JP2008027177A - Split information processing apparatus, program and method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a split information processing apparatus and the like, capable of eliminating the inconvenience of requiring people to be authenticated by themselves when performing authentication. <P>SOLUTION: The split information processing apparatus includes an input part for inputting a first ID and at least one piece of biometric information, and a control part for performing the process of obtaining a corresponding piece of split biometric information from a biometric information file according to the first ID input from the input part, the process of recovering a plurality of pieces of biometric information from the piece of split biometric information obtained, and the process of performing authentication based on the plurality of pieces of biometric information recovered and the piece of biometric information input from the input part. The authentication is successful if at least one of the plurality of pieces of biometric information matches the piece of biometric information input from the input part. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a divided information processing apparatus, a divided information processing program, and a divided information processing method for processing divided biometric authentication information obtained by dividing biometric authentication information.

Background of the Invention

  For example, Patent Document 1 discloses an electronic computer system that authenticates an individual and presents electronic information belonging to the individual, and includes an arithmetic device and a plurality of files, and the arithmetic device includes the electronic information of the personal authentication information and the personal attribution. Each piece of electronic information is divided and stored in a separate file, and the stored information is further saved in a public information file. Upon receiving a request for presentation of electronic information, the computing device extracts the stored information from the public information file. The electronic authentication information is collected from the file according to the stored information, and the personal authentication information is restored. The personal authentication is performed by comparing the restored personal authentication information with the input personal authentication information, and the personal authentication is passed. There is disclosed an electronic information management system characterized in that personal electronic information belonging to each person is first collected, restored, and presented for the first time (see claim 1). .

  According to this electronic information management system, it is possible to easily realize safe management of electronic information belonging to itself against attacks from others (see the effect of the invention).

JP 2005-38139 A

  However, when the authentication information is biometric authentication information, the plurality of biometric authentication information is not targeted in Patent Document 1, and therefore there is a one-to-one relationship with respect to authentication. There is an inconvenience that must be present or an inconvenience that the person himself / herself is injured or the like cannot input biometric authentication information.

  The present invention has been made in view of the above points. The purpose of the present invention is to provide biometric authentication information by inconvenience that the person himself or herself must be authenticated when performing authentication, or the person himself is injured or the like. An object of the present invention is to provide a divided information processing apparatus, a divided information processing program, and a divided information processing method that can eliminate the inconvenience of being unable to input.

  In order to solve the above problem, a divided information processing apparatus according to claim 1 is a divided information processing apparatus that can access one or more biometric information files, and the one or more biometric information files include a plurality of biometric information files. A plurality of pieces of biometric authentication information obtained by dividing authentication information so as to be recoverable are recorded in association with the first identification ID, and an input unit for inputting the first identification ID and at least one biometric authentication information; A process of acquiring corresponding biometric authentication information from the biometric authentication information file based on the first identification ID input from the input unit, a process of restoring a plurality of biometric authentication information from the acquired biometric authentication information, and A control unit that performs a process of performing authentication with the plurality of restored biometric authentication information and the biometric authentication information input from the input unit, and the authentication is less than the plurality of biometric authentication information. Also one characterized in that the authentication if they match the biometric information input from the input unit is successful.

  In order to solve the above problem, a divided information processing apparatus according to claim 2 is the divided information processing apparatus according to claim 1, wherein at least one of the plurality of pieces of divided biometric authentication information is replaced with the biometric authentication information file. The divided biometric authentication information recorded on the portable recording medium and recorded on the portable recording medium is input from the input unit.

  In order to solve the above problem, the divided information processing apparatus according to claim 3 is the divided information processing apparatus according to claim 1 or 2, wherein the divided information processing apparatus is further accessible to one or more confidential information files. In the one or more confidential information files, a plurality of pieces of divided confidential information obtained by dividing the confidential information so as to be recoverable are recorded in association with the second identification ID, and the input unit further inputs the second identification ID. The control unit acquires the divided confidential information from the confidential information file based on the second identification ID input from the input unit before the authentication or when the authentication is successful. The processing and the processing for restoring the confidential information from the acquired divided confidential information are performed, and the processing for outputting the restored confidential information when the authentication is successful is further performed.

  In order to solve the above problem, the divided information processing apparatus according to claim 4 is the divided information processing apparatus according to claim 3, wherein at least one of the plurality of divided confidential information is replaced with the confidential information file. The divided confidential information recorded on the portable recording medium and recorded on the portable recording medium is input from the input unit.

  In order to solve the above problem, a divided information processing apparatus according to claim 5 is the divided information processing apparatus according to any one of claims 1 to 4, wherein the input unit further inputs change information of biometric authentication information. When the biometric authentication information is changed, the control unit acquires corresponding biometric authentication information from the biometric authentication information file based on the first identification ID input from the input unit. Processing, processing for restoring biometric authentication information from the acquired divided biometric authentication information, and changing the restored biometric authentication information based on the change information of the biometric authentication information input from the input unit. A process of dividing and outputting the information into a plurality of pieces of divided biometric authentication information so as to be restored is further performed.

  In order to solve the above problem, a divided information processing apparatus according to claim 6 is the divided information processing apparatus according to any one of claims 1 to 5, wherein at least one of the first identification ID and the second identification ID is used. And the control unit restores the biometric authentication information and / or the confidential information with reference to the division information in a process of restoring the biometric authentication information and / or the confidential information.

  In order to solve the above problem, the divided information processing apparatus according to claim 7 is the divided information processing apparatus according to any one of claims 1 to 6, wherein the divided information processing apparatus can further obtain confidential information, When the authentication is successful, the control unit further performs processing to divide the obtained confidential information into a plurality of divided confidential information and output the divided confidential information.

  In order to solve the above problem, the divided information processing apparatus according to claim 8 is the divided information processing apparatus according to any one of claims 1 to 7, wherein the input unit is used as a communication unit for communicating with a processing terminal. What is input from the input unit is received from the processing terminal by the communication unit.

  In order to solve the above problem, a divided information processing program according to claim 9 includes an input unit for inputting a first identification ID and at least one biometric authentication information, and divides a plurality of biometric authentication information in a recoverable manner. A divided information processing program for causing a divided information processing computer capable of accessing one or more biometric information files recorded with a plurality of pieces of divided biometric information associated with a first identification ID to perform processing. A process of acquiring the corresponding biometric authentication information from the biometric authentication information file based on the first identification ID, a process of restoring a plurality of biometric authentication information from the acquired biometric authentication information, and a plurality of A process of performing authentication with biometric authentication information and biometric authentication information input from the input unit is performed, and the authentication is performed at least among the plurality of biometric authentication information. One characterized in that the authentication if they match the biometric information input from the input unit is successful.

  In order to solve the above problem, a divided information processing program according to claim 10 is the divided information processing program according to claim 9, wherein at least one of the plurality of divided biometric authentication information is replaced with the biometric authentication information file. The divided biometric authentication information recorded on the portable recording medium and recorded on the portable recording medium is input from the input unit.

  In order to solve the above problem, the divided information processing program according to claim 11 is the divided information processing program according to claim 9 or 10, wherein the input unit is input from the input unit as a communication unit for communicating with the processing terminal. What is to be performed is received by the communication unit from the processing terminal.

  In order to solve the above problem, a divided information processing method according to claim 12 includes an input unit for inputting a first identification ID and at least one biometric authentication information, and divides a plurality of biometric authentication information so as to be recoverable. A divided information processing method for performing divided information processing capable of accessing one or more biometric information files recorded by associating a plurality of divided biometric information with a first identification ID, wherein the first information input from the input unit A process of acquiring the corresponding biometric authentication information from the biometric authentication information file based on the identification ID, a process of restoring a plurality of biometric authentication information from the acquired biometric authentication information, and a plurality of the biometric authentication information restored Authentication is performed with biometric authentication information input from the input unit, and the authentication is performed when at least one of the plurality of biometric authentication information is input from the input unit. Authentication If they match and the authentication information, characterized in that a success.

  In order to solve the above problem, the divided information processing method according to claim 13 is the divided information processing method according to claim 12, wherein at least one of the plurality of divided biometric authentication information is replaced with the biometric authentication information file. The divided biometric authentication information recorded on the portable recording medium and recorded on the portable recording medium is input from the input unit.

  In order to solve the above problem, the divided information processing method according to claim 14 is the divided information processing method according to claim 12 or 13, wherein the input unit is input from the input unit as a communication unit for communicating with a processing terminal. What is to be performed is received by the communication unit from the processing terminal.

  In the present invention, the “plurality of biometric information” refers to a plurality of pieces of biometric information about one party (for example, thumb and index finger vein information, index finger fingerprint and palm vein), and one or more biometrics for each of the parties. Contains information. A party is a person who has obtained permission for the subject requiring authentication (which may be the above-mentioned principal), and a plurality of parties are, for example, a plurality of persons who manage, own, and use confidential information. A bank account holder and one or more trustees (a person who is allowed to deposit or withdraw from the account of a holder such as a relative or an agent) A person in charge (such as a subordinate of the person in charge) corresponds to a person in charge or a plurality of persons permitted to enter a predetermined room.

  In the present invention, “confidential information” is information that is desired to be prevented from leaking outside. The content of “confidential information” can be adopted as appropriate.

  In the present invention, the “first identification ID” can be appropriately adopted as long as it is information that can identify individual divided biometric authentication information. That is, the “first identification ID” may be information that can input or obtain the corresponding divided biometric information from the biometric information file or the portable recording medium based on the “first identification ID”.

  In the present invention, the “second identification ID” can be appropriately adopted as long as it is information that can identify individual divided confidential information. That is, the “second identification ID” may be information that can input or acquire the corresponding divided confidential information from the confidential information file or the portable recording medium based on the “second identification ID”.

  In the present invention, “change information” is information for changing biometric authentication information.

  In the present invention, “division information” is a division code for identifying a division method (restoration method), for example. With reference to the division information, the biometric authentication information and the confidential information can be restored from all the divided biometric authentication information and the divided confidential information that can restore the original information. That is, the division information is information that can restore the biometric information and the confidential information from the divided biometric information and the divided confidential information that can restore at least the original information.

  In the present invention, the “first identification ID” and the “second identification ID” are expressed separately, but may be different information or the same information. In the present invention, when the “first identification ID” and the “second identification ID” are the same information, the “first identification ID” and the “second identification ID” include handling as one identification ID.

  When the “first identification ID” and the “second identification ID” are different, the correspondence between the biometric authentication information and the confidential information can be understood at a glance. For this reason, even if all the divided authentication information (or divided confidential information) is stolen, the authentication information (or confidential information) is restored, and the authentication information (or confidential information) is leaked, the confidential information owner (or confidential information) The authentication information corresponding to the information cannot be specified.

  In the present invention, “one or more biometric authentication information files” can be appropriately recorded in a storage unit of one or more information processing apparatuses, for example. One or more “biometric authentication information files” may be recorded in the storage unit of one information processing apparatus. The information processing apparatus here corresponds to, for example, a divided information providing server (which is one in the embodiment but may be plural in the embodiment) and a divided information processing apparatus in the embodiments described later.

  In the present invention, the “one or more confidential information files” may be, for example, appropriately different from one or more information processing apparatuses (information processing apparatuses that record biometric authentication information files, or may partially or entirely overlap. ). One or more “confidential information files” may be recorded in the storage unit of one information processing apparatus. The information processing apparatus here corresponds to, for example, a divided information providing server (which is one in the embodiment but may be plural in the embodiment) and a divided information processing apparatus in the embodiments described later.

  In the present invention, “a plurality of pieces of biometric authentication information obtained by dividing a plurality of pieces of biometric authentication information” is information that can restore a plurality of pieces of biometric authentication information from the plurality of pieces of biometric authentication information. It may not be all divided biometric authentication information. For example, if biometric authentication information is divided into three parts from A to C, if a plurality of pieces of biometric authentication information can be restored only from A and B, “a plurality of divided biometric authentications obtained by dividing a plurality of pieces of biometric authentication information so as to be restored” will be described. “Information” is A and B. Note that the “biometric authentication information” before the division cannot be estimated from the “divided biometric authentication information” before the “biometric authentication information” is restored.

  In the present invention, “a plurality of divided confidential information obtained by dividing confidential information so that it can be restored” is information that can be restored from the plurality of divided confidential information, and not all the divided confidential information obtained by dividing the confidential information. Also good. For example, when the confidential information is divided into three from A to C, if the confidential information can be restored only from A and B, “a plurality of divided confidential information obtained by dividing the confidential information so that it can be restored” is A and B become. Note that the “confidential information” before the division cannot be estimated from the “divided confidential information” before the “confidential information” is restored. In this way, leakage of confidential information and authentication information can be prevented by dividing and storing the confidential information and authentication information.

  In the present invention, the method for dividing “confidential information” and “biometric authentication information” can be adopted as appropriate. As a dividing method, for example, it is desirable to use electronic tally (secret sharing method). Further, the division of “confidential information” and “biometric authentication information” may not be equally divided, but may be divided at different sizes, for example, 99: 1.

  In the present invention, “a plurality of pieces of biometric authentication information obtained by dividing a plurality of pieces of biometric authentication information so as to be recoverable is recorded in the one or more biometric authentication information files in association with the first identification ID” means one biometric authentication. Not only when one divided biometric authentication information is recorded in association with the first identification ID in the information file, but also a plurality of divided biometric authentication information is associated with one or more first identification IDs in one biometric authentication information file. It is an expression including the case of recording. That is, the number of divided biometric information and the number of biometric information files may be different.

  In the present invention, “a plurality of pieces of biometric authentication information obtained by dividing a plurality of pieces of biometric authentication information so as to be recoverable is recorded in the one or more biometric authentication information files in association with a first identification ID” means a first identification ID. If all necessary (corresponding) divided biometric authentication information can be acquired based on the above, the recording method is not limited. In the present invention, the “biometric authentication information file” is, for example, a database in which a plurality of pieces of divided biometric authentication information are recorded in association with a plurality of different first identification IDs.

  In the present invention, “in the one or more confidential information files, a plurality of divided confidential information obtained by dividing confidential information in a recoverable manner is recorded in association with the second identification ID” means that one confidential information file is divided into one The expression includes not only the case where confidential information is recorded in association with the second identification ID, but also the case where a plurality of divided confidential information is recorded in association with one or more second identification IDs in one confidential information file. . That is, the number of divided confidential information and the number of confidential information files may be different.

  In the present invention, “in the one or more confidential information files, a plurality of pieces of divided confidential information obtained by dividing confidential information in a recoverable manner are recorded in association with the second identification ID” is necessary based on the second identification ID. There is no limitation on the recording method as long as all (corresponding) divided confidential information can be acquired. In the present invention, the “confidential information file” is, for example, a database in which a plurality of divided confidential information is recorded in association with a plurality of different second identification IDs.

  In the present invention, “one or more biometric information files” and “one or more confidential information files” may be separate or at least one may overlap. In the case of duplication, the duplicate file can be expressed as a “biometric authentication information file” (or “confidential information file”). In the case of duplication, the divided biometric information is recorded in the “biometric authentication information file” (or “confidential information file”) in association with the first identification ID, and the divided confidential information is associated with the second identification ID. Recorded.

  In the present invention, “at least one of the plurality of divided biometric information is recorded on one or more portable recording media in place of the biometric information file” means that one divided biometric is recorded on one portable recording medium. The expression includes not only the case of recording information but also the case of recording a plurality of pieces of divided biometric authentication information on one portable recording medium. That is, the number of divided biometric authentication information and the number of portable recording media may be different. The divided biometric authentication information may be recorded in association with the first identification ID (biometric authentication file), or the plurality of divided biometric authentication information may be recorded in association with a plurality of different first identification IDs. .

  In the present invention, “at least one of the plurality of divided confidential information is recorded on one or more portable recording media instead of the confidential information file” means that one divided confidential information is recorded on one portable recording medium. This is an expression including not only the case of recording, but also the case of recording a plurality of pieces of divided confidential information on one portable recording medium. That is, the number of divided confidential information and the number of portable recording media may be different. Further, the second identification ID may be recorded in association with the divided confidential information (confidential information file), or the divided confidential information may be recorded in association with a plurality of different second identification IDs.

  In the present invention, at least one of the “one or more portable recording media” for recording the divided biometric authentication information and the “one or more portable recording media” for recording the divided confidential information are the same even in different portable recording media. It may be a portable recording medium.

  In the present invention, “divided biometric authentication information” is obtained by dividing a plurality of biometric authentication information separately or collectively. Dividing a plurality of or a plurality of persons' biometric authentication information together means that the plurality of biometric authentication information is handled as one data and divided.

  When a plurality of pieces of biometric authentication information are divided separately, a group of pieces of divided biometric authentication information obtained by dividing biometric authentication information for each piece of divided biometric authentication information is expressed as divided biometric authentication information as a whole.

  For example, when two (or two) biometric authentication information (first to second biometric authentication information) is divided into three parts A to C, the first divided biometric authentication information A and the second divided biometric information The authentication information A is referred to as divided biometric authentication information A.

  For example, the first biometric authentication information is divided into the first divided biometric authentication information A and the first divided biometric authentication information B, and the second biometric authentication information is divided into the second divided biometric authentication information A to C. In this case, the first divided biometric authentication information A and the second divided biometric authentication information A are referred to as divided biometric authentication information A, and the first divided biometric authentication information B and the second divided biometric authentication information B are divided into biometric authentication. It is called information B, and the second divided biometric information C is called divided biometric information C.

  In the present invention, “accessible” to the biometric information file or the confidential information file is not limited to the case where the biometric information file or the confidential information file is recorded in the storage unit in the apparatus and can be accessed. At least one of a plurality of biometric information files or a plurality of confidential information files is stored in a storage unit in an information processing apparatus, for example, a server (for example, an information providing server) or a processing terminal that can communicate via a network, and accessed. It is a concept that includes cases where possible.

  In the present invention, “output” includes not only display, printing, and recording (recording in a file inside or outside the apparatus and / or a recording medium) but also including provision to other processes, other programs, and apparatuses as data. It is.

  In the present invention, the “program” is a concept including not only a program that can be directly executed by a computer but also a program that can be executed by being installed on a hard disk or the like. It is also a concept that includes a compressed or encrypted one.

  According to the present invention, “the authentication is successful if at least one of the plurality of biometric authentication information matches the biometric authentication information input from the input unit”. The inconvenience that the person himself / herself must be authenticated or the person himself / herself is injured or the like cannot input biometric authentication information can be solved.

  An embodiment of the present invention will be described with reference to the drawings.

(Configuration of information processing system)
FIG. 1 is a configuration diagram of an example of a divided information processing system using a divided information processing apparatus 101 according to an embodiment of the present invention.

  The divided information processing system includes a divided information processing apparatus 101, a divided information providing server 102, a first portable recording medium 151, and a second portable recording medium 152.

  The divided information processing apparatus 101 and the divided information providing server 102 can communicate with each other via a network 500 such as the Internet (that is, data can be transmitted / received). The divided information processing apparatus 101 and the divided information providing server 102 may be communicable via a dedicated line or the like.

  The divided information processing apparatus 101 is configured by one or a plurality of various information processing apparatuses such as a computer, and performs predetermined processing on biometric authentication information and confidential information. When the divided information processing apparatus 101 includes a plurality of various information processing apparatuses (for example, a server and a processing terminal), the divided information processing apparatus 101 is configured to be able to communicate with each information processing apparatus via a network or the like. The

  The plurality of biometric authentication information is divided into divided biometric authentication information A to C. Furthermore, by using all the divided biometric authentication information A to C, a plurality of biometric authentication information can be restored.

  The confidential information is divided into divided confidential information A to C. Furthermore, the confidential information can be restored by using all the divided confidential information A to C.

  The storage unit of the divided information processing apparatus 101 stores the biometric authentication information file B and the confidential information file B. In the biometric authentication information file B, the divided biometric authentication information B is recorded in association with a plurality of different first identification IDs. In the confidential information file B, the divided confidential information B is recorded in association with a plurality of different second identification IDs.

  The division information providing server 102 is various information processing apparatuses such as a computer, and performs predetermined processing.

  The storage unit of the divided information providing server 102 stores the biometric authentication information file C and the confidential information file C. In the biometric information file C, the divided biometric information C is recorded in association with the first identification ID. In the confidential information file C, the divided confidential information C is recorded in association with the second identification ID.

  The division information providing server 102 receives the transmission request from the division information processing apparatus 101 and the first identification ID (or the second identification ID), and biometric authentication is performed based on the first identification ID (or the second identification ID). The divided biometric authentication information C (or divided confidential information C) is read from the information file C (or confidential information file C) and transmitted to the divided information processing apparatus 101 (processing 102A).

  The divided information providing server 102 receives the recording request from the divided information processing apparatus 101, the first identification ID (or the second identification ID), and the divided biometric authentication information C (or the divided confidential information C). The authentication information C (or divided confidential information C) is recorded in association with the first identification ID (or second identification ID) (process 102B).

  Through the processing 102A and / or the processing 102B, the divided information processing apparatus 101 can access the biometric authentication information file C (or the confidential information file C).

  By the process 102A, the divided information processing apparatus 101 uses the first identification ID (or the second identification) from the biometric authentication information file C (or the confidential information file C) based on the first identification ID (or the second identification ID). Divided biometric authentication information C (or divided confidential information C) corresponding to (ID) can be acquired.

  By the process 102B, the divided information processing apparatus 101 corresponds the divided biometric authentication information C (or divided confidential information C) to the first identification ID (or second identification ID) in the biometric authentication information file C (or confidential information file C). You can record it.

  In this way, the divided information processing apparatus 101 can access the biometric information file (or confidential information file) recorded in the storage unit of the external apparatus. Then, the divided information processing apparatus 101 obtains the divided biometric authentication information (or divided confidential information) corresponding to the biometric authentication information file (or confidential information file) from the first identification ID (or second identification ID). The divided biometric information (or divided secret information) can be recorded in the biometric information file (or secret information file) in association with the first identification ID (or second identification ID).

  On the first portable recording medium 151, the divided biometric authentication information A and the first identification ID are recorded.

  On the second portable recording medium 152, the divided confidential information A and the second identification ID are recorded.

  The portable recording medium may be any portable recording medium, and includes, for example, an IC chip, IC card, USB memory (flash memory), FD, CD-ROM, MO, barcode, and two-dimensional code (QR code). ) Etc. In the case of a barcode, a two-dimensional code (including a QR code), etc., the divided biometric authentication information A, the first identification ID, the divided confidential information A, the second identification ID, etc. And the like, and the divided biometric authentication information A, first identification ID, divided confidential information A, second identification ID, etc. are bar code, two-dimensional code (QR code). Recorded). When a bar code or a two-dimensional code (including a QR code) is printed on a sticker or the like, the bar code or two-dimensional code is pasted on predetermined paper or the like for management.

  By using the portable recording medium, the biometric authentication information and the confidential information cannot be restored unless the portable recording medium is stolen, so that leakage of the confidential information and the biometric information can be prevented.

  The divided information processing apparatus 101 reads (inputs) or writes (records) the divided biometric authentication information A and the first identification ID on the first portable recording medium 151. The divided information processing apparatus 101 reads (inputs) or writes (records) the divided confidential information A and the second identification ID on the second portable recording medium 152.

  In the present embodiment, the biometric authentication information and the confidential information are divided into three parts.

  Further, the division information providing server 102, the first portable recording medium 151, and the second portable recording medium 152 may be omitted depending on the number of biometric authentication information and confidential information to be divided. May be. Further, only the first identification ID and the second identification ID may be recorded on the first portable recording medium 151 or the second portable recording medium 152, respectively. Further, the first portable recording medium 151 and the second portable recording medium 152 may be a single portable recording medium. All the divided biometric authentication information and / or the divided confidential information may be recorded on the first portable recording medium 151 or the second portable recording medium 152.

  Further, the divided information providing server 102 is changed to an information processing apparatus that can communicate with the divided information processing apparatus 101 that can perform the processes 102A and 102B as appropriate (the divided information processing apparatus 101 can access the biometric authentication information file and the confidential information file). Is possible. In addition, the first portable recording medium 151, the second portable recording medium 152, and the divided information processing apparatus 101 are usually plural for use by different operators (which may be parties). Further, the biometric authentication information file B and the confidential information file B recorded in the storage unit of the divided information processing apparatus 101 may be recorded in the storage unit of the external information processing apparatus.

(Configuration of the divided information processing apparatus 101)
FIG. 2 is a diagram illustrating an example of the configuration of the divided information processing apparatus 101.

  The divided information processing apparatus 101 includes a control unit 201, a storage unit 202, an input unit 203, an output unit 204, and a communication unit 205 as appropriate. When the divided information processing apparatus 101 is configured by a plurality of various information processing apparatuses (for example, a server and a processing terminal), the divided information processing apparatus 101 is an apparatus provided with the above members as a whole.

  The control unit 201 performs control of each unit such as the storage unit 202, the input unit 203, the output unit 204, the communication unit 205, and processing described later. The control unit 201 includes, for example, a CPU, a main memory, a divided information processing program developed in the main memory, and the like. The control unit 201 may be configured by a dedicated chip, a module, or the like that can perform processing described later.

  The storage unit 202 appropriately records a biometric authentication information file B, a confidential information file B, confidential information, various data, various programs, and the like. The storage unit 202 includes a storage device such as a hard disk.

  The input unit 203 appropriately inputs various commands, first identification ID, second identification ID, biometric authentication information, split biometric authentication information A, split secret information A, secret information, attribute information, and other necessary information (data). It is for input.

  The input unit 203 inputs various commands, a first identification ID, a second identification ID, biometric authentication information, split biometric authentication information A, split secret information A, secret information, attribute information, and other necessary information (data). It is constituted by one or a plurality of various input (or input / output) devices suitable for the purpose.

  An input device for inputting various commands, confidential information, attribute information, and other necessary information (data) includes, for example, a keyboard, a mouse, a touch panel, and the like.

  The input (or input / output) device for inputting the first identification ID, the second identification ID, the divided biometric authentication information A, and the divided confidential information A is the first portable recording medium or the second portable recording medium. It is configured with an input (or input / output) device suitable as appropriate depending on what is configured.

  For example, when the portable recording medium is an IC chip, an IC card, or the like, the input (or input / output) device is an IC reader (or IC reader / writer) or the like. For example, when the portable recording medium is a USB memory (flash memory) or the like, the input (or input / output) device is a USB connector or the like. For example, when the portable recording medium is FD, CD-ROM, MO, or the like, the input (or input / output) device is various drives suitable for these. For example, when the portable recording medium is a barcode, a two-dimensional code, etc., the input (or input / output) device is a barcode reader, a two-dimensional code reader, or the like.

  An input (or input / output) device for inputting confidential information is, for example, a keyboard, a mouse, a touch panel or the like when inputting confidential information manually. Confidential information is recorded on a portable recording medium such as an IC chip, IC card, USB memory (flash memory), FD, CD-ROM, MO, barcode, two-dimensional code (including QR code), and the like. When inputting confidential information from a medium, input (or input / output) devices for inputting confidential information include an IC reader (or IC reader / writer), a USB connector, various drives, a barcode reader, a two-dimensional code reader, and the like. A suitable device.

  The first identification ID and the second identification ID may be input manually. In this case, an input (or input / output) device for inputting the first identification ID and the second identification ID is a keyboard, a mouse. It becomes a touch panel.

  The input device for inputting biometric authentication information is one or a plurality of biometric authentication input devices. Examples of biometric authentication include finger veins, palm veins, voiceprints, and fingerprints.

  The output unit 204 includes a display unit. The output unit 204 includes an output device such as a display and a printer, and an input / output device such as a touch panel. In particular, the display unit includes a display, a touch panel, and the like.

  Further, the output unit 204 appropriately records the first identification ID, the second identification ID, the divided biometric authentication information A, and the divided confidential information A on the first portable recording medium 151 and the second portable recording medium 152. And is appropriately configured by a writing (or input / output) device suitable for recording information on the first portable recording medium 151 and the second portable recording medium 152.

  For example, when the portable recording medium is an IC chip, an IC card, or the like, the writing (or input / output) device is an IC writer (or IC reader / writer) or the like. For example, when the portable recording medium is a USB memory (flash memory) or the like, the writing (or input / output) device is a USB connector or the like. For example, when the portable recording medium is an FD, CD-ROM, MO, or the like, the writing (or input / output) device is various drives suitable for these. For example, when the portable recording medium is a barcode, a two-dimensional code (including QR code), etc., the writing (or input / output) device is a printer, a barcode creating device, a two-dimensional code (including QR code) creating device, etc. It becomes.

  When part or all of the same or different members (input unit and output unit, etc.) are configured by the same device (IC reader / writer, touch panel, etc.), the portion that can be configured by the same device is configured by one device. I can do it.

  The communication unit 205 is for transmitting and receiving various data, various commands, first identification ID, second identification ID, divided biometric authentication information C, divided secret information C, and the like. The communication unit 205 includes a modem and is connected to the network 500. Communication unit 205 enables communication with divided information providing server 102.

(Configuration of the division information providing server 102)
The division information providing server 102 appropriately includes a control unit, a storage unit, an input unit, an output unit, and a communication unit (the input unit and the output unit may not be particularly necessary).

  Since the configuration of the divided information providing server 102 basically conforms to the divided information processing apparatus 101, description thereof is omitted.

  However, the control unit performs the process 102A and / or the process 102B. Further, the input unit is for inputting various information (data) and various commands. In the storage unit, a biometric authentication information file C, a confidential information file C, various data, various programs, and the like are recorded as appropriate. Further, the communication unit can communicate with the divided information processing apparatus 101.

(Hardware configuration of divided information processing apparatus 101)
FIG. 3 is a diagram illustrating an example of the hardware configuration of the divided information processing apparatus 101, the first IC card 310 and the second IC card 311.

  The divided information processing apparatus 101 includes a CPU 301, a main memory 302, a keyboard 303, a mouse 304, a display 305, a modem 306, an IC reader / writer 307, a biometric authentication input device 308, and a hard disk 309 as appropriate.

  On the hard disk 309, a divided information processing program, a biometric authentication information file B, a confidential information file B, various data, and an OS are appropriately recorded. The IC reader / writer 307 reads and writes information from and to the first IC card 310 and the second IC card 311.

  In the main memory 302, the divided information processing program and the OS are expanded as appropriate. The main memory 302 is provided with a work area for the CPU 301.

  The CPU 301 performs processing described later (processing performed by the control unit 201) in accordance with instructions of the divided information processing program and the OS (or the divided information processing program alone) developed in the main memory 302.

(Hardware configuration of division information providing server 102)
The division information providing server 102 is the same as an example of the hardware configuration of the division information processing apparatus 101.

  However, the divided information providing server 102 does not particularly require the keyboard 303, the mouse 304, the display 305, the IC reader / writer 307, the biometric authentication input device 308, and the hard disk 309.

  However, the divided information providing program, the biometric authentication information file C, the confidential information file C, various data, and the OS are appropriately recorded on the hard disk of the divided information providing server 102. However, the division information providing program and the OS are appropriately deployed in the main memory of the division information providing server 102. The CPU 301 performs processing 102 </ b> A or 102 </ b> B according to a command of the division information providing program and the OS (or the division information providing program alone) developed in the main memory 302.

(Biometric authentication information registration / change process)
FIG. 4 is a flowchart of an example of biometric information registration / change processing performed by the control unit 201 of the divided information processing apparatus 101 (in this process, simply referred to as the divided information processing apparatus 101 as appropriate).

  The divided information processing apparatus 101 performs the following processing. The order of processing can be changed as appropriate.

(Step 401)
The divided information processing apparatus 101 displays a screen (“YES” or “NO” for new registration) for selecting whether or not it is new registration on the display unit.

  An operator of the divided information processing apparatus 101 (not necessarily a party. In the biometric authentication information registration process, it is simply referred to as an operator as appropriate) inputs that it is a new registration (for example, the mouse 304). If “YES” is selected on the screen, the divided information processing apparatus 101 proceeds to step 402.

  When the operator inputs that it is not a new registration through the input unit 203 (for example, selects “NO” on the screen with the mouse 304), the divided information processing apparatus 101 proceeds to step 406.

(Step 402)
When the input unit 203 inputs that it is a new registration, the divided information processing apparatus 101 displays on the display unit a prompt to input biometric authentication information.

  When the party inputs a plurality of pieces of biometric authentication information using the input unit 203 (for example, the vein biometric authentication input device reads a finger or palm vein), the divided information processing apparatus 101 uses the biometric authentication information (input unit 203). The biometric authentication information input by (1) is received.

  When all of the plurality of pieces of biometric authentication information are input, the operator inputs an input end command using the input unit 203 (for example, every time one piece of biometric authentication information is input, the divided information processing apparatus 101 displays “ "End of input" is selected with the mouse 304).

  For example, in order to clarify the attributes of biometric authentication information such as which biometric information or who's biometric authentication information, attribute information (such as the title) is biometrically authenticated for each piece of biometric information. You may include in information suitably. For example, based on the attribute information input by the input unit 203, the divided information processing apparatus 101 includes the attribute information in the biometric authentication information. Further, the divided information processing apparatus 101, for example, if the plurality of pieces of biometric authentication information are different types of biometric authentication information (for example, veins and fingerprints), attribute information depending on which biometric input information is input by which biometric input information. May be generated.

(Step 403)
When an input end command is input, a first identification ID is generated. The first identification ID can be generated by an arbitrary method, but for example, is generated by assigning a number in the order of acceptance of biometric authentication information.

  In addition, information (name, organization, etc.) input by the operator from the input unit 203 may be added to the first identification ID to generate the first identification ID. Further, the first identification ID may be generated from information (name, organization, etc.) input from the input unit 203 by the operator.

  When the information input from the input unit 203 by the operator is used as the first identification ID, the divided information processing apparatus 101 displays an input field for the first identification ID on the display unit and prompts the input of information.

(Step 404)
The divided information processing apparatus 101 divides the biometric authentication information into the divided biometric authentication information A to C so that the biometric authentication information can be restored. In the division, multiple pieces of biometric authentication information are divided separately or collectively.

(Step 405)
The divided information processing apparatus 101 writes (records) the first identification ID and the divided biometric authentication information A on the first portable recording medium 151 by the output unit 204. When a plurality of different first identification IDs are recorded on the first portable recording medium 151, the first identification ID and the divided biometric authentication information A are recorded in association with each other. When only one divided biometric authentication information A is recorded on one portable recording medium 151, the first identification ID is not particularly required.

  The divided information processing apparatus 101 records the divided biometric authentication information B in the biometric authentication information file B in association with the first identification ID. The divided information processing apparatus 101 records the divided biometric authentication information C in the biometric information file C in association with the first identification ID (see process 102B).

  Whether the divided information processing apparatus 101 outputs a plurality of divided biometric authentication information and / or a first identification ID, thereby recording the plurality of divided biometric authentication information in association with the first identification ID in one or more biometric authentication files. A part of the plurality of divided biometric information is recorded in one or more biometric files in association with the first identification ID, and the remaining divided biometric information is recorded on one or more portable recording media by the output unit 204. (Including the case of recording in association with the first identification ID) or recording a plurality of divided biometric authentication information on one or more portable recording media by the output unit 204 (in the case of recording in association with the first identification ID) including).

(Step 406)
The divided information processing apparatus 101 displays a screen for selecting whether biometric authentication information is changed (“YES” and “NO” whether biometric information is changed) on the display unit.

  When the operator of the divided information processing apparatus 101 inputs that the biometric authentication information is changed by the input unit 203 (for example, “YES” on the screen is selected with the mouse 304), the divided information processing apparatus 101 proceeds to step 407. .

  When the operator inputs that biometric authentication information is not changed by the input unit 203 (for example, “NO” on the screen is selected by the mouse 304), the divided information processing apparatus 101 ends the processing.

(Step 407)
When the input unit 203 inputs that biometric authentication information is changed, the divided information processing apparatus 101 displays a screen for prompting input of the first identification ID and the divided biometric authentication information A on the display unit.

  The operator inputs the first identification ID and the divided biometric authentication information A to the divided information processing apparatus 101 via the input unit 203 (inputs the first identification ID and the divided biometric authentication information A from the first portable recording medium 151). Read by the unit 203). If the first identification ID is not recorded on the portable recording medium, the first identification ID may be directly input by the input unit 203.

(Step 408)
The divided information processing apparatus 101 reads (acquires) the corresponding divided biometric information B from the biometric information file B based on the input first identification ID. The divided information processing apparatus 101 acquires the corresponding divided biometric information C from the biometric information file C based on the input first identification ID (see process 102A).

(Step 409)
The divided information processing apparatus 101 restores biometric authentication information from the acquired or input divided biometric authentication information A to C.

(Step 410)
When the divided information processing apparatus 101 restores the biometric authentication information, the divided information processing apparatus 101 displays a screen for inputting the type of change (for example, a screen having “replacement”, “deletion”, “subscription”) on the display unit. When the operator inputs the type of change with the input unit 203 (for example, selecting “Replace”, “Delete”, or “Join” on the screen with the mouse 304), the divided information processing apparatus 101 corresponds to the type of change. A screen for inputting change information of biometric authentication information to be displayed is displayed on the display unit.

  For example, in the case of the above “replacement”, the divided information processing apparatus 101 has one or more pieces of biometric authentication information to be deleted and one or more pieces of biometric authentication information to be newly added. For example, in the case of the above-mentioned “subscription”, change information of biometric authentication information such as one or more newly added biometric authentication information is input by the input unit 203 (for example, to the biometric authentication input device for veins, Have your finger or palm vein read).

  When the biometric authentication information includes the attribute information, a screen that prompts the user to input the attribute information is displayed on the display unit (for example, a plurality of attribute information is displayed on the screen). By inputting information (for example, selecting attribute information on the screen with the mouse 304), biometric authentication information change information (one or more biometric authentication information to be deleted) may be input from the input unit 203.

(Step 411)
When the change information of the biometric authentication information is input from the input unit 203, the divided information processing apparatus 101 changes the biometric authentication information restored in step 409 based on the change information of the biometric authentication information.

  For example, when one or more pieces of biometric authentication information to be deleted and one or more pieces of biometric authentication information to be newly added are input, the divided information processing apparatus 101 receives one or more pieces of input from the plurality of pieces of biometric information restored in step 409. The biometric authentication information to be deleted is deleted, and one or more input biometric authentication information to be added is added. That is, for one or more restored biometric authentication information, one or more biometric authentication information to be deleted and one or more biometric authentication information to be newly added are replaced.

  For example, when one or more pieces of biometric information to be deleted are input, the divided information processing apparatus 101 deletes one or more pieces of biometric information to be deleted from the plurality of pieces of biometric information restored in step 409 (deletion). ).

  For example, when one or more pieces of biometric authentication information to be newly added are input, the divided information processing apparatus 101 adds the one or more pieces of biometric authentication information to be newly added to the plurality of pieces of biometric authentication information restored in step 409. Add (subscribe).

  When the biometric authentication information restored in step 409 is changed, the biometric authentication information after the change is made biometric authentication information, and the process proceeds to step 404.

  As in this process, the restored biometric authentication information is changed based on the biometric authentication information change information input by the input unit, and the changed biometric authentication information is divided into a plurality of divided biometric authentication information so that the biometric authentication information can be restored. Thus, even if it is necessary to change one of the plurality of authentication information, the change is easy. In particular, the divided biometric authentication information can be easily changed even when the parties are changed. This is particularly effective when a person in charge of a company such as a bank is a party, or when one of the persons in charge is changed (retirement, etc.).

(Confidential information recording process)
FIG. 5 is a flowchart of an example of a confidential information recording process performed by the control unit 201 of the divided information processing apparatus 101 (in this process, simply referred to as the divided information processing apparatus 101 as appropriate).

  The divided information processing apparatus 101 performs the following processing. The order of processing can be changed as appropriate.

(Step 501)
The divided information processing apparatus 101 displays on the display unit as a screen a prompt to input biometric authentication information.

  When the operator inputs a plurality of pieces of biometric authentication information using the input unit 203 (for example, the vein biometric authentication input device reads a finger or palm vein), the divided information processing apparatus 101 receives the biometric authentication information. .

  When biometric authentication information is input (not all biometric authentication information is required), the operator inputs an input end command using the input unit 203 (for example, when one biometric authentication information is input, the divided information processing apparatus 101 displays the display unit. "End of input" on the screen to be displayed is selected with the mouse 304).

(Step 502)
When the biometric authentication information is input by the input unit 203, the divided information processing apparatus 101 displays a screen for prompting input of the first identification ID and the divided biometric authentication information A on the display unit.

  The operator inputs the first identification ID and the divided biometric authentication information A to the divided information processing apparatus 101 via the input unit 203 (inputs the first identification ID and the divided biometric authentication information A from the first portable recording medium 151). Read by the unit 203). If the identification ID is not recorded on the portable recording medium, the identification ID may be directly input by the input unit 203.

(Step 503)
The divided information processing apparatus 101 reads (acquires) the corresponding divided biometric information B from the biometric information file B based on the input first identification ID. The divided information processing apparatus 101 acquires the corresponding divided biometric information C from the biometric information file C based on the input first identification ID (see process 102A).

(Step 504)
The divided information processing apparatus 101 restores a plurality of pieces of biometric information from the acquired or input pieces of divided biometric information A to C.

(Step 505)
The divided information processing apparatus 101 performs authentication using the biometric authentication information input by the input unit 203 in step 501 and the biometric authentication information restored in step 504. If at least one of the restored plurality of biometric authentication information matches the biometric authentication information input in step 501 (they do not have to be a complete match but can be matched so that the parties can be confirmed. The same applies to the present invention). Authenticate successfully. The divided information processing apparatus 101 displays the authentication result on the display unit.

  As described above, authentication is performed using the biometric authentication information (see step 501) input by the input unit 203 and the restored biometric authentication information, and at least one of the restored biometric authentication information (see step 504). If the biometric authentication information input in step 501 matches, the authentication is successful, so that when the plurality of biometric authentication information is a plurality of biometric authentication information of one of the parties, for example, the thumb vein and the index finger vein, Even if it is cut, it can be authenticated with the index finger vein. Thereby, the inconvenience that the person himself / herself is injured and cannot input biometric authentication information can be solved. Further, when a plurality of pieces of biometric authentication information is one or more pieces of biometric authentication information for each of a plurality of parties, for example, authentication can be performed even if one party itself (for example, the person himself / herself) cannot be authenticated due to illness or the like. This eliminates the inconvenience that the person himself (one party himself / herself) must be authenticated when authenticating.

(Step 506)
When the authentication is successful, the divided information processing apparatus 101 displays a screen that prompts the user to input confidential information, including that the authentication result is biometric authentication success. When the operator inputs confidential information through the input unit 203, the divided information processing apparatus 101 receives the confidential information (the confidential information input through the input unit 203).

  The divided information processing apparatus 101 may read confidential information recorded in advance from the storage unit 202. Further, confidential information recorded in advance from a storage unit in an external apparatus may be acquired by the communication unit 205.

  The divided information processing apparatus 101 can obtain confidential information by an appropriate method including the above method.

(Step 507)
When the input end command is input, the divided information processing apparatus 101 generates a second identification ID. The second identification ID can be generated by an arbitrary method, but is generated by assigning a number in the order in which biometric authentication information is received, for example. Further, the first identification ID may be used as it is or as a second identification ID.

  Further, information (name, organization, etc.) input by the operator from the input unit 203 may be added to the second identification ID to generate a second identification ID. Further, the second identification ID may be generated from information (name, organization, etc.) input from the input unit 203 by the operator.

  When the information input from the input unit 203 by the operator is used for the second identification ID, the divided information processing apparatus 101 displays an input field for the second identification ID on the display unit and prompts input of information.

(Step 508)
The divided information processing apparatus 101 divides the confidential information into the divided confidential information A to C so that the confidential information can be restored.

(Step 509)
The divided information processing apparatus 101 writes (records) the second identification ID and the divided confidential information A on the second portable recording medium 152 by the output unit 204. When a plurality of different second identification IDs are recorded on the second portable recording medium 151, the second identification ID and the divided confidential information A are recorded in association with each other. When one piece of divided confidential information A is recorded on one second portable recording medium 152, the second identification ID is not particularly required.

  The divided information processing apparatus 101 records the divided confidential information B in the confidential information file B in association with the second identification ID. Further, the divided information processing apparatus 101 records the divided confidential information C in the confidential information file C in association with the second identification ID (see process 102B).

  The divided information processing apparatus 101 outputs a plurality of pieces of divided confidential information to record the plurality of pieces of divided confidential information in association with the second identification ID in one or more confidential files, or a part of the plurality of pieces of divided confidential information Are recorded in one or more confidential files in association with the second identification ID, and the remaining divided confidential information is recorded in one or more portable recording media by the output unit 204 (in the case of recording in association with the second identification ID). Or a plurality of divided confidential information is recorded on one or more portable recording media by the output unit 204 (including the case of recording in association with the second identification ID).

  As described above, by outputting a plurality of divided confidential information obtained by dividing confidential information so that it can be restored (after registration or change of biometric information) separately from the registration or change of biometric authentication information, Can handle multiple confidential information. Furthermore, if the method of dividing the information for each of a plurality of institutions that handle the confidential information is different, the confidential information can be uniquely protected for each of the plurality of institutions. On the other hand, if the method of dividing biometric authentication information is unified, biometric authentication common to a plurality of institutions can be performed. Furthermore, since confidential information is divided and output after successful authentication, it is possible to ensure that this confidential information is information related to the authenticated party.

(Output processing of confidential information)
FIG. 6 is a flowchart of an example of confidential information output processing performed by the control unit 201 of the divided information processing apparatus 101 (in this processing, simply referred to as the divided information processing apparatus 101 as appropriate).

  The divided information processing apparatus 101 performs the following processing. The order of processing can be changed as appropriate.

(Step 601)
The divided information processing apparatus 101 displays on the display unit as a screen a prompt to input biometric authentication information.

  When the party inputs biometric information using the input unit 203 (for example, the vein biometric authentication input device reads a finger or palm vein), the divided information processing apparatus 101 receives the biometric information.

  When biometric authentication information is input (not all biometric authentication information is required), the operator inputs an input end command using the input unit 203 (for example, when one biometric authentication information is input, the divided information processing apparatus 101 displays the display unit. "End of input" on the screen to be displayed is selected with the mouse 304).

(Step 602)
When the biometric authentication information is input by the input unit 203, the divided information processing apparatus 101 displays a screen for prompting input of the first identification ID and the divided biometric authentication information A on the display unit.

  The operator inputs the first identification ID and the divided biometric authentication information A to the divided information processing apparatus 101 via the input unit 203 (inputs the first identification ID and the divided biometric authentication information A from the first portable recording medium 151). Read by the unit 203). If the first identification ID is not recorded on the portable recording medium, the first identification ID may be directly input by the input unit 203.

(Step 603)
The divided information processing apparatus 101 reads (acquires) the corresponding divided biometric information B from the biometric information file B based on the input first identification ID. The divided information processing apparatus 101 acquires the corresponding divided biometric information C from the biometric information file C based on the input first identification ID (see process 102A).

(Step 604)
The divided information processing apparatus 101 restores biometric authentication information from the acquired or input divided biometric authentication information A to C.

(Step 605)
The divided information processing apparatus 101 performs authentication using the biometric authentication information input by the input unit 203 in step 501 and the biometric authentication information restored in step 504. If at least one of the restored biometric authentication information matches the biometric authentication information input in step 601, the authentication is successful. The divided information processing apparatus 101 displays the authentication result on the display unit.

(Step 606)
When the biometric authentication is successful, the divided information processing apparatus 101 displays a screen that prompts the user to input the second identification ID and the divided confidential information A, including the fact that the authentication is successful as an authentication result. When the operator inputs the second identification ID and the divided confidential information A through the input unit 203, the divided information processing apparatus 101 transmits the second identification ID and the divided confidential information A (the second identification ID and the second confidential ID input by the input unit 203). The divided confidential information B) is received. If the second identification ID is not recorded on the portable recording medium, the second identification ID may be directly input by the input unit 203.

(Step 607)
The divided information processing apparatus 101 reads (acquires) the corresponding divided confidential information B from the confidential information file B based on the input second identification ID. The divided information processing apparatus 101 acquires the corresponding divided confidential information C from the divided confidential information file C based on the input second identification ID (see process 102A).

(Step 608)
The divided information processing apparatus 101 restores confidential information from the acquired or input divided confidential information A to C.

(Step 609)
The divided information processing apparatus 101 outputs the restored confidential information.

  In this way, since confidential information is output after successful authentication, leakage of confidential information can be prevented. In addition, if at least one of the restored biometric authentication information matches the authentication information input in step 601, the authentication is successful. Therefore, the biometric authentication information is a plurality of biometric authentication information of each party, for example, a thumb Even if the thumb is cut off, it is possible to authenticate with the fingerprint of the index finger. Thereby, the inconvenience that the person himself / herself is injured and cannot input biometric authentication information can be solved. Further, when a plurality of biometric authentication information is biometric authentication information of each of a plurality of parties, for example, authentication can be performed even if one party himself (for example, the person himself) cannot be authenticated due to illness or the like. This eliminates the inconvenience that the person himself (one party himself / herself) must be authenticated when authenticating. Moreover, even if a portable recording medium is stolen by using biometric authentication, authentication is not successful and confidential information can be protected.

(Modification)
The divided information processing apparatus 101 may function as a server.

  In this case, the divided information processing apparatus 101 is configured to be able to communicate with a processing terminal (various information processing apparatuses such as a computer) via the network 500 or the like by the communication unit 205.

  In this case, the divided information processing apparatus 101 does not need to be provided with the input unit 203 and the display unit. In addition, various commands, first identification ID, second identification ID, biometric authentication information, split biometric information A, split secret information A, secret information, attribute information, and other necessary information (data to be input as appropriate by the input unit 203 ) And the like are appropriately received from the processing terminal by the communication unit 205.

  In this case, the processing terminal includes a control unit, an input unit, an output unit (having a display unit), a communication unit, and a storage unit. Various commands to the input unit 203 described in the above processing, first identification ID, second identification ID, biometric authentication information, split biometric authentication information A, split secret information A, secret information, attribute information, and other necessary information ( Data) is input by an input unit provided in the processing terminal. Further, the display on the display unit performed by the control unit 201 described above, the recording of the divided biometric authentication information and / or the first identification ID on the portable recording medium, the divided confidential information and / or the portable recording medium of the second identification ID Processing such as recording in the processing terminal (may be changed as appropriate for the processing terminal) is performed by a control unit provided in the processing terminal.

  The divided information processing apparatus 101 records the first identification ID and the divided confidential information in the biometric information file in steps 403, 404, and 405, step 408, step 409, step 411, step 503, step 504, and so on. Step 505, Step 507, Step 508, Step 509 Recording the first identification ID and the divided secret information into the confidential information file, the processing described in Step 603, Step 604, Step 605, Step 607, Step 608, Step 609, etc. The processing similar to (and may be appropriately changed for server processing) is appropriately performed based on information appropriately received from the processing terminal by the communication unit 205. A part of these processes may be performed by the control unit of the processing terminal based on information appropriately received from the server by the communication unit.

(Other)
The division information may be added to at least one of the first identification ID and the second identification ID recorded in the confidential information file, the biometric information file, and the portable recording medium.

  For example, the divided information processing apparatus 101 generates division information together with the generation of the first identification ID and the second identification ID. Alternatively, for example, the divided information processing apparatus 101 appropriately generates division information when recording the first identification ID or the second identification ID. Further, it may be input by the input unit (including displaying and selecting the division information on the display unit). The divided information processing apparatus 101 uses this divided information when restoring biometric authentication information and confidential information.

  If this division information is used, the division method can be made different, so that the confidential information can be uniquely protected for each of a plurality of organizations that handle the confidential information and biometric authentication information. Further, even in the same organization, etc., the division method can be made different depending on the application, and confidential information can be protected for the purpose. Furthermore, if a plurality of division methods are prepared, the division method can be easily changed even if the division method leaks, and confidential information and biometric information can be protected.

(Example 1)
An example when the present invention is used for handling confidential information of a company will be described. FIG. 7 is an explanatory diagram when the present invention is used for handling confidential information of a company.

  The biometric authentication information is finger vein information of the main person in charge and the subordinate person. Electronic tally is used as the division method.

  In the organization / department file (biometric authentication information file), electronic tally vein information obtained by digitizing the finger vein information of the main person in charge and the subordinate person separately into two electronic tally (in the first embodiment, the main person in charge) The electronic tally vein information of the person in charge and the subordinate in charge is simply referred to as electronic tally vein information) (electronic tally vein information B) is the department / branch, job title, person in charge (in this case, the main person in charge) Are recorded in association with each other. A responsible department / branch, a post, and a person in charge (hereinafter collectively referred to as a department in charge) are first identification IDs. The institution / department department file 701 includes a plurality of electronic tally vein information obtained by converting the finger vein information of a plurality of different main persons and subordinate persons into two electronic tallys. Recorded in association with each other.

  On the institution / department IC card (portable recording medium), the rest of the electronic tally vein information (electronic tally vein information) is obtained by separately dividing the vein information of the main person in charge and the subordinate person into two electronic tallys. A) is recorded in association with the department in charge.

  A secret storage code is recorded in the institution / department IC card. The secret storage code is obtained by adding an electronic tally code (division code) to the second identification ID.

  Document, image, and photo files (confidential information files) are restored for multiple documents, images, photos, and other data (corresponding to confidential information and data in the format of Word, Excel, Acrobat, PDF, CVS, etc.). A plurality of pieces of electronic tally confidential information that can be electronically tallyed are recorded in association with the second identification IDs.

  The divided information processing apparatus reads (inputs) the electronic tally biometric authentication information A and the department in charge from the institution / department IC card by the IC reader / writer (input unit). The divided information processing apparatus acquires the corresponding electronic tally vein information A from the institution / charge section file based on the read charge section etc. (reference numeral 708). The divided information processing apparatus restores the finger vein information from the acquired electronic tally vein information B and the read electronic tally vein information A.

  On the other hand, the divided information processing device reads (inputs) the finger vein information of the slave in charge from the finger vein information input device (input unit). The divided information processing apparatus performs biometric authentication using the read finger vein information and the restored finger vein information (the finger vein information of the main person in charge and the subordinate person) (reference numeral 704). Here, since the read finger vein information of the subordinate person matches the finger vein information of the subordinate person in the restored finger vein information of the main person and the subordinate person, the biometric authentication is successful.

  Since the biometric authentication is successful, the divided information processing apparatus reads (inputs) the secret storage code by the IC reader / writer (input unit). The divided information processing apparatus may read the secret storage code when reading the responsible section and the electronic tally information A. The divided information processing apparatus acquires a plurality of corresponding electronic tally confidential information from the document / image / photo file based on the second identification ID of the read secret storage code. The divided information processing apparatus restores the confidential information from the plurality of obtained electronic tally confidential information with reference to the electronic tally code of the secret storage code (with a restoration method corresponding to the electronic tally code).

  The divided information processing apparatus outputs the restored confidential information. The divided information processing apparatus records confidential information in the storage unit and uses it for other processing (for example, editing) or displays it on the display unit.

  In this way, since confidential information is protected using biometric authentication information of a plurality of parties, confidential information can be used by a certain person, that is, a subordinate who is permitted to register biometric authentication information, even if it is not the primary person in charge. Can be handled. For this reason, the main person in charge does not have to be authenticated each time when handling confidential information, and the inconvenience that the person himself (the main person in charge) must authenticate himself can be resolved. Is achieved. In addition, by recording divided authentication information obtained by dividing a plurality of authentication information on one portable recording medium, a plurality of people can be authenticated with one portable recording medium, and the same number of people can be authenticated. Since confidential information can be handled, the inconvenience that the person (main person in charge) must be authenticated when authenticating can be solved, and the work can be facilitated.

(Example 2)
An example in which the present invention is used for handling bank account deposits and withdrawals will be described. FIG. 8 is an explanatory diagram when the present invention is used for handling bank account deposits and withdrawals.

  The biometric authentication information is finger vein information of the holder and the trustee. Electronic tally is used as the division method.

  In the customer registration file (biometric authentication information file), the electronic vein tally vein information in which finger vein information of the holder and the trustee is separately converted into two electronic tallys (in Example 1, the holder and the trustee) The electronic tally vein information is simply referred to as electronic tally vein information) (electronic tally vein information B) and recorded in association with the deposit number and customer number (hereinafter referred to as deposit number, etc.). ing. The deposit number or the like is a first identification ID.

  The deposit card (portable recording medium) contains an IC chip, and the vein information of the nominee and the trustee is separately stored in the IC chip, and the rest of the electronic tally vein information is converted into two electronic tallys. (Electronic tally vein information A) is recorded in association with a customer number or the like.

  The deposit secret code is recorded on the IC chip of the deposit card. The deposit secret code is obtained by adding an electronic tally code (division code) to the second identification ID.

  In the deposit / withdrawal files A and B (confidential information files), electronic tally confidential information A and B obtained by electronically tallying the deposit history of deposits and depositing account data (confidential information) so as to be recoverable are stored. It is recorded in association with each second identification ID.

  The divided information processing apparatus reads (inputs) the deposit secret code and the electronic tally biometric authentication information A from the IC chip of the deposit card by the IC reader / writer (input unit). The divided information processing device acquires the corresponding electronic tally vein information A from the deposit / withdrawal files A and B based on the read deposit number and the like. The divided information processing apparatus restores the finger vein information from the acquired electronic tally vein information B and the read electronic tally vein information A (reference numeral 808).

  On the other hand, the divided information processing device reads (inputs) the finger vein information of the trustee from the finger vein information input device (input unit). The divided information processing apparatus performs biometric authentication using the read finger vein information and the restored finger vein information (the finger vein information of the holder and the contract holder) (reference numeral 804). Here, since the read finger vein information of the trustee and the finger vein information of the trustee and the trustee's finger vein information match, the biometric authentication is successful.

  The divided information processing apparatus acquires the corresponding electronic tally confidential information from the deposit / withdrawal files A and B based on the second identification ID of the deposit secret code read earlier (reference numeral 807). The divided information processing apparatus refers to the electronic tally code of the secret storage code (with a restoration method corresponding to the electronic tally code), and deposit / withdrawal history and deposit information about the deposit from a plurality of obtained electronic tally confidential information. The data of the existing account.

  The divided information processing apparatus outputs the deposit / withdrawal history of the restored deposit and the data of the deposited account. The divided information processing apparatus records this data in the storage unit and uses it for other processing (for example, deposit / withdrawal processing for an account) or displays it on the display unit.

  In this way, since confidential information is protected using a plurality of biometric authentication information, even a person who is not a holder, that is, a contract holder who is permitted to register biometric information, can deposit and withdraw money from the account. I can do it. For this reason, it is not necessary for the holder to receive biometric authentication for deposits and withdrawals from the account, and it is possible to eliminate the inconvenience that the person himself (the holder) must authenticate himself when performing authentication, facilitating work. Is planned. This is particularly effective when the holder does not go to the bank. In addition, by recording divided authentication information obtained by dividing a plurality of authentication information on one portable recording medium, a plurality of people can be authenticated with one portable recording medium, and the same number of people can be authenticated. Since it can handle confidential information (account history of deposits and withdrawals and data of deposited accounts) (more precisely, the bank handles (manages) confidential information), the person (name) must be used for authentication. Person) It is possible to eliminate the inconvenience of having to be authenticated, and to facilitate the work.

(Application example of the present invention)
The portable recording medium can be applied to, for example, Juki net cards, identification cards, passports, soldier identification cards, membership cards, and the like. Thereby, even if the biometric authentication information of the position is lost, the identity can be confirmed.

  The present invention can be applied to, for example, public certificate storage management. As a result, authentication can be performed online. For example, the confidential information is a digitally signed file or electronic information (E document).

  The present invention can be applied to, for example, financial products and cards. As a result, impersonation can be prevented, and a large amount of damage can be avoided, and usage charges can be made accurately.

  For example, the confidential information is an electronic bill or an electronic check. In this case, a large-scale mechanism can be reduced.

  For example, a bankbook can be used as a portable recording medium.

  Debit cards, IC cards, credit cards, cash cards, rental cards, and special event tickets can be used as portable recording media. In this case, for example, online theft can be completely prevented.

  For example, confidential information becomes crime prevention information. In this case, provision classification of information that is not notified to a third party is facilitated.

  For example, the confidential information becomes an electronic key. In this case, the open / close key of the door or the like becomes perfect. This depends on the firmware.

  For example, the present invention can be applied to an electronic safe. In this case, the safe and locker keys are perfect.

  For example, the present invention can be applied to product transactions and protection of trade credit information. In this case, a secure transaction can be formed on the electronic. For example, an IC chip can be used as a portable recording medium. By using IC chips to protect trade credit information, the identity of various trade documents can be fully verified and accidents can be reduced.

  For example, the present invention can be used for recording approval stamps on documents. For example, a general document can be used as a portable recording medium. Thereby, the approval stamp column can be electronically filled and held.

  For example, confidential document data can be used as confidential information. This makes it possible to comply with the Personal Information Protection Law.

  For example, a contract or a promise can be used as the confidential document data. This makes it possible to comply with the Personal Information Protection Law. For example, an electronic document can be used as the confidential document data. This protects government drawings and prevents know-how from leaking. For example, an important document such as a bank can be used as the confidential document data. This enables centralized management of important documents on a branch basis.

It is a block diagram of an example of the division | segmentation information processing system using the division | segmentation information processing apparatus 101 which concerns on one Embodiment of this invention. 2 is a diagram illustrating an example of a configuration of a divided information processing apparatus 101. FIG. 2 is a diagram illustrating an example of a hardware configuration of a divided information processing apparatus 101, a first IC card 310 and a second IC card 311. FIG. 10 is a flowchart of an example of biometric information registration / change processing performed by the control unit 201 of the divided information processing apparatus 101. 6 is a flowchart of an example of confidential information recording processing performed by the control unit 201 of the divided information processing apparatus 101. 10 is a flowchart of an example of confidential information output processing performed by the control unit 201 of the divided information processing apparatus 101. It is explanatory drawing at the time of using this invention for the handling of confidential information of a company. It is explanatory drawing at the time of using this invention for the handling of the deposit / withdrawal of a bank account.

Explanation of symbols

101 divided information processing apparatus 102 divided information providing server 151 first portable recording medium 152 second portable recording medium 201 control unit 202 storage unit 203 input unit 204 output unit 205 communication unit

Claims (14)

A divided information processing apparatus capable of accessing one or more biometric information files,
In the one or more biometric authentication information files, a plurality of pieces of biometric authentication information obtained by dividing a plurality of pieces of biometric authentication information so as to be restored are recorded in association with the first identification ID,
An input unit for inputting the first identification ID and at least one biometric authentication information;
A process of acquiring corresponding biometric authentication information from the biometric authentication information file based on the first identification ID input from the input unit, a process of restoring a plurality of biometric authentication information from the acquired biometric authentication information, and A control unit that performs a process of authenticating with the plurality of restored biometric authentication information and the biometric authentication information input from the input unit,
The divided information processing apparatus according to claim 1, wherein the authentication is successful if at least one of the plurality of biometric authentication information matches the biometric authentication information input from the input unit. The divided information processing apparatus according to claim 1,
At least one of the plurality of divided biometric authentication information is recorded on one or more portable recording media instead of the biometric authentication information file,
The divided biometric authentication information recorded on the portable recording medium is input from the input unit. The divided information processing apparatus according to claim 1 or 2,
The divided information processing apparatus can further access one or more confidential information files,
In the one or more confidential information files, a plurality of divided confidential information obtained by dividing the confidential information in a recoverable manner is recorded in association with the second identification ID,
The input unit is for further inputting a second identification ID,
The controller is
Before the authentication or when the authentication is successful, the process of acquiring the divided confidential information from the confidential information file based on the second identification ID input from the input unit, and the confidential information from the acquired divided confidential information And a process of outputting the restored confidential information when the authentication is successful. The divided information processing apparatus according to claim 3.
At least one of the plurality of divided confidential information is recorded on one or more portable recording media instead of the confidential information file,
The divided confidential information recorded on the portable recording medium is input from the input unit. The divided information processing apparatus according to any one of claims 1 to 4,
The input unit is further for inputting biometric authentication information change information,
When the control unit changes the biometric authentication information,
A process of acquiring corresponding biometric authentication information from the biometric authentication information file based on the first identification ID input from the input unit, a process of restoring biometric authentication information from the acquired biometric authentication information, and a restoration The biometric authentication information is changed based on the biometric authentication information change information input from the input unit, and the biometric authentication information after the change is further divided into a plurality of divided biometric authentication information so as to be restored. It is characterized by. The divided information processing apparatus according to any one of claims 1 to 5,
Division information is added to at least one of the first identification ID and / or the second identification ID, and the control unit restores the biometric authentication information and / or the confidential information in the process of restoring the biometric information with reference to the division information. The authentication information and / or the confidential information is restored. The divided information processing apparatus according to any one of claims 1 to 6,
The divided information processing apparatus can further obtain confidential information,
In the case of successful authentication,
The controller is
The obtained confidential information is further divided into a plurality of divided confidential information so as to be restored and output. The divided information processing device according to claim 1,
As a communication unit for communicating the input unit with a processing terminal,
What is input from the input unit is received by the communication unit from the processing terminal. Provided with an input unit for inputting the first identification ID and at least one biometric authentication information, a plurality of pieces of biometric authentication information obtained by dividing the plurality of biometric authentication information in a recoverable manner are recorded in association with the first identification ID A divided information processing program for causing a divided information processing computer capable of accessing one or more biometric information files to perform processing,
A process of acquiring corresponding biometric authentication information from the biometric authentication information file based on the first identification ID input from the input unit, a process of restoring a plurality of biometric authentication information from the acquired biometric authentication information, and , To perform a process of performing authentication with a plurality of restored biometric authentication information and biometric authentication information input from the input unit,
The divided information processing program characterized in that the authentication is successful if at least one of the plurality of biometric authentication information matches the biometric authentication information input from the input unit. The divided information processing program according to claim 9,
At least one of the plurality of divided biometric authentication information is recorded on one or more portable recording media instead of the biometric authentication information file,
The divided biometric authentication information recorded on the portable recording medium is input from the input unit. The divided information processing program according to claim 9 or 10,
As a communication unit for communicating the input unit with a processing terminal,
What is input from the input unit is received by the communication unit from the processing terminal. Provided with an input unit for inputting the first identification ID and at least one biometric authentication information, a plurality of pieces of biometric authentication information obtained by dividing the plurality of biometric authentication information in a recoverable manner are recorded in association with the first identification ID A divided information processing method for performing divided information processing capable of accessing one or more biometric information files,
A process of acquiring corresponding biometric authentication information from the biometric authentication information file based on the first identification ID input from the input unit, a process of restoring a plurality of biometric authentication information from the acquired biometric authentication information, and , Performing a process of authenticating with the restored plurality of biometric authentication information and biometric authentication information input from the input unit,
The divided information processing method, wherein the authentication is successful if at least one of the plurality of pieces of biometric authentication information matches the biometric authentication information input from the input unit. The divided information processing method according to claim 12,
At least one of the plurality of divided biometric authentication information is recorded on one or more portable recording media instead of the biometric authentication information file,
The divided biometric authentication information recorded on the portable recording medium is input from the input unit. The divided information processing method according to claim 12 or 13,
As a communication unit for communicating the input unit with a processing terminal,
What is input from the input unit is received by the communication unit from the processing terminal.

Images