JP2004152278A - Communication terminal, communication method, program for computer execution of the method, and recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a communication terminal for reducing processing load of connection to an information processor. <P>SOLUTION: When membership card data is already acquired (YES in a step S106), processing to be executed by the communication terminal comprises a step (S108) of reading an access ID (A), a secret key and a user identification ID, a step (S110) of encrypting the access ID (A) with a secret key, a step (S112) of transmitting encryption data, and a step (S116) of taking advantage of service upon receiving information indicative of successful user authentication (YES in S114). When the membership card data is not acquired yet (NO in S106), the processing comprises a step (S120) of transmitting a member registration request, a step (S124) of transmitting user information, and a step (S126) of receiving the membership card data. <P>COPYRIGHT: (C)2004,JPO

Description

  The present invention relates to a technology of information communication by a communication terminal, and particularly to a technology of communicating encrypted information.

  When a user of a communication terminal uses various services (for example, information provision, online shopping, etc.) via a communication line such as the Internet, the user is required to provide a service provider ( For example, it transmits access data (for example, a user ID (Identification) and a password) issued by an information provider or a content distribution provider for connecting to the provider. The service provider checks based on the received access data whether the data sender is a legitimately registered user. When it is confirmed that the sender of the access data is an authorized user, a connection between the provider and the communication terminal is established, and the user can start using the service.

  When the number of services used by the user is increased with respect to the services provided in this way, the number of access data necessary for using the services is also increased. For this reason, users are increasingly required to efficiently manage such access data. On the other hand, as a result of the increase in service users, service providers are required to efficiently authenticate users.

  Therefore, for example, Japanese Patent Laying-Open No. 2002-132727 (Patent Document 1) discloses a user authentication system that provides a service for authenticating a user of a business server. This user authentication system performs authentication of a user of a communication terminal that requests connection with a business server connected to a network, instead of the business server. This system includes a proxy authentication device for authenticating a user of a communication terminal in place of a business server, and a storage device for storing user authentication information given in advance to a user of the communication terminal. The proxy authentication device includes a circuit for detecting a connection request from the communication terminal to the business server, and when the connection request is detected, establishes a connection with the communication terminal and requests the communication terminal to input user authentication information. A circuit for transmitting the user authentication information from the communication terminal, a circuit for accessing the storage device and verifying the validity of the user authentication information, and a circuit for verifying that the user authentication information is valid. And a circuit for establishing a connection with the business server.

According to the user authentication system disclosed in Patent Literature 1, when a connection request from a communication terminal to a business server is detected by a proxy authentication device, a connection between the proxy authentication device and the communication terminal is established. At this time, the proxy authentication device transmits an input request for user authentication information (for example, a user ID and a password) to the communication terminal. In response to the request, the user authentication information is transmitted from the communication terminal to the proxy authentication device, and the information is determined to be valid based on the data stored in the storage device (for example, the registered user ID and password). When verified, the proxy authentication device establishes a connection between the communication terminal and the business server. The business server connects to the communication terminal based on the verification result of the user authentication information, and provides a service or a business requested by the terminal.
JP 2002-132727 A

  However, the authentication system disclosed in the above publication can improve the efficiency of authentication work, but cannot reduce the information management burden on the user. That is, the user needs to input user authentication information (for example, a user ID and a password) issued for each service or each provider.

  SUMMARY OF THE INVENTION The present invention has been made to solve the above-mentioned problem, and an object of the present invention is to reduce a load on a user for connecting to an information processing apparatus, and to further reduce a data communication load. An object of the present invention is to provide a communication terminal capable of improving a security level.

  Another object of the present invention is to provide a communication method capable of reducing the load on a user for connecting to an information processing apparatus and further improving the security level of data communication. is there.

  Another object of the present invention is to realize, in a communication terminal, a method capable of reducing a load on a user for connecting to an information processing apparatus and further improving a security level of data communication. It is to provide a program for.

  Still another object of the present invention is to provide a recording medium on which the program is recorded.

  A communication terminal according to a first aspect of the present invention includes a storage unit for storing information, an input unit for a user of the communication terminal to input an instruction, and a display unit connected to the storage unit for displaying information. Communication means connected to the storage means and the input means for generating authentication data based on an instruction from the user corresponding to the member information indicating the relationship with the information processing device displayed on the display means; A transmission unit connected to the line and the generation unit for transmitting identification data for identifying the user and authentication data to the information processing apparatus;

  According to the first aspect, the communication terminal communicates with the information processing device connected to the communication line. Upon receiving the encrypted information from the communication terminal, the information processing device decrypts the information based on the public key. The information processing device further authenticates whether or not the communication terminal is a legitimate (that is, registered in advance in the information processing device) based on the access data included in the decrypted data. The storage unit of the communication terminal stores data (for example, identification data assigned to identify a user, an access ID assigned by an information processing device, and the like). The display means displays information such as icons and characters. When member information indicating the relationship between the communication terminal and the information processing device is displayed, the user of the communication terminal issues an instruction to the displayed information (for example, an instruction to connect to a service provider specified by the information). ) Is input, the generation means generates authentication data. The member information is, for example, an image that briefly represents the information processing device and a member number assigned to the communication terminal by the device. The transmitting unit transmits identification data for identifying a user of the communication terminal and the generated authentication data to the information processing device. The authentication is performed based on the data received by the information processing device. By doing so, the user of the communication terminal can be authenticated by the information processing apparatus by inputting an instruction on the display screen of the member information. Therefore, the user does not need to input information (for example, an access ID and a password) assigned to the information processing apparatus in advance for each connection. As a result, it is possible to provide the user with a communication terminal capable of reducing the load for connecting to the information processing device.

  In the communication terminal according to a second aspect, in addition to the configuration of the first aspect, the storage unit includes a unit for storing a secret key corresponding to the public key in association with the member information. The generating means includes means for generating authentication data by encrypting the access data based on the secret key.

  According to the second invention, the information processing device decrypts the encrypted data based on the public key, and further determines whether the communication terminal is a valid terminal based on the access data included in the decrypted data. Authenticate or not. The access data is data associated with the member information. The storage unit stores a secret key corresponding to the public key in association with the member information. The generating means generates authentication data by encrypting the access data using the secret key. When the authentication data is transmitted to the information processing device, the communication terminal is authenticated based on the public key. Therefore, it is possible to provide a communication terminal capable of improving information security while reducing the load on the user.

  The communication terminal according to a third aspect of the present invention, in addition to the configuration of the first or second aspect, allows the user to visually recognize that the user is information necessary for connection with the information processing apparatus. Will be displayed.

  According to the third aspect, the user can visually recognize that the displayed member information is information necessary for connection to the information processing apparatus, and thus does not need to store the connection information. Therefore, it is not necessary to separately manage necessary information (for example, an access ID and a password) in case the user forgets the information. As a result, the load on the user for connecting to the information processing apparatus is reduced.

  A communication terminal according to a fourth aspect of the present invention further includes a receiving unit for receiving information from outside in addition to the configuration of any one of the first to third aspects of the present invention. The storage unit includes a unit for storing the member information in association with the obtained information for the user to obtain the information from the information processing device.

  According to the fourth invention, the storage means stores the member information and the acquisition information (for example, URL (Uniform) for the user to acquire information (for example, so-called content information such as music, news, and advertisement) from the information processing apparatus. Resource Locators), access keys, etc.). Since the information on the information processing device can be centrally managed, the load on the user for connecting to the information processing device is reduced.

  According to a fifth aspect of the present invention, in the communication terminal according to any one of the first to fourth aspects, the communication terminal further includes an updating unit for updating the member information based on an instruction from the information processing device. Including.

  According to the fifth aspect, the member information is information that can be updated in the communication terminal. When the receiving unit receives an instruction to update information stored as member information from the information processing device, the updating unit updates the information of the member information. Therefore, the member information can always be kept up to date. Further, the load on the user for the update is reduced.

  In a communication terminal according to a sixth aspect, in addition to the configuration of any one of the first to fifth aspects, the transmission means includes means for transmitting the member information to the information processing device based on the transmission request.

  According to the sixth aspect, the information processing device transmits the information transmission request to the communication terminal. When the transmission request is transmitted to the communication terminal, the member information is transmitted to the information processing device. This eliminates the need for the user to perform information transmission processing. Thereby, the load on the user is reduced.

  In a communication terminal according to a seventh aspect of the present invention, in addition to the configuration of any one of the first to sixth aspects, the storage unit includes a unit for storing the member information and the public key in association with each other.

  According to the seventh aspect, the member information and the public key are stored in association with each other. With this configuration, data can be encrypted using the public key, and thus communication security is improved.

  The communication terminal according to an eighth aspect of the present invention, in addition to the configuration of the seventh aspect, further includes an encryption unit for encrypting data based on a public key.

  According to the eighth aspect, the data is encrypted with the public key. The communication terminal can transmit and receive information based on a public key cryptosystem. As a result, communication security between communication terminals can be improved.

  The communication terminal according to a ninth aspect of the present invention, in addition to the configuration of any one of the first to eighth aspects, wherein the transmitting means includes a means for transmitting a request for updating member information to the information processing apparatus.

  According to the ninth aspect, the information processing device can update the member information based on a request from the communication terminal. When the transmitting unit transmits the request for updating the member information to the information processing device, the member information is updated in the information processing device. Thereby, the member information of the communication terminal and the information processing device can be updated in synchronization.

  A communication method according to a tenth aspect includes a preparation step of preparing information in advance, an input step of inputting an instruction by a user of the communication method, a display step of displaying information, and an information processing displayed in the display step. A generating step of generating authentication data based on an instruction from a user corresponding to member information indicating a relationship with the apparatus, and a transmitting step of transmitting identification data for identifying the user and authentication data to the information processing apparatus. Including.

  According to the tenth aspect, the communication method communicates with the information processing device connected to the communication line. Upon receiving the encrypted information from the communication method, the information processing device decrypts the information based on the public key. The information processing device further authenticates, based on the access data included in the decrypted data, whether the transmission of the information by the communication method is valid. In the preparation step of the communication method, data (for example, identification data assigned to identify a user, an access ID assigned by an information processing device, and the like) are prepared in advance. When the displaying step displays the member information indicating the relationship between the information processing apparatus and the communication method, the user of the communication method instructs the displayed information (for example, the connection to the information processing apparatus specified by the member information). Is input, the generation step generates authentication data. The member information is, for example, a member number assigned to the information processing device, an image displaying the information processing device, an icon, and the like. The transmitting step transmits, to the information processing apparatus, identification data for identifying a user of the communication method and the generated authentication data. The authentication is performed based on the data received by the information processing device. By doing so, the user of the communication method can be authenticated by the information processing apparatus by inputting an instruction on the display screen of the member information. Therefore, the user does not need to input information (for example, an access ID and a password) assigned to the information processing apparatus in advance for each connection. As a result, it is possible to provide the user with a communication method capable of reducing the load for connecting to the information processing device.

  A program according to an eleventh aspect of the present invention includes a computer, a preparation step of preparing information in advance, an input step of inputting an instruction by a user of the communication method, a display step of displaying information, and a display step. A generating step of generating authentication data based on an instruction from a user corresponding to member information indicating a relationship with the information processing apparatus, and a transmitting step of transmitting identification data for identifying the user and authentication data to the information processing apparatus And execute.

  According to the eleventh aspect, the program implements a communication method for communicating with an information processing device connected to a communication line. Upon receiving the encrypted information from the communication method, the information processing device decrypts the information based on the public key. The information processing device further authenticates, based on the access data included in the decrypted data, whether the transmission of the information by the communication method is valid. In the preparation step of the communication method, data (for example, identification data assigned to identify a user, an access ID assigned by an information processing device, and the like) are prepared in advance. When the displaying step displays the member information indicating the relationship between the information processing apparatus and the communication method, the user of the communication method instructs the displayed information (for example, the connection to the information processing apparatus specified by the member information). Is input, the generation step generates authentication data. The member information is, for example, a member number assigned to the information processing device, an image displaying the information processing device, an icon, and the like. The transmitting step transmits, to the information processing apparatus, identification data for identifying a user of the communication method and the generated authentication data. The authentication is performed based on the data received by the information processing device. By doing so, the user of the communication method can be authenticated by the information processing apparatus by inputting an instruction on the display screen of the member information. Therefore, the user does not need to input information (for example, an access ID and a password) assigned to the information processing apparatus in advance for each connection. As a result, it is possible to provide a user with a program for implementing a communication method capable of reducing a load for connection to the information processing device.

  A recording medium according to a twelfth aspect is a computer-readable recording medium recording the program according to the eleventh aspect.

  According to the twelfth aspect, it is possible to cause a computer to realize a communication method of communicating with an information processing device connected to a communication line using the program.

  A communication terminal according to a thirteenth aspect includes an input unit for a user to input an instruction, a display unit for displaying information, identification data for identifying the user, a communication terminal and an information processing device. Storage means for storing a plurality of member information representing the relationship and respective secret keys corresponding to the respective member information; and authentication data based on the secret key corresponding to the member information specified by the instruction from the member information. And transmission means for transmitting the identification data and the authentication data to the information processing device via the communication line.

  According to the thirteenth aspect, when the user selects specific member information from a plurality of member information, a secret key corresponding to the member information is read from the storage means. The generating means generates authentication data using the secret key. The transmitting means transmits the authentication data to the information processing device via the communication line. With this configuration, the authentication data for connecting to the information processing apparatus is generated as the encrypted data without the user inputting the specific authentication data. Therefore, data communication for authentication can be performed while maintaining security with the information processing device.

  According to the fourteenth aspect, when the user selects the member information, the access data included in the member information is encrypted, and the authentication data is generated. Here, the access data is data for the communication terminal to establish a connection with the information processing device. This eliminates the need for the user to input the access data for each connection with the information processing apparatus, so that the load for data input is reduced and erroneous input is prevented.

  The communication terminal according to a fourteenth aspect of the present invention is the communication terminal according to the thirteenth aspect, wherein the member information includes access data for establishing a connection with the information processing device. The generating means includes means for generating authentication data by encrypting the access data based on the secret key.

  In a communication terminal according to a fifteenth aspect, in addition to the configuration of the thirteenth or fourteenth aspect, the storage unit stores display data for displaying the membership information by at least one of a character and a graphic. The display means displays the member information based on the display data.

  According to the fifteenth aspect, since the member information is displayed by characters or figures, the user can easily recognize the member information as compared with a case where, for example, a number is simply displayed.

  A communication terminal according to a sixteenth aspect of the present invention further includes, in addition to the configuration of any one of the thirteenth to fifteenth aspects, a receiving unit for receiving information via a communication line. The storage unit stores the member information in association with acquisition information for the user to acquire information from the information processing device.

  According to the sixteenth aspect, the storage means stores the member information and acquisition information (for example, a URL (Uniform) for the user to acquire information (for example, so-called content information such as music, news, and advertisement) from the information processing apparatus. Resource Locators), access keys, etc.). Since the information on the information processing device can be centrally managed, the load on the user for connecting to the information processing device is reduced.

  A communication terminal according to a seventeenth aspect of the present invention further includes an updating unit for updating the member information, in addition to the configuration of any one of the thirteenth to sixteenth aspects.

  According to the seventeenth aspect, the communication terminal can update the member information. For example, even if the member information is illegally acquired by a third party, by changing the member information, an unauthorized Access can be prevented.

  In the communication terminal according to an eighteenth aspect, in addition to the configuration of the seventeenth aspect, the updating unit updates the member information based on an instruction from the information processing device.

  According to the eighteenth aspect, the communication terminal can update the member information together with the update of the information in the information processing device, and thus can synchronize the member information between the communication terminal and the information processing device. .

  In the communication terminal according to a nineteenth aspect, in addition to the configuration of the seventeenth aspect, the updating unit updates the member information based on data in the communication terminal.

  According to the nineteenth aspect, the communication terminal can use internal data without acquiring data for updating member information from the outside. Therefore, the member information can be updated while maintaining security.

  A communication terminal according to a twentieth aspect of the present invention is the communication terminal according to any one of the thirteenth to nineteenth aspects, wherein the transmitting means transmits the member information to the information processing device in response to a request received from the information processing device. .

  According to the twentieth aspect, when the information processing device is a device that transmits a request for transmitting information to the communication terminal, the communication terminal transmits the member information to the information processing device based on the transmission request. This eliminates the need for the user of the terminal to perform the information transmission process, thereby reducing the user's trouble of transmission.

  In a communication terminal according to a twenty-first aspect, in addition to the configuration of the thirteenth to twentieth aspects, the storage unit stores the member information and the public key in association with each other. The communication terminal further includes encryption means for encrypting data based on the public key.

According to the twenty-first aspect, the communication terminal can encrypt data using the public key stored in association with the member information. The communication terminal can improve the security of communication between the communication terminals by communicating this data. The communication terminal according to the twenty-second invention further includes a transmission The means includes means for transmitting a request for updating member information to the information processing apparatus.

  According to the twenty-second aspect, when the transmitting unit transmits the request for updating the member information to the information processing device, the member information is updated in the information processing device, so that the member information stored in the communication terminal and the member information stored in the information processing device are stored. Update time with the member information can be synchronized.

  A communication method according to a twenty-third aspect of the present invention provides an input step in which a user inputs an instruction, a display step in which information is displayed, identification data for identifying the user, and a plurality of data representing the relationship between the communication terminal and the information processing apparatus. A preparatory step of preparing in advance member information and a secret key corresponding to each member information; and a generating step of generating authentication data based on the secret key corresponding to the member information specified by the instruction from the member information. And transmitting the identification data and the authentication data to the information processing apparatus.

  According to the twenty-third aspect, when a user inputs an instruction and selects specific member information from a plurality of member information, a secret key corresponding to the member information is prepared. In the generation step, authentication data using the secret key is generated. In the transmitting step, the authentication data is transmitted to the information processing device via the communication line. With this configuration, the authentication data for connecting to the information processing apparatus is generated as the encrypted data without the user inputting the specific authentication data. Therefore, data communication for authentication can be performed while maintaining security with the information processing device.

  A program according to a twenty-fourth invention is a program for causing a computer to execute a communication method for communicating with an information processing device connected to a communication line. The program includes, in a computer, an input step of inputting an instruction by a user, a display step of displaying information, identification data for identifying the user, and a plurality of member information indicating a relationship between the communication terminal and the information processing apparatus. A preparing step of preparing a secret key corresponding to each member information in advance; a generating step of generating authentication data based on the secret key corresponding to the member information specified by the instruction from the member information; And transmitting the authentication data to the information processing apparatus.

  According to the twenty-fourth aspect, when the user inputs an instruction to the computer and selects specific member information from the plurality of member information, a secret key corresponding to the member information is read from the storage means. Be prepared. Authentication data using the secret key is generated by, for example, an arithmetic circuit. The authentication data is transmitted to the information processing device via the communication line. With this configuration, the authentication data for connecting to the information processing apparatus is generated as the encrypted data without the user inputting the specific authentication data. As a result, the computer can execute a method of performing data communication for authentication while maintaining security with the information processing device.

  A recording medium according to a twenty-fifth aspect is a computer-readable recording medium recording the program according to the twenty-fourth aspect.

  According to the twenty-fifth aspect, by installing the program in the computer, the computer can execute a method of performing data communication for authentication while maintaining security with the information processing apparatus.

  ADVANTAGE OF THE INVENTION According to the communication terminal which concerns on this invention, a user can reduce the load for connection to an information processing apparatus, maintaining the security of data communication.

  According to the communication method of the present invention, the communication terminal can maintain the security of data communication without increasing the load for connecting to the information processing device.

  According to the program according to the present invention, it is possible to reduce a load on a user for connecting to an information processing apparatus, and further realize in a computer a method capable of improving a security level of data communication. Can be.

  According to the recording medium of the present invention, the program stored in the medium is executed by the computer, so that the computer can maintain the security of the data communication and reduce the load for connection to the information processing device. Can be reduced.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. In the following description, the same components are denoted by the same reference numerals. Their names and functions are the same. Therefore, detailed description thereof will not be repeated.

<First embodiment>
A first embodiment of the present invention will be described with reference to FIGS. FIG. 1 is a diagram illustrating a communication network including a communication terminal 100 according to the first embodiment of the present invention. The communication terminal 100, the service providing server 200, and the member information management server 300 are connected to this communication network. The communication terminal 100 may be any terminal having a Web browsing function, such as a mobile phone, a PDA (Personal Digital Assistant), or a PC (Personal Computer). Network 500 is, for example, the Internet or a LAN (Local Area Network). A database 400 is connected to the member information management server 300. Note that the service providing server 200 and the member information management server 300 in FIG. 1 correspond to the information processing apparatus described in each claim of the claims.

  FIG. 2 shows a control block diagram of a computer which is an example of communication terminal 100 according to the present embodiment. As shown in FIG. 2, this computer includes a CPU (Central Processing Unit) 102, a fixed disk 104, a communication IF (Interface) 106, a monitor 108, a mouse 112, a keyboard 114 , A memory 116, an FD driving device 118, and a CD-ROM (Compact Disk-Read Only Memory) driving device 120. The FD 122 is mounted on the FD driving device 118. A CD-ROM 124 is mounted on the CD-ROM drive 120. The input device of the communication terminal 100 is not limited to the above. For example, if the communication terminal 100 is a small portable terminal, instead of the keyboard 114, an input pen or the like may be used as long as the user can input information as an information input unit. Further, the drive device of the readable recording medium is not limited to the above, and may be, for example, a drive device capable of reading a memory card, a memory stick, or the like.

  Referring to FIG. 2, fixed disk 104 stores data such as membership card data or business card data, which will be described later, as a membership card storage unit. The monitor 108 displays image data or membership card data read from the fixed disk 104 as a screen display unit or a membership card display unit. The CPU 102, as a membership card encryption processing unit, encrypts data to generate transmission data. The communication IF 106, as a communication processing unit, transmits data to the outside based on an instruction from the CPU 102, and receives data from the outside. The keyboard 114 serves as a character input unit so that a user can input information such as characters or numerical values to the communication terminal 100.

  The processing in communication terminal 100 is realized by computer hardware and software executed by CPU 102. Generally, such software is stored and distributed on recording media such as the FD 122 and the CD-ROM 124, read from the recording medium by the FD driving device 118 or the CD-ROM driving device 120, and temporarily stored on the fixed disk 104. You. The software is read from the fixed disk 104 to the memory 116 and executed by the CPU 102. The hardware itself of the computer shown in FIG. 2 is general. Therefore, the most essential part of the present invention is software recorded on a recording medium such as the FD 122, the CD-ROM 124, and the fixed disk 104.

  FIG. 3 shows a control block diagram of a computer which is an example of the service providing server 200 according to the embodiment of the present invention. Referring to FIG. 3, the computer includes a CPU 202, a fixed disk 204, a communication IF 206, a monitor 208, a mouse 212, a keyboard 214, a memory 216, and an FD driving device 218 connected to each other by a bus. And a CD-ROM drive device 220. Further, in the service providing server 200, an FD 222 is mounted on the FD driving device 218 in addition to the FD driving device 218 and the CD-ROM driving device 220 described above. A CD-ROM 224 is mounted on the CD-ROM drive 220.

  The processing in the service providing server 200 is realized by computer hardware and software executed by the CPU 202. Generally, such software is stored and distributed on a recording medium such as the FD 222 or the CD-ROM 224, and is read from the recording medium by the FD driving device 218 or the CD-ROM driving device 220 and temporarily stored on the fixed disk 204. You. The software is read from the fixed disk 204 to the memory 216 and executed by the CPU 202. The hardware itself of the computer shown in FIG. 3 is general.

  FIG. 4 is a control block diagram of a computer which is an example of the member information management server 300 according to the embodiment of the present invention. Since the configuration of member information management server 300 is the same as the configuration of service providing server 200 described above, detailed description will not be repeated here.

  Referring to FIG. 4, CPU 302 of member information management server 300 generates member information based on user information received from outside via communication IF 306. The generated member information is stored in the fixed disk 304 or the database 400.

  Referring to FIG. 5, the structure of membership card data stored in communication terminal 100 according to the present embodiment will be described.

  A field F102 in which data is stored stores a user identification ID (Identification). This ID is an ID for identifying a user registered in the service providing server 200, and is unique for each user.

  The field F104 stores a secret key. This secret key is used to encrypt data transmitted to the service providing server 200. This secret key is created in advance by the service providing server 200 or the member information management server 300.

  An access ID is stored in field F106 (hereinafter, the access ID stored in communication terminal 100 is referred to as “access ID (A)”). This ID is assigned to the user for each service provided by the service providing server 200. When the user uses the service, the access ID (A) is used for the authentication processing of the communication terminal 100.

  Image data is stored in the field F108. The format of the image data is not particularly limited, and is, for example, a JPEG (Joint Photographic Experts Group) format, an MPEG (Moving Picture Experts Group) format, or an E animator which is a vector animation file format. Such image data is displayed on the monitor 108 so that the user can recognize the service to be provided. That is, when the processing of the image data is executed, the image of the membership card of the service is displayed on the monitor 108. In this way, when the user looks at the displayed image, it is possible to easily determine which service the membership card represents. The program for displaying the image data is not particularly limited.

  Referring to FIG. 6, data of the membership card displayed on monitor 108 of communication terminal 100 according to the present embodiment will be described. FIG. 6A is a diagram for explaining a membership card displayed on the monitor 108 and data associated with the membership card. FIG. 6B is a diagram illustrating an authentication process between the communication terminal 100 and the service providing server 200. The membership card is displayed on the monitor 108 based on the data stored on the fixed disk 104 (the image data “svc01jpg” stored in the field F108 in FIG. 5).

  As shown in FIG. 6A, this membership card data indicates that it is a membership card for using the service of the “ABC portal”. The “member number” in this membership card is, for example, a user identification ID (data stored in field F102 in FIG. 5). With this display, the user of the communication terminal 100 can easily recognize that this membership card is a membership card for using the ABC portal. Alternatively, an image may be displayed in addition to characters.

  As shown in FIG. 6B, the communication terminal 100 transmits data including the access ID encrypted with the secret key to the service providing server 200. When the service providing server 200 decrypts the data with the public key and confirms that the data transmitted from the communication terminal 100 is valid data, the service providing server 200 transmits data indicating that the authentication is successful. It is transmitted to the communication terminal 100.

  FIG. 7 shows a structure of data communicated between communication terminal 100 and service providing server 200 according to the embodiment of the present invention.

  The field F202 stores a destination address. This address is, for example, a MAC (Media Access Control) address, but is not particularly limited. When the communication terminal 100 transmits data to the service providing server 200, the address of the service providing server 200 is stored.

  The field F204 stores a source address. This address is, for example, a MAC address, but is not particularly limited. When the communication terminal 100 transmits data to the service providing server 200, the address of the communication terminal 100 is stored.

  The field F206 stores the user identification ID assigned to the communication terminal 100. The field F208 stores data generated by the encryption processing of the communication terminal 100.

  Communication data is stored in the field F210. The communication data is, for example, a code unique to the processing of the service providing server 200 (hereinafter, referred to as “processing code”). For example, "svcstart" indicating the start of use of the service, "svcend" indicating the end of use of the service, "usrupdate" indicating updating of user information, or "meishikoukanrqst" indicating a request for business card exchange are used. When the communication terminal 100 transmits such a processing code to the service providing server 200, the service providing server 200 executes a process based on the code. Further, as the code transmitted by the service providing server 200 to the communication terminal 100, for example, "athsuccess" indicating that the authentication has succeeded, "athfail" indicating that the authentication has failed, and the like are used. By reading these processing codes, the communication terminal 100 can know the result of the user authentication at the time of connection.

  Referring to FIG. 8, the structure of data stored in fixed disk 204 by service providing server 200 according to the present embodiment will be described.

  The field F302 stores the same ID as the user ID stored in the field F102. This ID uniquely specifies a public key and an access ID as key data.

  A public key is stored in the field F304. The public key is data transmitted to the communication terminal 100 and generated as a pair with the secret key stored in the field F104. Therefore, only this public key can decrypt data encrypted with the private key. The method for generating the public key is not particularly limited.

  The field F306 stores an access ID (hereinafter referred to as an access ID (B)) required for using the service allocated to the communication terminal 100. The access ID (B) is the same data as the access ID (A) stored on the fixed disk 104 of the communication terminal 100.

  Referring to FIG. 9, the structure of data stored in member information management server 300 according to the present embodiment will be described.

  In the field F402, the same ID as the user identification ID stored in the fields F102 and F302 is stored as key data.

  The field F404 stores a public key. This public key is data that forms a pair with the secret key stored in the fixed disk 104 of the communication terminal 100.

  Field F406 stores the name of the user of the communication terminal. Field F408 stores the address of the user. The field F410 stores the user's e-mail address. Field F412 stores the user's first attribute data (for example, occupation). Field F414 stores the user's second attribute data (for example, hobbies).

  The data in the fields F406 to F414 are data transmitted by the users of the respective communication terminals to the service providing server 200. As described above, data communication is performed between the service providing server 200 and the member information management server 300, and the processing is executed on a real-time basis. In this case, provision of the service and management of the basic information can be efficiently shared.

  Further, the number of items of data to be stored (that is, the number of fields) is not particularly limited. When the number of items is large, data may be stored by, for example, an RDB (Relational Data Base) method. For example, data with a high reference frequency may be stored in the fixed disk 304 of the member information management server 300, and data with a low reference frequency may be stored in the external database 400 connected to the member information management server 300.

  FIG. 10 illustrates a procedure of processing executed by communication terminal 100 according to the present embodiment, based on a flowchart.

  In step S102, CPU 102 of communication terminal 100 reads information stored in fixed disk 104 and displays it on monitor 108.

  In step S104, CPU 102 detects an instruction to connect to service providing server 200 by the user. For example, when the user selects a service menu and presses a connection button, CPU 102 recognizes that connection has been instructed.

  In step S106, CPU 102 confirms whether or not the membership card data for using the service has been obtained. This confirmation is performed, for example, based on whether the membership card data is stored on the fixed disk 104 or not. When membership card data for using the service has been acquired (YES in step S106), the process proceeds to step S108. Otherwise (NO in step S106), the process proceeds to step S120.

  In step S108, the CPU 102 reads the user identification ID, the secret key, the access ID (A), etc. from the fixed disk 104 to the memory 116.

  In step S110, CPU 102 encrypts access ID (A) using the secret key. The method for this encryption is not particularly limited.

  In step S112, CPU 102 transmits the user identification ID and the encrypted data to service providing server 200. These data are used for authentication processing by the service providing server 200.

  In step S114, CPU 102 determines whether or not information that the user authentication has been successful has been received. This determination is made based on, for example, whether or not the data received from service providing server 200 includes a processing code indicating successful authentication. When the information that the user authentication is successful is received (YES in step S114), the process proceeds to step S116. Otherwise (NO at step S114), the process proceeds to step S130.

  In step S116, CPU 102 starts using the service by service providing server 200. From this point, the user of the communication terminal 100 can use the service. This service is, for example, receiving information, downloading music, communicating information with a specific user, or online shopping.

  In step S120, CPU 102 transmits a request for member registration to service providing server 200. For example, when the user selects and executes the “member registration” menu displayed on the monitor 108, a member registration request is transmitted to the service providing server 200.

  In step S122, CPU 102 receives a user information transmission request from service providing server 200. Upon receiving this information, an input screen for necessary information is displayed on the monitor 108. This input screen includes, for example, required input items and optional input items. Required items include a user's name, address, and e-mail address. The input optional items include the occupation and hobby of the user. These items may be arbitrarily set in the service providing server 200. For example, the required input items may be changed for each provided service.

  In step S124, CPU 102 transmits the information of the user of communication terminal 100. That is, when the user inputs necessary information on the input screen displayed in step S122, selects an input confirmation menu, and presses a send button, the user information is transmitted to the service providing server 200. When the service providing server 200 receives the information, the service providing server 200 communicates with the member information management server 300 to execute a member registration process as a service user. For example, the service providing server 200 may issue an access ID for using the service, and the member information management server 300 may store the user ID and the access ID in association with each other. Note that this registration process may be performed only by the service providing server 200. That is, the processing may be shared based on the processing capacity of each server or the number of users assumed in advance for each service.

  In step S126, CPU 102 receives, from service providing server 200, membership card data generated by member information management server 300. At this time, the data is transmitted while being secured so that the data cannot be used even if acquired by a third party.

  In step S128, CPU 102 stores the received membership card data in fixed disk 104. For example, as shown in FIG. 5 described above, a user identification ID, a secret key, an access ID (A), and image data are stored in respective fields.

  In step S130, CPU 102 determines whether or not to retransmit the encrypted data to service providing server 200. This determination is made based on, for example, whether or not a data retransmission instruction has been received from the service providing server 200 or the member information management server 300, or whether or not the user has pressed the retransmission button. When re-transmitting the encrypted data to service providing server 200 (YES in step S130), the process returns to step S108. Otherwise (NO in step S130), the process ends.

  In step S140, CPU 102 determines whether or not a termination request by the user of communication terminal 100 has been detected. This determination is made based on, for example, whether or not the user has selected a menu for ending the use of the service. When the end request is detected (YES in step S140), the process ends. Otherwise (NO at step S140), the process returns to step S116.

  Referring to FIG. 11, a procedure of a process executed by service providing server 200 according to the present embodiment will be described based on a flowchart.

  In step S202, CPU 202 of service providing server 200 receives a service use request from communication terminal 100. In this case, the received use request includes a code representing "start of use of service" (for example, "svcstart" shown in field F210 in FIG. 7) as the processing code.

  In step S204, CPU 202 checks whether or not the user of communication terminal 100 has been registered. This confirmation is made based on, for example, whether the user information is registered in the fixed disk 204 of the service providing server 200 or whether the user information is registered in the member information management server 300 that manages the member information. It is performed based on. Note that the user information includes a user identification ID, an access ID, a public key, and the like. When the user of communication terminal 100 is registered in the database (YES in step S204), the process proceeds to step S206. Otherwise (NO in step S204), the process proceeds to step S220.

  In step S206, CPU 202 acquires the encrypted data and the user identification ID from the received data, and temporarily stores them in memory 216.

  In step S208, the CPU 202 reads the public key and the access ID (B) associated with the user identification ID from the fixed disk 204.

  In step S210, CPU 202 decrypts the received encrypted data using the obtained public key. By this decryption process, the access ID (A) transmitted by the communication terminal 100 is obtained.

  In step S212, CPU 202 determines whether or not access ID (A) matches access ID (B). If access ID (A) and access ID (B) match (YES in step S212), the process proceeds to step S214. Otherwise (NO at step S212), the process proceeds to step S230.

  In step S214, CPU 202 notifies communication terminal 100 that user authentication of communication terminal 100 has been successful. For example, a processing code indicating successful user authentication is transmitted to communication terminal 100.

  In step S218, CPU 202 provides a service required by the user of communication terminal 100. The provision of this service is a service that can be provided by data communication, such as distribution of news, provision of information, or transmission of a music data file.

  In step S220, CPU 202 receives a member registration request from communication terminal 100. In step S222, CPU 202 transmits the request to member information management server 300.

  In step S230, CPU 202 notifies that the authentication of the user of communication terminal 100 has failed. For example, a processing code indicating a failure in user authentication is transmitted to communication terminal 100.

  In step S240, CPU 202 determines whether or not a termination request has been received from the user of communication terminal 100. Upon receiving the end request (YES in step S240), the process ends. Otherwise (NO in step S240), the process returns to step S218.

  Referring to FIG. 12, a procedure of a process executed by member information management server 300 according to the present embodiment will be described based on a flowchart.

  In step S302, CPU 302 of member information management server 300 receives a member registration request of the user of communication terminal 100 from service providing server 200.

  In step S304, CPU 302 transmits a transmission request for user information to communication terminal 100.

  In step S306, CPU 302 receives the user information transmitted by communication terminal 100 from service providing server 200. The user information includes a user's name, address, e-mail address, and the like.

  In step S308, CPU 302 assigns a user identification ID to the user of communication terminal 100. The user identification ID is an ID that uniquely identifies a user of the service providing server 200.

  In step S310, CPU 302 stores the user information on fixed disk 304. At this time, the user identification ID and the user information are registered in association with each other. As a result, the member information management server 300 can search for user information using the user identification ID as a key.

  In step S312, CPU 302 generates a secret key and a public key based on the assigned user identification ID. The secret key generated in this manner is data unique to the user identification ID.

  In step S314, CPU 302 stores the generated public key. At this time, the public key and the user identification ID are stored in the fixed disk 304 in association with each other.

  In step S316, CPU 302 creates an access ID required for the user of communication terminal 100 to use the service of service providing server 200. This access ID is unique for each provided service. Therefore, for example, when the service providing server 200 provides a plurality of services, an access ID is created for each service.

  In step S318, CPU 302 registers the generated access ID. The access ID is stored on the fixed disk 304 in association with the user identification ID. This access ID is transmitted to the service providing server 200 and stored as the access ID (B).

  In step S320, CPU 302 creates membership card data based on the user identification ID and the access ID. The created membership card data includes at least a user identification ID, an access ID, a secret key, and display data.

  In step S322, CPU 302 transmits the membership card data to communication terminal 100. Alternatively, the data may be temporarily transmitted to the service providing server 200, and the service providing server 200 may transmit the data to the communication terminal 100. In either case, the membership card data is encrypted and transmitted to protect the data. Thereafter, the CPU 302 ends the processing.

  The operations of the communication terminal 100, the service providing server 200, and the member information management server 300 according to the present embodiment based on the above structure and flowchart will be described. Hereinafter, the case where the communication terminal 100 has acquired the membership card data and the case where the membership card data has not been acquired will be described.

[If you have already obtained membership card data]
An initial screen of the service to be used is displayed on the monitor 108 of the communication terminal 100 (step S102), and when the user of the communication terminal 100 presses the connection button, a connection instruction is detected (step S104). When the membership card data necessary for using the service has been acquired (YES in step S106), the membership card data is read from fixed disk 104 and temporarily stored in memory 116 (step S108). . When the access ID (A) is encrypted with the secret key (step S110), the user ID and the encrypted data are transmitted to the service providing server 200 (step S112).

  The service providing server 200 receives information including a service use request from the communication terminal 100 (Step S202). If the user of communication terminal 100 has been registered (YES in step S204), a user identification ID and encrypted data are obtained from the received information (step S206). The public key and the access ID (B) created in advance are read from the fixed disk 204 using the user identification ID as key data, and are temporarily stored in the memory 216 (step S208). When the encrypted data is decrypted based on the public key, an access ID (A) is obtained (step S210). If access ID (A) and access ID (B) match (YES in step S212), communication terminal 100 is notified of successful authentication (step S214).

  When the communication terminal 100 receives the information of the authentication success from the service providing server 200 (YES in step S114), the service providing server 200 enters a state where the service can be provided (step S218), and the user of the communication terminal 100 Can be used (step S116). This service can be used while the user does not input an instruction to end the use of the service (NO in step S140).

  When the user presses the button to end the use of the service, an end request is detected (YES in step S140), and communication terminal 100 ends the process. When the request is transmitted to the service providing server 200, an end process is executed in the service providing server 200 (for example, a logout process is executed), and the service providing server 200 ends the process.

[When membership card data has not been obtained]
Hereinafter, the operation up to creation of the membership card data will be described. The description of the operation after acquiring the membership card data (YES in step S106) is the same as the description of the operation when the membership card data has been acquired, and thus will not be repeated here.

  An initial screen of the service to be used is displayed on the monitor 108 of the communication terminal 100 (step S102), and when the user of the communication terminal 100 presses the connection button, a connection instruction is detected (step S104). When the membership card data necessary for using the service has not been acquired (NO in step S106), a member registration request is transmitted from communication terminal 100 to service providing server 200 (step S120).

  When receiving the member registration request from communication terminal 100 (step S220), service providing server 200 transmits the request to member information management server 300 (step S222).

  When receiving the member registration request from the service providing server 200 (step S302), the member information management server 300 transmits a request for transmitting user information to the communication terminal 100 (step S304).

  When the communication terminal 100 receives the transmission request for the user information (step S122), the information input by the user is transmitted to the member information management server 300 (step S124).

  Upon receiving the user information from the communication terminal 100 (step S306), the member information management server 300 assigns a user identification ID to the communication terminal 100 (step S308), and the user information is stored on the fixed disk 304. (Step S310). When the secret key and the public key are generated based on the user information (step S312), the public key is stored on the fixed disk 304 in association with the user identification ID (step S314). When the access ID for the user of the communication terminal 100 is created (step S316), the ID is stored in the fixed disk 304 in association with the user identification ID (step S318). When the membership card data of the user of the communication terminal 100 is created (Step S320), the membership card data is transmitted to the communication terminal 100 (Step S322).

  When the communication terminal 100 receives the membership card data from the member information management server 300 (step S126), the data is stored on the fixed disk 104 (step S128). Thereafter, when it is confirmed that the membership card data has been obtained (YES in step S106), the processing for connection is continued (step S108 and thereafter).

  In this way, the user of the communication terminal 100 can connect to the service providing server 200 without inputting access data or a password. As a result, the burden on the user is reduced.

<Modification of First Embodiment>
Hereinafter, a modified example of the above-described first embodiment will be described. FIG. 13 shows a structure of membership card data stored in communication terminal 100 according to the embodiment of the present invention. The difference between the data structure shown in FIG. 13 and the data structure shown in FIG. 5 is the number of fields for storing data.

  The fields F502 to F508 store the same data as the data stored in the fields F102 to F108 shown in FIG. Field F510 stores character data. Field F512 stores music data. The field F514 stores link data. Field F516 stores object data.

  As shown in FIG. 13, when a field for storing data desired by the user is provided in the membership card data, the convenience for services frequently used by the user can be improved. For example, by associating and storing music data as one of the membership card data, music can be quickly reproduced. Further, by storing data corresponding to the service in advance, the operation of the communication terminal 100 by the user can be reduced.

  Further, the user of the communication terminal 100 may be able to set addition, change, deletion, and the like of a field for storing data. As a result, the communication terminal 100 can be customized according to the user's preference.

  As described above, according to the communication terminal 100 according to the present embodiment, when using the service provided via the communication line, the user of the communication terminal 100 needs the access ID and the password necessary for using the service. The user can execute the connection process and use the service without inputting the. In this case, since the connection process is performed based on the encrypted data, security can be ensured. Further, when registration as a user of the service is not performed, necessary data is allocated to the communication terminal after the member registration process is performed, so that the connection process can be performed thereafter. This makes it possible to provide a user with a communication terminal capable of reducing the load for connection to the information processing device.

  The membership card data according to the present embodiment was transmitted from the member information management server 300 to the communication terminal 100 in step S126. Instead of this processing, the member information management server 300 may transmit a notification of completion of creation of the membership card data to the service providing server 200. In this case, when the user of the communication terminal 100 receives the notification, the user accesses the service providing server 200 through Web access protected by security such as SSL (Secure Sockets Layer). Then, the membership card data may be downloaded to the communication terminal 100. By doing so, the possibility of data leakage in the network 500 can be reduced.

  Further, in the processing of the service providing server 200, after the notification of the successful authentication (step S214 in FIG. 11), the provision of the service is started (step S218 in FIG. 11). In this case, before notifying the authentication result, the access ID assigned to the communication terminal 100 may be changed, and the changed access ID may be transmitted to the communication terminal 100 together with the notification of the authentication result. Note that the method of newly assigning an access ID is not particularly limited. For example, an access ID may be randomly assigned, or a time at which the authentication process succeeds may be set as a new access ID. Further, a different access ID may be set for each authentication such as a one-time password, or may be updated based on a preset change timing of the access ID. By appropriately changing the access ID in this way, it is possible to prevent unauthorized access from a communication terminal that has illegally acquired the access ID.

  Furthermore, the secret key and the public key according to the present embodiment are created in member information management server 300, but may be created by communication terminal 100. That is, the communication terminal 100 may transmit the generated public key and the user information to the member information management server 300, and the member information management server 300 may store the public key. In this case, the member information management server 300 generates membership card data that does not include the secret key, and transmits it to the communication terminal 100. When the communication terminal 100 receives such membership card data, the private key created by the terminal itself is included in the membership card data and stored on the fixed disk 104. Even if the communication terminal generates the public key and the secret key in this way, membership card data including necessary data is created, so that the load on the connection with the service providing server 200 can be reduced.

  In addition, since the membership card data is stored in the communication terminal 100, when another person can use the terminal, the other person can easily access the service providing server 200. In this case, by locking the reading of the membership card data, the membership card data can be prevented from being easily used. For this lock, for example, there is a method of setting a password, but if this password is set commonly for reading data, even if multiple membership card data are stored, it is possible to protect those data at once become.

<Second embodiment>
Hereinafter, a communication terminal according to the second embodiment of the present invention will be described. Communication terminal 1000 according to the present embodiment differs from communication terminal 100 according to the above-described first embodiment in data items to be included in membership card data. That is, communication terminal 1000 stores the public key as the membership card data instead of the secret key. Hereinafter, in the present embodiment, the membership card data including the secret key is referred to as business card data.

  The communication terminal 1000, the service providing server 200, and the member information management server 300 according to the present embodiment are the same as the communication terminal 100, the service providing server 200, and the member information management server 300 according to the first embodiment. It has a hardware configuration. Therefore, detailed description will not be repeated.

  Hereinafter, the reference numerals of the components of each communication terminal according to the present embodiment use the reference numerals of the components of communication terminal 100 according to the first embodiment described above. For example, CPU 102 of communication terminal 1000 is the same as CPU 102 shown in FIG. The same applies to other components.

  FIG. 14 shows a communication network including a plurality of communication terminals, service providing server 200, and member information management server 300 according to the present embodiment.

  Referring to FIG. 14, communication terminal 1000, communication terminal 1100, and communication terminal 1200 are, for example, a mobile phone, a PDA (Personal Digital Assistant), or a PC (Personal Computer). The communication terminal is not limited to these, but may be any terminal having a predetermined arithmetic function, data storage function, communication function, and input / output function.

  Each communication terminal according to the present embodiment has a function of exchanging stored data with another communication terminal having the same function. The data is, for example, business card data. The business card data includes data such as the name, address, or e-mail address of the user who created the business card, and data for screen display for displaying the business card on the monitor 108. included.

  Referring to FIG. 15, the structure of data stored in fixed disk 204 by member information management server 300 according to the present embodiment will be described.

  A field F602 stores a user identification ID. This ID is an ID assigned by the service providing server 200 to each communication terminal. That is, the ID of a specific user such as a user of the same service is stored. A public key is stored in the field F604. This public key is included in the membership card data described in the above-described embodiment, for example, and is data that is paired with the secret key stored in each communication terminal.

  Field F606 stores the name of the user of each communication terminal. A field F608 stores a flag that controls whether or not the name stored in the field F606 can be made public. For example, when the flag “1” is stored, the name can be made public (for example, it can be displayed on the monitor 108 of the communication terminal). On the other hand, when the flag “0” is stored, the name is not disclosed.

  Field F610 stores the address of the user of each communication terminal. The field F612 stores a flag that controls whether or not the address stored in the field F610 can be made public. The flag is, for example, the same as the flag used in the field F608 described above.

  Field F614 stores the e-mail address of the user of each communication terminal. A field F616 stores a flag for controlling whether or not the electronic mail address stored in the field F614 can be made public. The flag is, for example, the same as the flag used in the field F608 described above.

  FIG. 16 shows business card data of the user displayed on monitor 108 of communication terminal 1000 according to the present embodiment. Referring to FIG. 16, since “user A” has made his name, e-mail address and address available as business card data, these data are displayed on monitor 108. Therefore, other users can also view these items.

  Referring to FIG. 17, a user of communication terminal 1000 according to the present embodiment (hereinafter, referred to as user A) requests a business card exchange with a user of communication terminal 1100 (hereinafter, referred to as user B). The procedure of the process to be executed when the process is performed will be described based on a flowchart.

  In step S402, CPU 102 of communication terminal 1000 reads information stored in fixed disk 104 and displays it on monitor 108.

  In step S404, CPU 102 detects a business card exchange request from user A. For example, when the user A selects the “exchange” menu in the business card exchange menu displayed on the monitor 108, the request is detected.

  In step S406, CPU 102 transmits a request for business card exchange with user B of communication terminal 1100 to service providing server 200. At this time, a processing code (for example, “meishikoukanrqst”) representing “business card exchange request” is stored in the communication data field (field F210 in FIG. 7).

  In step S408, CPU 102 receives the information from service providing server 200. At step S410, CPU 102 determines whether or not user B of communication terminal 1100 has accepted the business card exchange based on the received information. This determination is made based on, for example, whether or not the received information includes a processing code indicating that the business card exchange with user A has been accepted. When user B of communication terminal 1100 accepts the business card exchange (YES in step S410), the process proceeds to step S412. Otherwise (NO in step S410), the process ends.

  In step S412, CPU 102 decrypts the business card data of user B with the secret key of user A from the received information, and stores the decrypted business card data in fixed disk 104.

  In step S414, CPU 102 reads out business card data of user A of communication terminal 1000 from fixed disk 104. In step S416, CPU 102 encrypts the business card data using the public key. In step S418, CPU 102 transmits the destination of the data (that is, communication terminal 1100) and the encrypted data to service providing server 200.

  In step S420, CPU 102 receives a notification from service providing server 200 indicating that communication terminal 1100 has received the business card of the user of communication terminal 1000. Thereafter, the process ends.

  Referring to FIG. 18, a procedure of a process executed when communication terminal 1100 according to the present embodiment receives a business card exchange request with communication terminal 1000 will be described based on a flowchart.

  In step S502, CPU 102 of communication terminal 1100 receives information from service providing server 200. In step S504, CPU 102 detects a business card exchange request from user A of communication terminal 1000 from the received information.

  In step S506, CPU 102 displays a business card exchange request on monitor 108 and notifies user B of the request. In step S508, CPU 102 detects whether or not user B has accepted business card exchange.

  At step S510, CPU 102 determines whether or not user B has accepted the business card exchange. This determination is made based on, for example, whether or not the user B has selected the menu “accept business card exchange” on the monitor 108 of the communication terminal 1100. If user B accepts the business card exchange (YES in step S510), the process proceeds to step S512. Otherwise (NO in step S510), the process ends.

  In step S512, CPU 102 reads the business card data of user B from fixed disk 104, and temporarily stores it in memory 116. In step S514, CPU 102 encrypts the business card data based on user A's public key. In step S516, CPU 102 transmits the user identification ID of communication terminal 1100 and the encrypted data to service providing server 200.

  In step S518, CPU 102 receives information including the business card data of user A of communication terminal 1000 from service providing server 200. This business card data is data encrypted with the public key of the user B.

  In step S520, when CPU 102 decrypts the received data based on the secret key of user B and obtains the business card data of user A, CPU 102 stores the data on fixed disk 104.

  In step S522, CPU 102 notifies service providing server 200 that the exchange of business card data has been completed.

  Referring to FIG. 19, a procedure of a business card exchange process executed by service providing server 200 according to the present embodiment will be described based on a flowchart.

  In step S602, CPU 202 of service providing server 200 detects a business card exchange request with user B based on information received from user A of communication terminal 1000. For example, in the reception information, the sender ID is the user identification ID of the user A, the receiver ID is the user identification ID of the user B, and the processing code is a code representing a business card exchange request (for example, “meishikoukanrqst”). In some cases, CPU 202 determines that the received information includes a business card exchange request with communication terminal 1100 by communication terminal 1000.

  In step S604, CPU 202 transmits a business card exchange request of communication terminal 1000 to communication terminal 1100 based on the received information.

  In step S606, CPU 202 detects acceptance of business card exchange by communication terminal 1100 based on the received information. For example, in the reception information, the sender ID is the user identification ID of the user B, the receiver ID is the user identification ID of the user A, and the processing code is a code representing acceptance of business card exchange (for example, “meishikoukanok”). ), It is determined that the user B has accepted the business card exchange with the user A. At this time, the encrypted data included in the reception information includes the business card data of the user B.

  At step S608, CPU 202 transmits a notification of acceptance of business card exchange by user B of communication terminal 1100 to user A of communication terminal 1000.

  At step S610, CPU 202 receives information from communication terminal 1000. The information includes the business card data of the user A whose transmission destination is the user B. At step S612, CPU 202 transmits the information to communication terminal 1100.

  The operation of each communication terminal and service providing server 200 according to the present embodiment based on the above structure and flowchart will be described.

  The user A of the communication terminal 1000 displays the business card data (step S402), inputs the user identification ID of the user B on the monitor 108 of the communication terminal 1000, and selects the business card exchange menu. When a business card exchange request with user B by user A is detected (step S404), a business card exchange request is transmitted from communication terminal 1000 to service providing server 200 (step S406).

  When the service providing server 200 receives the request from the communication terminal 1000 (Step S602), the service providing server 200 transmits the request to the communication terminal 1100 (Step S604).

  When communication terminal 1100 detects a business card exchange request based on information received from service providing server 200 (step S504), a message representing the request is displayed on monitor 108 of communication terminal 1100 (step S506). When user B of communication terminal 1100 accepts the business card exchange (YES in step S510), the business card data of user B is read (step S512), and encrypted with the public key (step S514). The encrypted data is transmitted to the service providing server 200 together with the user ID of the communication terminal 1000 that is the transmission destination and the user ID of the communication terminal 1100 that is the transmission source (step S516).

  When the service providing server 200 receives the acceptance of the business card exchange from the communication terminal 1100 (step S606), the service providing server 200 transmits the information to the communication terminal 1000 (step S608).

  When communication terminal 1000 receives information from service providing server 200 (step S408) and detects acceptance of business card exchange (YES in step S410), it decrypts the received information and obtains business card data of user B, The data is stored in the fixed disk 104 of the communication terminal 1000 (step S412). When the business card data of the user A of the communication terminal 1000 is read from the fixed disk 104 (step S414), the data is encrypted with the public key (step S416) and transmitted to the service providing server 200 (step S418).

  When the service providing server 200 receives the information from the communication terminal 1000 (Step S610), the information is transmitted to the communication terminal 1100 (Step S612). When the communication terminal 1100 receives the information from the service providing server 200 (step S518), the information is decrypted, the business card data of the user A is obtained, and stored in the fixed disk 104 (step S520).

  When communication terminal 1100 notifies service providing server 200 of the completion of the exchange of business card data with communication terminal 1000 (step S522), communication terminal 1000 receives the notification and the process ends.

  FIG. 20 shows transition of display contents of monitor 108 when transmitting a request for business card exchange by communication terminal 1000 according to the present embodiment.

  FIG. 20A shows an initial menu screen of the business card exchange service displayed when communication terminal 1000 is connected to service providing server 200.

  FIG. 20B shows an input screen displayed when the user of the terminal selects “business card exchange”. As shown in FIG. 20 (B), an input column for a user ID of a partner who wants to exchange and an input column for a communication message are shown. In the input field of the user identification ID, the user identification ID registered in the service providing server 200 may be displayed in a pop-up menu format, for example. Alternatively, the user identification ID may be searched from the input name or the like.

  FIG. 20C is a screen displayed after the user presses the send button in FIG. 20B. In other words, it indicates that the business card data of the user of the communication terminal 1000 is transmitted to the service providing server 200, and the communication terminal 1000 is in a state of waiting for approval or rejection of a partner who desires the exchange (ie, the communication terminal 1100).

  FIG. 21 shows the transition of the display contents of monitor 108 when communication terminal 1100 according to the present embodiment receives a business card exchange request from another communication terminal 1000.

  FIG. 21A illustrates a “reception of business card exchange request” screen displayed based on information received by communication terminal 1100 from service providing server 200.

  FIG. 21B shows a screen displayed when the user B of the terminal selects “business card exchange”. As shown in FIG. 21B, the name of the user A who wants to exchange is displayed.

  FIG. 21C is a screen displayed after the user B presses a “message confirmation” button in FIG. 21B. That is, the message of the requester (user A) of the business card exchange is displayed. Further, an input column for an answer to the request is displayed, and the user B can input a message in the column.

  FIG. 21D is a screen displayed after the user presses the “approval” button in FIG. 21C. By this operation, the business card data of the user B is transmitted to the communication terminal 1000, and the respective users can browse each other's business card data.

  With reference to FIG. 22, transition of a display screen of business card data displayed on monitor 108 of communication terminal 1000 according to the present embodiment will be described.

  FIG. 22A is an initial screen for displaying business card data. When the user A of the terminal selects the "business card holder" menu, a list of names is displayed (FIG. 22B). When the user selects the displayed name (for example, user B), detailed data is displayed (FIG. 22C).

  With reference to FIG. 23, transition of a display screen of business card data displayed on monitor 108 of communication terminal 1000 according to the present embodiment will be described.

  FIG. 23A is a screen displayed after completion of the business card exchange. When the user of the terminal selects "confirm" or "business card holder", a list of names is displayed (FIG. 23B). When the user selects the displayed name, detailed data is displayed (FIG. 23C).

<First Modification of Second Embodiment>
Referring to FIG. 24, a first modification of communication terminal 1000 according to the present embodiment will be described. FIG. 24A is an initial screen for displaying business card data. As shown in FIG. 24A, “Correct business card” may be added as one of the functions. In this case, when the user selects “Correct business card”, the user's own business card data created by the user is read and displayed (FIG. 24B). When the user A inputs correction data on this screen and presses a “correction” button, the business card data is updated based on the input data, and the updated business card data is displayed on the monitor 108 of the communication terminal 1000. (FIG. 24C).

<Second Modification of Second Embodiment>
Referring to FIG. 25, a second modification of communication terminal 1000 according to the present embodiment will be described. This second modified example shows a communication terminal to which a function of setting a disclosure level of business card data created and distributed by a user has been added. That is, the service providing server 200 or the member information management server 300 (hereinafter, referred to as a business card exchange server) stores the business card data. The user of each communication terminal according to the present embodiment can set items that can be referred to for each user of each distribution destination for other users who can be referred to by exchanging business cards.

  FIG. 25A shows an initial screen displayed when communication terminal 1100 connects to a business card exchange server. When the user B selects "public level setting", a list of names of the partners who exchanged business cards is displayed (FIG. 25B). When a partner (e.g., user A) for whom the disclosure level of business card data is to be set is selected, a list of items used for business card data for user A is displayed (FIG. 25C). The user B can set either the disclosure or the disclosure for each item. When the user B presses the “Modify” button to confirm the setting of the “disclosure level”, only the items set as “disclosure” are displayed.

  For example, when the user A of the communication terminal 1000 connects to the business card exchange server and refers to the business card data of the user B, the name and address of the user B are displayed, and the e-mail address is not displayed (FIG. 25D). ). As described above, the disclosure level of the business card data can be set for each party who has exchanged business cards, and the information disclosure level can be set freely.

<Third Modification of Second Embodiment>
With reference to FIG. 26, an update notification of business card data transmitted by the service providing server 200 according to the present modification will be described. After the business card data of each user is exchanged between the communication terminals, the contents of the business card data may be updated. For example, there is a change of address due to relocation. In such a case, as in the first modification of the second embodiment, when the user of the communication terminal updates the business card data on the terminal and transmits it to the service providing server 200, or When the business card data stored in the business card data 200 is updated, the service providing server 200 can transmit a notification of the change of the business card data to the communication terminal receiving the business card data.

  FIG. 26 illustrates a notification of a change in business card data by a user A of the communication terminal 1000, which is transmitted to a user B of the communication terminal 1100. This notification is sent to a registered e-mail address, for example. In this case, the content of the change notification may include a URL (Uniform Resource Locators) in which updated data is stored. Further, the updated data may be transmitted as attached data. Thereby, the user who exchanged the business card with the user A (for example, the user B) can quickly know the update of the business card data. Further, the user A does not need to notify each user of the update, and the load caused by the change of the business card data is reduced.

  FIG. 27 shows the transition of the display of the business card data updated by the user A. FIG. 27A shows the contents of the business card data before the change. FIG. 27B shows the contents of the business card data after the change. For example, when the user B refers to the business card data of the user A, the contents of FIG. 27B are displayed after the change by the user A. In this way, the latest state of the business card data can be displayed.

<Fourth Modification of Second Embodiment>
FIG. 28 shows the structure of business card data stored in communication terminal 1000 according to the present modification. Referring to FIG. 28, each field stores data stored in each field of the data shown in FIG. In this case, the address (for example, URL) at which the updated business card data is stored is stored in F714. When the communication terminal 1000 that has updated the business card data transmits such data to another communication terminal, a screen as shown in FIG. 27 is displayed on the monitor 108 of each terminal.

<Fifth Modification of Second Embodiment>
With reference to FIG. 29, transition of a display screen on monitor 108 of communication terminal 1000 according to the present modification will be described.

  When the user selects “Correct business card back” on the business card menu screen (FIG. 29A), the display switches to the “Correct business card back” screen (FIG. 29B). On the screen, the user reads out the file name of the image to be corrected (executes “upload”). The user further inputs the corrected message in the message input field. When the "correction" button is pressed, the corrected image and message are displayed (FIG. 29C). When "view surface" is selected from the display screen, a table of business card data is displayed (FIG. 29D).

  As described above, communication terminal 1000 according to the present embodiment updates business card data displayed on the monitor and transmits the update result to another communication terminal or service providing server, thereby updating the business card data. State.

  In the present embodiment, the business card data of the user of each communication terminal is stored in the fixed disk, and the business card data is transmitted and received between the communication terminals. Instead, as described in the second modification, the business card data of the registered user of the communication terminal may be stored in the business card exchange server. In this case, the business card exchange server can transmit or update the business card data based on the business card exchange instruction (namely, business card exchange request, business card exchange acceptance, etc.) transmitted by the communication terminal. Thereby, the load of communication between the communication terminal and the business card exchange server can be reduced.

<Third embodiment>
Hereinafter, a communication terminal according to the third embodiment of the present invention will be described with reference to FIG. 30 and FIG. When the communication terminal stores membership card data and business card data of a user of another communication terminal, data communication with a high security level can be performed between the communication terminals based on the data. That is, the encrypted data can be communicated using the secret key stored in the membership card data of each terminal and the public key stored as the business card data item.

  Communication terminals 1000, 1100, and 1200 according to the present embodiment have the same hardware configuration as communication terminal 100 according to the above-described first embodiment. Further, the service providing server 200 and the member information management server 300 have the same hardware configuration as the service providing server 200 and the member information management server 300 according to the above-described first embodiment. Therefore, detailed description will not be repeated.

  Referring to FIG. 30, a procedure of data transmission processing executed by communication terminal 1000 according to the present embodiment will be described.

  In step S702, CPU 102 of communication terminal 1000 detects a data input and data transmission request by user A. In step S704, CPU 102 reads the business card data of the transmission partner (for example, user B). In step S706, CPU 102 acquires a public key from the business card data. In step S708, CPU 102 encrypts the data to be transmitted using the public key.

  In step S710, CPU 102 transmits the encrypted data to service providing server 200. The data is transmitted to a transmission partner (for example, communication terminal 1100 of user B).

  Referring to FIG. 31, a description will be given of a procedure of data reception processing executed by communication terminal 1100 according to the present embodiment.

  In step S802, CPU 102 of communication terminal 1100 receives the encrypted data from service providing server 200. In step S804, CPU 102 reads the membership card data of user B of communication terminal 1100. In step S806, CPU 102 reads the secret key of user B from the membership card data.

  In step S808, CPU 102 obtains data from user A of communication terminal 1000 by decrypting the encrypted data using the secret key. At step S810, CPU 102 displays the data on monitor 108.

  The operation of the communication terminal according to the present embodiment based on the above structure and flowchart will be described.

  When user A of communication terminal 1000 selects user B of communication terminal 1100 and inputs a data transmission instruction (step S702), business card data of user B is read (step S704). When a public key is obtained from the business card data (step S706) and encrypted (step S708), the data is transmitted to the service providing server 200 (step S710).

  When the communication terminal 1100 receives the data of the communication terminal 1000 from the service providing server 200 (step S802), the membership card data of the user B of the terminal is read (step S804). When the secret key is read from the data (step S806), the received data is decrypted based on the secret key (step S808). The communication data of the user A included in the decrypted data is displayed on the monitor 108 (step S810).

  In this manner, the communication terminal according to the present embodiment performs user data communication based on the secret key stored as an item of membership card data and the public key stored as an item of business card data. This can be performed as communication of encrypted data. As a result, the security level of data communication between communication terminals can be improved.

<Fourth embodiment>
Hereinafter, a fourth embodiment of the present invention will be described with reference to FIGS. The communication terminal according to the present embodiment differs from the above-described embodiments in that authentication information corresponding to the member information is generated by encrypting the member information using a secret key stored in advance. .

  The hardware configuration of the communication terminal according to the present embodiment is the same as the configuration of each of the above-described embodiments. Their functions are the same. Therefore, the description thereof will not be repeated here.

  Data stored in communication terminal 100 according to the present embodiment will be described with reference to FIG. FIG. 32 is a diagram conceptually showing a structure of membership card data stored in memory 116 or fixed disk 104 of communication terminal 100.

  As shown in FIG. 32, title data is stored in a field F3202. The title data is a display of a service in which each membership card data is used or data representing a service provider.

  The detailed data is stored in a field F3204. This data is, for example, data specifically representing the contents of the membership card data.

  The auxiliary data is stored in field F3206. This data is, for example, data supplementarily given to each membership card.

  The ID data is stored in a field F3208. This data is data for identifying a user who uses each service from another user.

  User data is stored in field F3210. This data is data for specifying who the user of the membership card is. In other words, while ID data is data used to identify a user from the viewpoint of processing information based on mutually unique data, user data is recognized by a general user. This data is used from the viewpoint of facilitation.

  The image data is stored in a field F3212. This data is data for displaying a predetermined image on the monitor 108. This data is, for example, bitmap data or data in JPG format, but is not limited thereto.

  The access data is stored in a field F3214. This data is data for accessing a service provided by the title data stored in the field F3202.

  The secret key data is stored in the field F3216. This data is data for encrypting information transmitted by the communication terminal 100.

  The display screen of the monitor 108 will be described with reference to FIG. FIGS. 33A to 33C are diagrams showing one mode of the monitor 108 that displays the data shown in FIG.

  When the user of communication terminal 100 performs a predetermined button operation for displaying the membership card list, monitor 108 displays an initial screen of the membership card list (FIG. 33A).

  When the user operates a move button (not shown) of the communication terminal 100 to select an arbitrary membership card (for example, “ABC portal”) from the membership card list and presses a decision button (not shown), A membership card corresponding to the member information menu is displayed (FIG. 33B). This display displays each item in the same manner as the display of the items described on the card type membership card up to now. This display mode is, for example, a pop-up display mode displayed on the front of the membership card list.

  Thereafter, when a predetermined time has elapsed, the monitor 108 displays an initial screen of the membership card (ie, “ABC portal”) selected by the user (FIG. 33C). By selecting a predetermined menu from the initial screen, the user can access the WEB site associated with the membership card, update the member information, or perform a procedure for withdrawing.

  With reference to FIG. 34, the display screen of monitor 108 will be further described. FIGS. 34A to 34C are diagrams showing switching of screens displayed based on specific membership card data displayed based on the data shown in FIG.

  When the user selects a menu “Access Site” for a specific membership card (for example, “ABC portal”) displayed on monitor 108 (FIG. 34A), monitor 108 displays the membership card. A screen indicating that the ABC portal is being accessed is displayed together with the image image (FIG. 34B). During this time, the communication terminal 100 transmits predetermined information (user authentication information, access data, and the like) to the service providing server 200 via the network 500, and the service authenticating process of the user is executed in the service providing server 200. .

  Thereafter, when the service providing server 200 determines that the user of the communication terminal 100 is a valid user, the service providing server 200 transmits information to the communication terminal 100 when the authentication is successful. When the communication terminal 100 receives such information, the monitor 108 displays an initial screen of the ABC portal based on the information (FIG. 34C).

  Referring to FIG. 35, a control structure of communication terminal 100 according to the present embodiment will be described. FIG. 35 is a flowchart showing a procedure of processing executed by CPU 102 of communication terminal 100. The same processes as those in the above-described embodiments are denoted by the same step numbers, and description thereof will not be repeated.

  In step S3502, CPU 102 causes monitor 108 to display a list of membership cards. This display is performed, for example, when the user selects a list display menu.

  In step S3504, CPU 102 detects a user's selection of a membership card. This detection is performed, for example, when the user presses a predetermined button of communication terminal 100.

  In step S108, CPU 102 reads data corresponding to the selected membership card from memory 116.

  The operation of communication terminal 100 according to the present embodiment based on the above structure and flowchart will be described with reference to FIG. 33 and FIG.

  When the user selects the display menu of the membership card list from the initial screen on the communication terminal 100, the membership card list is displayed on the monitor 108 (FIG. 33A, step S3502). When the user selects "ABC portal" from the list (step S3504), data corresponding to the ABC portal is read from the memory 116 based on the selection (step S108), and the monitor 108 displays an operation menu of the ABC portal. (FIG. 33C).

  When the user selects “access to the site” from the operation menu (FIG. 34A), the communication terminal 100 executes a predetermined encryption process (step S110), and the encrypted data is transmitted to the service providing server 200. Is transmitted (step S112). During these processes, the monitor 108 of the communication terminal 100 displays a screen indicating that the communication terminal 100 is accessing the ABC portal (FIG. 34B).

  As a result of the authentication process by the service providing server 200, when the information of the successful authentication is transmitted from the service providing server 200 to the communication terminal 100 (YES in step S114), the monitor 108 displays the initial screen of the ABC portal (step S114). S3516, FIG. 34 (C)).

  As described above, according to the communication terminal 100 according to the present embodiment, the user selects the membership card displayed in the image on the monitor 108 without inputting access data or a password, and connects from the operation menu. By selecting a menu, it is possible to connect to the service providing server 200. As a result, the burden on the user is reduced.

  Even if the user has membership cards for multiple service providing servers, the user can intuitively identify which service is assigned to which membership card due to the unique image, character format, style, etc. for each membership card. It is easy to determine whether or not they are compatible.

  Further, since the membership card data is stored in the communication terminal 100, if another person can use the terminal without special authentication work, it is possible that the other person can easily access the service providing server 200. Become. In this case, the membership card data can be prevented from being easily used by locking the function for reading the membership card data that requires authentication. This lock includes, for example, a method of setting a password, a method of biometric authentication such as fingerprint authentication, an authentication by an IC card, and a method of handwritten signature authentication. With these authentications, even when a plurality of membership card data are stored, those data can be collectively protected. Alternatively, when the user turns on the power of the communication terminal 100 or when the user actually starts using the communication terminal 100, the above-described personal authentication means for enabling the function of the communication terminal 100 may be provided.

  Note that, in communication terminal 100 according to the present embodiment, the display form of the membership card list on monitor 108 is not limited to the form shown in FIG.

  With reference to FIG. 36, another mode of the membership card list displayed on the monitor 108 will be described. FIG. 36 shows a screen of the monitor 108 that displays a reduced display of the image of the membership card and a description of the service that can be received by the membership card. That is, the display of the image is performed based on the image data (field F3212 in FIG. 32) in memory 116. The description of the service is displayed based on the detailed data in the memory 116 (field F3204 in the figure). In this way, the user can easily check the list of membership cards and individual contents.

  In addition, the form of the structure of membership card data stored in communication terminal 100 according to the present embodiment is not limited to that shown in FIG. For example, the expiration date and other data items of the membership card data may be stored as items of each membership card data. The number of membership card data that can be stored is not particularly limited.

  Further, the access data is not limited to the case where the data at the time of setting is continuously used, and may be updated at an appropriate timing. For example, when the service providing server 200 transmits information that the authentication for access is successful, the updated access data may be transmitted. In this case, the transmission processing of the access data is performed, for example, between step S214 and step S218 in FIG. Further, while the service providing server 200 is providing the service (step S218), the polling may be periodically performed at a predetermined timing to automatically update the polling. Alternatively, when the communication terminal 100 is constantly connected to the service providing server 200 via the network 500, the service providing server 200 appropriately performs polling and transmits information including access data to the communication terminal 100. Is also good.

  When the communication terminal 100 receives the information including the access data from the service providing server 200 in this manner, the access data is stored in the memory 116.

  Further, the access data may be updated by the communication terminal 100 itself without depending on the information received from the service providing server 200. For example, the access data may be updated at predetermined time intervals by using the time data of the communication terminal 100 as the access data. If the time data of the service providing server 200 and the time data of the communication terminal 100 are synchronized, the service providing server 200 can authenticate the communication terminal 100 based on the data. Can be used as data. Alternatively, an algorithm for generating access data may be shared between the communication terminal 100 and the service providing server 200, and the access data may be created and updated based on the algorithm.

  Alternatively, the access data may be created based on the results of communication between the communication terminal 100 and the service providing server 200 (for example, communication time, data traffic, and the like). Since such communication results are data that can be easily shared between the communication terminal 100 and the service providing server 200, there is no need to share other data. Therefore, access data can be easily generated in accordance with communication between communication terminal 100 and service providing server 200, so that access data can be easily updated while maintaining security.

<Fifth embodiment>
Hereinafter, a fifth embodiment of the present invention will be described with reference to FIGS. Communication terminal 1000 according to the present embodiment differs from communication terminal 100 according to the above-described first embodiment in that data items included in membership card data are different. That is, communication terminal 1000 stores the public key as a part of the membership card data instead of the secret key. Hereinafter, in the present embodiment, the membership card data including the public key is referred to as business card data.

  The communication terminal 1000, the service providing server 200, and the member information management server 300 according to the present embodiment are the same as the communication terminal 100, the service providing server 200, and the member information management server 300 according to the first embodiment. It has a hardware configuration. Their functions are the same. Therefore, detailed description thereof will not be repeated.

  Hereinafter, the reference numerals of the components of each communication terminal according to the present embodiment use the reference numerals of the components of communication terminal 100 according to the first embodiment described above. For example, CPU 102 of communication terminal 1000 is the same as CPU 102 shown in FIG. The same applies to other components.

  Each communication terminal according to the present embodiment has a function of exchanging stored data with another communication terminal having the same function. The data is, for example, business card data. The business card data includes data such as the name, address, or e-mail address of the user who created the business card, and screen display data for displaying the business card on the monitor of the terminal. Is included.

  With reference to FIG. 37, business card data stored in the communication terminal according to the present embodiment will be described. FIG. 37 shows a structure of data stored in fixed disk 104 of communication terminal 1000.

  The user identification ID is stored in a field F3702. This ID is an ID assigned by the service providing server 200 to each communication terminal.

  The public key is stored in a field F3704. This public key is included in the membership card data according to the above-described first embodiment, and is data that is paired with the secret key stored in each communication terminal.

  The image data is stored in a field F3706. The format of the image data is not particularly limited, and is, for example, a JPEG (Joint Photographic Experts Group) format, an MPEG (Moving Picture Experts Group) format, or an E animator which is a vector animation file format. Such image data is displayed on the monitor 108 so that the user can recognize the service to be provided. The program for processing the image data is not particularly limited.

  To create such business card data, the business card creation application stored in the communication terminal communicates with the service providing server 200, and obtains and combines the user ID, the user's own public key, and the image data. You may. Alternatively, the business card data may be created by transmitting instructions necessary for creating business card data from each communication terminal to the service providing server 200, and the service providing server 200 combining predetermined data. In any case, the created business card data is stored in a fixed disk or other storage means of the communication terminal.

  With reference to FIG. 38, a manner of using business card data in communication terminal 1000 according to the present embodiment will be described. FIG. 38A is a diagram for explaining the correspondence between the data shown in FIG. 37 and a business card image displayed based on the data. FIG. 38 (B) is a diagram for describing an aspect of business card exchange performed between communication terminal 1000 and communication terminal 1100 having a similar data structure.

  As shown in FIG. 38A, the communication terminal 1000 displays a business card image on the monitor 108 based on business card data stored in the fixed disk 104. This display is performed, for example, when an instruction to display a business card is input by the user. In this case, data is read from a predetermined area of the fixed disk 104, and the display program generates display data based on the data and causes the monitor 108 to display the display data. In this way, by storing the predetermined data as business card data in advance, the user of the communication terminal 1000 can always prepare information for business card exchange.

  As a result, as shown in FIG. 38B, a business card is electronically exchanged with the user B of the communication terminal 1100 having the same function in place of the conventional business card exchange using a paper business card. Can be exchanged.

  That is, the user A can cause the communication terminal 1000 to generate business card data for business card exchange based on data used for member information and the like owned by the user A. Similarly, the user B can cause the communication terminal 1100 to generate business card data for business card exchange based on the member information and other data used by the user B. By exchanging these business card data by data communication, the user A can store the business card data of the user B in the communication terminal 1000. Conversely, user B can store the business card data of user A in communication terminal 1000 (solid line in FIG. 38 (B)).

  Alternatively, the user A and the user B can exchange business card data by using the business card exchange service provided by the service providing server 200 (dotted line in FIG. 38B). In this case, the data used for creating the business card data may be transmitted from each of the communication terminals 1000 and 1100 to the service providing server 200. Alternatively, data already stored as member information in the service providing server 200 may be used for creating business card data.

  With reference to FIG. 39, the control structure of communication terminal 1000 according to the present embodiment will be described. FIG. 39 is a flowchart illustrating a procedure of processing executed by CPU of communication terminal 1000. Note that the same processing as the processing according to each of the above-described embodiments has the same step number, and the description thereof will not be repeated.

  In step S3812, CPU 102 of communication terminal 1000 decrypts the business card data of user B encrypted with the public key of user A using the secret key of user A from the received information, and transmits the decrypted data. The data is stored on the fixed disk 104.

  In step S3816, CPU 102 encrypts the business card data of user A using the public key of user B.

  Referring to FIG. 40, a control structure of communication terminal 1100 according to the present embodiment will be described. FIG. 40 is a flowchart illustrating a procedure of processing executed by CPU of communication terminal 1100. Note that the same processing as the processing according to each of the above-described embodiments has the same step number, and the description thereof will not be repeated.

  In step S3914, CPU 102 of communication terminal 1100 encrypts the business card data using the public key of user A.

  At step S 3920, CPU 102 decrypts the received data using the secret key of user B, reads out the business card data from the decrypted data, and stores it on fixed disk 104.

  The operation of the communication terminal according to the present embodiment based on the above structure and flowchart will be described. The description of the same operation as the operation in each of the above embodiments will not be repeated.

  When the communication terminal 1000 receives the information from the service providing server 200 (step S408) and detects acceptance of the business card exchange (YES in step S410), the communication card 1000 decrypts the business card data using the secret key of the user A, and (Step S3812). When the business card data of the user A of the communication terminal 1000 is read from the fixed disk 104 (S414), the data is encrypted with the public key of the user B (step S3816) and transmitted to the service providing server 200 (S418). ).

  When the service providing server 200 receives the information from the communication terminal 1000 (Step S610), the information is transmitted to the communication terminal 1100 (Step S612). When the communication terminal 1100 receives the information from the service providing server 200 (step S518), the information is decrypted, the business card data of the user A is obtained, and stored in the fixed disk 104 (step S3920).

  In this way, communication terminals 1000 and 1100 according to the present embodiment can encrypt and decrypt business card data using public key data included in membership card data. This makes it possible to easily exchange business card data between communication terminals while maintaining data security.

  As described above, according to the communication terminals according to the first to fifth embodiments described in detail, based on the data stored in association with the membership card data displayed so that the service used by the user can be easily recognized. Then, authentication data necessary for connection to the information processing device is generated. Therefore, the user can connect to the information processing apparatus without inputting data such as a user ID and a password. This makes it possible to provide a user with a communication terminal that can reduce the load for connecting to the information processing device. Further, by using the public key included in the business card data stored in the communication terminals, encrypted data can be communicated between the communication terminals. Thereby, the security level of data communication between communication terminals can be improved.

  The embodiments disclosed this time are to be considered in all respects as illustrative and not restrictive. The scope of the present invention is defined by the terms of the claims, rather than the description above, and is intended to include any modifications within the scope and meaning equivalent to the terms of the claims.

FIG. 1 is a diagram illustrating a communication network including a communication terminal, a service providing server, and a member information management server according to a first embodiment of the present invention. FIG. 3 is a control block diagram of the communication terminal according to the first embodiment of the present invention. FIG. 3 is a control block diagram of the service providing server according to the first embodiment of the present invention. FIG. 3 is a control block diagram of a member information management server according to the first embodiment of the present invention. FIG. 3 is a diagram (part 1) illustrating a structure of membership card data stored in the communication terminal according to the first embodiment of the present invention. It is a figure showing the image of the membership card displayed on the communication terminal concerning a 1st embodiment of the present invention. FIG. 3 is a diagram illustrating a structure of data communicated between a communication terminal and a service providing server according to the first embodiment of the present invention. FIG. 4 is a diagram illustrating a structure of data stored in a service providing server according to the first embodiment of the present invention. It is a figure showing the structure of the data which the member information management server concerning the 1st Embodiment of this invention stores. 4 is a flowchart illustrating a procedure of a process executed by the communication terminal according to the first embodiment of the present invention. It is a flowchart showing the procedure of the process which the service provision server which concerns on the 1st Embodiment of this invention performs. It is a flowchart showing the procedure of the process which the member information management server which concerns on the 1st Embodiment of this invention performs. FIG. 3 is a diagram (part 2) illustrating a structure of membership card data stored in the communication terminal according to the first embodiment of the present invention. FIG. 9 is a diagram illustrating a communication network including a communication terminal, a service providing server, and a member information management server according to a second embodiment of the present invention. It is a figure showing the structure of the business card data which the member information management server which concerns on the 2nd Embodiment of this invention memorize | stores. It is a figure showing the structure of the business card data displayed on the communication terminal concerning the 2nd Embodiment of this invention. It is the flowchart (the 1) showing the procedure of the process which the communication terminal which concerns on 2nd Embodiment of this invention performs. It is a flowchart (the 2) showing the procedure of the process which the communication terminal concerning 2nd Embodiment of this invention performs. It is a flowchart showing the procedure of the process which the service provision server which concerns on the 2nd Embodiment of this invention performs. FIG. 11 is a diagram (part 1) illustrating a transition of a display screen in the communication terminal according to the second embodiment of the present invention. It is FIG. (2) which shows transition of the display screen in the communication terminal which concerns on 2nd Embodiment of this invention. FIG. 10 is a diagram (part 3) illustrating transition of a display screen in the communication terminal according to the second embodiment of the present invention. FIG. 14 is a diagram (part 4) illustrating transition of a display screen in the communication terminal according to the second embodiment of the present invention. It is a figure showing transition of a display screen in a communication terminal concerning a 1st modification of a 2nd embodiment of the present invention. It is a figure showing transition of a display screen in a communication terminal concerning a 2nd modification of a 2nd embodiment of the present invention. FIG. 21 is a diagram illustrating an update notification transmitted by a service providing server according to a third modification of the second embodiment of the present invention. It is a figure showing transition of a display screen in a communication terminal concerning a 3rd modification of a 2nd embodiment of the present invention. FIG. 15 is a diagram illustrating a structure of membership card data stored in a communication terminal according to a fourth modification of the second embodiment of the present invention. It is a figure showing transition of a display screen in a communication terminal concerning a 5th modification of a 2nd embodiment of the present invention. It is a flow chart (the 1) showing the procedure of the processing which the communication terminal concerning a 3rd embodiment of the present invention performs. It is a flowchart (the 2) showing the procedure of the process which the communication terminal concerning a 3rd Embodiment of this invention performs. FIG. 14 is a diagram illustrating a data structure stored in a communication terminal according to a fourth embodiment of the present invention. It is FIG. (1) which shows transition of the display screen in the communication terminal which concerns on the 4th Embodiment of this invention. It is FIG. (2) which shows transition of the display screen in the communication terminal which concerns on the 4th Embodiment of this invention. 15 is a flowchart illustrating a procedure of a process executed by a communication terminal according to a fourth embodiment of the present invention. It is a figure showing the display screen in the communication terminal concerning a 4th embodiment of the present invention. FIG. 15 is a diagram illustrating a data structure stored in a communication terminal according to a fifth embodiment of the present invention. It is a figure showing the image of the business card data which the communication terminal concerning a 5th embodiment of the present invention displays. It is a flow chart (the 1) showing the procedure of the processing which the communication terminal concerning a 5th embodiment of the present invention performs. It is the flowchart (the 2) showing the procedure of the process which the communication terminal concerning 5th Embodiment of this invention performs.

Explanation of reference numerals

  100, 1000, 1100, 1200 communication terminal, 102, 202, 302 CPU, 104, 204, 304 fixed disk, 106, 206, 306 communication IF, 108, 208 monitor, 200 service providing server, 300 member information management server, 400 Database, 500 networks.

Claims (25)

A communication terminal that communicates with an information processing device connected to a communication line, wherein the information processing device authenticates a user of the communication terminal based on authentication data included in information received from the communication terminal, The communication terminal
Storage means for storing information;
Input means for a user of the communication terminal to input an instruction,
Display means connected to the storage means for displaying information;
Generation for generating the authentication data based on an instruction by the user in accordance with member information indicating a relationship with the information processing device displayed on the display unit and connected to the storage unit and the input unit. Means,
A communication terminal connected to the communication line and the generation unit, and including a transmission unit for transmitting identification data for identifying the user and the authentication data to the information processing device. The information processing device decrypts the encrypted data based on a public key, and further authenticates whether the communication terminal is a legitimate terminal based on access data included in the decrypted data. The access data is associated with the member information,
The storage means includes means for storing a secret key corresponding to the public key in association with the member information,
The communication terminal according to claim 1, wherein the generation unit includes a unit for generating the authentication data by encrypting the access data based on the secret key.   The communication terminal according to claim 1, wherein the member information is displayed on the display unit so that the user recognizes that the member information is information necessary for connection with the information processing device. The communication terminal further includes a receiving unit for receiving information from outside,
4. The storage device according to claim 1, wherein the storage unit includes a unit configured to store the member information in association with acquisition information for the user to acquire information from the information processing device. 5. Communication terminal. The member information is information that can be updated in the communication terminal,
The communication terminal according to claim 1, wherein the communication terminal further includes an updating unit configured to update the member information based on an instruction from the information processing device. The information processing device is a device that transmits a transmission request for information to the communication terminal,
The communication terminal according to claim 1, wherein the transmitting unit includes a unit configured to transmit the member information to the information processing device based on the transmission request.   The communication terminal according to claim 1, wherein the storage unit includes a unit configured to store the member information and the public key in association with each other.   The communication terminal according to claim 7, wherein the communication terminal further includes an encryption unit for encrypting data based on the public key. The information processing device is a device that can update the member information based on a request from the communication terminal,
The communication terminal according to any one of claims 1 to 8, wherein the transmission unit includes a unit for transmitting the update request of the member information to the information processing device. A communication method for communicating with an information processing device connected to a communication line, wherein the information processing device authenticates a user of the communication method based on authentication data included in information received from outside, and Is
A preparation step for preparing information in advance;
An input step in which a user of the communication method inputs an instruction,
A display step for displaying information;
A generation step of generating the authentication data based on an instruction from the user according to the member information indicating a relationship with the information processing device displayed in the display step;
A communication method, comprising: a transmitting step of transmitting identification data for identifying the user and the authentication data to the information processing device. A program for causing a computer to implement a communication method for communicating with an information processing device connected to a communication line, wherein the information processing device identifies a user of the communication method based on authentication data included in information received from outside. Authenticated, said program is stored on said computer,
A preparation step for preparing information in advance;
An input step in which a user of the communication method inputs an instruction,
A display step for displaying information;
A generation step of generating the authentication data based on an instruction from the user according to the member information indicating a relationship with the information processing device displayed in the display step;
A program for executing a transmission step of transmitting identification data for identifying the user and the authentication data to the information processing apparatus.   A computer-readable recording medium on which the program according to claim 11 is recorded. A communication terminal that communicates with an information processing device connected to a communication line,
Input means for a user to input instructions;
Display means for displaying information;
Storage means for storing identification data for identifying the user, a plurality of member information indicating a relationship between the communication terminal and the information processing device, and a respective secret key corresponding to each of the member information;
Generating means for generating, from the member information, authentication data based on a secret key corresponding to the member information specified by the instruction;
A communication terminal, comprising: transmission means for transmitting the identification data and the authentication data to the information processing device via the communication line. The member information includes access data for establishing a connection with the information processing device,
14. The communication terminal according to claim 13, wherein the generation unit includes a unit for generating the authentication data by encrypting the access data based on the secret key. The storage means stores display data for displaying the member information by at least one of a character and a graphic,
The communication terminal according to claim 13, wherein the display unit displays the member information based on the display data. The communication terminal further includes a receiving unit for receiving information via the communication line,
The communication terminal according to any one of claims 13 to 15, wherein the storage unit stores the member information in association with acquisition information for the user to acquire the information from the information processing device.   17. The communication terminal according to claim 13, wherein the communication terminal further includes an updating unit for updating the member information.   The communication terminal according to claim 17, wherein the updating unit updates the member information based on an instruction from the information processing device.   The communication terminal according to claim 17, wherein the updating unit updates the member information based on data in the communication terminal.   20. The communication terminal according to claim 13, wherein the transmitting unit transmits the member information to the information processing device in response to a request received from the information processing device. The storage unit stores the member information and the public key in association with each other,
The communication terminal according to any one of claims 13 to 20, wherein the communication terminal further includes an encryption unit for encrypting data based on the public key.   22. The communication terminal according to claim 13, wherein the transmitting unit includes a unit for transmitting the request for updating the member information to the information processing device. A communication method for communicating with an information processing device connected to a communication line,
An input step in which a user inputs an instruction;
A display step for displaying information;
A preparing step of preparing in advance identification data for identifying the user, a plurality of member information indicating a relationship between the communication terminal and the information processing device, and respective secret keys corresponding to the respective member information;
A generating step of generating authentication data based on a secret key corresponding to the member information specified by the instruction, from the member information;
A communication method, comprising: transmitting the identification data and the authentication data to the information processing device. A program for causing a computer to execute a communication method for communicating with an information processing device connected to a communication line, wherein the program causes the computer to execute
An input step in which a user inputs an instruction;
A display step for displaying information;
A preparing step of preparing in advance identification data for identifying the user, a plurality of member information indicating a relationship between the communication terminal and the information processing device, and respective secret keys corresponding to the respective member information;
A generating step of generating authentication data based on a secret key corresponding to the member information specified by the instruction, from the member information;
A transmission step of transmitting the identification data and the authentication data to the information processing apparatus.   A recording medium on which the program according to claim 24 is recorded.

Images