JP2012108780A - Browsing authentication method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a technique for sharing contents with high security by using simple structure.SOLUTION: A browsing authentication method comprises in order: a browsing request step in which a browsing device 2 requests permission to browse contents from an authentication server 1; an authentication request step in which the authentication server 1 requests authentication for browsing contents from the browsing device 2 or a portable phone 3; an authentication execution step in which the portable phone 3 performs authentication for browsing contents in the authentication server 1; and a browsing authentication step in which the authentication server 1 authenticates the browsing device 2 to browse contents when the authentication for browsing contents has succeeded.

Description

  The present invention relates to a browsing authentication method for sharing content under a high security using a simple configuration, and storage of a document for converting a document into image data and storing the image data using a simple configuration. Regarding the method.

  Technologies for sharing content have been developed. For example, a technique for sharing an electronic medical record among a plurality of medical institutions has been developed. In Patent Document 1, the medical information disclosure control apparatus transmits encrypted information to the medical information browsing control apparatus, and the medical information browsing control apparatus uses a decryption key based on the permission of the owner of the encrypted information. Then, the encrypted information is decrypted. In Patent Document 2, when a disclosure request for personal information is requested, the disclosure procedure execution unit notifies the individual of the disclosure request, and when the disclosure of the individual is approved, discloses the personal information to the request source. .

  A technique for converting a document into image data and storing the image data has been developed. For example, a technique for converting a handwritten chart into an electronic chart and storing the electronic chart has been developed. In the medical management device of Patent Document 3, the identification information printing unit prints identification information on a paper document, the capturing unit captures the content information of the paper document and the printed identification information, and the association unit includes the content information and The electronic medical record is stored in association with the identification information.

JP 2005-284703 A JP 2002-197186 A JP 2009-205477 A

  However, in Patent Document 1 and Patent Document 2, browsing and authentication are both performed by a computer, but since the computer is easy to impersonate, content cannot be shared under high security. The technology for sharing an electronic medical record among a plurality of medical institutions has a unique and expensive configuration applied between large-scale medical institutions, and thus is difficult to apply between small-scale medical institutions. It was.

  In addition, the conventional image data storage method and the medical management apparatus disclosed in Patent Document 3 require a user to input a file name of image data when converting a document into image data. Then, the user needs to search for the document before update and add the document after update. Therefore, users who are used to handwritten documents but are not used to computers and keyboards have felt inconvenient to convert the documents into image data and store the image data.

  Accordingly, in order to solve the above-described problems, an object of the present invention is to provide a technique for sharing content under a high security using a simple configuration.

  Another object of the present invention is to provide a technique for converting a document into image data and storing the image data using a simple configuration.

  In order to achieve the above object, browsing is performed by a browsing device, but authentication is not performed by the browsing device but by a mobile phone associated with the browsing device. Cell phones are difficult to impersonate. The authentication server permits browsing to the browsing device when the mobile phone authentication is successful.

  Specifically, the present invention provides an authentication execution step in which a mobile phone performs authentication for requesting browsing of the content on a browsing device that browses the content to an authentication server that determines whether or not the content can be browsed; The browsing authentication method is characterized in that the authentication server sequentially includes a browsing permission step for permitting the browsing device to browse the content when the authentication requesting the browsing is successful.

  According to this configuration, since authentication is performed using mobile phones that are difficult to impersonate and are widely spread, it is possible to share content with high security using a simple configuration.

  Further, the present invention provides a browsing request step in which the browsing device requests the authentication server to browse the content, and the authentication server requests the browsing device or the mobile phone to browse the content. A browsing authentication method comprising: an authentication requesting step for requesting authentication, in order before the authentication executing step.

  According to this configuration, even when the browsing device makes a browsing request, high security authentication can be performed using the mobile phone.

  In the present invention, the mobile phone requests the authentication server to browse the content, and the authentication server requests the mobile phone to authenticate the content to be browsed. An authentication requesting step is sequentially provided before the authentication execution step.

  According to this configuration, even when the browsing device is not in the user's hand, high security authentication can be performed using the mobile phone.

  Further, according to the present invention, the content is registered by a registrant of the content different from a viewer of the content, and the authentication server registers the content when authentication for browsing the content is successful. A browsing confirmation step for confirming whether or not the content can be viewed with respect to a person's mobile phone, and a browsing notifying step for notifying whether or not the content can be viewed with respect to the authentication server by the mobile phone of the content registrant; , In order between the authentication execution step and the browsing permission step, and in the browsing permission step, when the permission to browse the content is notified, the authentication server sends the content of the content to the browsing device. This browsing authentication method is characterized by permitting browsing.

  According to this configuration, after the content viewer side makes a browsing request to the authentication server, the content registrant side notifies the authentication server of whether or not browsing is possible, and is high between the content viewer side and the registrant side. Share content under security.

  Further, according to the present invention, the content is registered by a registrant of the content different from a viewer of the content, and the mobile phone of the registrant of the content transmits the content in the browsing device to the authentication server. A registration request step for requesting registration for permitting content viewing, and registration for requesting authentication for requesting registration for permitting content viewing to the mobile phone of the content registrant. A user authentication request step, and a registrant authentication execution step in which a mobile phone of a registrant of the content performs authentication for requesting registration to permit the browsing of the content to the authentication server. In order in advance, in the browsing permission step, based on registration to permit browsing of the content on the browsing device, Testimony server, to said viewing device is a viewing authentication method and permits viewing of the content.

  According to this configuration, before the content viewer side makes a request for browsing to the authentication server, the content registrant side notifies the authentication server of permission to browse, and the content viewer side and the registrant side are expensive. Share content under security.

  Further, according to the present invention, the content is encrypted, and in the authentication execution step, the mobile phone authenticates the authentication server for browsing the content and the encrypted content. The browsing authentication method is characterized in that a password for decrypting is transmitted.

  According to this configuration, even if there is a possibility that an apparatus for storing content or a browsing apparatus may be illegally accessed, the content can be shared with high security.

  In the present invention, the content is encrypted, and in the browsing notification step, the mobile phone of the content registrant notifies the authentication server of permission to browse the content. A browsing authentication method, wherein a password for decrypting the encrypted content is transmitted.

  According to this configuration, even if there is a possibility that an apparatus for storing content or a browsing apparatus may be illegally accessed, the content can be shared with high security.

  Further, the present invention requests a registration to permit the content registration person's mobile phone to permit browsing of the content on a browsing device that browses the content to an authentication server that determines whether the content can be browsed. A registration request step, a registrant authentication request step for requesting registration for permitting the content registrant's mobile phone to permit browsing of the content, and a registrant of the content. A registrant authentication execution step for performing authentication for requesting registration to permit browsing of the content to the authentication server, and when authentication for requesting registration to permit browsing of the content is successful. The authentication server performs registration to permit browsing of the content on the browsing device, and the content on the browsing device Browsing permission step of permitting the viewing of a viewing authentication method characterized by sequentially comprising a.

  According to this configuration, the content registrant registers the content viewer using a mobile phone that is difficult to impersonate and is widely spread. However, the content viewer does not need to perform special processing such as requesting the content server to browse the content. Therefore, when the browsing device is a terminal that is difficult to impersonate, such as a fax machine, it is possible to share content with high security using a simpler configuration.

  In order to achieve the above object, first, a transparent case with a code indicating attribute information of a document is prepared. Next, the document and the code are converted into image data in a state where the document is stored in the transparent case, the attribute information of the document is extracted from the image of the code, and the attribute information of the document is set as the attribute information of the image data of the document. It was decided.

  Specifically, the present invention provides an image conversion step in which the scanner converts the document and the code into image data in a state where the document is stored in a transparent case with a code indicating attribute information of the document. The authentication server that approves storage of the image data of the document identifies the image of the code from the document and the image data of the code, and extracts and extracts the attribute information of the document from the identified image of the code An attribute information setting step of setting attribute information of the document as attribute information of image data of the document in order.

  According to this configuration, it is only necessary to give a scan start instruction to the scanner in a state where the document is stored in the transparent case and the document is stored in the transparent case. Therefore, it is not necessary to input the file name of the image data when converting the document into image data. If the transparent case is prepared first, the transparent case can be reused thereafter. Furthermore, since the position of the code attached to the transparent case is not changed every time the document is updated, the code image can be automatically identified, and the code recognition rate can be increased.

  According to the present invention, in the image conversion step, the scanner converts the document and the code into image data in a state where a code indicating attribute information changed every time the document is updated is attached to the document. This is a document storage method characterized by:

  According to this configuration, a code indicating attribute information such as an update date that is changed every time the document is updated is attached to the document, the document is stored in the transparent case, and the scan is started with the document stored in the transparent case. You only need to give instructions to the scanner. Therefore, it is not necessary to input the file name of the image data when converting the document into image data.

  Further, the present invention provides a storage authentication step in which the authentication server approves storage of the image data of the document when the attribute information set in the image data of the document matches the attribute information of the document. The document storage method is further provided after the attribute information setting step.

  According to this configuration, it is possible to store the image data after confirming whether the document is stored in the transparent case in a state where the attribute information matches.

  In the present invention, the authentication server searches the image data of the document before update based on the attribute information set in the image data of the document, and updates the image data of the document after update before the update. A document storing method, further comprising a document adding step of adding to the image data of the document after the attribute information setting step.

  According to this configuration, by using the automatic processing of the authentication server, the user does not need to search for the document before update and add the updated document to the document before update.

  In the present invention, the authentication server searches the image data of the document before update based on the attribute information set in the image data of the document, and updates the image data of the document after update before the update. A document storage method, further comprising a document addition step of adding to the image data of the document after the storage authentication step.

  According to this configuration, by using the automatic processing of the authentication server, the user does not need to search for the document before update and add the updated document to the document before update.

  The present invention can provide a technique for sharing content under high security using a simple configuration.

  Further, the present invention can provide a technique for converting a document into image data and storing the image data using a simple configuration.

It is a figure which shows the browsing authentication method of Embodiment 1. FIG. It is a figure which shows the structure of the authentication server of Embodiment 1. FIG. It is a figure which shows the browsing authentication method of Embodiment 2. FIG. It is a figure which shows the structure of the authentication server of Embodiment 2. FIG. It is a figure which shows the browsing authentication method of Embodiment 3. It is a figure which shows the structure of the authentication server of Embodiment 3. It is a figure which shows the browsing authentication method of Embodiment 4. It is a figure which shows the structure of the authentication server of Embodiment 4. It is a figure which shows the browsing authentication method of Embodiment 5. It is a figure which shows the structure of the authentication server of Embodiment 5. It is a figure which shows the browsing authentication method of Embodiment 6. It is a figure which shows the structure of the authentication server of Embodiment 6. It is a figure which shows the browsing authentication method of Embodiment 7. It is a figure which shows the structure of the authentication server of Embodiment 7. It is a figure which shows the method of storing a document in a transparent case. It is a figure which shows the method of storing image data. It is a figure which shows the structure of an authentication server.

  Embodiments of the present invention will be described with reference to the accompanying drawings. The embodiments described below are examples of the present invention, and the present invention is not limited to the following embodiments. In the present specification and drawings, the same reference numerals denote the same components.

(Embodiment 1)
The browsing authentication method of Embodiment 1 is shown in FIG. In the first embodiment, the authentication server 1 stores content, the browsing device 2 requests the authentication server 1 to browse the content, and the mobile phone 3 instead of the browsing device 2 authenticates the authentication server 1. I do. The content may be stored in the authentication server 1 or may be stored in a device other than the authentication server 1.

  FIG. 2 shows the configuration of the authentication server according to the first embodiment. The authentication server 1 includes a content storage unit 11, a data communication unit 12, an authentication request unit 13, and a browsing authentication unit 14. The content storage unit 11 stores content, and the data communication unit 12 performs data communication.

  The authentication request unit 13 is requested by the browsing device 2 to browse the content, and requests the browsing device 2 or the mobile phone 3 for authentication for browsing the content. Then, the authentication request unit 13 is authenticated from the mobile phone 3 to request browsing of the content. Here, the authentication server 1 associates the browsing device 2 and the mobile phone 3 so that the mobile phone 3 can receive authentication when a browsing request is received from the browsing device 2. The browsing authentication unit 14 permits the browsing device 2 to browse the content when the authentication for browsing the content is successful.

  In the following description of Embodiment 1, after applying Embodiment 1 to an electronic medical record system and medical institution A registers the electronic medical record in authentication server 1, a nurse of medical institution A uses the browsing device 2 to browse. In doing so, a nurse at medical institution A makes a browsing request using browsing apparatus 2, and a doctor at medical institution A performs authentication using mobile phone 3.

  In the browsing request step, the nurse of the medical institution A issues a browsing request in the browsing device 2. Specifically, the browsing device 2 acquires a user instruction and requests the authentication server 1 to browse content (step S1). In the authentication requesting step, the authentication request unit 13 requests the browsing device 2 or the mobile phone 3 for authentication for browsing content (step S2). In the authentication execution step, the mobile phone 3 acquires the user instruction after notifying the user of the authentication request, and performs authentication for requesting to browse the content to the authentication server 1 (step S3).

  A first case in which the authentication request unit 13 requests authentication only from the browsing device 2 will be described. First, a nurse using the browsing device 2 requests authentication from a doctor using the mobile phone 3. Here, the request for authentication may be made verbally or by wireless communication from the browsing device 2 to the mobile phone 3. Next, the doctor using the mobile phone 3 performs authentication.

  A second case in which the authentication request unit 13 requests authentication only from the mobile phone 3 will be described. In the second case, the request for authentication in the first case is unnecessary, and the doctor using the mobile phone 3 performs the authentication. Therefore, even if the doctor using the mobile phone 3 is away from the nurse using the browsing device 2, the doctor can perform authentication without the nurse contacting the doctor.

  A third case in which the authentication request unit 13 requests authentication from both the browsing device 2 and the mobile phone 3 will be described. In the third case, as in the first case or the second case, the doctor using the mobile phone 3 can perform authentication.

  In the browsing permission step, the browsing authentication unit 14 permits the browsing device 2 to browse the content when the authentication for browsing the content is successful. Then, the browsing authentication unit 14 notifies the data communication unit 12 of permission to browse the content, and the data communication unit 12 reads the content from the content storage unit 11 and transmits the content to the browsing device 2 (step S4). .

  In the first embodiment, since authentication is performed using the mobile phone 3 that is difficult to impersonate and is widely spread, it is possible to share content with high security using a simple configuration. Even when the browsing device 2 makes a browsing request, high-security authentication can be performed using the mobile phone 3.

  In the first embodiment, the content may be stored after being encrypted, and the authentication request unit 13 is authenticated by the mobile phone 3 and receives a password for decrypting the encrypted content. May be. At this time, in the authentication execution step, the mobile phone 3 authenticates the authentication server 1 for browsing the content and transmits a password for decrypting the encrypted content (step S3).

  In the first embodiment, only the mobile phone 3 stores the password for decrypting the encrypted content, and does not store the device for storing the content or the browsing device 2. Therefore, even if the device that stores the content or the browsing device 2 may be illegally accessed, the content can be shared with high security.

(Embodiment 2)
The browsing authentication method of Embodiment 2 is shown in FIG. In the second embodiment, the authentication server 1 stores content, the mobile phone 3 requests the authentication server 1 to browse the content, and the mobile phone 3 authenticates the authentication server 1. The content may be stored in the authentication server 1 or may be stored in a device other than the authentication server 1.

  FIG. 4 shows the configuration of the authentication server according to the second embodiment. The authentication server 1 includes a content storage unit 11, a data communication unit 12, an authentication request unit 13, and a browsing authentication unit 14. The content storage unit 11 stores content, and the data communication unit 12 performs data communication.

  The authentication request unit 13 is requested by the mobile phone 3 to browse the content, and requests the mobile phone 3 for authentication for browsing the content. Then, the authentication request unit 13 is authenticated from the mobile phone 3 to request browsing of the content. Here, the authentication server 1 associates the browsing device 2 and the mobile phone 3 so that the browsing permission can be sent to the browsing device 2 when a browsing request is received from the mobile phone 3. The browsing authentication unit 14 permits the browsing device 2 to browse the content when the authentication for browsing the content is successful.

  In the following description of the second embodiment, the second embodiment is applied to an electronic medical record system, and after the medical institution A registers the electronic medical record in the authentication server 1, the doctor of the medical institution A performs browsing using the browsing device 2. In this case, it is assumed that the doctor of the medical institution A makes a browsing request using the mobile phone 3, and the doctor of the medical institution A performs authentication using the mobile phone 3.

  In the browsing request step, the doctor of the medical institution A issues a browsing request on the mobile phone 3. Specifically, the mobile phone 3 acquires a user instruction and requests the authentication server 1 to browse the content (step S11). In the authentication requesting step, the authentication requesting unit 13 requests the mobile phone 3 for authentication for browsing content (step S12). In the authentication execution step, the mobile phone 3 acquires the user instruction after notifying the user of the authentication request, and performs authentication for requesting to browse the content to the authentication server 1 (step S13).

  In the browsing permission step, the browsing authentication unit 14 permits the browsing device 2 to browse the content when the authentication for browsing the content is successful. Then, the browsing authentication unit 14 notifies the data communication unit 12 of permission to browse the content, and the data communication unit 12 reads the content from the content storage unit 11 and transmits the content to the browsing device 2 (step S14). .

  In the second embodiment, since authentication is performed using the mobile phone 3 that is difficult to impersonate and is widely spread, it is possible to share content with high security using a simple configuration. Even when the browsing device 2 is not at hand of the user, high security authentication can be performed using the mobile phone 3.

  In the second embodiment, the content may be stored after being encrypted, and the authentication request unit 13 is authenticated from the mobile phone 3 and receives a password for decrypting the encrypted content. May be. At this time, in the authentication execution step, the mobile phone 3 authenticates the authentication server 1 for browsing the content and transmits a password for decrypting the encrypted content (step S13).

  In the second embodiment, only the mobile phone 3 stores the password for decrypting the encrypted content, and does not store the content storage device or the browsing device 2. Therefore, even if the device that stores the content or the browsing device 2 may be illegally accessed, the content can be shared with high security.

(Embodiment 3)
The browsing authentication method of Embodiment 3 is shown in FIG. In the third embodiment, content viewers and registrants are different. The browsing device 2 of the content viewer requests the authentication server 1 to browse the content, and the mobile phone 3 of the content viewer, not the browsing device 2 of the content viewer, authenticates the authentication server 1. . The cellular phone 4 of the content registrant permits browsing to the browsing device 2 of the content viewer. After the content viewer is authenticated from the mobile phone 3, the content registrant is permitted to view from the mobile phone 4.

  FIG. 6 shows the configuration of the authentication server according to the third embodiment. The authentication server 1 includes a content storage unit 11, a data communication unit 12, an authentication request unit 13, a browsing authentication unit 14, and a browsing confirmation unit 15. The content storage unit 11, the data communication unit 12, the authentication request unit 13, and the browsing authentication unit 14 are substantially the same in the third and first embodiments.

  The browsing confirmation unit 15 confirms whether or not the content can be browsed with respect to the cellular phone 4 of the content registrant when the authentication requesting the browsing of the content is successful. The browsing authentication unit 14 permits the browsing device 2 to browse the content when permission to browse the content is notified. In other words, after the content viewer's mobile phone 3 is successfully authenticated, if the content registrant's permission to view the mobile phone 4 is granted, the content viewer's browsing device 2 can receive the content.

  In the following description of the third embodiment, after applying the third embodiment to the electronic medical record system and the medical institution A registers the electronic medical record in the authentication server 1, the nurse of the medical institution B uses the browsing device 2 to browse. In doing so, a nurse at medical institution B makes a browsing request using browsing apparatus 2, and a doctor at medical institution B authenticates using mobile phone 3. Then, after authentication from the mobile phone 3 of the doctor of the medical institution B is performed, the browsing permission from the mobile phone 4 of the doctor of the medical institution A is granted.

  The browsing request step, the authentication request step, the authentication execution step, and the content transmission are substantially the same in the third embodiment and the first embodiment (steps S21 to S23, S26).

  In the browsing confirmation step, when the authentication for browsing the content is successful, the browsing confirmation unit 15 confirms whether or not the content can be browsed with respect to the cellular phone 4 of the content registrant (step S24). In the browsing notification step, the doctor of the medical institution A gives permission for browsing on the mobile phone 4. Specifically, the cellular phone 4 of the content registrant acquires the user instruction after notifying the user of the confirmation request, and notifies the authentication server 1 of whether or not the content can be browsed (step S25). In the browsing permission step, when the permission to browse the content is notified, the browsing authentication unit 14 permits the browsing device 2 to browse the content.

  In the third embodiment, high security authentication can be performed using the mobile phone 3 even when the browsing device 2 makes a browsing request. Then, after the content viewer side makes a browsing request to the authentication server 1, the content registrant side notifies the authentication server 1 of whether or not browsing is possible, and high security is achieved between the content viewer side and the registrant side. Content can be shared with others.

  In the third embodiment, the content may be stored after being encrypted. When the browsing confirmation unit 15 is notified of permission to browse the content from the mobile phone 4 of the content registrant, the content is encrypted. A password for decrypting the content may be received. At this time, in the browsing notification step, the cellular phone 4 of the content registrant transmits a password for decrypting the encrypted content when notifying the authentication server 1 of permission to browse the content. (Step S25).

  In the third embodiment, the password for decrypting the encrypted content is stored only by the cellular phone 4 of the content registrant, and not the device for storing the content or the browsing device 2. Therefore, even if the device that stores the content or the browsing device 2 may be illegally accessed, the content can be shared with high security.

(Embodiment 4)
The browsing authentication method of Embodiment 4 is shown in FIG. In the fourth embodiment, content viewers and registrants are different. The mobile phone 3 of the content viewer requests the authentication server 1 to browse the content, and the mobile phone 3 of the content viewer authenticates the authentication server 1. The cellular phone 4 of the content registrant permits browsing to the browsing device 2 of the content viewer. After the content viewer is authenticated from the mobile phone 3, the content registrant is permitted to view from the mobile phone 4.

  FIG. 8 shows the configuration of the authentication server according to the fourth embodiment. The authentication server 1 includes a content storage unit 11, a data communication unit 12, an authentication request unit 13, a browsing authentication unit 14, and a browsing confirmation unit 15. Except for the authentication requesting unit 13 receiving a browsing request from the mobile phone 3 and requesting the mobile phone 3 to authenticate, the constituent elements are substantially the same in the fourth and third embodiments.

  In the following description of the fourth embodiment, after applying the fourth embodiment to the electronic medical record system and the medical institution A registers the electronic medical record in the authentication server 1, the doctor of the medical institution B performs browsing using the browsing device 2. In this case, it is assumed that the doctor of the medical institution B makes a browsing request using the mobile phone 3, and the doctor of the medical institution B performs authentication using the mobile phone 3. Then, after authentication from the mobile phone 3 of the doctor of the medical institution B is performed, the browsing permission from the mobile phone 4 of the doctor of the medical institution A is granted.

  The authentication request unit 13 receives a browsing request from the mobile phone 3 and requests the mobile phone 3 for authentication, except for a browsing request step, an authentication request step, an authentication execution step, a browsing confirmation step, a browsing notification step, The storage locations of the transmission and decryption passwords are almost the same in the fourth and third embodiments (steps S31 to S36).

  In the fourth embodiment, even when the browsing device 2 is not in the user's hand, high security authentication can be performed using the mobile phone 3. Then, after the content viewer side makes a browsing request to the authentication server 1, the content registrant side notifies the authentication server 1 of whether or not browsing is possible, and high security is achieved between the content viewer side and the registrant side. Content can be shared with others.

(Embodiment 5)
The browsing authentication method of Embodiment 5 is shown in FIG. In the fifth embodiment, content viewers and registrants are different. The browsing device 2 of the content viewer requests the authentication server 1 to browse the content, and the mobile phone 3 of the content viewer, not the browsing device 2 of the content viewer, authenticates the authentication server 1. . The cellular phone 4 of the content registrant permits browsing to the browsing device 2 of the content viewer. Before the content viewer is authenticated from the mobile phone 3, the content registrant is permitted to view from the mobile phone 4.

  FIG. 10 shows the configuration of the authentication server according to the fifth embodiment. The authentication server 1 includes a content storage unit 11, a data communication unit 12, an authentication request unit 13, a browsing authentication unit 14, and a browsing registration unit 16. The content storage unit 11, the data communication unit 12, the authentication request unit 13, and the browsing authentication unit 14 are substantially the same in the fifth and first embodiments.

  The authentication requesting unit 13 permits the content registrant's mobile phone 4 to view content when requested by the content registrant's mobile phone 4 to register that content browsing is permitted. Request authentication for registration of. The browsing registration unit 16 executes registration for permitting browsing of content when authentication for requesting registration for permitting browsing of content is successful. The browsing authentication unit 14 permits the browsing device 2 to browse the content based on the registration that the browsing of the content is permitted. In other words, after the content registrant's permission to view the mobile phone 4 is granted, if the content viewer's mobile phone 3 is successfully authenticated, the content viewer's browsing device 2 can receive the content.

  In the following description of the fifth embodiment, after the fifth embodiment is applied to the electronic medical record system and the medical institution A registers the electronic medical record in the authentication server 1, the nurse of the medical institution B uses the browsing device 2 to browse. In doing so, a nurse at medical institution B makes a browsing request using browsing apparatus 2, and a doctor at medical institution B authenticates using mobile phone 3. Then, before the authentication from the mobile phone 3 of the doctor of the medical institution B is performed, the viewing permission from the mobile phone 4 of the doctor of the medical institution A is granted.

  The browsing request step, the authentication request step, the authentication execution step, and the content transmission are substantially the same in the fifth embodiment and the first embodiment (steps S46 to S49).

  The doctor of the medical institution B requests the doctor of the medical institution A to register that the browsing of the content by the browsing device 2 is permitted (step S41). In the registration request step, the doctor of the medical institution A requests registration on the mobile phone 4 to permit browsing of the content by the browsing device 2. Specifically, the cellular phone 4 of the content registrant acquires the user's instruction and requests the authentication server 1 to register that the content browsing is permitted (step S42). In the registrant authentication requesting step, the authentication requesting unit 13 requests the mobile phone 4 of the content registrant for authentication requesting registration to permit browsing of the content (step S43). In the registrant authentication execution step, the cellular phone 4 of the content registrant obtains the user instruction after notifying the user of the authentication request, and authenticates the authentication server 1 for registration to permit browsing of the content. (Step S44). The doctor of the medical institution A notifies the doctor of the medical institution B of the completion of registration for permitting browsing of content by the browsing device 2 (step S45). Note that the communication between the doctor of the medical institution A and the doctor of the medical institution B may be verbal or by some communication means.

  In the browsing permission step, the browsing authentication unit 14 permits the browsing device 2 to browse the content based on registration to permit browsing of the content. Then, the content is transmitted from the authentication server 1 to the browsing device 2 (step S49).

  In the fifth embodiment, even when the browsing device 2 makes a browsing request, high-security authentication can be performed using the mobile phone 3. Before the content viewer side makes a request for browsing to the authentication server 1, the content registrant side notifies the authentication server 1 of permission to browse, and high security is provided between the content viewer side and the registrant side. Content can be shared with others.

  In the fifth embodiment, the content may be stored after being encrypted. The password for decrypting the encrypted content may be stored in a high-security device other than the device that stores the content, and the content registrant verbally or by some communication means to the content viewer You may be notified. Therefore, even if there is a possibility that a device for storing content may be illegally accessed, the content can be shared with high security.

(Embodiment 6)
The browsing authentication method of Embodiment 6 is shown in FIG. In the sixth embodiment, content viewers and registrants are different. The mobile phone 3 of the content viewer requests the authentication server 1 to browse the content, and the mobile phone 3 of the content viewer authenticates the authentication server 1. The cellular phone 4 of the content registrant permits browsing to the browsing device 2 of the content viewer. Before the content viewer is authenticated from the mobile phone 3, the content registrant is permitted to view from the mobile phone 4.

  FIG. 12 shows the configuration of the authentication server according to the sixth embodiment. The authentication server 1 includes a content storage unit 11, a data communication unit 12, an authentication request unit 13, a browsing authentication unit 14, and a browsing registration unit 16. Except for the authentication request unit 13 receiving a browsing request from the mobile phone 3 and requesting the mobile phone 3 to authenticate, the components are substantially the same in the sixth and fifth embodiments.

  In the following description of the sixth embodiment, after applying the sixth embodiment to the electronic medical record system and the medical institution A registers the electronic medical record in the authentication server 1, the doctor of the medical institution B performs browsing using the browsing device 2. In this case, it is assumed that the doctor of the medical institution B makes a browsing request using the mobile phone 3, and the doctor of the medical institution B performs authentication using the mobile phone 3. Then, before the authentication from the mobile phone 3 of the doctor of the medical institution B is performed, the viewing permission from the mobile phone 4 of the doctor of the medical institution A is granted.

  The registration request step, the registrant authentication request step, the registrant authentication execution step, the browsing request step, the authentication request, except that the authentication request unit 13 receives the browsing request from the mobile phone 3 and requests the mobile phone 3 to authenticate. The steps, authentication execution step, content transmission and decryption password storage location and distribution method are substantially the same in the sixth and fifth embodiments (steps S51 to S59).

  In the sixth embodiment, even when the browsing device 2 is not at the user's hand, high security authentication can be performed using the mobile phone 3. Before the content viewer side makes a request for browsing to the authentication server 1, the content registrant side notifies the authentication server 1 of permission to browse, and high security is provided between the content viewer side and the registrant side. Content can be shared with others.

(Embodiment 7)
FIG. 13 shows a browsing authentication method according to the seventh embodiment. In the seventh embodiment, the authentication server 1 stores content. First, a content sharing contract is signed between the content registrant and the viewer. Next, the cellular phone 4 of the content registrant registers with the authentication server 1 that the browsing of the content on the browsing device 2 that browses the content is permitted by authenticating the authentication server 1. Next, the content is downloaded from the authentication server 1 to the browsing device 2 without authenticating the authentication server 1.

  FIG. 14 shows the configuration of the authentication server according to the seventh embodiment. The authentication server 1 includes a content storage unit 11, a data communication unit 12, an authentication request unit 13, a browsing authentication unit 14, and a browsing registration unit 16. The content storage unit 11 stores content, and the data communication unit 12 performs data communication. The content may be stored in the authentication server 1 or may be stored in a device other than the authentication server 1.

  The authentication requesting unit 13 permits the content registrant's mobile phone 4 to view content when requested by the content registrant's mobile phone 4 to register that content browsing is permitted. Request authentication for registration of.

  The browsing authentication unit 14 approves registration to permit browsing of the content and permits browsing of the content on the browsing device 2 when the authentication for requesting registration to permit browsing of the content is successful. The browsing registration unit 16 executes registration for permitting browsing of content when authentication for requesting registration for permitting browsing of content is successful.

  In the following description of the seventh embodiment, after the seventh embodiment is applied to an electronic medical record system and the medical institution A registers the electronic medical record in the authentication server 1, the medical institution B performs browsing using the browsing device 2. Assume that the doctor of the medical institution B does not have to authenticate the authentication server 1.

  In executing the processing of FIG. 13, the doctor of the medical institution A registers an electronic medical record in the authentication server 1. The doctor of the medical institution A and the doctor of the medical institution B make a contract for sharing the electronic medical record. The doctor of the medical institution B requests the doctor of the medical institution A to register that the electronic medical chart is permitted to be browsed by the browsing device 2 of the medical institution B (step S61).

  In the registration request step, the cellular phone 4 of the content registrant acquires the user's instruction and requests the authentication server 1 to register that the content browsing is permitted (step S62). Specifically, the doctor of the medical institution A uses the mobile phone 4 to request registration for permitting browsing of the electronic medical record. In the registrant authentication requesting step, the authentication requesting unit 13 requests the mobile phone 4 of the content registrant for authentication requesting registration to permit browsing of the content (step S63). In the registrant authentication execution step, the cellular phone 4 of the content registrant obtains the user instruction after notifying the user of the authentication request, and authenticates the authentication server 1 for registration to permit browsing of the content. Is performed (step S64). Specifically, the doctor of the medical institution A uses the mobile phone 4 to perform authentication using an ID, a password, or the like.

  In the browsing permission step, when the authentication requesting registration for permitting browsing of content is successful, the browsing registration unit 16 executes registration for permitting browsing of the content, and the browsing authentication unit 14 performs browsing of the content. to approve. The browsing authentication unit 14 notifies the data communication unit 12 of permission to browse the content, and the data communication unit 12 reads the content from the content storage unit 11 and transmits the content to the browsing device 2 (step S65).

  In the seventh embodiment, a content registrant side registers a content viewer using a mobile phone 4 that is difficult to impersonate and is widely spread. However, the content viewer does not need to perform special processing such as requesting the authentication server 1 to browse the content. Therefore, when the browsing device 2 is a terminal that is difficult to impersonate, such as a fax machine, it is possible to share content with high security using a simpler configuration.

(Modification)
As a method for authenticating the mobile phones 3 and 4 by the authentication server 1, authentication using an ID or password is performed in the first to seventh embodiments. However, in the present modification, the following authentication may be performed. . First, there is authentication using specific information or position information of the mobile phones 3 and 4. Next, there is authentication for determining whether the communication terminal is a mobile phone that is difficult to impersonate or a computer that is easily impersonated. In this case, if the distribution characteristic of the transmission delay time between the authentication server 1 and the communication terminal is discrete, it is determined that the communication terminal is a wireless communication terminal such as the mobile phone 3 or 4, and the authentication server 1 and If the distribution characteristic of the transmission delay time between the communication terminals is not discrete, it is determined that the communication terminal is a wired communication terminal such as a computer.

  In Embodiment 1-4, only the mobile phone 3 or 4 stores the password for decrypting the encrypted content. However, in the present modification, the authentication server 1 may temporarily store the password. . Then, even when browsing the content a plurality of times within a certain period in the browsing device 2, it is not necessary to transmit the password a plurality of times in the mobile phones 3, 4, so that it is possible to quickly respond to the browsing request. However, in order to ensure high security, the authentication server 1 desirably deletes the temporarily stored password after the period has elapsed.

  In Embodiment 1-7, although the method for transmitting content from the authentication server 1 to the browsing device 2 is not limited, a web browser, a mail system, or the like can be used. When the mail system is used, the content is automatically transmitted to the registered mail address every time the content is updated. The content is stored in the reception folder, and if the content attribute information is set as the mail title, the content can be easily searched in the reception folder. However, when browsing encrypted content, it is necessary to enter a password.

(How to store documents in a transparent case)
The document storage method of the present invention can be used when a document is converted into image data and image data is stored. In this embodiment, when a handwritten chart is converted into an electronic chart and the electronic chart is stored. Shall be used.

  FIG. 15 shows a method for storing a document in a transparent case. First, the code 101 indicating the attribute information of the document 200 and the characters 102 are attached to the transparent case 100, and then the document 200 is stored in the transparent case 100. In the electronic medical record system, the transparent case 100 is a clear file, the document 200 is a handwritten medical record, the code 101 is a QR code, and the attribute information includes the patient's name and its pseudonym, and the patient's date of birth. Patient information such as The transparent case 100 does not need to be prepared every time the document 200 is updated, and may be prepared at the first registration of the document 200.

(Method of storing image data)
FIG. 16 shows a method for storing image data. First, the transparent case 100 is prepared in advance. In the electronic medical record system, a doctor or a nurse prepares a clear file in advance. Next, the document 200 is stored in the transparent case 100. In the electronic medical record system, the doctor or nurse puts the handwritten medical record in the clear file so that the patient information indicated by the characters 102 matches the patient information in the document 200 (step P1). Next, the document 200 stored in the transparent case 100 is set in the scanner 300. In the electronic medical chart system, a doctor or a nurse sets a handwritten medical chart sandwiched between clear files on the scanner 300 (step P2). Finally, the doctor or nurse presses the scan start button (step P3). The doctor or nurse may perform the processing up to Step P3 and may not perform the subsequent processing.

  The scanner 300 acquires a scan start instruction (step P4). Next, in the image conversion step, the scanner 300 converts the document 200 and the code 101 into image data in a state where the document 200 is stored in the transparent case 100 to which the code 101 indicating the attribute information of the document 200 is attached. In the electronic medical chart system, the scanner 300 converts the handwritten medical chart and the QR code into the electronic medical chart in a state where the handwritten medical chart is sandwiched between the clear files to which the QR code indicating the patient information of the handwritten medical chart is attached. Next, the scanner 300 transmits the image data of the document 200 and the code 101 to the computer 400 (step P5). Next, the computer 400 executes authentication using an ID or a password for the authentication server 500 that approves storage of the image data of the document 200, and if the authentication is successful, transmits the image data of the document 200 and the code 101. (Step P6).

  In the attribute information setting step, the authentication server 500 identifies the image of the code 101 from the image data of the document 200 and the code 101, extracts the attribute information of the document 200 from the identified image of the code 101, and extracts the attribute of the extracted document 200 Information is set as attribute information of image data of the document 200. In the electronic medical record system, the authentication server 500 identifies a QR code image from the electronic medical record, extracts patient information of the handwritten medical record from the identified QR code image (step P7), and electronically extracts the patient information of the extracted handwritten medical record. It is set as patient information of the chart (step P8).

  In the storage authentication step, the authentication server 500 approves storage of the image data of the document 200 when the attribute information set in the image data of the document 200 matches the attribute information of the document 200. In the electronic medical record system, the authentication server 500 approves storage of the electronic medical record (step P10) when the patient information set in the electronic medical record matches the patient information of the handwritten medical record (step P9). Specifically, the authentication server 500 confirms with the computer 400 whether these pieces of patient information match. Then, the computer 400 responds to the authentication server 500 as to whether or not the patient information matches in accordance with an instruction from a doctor having registration authority.

In the document addition step, the authentication server 500 searches the image data of the document 200 before update based on the attribute information set in the image data of the document 200, and the image data of the document 200 after update is the document before update. Add to 200 image data. In the electronic medical record system, the authentication server 500 searches the electronic medical record before the update based on the patient information set in the electronic medical record, and adds the updated electronic medical record to the electronic medical record before the update (step P11).

  For the same patient, the same clear file is reused each time the handwritten medical chart is updated, so an electronic medical chart in which the same attribute information is set is generated. Therefore, the authentication server 500 can search the electronic medical record before the update based on the attribute information set in the electronic medical record after the update. The authentication server 500 can also add an updated electronic medical record in addition to the electronic medical record before updating as an additional form of the electronic medical record, and stores the updated electronic medical record instead of the electronic medical record before updating. It is also possible to create a new file and register the electronic medical record in a new file when registering for the first time.

  In the image conversion step and the attribute information setting step, it is only necessary to give a scan start instruction to the scanner 300 with the document 200 stored in the transparent case 100 and the document 200 stored in the transparent case 100. Therefore, it is not necessary to input the file name of the image data when converting the document 200 to the image data. In the storage authentication step, it is possible to store the image data after confirming whether or not the document 200 is stored in the transparent case 100 with the attribute information matched. In the document addition step, by using the automatic processing of the authentication server 500, the user does not need to search for the document 200 before update and add the updated document 200 to the document 200 before update.

  The transparent case 100 need only be prepared once and can be reused any number of times, and there is no need to attach the code 101 to the document 200 each time the document 200 is updated. Here, if the code 101 is attached to the document 200, the position of the code 101 is changed every time the document is updated, but the code 101 is attached to the transparent case 100. The position is not changed each time the document is updated. Therefore, the image of the code 101 can be automatically identified, and the recognition rate of the code 101 can be increased. Furthermore, even the document 200 created by hand or the document 200 created before introducing the document storage method can be easily digitized using the document storage method. .

(Configuration of authentication server)
The configuration of the authentication server 500 is shown in FIG. The authentication server 500 includes a content storage unit 501, a data communication unit 502, a code extraction unit 503, an attribute information setting unit 504, a content storage authentication unit 505, and a content storage addition unit 506. The content storage unit 501 stores image data and may be disposed in the authentication server 500 or may be disposed in a device other than the authentication server 500. The data communication unit 502 serves as an interface between the computer 400 and the authentication server 500 for authentication using ID or password and transmission of image data in step P6 and confirmation of attribute information match in step P9.

  The code extraction unit 503 identifies the image of the code 101 from the document 200 and the image data of the code 101 created in a state where the document 200 is stored in the transparent case 100 to which the code 101 indicating the attribute information of the document 200 is attached. Then, the attribute information of the document 200 is extracted from the identified image of the code 101. In the electronic medical record system, the code extraction unit 503 identifies an image of the QR code from the electronic medical record created in a state where the handwritten medical record is sandwiched between the clear files to which the QR code indicating the patient information of the handwritten medical record is attached, The patient information of the handwritten medical chart is extracted from the identified QR code image (step P7). The attribute information setting unit 504 sets the extracted attribute information of the document 200 as the attribute information of the image data of the document 200. In the electronic medical record system, the attribute information setting unit 504 sets the extracted patient information of the handwritten medical record as the patient information of the electronic medical record (step P8).

  The content storage authentication unit 505 approves storage of the image data of the document 200 when the attribute information set in the image data of the document 200 matches the attribute information of the document 200. In the electronic medical record system, the content storage authentication unit 505 approves the storage of the electronic medical record when the patient information set in the electronic medical record matches the patient information of the handwritten medical record (steps P9 and P10). The content storage / addition unit 506 searches the image data of the document 200 before the update based on the attribute information set in the image data of the document 200, and the image data of the document 200 before the update is searched for the image data of the document 200 after the update. Append to data. In the electronic medical record system, the content storage adding unit 506 searches the electronic medical record before update based on the patient information set in the electronic medical record, and adds the updated electronic medical record to the electronic medical record before updating (step P11). ).

  In the present embodiment, the code 101 indicating the attribute information of the document 200 is attached to the transparent case 100. However, in another embodiment, the code 101 indicating the attribute information that is changed each time the document 200 is updated is It may be attached to the document 200. The transparent case 100 is reused for each update, but the document 200 is created for each update. Therefore, the code 101 indicating the attribute information that is changed each time the document 200 is updated is not the transparent case 100 but the document. It is attached to 200. As attribute information that is changed each time the document 200 is updated, information on the date of update and the changed contents can be given.

  In the image conversion step, the scanner 300 converts the document 200 and the code 101 into image data in a state where the code 101 indicating the attribute information that is changed each time the document 200 is updated is attached to the document 200. The code extraction unit 503 identifies the image of the code 101 from the document 200 and the image data of the code 101 created with the code 101 indicating the attribute information changed every time the document 200 is updated. Then, the attribute information of the document 200 is extracted from the identified image of the code 101.

  The image data to be stored may be image data of only the document 200, or may be image data of both the document 200 and the code 101. When the image data of only the document 200 is stored, the image data of the code 101 is deleted from the image data of the document 200 and the code 101, and the image data of only the document 200 can be browsed. When both the image data of the document 200 and the code 101 are stored, the image data can be easily stored.

  In the present embodiment, the computer 400 performs authentication with the authentication server 500 using an ID or a password. However, in another embodiment, the mobile phone associated with the computer 400 transmits the ID or password to the authentication server 500. Authentication using a password or the like may be performed. The authentication server 500 associates the computer 400 and the mobile phone, and requests the mobile phone for authentication when the computer 400 requests permission to transmit image data. Since the mobile phone and the user are associated with each other on a one-to-one basis, the security of authentication can be enhanced when the mobile phone executes authentication with respect to the authentication server 500.

  The browsing authentication method according to the present invention can be used for an electronic medical record system or the like that can share contents with high security using a simple configuration and shares an electronic medical record between small medical institutions. Can do.

  The document storage method according to the present invention can convert a document into image data by using a simple configuration and store the image data, and can be used in an electronic medical record system that stores an electronic medical record in a small medical institution. Can be used.

1: Authentication server 2: Browsing device 3, 4: Mobile phone 11: Content storage unit 12: Data communication unit 13: Authentication request unit 14: Browsing authentication unit 15: Browsing confirmation unit 16: Browsing registration unit 100: Transparent case 200: Document 300: Scanner 400: Computer 500: Authentication server 101: Code 102: Character 501: Content storage unit 502: Data communication unit 503: Code extraction unit 504: Attribute information setting unit 505: Content storage authentication unit 506: Content storage addition unit

The present invention also relates to the viewing authentication method for sharing content under high security by using a simple configuration.

JP 2005-284703 A JP 2002-197186 A

Specifically, the present invention, the content, the viewers and is registered by the registrant of different the content of the content, viewers phone of the content is, rows to the server for browsing the content dividing the authentication execution step of obtaining authorization to allow viewing of the content in viewing apparatus for viewing the content, when the authentication to allow viewing of the content is successful, the server, the A browsing confirmation step for confirming whether or not the content can be browsed to the mobile phone of the content registrant, and a browsing notification for the mobile phone of the content registrant to notify the server whether or not the content can be browsed a step, when the authorization of viewing of the content has been notified, before hexa over server is, relative to the viewing device, said co Browsing permission step of viewing Ceiling a viewing authentication method characterized by sequentially comprising a.

According to this configuration, since authentication is performed using mobile phones that are difficult to impersonate and are widely spread, it is possible to share content with high security using a simple configuration. Then, after the content viewer side makes a request for browsing to the authentication server, the content registrant side notifies the authentication server of whether or not browsing is possible, and high security is provided between the content viewer side and the registrant side. You can share content with.

Further, the present invention, the viewing device, prior to hexa over server, a browsing request step of requesting browsing of the content, before hexa over server is, the viewing device or the viewer's mobile telephone of the content On the other hand, a browsing authentication method comprising: an authentication requesting step for requesting authentication for permitting browsing of the content before the authentication executing step.

The present invention also viewers phone of the content, with respect to pre-hexa over server, a browsing request step of requesting browsing of the content, before hexa over server is portable viewers of the content An browsing request method comprising: an authentication requesting step for requesting authentication for permitting browsing of the content to a telephone in order before the authentication executing step.

In the present invention, the content is registered by a registrant of the content different from the viewer of the content, and the mobile phone of the registrant of the content browses the content with respect to a server that browses the content. A registration request step for requesting registration to permit browsing of the content on the browsing device, and the server requests the mobile phone of the content registrant to authenticate the server for the registration. A registrant authentication requesting step, a mobile phone of a registrant of the content, which is performed on the server, a registrant authentication executing step for obtaining authentication for requesting the registration from the server, and the browsing device A browsing requesting step for requesting the server to browse the content; and An authentication requesting step for requesting authentication for permitting browsing of the content to the mobile phone of the content viewer, and the mobile phone of the content viewer being made to the server An authentication execution step for obtaining authentication for permitting browsing of the content, and when authentication for permitting browsing of the content is successful, the server, based on the registration, A browsing authorization method comprising: a browsing permission step for browsing the content .

According to this configuration, since authentication is performed using mobile phones that are difficult to impersonate and are widely spread, it is possible to share content with high security using a simple configuration. And even if it is a case where a browsing apparatus makes a browsing request, authentication with high security can be performed using a mobile phone. Furthermore, before the content viewer side makes a request for browsing to the authentication server, the content registrant side notifies the authentication server of permission to browse, and the content viewer side and the registrant side have high security. You can share content with .

In the present invention, the content is registered by a registrant of the content different from the viewer of the content, and the mobile phone of the registrant of the content browses the content with respect to a server that browses the content. A registration request step for requesting registration to permit browsing of the content on the browsing device, and the server requests the mobile phone of the content registrant to authenticate the server for the registration. A registrant authentication requesting step, a mobile phone of a registrant of the content, which is performed on the server, a registrant authentication executing step for obtaining authentication for requesting the registration from the server, and the browsing device A browsing requesting step for requesting the server to browse the content; and the server browsing the content. An authentication requesting step for requesting an authentication for permitting browsing of the content to the mobile phone of the user, and the content on the browsing device, wherein the mobile phone of the viewer of the content is made to the server An authentication execution step for acquiring authentication for permitting browsing of the content and when authentication for permitting browsing of the content is successful, the server sends the content to the browsing device based on the registration. A browsing authentication method , comprising: a browsing permission step for browsing .

According to this configuration, since authentication is performed using mobile phones that are difficult to impersonate and are widely spread, it is possible to share content with high security using a simple configuration. Even when the browsing device is not in the user's hand, high security authentication can be performed using a mobile phone. Furthermore, before the content viewer side makes a request for browsing to the authentication server, the content registrant side notifies the authentication server of permission to browse, and the content viewer side and the registrant side have high security. You can share content with .

Further, the present invention, the content is encrypted, wherein in the authentication step through the viewer's mobile telephone of the content is performed over the previous hexa over server, to allow viewing of the content It acquires authentication for a viewing authentication method and transmits the password to decrypt the encrypted content to the server.

Further, the present invention, the content is encrypted, in the viewing notification step, the registrant of the mobile phone of content, over the previous hexa over server, when notifying the permission of viewing of the content In addition, a browsing authentication method is characterized in that a password for decrypting the encrypted content is transmitted.

In addition, the present invention provides a registration requesting step for requesting registration that a mobile phone of a content registrant permits browsing of the content on a browsing device that browses the content to a server that browses the content; , before Kisa over server is, to subscribers of the mobile phone of the contents, before and registrant authentication request step of the Kito recording requires authentication for determining the server, the registrant of the mobile phone of the contents , before being carried out with respect to hexa over server, when a subscriber authentication execution step of pre Kito book acquires authentication for determining the server, authentication for determining the pre Kito record to the server is successful the front hexa over server executes the pre Kito record, with respect to the viewing device, a viewing authentication method comprising: the read-permitted steps for viewing the content and order.

It is a figure which shows the browsing authentication method of Embodiment 1. FIG. It is a figure which shows the structure of the authentication server of Embodiment 1. FIG. It is a figure which shows the browsing authentication method of Embodiment 2. FIG. It is a figure which shows the structure of the authentication server of Embodiment 2. FIG. It is a figure which shows the browsing authentication method of Embodiment 3. It is a figure which shows the structure of the authentication server of Embodiment 3. It is a figure which shows the browsing authentication method of Embodiment 4. It is a figure which shows the structure of the authentication server of Embodiment 4. It is a figure which shows the browsing authentication method of Embodiment 5. It is a figure which shows the structure of the authentication server of Embodiment 5. It is a figure which shows the browsing authentication method of Embodiment 6. It is a figure which shows the structure of the authentication server of Embodiment 6. It is a figure which shows the browsing authentication method of Embodiment 7. It is a figure which shows the structure of the authentication server of Embodiment 7 .

(Embodiment 1)
The browsing authentication method of Embodiment 1 is shown in FIG. In the first embodiment, the authentication server 1 stores content, the browsing device 2 requests the authentication server 1 to browse the content, and the mobile phone 3 instead of the browsing device 2 authenticates the authentication server 1. I do. The content may be stored in the authentication server 1 or may be stored in a device other than the authentication server 1. The mobile phone performs authentication, but the term “authentication server” is used for convenience in the first embodiment, other embodiments, and modifications.

In the following description of the embodiments 1, applying the embodiment 1 to the electronic medical record system, after the medical institution A registers the electronic medical record to the authentication server 1, the viewing nurses medical institution A is using a viewing device 2 In doing so, a nurse at medical institution A makes a browsing request using browsing device 2, and a doctor at medical institution A authenticates using mobile phone 3.

The browse request step, nurses medical institution A is, issues a browse request in browsing device 2. Specifically, the browsing device 2 acquires a user instruction and requests the authentication server 1 to browse content (step S1). In the authentication requesting step, the authentication request unit 13 requests the browsing device 2 or the mobile phone 3 for authentication for browsing content (step S2). In the authentication execution step, the mobile phone 3 acquires the user instruction after notifying the user of the authentication request, and performs authentication for requesting to browse the content to the authentication server 1 (step S3).

A first case in which the authentication request unit 13 requests authentication only from the browsing device 2 will be described. First, a nurse using the browsing device 2, a doctor using a mobile phone 3 against, to require authentication. Here, the request for authentication may be made verbally or by wireless communication from the browsing device 2 to the mobile phone 3. Next, the doctor using the mobile phone 3 performs authentication.

A second case in which the authentication request unit 13 requests authentication only from the mobile phone 3 will be described. In the second case, the request for authentication in the first case is unnecessary, and the doctor using the mobile phone 3 performs the authentication. Therefore, even if the doctor to use a mobile phone 3 is not away from the nurse using the browsing device 2, nurse a doctor without having to contact the doctor can perform the authentication.

In the following description of the third embodiment, by applying the third embodiment to the electronic medical record system, after the medical institution A registers the electronic medical record to the authentication server 1, the viewing nurses medical institutions B by using the browsing device 2 In doing so, a nurse at medical institution B makes a browsing request using browsing apparatus 2, and a doctor at medical institution B authenticates using mobile phone 3. Then, after authentication from the mobile phone 3 of the doctor of the medical institution B is performed, the browsing permission from the mobile phone 4 of the doctor of the medical institution A is granted.

In the following description of Embodiment 5, after applying Embodiment 5 to an electronic medical record system and medical institution A registers the electronic medical record in authentication server 1, a nurse at medical institution B uses the browsing device 2 to browse. In doing so, a nurse at medical institution B makes a browsing request using browsing apparatus 2, and a doctor at medical institution B authenticates using mobile phone 3. Then, before the authentication from the mobile phone 3 of the doctor of the medical institution B is performed, the viewing permission from the mobile phone 4 of the doctor of the medical institution A is granted.

1: Authentication server 2: Browsing device 3, 4: Mobile phone 11: Content storage unit 12: Data communication unit 13: Authentication request unit 14: Browsing authentication unit 15: Browsing confirmation unit 16: Browsing registration unit

Claims (13)

An authentication execution step in which a mobile phone performs authentication for requesting browsing of the content on a browsing device that browses the content, with respect to an authentication server that determines whether or not the content can be browsed;
When the authentication requesting the browsing of the content is successful, the authentication server permits the browsing device to browse the content;
Are provided in order. A browsing request step in which the browsing device requests the authentication server to browse the content;
An authentication requesting step in which the authentication server requests the browsing device or the mobile phone for authentication for browsing the content;
The browsing authentication method according to claim 1, wherein the browsing authentication method is sequentially provided before the authentication execution step. A browsing request step in which the mobile phone requests the authentication server to browse the content;
An authentication request step in which the authentication server requests the mobile phone for authentication for browsing the content;
The browsing authentication method according to claim 1, wherein the browsing authentication method is sequentially provided before the authentication execution step. The content is registered by a registrant of the content different from the viewer of the content,
When the authentication requesting to browse the content is successful, the authentication server confirms whether or not the content can be browsed with respect to the mobile phone of the registrant of the content;
A browsing notification step in which the mobile phone of the content registrant notifies the authentication server of whether the content can be browsed,
In order between the authentication execution step and the browsing permission step,
4. The browsing permission step, wherein the authentication server permits the browsing device to browse the content when notified of permission to browse the content. Any of the browsing authentication methods described in. The content is registered by a registrant of the content different from the viewer of the content,
A registration request step in which the mobile phone of the content registrant requests registration to permit the browsing of the content on the browsing device to the authentication server;
The authentication server requesting authentication for requesting registration to permit viewing of the content to the mobile phone of the content registrant;
A registrant authentication execution step in which the mobile phone of the registrant of the content authenticates the authentication server for registration to permit browsing of the content;
In order before the browsing request step,
2. The browsing permission step, wherein the authentication server permits the browsing device to browse the content based on registration for permitting the browsing of the content on the browsing device. The browsing authentication method according to any one of claims 1 to 3. The content is encrypted;
In the authentication execution step, the mobile phone performs authentication for browsing the content and transmits a password for decrypting the encrypted content to the authentication server. The browsing authentication method according to 1. The content is encrypted;
In the browsing notification step, the mobile phone of the content registrant transmits a password for decrypting the encrypted content when notifying the authentication server of permission to browse the content. The browsing authentication method according to claim 4, wherein the browsing authentication method is characterized. A registration request step for requesting registration to permit browsing of the content in a browsing device that browses the content to an authentication server that determines whether the content registrant's mobile phone can browse the content;
The authentication server requesting authentication for requesting registration to permit viewing of the content to the mobile phone of the content registrant;
A registrant authentication execution step in which the mobile phone of the registrant of the content authenticates the authentication server for registration to permit browsing of the content;
When authentication for requesting registration to permit browsing of the content is successful, the authentication server performs registration to permit browsing of the content on the browsing device, and the content on the browsing device A permission step to allow viewing,
Are provided in order. An image conversion step in which the scanner converts the document and the code into image data in a state where the document is stored in a transparent case with a code indicating attribute information of the document;
The authentication server that approves storage of the image data of the document identifies the image of the code from the image data of the document and the code, extracts attribute information of the document from the identified image of the code, and extracts the extracted An attribute information setting step for setting attribute information of the document as attribute information of the image data of the document;
In order.   In the image conversion step, the scanner converts the document and the code into image data in a state where a code indicating attribute information that is changed each time the document is updated is attached to the document. The document storage method according to claim 9. A storage authentication step for authorizing the storage of the image data of the document when the authentication server matches the attribute information set in the image data of the document and the attribute information of the document;
The document storage method according to claim 9 or 10, further comprising: after the attribute information setting step. The authentication server searches the image data of the document before update based on the attribute information set in the image data of the document, and uses the image data of the document after update as the image data of the document before update. Add document step,
The document storage method according to claim 9 or 10, further comprising: after the attribute information setting step. The authentication server searches the image data of the document before update based on the attribute information set in the image data of the document, and uses the image data of the document after update as the image data of the document before update. Add document step,
The method according to claim 11, further comprising: after the storage authentication step.

Images