JP2010066886A - Falsification instruction execution prevention technology using a plurality of terminals - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent that an unauthorized instruction falsified by a hijacked terminal is executed in a server or a peer. <P>SOLUTION: The server transmits an instruction transmitted to the server through a first terminal by a user to one or more confirming terminals different from the first terminal. The user can confirm contents of the transmitted instruction in the confirming terminal. A confirmation result is newly transmitted to the server, and the instruction is executed in the server according to the confirmation result received from the confirming terminal. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to a technique for correctly executing a command (processing) in a remote server (or peer). More specifically, an illegal command altered by a hijacked terminal is executed by the server or peer. It is related with the technology which prevents that.

A technique for transmitting a command or process from a terminal to a server (or peer) at a remote location via a network and executing it is an indispensable technique for services provided via a network. On the other hand, there are an increasing number of cases in which terminals are taken over by computer viruses or bots and the terminals are operated illegally, and the tendency of crimes using them has also increased from the pleasant crime type that acts flashy, for the purpose of money Is moving to the malicious type. The detection and exclusion of these devices has become increasingly difficult year by year, and according to one survey, the ratio of hijacked terminals is one in 40 (*) in Japan and as many as one in 10 overseas. It has been broken. This ratio is expected to continue to increase in the future, and effective and practical measures are required.
(*) Http://itpro.nikkeibp.co.jp/free/ITPro/NEWS/20050727/165402/

So far, countermeasures against attacks on communications have been focused on preventing tampering in the communication path. For example, VPN (Virtual Private Network), SSL / TLS, SSH, etc. are widely used as a method for preventing falsification of data on a communication path by constructing a communication path in which falsification is detected between network nodes. It has been. Further, in Non-Patent Document 1 listed below, it is assumed that there are a plurality of independent communication paths between the terminal and the server, and even if some of the communication paths are hijacked by an attacker, they are falsified. There is disclosed a technique for transmitting non-existent data from a terminal to a server in a concealed state.
Kaoru Kurosawa and Kazuhiro Suzuki "Truly Efficient 2-Round Perfectly Secure Message Transmission Scheme" Proc. Of EUROCRYPT 2008, Springer--Verlag, pp. 324-340, 2008

  However, since these techniques are detection techniques for tampering during communication, if a terminal that transmits and receives information is hijacked, forged or tampered data may be sent to the communication partner. Tampered data may be presented to the user through the terminal screen. Further, in the case of the technique described in Non-Patent Document 1, authentication of who is the receiver for the sender and who is the sender for the receiver is separately required, which is complicated.

  Note that a device being hijacked means that all data that is typed in or recorded on the hijacked device, data that reaches the device is known to the attacker, and is displayed on the screen of the device. It also means that the data transmitted by the terminal may be rewritten by an attacker.

  As a method for improving security, an authentication method using a one-time password has also been proposed. This is because even if a one-time password generated on another terminal (disposable password) is typed into a terminal that may have been hijacked, the one-time password is eavesdropped, and it will be misused after the next time. This is a method to prevent this. However, an attacker on the hijacked terminal can tamper with the data sent with the one-time password.

  Thus, in the conventionally proposed method, it is difficult to prevent fraud by an attacker when the terminal itself is hijacked. In view of such circumstances, the present invention provides instructions and instructions other than those intended by the user when some of the terminals used by the user are hijacked and it is not clear which terminal is hijacked. An object of the present invention is to prevent the processing from being executed in the server (or peer) without imposing a heavy load on the user.

  In a preferred embodiment of the present invention, a command transmitted from a user to a server via a terminal is transmitted by the server to at least one or more confirmation terminals different from the terminal. The user can confirm the content of the transmitted command at the confirmation terminal. The confirmation result is transmitted to the server again, and the server determines whether to execute the command according to the received command and the pattern of the received response message.

  In such an information processing method, it is possible to realize that an illegal command is not executed in the server unless at least one of the terminal that transmits the command and the confirmation terminal is hijacked. Therefore, it is possible to cope with an attack that hijacks the terminal itself and performs fraud.

  Further, since the user only has to confirm the contents of the transmitted command at the confirmation terminal, the input work performed by the user on the confirmation terminal can be minimized.

  The number of command transmission terminals and the number of command confirmation terminals are not particularly limited, but it is preferable that the number of command transmission terminals is one, and it is sufficient that there is at least one confirmation terminal.

  To prevent unauthorized commands and processing from being executed on the server from the hijacked terminal, for example, the same command or processing is repeatedly input on multiple terminals, and multiple identical commands or processing arrive on the server side It is also possible to adopt a configuration in which they are executed only in cases, and embodiments having such a configuration are included in the embodiments of the present invention. However, in this configuration, the user has to input the same contents to a plurality of terminals many times, and it cannot be denied that the operation becomes complicated. By using only one terminal for command transmission and other terminals for confirmation, the user's effort can be minimized.

  The command transmission terminal and the confirmation terminal all need to be different terminals. Here, the fact that the terminal A is different from the terminal B means a situation in which an attacker who hijacks the terminal B cannot impersonate the terminal A and issue a command or receive information. Further, the authentication information necessary for establishing a connection between each terminal and the server needs to be independent for each terminal. This is to prevent an attacker on a compromised terminal from impersonating another non-hijacked terminal or impersonating a user.

  In a preferred embodiment of the present invention, it is preferable that a confirmation result received from one of the confirmation terminals is transmitted to another confirmation terminal or the command transmission terminal. According to such a configuration, it may be possible to determine which terminal is hijacked.

  According to the present invention, if at least one of the terminal that transmits the command and the terminal for confirmation is not hijacked, it is possible to prevent an illegal command from being executed in the server. For this reason, it is particularly suitable as a method for processing instructions related to important transactions involving money, such as electronic commerce, online trade, and net auction. For example, in electronic commerce, it is conceivable that an attacker who hijacks a terminal falsifies an order entered by a user and transmits it to a server to execute the falsified order. According to the present invention, it is possible to prevent an unauthorized order from being executed in a server unless all of a terminal for inputting / transmitting an order and a confirmation terminal are hijacked.

  Some of the preferred embodiments of the present invention are specified in the appended claims. However, the embodiments of the present invention are not limited to those explicitly described in the claims, specification and drawings, and can take various forms without departing from the spirit of the present invention. . The present invention includes in its scope all novel and useful configurations that can be taught from these documents, whether or not explicitly disclosed in the claims, specification and drawings.

The embodiment of the present invention includes the following information processing method. This method is an information processing method in a server that can communicate with a plurality of different terminals,
Authenticating each of the plurality of terminals using mutually independent authentication information;
Receiving a command from at least one of the plurality of terminals;
A step of transmitting a first confirmation message including the content of the command to at least one terminal other than the terminal that has transmitted the command among the plurality of terminals;
Receiving a response message from all or one or more of the terminals that have received the first confirmation message;
Determining whether to execute the command according to the received command and the pattern of the received response message;
including. In addition, an embodiment of the present invention provides an apparatus configured to execute the information processing method or the novel information processing method disclosed in the present specification, and a computer program for causing a computer to execute the method. Including. In addition, authentication using independent authentication information means that independent authentication information is used in each authentication. Even if an attacker can obtain certain authentication information and break the authentication, It means that it cannot be broken until another certification.

  Depending on the embodiment, a step of transmitting a second confirmation message including the content of the response message received from a certain terminal among the plurality of terminals to a terminal different from the certain terminal among the plurality of terminals. Further included. The method may include a step of transmitting a message including information on the result of the determination step to at least one of the plurality of terminals.

  In some embodiments, the server may be configured to determine to execute the command only if the received command matches all commands approved in the received response message. In this case, even if n-1 of the n terminals are hijacked, an illegal command or order is not executed on the server, but if one is hijacked, the order is not established. In this case, in order to make an order, it is necessary to identify a terminal that has been hijacked and eliminate it.

  Depending on the embodiment, the server may be configured such that the sum of the number of terminals that have transmitted a command having the same meaning and the number of terminals that have transmitted a message that acknowledges the sum exceeds the number of terminals that are considered hijacked, or Only when a majority of the number of terminals authenticated in the authentication step is exceeded, the instruction may be determined to be executed. In this case, if more than n / 2 of the n terminals are hijacked, the server accepts an illegal command or order issued by the attacker, but less than n / 2 terminals are hijacked. Even if the terminal from which the user issues a command is not hijacked, the command or order issued by the user can be established. In other words, when an instruction or order is not established, it is possible to establish the instruction or order by changing the terminal that issues the instruction or order.

  The specific content of the above instruction is not particularly limited, and may be an instruction related to any processing. For example, it may be an instruction regarding an order in electronic commerce, a vote in electronic voting, a bid in electronic bidding, a questionnaire posting, and the like.

  Hereinafter, more specific examples of preferred embodiments of the present invention will be described with reference to the accompanying drawings.

  FIG. 1 is a diagram for explaining the elements and processing flow that appear in the information processing system and method introduced as the first embodiment. The information processing method according to the first embodiment is executed between two client terminals (client 1 and client 2) and one server device (3). The user (0) depicted in FIG. 1 is an operator of the client terminal (1) and the client terminal (2). Each of the clients 1 and 2 and the server 3 can be a general-purpose computer including a CPU, a memory, a communication device, and the like. Therefore, characteristic information processing according to the present embodiment can be realized by software processing brought about by cooperation between the computer program and the CPU. Such a computer program can be stored in a computer-readable storage medium such as a hard disk or a CD-ROM, and a data reading device such as a CD-ROM drive or a network such as Ethernet (registered trademark). To the storage device of each device. A part of the software processing can be realized as a hardware circuit using a programmable logic circuit such as FPGA.

  The client terminal (1) and the server device (3) can communicate using means such as the Internet, Ethernet (registered trademark), and a mobile communication network. The client terminal (2) and the server device (3) can also be used. It is possible to communicate using the same means. In this embodiment, the client terminal (1) and the client terminal (2) may not be able to communicate directly.

  In order to explain as specifically as possible, the information processing method according to the first embodiment will be described as an ordering method in electronic commerce. In the electronic commerce, the client terminal (1) operates as a terminal for a user to place an order, and the server device (3) operates as a computer device for executing the order. Therefore, generally, the server apparatus (3) is installed in a remote place, and is connected to the client terminals (1) and (2) through the Internet, a mobile communication network, or the like. Further, the server device (3) has a plurality of functions such as authentication, order processing, and billing, and these functions may be executed by separate computers in terms of hardware. That is, the server device (3) is not necessarily configured by a single computer device, but may be a system configured by a plurality of computer devices. The same applies to the client terminals (1) and (2). The client terminals 1 and 2 and the server apparatus 3 can be generally understood as computers or computer systems, and those skilled in the art can use appropriate computers or computer systems as the client terminals 1 and 2 and the server apparatus 3. Would be able to.

  In the electronic commerce method and system depicted in FIG. 1, the client terminal (2) is a terminal for confirming whether an order made using the client terminal (1) has been tampered with. It is a characteristic component in the electronic commerce according to the embodiment.

  Next, the flow of processing of the electronic commerce method and system according to the first embodiment will be described with reference to FIG.

  First, the client terminal (1) and the server device (3) need to complete authentication processing using appropriate authentication information (step 100). Similarly, the client terminal (2) must also complete the authentication process with the server device (3) using appropriate authentication information (step 100b). At this time, the authentication information used between the client terminal (1) and the server device (3) and the authentication information used between the client terminal (2) and the server device (3) are independent from each other. There must be. That is, it must not be derived from one to the other. Examples of such authentication information include, for example, two independent passwords. Also, a method of storing appropriate authentication information in advance between the client terminal (1) and the server device (3), and between the client terminal (2) and the server device (3) can be used. An authentication method suitable for this purpose is introduced in Japanese Patent Application Nos. 2008-110756 and 2008-179670, which are prior patent applications by the present inventors.

  In step 101, the user (0) operates the client terminal (1) to place an order related to electronic commerce. As an example, the server device (3) can provide a service screen for the electronic commerce via the Internet, and the service screen is displayed on the display of the client terminal (1) and the user (0). Can input a desired order by operating the user interface (keyboard, mouse, etc.) of the client terminal (1). In step 102, the client terminal (1) creates a message (electronic data) including the contents of the order and transmits it to the server (3).

  In step 103, the server (3) that received the order message creates a confirmation message including the contents of the order and transmits it to the client terminal (2). Depending on the embodiment, the confirmation message may be transmitted to the client terminal (1). In any case, the client terminal (2) that has received the confirmation message displays the contents of the order included in the confirmation message on the display (step 104). The user (0) confirms the content of the order displayed on the display of the client terminal (2). If the content of the order matches the content of the order made in step 101, an input indicating that the order is approved To the client terminal (2). If they do not match, the client terminal (2) is input to reject the order (step 105). In step 106, the client terminal (2) that has received this confirmation input creates a response message including the content of the confirmation input and transmits it to the server device (3). The server apparatus (3) executes the order only when the response message received in step 106 is one that approves the execution of the order received in step 102.

  In step 107, the server device (3) creates a second confirmation message including the content of the confirmation input received in step 106, and transmits it to the client terminal (1). The content of the confirmation input in the client terminal (2) included in this message is displayed on the display of the client terminal (1), and the user (0) can confirm it (step 108).

  By the way, when the client terminal (1) is hijacked, all the data input to the device, the recorded data, and the received data may be falsified by an attacker. That is, there is a possibility that the order input in step 101 is tampered with in step 2 and transmitted to the server device (3). In addition, the confirmation result received in step 107 may be altered in step 108 and displayed. Similarly, when the client terminal (2) has been hijacked, there is a possibility that the contents of the order confirmation received in step 103 may be altered and displayed in step 104. In addition, the confirmation result input in step 105 may be altered in step 106 and transmitted to the server apparatus (3).

  However, in the electronic commerce system according to the first embodiment, the order entered at the client terminal (1) is confirmed at the client terminal (2) different from the client terminal (1) and transmitted from the client terminal (2). Server (3) will not execute the order unless approved by the message. Therefore, unless both the client terminals (1) and (2) are hijacked, an illegal order is not executed in the server (3).

  The client terminal (1) prevents the attacker who hijacked one of the client terminals (1) and (2) from acquiring the other terminal's authentication information illegally using the information of the hijacked terminal. ) And the server device (3) and the authentication information used between the client terminal (2) and the server device (3) must be independent of each other. In other words, even if secret information necessary for executing authentication of the terminal is taken by the hijacked terminal, it must not be allowed to impersonate the user on the terminal that is not hijacked.

  Hereinafter, with reference to FIG. 2 to FIG. 5, specific examples of how the order is made and how the information is presented to the user are affected when falsification is made and when there is no falsification.

  FIG. 2 is a flowchart depicting the flow of processing when there is no tampering. Steps 202a and 202b show authentication processing stages between the client terminal (1) and the server device (3) and between the client terminal (2) and the server device (3), respectively. It is a corresponding step. Step 204 is a step in which the user performs an ordering operation on the client terminal (1), and corresponds to step 101 in FIG. Step 206 is a step in which the client terminal (1) creates an order message including the contents of the order. In step 208, the order message is transmitted to the server device (3). Steps 206 and 208 correspond to step 102 in FIG. Step 210 is a step in which the server apparatus (3) transmits a confirmation message including the contents of the order to the client terminal (2), and corresponds to step 103 in FIG. Step 212 is a step in which the client terminal (2) displays the content of the confirmation message on its display, and corresponds to step 104 in FIG. Step 214 is a step in which the user performs a confirmation operation on the client terminal (2), that is, an operation of whether or not to approve the order contents displayed on the display of the client terminal (2). Equivalent to. In the example of FIG. 2, since no tampering is performed, the user performs an input operation to approve the order.

  Step 216 is a step in which the client terminal (2) creates a response message including the content of the confirmation operation, that is, information indicating that the order is approved. Step 218 is a step in which the client terminal (2) sends the response message. Is transmitted to the server device (3). Steps 216 and 218 correspond to step 106 in FIG. In response to receiving the message to approve the order from the client terminal (2), the server device (3) establishes the order (step 220) and executes the order (step 222). The specific processing in the order establishment step 220 and the order execution step 222 can be various, for example, service charge billing, money transfer, product (data) download, order to an external service provider, etc. Processing instructions, etc. In FIG. 2, steps 220 and 222 are drawn in time earlier than steps 224 and 226, but the order is not particularly limited, and may be executed simultaneously with or after step 224.

  In step 224, the server apparatus (3) transmits a second confirmation message including the content of the response message received from the client terminal (2) (that is, information indicating that the order is approved) to the client terminal (1). This step corresponds to step 107 in FIG. Step 126 is a step in which the client terminal (1) displays the content of the second confirmation message (that is, information indicating that the order has been approved by the client terminal (2)) on its display. It corresponds to.

  In the case of FIG. 2, since no tampering has occurred, the order is successfully established and executed.

  Next, we will introduce some examples of information tampering. FIG. 3 depicts a processing flow when the client terminal (1) has been hijacked and the contents of the order input to the client terminal (1) have been tampered with and transmitted to the server device (3). . Steps that are not changed from the processing in FIG. 2 are given the same reference numerals and description thereof is omitted. For processing steps that differ only in the content of the message, the same numeral is attached with a symbol with “′” added to indicate it.

  The major difference between the case of FIG. 2 and the case of FIG. 3 is that after the user performs an ordering operation on the client terminal (1) (step 204), the order content is altered by the attacker (step 302). That is. As a result, the order contents are different from those intended by the user. Steps 206 ′ to 212 ′ represent the same processing as steps 206 to 212 in FIG. 2, except for one point, which is that the contents of the orders included in the order message and the confirmation message are intended by the user. The content is different from what I did. Therefore, the content of the order displayed on the client terminal (2) in step 212 ′ is different from the content of the order input by the user to the client terminal (1).

  In step 214 ′, as in step 214 of FIG. 2, the user performs a confirmation operation on the client terminal (2), that is, whether or not to approve the order contents displayed on the display of the client terminal (2). It is a step. In the case of FIG. 3, unlike the case of FIG. 2, the content of the order displayed on the client terminal (2) is not correct, so the user performs an input operation to reject the order.

  Steps 216 ′ and 218 ′ also represent the same processing as steps 216 and 218 in FIG. 2, but only the contents of the response message indicate that the order is rejected. And 218. In step 220 ′, in response to the server device (3) receiving a message to reject the order from the client terminal (2), the order is not established. The server device (3) may be configured to transmit a message notifying that the order has not been established to the client terminal (1) or / and (2). The processing in steps 224 ′ and 226 ′ is the same as the processing in steps 224 and 226 in FIG. 2 except that the content of the confirmation message is to reject the order.

  In the case of FIG. 3, the content of the order input to the client terminal (1) is tampered and transmitted to the server device (3). According to this embodiment, the server device (3) ) Can be confirmed, so that it is possible to prevent an unauthorized order from being established and executed.

  FIG. 4 is a diagram depicting the flow of processing in another example in which falsification of information occurs. In the case of FIG. 4, the client terminal (2) has been hijacked, and the contents of the confirmation input made on the client terminal (2) are falsified. Hereinafter, steps in which the same processing as in the case of FIG. 2 and FIG. 3 is performed will be denoted by the same reference numerals and description thereof will be omitted, and description will be focused on characteristic portions in the case of FIG.

  The processing flow in the case of FIG. 4 is the same as in the case of FIG. 2 until the confirmation message including the contents of the order is transmitted from the server device (3) to the client terminal (2) (step 210). It is. However, in the case of FIG. 4, the client terminal (2) falsifies the content of the received confirmation message and rewrites the content of the order. This tampering could be performed, for example, by a computer virus or pod that an attacker has sneaked into the client terminal (2). For this reason, the contents of the order displayed on the client terminal (2) in step 212 ′ are different from those entered by the user in the client terminal (1) in step 204. Therefore, as in the case of FIG. 3, the user performs an operation not to approve the order on the client terminal (2) (step 214 ′), so the order is not established (step 220 ′).

  When the client terminal (2) is hijacked, the contents of the confirmation operation input in step 214 of FIG. 2 may be falsified. Such a case is depicted in FIG.

  In the case of the example of FIG. 5, the processing up to the point where the user performs an input operation for approving the order displayed on the client terminal (2) (step 214) is the same as the processing in the case of FIG. 2. However, in the case of FIG. 5, the client terminal (2) rewrites information input by the user, and what is “approved” is changed to “rejected”. For this reason, information indicating that the order is not approved is included in the response message created by the client terminal (2) in response to the user's confirmation operation, as in step 216 ′ of FIG. Therefore, the order is not established in this case.

  In the example of FIGS. 4 and 5, the client terminal (2) has been hijacked by an unauthorized attacker, but no unauthorized order is executed.

  In addition to the examples of FIGS. 3 to 5, information may be falsified because the content of the confirmation message transmitted in step 224 (224 ′) is falsified in the client terminal (1). Is the case. In this case, there is a possibility that the confirmation information displayed on the client terminal (1) is different from the approval content input by the user to the client terminal (2). However, as can be understood from FIGS. 3 to 5, even if the contents of the confirmation message transmitted in step 224 (224 ′) are altered, the processing in the server device (3) is not affected. Order is never executed.

  Thus, according to the electronic commerce method according to the present embodiment, even if either of the client terminals (1) or (2) is taken over by an unauthorized attacker, an order different from the user's intention is placed. It can be prevented from being executed.

  The client terminal (1) is convenient for the user to perform various operations related to electronic commerce (for example, input of name and address, credit card number, browsing of order screen and input of order contents, etc.) A computer terminal with a large display, full keyboard, mouse, etc. would be preferred. Further, since the client terminal (2) only needs to be able to perform order confirmation work, the client terminal (2) does not need to be a computer terminal with high processing capability, and can be, for example, a small portable information terminal. Of course, these are merely examples, and it is a matter of course that there is no particular limitation as to what device is used as the client terminal (1) or (2) in carrying out the present invention.

  The same applies to the server device (3). Since the server device (3) in the present embodiment has been described as a server device for electronic commerce, it can process communication requests with a large number of client devices and has a relatively large scale with functions such as order processing and billing. Although it is a large server device, when the information processing method of the present invention is used for the purpose of smaller scale communication, the server device (3) is a small server device or only one terminal in peer-to-peer communication. There may be cases. In any case, in implementing the present invention, there is no particular limitation as to what kind of computer device is used as the server device (3). A person skilled in the art will be able to select an appropriate device as a server device or a client terminal, depending on specific implementation requirements.

  FIG. 6 shows the alteration pattern in the client terminal (1) or (2), the success or failure of the order at that time, and the order in the client terminal (1) displayed on the client terminal (2) in steps 212 and 212 ′. The correspondence between the contents of the operation (step 204) and the contents of the approval operation (steps 214 and 214 ′) in the client terminal (2) displayed on the client terminal (1) in steps 226 and 226 ′ is shown in a table.

  By the way, comparing the case of FIG. 3 with the case of FIG. 4, the former is the case where tampering occurs in the client terminal (1), and the latter occurs in the client terminal (2), but after step 212 ′. This process is exactly the same including the information presented to the user. That is, in the above-described embodiment, it is not always possible to specify which client terminal has been tampered with. However, if the number of terminals for confirmation is two or more, the number of cases in which the tampered terminal can be specified increases. Then, such an embodiment will be described with reference to FIG.

  FIG. 7 is a diagram for explaining the elements and the flow of processing that appear in the electronic commerce system and method introduced as the second embodiment. The electronic commerce system of the second embodiment is composed of three client terminals (client a, client b, client c) and one server device or system (S), and processing is executed between these elements. The The user (U) opened in FIG. 7 is a person who operates the client terminals (a) to (c) in the same manner as the user (0) depicted in FIG. As in the case of the first embodiment, each of the client terminals (a) to (c) and the server device (S) can be a general-purpose computer including a CPU, a memory, a communication device, and the like. Therefore, characteristic information processing according to the present embodiment can be realized by software processing brought about by cooperation between the computer program and the CPU.

  Each of the client terminals (a) to (c) and the server device (S) can be connected and communicated by means such as the Internet, Ethernet (registered trademark), and a mobile communication network. Also in the present embodiment, the client terminals (a) to (c) may not necessarily be able to communicate directly. In the electronic commerce according to the present embodiment, the client terminal (a) operates as a terminal for a user to place an order, and the server device (S) operates as a computer device for executing the order. Accordingly, the client terminal (a) corresponds to the client terminal (1) in the first embodiment, and the server device (S) corresponds to the server device (3) in the first embodiment. Client terminals (b) and (c) respectively correspond to the client terminal (2) in the first embodiment. That is, the electronic commerce system according to the present embodiment has a configuration in which two client terminals (2) in the first embodiment are used.

  With reference to FIG. 7, the process flow of the electronic commerce system and method according to the second embodiment will be briefly described.

  Steps 701 and 702 correspond to steps 101 and 102 in the first embodiment. The user U operates the client terminal (a) to place an order relating to electronic commerce (step 701). a) transmits a message including the contents of the order to the server apparatus (S) (step 702). Upon receiving the order message, the server apparatus (S) creates two confirmation messages including the order contents and transmits them to the client terminals (b) and (c), respectively (steps 703b and 703c). Each of the client terminals (b) and (c) displays the content of the received confirmation message on its display, and allows the user U to confirm the content (steps 704b and 704c). The user U looks at the display of each terminal and confirms the contents of the order, and performs an operation on whether or not to approve the contents of the order at each terminal (steps 705b and 705c). Each of the client terminals (b) and (c) transmits a response message including the contents of the user's approval operation to the server device (S) (steps 706b and 706c). As described above, steps 703 (b, c) to 706 (b, c) are the steps in the first embodiment except that the processing is doubled because there are two client terminals. It corresponds to 103-106.

  Now, the server apparatus (S) executes the order only when both of the response messages received from the client terminals (b) and (c) approve the order. Further, the server device (S) transmits the content of the user approval operation included in the response message received from the client terminals (b) and (c) to the client terminal (a) as a further confirmation message (step 707a). The server device (S) transmits the contents of the approval operation received from the client terminal (c) to the client terminal (b) and the contents of the approval operation received from the client terminal (b) to the client terminal (c) ( Steps 707b and 707c). Each client terminal (a) to (c) displays the content of the received approval operation on each display so that the user can view the content (steps 708a to 708c).

  Although omitted in FIG. 7, the client terminals (a) to (c) need to complete authentication processing in advance using the server device (S) and independent authentication information. That is, even when a certain client terminal is hijacked, authentication information of another client terminal must not be able to be acquired from the information of the hijacked client terminal. This is the same as in the first embodiment.

  In the electronic commerce system depicted in FIG. 7, there is a possibility that data may be falsified. (1) When the client terminal (a) falsifies the contents of the order input made in step 701, (2) When the client b or c falsifies the order contents received at step 703b or 703c, (3) When the client terminal (b) or c falsifies the contents of the approval operation performed at step 705b or 705c, (4 ) There are four types when any of the client terminals (a) to (c) falsifies the contents of the approval operation received in steps 707a to 707c. However, since the server apparatus (S) does not execute the order unless it receives a message to approve the order from both the client terminals (b) and (c), the server apparatus (S) is tampered unless all the client terminals are hijacked. Orders are never executed. The order operation performed at the client terminal (a) is confirmed at the two client terminals (b) and (c), and the contents of the order approval operation performed at the client terminals (b) and (c) Therefore, if the number of hijacked client terminals is one, the hijacked terminal can be identified.

  Next, an example of the processing flow of the electronic commerce system according to the second embodiment will be described with reference to FIG. The example depicted in FIG. 8 shows the flow of processing in the same case as depicted in FIG. 3 for the first embodiment. That is, the flow of processing when the client terminal (a) is hijacked and the client terminal (a) tampers with the user's ordering operation and transmits it to the server device (S) is illustrated.

  Steps 802a-c represent authentication processing steps between the client terminals (a)-(c) and the server device (S). As described above, independent authentication information is used for each client terminal. Step 804 is a step in which the user operates the client terminal (a) to input for ordering, and corresponds to step 701 in FIG. Step 806 represents a step in which the input order information is tampered. This tampering may be performed by, for example, a computer virus or a bot that the attacker has entered the client terminal (a). . In step 808, the client terminal (a) creates an order message including the rewritten order contents, and transmits it to the server apparatus (S) in step 810. That is, step 810 corresponds to step 702 in FIG.

  The server device (S) that has received the order message creates two confirmation messages including the order information and transmits them to the client terminals (b) and (c), respectively (steps 812b and c). Since the order information has been falsified in step 806, the order information included in these confirmation messages is different from that entered by the user into the client terminal (a). Therefore, the user does not approve the order at the client terminals (b) and (c). The same processing as that described in Steps 212 ′ to 218 ′ of FIG. 3 for the first embodiment is executed in the client terminals (b) and (c), respectively (Steps 814b to 820b and Steps 814c to 820c). The server device (S) receives a response message to reject the order from both the client terminals (b) and (c). Therefore, the server device (S) performs processing to make the order unsuccessful. Although not depicted in FIG. 8, the server device (S) may be configured to transmit to the client terminals (a) to (c) that the order has not been established. . As described above, in the configuration in which the server transmits information about establishment or non-establishment of the command to the client, when some of the terminals used by the user are hijacked, the command issued by the user is executed by the server. It is useful to tell the user correctly whether or not.

  In step 824a, the server apparatus (S) transmits to the client terminal (a) the message including the contents of the approval operation in the client terminals (b) and (c) received in steps 820b and c. The server device (S) transmits a message including the contents of the approval operation at the client terminal (c) to the client terminal (b), and transmits a message including the contents of the approval operation at the client terminal (b) to the client terminal (c). (Steps 824b and 824c). The contents of the confirmation message received by each client terminal in steps 824a-c are displayed on the display of each client terminal in steps 826a-c.

  Next, the flow of processing in the second embodiment when a situation corresponding to FIG. 4 in the first embodiment occurs will be described with reference to FIG. That is, the process flow when the client terminal (b) is hijacked and the content of the order confirmation message received from the server device (S) is rewritten will be described. In addition, about the step which is not changed from the process of FIG. 8, the same code | symbol is attached | subjected and description is abbreviate | omitted. For processing steps that differ only in the content of the message, the same numeral is attached with a symbol with “′” added to indicate it.

  In the case of FIG. 9, it is assumed that no tampering occurs in the client terminal (a). Therefore, the content of the order message created in the step corresponding to step 808 in FIG. 8 is as intended by the user (step 808 ′). The correct order information is also stored in the order message and confirmation message transmitted in steps (810 ′, 812b ′, 812c ′) corresponding to steps 810, 812b, 812c in FIG. The client terminal (b) rewrites the order information included in the confirmation message received in step 812 '(step 813), so the order information displayed by the client terminal (b) in step 814b is intended by the user. The user will perform an operation not to approve the order (step 816b), so that the client terminal (b) does not approve the order as in FIG. A response message is transmitted to the server (818b, 820b).

  On the other hand, since no alteration of information occurs in the client terminal (c), the order information displayed on the display of the client terminal (c) in step 814c ′ is as intended by the user. The user will then perform an operation to approve the order (step 816c ′). Therefore, unlike the case of FIG. 9, the client terminal (c) transmits a response message to approve the order to the server (818c ′, 820c ′).

  Although the server device (S) receives a message notifying approval of an order from the client terminal (c), it receives a message notifying approval of the order from the client terminal (c). Similarly, processing is performed to the effect that the order is not established (step 822). In the next step, the server device (S) transmits the contents of the response message received in steps 820b and 820c ′ to each client terminal. A message is sent to the client terminal (a) indicating that the order is not approved at the client terminal (b) and the order is approved at the client terminal (c) (step 824a ′). The client terminal (b) has a message that the order has been approved by the client terminal (c), and the client terminal (c) has a message that the order has not been approved by the client terminal (b). It is transmitted (steps 824b ′ and 824c). The contents of these messages are displayed on the display of each terminal in steps 826a ', 826b', and 826c, and the user can confirm the contents.

  In the case of FIG. 3 and the case of FIG. 4 regarding the first embodiment, it is impossible to distinguish whether the client terminal (1) or (2) is falsified. However, since the contents of the order confirmation messages displayed at the client terminals (b) and (c) are different between the case of FIG. 8 and the case of FIG. 9, it is identified that falsification has occurred at the client terminal (b). can do. That is, the hijacked terminal can be specified.

  FIG. 10 shows the alteration patterns in the client terminals (a) to (c), the success or failure of the order at that time, and the correspondence between the order confirmation display and the approval operation confirmation display in the client terminals (a) to (c). It shows with. In any case, it can be understood that execution of a tampered order is prevented.

  As mentioned above, although the example of preferred embodiment of this invention has been demonstrated using figures, these examples are only the examples given in order to have you understand this invention well, and this invention is the range. Various embodiments can be taken without departing from the above.

  For example, in the embodiment described above, the number of client terminals is two or three, but the number of client terminals may be larger. Even with a large number of client terminals, ordering instructions and troublesome terminal operations for processing can be done with one terminal, and only other confirmation operations need be performed on other terminals. That's it.

  Further, the embodiment of the present invention is not limited to the case where the number of command input terminals for ordering or the like is one, and a plurality of terminals may be used. That is, the server device may be configured to receive commands from a plurality of terminals. For example, when the number of instruction input terminals is two, the following configuration can be adopted.

  After receiving the commands from the terminals A and B, the server sends the contents of the commands from A to the terminals other than A (in this case, sending to A is not excluded). The contents are sent to a terminal other than B (similarly, sending to B is not excluded). After that, the server receives information on whether or not to accept each of the commands A and B from each terminal (receives information on whether or not to accept at least the B command from the terminal A, and receives from the terminal B at least Information on whether or not to accept the command of A is received, and information on whether or not to accept each command of A and B is received from other terminals), and it is determined whether or not to execute the command.

  Embodiments of the present invention allow secret information to be communicated to the user from the server without being taken by the hijacking terminal, and / or secret information can be conveyed from the user to the server without being taken by the hijacking terminal. The thing which has a structure is included. For example, in order to prevent the secret information from being stolen by the compromised terminal when the secret information is transmitted from the server to the user, the secret information is divided by the server or another server linked thereto, and the divided information is divided. Each secret information may be presented to the user using the client terminal without restoring the secret information. Alternatively, in order to prevent the secret information from being stolen by the terminal that has been hijacked when the secret information is transmitted from the user to the server, the user divides the secret information in advance, and the divided secret information is stored in the terminal. The secret information may be presented to the server without being restored. For information division, for example, a visual decryption secret sharing method (Visual Secret Sharing) can be used.

  According to the present invention, it is possible to prevent an altered instruction from being executed by a server (or peer) by checking the contents of an instruction executed on a certain terminal on another terminal different from the terminal. Even if the number of terminals is n and an attacker has taken over n-1 units, it is possible to prevent the server from executing unauthorized commands and processing. In the present invention, the user must use a plurality of independent terminals, so it may have been somewhat difficult to put into practical use in the past, but now the terminal has become smaller and cheaper, With the advent of the so-called ubiquitous era, it is highly likely that one user will use multiple terminals in the future. Therefore, there will be no problem in putting the present invention into practical use.

  In the future, it is expected that more and more information will be exchanged over the network, and services that allow the server to execute various processes through the terminal will increase. According to the present invention, it is possible to prevent a user's intention from being tampered with and executed. In particular, it can be said to be a very suitable invention for processing important transactions involving money, such as electronic commerce, online trade, and net auction.

It is a figure for demonstrating the element which appears in the information processing system and method introduced as a 1st Example, and the flow of a process. In the first embodiment, it is a diagram depicting the flow of processing when there is no tampering. In the first embodiment, it is a diagram depicting the flow of processing when falsification occurs in the client terminal (1). In the first embodiment, it is a diagram depicting a flow of processing when falsification occurs in the client terminal (2). In the first embodiment, it is a diagram depicting a flow of processing when another alteration occurs in the client terminal (2). 6 is a table summarizing the correspondence between alteration patterns in a client terminal (1) or (2), success or failure of an order at that time, and display contents in a client terminal in the first embodiment. It is a figure for demonstrating the element which appears in the information processing system and method introduced as a 2nd Example, and the flow of a process. In 2nd Example, it is the figure which drew the flow of a process in case alteration occurs in a client terminal (a). In 2nd Example, it is the figure which drew the flow of a process in case alteration occurs in a client terminal (b). In a 2nd Example, it is the table | surface which put together the correspondence of the alteration pattern in each client terminal, the success or failure of the order at that time, and the display content in each client terminal.

Claims (26)

An information processing method in a server capable of communicating with a plurality of different terminals,
Authenticating each of the plurality of terminals using mutually independent authentication information;
Receiving a command from at least one of the plurality of terminals;
Transmitting a first confirmation message including the content of the command to at least one terminal other than the terminal that has transmitted the command among the plurality of terminals;
Receiving response messages from all the terminals that have received the first confirmation message, respectively;
Determining whether to execute the command according to the received command and the pattern of the received response message;
Including a method.   The method further includes a step of transmitting a second confirmation message including the response message received from a certain terminal among the plurality of terminals to a terminal different from the certain terminal among the plurality of terminals. Item 2. The method according to Item 1.   The method according to claim 1, further comprising: transmitting a message including information regarding a result of the determination step to at least one of the plurality of terminals.   The method according to any one of claims 1 to 3, wherein it is determined to execute the command only when all received response messages acknowledge the execution of the command.   The method according to any one of claims 1 to 4, wherein it is determined that the command is executed only when the received command and the command approved in the received response message all match.   The sum of the number of terminals that have transmitted an instruction having the same meaning and the number of terminals that have transmitted a message that approves it exceeds the number of terminals that are considered hijacked, or the number of terminals that have been authenticated in the authentication step. The method according to claim 1, wherein the instruction is determined to be executed only when the majority of the instructions is exceeded. An information processing method in a server capable of communicating with a plurality of different terminals,
Authenticating each of the plurality of terminals using mutually independent authentication information;
Receiving a command from all terminals of the plurality of terminals;
Determining whether to execute the instruction according to a pattern of all the received instructions;
Including a method.   The method according to any one of claims 1 to 7, wherein the command relates to one of an order in electronic commerce, a vote in electronic voting, a bid in electronic bidding, and a questionnaire posting.   9. The method further comprising: dividing secret information by the server or another server linked thereto, and transmitting the divided secret information to the terminal for presentation to a user without restoration. The method in any one of.   9. The step of receiving each part of secret information divided by a user from the terminal, wherein the secret information is presented to the server without being restored. the method of.   The method according to claim 9 or 10, wherein the information dividing method is a visual secret sharing method (Visual Secret Sharing).   A computer program that, when executed by a CPU of a computer, causes the computer to execute a method according to any of claims 1 to 11.   A computer-readable storage medium storing the computer program according to claim 12. A server device capable of communicating with a plurality of different terminals,
Means for authenticating each of the plurality of terminals using mutually independent authentication information;
Means for receiving a command from at least one of the plurality of terminals;
Means for transmitting a first confirmation message including the content of the command to at least one terminal other than the terminal that has transmitted the command among the plurality of terminals;
Means for receiving response messages respectively from all terminals that have received the first confirmation message;
A server apparatus comprising: the received command; and means for determining whether to execute the command according to a pattern of the received response message.   The apparatus further comprises means for transmitting a second confirmation message including the content of the response message received from a certain terminal among the plurality of terminals to a terminal different from the certain terminal among the plurality of terminals. Item 15. The server device according to Item 14.   The server device according to claim 14 or 15, wherein the server device is configured to transmit a message including information on a result of the determination step to at least one of the plurality of terminals.   The server device according to any one of claims 14 to 16, wherein the server device is configured to determine to execute the command only when all of the received response messages acknowledge the execution of the command.   18. The server device according to claim 14, wherein the server device is configured to determine that the command is executed only when all of the received command and the command approved in the received response message match. .   The sum of the number of terminals that have transmitted an instruction having the same meaning and the number of terminals that have transmitted a message that approves it exceeds the number of terminals that are considered hijacked, or the number of terminals that have been authenticated in the authentication step. 15. The server device according to claim 14, wherein the server device is configured to determine that the instruction is executed only when a majority of the number is exceeded. A server device capable of communicating with a plurality of different terminals,
Means for authenticating each of the plurality of terminals using mutually independent authentication information;
Means for receiving instructions from all of the plurality of terminals;
Means for determining whether or not to execute the command according to the pattern of all the received commands;
Including a server device.   21. The server device according to claim 14, wherein the command relates to any of an order in electronic commerce, a vote in electronic voting, a bid in electronic bidding, and a questionnaire posting.   The secret information is divided by the server or another server that cooperates with the server, and each of the divided secret information is transmitted to the terminal to be presented to the user without being restored. The server device according to any one of 21.   22. The secret information divided by a user is configured to be received from the terminal, wherein the secret information is presented to the server without being restored. Server device.   The server apparatus according to claim 22 or 23, wherein the information dividing method is a visual decryption secret sharing method (Visual Secret Sharing).   It is comprised so that said 1st and 2nd confirmation message can be received from the server apparatus in any one of Claim 14 to 24, It is comprised so that the said response message can be transmitted to this server apparatus. Terminal.   A system comprising a plurality of terminals according to claim 25 and a server according to any of claims 14 to 24.

Images