JP2006033267A - Information processing system, information processing method, information processing apparatus, and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a technology of providing information to a terminal for managing information with respect to an IC card securely at low cost. <P>SOLUTION: A terminal SAM of a terminal SAM client 11-1 encodes a terminal identifier and a terminal public key, and transmits the terminal identifier and the encoded terminal identifier and the encoded terminal public key to a certificate agency 13, and the certificate agency 13 decodes the encoded terminal identifier and the encoded terminal public key, confirms whether or not the decoded terminal identifier is coincident with the received terminal identifier, generates a signature of the terminal public key by using a certificate agency private key when they are coincident, and transmits the signature to a server 14-1. The server 14-1 receives the signature of the terminal public key, verifies whether or not the terminal public key is legitimate, and stores the terminal identifier and the terminal public key when the server 14-1 verifies that the terminal public key is legitimate. The invention is applicable to information processing systems for processing information with respect to IC cards. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to an information processing system, an information processing method, an information processing apparatus, and a program, and in particular, an information processing system that provides information to a terminal device that manages information related to an IC card safely and at a reduced cost The present invention relates to a method, an information processing apparatus, and a program.

  In recent years, when operating (updating) data in a card (IC card) containing an IC (Integrated Circuit) chip, a terminal equipped with an IC card reader / writer is connected to a server storing keys and scripts. After performing mutual authentication online, a terminal equipped with an IC card reader / writer operates on data in the IC card.

  For example, Patent Document 1 discloses a technique for reading data in an IC card online.

Since a terminal equipped with such an IC card reader / writer does not have a function of safely protecting keys and scripts, in order to perform operations (updates) on data in an IC card offline, keys and scripts Offline authentication is provided by providing a security box in the terminal that can securely store.
JP 2003-141063 A

  However, when a security box is provided in the terminal, there is a problem that the security box can store only a fixed key or script and it is difficult to update the key or script.

  In addition, there is a problem that a service provider who provides a key or script cannot recognize whether or not a security box provided in the terminal has an ability to protect the key or script.

  Furthermore, in the client server model in which the server stores keys and scripts and performs mutual authentication with the terminal (client) online, processing on the terminal side (client side) such as payment processing using an IC card may occur for a long time. When the card access is irregular due to the insertion / removal of the IC card, there is a problem that the load for managing the terminal in the server increases and the cost for managing the server is high.

  The present invention has been made in view of such a situation, and is intended to provide information to a terminal device that manages information related to an IC card in a safe and cost-effective manner.

  An information processing system according to the present invention is an information processing system including a terminal device that manages information related to an IC card, a server that provides information to the terminal device, and an authorization device that certifies the terminal device. An encoding means for encoding a unique terminal identifier and a second key corresponding to the first key of the terminal apparatus, an unencoded terminal identifier, a terminal identifier encoded by the encoding means, and a second key First transmission means for transmitting the key to the authorized device, and first reception means for receiving a signature of the second key transmitted from the authorized device for transmission by the first transmission means; A first storage means for storing the signature of the second key received by the first reception means together with the terminal identifier; a second key; and a second key stored in the first storage means. And a second transmitting means for transmitting the name and the terminal identifier to the server, and the authorization device transmits the terminal identifier, the encoded terminal identifier and the second transmitted from the first transmitting means of the terminal device. Second receiving means for receiving a key; decoded terminal identifier received by the second receiving means; decoding means for decoding the second key; and terminal identifier obtained by decoding by the decoding means And confirmation means for confirming whether or not the terminal identifier received by the second reception means matches, and the confirmation means confirms that the decoded terminal identifier matches the received terminal identifier The first signing means for generating the signature of the second key using the third key possessed by the authorization device, and the signature of the second key generated by the first signing means to the terminal device And a third receiving means for receiving the second key, the signature of the second key, and the terminal identifier transmitted by the second transmitting means of the terminal device. And the signature of the second key received by the third receiving means, and the fourth key corresponding to the third key of the certification device are used to verify whether the second key is valid. A first verification unit; and a second storage unit that stores the terminal identifier and the second key when the second verification unit verifies that the second key is valid by the first verification unit. To do.

  When the terminal device requests predetermined information from the server, the terminal device uses the first key to generate a signature of identification information for identifying the information, and an identification generated by the second signature device. A fourth transmitting means for transmitting the signature of the information, the identification information, and the terminal identifier to the server; and a fourth receiving means for receiving the information transmitted from the server in response to the transmission by the fourth transmitting means. Further, the server is received by the fifth receiving means and the fifth receiving means for receiving the signature of the identification information, the identification information, and the terminal identifier transmitted by the fourth transmitting means of the terminal device. Verifying whether the identification information is valid by using the signature of the identification information and the second key stored in the second storage means corresponding to the terminal identifier received by the fifth receiving means A second verification means and a second If the identification information by the verification means that is valid has been verified, it can be assumed that further and a fifth transmitting means for transmitting information for identification information to the terminal device.

  The information may be a script or key related to the IC card.

  The encoding means encodes the terminal identifier and the second key unique to the terminal apparatus using a fourth key corresponding to the three keys of the authorized apparatus, and the decoding means is unique to the encoded terminal apparatus. The terminal identifier and the second key may be decoded using the third key.

  A first information processing method of the present invention is an information processing method of an information processing system including a terminal device that manages information related to an IC card, a server that provides information to the terminal device, and an authorization device that certifies the terminal device. The terminal device encodes a terminal identifier unique to the terminal device and a second key corresponding to the first key of the terminal device, an unencoded terminal identifier, an encoded terminal identifier, and a second key To the authorized device. The authorized device receives the terminal identifier, the encoded terminal identifier and the second key transmitted from the terminal device, and receives the received encoded terminal. The terminal identifier obtained by decoding the identifier and the second key, confirming whether or not the terminal identifier obtained by the decoding matches the received terminal identifier, and decoding the terminal identifier When it is confirmed that the received terminal identifier matches, the signature of the second key is generated using the third key of the authorized device, and the generated signature of the second key is sent to the terminal device. The terminal device receives the signature of the second key transmitted from the authorized device, controls to store the received signature of the second key together with the terminal identifier, and stores the second key, storage Transmits the controlled second key signature and the terminal identifier to the server, and the server receives and receives the second key, the second key signature, and the terminal identifier transmitted from the terminal device. The second key is verified using the signature of the second key and the fourth key corresponding to the third key of the certification device, and the second key is verified by verification. If it is verified that the terminal identifier and the second key are stored, the storage of the terminal identifier and the second key is controlled. .

  In the first aspect of the present invention, in the terminal device, the terminal identifier unique to the terminal device and the second key corresponding to the first key of the terminal device are encoded, the terminal identifier that is not encoded, and the encoding The terminal identifier and the second key thus transmitted are transmitted to the authorization device. Then, the authorization device receives the terminal identifier, the encoded terminal identifier and the second key, decodes the encoded terminal identifier and the second key, and receives the terminal identifier obtained by decoding It is confirmed whether or not the received terminal identifier matches, and if it matches, the signature of the second key is generated using the third key of the authorized device and transmitted to the terminal device. In addition, the terminal device receives the second key signature, stores the second key signature together with the terminal identifier, and transmits the second key, the second key signature, and the terminal identifier to the server. The Further, the server receives the second key, the second key signature, and the terminal identifier, and uses the second key signature and the fourth key corresponding to the third key of the certification device. Whether or not the second key is valid is verified. If it is verified that the second key is valid, the terminal identifier and the second key are stored.

  An information processing apparatus according to the present invention includes an encoding unit that encodes a terminal identifier unique to a terminal device and a second key corresponding to the first key of the terminal device, a terminal identifier that is not encoded, and an encoding unit A first transmission unit that transmits the terminal identifier and the second key encoded by the first device to the authorized device, and the first device that has been sent from the authorized device with respect to the transmission by the first transmission unit. A first receiving means for receiving a signature of the second key, which is a signature generated using the key of No. 3, and a signature of the second key received by the first receiving means together with a terminal identifier A storage means, a second key, a signature of the second key stored in the storage means, and a second transmission means for transmitting the terminal identifier to the server are provided.

  When requesting predetermined information from the server, a signature unit that generates a signature of identification information for identifying information using the first key, a signature of the identification information generated by the signature unit, identification information, and a terminal identifier Can be further provided with a third transmitting means for transmitting the information to the server and a second receiving means for receiving the information transmitted from the server in response to the transmission by the third transmitting means.

  The information may be a script or key related to the IC card.

  The encoding unit may encode the terminal identifier and the second key unique to the terminal device using a fourth key corresponding to the third key of the authorized device.

  According to a second information processing method of the present invention, an encoding step for encoding a terminal identifier unique to a terminal device, a second key corresponding to the first key of the terminal device, an unencoded terminal identifier, The terminal identifier and the second key encoded by the encoding means are transmitted from the authorized device for the first transmission step of transmitting the terminal identifier and the second key to the authorized device, and the transmission by the processing of the first transmission step. A receiving step for receiving a signature of the second key, which is a signature generated using the third key of the authorized device, and a signature of the second key received by the processing of the receiving step are stored together with the terminal identifier. A storage control step for controlling the second key, a second key, a second key whose storage is controlled by the processing of the storage control step, and a second identifier for transmitting the terminal identifier to the server Characterized in that it comprises a transmission step.

  The program of the present invention is encoded by an encoding step for encoding a terminal identifier unique to a terminal device and a second key corresponding to the first key of the terminal device, an unencoded terminal identifier, and encoding means. A first transmission step of transmitting the terminal identifier and the second key transmitted to the authorized device, and a first device included in the authorized device that has been transmitted from the authorized device for transmission by the processing of the first transmission step. A receiving step for receiving a signature of the second key, which is a signature generated using the key of No. 3, and a memory for controlling to store the signature of the second key received by the processing of the receiving step together with the terminal identifier A second transmission step for transmitting the control step, the second key, the signature of the second key whose storage is controlled by the processing of the storage control step, and the terminal identifier to the server. Characterized in that to execute a processing including a-up the computer.

  In the second aspect of the present invention, the terminal identifier unique to the terminal device and the second key corresponding to the first key of the terminal device are encoded, the unencoded terminal identifier, and the encoded terminal identifier And the second key are transmitted to the authorization device. In response to this transmission, the signature of the second key generated using the third key of the authorized device transmitted from the authorized device is received, and the signature of the second key is the terminal identifier. And the second key, the second key signature, and the terminal identifier are transmitted to the server.

  According to the present invention, the terminal device and the server can be easily authenticated. In particular, according to the present invention, information can be exchanged between the terminal device and the server safely and easily. In addition, server management costs can be reduced.

  Embodiments of the present invention will be described below. The correspondence relationship between the invention described in this specification and the embodiments of the invention is exemplified as follows. This description is intended to confirm that the embodiments supporting the invention described in this specification are described in this specification. Therefore, even if there is an embodiment that is described in the embodiment of the invention but is not described here as corresponding to the invention, the fact that the embodiment is not It does not mean that it does not correspond to the invention. Conversely, even if an embodiment is described herein as corresponding to an invention, that means that the embodiment does not correspond to an invention other than the invention. Absent.

  Further, this description does not mean all the inventions described in this specification. In other words, this description is for the invention described in the present specification, which is not claimed in this application, that is, for the invention that will be applied for in the future or that will appear and be added by amendment. It does not deny existence.

The information processing system according to claim 1 is a terminal device (for example, the terminal SAM client 11-1 in FIG. 1) that manages information related to an IC card, and a server that provides information to the terminal device (for example, the server in FIG. 1). 14-1), and an information processing system (for example, the information processing system of FIG. 1) consisting of a certification device (for example, the certification body 13 of FIG. 1) that certifies the terminal device,
The terminal device
A terminal identifier unique to the terminal device (for example, a terminal SAM identifier), and a second key (for example, a terminal SAM public key) corresponding to a first key (for example, a terminal SAM private key) possessed by the terminal device; Encoding means (for example, the encoding unit 204 in FIG. 7 that executes the process of step S32 in FIG. 16);
First transmission means for transmitting the terminal identifier that has not been encoded, the terminal identifier encoded by the encoding means, and the second key to the authorized device (for example, the process of step S33 in FIG. 16). The output unit 210) of FIG.
In response to transmission by the first transmission means, first reception means (for example, FIG. 16) that receives a second key signature (for example, a signature of the terminal SAM public key) transmitted from the authorized device. The input unit 201 in FIG. 7 for executing the process of step S34;
First storage means for storing the signature of the second key received by the first reception means together with the terminal identifier (for example, the storage unit 78 of FIG. 5 for executing the processing of step S35 of FIG. 16). When,
Second transmission means for transmitting the second key, the signature of the second key stored in the first storage means, and the terminal identifier to the server (for example, the process of step S92 in FIG. 17). And executing the output unit 210) of FIG.
The certified device is:
Second receiving means for receiving the terminal identifier and the encoded terminal identifier and the second key transmitted by the first transmitting means of the terminal device (for example, step S51 in FIG. 16). The input unit 351 in FIG.
Decoding means for decoding the encoded terminal identifier and the second key received by the second receiving means (for example, the decoding unit 353 of FIG. 10 that executes the process of step S52 of FIG. 16);
Confirmation means for confirming whether or not the terminal identifier obtained by decoding by the decoding means matches the terminal identifier received by the second receiving means (for example, the process of step S53 in FIG. 16) Main controller 352) of FIG.
When it is confirmed by the confirmation means that the decoded terminal identifier matches the received terminal identifier, the second key is used by using a third key (for example, an accredited institution secret key) possessed by the accreditation device. First signature means for generating a signature of the key (for example, signature processing unit 354 of FIG. 10 that executes the process of step S55 of FIG. 16);
Third transmission means for transmitting the signature of the second key generated by the first signature means to the terminal device (for example, the output unit 355 of FIG. 10 that executes the process of step S56 of FIG. 16). And
The server
Third receiving means for receiving the second key, the signature of the second key, and the terminal identifier transmitted by the second transmitting means of the terminal device (for example, step S71 in FIG. 17). The input unit 451) of FIG.
Using the signature of the second key received by the third receiving means and the fourth key (for example, the certification authority public key) corresponding to the third key of the certification device, the second key is used. First verification means for verifying whether or not the key is valid (for example, the verification processing unit 455 of FIG. 13 that executes the process of step S72 of FIG. 17);
When the first verification unit verifies that the second key is valid, the second storage unit stores the terminal identifier and the second key (for example, the process of step S74 in FIG. 17). And a storage unit 378) of FIG.

The terminal device of the information processing system according to claim 2,
When requesting predetermined information from the server, a second signature for generating a signature (for example, a script ID signature) of identification information (for example, a script ID) for identifying the information, using the first key. Means (for example, the signature processing unit 205 of FIG. 7 that executes the process of step S172 of FIG. 19);
Fourth transmission means for transmitting the signature of the identification information generated by the second signature means, the identification information, and the terminal identifier to the server (for example, executing the processing of step S173 in FIG. 19) 7 output unit 210),
Fourth receiving means for receiving the information (for example, a script) transmitted from the server in response to transmission by the fourth transmitting means (for example, the input of FIG. 7 for executing the processing of step S174 in FIG. 20) Part 201) and
The server
Fifth receiving means for receiving the signature of the identification information, the identification information, and the terminal identifier transmitted by the fourth transmission means of the terminal device (for example, execute the processing of step S151 in FIG. 19) The input unit 451) of FIG.
The signature of the identification information received by the fifth receiving means and the second key stored in the second storage means corresponding to the terminal identifier received by the fifth receiving means; A second verification means for verifying whether the identification information is valid (for example, the verification processing unit 455 of FIG. 13 that executes the process of step S153 of FIG. 19);
When the identification information is verified to be valid by the second verification unit, a fifth transmission unit (for example, a script for the script ID) is transmitted to the terminal device. And an output unit 459 of FIG. 13 for executing the process of step S158 of FIG.

The information of the information processing system according to claim 3 is a script or a key related to the IC card (for example, a common key used with the IC card 51 of FIG. 3).

The information processing system according to claim 4, wherein the encoding unit uses a terminal identifier unique to the terminal device and the second key by using a fourth key corresponding to the third key of the authorization device. Encoding (for example, step S32 in FIG. 16);
The decoding means decodes the encoded terminal identifier unique to the terminal device and the second key using the third key (for example, step S52 in FIG. 16).
It is characterized by that.

The information processing method according to claim 5 includes a terminal device (for example, the terminal SAM client 11-1 in FIG. 1) that manages information related to an IC card, and a server that provides information to the terminal device (for example, the server in FIG. 1). 14-1), and an information processing method of an information processing system (for example, the information processing system of FIG. 1) composed of a certification device (for example, the certification body 13 of FIG. 1) for proving the terminal device
The terminal device
A terminal identifier unique to the terminal device (for example, a terminal SAM identifier), and a second key (for example, a terminal SAM public key) corresponding to a first key (for example, a terminal SAM private key) possessed by the terminal device; (For example, step S32 in FIG. 16),
The unencoded terminal identifier, the encoded terminal identifier and the second key are transmitted to the authorized device (eg, step S33 in FIG. 16),
The certified device is:
Receiving the terminal identifier, the encoded terminal identifier and the second key transmitted from the terminal device (for example, step S51 in FIG. 16);
Decode the received encoded terminal identifier and the second key (eg, step S52 of FIG. 16);
Check whether the terminal identifier obtained by decoding matches the received terminal identifier (for example, step S53 in FIG. 16),
When it is confirmed that the decoded terminal identifier matches the received terminal identifier, a signature of the second key is used by using a third key (for example, a certification authority private key) of the certification device. (For example, step S55 in FIG. 16),
The generated signature of the second key is transmitted to the terminal device (for example, the output unit 355 of FIG. 10 that executes the process of step S56 of FIG. 16),
The terminal device
Receiving the signature of the second key (for example, the signature of the terminal SAM public key) transmitted from the authorized device (for example, step S34 in FIG. 16);
Control to store the received signature of the second key together with the terminal identifier (for example, step S35 in FIG. 16);
Transmitting the second key, the signature of the second key whose storage is controlled, and the terminal identifier to the server (for example, step S92 in FIG. 17);
The server
Receiving the second key, the signature of the second key, and the terminal identifier transmitted from the terminal device (for example, step S71 in FIG. 17);
The second key is valid by using the received signature of the second key and the fourth key (for example, the certification authority public key) corresponding to the third key of the certification device. (For example, step S72 in FIG. 17),
When the verification verifies that the second key is valid, the storage of the terminal identifier and the second key is controlled (for example, step S74 in FIG. 17).
It is characterized by that.

An information processing apparatus according to claim 6 is an information processing apparatus (for example, the terminal SAM client 11-1 in FIG. 1) that exchanges information with a server and an authentication apparatus that provide information about an IC card.
A terminal identifier unique to the terminal device (for example, a terminal SAM identifier), and a second key (for example, a terminal SAM public key) corresponding to a first key (for example, a terminal SAM private key) possessed by the terminal device; Encoding means (for example, the encoding unit 204 in FIG. 7 that executes the process of step S32 in FIG. 16);
First transmission means for transmitting the terminal identifier that has not been encoded, the terminal identifier encoded by the encoding means, and the second key to the authorized device (for example, the process of step S33 in FIG. 16). The output unit 210) of FIG.
In response to the transmission by the first transmission means, the signature of the second key (for example, the terminal SAM) transmitted from the authorized device and generated using the third key of the authorized device. First receiving means for receiving the signature of the public key (for example, the input unit 201 in FIG. 7 that executes the process of step S34 in FIG. 16);
Storage means for storing the signature of the second key received by the first reception means together with the terminal identifier (for example, the storage unit 78 of FIG. 5 for executing the process of step S35 of FIG. 16);
Second transmission means for transmitting the second key, the signature of the second key stored in the storage means, and the terminal identifier to the server (for example, executing the processing of step S92 in FIG. 17) 7 output unit 210).

An information processing apparatus according to claim 7
When requesting predetermined information from the server, a signature means (for example, a script ID signature) for generating identification information (for example, a script ID) for identifying the information using the first key (for example, a script ID signature) , The signature processing unit 205 in FIG. 7 for executing the processing in step S172 in FIG.
Third transmission means for transmitting the signature of the identification information generated by the signature means, the identification information, and the terminal identifier to the server (for example, the output of FIG. 7 for executing the processing of step S173 in FIG. 19) Part 210),
Second receiving means for receiving the information (for example, a script) transmitted from the server in response to transmission by the third transmitting means (for example, the input of FIG. 7 for executing the processing of step S174 in FIG. 20) Unit 201).

The information of the information processing apparatus according to claim 8 is a script or a key related to the IC card (for example, a common key used with the IC card 51 of FIG. 3).

The encoding means of the information processing device according to claim 9 uses the fourth key corresponding to the third key of the authorization device to use a terminal identifier unique to the terminal device and the second key. The key is encoded (for example, step S32 in FIG. 16).
It is characterized by that.

The information processing method according to claim 10 is an information processing method of an information processing device (for example, the terminal SAM client 11-1 in FIG. 1) that exchanges information with a server and an authentication device that provide information about an IC card. ,
A terminal identifier unique to the terminal device (for example, a terminal SAM identifier), and a second key (for example, a terminal SAM public key) corresponding to a first key (for example, a terminal SAM private key) possessed by the terminal device; Encoding step (for example, step S32 in FIG. 16) for encoding
A first transmission step (for example, step S33 in FIG. 16) for transmitting the unencoded terminal identifier, the terminal identifier encoded by the encoding means, and the second key to the authorized device;
In response to the transmission by the processing of the first transmission step, the signature of the second key (for example, the signature generated using the third key of the authorized device transmitted from the authorized device) (for example, Receiving step (for example, step S34 in FIG. 16) for receiving the signature of the terminal SAM public key;
A storage control step (for example, step S35 in FIG. 16) for controlling to store the signature of the second key received by the processing of the reception step together with the terminal identifier;
Second transmission step of transmitting the second key, the signature of the second key whose storage is controlled by the processing of the storage control step, and the terminal identifier to the server (for example, step S92 in FIG. 17) It is characterized by including and.

The program according to claim 11 is a program for processing information about an IC card,
A terminal identifier unique to the terminal device (for example, a terminal SAM identifier), and a second key (for example, a terminal SAM public key) corresponding to a first key (for example, a terminal SAM private key) possessed by the terminal device; Encoding step (for example, step S32 in FIG. 16) for encoding
A first transmission step (for example, step S33 in FIG. 16) for transmitting the unencoded terminal identifier, the terminal identifier encoded by the encoding means, and the second key to the authorized device;
In response to the transmission by the processing of the first transmission step, the signature of the second key (for example, the signature generated using the third key of the authorized device transmitted from the authorized device) (for example, Receiving step (for example, step S34 in FIG. 16) for receiving the signature of the terminal SAM public key;
A storage control step (for example, step S35 in FIG. 16) for controlling to store the signature of the second key received by the processing of the reception step together with the terminal identifier;
Second transmission step of transmitting the second key, the signature of the second key whose storage is controlled by the processing of the storage control step, and the terminal identifier to the server (for example, step S92 in FIG. 17) And causing a computer to execute a process including and.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

  FIG. 1 is a diagram showing an example of the overall configuration of an information processing system to which the present invention is applied.

  Terminal SAM (Secure Application Module) clients (terminal devices) 11-1 to 11-3 are each connected to the network 12. The network 12 is connected to an accreditation body (also referred to as an accreditation station) 13 and servers (server devices) 14-1 to 14-3.

  Server 14-1 is operated by service provider A, server 14-2 is operated by service provider B, and server 14-3 is operated by service provider C. That is, the servers 14-1 to 14-3 are operated by different service providers. The network 12 is, for example, a LAN (Local Area Network). The accreditation apparatus is an apparatus that is governed by the accreditation body (accreditation station) 13. In practice, various processes are executed by the accreditation apparatus. In this embodiment, the accreditation apparatus is referred to as a process executed by the accreditation body 13. .

  In the following, when the terminal SAM clients 11-1 to 11-3 do not need to be individually distinguished, they are referred to as the terminal SAM client 11, and when the servers 14-1 to 14-3 do not need to be individually distinguished, This is referred to as server 14. Further, when it is not necessary to individually distinguish the service providers A, B, and C, they are referred to as service providers.

  The authorization organization 13 is an organization (station) that authorizes the terminal SAM client 11 to the service provider. For example, in response to a request from the terminal SAM client 11, the certification authority 13 signs the public key of the terminal SAM client 11 (signature of the public key of the terminal SAM client 11 by the certification authority 13) to the terminal SAM client 11. Issue. The terminal SAM client 11 transmits the signature of the public key of the terminal SAM client 11 to the server 14, and the server 14 verifies the signature of the public key of the terminal SAM client 11 (that is, the terminal SAM client 11 By verifying that the public key is valid, the terminal SAM client 11 is confirmed to be an authorized terminal (valid). The service provider (server 14) transmits a key and a script to the terminal SAM client 11 when the terminal SAM client 11 is certified by the certification body 13.

  The terminal SAM client 11 can store a plurality of scripts, and accesses the IC card (not shown) by executing the scripts. For example, the terminal SAM client 11 executes a script and updates data in the IC card. Then, the terminal SAM client 11 transmits the script execution result and the like to the server 14 that provides the corresponding service via the network 12. When the network 12 is offline, the terminal SAM client 11 holds the execution result of the script, and when it is online, transmits the execution result to the server 14 via the network 12.

  The server 14 is also connected to the SAM 21 via an internal network 22 as shown in FIG. The SAM 21 generates data (script or key) to be transmitted to the terminal SAM client 11 in response to a request from the server 14, and encrypts the generated data based on key information managed as appropriate. 14 to the terminal SAM client 11 via 14 or the like. As described above, the server 14 is connected to the SAM 21 to exchange data, and transmits data to the terminal SAM client 11 via the network 12 (FIG. 1). This part is directly related to the present invention. Therefore, in the following description, all processing will be described as processing in the server 14. That is, when the server 14 transmits data, data is actually exchanged with the SAM 21. However, in the present embodiment, the processing in the SAM 21 is also described as processing executed by the server 14. To do. 2 may be the same network as the network 12.

  Next, a functional configuration example of the terminal SAM client 11 will be described. FIG. 3 is a block diagram showing a functional configuration example of the terminal SAM client 11 of FIG.

  The terminal SAM client 11 has a functional configuration of a control terminal 41, a terminal SAM 42, and an IC card reader / writer antenna 43.

  The control terminal 41 is, for example, a POS (Point Of Sales) terminal. The control terminal 41 issues a command to update data to the IC card 51 or transmits data read from the IC card 51 to the server 14 via the network 12 (FIG. 1).

  The IC card reader / writer antenna 43 communicates with the external IC card 51 in a non-contact manner, and reads various data stored in the IC card and writes data. For example, the IC card reader / writer antenna 43 reads data such as an identification number unique to the IC card 51 stored in the IC card 51 and an amount stored in the IC card 51. The IC card reader / writer antenna 43 communicates with the IC card 51 in a non-contact manner, and rewrites (updates) data such as the amount of money stored in the IC card 51. In this embodiment, the IC card 51 and the IC card reader / writer antenna 43 are described as being non-contact type, but the IC card and the IC card reader / writer antenna may be contact type.

  The terminal SAM 42 controls the certification authority 13 to request the signature of the public key of the terminal SAM 42 in order to encrypt the data supplied from the IC card reader / writer antenna 43 and to obtain certification of the server 14. The server 14 is controlled to transmit the signature of the terminal SAM public key. Further, the terminal SAM 42 executes a script, generates various encryption keys, and saves the execution result of the script as a log. That is, the terminal SAM 42 securely manages data in the terminal SAM client 11.

  FIG. 4 is a block diagram showing a hardware configuration example of the terminal SAM 42 of FIG.

  A CPU (Central Processing Unit) 71, a ROM (Read Only Memory) 72, and a RAM (Random Access Memory) 73 are connected to each other via an internal bus 74. An input / output interface 75 is also connected to the internal bus 74.

  The CPU 71 executes various processes according to a program stored in the ROM 72 or a program loaded from the storage unit 78 to the RAM 73. The RAM 73 also appropriately stores data necessary for the CPU 71 to execute various processes.

  The input / output interface 75 includes an electronic lock, a DIP (Dual Inline Package) switch, a keyboard, a mouse, and other input unit 76, a status display lamp, a 7-segment LED (Light Emitting Diode), a CRT, an LCD (Liquid Crystal Display). ), An output unit 77 including a speaker, a storage unit 78 including a hard disk, a communication unit 79 including a modem and a terminal adapter, and an IC card reader / writer 80 are connected. The communication unit 79 performs communication processing via various networks including RS232C serial communication and LAN. Data exchange with the control terminal 41 is performed via the communication unit 79. The command to the terminal SAM 42 may be issued via the communication unit 79. The IC card reader / writer 80 has a built-in memory (not shown), the card data is stored in the memory, and the IC card reader / writer antenna 43 is used for short-distance communication with the IC card 51. Done through.

  A drive 81 is connected to the input / output interface 75 as necessary, and a removable medium 91 including a magnetic disk, an optical disk, a magneto-optical disk, or a semiconductor memory is appropriately mounted, and a computer program read therefrom is Installed in the storage unit 78 as necessary.

  In association with the above-described functional configuration example of FIG. 3, the CPU 71 of FIG. 4 has a function of the terminal SAM by executing predetermined processing described later.

  FIG. 5 is a diagram for explaining an example of information related to the terminal SAM 42 (FIG. 4) stored in the storage unit 78. That is, FIG. 5 shows an example of information (data) used for the terminal SAM 42 to execute processing.

  In the storage unit 78, as information related to the terminal SAM 42, the external input / output logic 121, the public secret key logic 122, the server certificate folder 123, the terminal SAM specific information 124, the script execution information 125, the script folder 126, and the terminal SAM common information 127 are stored. , And a log folder 128 are stored.

  The external input / output logic 121 is a logic for executing interface processing related to external input / output.

  The public secret key logic 122 is a logic for executing processes such as encryption, decryption, signature, verification, and key pair generation. Specifically, the public / private key logic 122 includes information as shown in FIG.

  In FIG. 6, the public secret key logic 122 includes an encryption procedure 191, a decryption procedure 192, a key pair generation procedure 193, a signature procedure 194, and a verification procedure 195. The encryption procedure 191 describes a procedure for encrypting data, and the decryption procedure 192 includes a procedure for decrypting encrypted data (a procedure corresponding to the encryption procedure 191). is described. The key pair generation procedure 193 describes a procedure for generating a public key and a secret key of the terminal SAM42. The signature procedure 194 describes a procedure for attaching a signature to predetermined data, and the verification procedure 195 describes a procedure for verifying the signed data. Thus, the public / private key logic 122 includes logic related to the public key and the secret key. In the case of the example in FIG. 6, since it is the public secret key logic 122 related to the terminal SAM 42, the public key here is the public key of the terminal SAM 42, and the secret key is the secret key of the terminal SAM 42.

  Returning to FIG. 5, the server certificate folder 123 includes a server ID 131, a server public key 132, and a URL (Uniform Resource Locator) 133. The server ID 131 is an ID (identification information to be identified) unique to the server 14, and the server 14 (service provider) can be specified by this server ID. That is, in a state where the terminal SAM 42 receives service provision from the servers 14-1 to 14-3 in FIG. 1, three combinations of the server ID 131, the server public key 132, and the URL 133 are registered in the server certificate folder 123. Will be. This server ID is an ID unique to the server attached by the terminal SAM42. The server public key 132 is the public key of the server 14 specified by the server ID 131 and is associated with the server 131. The URL 133 is a URL for accessing the server 14 specified by the server ID 131 and is associated with the server ID 131. Information of the server certificate folder 123 is acquired by a process described later.

  The terminal SAM unique information 124 includes a terminal SAM identifier 141, a terminal SAM public key signature 142, a terminal SAM public key 143, and a terminal SAM private key 144. The terminal SAM identifier 141 is an identifier for identifying the terminal SAM 42 (that is, identifying the terminal SAM client 11), and is unique to each terminal SAM 42. That is, according to the terminal SAM identifier 141, the terminal SAM client 11-1 to the terminal SAM client 11-3 can be identified. The signature 142 of the terminal SAM public key is a signature for the server 14 to verify that the terminal SAM 42 is set as an authorized organization. The terminal SAM public key 143 and the terminal SAM secret key 144 are a public key and a secret key of the terminal SAM 42 that are generated by a process (a process described later) executed using the public secret key logic 122. The terminal SAM public key 143 and the terminal SAM private key 144 are a key pair, and it is possible to verify whether the data signed by the terminal SAM private key 144 is valid only by the terminal SAM public key 143. Data encrypted with the terminal SAM public key 143 can be decrypted only with the terminal SAM private key 144. Conversely, data encrypted with the terminal SAM private key 144 can be decrypted only with the terminal SAM public key 143. Can do. The terminal SAM 42 that holds the terminal SAM secret key 144 has a function of not leaking the secret key to others.

  The script execution information 125 is information for executing a script. For example, it is information for executing the script 153 stored in the script folder 126.

  The script folder 126 includes a server ID 151 and a script ID 152, and further includes a script 153 associated with the server ID 151 and the script ID 152. The server ID 151 is basically the same as the server ID included in the server certificate folder 123. That is, if the server ID is assigned to the server 14-1, the server ID 131 and the server ID 151 are the same. The script ID 152 is a unique ID in scripts with the same server ID for identifying the script 153. The information stored in the script folder 126 is information acquired from the server 14 in the process described later. In the script folder 126, a plurality of combinations (the number of scripts) of the server ID 151, the script ID 152, and the script 153 are registered.

  The terminal SAM common information 127 includes an authorized organization public key 161 and an encoding procedure 162. The certification authority public key 161 is a public key of the certification authority 13 distributed by the certification authority 13. The encoding procedure 162 is an encoding procedure determined in advance between the accreditation organization 13 and the terminal SAM 42 (for example, determined by the manufacturer), and is information stored when the terminal SAM 42 is manufactured. That is, the terminal SAM common information 127 is information set in the terminal SAM 42 in advance.

  The log folder 128 includes a log 171. This log 171 is a script execution result. More specifically, the script 171 stores script execution result additional information in which time information and a signature are added to the script execution result.

  That is, in FIG. 5, external input / output logic 121, public secret key logic 122, terminal SAM identifier 141 of terminal SAM specific information 124, script execution information 125, authorized authority public key 161 of terminal SAM common information 127, and terminal SAM common The encoding procedure 162 of the information 127 is stored in the storage unit 78 in advance, the other server certificate folder 123 (server ID 131, server public key 132, and URL 133), and the signature of the terminal SAM public key of the terminal SAM specific information 124. 142, the terminal SAM public key 143, the terminal SAM private key 144, the script folder 126 (server ID 151, script ID 152, and script 153), and the log folder 128 (log 171) are appropriately stored in the storage unit 78 in the following processing. Is done.

  Next, a functional configuration example of the terminal SAM 42 in FIG. 3 will be described. FIG. 7 is a block diagram illustrating a functional configuration example of the terminal SAM 42 of FIG. 7 is implemented by the CPU 71 of the terminal SAM client 11 of FIG. 4 executing various processes using the information of FIG. 5 stored in the storage unit 78.

  7, the terminal SAM 42 includes an input unit 201, a main control unit 202, a key pair generation unit 203, an encoding unit 204, a signature processing unit 205, a verification processing unit 206, an encryption unit 207, a decryption unit 208, and a script execution unit. 209 and an output unit 210 are provided.

  The input unit 201 receives data input and supplies the received data to the main control unit 202. For example, the input unit 201 receives data supplied from the IC card reader / writer antenna 43 and data supplied from the control terminal 41 and supplies the data to the main control unit 202. The input unit 201 corresponds to the external input / output logic 121 described with reference to FIG. More specifically, the input unit 201 is realized by the CPU 71 (FIG. 4) executing the external input / output logic 121 of FIG.

  The main control unit 202 controls each unit. The key pair generation unit 203 generates a pair of the terminal SAM public key 143 and the terminal SAM secret key 144 (FIG. 5) based on the control from the main control unit 202. The key pair generation unit 203 is realized by the CPU 71 (FIG. 4) executing the key pair generation procedure 193 (FIG. 6) of the public / private key logic 122. The encoding unit 204 encodes data by a predetermined method based on the control from the main control unit 202. The encoding unit 204 encodes data by a method set in advance by the manufacturer, and is realized by the CPU 71 (FIG. 4) executing the processing according to the encoding procedure 162 described with reference to FIG. .

  The signature processing unit 205 generates a signature for predetermined data based on the control from the main control unit 202. For example, a signature of predetermined data is generated using the terminal SAM private key 144. The signature processing unit 205 is realized by the CPU 71 (FIG. 4) executing processing in accordance with the signature procedure 194 (FIG. 6) of the public secret key logic 122. The verification processing unit 206 executes processing for verifying the signature based on the control from the main control unit 202. The verification processing unit 206 is realized by the CPU 71 (FIG. 4) executing processing according to the verification procedure 195 (FIG. 6) of the public secret key logic 122.

  The encryption unit 207 encrypts data based on the control from the main control unit 202. The encryption unit 207 is realized by the CPU 71 (FIG. 4) executing processing according to the encryption procedure 191 (FIG. 6) of the public secret key logic 122. The decrypting unit 208 decrypts the encrypted data based on the control from the main control unit 202. The decryption unit 208 is realized by the CPU 71 (FIG. 4) executing processing in accordance with the decryption procedure 192 (FIG. 6) of the public secret key logic 122.

  The script execution unit 209 executes a script based on the control from the main control unit 202. For example, the script execution unit 209 executes the script 153 (FIG. 5) stored in the storage unit 78 (FIG. 5) based on the control from the main control unit 202. The script execution unit 209 is realized by the CPU 71 (FIG. 4) executing processing based on the script execution information 125 (FIG. 5).

  The output unit 210 outputs data based on the control from the main control unit 202. For example, the output unit 210 outputs data to the control terminal 41 or outputs data to the IC card reader / writer antenna 43. The output unit 210 is realized by the CPU 71 (FIG. 4) executing processing based on the external input / output logic 121 described with reference to FIG.

  FIG. 8 is a block diagram illustrating a hardware configuration example of the certification authority 13 of FIG.

  The CPU 251, ROM 252, and RAM 253 are connected to each other via an internal bus 254. An input / output interface 255 is also connected to the internal bus 254.

  The CPU 251 executes various processes according to a program stored in the ROM 252 or a program loaded from the storage unit 258 to the RAM 253. The RAM 253 also appropriately stores data necessary for the CPU 251 to execute various processes.

  The input / output interface 255 includes an input unit 256 including a keyboard and a mouse, an output unit 257 including a CRT, an LCD, and a speaker, a storage unit 258 including a hard disk, and a communication unit including a modem and a terminal adapter. 259 is connected. The communication unit 259 performs communication processing via various networks including a telephone line and CATV.

  A drive 261 is also connected to the input / output interface 255 as necessary, and a removable medium 271 composed of a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is appropriately mounted, and a computer program read therefrom is Installed in the storage unit 258 as necessary.

  FIG. 9 is a diagram illustrating an example of information stored in the storage unit 258 of FIG.

  The storage unit 258 stores external input / output logic 301, public secret key logic 302, certification authority information 303, terminal SAM certificate as information used by the certification authority 13 to execute the processing described in the present embodiment. A document folder 304 and a decoding procedure 305 are stored.

  The external input / output logic 301 is a logic for executing interface processing related to external input / output.

  The public secret key logic 302 is a logic for executing processes such as encryption, decryption, signature, verification, and key pair generation. Since the detailed configuration of the public key logic 302 is the same as that of FIG. 6 described above, the description thereof is omitted. In the following, FIG. 6 is also referred to as the public secret key logic 302. The public key handled by the certification authority 13 is the public key of the certification authority 13, and the secret key is the secret key of the certification authority 13.

  The certification body information 303 includes a certification body public key 311 and a certification body private key 312. The certification authority public key 311 is the same as the certification authority public key 161 of FIG. More specifically, the certification authority public key 311 generated by the certification authority 13 is transmitted to the terminal SAM 42 and stored therein is the certification authority public key 161 of FIG. The certification authority public key 311 and the certification authority private key 312 are a key pair, and it is possible to verify whether the data signed by the certification authority private key 312 is valid only by the certification authority public key 311. Data encrypted with the certification authority public key 311 can be decrypted only with the certification authority private key 312, and conversely, data encrypted with the certification authority private key 312 can be decrypted only with the certification authority public key 311. Can do. The certification authority 13 that holds the certification authority private key 312 has a function of not leaking the secret key to others.

  The terminal SAM certificate folder 304 includes a terminal SAM identifier 321 and a terminal SAM public key 322. According to this terminal SAM identifier 321, the terminal SAM client 11 can be specified. That is, according to the terminal SAM identifier 321, the terminal SAM 42 having the same terminal SAM identifier 141 (FIG. 5) can be specified. The terminal SAM public key 322 is a public key of the terminal SAM 42 specified by the terminal SAM identifier 321 stored in correspondence with the terminal SAM identifier 321. That is, when the terminal SAM identifier 321 in FIG. 9 is the same as the terminal SAM identifier 141 in FIG. 5, the terminal SAM public key 322 in FIG. 9 and the terminal SAM public key 143 in FIG. 5 are the same. Note that the terminal SAM identifier 321 and the terminal SAM public key 322 are acquired by processing to be described later. When the certification authority 13 issues signatures to a plurality of terminal SAMs 42, the terminal SAM identifier 321 and the terminal SAM public key 322 are registered as many as the issued numbers.

  The decoding procedure 305 is a decoding procedure determined in advance between the accreditation body 13 and the terminal SAM 42 (for example, determined by a manufacturer), and is information stored when the accreditation body 13 is manufactured. This decoding procedure 305 corresponds to the encoding procedure 162 of the terminal SAM common information 127 in FIG. In other words, the data encoded using the encoding procedure 162 can be decoded by the decoding procedure 305. This encoding / decoding method is a unique procedure defined between the accreditation body 13 and the terminal SAM 42. Therefore, even if the data encoded by this method is obtained by an external device, it can be encoded easily. I can't. Thereby, the confidentiality between the certification | authentication organization 13 and terminal SAM42 can be improved.

  That is, in FIG. 9, the external input / output logic 301, the public / private key logic 302, the certification authority information 303, and the decoding procedure 305 are stored in the storage unit 258 in advance, and the terminal SAM certificate folder 304 (terminal SAM identifier 321). And the terminal SAM public key 322) are appropriately stored in the storage unit 258 in the following processing.

  Next, a functional configuration example of the accreditation body 13 in FIG. 8 will be described. FIG. 10 is a block diagram illustrating a functional configuration example of the accreditation body 13 of FIG. The functional configuration of FIG. 10 is realized by the CPU 251 of the certification authority 13 of FIG. 8 executing various processes using the information of FIG. 9 stored in the storage unit 258.

  10, the certification authority 13 is provided with an input unit 351, a main control unit 352, a decoding procedure 353, a signature processing unit 354, and an output unit 355.

  The input unit 351 accepts data input and supplies the accepted data to the main control unit 352. For example, the input unit 351 receives data supplied from the terminal SAM client 11 or data supplied from the server 14 via the network 12 and supplies the data to the main control unit 352. The input unit 351 corresponds to the external input / output logic 301 described with reference to FIG. More specifically, the input unit 351 is realized by the CPU 251 (FIG. 8) executing the external input / output logic 301 of FIG.

  The main control unit 352 controls each unit. The decoding unit 353 decodes the encoded data by a predetermined method based on the control from the main control unit 352. The decoding unit 353 decodes data by a method set in advance by the manufacturer, and is realized by the CPU 251 (FIG. 8) executing the processing according to the decoding procedure 305 described with reference to FIG. .

  The signature processing unit 354 generates a signature for predetermined data based on the control from the main control unit 352. For example, the signature processing unit 354 generates a signature of predetermined data using the certification authority private key 312. The signature processing unit 354 is realized by the CPU 251 (FIG. 8) executing processing according to the signature procedure 194 (FIG. 6) of the public secret key logic 302.

  The output unit 355 outputs data based on the control from the main control unit 352. For example, the output unit 355 outputs data to the terminal SAM client 11 and the server 14 via the network 12. The output unit 355 is realized by the CPU 25 (FIG. 8) executing processing based on the external input / output logic 301 described with reference to FIG. 9.

  FIG. 11 is a block diagram illustrating a hardware configuration example of the server 14 of FIG.

  The CPU 371, ROM 372, and RAM 373 are connected to each other via an internal bus 374. An input / output interface 375 is also connected to the internal bus 374.

  The CPU 371 executes various processes according to a program stored in the ROM 372 or a program loaded from the storage unit 378 to the RAM 373. The RAM 373 also stores data necessary for the CPU 371 to execute various processes.

  The input / output interface 375 includes an input unit 376 including a keyboard and a mouse, an output unit 377 including a CRT, an LCD, and a speaker, a storage unit 378 including a hard disk, a communication unit including a modem, a terminal adapter, and the like. 379 is connected. The communication unit 379 performs communication processing via various networks including a telephone line and CATV.

  A drive 381 is also connected to the input / output interface 375 as necessary, and a removable medium 391 composed of a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is appropriately mounted, and a computer program read therefrom is It is installed in the storage unit 378 as necessary.

  FIG. 12 is a diagram illustrating an example of information stored in the storage unit 378 of FIG.

  The storage unit 378 includes, as information used for the server 14 to execute the processing described in the present embodiment, the external input / output logic 401, the public secret key logic 402, the program execution information 403, and the service provider specific Information 404, script folder 405, terminal SAM certificate folder 406, and service provider common information 407 are stored.

  The external input / output logic 401 is a logic for executing interface processing related to external input / output.

  The public secret key logic 402 is a logic for executing processing such as encryption, decryption, signature, verification, and key pair generation. Since the detailed configuration of the public key logic 402 is the same as that of FIG. 6 described above, the description thereof is omitted, but in the following, FIG. 6 is also referred to as the public secret key logic 402. The public key handled by the server 14 (service provider) is the public key of the server 14, and the secret key is the secret key of the server 14.

  The program execution information 403 is information for executing a program. For example, it is information for executing the program 423 stored in the script folder 405.

  The service provider specific information 404 includes a URL 411, a server public key 412, and a server secret key 413. This URL 411 is a URL for accessing the server 14 (for example, the service provider A of the server 14-1). When the URL 411 is the same as the URL 133 in FIG. 5, the server public key 412 is the same as the server public key 132 in FIG. That is, the URL and the server public key correspond to each other. Specifically, the URL for accessing the server 14-1 in FIG. 1 and the server public key are paired. The server secret key 413 is a secret key of the server 14. The server secret key 413 is a secret key that is different for each server (service provider). That is, the server secret key of the server 14-1, the server secret key of the server 14-2, and the server secret key of the server 14-3 in FIG. The service provider specific information 404 is stored in advance. The server public key 412 and the server private key 413 are a key pair, and it is possible to verify whether the data signed by the server private key 413 is valid only by the server public key 412. Data encrypted with the server public key 412 can be decrypted only with the server private key 413, and conversely, data encrypted with the server private key 413 can be decrypted only with the server public key 412. The server 14 that holds the server secret key 413 has a function of not leaking the secret key to others.

  The script folder 405 includes a script ID 421, a script 422, and a program 423. The script 421 and the program 423 are associated with the script ID 421. That is, when the script ID 421 is specified, a predetermined process is executed on the script 422 or the program 423 corresponding to the script ID. For example, when a script ID is transmitted together with the execution request, a program corresponding to the script ID is executed on the server 14. The contents of these script folders 405 are added or updated as appropriate by the service provider A, or are stored in advance. That is, a plurality of combinations of the script ID 421, the script 422, and the program 423 may be registered.

  The terminal SAM certificate folder 406 includes a terminal SAM identifier 431 and a terminal SAM public key 432. The terminal SAM certificate folder 406 corresponds to the terminal SAM certificate folder 304 of FIG. 9, and the contents are the same as long as the terminal SAM certificate folder of the same terminal SAM client 11. Note that the terminal SAM identifier 321 and the terminal SAM public key 322 are acquired by processing to be described later. Further, combinations of terminal SAM identifiers 321 and terminal SAM public keys 322 are registered for the number of terminals SAM 42 that provide information.

  The service provider common information 407 includes an authorized organization public key 441. The certification authority public key 441 is the same as the certification authority public key 311 of FIG. 9 described above. More specifically, the certification authority public key 311 generated by the certification authority 13 is transmitted to the terminal SAM 42 and stored in the certification authority public key 161 of FIG. 5 and the server 14 and stored in FIG. The certification authority public key 441.

  That is, in FIG. 12, external input / output logic 401, public secret key logic 402, program execution information 403, service provider specific information 404, script folder 405, and service provider common information 407 are stored in advance in storage unit 378. The terminal SAM certificate folder 406 (terminal SAM identifier 431 and terminal SAM public key 432) is appropriately stored in the storage unit 78 in the following processing.

  Next, a functional configuration example of the server 14 in FIG. 11 will be described. FIG. 13 is a block diagram illustrating a functional configuration example of the server 14 of FIG. The functional configuration in FIG. 13 is realized by the CPU 371 of the server 14 in FIG. 11 executing various processes using the information in FIG. 12 stored in the storage unit 378.

  In FIG. 13, the server 14 includes an input unit 451, a main control unit 452, a key pair generation unit 453, a signature processing unit 454, a verification processing unit 455, an encryption unit 456, a decryption unit 457, a program execution unit 458, and an output. A portion 459 is provided.

  The input unit 451 receives data input and supplies the received data to the main control unit 452. For example, the input unit 451 receives data supplied from the terminal SAM client 11 via the network 12 and data supplied from the certification authority 13 and supplies the data to the main control unit 452. The input unit 451 corresponds to the external input / output logic 401 described with reference to FIG. More specifically, the input unit 451 is realized by the CPU 371 (FIG. 11) executing the external input / output logic 401 of FIG.

  The main control unit 452 controls each unit. The key pair generation unit 453 generates a pair of the server public key (server public key 412) and the server secret key (server secret key 413) based on the control from the main control unit 452. The key pair generation unit 453 is realized by the CPU 371 (FIG. 11) executing the key pair generation procedure 193 (FIG. 6) of the public / private key logic 402.

  The signature processing unit 454 generates a signature of predetermined data based on the control from the main control unit 452. For example, the signature processing unit 454 generates a signature of predetermined data using the server private key. The signature processing unit 454 is realized by the CPU 371 (FIG. 11) executing processing in accordance with the signature procedure 194 (FIG. 6) of the public secret key logic 402. The verification processing unit 455 executes processing for verifying the signature based on the control from the main control unit 452. The verification processing unit 455 is realized by the CPU 371 (FIG. 11) executing a process according to the verification procedure 195 (FIG. 6) of the public secret key logic 402.

  The encryption unit 456 encrypts data based on the control from the main control unit 452. The encryption unit 456 is realized by the CPU 371 (FIG. 4) executing processing in accordance with the encryption procedure 191 (FIG. 6) of the public secret key logic 402. The decryption unit 457 decrypts the encrypted data based on the control from the main control unit 452. The decryption unit 457 is realized by the CPU 371 (FIG. 11) executing a process according to the decryption procedure 192 (FIG. 6) of the public secret key logic 402.

  The program execution unit 458 executes a program based on control from the main control unit 452. For example, the program execution unit 458 executes the program 423 stored in the storage unit 378 (FIG. 12) based on the control from the main control unit 452. The program execution unit 458 is realized by the CPU 371 (FIG. 11) executing processing based on the program execution information 403 (FIG. 12).

  The output unit 459 outputs data based on the control from the main control unit 452. For example, the output unit 459 outputs data to the terminal SAM client 11 via the network 12 or outputs data to the certification authority 13. The output unit 459 is realized by the CPU 371 (FIG. 11) executing processing based on the external input / output logic 401 described with reference to FIG.

  Next, detailed examples of signature, verification, and encryption performed in the following processing will be described with reference to FIG. Hereinafter, in this specification, E (A, B) represents that the data B is encrypted with the key A, and D (P, Q) represents that the data Q is decrypted with the key P. And Also, encryption and decryption can be unified with the expression that the former acts on the latter. Further, H (M) represents that the data M is compressed by the hash function program.

  In FIG. 14, the sender side (a) has a secret key Ksa on the sender side (a) and a public key Kpb on the receiver side (b), and the receiver side (b) ) Private key Ksb and the sender's public key Kpa. Here, a case where the document (M) 501 is transmitted on the sender side (a) will be described.

  On the sender side, first, the document (M) 501 is transmitted using the public key encryption method. Specifically, in step S1, the sender encrypts the document (M) 501 with the recipient's public key Kpb. That is, the sender calculates “E (Kpb, M)”. In step S2, the sender transmits the ciphertext “E (Kpb, M)” to the sender.

  Upon receiving this ciphertext “E (Kpb, M)”, the receiver decrypts it with the receiver's private key Ksb (“D (Ksb, E (Kpb, M))”) in step S3. ), An original document (M) 501 is obtained. In addition, the recipient compresses the original document (M) 501 obtained by the processing in step S3 with a hash function program in step S4 (calculates the message digest “H (M)”).

  On the other hand, in step S5, the sender compresses the document (M) 501 with a hash function program (calculates the message digest “H (M)”), and in step S6, sends the message digest “H (M)”. And the sender's private key Ksa. That is, the sender calculates “E (Ksa, H (M))”. This “E (Ksa, H (M))” is a so-called digital signature by the sender of the document (M) 501. The sender transmits the digital signature “E (Ksa, H (M))” to the receiver in step S7. Upon receiving this digital signature “E (Ksa, H (M))”, the receiver decrypts it with the sender's public key Kpa in step S8 (D (Kpa, E (Ksa, H (M))). ) To obtain a message digest H (M).

  In step S9, the receiver compares the message digest H (M) obtained in step S4 with the message digest H (M) obtained in step S8. It is determined that M is valid. That is, if the message digest H (M) obtained in the process of step S4 matches the message digest H (M) obtained in the process of step S8, the digital signature is definitely created and transmitted by the sender. It is recognized as a thing.

  Generally, since it is impossible to determine the original information from the compressed data (message digest) created by the hash function program, the sender can be obtained by using a digital signature as in the process of FIG. Refusal, falsification of recipients, and plain text (documents) can be prevented. The receiver can also confirm the identity of the sender.

  That is, the fact that the receiver was able to decrypt the digital signature with the sender's public key (step S8), it can be seen that the digital signature was encrypted with the sender's private key. In other words, it can be seen that the message digest H (M) that is the basis of the digital signature is also generated by the sender. If the message digest H (M) and the message digest H (M) (step S4) generated from the information received by the recipient match, the message digest H (M) is generated when the message digest H (M) is generated in step S4. The original document (M) is definitely that of the sender.

  In the following, detailed description will be omitted as in the process of FIG. 14 and the digital signature and its authentication will be briefly described. In practice, the process shown in FIG. 14 is executed. Shall be. In the following description, it is assumed that the signed message has the configuration shown in FIG.

  Next, the configuration of the digital signature will be further described. FIG. 15 is a diagram showing a simple configuration of a signed message.

  In FIG. 15, when the original document (sent document) is the message M, the signature of the message M is obtained by compressing the message M with a hash function program (calculating H (M)) and sending the value to the message M It is encrypted with the original secret key Ks. That is, E (Ks, H (M)) is the signature of the message M. Generally, the signature of the message M is sent together with the message M, so that the authentication level of the message M is increased.

  In the following, the message M and the source secret key Ks will be described as appropriate using the example of FIG.

  Next, with reference to the flowchart of FIG. 16, a process in which the terminal SAM 42 (terminal SAM client 11) of FIG. This process is a process executed by the terminal SAM 42 and the accreditation organization 13, and when an authorization command is input to the terminal SAM 42 or when the power of the terminal SAM 42 (terminal SAM client 11) is first turned on. When it starts.

  In step S31, the key pair generation unit 203 of the terminal SAM 42 generates a terminal SAM public key 143 and a terminal SAM secret key 144 based on the control from the main control unit 202. The generated terminal SAM public key 143 and terminal SAM private key 144 are stored in the terminal SAM unique information 124 of FIG.

  In step S32, the encoding unit 204, based on the control from the main control unit 202, the terminal SAM public key 143 and the terminal SAM identifier 141 (the terminal SAM specific information 124 stored in the storage unit 78 in FIG. 5 in advance). The terminal SAM identifier 141) is encoded with the authorized key public key 161. The certification authority public key 161 is a public key of the certification authority 13 acquired in advance by the terminal SAM 42 (or stored at the time of manufacture).

  In step S33, the output unit 210 transmits the encoded terminal SAM public key 143 and the terminal SAM identifier 141 and the unencoded terminal SAM identifier 141 via the network 12 based on the control from the main control unit 202. To the accreditation body 13. That is, the unencoded terminal identifier 141 and the result encoded in step S32 are transmitted. In this embodiment, only the minimum necessary information is described as information to be transmitted, but actually, in addition to the terminal identifier 141 that is not encoded and the result encoded in the process of step S32. In addition, information may be transmitted as appropriate. The same applies to the following processing.

  On the other hand, the input unit 351 of the certification authority 13 receives (accepts) the encoded terminal SAM public key 143, the terminal SAM identifier 141, and the terminal SAM identifier 141 via the network 12 in step S51. .

  In step S <b> 52, the decoding unit 353 of the certification authority 13 decodes the encoded terminal SAM public key 143 and terminal SAM identifier 141 with the certification authority private key 312. The encoding performed in the process of step S32 corresponds to the decoding performed in the process of step S52. Since the encoding and the decoding method are uniquely determined, data encoded by other external devices is not included. Even when acquired, data analysis can be prevented.

  In step S53, the main control unit 352 confirms the terminal SAM identifier 141 obtained by decoding and the received terminal SAM identifier 141. Specifically, if the terminal SAM identifier 141 obtained by decoding matches the terminal SAM identifier 141 received in step S51, the process proceeds to step S54. If it is not certified, the process is terminated as being unconfirmed (illustration of the process when they do not match is omitted). This process is a process for confirming whether the terminal SAM 42 is a normal (to be authorized) terminal.

  In step S54, the main control unit 352 registers the terminal SAM public key 143 and the terminal SAM identifier 141 in the terminal SAM certificate folder 304 as the terminal SAM public key 322 and the terminal SAM identifier 321.

  In step S55, the signature processing unit 354 generates a terminal SAM public key signature (signature for the terminal SAM public key by the certification authority 13) using the certification authority private key 312 based on the control from the main control unit 352. To do. In the example of FIG. 15, the terminal SAM public key 322 is the message M, and the source private key Ks is the certification authority private key 312. That is, the signature processing unit 354 generates the signature of the terminal SAM public key by encrypting the result obtained by compressing the terminal SAM public key 322 with the hash function program with the certification authority private key 312.

  In step S <b> 56, the output unit 355 transmits the generated signature of the terminal SAM public key to the terminal SAM 42 of the terminal SAM client 11 via the network 12 based on the control from the main control unit 352.

  On the other hand, the input unit 201 of the terminal SAM 42 receives the signature of the terminal SAM public key (accepts input) in step S34.

  In step S35, the main control unit 202 registers the received signature of the terminal SAM public key in the terminal SAM specific information 124 as the signature 142 of the terminal SAM public key. At this time, the terminal SAM unique information 124 holds the terminal SAM identifier 141 and the terminal SAM public key signature 142 as a pair. Thereafter, the process is terminated.

  With the processing in FIG. 16, the terminal SAM 42 can issue a signature 142 of the terminal SAM public key certifying itself by the certification authority 13. In addition, since unique encoding and decoding methods are set between the terminal SAM 42 and the accreditation body 13, the accreditation body 13 recognizes that the terminal SAM 42 has normal capabilities and issues a signature. Can do.

  In the example of FIG. 16, the certification authority 13 issues and transmits a signature, but a certificate of the terminal SAM 42 may be issued (the same applies to the following processing). In this case, the certification authority 13 combines the signature of the terminal SAM public key generated in step S55 and the terminal SAM identifier, and transmits it as a terminal SAM certificate, and the terminal SAM 42 registers this certificate.

  Next, with reference to the flowchart in FIG. 17, a process in which the server 14 (service provider) in FIG. 13 verifies that the terminal SAM 42 (terminal SAM client 11) in FIG. 7 is authorized will be described. This process is a process executed by the terminal SAM 42 and the server 14 (service provider), and when a command is input to the terminal SAM 42 to verify authorization with the service provider, or the server Starts when certification verification is requested from 14.

  In step S91, the main control unit 202 of the terminal SAM 42 reads the terminal SAM identifier 141, the terminal SAM public key 143, and the terminal SAM public key signature 142 from the terminal SAM unique information 124 of the storage unit 78 of FIG.

  In step S <b> 92, the output unit 210 transmits the read terminal SAM identifier 141, terminal SAM public key 143, and terminal SAM public key signature 142 to the server 14 that is a service provider via the network 12. That is, a total of three pieces of information (information including at least) of the terminal SAM public key signature 142, the terminal SAM identifier 141, and the terminal SAM public key 143 are transmitted to the server 14.

  On the other hand, the input unit 451 of the server 14 (service provider) receives the terminal SAM identifier 141, the terminal SAM public key 143, and the terminal SAM public key signature 142 in step S71.

  In step S72, the verification processing unit 455 uses the terminal SAM public key 143 and the certification authority public key 161 (the certification authority public key 161 stored in advance in the storage unit 78) based on the control from the main control unit 452. Thus, the signature 142 of the terminal SAM public key is verified. Specifically, as described above with reference to FIG. 14, the verification processing unit 455 decrypts the signature 142 of the terminal SAM public key with the certification authority public key 161 and the terminal SAM public key 143 using a hash function program. Verification is performed by determining whether or not the compressed values match. That is, the verification processing unit 455 verifies that the terminal SAM public key 143 is valid based on the control from the main control unit 452 by using the terminal SAM public key signature 142 and the certification authority public key 161.

  In step S73, the verification processing unit 455 determines whether or not the terminal SAM public key 143 has been verified to be valid. That is, when the signature of the terminal SAM public key is decrypted with the certification authority public key 161 and the value obtained by compressing the terminal SAM public key 143 with the hash function program matches, the verification processing unit 455 matches the terminal SAM public key 143. That the terminal SAM public key signature 142 is decrypted with the certification authority public key 161 does not match the value obtained by compressing the terminal SAM public key 143 with the hash function program, It is determined that the validity has not been verified. If it is determined that the verification is valid, in step S74, the main control unit 452 transfers the terminal SAM identifier 141 and the terminal SAM public key 143 to the terminal SAM certificate folder 406 (FIG. 12). The SAM identifier 431 and the terminal SAM public key 432 are registered.

  In step S73, when it is determined that it is not valid (it has not been verified that it is valid), or after the process of step S74, the process ends.

  Through FIG. 16 and FIG. 17 (except when it cannot be confirmed in step S53 of FIG. 16 and when NO is determined in step S73), the server 14 serving as the service provider has the terminal SAM 42 It is possible to verify that the terminal is certified by 13. After executing this processing, the server 14 registers the terminal SAM identifier 431 and the terminal SAM public key 432 in the terminal SAM certificate folder 406 (FIG. 12), so that the server 14 can safely and securely The script can be distributed only to the authenticated terminal SAM. Specific examples will be sequentially described below.

  First, a process in which the terminal SAM 42 in FIG. 7 acquires and registers a script ID from the server 14 in FIG. 13 will be described with reference to the flowchart in FIG. This process is a process executed as a premise process for downloading a script in order for the terminal SAM 42 to download the script from the server 14 as a service provider.

  In step S111, the key pair generation unit 453 of the server 14 generates a server public key 412 and a server secret key 413. The generated server public key 412 and server secret key 413 are stored in the service provider specific information 404 of FIG.

  In step S112, the output unit 459 transmits the server URL 411, the server public key 412, and the script ID provided by the server 14 based on the control from the main control unit 452. Specifically, the main control unit 452 reads the server URL 411 from the service provider specific information 404, reads the script ID 421 provided by the server from the script folder 405, and the server disclosure generated in the process of step S111. The output unit 459 is controlled to transmit together with the key 412. At this time, if a plurality of script IDs 421 (a plurality of script IDs 421 associated with the script 422 and the program 423) are registered in the script folder 405, the main control unit 452 transmits the plurality of script IDs 421. Control. The output unit 459 transmits the URL 411 of the server, the server public key 412, and the script ID (s) provided by the server to the terminal SAM 42 (terminal SAM client 11) via the network 12.

  In contrast, in step S131, the input unit 201 (FIG. 7) of the terminal SAM 42 receives the server URL 411, the server public key 412, and the script IDs provided by the server 14.

  In step S132, the main control unit 202 issues a server ID. This server ID is an ID for uniquely identifying the server 14 within the terminal SAM 42.

  In step S133, the main control unit 202 stores the server ID issued in the process of step S132, the server public key 412 received in the process of step S131, and the server URL 411 in the server certificate folder 123. The key 132 and the URL 133 are registered. At this time, since the server ID 131, the server public key 132, and the URL 133 are registered in association with each other, the terminal SAM 42 can cope with services received from a plurality of service providers.

  In step S <b> 134, the main control unit 202 registers a server ID and a script ID in the script folder 126 by the corresponding number. Specifically, the server ID issued in the process of step S132 and the script ID received in the process of step S131 are registered in the script folder 126 as a server ID 151 and a script ID 152. For example, when three script IDs are received in the process of step S131 (that is, when the service provider provides three scripts), a total of three script IDs associated with each script ID are registered. The At this time, the server IDs 151 are all the same server ID. In other words, the server ID 131 registered in the server certificate folder 123 and the server ID 151 registered in the script folder 126 when the processing of FIG. 18 is executed with one server 14 are the same server ID (step Server ID issued in S132). Thereafter, the process is terminated.

  18, the server ID 131 (the same ID as the server ID 151), the server public key 132, and the URL 133 of the server 14 are associated with each other, and the server ID 151 (the same ID as the server ID 131) and the script ID 152 are associated with each other. In the terminal SAM 42, the server ID 151 (server ID 131) corresponding to the script ID 152 can be specified, the server public key 132 corresponding to the server ID 131 (server ID 151), and the URL 133 of the server 14 can be specified.

  Next, processing when the terminal SAM 42 in FIG. 7 downloads a script from the server 14 in FIG. 13 as a service provider will be described with reference to the flowcharts in FIGS. 19 and 20. This process is started when an administrator of the terminal SAM client 11 (for example, a store manager who manages the terminal SAM client 11) instructs the terminal SAM 42 to download (update) a script. . Further, this process is executed after the process of FIG.

  In step S171, the main control unit 202 (FIG. 7) of the terminal SAM 42 sends a server ID and script ID designation and a (script) download request from the administrator of the terminal SAM 42 to the input unit 201 (FIG. 7). It is received via the input unit 76) in FIG. That is, the administrator of the terminal SAM 42 instructs the download request to the terminal SAM 42 together with the server ID and script ID of the script to be downloaded. The server ID and script ID are registered in the process of FIG.

  In step S172, the signature processing unit 206 of the terminal SAM 42 generates a script ID signature (signature for the script ID by the terminal SAM 42) using the specified script ID and terminal SAM private key. For example, when the script ID specified in the process of step S171 is the script ID 152 of FIG. 5, the signature processing unit 206 compresses the script ID 152 with the hash function program and encrypts it with the terminal SAM private key 144. Generate a signature for the script ID. In the example of FIG. 15, the message M is the script ID 152, and the source secret key Ks is the terminal SAM secret key 144.

  In step S173, based on the control from the main control unit 202, the output unit 210 transmits the encrypted terminal SAM identifier and script ID and the script ID signature to the URL specified by the server ID. . That is, the script ID signature and the encrypted result (terminal identifier and script ID) are transmitted. Specifically, the encryption unit 207 encrypts the terminal SAM identifier 141 and the script ID 152 using the server public key (the server public key 132 corresponding to the server ID 131 specified in the process of step S171), and outputs the output unit 210. For the URL 133 specified by the server ID 131 (or server ID 151) specified in step S171, the encrypted terminal SAM identifier 141 and script ID 152 (script ID specified in step S171), The signature of the script ID generated by the process of step S172 is transmitted.

  On the other hand, the input unit 451 of the server 14 receives the encrypted terminal SAM identifier 141 and script ID 152 and the signature of the script ID in step S151. That is, the URL 411 (FIG. 12) of the server 14 is the same URL as the URL 133 specified in the process of step S173. Then, the decryption unit 457 decrypts the encrypted terminal SAM identifier 141 and script ID 152 using the server secret key 413, and obtains the terminal SAM identifier 141 and script ID 152.

  In step S152, the main control unit 452 acquires, from the terminal certificate folder 406, the terminal SAM public key 432 for the terminal SAM identifier 431 that is the same as the terminal SAM identifier 141 obtained by the decryption in step S151. The information stored in the terminal SAM certificate folder 406 has been certified by the certification authority 13 as described with reference to FIGS. 16 and 17.

  In step S153, the verification processing unit 455 verifies the signature of the script ID using the script ID 152 and the terminal SAM public key 432 based on the control from the main control unit 452. Specifically, verification is performed based on whether or not the signature of the script ID matches the value obtained by compressing the script ID 152 with the hash function program using the terminal SAM public key 432. That is, the verification processing unit 455 verifies that the script ID is valid based on the control from the main control unit 452 using the signature of the script ID and the terminal SAM public key 432.

  In step S154, the verification processing unit 454 determines whether or not the script ID 152 has been verified as valid. If the verification processing unit 454 determines that the script ID 152 has not been verified as valid, the verification processing unit 454 terminates the processing and may be valid. When it determines with having been verified, a process is advanced to step S155.

  In step S 155, the main control unit 452 acquires a script 422 corresponding to the same script ID 421 as the script ID 152 from the script folder 405. For example, when a plurality of script IDs and corresponding scripts are registered in the script folder 405, the main control unit 452 determines the script ID verified as valid (the script ID received in the process of step S151). The script corresponding to the same script ID as in () is acquired.

  In step S156, the signature processing unit 454 generates a script signature (signature for the script by the server 14) using the acquired script 422 and the server private key 413 based on the control from the main control unit 452. Specifically, the acquired script 422 is compressed with a hash function program, and the value is encrypted with the server secret key 413, thereby generating a signature of the script (in the example of FIG. 15, the message M is the script 422). And the source private key Ks is the server private key 413). The signature of the script (signature for the script by the server 14) may be generated and stored in advance by the signature processing unit 454, and may be read out in the process of step S156.

  In step S157, the encryption unit 456 encrypts the script 422 acquired in the process of step S155 with the terminal SAM public key 432 based on the control from the main control unit 452.

  In step S158, the output unit 459 sends the signature of the script generated by the process of step S156 and the script encrypted by the process of step S157 via the network 12 based on the control from the main control unit 452. To the terminal SAM42.

  On the other hand, the input unit 201 of the terminal SAM 42 receives the script signature and the script encrypted by the terminal SAM public key 432 based on the control from the main control unit 202 in step S174.

  In step S175, the decrypting unit 208 decrypts the script encrypted with the terminal SAM public key 432 with the terminal SAM private key 144 based on the control from the main control unit 202.

  In step S176, the verification processing unit 206 performs decryption based on the control from the main control unit 202 and the server public key 132 (the server public key corresponding to the server ID 131 received in the predetermined step S171). 132) is used to verify the signature of the received script. Details of signature verification have been described above with reference to FIG. That is, the verification processing unit 206 verifies that the script is valid using the signature of the script and the server public key 132 based on the control from the main control unit 202.

  In step S177, the verification processing unit 454 determines whether or not the script is verified to be valid. If it is determined that the script is not verified, the verification processing unit 454 ends the process. If it is determined that the verification is valid, the process proceeds to step S178.

  In step S178, the main control unit 202 registers the script 422 verified as valid as the script 153 corresponding to the server ID 151 and the script ID 152 of the script folder 126, and ends the process. This script 153 is a script corresponding to the script ID specified in step S171 of FIG.

  19 and 20, when the terminal SAM 42 is requested to download a server ID, a script ID, and a script, a safe and surely corresponding script is acquired from the service provider server 14. be able to.

  Next, processing when the execution of a script is instructed at the terminal SAM 42 in FIG. 7 will be described. When the script execution is instructed to the terminal SAM 42 in FIG. 7 together with the designation of the script ID, the script corresponding to the script ID is not downloaded by the terminal SAM 42 (that is, the script instructed to execute is shown in FIG. When the processing of FIG. 20 has not yet been performed) or when the terminal SAM 42 has already downloaded the script for which execution has been commanded (that is, for the script for which execution has been commanded, the processing of FIG. 19 and FIG. 20 is performed). If already done). The former will be described with reference to the flowcharts of FIGS. 21 and 22, and the latter will be described with reference to the flowchart of FIG.

  FIGS. 21 and 22 are flowcharts for explaining processing in a case where execution of a script is instructed to the terminal SAM 42 and a script instructed to execute from the server 14 has not yet been acquired. This process is started when an administrator of the terminal SAM client 11 (for example, a store manager who manages the terminal SAM client 11) instructs the terminal SAM 42 to execute a script.

  In step S211, the main control unit 202 (FIG. 7) of the terminal SAM 42 receives the server ID, script ID, parameter specification, and script execution request from the administrator of the terminal SAM 42 via the input unit 201. . That is, the administrator of the terminal SAM 42 instructs the terminal SAM 42 to execute a script together with the server ID, script ID, and parameters of the script to be executed. As the parameter, for example, a value indicating use of an IC card provided by the service provider A and consumption of 100 yen from the IC card is specified. Note that the server ID and script ID are registered in the process of FIG. 18 described above.

  In step S212, the main control unit 202 searches the script folder 126 for a script corresponding to the server ID and script ID received in the process of step S211. Only one script ID 153 corresponding to one server ID 151 and script ID 152 is registered in the script folder 126 in FIG. 5, but actually, only the server ID and script ID (in other words, the script is registered). A number of such items are also registered. Therefore, in this process, it is searched whether or not the script corresponding to the server ID and script ID requested to be executed is registered in the script folder 126. In the example of the processing of FIG. 21 and FIG. 22, the script folder 126 does not have a script corresponding to the server ID and the script ID. Therefore, in the following processing, the processing corresponding to the script ID is requested from the service provider. To do.

  In step S213, the signature processing unit 206 of the terminal SAM 42 generates a script ID signature using the designated script ID and the terminal SAM private key 144. This process is the same as step S172 of FIG. The signature of the script ID may be generated in advance by the signature processing unit 206 and stored. In this case, the stored script ID is read out in the process of step S213.

  In step S214, the encryption unit 207 uses the server public key corresponding to the server ID received in step S211 based on the control from the main control unit 202, and uses the script ID, parameter, and terminal SAM identifier. Is encrypted. If the server ID received in the process of step S211 is the same as the server ID 131 of FIG. 5, the encryption unit 207 uses the server public key 132 to provide a script ID, parameters (provided by the service provider A). And the terminal SAM identifier 141 are encrypted.

  In step S215, based on the control from the main control unit 202, the output unit 210 creates the signature of the script ID and the encrypted “script ID, parameter, and terminal SAM identifier for the URL 133 specified by the server ID 131. 141 ".

  In response to this, the input unit 451 of the server 14 (service provider) corresponding to the URL 133 receives the signature of the script ID and the encrypted “script ID, parameter, and terminal SAM identifier 141” in step S191. Receive.

  In step S 192, the decryption unit 457 decrypts the encrypted “script ID, parameter, and terminal SAM identifier 141” with the server secret key 413 based on the control from the main control unit 452.

  In step S193, the main control unit 452 acquires the terminal SAM public key specified by the terminal SAM identifier 141 (the terminal SAM identifier 141 obtained by decryption). Specifically, the main control unit 452 acquires the terminal SAM public key 432 specified by the same terminal SAM identifier 431 as the terminal SAM identifier 141 obtained by decryption.

  In step S194, the verification processing unit 455 verifies the signature of the script ID using the script ID and the terminal SAM public key 432. Specifically, whether the value obtained by compressing the script ID with the hash program matches the signature of the script ID (the value obtained by decrypting the signature of the script ID received in the processing of step S191 with the terminal SAM public key 432). Thus, it is determined whether or not the signature of the script ID is valid, that is, whether or not the script ID has been tampered with.

  In step S195, the verification processing unit 455 determines whether or not the script ID is verified to be valid. If it is determined that the script ID is not verified, the processing ends. If it is determined in step S195 that the script ID is verified as valid, the process proceeds to step S196.

  In step S196, the main control unit 452 identifies a program from the script folder 405 in FIG. 12 based on the script ID obtained as a result of decryption in the process in step S192. For example, when the obtained script ID is the same as the script ID 421, the main control unit 452 specifies the program 423 associated with the script ID.

  In step S197, the program execution unit 458 executes the program based on the parameters and generates an execution result. For example, the program execution unit 458 executes the program 423 based on the parameter that the server 14 used 100 yen with the IC card that provides the service, and generates the execution result.

  Thus, on the server 14 side with high processing capability, the program is executed for the script ID, and on the terminal SAM 42 side with relatively low processing capability, the script is executed for the script ID.

  In step S198, the signature processing unit 454 generates a signature of the program execution result (signature for the program execution result by the server 14) using the program execution result and the server private key 413 based on the control from the main control unit 452. To do. In the example of FIG. 15, the message M is a program execution result, and the secret key of the transmission source is the server secret key 413.

  In step S199, the main control unit 452 identifies the terminal SAM public key 432 specified by the terminal SAM identifier 431 (the same terminal SAM identifier 431 as the terminal SAM identifier obtained by decryption in step S192) from the terminal SAM certificate folder 406. To get.

  In step S200, the encryption unit 456 encrypts the program execution result with the terminal SAM public key based on the control from the main control unit 452.

  In step S201, the output unit 459 outputs the signature of the program execution result (the signature generated by the process of step S198) and the encrypted program execution result (the program execution result encrypted by the process of step S200). It transmits to terminal SAM42.

  On the other hand, in step S216, the input unit 201 of the terminal SAM 42 receives the signature of the program execution result and the encrypted program execution result.

  In step S217, the decryption unit 208 decrypts the encrypted program execution result with the terminal SAM secret key 144. Thereby, a program execution result is obtained.

  In step S218, the verification processing unit 206 verifies the signature of the program execution result using the program execution result and the server public key 132 (the server public key 132 corresponding to the server ID 131 received in step S211). In other words, the verification processing unit 206 verifies that the program execution result is valid using the signature of the program execution result and the server public key 132 based on the control from the main control unit 202.

  In step S219, the verification processing unit 206 determines whether or not the program execution result has been verified to be valid. If it is determined that the program execution result has not been verified, the verification processing unit 206 ends the process. If it is determined in step S219 that the validity has been verified, the process proceeds to step S220, and the output unit 210 outputs a program execution result based on the control from the main control unit 202. For example, the output unit 210 notifies the execution result to the administrator of the terminal SAM 42 by outputting to a display (not shown) or the like. Thereafter, the process is terminated.

  Next, when the script execution is instructed together with the script ID designation to the terminal SAM 42 in FIG. 7, the terminal SAM 42 downloads the script instructed to execute (that is, for the script instructed to execute, FIG. 19 and the processing in the case of FIG. 20 (that is, the processing in the latter case described above) will be described with reference to the flowchart of FIG.

  In step S251, the main control unit 202 (FIG. 7) of the terminal SAM 42 receives the server ID and script ID designation and script execution request from the administrator of the terminal SAM 42 via the input unit 256 of FIG. . That is, the administrator of the terminal SAM 42 instructs the terminal SAM 42 to execute a script together with the server ID and script ID of the script to be executed. This script execution request includes parameters (for example, a parameter indicating use of an IC card provided by the service provider A and consumption of 100 yen from the IC card).

  In step S252, the main control unit 202 searches the script folder 126 for a script corresponding to the server ID and script ID received in the process of step S251. In the example of the process of FIG. 23, it is assumed that the script folder 126 includes a script 153 corresponding to the server ID 151 and the script ID 152. In the following process, the process corresponding to the script ID 152 is executed.

  In step S253, the script execution unit 209 of the terminal SAM 42 executes the designated script (script specified as a result of searching in the process of step S252) 153.

  In step S254, the main control unit 202 determines whether to access the IC card. For example, if the script requested to be executed in the process of step S251 is a script whose contents are to be accessed to the IC card, it is determined to access.

  If it is determined in step S254 that the IC card is accessed, in step S255, the output unit 210 transmits an access command to the IC card reader / writer antenna 43 (FIG. 3). At this time, a parameter corresponding to execution of the script (for example, a parameter indicating that the amount of 100 yen is subtracted) is also transmitted. When a plurality of instructions for accessing the IC card 51 are described in the script description, the output unit 210 issues a plurality of access instructions to the IC card reader / writer antenna 43 (FIG. 3). Send. When a plurality of commands for accessing the control terminal 41 and the server 14 are described in addition to commands for accessing the IC card in the script description, the output unit 210 sends the commands to the control terminal 41 and the server 14. To send (or access) an access command.

  On the other hand, the IC card reader / writer antenna 43 receives a command from the output unit 210 of the terminal SAM 42 in step S231, and accesses the IC card (IC card 51 in FIG. 3) in step S232.

  Then, in step S233, the IC card reader / writer antenna 43 transmits the access result (for example, a result indicating that the amount of 100 yen from the IC card 51 has been successfully subtracted) to the terminal SAM.

  On the other hand, in step S256, the input unit 201 of the terminal SAM 42 receives the accessed result (result indicating that the subtraction of the amount of 100 yen has been successful).

  When it is determined in step S254 that the IC card is not accessed, or after the processing in step S256, in step S257, the script execution unit 209 generates a script execution result, and the output unit 210 outputs this. The output unit 210 notifies the administrator of the terminal SAM 42 of the execution result by outputting the output to a display (not shown), for example. Thereafter, the process is terminated.

  21 to 23, if the corresponding script is downloaded at the time of executing the script, the script is executed in the terminal SAM 42, and if the corresponding script is not downloaded, the script is executed to the server 14 (service provider). By requesting, the administrator of the terminal SAM 42 can execute processing corresponding to the script ID regardless of whether or not the script is downloaded in the terminal SAM 42 only by specifying the script ID.

  Next, an example of processing when the terminal SAM 42 accesses the control terminal 41 during script execution will be described with reference to the flowchart of FIG. This process is a process that is started when a script is executed in step S253 of FIG. 23, for example.

  In step S291, the script execution unit 209 of the terminal SAM 42 determines whether a message exchange request with the control terminal 41 is described in the script being executed. When it is determined that the message exchange request with the control terminal 41 is described, in step S292, the output unit 210 is described in the script based on the control from the main control unit 202 via the script execution unit 209. The control terminal access description is transmitted to the control terminal 41 (FIG. 3). This control terminal access description is a description related to processing executed in the control terminal 41. If a plurality of commands for accessing the control terminal 41 are described in the script description, the output unit 210 transmits the access description to the control terminal 41 a plurality of times. When a plurality of commands for accessing the IC card 51 and the server 14 are described in addition to the control terminal access description in the script description, the output unit 210 sends the command to the IC card reader / writer 43 and the server 14. , Respectively, send (or access) an access command.

  On the other hand, the control terminal 41 (FIG. 3) receives the control terminal access description in step S271.

  In step S272, the control terminal 41 executes processing based on the received control terminal access description, and generates a control terminal access description result. In step S273, the control terminal 41 transmits the control terminal access description result to the terminal SAM.

  On the other hand, the input unit 201 of the terminal SAM 42 receives the control terminal access description result in step S293, and the main control unit 202 returns the control terminal access description result to the script execution unit 209 in step S294.

  In step S291, when it is determined that the message exchange request with the control terminal 41 is not described in the script, or after the process of step S294, the process ends.

  24, the terminal SAM 42 can exchange messages with the control terminal 41 even when a message exchange request with the control terminal 41 is described during script execution.

  Next, an example of processing when the server 14 is accessed during script execution will be described with reference to the flowcharts of FIGS. This process is a process that is started when a script is executed in step S253 of FIG. 23, for example.

  In step S331, the script execution unit 209 of the terminal SAM 42 determines whether a message exchange request with the server 14 is described in the script being executed based on the control from the main control unit 202. For example, when a script for purchasing a product of 120,000 yen with a corresponding IC card is executed and the limit of the IC card is 100,000 yen, the description of the corresponding script is the server 14 is a message exchange request description. If it is determined that a message exchange request with the server 14 is described, in step S332, the output unit 210 responds to the script being executed based on the control from the main control unit 202 via the script execution unit 209. The server public key and URL are acquired based on the server ID to be executed. For example, when the script being executed is the script 153 in FIG. 5, the main control unit 202 acquires the server public key 132 and the URL 133 corresponding to the server ID 131 having the same server ID as the server ID 151 of the script ID 152.

  In step S333, the signature processing unit 205 uses the terminal SAM secret key 144 based on the control from the main control unit 202 to sign the server access description and the script ID (the server access description by the terminal SAM 42 and the signature for the script ID). ) Is generated. In the example of FIG. 15, the message M is the server access description and the script ID, and the transmission source secret key Ks is the terminal SAM secret key 144.

  In step S334, the encryption unit 207 encrypts the server access description and the script ID with the server public key 132 (the server public key 132 acquired in the process of step S332) based on the control from the main control unit 202. .

  In step S335, the output unit 210, based on the control from the main control unit 202, the server access description and the signature of the script ID (signature generated in step S333), the encrypted server access description and the script ID (step S334). ) And the terminal SAM identifier 141 are transmitted to the URL 133. That is, the terminal SAM identifier 141, encrypted information (server access description and script ID), and signature (server access description and script ID signature) are transmitted.

  On the other hand, the input unit 451 of the server 14 as the service provider receives the server access description and the signature of the script ID, the encrypted server access description and the script ID, and the terminal SAM identifier 141 in step S311. (Accepts input).

  In step S312, the decryption unit 457 decrypts the encrypted server access description and script ID with the server private key (the server private key 413 in FIG. 12) based on the control from the main control unit 452.

  In step S313, the main control unit 452 acquires a terminal SAM public key specified by the terminal SAM identifier 141 received in the process of step S311. For example, when the terminal SAM identifier 141 and the terminal SAM identifier 431 in FIG. 12 are the same, the terminal SAM public key 432 specified by the terminal SAM identifier 431 is acquired.

  In step S314, the verification processing unit 455 uses the server access description and the script ID signature and the terminal SAM public key 432 acquired in the process of step S313 based on the control from the main control unit 452 to access the server. Verify description and script ID. Specifically, it is verified whether the result obtained by compressing the server access description and the script ID with the hash function program using the server secret key 413 matches the signature of the server access description and the script ID. Is done. That is, the verification processing unit 455 uses the server access description and script ID signature and the server secret key 413 based on the control from the main control unit 452 to confirm that the server access description and script ID are valid. Validate.

  In step S315, it is determined whether or not the server access description and the script ID are verified to be valid. If it is determined that the server access description and the script ID are not verified, the process is terminated. If it is determined in step S315 that the server access description and the script ID are verified as valid, the program execution unit 458 of the server 14 determines whether the server access description and script ID are valid based on the control from the main control unit 452 in step S316. A process is executed based on the server access description verified to exist, and a server access description result is generated.

  In step S317, the signature processing unit 454 generates a server access description result signature (signature for the server access description result by the server 14) using the server secret key 413 based on control from the main control unit 452.

  In step S318, the encryption unit 456 encrypts the server access description result with the terminal SAM public key 432 acquired in step S313 based on the control from the main control unit 452.

  In step S319, the output unit 459 transmits the signature of the server access description result (step S317) and the encrypted server access description result (step S318) to the terminal SAM 42 based on the control from the main control unit 452. To do.

  On the other hand, in step S336, the input unit 201 of the terminal SAM 42 receives the server access description result signature and the encrypted server access description result.

  In step S337, the decrypting unit 208 decrypts the encrypted server access description result with the terminal SAM secret key 144 based on the control from the main control unit 202.

  In step S338, the verification processing unit 206 uses the server access description result and the server public key 132 (the same public key as the server public key used in the process of step S334) based on the control from the main control unit 202 to The signature of the access description result is verified (similar to the verification process described above). That is, the verification processing unit 206 verifies that the server access description result is valid using the signature of the server access description result and the server public key 132 based on the control from the main control unit 202.

  In step S339, the verification processing unit 206 determines whether or not the server access description result is verified as valid. If it is determined that the server access description result is verified as valid, the main control unit 202 is determined in step S340. Returns the server access description result to the script execution unit 209 and ends the process. If it is determined in step S339 that the validity has not been verified, the process ends.

  26, when access to the server 14 is necessary during the execution of the script, the message is encrypted with the public key of the receiver (for example, the server 14) that receives the message and transmitted to the server 14. Message exchange can be performed securely. Further, during the execution of the script, advanced branch processing based on the contents described in the script can be performed.

  Next, after the script is executed in the terminal SAM 42 while the server 14 and the terminal SAM 42 are offline, the processing result is saved as a log, and the server 14 and the terminal SAM 42 later come online when the server 14 and the terminal SAM 42 come online. 14 will be described with reference to FIGS. 27 and 28.

  FIG. 27 is a flowchart for explaining an example of processing executed in the terminal SAM 42 and the IC card reader / writer antenna 43 (FIG. 3). This process basically corresponds to the process of FIG. 23, and will be described by appropriately using the process of FIG.

  The processing in steps S371 through S373 corresponds to steps S251 through S253 in FIG.

  In step S374, the output unit 210 transmits an access command to the IC card reader / writer antenna 43 (FIG. 3). At this time, a parameter corresponding to execution of the script (for example, a parameter indicating that the amount of 100 yen is subtracted) is also transmitted.

  The processing of steps S351 to 353 of the IC card reader / writer antenna 43 corresponding to this corresponds to the processing of steps S231 to S233 of FIG.

  In step S375, the input unit 201 of the terminal SAM 42 receives the access result (the result indicating that the subtraction of the amount of 100 yen has been successful).

  In step S376, the script execution unit 209 generates a script execution result.

  In step S377, the main control unit 202 adds the script ID (script ID specified in step S371) and time information (current time information) to the script execution result to obtain script execution result additional information.

  In step S378, the signature processing unit 205 uses the terminal SAM private key 144 to sign the script execution result additional information (in FIG. 15, the message M is the script execution result additional information, and the source private key Ks is the terminal SAM private key 144).

  In step S379, the main control unit 202 registers the signature of the script execution result additional information generated in step S378, the server ID, and the script execution result additional information as the log 171 of the log folder 128.

  With the processing in FIG. 27, the script execution result with time information and script ID added is registered in the log 171. This process is repeated between the terminal SAM 42 and the server 14 and is executed each time the script is executed, whereby a plurality of logs are registered in the log folder 128.

  Next, with reference to the flowchart of FIG. 28, processing when the log 171 (a plurality of) registered in the log folder 128 by repeating the processing of FIG. 27 is transmitted to the server 14 will be described.

  In step S411, the main control unit 202 of the terminal SAM 42 determines whether it is connected to the server 14 and waits until it is connected. That is, the subsequent processing is started when the server 14 and the terminal SAM 42 are online (connected).

  If it is determined in step S411 that the server 14 and the terminal SAM 42 are connected, the main control unit 202 searches the server certificate folder 123 for the server ID of the connected server 14 in step S412, and acquires the URL. To do. For example, when the server ID of the connected server 14 is the server ID 131 in FIG. 5, the main control unit 202 acquires the URL 133 of the server ID 131.

  In step S413, the main control unit 202 acquires logs having the same server ID from the logs registered in the log folder 128. As described above with reference to FIG. 27, since the log includes a server ID in addition to the script execution result additional information, the main control unit 202 has a log having the same server ID based on this server ID. To get. For example, the log 171 in FIG. 5 is acquired.

  In step S414, based on the control from the main control unit 202, the encryption unit 207 converts the server ID and script execution result additional information included in the log 171 into the server public key 132 (the server public key corresponding to the server ID). Encrypt with

  In step S415, the output unit 210, based on the control from the main control unit 202, the signature of the script execution result additional information (the signature of the script execution result additional information included in the log acquired in step S413, ie, FIG. 27). The signature generated in step S378), the encrypted “server ID and script execution result additional information”, and the terminal SAM identifier 141 are transmitted to the URL 133 (the URL acquired in the process of step S412). In other words, information including (at least) the terminal SAM identifier 141, the encrypted result (the result of encrypting the server ID and the script execution result additional information), and the signature (the signature of the script execution result additional information) is transmitted. Is done.

  In contrast, in step S391, the input unit 451 of the server 14 receives the signature of the script execution result additional information, the encrypted server ID and script execution result additional information, and the terminal SAM identifier 141.

  In step S392, the decryption unit 457 decrypts the encrypted server ID and script execution result additional information using the server secret key 413.

  In step S393, the main control unit 452 acquires a terminal SAM public key corresponding to the terminal SAM identifier received in step S391. For example, the terminal SAM public key 432 of the terminal SAM identifier 391 in FIG. 12 is acquired.

  In step S394, the verification processing unit 455 verifies the signature of the script execution result additional information using the script execution result additional information and the terminal SAM public key 432 based on the control from the main control unit 452, and in step S395. Then, it is determined whether or not the script execution result additional information is valid. That is, the verification processing unit 455 verifies that the script execution result additional information is valid using the signature of the script execution result additional information and the terminal SAM public key 432 based on the control from the main control unit 452. .

  In step S395, when it is determined that the script execution result additional information is verified as valid, the main control unit 452 extracts the script ID and time information added to the script execution result additional information and stores them as a log. After that, the process ends. If it is determined in step S395 that the validity has not been verified, the process ends.

  27 and 28, the time information is added to the script execution result to add a signature, and the signature is registered as a log 171 in the terminal SAM 42, thereby establishing a communication connection with the server 14 of the service provider. You can upload them all at once.

  As described above, since the certification authority 13 certifies the terminal SAM 42, the service provider (server 14) can recognize the certified terminal SAM 42 and exchange data.

  That is, the accreditation body 13 authorizes (certifies) that the capability of the terminal SAM 42 is normal, so that the service provider can easily determine the authorized terminal SAM 42.

  In this way, a third party (for example, a service providing a pre-registered script is provided without referring to the script stored or registered in the terminal SAM 42 or the execution status thereof. Scripts that can be executed by a service provider B) different from the provider A can be stored.

  Also, the service provider (server 14) obtains the signature of the terminal SAM public key (terminal SAM certificate) issued by the certification authority 13 from the terminal SAM 42, and the terminal SAM public key is valid based on this signature. By verifying this, it is possible to reliably and easily recognize that the terminal SAM 42 is an authorized terminal SAM. On the other hand, the terminal SAM 42 obtains the certificate of the service provider (server 14) (the server certificate folder 123 in FIG. 5) from the server 14, and when a script or the like is transmitted from the server 14. By verifying the script (for example, step S176 in FIG. 20), the terminal SAM 42 can receive only safe information. By performing such processing, content can be transmitted and received safely (in agreement) between the service provider (server 14) and the terminal SAM client 11.

  Further, the terminal and the server can easily authenticate. In addition, the terminal and the server can exchange information safely and easily. Furthermore, server management costs can be reduced.

  In addition, with the configuration as described above, a plurality of scripts can be managed and registered, deleted, or updated with scripts at any time. In addition, scripts from different service providers can be stored safely. For example, even when a script from the service provider A and a script from the service provider B are stored in the terminal SAM 42 and the service provider B updates the script, the service provider B provides the service provider B himself / herself. You can only see the script you are doing. This is because the script folder 126 in FIG. 5 stores the script 153 for the server ID 151 and the script ID 152.

  Further, by storing the terminal SAM 42 in the terminal SAM client 11, a script managed by the terminal SAM 42 is executed, and the card access processing described in the script is performed using the IC card reader / writer antenna 43. You can also do this by accessing

  Furthermore, the script ID list possessed by the service provider is stored in the script folder 126 (security box) of the terminal SAM 42. If a script corresponding to the script ID is downloaded at the time of script execution, the script ID list in the terminal SAM 42 (security box) is stored. (For example, FIG. 21 and FIG. 22), and if it has not been downloaded, the service provider requests execution (for example, FIG. 23). Execution instructions can be issued regardless of whether or not it has been downloaded.

  Further, time information is given together with the signature of the processing result after executing the script and temporarily stored in the terminal SAM 42 (log folder 128) (for example, FIG. 27), and the communication connection with the server 14 of the service provider is established. Since uploading is performed collectively when established (FIG. 28), the terminal SAM client 11 can be used even offline. In the above example, the signature of the processing result after executing the script and the time information are stored in the log folder 128, but may be stored in the control terminal 41.

  Further, during the execution of the script, communication is performed by encrypting with the public key (certificate) of the receiver that receives the message (for example, FIG. 25), thereby accessing the card or sending a processing request to the upper client or upper server. Message exchange can be performed securely and advanced branch processing based on it can be performed in the script.

  In the above example, management of a script has been described, but a key may be managed in addition to a script. In the case of key exchange, the same processing as described above is performed.

  Further, in the above example, the message M to be transmitted is encrypted with the public key of the receiving side, and the signature of the message M is transmitted together with the encrypted message M. You may make it send together encrypted. That is, after the signature of the message M is generated, the signature of the message M and the message M may be encrypted with the public key on the receiving side and transmitted.

  In this way, the service provider can provide the terminal SAM with a script and a key with confidence by recognizing the terminal SAM.

  Also, by executing the script and key provided by the service provider securely in the terminal SAM 42 and accessing the IC card, the script can be executed offline while preventing an unauthorized operation unintended by the service provider. Can do.

  In this way, instead of storing the script in the IC card, the script is stored in the terminal SAM 42 and the process is executed, so that the data in the IC card is not changed and is independent of the authority of the IC card owner. You can add, update, or delete scripts at any time.

  Further, by storing data (data such as card information) in the IC card and storing the script in the terminal SAM 42, the owners can be clearly separated.

  Furthermore, it is not necessary to distribute the same script to all of the IC cards, and it is only necessary to distribute it to the accessing terminal SAM, so that the processing cost for updating the script or key can be suppressed.

  Further, the administrator of the terminal SAM client 11 can request the terminal SAM 42 to execute the script without being aware of whether or not the script is downloaded in the terminal SAM 42.

  Furthermore, to update the script in the IC card, it is necessary to hold the IC card, but since the script is stored in the terminal SAM 42, it can be updated at any time and the IC card owner must wait for the update time. There is no.

  Further, since the script can be executed in the terminal SAM 42, high-speed processing can be performed by the terminal SAM 42 having a sufficient processing performance instead of an IC card having a low processing performance.

  Furthermore, even if the service provider's script is executed when the terminal SAM 42 and the server 14 are offline, the terminal SAM 42 stores the log together with the time information. Then, the execution log can be uploaded to the service provider, and the offline execution result at the terminal SAM 42 can be synchronized on the server 14 side.

  Further, a part of the processing performed by the server 14 can be distributed to the terminal SAM 42 (FIG. 25), and the communication cost between the client and the server can be reduced.

  Furthermore, the encryption method is not limited to the method described above, and may be a method using a common key, for example.

  Moreover, in the above example, about the location described as encrypting specific information (for example, script), it shows enciphering what includes at least the specific information. That is, the description “encrypt specific information” indicates that “the specific information is included in the information to be encrypted”.

  Further, the terminal SAM client 11 can be applied to other information processing apparatuses as long as they process information. For example, a personal computer provided with an IC card reader / writer antenna may be used as the terminal SAM client 11.

  In the above example, the ID is used to distinguish each, but identification information for identifying the information may be used.

  The series of processes described above can be executed by hardware or can be executed by software. When a series of processing is executed by software, a program constituting the software is installed from a network or a recording medium.

  As shown in FIG. 4 (and FIGS. 8 and 11), this recording medium is a package comprising a removable medium 91 on which a program is recorded, which is distributed to provide a program to the user, separately from the computer. In addition to being composed of media, it is composed of a ROM 72 on which a program is recorded and a hard disk including a storage unit 78 provided to the user in a state of being pre-installed in the apparatus main body. The same applies to FIGS. 8 and 11.

  In the present specification, the step of describing a computer program includes not only processing performed in time series according to the described order but also processing executed in parallel or individually even if not necessarily processed in time series. Is also included.

  Further, in this specification, the system represents the entire apparatus composed of a plurality of apparatuses.

It is a figure which shows the example of a whole structure of the information processing system to which this invention is applied. It is a figure explaining the server of FIG. It is a figure which shows the functional structural example of the terminal SAM client of FIG. It is a block diagram which shows the structural example of the hardware of the terminal SAM of FIG. It is a figure explaining the information memorize | stored in the memory | storage part of FIG. It is a figure explaining the information contained in the public secret key logic of FIG. It is a block diagram which shows the functional structural example of the terminal SAM of FIG. It is a block diagram which shows the structural example of the hardware of the certification | authentication organization of FIG. It is a figure explaining the information memorize | stored in the memory | storage part of FIG. It is a block diagram which shows the functional structural example of the accreditation organization of FIG. It is a block diagram which shows the structural example of the hardware of the server of FIG. It is a figure explaining the information memorize | stored in the memory | storage part of FIG. It is a block diagram which shows the functional structural example of the server of FIG. It is a figure explaining a digital signature and encryption. It is a figure explaining a digital signature. It is a flowchart explaining the process in which the accreditation body authorizes the terminal SAM. It is a flowchart explaining the process in which a server verifies terminal SAM. It is a flowchart explaining the process which terminal SAM receives and registers script ID from a server. It is a flowchart explaining the process which terminal SAM downloads a script from a server. It is a flowchart explaining the process which terminal SAM downloads a script from a server. It is a flowchart explaining a process in case the script performed by terminal SAM is not downloaded. It is a flowchart explaining a process in case the script performed by terminal SAM is not downloaded. It is a flowchart explaining a process when the script to be executed by the terminal SAM has been downloaded. It is a flowchart explaining the process in the case of accessing with respect to a control terminal during script execution. It is a flowchart explaining the process in the case of accessing with respect to a server during script execution. It is a flowchart explaining the process in the case of accessing with respect to a server during script execution. It is a flowchart explaining the process which stores the log of a script execution result. It is a flowchart explaining the process in the case of transmitting the log stored in terminal SAM to a server.

Explanation of symbols

  1 Information processing system, 11 Terminal SAM client, 14 Server, 42 Terminal SAM, 43 IC card reader / writer antenna, 123 Server certificate folder, 124 Terminal SAM specific information, 126 Script folder, 127 Terminal SAM common information, 128 Log folder, 131 Server ID, 132 Server Public Key, 133 URL, 141 Terminal SAM Identifier, 142 Terminal SAM Public Key Signature, 143 Terminal SAM Public Key, 144 Terminal SAM Private Key, 151 Server ID, 152 Script ID, 153 Script, 161 Certification Institution public key, 171 log, 202 main control section, 204 encoding section, 205 signature processing section, 206 verification processing section, 209 script execution section, 303 authorized institution information, 304 terminal SAM certificate folder 321 terminal SAM identifier, 322 terminal SAM public key, 353 decoding unit, 354 signature processing unit, 404 service provider specific information, 405 script folder, 406 terminal SAM certificate folder, 407 service provider common information, 441 URL, 412 server Public key, 413 server private key, 421 script ID, 422 script, 423 program, 431 terminal SAM identifier, 432 terminal SAM public key, 441 certification authority public key, 454 signature processing unit, 455 verification processing unit, 458 program execution unit

Claims (11)

In an information processing system comprising a terminal device that manages information relating to an IC card, a server that provides information to the terminal device, and an authorization device that certifies the terminal device,
The terminal device
Encoding means for encoding a terminal identifier unique to the terminal device and a second key corresponding to the first key of the terminal device;
First transmitting means for transmitting the unencoded terminal identifier, the terminal identifier encoded by the encoding means, and the second key to the authorized device;
A first receiving means for receiving a signature of a second key transmitted from the authorized device in response to transmission by the first transmitting means;
First storage means for storing the signature of the second key received by the first receiving means together with the terminal identifier;
Second transmission means for transmitting the second key, the signature of the second key stored in the first storage means, and the terminal identifier to the server;
The certified device is
Second receiving means for receiving the terminal identifier and the encoded terminal identifier and the second key transmitted by the first transmitting means of the terminal device;
Decoding means for decoding the encoded terminal identifier and the second key received by the second receiving means;
Confirmation means for confirming whether or not the terminal identifier obtained by decoding by the decoding means matches the terminal identifier received by the second receiving means;
When the confirmation means confirms that the decoded terminal identifier matches the received terminal identifier, a signature for the second key is generated using a third key of the authorization device. 1 signing means;
A third transmitting means for transmitting the signature of the second key generated by the first signing means to the terminal device;
The server
Third receiving means for receiving the second key transmitted by the second transmitting means of the terminal device, the signature of the second key, and the terminal identifier;
Whether the second key is valid by using the signature of the second key received by the third receiving unit and the fourth key corresponding to the third key of the authorization device. A first verification means for verifying;
When the first verification unit verifies that the second key is valid, the information processing method includes: the terminal identifier; and a second storage unit that stores the second key. system. The terminal device
A second signing means for generating a signature of identification information for identifying the information using the first key when requesting predetermined information from the server;
Fourth transmission means for transmitting the signature of the identification information generated by the second signature means, the identification information, and the terminal identifier to the server;
And further comprising a fourth receiving means for receiving the information transmitted from the server in response to transmission by the fourth transmitting means,
The server
Fifth reception means for receiving the signature of the identification information, the identification information, and the terminal identifier transmitted by the fourth transmission means of the terminal device;
The signature of the identification information received by the fifth receiving means and the second key stored in the second storage means corresponding to the terminal identifier received by the fifth receiving means; Second verification means for verifying whether the identification information is valid using
5. A fifth transmission unit configured to transmit the information corresponding to the identification information to the terminal device when the identification information is verified to be valid by the second verification unit. 1. The information processing system according to 1. The information processing system according to claim 1, wherein the information is a script or a key related to the IC card. The encoding means encodes a terminal identifier unique to the terminal device and the second key using a fourth key corresponding to the third key of the authorized device,
The information processing system according to claim 1, wherein the decoding unit decodes the encoded terminal identifier and the second key using the third key. In an information processing method of an information processing system including a terminal device that manages information related to an IC card, a server that provides information to the terminal device, and an authorized device that certifies the terminal device,
The terminal device
Encoding a terminal identifier unique to the terminal device and a second key corresponding to the first key of the terminal device;
Transmitting the unencoded terminal identifier and the encoded terminal identifier and the second key to the authorized device;
The certified device is:
Receiving the terminal identifier, the encoded terminal identifier and the second key transmitted from the terminal device;
Decoding the received encoded terminal identifier and the second key;
Check whether the terminal identifier obtained by decoding and the received terminal identifier match,
If it is confirmed that the decoded terminal identifier matches the received terminal identifier, a signature of the second key is generated using a third key of the authorized device,
Transmitting the generated signature of the second key to the terminal device;
The terminal device
Receiving the signature of the second key transmitted from the authorized device;
Controlling to store the received signature of the second key together with the terminal identifier;
Sending the second key, the signature of the second key whose storage is controlled, and the terminal identifier to the server;
The server
Receiving the second key, the signature of the second key, and the terminal identifier transmitted from the terminal device;
Verifying that the second key is valid using the received signature of the second key and a fourth key corresponding to the third key of the authorized device;
When the verification verifies that the second key is valid, storage of the terminal identifier and the second key is controlled. In an information processing device that exchanges information with a server and an authorized device that provide information about an IC card,
Encoding means for encoding a terminal identifier unique to the terminal device and a second key corresponding to the first key of the terminal device;
First transmitting means for transmitting the unencoded terminal identifier, the terminal identifier encoded by the encoding means, and the second key to the authorized device;
In response to the transmission by the first transmission means, the first receiving the signature of the second key, which is the signature generated using the third key of the authorized device, transmitted from the authorized device. Means for receiving
Storage means for storing the signature of the second key received by the first receiving means together with the terminal identifier;
An information processing apparatus comprising: the second key, a signature of the second key stored in the storage unit, and a second transmission unit that transmits the terminal identifier to the server. When requesting predetermined information from the server, a signature means for generating a signature of identification information for identifying the information using the first key;
Third transmission means for transmitting the signature of the identification information generated by the signature means, the identification information, and the terminal identifier to the server;
The information processing apparatus according to claim 6, further comprising: a second reception unit that receives the information transmitted from the server in response to transmission by the third transmission unit. The information processing apparatus according to claim 7, wherein the information is a script or a key related to the IC card. The encoding means encodes a terminal identifier unique to the terminal device and the second key using the fourth key corresponding to the third key of the authorized device. Item 7. The information processing device according to Item 6. In an information processing method of an information processing apparatus for exchanging information with a server and an authorized apparatus that provide information on an IC card,
An encoding step of encoding a terminal identifier unique to the terminal device and a second key corresponding to the first key of the terminal device;
A first transmission step of transmitting the unencoded terminal identifier, the terminal identifier encoded by the encoding means, and the second key to the authorized device;
In response to the transmission by the processing of the first transmission step, the signature of the second key, which is the signature generated using the third key of the authorized device, transmitted from the authorized device is received. Receiving step;
A storage control step for controlling to store the signature of the second key received by the processing of the reception step together with the terminal identifier;
And a second transmission step of transmitting the second key, the signature of the second key whose storage is controlled by the processing of the storage control step, and the terminal identifier to the server. Processing method. A program for processing information related to an IC card,
An encoding step of encoding a terminal identifier unique to the terminal device and a second key corresponding to the first key of the terminal device;
A first transmission step of transmitting the unencoded terminal identifier, the terminal identifier encoded by the encoding means, and the second key to the authorized device;
In response to the transmission by the processing of the first transmission step, the signature of the second key, which is the signature generated using the third key of the authorized device, transmitted from the authorized device is received. Receiving step;
A storage control step for controlling to store the signature of the second key received by the processing of the reception step together with the terminal identifier;
Causing the computer to execute a process including: the second key; a signature of the second key whose storage is controlled by the process of the storage control step; and a second transmission step of transmitting the terminal identifier to the server. A program characterized by that.

Images