JP2012238935A - Name management server and access control method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To reduce processing load for managing public keys by reducing registration data amounts of public keys.SOLUTION: A DNS server 10 registers a predetermined domain name and a group public key in association with a key information storage unit, on receiving a registration request to register the predetermined domain name and the group public key in association. Also, on receiving a search request to search for an IP address corresponding to the predetermined domain name, the DNS server 10 acquires the group public key corresponding to the predetermined domain name from the key information storage unit, and verifies authenticity of a group signature included the search request by using the group public key. Then, when it is verified that the group signature is authentic, the DNS server 10 searches for the IP address corresponding to the predetermined domain name, and transmits the IP address to a request source of the search request.

Description

  The present invention relates to a name management server and an access control method.

  2. Description of the Related Art Conventionally, a service by a name management system (DNS: Domain Name System) that manages a domain name and an IP address (Internet Protocol Address) in association with each other is provided to Internet users. BIND (Berkeley Internet Name Domain), which is such DNS software, implements access control in units of IP addresses.

  However, access control in units of IP addresses by BIND cannot prevent IP spoofing that spoofs the source IP address, and may not be compatible with DHCP (Dynamic Host Configuration Protocol), which is a protocol that dynamically allocates IP addresses. is there. For this reason, an access control method using SIG (0) using a public key signature is known as a method capable of preventing IP spoofing and supporting DHCP.

“Review of access control protocol in DNS”, [online], [searched on April 13, 2011], Internet <http://ci.nii.ac.jp/naid/110004028896>

  However, in the above-described access control method using SIG (0), public keys are registered for the number of users accessing the registration data, with respect to the registration data of one domain name on the DNS server side. For this reason, when the number of accessing users is enormous, it is necessary to register a large amount of public keys for one piece of registration data. As a result, the registration data amount of the public key becomes enormous, and there is a problem that the processing load for managing the public key is large.

  Accordingly, the present invention has been made to solve the above-described problems of the prior art, and an object thereof is to reduce a processing load for managing a public key.

  In order to solve the above-described problems and achieve the object, the name management server according to the present invention receives the registration request for registering the predetermined name information and the group public key in association with each other. The search request receiving unit has received a search request for searching for address information including a group signature and corresponding to predetermined name information, and a registration unit that stores the name information and group public key in association with each other in the storage unit An access control unit that obtains a group public key corresponding to the predetermined name information from the storage unit, and verifies the validity of the group signature included in the search request using the group public key; When the access control unit verifies that the group signature is valid, address information corresponding to the name information retrieved from the storage unit is sent to the request source of the retrieval request. And having a search response unit for.

  The access control method according to the present invention is an access control method executed by a name management server, and when a registration request for registering predetermined name information and a group public key in association is received, When a registration process for storing the predetermined name information and the group public key in association with each other in the storage unit and a search request for searching for address information including the group signature and corresponding to the predetermined name information are received, An access control step of acquiring a group public key corresponding to the predetermined name information from the storage unit, and verifying a validity of a group signature included in the search request using the group public key; and the access control step If the group signature is verified as valid by requesting address information corresponding to the name information retrieved from the storage unit Characterized in that it includes a search response process to be sent to.

  According to the name management server and the access control method according to the embodiment, the processing load for managing the public key can be reduced.

FIG. 1 is a diagram for explaining the configuration of the name management system according to the first embodiment. FIG. 2 is a block diagram illustrating the configuration of the DNS server according to the first embodiment. FIG. 3 is a diagram illustrating an example of the address information table. FIG. 4 is a diagram illustrating an example of the key information table. FIG. 5 is a diagram for explaining the group signature. FIG. 6 is a diagram illustrating an example of the structure of a resource record. FIG. 7 is a sequence diagram illustrating the flow of registration processing by the DNS server according to the first embodiment. FIG. 8 is a sequence diagram illustrating the flow of access control processing by the DNS server according to the first embodiment. FIG. 9 is a diagram illustrating that information processing by the access control program according to the disclosed technique is specifically realized using a computer.

  Exemplary embodiments of a name management server and an access control method according to the present invention will be described below in detail with reference to the accompanying drawings. Note that the present invention is not limited to the embodiments.

  In the following embodiment, the configuration of the name management system according to the first embodiment, the configuration of the DNS server device, and the flow of processing will be described in order, and finally the effects of the first embodiment will be described.

[Configuration of Name Management System]
First, the name management system according to the first embodiment will be described with reference to FIG. FIG. 1 is a diagram for explaining the configuration of the name management system according to the first embodiment. As illustrated in FIG. 1, the name management system 1 according to the first embodiment includes a DNS server 10, a user terminal 20, and a management terminal 30. The DNS server 10, the user terminal 20, and the management terminal 30 are connected via the Internet 40. Although FIG. 1 shows an example in which each device of the DNS server 10, the user terminal 20, and the management terminal 30 is one, a plurality of devices may be provided.

  The DNS server 10 manages the correspondence between the domain name and the IP address for the range of the name space managed by the DNS server 10. The DNS server 10 receives a query request for requesting an IP address corresponding to a predetermined domain name (for example, “www.exaple.jp”) from the user terminal 20. When the DNS server 10 receives the query request, the DNS server 10 returns an IP address corresponding to the domain name to the user terminal 20. The detailed configuration of the DNS server 10 will be described in detail later with reference to FIG.

  The user terminal 20 encrypts a public key (hereinafter referred to as a group public key) used for a group signature that can authenticate whether its own device belongs to a group, a member certificate that proves membership of the group, and a group signature. It holds a signature key, which is a private key to be converted.

  Further, when transmitting a query request for requesting an IP address to the DNS server 10, the user terminal 20 generates a group signature using the group public key, member certificate, and signature key. Then, the user terminal 20 transmits a query request including information related to access control and a message to the DNS server 10.

  The management terminal 30 requests the DNS server 10 to register a group public key. For example, the management terminal 30 receives a group public key used by the user terminal 20, and sends a request to store the received group public key and the domain name of the terminal / server accessed by the user terminal 20 in association with each other. Send to server 10.

[Configuration of DNS server]
Next, the configuration of the DNS server 10 shown in FIG. 1 will be described with reference to FIG. FIG. 2 is a block diagram illustrating the configuration of the DNS server according to the first embodiment. As shown in FIG. 2, the DNS server 10 includes a communication control I / F 11, a control unit 12, and a storage unit 13, and is connected to the user terminal 20 and the management terminal 30 via the Internet 40. The processing of each of these units will be described below.

  The communication control I / F 11 controls communication related to various information exchanged between the user terminal 20 and the management terminal 30 connected to the Internet 40. Specifically, the communication control I / F 11 receives a registration request including information related to the domain name and information related to the group public key from the management terminal 30, and transmits a registration response that is a response indicating registration to the management terminal 30. . Further, the communication control I / F 11 receives a query request for requesting an IP address corresponding to the domain name, and transmits an IP address or an error message to the user terminal 20 as a response to the request.

  The storage unit 13 is, for example, a semiconductor memory device such as a RAM (Random Access Memory) or a flash memory, a hard disk, an optical disk, and the like, and stores various types of information. For example, as shown in FIG. 2, the storage unit 13 includes an address information storage unit 13a and a key information storage unit 13b.

  The address information storage unit 13a stores a domain name, an IP address, and information on presence / absence of access control in association with each other. For example, as illustrated in FIG. 3, the address information storage unit 13 a stores the domain name “abc.sample.co.jp”, the IP address “192.168.01”, and the access control “present” in association with each other. . FIG. 3 is a diagram illustrating an example of the address information table. Here, the access control “present” means an IP address corresponding to the domain name when the authentication process using the public key or the group public key is performed as the access control and the validity of the group signature or signature is valid. Is transmitted to the user terminal 20. Further, “no access” means that the IP address corresponding to the domain name is transmitted to the user terminal 20 without performing authentication processing.

  For example, referring to the example of FIG. 3, when the DNS server 10 receives a query request for requesting an IP address corresponding to the domain name “abc.sample.co.jp” from the user terminal 20, the DNS server 10 accesses Since the control is “Yes”, an authentication process using a public key or a group public key is performed as access control. Then, the DNS server 10 returns the IP address “192.168.01” corresponding to the domain name “abc.sample.co.jp” to the user terminal 20 when the group signature or the validity of the signature is valid. To do.

  The key information storage unit 13b stores the domain name and the group public key in association with each other. For example, as illustrated in FIG. 4, the key information storage unit 13b stores the domain name “abc.sample.co.jp” and the group public key “0x34d2a36b” in association with each other. FIG. 4 is a diagram illustrating an example of the key information table. That is, as will be described in detail later in the description of the process of the access control unit 124, when there is a query request for requesting an IP address search corresponding to the domain name “abc.sample.co.jp”, the group release This means that a process of verifying the validity of the group signature is performed using the key “0x34d2a36b”.

  The control unit 12 controls various processes executed in the DNS server 10. Specifically, as shown in FIG. 2, the control unit 12 includes a DNS basic function unit 12a and a group signature function unit 12b. The DNS basic function unit 12a performs basic DNS processing. The group signature function unit 12b performs processing for verifying the validity of the group signature. The DNS basic function unit 12 a includes a registration unit 121, a search request reception unit 122, and a search response unit 123. The group signature function unit 12 b includes an access control unit 124. Each part will be described below.

  When the registration unit 121 receives a registration request for registering a domain name and a group public key in association with each other, the registration unit 121 registers a predetermined domain name and a group public key in association with each other in the key information storage unit 13b. Specifically, when receiving a request for registering the group public key used for the group signature from the management terminal 30, the registration unit 121 registers the group public key requested to be registered in the key information storage unit 13b. Then, the registration unit 121 transmits a response indicating that it has been registered to the management terminal 30.

  The search request receiving unit 122 receives a query request for requesting a search for an IP address corresponding to a domain name. The query request received by the search request receiving unit 122 includes a message that is information about access control and information about the domain name.

  Here, the group signature will be described with reference to FIG. FIG. 5 is a diagram for explaining the group signature. As shown in FIG. 5, the user terminal 20 side holds a signature key (i), a member certificate (i), a message, and a group public key. Then, the user terminal 20 generates a group signature by using the signature key, the member certificate, the message, and the group public key, and transmits information on the message and access control to the DNS server 10.

  Here, the data structure of the information regarding the message and access control which the user terminal 20 transmits is demonstrated using FIG. FIG. 6 is a diagram illustrating an example of the structure of a resource record. The user terminal 20 transmits data having a SIG (0) resource record structure as illustrated in FIG. 6 to the DNS server 10 as a query request including information on the message and access control. As shown in FIG. 6, the SIG (0) resource record includes “message” that is information related to the domain name and “information related to access control”.

  The message of the SIG (0) resource record includes “NAME”, “TYPE”, “CLASS”, “TTL”, and “RDLENGTH”. NAME is data having a variable data length and indicating a domain name. TYPE is data having a data length of 16 bits and indicating the type of resource stored in the resource record. CLASS is data having a data length of 16 bits and indicating the class of the resource record. TTL is data having a data length of 16 bits and indicating the expiration date of the record. RDLENGTH is data having a data length of 16 bits and indicating information on the data size.

  In addition, information related to access control of the SIG (0) resource record includes “Type Covered”, “Algorithm Number”, “Labels”, “Original TTL”, “Signature Expiration”, “Signature Acceptance”, “Ky,” “Signer's Name” and “Signature” are included.

  Type Covered is data having a data length of 16 bits and indicating the type of resource record to be signed. The Algorithm Number is data having a data length of 8 bits and indicating whether or not a group signature is used. Labels is data having a data length of 8 bits and indicating the number of labels as the zone depth, and a value of “0” is set in the SIG (0) resource record. Original TTL has a data length of 32 bits and is data indicating the expiration date of the record. A value of “0” is set in the SIG (0) resource record.

  Signature Expiration is data that has a data length of 32 bits and indicates the expiration date of the signature. Signature Inception is data having a data length of 32 bits and indicating a signature time. Key Tag is data having a data length of 8 bits and indicating a key ID. “Signer's Name” is data having a variable data length and indicating the name of the signed user terminal 20. Signature is data having a variable data length and indicating a group signature.

  Returning to the description of FIG. 5, for example, when the user terminal 20 generates a signature from a signature key, a member certificate, a message, and a group public key, the group signature is used in the “Algorithm Number” of the SIG (0) resource record. The value shown is set, and the generated signature data is set in the “Signature” field. Then, the user terminal 20 transmits a query request including information related to the message and access control to the DNS server 10.

  When the search request receiving unit 122 of the DNS server 10 receives the query request from the user terminal 20, the search request receiving unit 122 acquires the IP address for the domain name and the presence / absence of access control using SIG (0) from the address information storage unit 13a. To do. Subsequently, the search request receiving unit 122 determines whether the acquisition result is access control using SIG (0). As a result, if the search request receiving unit 122 determines that the acquisition result is that there is no access control using SIG (0), the search request receiving unit 122 issues an instruction to generate a response message including the IP address together with the IP address. The search response unit 123 is notified.

  In addition, when it is determined that the acquisition result includes access control using SIG (0), the search request reception unit 122 determines whether the query request includes a SIG (0) resource record. As a result, when it is determined that the SIG (0) resource record is included, the search request receiving unit 122 checks the value of the Algorithm Number field of the SIG (0) resource record, and the group signature is used. Judgment is made.

  As a result, when it is determined that the group signature is used, the search request receiving unit 122 transmits a message and information related to access control to the access control unit 124 of the group signature function unit 12b.

  In addition, if the search request reception unit 122 determines that the SIG (0) resource record is included in the query request but the group signature is not used, the search request reception unit 122 uses the public key as in the conventional method. The signature data is verified, and the verification result is transmitted to the search response unit 123. In addition, if the SIG (0) resource record is not included in the query request, the search request receiving unit 122 notifies the search response unit 123 of an instruction to generate an error message without performing verification processing. .

  When it is verified that the group signature is valid, the search response unit 123 transmits an IP address corresponding to the domain name searched from the address information storage unit 13a to the request source of the search request. Specifically, when receiving a verification result from the search request receiving unit 122 or the access control unit 124, the search response unit 123 determines whether the group signature or the validity of the signature is valid based on the verification result.

  As a result, when the group signature or the validity of the signature is valid, the search response unit 123 generates a response message including the IP address received from the search request reception unit 122 and transmits the response message to the user terminal 20. To do. Further, if the group signature or the validity of the signature is not valid, the search response unit 123 generates an error message and transmits the error message to the user terminal 20. When the search response unit 123 receives an instruction from the search request reception unit 122 to generate a response message including the IP address, the search response unit 123 generates a response message including the IP address received from the search request reception unit 122 and generates a response message. Is transmitted to the user terminal 20. In addition, when receiving an instruction to generate an error message from the search request receiving unit 122, the search response unit 123 generates an error message and transmits the error message to the user terminal 20.

  The access control unit 124 controls access to the user terminal 20 using the group public key. Specifically, when the access control unit 124 receives a message and information related to access control from the search request receiving unit 122, the access control unit 124 extracts a domain name (“NAME” illustrated in FIG. 6) included in the message, and sets it as the domain name. The corresponding group public key is acquired from the key information storage unit 13b. Then, the access control unit 124 verifies the group signature using the acquired group public key, and notifies the search response unit 123 of a verification result indicating whether the validity of the group signature is valid.

  In this way, the DNS server 10 performs group signature verification using the group public key, thereby improving the security in the DNS and reducing the registration data amount of the public key managed on the DNS server 10 side. The processing load for managing public keys can be reduced.

[Processing by DNS server device]
Next, processing performed by the DNS server 10 according to the first embodiment will be described with reference to FIGS. 7 and 8. FIG. 7 is a sequence diagram illustrating the flow of registration processing by the DNS server according to the first embodiment. FIG. 8 is a sequence diagram illustrating the flow of access control processing by the DNS server according to the first embodiment.

  First, the flow of registration processing by the DNS server will be described with reference to FIG. As shown in FIG. 7, the DNS basic function unit 12a of the DNS server 10 receives a registration request for registering a group public key used for verification of a group signature from the management terminal 30 (step S101). For example, the DNS basic function unit 12a receives a set of a group public key and a domain name as a registration request.

  Then, the DNS basic function unit 12a associates the group public key requested for registration with the domain name, registers them in the key information storage unit 13b, and subsequently registers the domain name requested for registration and information with access control. Are registered in the address information recording unit 13a (step S102). Note that when the information with access control has already been registered in the address information recording unit 13a, the registration information is not changed. Then, the registration unit 121 transmits a response indicating that it has been registered to the management terminal 30 (step S103). Thus, since the DNS server 10 registers the group public key in the key information storage unit 13b, the number of public keys to be managed can be reduced as compared with the case of registering public keys for the number of users. The public key management burden can be reduced.

  Next, the flow of access control processing by the DNS server 10 will be described with reference to FIG. As shown in FIG. 8, the DNS basic function unit 12a of the DNS server 10 accepts a query request for requesting a search for an IP address corresponding to a domain name (step S201). Then, the DNS basic function unit 12a acquires the IP address for the domain name and information on the presence / absence of access control using SIG (0) from the address information storage unit 13a (step S202).

  Subsequently, the DNS basic function unit 12a determines whether the acquisition result is access control using SIG (0) (step S203). As a result, if the DNS basic function unit 12a determines that the acquisition result is that there is no access control using SIG (0) (No in step S203), the DNS basic function unit 12a generates a response message including the IP address acquired in S202. (Step S214), a response message is transmitted to the user terminal 20 (Step S215).

  In addition, when the DNS basic function unit 12a determines that the acquisition result is access control using SIG (0) (Yes in Step S203), the SIG (0) resource record is included in the query request received in S201. It is determined whether it is included (step S204).

  As a result, when it is determined that the SIG (0) resource record is included (Yes at Step S204), the DNS basic function unit 12a checks the value of the Algorithm Number field of the SIG (0) resource record (Step S204). S205), it is determined whether the group signature is used (step S206). As a result, when it is determined that the group signature is used (Yes at Step S206), the DNS basic function unit 12a transmits information on the message and access control to the group signature function unit 12b (Step S208). .

  The group signature function unit 12b verifies the group signature using the group public key (step S209). Specifically, when the group signature function unit 12b receives information about the message and access control from the DNS basic function unit 12a, the group signature function unit 12b extracts the domain name (“NAME” illustrated in FIG. 6) included in the message, Is obtained from the key information storage unit 13b. Then, the group signature function unit 12b performs group signature verification using the acquired group public key.

  Then, after performing verification, the group signature function unit 12b notifies the DNS basic function unit 12a of a verification result indicating whether the validity of the group signature is valid (step S210). Subsequently, when receiving the verification result, the DNS basic function unit 12a determines whether the group signature or the validity of the signature is valid (described as “verification OK” in FIG. 8) based on the verification result (step S211).

  As a result, when the group signature or the validity of the signature is not valid (No at Step S211), the DNS basic function unit 12a generates an error message (Step S212) and transmits the error message to the user terminal 20 (Step S212). S213). In addition, when the group signature or the validity of the signature is valid (Yes at Step S211), the DNS basic function unit 12a generates a response message including the IP address acquired at S202 (Step S214). It transmits to the user terminal 20 (step S215).

  Returning to the description of S204, if the DNS basic function unit 12a determines that the SIG (0) resource record is not included (No in Step S204), it generates an error message (Step S214). It transmits to the user terminal 20 (step S215).

  Returning to the description of S206, if the DNS basic function unit 12a determines that the group signature is not used (No at Step S206), the public key is used for the signature data as in the previous method. Verification is performed (step S207). When the DNS basic function unit 12a receives the verification result, the DNS basic function unit 12a determines whether the group signature or the validity of the signature is valid based on the verification result (step S211).

  As a result, when the group response or the validity of the signature is not valid (No at Step S211), the DNS basic function unit 12a generates an error message (Step S212), and the error message is sent to the user terminal. 20 (step S213). In addition, when the group signature or the validity of the signature is valid (Yes at Step S211), the DNS basic function unit 12a generates a response message including the IP address acquired at S202 (Step S214). It transmits to the user terminal 20 (step S215).

[Effect of Example 1]
As described above, when the DNS server 10 receives a registration request for registering a predetermined domain name and a group public key in association with each other, the DNS server 10 associates the predetermined domain name and the group public key with a key. Register in the information storage unit 13b. Further, when the DNS server 10 receives a search request for searching for an IP address corresponding to a predetermined domain name, the DNS server 10 acquires a group public key corresponding to the predetermined domain name from the key information storage unit 13b. The validity of the group signature included in the search request is verified using the public key. When it is verified that the group signature is valid, the DNS server 10 searches for the IP address corresponding to the domain name, and transmits the IP address to the request source of the search request. Thus, since the DNS server 10 registers the group public key in the key information storage unit 13b, the number of public keys to be managed can be reduced as compared with the case of registering public keys for the number of users. The public key management burden can be reduced. As a result, the DNS server 10 can reduce the registration data amount of the public key and reduce the processing load for managing the public key.

  According to the first embodiment, when the DNS server 10 receives a search request, the DNS server 10 determines whether the search request uses a group signature, and the search request uses a group signature. In this case, the group public key corresponding to the domain name is acquired from the key information storage unit 13b, and the validity of the group signature included in the search request is verified using the group public key. For this reason, the DNS server 10 can easily determine whether the search request uses the group signature as a result of knowing that the group signature is easily used simply by checking the Algorithm Number.

  Also, according to the first embodiment, when it is determined that the search request does not use the group signature, the DNS server 10 searches for an IP address corresponding to the domain name, and uses the IP address of the search request. Send to requester. Therefore, when the search request does not use the group signature, the search process can be performed without performing the verification process, and the search request without using the group signature can be dealt with.

  Incidentally, the name management system according to the first embodiment may be implemented in various different forms other than the above-described embodiments. Therefore, in a second embodiment, another embodiment of the name management system will be described.

[System configuration]
Of the processes described in this embodiment, all or a part of the processes described as being automatically performed can be manually performed, or the processes described as being performed manually can be performed. All or a part can be automatically performed by a known method. In addition, the processing procedures, control procedures, specific names, and information including various data and parameters shown in the above-described document and drawings can be arbitrarily changed unless otherwise specified.

  Further, each component of each illustrated apparatus is functionally conceptual, and does not necessarily need to be physically configured as illustrated. That is, the specific form of distribution / integration of each device is not limited to the one shown in the figure, and all or a part of the distribution / integration may be functionally or physically distributed in arbitrary units according to various loads or usage conditions. Can be integrated and configured.

[program]
FIG. 9 is a diagram illustrating that information processing by the access control program according to the disclosed technique is specifically realized using a computer. As illustrated in FIG. 9, the computer 3000 includes, for example, a memory 3010, a CPU (Central Processing Unit) 3020, a hard disk drive interface 3030, a disk drive interface 3040, a serial port interface 3050, a video adapter 3060, Network interface 3070. Each part of the computer 3000 is connected by a bus 3100.

  The memory 3010 includes a ROM 3011 and a RAM 3012 as illustrated in FIG. The ROM 3011 stores a boot program such as BIOS (Basic Input Output System). The hard disk drive interface 3030 is connected to the hard disk drive 3080 as illustrated in FIG. The disk drive interface 3040 is connected to the disk drive 3090 as illustrated in FIG. For example, a removable storage medium such as a magnetic disk or an optical disk is inserted into the disk drive 3090. The serial port interface 3050 is connected to, for example, a mouse 3051 and a keyboard 3052 as illustrated in FIG. The video adapter 3060 is connected to, for example, a display 3061 as illustrated in FIG.

  Here, as illustrated in FIG. 9, the hard disk drive 3080 stores, for example, an OS 3081, an application program 3082, a program module 3083, and program data 3084. In other words, the update program according to the disclosed technology is stored in, for example, the hard disk drive 3080 as the program module 3083 in which instructions executed by the computer are described. Specifically, a program module in which a procedure for executing the same information processing as each unit of the control unit 12 described in the above embodiment is described is stored in the hard disk drive 3080.

  Further, like data stored in the storage unit 13 described in the above embodiment, data used for information processing by the access control program is stored as program data 3084 in, for example, the hard disk drive 3080. The CPU 3020 reads the program module 3083 and program data 3084 stored in the hard disk drive 3080 to the RAM 3012 as necessary, and executes various procedures.

  Note that the program module 3083 and the program data 3084 related to the access control program are not limited to being stored in the hard disk drive 3080. For example, the program module 3083 and the program data 3084 may be stored in a removable storage medium. In this case, the CPU 3020 reads data via a removable storage medium such as a disk drive. Similarly, the program module 3083 and the program data 3084 related to the access control program may be stored in another computer connected via a network (LAN (Local Area Network), WAN (Wide Area Network), etc.). good. In this case, the CPU 3020 reads various data by accessing another computer via the network interface.

[Others]
Note that the access control program described in this embodiment can be distributed via a network such as the Internet. The control program can also be executed by being recorded on a computer-readable recording medium such as a hard disk, a flexible disk (FD), a CD-ROM, an MO, and a DVD, and being read from the recording medium by the computer.

1 Name management system 10 DNS server 11 Communication control I / F
DESCRIPTION OF SYMBOLS 12 Control part 12a DNS basic function part 12b Group signature function part 121 Registration part 122 Search request reception part 123 Search response part 124 Access control part 13 Storage part 13a Address information storage part 13b Key information storage part 20 User terminal 30 Management terminal 40 Internet 3000 Computer 3010 Memory 3030 Hard disk drive interface 3040 Disk drive interface 3050 Serial port interface 3051 Mouse 3052 Keyboard 3060 Video adapter 3061 Display 3070 Network interface 3080 Hard disk drive 3082 Application program 3083 Program module 3084 Program data 3090 Disk drive 3100 Scan

Claims (4)

A registration unit that stores the predetermined name information and the group public key in a storage unit in association with each other when a registration request for registering the predetermined name information and the group public key is received;
When a search request for searching for address information including a group signature and corresponding to predetermined name information is received, a group public key corresponding to the predetermined name information is acquired from the storage unit, and the group public key is acquired. Using an access control unit for verifying the validity of the group signature included in the search request;
A search response unit that transmits address information corresponding to the name information searched from the storage unit to a request source of a search request when the access control unit verifies that the group signature is valid. A name management server characterized by this.   When the access control unit receives the search request, the access control unit uses the group signature based on information indicating whether to use the group signature included in the search request. If the search request uses the group signature, a group public key corresponding to the name information is obtained from the storage unit and is included in the search request using the group public key. The name management server according to claim 1, wherein validity of the group signature to be verified is verified.   If the access control unit determines that the search request does not use a group signature, the search response unit searches for address information corresponding to the name information, and searches for the searched address information. The name management server according to claim 2, wherein the name management server transmits the request to the request source. An access control method executed by the name management server,
A registration step of storing the predetermined name information and the group public key in a storage unit in association with each other when a registration request for registering the predetermined name information and the group public key is received;
When a search request for searching for address information including a group signature and corresponding to predetermined name information is received, a group public key corresponding to the predetermined name information is acquired from the storage unit, and the group public key is acquired. An access control step for verifying the validity of the group signature included in the search request;
A search response step of transmitting address information corresponding to the name information searched from the storage unit to a request source of a search request when the access control step verifies that the group signature is valid. An access control method characterized by that.

Images