JP2008204484A - User id management method and user id management device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To propose a user ID management method and a user ID management device for preventing the so-called "disguise" by illegal access, by surely authenticating whether or not a user of providing service is the subject. <P>SOLUTION: This user ID management method includes a first stage of issuing user ID for providing the providing service, a second stage of registering the user ID together with state information of indicating the fact of being inactive, a third stage of executing delivery processing of the issued user ID, a fourth stage of acquiring delivery information on a delivery state of the user ID, a fifth stage of setting the state information of the user ID in an active state when completing delivery of the user ID, a sixth stage of accepting an authentication request of the user, a seventh stage of determining whether or not the user is a right user when the user ID is active, and an eighth stage of outputting a determining result of whether or not the user is the right user. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a user ID management method and a user ID management apparatus for managing a user ID issued to a user who uses a provided service.

  In accordance with the spread of the Internet, online services such as electronic voting, resident questionnaires, electronic applications, and electronic conferences are being put into practical use in local governments. In such a service provided via the Internet, it is necessary to confirm whether or not the user of the provided service is a valid user. In particular, in electronic voting or the like, it is necessary to confirm whether or not the accessing user is the person himself / herself.

The technology of electronic voting has been studied and some attempts have been made. As a method of identity verification for preventing illegal voting, digital signature technology and encryption technology are generally used.
In the presidential primary election in the US state of Arizona in March 2000, Internet electronic voting was adopted. Here, the registration number (user ID) is mailed to the voters in advance, and when the electronic voting is performed using the registration number (user ID), the secret information that only the person knows is asked and simple identification is performed. The system is configured to allow voting afterwards.

When performing personal authentication using digital signature technology, the security level can be maintained at a very high level. However, in order to actually operate this, it requires a lot of equipment and user burdens. Is not considered realistic.
On the other hand, the method of combining the mailing of the registration number (user ID) and the secret information question like the latter does not require the user to remember the password, and does not increase the burden on the user. Is easy. However, there is a problem that it is relatively easy to carry out illegal voting by other people's so-called “spoofing”.

  The present invention proposes a user ID management method and a user ID management apparatus that can reliably authenticate whether or not the user of the provided service is the user and prevent so-called “spoofing” due to unauthorized access.

  The user ID management method according to the present invention includes a first stage of extracting a user who is an intended user of a provided service and issuing a user ID for providing the provided service for each extracted user; A second stage of registering the issued user ID together with the status information indicating the inactive state in the user ID management database for managing the status information as to whether or not each is active, and the issued user ID Based on the third stage of executing delivery processing for delivery to the corresponding user, the fourth stage of obtaining delivery information related to the delivery status of the user ID, and the user ID based on the delivery information of the user ID When it is determined that the delivery of the ID is completed, the status information of the user ID registered in the user ID management database is set to the active state. A fifth stage of setting, a sixth stage of accepting an authentication request of a user who has accessed the provided service from the server providing the provided service using the user ID registered in the user ID management database, and a user ID management database When the status information of the user ID is active, requesting input of information for determining whether or not the user is a valid user, and based on the content of the input information, A seventh stage for determining whether or not the user is a legitimate user, and an eighth step of outputting a judgment result on whether or not the user who has accessed the provision service is a legitimate user to a server that provides the provision service Including stages.

  In addition, the user ID management device according to the present invention extracts users who are users of the provided service, issues a user ID for providing the provided service for each extracted user, and activates for each user ID. User ID issuing means for registering the issued user ID together with the status information indicating that it is in an inactive state in the user ID management database for managing the status information of whether or not it is associated with the issued user ID Based on the delivery information acquired by the delivery processing means for executing delivery processing for delivery to the user, the delivery information acquisition means for obtaining delivery information relating to the delivery status of the user ID, and the delivery information acquisition means. If it is determined that the delivery of the user ID has been completed, the user ID registered in the user ID management database When an authentication request for a user who has accessed the service using the user ID registered in the user ID management database is received from the state information management unit that sets the state information to the active state and the server that provides the service, Referring to the ID management database, if the status information of the user ID is in an active state, the user requests input of information for determining whether or not the user is a valid user. User authentication means for determining whether or not the user is a valid user based on the content and outputting the determination result to a server providing the providing service.

  The program according to the present invention extracts a user who is an intended user of a provided service, issues a user ID for providing the provided service for each extracted user, and is active for each user ID. A second stage of registering the issued user ID together with the status information indicating that it is in an inactive state in the user ID management database that manages the status information of whether or not there is, and the user corresponding to the issued user ID, respectively Based on the third stage of executing delivery processing for delivery to the user, the fourth stage of obtaining delivery information relating to the delivery status of the user ID, and delivery of the user ID to the user based on the delivery information of the user ID A fifth stage for setting the status information of the user ID registered in the user ID management database to the active status when it is determined that the processing has been completed. A sixth stage of accepting an authentication request of a user who has accessed the provided service from the server providing the provided service using the user ID registered in the user ID management database, and referring to the user ID management database, When the ID state information is in the active state, the user is requested to input information for determining whether or not the user is a valid user, and the user is authorized based on the content of the input information. A seventh stage for determining whether or not the user is a valid user, and an eighth stage for outputting a determination result as to whether or not the user who has accessed the provided service is a valid user to a server that provides the provided service A program for causing a computer to execute a user ID management method.

According to the present invention, since the secret information of the user is exchanged only between the user and the authentication server, the service provided without performing the secret information to the service providing server while protecting the confidentiality of the user's secret information. It is possible to determine whether or not the user is a valid user.
According to the present invention, since the issued user ID does not become active until after the delivery is completed, even if the user ID is illegally known, unauthorized access using the user ID can be prevented until the delivery is completed. Moreover, since the status information of the user ID is set to inactive based on the expiration date set for each user ID, it is possible to maintain high security.

[Basic configuration]
A basic schematic configuration of the present invention is shown in FIG.
Services provided by various organizations are provided to the user 1 via the service providing server 2. The service provided via the service providing server 2 can be applied to various information providing services provided via the Internet and other services in which billing information and usage status are managed by other user IDs. Examples of services provided by public institutions such as local governments include electronic voting that allows voters to vote online in elections based on the Public Office Election Act, electronic application for online application and delivery of various documents, online It is possible to envisage resident questionnaires, electronic conferences, etc.

  The personal information of the user 1 is stored in advance in the personal information database 5. It is possible to construct the personal information database 5 based on the personal information collected by the service provider self-reporting to the user 1, and the local government will provide the service. In such a case, it is possible to refer to a resident database stored in the local government.

  A user ID management server 3 for managing a user ID for using a service provided by the service providing server 2 and authenticating whether or not the user of the service provided by the service providing server 2 is the user. An authentication server 4 is provided. The user ID management server 3 and the authentication server 4 can be installed in the same organization as the service providing server 2 and can be configured to belong to another organization.

  The user ID management server 3 issues a user ID to the user of the service provided by the service providing server 2 and registers it in the user ID management database 6. At this time, the user ID management server 3 can be configured to extract from the personal information database 5 the users to be used for the service provided by the service providing server 2. Further, the user ID management server 3 sets status information indicating whether or not the issued user ID is actually usable, and the expiration date, and stores it in the user ID management database 6 together with the user ID.

  The user ID management server 3 performs a delivery process for the user 1 corresponding to the issued user ID. The delivery of the user ID can be configured to be delivered to the email address of the user 1 in the form of an encrypted email, and a document or IC card in which the user ID is recorded is delivered to the user 1. Thus, it can be configured to request a predetermined delivery company. At this time, the delivery information related to the delivery status of the user ID is fed back to the user ID management server 3, and the user ID management server 3 provides delivery information indicating that delivery of the user ID to the user 1 is completed. Upon receipt, the user ID management server 3 can be configured to set the status information of the corresponding user ID in the user ID management database 6 to be active. The delivery information of the user ID can be acquired by a reply of the email by the user 1 who has received the email or a delivery completion notification from the delivery company who requested delivery of the user ID.

  The authentication server 4 receives an authentication request for a user who has accessed from the service providing server 2 and executes a user authentication process. The authentication server 4 refers to the user ID management database 6 based on the user ID transmitted via the service providing server 2 and determines whether or not the status information of the corresponding user ID is active. If the user ID is not active, the authentication server 4 determines that there has been unauthorized access and executes unauthorized access processing. In addition, when the user ID is active, the authentication server 4 transmits personal information that can be verified only by the user 1 and can be collated to the user 1 and executes an authentication process for determining whether or not the user is the person. To do. For example, a question regarding the personal information of the user 1 stored in the personal information database 5 is transmitted to the user 1 and an answer from the user 1 is received. If the information matches, the identity is determined. If the information does not match, the unauthorized access is determined and predetermined unauthorized access processing is executed.

The authentication server 4 outputs to the service providing server 2 an authentication determination result indicating whether or not the user who has accessed the service providing server 2 is the principal.
Based on the authentication determination result transmitted from the authentication server 4, the service providing server 2 permits use of the service to the accessing user 1 or rejects use.
When the service is used by the user 1, the service providing server 4 transmits information on the usage status of the user 1 to the user ID management server 3. The user ID management server 3 updates the data of the corresponding user in the user ID management database 6 based on the information regarding the service usage status by the user 1. For example, in the case of electronic voting that can be used only once or other services that specify the number of times of use, the information on the number of times of use is updated, and if the number of times of use exceeds the set number of times, the status information is not displayed. Change to active.

In addition, the electronic voting service must be implemented by a predetermined date. In this case, an expiration date is set, and when the expiration date has passed, the state information is changed to inactive.
[Electronic voting system]
FIG. 2 shows a model when a local government provides an electronic voting service using the Internet.

  Here, the authentication management server 30 which integrated the user ID management server 3 and the authentication server 4 is installed in the local government. Further, service providing servers 20, 21, 22,... Are installed for various services provided by the local government. Further, the local government has a resident database 50 in which personal information of the resident is accumulated. These authentication management server 30, service providing servers 20, 21, 22,... And resident database 50 can be provided in the same organization (local government).

The authentication management server 30 includes a user ID issuing unit 31, a delivery processing unit 32, a delivery information acquisition unit 33, a status information management unit 34, a user authentication unit 35, an access log recording unit 36, an unauthorized access processing unit 37, and a user ID management database. 60, an access log management database 61, and the like.
The user ID issuing means 31 extracts the usage target persons of the service providing servers 20, 21, 22,... From the resident database 50 as users, issues a user ID to each user, and performs delivery processing to a predetermined delivery company. Is stored in the user ID management database 60 together with the delivery ID assigned by the delivery company.

For example, as shown in FIG. 3, the resident database 50 stores personal information for each resident. The resident ID, name, date of birth, sex, transfer date, transfer address, current address, annual tax amount, It includes items such as the amount of income, water charges, household member names, etc.
Assuming that the service providing server 20 is a service providing server related to electronic voting, the user ID issuing means 31 extracts voters having voting rights from the resident database 50 based on a request from the service providing server 20. A user ID is set and stored in the user ID management database 60.

As shown in FIG. 4, the user ID management database 60 includes items such as a resident ID, a service use ID, a delivery ID, a generation date / time, an active state, an update date / time, and an expiration date for each user.
The user ID issuing means 31 issues a user ID to each user extracted from the resident database 50, stores basic information such as the resident ID, user ID, and generation date / time in the user ID management database 60, and is in an active state. Set "non-active" as the default value for the item. Further, the user ID issuing means 31 stores the delivery ID assigned by the delivery company in the corresponding item.

The delivery processing unit 32 records the user ID issued by the user ID issuing unit 31 on a medium such as a document or an IC card, and requests delivery to a predetermined delivery company.
The delivery information acquisition means 33 acquires delivery information related to the delivery status from the delivery company, and when information indicating that the delivery has been completed is obtained, notifies the status information management means 34 to that effect.
The state information management means 34 updates the item of the active state of each user ID stored in the user ID management database 60. When the user ID is issued, this active state is set as a default value to “non- Set to "active", and set the active status to "active" when information indicating that delivery is complete is obtained.

  The user authentication means 35 receives an authentication request from the service providing servers 20, 21, 22,..., And executes an authentication process for determining whether the user who has accessed the service is the principal. The user authentication means 35 refers to the user ID management database 60 on the basis of the user ID in the authentication request from the service providing servers 20, 21, 22,... And unauthorized access if the active state is “non-active”. Is sent to the unauthorized access processing means 37. If the active state of the user ID is “active”, the user authentication means 35 sends a question regarding data that only the user himself / herself can know in the resident database 50 to the user, and the answer data from the user and the resident database 50 The authentication judgment is performed by collating with the data, and the result is transmitted to the service providing servers 20, 21, 22,.

  The access log recording unit 36 stores an access log related to the access status from the user in the access log management database 61 when an authentication request is received from the service providing servers 20, 21, 22. The access log recording means 36 can be configured to store data in the access log management database 61 only when access using the user ID is unauthorized access.

When the unauthorized access processing means 37 receives information indicating that unauthorized access has been made by the user authentication means 35, the unauthorized access processing means 37 issues a warning to the user and is unauthorized access to the service providing servers 20, 21, 22,. Send warning information to that effect.
When requesting delivery of a user ID to a predetermined delivery company, it is possible to update the state information of the user ID by using information on the delivery status managed by the delivery company.

The delivery company side includes a delivery management database 75 for managing information related to delivery status based on the accepted delivery request. For example, as shown in FIG. 5, the delivery management database 75 has a delivery ID, a requester name, a requester address, a recipient name, a delivery address, a delivery status, a delivery handling place, an update set for each delivery item. It has items such as date and time.
The delivery server 70 installed on the delivery company side includes delivery request accepting means 71, delivery ID issuing means 72, delivery status management means 73, delivery status notification means 74, and the like.

The delivery request accepting unit 71 accepts a delivery request from the delivery processing unit 32 of the authentication management server 30.
The delivery ID issuing means 72 issues a delivery ID to each delivery request received by the delivery request accepting means 71, stores it as a new record in the delivery management database 75, and sends the delivery ID to the authentication management server that is the requester. 30 side is notified.

The delivery status management means 73 manages the current state of the delivery item to which the delivery ID is attached. For example, delivery information transmitted from the delivery person terminal 80 possessed by the delivery person. And the item of the delivery status in the delivery management database 75 is updated.
The delivery person terminal 80 includes, for example, a delivery ID reading means 82 constituted by a barcode reader and the like, a delivery status notifying means 81 for transmitting delivery information regarding delivery completion, non-delivery due to absence of delivery destination, and other delivery statuses, etc. It has. A delivery completion notice can be sent to the delivery server by reading the delivery ID of the delivery slip by the delivery ID reading means 82 and sending the delivery completion notice by the delivery status notifying means 81 for the delivery that has been delivered.

When the delivery status management means 73 acquires delivery information indicating that the delivery has been completed, the corresponding data in the delivery management database 75 is updated, and the delivery ID and delivery completion information are sent to the delivery status notification means 74. Is sent out.
The delivery status notification unit 74 transmits the delivery ID and information indicating that the delivery is completed to the delivery information acquisition unit 33 of the authentication management server 30.

  The user 10 receiving the delivery of the user ID can access the service providing servers 20, 21, 22,... Using his / her own computer terminal, a computer terminal installed in a public place, and other terminals. It becomes possible. In particular, when receiving an electronic voting service, it is possible to vote from a remote location by accessing the service providing servers 20, 21, 22,... From a home computer or mobile terminal. It is possible to vote without owning a special terminal by accessing the service providing servers 20, 21, 22,... Using a terminal installed in a public place such as a place.

<Activation of user ID>
The details of the data flow for the above-described user ID management are shown in FIG. FIG. 7 shows the operation of the authentication management server 30 from issuance of the user ID to activation.
In step S11, an issuance request for a user ID specifying a resident range to be used is received from the service providing servers 20, 21, 22,.

In step S12, a unique user ID is issued for each target inhabitant and registered in the user ID management database 60 (A in FIG. 6). At this time, the item of the active state of the issued user ID is set to “non-active”, and the state information of the user ID is set to the inactive state.
In step S13, a delivery request is made to the delivery company to deliver a delivery containing a document such as a document in which a user ID is recorded or an IC card to an address registered in the resident database 50 (step S13). FIG. 6B).

In step S14, the delivery ID transmitted from the delivery company is received (C in FIG. 6), and this is stored in the user ID management database 60 in correspondence with the user ID.
When the delivery item is delivered by the delivery company (D in FIG. 6) and the user 10 receives it (E in FIG. 6), the delivery company registers the delivery completion (FIG. 6). 6 F). On the delivery company side, the contents of the delivery management database 75 of the delivery server 70 are updated based on the delivery completion information, and a delivery completion notice is transmitted to the authentication management server 30 on the requester side based on the delivery ID (FIG. 6). G).

In step S15, the delivery information indicating that the delivery is completed is received from the delivery company.
In step S16, the status information of the user ID is changed to active for the user ID that has received the delivery information indicating that the delivery has been completed (H in FIG. 6). Here, the item of the active state of the corresponding user ID in the user ID management database 60 is set to “active”.

<Use of provided service>
FIG. 8 shows the operation of the authentication management server 30 when the user 10 uses a service provided by the service providing servers 20, 21, 22,.
When the user 10 uses the service provided by the service providing servers 20, 21, 22,..., The corresponding service providing server using a terminal such as a computer owned by the user 10 or a computer installed in a public place. To make a service use request and transmit the user ID recorded in the delivered delivery (I in FIG. 6).

Upon receiving a service use request from the user 10, the service providing servers 20, 21, 22,... Transmit an authentication request as to whether the access is made by a valid user to the authentication management server 30 (J in FIG. 6). ).
In step S21, authentication requests from the service providing servers 20, 21, 22,.

In step S22, it is determined whether or not the user ID requested by the service providing server 20, 21, 22,... Is activated. Here, referring to the active state of the corresponding user ID in the user ID management database 60, if “active”, the process proceeds to step S23, and if “non-active”, the process proceeds to step S27.
In step S23, a question about confidential information that only the user registered in the resident database 50 can know is transmitted to the user who has accessed the service providing server (K in FIG. 6). As the secret information, for example, information registered in the resident database 50 such as date of birth, annual tax amount, and water charge can be used. In addition, the delivery ID when the user ID is delivered can be used as secret information.

The user 10 answers the question regarding the confidential information from the authentication management server 30 (L in FIG. 6).
In step S24, an answer regarding the secret information transmitted from the user 10 is received and checked with the data of the resident database 60 to determine whether the answer is correct. When it is determined that the answer from the user 10 is correct, the process proceeds to step S25, and when it is determined that the answer from the user 10 is not correct, the process proceeds to step S27.

The result of the authentication determination by the authentication management server 30 is transmitted to the service providing servers 20, 21, 22,... (M in FIG. 6). In the service providing servers 20, 21, 22,..., The received authentication result is transmitted to the user 10 (N in FIG. 6), and if the authentication is OK, the service use by the user 10 is permitted (O in FIG. 6). , Step S25 in FIG.
In step S26, the status information of the user ID is set to inactive corresponding to the number of times the service is used by the user ID and the expiration date set in the user ID. For example, in the case of electronic voting, only one use per person is allowed, so when the service use by the user ID is ended, the item of the active state of the user ID is set to “non-active”, Alternatively, the record is deleted from the user ID management database 60.

In step S27, an authentication result (authentication NG) indicating that the authentication has failed is transmitted to the service providing servers 20, 21, 22,.
Similarly, the authentication result of the authentication NG is transmitted from the authentication management server 30 to the service providing servers 20, 21, 22,... (M in FIG. 6), and the user 10 is further transmitted from the service providing servers 20, 21, 22,. (N in FIG. 6). In this case, the service providing servers 20, 21, 22,... Refuse to use the service by the user 10.

In step S28, the unauthorized access is recorded in the access log management database 61 (see FIG. 2), and the process ends.
[Delivery notice]
A case of notifying the user in advance of delivery will be described with reference to FIG.
The authentication management server 40 installed in the local government is provided with a delivery request notification means 41 and a receivable date / time reception means 42 in addition to the functional units shown in FIG. The delivery request notification unit 41 transmits a delivery request notification to the delivery server 70 in advance, and can be realized as one function of the delivery processing unit 32 in FIG.

The receivable date / time receiving means 42 receives information on the user's receivable date / time transmitted from the delivery server 70 side, and based on the received receivable date / time information, the delivery processing means 32 ( The delivery request process according to FIG. 2 is executed.
The delivery server 70 on the delivery company side includes a delivery request notification receiving unit 76, a receivable date / time confirmation unit 77, a receivable date / time notification unit 78 and the like in addition to the functional units shown in FIG.

The delivery request notification receiving unit 76 receives a delivery request notification transmitted from the authentication management server 40.
The receivable date / time confirmation unit 77 inquires the user 10 about the receivable date / time in response to the delivery request notification from the authentication management server 40, updates the data in the delivery management database 75 according to the answer, and receives the receivable date / time. Is transmitted to the authentication management server 40 via the receivable date / time notification means 78.

  As shown in FIG. 10, the delivery management database 75 includes a delivery management table and a user management table. In addition to items such as delivery ID, requester name, requester address, recipient name, delivery address, delivery status, delivery handling location, update date and time, the delivery management table is a receipt indicating the date and time that the user can receive. The possible date and time items are set. In the user management table, items such as a user registration ID, an address, and a notification destination are set. Each item of the user management table can be configured so that a user who desires a delivery advance notification service registers in advance in the delivery server 70, and a user's mail address or the like can be set as notification destination data. is there.

In this embodiment, it is assumed that the user 10 has the receivable period answering means 11. For example, assuming that a user can send and receive e-mails using a personal computer owned by the user 10, it is conceivable to check the date and time of receipt by e-mail.
First, the authentication management server 40 replaces 1) 1) in FIG. 9 by sending a delivery request notification to the user to the delivery server 70 by the delivery request notifying means 41. ).

When the delivery server 70 receives the delivery request notification by the delivery request notice receiving means 76, the delivery server 70 notifies the receivable date and time confirmation means 77 (2) in FIG. 9 and 2) is replaced with 2). ) Issued a delivery ID and stored the data in the delivery management database 75 (Fig. 9, 3) and 3) were replaced with 3). ) Replaced 4) with 4) by sending a delivery request notification to the user 10 by the receipt date confirmation means 77 and prompting registration of the receipt date (4). ).
Receiving the delivery request notification, the user 10 replies to the delivery server 70 with information about the date and time when the delivery request can be received, and registers the period during which the delivery can be received (FIG. 9, 5) 5) is replaced with 5). ).

When the delivery server 70 receives the information about the date and time when it can be received from the user 10, the delivery server 70 stores this information in the corresponding data in the delivery management database 75 (FIG. 9, 6) 6) is replaced with 6). ), The reception date and time notification means 78 is notified. The receivable date / time notifying unit 78 transmits information related to the receivable date / time to the authentication management server 40.
With this configuration, it is possible to make the delivery request from the authentication management server 40 to the delivery company correspond to the receivable date and time of the user 10, or to collect the deliverables by the delivery company to the receivable date and time of the user 10. It is possible to reduce the burden of storage of deliverables by the delivery company when the user 10 cannot receive due to absence or the like.

  The receivable period reply means 11 of the user 10 can be realized by a mobile phone. For example, as shown in FIG. 11, a delivery request notification display unit 92, a receivable date / time input unit 93, and a registration instruction button 94 are provided on the display screen 91 of the mobile phone 90, and information about the delivery request notification is displayed in the delivery request notification display. The date and time are displayed on the unit 92, and the date and time that can be received by the user are input to the date and time unit 93 that can be received. When the user inputs a receivable date and time and designates the registration instruction button 94 with the cursor, the information regarding the receivable date and time can be transmitted to the delivery server 70.

It is also possible to configure the authentication management server 40 to check the receipt date and time.
[Electronic slip]
FIG. 12 shows an example in which a delivery request form transmitted from the authentication management server 30 or the authentication management server 40 to the delivery server 70 is composed of an electronic slip.

Here, the case where it comprises with an XML document is illustrated, and tags, such as an effective date, a delivery request, delivery destination information, sender information, are comprised. The effective date element is the effective date of this delivery request form, the desired delivery element is the delivery date and time desired by the requester, the delivery destination information element is the user's address and telephone number, and the sender information is the locality name and Stores telephone numbers and so on.
When the delivery server 70 receives such a delivery request form, the operator can recognize the XML document by browsing the XML document using a predetermined style sheet, and store predetermined data in the delivery management database 75. Is possible.

  An example of an electronic voucher when a delivery request notification is transmitted from the authentication server 40 is shown in FIG. This example also shows an example composed of an XML document, and tags such as an effective date, a receivable date / time input deadline, delivery destination information, and sender information are set. The effective date element is the effective date of this delivery request form, the deadline set in advance as the receiving date / time input deadline element, the delivery address information element is the user's address and telephone number, and the locality name and telephone as the sender information element Number etc. are stored.

[Support for residents' association]
FIG. 14 shows a configuration in which authentication management of a user is performed by an authentication management server 30 installed in a local government when a neighborhood association such as a neighborhood association provides services such as an electronic conference room, a referendum, and a resident questionnaire. Indicates.
The authentication management server 30 is provided with a residents 'association database 51 that stores information about residents in the area that the residents' association 100 has jurisdiction over.

As shown in FIG. 15, the community association database 51 can be configured with items such as community association ID, community association name, manager, community association contact address, community association registration date, member household, consignment amount, jurisdiction area, and the like.
When there is a user ID issuance request for a local resident from the residents 'association 100, the authentication management server 30 issues a user ID based on the data in the residents' association database 51, and registers this in the user ID management database 60. At this time, it is also possible to issue a password for the user ID and register it in the user ID management database 60 at the same time.

Until the user 10 uses the service, the same processing as in the case of electronic voting is executed.
When the user ID is accessed for the first time, user registration is accepted with respect to the service providing server 23 that provides a community association electronic conference room and the user ID and the password set by the user 10 are registered. It is also possible to configure the user 10 to change the password issued by the authentication management server 30 when the user ID is issued. Further, it is possible to configure the use of the residents' association meeting room using the registered user ID and password from the next time.

In the case of an electronic conference room or the like that is frequently used, it is not necessary to exchange secret information questions for each access, and the burden on the authentication management server 30 and the user 10 is reduced. Is done.
In addition, when the user 10 is deleted from the resident database 50 by moving etc., it is necessary to make it impossible to use a user ID. In this case, the corresponding user ID can be invalidated by notifying the service providing server of the invalid user ID.

(Appendix 1)
A first stage of extracting users who are users of the provided service and issuing a user ID for each user;
A second stage of registering the issued user ID in a user ID management database for managing status information as to whether or not each user ID is active;
A third stage of executing a delivery process for delivering the issued user ID to the corresponding user;
A fourth stage of acquiring delivery information related to the delivery status of the user ID;
A fifth stage of setting the state information of the user ID registered in the user ID management database based on the delivery information of the user ID to an active state;
A sixth stage of setting the state information of the user ID to an inactive state based on a time limit set for each user ID;
User ID management method including

(Appendix 2)
A seventh step of determining whether a user who has accessed the provided service using a user ID registered in the user ID management database is a valid user;
An eighth stage of outputting a determination result as to whether or not a user who has accessed the provided service is a valid user;
The user ID management method according to attachment 1, further comprising:

(Appendix 3)
The user ID management method according to appendix 2, wherein in the seventh stage, it is determined whether or not a user who has accessed the provided service is legitimate by referring to the personal information of the user corresponding to the user ID.
(Appendix 4)
The user ID management method according to appendix 2 or 3, further comprising a ninth step of recording an access log based on access to the provided service using a user ID registered in the user ID management database.

(Appendix 5)
The user ID management method according to supplementary note 4, further comprising a tenth step of executing a predetermined unauthorized access process when it is determined that a user who has accessed the provided service is not a valid user.
(Appendix 6)
A user ID management method for using a provided service provided by a local government, wherein the provided service is used from a resident database that manages personal information of residents living in the area of the local government in the first stage. The user ID management method according to appendix 5, wherein the target person is extracted as a user.

(Appendix 7)
The user ID management method according to appendix 6, wherein determination is performed using personal information in the resident database in the seventh stage.
(Appendix 8)
Item 8. The supplementary note 7, wherein in the third stage, delivery of the medium in which the issued user ID is recorded is entrusted to a predetermined delivery company, and in the fourth stage, delivery status information notified from the delivery company is acquired. User ID management method.

(Appendix 9)
The user ID management method according to appendix 8, wherein in the seventh stage, an authentication request transmitted from a service providing server that provides the provided service is received and a determination is performed.
(Appendix 10)
User IDs issued to the user ID management database that extracts users who are users of the provided service, issues user IDs for each user, and manages status information on whether or not each user ID is active A user ID issuing means for registering
A delivery processing means for executing delivery processing for delivering issued user IDs to corresponding users;
Delivery information acquisition means for acquiring delivery information related to the delivery status of the user ID;
Based on the delivery information acquired by the delivery information acquisition means, the status information of the user ID registered in the user ID management database is set to the active status, and the status information of the user ID is set based on the time limit set for each user ID. State information management means for setting the inactive state,
A user ID management device comprising:

(Appendix 11)
Additional note 10 further comprising user authentication means for determining whether a user who has accessed the provided service using a user ID registered in the user ID management database is a legitimate user and outputting a determination result. User ID management device.
(Appendix 12)
The user ID management device according to appendix 11, further comprising an access log recording unit that records an access log based on access to the provided service using a user ID registered in the user ID management database.

(Appendix 13)
The user ID management device according to appendix 12, further comprising unauthorized access processing means for executing predetermined unauthorized access processing when the user authentication means determines that the user who has accessed the provided service is not a valid user.
(Appendix 14)
A user ID management device for using a provided service provided by a local government, wherein the user ID issuing means includes the provided service from a resident database that manages personal information of residents residing in the local government area. 14. The user ID management device according to appendix 13, wherein a person targeted for use is extracted as a user.

(Appendix 15)
15. The user ID management device according to appendix 14, wherein the user authentication means performs determination using personal information in the resident database.
(Appendix 16)
16. The user ID management device according to appendix 15, wherein the delivery processing unit entrusts delivery of a medium describing the issued user ID to a predetermined delivery company.

(Appendix 17)
The user ID management device according to appendix 16, wherein the delivery information acquisition unit acquires delivery status information notified from the delivery company.
(Appendix 18)
18. The user ID management device according to appendix 17, wherein the user authentication means receives an authentication request transmitted from a service providing server that provides the provided service and executes determination.

(Appendix 19)
A first stage of extracting users who are users of the provided service and issuing a user ID for each user;
A second stage of registering the issued user ID in a user ID management database for managing status information as to whether or not each user ID is active;
A third stage of executing a delivery process for delivering the issued user ID to the corresponding user;
A fourth stage of acquiring delivery information related to the delivery status of the user ID;
A fifth stage of setting the state information of the user ID registered in the user ID management database based on the delivery information of the user ID to an active state;
A sixth stage of setting the state information of the user ID to an inactive state based on a time limit set for each user ID;
A program for causing a computer to execute a user ID management method including:

(Appendix 20)
A first stage of extracting users who are users of the provided service and issuing a user ID for each user;
A second stage of registering the issued user ID in a user ID management database for managing status information as to whether or not each user ID is active;
A third stage of executing a delivery process for delivering the issued user ID to the corresponding user;
A fourth stage of acquiring delivery information related to the delivery status of the user ID;
A fifth stage of setting the state information of the user ID registered in the user ID management database based on the delivery information of the user ID to an active state;
A sixth stage of setting the state information of the user ID to an inactive state based on a time limit set for each user ID;
A seventh step of determining whether a user who has accessed the provided service using a user ID registered in the user ID management database is a valid user;
An eighth stage of outputting a determination result as to whether or not a user who has accessed the provided service is a valid user;
A program for causing a computer to execute a user ID management method including:

  According to the present invention, since the issued user ID does not become active until after the delivery is completed, even if the user ID is illegally known, unauthorized access using the user ID can be prevented until the delivery is completed. Moreover, since the status information of the user ID is set to inactive based on the expiration date set for each user ID, high security can be maintained.

It is explanatory drawing which shows the basic schematic structure of this invention. It is explanatory drawing which shows an example of the structure used for the model of electronic voting. It is explanatory drawing which shows the table of a resident database. It is explanatory drawing which shows the table of a user ID management database. It is explanatory drawing which shows the table of a delivery management database. It is explanatory drawing which shows the flow of data. It is a flowchart of user ID management. It is a flowchart of an authentication process. It is explanatory drawing which shows the structure in the case of performing prior notification of a delivery request. It is explanatory drawing which shows the table of the delivery management database in the case of performing prior notification of a delivery request. It is explanatory drawing of the example of a screen structure at the time of transmitting a delivery request notification to a mobile telephone. It is explanatory drawing which shows an example which comprised the delivery request form by the structured document. It is explanatory drawing which shows an example which comprised the delivery request notification with the structured document. It is explanatory drawing which shows the structure at the time of applying to the electronic conference room of residents' association management. It is explanatory drawing which shows the table of a residents' association database.

Claims (3)

A first stage of extracting a user who is a user of a provided service and issuing a user ID for providing the provided service for each extracted user;
A second stage of registering the issued user ID together with state information indicating that it is in an inactive state in a user ID management database that manages state information as to whether or not each user ID is active;
A third stage of executing a delivery process for delivering the issued user ID to the corresponding user;
A fourth stage of acquiring delivery information related to the delivery status of the user ID;
When it is determined that delivery of the user ID to the user is completed based on the delivery information of the user ID, the status information of the user ID registered in the user ID management database is set to an active state And the fifth stage
A sixth stage of accepting an authentication request of a user who has accessed the provided service from a server providing the provided service using a user ID registered in the user ID management database;
When the user ID management database is referred to and the status information of the user ID is active, the user is requested to input information for determining whether or not the user is a valid user. A seventh stage for determining whether the user is a valid user based on the contents of
An eighth step of outputting a determination result of whether or not a user who has accessed the provided service is a valid user to a server that provides the provided service;
User ID management method including A user who is a target user of the provided service is extracted, a user ID for providing the provided service is issued for each of the extracted users, and status information indicating whether or not each user ID is active is managed. A user ID issuing means for registering the issued user ID together with state information indicating that the user ID is in an inactive state in a user ID management database;
A delivery processing means for executing delivery processing for delivering issued user IDs to corresponding users;
Delivery information acquisition means for acquiring delivery information related to the delivery status of the user ID;
Based on the delivery information acquired by the delivery information acquisition means, when it is determined that the delivery of the user ID to the user has been completed, the user ID status information registered in the user ID management database is activated. State information management means for setting the state;
When receiving an authentication request for a user who has accessed the service using a user ID registered in the user ID management database from a server that provides the service provided, the user ID management database is referred to and the user ID When the status information is in an active state, the user is requested to input information for determining whether or not the user is a valid user, and the user is a valid user based on the contents of the input information. User authentication means for determining whether or not and outputting the determination result to a server providing the provided service;
A user ID management device comprising: A first stage of extracting a user who is a user of a provided service and issuing a user ID for providing the provided service for each extracted user;
A second stage of registering the issued user ID together with state information indicating that it is in an inactive state in a user ID management database that manages state information as to whether or not each user ID is active;
A third stage of executing a delivery process for delivering the issued user ID to the corresponding user;
A fourth stage of acquiring delivery information related to the delivery status of the user ID;
Based on the delivery information of the user ID, when it is determined that the delivery of the user ID to the user is completed, the status information of the user ID registered in the user ID management database is set to an active state. The fifth stage,
A sixth stage of accepting an authentication request of a user who has accessed the provided service from a server providing the provided service using a user ID registered in the user ID management database;
Referring to the user ID management database, when the status information of the user ID is in an active state, the user ID is requested and input for determining whether the user is a valid user. A seventh stage for determining whether the user is a valid user based on the content of the information;
An eighth stage of outputting a determination result as to whether or not a user who has accessed the provided service is a valid user to a server that provides the provided service;
A program for causing a computer to execute a user ID management method including: