JP2006101289A - Information encryption system, management server, service provisioning server, information processing apparatus, and its program and method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an information encryption system capable of decoding contents for each service provider using a fixed program, regardless of the number of service providers, and managing each service provider and the content of each service independently. <P>SOLUTION: A management server 140 does not generate newly an encryption key for each service provisioning server utilized by service provisioning servers 130, but it generates the key using a known information identifying a service provisioning server and a predetermined region allocated to the service provisioning server. Accordingly, an information processing apparatus 120 can also calculate a decoding key for each service provisioning server from the information identifying the predetermined region allocated to the service provisioning server. Thereby, it is not necessary to manage a lot of decoding keys, and information unique to each service provisioning server can be kept. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to an information encryption system, a management server, a service providing server, an information processing apparatus, and a program and method thereof.

  In recent years, non-contact type or contact type IC cards with built-in ICs that can perform wireless communication can use a plurality of applications, and users can use these IC cards to check the ticket gates of stations. It is possible to open and close automatic ticket gates installed at the mouth and to shop.

  Some IC cards have a service with a key that requires high security and a service without a key that has low security and can be accessed relatively easily. In the above case, each service is properly used by using a service with a key for writing to the IC card and using a service without a key when using a viewer or the like.

  However, in the keyless setting, information written in markup languages and scripts can be easily read, and information such as service providers that provide services and access areas in IC cards can be easily known. There is sex.

  In order to protect such information, a technique is known in which a program authentication code is used separately from an access program for an IC card, and only an access program having the same program authentication code can access the IC card. (For example, patent document 1). However, this technology eliminates unauthorized access programs and does not prevent information leakage.

  Further, a technique is known in which information described in the markup language or script is encrypted using a PIN (Personal Identification Number) as an encryption key, and the desired PIN information is obtained by using the PIN when used (for example, Technical Document 2). With this technique, it is possible to prevent the information from being known to anyone other than the person by the above encryption. However, in such a configuration, the user is required to input a PIN every time the service is used, which is troublesome. In order to make this authentication automatic, if a key for each service provider is provided, the decryption program in the user's information processing apparatus must manage an enormous amount of keys. When entering, the corresponding key must be added to the decryption program (program update).

JP 2003-271904 A Japanese Patent Laid-Open No. 2002-216081

  The present invention has been made in view of the above-described problems of the conventional method of accessing an IC card, and the object of the present invention is to provide a fixed program for each service provider regardless of the number of service providers. New and improved information encryption system, management server, service providing server, information processing apparatus, and the like capable of decrypting content and managing each service provider and each service content independently To provide programs and methods.

  In order to solve the above-described problem, according to an aspect of the present invention, a mobile communication device and a predetermined area of the memory in the mobile communication device are allocated to a service providing server, and a service specification that specifies the predetermined area of the service providing server is specified. Based on the management server that generates information, the service providing server that generates partial specifying information that specifies a predetermined partial area within the predetermined area, and the mobile communication device based on the service specifying information and the partial specifying information An information encryption system including an information processing apparatus: the management server encrypts a character string specifying at least a predetermined area of the service providing server using a first key as an encryption key, A first key encryption unit serving as service specifying information; a second key added to a character string specifying a predetermined area of the service providing server; A second key hash unit for generating a service value; and a management transmission unit for transmitting the service specifying information and the hash value to the service providing server. The service providing server receives the service specifying information from the management server. And a service providing receiving unit that receives the hash value; a hash encryption unit that encrypts at least a character string that specifies a predetermined partial area in the predetermined area using the hash value as an encryption key and uses this as partial specifying information A service provision transmitting unit that transmits the service identification information and the partial identification information to the information processing apparatus, and the information processing apparatus receives the service identification information and the partial identification information from the service providing server. Only the management server and the information processing device have the information processing receiving unit; the service specifying information and the partial specifying information. An information decoding unit for decoding only using the first key and the second key; specifying a predetermined area and a predetermined partial area from the result of the decoding, and accessing the predetermined partial area of the portable communication device An information encryption system comprising: an access processing unit that executes

  For the encryption and decryption, a secret key scheme or a public key scheme such as AES (Advanced Encryption Standard) can be applied. Further, it may be confirmed whether or not the decoding is correctly performed at the time of decoding. Moreover, SHA-1, MD5, etc. are applicable to the said hash.

  Here, the management server is a server owned by an administrator who provides the information encryption system, and the service providing server is provided with the information encryption system and uses the information encryption system, It is a server that provides services such as content distribution to a user having a mobile communication device. The information processing device is a user interface that communicates with the mobile communication device, and is a device that displays service contents from the service providing server and relays the service to the mobile communication device. The mobile communication device is a portable device such as an IC card or a mobile phone, and has a memory for storing information corresponding to the service of the service providing server.

  The information processing device decrypts the service specifying information and the partial specifying information that are encrypted to perform access processing with the mobile communication device. Here, if each service providing server can generate partial identification information with a common encryption key, the partial identification information of itself can be decrypted by other service providers. Therefore, a unique encryption key is required for each service providing server, but at the same time, the information processing apparatus needs to have all the corresponding decryption keys.

  In the present invention, the management server does not newly generate an encryption key used in the service providing server for each service providing server, but stores known information for specifying the service providing server and a predetermined area assigned to the service providing server. Generate by using. Therefore, also in the information processing apparatus, the decryption key for each service providing server can be calculated from the information specifying the predetermined area of the service providing server, and it is not necessary to manage a large amount of decryption keys.

  With this configuration, the information processing apparatus refers to only the fixed first key and the second key, and is a predetermined area of the service providing server, which is all information necessary for access processing, and a further portion within the predetermined area. Specific partial areas can be identified.

  Further, since the service providing server does not have the first key and the second key, it is not possible to specify a service providing server or a service area other than itself. Furthermore, since the information transmitted from the management server to the service providing server is only the hash value used as the encryption key, even if the service provider knows the predetermined area of the service providing server, the second value is calculated from the hash value. The key cannot be estimated.

  Of course, a general user cannot estimate the first key and the second key, and cannot specify either the predetermined area or the predetermined partial area. In addition, even if such service specific information or partial specific information is falsified, inconsistencies such as inconsistencies with the predetermined area of the service providing server or the predetermined partial area not being included in the predetermined area will result in unauthorized access. Can be prevented.

  In addition, since a unique encryption key is assigned to each predetermined area provided in the memory of the mobile communication device or to each predetermined partial area in the predetermined area, each area can be managed independently. it can.

  In order to solve the above problem, according to another aspect of the present invention, an area allocating unit that allocates a predetermined area of a memory in a mobile communication device to a service providing server; and a character string that specifies at least the predetermined area of the service providing server A first key encryption unit that encrypts the first key as an encryption key and uses this as service specifying information; and adds a second key to a character string specifying a predetermined area of the service providing server, and further adds a hash value A management server is also provided, comprising: a second key hash unit to be generated; and a management transmission unit that transmits the service specifying information and the hash value to the service providing server.

  As described above, the management server does not newly generate an encryption key used by the service providing server for each service providing server, but identifies a service providing server and a predetermined area assigned to the service providing server. Generate using information. Therefore, also in the information processing apparatus, the decryption key for each service providing server can be calculated from the information specifying the predetermined area of the service providing server, and it is not necessary to manage a large amount of decryption keys.

  With this configuration, service specifying information that can be decrypted only by the management server and the information processing apparatus having the first key and the second key is generated, and used as an encryption key by the service providing server to be accessed by each service providing server. A hash value that is unique corresponding to the predetermined area can be generated.

  In order to solve the above-mentioned problem, according to still another aspect of the present invention, at least a character string specifying a predetermined area assigned to the service providing server of a memory in a mobile communication device is used, and a first key is used as an encryption key. A service provision receiving unit that receives from the management server service identification information encrypted as a hash value generated by adding a second key to a character string that identifies at least a predetermined area of the service provision server; A hash encryption unit that encrypts a character string that identifies a predetermined partial area within a predetermined area using the hash value as an encryption key and uses the encrypted value as partial identification information; and at least the service identification information and partial identification information, A service providing server comprising: a service providing transmitting unit for transmitting to an information processing device communicating with a portable communication device; That.

  The service providing server can further encrypt the predetermined partial area in the predetermined area using the hash value unique to the service providing server or the predetermined area received from the management server as an encryption key. With this configuration, the user cannot illegally access the predetermined partial area unless information on the encryption key (hash value) is leaked from the service providing server.

  A content generation unit that generates content; and an output information generation unit that generates screen output information that defines at least the format when the content is output to the screen or the data structure of the content. The service provision transmitting unit can embed the screen output information, service specifying information, and partial specifying information in the content, and transmit the content to the information processing apparatus.

  With this configuration, the service providing server can provide content to the user information processing apparatus as part of the service. The information processing apparatus that has received this content outputs the content to the screen based on the screen output information, and further performs access processing to the mobile communication device using the service specifying information and the partial specifying information.

  In order to solve the above-mentioned problem, according to still another aspect of the present invention, at least a character string specifying a predetermined area assigned to the service providing server of a memory in a mobile communication device is used, and a first key is used as an encryption key. And specifying at least a predetermined partial area in the predetermined area by using the encrypted service specifying information and the hash value generated by adding the second key to the character string specifying the predetermined area of the service providing server as an encryption key An information processing receiving unit that receives the partial identification information obtained by encrypting the character string from the service providing server; an information decrypting unit that decrypts the service identification information and the partial identification information; An access processing unit that identifies a partial area and executes an access process on the predetermined partial area of the mobile communication device; Broadcasting processing apparatus is also provided. Further, the information decryption unit may decrypt using only the first key and the second key possessed only by the management server and the information processing apparatus.

  The information processing apparatus includes all of the service identification information encrypted by the management server, the partial identification information encrypted by the service providing server, and the first key and the second key, all necessary for access processing to the mobile communication apparatus. Information, that is, a predetermined area of the service providing server and a partial predetermined partial area within the predetermined area can be specified.

  In this decryption, the service specifying information is decrypted using the first key as a decryption key, and the service providing server and the predetermined area are specified. Further, a hash value is generated by adding a second key to information specifying the service providing server and the predetermined area, and the predetermined partial area is specified by decrypting the partial specifying information using the hash value as a decryption key. Therefore, the information processing apparatus does not need to hold individual identifiers corresponding to the predetermined area and the predetermined partial area of the service providing server, and accesses the mobile communication apparatus using only the fixed first key and second key. be able to.

  The information processing receiving unit may receive content including the service specifying information and the partial specifying information together with a format when the content is output on the screen or screen output information that defines at least the data structure of the content. A browser that outputs the content to the screen based on the screen output information after receiving the content may be further provided.

  With this configuration, the information processing apparatus can receive content from the service providing server, and uses the service specifying information and the partial specifying information in the content to access the mobile communication device and is included in the content. The content can be output to the screen based on the screen output information. A user having a portable communication device can specify more detailed processing of the service while referring to the output of the screen.

  The content may be a Web page described in a markup language, and the screen output information, service specifying information, and partial specifying information may be information identified by tags.

  The browser can easily read out the screen output information, service specifying information, and partial specifying information embedded in the read content in conjunction with the reading of the content. That is, the initialization operation for establishing the authentication action and communication with the portable communication device is performed by a program such as a plug-in downloaded in advance from a management server or installed from a storage medium provided by the management server. , Information that specifies only a predetermined partial area of the mobile communication device that the user accesses may be included in the content and transmitted. Moreover, the content may be a Web page described in a markup language, and the screen output information, the service specifying information, and the partial specifying information for specifying the predetermined partial area may be represented by tags. Therefore, the service providing server does not need to construct a complicated program to access such a mobile communication device, and costs such as development costs are reduced.

  A content storage unit that stores the content may be further provided. With the configuration for storing such content, it is possible to always refer to the content and the screen output information, service specifying information, and partial specifying information included in the content, and even when the mobile communication device is offline with the service providing server. Can be accessed.

  The access process may be at least one of a process of reading data from a predetermined partial area of the mobile communication device and a process of writing data to the predetermined partial area. Further, the access process according to the present invention is not limited to the read process or the write process, and for example, the access process includes information delivery and the like.

  The access process may be performed by wireless communication based on the short-range wireless standard. Here, the near field communication (NFC) is a wireless communication frequency of 13.56 MHz and a communication speed of, for example, 212 Kbps that can perform contactless communication only within a narrow range of about 10 cm. This refers to the communication system that you have.

  In communication based on such short-range wireless standards (hereinafter referred to as NFC), non-contact communication is performed only within a narrow range of about 10 cm. Therefore, the reader / writer for communication purposes can be easily grasped by the user's vision. Recognizable and easy-to-understand communication processing by hand action. Here, the data to be read from the reader / writer is prepared in advance in the information processing apparatus, and the user applies the data by holding or attaching the portable communication device to a portion where such a reader / writer is provided. Data is available.

  A result display unit that displays the result of the access process for the portable communication device on a screen may be further provided. Moreover, the result of the access process displayed on the screen of the information processing apparatus according to the present invention can be exemplified by a message for appreciating the balance of electronic money or the purchase of goods.

  Although the present invention mainly protects (encrypts and decrypts) information related to access processing to the mobile communication device, data transmitted and received by the access processing may be encrypted.

  In order to solve the above problems, according to another aspect of the present invention, there are provided a program and a method for causing a computer to function as the management server, the service providing server, the information processing apparatus, and the portable communication apparatus. Such a management server, a service providing server, and an information processing device exist separately, but the two selected devices can be integrally formed, or all can be formed integrally.

  As described above, according to the present invention, content for each service provider can be decrypted with a fixed program included in the information processing apparatus regardless of the number of service providers, and each service provider and each service content ( Service area) can be managed independently. Accordingly, it is possible to set an access authority for each of a plurality of areas of the mobile communication device.

  In addition, since the information for accessing the mobile communication device is encrypted, the access information can be specified in a markup language or a script. Since such information is decrypted using only a fixed decryption key, it is not necessary to add such decryption program even if a new service provider is added, and the operation cost can be reduced.

  Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the present specification and drawings, components having substantially the same functional configuration are denoted by the same reference numerals, and redundant description is omitted.

  In recent years, a non-contact type or contact type IC card that incorporates an IC and can perform wireless communication can use a plurality of applications, and a user can use this non-contact type or contact type IC card. It can be used to open and close automatic ticket gates installed at the ticket gates of stations and to shop.

  For example, in order to read and write information in the contactless IC card, the user moves to a dedicated terminal in a station premises equipped with a reader / writer capable of wireless communication with the contactless IC card, and the reader / writer. It was necessary to hold a non-contact type IC card over. In addition, even if a dedicated terminal is not installed, for example, by connecting a reader / writer to a personal computer (PC) in a home, the information in the non-contact type IC card can be read and written using the personal computer. be able to.

  However, even when a reader / writer is connected to a personal computer as described above, for example, an application for writing information on a non-contact type IC card or reading information in a non-contact type IC card, It was necessary to develop servers and install them on the personal computers used by users. Therefore, the burden of development costs and the like on the service provider side is large, and there are many cases in which the type of application used differs depending on the service received from the user side, and it cannot be said that the convenience is high.

  Therefore, in the present embodiment, first, an information processing system that is highly convenient and can access a mobile communication device with a simple operation by a user is proposed, and an information encryption system in which the information processing system is further improved is proposed. explain. First, an information processing system 100 according to the present embodiment will be described with reference to FIG.

(First embodiment: information processing system 100)
FIG. 1 is a block diagram showing a configuration of an information processing system 100 according to the present embodiment. As shown in FIG. 1, the information processing system 100 includes an information processing device 120 (120a, 120b,..., 120n), a service providing server 130, and a management server 140 via a communication network 110 such as the Internet. It is connected. The information processing apparatus 120 accesses the service providing server 130 via the communication network 110 to acquire, for example, a Web page (content) related to a store (shopping mall) on the network, and displays the store on the screen of the information processing apparatus 120. It is possible to display detailed information on the products handled by. In addition, the management server 140 provides the information processing system 100 for smooth information exchange between the information processing apparatus 120 and the service providing server 130.

  Here, the access in this specification refers to, for example, use of the system, connection to the service providing server 130 or the management server 140, a non-contact IC card 152 or a mobile phone 154 as a mobile communication device, or a service providing server. Reader / writer as reference (or data read), data save (or data write), data delete, data update (or data write), or access processing unit Information processing such as the exchange of information with other non-contact type IC chips capable of wireless communication with the non-contact type IC chip from 160 through the non-contact type IC chip is generically referred to. Here, a non-contact type IC card is taken as an example of the IC card, but a contact type or other type of IC card can also be applied to this embodiment.

  As shown in FIG. 1, the information processing apparatus 120 includes a reader / writer 160 (a part of the access processing unit) capable of wireless communication. The user holds the IC card 152 (152a, 152b,..., 152n) or the cellular phone 154 (154a, 154b,..., 154n) as the portable communication device 150 owned by the user over the reader / writer 160 to thereby obtain information. Data can be exchanged with the processing device 120. Note that the mobile phone 154 includes a non-contact IC chip capable of wireless communication.

  Further, the reader / writer 160 according to the present embodiment is not limited to the case where it is built in the information processing apparatus 120, and may be externally connected to the information processing apparatus 120 via an interface such as a USB.

  By the way, the service providing server 130 can provide a wide variety of contents to the information processing apparatus 120, and in particular, can distribute the contents as Web pages. Here, an example of a Web page provided from the service providing server 130 and displayed on the screen of the information processing apparatus 120 will be described with reference to FIG.

  2A, 2B, and 2C are explanatory diagrams showing an outline of screen display of the information processing apparatus 120 according to the present embodiment. By starting a web page browsing browser (hereinafter referred to as a browser) that allows a user to browse the web page shown in FIG. 2A installed on the information processing apparatus 120 on the screen, the information processing apparatus 120 sends the web page to the service providing server 130. Request a page. Subsequently, the browser of the information processing apparatus 120 can acquire a Web page (including a menu) including a menu screen from the service providing server 130 and display it on the screen.

  The menu screen of the Web page according to the present embodiment is not limited to the case where the menu screen exists on the network such as the service providing server 130, and such content may be acquired locally without using the communication network 110. good.

  For example, when the user operates the mouse as the input unit and moves the pointer and clicks on the item “1. balance information” among the items displayed on the menu, the user stores the information in the memory of the IC card 152. The balance information thus displayed can be displayed on the screen of the information processing apparatus 120.

  When “1. Balance information” is selected, as shown in FIG. 2B, the IC card 152 or the mobile phone 154 having a wireless communication function corresponding to the IC card is requested to be held over the reader / writer 160. Is displayed on the screen of the information processing apparatus 120.

  When the user holds the IC card 152 or mobile phone 154 owned by the user over the reader / writer 160 according to the message on the screen shown in FIG. 2B, the reader / writer 160 of the information processing apparatus 120 performs a polling process to determine the communication partner. It recognizes the IC card 152 or the mobile phone 154 and executes access processing.

  The information processing device 120 can read the data held by the portable communication device 150 by the access process and display it on the screen of the information processing device 120 as shown in FIG. 2C. Alternatively, the information processing apparatus 120 can write predetermined data corresponding to the service providing server 130 in a predetermined predetermined partial area of the predetermined area in the memory of the mobile communication apparatus 150. Detailed processing such as access processing will be described in detail later.

  In the information processing system 100 according to the present embodiment, between the information processing apparatus 120 and the service providing server 130, between the information processing apparatus 120 and the management server 140, and between the service providing server 130 and the management server 140. As for the communication, secure communication by SSL (Secure Socket Layer) or the like can be performed as necessary.

  Further, the Web page may be configured with a markup language such as HTML (Hyper Text Markup Language) or XML (Extensible Markup Language). Furthermore, by embedding the tag in the data of the Web page, the browser can display or reproduce image data such as a still image or a moving image, audio data, or the like. The tag (screen output control information) is a so-called command information or format that can specify the data structure of the Web page, the format for displaying on the screen, the location of the linked Web page by hyperlink, etc. This corresponds to shaping command information and the like.

  The Web page includes, for example, text data, still image data, moving image data, audio data, program data such as a Java applet (Java: registered trademark) described in HTML or the like.

  Further, the tag according to the present embodiment will be described with an example of a tag written in HTML (HTML tag) unless otherwise specified. However, the tag is not limited to this example, and can be implemented in any other case as long as it is a markup language.

  In the present embodiment, the tag is further expanded, and an expansion tag (access control information) for the information processing device 120 to execute an access process for the mobile communication device 150 is defined. The access process will be described in detail later.

  By defining the extension tag, a plug-in incorporated in a browser installed in the information processing apparatus 120 reads a Web page described in HTML or the like, and interprets the extension tag. Thereby, for example, the reader / writer 160 provided in the information processing apparatus 120 can refer to (read) the information held by the mobile communication apparatus 150.

  Note that the case where one service providing server 130 according to the present embodiment is connected to the communication network 110 is described as an example for easy understanding. However, a plurality of service providing servers 130 can be connected to the communication network 110.

  The service providing server 130 is a server that provides services such as browsing web pages. When there is a web page data request from the browser of the information processing apparatus 120, the service providing server 130 transmits the designated web page data to the information processing apparatus 120. The browser installed in the information processing apparatus 120 reads the Web page data received from the service providing server 130, interprets the tag embedded in the Web page, and displays it on the screen (Web browser function).

  In addition, the information processing apparatus 120 according to the present embodiment is implemented by, for example, a computer apparatus (notebook type or desktop type) such as a personal computer (PC), and at least a browser is installed.

  The information processing apparatus 120 according to the present embodiment will be described by taking a computer apparatus as an example. However, the information processing apparatus 120 is not limited to this example. For example, a Web page can be output on a screen, and a reader / writer can be output. As long as the mobile communication device 150 can be accessed via the network 160, the present invention is not limited to this example. For example, the information processing apparatus 120 includes a PDA (Personal Digital Assistant), an imaging device such as a digital camera or a video recorder, a home game machine, a VTR, a CD or DVD recorder / player, a radio device, a mobile phone, a PHS, a TV (TeleVison). ), May be implemented in information appliances.

  The communication network 110 shown in FIG. 1 connects two or more devices among the information processing device 120, the service providing server 130, and the management server 140 so that they can mutually communicate with each other. (Asymmetric Digital Subscriber Line) or FTTH (Fiber To The Home) or other public line networks such as the Internet connected by a similar method are conceivable, and also include closed line networks such as WAN, LAN, IP-VPN. The connection medium may be a fiber optic cable using FDDI (Fibre Distributed Data Interface), a coaxial cable using Ethernet (registered trademark) or a twisted pair cable, a wireless communication using IEEE802.11b, a satellite communication network, etc. Including.

(Information processing apparatus 120)
Next, the configuration of the information processing apparatus 120 according to the present embodiment will be described in detail with reference to FIG.

  FIG. 3 is a block diagram schematically showing the configuration of the information processing apparatus 120 according to the present embodiment. As shown in FIG. 3, the information processing apparatus 120 includes a CPU 202, a memory 204, an input unit 206, a display unit 208, a communication unit 210, and a reader / writer 160.

  The CPU 202 functions as an arithmetic processing device and a control device, and can control processing of each unit in the information processing device 120.

  The memory 204 includes, for example, a RAM, a ROM, a cache memory, a hard disk drive, a flash memory, and the like, and software such as a browser for displaying various data related to the processing of the CPU 202 and contents such as Web pages on the screen. It has a function to store programs. Accordingly, the memory 204 also functions as a content storage unit that stores content received from the service providing server.

  The input unit 206 includes operation means such as a mouse, a keyboard, a touch panel, a button, a switch, and a lever, and an input control circuit that generates an input signal and outputs the input signal to the CPU 202, for example. The user of the information processing device 120 can input various data and instruct processing operations to the information processing device 120 by operating the input unit 206.

  The display unit 208 includes, for example, a CRT display device, a liquid crystal display (LCD) device, a display device such as a lamp, and an audio output device such as a speaker. The display unit 208 can display a Web page whose layout of characters, graphics, moving images, still images, etc. is calibrated by a browser.

  The communication unit 210 is a communication interface configured with, for example, a communication line, a communication circuit, a communication device, and the like. The communication unit 210 transmits and receives various data such as Web pages and receives plug-in programs and the like via the communication network 110 with the service providing server 130 and the management server 140 on the network. Can do.

  The reader / writer 160 communicates with the mobile communication device 150 and performs an access process on a predetermined area and a predetermined partial area of the mobile communication device 150 specified by the information processing apparatus 120.

  The memory 204 described above stores at least a browser and a reader / writer driver (not shown). In addition to browser and reader / writer drivers, an OS (Operation System), a BIOS (Basic Input / Output System), and other drivers are also stored.

  Further, the browser includes a page reading module that reads a web page and interprets a tag embedded in the web page. Further, a plug-in that interprets an extension tag for wireless communication with the mobile communication device 150 (plug) In-module) is built into the browser. When the browser receives a screen display request for a Web page from the input unit 206, the browser requests Web page data from the service providing server 130. The module that requests the Web page is a page request module provided in the browser.

  The page reading module reads a Web page transmitted from the service providing server 130, and depending on the contents of a tag (including screen output information) embedded in the Web page, the character format, the image size, The layout of the Web page to be displayed on the screen such as the position where the image is arranged is determined. The screen output information defines at least the format or content data structure when the content is output to the screen.

  In accordance with the tag interpreted by the page reading module, the page output module displays moving image data or text data on the screen of the display unit 208, so that the browser can display the Web page on the screen. The browser can display the web page on the screen by one or more modules functioning in the browser functioning organically.

  The plug-in can interpret the extension tag even if the tag interpreted by the page reading module is an extended extension tag. By interpreting the extension tag, the plug-in can instruct the reader / writer 160 to execute the access process via the reader / writer driver.

  Note that the browser according to the present embodiment will be described by taking a case of a program or the like including one or more modules or components as an example, but is not limited to this example. For example, the browser may be hardware such as one or two or more circuits.

(Portable communication device 150)
Next, the mobile communication device 150 according to the present embodiment will be described with reference to FIG.

  4A and 4B are block diagrams showing a schematic configuration of the mobile communication device 150 according to the present embodiment. An IC card 152 belonging to the mobile communication device 150 shown in FIG. 4A includes the above-described non-contact type IC chip 250. The non-contact type IC chip 250 is a device capable of wirelessly communicating with other communication devices. When the reader / writer 160 approaches a communicable area within 20 cm, for example, the reader / writer 160 is subjected to predetermined processing such as polling and the like. Wireless communication with the writer 160 is possible.

  A mobile phone 154 belonging to the mobile communication device 150 shown in FIG. 4B includes a non-contact IC chip 250, a controller 252, and a mobile phone circuit 254. The non-contact type IC chip 250 has the same function as the non-contact type IC chip 250 described with reference to FIG.

  The controller 252 activates a program such as a browser that displays a Web page stored in a storage unit (not shown) of the mobile phone circuit 254. The controller 252 switches or controls wired communication between the controller 252 and the non-contact type IC chip 250 and wireless communication between the non-contact type IC chip 250 and the reader / writer 160.

  The mobile phone circuit 254 includes a storage unit (not shown), a display unit (not shown), an input unit (not shown) such as a button, etc. A browser function for accessing the service providing server 130 and displaying a Web page.

  The non-contact type IC chip 250 according to the present embodiment has been described by taking as an example a case where the non-contact type IC chip 250 is provided in a battery-less non-contact type IC card 152 or a battery-equipped mobile phone 154. However, the present invention is not limited to this example. For example, it may be provided in a battery-mounted device such as a digital camera, a notebook computer, or a PDA.

  FIG. 5 is an explanatory diagram schematically showing a memory area of the mobile communication device 150. Referring to the memory area in FIG. 5, for example, memories 0 to 7FFF (h) are allocated as common areas that can be accessed by each service providing server. A system code is attached to each area such as the common area according to the access target. Of these, areas assigned to the two service providing servers 130 are predetermined areas 270 and 272, respectively, and each area is assigned with an area code of the service provider. The service provider operating the service providing server 130 here handles, for example, electronic money, credit cards, cash cards, mileage cards, point cards, and the like, and the mobile communication device 150 receives information related to the services. I remember it.

  Here, the predetermined area 270 is managed by a start service and an end service, that is, the first and last addresses of the predetermined area. The area that can be handled by the service providing server 130 is limited to a predetermined area. In addition, a predetermined partial area 274 can be arbitrarily provided for each service providing server within the predetermined area, and information corresponding to the service provision contents can be distinguished and described. Each predetermined partial area is assigned a service code, and is managed by a start block and an end block, that is, the first and last blocks (addresses) of the predetermined partial area. Here, the block may be managed every 16 bytes, for example.

  Such area designation is performed by a physical or logical address. Even in the same predetermined area or predetermined partial area, the contents of the service, for example, an important service such as writing electronic money data, and an unimportant service that performs a balance inquiry in a read-only manner (in this case It is possible to distinguish the authority of writing by specifying a flag or a logical address. For example, the physical address is the same, but there are two logical addresses corresponding to the physical address, one of which can be read / written and the other read-only. Further, in the memory of FIG. 5, the common area is represented by a predetermined address for easy understanding, but is not limited to such an address.

  Further, in the predetermined area or the predetermined partial area, for example, user information such as name, date of birth, age, address, etc., and personal information such as a personal identification number, etc., are stored. .

(Service providing server 130)
Next, the service providing server 130 according to the present embodiment will be described in detail with reference to FIG.

  FIG. 6 is a block diagram schematically showing the configuration of the service providing server 130 according to the present embodiment. As illustrated in FIG. 6, the service providing server 130 includes a CPU 302, a memory 304, an input unit 306, a display unit 308, and a communication unit 310.

  The CPU 302 functions as an arithmetic processing device and a control device, and can control processing of each unit provided in the service providing server 130.

  The memory 304 includes, for example, a RAM, a ROM, a cache memory, a hard disk drive, a flash memory, and the like, and has a function of temporarily storing various data related to the processing of the CPU 302, an operation program of the CPU 302, and the like.

  The input unit 306 includes, for example, operation means such as a mouse, a keyboard, a touch panel, a button, a switch, and a lever, and an input control circuit that generates an input signal and outputs it to the CPU 302.

  The display unit 308 includes, for example, a CRT display device, a liquid crystal display (LCD) device, a display device such as a lamp, and an audio output device such as a speaker. The display unit 308 can display a web page whose layout of characters, graphics, moving images, still images, etc. is calibrated by a browser.

  The communication unit 310 is a communication interface configured with, for example, a communication line, a communication circuit, a communication device, and the like. The communication unit 310 can receive data related to the information processing system from the management server 140.

  The memory 304 stores, for example, a Web page providing application, an information processing application, and a Web page database (Web page DB).

  In the Web page providing application, when there is a Web page request from the information processing apparatus 120, that is, when the Web page request data is received from the information processing apparatus 120 via the communication unit 310, the corresponding information stored in the Web page DB is stored. Web pages to be acquired are acquired and transferred to the communication unit 310. The Web page is transmitted to the requesting information processing apparatus 120 via the communication network 110 by the communication unit 310.

  The information processing application is a program that works with a Web page providing application and processes information such as a Web page stored in the Web page DB based on parameters set in request data received by the Web page providing application. The processed Web page is transmitted to the information processing apparatus 120 from the Web page providing application. For example, the information processing application corresponds to a CGI (Common Gateway Interface) program or the like.

  The Web page providing application or the information processing application according to the present embodiment has been described by taking a case of a program composed of one or two or more modules or components as an example, but is not limited to such an example. For example, the Web page providing application or the information processing application may be hardware including one or more circuits.

  In the Web page DB, for example, Web pages related to stores such as restaurants and sporting goods stores (Web pages related to store locations, etc.) are stored in the Web page DB.

(Management server 140)
Next, the management server 140 according to the present embodiment will be described in detail with reference to FIG.

  FIG. 7 is a block diagram schematically showing the configuration of the management server 140 according to the present embodiment. As shown in FIG. 7, the management server 140 includes a CPU 352, a memory 354, an input unit 356, a display unit 358, and a communication unit 360. Each of these units has substantially the same function as each unit of the service providing server 130 described with reference to FIG.

  The management server 140 provides the information processing system 100 to the service providing server 130 and the information processing apparatus 120, and thus provides an environment in which a user having the mobile communication device 150 can receive services from the service providing server 130. .

(Web page)
Next, a Web page according to the present embodiment will be described with reference to FIG.

  FIG. 8 is an explanatory diagram showing an outline of the data structure of the Web page according to the present embodiment. First, the Web page according to the present embodiment has a data structure in which both an HTML tag and an extension tag obtained by extending the HTML tag are mixed. Therefore, when the plug-in according to the present embodiment is not incorporated in the browser, only the HTML tag of the Web page is interpreted and executed according to the interpreted tag. When the plug-in is incorporated, only the extension tag of the Web page is interpreted and executed according to the interpreted extension tag.

  The Web page according to the present embodiment has been described by taking a case where tags and expansion tags are mixed as an example. However, the present invention is not limited to such an example. For example, a Web page in which only expansion tags are embedded or , A web page in which only a normal tag such as an HTML tag is embedded may be used.

  As shown in FIG. 8, tags “<SPAN>” to “</ SPAN>”, which are normal tags, are first embedded in the Web page according to the present embodiment, and the whole is enclosed. Note that the value (Felica) specified for the id in the tag is to indicate that the description in the “<SPAN> to </ SPAN>” tag is a description related to the value.

  Next, "<!-" To "--->" specify the start of a comment (<! ---) and the end of comment (->). Therefore, in the case of a browser without a plug-in, the part described from “<!-” To “->” is simply interpreted as a comment and is not executed at all. That is, only “Please download the plug-in corresponding to the extension tag” shown in FIG. 8 is displayed on the screen. The comment tag is used because a browser in which no plug-in is installed can correctly interpret a tag embedded in content such as HTML, and has very little effect on the screen display.

  Here, in the browser in which the plug-in is incorporated, it is determined that the extension tag is embedded in the part described from “<! ――” to “―― >>”, and the embedded extension tag is interpreted. Execute.

  Next, the tags “<FELICA>” to “</ FELICA>” in the comment indicate the start and end of expansion tag embedding. When the plug-in confirms the presence of “<FELICA>” to “</ FELICA>”, the plug-in interprets the extension tag described therebetween.

  The “<READ>” tag is a tag for reading data stored in the mobile communication device 150. In “id” described as attribute information in the “<READ>” tag, a character string is set to identify a target to be executed. For example, as shown in FIG. 7, “id” of the “<READ>” tag is “$ FELICA_READ $”.

  Subsequent “<A HREF>” to “</A>” tags “Read” are displayed in the “<A HREF>” tag when the plug-in accepts an instruction selected from the input unit 206 by the user's operation. By referring to “$ FELICA_READ $” and searching for an item that matches the id described in the “<READ>” tag, the process to be executed is identified.

  When “read” displayed on the screen is selected by the input unit 206, “<READ>” corresponding to the “read” is searched, and a read process as an access process is executed. The same applies to the “<WRITE>” tag.

  Further, “block” described as attribute information in the “<READ>” tag designates a position (predetermined area, predetermined partial area) for reading data from the storage area. For example, “0” is designated at the head position, or “0-2” is designated when reading data for three blocks from the head position. Note that the method for specifying the reading position of “block” is not limited to such an example.

  Further, “caption” described as attribute information in the “<READ>” tag indicates a message to be displayed on the screen of the display unit 208 of the information processing apparatus 120 when it is not held over the reader / writer 160. A character string is specified.

  The “<WRITE>” tag is a tag for transmitting data from the information processing device 120 side and writing the data in a predetermined storage area of the mobile communication device 150. Note that the data to be written can be written to a storage area that does not require encryption and does not require mutual authentication, as with the data to be read, but is not limited to this example.

  The id, block, or caption in the “<WRITE>” tag is substantially the same as the id, block, or caption in the “<READ>” tag described above, and detailed description thereof is omitted. The “block” in the “<WRITE>” tag is for designating the write position.

  When the access process is executed by the “<READ>” tag and the “<WRITE>” tag, the polling process is executed in advance. By executing the polling process, the reader / writer 160 can identify the mobile communication device 150 that is a communication partner, and can actually perform data communication. In the case of identification, the reader / writer 160 identifies based on identification information uniquely held in advance by the mobile communication device 150.

  Here, a supplementary description will be given of the case where only the polling process is executed. When the polling process is executed alone, a “<POLLING>” tag is embedded in the Web page. When the “<POLING>” tag is interpreted and polling processing is executed, the identification information stored in the portable communication device 150 is transmitted to the reader / writer 160.

  The attribute information such as “id” and “caption” described above is also described in the “<POLLING>” tag, but since it is substantially the same as the above description, detailed description thereof is omitted.

  Next, in “felica: http: //cgi.xxx.co.jp/aaa.cgi? Data = $ FELICA_READ $” described in the “<A HREF>” tag, “Read” is clicked first. Then, as described above, the <READ> tag reading process in which “$ FELICA_READ $” is described is executed, the read access result is set as a parameter, and the address (http: // cgi) is set. .Xxx.co.jp /) to the “aaa.cgi” program of the service providing server 130. The $ FELICA_READ $ is an identifier for executing a <READ> tag reading process. Note that the identifier notation according to the present embodiment is not limited to such an example.

  Next, based on the passed parameters, a predetermined information processing process is executed by the “aaa.cgi” (CGI program) corresponding to the information processing application of the service providing server 130, and the result is processed as an access result. It is displayed on the display unit 208 of the device 120. Note that the present invention can be implemented even when the above address is not specified.

  When the address is not specified, the access result is not transmitted to the service providing server 130, and the access result can be displayed on the screen by the information processing apparatus 120. That is, even the information processing apparatus 120 that does not have a network communication function can wirelessly communicate with the non-contact type IC card 152 or the mobile phone 154 locally by using a browser.

  The configuration of “felica: http: //cgi.xxx.co.jp/aaa.cgi? Data = $ FELICA_WRITE $” described in the “<A HREF>” tag is almost the same as that described above. Therefore, detailed description is omitted. Note that $ FELICA_WRITE $ is an identifier for executing a <Write> tag reading process.

  The access process according to the present embodiment is exemplified by a case where the read process or the write process is executed when “read” or “write” of the <A HREF> tag is selected by the input unit 206. Although explained, the present invention is not limited to this example. For example, after the above reading process is completed, an information processing process is executed, the access result is displayed on the screen, and data is further written to a predetermined location in the storage area of the portable communication device. It can be implemented in some cases.

  Further, the notation or name of the tag or the extension tag embedded in the Web page according to the present embodiment shown in FIG. 8 is not limited to this example. Even if the tag or expansion tag is in any other notation, name, description order, etc., it can be implemented by embedding it in the Web page. For example, the present invention can be implemented even when the <FELICA> tag is changed to the <IC> tag or when the <READ> tag is described below the <A HREF> tag as the description order.

  Next, a series of processing of the information processing system according to the present embodiment will be described with reference to FIGS. 9 and 10.

  FIG. 9 is a flowchart showing an outline of a display process for displaying a Web page in which the extension tag according to the present embodiment is embedded. FIG. 10 shows an access process executed by the extension tag according to the present embodiment. It is a flowchart which shows an outline.

  First, as shown in FIG. 9, when the browser of the information processing apparatus 120 requests a Web page existing on the network from the service providing server 130 and receives the Web page, the page reading module in the browser The Web page is read (S400). The Web requested by the browser can be specified by the user operating the input unit 206. Further, the information processing apparatus 120 may hold the Web page without receiving the Web page from the service providing server 130.

  Next, the plug-in incorporated in the browser determines whether or not an expansion tag is embedded in the data of the Web page read in S400 (S402). As described above, the range determined by the plug-in is, for example, from “<FELICA>” to “</ FELICA>” tags. If no plug-in is installed, the process for determining whether or not there is an extension tag is not executed.

  If the extension tag is embedded in the Web page as a result of the above determination, the plug-in then only includes the normal tag such as an HTML tag other than the extension tag among the tags embedded in the read Web page. (S404). Thereafter, the plug-in updates the Web page according to the deletion result (S406). That is, only the extension tag is left on the Web page read by the page reading module. Finally, the updated Web page is displayed on the information processing apparatus 120 based on the screen output information that at least defines the format or the data structure of the Web page when it is output to the screen by the page output module that displays the Web page. It is displayed on the screen of the unit 208 (S408).

  Next, as shown in FIG. 10, in a state where the Web page including the extension tag is displayed on the display unit 208, the user operates the input unit 206 to read data from the mobile communication device 150, The browser or the like can accept the execution of the access process for writing to the communication device 150 (S450).

  When an instruction is received from the input unit 206 (S450), the plug-in activates an event of the extension tag that has received the instruction by the input unit 206, and executes an access process (S452). When an event of an expansion tag is selected by the input unit 206, for example, a message such as “Please hold a mobile communication device such as an IC card over the reader / writer” is displayed on the screen of the display unit 208 as described above. Is displayed.

  If the instruction received from the input unit 206 is not an expansion tag but a normal tag, the browser executes a normal process such as displaying another Web page with a hyperlink or the like (S454).

  Next, when the user holds the portable communication device 150 such as the IC card 152 over the reader / writer 160 as instructed on the screen, the polling process is first performed between the reader / writer 160 and the portable communication device 150 as described above. Is executed, and the reader / writer 160 identifies the mobile communication device 150 of the communication partner.

  Next, based on an instruction from the plug-in, the reader / writer 160 reads data stored in the storage area of the mobile communication device 150 or passes it from the plug-in to a specified position in the storage area of the mobile communication device 150. At least one of the processes for writing data to the mobile communication device 150 is executed (S456).

  For example, in the case of processing for reading data stored in the storage area of the mobile communication device 150, the reader / writer 160 uses the mobile communication device based on the read position (predetermined area, predetermined partial area) that is the instruction content from the plug-in. The mobile communication device 150 is wirelessly communicated with a signal for requesting data stored at the designated reading position in the storage area 150.

  When the mobile communication device 150 receives a data request signal for requesting data from the reader / writer 160, the portable communication device 150 sends the data stored in the reading position (predetermined area, predetermined partial area) specified in the data request signal to the reader / writer 160. Wireless communication. As described above, the reader / writer 160 can read the data stored in the mobile communication device 150. Note that the data read by the reader / writer 160 from the mobile communication device 150 is subjected to predetermined processing such as decoding processing and is stored in the memory 204 as necessary.

  When it is necessary to send the result of the execution of the access process (reading process or writing process) with the mobile communication device 150 to the service providing server 130 (S458), the browser transmits the result via the communication network 110. The access result is transmitted to the service providing server 130 (S460).

  As described above, the destination service providing server 130 is specified by the address (URL or the like) described in the extension tag that has executed the access process. Whether or not to transmit the access result to the service providing server 130 is determined by determination information for determining whether or not transmission is possible and whether or not the address is set in the extension tag, but is not limited to this example. .

  When the access result is transmitted to the service providing server 130, the information processing application of the service providing server 130 performs processing based on the access result, and a Web page is created. A Web page reflecting the access result is displayed on the display unit 208 (S462).

  Note that the display of the Web page according to the present embodiment has been described by taking the case where it is displayed on the display unit 208 of the information processing apparatus 120 as an example. However, the present invention is not limited to such an example. The present invention can be implemented even when a web page is displayed on the screen of the mobile communication device 150 or the mobile phone 154.

  In particular, as an example in which a Web page reflecting an access result is displayed, there is a case where a mobile communication device 150 having a settlement means such as electronic money is used. For example, when a product is purchased with electronic money from a virtual store, billing processing is executed between the reader / writer 160 and the portable communication device 150, and the balance information of the electronic money held by the portable communication device 150 is updated. Then, for example, the product price information or balance information is transmitted to the service providing server 130 as an access result.

  When processing is executed based on the balance information on the service providing server 130 side and a Web page is generated, the Web page is transmitted from the service providing server 130 to the information processing apparatus 120.

  Next, the plug-in includes startup information for starting an application having a browser function or the like for displaying a Web page on a mobile communication device (such as a mobile phone 154) having a display unit, and the mobile phone 154 extracted from the Web page. A message or a parameter including information such as a URL to be displayed on the display unit is transmitted to the reader / writer 160, and the portable communication device 150 (such as the cellular phone 154) is instructed to transmit.

  The reader / writer 160 wirelessly communicates the activation information and parameters to the mobile communication device 150 such as the mobile phone 154 in accordance with an instruction from the plug-in. Upon receiving the activation information, the mobile communication device 150 (cellular phone 154) activates the designated application, and the activated application displays a Web page included in the received parameter on the display unit.

  From the above, when a product is purchased with electronic money using the mobile communication device 150 such as the mobile phone 154, a message such as “Thank you for your purchase.” Is displayed on the display unit together with the balance information, and the balance Alternatively, coupon information to which a privilege such as discounting a product is given is displayed on the display unit of the mobile communication device 150 according to the price of the product.

  If the user simply installs the plug-in in the information processing apparatus 120 and performs an easy operation of holding the existing portable communication apparatus 150 over the reader / writer 160, the user can write data into the portable communication apparatus 150 or be useful. Information can be displayed on the information processing device 120, and information such as coupon information transmitted from the service providing server 130 can be displayed on the screen of the mobile communication device 150.

  Furthermore, since the user can wirelessly communicate with the information processing apparatus 120 and the portable communication apparatus 150 without going through a server such as the service providing server 130, the information processing apparatus 120 does not have a network function and is externally connected. Even if the communication cannot be performed, data can be exchanged between the information processing device 120 and the portable communication device 150 locally. That is, if the user registers the position (reading position or writing position) where frequently used data such as content is stored in the expansion tag, the user can simply read / read without performing a complicated data selection operation. Data can be transferred from the information processing device 120 to the portable communication device 150 or can be transferred from the portable communication device 150 to the information processing device 120 simply by holding the data over the writer 160.

  On the other hand, as long as the person who operates the management server 140 develops a plug-in corresponding to an extension tag, a service provider that provides content such as a Web page creates a Web page in which the extension tag is embedded, and performs communication. The information processing device 120 can read / write data from the portable communication device 150 by wireless communication.

  Plug-ins to be incorporated into the browser of the information processing apparatus 120 are implemented by adding functions to the browser. For example, the browser interprets and displays extension tags embedded in content data such as HTML, or communicates with the service providing server 130. This feature can be used at a much lower cost than developing a new equivalent application. Therefore, it is possible to easily enter a new market where a large amount of cost has become a barrier.

  However, the information described in the markup language or script as described above can be easily read by referring to the source, and the information related to the access processing to the storage area allocated to the IC card for each service provider. It can be easily known. In order to protect the information related to access to the IC card for each service providing server 130 by encrypting it, the following information encryption system is proposed.

(Second Embodiment: Information Encryption System)
As described above, the information processing system according to the present embodiment makes it possible to access the mobile communication device with high convenience and simple operation by the user. An information encryption system obtained by further improving such an information processing system will be described below. Therefore, the configuration of the information encryption system is the same as the configuration of the information processing system in FIG. In order to facilitate understanding, the present embodiment will be described on the assumption that the above-described information processing system is used. However, the present embodiment is not limited to such a case, and is applied to various systems that need to encrypt information in a specific area in a memory. be able to.

(Management server 140)
FIG. 11 is a block diagram schematically showing the configuration of the management server 140. The management server 140 includes an area allocation unit 510, a first key encryption unit 512, a second key hash unit 514, and a management transmission unit 516. Each of these units is a module executed by the CPU 352 or the like of the management server 140 described with reference to FIG.

  The area allocation unit 510 allocates a predetermined area of the storage area of the memory in the mobile communication device 150 to the service providing server.

  The first key encryption unit 512 encrypts at least a character string specifying a predetermined area assigned to the service providing server 130 using the first key as an encryption key. This encrypted information is decrypted by the information processing apparatus 120 as service specifying information.

  The second key hash unit 514 adds a second key to a character string that specifies a predetermined area of the service providing server, thereby generating a hash value.

  The management transmission unit 516 transmits at least the service specifying information generated by the first key encryption unit 512 and the hash value generated by the second key hash unit 514 to the service providing server 130 related to encryption. . This service provision information and hash value may be transmitted to the service provision server 130 via a storage medium such as a CD-ROM or online.

  The management server 140 does not newly generate an encryption key used in the service providing server 130 for each service providing server 130, but uses a known information that identifies a predetermined area assigned to the service providing server 130. To do. Therefore, the information processing apparatus 120 does not have to manage a large amount of decryption keys.

  In this way, the management server 140 generates service identification information that can be decrypted only by the management server having the first key and the second key and the information processing apparatus, and is used as an encryption key by the service providing server. A hash value that is unique corresponding to each service providing server and a predetermined area to be accessed is generated.

  In addition, a program and a method for causing a computer to function as the management server 140 are provided.

(Service providing server 130)
FIG. 12 is a block diagram schematically showing the configuration of the service providing server 130. The service providing server 130 includes a content generating unit 550, an output information generating unit 552, a service providing receiving unit 554, a hash encryption unit 556, and a service providing transmitting unit 558. Each of these units is a module executed by the CPU 302 of the service providing server 130 described with reference to FIG.

  The content generation unit 550 generates content that can be processed by the information processing device 120 in order to provide various services to the user having the mobile communication device 150.

  The output information generation unit 552 generates screen output information that defines at least the format when the content generated by the content generation unit 550 is output to the screen or the data structure of the content. The information processing apparatus 120 can display the content according to the screen output information.

  The service provision receiving unit 554 receives at least the service specifying information generated by the first key encryption unit 512 of the management server 140 and the hash value generated by the second key hash unit 514 from the management server. .

  The hash encryption unit 556 encrypts a character string that specifies a predetermined partial area that actually needs to be accessed in the predetermined area, using the hash value as an encryption key, and uses this as partial specifying information. Of course, the logical address of the predetermined partial area must be included in the logical address of the predetermined area.

  The service provision transmitting unit 558 transmits at least the service specifying information and the partial specifying information to an information processing apparatus that communicates with the portable communication apparatus. Here, at least, the service provision transmission unit 558 can embed the screen output information, service identification information, and partial identification information in the content, and transmit the content to the information processing apparatus. It is.

  The service providing server 130 further encrypts a predetermined partial area in the predetermined area by using a hash value unique to the service providing server 130 and the predetermined area received from the management server 140 as an encryption key. Can do. With this configuration, the user cannot illegally access the predetermined partial area unless information on the encryption key (hash value) is leaked from the service providing server.

  The main purpose of the service providing server 130 is to provide a service such as content to the user having the mobile communication device 150. The information processing device 120 that has received this content receives the content based on the screen output information. It is possible to output to the screen and to perform access processing to the mobile communication device 150 by using the service specifying information and the partial specifying information.

  In this way, the service providing server 130 only needs to transmit the information specifying only the predetermined partial area of the mobile communication device 150 accessed by the service including the content. Moreover, the content may be a Web page described in a markup language, and the screen output information, the service specifying information, and the partial specifying information for specifying the predetermined partial area may be represented by tags. Therefore, the service providing server 130 does not need to construct a complicated program for accessing the portable communication device, and costs such as development costs are reduced.

  In addition, a program and a method for causing a computer to function as the service providing server 130 are provided.

(Information processing apparatus 120)
FIG. 13 is a block diagram schematically showing the configuration of the information processing apparatus 120. The information processing apparatus 120 includes an information processing reception unit 610, a browser 612, an information decryption unit 614, an access processing unit 616, a content storage unit 618, and a result display unit 620. Each of these units is a module executed by the CPU 202 of the information processing apparatus 120 described with reference to FIG.

  The information processing receiving unit 610 includes at least the service specifying information generated by the first key encryption unit 512 of the management server 140 and the partial specifying information generated by the hash encryption unit 556 of the service providing server 130. Are received from the service providing server 130. Here, at least, the service providing transmission unit 558 of the service providing server 130 adds the screen output information, the service specifying information, and the partial specifying information to the content generated by the service providing server 130, for example. This is because the service specifying information and the partial specifying information are not always transmitted alone because they are embedded in the content and transmitted. The content may be a Web page described in a markup language.

  After receiving the content, the browser 612 outputs the content to the screen based on screen output information that defines at least the format when the content is output to the screen or the data structure of the content. A user having the mobile communication device 150 can specify more detailed processing of the service while referring to the output of the screen.

  The information decryption unit 614 decrypts the service specifying information and the partial specifying information using only the first key and the second key managed only by the management server 140 and the information processing apparatus 120. As a result of such decryption, all information necessary for the access processing to the mobile communication device 150, that is, a predetermined area of the service providing server, and a partial predetermined partial area within the predetermined area can be specified. As described above, the initialization operation for establishing the authentication action and communication with the mobile communication device 150 is performed by downloading from the management server or installing from a storage medium provided by the management server, such as a plug-in (plug-in module). It may be performed by a parser and incorporated in the browser 612. Such a plug-in obtains access information to the mobile communication device 150 from the extracted service specifying information and partial specifying information after interpreting a tag written in HTML.

  The access processing unit 616 identifies a predetermined region and a predetermined partial region from the result of decoding by the information decoding unit 614, and executes an access process for the predetermined partial region of the mobile communication device 150.

  The content storage unit 618 stores the content received by the information processing reception unit 610, service identification information and partial identification information attached thereto, and the like. With the configuration for storing such content, it is possible to always refer to the content and the screen output information, service specifying information, and partial specifying information included in the content, and even when the mobile communication device is offline with the service providing server. Can be accessed.

  The result display unit 620 displays the result of the access process for the mobile communication device 150 on the screen. The result of the access process displayed on the screen of the display unit 208 of the information processing apparatus 120 according to the present embodiment is, for example, a message for appreciating the balance of electronic money or the purchase of a product.

  The access process may be at least one of a process for reading data from a predetermined partial area of the portable communication device and a process for writing data to the predetermined partial area. It may be done. In such NFC, communication is performed in a non-contact manner only within a narrow range of about 20 cm, so that the reader / writer 160 for communication purposes can be easily grasped and recognized by the user's vision, and easy-to-understand communication processing by hand action. It can be carried out. Here, data to be read from the reader / writer 160 is prepared in the information processing apparatus 120 in advance, and the user holds or attaches the portable communication device 150 to a portion where the reader / writer 160 is provided. Thus, such data can be obtained.

  In addition, a program and a method for functioning a computer as the information processing apparatus 120 are provided.

(Encryption procedure)
Next, the encryption flow of the information encryption system will be described in detail. Here, in order to facilitate understanding, the flow of content and the like generated by the service providing server 130 is omitted, and only information (data) encryption is described.

  FIG. 14 is a block diagram schematically showing the flow of encryption in the information encryption system. In the information encryption system, first, the management server 140 encrypts at least a character string specifying a predetermined area of the service providing server 130 using the first key as an encryption key to generate service specifying information.

  Here, the character strings to be encrypted are a system code 702 and a start service 704 and an end service 706 as predetermined areas. Here, the system code 702 indicates a common area accessible by each service providing server 130, and the start service 704 and the end service 706 are respectively physical or logical in a predetermined area allocated to the service providing server 130. An address is shown and uniquely corresponds to each service providing server 130. Here, the information before encryption is expressed as a system code 702, a start service 704, and an end service 706. However, the present invention is not limited to this, and any other character string can be used as long as the identifier can identify the service providing server 130. Is done.

  The first key encryption unit 512 of the management server 140 arranges the system code 702, the start service 704, and the end service 706 in an arbitrary order, encrypts the first key 710 as an encryption key, and generates service specifying information 712. To do.

  Next, like the first key encryption unit 512, the second key hash unit 514 of the management server 140 arranges the system code 702, the start service 704, and the end service 706 in an arbitrary order, and further adds the second key 720. A hash value 722 is taken. The management transmission unit 516 transmits the hash value 722 and the service specifying information 712 to the service providing server 130.

  The service provision receiving unit 554 of the service provision server 130 receives the service specifying information 712 and the hash value 722. Of these, the service specifying information 712 is transmitted to the information processing apparatus 120 as it is without being processed by the service providing server 130. The hash value 722 serves as an encryption key, encrypts a character string that identifies a predetermined partial area, and generates partial identification information 740.

  Here, the character string specifying the predetermined partial area is an area represented by the service code 730, the start block 732, and the end block 734. The start block 732 and the end block 734 are physical or memory of the mobile communication device 150. Indicates a logical address. The predetermined partial area indicates a partial area obtained by further dividing the predetermined area that uniquely corresponds to each service providing server 130. Here, the information before encryption is expressed as a service code 730, a start block 732, and an end block 734. However, the present invention is not limited to this, and other character strings are allowed as long as the identifier can identify a predetermined partial area. The

  The service provision transmission unit 558 transmits the partial identification information 740 generated in this way to the information processing apparatus 120 together with the service identification information 712. The transmission timings of both pieces of information 712 and 740 may be the same or may be transmitted with a time difference.

(Decryption procedure)
Next, the decryption flow of the information encryption system will be described in detail. Here, in order to facilitate understanding, the flow of content generated by the service providing server 130 is omitted, and only the decryption of information (data) is described.

  FIG. 15 is a block diagram schematically showing the decryption flow of the information encryption system. A user having the mobile communication device 150 downloads a service (content) from the service providing server 130 to the information processing device 120 when the mobile communication device 150 is used. The browser of the information processing apparatus 120 or a plug-in included in the browser decodes the service and develops a service suitable for the application.

  As the order of decryption, first, the information decryption unit 614 of the information processing device 120 decrypts the service specifying information 712 and the partial specifying information 740 received by the information processing receiving unit 610 with the decryption key 750 corresponding to the first key 710. , The system code 702 and a predetermined area of the service providing server 130, that is, the start service 704 and the end service 706 are specified in the example of FIG. Subsequently, a second key 720 is added to the system code 702, the start service 704, and the end service 706 to obtain a hash value. This hash value is equal to the hash value 722 generated by the management server 140 in encryption. Finally, the partial identification information 740 is decrypted with the decryption key 752 corresponding to the calculated hash value 722 to identify a predetermined partial area, that is, the service code 730, the start block 732, and the end block 734 in the example of FIG. can do.

  Therefore, the information processing apparatus 120 does not need to hold individual identifiers (decryption keys) for specifying the predetermined area and the predetermined partial area of the service providing server 130, and only the fixed first key and second key. Can access the portable communication device.

  Here, the system code 702, the start service 704, and the end service 706 are information shared by the management server 140 and the service providing server 130. The service code 730, the start block 732, and the end block 734 are the service providing server 130. It is information managed only by. The first key 710 and the second key 720 are encryption keys managed only by the management server 140 and the decryption program of the information processing apparatus 120, and the hash value 722 is generated by the management server 140 and is provided by the service providing server. This is an encryption key managed at 130. Further, the service specifying information 712 and the partial specifying information 740 generated by the management server 140 and the service providing server 130 are information processed by the information processing apparatus 120 in order to perform access processing on the mobile communication apparatus 150.

  The advantages of such an information encryption system are summarized below.

  When a service without a key is set in the mobile communication device 150, information for identifying the service, for example, the system code 702 and the service code 730 described above is known, and the mobile communication device 150 is not required to be a service provider. You can refer to the information inside. In this embodiment, a general user cannot estimate the first key and the second key, and cannot specify either the predetermined area or the predetermined partial area. Therefore, such encrypted information Cannot be referred to, and information leakage is prevented. In addition, even if such service specific information or partial specific information is falsified, inconsistencies such as inconsistencies with the predetermined area of the service providing server or the predetermined partial area not being included in the predetermined area will result in unauthorized access. Can be prevented.

  The information processing apparatus 120 refers to only the fixed first key and the second key, and is a predetermined area of the service providing server, which is all information necessary for the access process, and a partial predetermined area within the predetermined area. A partial area can be identified. Therefore, there is no need to hold a unique decryption key for each service providing server 130, and there is no need to update the program even when a new service provider enters.

  When information for communicating with the portable communication device 150 is described in a program in the reader / writer 160, the program cannot be referred to, so there is no problem. However, as described in the information processing system 100, it is easy to refer to information when heavy information is described in a markup language or a script. Since the service providing server 130 encrypts the predetermined partial area with the hash value 722 unique to the service providing server 130, information is not leaked. Further, since the service providing server 130 does not have the first key 710 and the second key 720, it is not possible to specify a service providing server or a service area other than itself. In addition, each area is managed independently because a unique encryption key is assigned to each predetermined area provided in the memory of the mobile communication device 150 or to each predetermined partial area in the predetermined area. be able to. Further, since the information of the partial identification information 740 does not go to the management server 140, the management server 140 cannot identify the predetermined partial area.

  Since the information generated by the management server 140 and used by the service providing server 130 is only the hash value 722 used as an encryption key, even if the service provider knows the predetermined area of the service providing server 130, The second key cannot be estimated from the hash value 722. Therefore, the second key is not specified.

(Third Embodiment: Information Encryption Method)
Next, the overall flow of the information encryption system will be described in detail as an information encryption method. Here, in order to facilitate understanding, the flow of content and the like generated by the service providing server 130 is omitted, and only information (data) encryption and decryption are described.

  FIG. 16 is a flowchart showing the flow of encryption and decryption of the information encryption method. In the information encryption method, first, the information processing apparatus 120 acquires a program (plug-in) for performing access processing to the mobile communication apparatus 150 directly from the management server 140 or via the service providing server 130. (S800). Such a program also includes a first key 710 and a second key 720 for decryption.

  Subsequently, the management server 140 encrypts at least a character string specifying a predetermined area of the service providing server 130 using the first key 710 as an encryption key, generates service specifying information 712, and at least the service providing server 130. A hash value 722 is generated by adding the second key 720 to the character string specifying the predetermined area (S810). Then, the service specifying information 712 and the hash value 722 are transmitted to the service providing server 130 (S812). Since the service specifying information 712 and the hash value 722 are unique and fixed to each service providing server, it is not necessary to retransmit such information until the definition of the service providing server 130 is changed.

  When the user tries to use the mobile communication device 150 owned by the user and attempts to communicate by holding the mobile communication device 150 over the reader / writer 160 of the information processing device 120 (S820), the information processing device 120 The provision server 130 is requested to provide the service (S822). In response to this request, the service providing server 130 specifies a predetermined partial area necessary for the access process, and generates partial specifying information 740 using the hash value 722 as an encryption key (S824).

  The service providing server 130 transmits the partial identification information 740 generated in this way to the information processing apparatus 120 together with the service identification information 712 (S826). The information processing apparatus 120 that has received both pieces of information develops the service transmitted together with the two pieces of information, decrypts the service identification information 712 and the partial identification information 740 with the first key 710 and the second key 720, All the information necessary for accessing the mobile communication device 150 is obtained (S828). The information processing device 120 uses this information to perform access processing to the mobile communication device 150 (S830), and processing corresponding to the service from the service providing server 130 is performed (S840).

  If the processing requested by the user is a balance inquiry of electronic money that can be used in the mobile communication device 150, the information encryption method ends, but the electronic money is used, that is, settlement using electronic money is performed. In this case, the information processing apparatus 120 further transmits the payment information to the service providing server 130 and updates the payment information (S842).

  In the present specification, the processing steps describing a program for causing the mobile communication device 150, the information processing device 120, the service providing server 130, or the management server 140 to perform various processes are not necessarily in the order described in the flowchart. Need not be processed in chronological order, and includes processes executed in parallel or individually (for example, parallel processing or object processing).

  As mentioned above, although preferred embodiment of this invention was described referring an accompanying drawing, it cannot be overemphasized that this invention is not limited to the example which concerns. It will be apparent to those skilled in the art that various changes and modifications can be made within the scope of the claims, and these are naturally within the technical scope of the present invention. Understood.

  For example, in the above embodiment, the case where the information processing apparatus 120 can be connected to the communication network 110 has been described as an example, but the present invention is not limited to such an example. It is also possible to start the browser 220 in the information processing apparatus 120 locally without connecting to the communication network 110 and perform wireless communication with the mobile communication apparatus 150.

  In the above embodiment, the case where the Web page is described in HTML has been described as an example. However, the present invention is not limited to such an example. For example, a Web page can be implemented even when it is described in a markup language such as XML or BML.

  In the above-described embodiment, the case where the browser or the like provided in the information processing apparatus 120 is composed of software has been described as an example. However, the present invention is not limited to such an example. For example, the browser may be a hardware composed of one or two or more circuits.

  The present invention is applicable to an information encryption system, a management server, a service providing server, an information processing apparatus, and a program and method thereof.

It is a block diagram which shows the structure of an information processing system. It is explanatory drawing which shows the outline of the screen display of information processing apparatus. It is explanatory drawing which shows the outline of the screen display of information processing apparatus. It is explanatory drawing which shows the outline of the screen display of information processing apparatus. It is a block diagram which shows the structure of an information processing apparatus roughly. It is a block diagram which shows the schematic structure of a portable communication apparatus. It is a block diagram which shows the schematic structure of a portable communication apparatus. It is explanatory drawing which showed the memory area | region of the portable communication apparatus roughly. It is a block diagram which shows the structure of a service provision server roughly. It is a block diagram which shows the structure of a management server roughly. It is explanatory drawing which shows the outline of the data structure of a web page. It is a flowchart which shows the outline of the display process which displays the web page in which the expansion tag was embedded. It is a flowchart which shows the outline of the access process performed with an expansion tag. It is the block diagram which showed the structure of the management server roughly. It is the block diagram which showed the structure of the service provision server roughly. It is the block diagram which showed schematically the structure of the information processing apparatus. It is the block diagram which showed roughly the flow of the encryption of an information encryption system. It is the block diagram which showed roughly the flow of the decoding of an information encryption system. It is the flowchart which showed the flow of the encryption of an information encryption method, and a decoding.

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 Information processing system 110 Communication network 120 Information processing apparatus 130 Service provision server 140 Management server 150 Portable communication apparatus 510 Area allocation part 512 1st key encryption part 514 2nd key hash part 516 Management transmission part 550 Content generation part 552 Output information Generation unit 554 Service provision reception unit 556 Hash encryption unit 558 Service provision transmission unit 610 Information processing reception unit 612 Browser 614 Information decryption unit 616 Access processing unit 618 Content storage unit 620 Result display unit

Claims (19)

A mobile communication device, a management server that allocates a predetermined area of a memory in the mobile communication device to a service providing server, generates service specifying information that specifies the predetermined area of the service providing server, and a predetermined partial area in the predetermined area An information encryption system comprising: a service providing server that generates partial identification information to be identified; and an information processing apparatus that communicates with the mobile communication device based on the service identification information and the partial identification information. :
The management server
A first key encryption unit that encrypts at least a character string that identifies a predetermined area of the service providing server using a first key as an encryption key and uses this as service identification information;
A second key hash unit for adding a second key to a character string specifying a predetermined area of the service providing server and generating a hash value;
A management transmitter that transmits the service identification information and the hash value to the service providing server;
With
The service providing server includes:
A service provision receiving unit for receiving the service specifying information and the hash value from the management server;
A hash encryption unit that encrypts at least a character string that identifies a predetermined partial area in the predetermined area using the hash value as an encryption key and uses the hash value as partial identification information;
A service providing transmitter for transmitting the service specifying information and the partial specifying information to the information processing apparatus;
With
The information processing apparatus includes:
An information processing receiving unit for receiving the service specifying information and the partial specifying information from the service providing server;
An information decryption unit for decrypting the service specific information and the partial specific information using only the first key and the second key possessed only by the management server and the information processing apparatus;
An access processing unit that identifies a predetermined area and a predetermined partial area from the decrypted result and executes an access process on the predetermined partial area of the mobile communication device;
An information encryption system comprising: An area allocation unit that allocates a predetermined area of the memory in the mobile communication device to the service providing server;
A first key encryption unit that encrypts at least a character string that identifies a predetermined area of the service providing server using a first key as an encryption key and uses this as service identification information;
A second key hash unit for adding a second key to a character string specifying a predetermined area of the service providing server and generating a hash value;
A management transmitter that transmits the service identification information and the hash value to the service providing server;
A management server comprising: Computer
An area allocation unit that allocates a predetermined area of the memory in the mobile communication device to the service providing server;
A first key encryption unit that encrypts at least a character string that identifies a predetermined area of the service providing server using a first key as an encryption key and uses this as service identification information;
A second key hash unit for adding a second key to a character string specifying a predetermined area of the service providing server and generating a hash value;
A management transmitter that transmits the service identification information and the hash value to the service providing server;
Program to make it function. An area allocating step of allocating a predetermined area of the memory in the mobile communication device to the service providing server;
A first key encryption step of encrypting at least a character string specifying a predetermined area of the service providing server using a first key as an encryption key and using the encrypted character as service specifying information;
A second key hashing step of adding a second key to a character string specifying a predetermined area of the service providing server and generating a hash value;
A management transmission step of transmitting the service specifying information and the hash value to the service providing server;
An information encryption method comprising: At least service specifying information obtained by encrypting a character string specifying a predetermined area allocated to the service providing server in the memory of the mobile communication device using the first key as an encryption key, and specifying at least the predetermined area of the service providing server A service provision receiving unit that receives, from the management server, a hash value generated by adding the second key to the character string to be processed;
A hash encryption unit that encrypts at least a character string that identifies a predetermined partial area in the predetermined area using the hash value as an encryption key and uses the hash value as partial identification information;
A service providing transmitter that transmits at least the service identification information and the partial identification information to an information processing apparatus that communicates with the portable communication apparatus;
A service providing server characterized by comprising: A content generation unit for generating content;
An output information generation unit that generates screen output information that defines at least a format when the content is output to the screen or a data structure of the content;
Further comprising
6. The service according to claim 5, wherein the service providing transmission unit embeds the screen output information, service identification information, and partial identification information in the content, and transmits the content to the information processing apparatus. Provision server. Computer
At least service specifying information obtained by encrypting a character string specifying a predetermined area allocated to the service providing server in the memory of the mobile communication device using the first key as an encryption key, and specifying at least the predetermined area of the service providing server A service provision receiving unit that receives, from the management server, a hash value generated by adding the second key to the character string to be processed;
A hash encryption unit that encrypts at least a character string that identifies a predetermined partial area in the predetermined area using the hash value as an encryption key and uses the hash value as partial identification information;
A service providing transmitter that transmits at least the service identification information and the partial identification information to an information processing apparatus that communicates with the portable communication apparatus;
Program to make it function. At least service specifying information obtained by encrypting a character string specifying a predetermined area allocated to the service providing server in the memory of the mobile communication device using the first key as an encryption key, and specifying at least the predetermined area of the service providing server A service provision receiving step of receiving, from the management server, a hash value generated by adding the second key to the character string to be processed;
A hash encryption step of encrypting at least a character string specifying a predetermined partial area in the predetermined area using the hash value as an encryption key and using this as partial specifying information;
A service provision transmission step of transmitting at least the service identification information and the partial identification information to an information processing apparatus communicating with the portable communication apparatus;
An information encryption method comprising: Service identification information obtained by encrypting at least a character string that identifies a predetermined area assigned to the service providing server in the memory of the mobile communication device, using the first key as an encryption key;
Partial identification information obtained by encrypting at least a character string that identifies a predetermined partial area in the predetermined area, using a hash value generated by adding a second key to a character string that identifies the predetermined area of the service providing server as an encryption key When,
An information processing receiving unit that receives the information from the service providing server;
An information decoding unit for decoding the service specifying information and the partial specifying information;
An access processing unit that identifies a predetermined area and a predetermined partial area from the decrypted result and executes an access process on the predetermined partial area of the mobile communication device;
An information processing apparatus comprising:   The information processing apparatus according to claim 9, wherein the information decryption unit decrypts the information using only the first key and the second key of the management server and the information processing apparatus. The information decoding unit
Decrypting the service specifying information using the first key as a decryption key, specifying a predetermined area of the service providing server,
11. The information processing according to claim 10, wherein the partial identification information is decrypted using a hash value generated by adding a second key to the decrypted result as a decryption key to identify the predetermined partial area. apparatus. The information processing receiving unit receives the content including the service specifying information and the partial specifying information, and the screen output information that defines at least the format when the content is output to the screen or the data structure of the content,
The information processing apparatus according to claim 9, further comprising a browser that outputs the content to a screen based on the screen output information after receiving the content.   13. The content is a Web page described in a markup language, and the screen output information, service specifying information, and partial specifying information are information identified by tags. The information processing apparatus described in 1.   The information processing apparatus according to claim 12, further comprising a content storage unit that stores the content.   10. The access process according to claim 9, wherein the access process is at least one of a process of reading data from a predetermined partial area of the mobile communication device and a process of writing data to the predetermined partial area. Information processing device.   The information processing apparatus according to claim 9, wherein the access processing is performed by wireless communication based on a short-range wireless standard.   The information processing apparatus according to claim 9, further comprising a result display unit configured to display a result of access processing on the mobile communication device on a screen. Computer
Service identification information obtained by encrypting at least a character string that identifies a predetermined area assigned to the service providing server of the memory in the mobile communication device, using the first key as an encryption key;
Partial identification information obtained by encrypting at least a character string that identifies a predetermined partial area in the predetermined area, using a hash value generated by adding a second key to a character string that identifies the predetermined area of the service providing server as an encryption key When,
An information processing receiving unit for receiving the message from the service providing server;
An information decoding unit for decoding the service specifying information and the partial specifying information;
An access processing unit that identifies a predetermined area and a predetermined partial area from the decrypted result and executes an access process on the predetermined partial area of the mobile communication device;
Program to make it function. Service identification information obtained by encrypting at least a character string that identifies a predetermined area assigned to the service providing server in the memory of the mobile communication device, using the first key as an encryption key;
Partial identification information obtained by encrypting at least a character string that identifies a predetermined partial area in the predetermined area, using a hash value generated by adding a second key to a character string that identifies the predetermined area of the service providing server as an encryption key When,
An information processing reception step of receiving the message from the service providing server;
An information decoding step of decoding the service specifying information and the partial specifying information;
An access processing step of identifying a predetermined area and a predetermined partial area from the decrypted result and executing an access process on the predetermined partial area of the portable communication device;
An information encryption method comprising:

Images