JP2008097364A - Mobile terminal unit, and electronic document management method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To efficiently realize both high-speed reading of electronic documents, of which security against document tampering or the like is not sensitive, and reading of electronic documents having digital signatures, of which security is guaranteed. <P>SOLUTION: A mobile terminal unit includes a separation means for separating an electronic signature from an electronic document included in an identical format, a memory section 101 for preserving the electronic document separated by the separation means into a non-secure area being accessible without access limitation, a protection memory section 201 for preserving the electronic signature separated by the separation means into a secure area being accessible only when the access limitation is removed, and a link information write means for writing, into the format, link information for identifying respective preservation places for the electronic document and the electronic signature separated by the separation means. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a portable terminal device and an electronic document management method capable of managing an electronic document and digital signature and MAC (Message Authentication Code), which are corresponding authentication information, and displaying an electronic document for an authorized person.

  In recent years, services that enable PKI (Public Key Infrastructure) processing in mobile terminal devices such as mobile phones have been provided.

  With this service, the subscriber information recorded in the UIM (User Identity Module), which is an IC card inserted into the mobile terminal device, is used to digitally convert electronic documents such as e-mails, documents, and electronic money. A signature (electronic signature) can be applied.

  Such a service can be used, for example, when performing VPN (Virtual Private Network) by authentication using an electronic signature when logging on to an in-house communication system with a mobile terminal device.

  Conventionally, “electronic document management method” described in Patent Document 1, “data management apparatus” described in Patent Document 2, and the like are known as techniques related to a mobile terminal device and an electronic document management method using this type of service.

  In the “electronic document management method” described in Patent Document 1, in addition to a document signature corresponding to an electronic document, an entry signature corresponding to a file entry (document information, access restriction list) is stored in a storage medium. The document signature and the entry signature are verified when the electronic document is provided to the authorized person.

In addition, the “data management device” described in Patent Document 2 stores a digital signature corresponding to an electronic document, and verifies the digital signature when the electronic document is displayed, and synthesizes an annotation stamp corresponding to the user into the electronic document. It is trying to display. In the “data management apparatus”, when the verification of the digital signature fails, the annotation stamp is not combined and displayed on the electronic document.
JP 2000-285026 A JP 2005-165854 A

  However, the conventional techniques related to the portable terminal device and the electronic document management method have the following problems.

  That is, in the “electronic document management method” described in Patent Document 1, since electronic documents and digital signatures are collectively managed, the digital signature is verified and the security is checked when browsing the electronic document. ing.

  For this reason, in this “electronic document management method”, even if it is desired to view an electronic document without worrying about safety, it is required to verify the digital signature of the electronic document to be viewed and release the access restriction. There is an inconvenience that it takes time to view the document.

  In particular, in a mobile terminal device such as a mobile phone, a digital signature included in an electronic document is stored in a UIM secure memory area.

  Therefore, when verifying an electronic document with a digital signature in a portable terminal device, a PIN (Personal Identification Number), which is a personal identification number used when using a UIM, is input to restrict access to the UIM. It is necessary to cancel.

  Therefore, in the portable terminal device, when the electronic document and the digital signature are collectively managed as in the “electronic document management method” described in Patent Document 1, the digital signature is verified when the electronic document is browsed. PIN input is required, and it takes time to browse the electronic document.

  In addition, the “data management apparatus” described in Patent Document 2 verifies a digital signature when displaying an electronic document, and displays the verification result with or without an annotation stamp.

  In this “data management apparatus”, it is necessary to set an option for displaying or hiding the annotation registered in the database depending on the presence or absence of a digital signature, which is inconvenient for displaying an electronic document.

  As described above, the conventional portable terminal device and the electronic document management method require a PIN input for releasing the access restriction to the memory area when browsing the electronic document, and the number of user operations increases.

  In addition, in the conventional portable terminal device and electronic document management method, even for an electronic document that does not need to be verified, it takes time to obtain a public key encryption process and a certificate because the digital signature is verified at the time of browsing, User waiting time increases.

  In particular, in a mobile terminal device such as a mobile phone, it is necessary to store an electronic document with a digital signature in a generally low-capacity access restriction area such as a secure area of a CPU or a memory area of a UIM (IC card).

  For this reason, there is a problem that such a portable terminal device can store only a limited amount of electronic documents.

  The present invention has been made in view of such points, and both high-speed browsing of an electronic document that does not care about safety against document tampering and browsing that guarantees the safety of an electronic document that has been digitally signed. An object of the present invention is to provide a portable terminal device and an electronic document management method that can efficiently realize the above.

  In order to solve such a problem, the mobile terminal device of the present invention determines whether or not an electronic signature and an electronic document are included in the same format, and the electronic signature and the electronic document are included in the same format. Separation means for separating the electronic signature and the electronic document, storage means for storing the electronic document separated by the separation means in a non-secure area accessible without access restriction, and only when access restriction is released Protection storage means for storing the electronic signature separated by the separation means in an accessible secure area, and link information for specifying the storage locations of the electronic document and electronic signature separated by the separation means, And a link information writing means for writing in the format.

  According to the present invention, when viewing an electronic document that does not care about safety against document tampering or the like, it is possible to display the electronic document with a digital signature, which can be displayed at high speed without user's trouble. In this case, it is possible to display an electronic document whose safety is guaranteed by verification. Also, a large amount of electronic documents that do not care about safety can be stored in a memory that does not require verification.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 is a block diagram showing a configuration of a mobile terminal device according to an embodiment of the present invention.

  As shown in FIG. 1, the mobile terminal device 100 of this example includes a storage unit 101, a search unit 102, a control unit 103, a contact communication unit 104, a display unit 105, an operation unit 106, a verification unit 107, and a memory with a protective function. A card 200 is provided.

  In FIG. 1, a memory card 200 with a protective function is configured to be freely inserted into and removed from the mobile terminal device main body. Are controlled by the control unit 103.

  FIG. 2 is a diagram illustrating a display screen displayed on the display unit of the mobile terminal device according to the embodiment of the present invention and a user operation of the operation unit.

  As shown in FIG. 2, in the mobile terminal device 100 of this example, a signature verification button 211 is prepared on a document content screen 210 displayed on the display unit 105. Note that the signature verification button 211 may be prepared on the document list screen 220 displayed on the display unit 105.

  The portable terminal device 100 of this example is configured to verify the electronic document to be browsed by selecting and operating the signature verification button 211 on the document content screen 210 only when the user wants to verify the electronic document to be browsed.

  Also, the mobile terminal device 100 of this example stores an electronic document in the storage unit 101 that is a non-secure area, and a digital signature (electronic signature: hereinafter simply referred to as “signature”) of the electronic document is a protection function that is a secure area The data is stored in the protection storage unit 201 of the attached memory card 200.

  The portable terminal device 100 of this example is configured to link the electronic document and signature stored separately as described above.

  In general, an electronic document is much larger than a signature. Further, the memory capacity of a secure area such as a mobile phone is relatively low.

  Therefore, in the portable terminal device 100 of this example, only a signature of about 20 bytes and a link of about several tens of bytes are stored in the protection storage unit 201 of the memory card 200 with a protection function that is a secure area. . Thereby, an increase in the storage size of the secure area of the mobile terminal device 100 can be suppressed.

  By the way, in the PKCS # 7 specification and the like, a signature and an electronic document are incorporated in one format.

  Therefore, in the portable terminal device 100 of this example, such signature / electronic document integrated data temporarily separates the signature and the electronic document and determines the storage location of the signature and the electronic document. .

  FIG. 3 is a flowchart showing an operation of storing signature / electronic document integrated data in the portable terminal device according to the embodiment of the present invention.

  In FIG. 3, when the signature generation or saving operation after downloading starts, it is first determined whether or not the signature and the electronic document are included in the same format (step ST301).

  Here, in the case of a format in which the signature and the electronic document are originally divided, the operation is terminated without performing the subsequent processing.

  On the other hand, in step ST301, the signature and the electronic document are included in the same format (this format includes a flag indicating permission / non-permission of separation between the signature and the electronic document (hereinafter referred to as "division permission flag"). ) Is attached), it is determined whether or not the division permission flag is ON (step ST302), and it is determined whether to separate the signature and the electronic document.

  That is, in the mobile terminal device 100 of this example, whether to separate the signature and the electronic document is determined by selection of the user of the mobile terminal device 100 or the signature generator.

  Here, when the user selects whether to separate the signature and the electronic document, confirmation is performed using a GUI (Graphical User Interface) or the like when the signature is stored.

  Further, in the mobile terminal device 100 of this example, in order to realize the creator selection, a division permission flag is set in the signature when the signature is generated or transmitted, and the confirmation is performed when the signature is stored. That is, in the mobile terminal device 100 of this example, the signature and the electronic document are separated only when the division permission flag is ON and separation of the signature and the electronic document is permitted.

  There are cases where the electronic document is permitted to be browsed if the security and non-repudiation are confirmed by the signature, and the electronic document is required to be confidential.

  Here, when confidentiality is required for the electronic document, the division permission flag is set to OFF, and both the signature and the electronic document are stored in the secure area.

  In step ST302, when the signature and the electronic document are separated, the electronic document is removed from the format, and instead, link information (hereinafter simply referred to as “link”) for specifying a new storage location of the electronic document is written into the format. (Step ST303).

  The electronic document separated in step ST303 is stored in the storage unit 101, which is a non-secure area, together with a link specifying the storage location (step ST304).

  The signature separated in step ST303 is stored in the protection storage unit 201, which is a secure area, together with a link for specifying the storage location of the electronic document (step ST305).

  Here, the storage unit 101 as a storage location of an electronic document that does not need to be concealed is preferably a non-secure area of a memory card including, for example, a normal non-volatile memory that is detachable from a mobile phone.

  The protection storage unit 201 as a signature storage location is preferably a secure area of a CPU of a mobile phone, an IC module such as SIM, UIM, Felica (registered trademark), a server, or the like.

  In the portable terminal device 100 of this example, when confidentiality is required for an electronic document, that is, when the division permission flag is OFF in step ST302, the separation operation of the signature and the electronic document is terminated, and the signature and the electronic document Are stored in the secure area together.

  Next, in the mobile terminal device 100 of this example, a method of linking an electronic document stored in the storage unit 101 that is a non-secure area and a signature stored in the protection storage unit 201 that is a secure area of the memory card with protection function 200 Will be described. In this example, it is assumed that the user needs to input a PIN in order to cancel the access restriction to the secure area.

  In the mobile terminal device 100 of this example, a unique ID (random number, serial number) is assigned to the signature corresponding to the electronic document, and the ID is stored together for each of the electronic document and the signature.

  For example, as shown in FIG. 1, ID1: document 1, ID2: document 2, ID3: document 3 are stored in the storage unit 101 of the mobile terminal device 100 and stored in the protection storage unit 201 of the memory card 200 with a protection function. Stores ID1; signature 1, ID2; signature 2, ID3; signature 3 respectively.

  When browsing the electronic document, the search unit 102 searches for a signature corresponding to the ID attached to the electronic document selected by the user. When searching for an electronic document from a signature, the search unit 102 similarly searches for the corresponding electronic document from the signature ID selected by the user.

  Here, as a method of linking an electronic document and a signature, a URI (Uniform Resource Identifier) or a file path of the corresponding electronic document (or signature) may be stored together with the signature (or electronic document). In this case, an electronic document corresponding to the destination indicated by the URI or file path is stored.

  Further, as a method of linking an electronic document and a signature that can be used only when searching for a signature from the electronic document, a hash value of the electronic document may be stored together with the signature. In this case, a hash value is generated from the electronic document, and a signature is searched from the hash value.

  Here, if there are multiple private keys for signature generation, there are multiple signatures for the same electronic document, so the hash value of the corresponding public key and the corresponding certificate A DN (Domain Name) may be stored together with the signature.

  Next, in the mobile terminal device 100 of this example, an operation when the user browses an electronic document (document 1) with a signature will be described. FIG. 4 is a flowchart showing an operation at the time of browsing an electronic document with a signature in the portable terminal device according to the embodiment of the present invention.

  In FIG. 4, when the browsing operation of the electronic document (document 1) by the user starts, the document list screen 220 is displayed on the display screen of the display unit 105, and it is determined whether or not the user has selected the document 1 from the document list. (Step ST401).

  If it is determined that the user has selected the document 1 from the document list, the control unit 103 uses the search unit 102 to store the document 1 in accordance with the ID 1 input by the document selection from the operation unit 106. (Step ST402).

  Then, the control unit 103 displays the acquired document 1 and its signature verification button 211 on the display unit 105 as the document content screen 210 (step ST403).

  Next, it is determined whether the user has selected the signature verification button 211 (step ST404).

  If the user browses the document 1 without selecting the signature verification button 211 and without verifying the document 1, the process proceeds to step ST <b> 411 and the control unit 103 displays the electronic document selected by the user on the display unit 105. To do.

  When the user selects a confidential electronic document stored in the protection storage unit 201 after the operation starts, the display unit 105 displays a message (not shown) prompting the selection of the signature verification button 211. If the user does not select the signature verification button 211, the operation ends without displaying the electronic document selected by the user.

  On the other hand, when the user selects the signature verification button 211 and verifies the document 1 in step ST404, the control unit 103 displays the PIN input screen 230 (see FIG. 2) on the display unit 105 (step ST405). .

  Next, in step ST406, it is determined whether or not the user has entered a PIN in accordance with an instruction on the PIN input screen 230 displayed on the display unit 105.

  Here, when it is determined that the user has not entered the PIN, the operation is terminated, and when it is determined that the user has input the PIN, the control unit 103 is protected by the PIN input from the operation unit 106. The access restriction of the storage unit 201 is released (step ST407).

  In step ST407, when the access restriction of the protection storage unit 201 is released, the control unit 103 uses the contact communication unit 104 to protect the signature 1 according to ID1 input by document selection from the operation unit 106. It acquires from 201 (step ST408).

  Next, the control unit 103 verifies the signature 1 acquired in step ST408 by the verification unit 107, and displays the verification result screen 240 (see FIG. 2) (step ST409).

  Then, the control unit 103 determines whether the verification result of the signature 1 applied to the document 1 selected by the user is OK as a result of the verification in step ST409 (step ST410).

  Here, when the verification result of the signature 1 applied to the document 1 selected by the user is not OK but NG, the operation is immediately terminated. When the verification result is OK, the control unit 103 selects the user. The electronic document is displayed on the display unit 105 (step ST411).

  In step ST412, when the user selects the end of document browsing, the browsing operation of the electronic document (document 1) by the user is ended.

  If the user does not select document 1 from the document list in step ST401, it is determined whether the user has selected signature 1 from the document list (step ST413). If the user selects signature 1 from the document list, the process proceeds to step ST405. If not selected, the operation ends.

  As described above, in the mobile terminal device 100 of this example, since the electronic document is stored in the storage unit 101 that is a non-secure area, it is not necessary to perform a user operation such as PIN input when browsing the document, You can browse documents easily.

  Further, in the mobile terminal device 100 of this example, it is possible to verify the falsification of the electronic document based on the signature stored in the protection storage unit 201 of the memory card with protection function 200 that is a secure area, as necessary. Document security is not reduced.

  As described above, in the portable terminal device 100 of this example, since signature verification can be performed for each electronic document by user selection only when it is necessary at the time of document browsing, the document browsing speed does not always decrease.

  The portable terminal device and the electronic document management method according to the present invention can display an electronic document without worrying about the safety against document tampering at a high speed without taking a user's trouble, and can display a digital signature. When viewing electronic documents that have been subjected to verification, it is possible to display electronic documents that are guaranteed to be safe by verification, and electronic documents that do not care about safety are stored in large quantities in memory that does not require verification Therefore, the present invention is useful as a portable terminal device and an electronic document management method capable of managing an electronic document and digital signature and MAC, which are corresponding authentication information, and displaying an electronic document for an authorized person.

The block diagram which shows the structure of the portable terminal device which concerns on one embodiment of this invention The figure which shows the user's operation of the display screen and operation part which are displayed on the display part of the portable terminal device which concerns on one embodiment of this invention 6 is a flowchart showing an operation of storing signature / electronic document integrated data in the mobile terminal device according to the embodiment of the present invention. The flowchart which shows the operation | movement at the time of the browsing of the electronic document with which the signature was given in the portable terminal device which concerns on one embodiment of this invention

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 Portable terminal device 101 Memory | storage part 102 Search part 103 Control part 104 Contact communication part 105 Display part 106 Operation part 107 Verification part 200 Memory card 201 with a protection function 201 Protection memory part

Claims (12)

Separating means for determining whether the electronic signature and the electronic document are included in the same format and separating the electronic signature and the electronic document when the electronic signature and the electronic document are included in the same format;
Storage means for storing the electronic document separated by the separation means in a non-secure area accessible without access restriction;
Protection storage means for storing the electronic signature separated by the separation means in a secure area accessible only when access restriction is released;
Link information writing means for writing, in the format, link information for specifying the storage locations of the electronic document and the electronic signature separated by the separating means;
A portable terminal device comprising: Display means for displaying the electronic document selected by the user;
Verification means for retrieving and acquiring the corresponding electronic signature from the link information of the electronic document and verifying the electronic signature only when the user specifies signature verification after displaying the electronic document by the display means;
Verification result display means for displaying a verification result by the verification means;
The mobile terminal device according to claim 1, further comprising: Verification means for verifying an electronic signature selected by a user directly or indirectly through the electronic document;
Display means for searching the corresponding electronic document from the link information of the electronic signature and displaying the electronic document only when the verification result by the verification means is correct;
The mobile terminal device according to claim 1, further comprising: In the format, a flag indicating permission / non-permission of separation of the electronic signature and the electronic document is attached.
The mobile terminal device according to claim 1. Separating the electronic signature and the electronic document by the separating means only when the flag permits separation of the electronic signature and the electronic document,
The mobile terminal device according to claim 4. The link information is an ID unique to the electronic signature corresponding to the electronic document.
The mobile terminal device according to claim 1. The link information is a URI corresponding to the electronic document.
The mobile terminal device according to claim 1. The link information is a file path corresponding to the electronic document.
The mobile terminal device according to claim 1. The link information is a URI corresponding to the electronic signature.
The mobile terminal device according to claim 1. The link information is a file path corresponding to the electronic signature.
The mobile terminal device according to claim 1. The link information is a hash value of the electronic document.
The mobile terminal device according to claim 1. A separation step of determining whether or not the electronic signature and the electronic document are included in the same format and separating the electronic signature and the electronic document when the electronic signature and the electronic document are included in the same format;
Storing the electronic document separated by the separation step in a non-secure area accessible without access restriction; and
A protected storage step for storing the electronic signature separated by the separation step in a secure area accessible only when access restriction is released;
A link information writing step of writing link information for specifying the storage location of each of the electronic document and the electronic signature separated by the separation step;
An electronic document management method comprising:

Images