The package data includes transport data that is data indicating the transport information Ib. The transport data is data for displaying an image as the transport information Ib on the display unit 11 of the wireless communication device 10, and may be data of an image indicating the transport information Ib, or the display unit as the transport information Ib. 11 may be binary data that defines an image to be displayed on the screen. Further, the management server 30 may use device management data for generating package data, and include identification information such as a user ID and a device ID in the package data.

  When the departure time of the aircraft approaches, a check-in request is made from the user terminal 20 to the management server 30 based on the user's operation (step S31), and the control unit 32 of the management server 30 confirms the reservation as a check-in process. Is performed (step S32). In a configuration in which identification information such as a user ID is used to manage which user corresponds to the process at each terminal, the check-in request may be made from a terminal different from the user terminal 20. .

  Subsequently, the control unit 32 of the management server 30 generates encryption data based on generating authentication data from the package data using the secret key of the transportation manager stored in the storage unit 33 (step S33). ). Specifically, the control unit 32 generates a message digest that is a hash value from the package data using a hash function, and generates an electronic signature by encrypting the generated message digest with a secret key. The generated electronic signature is authentication data, and the encrypted data includes package data and authentication data. As a method for generating an electronic signature, a known method including a hash function to be used may be used.

  Note that the order of the generation of the package data and the encrypted data and the check-in process is not particularly limited, and the generation of the package data may be performed after the check-in process. May be done before. In short, it is sufficient that the encrypted data is generated after the package data is generated.

  After completion of the check-in process, the control unit 32 of the management server 30 transmits the generated encrypted data to the user terminal 20 through the communication unit 31 (step S34). When the encrypted data is received, the control unit 22 of the user terminal 20 requests the user terminal 20 to be placed at a position where it can communicate with the wireless communication device 10 through display on the display unit, and uses communication by pairing. Then, the encrypted data is transmitted to the wireless communication device 10 through the communication unit 21 (step S35).

  For the establishment of communication by pairing, for example, a handover that shifts to communication by BLE after establishment of communication by NFC is preferably used. According to this, since the user transmits the encrypted data to the wireless communication device 10 in response to a clear operation of holding the user terminal 20 over the wireless communication device 10, the user can transmit the encrypted data from the user terminal 20 to the wireless communication device 10. Easy to be aware of sending data to. In addition, since the BLE communication capable of transmitting a large amount of data at a higher speed than NFC is used for transmitting the encrypted data itself, the encrypted data can be efficiently transmitted to the wireless communication device 10.

  When the encrypted data is received, the control unit 13 of the wireless communication device 10 verifies the authentication data included in the encrypted data by using the public key of the transportation manager stored in the storage area, thereby verifying the validity of the package data. Is verified (step S36). That is, if the electronic signature as authentication data can be decrypted with the public key of the transportation manager, it can be confirmed that the creator of the encrypted data is the transportation manager. Then, the control unit 13 calculates a hash value from the package data included in the encrypted data, and verifies whether the calculated hash value matches the data obtained by decrypting the electronic signature. If the calculated hash value matches the data obtained by decrypting the electronic signature, it can be confirmed that the received package data has not been tampered with. Thereby, the legitimacy of the package data, that is, the legitimacy of the transport information Ib indicated by the transport data is confirmed.

  When the validity of the package data is confirmed, the control unit 13 of the wireless communication device 10 stores the package data in the storage area, and displays the transport information Ib on the display unit 11 using the transport data included in the package data. (Step S37). Thereby, the transport information Ib whose validity has been confirmed is displayed on the display unit 11. When the legitimacy of the package data cannot be confirmed, that is, when the electronic signature cannot be decrypted with the public key of the transportation administrator, or when the hash value calculated from the package data does not match the data obtained by decrypting the electronic signature The control unit 13 does not perform display using the package data. In this case, the control unit 13 may cause the display unit 11 to display a notification that the received data is inappropriate data, or inform the user terminal 20 that the received data is inappropriate data. Based on the notification, a notification that the data is inappropriate may be displayed on the display unit of the user terminal 20.

  As described above, according to the configuration of the first embodiment, the wireless communication device 10 verifies the authentication data included in the encrypted data by using the public key of the transport manager, so that the transport information Ib included in the received data. The transport information Ib whose validity has been confirmed is displayed on the display unit 11. Therefore, the security at the time of using the data used for transportation is increased, and the reliability of the transportation information Ib displayed on the wireless communication device 10 is enhanced.

  In particular, the use of electronic signatures allows confirmation of the creator of the encryption data and confirmation of whether or not the package data has been tampered with, so fake data created by a person other than the transportation manager or falsified Display of information on the display unit 11 using data is suppressed. Therefore, the reliability of the transport information Ib displayed on the wireless communication device 10 is preferably enhanced.

  Since the encrypted data includes unencrypted transport data, the transport data may be intercepted, but the transport information Ib indicated by the transport data is meaningful only when it is displayed together with the package to be transported. In many cases, the usefulness of the transport information Ib alone is low. Therefore, if the transport information Ib whose validity is confirmed based on the verification of the electronic signature is displayed on the display unit 11, the security when using the data used for transport is sufficiently enhanced.

  In addition, the generation of an electronic signature based on package data and its verification require less computation load than encryption and decryption of the entire package data. Therefore, if the encrypted data includes a digital signature generated from the package data and unencrypted package data, the operation load on the management server 30 and the wireless communication device 10 can be reduced and transported. Security when using the data to be used can be increased.

Note that the authentication data included in the encrypted data may be generated from some data included in the package data. For example, the package data includes identification information such as a user ID, device ID, package identification information, etc., and the hash value calculated from this identification information is encrypted with the secret key of the transportation manager, so that A signature may be generated. Such identification information includes identification information unique to the wireless communication device 10 at least during the period in which the package to be transported is transported, that is, the transport of other packages transported during the period, and the wireless communication device 10. It functions as identifiable information on the transportation of the package used. Note that a device ID is preferably used as such identification information.
According to such a configuration, it is possible to further reduce the load required for generating and verifying the electronic signature as compared with the case of creating the electronic signature from the entire package data. When an electronic signature is generated from a device ID, the encrypted data does not include the device ID that is the generation source of the electronic signature, and the wireless communication device 10 uses the device ID stored in the wireless communication device 10. An electronic signature may be verified.

  Even with these configurations, if the electronic signature can be decrypted with the transport manager's public key, it is possible to confirm that the creator of the encrypted data is the transport manager, and the package data is encrypted without the electronic signature. Compared to the case where it is transmitted in a non-encoded state, a corresponding confirmation of the validity of the package data is obtained. That is, the verification of the validity of the package data only needs to include at least the confirmation of the creator of the encrypted data.

  The encrypted data may be data obtained by encrypting the entire package data without including an electronic signature. In this case, the data obtained by encrypting the entire package data is the authentication data. Even with such a configuration, if the authentication data can be decrypted with the public key of the transportation manager, it can be confirmed that the creator of the encrypted data is the transportation manager. Since the transport information Ib included in the package data cannot be obtained unless decryption is performed using the public key, the transport information Ib can be prevented from being leaked even when the encrypted data is intercepted. Such a configuration is useful when the transport information Ib includes information that is highly damaged by leakage. Furthermore, the encrypted data may be data obtained by encrypting a part of identification information or the like in the package data without including an electronic signature.

  In other words, the encrypted data is data including the transport information Ib as unencrypted transport data, or data including the transport information Ib as encrypted transport data, and the authentication data to be verified with the public key Alternatively, the transportation information Ib may be included, and the transportation information Ib may be included in the authentication data.

  As described above, when the reliability of the transport information Ib displayed on the wireless communication device 10 is increased, the transport using the transport information Ib is performed accurately. The user can use the wireless communication device 10 as a tag attached to the baggage by displaying the transport information Ib on the wireless communication device 10 using the user terminal 20 at home or the like before boarding the aircraft. The waiting time can be reduced as compared with a case where a paper tag used conventionally is issued at the airport. It is also possible to reduce labor costs required to issue paper tags at the airport.

  If the transport information Ib is expressed in the same format as a paper tag, the wireless communication device 10 can be used as a tag without greatly changing the transport system using the paper tag. It is. Since the display unit 11 of the wireless communication device 10 according to the present embodiment is composed of electronic paper, the contrast of displayed information is close to the information described on paper as compared with a liquid crystal panel or the like. Therefore, the information displayed on the display unit 11 can be suitably read by a terminal for reading information from a paper tag. In addition, the information display function of the display unit 11 is a non-volatile information display function. Since the power required for holding information on the display surface is smaller than that of a liquid crystal panel or the like, information display on the display unit 11 is performed. It is possible to reduce the energy required for this. Therefore, the wireless communication device 10 is suitable for being used as a tag attached to a load carried over a long distance.

  The transportation information Ib is read by a predetermined terminal while being displayed on the display unit 11 of the wireless communication device 10, or is used for transportation by being visually confirmed. It may be used for transportation by being transmitted to a predetermined terminal through the unit 12, that is, by being read from the wireless communication device 10 by wireless communication.

<Send sensor data>
With reference to FIG. 6, the procedure of the process in which the wireless communication device 10 transmits the data collected by the sensor unit 14 to the outside will be described.
While being attached to the baggage and being carried along with the baggage, the sensor included in the sensor unit 14 continuously or periodically changes the environment around the wireless communication device 10 as a change in temperature, pressure, or other sensor. The change of the detection target is converted into a signal and output to the control unit 13. In the control unit 13, sensor data that is data generated based on the output of the sensor unit 14 is accumulated in the storage area. That is, the sensor data is data indicating a change in the environment around the wireless communication device 10. The sensor data includes information indicating the time when the environmental change is observed.

After the transportation of the package is completed and the wireless communication device 10 returns to the user, the process shown in FIG. 6 is performed.
First, when the user places the user terminal 20 in the vicinity of the wireless communication device 10 in accordance with the display of the user terminal 20 based on the operation of the passenger application, the user terminal 20 and the wireless communication device 10 communicate by pairing. The user terminal 20 requests the wireless communication device 10 to transmit sensor data (step S40). For the establishment of communication by pairing, for example, a handover that shifts to communication by BLE after establishment of communication by NFC is preferably used.

  When the sensor data request is received, the control unit 13 of the wireless communication device 10 acquires the sensor data stored in the storage area, and transmits the sensor data to the user terminal 20 through the wireless communication unit 12 (step S41). .

  The user terminal 20 that has received the sensor data performs a predetermined process using the sensor data (step S42). For example, the user terminal 20 analyzes the sensor data and displays a change in the environment around the wireless communication device 10 during the transportation of the luggage, that is, a change in the detection target of the sensor on the display unit of the user terminal 20. Alternatively, a warning instruction may be displayed on the display unit only when it is determined that there has been an abnormality in such a change in the environment. Further, the user terminal 20 may transmit the sensor data to the management server 30, and the management server 30 may analyze the sensor data and notify the user of the analysis result.

  According to such a configuration, analysis of sensor data can cause changes in the environment around the package being transported, such as when the temperature around the package changes significantly during transportation, or when the package is subjected to large pressure or impact. When there is an abnormality, the abnormality can be detected along with the time when the abnormality has occurred. Therefore, for example, when there is an abnormality such as breakage in the exterior or contents of the package after transportation, the sensor data can be used to investigate the cause of the abnormality.

  When sensor data is sent to the management server 30 via the user terminal 20, the wireless communication device 10 encrypts the sensor data using the public key of the transportation manager held by the wireless communication device 10. The encrypted sensor data may be transmitted to the management server 30 via the user terminal 20. The management server 30 acquires sensor data by decrypting the received data using the secret key of the transportation manager, and uses it for analysis and the like. According to such a configuration, leakage of sensor data can be suppressed.

  Note that the terminal to which the wireless communication device 10 transmits sensor data is not limited to the user terminal 20 but may be a terminal or the like possessed by a transportation manager. If the sensor data is configured to be transmitted from the wireless communication device 10 to an external terminal, the sensor data extracted from the wireless communication device 10 through the external terminal is used as an environment around the wireless communication device 10 during the transportation of luggage. It can be used for analysis of changes.

  In addition, the wireless communication device 10 transmits the device ID held by the wireless communication device 10 together with the sensor data. In the device such as the management server 30 that has received the sensor data and the device ID, based on the device ID, The wireless communication device 10 that has transmitted the sensor data may be identified.

As described above, according to the first embodiment, the following effects can be obtained.
(1) The wireless communication device 10 verifies the authentication information included in the encrypted data received from the external terminal by using the key stored in the storage area of the wireless communication device 10 to verify the transport information Ib. The transport information Ib whose validity has been confirmed is displayed on the display unit 11. Therefore, the security at the time of using the data used for transportation is increased, and the reliability of the transportation information Ib displayed on the wireless communication device 10 is enhanced.

  (2) Public key cryptography is used as an encryption method used for cryptographic communication in an information communication system. Therefore, compared with the common key encryption, damage caused when the key held by the wireless communication device 10 is leaked during delivery to the wireless communication device 10 or access from the outside to the wireless communication device 10 is small. The load required for key management is small.

(3) In a configuration in which the authentication data is an electronic signature, that is, a configuration in which a message digest generated from package data including transport data is encrypted, the authentication data is stored with a key held by the wireless communication device 10. By verifying, it is possible to confirm the creator of the encrypted data and to confirm whether the package data has been tampered with. Therefore, since it is possible to suppress the display of information on the display unit 11 using fake data or falsified data, the reliability of the transport information Ib displayed on the wireless communication device 10 is preferably enhanced. . In addition, the load required for the calculation using the key in the wireless communication device 10 and the management server 30 is smaller than the configuration in which the authentication data is data obtained by encrypting the package data.
(4) In a configuration in which the authentication data is data obtained by encrypting a message digest generated from data indicating identification information unique to the wireless communication device 10 during the period in which the package is being transported, the wireless communication device 10 holds the authentication data. By verifying the authentication data with the key to be encrypted, it is possible to confirm the creator of the encrypted data. Furthermore, compared with the configuration in which the authentication data is an electronic signature generated from the package data including the transport data, the load required for the calculation using the key in the wireless communication device 10 and the management server 30 is smaller.

  (5) In the configuration in which the authentication data is data obtained by encrypting the package data including the transport data, it is possible to confirm the creator of the encrypted data by verifying the authentication data with the key held by the wireless communication device 10 Moreover, it is suppressed that the conveyance information Ib leaks when conveyance data is intercepted.

  (6) In a configuration in which the device ID held by the wireless communication device 10 is acquired by an external terminal prior to the reception of the encrypted data by the wireless communication device 10, wireless communication is performed using the acquired device ID. It is possible to manage information regarding the identification of the device 10 and the transportation of articles performed using the wireless communication device 10.

  (7) In the configuration in which the wireless communication device 10 transmits the sensor data generated based on the output from the sensor unit 14 during the transportation of the article to the external terminal, the wireless communication during the transportation of the article is performed by analyzing the sensor data. Changes in the environment around the communication device can be analyzed.

(Second Embodiment)
A second embodiment of the wireless communication device and the information communication system will be described with reference to FIGS. In the second embodiment, common key cryptography is used for communication in the information communication system. Below, it demonstrates centering on difference with 1st Embodiment, about the structure similar to 1st Embodiment, the same code | symbol is attached | subjected and the description is abbreviate | omitted.

  The wireless communication device 10 of the second embodiment has the same configuration as that of the first embodiment, but the communication using the common key encryption has the wireless communication device 10 compared to the communication using the public key encryption. When a key is leaked to the outside, data impersonation or the like is easily established, so damage caused by key leakage is large. Therefore, in the second embodiment, a secure MCU is used as the MCU configuring the control unit 13, and the common key acquired by the wireless communication device 10 is stored in a tamper-resistant storage area in the control unit 13. Is done. With such a configuration, the risk of leakage of the common key is reduced, and the reliability that the common key is a key shared only between the management server 30 and the wireless communication device 10 is increased.

[Operation of Information Communication System]
The operation of the information communication system will be described with reference to FIGS. For the processing of the information communication system, the wireless communication device 10 acquires a common key, the wireless communication device 10 acquires package data and displays the transport information Ib, and the wireless communication device 10 uses the sensor unit 14 And transmitting the collected data to the outside.

<Obtaining a common key>
With reference to FIG. 7, a procedure of processing until the wireless communication device 10 acquires a common key will be described.
First, a master common key is generated at a higher organization of the transportation manager (step S50). The generated master common key is delivered to the transport manager through a server or the like. The host organization may be the same organization as the organization functioning as the certificate authority in the first embodiment, and may be an organization whose business is the generation and management of a common key, or an industry organization to which an airline belongs. As such, it may be an organization that supports or supervises transportation operations by a transportation manager.

  The transport manager who has acquired the master common key generates a derived common key from the master common key (step S51). The derived common key may be generated so as to correspond to a known algorithm that realizes common key cryptography.

  The generated derivation common key is stored in the storage unit 33 of the management server 30 and is also passed to the manufacturing manager of the wireless communication device 10 through the server or the like, and before the wireless communication device 10 is shipped, It is stored in the storage area (step S52). The derived common key is sent to the wireless communication device 10 by contactless communication using the HF band or the UHF band from a terminal held by the manufacturing manager, such as a terminal arranged on the manufacturing line of the wireless communication device 10, for example. The wireless communication device 10 stores the derived common key acquired through the wireless communication unit 12 in the storage area.

  The derived common key can be transferred to the wireless communication device 10 through the management server 30 and the user terminal 20 as in the first embodiment. However, as described above, in communication using common key encryption, damage caused by key leakage is significant. If the manufacturing manager has a form in which the derived common key is stored in the wireless communication device 10 before shipment, an environment in which data is not easily intercepted is constructed, and the derived common key is stored in the wireless communication device 10 under the environment. Therefore, it is possible to increase security for obtaining the derived common key by the wireless communication device 10. Therefore, the reliability that the derived common key is a key shared only between the management server 30 and the wireless communication device 10 is improved.

<Acquisition of package data>
With reference to FIG. 8, the procedure of processing until the wireless communication device 10 acquires the package data and displays the transport information Ib will be described.
Similar to the first embodiment, reservation data is generated based on the user's reservation, and the control unit 32 of the management server 30 generates package data based on the reservation data (step S60).

  When a check-in request is made from the user terminal 20 to the management server 30 (step S61), the control unit 32 of the management server 30 performs a process of confirming a reservation as a check-in process (step S62). Subsequently, the control unit 32 generates encrypted data by encrypting the package data using the derived common key stored in the storage unit 33 (step S63). That is, the encrypted data of the second embodiment is data obtained by encrypting the package data with the derived common key, and this data is the authentication data. Note that the order of the generation of the package data and the encrypted data and the check-in process is not particularly limited, and the encrypted data may be generated after the generation of the package data.

  When the check-in process is completed, the control unit 32 of the management server 30 transmits the generated encrypted data to the user terminal 20 through the communication unit 31 (step S64). When the encrypted data is received, the control unit 22 of the user terminal 20 requests the user terminal 20 to be placed at a position where it can communicate with the wireless communication device 10 through display on the display unit, and uses communication by pairing. Then, the encrypted data is transmitted to the wireless communication device 10 through the communication unit 21 (step S65).

  For the establishment of communication by pairing, for example, a handover that shifts to communication by BLE after establishment of communication by NFC is preferably used. Pairing registration may be performed in the same procedure as in the first embodiment before transmission / reception of encrypted data. In addition, the user terminal 20 acquires a device ID from the wireless communication device 10 and transmits the device ID to the management server 30, and the management server 30 associates the device ID with the user information. What is necessary is just to perform in the procedure similar to 1st Embodiment.

  When the encrypted data is received, the control unit 13 of the wireless communication device 10 verifies the authentication data by decrypting the encrypted data using the derived common key stored in the storage area, and verifies the validity of the package data. (Step S66). That is, on the assumption that the derived common key is shared only between the management server 30 and the wireless communication device 10, if the encrypted data can be decrypted by the derived common key, the creator of the encrypted data is the transport manager. Can be confirmed. Thereby, the legitimacy of the package data, that is, the legitimacy of the transport information Ib indicated by the transport data is confirmed.

  When the validity of the package data is confirmed, the control unit 13 of the wireless communication device 10 stores the package data in the storage area, and displays the transport information Ib on the display unit 11 using the transport data included in the package data. (Step S67). Thereby, the transport information Ib whose validity has been confirmed is displayed on the display unit 11. When the legitimacy of the package data cannot be confirmed, that is, when the encrypted data cannot be decrypted with the derived common key, the control unit 13 does not perform display using the package data. In this case, the control unit 13 may cause the display unit 11 to display a notification that the received data is inappropriate data, or inform the user terminal 20 that the received data is inappropriate data. Based on the notification, a notification that the data is inappropriate may be displayed on the display unit of the user terminal 20.

  As described above, according to the configuration of the second embodiment, the wireless communication device 10 verifies the authentication data using the derived common key, thereby verifying the validity of the transport information Ib included in the received data. The transport information Ib whose property is confirmed is displayed on the display unit 11. Therefore, the security at the time of using the data used for transportation is increased, and the reliability of the transportation information Ib displayed on the wireless communication device 10 is enhanced. In such a configuration, the transport information Ib included in the package data cannot be obtained unless decryption is performed using the derived common key. Therefore, even if the encrypted data is intercepted, the transport information Ib is leaked. Is suppressed. Therefore, it is useful when the transport information Ib includes information that is highly damaged by leakage.

  As in the first embodiment, the encrypted data may include unencrypted package data and authentication data generated from the package data using the derived common key. That is, the control unit 32 of the management server 30 generates a message digest that is a MAC (Message Authentication Code) from the entire package data or a part of the identification information, etc., using the hash function and the derived common key. Encrypt the message digest with the derived common key. Then, the control unit 32 transmits encrypted data including package data and authentication data that is data obtained by encrypting the message digest to the user terminal 20 via the communication unit 31.

  In this case, the wireless communication device 10 that has received the encrypted data verifies the validity of the package data by verifying the authentication data using the derived common key. That is, the control unit 13 decrypts the authentication data with the derivation common key stored in the wireless communication device 10, and the derivation common stored in the wireless communication device 10 with the package data and the hash function included in the encrypted data The MAC is calculated from the key. Then, the control unit 13 verifies whether or not the calculated MAC matches the decrypted authentication data. If the calculated MAC matches the decrypted authentication data, it can be confirmed that the received package data has not been tampered with, and it can be confirmed that the creator of the encrypted data is the transport manager. Note that the MAC may be generated using a block cipher algorithm.

  According to such a configuration, compared to the case where the encrypted data is the entire data of the package data, the calculation load required for encryption and decryption in the management server 30 and the wireless communication device 10 is reduced. However, it is possible to increase security when using data used for transportation.

  Note that the common key used by the management server 30 and the wireless communication device 10 in the second embodiment is not limited to the derived common key generated from the master common key, and may be a common key that does not have a master common key. .

  In the second embodiment, transmission of sensor data by the wireless communication device 10 is performed in the same manner as in the first embodiment. That is, the sensor data accumulated in the wireless communication device 10 during the transportation of the package is transmitted from the wireless communication device 10 to an external terminal such as the user terminal 20 and further transmitted to the management server 30 to transport the package. It is used for analyzing changes in the environment around the wireless communication device 10 inside. When sensor data is sent from the wireless communication device 10 to the management server 30 via the user terminal 20, the sensor data may be sent to the management server 30 after being encrypted with the derived common key.

As described above, according to the second embodiment, the following effects can be obtained in addition to the effects (1) and (3) to (7) of the first embodiment.
(8) Common key encryption is used as an encryption method used for encryption communication in an information communication system. Therefore, compared with public key cryptography, the load required for computation using keys in the wireless communication device 10 and the management server 30 is small.

[Modification]
The above embodiments can be implemented with the following modifications.
In the first embodiment, as authentication data, a common key encrypted using the transport manager's private key is transmitted from the management server 30 to the wireless communication device 10 via the user terminal 20, and the wireless communication device 10 After obtaining the common key by verifying, that is, decrypting, the authentication data using the public key of the transportation manager, the transmission / reception of the package data may be performed using encrypted communication using the common key. . That is, when the encrypted data is composed of authentication data and package data, the authentication data is transmitted to the wireless communication device 10 before the package data, and the authentication data is verified by the wireless communication device 10 to verify its validity. After the confirmation, the package data may be transmitted to the wireless communication device 10 in an encrypted state or an unencrypted state. Even with such a configuration, it is possible to obtain appropriate confirmation of the validity of the transport information Ib as compared with the case where the verification of the authentication data using the transport manager's public key is not performed at all.

  When a user takes over an aircraft operated by different airlines and is carried over by a different transportation manager, for example, the validity of the transportation information Ib is confirmed by the following processing. That is, the wireless communication device 10 acquires the transport manager's key for each of the plurality of transport managers who transport the load in the same procedure as in the above embodiment. The authentication data in the encrypted data includes data generated using the keys of the plurality of transport managers. The wireless communication device 10 uses the keys of the transport managers held by the wireless communication device 10. The validity of the transport information Ib is confirmed by verifying the authentication data. For example, the transportation information Ib is configured to include information of an initial departure place, a waypoint, and a final arrival place, and the authentication data is an electronic signature generated by the first transportation administrator's private key. To the electronic signature generated by the second transport manager's private key. Alternatively, the authentication data may include an electronic signature generated with the first transport manager's private key and an electronic signature generated with the second transport manager's private key.

  -Transmission of the encryption data from the user terminal 20 to the wireless communication device 10 may be performed based on collation of device ID. That is, the management server 30 stores the device ID and information such as the flight of the aircraft scheduled to be boarded, the departure place, and the airport of the arrival place in association with the reservation data in association with each other. In other words, the management server 30 stores the device ID and the transport information Ib in association with each other. The user terminal 20 acquires a device ID from the wireless communication device 10 and transmits it to the management server 30, and the control unit 32 of the management server 30 sends the received device ID and the transport information Ib associated with the management server 30. Is identified. Then, the management server 30 transmits the encrypted data including the specified transport information Ib to the wireless communication device 10 via the user terminal 20. According to such a configuration, the certainty of specifying the wireless communication device 10 that is the transmission destination of the transport information Ib is improved.

  When the key held by the wireless communication device 10 is different for each wireless communication device 10, the management server 30 manages the key paired with the key held by the wireless communication device 10 in association with the device ID. And based on device ID received from the user terminal 20 as mentioned above, the key matched with this device ID may be specified and encryption data may be produced | generated using this key. Note that a user ID may be used as identification information for managing such a key.

  In addition, the configuration in which the wireless communication device 10 that is the transmission destination of the transport information Ib is specified by the device ID as described above, or the user information and the transport information Ib are associated with each other in the management server 30, and If the management server 30 identifies the transport information Ib to be transmitted to the wireless communication device 10 by inputting the user ID, the terminal that transmits the encrypted data to the wireless communication device 10 is a user terminal possessed by the user. It is not limited to 20. The terminal that transmits the encrypted data to the wireless communication device 10 may be a terminal installed at an airline counter at an airport or a terminal provided at an arbitrary place such as a store at an airport.

  The wireless communication device 10 may hold the device ID as a barcode or a two-dimensional code on the surface of the wireless communication device 10 instead of storing the device ID in the control unit 13. In this case, the user terminal 20 includes a reading unit corresponding to the device ID format, and acquires the device ID by optically reading the device ID. Even if the device ID is not transmitted to the management server 30 via the user terminal 20, the generation of encrypted data using the key and the verification of the authentication data are performed between the wireless communication device 10 and the management server 30. If it is the structure by which the legitimacy of the conveyance information Ib is confirmed by being performed, the security at the time of utilization of the data used for conveyance will be improved.

  -Wireless communication used for communication between the user terminal 20 and the wireless communication device 10 is limited to communication by NFC or BLE as specific examples in the flow of each of the above embodiments as long as wireless communication is performed at a short distance. Absent. For communication between the user terminal 20 and the wireless communication device 10, various types of communication listed as examples of wireless communication performed by the wireless communication unit 12 in the first embodiment can be used, and encrypted data is transmitted by communication that does not require pairing. May be transmitted from the user terminal 20 to the wireless communication device 10.

  A large number of encrypted data transmitted to the wireless communication device 10, for example, by including a hash value of the package data transmitted to the other wireless communication device 10 before the encrypted data. The exchange of a large number of pieces of encrypted data for each article to be transported by the wireless communication device 10 may be configured to constitute a block chain.

  The wireless communication device 10 does not include the sensor unit 14, and sensor data collection and transmission to an external terminal may not be performed. Even with such a configuration, the effects (1) to (5) and (7) can be obtained.

  The wireless communication device 10 may include a storage unit including a flash memory separate from the MCU, an EFPROM, or the like. For example, by storing an image template for displaying the transportation information Ib on the display unit 11 in such a storage unit, the data amount of the transportation data transmitted from the management server 30 to the wireless communication device 10 is reduced. You can also

  The article to which the wireless communication device 10 is attached is not limited to the luggage of an aircraft passenger as long as it is an article to be transported. The article to which the wireless communication device 10 is attached may be any article that needs to be managed, such as various kinds of goods carried on the ground or by sea, articles carried in a factory, and courier. Further, the information included in the transportation information Ib may be set according to the type of the article, the purpose of the transportation, and the transportation system. The transportation information Ib is, for example, the owner of the article, the type and weight of the article, and the like. Information about the attribute of the article may be included. In short, the transport information Ib may be information that is used at any point in time from the start of transport to the completion of transport through the transport.

  Ib ... transport information, 10 ... wireless communication device, 11 ... display unit, 12 ... wireless communication unit, 13 ... control unit, 14 ... sensor unit, 15 ... power supply unit, 20 ... user terminal, 21 ... communication unit, 22 ... Control unit, 23 ... storage unit, 30 ... management server, 31 ... communication unit, 32 ... control unit, 33 ... storage unit.

Claims (7)

A wireless communication device attached to an article to be transported,
A display unit having a nonvolatile information display function;
A control unit including a storage area in which a key used for encrypted communication is stored;
A wireless communication unit that performs wireless communication at a short distance with an external terminal,
The wireless communication unit
Data including transport information which is information used for transporting the article, and receiving encrypted data including authentication data generated using a key corresponding to the key from the terminal,
The controller is
Based on the verification of the authentication data using the key stored in the storage area, the validity of the transport information is verified, and the transport information whose validity has been confirmed is displayed on the display unit. Wireless communication device. The wireless communication device according to claim 1, wherein the authentication data is data obtained by encrypting a message digest generated from data including transport data indicating the transport information. The wireless communication device according to claim 1, wherein the authentication data is data obtained by encrypting a message digest generated from data indicating identification information unique to the wireless communication device during a period in which the article is being transported. The wireless communication device according to claim 1, wherein the authentication data is data obtained by encrypting data including transport data indicating the transport information. The wireless communication device holds unique identification information for each wireless communication device,
The wireless communication device according to any one of claims 1 to 4, wherein the identification information is acquired by an external terminal prior to reception of the encrypted data. A sensor unit that converts a change in the environment around the wireless communication device into a signal and outputs the signal,
The said wireless communication part transmits the data which show the change of the said environment produced | generated based on the output of the said sensor part during conveyance of the said article | item to an external terminal. Wireless communication device. A wireless communication device attached to the article to be transported;
An information communication system including a server that holds a key used for encryption communication,
The server
It is data including transport information which is information used for transporting the article, and generates encrypted data including authentication data generated using the key and transmits it to an external terminal,
The wireless communication device is:
A display unit having a nonvolatile information display function;
A control unit including a storage area in which a key corresponding to a key held by the server is stored;
A wireless communication unit that performs wireless communication at a short distance with the terminal,
The wireless communication unit
Receiving the encrypted data from the terminal;
The controller is
Based on the verification of the authentication data using the key stored in the storage area, the validity of the transport information is verified, and the transport information whose validity has been confirmed is displayed on the display unit. Information communication system.