JP2016004300A - Management system and management method for electronically signed document - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a system which is high in safety easily at low cost for managing an electronically signed document such as a contract document or an approval document.SOLUTION: A management system includes a management device 1 for mediating a contract document or an approval document. The data of an electronically signed document F1 of a format such as a PDF are transmitted (uploaded) from a terminal (a) of a first user A via an encrypted first communication path 21 to the management device 1, and an address (URL) and signing request of the document F1 in the management device 1 is reported via a second communication path 22 to terminals b, d of second users B, D who request signing. The terminals b, d of the second users B, D which have received the request receive (download) the data of the document F1 via the first communication path 21, and when the data of the document F1 are appropriate, transmit data indicating the possibility of signing and the data of a seal impression via the first communication path 21, and concerned users A to D are able to browse the document by the designated address (URL).

Description

  The present invention relates to a method and apparatus for managing an electronic signature document, and the signature document relates to a signature signed by one or a plurality of users, such as a contract or an approval document.

  For example, Patent Document 1 and Patent Document 2 are given as conventional techniques for handling the electronic signature document as described above.

  Patent Document 1 provides a service for creating and managing a contract when an orderer enters into a contract with a business partner, calculates a stamp tax amount that was previously required from the contract amount of the contract, and calculates the stamp tax amount. The information processing apparatus is configured to charge a predetermined rate as a fee.

  On the other hand, in Patent Document 2, the approver terminal obtains an electronic contract before approval from the contractor terminal of the first user and transmits it to the contractor terminal of the second user. If an answer to the above is obtained, an electronic signature of the approver is attached, third-party authentication is performed, and it is transmitted to each contractor's terminal via the system management computer. This is a computerized contract authentication system that can be used in the future.

JP 2014-35757 A JP 2010-79682 A

  In the prior art of Patent Document 1, it is only shown that the contract is made between the parties and the contract document is stored. Therefore, there is a problem that the safety of the contract is not sufficiently secured, is troublesome, costs high, and can only be applied to contracts between companies familiar with contracts.

  On the other hand, in the prior art of Patent Document 2, a third party becomes an approver, and functions like a notary public, so that each contractor can obtain the authenticity of the contract without acquiring a complicated electronic signature. It is what is collateralized. Then, the approver terminal inquires of the system management computer whether the contractor is a valid contractor. Therefore, the parties to the contract do not sign, and the contract is also exchanged by ordinary e-mail, so there is a safety problem.

  An object of the present invention is to provide an electronic signature document management system and management method capable of realizing a simple, low-cost and highly secure system when managing electronic signature documents such as contracts. .

  An electronic signature document management system according to the present invention is a system for managing an electronic document by appropriately applying an electronic signature to a digitized document among a plurality of users so that the document can be browsed. A management apparatus, an encrypted first communication path connecting each terminal and the management apparatus, and a second communication path connecting each terminal and between each terminal and the management apparatus The first user terminal transmits (uploads) the digitized document data to the management apparatus via the first communication path, and requests one or more second usages. To the user terminal via the second communication path, the document address and the signature request in the management apparatus are notified, and the second user terminal receiving the request sends the first communication from the management apparatus. Document data is received (downloaded) via the path The electronic signature data accompanying the confirmation of the content is transmitted (uploaded) to the management apparatus via the first communication path, and the management apparatus uses the address to convert the digitized document with the electronic signature attached thereto. It is stored so that it can be viewed (downloaded) via the first communication path.

  The electronic signature document management method of the present invention is a method for managing an electronic document by appropriately applying an electronic signature among a plurality of users so that the electronic document can be viewed. Transmitting (uploading) the digitized document data from the terminal to the management apparatus via the encrypted first communication path, and the second usage from the first user terminal Notifying the user's terminal of the address of the document in the management apparatus via the second communication path, and the one or more second users requesting the signature from the terminal of the first user. A step of transmitting a signature request to a terminal via a second communication path; and a second user terminal receiving the request sends document data from the management apparatus via the first communication path. Receiving (downloading) and the end of the second user Transmitting (uploading) the electronic signature data accompanying the confirmation of the document content to the management apparatus via a first communication path, and the management apparatus is an electronic document to which the electronic signature is attached. Is stored at the address so as to be viewable (downloadable) from the user's terminal via the first communication path.

  According to the above configuration, in order to digitize documents such as contracts and proposals (drafts and drafts) that are appropriately signed by multiple users, you will not be a party to that contract or request. Rather, it is connected to the party via a communication line, mediates the contract and the request, and constructs a management system including a management device that manages the created signature document for a predetermined period so that it can be viewed (downloaded). The system includes a plurality of terminals installed in each user, the management apparatus, an encrypted first communication path connecting each terminal and the management apparatus, and between each terminal and each terminal. And a second communication path that connects the management device.

  Then, the terminal on the first user side creates the digitized document (contract or approval document) according to the contents of the contract or approval, and attaches electronic signature data to the data as necessary. For example, the data is transmitted (uploaded) to the management apparatus via the encrypted first communication path and stored. At the same time or after a lapse of a predetermined time (for example, time for processing the uploaded data on the management device side), the terminal on the first user side is a related party, that is, a contract partner or a member of the deliberation 1 Alternatively, the address (URL) of the document in the management apparatus is notified to a plurality of second user terminals via the second communication path. Further, the terminal on the first user side notifies the signature request to one or a plurality of user terminals that request the signature among the second users. For example, the first communication path is realized by SSL (Secure Socket Layer) encryption on the Internet line, and the second communication path is realized by e-mail using the Internet line.

  Upon receiving the request, the terminal of one or more second users receives (downloads) the document data from the management device via the encrypted first communication path, and the content of the document is appropriate. If it is confirmed that there is, the electronic signature data indicating that the signature is permitted is transmitted (uploaded) to the management apparatus via the first communication path. The management apparatus stores the electronic signature data transmitted to the document to be managed. In this way, the document managed by the management apparatus becomes an electronic document with one or more electronic signatures, and the intermediary management apparatus has an appropriate period of time such as contract termination timing and update timing. It is stored in a designated address (URL) so that it can be appropriately viewed (downloaded) via the first communication path. That is, an electronic signature document such as the contract and the approval document can be shared between the users at the designated address (URL).

  Therefore, when managing electronic signature documents such as contracts and approval documents, a simple, low-cost and highly secure system can be realized, which can be easily used not only between companies but also for individuals.

  In the electronic signature document management system of the present invention, each terminal transmits (uploads) seal data together with the electronic signature data.

  According to the above configuration, since the electronic signature is embedded in the digitized document like a so-called watermark, is it actually signed like a signature on a normal paper-out or screen-displayed document? Confirmation of no is not easy. Therefore, each terminal sends (uploads) the seal data together with the electronic signature data, so that if it is signed, the seal appears on the document, and it is confirmed whether or not it is signed. Can be easily performed.

  Furthermore, in the electronic signature document management system according to the present invention, the terminal of the first user receives (downloads) the template data of the document from the management device, and performs processing by the first user. It is characterized by completing a document.

  According to the above configuration, since the creation of the contract and the approval document is complicated, by acquiring (downloading) the template from the management device, the first user only processes the acquired data at the terminal. Thus, these documents can be easily completed.

  Further, in the electronic signature document management system of the present invention, the management device creates predetermined metadata corresponding to the transmitted (uploaded) document data, adds and stores it, and stores each user. In the browsing, the terminal searches for a desired document from the metadata.

  According to the above configuration, the management apparatus creates and adds predetermined metadata such as a registration date and a title corresponding to the transmitted (uploaded) document (file) data, and stores each metadata. The user of the terminal can easily find the target document from the sorted metadata (file list).

  In the electronic signature document management system of the present invention, the second user terminal registers in advance by clicking the approval button when signing as a result of checking the contents of the document. When the electronic signature data is sent (uploaded) to the management apparatus via the first communication path to give the document an electronic signature and the signature is rejected, the return button is clicked. And transmitting (uploading) data indicating non-approval to the management apparatus.

  According to the above configuration, the registered electronic signature data is automatically transmitted (uploaded) simply by clicking the approval button, even if the second user does not perform the complicated work of attaching the electronic signature. Therefore, convenience can be improved. In addition, signature rejection can be easily handled by simply clicking the return button.

  In the electronic signature document management system according to the present invention, the management apparatus performs third-party authentication of the signature time using a time stamp on the digitized document to which the electronic signature has been attached. It is characterized by storing.

  According to the above configuration, non-falsification proof after the signature time becomes possible.

  Furthermore, in the electronic signature document management system of the present invention, the management device performs personal authentication of each user by a PIN (Personal Identification Number) code and biometric authentication.

  According to said structure, compared with the credit card authentication and the one-time password authentication of patent document 2, PIN code authentication can be performed simply. Moreover, a security level can also be raised by using biometric authentication together.

  Furthermore, in the electronic signature document management system of the present invention, the digitized document is a contract or a request for approval.

  According to the above configuration, one or more signatures are required for the contract and the approval document, and the present invention in which signatures can be easily collected is preferable.

  As described above, the electronic signature document management system and management method according to the present invention can be used to digitize documents such as contracts and approval documents that are appropriately signed by a plurality of users. An intermediary management device is provided, and the first user terminal transmits (uploads) the data of the electronic signature document to the management device via the encrypted first communication path, and requests a signature 1 Alternatively, a plurality of second user terminals are notified of the address (URL) and signature request of the document in the management apparatus via the second communication path, and the second user terminal receiving the request When the document data is received (downloaded) from the management device via the encrypted first communication path and the content of the document is confirmed to be appropriate, the electronic signature data is converted into the first signature data. The management device via a communication path Send (upload), each user is allowed view the document in the specified address (URL) (download).

  Therefore, when managing electronic signature documents such as contracts and approval documents, a simple, low-cost and highly secure system can be realized, which can be easily used not only between companies but also for individuals.

1 is a block diagram showing an overall configuration of an electronic signature document management system according to an embodiment of the present invention. It is a figure which shows the example of the screen at the time of creating simply the imprint displayed instead of a signature in a terminal. It is a figure which shows the example of the screen at the time of registering (uploading) the contract created with the terminal. It is a figure which shows the example of the file list of the new arrival information of the said electronic signature document. It is a figure which shows the example of the file list of the progress of the said electronic signature document. It is a flowchart which shows the initial selection operation | movement of the process in handling the said electronic signature document. It is a flowchart which shows the preparation procedure of a new file (the said electronic signature document). It is a flowchart which shows the procedure of the file selection process in handling the said electronic signature document. It is a flowchart which shows the procedure which prescribes | regulates the authority in the company in using this management system of a digital signature document. It is a flowchart explaining the registration procedure of supplier information.

  FIG. 1 is a block diagram showing the overall configuration of an electronic signature document management system according to an embodiment of the present invention. The system of the present invention is based on exchanging documents (files) using EDI (Electronic Data Interchange) and digital storage technology. The EDI is a method for electronically exchanging information related to commercial transactions, such as order placement, quotation, settlement, and receipt and arrival, in a standard format, and between companies via the Internet or a dedicated communication network. is there.

  However, according to the present invention, even when such standard EDI or digital storage technology is used, a third party management device 1 mediates a contract or a request between the parties, as will be described later. A completely new electronic signature document management system and management method that enables services such as contracts and approval documents (drafts and drafts) to be stored and viewed while making them easy and low-cost. It is to provide. Since the digitized document (file) is a contract or a request for approval, the contract or request for approval requires one or more signatures, so that the present invention can easily collect the signatures. Is particularly preferred.

  In the example of FIG. 1, an example is described in which a contract is exchanged between two companies, Company X and Company Y. As parties, in Company X, the person in charge, Mr. A, the supervisor of Mr. A, and the approver In the case of Company Y, Mr. C who is the person in charge and Mr. C who is a senior manager and approver and Mr. D who is an officer are also involved. Each of A to D owns information processing terminals a to d such as personal computers, and each information processing terminal a to d is connected to a network 2 such as the Internet. For the management system of the present invention, each information processing terminal a to d stores a dedicated program in advance and is realized by a server or the like, and is a network 2 common to each information processing terminal a to d. The management device 1 connected to is provided.

  The management apparatus 1 can obtain a standard SSL certificate from a certificate authority (not shown) that satisfies a predetermined level, and can distribute it to each information processing terminal a to d of the subscriber of the management system. The terminals a to d can securely log in to the management apparatus 1 using the SSL certificate.

  At the time of login, the information processing terminals a to d can log in with high security by using a PIN (Personal Identification Number) code registered in advance and using biometric authentication.

  Different PIN codes may be used for browsing (downloading) and transmission (uploading), which will be described later. For example, the PIN code at the time of browsing only for viewing is short, and the PIN code at the time of transmission for changing the document data is lengthened. The biometric authentication may also be unnecessary at the time of browsing (downloading) described later. That is, at the time of transmission (upload) accompanied by a change of a document (file), a long PIN code that is difficult to be guessed by a third party is used together with biometric authentication that is difficult to be tampered by a third party. The biometric authentication includes face authentication and iris authentication using a web camera, fingerprint authentication using a fingerprint verification device, finger vein authentication using a finger vein verification device, and voice print authentication using a voice print verification device.

  Thus, the network 2 uses the encrypted first communication path 21 using the SSL certificate (high secrecy) and the second communication with relatively low secrecy such as normal e-mail. The road 22 is provided. In the management apparatus 1, contractor information such as addresses, PIN codes, and biometric authentication data of the information processing terminals a to d is registered in advance at the time of starting the service (at the time of subscription).

  In addition, the management apparatus 1 acquires a reliable time stamp from a highly reliable TSA (Time Stamping Authority) certificate authority (not shown) when signing each information processing terminal a to d described later, and adds it as metadata. . For obtaining the time stamp, for example, when data of an electronic signature document is transmitted from the management apparatus 1 as a client to the TSA certificate authority, the TSA certificate authority creates a “Time-stamp token” based on the hash of the data. This is performed by returning the response to the client (management apparatus 1). The client (management apparatus 1) can obtain a reliable time stamp of the data of the target electronic signature document from the obtained “Time-stamp token”. By performing third-party authentication of the signing time with such a reliable time stamp at the same time as the digital signature, non-falsification proof after the signing time becomes possible.

  It should be noted that in the management system of the present invention, electronic documents (files) such as contracts and approval documents can be appropriately viewed and viewed among a plurality of users A to D. It has the following characteristics in managing. In the example of FIG. 1, the officers Mr. B and Mr. D actually sign, and the persons in charge of the contract, Mr. A and Mr. C, can view the document (file). .

  Mr. A who is the person in charge who is the first user exchanges contracts and approval documents by e-mail etc. with Mr. C who is the second user, and summarizes the contracts and approval documents. An electronic document (file) F1 such as is created in a format such as PDF in the terminal a, and the data is transmitted to the management apparatus 1 via the first communication path 21 as shown in step S1. (Upload) and store. At the same time or after elapse of a predetermined time (for example, time for processing the data of the uploaded document (contract) F1 on the management apparatus 1 side), as shown in step S2, the terminal a is registered in advance. The second user's B, C, and D terminals b, c, and d are given the address (URL) of the document in the management apparatus 1 by e-mail via the second communication path 22. Notify automatically. The e-mail is linked to the address (URL), and the received terminals b, c and d can click (download) the document (contract) F1 by clicking.

  Thereafter, in step S3, the terminal a further notifies the signature request by electronic mail from the second communication path 22 via the management device 1 to the terminals b and d of Mr. B and Mr. D who request the signature. To do. Note that the signature request in step S3 may be transmitted to the terminals b and d via the management apparatus 1 as described above using the second communication path 22, but directly from the terminal a to the terminals b and d. May be sent. However, the signature request (step S3) for specifying the signing partners b and d is distributed via the management apparatus 1 as compared to the case where all addresses B to D are notified of the address (URL) (step S2). It is preferable in terms of security.

  When Mr. B and Mr. D's terminals b and d receive the signature request from the management apparatus 1 via the second communication path 22 in step S4, they respond to the address (URL) notification in step S2. Then, Mr. B and Mr. D who received (downloaded) the data of the document (contract) F1 from the management apparatus 1 and viewed the document (file) receive the document (file) from the terminals B and D in step S5. The electronic signature data indicating that the signature is acceptable accompanying the confirmation of the contents of F1 is transmitted (uploaded) to the management apparatus 1 via the first communication path 21.

  When the signatures of Mr. B and Mr. D who requested the signature are thus obtained, the management apparatus 1 encrypts the entire PDF file of the contract created by Mr. A with the signature key, and the signature cannot be replaced. In this way, a document (file) F2 is created. In addition, the management apparatus 1 transmits the data of the document (file) F2 that cannot be replaced to the TSA certificate authority as described above, and acquires the time stamp to be added to the document (file) F2. The management apparatus 1 stores the document (file) F2, the time stamp, the public key used for the signature, the secret key, and the operation log obtained in this manner. Among them, the document (file) F2, the time stamp, and the operation log are stored. It is possible to view (download) from each terminal a to d via the first communication path 21. At the time of the download, the management apparatus 1 transmits the entire communication content including the attached PDF file with SSL encryption.

  That is, the digitized document (file) F2, in which the time stamp is attached to the electronic signatures of Mr. B and Mr. D, that is, the contract is used by Mr. A to Mr. D at the specified address (URL). Can be shared among the users. The storage period is, for example, an appropriate period from the contract termination timing to the contract renewal timing. When the stored document (file) F2 is replaced (for example, a signature is added, a signer is changed, a contract period is extended, or the like) or deleted, the management apparatus 1 The information processing terminals a to d of the parties are notified.

  The operation log is data indicating when and when the document (contract) F1 is uploaded (Mr. A), the signature (Mr. B, D), and the like (shown in FIGS. 4 and 5 described later). By storing the metadata together, it can be used later when searching for the document (file) F2.

  In this way, when managing electronic signature documents such as contracts and approval documents, a simple, low-cost, high-security system can be realized, which can be easily used not only between companies but also for individuals. . The present invention can be applied to a receipt or the like, but in the case of the contract or the approval document, which requires a signature other than the first user and often requires a plurality of signatures, The present invention, in which signatures are easily collected, is particularly preferred.

  In order to avoid complication of the drawings, each of the terminals a to d accesses the management apparatus 1 from the first communication path 21 with the address (URL) and confirms the contents of the documents (files) F1 and F2. (Downloading) route is omitted.

  In addition, as described above, there may be a case where Mr. A who is the first user does not become a signing party. As described above, some of Mr. B to Mr. B who are the second users are also included. There may be cases where you are the only signing party. In the above example, Mr. A who is a subordinate creates a contract, sends (uploads) it to the management apparatus 1, and asks Mr. B who is the company's manager to sign, and the contract partner also manages the signature. Mr. C, the subordinate, only browses and confirms. In this way, it is not necessary for Mr. A to Mr. D, who are all users who can browse, to sign.

  Then, each terminal a to d transmits (uploads) individually-designated seal data together with the electronic signature data indicating that the signature is acceptable, and the management apparatus 1 confirms that the signature has been signed and who has signed. Is displayed for each user account as if it were embedded in the document. This is because an electronic signature is embedded in a digitized document like a so-called watermark, so that conventional digitally signed document data is like a signature in a normal paper-out or screen-displayed document, This is because it is not immediately apparent from the appearance that it has been signed, and it cannot be known unless the authenticity of the electronic certificate is confirmed. When each terminal a to d transmits (uploads) the seal data together with the electronic signature data indicating that the signature is possible, if the signature is signed, the seal appears on the document. This can be easily confirmed.

  Imprint data is read and registered in the management apparatus 1 when a use account is created, and may be updated as appropriate. FIG. 2 shows an example of a screen when the imprint is simply created in each of the terminals a to d. When a character of an imprint is input into the frame 31 using a keyboard or the like and a font indicated by reference numeral 32 is selected and input, an imprint corresponding to the input is displayed as indicated by reference numeral 33. If the user clicks the save button 34 when using this imprint, and clicks the cancel button 35 when creating another imprint, the user can re-enter the frame 31 or the like.

  On the other hand, since the creation of the contract and the approval document is complicated, the management apparatus 1 stores the template data of the document (file) such as the contract and approval document in advance, and the first user (described above) In the example, the terminal a of A) receives (downloads) it and completes the document by processing of the first user A. As a result, the first user A can easily complete these documents simply by processing the acquired data at the terminal a (inputting necessary data).

  An example of a completed contract registration (upload) screen from the terminal a is shown in FIG. First, when uploading a document is selected with the icon 41 and a contract is selected with the icon 42, an input form as shown in FIG. 3 is obtained. Then, after inputting the title in the frame 43 and clicking the button 44 to enter the capture mode, the contract icon such as the created PDF is attached to the frame 45 by drag and drop. In addition, in the frame 46, the contract type is selected from the pull-down, and the stamp amount is entered in the frame 47. Further, in the frame 48, the signer (B in the above example) is selected from the company personnel registered in advance by pull-down, and similarly, in the frame 49, the other party registered in advance by pull-down. The signer (D in the above example) is selected from the side personnel, and the mail address of the other party (B, C, D in the above example) to which the document (file) is to be distributed is registered in the frame 50. . In the frame 51, special items (a time limit for requesting a signature, supplementary rules for contracts, etc.) displayed when distributed by e-mail can be entered as necessary. When the input is completed, the upload is performed by clicking the button 52, and by clicking the button 53, the input can be performed again or the input content is deleted.

  In addition, as described above, the management device 1 creates predetermined metadata such as a registration date, a title, a comment, and a search keyword corresponding to the document (file) data transmitted (uploaded) from the terminal A, Added and stored. Therefore, the users A to D of the terminals A to D can easily find the target document (file) from the sorted metadata (file list). It is preferable that a preview image of a document (file) is attached to the sort screen. This makes it easier to search for a desired document (file).

  4 and 5 show examples of file lists using the metadata. First, when new arrival information (new line) is selected with the icon 61, a list display screen as shown in FIG. 4 is displayed. The files are arranged in order of arrival as in the column 62, and the priority of each file is also shown from the metadata as in the column 63. Similarly, the creation date is displayed as shown in the column 64 from the metadata. If the signature date / time is the target of list display as the file creation date, the date / time acquired by the time stamp is adopted, and the date / time when the first document such as a contract is created is the target of the list display. In this case, the time stamp is not necessarily required, and the time acquired from an NTP server or the like may be used.

  Then, a desired file can be selected from the address in the column 65, the contributor in the column 66, and the contents (summary) in the column 67, and the detailed display can be performed. If the number of files is large or the desired file is not found, a search word can be entered in the frame 68 and the button 69 can be clicked to find out easily.

  On the other hand, when the progress status is selected with the icon 71, a list display screen as shown in FIG. 5 is displayed. A document (file) type can be selected with the icons 72 to 75, and the progress status can be selected with the icons 76 to 81, so that a list display as shown in FIG. 5 can be performed. The type of the document (file) can be selected with the icon 72, the contract with the icon 73, the receipt with the icon 74, the other with the icon 75, and the progress can be selected with the icon 76. The icon 77 waits for all signatures, the icon 78 waits for the signature of the company, the icon 79 waits for the signature of the partner, the icon 80 indicates the signature of the partner, and the icon 81 indicates the signature of the partner. You can choose. As in FIG. 4, by inputting a search word in the frame 82 and clicking the button 83, a desired file can be easily found. In the example of FIG. 5, the contract is selected with the icon 73, and all progress is selected with the icon 76.

  Thus, the user (B, C, D in the above example) confirms the contents of the document (file) on the screen of the terminals b, c, d, and signs the signature (in the above example, the user B, C, D). In the case of D), by clicking the approval button displayed on the screen, the electronic signature data indicating that the signature is acceptable is sent from the terminals b and d together with the seal data shown in FIG. It is transmitted (uploaded) to the management apparatus 1 via the first communication path 21, and a signature is given to the corresponding document (file) by the management apparatus 1. On the other hand, when the users B and D reject the signature, they click the return button on the screens of the terminals b and d, and the terminals b and d do not approve (signature rejection). Is transmitted (uploaded) to the management apparatus 1. In that case, instead of the seal imprint, for example, an unapproved stamp may be attached to the corresponding document (file), or information indicating that the signature is rejected is transmitted to the remaining users A and C. May be.

  Thus, even if the users B and D do not perform the complicated work of attaching the signature, the registered stamp data can be obtained by simply clicking the approval button on the screens of the terminals B and D. Since it is automatically transmitted (uploaded) together with the electronic signature data indicating permission, the convenience can be improved. Also, the rejection of the signature can be easily handled by simply clicking the return button on the screens of the terminals B and D.

  When the terminals a to d are tablet terminals, instead of clicking the approval button and embedding a seal image, a sign may be input from the touch panel of the tablet terminal and the sign may be displayed. .

  6 to 10 are flowcharts for explaining specific operations of the management apparatus 1 and the terminals a to d. First, FIG. 6 illustrates an initial selection operation as to what processing the users of the terminals a to d perform. In step P1, the users A to D access the home page of the management apparatus 1 from the terminals a to d, perform login work in step P2, and have their own mail address (identification information) and password as indicated by the reference symbol D1. The PIN code and the biometric data are input and transmitted to the management apparatus 1 via the secure first communication path 21.

  In step P3, the input data is collated with the contractor information registered in the database in the management apparatus 1. If there is no corresponding contractor, a login error occurs in step P4. Are notified to the terminals a to d. On the other hand, if it is determined in step P3 that the contractor is a legitimate contractor, in step P5, a list of documents (files) in which the contractor is currently involved as shown in FIGS. Is displayed. As a result, when the user desires the detailed display in step P11, the file selection data indicated by reference numeral D11 is input, and the process proceeds to the process shown in FIG.

  On the other hand, in step P5, if the sorting in step P21 is desired, the field indicated by reference symbol D21 is clicked. If the filtering in step P22 is desired, the file to be filtered indicated by reference symbol D22. Type (the above-mentioned icons 72 to 75), progress status (the above-mentioned icons 76 to 81), etc. are input, and when the search in step P23 is desired, the file name or author indicated by the reference symbol D23 is input. (Input to the frame 82 and click of the button 83). By each input operation indicated by reference numerals D21 to D23, the management apparatus 1 transmits data of the sorted (sorted) and filtered file list. In step P24, for example, on the screens of the terminals a to d, FIG. 4 or 5 is displayed. From the file list thus displayed, the user proceeds to the file selection process shown in FIG.

  In step P5, if it is desired to create a new file in step P31, data in a new file creation screen is transmitted in step P32 and displayed on the screens of terminals a to d. Move on to the process shown. Furthermore, if it is desired to confirm the user profile in step P41 in step P5, the profile management screen data is transmitted and displayed on the screens of the terminals a to d in step P42. If it is desired to manage the user ID in step P51 in step P5, the data on the management screen for the in-company user ID is transmitted and displayed on the screens of the terminals a to d in step P52. Furthermore, when it is desired to confirm the new line (new arrival information) in step P61 in step P5, the screen data of the new line as shown in FIG. 4 corresponding to the logged-in user in step P62. Is transmitted and displayed on the screens of the terminals a to d. In step P5, when logout is selected in step P70, the process ends.

  FIG. 7 is a flowchart showing a procedure for creating a new file performed in the terminal a in the above description. In the example of FIG. 7, the contract file, the receipt, and other files are shown as the new file. For example, the approval document is the same as when the contract document is not stamped. When moving from step P32 to step Q1, in step Q2, the attribute (type) of the file to be created is selected by selecting the icon 42.

  In step Q2, when data indicating that the contract is indicated by the reference symbol M11 is input (selected), the process proceeds to step Q11, and the management apparatus 1 displays the data on the contract input screen as shown in FIG. Is displayed on the screen of the terminal a. Similarly, in step Q2, when data indicating the receipt indicated by the reference symbol M21 is input (selected), the process proceeds to step Q21, and the management apparatus 1 reads the data on the input screen of the receipt and reads the terminal a On the screen. In step Q2, when data indicating the other file indicated by reference numeral M31 is input (selected), the process proceeds to step Q31, and the management apparatus 1 reads the data on the input screen of the other file and reads the data of the terminal a. Display on the screen.

  In step Q11, from the dragging and dropping to the frame 45 and the writing to the frame 51 from the terminal a, the description input as shown in FIG. If it is performed, the management apparatus 1 confirms the input content in step Q12, and if there is an error, notifies in step Q13, and if there is no error, proceeds to step Q14. In step Q14, the contract type is selected by pull-down selection of the frame 46, and in step Q15, the stamp amount corresponding to the contract type is input by input to the frame 47. In step Q16, the users (B and D in the above example) desiring to sign are selected, including themselves, by pull-down selection of the frames 48 and 49.

  As a result of the selection, if the first signature is given by itself, the electronic signature (imprint) data indicated by the reference symbol M13 is attached, and the process proceeds to Step Q18. In step Q17, the signer is selected and the process proceeds to step Q18. In step Q18, it is determined whether or not there is another file to be uploaded. If it does not exist, the process proceeds to step Q19 and the file (contract) is successfully created, and a signature request is sent to the signer by e-mail. Is done. On the other hand, if there is another file to be uploaded in step Q18, the upload is performed in step Q20, and then the process proceeds to step Q19.

  In step Q21, when the terminal a inputs the company name, name, amount, etc. of the destination as indicated by the reference symbol M22 on the receipt input screen, and then the initial signature is performed by itself. As with the reference symbol M13, the electronic signature (imprint) data indicated by the reference symbol M23 is attached and the process proceeds to step Q28. When another person performs, the selection is performed as indicated by the reference symbol M24 as with the reference symbol M14. Is entered, the signer is selected in step Q27, and the process proceeds to step Q28. In step Q28, it is determined whether there is another file to be attached such as an invoice or the like. If not, the process proceeds to step Q29 and the file (receipt) is successfully created. A signature request is sent. On the other hand, if another attached file exists in step Q28, the upload is performed in step Q30, and then the process proceeds to step Q29.

  In step Q31, when the description of the file is input from the terminal a to the file desired to be uploaded as indicated by the reference symbol M32 on the other file creation input screen, the management device 1 in step Q32 The contents of the input are confirmed. If there is an error, notification is made in step Q33, and if there is no error, the process proceeds to step Q34. In step Q34, it is determined whether or not another file to be attached exists. If not, the process proceeds to step Q35, where the creation of the other file is successful, and a signature request is transmitted to the signer by mail. . On the other hand, if another attached file exists in step Q34, the upload is performed in step Q36, and then the process proceeds to step Q35.

  On the other hand, the electronic signature also creates a new file, and as shown in FIG. 7, the signer (B, D in the above example) who has received the notification by mail receives the address (URL) of the mail screen in step Q41. ) Is clicked, the screen moves to the login screen in step Q42, and the log-in operation for inputting its mail address (identification information), PIN code, and biometric data is performed as indicated by the reference symbol M41 as in step P2. If the user authentication is completed in step Q43 as a result of login, the process proceeds to the signature screen in step Q44, and if the user cannot be authenticated, the process proceeds to the error notification screen in step Q45.

  FIG. 8 is a flowchart showing the procedure of the file selection process performed as a result of the file list display in step P24. When a file waiting for signature is selected in step R1 from the screens as shown in FIGS. 4 and 5, the signature screen is displayed in step R2, and whether or not the signature is acceptable is determined in step R3. When the signature is acceptable, that is, when the approval button is clicked, an additional comment can be arbitrarily added at step R4. When an electronic signature is performed at step R5, the electronic signature (the above-mentioned imprint) is attached at step R6. Detailed display of files (contracts, etc.) is performed. On the other hand, when the signature is rejected in step R3, that is, when the return button is clicked, a comment for the reason for unapproval is written in step R7, and the process proceeds to the file detail display in step R6 (in this case, signature rejection).

  On the other hand, when the detailed display of a specific file is selected in step R11 from the screen as shown in FIG. 4 or FIG. 5, the same electronic signature (also rejected) as in step R6 is attached in step R12. The file details are displayed. As a result, when the user prints in step R13, the process moves to step R14 and the print screen is displayed. As a result of the detailed display in step R12, when the user deletes the file of the detailed display in step R15, a deletion confirmation screen is displayed in step R16. When the user confirms in step R17, in step R18 Make a backup of the file, execute deletion, and notify the related users of the deletion. On the other hand, if the deletion cannot be confirmed in step R17, the process returns to the file management screen in step R12.

  Furthermore, as a result of the detailed display of the file in step R12, if the user replaces the file in step R21, the process proceeds to step R22 to display a file upload screen to be replaced, and in step R23. When uploading is performed, a file to be uploaded is selected by drag and drop, as indicated by reference numeral N1. When the selected file is confirmed in step R24, the user is notified in step R25 that the upload was successful. On the other hand, if the uploaded file cannot be confirmed in step R24, an error notification is made in step R26.

  FIG. 9 is a flowchart showing a procedure for defining the authority (security level, status) in the company when using this electronic signature document management system. Note that this process can use only ID (status) information associated with user authentication by login, so that only a user with a predetermined authority (security level, status) or higher can perform. For example, in the above-described example, only the users B and D who are managers can perform.

  When creation of a new in-house ID is selected in step S1, the screen moves to the creation screen of step S2, and data such as a department, title, name, and authority (security level, status) given by reference numeral H1 are input. The The input data is confirmed in step S3. If appropriate, a new user ID is created and registered in the management apparatus 1 in step S4. If not appropriate, an error notification is sent from the management apparatus 1 in step S5.

  When the change of authority (security level, status) is selected in step S11 for each ID input in this way, data of a new authority (security level, status) to be granted, indicated by reference numeral H2, is input. The temporary storage is performed by operating the storage button in step S12. The stored data is confirmed in step S13, and if it is appropriate, the change of authority (security level, status) is actually stored (update registered) in step S14 and moves to the authority list screen of each user. An error notification is made in S15.

  On the other hand, when creating a new ID from step S1 and changing the authority from step S11, the user authority can be confirmed by the filtering process of step S21 or the search process of step S22. In the filtering process in step S21, filtering is performed by inputting the authority type and department indicated by reference symbol H3, and in the search process in step S22, a name and user ID indicated by reference symbol H4 are input and searching is performed. . The extraction results of steps S21 and S22 are displayed as a list in step S23, and can be used as a reference for the processing from steps S1 and S11.

  FIG. 10 is a flowchart for explaining the registration procedure of the supplier information. The supplier information is roughly divided into new registration after step T1 and registration change after step T11. These may be performed by an arbitrary user or only by a user having a predetermined authority.

  In the new registration, when new registration is selected in step T1, the ID creation screen of the new business partner company is displayed in step T2, and as shown by the reference symbol L1, company information such as company name, address, and telephone number is displayed. In addition, personal information such as names of persons in charge and managers, departments, and telephone numbers are entered. In step T3, the input information is confirmed, and when it is appropriate, it is added as information on the partner company in step T4 and a company list is displayed. When it is not appropriate, an error notification is made in step T5.

  In the registration change, when the supplier information list is selected in step T11, the list display screen is displayed in step T12, and the supplier to be changed from the list display screen is the service charge indicated by the reference symbol L2 in step T13. It is extracted by the filtering process by the previous input or by the search by the input of the company name and the number of files indicated by the reference symbol L3 in step T14. A list of extraction results is displayed in step T15.

DESCRIPTION OF SYMBOLS 1 Management apparatus 2 Network 21 1st communication path 22 2nd communication path ad Information processing terminal

Claims (9)

It is a system for managing electronically by appropriately applying an electronic signature to a digitized document among a plurality of users.
Multiple terminals used by each user;
A management device;
An encrypted first communication path connecting between each terminal and the management device;
A second communication path connecting between the terminals and between each terminal and the management device,
The terminal of the first user transmits the digitized document data to the management apparatus via the first communication path and to one or a plurality of second user terminals requesting a signature. , Notifying the address and signature request of the document in the management device via the second communication path,
Upon receiving the request, the terminal of the second user receives the document data from the management apparatus via the first communication path, and transmits the electronic signature data accompanying the confirmation of the document contents to the first communication path. To the management device via
An electronic signature document management system, wherein the management device stores an electronic document to which an electronic signature is attached so as to be viewable at the address via the first communication path.   The electronic signature document management system according to claim 1, wherein each terminal transmits seal stamp data together with the electronic signature data.   3. The electronic device according to claim 1, wherein the terminal of the first user receives the template data of the document from the management device and completes the document by processing of the first user. Signature document management system. The management device creates predetermined metadata corresponding to the transmitted document data, adds and stores the metadata,
The electronic signature document management system according to any one of claims 1 to 3, wherein each user terminal searches a desired document from the metadata when browsing.   When the second user terminal signs as a result of checking the contents of the document, the approval button is clicked, and the electronic signature data registered in advance is transferred to the first communication. When a digital signature is given to the document by sending it to the management device via a path and the signature is rejected, data indicating that the document is not approved is transmitted to the management device by clicking a return button. The electronic signature document management system according to claim 1, wherein the electronic signature document management system is a digital signature document management system.   6. The management apparatus according to claim 1, wherein after the third-party authentication of the signature time by a time stamp is performed on the digitized document with the digital signature, the management device stores the document. The electronic signature document management system according to any one of the preceding claims.   An electronic signature document management system, wherein the management device performs personal authentication of each user by a PIN code and biometric authentication.   8. The electronic signature document management system according to claim 1, wherein the digitized document is a contract or a request for approval. A method for managing an electronic document by appropriately applying an electronic signature among a plurality of users so that the document can be viewed.
Transmitting electronic document data from the terminal of the first user to the management apparatus via the encrypted first communication path;
Notifying the address of the document in the management device from the terminal of the first user to the terminal of the second user via the second communication path;
Transmitting a signature request via a second communication path from the first user terminal to one or more second user terminals requesting a signature;
A second user terminal receiving the request receives document data from the management device via the first communication path;
Transmitting electronic signature data associated with confirmation of document contents from the second user terminal to the management apparatus via a first communication path;
Storing the electronic document with the electronic signature attached to the management device so that the electronic document can be viewed from the user terminal via the first communication path. A method for managing electronic signature documents.

Images