WO2000042498A1 - Procede et systeme permettant d'executer un code mobile - Google Patents

Procede et systeme permettant d'executer un code mobile Download PDF

Info

Publication number
WO2000042498A1
WO2000042498A1 PCT/JP1999/000084 JP9900084W WO0042498A1 WO 2000042498 A1 WO2000042498 A1 WO 2000042498A1 JP 9900084 W JP9900084 W JP 9900084W WO 0042498 A1 WO0042498 A1 WO 0042498A1
Authority
WO
WIPO (PCT)
Prior art keywords
code
mobile code
function
mobile
execution
Prior art date
Application number
PCT/JP1999/000084
Other languages
English (en)
Japanese (ja)
Inventor
Tadashi Kaji
Seiichi Susaki
Takashi Akaosugi
Original Assignee
Hitachi, Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hitachi, Ltd. filed Critical Hitachi, Ltd.
Priority to AU18896/99A priority Critical patent/AU1889699A/en
Priority to JP2000594008A priority patent/JP3873624B2/ja
Priority to PCT/JP1999/000084 priority patent/WO2000042498A1/fr
Publication of WO2000042498A1 publication Critical patent/WO2000042498A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability

Definitions

  • the present invention relates to the background art relating to the security of mobile code that is downloaded from a server to a user terminal via a network and automatically executed.
  • Mobino record is placed on a ring server and is downloaded automatically when the user accesses the page using the user program ⁇ Browser program.
  • the program is called.
  • mopile code that performs unauthorized processing such as accessing resources (files, peripheral devices, etc.) on one user's terminal without permission and stealing information or causing failures, has become a problem. They are coming. For this reason, some systems that use mobile code have the following security functions for the execution of mobile code.
  • Mobile code is basically not allowed to access resources on one user terminal.
  • the mobile code is a so-called signed code to which the signature of the creator of the mobile code (a digital signature called a digital signature) is added, and the creator of the code is The function has been extended so that if the user using the terminal recognizes that the mobile code is trusted by the user, the restriction on the mobile code is not applied.
  • Japanese Patent Laying-Open No. 10-83310 discloses an example of a system using such a signed code.
  • the digital signature technology is described in, for example, “SECURE ELEC-TRON IC COMMERCEj (PRENT ICE HALL, 1997) pp. 111-116.
  • a user using a user terminal downloads a signed code from the server using the Browser program (step 1901)
  • the user first verifies the digital signature attached to the signed code.
  • the mobile code is checked for integrity (not falsified) (step 1902). If the integrity is verified, then the signer of the signature is checked to see if it is a signer already authorized to access the oral file (step 1903), and access is granted. If it is the signed signer, the signed code accesses the oral file and executes the previously programmed processing (step 1905).
  • step 1903 if the signer is not authorized, the user using the user terminal is permitted to access the signed code created by the signer to the oral code. Give Is selected (step 1904). If permission is granted, the signed code accesses the local file and performs the pre-programmed processing (step 1905).
  • step 1902 If the integrity cannot be confirmed in step 1902, and if access permission is not given in step 1904, the user using the user terminal is notified to that effect (step 1906), and the processing is performed. Exit.
  • the security function of the signed code described above determines whether or not the signer of the mopile code allows the execution of the mobile code, and what kind of function the mobile code has I do not know until I try it. Therefore, the user cannot obtain sufficient information on whether or not to execute the mopile code until the user tries to execute the mopile code. Then, if the user decides to trust the signer, there is a problem that even if the signed code is a mobile code that performs illegal processing, it will be executed.
  • Japanese Patent Laying-Open No. 10-83310 discloses a method of distributing a list of resources (ACL) requested by the code together with the code, and assigning resources according to the ACL at the time of execution.
  • ACL resources
  • the present invention has been made in view of the above circumstances, and an object of the present invention is to determine whether to execute a mobile code based on a function of the mobile code.
  • Mobile code configuration and execution method of the mobile code a mobile code system using the mobile code, a source code creation terminal, a function verification server, a mobile code
  • An object of the present invention is to provide a file distribution server, a user terminal, and a program for realizing them. Disclosure of the invention
  • the mobile code according to the present invention is characterized in that a function specification describing a function of the mobile code or an identifier corresponding to the function specification is attached. .
  • the method for executing a mopile code according to the present invention is characterized in that before executing the mobile code, a step of checking a function of the mobile code and determining whether or not to execute the function is provided.
  • a mopile code is acquired, and an electronic signature attached to the mobile code acquired by the mopile code acquisition step is provided.
  • a signature verification step and, if the signature of the mobile code is successfully verified (the verification result is passed) in the signature verification step, describes a function of the mobile code.
  • a function specification acquisition step of acquiring the specified function specification, and a function of the mopile code is confirmed based on the function specification acquired in the function specification acquisition step, and it is determined whether to execute the mobile code. In the function checking step and the function checking step, it is determined that the mobile code is permitted to be executed.
  • a mobile code execution step for executing the mopile code in the event that the mobile phone is disconnected.
  • the mopile code system of the present invention includes a source code creation terminal for creating a source code of a mobile code, a function verification server for verifying the function of the source code, and a mobile code for distributing the mobile code.
  • a mobile server consisting of a distribution server and a user terminal that executes mobile code O Record system,
  • the source code creation terminal includes: a source code creation unit that creates a source code of a mobile code; and a source code transmission unit that sends the source code of the mobile code to the function verification server.
  • the function verification server creates a function specification describing the function of the mobile code from the transmitted source code of the mobile code, and verifies whether the mobile code does not perform an illegal process.
  • the mobile code distribution server includes: a mobile code storage unit that stores and stores the mobile code requested to be registered; and a mobile code storage unit that is requested to deliver from the user terminal.
  • Mobile code transmission means for transmitting the stored mobile code to the user terminal.
  • the user terminal includes: a delivery request transmission unit for requesting delivery of the mobile code to the mobile code distribution server; and a signature verification unit for verifying an electronic signature attached to the delivered mobile code. Means, and if the signature verification means succeeds in verifying the signature, the function specification created by the function inspection means of the verification server is obtained, and the function of the mobile code is confirmed by the function specification. And a function checking means for determining whether to permit execution of the mobile code, and executing the mohair code when the function checking means determines that the execution of the mobile code is permitted.
  • Mobile code execution means for determining whether to permit execution of the mobile code, and executing the mohair code when the function checking means determines that the execution of the mobile code is permitted.
  • the function confirmation means may include: a function specification same as the function specification is registered in a function specification management file stored in one user terminal; The specifications are presented to the user, and if the user decides to permit the execution of the mobile code having the function, it decides to permit the execution of the corresponding mobile code. Therefore, in the present invention, the user-terminal that has downloaded the mopile code performs a process of confirming the function specification describing the functions of the mopile code before executing the mopile code. The mobile code is executed only when the function specification is permitted to be executed in advance, or when the user determines that the execution of the mobile code having the function specification is permitted. I have to.
  • the present invention it is possible to determine whether or not to execute the mobile code based on the function of the mobile code.
  • the present invention is not limited to the mobile code, but can be applied to a case where a general program code such as stored in a storage device of one user terminal is executed.
  • FIG. 1 is a diagram showing a device schematic configuration and a hardware configuration of a mobile code distribution system to which an embodiment of the present invention is applied
  • FIG. 2 is a diagram to which an embodiment of the present invention is applied.
  • FIG. 3 is a diagram showing a functional block configuration of a creation terminal and a verification server related to a mobile code function verification request process in a system according to the present invention.
  • FIG. 3 shows a system to which an embodiment of the present invention is applied.
  • FIG. 4 is a diagram showing a functional block configuration of a verification server and a distribution server related to a mobile code function verification process and a registration process in FIG. 4.
  • FIG. 4 is a system to which an embodiment of the present invention is applied.
  • FIG. 5 is a diagram showing a functional block configuration of a distribution server and a user terminal related to a record execution process
  • FIG. 5 is a diagram showing an example of functional specifications created by a verification server in FIG.
  • FIG. 6 is an example of a functional specification confirmation screen displayed by the verification server to the verifier in FIG. 3
  • FIG. 7 is a diagram in FIG.
  • FIG. 8 is an example of an execution confirmation screen displayed by the user—terminal to the user in FIG. 4
  • FIG. 9 is an example of a function specification editing screen displayed in FIG.
  • FIG. 4 is a diagram for explaining an example of information stored in a functional specification management file shown in FIG. 4.
  • FIG. 10 shows a mobile code function verification request in a system to which an embodiment of the present invention is applied. Creation end related to processing FIG.
  • FIG. 11 is a flow chart for explaining the operation of the mobile server.
  • FIG. 11 illustrates the operation of the verification server related to the function verification request processing of the mobile code in the system to which the embodiment of the present invention is applied.
  • FIG. 12 is a flowchart for explaining the operation of a verification server related to a mobile code function verification process in a system to which an embodiment of the present invention is applied.
  • FIG. 13 is a flowchart for explaining the operation of the distribution server related to the registration of the mobile code in the system to which one embodiment of the present invention is applied.
  • FIG. 15 is a flowchart for explaining the operation of the distribution server related to the execution of the mobile code in the system to which one embodiment of the present invention is applied; and
  • FIG. 15 is a diagram to which one embodiment of the present invention is applied.
  • FIG. 11 illustrates the operation of the verification server related to the function verification request processing of the mobile code in the system to which the embodiment of the present invention is applied.
  • FIG. 12 is a flowchart for explaining the
  • FIG. 16 is a flowchart for explaining the operation of the user terminal related to the execution of the mobile code in the system according to the embodiment of the present invention.
  • FIG. 17 is a diagram showing a functional block configuration of a verification server, a distribution server, and a user terminal related to the execution of a mobile terminal.
  • FIG. 17 shows a mobile core in a system to which another embodiment of the present invention is applied.
  • One user terminal involved in the execution of FIG. 18 is a flow chart for explaining the operation of the verification server.
  • FIG. 18 is a flow chart for explaining the operation of the verification server in the system to which another embodiment of the present invention is applied.
  • FIG. 19 is a flowchart for explaining a security function in a conventional mobile code
  • FIG. 20 is an execution diagram in which a user terminal displays to a user in FIG. It is an example of a confirmation screen.
  • FIG. 1 is a diagram showing a device schematic configuration and a hardware configuration of a mobile code system to which an embodiment of the present invention is applied.
  • the system verifies the functions of a source code creation terminal 110 (hereinafter, also simply referred to as creation terminal 110) for creating a source code of a mopile code, and a function of the source code.
  • a function verification server 120 (hereinafter, also simply referred to as “verification server 120”) that creates a mopile code from the source code
  • a mobile code distribution server 130 (hereinafter, simply a distribution server) that registers and distributes the mopile code.
  • a user terminal 140 that executes a mopile code are respectively configured on a computer, and are connected to each other via a communication network 100 such as a LAN.
  • a plurality of creating terminals 110, verification servers 120, distribution servers 130, or user terminals 140 may be connected.
  • the computer that constitutes the creation terminal 110, the verification server 120, the distribution server 130, and the user terminal U0 includes a communication network interface, a display device, an input device, and a storage device. And the central processing unit ifi (CPU), Temporary storage devices (memory) are connected to each other by a bus.
  • the communication network interfaces 111, 121, 131, and 141 are interface devices for transmitting and receiving data via the communication network 100.
  • the display devices 112, 122, 132, and 142 are used to display messages and the like to users who use the above terminals and servers, and include a CRT, a liquid crystal display, and the like.
  • the input devices 113, 123, 133, and 143 are used by the user to input data, instructions, and the like, and include a keyboard and a mouse.
  • the storage devices 114, 124, 134, 144 are used to permanently store various information such as program data, and are constituted by a hard disk, a floppy disk, and the like.
  • the CPUs 115, 125, 135, and 145 control the respective units in an integrated manner and perform various arithmetic processing.
  • the memories 116, 126, 136, and 146 store operating systems (hereinafter, also simply referred to as OS) 116a, 126a, 136a, and 146a, and programs and data necessary for the CPU to realize the functions of the terminals and servers. Is stored.
  • OS operating systems
  • 0S116a is a program for implementing functions such as file management, process management, or device management in order to control the entire user terminal 110.
  • the code creation program 116b creates a source code (hereinafter, also simply referred to as a source code) of the mopile code 146c in accordance with an instruction of a user of the creation terminal 110 (hereinafter, also simply referred to as 1 ').
  • This is a program for storing in the storage device 114.
  • the verification request program 116c is a program for transmitting the source code stored in the storage device 114 to the verification server 120 according to the instruction of the creator.
  • the code verification program 126b receives the source code from the creation terminal 110, verifies the function of the source code, and, based on the source code, This is a program for creating the pile code 146c and its functional specifications and registering them in the distribution server 130.
  • the code distribution program 136b When receiving the mobile code U6c from the verification server 120, the code distribution program 136b stores the mobile code 146c in the storage device 134, and also allows access from the user terminal 140 by the browser program 146b. This is a program for transmitting the mobile code 146c stored in the storage device 134 with the multimedia data and the like attached thereto as necessary.
  • the browser program 146b communicates with the distribution server 130 when the user terminal 140 communicates with the distribution data, that is, the mobile data 146c and various data attached as needed (for example, multimedia data such as audio, images, and moving images).
  • the distribution data that is, the mobile data 146c and various data attached as needed (for example, multimedia data such as audio, images, and moving images).
  • the mobile code 146c is a program that accesses various resources of the user terminal 140 and performs calculation processing.
  • the function specification of the mopile code 146c and the signature of the verifier (in this embodiment, necessary for verifying the signature) Data and files used by the mobile code itself, and checks the integrity of the mobile code 146c itself (confirms whether it has been tampered with). ) And function confirmation.
  • each functional block This is realized by the CPU executing a program via the OS or directly.
  • the functional block configuration and operation are the same as when the source code is created in the conventional mobile code system. The detailed description of is omitted.
  • the source code created by the creator is stored in the source code file 202 of the storage device 114.
  • FIG. 10 the functional block configuration and operation of the creating terminal 110 and the verification server 120 when the creating terminal 110 requests the verification server 120 to perform the function verification of the mobile code 146c are shown in FIG. This will be described with reference to FIGS. 10 and 11.
  • FIG. 2 is a diagram showing a functional block configuration of the creation terminal 110 and the verification server 120 when the creation terminal 110 requests the verification server 120 for function verification of the mopile code 146c. First, the functional block configuration of the creation terminal 110 will be described.
  • the creation terminal 110 includes an input unit 204 that receives an instruction from the creator via an input device 113, and a display device and the like that are input to the input unit 204.
  • the display 203 displayed on the display device 112 and the verification code 120 are transmitted via the communication network 100 to the source codestore of the storage device 114.
  • a source code transmission processing unit 201 for transmitting data or a file, for example, voice, image, or moving image data, which is used when the source code is executed, stored in the file 202. Note that the data or files used at the time of execution of these are different from the data files attached to the mobile code in the distribution data described above and are required by the mobile code at the time of execution. is there.
  • a function block configuration of the verification server 120 will be described.
  • the verification server 120 displays, on the display device 122, information indicating that the source code has been received from the creation terminal 110, and the like, and displays the source code from the creation terminal 110. And a source code reception processing unit 211 for reception.
  • FIG. 10 is a diagram illustrating an operation flow of the creation terminal 110 when the creation terminal 110 requests the function verification of the mobile code 146c to the verification server 120.
  • the creator inputs the storage location and name of the source code and the location and name of the verification server 120 into the input device 113 (step 1001).
  • the source code transmission processing unit 201 extracts the specified source code from the source code file 202, and executes the source code and the data used by the source code at the time of execution.
  • a function verification request 203 including a file is created, and the function verification request 203 is transmitted to the verification server 120 specified by the creator.
  • FIG. 11 is a diagram showing an operation flow of the verification server 120 when the creation terminal 110 requests the verification server 120 to perform the function verification of the source code.
  • step 1101 the source code reception processing unit 211 waits for the function verification request 203 from the creating terminal 110.
  • the source code reception processing section 211 Upon receiving the function certificate request 203, the source code reception processing section 211 stores the source code extracted from the function verification request 203 in the source code file 212 (step 1103), and Information indicating that the source code has been received from the display device 122 (step 1104). After that, the process transits to Step 1101 and again waits for the function verification request 203 from the creating terminal 110.
  • the verification server 120 performs the function verification of the source code, creates the mobile code 146c, and registers the mobile code 146c in the distribution server 130, the verification server 120 and the distribution server 130 perform The functional block configuration and operation will be described.
  • FIG. 3 is a functional block diagram of the verification server 120 and the distribution server 130 when the function of the source code is verified by the verification server 120 and the mobile code 146c created from the source code is registered in the distribution server 130.
  • FIG. 3 is a diagram showing a configuration.
  • each functional block of the verification server 120 is realized by the CPU 125 of the verification server 120 executing each program stored in the memory 126 via the OS.
  • Each functional block of the distribution server 130 is realized by the CPU 135 of the distribution server 130 executing each program stored in the memory 136 via the OS.
  • the verification server 120 includes an input unit 123 that receives an instruction from a user of the verification server 120 (hereinafter, also simply referred to as a verifier), and data and the like input to the input unit 123.
  • a mobile code creation processing unit 302 that creates a mobile code 146c from the code, a registration request transmission processing unit 303 that sends a registration request 305 to the distribution server 130 to request registration of the mobile code 146c, have.
  • the registration request 305 includes information for designating a location for storing the mobile code 146c and the mobile code created by the mobile code generation processing unit 302.
  • the distribution server 130 displays an input unit 133 for receiving an instruction of a user of the distribution server 130 (hereinafter, also simply referred to as a distributor), and data and the like input to the input unit 133.
  • a registration request reception processing unit 311 that receives the registration request 305 from the verification server 120 and stores the mobile code 146c included in the registration request 305 in the storage device 134. , have.
  • FIG. 12 shows an operation flow of the verification server 120 when the function of the source code is verified by the verification server 120 and the mobile code 146c created from the source code is registered in the distribution server 130.
  • the function verification processing unit 301 when the verifier inputs a storage location and a name of the source code for verifying a function to the input unit 123 (step 1201), the function verification processing unit 301-specifies the source code specified from the source code file 212. Then, a function specification 500 describing the functions of the mopile code 146c is created from the source code (step 1202). Next, the function specification confirmation screen 600 is displayed on the display device 122 (step 1203), and the process proceeds to step 1204 to wait for the verifier's instruction.
  • FIG. 5 is a diagram showing an example of the function specification 500 created by the function verification processing unit 301.
  • the source code reads (501) and writes ('504) a file called “etcZ passwdj”, and executes information (503) that executes a program called “Z bin / rm”. It has been described.
  • FIG. 6 is an example of the function specification confirmation screen 600 displayed on the display device 122 by the function verification processing unit 301.
  • the verifier compares the source code displayed in the source code display area 601 with a technical specification A comparison is made with the function specification 500 displayed in the display area 602, and the function specification 500 is checked, and whether or not to create the mobile code 146c is selected. For example, the verifier checks the function specification 500 displayed on the display device 122 and determines that the mobile code 146c performs a harmful operation.
  • the creation of the mobile code 146c can be rejected by pressing a cancel (reject) button 604 or the like.
  • the harmful operation is, for example, the operation of running a program unrelated to the original operation or the operation of reading data from one user terminal and transferring it to the server.
  • the creation is to create (compile) the execution code from the source code, and to combine the functional specifications, the execution code, and the data file used at the time of execution into one.
  • step 1205 the verifier can edit the functional specification 500.
  • the process proceeds to step 1210, and the function verification processing unit 301 displays the function specification editing screen 700 on the display device. 122 and waits for an instruction from the verifier (step ⁇ U).
  • FIG. 7 shows that the function verification processing unit 301 displays the information on the display device S122. It is an example of the screen of the function specification editing screen end 00. The verifier edits the functional specification 500 using this screen.
  • the function verification processing unit 301 newly adds the function specification 500 reflecting the edited result. Create (step 1212) and return to step 1204.
  • step 1205 a set of the functional specification 500 and a mobile code identifier for identifying the mobile code 146c created by the verification server is stored in a functional specification registration file 304, and the mobile code creation processing unit Move on to 302.
  • step 1206 the mopile code creation processing unit 302 creates the execution code and the signature of the verifier, and creates the mobile code 146c.
  • Step 1207 when the verifier inputs the name of the distribution server 130 that registers the mobile code 146c and the storage location therein, the registration request transmission processing unit 303 A registration request 305 including 146c and its storage location is created, and the registration request 305 is transmitted to the designated distribution server 130 (step 1208), and the process ends.
  • the creator may be notified to that effect. This has the effect that the creator can know that the mobile code 146c has been successfully created.
  • FIG. 13 shows that the function of the source code is verified by the verification server 120
  • the source FIG. 9 is a diagram showing an operation flow of the distribution server 130 when the mobile code 146c created from the code is registered in the distribution server 130.
  • the registration request reception processing unit 311 waits for the registration request 305 from the verification server 120.
  • the registration request reception processing unit 311 Upon receiving the registration request 305 (Step 1302), the registration request reception processing unit 311 stores the mobile code 146c included in the registration request 305 in a designated storage location (Step 1303), and performs the verification.
  • Information indicating that the mobile code 146c has been received from the server 120 is displayed on the display unit 132 (step 1304). After that, the processing transits to Step 1301 and waits for the registration request 305 from the verification server 120 again.
  • the user terminal 140 receives the distribution data including the mopile code 146c from the distribution server 130 and executes the mobile code 146c, the function block configuration and operation of the user terminal 140 and the distribution server 130 are performed. The work will be described.
  • FIG. 4 is a diagram showing a functional block configuration of the user terminal 140 and the distribution server 130 when the user terminal 140 receives the above-mentioned distribution data including the mobile code 146c from the distribution server 130.
  • each functional block of the user terminal 140 is realized by the CPU 145 of the user terminal 140 executing each program stored in the memory 146 via the OS.
  • Each functional block of the distribution server 130 is realized by the CPU 135 of the distribution server 130 executing each program stored in the memory 136 via the OS.
  • the user terminal 140 includes an input unit 143 that receives an instruction of a user of the user terminal 140 (hereinafter, also simply referred to as a user), data input to the input unit 143, A display unit 142 for displaying data and the like sent from the distribution server 130, and the queue input to the input unit 143.
  • a request transmission processing unit 411 that transmits a delivery request 417 of the mobile code 146c to the distribution server 130 according to the instruction of the user, and a mobile communication unit that receives the mobile code 146c from the distribution server 130.
  • the distribution server 130 includes a request reception processing unit 401 that receives the distribution request 417 from the user terminal 140, a card that makes the distribution request 417, and a mobile code 146c. And a mobile code transmission processing unit 402 for transmitting distribution data to the user terminal 140.
  • FIG. 14 is a diagram illustrating an operation flow of the user terminal 140 when the user terminal 140 receives the distribution data including the mobile code 146c from the distribution server 130 and executes the mobile code 146c. is there.
  • Step 1401 download of the mobile code 146c or the like placed on the distribution server 130 is instructed using information indicating the name and storage location of the mobile code 146c (file name / directory name, etc.).
  • the request transmission processing unit 4111 transmits the distribution request 417 of the mopile code 146c to the distribution server 130 (Step 1402).
  • the distribution data indicates the name and storage location of the evening.
  • the so-called Uniform Resource that links the address of the distribution server 130 and the file name
  • step 1403 when the mopile code reception processing unit 412 waits for distribution data from the distribution server '130 and receives the mopile code 146c or the like from the distribution server 130, the signature verification processing unit 413 Transfer processing to In step 1404, the signature verification processing unit 413 includes, as the download instruction method for verifying the verifier's signature attached to the mopile code 146c,
  • the URL of the mobile code is specified in the HTML file being viewed, and the Browser program 146b automatically issues a download instruction.
  • the distribution server 130 may send the mopile code 146c using PUSH technology
  • steps 1401 and 1402 are omitted.
  • Step 1412 the method of determining whether the verifier can be trusted is the same as the method of determining whether or not the signer can be trusted in conventional signed code. Is omitted.
  • step 1405 if it is determined in step 1405 that the integrity of the mopile code 146c is confirmed and that the verifier can be trusted, the process is transferred to the function confirmation processing unit 414.
  • the function confirmation processing unit 414 extracts the function specification 500 of the mopile code I46c from the mobile code 146c (step 1406) and records it in the function specification management file 416 of the storage device 144. Then, it is confirmed whether the same functional specification 500 is registered in the table as shown in FIG. 9 (step 1407).
  • the functional specification management file 416 is registered in the functional specification 500 sequentially each time its execution is permitted, or distributed in advance by a trusted third party or a system administrator. This is a file that stores proven (ie secure) functional specifications.
  • FIG. 9 shows an example in which safe function specifications 500 are sequentially numbered and registered in the function specification management file 416.
  • step 1411 If the same function specification 500 is registered in the function specification management file 416, the process proceeds to step 1411 and the process is transferred to the mobile code execution processing unit 415.
  • step 1408 an execution confirmation screen 800 is displayed on the display unit 142, and the execution of the mobile code 146c is performed. The user is instructed whether or not to do so.
  • FIG. 8 is an example of the execution confirmation screen 800.
  • the mobile code 146c that is about to be executed is read from the file “/ etc / passwd” (811), and the read data is read.
  • FIG. 20 shows another example of the execution confirmation screen 800, in which information such as (813) to be transferred to a computer called www.foo.co.jp is displayed.
  • the mobile code 146c that is currently trying to execute is "da etc /
  • the user confirms the function of the mobile code 146c that is currently about to be executed based on the information displayed on the screen, and Select whether to permit execution of mobile code 146c.
  • the function confirmation processing unit 414 performs the function specification management.
  • the function specification 500 of the mobile code 146c is newly added to the file 416 (step 1410), and the process proceeds to step 1411, where the process is transferred to the mobile code execution processing unit 415.
  • the process proceeds to step 1413.
  • step 1411 the mobile code execution processing unit 414 executes the mobile code 146c.
  • execution of the mopile code 146c in the present embodiment means execution of an execution code included in the mobile code.
  • FIG. 15 is a diagram showing an operation flow of the distribution server 130 when the one user terminal 140 receives the distribution data including the mopile code 146c from the distribution server 130 and executes the mobile code 146c.
  • step 1501 the request reception processing unit 401 waits for a delivery request 417 from the user terminal 140, and upon receiving the delivery request 417 from the user terminal 140, shifts the processing to the mopil code transmission processing unit 402.
  • the mobile code transmission processing unit 402 transmits the mobile code 146c corresponding to the delivery request 417 to the user terminal 140 with a multimedia file or the like attached as necessary (step 1503). . Thereafter, the process returns to step 1501 and waits for the end of the delivery request 41 from the user terminal 140 again.
  • the waiting function of the mobile code 146c created by the verification server 120 is described in the mopile code 146c.
  • the functional specification 500 described above is included.
  • the user terminal 140 receives the mobile code 146c from the distribution server 130, the execution of the function specification 500 extracted from the mobile code 146c is permitted before executing the mobile code 146c. Even if it is not the case, it is presented to the user and made to select whether or not to execute the mopil code 146c. Therefore, the user terminal 140 can determine whether or not to execute the mobile code 146c based on the function of the mobile code 146c ( Next, as another embodiment of the present invention, An embodiment in which the functional specification 500 is centrally managed by the verification server 120 will be described.
  • the mobile code 146c in addition to the execution code of the mobile code 146c, the mobile code 146c includes a mobile code identifier for distinguishing the mobile code 146c from the others, and a signature of the verifier (this embodiment). However, all the data required to verify the signature are collectively described as a signature) and the data file used by the mobile code itself is included, and the integrity of the mobile code U6c itself is confirmed. Available to
  • the device schematic configuration and the hardware configuration of the system in which the functional specification 500 is centrally managed by the verification server 120 are the same as the above-described embodiment in which the mobile code 146c includes the functional specification 500. Detailed explanations are omitted.
  • the function block configuration and operation of the creating terminal 110 are the same as those of the conventional mobile code system, Detailed description is omitted.
  • the creating terminal 110 requests the verification server 120 for the function verification of the mopile code 146c
  • the function block configuration and operation of the creating terminal 110 and the certification server 120 will be described. Is the mobile co This is the same as the embodiment in which the function specification 500 is included in one node i46c, and a detailed description thereof will be omitted.
  • the function block configuration and operation of the verification server 120 and the distribution server 130 when the function verification of the mobile code 146c is performed by the verification server 120 and registered in the distribution server 130 are as follows.
  • the mobile code 146c is created in step 1206 in FIG. 12
  • the mobile code identifier described above is used except that the mobile code identifier created in association with the functional specification 500 is used instead of the functional specification 500.
  • This is the same as the embodiment in which the function specification 500 is included in 146c, and a detailed description thereof will be omitted.
  • the user server 140 receives the distribution data including the mobile code 146c from the distribution server 130, executes the mobile code 146c, and executes the verification server 120, the user terminal 140, and The function block configuration and operation of the distribution server 130 will be described.
  • FIG. 16 shows the verification server 120 and the distribution server 130 when the user terminal 140 receives the distribution data including the mobile code 146c from the distribution server 130 and executes the mopile code 146c in the present embodiment.
  • FIG. 3 is a diagram showing a functional block configuration of a user terminal 140.
  • the verification server 120 receives the function specification request 418 from the user terminal 140 and transmits the requested function specification 500 to the user terminal 140. Have.
  • the function confirmation processing unit 414 of the user terminal 140 also performs processing of transmitting a function specification request 418 to the verification server 120 and receiving a function specification 500 from the verification server 120. .
  • FIG. 5 is a diagram showing an operation flow of the user-one terminal 140 when the user-one terminal 140 receives the distribution data including the mopile code 146c from the distribution server 130 and executes the mobile code 146c. .
  • steps 1401 to 1405 and steps 1407 to 1412 are the same as those in FIG. 14, and a description thereof will be omitted.
  • step 1405 the process proceeds to the function confirmation processing unit 414,
  • the function confirmation processing unit 414 extracts the mobile code identifier from the mopile code 146c, and transmits a function specification request 418 including the mopile code identifier to the distribution server 120 (step 1701).
  • step 1702 when the function specification 500 corresponding to the mobile code identifier is received from the distribution server 120, the same as the table shown in FIG. 9 previously stored in the function specification management file 416 of the storage device 144. Check whether function specification 500 is registered (step 1407).
  • FIG. 18 shows an operation flow of the verification server 120 when the user terminal 140 receives the distribution data including the mopile code 146c from the distribution server 130 and executes the mobile code 146c.
  • step 1801 the specification transmission processing unit 1621 waits for the function specification request 418 from the user terminal 140.
  • the function specification request 418 is received, the mobile code identifier included in the function specification request 418 is extracted (step 1803), and the mobile code identifier corresponding to the mobile code identifier is extracted from the bonus specification registration file 304.
  • the function specification 500 to be searched is searched (step 1804).
  • the function specification 500 is transmitted to the user terminal 140 (step 1805), and the process returns to step 180U. Wait for specification request 418.
  • the operation of the distribution server 130 is the same as that in the above-described embodiment in which the mobile code 146c includes the functional specification 500, and a detailed description thereof will be omitted.
  • the verification server 120 creates the function specification 500 and the mobile code identifier for uniquely identifying the mobile code 146c created when verifying the function of the source code.
  • the group is managed.
  • the mobile code 146c includes the mobile code identifier.
  • the user terminal 140 receives the mobile code 146c from the distribution server 130, first, the mobile code identifier extracted from the mobile code 146c is used. Is transmitted to the verification server 120.
  • the verification server 120 Upon receiving the mobile code identifier, the verification server 120 searches for the functional specification 500 corresponding to the mobile code identifier, and returns it to the user terminal 140.
  • the user terminal 140 that has received the function specification 500 presents the function specification 500 to the user if the function specification 500 is not a permitted function specification, and determines whether or not to execute the mopile code 146c. Or let me choose. Therefore, the user terminal 140 can determine whether or not to execute the mobile code 146c based on the function of the mobile code 146c.
  • communication including various “requests” and “requests” performed by each program is performed by a communication technology (eg, “socket”) between well-known programs (or modules and processes). Is known).
  • a communication technology eg, “socket” between well-known programs (or modules and processes). Is known).
  • the transmission and reception performed by each program are performed via the OS of each computer hardware, the communication network interface, and the communication network.
  • the display on each display unit E and the input from the input unit a are performed by the programs of the display unit and the input unit via the OS or directly. is there.
  • the verification server 120 and the distribution server 130 are configured on different computer hardware, but the present invention is not limited to this. That is, the verification server 120 and the distribution server 130 may be configured on the same computer hardware. Similarly, the creation terminal 110 and the verification server 120 may be configured on the same computer hardware. Similarly, the creation terminal 110 and the distribution server 130 may be configured on the same computer hardware. Further, the creation terminal 110, the verification server 120, and the distribution server 130 may be configured on the same computer hardware. In these cases, the programs that realize the functions of each server and terminal are managed as independent programs (processes) by the OS on the same computer hardware, and their operations are managed.
  • the verification server 120 may transmit the created mopile code 146c to the creating terminal 110, and the creating terminal 110 may register the created molypile code 146c in the distribution server 130. In this way, the creator can select the distribution server 130 for registering the mobile code 146c.
  • the creation terminal 110 may register the source code in the distribution server 130, and the distribution server 130 may request the verification server 120 to verify the function of the mopile code 146c. In this way, the distributor can request a verifier trusted by himself to perform the function verification.
  • the creator may create the function specification 500, and transmit the function specification 500 to the certification server 120 together with the source code.
  • the verifier can confirm that the functional specification 500 does not operate illegally and that the source code is By confirming that the mobile code 146c is implemented as per the performance specification 500 and that the mobile code 146c does not perform an illegal operation, it can be guaranteed.
  • the function of creating the functional specification 500 in the verifier server 120 becomes unnecessary.
  • the features of the function specification 500 of the mobile code 146c that performs the illegal processing may be put into a list and stored in the storage device 124 of the verification server 120. . Then, by confirming whether the functional specification 500 created from the source code to be verified has the features corresponding to the list, the mobile code 146c is processed illegally. A process for confirming whether or not to perform may be incorporated. By doing so, the mobile code 146c corresponding to the above list using the known fraudulent processing method can save the verifier's trouble of performing function verification, thereby improving the efficiency.
  • the creation terminal 110 may transmit the execution code and the function specification of the mobile code 146c to the verification server 120.
  • Step 1202 is unnecessary in FIG.
  • the “source code designation” and “execution code designation” of step 1201 are changed to the “source code discard” force “execution code discard” of step 1209. Further, the function of compiling the execution code from the source code in step 1206 can be eliminated.
  • the confidentiality of information exchanged between the creating terminal 110, the verification server 120, the distribution server 130, and the user terminal 140 via the communication network 100 Although no special means is used to ensure integrity, the present invention does not prevent the use of various encryption means and authentication means. By applying encryption means and authentication means to the information flowing through the communication network 100, the security of the entire system can be further improved. You.
  • the mopile code 146c permitted to execute by the user can use any resources of the user terminal 110, such as freely starting other programs. ing.
  • the Browser program 146b or the OS 146a passes the function specification 500 to the other program, and the function specification 500 The program passed may determine whether or not to execute the request from the mobile code 146c based on the function specification 500.
  • the data exchange between the creation terminal 110 and the verification server 120 is performed via the communication network 100, but the present invention is not limited to this.
  • the source code created by the creating terminal 110 may be recorded on a storage medium such as a floppy disk and delivered to the verifier.
  • the mobile code 146c may be recorded on a storage medium and passed to the distributor.
  • whether or not to execute the mobile code can be determined based on the function of the mobile code, so that the present invention is more secure.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention concerne des moyens permettant de décider de l'exécution d'un code mobile selon les fonctions dudit code. Lorsqu'une partie réceptrice d'un code mobile d'un terminal d'utilisateur reçoit des données comportant un code mobile qui provient d'un serveur de répartition, une signature attachée au code mobile est vérifiée. Lorsque la signature est vérifiée avec succès, une partie de confirmation de fonctions confirme la spécification qui décrit les fonctions du code mobile. Si la partie de confirmation de fonctions décide de permettre l'exécution du code mobile, un moyen d'exécution exécute ledit code mobile.
PCT/JP1999/000084 1999-01-13 1999-01-13 Procede et systeme permettant d'executer un code mobile WO2000042498A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
AU18896/99A AU1889699A (en) 1999-01-13 1999-01-13 Method and system for executing mobile code
JP2000594008A JP3873624B2 (ja) 1999-01-13 1999-01-13 モバイルコードの実行方法およびそのシステム
PCT/JP1999/000084 WO2000042498A1 (fr) 1999-01-13 1999-01-13 Procede et systeme permettant d'executer un code mobile

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP1999/000084 WO2000042498A1 (fr) 1999-01-13 1999-01-13 Procede et systeme permettant d'executer un code mobile

Publications (1)

Publication Number Publication Date
WO2000042498A1 true WO2000042498A1 (fr) 2000-07-20

Family

ID=14234701

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP1999/000084 WO2000042498A1 (fr) 1999-01-13 1999-01-13 Procede et systeme permettant d'executer un code mobile

Country Status (3)

Country Link
JP (1) JP3873624B2 (fr)
AU (1) AU1889699A (fr)
WO (1) WO2000042498A1 (fr)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002093361A1 (fr) * 2001-05-14 2002-11-21 Ntt Docomo, Inc. Systeme de gestion de programme stocke dans un bloc de stockage d'un terminal mobile
WO2003058411A1 (fr) * 2002-01-08 2003-07-17 Ntt Docomo, Inc. Procede d'administration de contenu et systeme d'administration de contenu et systeme d'administration de contenu
JP2005222341A (ja) * 2004-02-05 2005-08-18 Trend Micro Inc 情報機器上および伝送経路上でのプログラム分析によるセキュリティの確保
US7269445B2 (en) 2001-01-31 2007-09-11 Ntt Docomo Inc. Method and apparatus for delivering program to storage module of mobile terminal
US7558963B2 (en) 2003-03-31 2009-07-07 Ntt Docomo, Inc. Communication device and program
US7587592B2 (en) 2002-04-03 2009-09-08 Ntt Docomo, Inc. Distribution method, distribution system, and terminal device
JP2010092376A (ja) * 2008-10-10 2010-04-22 Softbank Mobile Corp 情報処理装置、情報処理方法及び情報処理プログラム
US8001615B2 (en) * 2003-11-04 2011-08-16 Nagravision S.A. Method for managing the security of applications with a security module
JP2012008732A (ja) * 2010-06-23 2012-01-12 Kddi Corp インストール制御装置およびプログラム
JP2016535547A (ja) * 2013-09-12 2016-11-10 ザ・ボーイング・カンパニーThe Boeing Company 対象のコンピューティング装置で実施される動作を認証する方法
KR101839607B1 (ko) * 2011-08-02 2018-03-22 주식회사 케이티 단말 보안을 수행하는 사용자 단말 및 서비스 서버 장치

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH09231068A (ja) * 1995-10-26 1997-09-05 Sun Microsyst Inc 動的にリンクされた実行可能モジュールの使用を保護するシステム及び方法
JPH1069382A (ja) * 1995-12-08 1998-03-10 Sun Microsyst Inc アーキテクチャ中立プログラムの信頼された、アーキテクチャ特定の、コンパイルされたバージョンを生成するシステム及び方法
JPH1083310A (ja) * 1996-06-11 1998-03-31 Internatl Business Mach Corp <Ibm> プログラム・コードの配布方法及びシステム
JPH1091427A (ja) * 1996-06-11 1998-04-10 Internatl Business Mach Corp <Ibm> 署名入り内容の使用の安全を保証する方法及びシステム
JPH10254783A (ja) * 1997-01-09 1998-09-25 Sun Microsyst Inc システムリソースへのソフトウェアアクセスを制御する方法及び装置

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH09231068A (ja) * 1995-10-26 1997-09-05 Sun Microsyst Inc 動的にリンクされた実行可能モジュールの使用を保護するシステム及び方法
JPH1069382A (ja) * 1995-12-08 1998-03-10 Sun Microsyst Inc アーキテクチャ中立プログラムの信頼された、アーキテクチャ特定の、コンパイルされたバージョンを生成するシステム及び方法
JPH1083310A (ja) * 1996-06-11 1998-03-31 Internatl Business Mach Corp <Ibm> プログラム・コードの配布方法及びシステム
JPH1091427A (ja) * 1996-06-11 1998-04-10 Internatl Business Mach Corp <Ibm> 署名入り内容の使用の安全を保証する方法及びシステム
JPH10254783A (ja) * 1997-01-09 1998-09-25 Sun Microsyst Inc システムリソースへのソフトウェアアクセスを制御する方法及び装置

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
DAI 1 KAI INTERNET TECHNOLOGY WORKSHOP ROMBUNSHUU (WIT'98).: "Java no code shomei model in kansuru giron.", HISASHI KOJIMA, HIROSHI MARUYAMA., August 1998 (1998-08-01), pages 123 - 132, XP002931280 *
GEKKAN JAVA WORLD: "JDKI. 2 no. security kikou o mini tsukeru.", SHIGERU TAGO, vol. 2, no. 11, November 1998 (1998-11-01), pages 54 - 65, XP002931279 *
GONG LI, ET. AL.: "Signing, sealing, and Guarding Java Objects.", LECTURE NOTES IN COMPUTER SCIENCE, vol. 1419, 1998, pages 206 - 216, XP002931278 *

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7269445B2 (en) 2001-01-31 2007-09-11 Ntt Docomo Inc. Method and apparatus for delivering program to storage module of mobile terminal
US7706786B2 (en) 2001-05-14 2010-04-27 Ntt Docomo, Inc. System for managing program applications storable in a mobile terminal
US8166291B2 (en) 2001-05-14 2012-04-24 Ntt Docomo, Inc. System for managing program applications storable in a mobile terminal
EP1391810A1 (fr) * 2001-05-14 2004-02-25 NTT DoCoMo, Inc. Systeme de gestion de programme stocke dans un bloc de stockage d'un terminal mobile
AU2002308966B2 (en) * 2001-05-14 2004-05-06 Ntt Docomo, Inc. System for Managing Program Applications Storable in a Mobile Terminal
US8140846B2 (en) 2001-05-14 2012-03-20 Ntt Docomo, Inc. System for managing program applications storable in a mobile terminal
WO2002093361A1 (fr) * 2001-05-14 2002-11-21 Ntt Docomo, Inc. Systeme de gestion de programme stocke dans un bloc de stockage d'un terminal mobile
EP1391810A4 (fr) * 2001-05-14 2008-04-16 Ntt Docomo Inc Systeme de gestion de programme stocke dans un bloc de stockage d'un terminal mobile
US7379731B2 (en) 2001-05-14 2008-05-27 Ntt Docomo Inc. System for managing program applications storable in a mobile terminal
US8010095B2 (en) 2001-05-14 2011-08-30 Ntt Docomo, Inc. System for managing program applications storable in a mobile terminal
EP2261796A3 (fr) * 2001-05-14 2011-02-23 NTT DoCoMo, Inc. Système de gestion de programme stocké dans un bloc de stockage d'un terminal mobile
US7742756B2 (en) 2001-05-14 2010-06-22 Ntt Docomo, Inc. System for managing program applications storable in a mobile terminal
US8015616B2 (en) 2002-01-08 2011-09-06 Ntt Docomo, Inc. Contents transmission method and contents transmission system
WO2003058411A1 (fr) * 2002-01-08 2003-07-17 Ntt Docomo, Inc. Procede d'administration de contenu et systeme d'administration de contenu et systeme d'administration de contenu
US8281391B2 (en) 2002-01-08 2012-10-02 Ntt Docomo, Inc. Contents transmission method and contents transmission system
US7530114B2 (en) 2002-01-08 2009-05-05 Ntt Docomo, Inc. Content delivery method and content delivery system
CN1300653C (zh) * 2002-01-08 2007-02-14 株式会社Ntt都科摩 内容传送方法和内容传送系统
US7587592B2 (en) 2002-04-03 2009-09-08 Ntt Docomo, Inc. Distribution method, distribution system, and terminal device
US7558963B2 (en) 2003-03-31 2009-07-07 Ntt Docomo, Inc. Communication device and program
US8001615B2 (en) * 2003-11-04 2011-08-16 Nagravision S.A. Method for managing the security of applications with a security module
JP2005222341A (ja) * 2004-02-05 2005-08-18 Trend Micro Inc 情報機器上および伝送経路上でのプログラム分析によるセキュリティの確保
US8490183B2 (en) 2004-02-05 2013-07-16 Trend Micro Incorporated Security ensuring by program analysis on information device and transmission path
JP2010092376A (ja) * 2008-10-10 2010-04-22 Softbank Mobile Corp 情報処理装置、情報処理方法及び情報処理プログラム
JP2012008732A (ja) * 2010-06-23 2012-01-12 Kddi Corp インストール制御装置およびプログラム
KR101839607B1 (ko) * 2011-08-02 2018-03-22 주식회사 케이티 단말 보안을 수행하는 사용자 단말 및 서비스 서버 장치
JP2016535547A (ja) * 2013-09-12 2016-11-10 ザ・ボーイング・カンパニーThe Boeing Company 対象のコンピューティング装置で実施される動作を認証する方法

Also Published As

Publication number Publication date
AU1889699A (en) 2000-08-01
JP3873624B2 (ja) 2007-01-24

Similar Documents

Publication Publication Date Title
JP4301482B2 (ja) サーバ、情報処理装置及びそのアクセス制御システム並びにその方法
US20170195368A1 (en) Uniform modular framework for a host computer system
KR100955172B1 (ko) 디지털 컨텐츠 액세스 제어를 위한 시스템
JP4847701B2 (ja) 著作権管理システムにおける柔軟性のある権利テンプレートを使用したデジタルコンテンツの署名済み権利ラベル(srl)の取得
JP4738791B2 (ja) サービス提供システム、サービス提供装置、サービス提供方法、サービス提供プログラム、及び記録媒体
JP4742682B2 (ja) コンテンツ保護装置及びコンテンツ保護解除装置
JP5036140B2 (ja) 個人情報流通管理システム、個人情報流通管理方法、個人情報提供プログラム及び個人情報利用プログラム
US7500099B1 (en) Method for mitigating web-based “one-click” attacks
US8417964B2 (en) Software module management device and program
US20080059793A1 (en) Methods and systems for phone home token registration
CN109478149A (zh) 混合云计算系统中的访问服务
US8060464B2 (en) Data-centric distributed computing
JP2008015936A (ja) サービスシステムおよびサービスシステム制御方法
KR20030022802A (ko) 컨텐츠 제공 방법, 컨텐츠 제공 서버, 및 컨텐츠 제공기반의 고객 단말기
JP2006031175A (ja) 情報処理システム、情報処理装置、およびプログラム
JP2003500722A (ja) 情報保護方法および装置
US7594274B2 (en) Method of authenticating an application for personal digital assistant using a unique ID based on a personal computer and system using thereof
US9443067B1 (en) System for the distribution and deployment of applications, with provisions for security and policy conformance
JP4055393B2 (ja) データ処理装置およびその方法とプログラム
WO2000042498A1 (fr) Procede et systeme permettant d&#39;executer un code mobile
KR20020003861A (ko) 등록장치 및 방법, 정보처리장치 및 방법, 제공장치 및방법 그리고 프로그램격납매체
CN101167290A (zh) 用于完整性证明和验证的系统和方法
US6681233B1 (en) Data circulation between servers and clients
JP2004038486A (ja) 発行許可装置、発行申請装置、配信装置、アプリケーション実行装置及び方法
JP7445017B2 (ja) ユーザ識別子および署名収集を利用したモバイルアプリケーション偽造・変造探知方法、コンピュータプログラム、コンピュータ読み取り可能な記録媒体およびコンピュータ装置

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AU CA IL JP US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
ENP Entry into the national phase

Ref country code: JP

Ref document number: 2000 594008

Kind code of ref document: A

Format of ref document f/p: F

122 Ep: pct application non-entry in european phase