JP6570935B2 - Personal number management device and personal number management method - Google Patents

Description

  The present invention relates to a personal number management apparatus and a personal number management method.

  In recent years, system security has been strengthened in preparation for leakage of confidential information such as personal numbers. For example, Patent Document 1 discloses an apparatus that restricts printing by a user other than a user who has print authority for personal information and print authority for the document when personal information is embedded in the document of the print data. Yes.

JP 2008-44154 A

  Although the apparatus described in Patent Document 1 can prevent printing of a document by a user who does not have printing authority for personal information embedded in the document and printing authority for the document, printing for personal information is possible. There is a problem in that a user having authority and printing authority for the document cannot suppress printing the document outside the scope of business with malicious intent such as transferring personal information to a third party. there were.

  Therefore, the present invention has been made in view of these points, and an object thereof is to provide a personal number management apparatus and a personal number management method capable of suppressing leakage of personal numbers.

  The personal number management device according to the first aspect of the present invention is an individual that stores group identification information for identifying a group to which a user belongs, a personal number for identifying the user, and key information for identifying the personal number in association with each other. A number storage unit, a group hierarchy storage unit for storing the group identification information and the group identification information of a higher-level group to which the group belongs, a user identification information different from the personal number, and a group belonging to the group An authority information storage unit that associates and stores an access authority to information, a first reception unit that receives an acquisition request for the personal number including the key information and the user identification information, and the first reception unit receives the acquisition When the request is accepted, the personal number storage unit, the group hierarchy storage unit, and the authority information storage unit are referred to, and the acquisition request is handled. The acquisition request from the specified upper user and a specifying unit that specifies a higher-order user who can access the personal number and has higher access authority than the user corresponding to the user identification information included in the acquisition request. A second receiving unit that accepts an approval to acquire a personal number corresponding to the first and a second receiving unit that receives the approval, acquires a personal number corresponding to the acquisition request from the personal number storage unit, and A providing unit that provides the request source.

  The personal number storage unit includes a first storage unit that stores first information constituting the personal number, and a second storage unit that stores second information obtained by removing the first information from the personal number. The providing unit acquires the first information corresponding to the acquisition request from the first storage unit when the acquisition request is received, and receives the acquisition request from the second storage unit when the approval is received. A personal number corresponding to the acquisition request may be acquired by acquiring the second information corresponding to.

  In response to accepting the acquisition request, the personal number management device approves the history information that associates the user identification information included in the acquisition request with the time when the acquisition request was accepted. You may further provide the notification part which notifies a high-order user different from a high-order user.

  The first accepting unit may accept the reason for obtaining the personal number when accepting the acquisition request for the personal number, and the second accepting unit may notify the superior user of the accepted reason.

  According to a second aspect of the present invention, there is provided a personal number management method comprising: key information for identifying a personal number for identifying a user, and user identification information different from the personal number, executed by a computer Receiving an acquisition request; and receiving the acquisition request, group identification information for identifying a group to which a user belongs, the personal number, and a personal number storage unit that stores the key information in association with each other, the group identification information, and the A group hierarchy storage unit that associates and stores the group identification information of an upper group to which a group belongs, the user identification information, and an authority information storage unit that associates and stores access authority to information belonging to the group, and Users who can access the personal number corresponding to the acquisition request and are included in the acquisition request A step of specifying a higher-order user having higher access authority than a user corresponding to the different information, a step of receiving an approval for acquiring a personal number corresponding to the acquisition request from the specified higher-order user, and the approval is received And acquiring a personal number corresponding to the acquisition request from the personal number storage unit and providing the acquired personal number to a request source of the acquisition request.

  According to the present invention, there is an effect that leakage of the personal number can be suppressed.

It is a figure which shows the outline | summary of the personal number management system which concerns on 1st Embodiment. It is a figure which shows the structure of the personal number management apparatus which concerns on 1st Embodiment. It is a figure which shows an example of the information memorize | stored in the personal number memory | storage part which concerns on 1st Embodiment. It is a figure which shows an example of the information memorize | stored in the personal information storage part which concerns on 1st Embodiment. It is a figure which shows an example of the information memorize | stored in the group hierarchy memory | storage part which concerns on 1st Embodiment. It is a figure which shows an example of the information memorize | stored in the authority information storage part which concerns on 1st Embodiment. It is a sequence diagram which shows the flow of a process in the personal number management system which concerns on 1st Embodiment. It is a figure which shows the structure of the personal number management apparatus which concerns on 2nd Embodiment. It is a figure which shows an example of the information memorize | stored in the personal number memory | storage part which concerns on 2nd Embodiment.

<First Embodiment>
[Outline of personal number management system S]
FIG. 1 is a diagram showing an outline of a personal number management system S according to the first embodiment.
The personal number management system S includes a personal number management device 1, an existing server 2, a first terminal 3, and a second terminal 4, and is assigned to employees of companies that use the existing server 2. This system manages personal numbers. Here, the personal number is a 12-digit number that is given to the public by the administrative agency based on the law.

The personal number management device 1 is a server that manages personal numbers assigned to employees of one or more companies. The existing server 2 is a server that constitutes, for example, a corporate accounting system or a personnel salary system. Although only one existing server 2 is shown in FIG. 1, a plurality of existing servers 2 may be provided corresponding to each of a plurality of companies.
The users of the personal number management apparatus 1 and the existing server 2 include a person in charge of an accounting office that supports the creation of tax documents and the like of one or more companies in addition to employees of the company.

  The first terminal 3 stores key information associated with the personal number, and upon receiving a browsing request for a form or the like that requires a personal number from the user of the first terminal 3, the browsing request is made to the existing server 2. And information indicating a personal number acquisition request including the key information and the user ID of the user of the first terminal 3 is transmitted to the personal number management apparatus 1 ((1) and (2) in FIG. 1). Here, the user ID is user identification information different from the personal number and key information.

The existing server 2 extracts the form information corresponding to the form including information other than the personal number in response to receiving the request for viewing the form etc., and transmits the form information to the first terminal 3 (FIG. 1). (3)).
The personal number management device 1 includes a group ID (group identification information) that identifies a group to which a user belongs, a personal number, and a personal number storage unit 111 that stores the key information in association with each other, a group ID, and a host to which the group belongs. A group hierarchy storage unit 113 that stores the group ID of the group in association with each other, an authority information storage unit 114 that stores the user ID and the access authority to the information belonging to the group of the user corresponding to the user ID in association with each other. Is provided.

  Upon receiving a personal number acquisition request, the personal number management device 1 can access the personal number corresponding to the acquisition request with reference to the personal number storage unit 111, the group hierarchy storage unit 113, and the authority information storage unit 114. Therefore, the higher-order user who has higher access authority than the user corresponding to the user ID included in the acquisition request (the user who made the acquisition request) is identified as the approver of the personal number acquisition request ((( 4)).

  The personal number management apparatus 1 makes an approval request for acquisition of a personal number corresponding to the acquisition request to the second terminal 4 used by the upper user ((5) in FIG. 1). When the second terminal 4 receives the approval from the upper user, the second terminal 4 transmits the approval information indicating that the approval has been performed to the personal number management device 1 ((6) in FIG. 1).

  In response to receiving the approval information, the personal number management device 1 acquires the personal number from the personal number storage unit 111 ((7) in FIG. 1), and transmits the personal number to the first terminal 3 (see FIG. 1 (8)). The first terminal 3 creates a form including the obtained form information and personal number, and displays it on a display unit (not shown) of the first terminal 3.

  In this way, the personal number management apparatus 1 requires the approval of a higher-order user who has higher access authority than the requesting user with respect to the personal number acquisition request. Therefore, the personal number management device 1 can suppress the user of the first terminal 3 from acquiring a personal number more than necessary, and as a result, can suppress leakage of the personal number.

[Configuration of Personal Number Management Device 1]
Next, the configuration of the personal number management apparatus 1 will be described. FIG. 2 is a diagram illustrating a configuration of the personal number management apparatus 1 according to the first embodiment.

The personal number management device 1 includes a storage unit 11 and a control unit 12.
The storage unit 11 is a storage medium such as a ROM, a RAM, and a hard disk. The storage unit 11 stores a program executed by the control unit 12. The storage unit 11 includes a personal number storage unit 111, a personal information storage unit 112, a group hierarchy storage unit 113, an authority information storage unit 114, and a history information storage unit 115.

  FIG. 3 is a diagram illustrating an example of information stored in the personal number storage unit 111. As shown in FIG. 3, the personal number storage unit 111 stores a group ID for identifying a group to which the user belongs, a personal number assigned to the user, and key information in association with each other.

  FIG. 4 is a diagram illustrating an example of information stored in the personal information storage unit 112. As shown in FIG. 4, the personal information storage unit 112 stores personal information and key information in association with each other. Here, the personal information includes information such as a group ID, a user ID, a name, a gender, a date of birth, and an address corresponding to a company that uses the existing server 2.

  FIG. 5 is a diagram illustrating an example of information stored in the group hierarchy storage unit 113. As shown in FIG. 5, the group hierarchy storage unit 113 stores a group ID and a group ID of an upper group to which the group belongs in association with each other. In the example illustrated in FIG. 5, it can be confirmed that the group ID of the upper group of the groups having the group IDs “Aa”, “Ab”, and “Ac” is “A”.

  For example, the group ID is set on the accounting office side, and the group with the group ID “A” corresponds to a group to which a plurality of persons in charge belong. Further, each of the groups having the group IDs “Aa”, “Ab”, and “Ac” corresponds to, for example, a company that is in charge of one person in charge.

  The authority information storage unit 114 stores a user ID and an access authority to information belonging to a group in association with each other. FIG. 6 is a diagram illustrating an example of information stored in the authority information storage unit 114. As illustrated in FIG. 6, the authority information storage unit 114 stores a user ID and a group ID of a group accessible by the user of the user ID in association with each other. Note that a user (for example, a company employee) whose user ID is not stored in the authority information storage unit 114 can refer only to his / her own personal number.

In the example illustrated in FIG. 6, the user with the user ID “A010” can refer to the personal numbers of the users belonging to the group with the group ID “Aa”. Further, the user with the user ID “A003” can refer to the personal numbers of the users belonging to the group with the group ID “A”. For example, a user with a user ID “A003” is a manager of a group to which a plurality of persons in charge belong to an accounting office, and belongs to groups “Aa”, “Ab”, and “Ac” subordinate to the group ID “A”. The user's personal number can be referred to.
In the authority information storage unit 114, a plurality of group IDs may be associated with one user ID.

  The history information storage unit 115 stores history information in which the user ID included in the personal information acquisition request, the time when the personal number management apparatus 1 accepts the acquisition request, and the reason for acquiring the personal number are associated with each other.

  The control unit 12 is a CPU, for example. The control unit 12 controls functions related to the personal number management apparatus 1 by executing various programs stored in the storage unit 11 and programs acquired from external devices via a communication network. The control unit 12 includes a first receiving unit 121, a specifying unit 122, a second receiving unit 123, a providing unit 124, and a notification unit 125.

  The first reception unit 121 receives an acquisition request for a personal number including key information and a user ID from the first terminal 3. Here, the first receiving unit 121 receives a reason for acquiring a personal number from the first terminal 3 when receiving a request for acquiring a personal number.

  For example, when the first terminal 3 receives a display request such as a form including a personal number from the user of the first terminal 3, the first terminal 3 displays a plurality of fixed forms such as “create payment record” and “create withholding slip” on the display unit. Display a sentence and accept selection of a fixed sentence. The first terminal 3 transmits information indicating the selected fixed sentence together with information indicating a personal number acquisition request to the personal number management apparatus 1.

  The first reception unit 121 receives the personal number acquisition request and the reason for acquiring the personal number by receiving the information indicating the personal number acquisition request and the information indicating the selected one fixed phrase. The first receiving unit 121 may receive an arbitrary message as a reason for acquiring a personal number.

  When the first accepting unit 121 accepts an acquisition request for a personal number, the specifying unit 122 refers to the personal number storage unit 111, the personal information storage unit 112, the group hierarchy storage unit 113, and the authority information storage unit 114 to obtain the acquisition. An upper user who can access the personal number corresponding to the request and has higher access authority than the user corresponding to the user ID included in the acquisition request is specified.

  Specifically, first, the specifying unit 122 refers to the personal information storage unit 112 and determines whether or not the user who has requested acquisition of a personal number requests acquisition of the personal number of another user. . When the key information included in the personal number acquisition request and the user ID are not associated with each other in the personal information storage unit 112, the specifying unit 122 requests acquisition of the personal number of another user. Is determined.

  The case where the user who requested the acquisition of the personal number requests the acquisition of the personal number of another user corresponds to the case where the person in charge at the accounting office creates a business form Therefore, approval of acquisition of the personal number by the upper user is required.

  Therefore, the specifying unit 122 determines whether or not the user who has made a personal number acquisition request can access the personal number to be acquired. Specifically, the specifying unit 122 refers to the personal number storage unit 111 and specifies the group ID of the user corresponding to the personal number to be acquired. Further, the specifying unit 122 refers to the authority information storage unit 114 and specifies a group ID accessible by the user who has made the acquisition request.

  Subsequently, the specifying unit 122 determines whether the user who has requested acquisition of the personal number has access authority to the personal number to be acquired based on the two specified group IDs. If the specifying unit 122 determines that the user does not have access authority, the first terminal displays error information indicating that the user who has requested acquisition of the personal number does not have access authority to the personal number to be acquired. 3 to send.

  If the identifying unit 122 determines that the user has access authority, the identifying unit 122 refers to the group hierarchy storage unit 113 and the authority information storage unit 114 to identify a higher-order user of the user who has made the acquisition request. For example, when the user corresponding to the user ID included in the acquisition request belongs to the group Aa, the user belonging to the group A is specified as the upper user. Note that the identification unit 122 may select one upper user when there are a plurality of upper users.

  The 2nd reception part 123 transmits the information which shows the approval request | requirement which requests | requires approval of acquisition of the personal number corresponding to an acquisition request to the 2nd terminal 4 which the specified high-order user uses, and receives approval from a high-order user. . Here, the information indicating the approval request includes information indicating the reason for acquiring the personal number, the user ID of the user who has requested the acquisition of the personal number, and the name of the user. Note that the user name is acquired by the second reception unit 123 with reference to the personal information storage unit 112.

When the second terminal 4 receives the information indicating the approval request, the second terminal 4 displays the reason for acquiring the personal number and the user ID and name of the user who has requested acquisition of the personal number on its display unit, and acquires the personal number. Accept approval. When the second terminal 4 accepts the approval, the second terminal 4 transmits approval information indicating that the acquisition of the personal number is approved to the personal number management device 1.
The 2nd reception part 123 receives approval of acquisition of personal information from a higher rank user by receiving approval information.

  When the second accepting unit 123 accepts the approval of acquisition of the personal number, the providing unit 124 acquires the personal number corresponding to the acquisition request from the personal number storage unit 111 and provides it to the request source of the acquisition request. Specifically, when the acquisition of the personal number is accepted, the providing unit 124 receives the personal number stored in the personal number storage unit 111 in association with the key information included in the personal number acquisition request. get. Then, the providing unit 124 transmits the acquired personal number to the first terminal 3 that is the request source of the acquisition request.

  In response to the first reception unit 121 receiving a personal number acquisition request, the notification unit 125 includes the user ID included in the information indicating the acquisition request, the time when the acquisition request is received, the reason for acquiring the personal number, Is notified to a higher-level user different from the higher-level user who performed the approval. For example, the notification unit 125 causes the history information storage unit 115 to store history information in response to receiving an acquisition request. And the notification part 125 notifies log | history information every predetermined time (for example, every other day) with respect to the high-order user which the specific | specification part 122 did not select among several high-order users.

  By doing in this way, it is possible to make a higher-order user other than the approver recognize that a personal number acquisition request has been made. The notification unit 125 may notify history information corresponding to the personal number acquisition request made within a predetermined time in response to receiving the history information acquisition request from the upper user.

[flowchart]
Subsequently, a flow of processing in the personal number management system S according to the first embodiment will be described. FIG. 7 is a sequence diagram showing a processing flow in the personal number management system S according to the first embodiment.

  First, the first terminal 3 transmits information indicating a personal number acquisition request to the personal number management apparatus 1 in response to a request for acquiring a form including a personal number from the user. The information indicating the personal number acquisition request includes key information corresponding to the personal number to be acquired and the user ID of the user of the first terminal 3.

  Subsequently, when the first reception unit 121 of the personal number management apparatus 1 receives a personal number acquisition request, the specifying unit 122 determines whether the user who has made the acquisition request requests acquisition of the personal number of another user. It is determined whether or not (S1). If the identifying unit 122 determines that it is requesting acquisition of the personal number of another user, it moves the process to S2, and if it requests acquisition of its own personal number, it moves the process to S6.

  Subsequently, the specifying unit 122 determines whether the user who has made the acquisition request can access the personal number (S2). Specifically, the specifying unit 122 specifies the group to which the user corresponding to the personal number to be acquired belongs and the group accessible by the user who has made the acquisition request, and the user who has made the acquisition request It is determined whether or not the personal number can be accessed.

  If the specifying unit 122 determines that the user who made the acquisition request can access the personal number, the process proceeds to S4, and if the specifying unit 122 determines that the personal number cannot be accessed, an error indicating that the personal number cannot be acquired. Information is transmitted to the first terminal 3. The first terminal 3 notifies the user of the error information by displaying the error information on the display unit (S3).

  In S4, the identifying unit 122 identifies an upper user having higher access authority than the user based on the group accessible by the user who has made the acquisition request, and approves the upper user for obtaining the personal number. Specific to the person.

  Then, the 2nd reception part 123 transmits the information which shows the approval request | requirement of acquisition of a personal number to the 2nd terminal 4 which a high-order user uses. When receiving the information indicating the approval request, the second terminal 4 receives the approval from the upper user (S5). When the second terminal 4 determines that the approval has been performed, the second terminal 4 transmits approval information indicating that the approval has been performed to the personal number management device 1.

  If the second terminal 4 determines that the approval has not been performed, for example, because the approval has been rejected, the second terminal 4 transmits information indicating that the approval has not been performed to the personal number management device 1. When the personal number management device 1 receives information indicating that the approval has not been performed, the personal number management device 1 may notify the first terminal 3 of the information. Further, the personal number management device 1 may receive a reason why the approval is not performed from the second terminal 4 and notify the first terminal 3 of information indicating the reason.

When the second receiving unit 123 accepts the approval of acquisition of the personal number, the providing unit 124 acquires the personal number corresponding to the acquisition request from the personal number storage unit 111 (S6), and the first terminal 3 receives the personal number. Send the number.
In response to receiving the personal number, the first terminal 3 creates a form including the personal number and displays it on the display unit (S7).

[Effect in the first embodiment]
As described above, when the personal number management apparatus 1 according to the first embodiment receives a personal number acquisition request, the personal number management apparatus 1 can access the personal number corresponding to the acquisition request and is included in the acquisition request. An upper user having higher access authority than the user corresponding to the ID is specified. When the personal number management apparatus 1 accepts the approval of acquisition of the personal number from the upper user, the personal number management apparatus 1 acquires the personal number and provides it to the request source of the acquisition request.

  By doing in this way, the personal number management apparatus 1 can suppress that the user of the 1st terminal 3 acquires the personal number of another user more than necessary based on own authority. Therefore, the personal number management device 1 can suppress leakage of the personal number.

  In the above description, the specifying unit 122 selects one upper user as an approver from a plurality of upper users, but is not limited thereto, and two or more upper users may be selected as the approver. In this case, the specifying unit 122 may transmit an approval request to the second terminal 4 corresponding to each of the plurality of upper users and accept the approval from each of the plurality of upper users.

  Further, in the above description, when a user who has made a request for obtaining a personal number requests acquisition of a personal number of another user, the approval of the upper user is always required, but this is not restrictive. . For example, the personal number management device 1 stores setting information indicating whether or not the approval of the upper user is required for each of the plurality of users in the storage unit 11, and based on the setting information, the upper user It may be possible to control whether or not to approve.

<Second Embodiment>
[Manage personal numbers by dividing them into multiple parts]
Next, the second embodiment will be described. The personal number management device 1 according to the second embodiment is different from the first embodiment in that the personal number is divided into a plurality of parts and managed. Below, a different part from 1st Embodiment is demonstrated. The description of the same parts as those in the first embodiment will be omitted as appropriate.

  FIG. 8 is a diagram showing a configuration of the personal number management apparatus 1 according to the second embodiment. In the second embodiment, the personal number storage unit 111 includes a first storage unit 111A that stores first information constituting a personal number, and a second storage that stores second information obtained by removing the first information from the personal number. Part 111B.

  FIG. 9 is a diagram illustrating an example of information stored in the personal number storage unit 111 according to the second embodiment. FIG. 9A is a diagram illustrating an example of information stored in the first storage unit 111A, and FIG. 9B is a diagram illustrating an example of information stored in the second storage unit 111B. is there.

  As shown in FIG. 9A, the first storage unit 111A associates the group ID to which the user with the personal number belongs, the 6-digit number before the personal number as the first information, and the key information. I remember. Further, as shown in FIG. 9B, the second storage unit 111B stores the 6-digit number after the personal number as the second information in association with the key information.

  In the second embodiment, the first information and the second information are respectively a 6 digit number before the personal number and a 6 digit number after the personal number. The information and the second information may be information capable of restoring the personal number based on a predetermined procedure.

  When the acquisition request for personal information is received, the providing unit 124 acquires the first information stored in association with the key information included in the acquisition request from the first storage unit 111A, and approves the higher-level user. Is received, the second information stored in association with the key information included in the acquisition request is acquired from the second storage unit 111B. Then, the providing unit 124 acquires the personal number corresponding to the acquisition request by connecting the first information and the second information.

[Effects of Second Embodiment]
As described above, the personal number management apparatus 1 according to the second embodiment manages the personal number by dividing the personal number into the first information and the second information, and in response to the approval of the upper user. Since the personal number is acquired based on the first information and the second information, it is possible to further suppress the leakage of the personal number as compared with the case where the personal number is centrally managed.

  As mentioned above, although this invention was demonstrated using embodiment, the technical scope of this invention is not limited to the range as described in the said embodiment. It will be apparent to those skilled in the art that various modifications or improvements can be added to the above embodiment. It is apparent from the scope of the claims that the embodiments added with such changes or improvements can be included in the technical scope of the present invention.

  In the above-described embodiment, the personal number management apparatus 1 refers to the group hierarchy storage unit 113 and the authority information storage unit 114 and identifies the upper user who has higher access authority than the user of the first terminal 3. Not limited to this. For example, the personal number management device 1 can access the same group as the group accessible by the user of the first terminal 3 in the authority information storage unit 114, and can be accessed by the user of the first terminal 3. A user with a large number of users may be identified as an upper user having higher access authority than the user of the first terminal 3.

  In the above-described embodiment, when the first terminal 3 receives a browsing request or the like for a form or the like that requires a personal number from the user, the first terminal 3 transmits the browsing request to the existing server 2 and also receives the key information and the user ID. Although the information indicating the acquisition request for the personal number is transmitted to the personal number management apparatus 1, the present invention is not limited to this. For example, the first terminal 3 may have a function that the existing server 2 has. In this case, when the first terminal 3 receives a browsing request or the like of a form or the like that requires a personal number from the user, the first terminal 3 acquires information on the form stored in its own storage unit, and includes key information and a user ID. May be transmitted to the personal number management apparatus 1.

  Further, in the above-described embodiment, the personal number management apparatus 1 has received information indicating a personal number acquisition request from the first terminal 3, but the present invention is not limited to this. For example, the existing server 2 may transmit a personal number acquisition request to the personal number management apparatus 1 in response to receiving a browsing request for a form or the like that requires a personal number from the first terminal 3. Then, the personal number management apparatus 1 may receive a personal number acquisition request from the existing server 2.

DESCRIPTION OF SYMBOLS 1 ... Personal number management apparatus, 11 ... Memory | storage part, 111 ... Personal number memory | storage part, 112 ... Personal information memory | storage part, 113 ... Group hierarchy memory | storage part, 114 ... Authority information memory | storage 115, history information storage unit, 12 ... control unit, 121 ... first receiving unit, 122 ... specifying unit, 123 ... second receiving unit, 124 ... providing unit, 125 ... notification unit, 2 ... existing server, 3 ... first terminal, 4 ... second terminal, S ... personal number management system

Claims (5)

Group identification information for identifying a group to which the user belongs, a personal number for identifying the user, and a personal number storage for storing the key information for identifying the personal number in association with each other;
A group hierarchy storage unit that associates and stores the group identification information and the group identification information of an upper group to which the group belongs;
An authority information storage unit that stores user identification information different from the personal number and an access authority to information belonging to the group in association with each other;
A first receiving unit that receives the acquisition request for the personal number, including the key information and the user identification information;
When the first accepting unit accepts the acquisition request, the personal number storage unit, the group hierarchy storage unit, and the authority information storage unit are referenced, and the personal number corresponding to the acquisition request is accessible. A specifying unit for specifying an upper user having higher access authority than the user corresponding to the user identification information included in the acquisition request;
A second accepting unit that accepts approval of acquisition of a personal number corresponding to the acquisition request from the identified upper user;
When the second accepting unit accepts the approval, a providing unit that obtains a personal number corresponding to the acquisition request from the personal number storage unit and provides it to the request source of the acquisition request;
A personal number management device comprising: The personal number storage unit includes a first storage unit that stores first information constituting the personal number, and a second storage unit that stores second information obtained by removing the first information from the personal number. ,
The providing unit acquires the first information corresponding to the acquisition request from the first storage unit when the acquisition request is received, and responds to the acquisition request from the second storage unit when the approval is received. Acquiring a personal number corresponding to the acquisition request by acquiring the corresponding second information;
The personal number management device according to claim 1. In response to accepting the acquisition request, the upper user who is different from the upper user who has made the approval, the history information associating the user identification information included in the acquisition request with the time when the acquisition request was accepted A notification unit for notifying
The personal number management device according to claim 1 or 2. The first accepting unit accepts the reason for obtaining the personal number when accepting the acquisition request for the personal number;
The second accepting unit notifies the superior user identified by the identifying unit of the accepted reason, and accepts an approval to acquire a personal number corresponding to the acquisition request from the superior user .
The personal number management device according to any one of claims 1 to 3. Executed by the computer,
Receiving an acquisition request for the personal number including key information for identifying a personal number for identifying a user and user identification information different from the personal number;
When the acquisition request is received, group identification information for identifying the group to which the user belongs, the personal number, and the personal number storage unit for storing the key information in association with each other, the group identification information, and the upper group to which the group belongs A personal number corresponding to the acquisition request with reference to a group hierarchy storage unit that associates and stores the group identification information, the user identification information, and an authority information storage unit that associates and stores access authority to information belonging to the group Identifying an upper user who is accessible to the user and has higher access authority than the user corresponding to the user identification information included in the acquisition request;
Receiving an approval for acquisition of a personal number corresponding to the acquisition request from the identified upper user;
When the approval is accepted, obtaining a personal number corresponding to the acquisition request from the personal number storage unit, providing to the request source of the acquisition request;
A personal number management method comprising:

Images