JP5217349B2 - Information processing apparatus, information processing system, and information processing program - Google Patents

Description

  The present invention relates to an information processing apparatus, an information processing system, and an information processing program.

  The revocation information certification list (CertificateRevocationList) is information issued to indicate the validity of the public certificate.

  Patent Document 1 below discloses a technique for controlling CRL acquisition timing. In this technique, the CRL is acquired at the earliest timing among the initially set acquisition timing, the acquisition timing defined during system operation, or the next update timing described in the CRL.

JP 2003-152715 A

  Provided is an information processing apparatus, an information processing system, or an information processing program that enables both prevention of security degradation and effective use of stored validity information in confirming the validity of a public key certificate based on validity information.

  In one aspect of the information processing apparatus of the present invention, acquisition of obtaining validity information for notifying validity of a public key certificate, which is validity information that may be updated at a time earlier than a scheduled time. Means, storage means for storing the efficacy information acquired by the acquisition means, time when the efficacy information is acquired, time when the efficacy information is scheduled to be updated, and time for determining the reliability of the efficacy information And determining means for determining the reliability of the efficacy information based on the information, and when the determining means determines that the reliability of the efficacy information is smaller than a predetermined value, get.

  In one aspect of the information processing apparatus of the present invention, the determination by the determination means is the time from the time when the efficacy information is acquired to the time when the reliability of the efficacy information is determined, and the time when the efficacy information is acquired. Depends on the time from update to scheduled update time.

  In one aspect of the information processing apparatus of the present invention, the information processing apparatus includes a changing unit that changes a determination condition of the determination unit based on a user instruction.

  In one aspect of the information processing apparatus of the present invention, the acquisition unit acquires two or more pieces of the validity information issued from different certificate authorities, and the determination unit includes two or more items issued from different certificate authorities. The efficacy information is determined under the same conditions based on the time when each efficacy information is acquired, the time when each efficacy information is scheduled to be updated, and the time when the reliability of the efficacy information is determined.

  In one aspect of the information processing apparatus of the present invention, the acquisition unit acquires two or more pieces of the validity information issued from different certificate authorities, and the determination unit includes two or more items issued from different certificate authorities. The efficacy information is determined under different conditions based on the time when each efficacy information is acquired, the time when each efficacy information is scheduled to be updated, and the time when the reliability of the efficacy information is judged.

  In one aspect of the information processing apparatus of the present invention, the information processing apparatus includes an evaluation unit that evaluates the validity of the public key certificate based on the validity information.

  In one aspect of the information processing system of the present invention, acquisition of obtaining validity information for notifying validity of a public key certificate that may be updated at a time before a scheduled time Means, storage means for storing the efficacy information acquired by the acquisition means, time when the efficacy information is acquired, time when the efficacy information is scheduled to be updated, and time for determining the reliability of the efficacy information And determining means for determining the reliability of the efficacy information based on the information, and when the determining means determines that the reliability of the efficacy information is smaller than a predetermined value, get.

  In one aspect of the information processing program of the present invention, acquisition of obtaining validity information for notifying validity of a public key certificate that may be updated at a time before a scheduled time Means, storage means for storing the efficacy information acquired by the acquisition means, time when the efficacy information is acquired, time when the efficacy information is scheduled to be updated, and time for determining the reliability of the efficacy information Based on the above, the acquisition means functions as determination means for determining the reliability of the efficacy information, and the acquisition means acquires the efficacy information again when the determination means determines that the reliability of the efficacy information is smaller than a predetermined value. To do.

  According to the first aspect of the present invention, it is possible to make effective use of the stored efficacy information as compared with the case where the present configuration is not provided.

  According to the second aspect of the present invention, it is possible to determine whether the efficacy information is acquired based on the reliability value at the determined time.

  According to the third aspect of the present invention, the user can change the balance between security and processing efficiency.

  According to the fourth aspect of the present invention, since the determination of the reliability of the validity information issued from different certificate authorities is made common, the setting is facilitated as compared with the case where this configuration is not provided. .

  According to the invention described in claim 5, since it becomes possible to individually determine the reliability of the validity information issued from different certificate authorities, the certificate authority is compared with the case where this configuration is not provided. Separately detailed settings can be made.

  According to the invention described in claim 6, it is possible to determine the validity of the public key certificate.

  According to the seventh aspect of the present invention, there is provided an information processing system that enables effective use of stored efficacy information as compared with a case where the present configuration is not provided.

  According to the eighth aspect of the present invention, there is provided an information processing program that enables effective use of stored efficacy information as compared to a case where the present configuration is not provided.

[Explanation of terms and concepts]
The information processing apparatus controls a computer (hardware) having an arithmetic circuit and a storage circuit by a program (software), or uses a computer in which the function of the program is implemented as a hardware, and performs a predetermined processing function Is a constructed device. As the computer, generally, a computer arranged on a single casing or a single board is used. In addition, when a plurality of computers arranged to be communicable are used, they may be called an information processing system. The program used in the information processing apparatus or the information processing system may be installed in advance in a computer, or may be provided and installed through a storage medium such as a CD (compact disk) or a network such as the Internet. .

  The acquisition means acquires validity information for notifying the validity of the public key certificate. The public key certificate is data that certifies the public key used in the public key cryptosystem and the owner thereof. The validity information is data issued by a public key certificate issuer or the like, and indicates the validity or invalidity of the public key certificate. The validity information is used, for example, for confirming whether a public key certificate within an initially set validity period is actually valid or invalidated. Examples of the validity information include information that lists revocation information of a plurality of public key certificates, information that defines revocation information of individual public key certificates, and the like. This efficacy information may be updated at a time prior to the scheduled time. That is, the efficacy information is updated at a scheduled time or an unscheduled time before that.

  The storage means is means for storing the acquired efficacy information. The determination means determines the reliability of the stored efficacy information based on the time when the efficacy information is acquired, the time when the efficacy information is scheduled to be updated, and the time when the reliability of the efficacy information is determined. The determination of reliability is typically performed by classifying into two stages based on a predetermined threshold value, and thereby, whether the reliability is high or low is clarified. However, the determination of the reliability may be performed by classifying the reliability into three or more stages (may be an infinite stage), thereby evaluating the level of reliability and the degree of presence / absence. The determination condition may be expressed using a function. Here, the function is one or more dependent variables (in this case, the time when the efficacy information is acquired, the time when the efficacy information is scheduled to be updated, and the time when the reliability of the efficacy information is judged, or depends on them) One or more independent variables are determined according to the variable). For example, the function may be expressed mathematically using a function object or the like, or numerically expressed using a table or the like.

  The time when the efficacy information is acquired, the time when the efficacy information is scheduled to be updated, and the time when the reliability of the efficacy information is determined can be acquired in various ways. Examples of acquiring the time when the efficacy information was acquired include an aspect of referring to the time recorded at the time of acquiring the efficacy information, or an aspect of referring to the time when the acquisition time is recorded integrally with the efficacy information. It is done. In addition, as an example of acquiring the time when the update of the efficacy information is scheduled, the mode in which the update schedule time is recorded integrally with the efficacy information, or the information of the update information at the scheduled update time is referred to. There is a mode in which a separate inquiry is made to the issuer. And as an example which acquires the time which determines the reliability of efficacy information, the aspect which refers to the time which the said information processing apparatus manages, or the aspect which refers to the time which an external apparatus manages is mentioned. Note that the time for determining the reliability of the efficacy information refers to the time when the reliability is determined or a time in the vicinity thereof. The neighborhood can be defined as a time interval in which the efficacy information is regularly updated, or a time range shorter than a time interval from the time when the efficacy information is acquired to the next update schedule. For example, if the deviation from the time at which the determination is made is within 5% of one of these time intervals, it can be said that it is the time to determine the reliability of the efficacy information with sufficiently good accuracy. If it is within 1%, it can be said that it is time to judge the reliability of efficacy information with higher accuracy. The time indicates information that can specify the time, and does not have to be expressed in units of year, month, and date.

  The determination based on the time when the efficacy information is acquired, the time when the efficacy information is scheduled to be updated, and the time when the reliability of the efficacy information is determined means that the determination is based on all three times. For example, when the determination is made based on a single condition, the condition needs to depend on three times. Further, when the determination is determined based on a plurality of stepwise conditions, each condition may be based on only one or two times, but it is necessary to depend on three times as a whole. Note that a means for acquiring efficacy information may be provided based on a determination different from the determination of reliability. For example, it may be determined that the current time has passed the next scheduled update time, and re-acquisition may be performed.

  Various processes can be performed when it is determined by the determination means that the reliability of the efficacy information is low or absent. For example, a prohibition means for prohibiting the use of the validity information for determining the validity of the public key certificate may be provided, or a confirmation means for confirming whether or not the validity information has been updated may be provided. Good. Further, the acquisition means may immediately acquire the efficacy information again.

[Embodiment]
This embodiment is illustrated below.

  FIG. 1 is a diagram illustrating a hardware configuration example of a computer 10 according to the present embodiment. The computer 10 includes a bus 12 as an internal communication path, a CPU (Central Processing Unit) 14 connected to the bus 12, a ROM (Read Only Memory) 16, a RAM (Random Access Memory) 18, an HDD (Hard Disc Drive) 20, a keyboard 22, a display. 24, a CDD (Compact Disc Drive) 26, and a network interface 28. The CPU 14 is a device provided with an arithmetic circuit, and performs various calculations and controls the entire computer 10 according to a program. The ROM 16 is a non-volatile storage device and stores programs used by the CPU 14. The RAM 18 is a volatile storage device and is used as a main storage device (main memory) of the CPU 14 and temporarily stores various data and programs. The HDD 20 is a nonvolatile mass storage device using a magnetic disk, and is used for storing various data.

  The keyboard 22 is an input device for a user (user) to instruct the computer 10. The display 24 is a display device that displays an image to a user (user). The CDD 26 is a device that reads from and writes to a CD as a storage medium. When a program for controlling the CPU 14 is provided by the CD, the program is installed through the CDD 26. The network interface 28 is a device for communicating with an external device through a network 30 such as the Internet. When a program for controlling the CPU 14 is provided through a network, the program is installed through the network interface 28. Various hardware configurations of the computer 10 can be set. For example, the image processing apparatus may further include image processing hardware such as a scanner or a printer, or may constitute a mobile terminal such as a mobile phone.

  2 and 3 are diagrams for explaining a system configuration example according to the present embodiment. The authentication system 40 illustrated in FIG. 2 includes an authentication station 42, a data processing device 46, and a network 44 that is a communication unit that connects these to be communicable. The certificate authority 42 is operated by a reliable organization, and is constructed using the computer 10 shown in FIG. In addition to issuing a public key certificate in response to the request, the certificate authority 42 issues and updates revocation information for the public key certificate within the initially set validity period. The data processing device 46 is an example of an information processing device, and is constructed using the computer 10 shown in FIG. The data processing device 46 has a function of performing encryption and decryption using a public key certificate (encryption and decryption include a digital signature and verification thereof). The revocation information is acquired from 42, and whether or not the public key certificate is revoked is confirmed.

  The authentication system 50 shown in FIG. 3 is the same as the authentication system 40 of FIG. 2 in that the authentication system 50 and the network 44 are provided. However, the authentication system 50 includes a data processing system 52 instead of the data processing device 46. The data processing system 52 is an example of an information processing system, and includes a data processing server 54 and data processing clients 56 and 58 that are communicably connected via the network 44. The data processing server 54 acquires the revocation information from the certificate authority 42 and stores it. The data processing clients 56 and 58 are devices that make an acquisition request to the data processing server 54, acquire revocation information from the data processing server 54, and check whether the public key certificate has been revoked. The data processing server 54 and the data processing clients 56 and 58 are respectively constructed using the computer 10 shown in FIG.

  Next, a functional configuration example constructed in the authentication system 40 illustrated in FIG. 2 will be described with reference to FIG. The certificate authority 42 includes a public key certificate issuing unit 60, a public key certificate status holding unit 62, a CRL processing unit 64, an OCSP (Online Revocation Check Protocol) processing unit 66, and a communication unit 68. The public key certificate issuing unit 60 issues a public key certificate in response to the issue request. The public key certificate status holding unit 62 holds information about whether the issued public key certificate is valid or invalid, or information about how long it is valid. The CRL processing unit 64 refers to the information held by the public key certificate status holding unit 62 and generates a revocation information certification list (CRL) as revocation information. The revocation information certification list is updated at a scheduled update time, and is also updated at an unscheduled time according to a change in the situation. The OCSP processing unit 66 generates revocation information for individual public key certificates based on the OCSP rules. The revocation information based on the OCSP rules is also updated at a scheduled update time, and is also updated at an unscheduled time according to a change in the situation. The communication unit 68 performs data input / output via the network 44. The communication unit 68 accepts a request for a public key certificate, a revocation information certification list, revocation information based on the OCSP rules, and transmits corresponding data.

  The data processor 46 includes a communication unit 70, a revocation information holding unit 72, a time acquisition unit 74, a reliability calculation setting unit 76, a reliability calculation unit 78, a public key certificate verification unit 80, and an encryption / decryption processing unit 82. Has been built. The communication unit 70 is an example of an acquisition unit, and makes an acquisition request to the certificate authority 42 to acquire revocation information. The communication unit 70 also has a function of performing transmission / reception of e-mails. The revocation information holding unit 72 is an example of a storage unit, and stores the revocation information acquired from the certificate authority 42. The time acquisition unit 74 acquires time information, and acquires the current time, the revocation information acquisition time, and the revocation information scheduled update time. The current time is acquired with reference to a built-in clock. The acquisition time of the revocation information is acquired by storing the current time at the time of acquisition of the revocation information in association with the revocation information. Further, the scheduled update time is described in the revocation information, and is obtained by reading this.

  The reliability calculation setting unit 76 is an example of a changing unit, and sets a function for calculating reliability and a determination criterion based on an instruction from the user. The reliability calculation unit 78 is an example of a determination unit, and calculates the reliability of the revocation information based on the standard setting or the setting by the reliability calculation setting unit 76. The reliability calculation unit 78 includes an individual calculation unit 84, a common calculation unit 86, and a reacquisition instruction unit 88. The individual calculation unit 84 calculates the reliability using a function or a criterion set for each certificate authority when the revocation information is acquired from different certificate authorities. Further, the common calculation unit 86 calculates the reliability using a function and a criterion set in common for each certificate authority even when the revocation information is acquired from different certificate authorities. The reliability calculation setting unit 76 sets which of the individual calculation unit 84 and the common calculation unit 86 is used based on a user instruction. The reacquisition instructing unit 88 instructs the communication unit 70 to reacquire revocation information when it is determined that the reliability is low.

  The public key certificate verification unit 80 is an example of an evaluation unit, and verifies the validity of a public key certificate used for encryption or decryption based on revocation information. The public key certificate verification unit 80 further verifies the validity based on the validity period information described in the public key certificate, and the validity verification based on the verification of the digital signature attached to the public key certificate. Also do. The encryption / decryption processing unit 82 performs encryption or decryption using a public key certificate whose validity has been verified.

  FIG. 5 is a diagram showing an example of a revocation information certification list (CRL) 90 as revocation information. The revocation information certification list 90 shown in the figure includes an issuing certificate authority field 92, a creation date / time field 94, a next update scheduled date / time field 96, a revocation list field 98, and a digital signature field 100. The issuing certificate authority column 92 describes the issuing certificate authority, the creation date / time column 94 describes the date / time when the revocation information certification list 90 was created, and the next update scheduled date / time column 96 lists the revocation information certification list 90. The date and time of the next scheduled update is entered. The revocation list field 98 is a field in which information specifying a public key certificate that has already lost its validity within the initially set validity period is described, and the digital signature field 100 is a revocation information certification list 90. Is a column in which a digital signature is attached to the issuer in order to indicate that is authentic.

  The revocation information based on the OCSP rules basically includes the same information as the revocation information certification list 90, although the revocation list column 98 is different from that of a specific public key certificate.

  Next, an outline of processing performed by the data processing device 46 will be described with reference to FIG. FIG. 6 is a flowchart showing the flow of processing in the reliability calculation unit 78.

  When the encryption / decryption processing unit 82 performs encryption or decryption using a public key certificate, the validity of the public key certificate is determined. Specifically, the validity period described in the public key certificate is referred to, and the public key certificate that has passed the validity period is immediately determined to be invalid. Subsequently, revocation confirmation processing is started for the public key certificate within the valid period (S10).

  Subsequently, the reliability calculation unit 78 searches the revocation information holding unit 72 for revocation information for the public key certificate to be revoked (S12, S14). If the revocation information does not exist, the revocation information is acquired from the certificate authority 42 based on the instruction from the reacquisition instruction unit 88 and stored in the revocation information holding unit 72 (S16). In addition, the current date and time acquired from the time acquisition unit 74 at that time is stored in association with the revocation information as the acquisition date and time. On the other hand, when the revocation information exists, the time acquisition unit 74 acquires the acquisition date and time, the next scheduled update date and time, and the current date and time, and the reliability calculation unit 78 substitutes these dates and times into the function that defines the reliability. Then, the reliability is calculated (S18). The calculated reliability is compared with a reliability limit that is a threshold value that defines the level of reliability (S20). As a result, when the reliability is smaller than the reliability limit, that is, when it is determined that the reliability is low, the process proceeds to step S16 and the revocation information is updated. When it is determined that the reliability is greater than the reliability limit and the reliability is high, and when step S16 is completed, the public key certificate verification unit 80 verifies the validity.

  When verifying the validity of a public key certificate, first, if the revocation confirmation process for the same public key certificate has been performed previously, it is determined whether the revocation information referenced there is the same as the acquired revocation information. (S22). If it is the same, it is not necessary to confirm the validity of the public key certificate again, so the previous validity determination result is maintained (S24). On the other hand, if the revocation information is different from the previous one, or if it is a public key certificate whose validity is confirmed for the first time, it is confirmed whether or not the public key certificate is listed in the revocation information (S26). If it is not listed, it is determined that the public key certificate is valid, and the public key certificate and the revocation information are associated with each other for the next confirmation (S28). If it is listed, it is determined that the public key certificate is invalid, and the public key certificate and revocation information are associated with each other for the next confirmation (S30).

  When the public key certificate is valid, the encryption / decryption processing unit 82 performs encryption or decryption processing using the public key certificate. When the public key certificate is invalid, Exception processing such as re-acquisition of public key certificate is performed.

FIG. 7 is a diagram illustrating a specific example of reliability calculation by the reliability calculation unit 78. In the figure, the horizontal axis represents time, and the vertical axis represents reliability. In this example, the reliability R is R = 1− (current time−acquisition time) / (scheduled update time−acquisition time) (1)
As described above, it is defined as a function of the time from the acquisition time to the current time and the time from the acquisition time to the scheduled update time. This function has a property that the reliability at the acquisition time is 1 and the reliability at the scheduled update time is 0, and that the function linearly decreases with time. Note that the reliability R is calculated by changing the formula.
R = (scheduled update time−current time) / (scheduled update time−acquisition time) (2)
= 1 / (1+ (current time−acquisition time) / (scheduled update time−current time)) (3)
Can also be described. In other words, the reliability is a function of the time from the current time to the scheduled update time and the time from the scheduled update time to the acquisition time, or the time from the acquisition time to the current time and the time from the scheduled update time to the current time. It can also be said that

  In the illustrated example, when revocation information is first acquired at time T1, the reliability is R = 1. As indicated by the straight line 110, the reliability decreases linearly with time, and the reliability R = 0 at the scheduled update time Tn.

  Here, it is assumed that the validity of the public key certificate is determined based on the revocation information at time T2. At this time, since the reliability is larger than the set reliability limit (0.7 in this example) and it is determined that the reliability is high, the revocation information is not reacquired.

  The reliability further decreases with time and falls below the reliability limit at time T3. It is assumed that the validity of the public key certificate is again determined based on the revocation information at time T4 thereafter. At this time, since the reliability is smaller than the set reliability limit and it is determined that the reliability is low, the revocation information is reacquired.

  A straight line 112 represents the reliability of newly acquired revocation information. The straight line 112 has a reliability R = 1 at time T4 and a reliability R = 0 at time Tn. The straight line 112 is determined based on the same function as the straight line 110, but the time from the acquisition time to the scheduled update time is shortened, and thus the degree of decrease is large.

  At time T5, the validity of the public key certificate is again determined based on the revocation information. However, here, the reliability is greater than the reliability limit, and re-acquisition of the reliability information is not performed. At time T6, the reliability level again falls below the reliability limit. When the validity is subsequently determined, the revocation information is reacquired.

  When the reliability limit is set higher (when approaching 1), the reliability falls below the reliability limit at a relatively early time after acquisition. This corresponds to increasing the degree of emphasis on security and decreasing (disregarding) the degree of emphasis on processing efficiency. And the aspect of always acquiring new revocation information corresponds to the case where the confidence limit is set to 1. If such a special mode is not adopted, the reliability limit is set to a value smaller than 1.

  On the other hand, when the confidence limit is set lower (when approaching 0), the reliability falls below the confidence limit at a relatively late time after acquisition (a time close to the scheduled update time). This corresponds to lowering the degree of emphasis on security and increasing the degree of emphasis on processing efficiency. A mode in which new revocation information is not acquired until the scheduled update time corresponds to a case where the confidence limit is set to zero. If such a special mode is not adopted, the reliability limit is set to a value greater than zero.

  Instead of changing the confidence limit, changing the function that determines the confidence level also changes the balance between security and processing efficiency. For example, a decrease function with R = 1 at the acquisition time and R = 0 at the scheduled update time, and when a curve having a convex shape upward is used, is relatively compared to the case where a straight line is used. This is equivalent to setting the confidence limit to a low value.

  Finally, a specific example based on the explanation using FIGS. 6 and 7 will be introduced. In this example, it is assumed that the data processing device 46 has two public key certificates EE1 and EE2 issued from the same certificate authority 42. The expiration dates of the public key certificates EE1 and EE2 are both August 30, 2007, 23:59:59. The certificate authority 42 issues (updates) the revocation information at 0: 0: 01 on 1 August, and the next update scheduled date and time is 0:01:01 on 31 August 2007. . Further, it is assumed that the user has set the confidence limit to 0.7.

  The data processing device 46 obtains the revocation information issued by the certificate authority 42 at 6:00:00 on August 1, 2007 (6 hours after issuance) in order to check the revocation status of the registered certificate EE1. doing. It is assumed that EE1 is not described in this revocation information. The revocation information is stored in the revocation information holding unit 72. In addition, the reliability calculation unit 78 trusts the acquisition date and time, August 1, 2007, 6:00:00, 1 second, reliability R = 1, and the next update scheduled date and time, August 31, 2007, 0: 0: 01. The reliability is calculated by a monotone decreasing function (here, a linear function) with a degree R = 0. The reliability falls below the confidence limit of 0.7: “(August 1, 2007 6:01:00) + ((2007/08/31 0: 0: 1)-(2007 8 (Monday 1st 6: 0 minutes 1)) × (1-0.7) = 2007/8/10 4: 12: 1 ”. Note that the date calculation can be simplified by converting it to, for example, the hexadecimal notation of UTC (Coordinated Universal Time).

  Here, at an arbitrary time on August 6, 2007 (for example, 5: 10: 0), for example, a user instruction for ordering encryption processing using, for example, EE1 is made, and it becomes necessary to check the revocation status of EE1. Suppose. In this case, since the reliability of the stored revocation information exceeds the reliability limit 0.7 at this date and time, it is determined that the reliability is high, and re-acquisition is not performed. Further, since it has already been confirmed that EE1 is not posted in the stored revocation information, it is immediately proved to be valid.

  Subsequently, it is assumed that a user instruction to confirm the revocation status of EE2 is given at an arbitrary time on August 8, 2007. Even at this date and time, since the reliability of the stored revocation information exceeds the reliability limit 0.7, revocation information is not newly acquired again. Therefore, the public key certificate verification unit 80 checks whether or not EE2 is listed in the stored revocation information, and determines that EE2 is valid if not listed.

  Next, it is assumed that a user instruction to confirm the revocation status of EE2 is given at an arbitrary time on August 11, 2007. In this case, the reliability of the stored revocation information is less than the reliability limit 0.7, it is determined that the reliability is low, and a reacquisition instruction is issued. As a result, it is assumed that the reacquisition is normally performed at 12:00:00 on August 11, 2007. Assuming that the re-acquired revocation information is the same as the re-acquisition information acquired last time, the scheduled update date and time is August 31, 2007 0: 0: 01 as described above. Therefore, a new linear function is set for the re-acquired revocation information, with the reliability at the time of re-acquisition being 1 and 0 on August 31, 2007 at 0: 0 minutes and 1 second. The reliability based on the linear function falls below the reliability limit 0.7 after 8:24:01 on August 17, 20007.

  Subsequently, it is assumed that a user instruction to confirm the revocation status of EE1 is given at an arbitrary time on August 15, 2007. In this case, the reliability of newly acquired revocation information exceeds the reliability limit 0.7, and no further reacquisition is performed. Further, since this revocation information is revocation information whose revocation status has been confirmed last time, it is found that EE1 is valid without confirming whether EE1 is posted. Revocation information needs to be re-acquired for confirmation of the revocation status of EE1 or EE2. The revocation information is revoked after 8:24:01 on August 17, 2007, when the reliability is lower than 0.7. This is the case when a status confirmation instruction is issued.

It is a figure explaining the hardware structural example of a computer. It is a figure explaining the hardware structural example of an authentication system. It is a figure explaining another hardware structural example of an authentication system. It is a figure explaining the function structural example of an authentication system. It is a figure explaining the example of a revocation information list. It is a flowchart which shows the example of determination of the reliability based on revocation information. It is a figure explaining the determination of the reliability based on a reliability.

Explanation of symbols

  10 computer, 12 bus, 14 CPU, 16 ROM, 18 RAM, 20 HDD, 22 keyboard, 24 display, 26 CDD, 28 network interface, 30, 44 network, 40, 50 authentication system, 42 certificate authority, 46 data processing device 46 certificate authority, 52 data processing system, 54 data processing server, 56, 58 data processing client, 60 public key certificate issuing unit, 62 public key certificate status holding unit, 64 CRL processing unit, 66 OCSP processing unit, 68 , 70 communication unit, 72 revocation information holding unit, 74 time acquisition unit, 76 reliability calculation setting unit, 78 reliability calculation unit, 80 public key certificate verification unit, 82 encryption / decryption processing unit, 84 individual calculation unit, 86 Common calculation part, 88 Reacquisition instruction part, 90 Revocation Distribution certification list, 92 issuing authority column, 94 creation date and time field, 96 next update scheduled date and time column, 98 revocation list column, 100 digital signature line.

Claims (8)

Obtaining means for obtaining validity information that may be updated at a time before the scheduled time and for notifying the validity of the public key certificate;
Storage means for storing the efficacy information acquired by the acquisition means;
Determination means for determining the reliability of the efficacy information based on the time when the efficacy information is acquired, the time when the efficacy information is scheduled to be updated, and the time for determining the reliability of the efficacy information. ,
The information processing apparatus according to claim 1, wherein the acquisition unit acquires the efficacy information again when the determination unit determines that the reliability of the efficacy information is smaller than a predetermined value. The information processing apparatus according to claim 1,
The determination by the determination means depends on the time from the time when the efficacy information is acquired to the time when the reliability of the efficacy information is determined, and the time from the time when the efficacy information is acquired to the time when the update is scheduled. An information processing apparatus characterized by that. The information processing apparatus according to claim 1 or 2,
An information processing apparatus comprising: a changing unit that changes a determination condition of the determination unit based on a user instruction. The information processing apparatus according to claim 1,
The acquisition means acquires two or more efficacy information issued from different certificate authorities,
The determination means determines two or more efficacy information issued from different certificate authorities, the time when each efficacy information is acquired, the time when each efficacy information is scheduled to be updated, and the reliability of the efficacy information. An information processing apparatus, characterized in that determination is performed under the same condition based on time. The information processing apparatus according to claim 1,
The acquisition means acquires two or more efficacy information issued from different certificate authorities,
The determination means determines two or more efficacy information issued from different certificate authorities, the time when each efficacy information is acquired, the time when each efficacy information is scheduled to be updated, and the reliability of the efficacy information. An information processing apparatus that performs determination based on different conditions based on time. The information processing apparatus according to any one of claims 1 to 5,
An information processing apparatus comprising: an evaluation unit that evaluates the validity of the public key certificate based on the validity information. Obtaining means for obtaining validity information that may be updated at a time before the scheduled time and for notifying the validity of the public key certificate;
Storage means for storing the efficacy information acquired by the acquisition means;
Determination means for determining the reliability of the efficacy information based on the time when the efficacy information is acquired, the time when the efficacy information is scheduled to be updated, and the time for determining the reliability of the efficacy information. ,
The information processing system according to claim 1, wherein the acquisition unit acquires the efficacy information again when the determination unit determines that the reliability of the efficacy information is smaller than a predetermined value. Obtaining means for obtaining validity information that may be updated at a time before the scheduled time and for notifying the validity of the public key certificate;
Storage means for storing the efficacy information acquired by the acquisition means;
Based on the time at which the efficacy information is acquired, the time at which the efficacy information is scheduled to be updated, and the time at which the reliability of the efficacy information is determined, function as a determination unit that determines the reliability of the efficacy information,
The information processing program characterized in that the acquisition means acquires the efficacy information again when the determination means determines that the reliability of the efficacy information is smaller than a predetermined value.

Images