JP2003224554A - Communication connection system, method and program and electronic voting system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To block the inflow of unauthorized packets at the time of communicating with a different domain. <P>SOLUTION: At the time of secure communication between the different domains A and B, respective gateways GW20 and GW40 exchange security policies including the authentication accuracy of individual authentication and the security information of an application and the secure communication is connected only when the verified results of both of the authentication accuracy and the security information are proper. Thus, the validity of a communication requesting person is verified from both of the authentication accuracy and the security information. <P>COPYRIGHT: (C)2003,JPO

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a communication method used for securely communicating information between different domains,
A program and system, especially a communication connection system capable of blocking the inflow of an illegal packet from another domain,
A method, a program, and an electronic voting system.

[0002]

2. Description of the Related Art Conventionally, when entity devices belonging to different domains securely communicate information with each other, if the entity devices are part of an electronic mail system, PGP (Pretty Good Privacy) or S / MIME ( Se
Cryptographic emails such as cure Multimedia Internet Mail Extensions) are used to confirm the sender and keep messages confidential.

On the other hand, each entity device is mutually WWW
In the case of a part of the client / server system on the (World Wide Web), mutual authentication and confidentiality of communication data are performed by SSL (secure sockets layer).

As described above, in the secure communication between the entity devices, the layer to be protected securely differs depending on the application that uses encrypted mail, SSL, etc. Therefore, in some cases, the user corresponds to the application. It is necessary to understand the layers that are protected securely.

In addition, when the security policies differ between the domains, even when the question of whether or not the communication partner is a legitimate communication partner remains, for example, when the authentication accuracy of the communication partner is lower than our request level, If the authentication result is affirmative, the communication partner is connected and communication is performed. In this connection, if the communication partner is an unauthorized entity device, there is a possibility that an unauthorized packet will flow in as a security hole.

[0006]

As described above,
In secure communication between entity devices belonging to different domains, in some cases, it is necessary for the user to know the layer protected securely according to the application.

Further, when communicating with an entity device of another domain having a different security policy, if the communication partner is an unauthorized entity device, an unauthorized packet may flow in.

The present invention has been made in consideration of the above-mentioned circumstances, and it is possible to grasp the layer that is protected securely according to the application and prevent the inflow of an unauthorized packet when communicating with a different domain. It is to provide a communication connection system, a method, a program, and an electronic voting system to be obtained.

[0009]

A first invention is a communication connection system for connecting secure communication between entity devices belonging to different domains via respective relay devices and an open network, Each of the relay devices includes authentication-related information including an authentication method and authentication accuracy of personal authentication received from an entity device of a domain to which the relay device belongs, and security information regarding security of an application used by the entity device for the secure communication. Policy creating means for creating a security policy, policy exchanging means for exchanging the security policy created by the policy creating means between the relay devices, and authentication related information in the security policy of the other party obtained by the policy exchanging means And security information With respect to the above, a policy verification means for respectively verifying whether or not it conforms to its own security policy, and a key exchange means for exchanging a key for the connection when the verification result of both by the policy verification means is valid. It is a communication connection system provided with.

(Operation) Therefore, the first aspect of the present invention takes the above-mentioned means, and thereby, when performing secure communication between different domains, establishes the security policy including the authentication accuracy of personal authentication and the security information of the application. By exchanging and verifying the verification results of both authentication accuracy and security information, the configuration that connects the secure communication can verify the authenticity of the communication requester from both the authentication accuracy and the security information. Inflow of packets can be prevented.

The first aspect of the present invention shows the case where the whole is expressed as a "system", but the present invention is not limited to this, and the "apparatus", "method", "program" or "storage" of the whole or each apparatus is shown. It goes without saying that it may be expressed as "medium" or the like.

[0012]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described below with reference to the drawings. (First Embodiment) FIG. 1 is a schematic diagram showing a network configuration including a communication connection system according to a first embodiment of the present invention. As shown, different domains A,
B are connected to each other via an open network NW such as the Internet.

Here, the domain (first domain) A is
N PC (Personal Computer) terminals on the user side (first
Entity device) TA10 _{1 to} TA10 _n are LAN1
And a configuration connected to the network NW via the first gateway (first relay device) GW20.

Similarly, the domain (second domain) B is
M PC terminals (second entity device) T on the authenticator side
B30 _{1 to} TB30 _m are connected to the network NW via the LAN 2 and the second gateway (second relay device) GW40. The first and second gateways GW20 and GW40 may be replaced with routers. Also, each PC terminal TB30 _{1 to} T on the authenticator side
B30 _m may be a terminal for personal use or a terminal for joint use, or may be replaced with a server that provides a service such as a WWW server.

FIG. 2 is a schematic diagram showing the structure of the communication connection system. Here, each of the PC terminals TA10 _{1 to} TA1
Since 0 _n have the same configuration, TA 10 ₁ will be described as an example. Similarly, each of the PC terminals TB30 _{1 to} TB30
_m for even the same structure with each other, will be described as an example TB30 _1.

The user side of the PC terminal TA10 ₁ includes a memory unit 11, is connected to the sensor device 14 comprising a sensor unit 12 and the recognition unit 13, the terminal key memory 15, the security information generation unit 16, policy information generation Part 17 and G
The W authentication unit 18 is provided.

The memory section 11 stores preset collation data for collating the biometric information of the user, setting information for collation (accuracy etc.), a device authentication key, a public key certificate and an authentication device ID. It is stored in advance so that it can be read from the recognition unit 13.

Here, as the collation data, any data (type and accuracy) such as a user's fingerprint, iris, voiceprint, handwriting, keystroke, etc. can be used. Here, a highly accurate value of fingerprint information is used. Shall be used. Further, the collation data is stored in the tamper-resistant memory unit 11 provided in the sensor device 14.
It is stored in a tamper resistant memory inside or inside a smart card attached to the sensor device 14, and is protected from unauthorized reading.

The device authentication key is a public key pair used for authenticating the self device 14, and the validity of the public key is proved by the public key certificate.

The public key certificate has a TTP (Trusted Thi
It is issued by the certificate issuing organization which is the third party and includes the public key of the public key pair (device authentication key) described above. In addition, similarly, other devices TA10 ₁ , GW2
_0, TB30 1, the public key certificate used in GW40 also issued from the certificate issuing authority, is intended to include the public key.

The secret key is the other key of this public key pair, and is stored and kept secret in the tamper resistant area (or another tamper resistant memory) of the memory section 11.

The authentication device ID is identification information used to authenticate the own device 14, and is used for the electronic signature of the own device.

The sensor section 12 measures the fingerprint of the user,
It has a function of inputting the obtained fingerprint information to the recognition unit 13.

The recognition unit 13 authenticates the legitimacy of the fingerprint information input from the sensor unit 12 based on the collation data of the memory unit 11, generates an authentication result signature including an authentication result (OK or NG), and obtains it. The obtained authentication result signature is the PC terminal TA1.
It has a function of outputting to the PC 0 ₁ and a function of verifying an electronic signature received from the PC terminal 10 ₁ .

Here, the authentication result signature is, as shown in FIG. 3, an authentication method c1, an authentication device ID c2, an authentication accuracy (others exclusion rate FAR or false rejection rate FRR) c3, an authentication result c.
4 is a data group c1 to c6 including authentication signature data c5 as an electronic signature for c1 to c4 and a public key certificate c6 of the authentication device.

[0026] Subsequently, each element of the PC terminal TA10 _1,
The terminal key memory unit 15, the security information generation unit 16, the policy information generation unit 17, and the GW authentication unit 18 will be described in this order.

The terminal key memory unit 15, the own device TA10 ₁
The public key pair and public key certificate are stored in advance so that they can be read from the GW authentication unit 18.

The security information generation unit 16 generates security information regarding communication by the operation of the user,
It has a function of sending this security information to the policy information generator 17. Here, the security information is
As shown in FIG. 4, the destination address s1, the application s2, and the security s performed by the application
3, s31 to s32, security s performed in other layers
4, s41, s411, s42, s421 to s428,
Is a data group indicating.

The security s3 performed by the application includes, for example, an encryption algorithm s31 and an encryption key length s32. Security s4 performed in other layers includes, for example, SSL method s41 and its version s411, and, for example, IPsec.
Method s42 and its authentication algorithm s421, authentication mode s422, authentication key s423, encryption algorithm s
424, encryption mode s425, encryption key s426, source address s427, expiration date s428, and the like.

The policy information generating section 17 is provided in the sensor device 1.
4 has a function of authenticating, and a function of enabling personal authentication by the sensor device 14 when the authentication result is true,
Further, of the policy information for generating the security policy, the security information transmitted from the security information generation unit 16 and the authentication result signature output from the recognition unit 13 of the sensor device 14 are sequentially transmitted to the GW authentication unit 18. It has the function of sending. However, the authentication result signature is
Between the pre-sensor device 14 and the policy information generation unit 17, validity is verified by the network layer of the PC terminal TA10 _1.

Here, as shown in FIG. 5, the policy information comprises the authentication result signature shown in FIG. 3 and the security information shown in FIG. The GW authentication unit 18
A function of performing mutual authentication with the first gateway GW 20 via the LAN 1 using the public key pair and the public key certificate in the terminal key memory unit 15, and from the policy information generating unit 17 when the result of the mutual authentication is valid. It has a function of transmitting the sent policy information to the first gateway GW 20 via the LAN 1.

The first gateway GW 20 comprises a GW key memory unit 21, a terminal authentication unit 22, a security policy generation unit 23 and an exchange unit 24.

In the GW key memory section 21, the public key pair and the public key certificate of the own apparatus GW 20 are stored in advance so that they can be read from the terminal authentication section 22.

The terminal authentication unit 22 uses the public key pair and the public key certificate in the GW key memory 21 to perform mutual authentication with the PC terminal TA10 ₁ via the LAN ₁ and the result of the mutual authentication is valid. At this time, the policy information transmitted from the PC terminal TA10 _{1 is transferred} to the security policy generation unit 2
3 has the function of sending.

The security policy generation unit 23 creates security policy data for the user side based on the policy information sent from the terminal authentication unit 22, and exchanges the obtained security policy data for the user side with the exchange unit 24.
It has a function to send to.

[0036] Here, the security policy data of the user side is data for communicating with the authenticator side PC terminal TB30 _1, it has a content including the policy information shown in FIG.

The exchanging unit 24 uses the security protocol data as an SA (Security Association) based on the IPsec protocol (hereinafter, referred to as IPsec) to generate a second packet.
It has a function of performing SA exchange with the gateway GW 40 and a function of permitting secure communication by SA exchange. SA is connection information between each device,
Parameters required for encryption (authentication method, authentication key,
Encryption method, encryption key, encryption key life, etc.).

Specifically, the exchanging unit 24 verifies the security policy data on the authenticator side with the security policy data on the user side based on IPsec, and sends out from the security policy generating unit 23 when the verification result is true. With respect to the function of transmitting the transmitted user-side security policy data to the second gateway GW 40 and the transmitted user-side security policy data,
Upon receiving a verification result from the gateway GW 40 that the security policy of the authenticator is met, a key exchange (IK) for secure communication is performed with the second gateway GW 40.
E).

The communication procedure by IPsec is explained in, for example, “Nikkei Communication“ Basic technology of IPSEC Internet VPN: Interoperability with existing equipment is a problem ”, Nikkei BP, June 15, 1998 issue”. Has been done.

[0040] On the other hand, PC terminal TB30 ₁ of authentication's side,
Similar to the user-side PC terminal TA10 _1, and a terminal key memory unit 31, the policy information providing unit 32 and the GW authentication unit 33.

It should be noted, PC terminal TB30 ₁ authentication side, here from a possible use aspect as the example server device,
It is assumed that with the policy information providing unit 32 is not limited to this, just as in the user side of the PC terminal TA10 _1,
The sensor device 14 may be included in the configuration. Thus the authentication side PC terminal TB30 ₁ is user-side PC terminal TA
For 10 ₁ of the same configuration, rather than as distinguished from apparatus with the authentication side and the user side, the transmitting side becomes the user side, the receiving side is authenticated side.

The terminal key memory unit 31 has its own device TB30 ₁
The public key pair and public key certificate are stored in advance so that they can be read from the GW authentication unit 33.

The policy information providing unit 32 has the function of providing the GW authentication unit 33 with the policy information on the secure communication, which is registered in advance by the operation of the authenticator. Since the authentication-side policy information is data for determining the level of the user-side security policy, at least the user-side policy information shown in FIG. Key certificate c6, authentication key s423 and encryption key s
What is provided with each data of the same format except 426 is used.

The GW authentication unit 33 uses the public key pair and public key certificate in the terminal key memory unit 31 to perform mutual authentication with the second gateway GW 40 via the LAN 2 and the result of mutual authentication is true. When the second gateway GW
It has a function of transmitting the policy information provided by the policy information providing unit 32 to the second gateway GW 40 via the LAN 2 in response to a request from the 40.

The second gateway GW 40, like the first gateway GW 20 described above, has the GW key memory unit 4
1, terminal authentication unit 42, security policy generation unit 43
And an exchange unit 44.

In the GW key memory unit 41, the public key pair and the public key certificate of the own device GW 40 are stored in advance so that they can be read from the terminal authentication unit 22.

The terminal authentication unit 42, using a public key pair and a public key certificate in the GW key memory 41, a function of performing a PC terminal TB30 ₁ and mutual authentication through the LAN2, when the result of the mutual authentication is true has a function of requesting the policy information to the PC terminal TB30 _1, it transmits the policy information obtained in the security policy generation unit 43.

The security policy generation unit 43 creates security policy data on the authenticator side based on the policy information sent from the terminal authentication unit 42, and exchanges the obtained security policy data on the authenticator side with the exchange unit 44.
It has a function to send to.

[0049] Here, the security policy data of the authenticator side is data for determining the level of the user side of the PC terminal TA10 ₁ security policy, as described above, the policy information shown in FIG. 5 Of these, the authentication signature data c5, the authentication device public key certificate c6, and the authentication key s
423 and the encryption key s426 are omitted.

The exchanging unit 44 uses the IPsec to send the security policy data on the authenticator side sent from the security policy generating unit 43 to the first gateway GW.
When the function for exchanging the security policy data on the user side from 20 and the security policy data on the user side obtained by the exchange are verified by the security policy data on the authenticator side, and the verification result shows OK (conformity). , And a function of performing key exchange (IKE) for secure communication with the first gateway GW 20.

Next, the operation of the communication connection system configured as described above will be described with reference to the sequence diagram of FIG.
Now, whether the sensor device 14 is connected to the PC terminal TA10 ₁ which has been turned on, or the sensor device 14 is already connected
When the power of the C terminal TA10 ₁ is turned on, the PC terminal 10 ₁ generates a random number and transmits this random number to the sensor device 14 (ST1).

In the sensor device 14, the recognition unit 13 performs signature processing on this random number by using the device authentication key, and the obtained electronic signature together with the public key certificate is added to the PC terminal TA10.
Reply to ₁ (ST2).

[0053] In the PC terminal TA10 _1, the policy information generation unit 13, the verification result to verify the public key certificate is the process is terminated at the time of the false, the verification result is to verify the only electronic signature at the time of the true.

If the verification result of the electronic signature is true, the policy information generation unit 13 determines that the connected sensor device 14 is valid and enables the sensor device 14 to perform personal authentication. If the verification result of the electronic signature is false, it is determined that the sensor device 14 is illegal and the sensor device 14 cannot perform personal authentication. The process of disabling the personal authentication of the sensor device 14 means that the application requiring the personal authentication is disabled from the usable applications.

Next, the application is activated by the user side at the PC terminal TA10 _1, of the user side PC terminal TA
It is assumed that 10 ₁ wants to transmit a packet to the authenticator side PC terminal TB 30 ₁ .

[0056] In the user side of the PC terminal TA10 ₁ according to operation of the application, GW authentication unit 1 security information including the application information via the policy information generation unit 17 from the security information generation unit 16
8, the GW authentication unit 18 performs mutual authentication with the first gateway GW 20.

[0057] When the mutual authentication result is true, GW authentication unit 18 sends a connection request to the authenticator side to the PC terminal TB30 ₁ to first gateway GW 20, the security information as part of the policy information The data is transmitted to the gateway 1 GW 20 (ST3).

The first gateway GW 20 uses the policy information.
Based on a part of the information, the authenticator side PC terminal TB30₁What
Some of the security policies needed to connect
It After that, the first gateway GW 20 makes an authentication request.
PC terminal TA10 on the user side ₁Send to (S
T4).

[0059] In PC terminal TA10 ₁ of the user side receives the authentication request, only if the verification result of the sensor device 14 after the pre step ST2 is Yes, the screen to the effect that performs personal authentication to the user It is displayed above and a verification request is transmitted to the sensor device 14 (ST5).

When the sensor device 14 receives the verification request,
Wait until the user places his or her finger (input of fingerprint information),
When the user's finger is placed on the sensor unit 12, the sensor unit 1
2 inputs the fingerprint information of this finger into the recognition unit 13.

The recognition unit 13 authenticates the legitimacy of the fingerprint information input from the sensor unit 12 based on the collation data of the memory unit 11, and includes the authentication result (OK or NG) as shown in FIG. authentication result signature, and outputs the obtained authentication result signature to the PC terminal TA10 ₁ (ST6).

[0062] PC terminal TA10 _1, when receiving the authentication result signature, in order to verify the public key certificate to the network layer (not shown) is included in the authentication result signature and authentication signature data,
If each verification result is true, the authentication result signature and its verification result are transmitted to the first gateway GW 20 (ST.
7).

Upon receipt of this authentication result signature and verification result, the first gateway GW 20 receives the user-side PC terminal T.
In order to enable secure communication of the A10 ₁ with the authenticator side PC terminal TB30 ₁ via the Internet, etc.
Communicate with the second gateway GW 40 using sec.

Specifically, the first gateway GW20
IPs as a security policy exchange process
When exchanging SA in ec, first, the exchanging unit 24 sends a connection request and a policy request to the second gateway GW.
40 (ST8).

[0065] The second gateway GW40 is to this connection request and policy request, the exchanger 44, through the security policy generation unit 43 and the terminal authentication unit 42, obtaining the authenticator side of the security policy from the PC terminal TB30 ₁ .

After that, the second gateway GW 40
The exchange unit 44 transmits the security policy data on the authenticator side as an SA to the first gateway GW 20 (ST9).

[0067] The first gateway GW20 verifies whether meet the security policy of the verifier side with respect to the security policy data user side, the verification result that effect the PC terminal TA10 ₁ if NG (not) To the second gateway GW 40 (ST10). If the verification result is OK (satisfies), the user side security policy data is transmitted to the second gateway GW 40 (ST10).

Similarly, the second gateway GW 40 verifies whether or not the security policy data on the user side satisfies the security policy on the authenticator side,
If the verification result is NG, a message to that effect is given to the first gateway GW.
To end the process notifies the PC terminal 10 ₁ through 20,
If the verification result is OK, key exchange (IKE) for secure communication is performed with the first gateway GW 20 (S).
T11).

[0069] Upon completion of the key exchange, when the communication between the first and second gateway GW20, GW 40 in the IPsec is established, the first gateway GW20 is that it can communicate the user side to the PC terminal TA10 ₁ Is notified (ST12: OK).

As a result, the user-side PC terminal 10
₁ executes secure communication with the PC terminal 30 ₁ on the authenticator side via the LAN 1, the first gateway GW 20, the network NW and the second gateway GW 40.

As described above, according to the present embodiment, at the time of secure communication between different domains A and B, the security policies including at least the authentication accuracy of personal authentication and the security information of the application are exchanged, and the authentication accuracy is improved. Only when the verification results of both the security information and the security information are valid, the connection of the secure communication can verify the authenticity of the communication requester from both the authentication accuracy and the security information, thus preventing the inflow of unauthorized packets. be able to.

Further, since the security policy to be exchanged includes the personal authentication result at least on the user side among the user side and the authentication side, the validity can be verified more reliably. Further, when the authenticator is not a WWW server but a terminal device operated by an individual, by including the individual authentication result in the security policy of the authenticator,
The validity can be verified more reliably.

(Second Embodiment) FIG. 7 is a schematic diagram showing the configuration of an electronic voting system according to a second embodiment of the present invention. The same parts as those in the above-mentioned drawings are designated by the same reference numerals,
The modified portion is denoted by the symbol "'" and the description of the above-mentioned portion is omitted, and here, different portions will be mainly described.
It should be noted that in each of the following embodiments as well, duplicated description will be omitted.

That is, the present embodiment is an application example in which the first embodiment is applied to an electronic voting system, and n polling place domains A ₁ ′ to A ₁ ′ -A corresponding to the domain A described above.
_n and using the electronic voting system and are connected via a network NW 'and, vote counting office domain B corresponding to the domain B as described above'.

Each polling place domain A ₁ ′, ...,
Since A _n ′ have the same configuration, the polling place domain A ₁ ′ will be described as an example here. Similarly, each PC terminal TA10 ₁₁ ′ to TA10 _1n ′, ..., TA10 _n1 ′ to T
Since the A10 _nn ′ have the same configuration, the PC terminal TA10 ₁₁ ′ will be described as an example here.

The polling place domain A ₁ ′ has n PC terminals T corresponding to the above-mentioned PC terminals TA10 _{1 to} TA10 _n.
A10 ₁₁ '~TA10 _1n' is 'is connected to, polling station gateway GW 20 _1' polling station gateway GW 20 ₁ through the LAN1 ₁ is connected to the network NW.

The PC terminal TA10 ₁₁ ′ is connected to the sensor device 14 (not shown) having a personal authentication function as described above, and has a function related to electronic voting in addition to the same function as described above. In other words, PC terminal TA10 ₁₁ '
Corresponds to a case where the above-mentioned application is an electronic voting application and the function related to electronic voting is executed by executing the electronic voting application.

Here, the functions relating to electronic voting include, for example, the following (1) to (4). (1) A function of reading the contents of a smart card (eg, IC card) for each voter in which fingerprint collation data and voting rights are held in advance. (2) A function of transmitting the verification result signature to the polling place GW 20 'when the verification result signature received from the sensor device 14 and the verification result are true. (3) When the verification result of the voting right received from the polling place GW 20 'is true, the smart card is requested to verify the voting right, the obtained voting right is verified, and when the verification result is true, the voter A function to create a voting card based on the terminal operation of. It should be noted that the public key of the Election Commission to be used when creating a voting card is held in advance in the terminal TA10 ₁₁ 'within.

(4) A function of sending the voting certificate and voting certificate created in (3) above to the polling place GW 20 'only once.

The voting right is electronic data that functions as an admission ticket to the polling place, and as shown in FIG. 8, the voter ID (serial number) r1, the voter name r2, the address r3, the election district r4, It is a data group r1 to r5 consisting of the digital signature r5 of the election management committee for r1 to r4, which is sent in advance from the election management committee to the voters.

The verification result signature is almost the same as the above-mentioned authentication result signature, and as shown in FIG.
1, authentication device ID c2, authentication accuracy (others rejection rate FAR or false rejection rate FRR) c3, collation results c4 ′, c1 to c
Data groups c1 to c5 'consisting of the digital signature c5' of the voting right for 4 and are generated by the sensor device 14 at the time of individual authentication.

As shown in FIG. 10, the voting certificate is the polling place I.
Dv1, terminal ID v2, voting results v3, data groups v1 to v consisting of digital signature v4 of the terminal for v1 to v3
4 is the PC at the polling place based on the voter's terminal operation
Created by the terminal TA10 ₁₁ '.

The polling place gateway GW20 'corresponds to the above-mentioned first gateway GW20.

On the other hand, the counting place domain B'is the above-mentioned P
C terminal TB30 ₁ 'm pieces of collected gateway GW 40 ₁ via the vote counting office gateway GW 50' vote counting server TB30 corresponding to, ..., 'is connected to, each collection gateway GW 40 _1' GW 40 _m, ..., the GW 40 _m ' It is connected to the network NW.

[0085] vote counting server TB30 ', in addition to the PC terminal TB30 ₁ of the above-described functions, vote counting office gateway GW5
It has a function of totaling the voting results included in the voting certificate based on each voting certificate transferred from 0 and outputting the counting result.

Next, each collection gateway GW40 ₁ ',
, GW40 _m ′ have the same configuration, the collection gateway GW40 ₁ will be described as an example here. In addition to the function of the second gateway GW40 described above, the collection gateway GW40 ₁ ′ verifies the voting certificate received from the polling station domain A ₁ ′, and when the verification result is true, sends the voting certificate to the voting station GW50. It has a function to do. In addition, each collection gateway GW40 ₁ ′, ..., G
W40 _m 'and each polling place gateway GW20 ₁ ', ...,
From the viewpoint of load distribution, a plurality of GWs 20 _n ′ are installed. That is, polling place GW20 ₁ 'and collection G
The polling station GW20 ₁ 'and the collection GW 40 that have exchanged policies with each other do not necessarily need to be connected to W40 ₁ '
_i'is connected.

The vote counting place gateway GW50 has a function of transferring the voting certificate received from each collecting gateway GW40 ₁ ′, ..., GW40 _m ′ to the vote counting server.

Next, the operation of the electronic voting system configured as described above will be described in the order of “distribution of voting right” and “voting” using the sequence diagrams of FIGS. 11 and 12. (Distribution of voting right: FIG. 11) The voter shall send the e-mail address of his / her user terminal TU to the election management committee E in advance so that the voting right can be received.
The public key certificate used for verifying the digital signature of the voting right may be sent together with the voting right, or may be downloaded from the website of the Election Management Commission. Further, it is assumed that the voter has a smart card SC for storing the above-mentioned verification data and key information.

Now, as shown in FIG. 11, the user terminal TU
8 receives the voting right shown in FIG. 8 from the election management committee E (ST21), verifies the voting right using the public key of the election management committee E, and if the verification result is true, the sensor A collation request is sent to the device 14 (ST22).

When the biometric information of the fingerprint is input (ST23), the sensor device 14 receives the smart card S in the same manner as described above.
The collation data is read from C (ST24), the biometric information is collated with the collation data, and the collation result (OK / NG) is sent to the user terminal TU (ST25).

The verification result of the user terminal TU is true (OK).
If so, enter the voting right into the smart card SC (S
(T26), the completion notification of writing is received from the smart card SC (ST27).

As a result, the process of distributing the voting right by the election management committee E is completed for the voters listed on the voting right. In addition, steps ST21 to ST27 described above.
Is done for all voters individually.

(Voting: FIG. 12) Voting place domain B'in advance
In the collection GW40 ₁ '
Based on sec, SA exchange (policy exchange) similar to the above is performed with the polling place gateway GW 50 (ST3).
1), the communication is connected to the polling place gateway GW50. In addition, each polling station domain _{A 1 ', ..., A n} ' each PC terminal TA10 ₁₁ of '~TA10 _1n', ..., TA1
0 _n1 'to TA10 _nn ' hold the public key of the election management committee E in advance.

On the other hand, in the polling place domain A ₁ ′,
The voter brings in a smart card SC and sits in front of the PC terminal TA10 ₁₁ 'in the polling place.

First, the sensor device 14 connected to the PC terminal TA10 ₁₁ ′ is connected to the smart card SC by the voter.
Is inserted and the finger of the voter is placed, the fingerprint of the finger is measured to obtain biometric information (ST32), and the verification data is read from the smart card SC (ST33). In addition,
The smart card SC may be inserted in either the sensor device 14 or the PC terminal TA10 ₁₁ ′.

Now, the sensor device 14 collates the biometric information of the fingerprint with the collation data. If the collation result is true, the collation result signature shown in FIG. The resulting signature is output to the PC terminal TA10 ₁₁ '(ST
34).

[0097] PC terminal TA10 ₁₁ 'terminal verifies the verification result signature, if the verification result is true, as before, the matching result signature and its verification result polling station GW 20 _1' to send to (ST35).

Upon receiving the verification result, the polling place GW20 ₁ ′ performs SA exchange with the collecting GW 40 ₁ ′ of the collecting place domain B ′ based on IPsec, and connects the communication (ST.
36).

On the other hand, the PC terminal TA10 ₁₁ ′ requests the smart card SC for the voting right certificate (ST37), reads the voting right certificate from the smart card SC (ST38), and based on the digital signature r5, the voting right certificate. Verify.

If the result of the verification of the voting right is true, the PC terminal TA10 ₁₁ ', the voting result by the voter (candidate name,
Polling place ID v4, terminal ID v2, voting result v3 based on input or selection operation of political party name or national examination result)
To the polling place GW2 by generating a digital signature v4 to create a voting certificate as shown in FIG.
It is transmitted to 0 '(ST39).

That is, the data transmitted from the PC terminal TA10 ₁₁ ′ to the polling place GW20 ₁ ′ is only the vote of the polling place / terminal ID information v1, v2 and the voting result v3, and the voter data is transmitted. Not done.

The polling place GW20 ₁ ′ selects the public key of the PC terminal TA10 ₁₁ ′ based on the terminal IDv2 included in the voting certificate, verifies the voting certificate based on this public key, and verifies the voting certificate. If true, the collection GW connected in ST36
To send a voting card at the 40 ₁ '(ST40).

When the collecting GW 40 ₁ 'receives the voting certificate,
The public key of the PC terminal TA10 ₁₁ ′ is selected based on the polling place IDv1 and the terminal IDv2 included in the voting certificate, the voting certificate is verified based on this public key, and if the verification of the voting certificate is true, Voting place gateway GW5 connected in ST31
The voting certificate is transmitted to 0 (ST41).

The counting place gateway GW50 is a
W40 ₁ to transfer the received voting cards from the '~GW40 _m' in vote counting server TB30 '(ST42).

The vote counting server TB30 'collects the vote certificates received from the vote counting office gateway GW50 and outputs the counting result.

As described above, according to this embodiment, the first
In addition to the effects of the above embodiment, an electronic voting system including secure communication between different domains A ′ and B ′ can be realized.

[0107] Various other mechanisms have been proposed for electronic voting. However, the present embodiment does not refer to the mechanism of electronic voting itself, but refers to a method of connecting a network for safely transmitting voting data to the vote counting server.

Therefore, the mechanism of electronic voting itself is arbitrary, and any mechanism may be used. In other words, any electronic voting system may be incorporated in the application layer.

Mechanisms (a) to (d) for preventing double voting regarding, for example, that the electronic voting to be applied is arbitrary
Will be described as an example. The double voting is an illegal act in which the same voter votes again when the voter votes. Therefore, it is considered necessary to use some mechanism to prohibit double voting in electronic voting. Note that, again, the prohibition of double voting is a story of the electronic voting mechanism itself, and is not an essential requirement of the present embodiment.

[0110] (a) method using a voter list, polling stations GW20 1 _'is intended to confirm the vote already list that indicates the set of voter ID, voting cards and voting flag. That is, 'when a vote by the operation of, the PC terminal TA10 _11' voters PC terminal TA10 _11, in step ST39, polling station the voting card and voting card GW20
Send to ₁ '.

After verifying the voting right, the polling place GW20 ₁ 'based on the voting right certificate, the voter I in the voted list.
It is confirmed that the voted flag corresponding to D is “unvoted”, and the voted flag is updated to “voted”.

[0112] In this way, even as you try to vote the voters again in the same polling station, by the confirmation of the vote has been the list of polling stations GW20 1 _', the second and subsequent vote is prevented. Hereinafter, the operations after step ST40 are executed in the same manner as described above.

(B) The method of rewriting the smart card at the time of entry is to confirm the voting right certificate in the smart card and write the entered data to the smart card. However, this method is considered to be difficult to adopt because there is a possibility that the admitted data may be illegally erased.

[0114] To confirm the voting right at the time of admission,
Set the access authority of the voting card storage area to the smart card in advance as W (Write): Voter, R (Read): Voter / Poll manager, D (Delete): Poll manager. , PIN
(Personal Identification Number) needs to be set.

Therefore, at the time of secondary issuance of the smart card, the PIN of the polling place manager must be set for the storage area. The PIN of each polling place manager must be the same in consideration of the change of the voter's residence, and it is almost impossible to change the PIN later. Therefore, the method of rewriting a smart card is not very practical.

(C) The method of erasing the voting right certificate from the smart card at the time of entry is to confirm the voting right certificate in the smart card and delete the voting right certificate. However, this method is considered to be difficult to be adopted because the voting right may be rewritten to the voter who returns home.

This method is also similar to the method (b), and the PIN is set so that the access authority of the storage area of the data that has already been entered in the smart card is W, R, D: polling place manager.
Need to set, not very realistic.

However, the methods (a) to (c) do not use communication between different domains, and therefore are established regardless of the present embodiment. Therefore, the present embodiment may be applied to an electronic voting system using any one of the methods (a) to (c). That is, since the present embodiment relates to communication between different domains, it can be applied to any system having any mechanism other than the communication between different domains.

(Third Embodiment) Next, the third embodiment of the present invention will be described.
Electronic Voting System According to Embodiment FIG. 7 and FIG.
2 is used for the explanation. In addition, this embodiment is a polling place
Inn A₁'Is the second implementation specified by polling place ID
Different from the state, voters are in any polling place domain A ₁’～
A_n'Arbitrary PC terminal TA10₁₁’~ TA10_nn'so
Describe the case where you can vote.

When voting at any polling place, it is necessary to transmit the voting right certificate in addition to the voting certificate in steps ST39 to ST40 described above. This may be done, for example, by sending the voting card and the voting card on separate ports.

Here, as a result of step ST40, each collection GW40 ₁ ′ to GW40 _m has a polling station GW20 ₁ ′ to G
When the voting certificate from W20 _n to receive the right to vote license separately, to generate a vote already list for double voting prevention. Here, the voted list is the same as that described above, but the anonymity of the voter is maintained because it is managed separately from the voting certificate.

Each collecting GW 40 ₁ ′ to GW 40 _m displays a voted list in addition to the vote certificate in the voting place gateway GW 5.
It transmits to the vote counting server TB30 ′ via 0.

The vote counting server TB30 'aggregates the voting results in the voting certificate as described above, integrates the voted lists, and collects the integrated voted list in each collecting GW40.
_{1 '~GW40 m} and each polling place GW20 _1' ~GW20
send to _n .

The polling stations GW20 ₁ ′ to GW20 _n and the collection GW40 ₁ ′ to GW40 _m are set in steps ST39 and S.
By confirming that the voting right received at T40 is not in this integrated voted list, the double voting of the voter is prevented.

As described above, according to this embodiment, the same effect as in the second embodiment can be obtained even when the polling place is arbitrary, and the double voting can be prevented.

[0126] Specifically, the vote counting server TB30 'to integrate the vote already list, this integration was each collected a vote already list GW40 _1' ~GW40 _m and each polling place GW2
Since the information is transmitted from 0 ₁ ′ to GW 20 _n , it is possible to realize electronic voting at any polling place while preventing the voter from double voting at different polling places. In the case of preventing double voting in the same polling place, as before, polling station _{GW20 1 ', ..., GW20 n} ' may be used to vote already list managed locally for each.

In the second or third embodiment, the security policy is changed when votes are cast over a certain period or when it is desired to change the encryption algorithm used between the GWs at a certain time interval. Can be dealt with.

[0128] For example, if you want to change the encryption algorithm in the present system, as shown in FIG. 13, the vote counting server TB30 instructions to change the security policy 'to, vote counting office gateway GW 50, each collection GW 40 _1'
~GW40 _m, by issuing to each polling place GW20 ₁ '~GW20 _n, it is possible to create a system that can not be connected unless its security policy.

As a result, when the present system receives some kind of attack, it is possible to change the encryption algorithm and the layer to which security is applied, so that it can be expected to minimize the damage.

The method described in each of the above embodiments is
As a program that can be executed by a computer, a magnetic disk (floppy (registered trademark) disk,
Hard disk, etc., Optical disk (CD-ROM, D
It can be stored in a storage medium such as a VD), a magneto-optical disk (MO), a semiconductor memory or the like and distributed.

The storage medium may have any storage format as long as it can store the program and is readable by the computer.

Also, an OS (operating system) running on the computer based on the instructions of the program installed in the computer from the storage medium,
MW such as database management software and network software
(Middleware) or the like may execute a part of each processing for realizing the present embodiment.

Further, the storage medium in the present invention is not limited to a medium independent of a computer, but includes a storage medium in which a program transmitted via a LAN, the Internet or the like is downloaded and stored or temporarily stored.

Further, the number of storage media is not limited to one, and the case where the processing in this embodiment is executed from a plurality of media is also included in the storage media of the present invention, and the medium configuration may be any configuration.

The computer according to the present invention executes each processing in the present embodiment based on the program stored in the storage medium. One computer such as a personal computer or a plurality of devices are connected to the network. It may have any configuration such as an established system.

Further, the computer in the present invention means
Not only a personal computer but also an arithmetic processing unit, a microcomputer, and the like included in an information processing device, which collectively refer to a device and a device that can realize the functions of the present invention by a program.

The invention of the present application is not limited to the above-described embodiments, but can be variously modified at the stage of implementation without departing from the spirit of the invention. In addition, the respective embodiments may be implemented by being combined appropriately as far as possible, in which case the combined effects can be obtained. Further, the above-described embodiments include inventions at various stages, and various inventions can be extracted by appropriately combining a plurality of disclosed constituent requirements. For example, when the invention is extracted by omitting some of the constituent elements shown in the embodiment, when omitting the extracted invention, the omitted portions are appropriately supplemented by well-known and common techniques. It is something that will be done.

In addition, the present invention can be variously modified and implemented without departing from the scope of the invention.

[0139]

As described above, according to the present invention, in communication between different domains via an open network, it is possible to confirm the security policy and verify the legitimacy of the packet transmitted from the sender. By doing so, it becomes possible to prevent the inflow of an unauthorized packet.

[Brief description of drawings]

FIG. 1 is a schematic diagram showing a network configuration including a communication connection system according to a first embodiment of the present invention.

FIG. 2 is a schematic diagram showing a configuration of a communication connection system in the same embodiment.

FIG. 3 is a schematic diagram for explaining an authentication result signature in the same embodiment.

FIG. 4 is a schematic diagram for explaining security information in the same embodiment.

FIG. 5 is a schematic diagram for explaining policy information in the same embodiment.

FIG. 6 is a sequence diagram for explaining an operation in the same embodiment.

FIG. 7 is a schematic diagram showing the configuration of an electronic voting system according to a second embodiment of the present invention.

FIG. 8 is a schematic diagram for explaining a voting right in the same embodiment.

FIG. 9 is a schematic diagram for explaining a verification result signature in the same embodiment.

FIG. 10 is a schematic diagram for explaining a voting certificate in the same embodiment.

FIG. 11 is a sequence diagram for explaining a voting right distribution operation in the embodiment.

FIG. 12 is a sequence diagram for explaining a voting operation in the same embodiment.

FIG. 13 is a sequence diagram for explaining a modified operation according to the second or third embodiment.

[Explanation of symbols]

A, B ... Domain NW ... Network 1,2 ... LAN TA10₁~ TA10_n, TB30₁~ TB30_m, T
A10₁₁’~ TA10 _1n’… TA10_n1’～ TA1
0_nn’... PC terminal 11 ... Memory section 12 ... Sensor section 13 ... Recognition unit 14 ... Sensor device 15, 31 ... Terminal key memory unit 16 ... Security information generation unit 17 ... Policy information generation unit 18, 33 ... GW authentication section GW20, GW40 ... Gateway 21 ... GW key memory unit 22 ... Terminal authentication unit 23 ... Security Policy Generation Unit 24 ... Exchange section 32 ... Policy information provision department A₁’～ A_n’… Polling domain B '... Voting office domain GW20₁’~ GW20_n’… Polling place gateway TB30 '... Vote counting server GW40₁’~ GW40_m’… Collection gateway GW50 ... Voting place gateway

─────────────────────────────────────────────────── ─── Continuation of front page (51) Int.Cl. ⁷ Identification code FI theme code (reference) H04L 12/66 H04L 9/00 675A 601E 673D F term (reference) 5B085 AE00 BC00 5J104 AA07 AA16 EA18 KA04 KA16 LA06 PA17 5K030 GA11 GA15 HC01 HD03 HD07 JA07 LC13 LD19 LD20 5K033 AA08 DA05 DB16 DB18 DB19

Claims (8)

[Claims] 1. A communication connection system for connecting secure communication between entity devices belonging to different domains via respective relay devices and an open network, wherein each relay device is a domain to which it belongs. Received from the entity device of
A policy creating unit that creates a security policy from authentication related information including an authentication method and authentication accuracy of personal authentication and security information related to security of an application used by the entity device for the secure communication, and created by the policy creating unit. Regarding the policy exchanging means for exchanging the security policy between the relay devices and the authentication related information and the security information in the security policy of the other party obtained by the policy exchanging means, it is determined whether or not the security policy conforms to its own. A communication connection system comprising: a policy verifying means for verifying; and a key exchanging means for exchanging a key for the connection when the verification results of both by the policy verifying means are valid. 2. A first relay device connected to a first entity device of a first domain and connected to a second relay device of a second domain different from the first domain via a network, A communication connection method for connecting secure communication from the first entity device to the second domain, comprising: a digital method for authenticating a personal authentication, an authentication accuracy, and a personal authentication result transmitted from the first entity device. Receiving an authentication result signature including a signature, security information related to security of an application used for the secure communication, and creating a security policy including the authentication result signature received from the first entity device and the security information And a connection request for the secure communication to the second relay device. Transmitting the connection request, verifying the security policy of the second domain received from the second relay device, and transmitting the created security policy to the second relay device; 2 Upon completion of verification in the relay device, performing a key exchange for the secure communication with the second relay device; and, upon completion of the key exchange, notifying the first entity device that communication is possible. A communication connection method comprising: 3. A second relay device that is connected to a second entity device of a second domain while being connected to a first relay device of a first domain different from the second domain via a network, A communication connection method for connecting secure communication from the first domain to the second entity device, comprising: receiving a connection request for the secure communication from the first relay device; , A step of requesting the second entity device at least authentication-related information including an authentication method and authentication accuracy of personal authentication, and security information related to security of an application used for the secure communication; Security including authentication related information received from the entity device and the security information Creating a policy, sending the created security policy to the first relay device, security policy of the first entity device received from the first relay device, security policy of the second entity device A step of verifying whether or not it matches the authentication related information and the security information included in, and when the transmission of the created security policy is completed and the verification result is valid, A communication connection method comprising: a step of responding to a key exchange for secure communication. 4. A second entity device of a second domain is connected via a second relay device of the second domain, an open network, and a first relay device of a first domain different from the second domain. A program for communication connection, which is used in a first entity device for connecting secure communication to the second entity device, wherein a connection request for the secure communication is sent to a computer of the first entity device. A function of transmitting to a relay device, a function of transmitting security information regarding security of an application used for the secure communication to the first relay device, an authentication method of personal authentication, an authentication accuracy, and an authentication result signature including a digital signature for the personal authentication result. A function of transmitting to the first relay device, the connection request, the security information And a communication connection for realizing a function of receiving a notification that communication is possible from the first relay device based on completion of transmission of the authentication result signature, and a function of executing the application based on the notification of communication availability For programs. 5. A first relay device connected to a first entity device of a first domain while being connected to a second relay device of a second domain different from the first domain via a network, A communication connection program for connecting secure communication from the first entity device to the second domain, the personal authentication authentication transmitted from the first entity device to a computer of the first relay device. A function of receiving an authentication result signature including a digital signature for a scheme, authentication accuracy, and a personal authentication result, and security information regarding security of an application used for the secure communication, an authentication result signature received from the first entity device, and the security information A function for creating a security policy including And sending the connection request to the second relay device, verifying the security policy of the second domain received from the second relay device, and sending the created security policy to the second relay device by sending the connection request. A function of transmitting to a relay device, a function of exchanging a key for the secure communication with the second relay device upon completion of verification in the second relay device, and a function of transmitting to the first entity device upon completion of the key exchange. A program for communication connection to realize the function to notify that communication is possible. 6. A second relay device connected to a second entity device of a second domain while being connected to a first relay device of a first domain different from the second domain via a network, A communication connection program for connecting secure communication from the first domain to the second entity device, wherein a computer of the second relay device receives a connection request for secure communication from the first relay device. A function of requesting, based on the connection request, the second entity device at least authentication-related information including an authentication method and authentication accuracy of personal authentication and security information regarding security of an application used for the secure communication. In response to this request, the authentication related information received from the second entity device and the security A security policy including security information, a function of transmitting the created security policy to the first relay device, a security policy of the first entity device received from the first relay device, the second entity A function of verifying whether or not it matches the authentication related information and the security information included in the security policy of the device, when the transmission of the created security policy is completed and the verification result is valid, the first relay device On the other hand, a communication connection program for realizing a function that responds to the key exchange for the secure communication. 7. A voting terminal and a polling station relay device that belong to a polling place domain, an open network, and a collection relay device and a voting device that belong to a voting place domain,
An electronic voting system capable of connecting secure communication from the terminal device to the voting device via the polling place relay device, the network, and the collection relay device, wherein the polling place relay device is received from the voting terminal. A first policy creating means for creating a security policy from authentication-related information including an authentication method and authentication accuracy of personal authentication, and security information about security of an application used by the voting terminal for the secure communication; A first policy exchange means for exchanging the security policy created by the means with the collection relay device; and authentication-related information and security information in the security policy of the other party obtained by the first policy exchange means, Whether it complies with your security policy A first policy verifying unit for verifying each, and a first key exchanging unit for exchanging a key for the connection when the verification results of the both by the first policy verifying unit are valid, Second policy creating means for creating a security policy from the authentication-related information including the authentication method and the authentication accuracy of the personal authentication received from the vote counting device and the security information regarding the security of the application used by the vote counting device for the secure communication. A second exchanging the security policy created by the second policy creating means with the polling place relay device;
Policy exchanging means, and second policy verifying means for respectively verifying whether or not the authentication related information and the security information in the security policy of the other party obtained by the second policy exchanging means conform to their own security policies. An electronic voting system comprising: a second key exchange means for exchanging a key for the connection when the verification results of the both by the second policy verification means are valid. 8. The electronic voting system according to claim 7, wherein the terminal device transmits a voting right certificate including a voter ID and a digital signature for election management to the polling place relay device, and the voting right certificate is transmitted. When it is verified that it is true by the polling place relay device, it transmits a voting certificate including a voting result to the polling place relay device, and the voting place relay device is a digital certificate of the voting right received from the terminal device. When the signature is verified and the verification result is true and the voter ID in the voting right is not in the previously held voted list, the voter ID is included in the voted list and the verification result is displayed. An electronic voting system characterized by transmitting to the terminal device.