JP2020035474A - Web device, authentication center server and system - Google Patents

Abstract

To upgrade credibility of a use of a corporation number regarding a law (so-called personal identify number) about a use and the like of a number for identifying a specific person in administrative procedures.SOLUTION: In a corporation number domain system 10, an authentication center server 610 comprises: a corporation number database 615 that has all of issued corporation numbers stored; a corporation number authentication unit 611 that checks if the received corporation number exists in the corporation number database 615; and an electronic authentication unit 613 that checks if electronic data is electronic data authenticating a corporation the corporation number indicates. When it is checked that the corporation number exists in the corporation number database 615, and it is checked that the electronic data is the electronic data authenticating the corporation the corporation number indicates, the authentication center server is configured to issue an acceptance notification, and when it is checked that the corporation number does not exist in the corporation number database, or it is checked that the electronic data is not the electronic data authenticating the corporation the corporation number indicates, the authentication center server is configured to issue a rejection notification.SELECTED DRAWING: Figure 1

Description

  The present invention relates to an apparatus, a method, and a system for handling a corporate number.

  The “Law Concerning the Use of Numbers to Identify Specific Individuals in Administrative Procedures (commonly known as the My Number Law)” enacted in May 2013 stipulates two types of personal numbers and corporate numbers. Therefore, it is desired to promote the use of “personal numbers” and “corporate numbers”.

JP-A-2004-110577 JP 2010-257380 A JP-A-2002-109330

  In communication via a network, spoofing and hacking are prevalent, and it is desired to improve communication security.

  An object of the present invention is to improve the reliability of the use of a corporate number.

The authentication center server of the present invention comprises:
An authentication center server that receives a corporate number and electronic data,
A corporate number database that stores all issued corporate numbers, which is a corporate number defined in the "Act on the Use of Numbers to Identify Specific Individuals in Administrative Procedures"
A corporate number authentication unit that checks whether the received corporate number exists in the corporate number database,
An electronic authentication unit that checks whether the electronic data is electronic data that certifies a corporation indicated by the corporation number,
The corporation number authentication unit checks that the corporation number exists in the corporation number database, and the electronic authentication unit checks that the electronic data is electronic data that certifies the corporation indicated by the corporation number. If you do, a notice of acceptance will be issued,
The corporation number authentication unit checks that the corporation number does not exist in the corporation number database, or the electronic authentication unit checks that the electronic data is not electronic data that certifies the corporation indicated by the corporation number. If not, issue a rejection notice.

  According to the present invention, by authenticating the corporate number, the reliability of the use of the corporate number is improved.

FIG. 1 is a block diagram showing a configuration of a corporate number domain system 10 and a web device 100 according to Embodiment 1. FIG. 3 is a diagram showing an example of a document 50 according to the first embodiment. FIG. 3 is a diagram showing an example of a document table 220 according to the first embodiment. FIG. 4 is a diagram showing an example of a trace information table 230 according to the first embodiment. FIG. 4 is a diagram showing an example of a personal number table 240 according to the first embodiment. FIG. 3 is a diagram showing an example of a domain table 250 according to the first embodiment. FIG. 3 is a diagram showing an example of an IP table 260 according to the first embodiment. 5 is a flowchart showing operations of issuing a corporate number domain and issuing a mail address of the web device 100 according to the first embodiment. 5 is a flowchart showing an operation of a web address registration application of the web device 100 according to the first embodiment. 5 is a flowchart showing an operation of authenticating and transferring a document by the web device 100 according to the first embodiment. 5 is a flowchart showing an address resolution operation of the web device 100 according to the first embodiment. 5 is a flowchart showing an operation of notifying a personal number of the web device 100 according to the first embodiment. 9 is a flowchart illustrating an operation of document authentication of the web device 100 according to the second embodiment.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. In the drawings, the same or corresponding portions are denoted by the same reference numerals. In the description of the embodiments, description of the same or corresponding portions will be omitted or simplified as appropriate.

***Definition of terms***
The definitions of the terms are as follows.

"My Number Act":
"Act on the Use of Numbers to Identify Specific Individuals in Administrative Procedures"

"personal number":
It is the same as the "Personal Number" defined in the "My Number Act", and the resident card code (residents stipulated in Article 7, Item 13 of the Basic Resident Register Act (Act No. 81 of 1942)) This is a number obtained by converting the resident card code, which is designated to identify a person who belongs to the resident card in which the resident card code is described.

"Personal number card":
It is the same as the "Personal Number Card" defined by the "My Number Act", and the name, address, date of birth, gender, personal number and other matters specified by a Cabinet Order are described, the photograph of the person is displayed, and And other matters specified by an Ordinance of the Ministry of Internal Affairs and Communications (hereinafter referred to as “card record items”).

"Corporate number":
It is the same as the "corporate number" defined by the "My Number Act", and is designated as a number for identifying a specific corporation or other group.

"Specific personal information file":
This is the same as the "specific personal information file" defined by the "My Number Act", and refers to a personal information file that includes a personal number in its contents.

"Personal number use clerk":
It is the same as the "personal number use clerk" defined in the "My Number Act", and refers to the person who processes the personal number use affairs and the person who receives all or part of the personal number use affairs.

"Personal number related clerk":
It is the same as the "personal number-related clerk" defined by the "My Number Act", and refers to the person who handles personal number-related affairs and the person who has been entrusted with all or part of personal number-related affairs.

"Domain name":
A name assigned to identify a computer or network connected to a network.
In the case of an e-mail address of “suzuki@ABCkaishaweb.co.jp”, “ABCkaishaweb.co.jp” after {} is a “domain name”.
In the case of a web address “www.ABCkaishaweb.co.jp”, “www.ABCkaishaweb.co.jp” is a “domain name”.
“Jp” of “ABCkaishaweb.co.jp” is called a top level domain, “co” is called a second level domain, and “ABCkaishaweb” is called a third level domain.

"IP address":
An identification number assigned to identify a computer or network connected to a network. It refers to an identification number represented by 32 bits or 128 bits. The 32-bit IP address is displayed as, for example, 11.22.33.44 by connecting the numerical values of each byte of 4 bytes with a period.

"Local part""Domainpart":
The description before @ of the e-mail address is the "local part", and the description after @ is the "domain part". The “local part” is a unique identifier in a domain, and the “domain part” is an identifier indicating a mail server. In the case of an e-mail address of "suzuki@ABCkaishaweb.co.jp", "suzuki" before @ is a "local part", and "ABCkaishaweb.co.jp" after @ is a "domain part".

"Domain Name System (DNS)":
A mechanism that associates a domain name with an IP address. This is a system that converts a domain name into an IP address necessary for computers to communicate with each other so that humans can exchange data on the Internet using the domain name. For example, it refers to a system that converts a "domain name" of "www.ABCkaishaweb.co.jp" into an IP address of "11.2.3.3.44". Converting a domain name to an IP address is called “address resolution”.

"Registry":
An organization that manages a registry database that registers domain names. The registry is an organization that manages the top-level domain and centrally manages the registry database. There is one registry for one top-level domain.

"Registrar":
A domain registrar that registers domain names in a registry database managed by the “registry”. The “registrar” registers a domain name in a registry database using a shared registration system (SRS: Shared Registry System). There are multiple registrars under contract with the registry.

"Private number":
A number or symbol that identifies an individual or a combination of a number and a symbol. For example, the private number is a personal number, an employee code, a driver's license number, a health insurance card number, and a resident's card code defined in the Basic Resident Register Act defined in the My Number Act.

Embodiment 1 FIG.
The configuration of the device according to the present embodiment, the configuration of data and tables according to the present embodiment, the operation of the device according to the present embodiment, and the effects of the present embodiment will be sequentially described.

*** Configuration description ***
With reference to FIG. 1, the configurations of a corporate number domain system 10 and a web device 100 which are devices according to the present embodiment will be described.

The corporate number domain system 10 is a network system in which the web device 100, the transmitting device 800, and the receiving device 900 are connected by a network 700. The web device 100, the transmitting device 800, and the receiving device 900 may be connected to the network 700 by wire, may be connected wirelessly, or may be a combination of wired and wireless connections.
The network 700 is the Internet, an intranet, or a combination thereof.
The transmitting device 800 and the receiving device 900 may be general-purpose electronic devices such as a personal computer, a smartphone, a mobile phone, and a notepad, or dedicated electronic devices having dedicated functions such as a POS terminal device and a ticket issuing device. The transmitting device 800 and the receiving device 900 may be fixed devices or mobile devices.

  As shown in FIG. 1, the web apparatus 100 includes a storage unit 200, a transmission unit 130, a reception unit 140, a management unit 150, an authentication unit 151, a trace unit 152, a mail address issuing unit 153, an IP An address conversion unit 154, a personal number conversion unit 155, and a domain issuing unit 156 are provided.

The management unit 150 acquires the data received by the reception unit 140 and stores the data in the main memory 103. Also, the management unit 150 determines the type of data received by the reception unit 140, and uses the data as an authentication unit 151, a tracing unit 152, a mail address issuing unit 153, an IP address conversion unit 154, and a personal number conversion unit. Unit 155 or the domain issuing unit 156.
In addition, the management unit 150 determines the processing result from any one of the authentication unit 151, the tracing unit 152, the mail address issuing unit 153, the IP address converting unit 154, the personal number converting unit 155, and the domain issuing unit 156. And transmits the processing result to the network 700 via the transmission unit 130.

The domain issuing unit 156 issues a corporate number domain including the corporate number from the corporate number. The corporate number is a 13-digit number defined by the My Number Act. For example, the domain issuing unit 156 issues a corporate number domain “1234567890001.co.jp” from a corporate number “1234567890001”.
The case where the corporate number domain uses “.co.jp” as the second-level domain and the top-level domain will be described below as an example. A domain may be used, or a top-level domain other than “.jp” may be used. For example, the domain issuing unit 156 may issue a corporation number domain “1234567890001.or.jp” or a corporation number domain “1234567890001.com” from the corporation number “1234567890001”.
The corporate number domain is used at least for the transmission address of the transmission device 800. The document 50 indicates the sender by the transmission address of the transmission device 800, and indicates the recipient by the reception address of the reception device 900.

The web device 100 receives the document 50 from the transmitting device 800 and receives the document 50 from the receiving device 900.
Transfer to Therefore, the web device 100 has a document table 220 for storing the document 50. When the receiving unit 140 of the web device 100 receives the document 50 from the transmitting device 800, the authentication unit 151 authenticates the corporate number used for the document 50 and authenticates the corporate number domain. When the corporate number and the corporate number domain used for the document 50 can be authenticated, the management unit 150 stores the document 50 in the document table 220 and transfers the document 50 to the receiving device 900.

The web device 100 verifies the document 50 received by the receiving device 900. Therefore, the receiving device 900 transmits an authentication request for the document 50 received by the receiving device 900 to the web device 100. The receiving unit 140 of the web device 100 receives, from the receiving device 900, a document authentication request transmitted from the transmitting device 800 to the receiving device 900.
The authentication unit 151 authenticates the corporate number domain in the authentication request received by the receiving unit 140 and authenticates the corporate number domain. Issue
The transmitting unit 130 transmits a pass notification to the receiving device 900.

In order to improve the traceability of the document 50, the web device 100 has a trace information table 230 for storing the trace information of the document 50. Receiving the pass notification, receiving apparatus 900 opens document 50 and transmits the open notification to web apparatus 100. When the receiving unit 140 of the web device 100 receives the opening notification of opening the document 50 from the receiving device 900, the tracing unit 152 records the opening information of the document 50 in the trace information table 230 based on the opening notification.
The opening notification includes the opening device address of the receiving device that opened the document and the opening time when the document was opened. Further, the open notification may include the sender information of the document, the date and time of transmission of the document, the date and time of reception of the document, the size of the received document, and the data format of the received document. The tracing unit 152 records various information included in the opening notification in the trace information table 230 as opening information.
Further, the tracing unit 152 transmits an opening notification to the transmitting device 800.

The mail address issuing unit 153 issues a mail address using a corporate number domain.
When the receiving unit 140 receives the mail address application including the personal identifier and the corporate number domain, the authentication unit 151 authenticates the corporate number included in the corporate number domain and authenticates the corporate number domain. When the corporate number and the corporate number domain can be authenticated, the e-mail address issuing unit 153 issues an e-mail address with the personal identifier as the local part and the corporate number domain as the domain part.

The personal number conversion unit 155 provides a personal number corresponding to the mail address from the mail address using the corporate number domain.
The web device 100 is an electronic device owned by a “personal number use clerk” or “personal number-related clerk”, and the web device 100 collects, manages, and stores personal numbers stipulated by the My Number Act. In addition, it is possible to use and provide personal numbers. The web device 100 is a device that strictly protects personal numbers in accordance with measures based on the My Number Act and the Personal Information Protection Act.
The web device 100 stores a personal number table 240 in which a personal number is associated with a mail address. The personal number is a 12-digit number defined by the My Number Act.
The receiving unit 140 transmits an e-mail address notification that describes an e-mail address in which a personal identifier is a local part and a corporate number domain is a domain part, from a person who is permitted to obtain a personal number, for example, a receiving device 900 owned by a tax accountant. Upon receipt, the authentication unit 151 authenticates the corporate number included in the corporate number domain and authenticates the corporate number domain. When the authentication unit 151 authenticates the corporate number and the corporate number domain, the personal number conversion unit 155 converts the mail address into a personal number corresponding to the mail address using the personal number table 240, and Is encrypted and returned to the receiving apparatus 900.

The authentication center server 610 has a corporate number authentication unit 611, a personal number authentication unit 612, an electronic authentication unit 613, and a position / time terminal authentication unit 614.
The corporation number authentication unit 611 has a corporation number database 615 that stores issued corporation numbers. The corporation number database 615 is a database in which all corporation numbers are registered. When the corporation number is input, the corporation number authentication unit 611 checks whether the corporation number exists in the corporation number database 615. The corporate number authentication unit 611 also stores company information corresponding to the corporate number in the corporate number database 615. Here, the company information specifically includes a company name, a company address, a company position, working hours, a terminal number of a terminal owned by the company, and the like.
When the company information is input together with the company number, the company number authentication unit 611 checks whether the company information matches the company information in the company number database 615.

The personal number authentication unit 612 has a personal number database 616 that stores issued personal numbers. The personal number database 616 is a database in which all personal numbers are registered. When the personal number is input, the personal number authentication unit 612 checks whether the personal number exists in the personal number database 616. The personal number authentication unit 612 also stores personal information corresponding to the personal number in the personal number database 616. Here, the personal information is specifically a name, an address, a gender, an age, a working company name, an employee code, a work place, a work place, and the like.
When the personal information is input together with the personal number, the personal number authentication unit 612 checks whether the personal information matches the personal information in the personal number database 616.

  The electronic authentication unit 613 checks whether the electronic certificate is the electronic certificate of the sender who sent the electronic certificate. Specifically, the public key of the certificate authority that issued the digital certificate is obtained from the certificate authority, and the digital signature of the digital certificate is verified with the public key of the certificate authority. If the digital signature of the digital certificate is correctly authenticated with the public key of the certificate authority, the digital certificate is definitely a certificate issued to the sender by the certificate authority. When the public key of the certificate authority is recorded in advance in the OS & program 210 of the web device 100, it is not necessary to obtain the public key of the certificate authority. You do not need to send a letter.

  The position / time terminal authentication unit 614 authenticates the position and the time. When a position authentication number is input, the position / time terminal authentication unit 614 verifies the position authentication number, and uses the company information recorded in the corporation number database 615 to determine the position of the transmitting device 800 identified by the position authentication number. Is checked with the company address described in the company information and the position registered as the usable range.

In addition, when the time authentication number is input, the position time terminal authentication unit 614 verifies the time authentication number, and uses the company information recorded in the corporation number database 615 to determine the time determined by the time authentication number. For example, it is checked whether it is within the company working hours described in the company information or late at night. Further, the position / time terminal authentication unit 614 checks whether the time determined by the time / number authentication number is, for example, a company holiday.
When the time authentication number is a time stamp token, the position / time terminal authenticating unit 614 verifies the time authentication number, and the document using the time authentication number is used at the time determined by the time authentication number. It authenticates that the application exists, and authenticates that the document using the time authentication number or the content of the application has not been tampered with since the time determined by the time authentication number.

  When the terminal authentication number is input, the position / time terminal authentication unit 614 verifies the terminal authentication number, and uses the company information recorded in the corporation number database 615 to determine the terminal number identified by the terminal authentication number. Check whether the terminal number matches the terminal number described in the company information.

  The HP server 620 is a server that provides a home page identified by a “domain name”. The HP server 620 provides a homepage accessed by an IP address.

  The registry server 630 is a server of an organization that manages a registry database for registering domain names. The registry server 630 receives a request for registration of a domain name from the web device 100 using a shared registration system (SRS), and registers the domain name in a registry database.

The web device 100 stores a domain table 250 in which a web address is associated with a corporate number domain, and an IP table 260 in which a corporate number domain is associated with an IP address.
When receiving section 140 receives the web address, IP address converting section 154 uses the domain table 250 to convert the web address into a corporate number domain corresponding to the web address, and uses IP table 260 to convert the corporate address domain. Is converted to an IP address corresponding to the corporate number domain, and the IP address is transmitted.

  In the present embodiment, web device 100 is a computer. Functions related to the control of the web device 100 are realized by software. In the present embodiment, at least the functions of the management unit 150 to the domain issuing unit 156 correspond to the functions related to the control of the web device 100.

  The web device 100 includes hardware such as a processor 101, a storage device 102, a main memory 103, a transmitter 105, and a receiver 106. The processor 101 is connected to other hardware via a signal line, and controls the other hardware.

  The processor 101 is an IC (Integrated Circuit) that performs processing. The processor 101 is, specifically, a CPU (Central Processing Unit).

  The storage device 102 includes an auxiliary storage device and a nonvolatile memory. The auxiliary storage device and the non-volatile memory are, specifically, a ROM (Read Only Memory), a flash memory, or a HDD (Hard Disk Drive). The storage unit 200 is realized by the storage device 102.

  The main memory 103 is a volatile memory, and the main memory 103 is, specifically, a RAM (Random Access Memory).

  The web device 100 may include a display as hardware. The display is, specifically, an LCD (Liquid Crystal Display).

Transmitter 105 transmits a signal to network 700. The receiver 106
A signal is received from the network 700. Specifically, the transmitter 105 and the receiver 106 are individual communication chips or integrated communication chips. The transmission unit 130 is realized by the transmitter 105. The receiving unit 140 is realized by the receiver 106.

  The storage unit 200 of the storage device 102 stores a program that implements a function related to control of the web device 100. This program is loaded into the main memory 103, read by the processor 101, and executed by the processor 101. The storage unit 200 of the storage device 102 also stores an OS (Operating System). At least a part of the OS is loaded into the main memory 103, and the processor 101 executes a program realizing the functions of the management unit 150 to the domain issuing unit 156 of the web device 100 while executing the OS.

  The program for realizing the function related to the control of the web apparatus 100 may be stored in a portable recording medium such as a magnetic disk, a flexible disk, an optical disk, a compact disk, a Blu-ray (registered trademark) disk, and a DVD (Digital Versatile Disc). Good.

  Information, data, signal values, and variable values indicating the processing results of the management unit 150 to the domain issuing unit 156 are stored in the storage device 102, the main memory 103, or a register or cache memory in the processor 101.

  Further, the “unit” of the management unit 150 to the domain issuing unit 156 may be replaced with “circuit”, “step”, “procedure”, or “processing”. When “part” of the management unit 150 to the domain issuing unit 156 is read as “process”, “procedure”, or “processing”, the management unit 150 to the domain issuing unit 156 controls the web device 100 or the web It is a component of the control program of the device 100.

Although not shown, the transmitting device 800 and the receiving device 900 include the same hardware as the processor 101, the storage device 102, the main memory 103, the transmitter 105, the receiver 106, and the like included in the web device 100.
Further, the storage devices of the transmission device 800 and the reception device 900 store programs corresponding to the programs of the web device 100. The programs stored in the storage devices of the transmission device 800 and the reception device 900 are executed by the processor, so that the data processing in the transmission device 800 and the reception device 900, the web device 100 of the transmission device 800 and the reception device 900, Communication processing is realized.

*** Data and table structure ***
As shown in FIG. 2, the document 50 has a transmission address 51, a reception address 52, transmission data 53, and a certificate 54.
The transmission address 51 is the mail address of the transmission device 800, and is an address indicating the sender of the document 50.
The receiving address 52 is an e-mail address of the receiving apparatus 900, and is an address indicating a recipient of the document 50.
The transmission data 53 is a digitally signed message. The message may include an attached file, a compressed file, and an encrypted file.
The certificate 54 is data for confirming that the message was created by the sender. Also, a public key corresponding to the secret key used by the sender for the electronic signature is included. The certificate 54 includes an electronic certificate, a position authentication number, a time authentication number, and a terminal authentication number.

  The OS & program 210 illustrated in FIG. 1 is an OS and a program executed by the processor 101.

As shown in FIG. 3, the document table 220 has a document ID 221, a document 222, and an authentication result 223.
The document ID 221 is a number for identifying the document 50.
The document 222 stores the document 50 shown in FIG.
The authentication result 223 is a result of the authentication check using the certificate 54.

As shown in FIG. 4, the trace information table 230 has a document ID 231, an opening device address 232, and an opening time 233.
The document ID 231 is a number for identifying the document 50.
The opening device address 232 is the mail address of the recipient who opened the document 50.
The opening time 233 is the time when the recipient opened the document 50.
When the opening notification includes the sender information of the document, the sending date and time of the document, the receiving date and time of the document, the size of the received document, and the data format of the received document, the same as the opening time 233 In the trace information table 230, the sender information of the document, the transmission date and time of the document, the reception date and time of the document, the size of the received document, and the data format of the received document are stored in correspondence with the document ID 231. It is memorized.

As shown in FIG. 5, the personal number table 240 has a personal number 241 and a mail address 242.
The personal number 241 is a personal number composed of 12 digits.
The mail address 242 is an address corresponding to the personal number 241.
Since the personal number table 240 has the personal number 241, it is treated as a “specific personal information file”.

As shown in FIG. 6, the domain table 250 has a web address 251 and a corporate number domain 252.
The web address 251 is a domain name in a network.
The corporate number domain 252 is a domain name corresponding to the web address 251.

As shown in FIG. 7, the IP table 260 has a corporate number domain 261 and an IP address 262.
The corporate number domain 261 is a domain name using a corporate number.
The IP address 262 is an IP address corresponding to the corporate number domain 261.

As shown in FIG. 1, the web device 100 has a specific personal information file 270.
The web device 100 is an electronic device held by a “personal number use clerk” or a “personal number-related clerk”. The web device 100 includes a “specific personal information” in which the “personal number use clerk” or the “personal number-related clerk” records the personal number and the personal information corresponding to the personal number within a range necessary for performing the clerical work. File "in advance. Specific examples of personal information include personal numbers, names, ages, and addresses.In this case, the corporate number of the company in which the individual works, the company name, employee code, office, and location are also described as personal information. It is assumed that

*** Explanation of operation ***
With reference to FIG. 8, the operation of web device 100 as the device according to the present embodiment will be described.

  The operations illustrated in FIG. 8 are a control operation, an information distribution operation, and a data management operation. The control operation corresponds to the control method of the web apparatus 100 according to the present embodiment and the processing procedure of the program according to the present embodiment. The information distribution operation and the data management operation are started by the control operation, and thereafter are performed in parallel with the control operation.

<<< Corporate Number Domain Issue >>>
Steps R1 to R10 in FIG. 8 are flowcharts showing the operation of the web device 100 for issuing a corporate number domain. Note that the corporate number domain is simply referred to as a corporate domain.
FIG. 8 illustrates the operation of issuing a corporate number domain from a corporate number.
The premise of the operation in FIG. 8 is as follows.
1. It is assumed that ABC Corporation using the transmitting device 800 has a corporation number of "1234567890001".
2. It is assumed that ABC Co., Ltd. using the transmitting device 800 has an electronic certificate linked with a corporate number of “1234567890001”. It is assumed that the certificate authority issues the electronic certificate after verifying that ABC Corporation has a corporate number of "1234567890001". The electronic certificate is electronic data issued by the certificate authority after the certificate authority checks whether the corporation number, the registered copy of the corporation, and the seal certificate of the corporation match.

Step R1: Transmit Domain Application Form Including Corporate Number The transmitting device 800 transmits the domain application form to the web device 100. This domain application requests that a domain name be issued using the corporate number as part of the domain name.
In the domain application form, the corporation number “1234567890001” is described, and company information indicated by the corporation number is described.
Also, the domain application includes a certificate having an electronic certificate, a position authentication number, a time authentication number, and a terminal authentication number linked to the corporate number. The position authentication number is a number that certifies the position of the transmitting device 800. The time authentication number is a number that certifies the date and time of creation or transmission of the domain application form. The terminal authentication number is a number that certifies the terminal number of the transmitting device 800.

Step R2: Corporate Number Confirmation and Authentication Number Confirmation The receiving unit 140 of the web device 100 receives the domain application form.
The management unit 150 determines the type of the received document, and if the received document is a domain application, entrusts the processing to the authentication unit 151.
The authentication unit 151 extracts the corporate number from the domain application, and transmits the corporate number “1234567890001” to the authentication center server 610 via the transmission unit 130. The authentication unit 151 extracts the company information, the electronic certificate, the location authentication number, the time authentication number, and the terminal authentication number from the domain application form, and sends the company information, the electronic certificate, and the location authentication number via the transmission unit 130. The time authentication number and the terminal authentication number are transmitted to the authentication center server 610.
If the public key of the certificate authority for verifying the electronic certificate is recorded in advance in the OS & program 210 of the web device 100, it is not necessary to obtain the public key of the certificate authority. Does not need to transmit the electronic certificate to the authentication center server 610, and the authentication unit 151 verifies the document 50 using the electronic certificate.
Also, sending the electronic certificate is not mandatory, and the corporation that has sent the domain application will send a copy of the corporation's registry and the seal stamp certificate of the corporation to the owner of the web device 100 instead of the electronic certificate. It may be mailed on a medium or transmitted on an electronic medium.
The transmission of the electronic certificate to the web device 100 is performed by the web device 100 and the transmitting device 800.
May be made selectable by a prior agreement between. For example, the web apparatus 100 stores, in the storage unit 200, information indicating whether transmission of an electronic certificate is indispensable or unnecessary, for each transmitting apparatus. Then, when the web device 100 receives the document 50 from the transmitting device 800, the authentication unit 151 refers to the electronic certification unnecessary information stored in the storage unit 200. The authentication unit 151 checks whether or not the digital certificate is sent to the document 50 from the transmitting device 800 and checks whether or not the electronic certificate is sent. If it is not necessary to send an electronic certificate to the document 50 from 800, the electronic certificate is not checked.

Step R3: Authentication When the authentication center server 610 receives the corporate number “1234567890001” and company information from the web device 100, the corporate number authentication unit 611 uses the corporate number database 615, and the corporate number “1234567890001” has already been issued. Check if it is a corporate number. That is, the corporation number authentication unit 611 checks whether there is a corporation identified by the corporation number. Also, it is checked whether the company information of the domain application form matches the company information of the corporate number database 615 stored in the corporate number authentication unit 611.
By checking the corporate number authentication unit 611, it can be confirmed that ABC Corporation exists. Note that this corporate number authentication unit 611 cannot check that the domain application form is an application from ABC Corporation. The check by the corporation number authentication unit 611 is satisfied if the corporation number of ABC Corporation exists, whether or not the domain application form is an application from ABC Corporation.

When the authentication center server 610 receives the corporate number “1234567890001” and the electronic certificate from the web device 100, the electronic authentication unit 613 inquires of an external certificate authority and the electronic certificate is issued to ABC Corporation. Certify that By checking with the electronic certificate of the electronic authentication unit 613, it can be confirmed that the domain application form is truly an application from ABC Corporation.
When the web apparatus 100 is a certificate authority, there is no need to make an inquiry to an external certificate authority.

When the authentication center server 610 receives the location authentication number, the time authentication number, and the terminal authentication number from the web device 100, the location / time terminal authentication unit 614 sends the location authentication number, the time authentication number, and the terminal authentication number to the ABC company. It authenticates that it has been issued to the device 800.
Further, the position / time terminal authentication unit 614 verifies the position, the time, and the terminal using the corporation number database 615.

The position / time terminal authentication unit 614 checks whether the address of the company recorded in the corporation number database 615 matches the position of the transmitting device 800 identified by the position authentication number. For example, when the position of the transmitting device 800 determined by the position authentication number is specified by longitude, latitude, and altitude, the longitude and latitude of the transmitting device 800 match the latitude and longitude of the company address recorded in the corporate number database 615. Then, it is checked whether the altitude of the transmitting device 800 is within the height of the company building recorded in the corporation number database 615.
In addition, when a position registered as an available range is recorded in the corporate number database 615 as company information in addition to the company address, the position registered as the available range and the transmission determined by the position authentication number are transmitted. Check whether the position of the device 800 matches. The position registered as the usable range is, for example, a branch address, a factory address, a sales store address, a business route, a delivery route, or a range within 100 meters from each address and each route described above. However, it is not limited to these.

Further, the position / time terminal authentication unit 614 uses the company holidays and company working hours recorded in the corporate number database 615, and the time determined by the time authentication number is within the company working hours or late at night. It is checked whether the time determined by the time authentication number is a holiday.
If the time authentication number is a time stamp token, the position / time terminal authentication unit 614 performs data existence proof and data integrity proof of the document data using the time stamp token. That is, the position / time terminal authentication unit 614 obtains the document data in which the time stamp token was used, and obtains the data indicating that the document data in which the time stamp token was used existed at the time determined by the time stamp token. It verifies the existence and verifies the data integrity that the contents of the document data using the time stamp token after the time determined by the time stamp token have not been tampered with.

  Further, the position / time terminal authentication unit 614 checks whether the terminal number of the transmitting device 800 recorded in the corporation number database 615 matches the terminal number identified by the terminal authentication number. As the terminal number, for example, the asset management number of the transmitting device 800 or the MAC address of the transmitting device 800 described in the asset management ledger of the company can be used.

Step R4: Pass When the corporate number authentication unit 611, the electronic authentication unit 613, and the position / time terminal authentication unit 614 all obtain the authentication result, the authentication center server 610 issues a pass notification and transmits it to the web device 100. .
If any of the corporate number authentication unit 611, the electronic authentication unit 613, and the position / time terminal authentication unit 614 cannot be authenticated, a failure notification is issued and transmitted to the web device 100.

Step R5: When the corporate domain application management unit 150 receives the rejection notification, the management unit 150 transmits a rejection notification to the effect that the corporate domain application is rejected to the transmitting device 800.
When the management unit 150 receives the pass notification, the management unit 150 leaves the process to the domain issuing unit 156.
The domain issuing unit 156 transmits a domain registration application to the registry server 630. That is, the domain issuing unit 156 applies to the registry server 630 for registration of the corporation number domain “1234567890001.co.jp” using the corporation number “1234567890001”. The domain registration application is performed using a shared registration system (SRS) provided by the registry server 630.

Step R6: Domain Confirmation The registry server 630 determines whether or not registration of the corporate number domain “1234567890001.co.jp” is possible using the shared registration system (SRS). If the corporate number domain “1234567890001.co.jp” can be registered, the registry server 630 registers the corporate number domain “1234567890001.co.jp” as a domain name in the registry database.

Step R7: Result Notification The registry server 630 transmits a registration notification registered in the registry database to the web device 100 with the corporate number domain “1234567890001.co.jp” as a domain name. The registration notice describes the corporate number domain “1234567890001.co.jp” and the IP address “11.2.33.34.44” corresponding to the corporate number domain.

Step R8: Corporate Domain Issuance When the management unit 150 receives the registration notification, the domain issuing unit 156 officially issues the corporate number domain “1234567890001.co.jp”.

Step R9: Saving Corporate Domain The domain issuing unit 156 registers the corporate number domain “1234567890001.co.jp” in the domain table 250. At this point, the web address 251 has not been registered in the domain table 250 yet.
Also, the domain issuing unit 156 registers the corporate number domain “1234567890001.co.jp” and the IP address “11.2.33.34” in the IP table 260.

Step R10: Corporate domain transmission The domain issuing unit 156 transmits the corporate number domain “1234567890001.co.jp” to the transmitting device 800.
At this point, the transmitting device 800 has acquired the corporate number domain “1234567890001.co.jp”, and can use this corporate number domain in exactly the same way as a normal domain.

<<<< Email address issuance >>>>
Steps R11 to R17 in FIG. 8 are flowcharts showing the operation of the web device 100 for issuing a mail address.
Here, an operation of issuing a mail address using a corporate number domain will be described.
This operation may be performed any time after the acquisition of the corporate number domain in step R10.

Step R11: Send E-mail Address Application Form Including Corporate Number Domain If ABC Co., Ltd. wants to acquire the e-mail address “Suzuki@1234567890001.co.jp” of the employee Suzuki, it requests the transmission device 800 to issue an e-mail address. The e-mail address application is transmitted to the web device 100. When creating the mail address application, the transmitting device 800 causes the employee Suzuki to read the information of the personal number card owned by Suzuki from the card reader, so that Suzuki himself can perform the mail address application procedure. You may confirm your identity. Then, transmitting apparatus 800 reads card record items such as Suzuki's name, address, date of birth, gender, and personal number from the personal number card by an electromagnetic method.
The e-mail address application includes the e-mail address "suzuki@1234567890001.co.jp" for which issuance is requested, Suzuki's personal information, the electronic certificate of the corporation that sent the e-mail address application, the location authentication number, the time authentication number, and the terminal. The certification number is described. Suzuki's personal information includes 12-digit personal number “0000000000001”, card record items such as name, address, date of birth, and gender, as well as company name, employee code, office, and location.

Step R12: Corporate Number Confirmation, Authentication Number Confirmation, and Personal Number Confirmation The receiving unit 140 of the web device 100 receives the mail address application.
The management unit 150 determines the type of the received document, and if the received document is a mail address application, entrusts the processing to the authentication unit 151.
The authentication unit 151 extracts the corporate number from the mail address application form and transmits the corporate number “1234567890001” to the authentication center server 610 via the transmission unit 130. The authentication unit 151 extracts the personal information, the electronic certificate, the location authentication number, the time authentication number, and the terminal authentication number from the mail address application, and transmits the personal number, the electronic certificate, the location authentication number, and the The time authentication number and the terminal authentication number are transmitted to the authentication center server 610.

Step R13: Authentication The same authentication as step R3 is performed.
Further, the personal number authentication unit 612 checks whether or not the personal number “0000000000001” in the personal information is an already issued personal number. That is, the personal number authentication unit 612 uses the personal number database 616 to check whether there is an individual identified by the personal number. Also, the personal number authentication unit 612 checks whether the other personal information matches the personal information in the personal number database 616 stored in the personal number authentication unit 612.
By checking the personal number authentication unit 612, it can be confirmed that Suzuki exists. Note that the personal number authentication unit 612 cannot check that the request is from Suzuki. The check by the personal number authentication unit 612 will be satisfied if the Suzuki's personal number is present, even if it is not an application from Suzuki. If the card is read by the card reader, Suzuki himself can be confirmed.

Step R14: Pass The same pass notification or rejection notice as in step R4 described above is transmitted.

Step R15: Local Part Issuance When the management unit 150 receives the rejection notice, the management unit 150 transmits a rejection notice to the effect that the e-mail address is rejected to the transmitting device 800.

When the management unit 150 receives the pass notification, the authentication unit 151 determines that the corporate number used in the email address application has been authenticated, and then stores the corporate number domain used in the email address application in the domain table 250. By verifying whether or not it matches the corporate number domain 252 recorded in the e-mail address application, the corporate number domain used in the mail address application form is authenticated.
When the corporate number and the corporate number domain can be authenticated, the mail address issuing unit 153 officially issues the mail address “suzuki@1234567890001.co.jp”.

Step R16: Mail Address Storage The mail address issuing unit 153 registers the mail address “suzuki@1234567890001.co.jp” in the personal number table 240.

Since the web device 100 has a specific personal information file 270 in which a personal number and personal information corresponding to the personal number are recorded in advance, the mail address issuing unit 153 stores the personal information of ABC Co., Ltd. The personal information in the information file 270 is collated, and the personal number of Suzuki of ABC Co., Ltd. is obtained.
For this comparison, the name of the Suzuki, the name of the working company, the employee code, the office, and the place of work described in the e-mail address application are used. The e-mail address issuing unit 153 registers the personal number of Suzuki of ABC Corporation acquired from the specific personal information file 270 in the personal number table 240.
At this point, the personal number 241 and the mail address 242 have been registered in the personal number table 240.
When the specific personal information file 270 does not exist in the web device 100, the mail address issuing unit 153 accesses the company computer of ABC Co., Ltd., and compares it with the personal information of the specific personal information file in the company computer. Then, Suzuki's personal number may be obtained.

Step R17: Send Email Address The email address issuing unit 153 sends the email address “suzuki@1234567890001.co.jp” to the transmitting device 800. At this point, the transmitting apparatus 800 has obtained the mail address “suzuki@1234567890001.co.jp”, and can use this mail address in the same manner as a normal mail address.

<<<< Web address registration application >>>>
FIG. 9 is a flowchart showing the operation of the web device 100 for registering a web address.
Since the corporate number is a 13-digit number, the corporate number domain is considered to be difficult to handle. Therefore, it is preferable that a corporate web address is made available by associating a corporate number domain with a web address.
Here, a case will be described in which ABC Co., Ltd. registers the corporation number domain “1234567890001.co.jp” in association with the ABC Corporation web address “ABCkaishaweb.co.jp”.
This operation may be performed any time after the acquisition of the corporate number domain in step R10.
A method of using the corporate number domain and the web address after registration will be described with reference to FIG.

Step R18: Transmit Web Application Form Including Web Address The transmitting device 800 sends a Web application form requesting registration of the correspondence between the corporate number domain “1234567890001.co.jp” and the web address “ABCkaishaweb.co.jp”. The information is transmitted to the web device 100. The web application includes a corporate number domain “1234567890001.co.jp”, a web address “ABCkaishaweb.co.jp”, an electronic certificate, a location authentication number, a time authentication number, and a terminal authentication number.

Step R19: Corporate Number Confirmation The receiving unit 140 of the web device 100 receives the web application form.
The management unit 150 determines the type of the received document, and if the received document is a web application, entrusts the processing to the authentication unit 151.
The authentication unit 151 extracts the corporate number from the web application, and transmits the corporate number “1234567890001” to the authentication center server 610 via the transmission unit 130. The authentication unit 151 extracts the electronic certificate, the position authentication number, the time authentication number, and the terminal authentication number from the web application, and sends the electronic certificate, the position authentication number, the time authentication number, and the terminal authentication number via the transmission unit 130. To the authentication center server 610.

Step R20: Authentication The same authentication as step R3 is performed.

Step R21: Pass The same pass notification or rejection notice as in step R4 described above is transmitted.

Step R22: Web address storage When the management unit 150 receives the rejection notification, the management unit 150 transmits a rejection notification to the effect that the application for the web address is rejected to the transmission device 800.
When the management unit 150 receives the pass notification, the authentication unit 151 determines that the corporate number used in the web application has been authenticated, and then records the corporate number domain used in the web application in the domain table 250. By checking whether or not it matches the entered corporate number domain 252, the corporate number domain used in the web application is authenticated.
When the corporate number and the corporate number domain can be authenticated, the IP address conversion unit 154 registers the web address “ABCkaishaweb.co.jp” in the domain table 250 in association with the corporate number domain “1234567890001.co.jp”. I do. At this point, the web address 251 and the corporate number domain 252 have been registered in the domain table 250.

Step R23: Result notification The IP address conversion unit 154 transmits to the transmitting device 800 that the web address "ABCkaishaweb.co.jp" has been registered in correspondence with the corporate number domain "1234567890001.co.jp".

Note that the HP server 620 can also acquire the corporate number domain and register the web address in the same manner as the transmitting device 800.
For example, the corporate number domain of the HP server 620 is “1234567890002.co.jp” shown in FIG. 6, and the web address is “XYZcompanyweb.co.jp”.

<<<< Document authentication and transfer >>>>
FIG. 10 is a flowchart showing the document authentication operation of the web apparatus 100.
Here, an operation in which the web device 100 receives the document 50 from the transmission device 800 and transfers the document 50 to the reception device 900 will be described.

Step S1: Document Transmission Using Corporate Number Domain The transmission device 800 transmits the document 50 shown in FIG. The document 50 is a message from the transmitting device 800 to the receiving device 900.
In the document 50, a transmission address 51 in which a corporation number domain including a corporation number "1234567890001" is described, and a reception address 52 are described. The receiving address 52 may not be a mail address using the corporate number domain. Further, the document 50 includes a certificate 54 having an electronic certificate, a position authentication number, a time authentication number, and a terminal authentication number linked to the corporate number.
When the transmission address 51 of the document 50 includes an e-mail address that does not use the corporate number domain, the program that operates on the transmission device 800 transmits the document 50 to the reception device 900 as usual. On the other hand, when the transmission address 51 of the document 50 includes the corporate number domain, the program operating on the transmission device 800 transmits the document 50 to the web device 100 instead of transmitting the document 50 to the reception device 900.

Step S2: Corporate Number Confirmation and Authentication Number Confirmation The receiving unit 140 of the web device 100 receives the document 50.
The management unit 150 determines the type of the received document, and if the received document is the document 50, entrusts the processing to the authentication unit 151. The authentication unit 151 extracts the corporation number “1234567890001” from the transmission address 51 of the document 50, and transmits the corporation number “1234567890001” to the authentication center server 610 via the transmission unit 130.
The authentication unit 151 extracts the electronic certificate, the position authentication number, the time authentication number, and the terminal authentication number from the document 50, and sends the electronic certificate, the position authentication number, the time authentication number, and the terminal authentication via the transmitting unit 130. The number is transmitted to the authentication center server 610.

Step S3: Authentication The same authentication as in step R3 described above is performed.

Step S4: Pass The same pass or fail notification as in Step R4 described above is transmitted.

Step S5: When the document storage management unit 150 receives the rejection notification, the management unit 150 transmits a rejection notification that the transfer of the document 50 is rejected to the transmission device 800.
When the management unit 150 receives the pass notification, the authentication unit 151 determines that the corporate number used for the transmission address 51 of the document 50 has been authenticated, and then determines the corporate number domain used for the transmission address 51 of the document 50. Is checked with the corporate number domain 252 recorded in the domain table 250 to authenticate the corporate number domain used for the transmission address 51 of the document 50.
When the corporate number and the corporate number domain can be authenticated, the management unit 150 assigns a new number to the document ID 221 of the document table 220, registers the document 50 in the main memory 103 in the document 222, and outputs the authentication result 223. Is registered in "OK".
Also, the same ID as the document ID 221 is recorded in the document ID 231 of the trace information table 230. At this point, the opening device address 232 and the opening time 233 of the trace information table 230 have not been registered.

Step S6: Document transmission The management unit 150 transmits the document 50 in the main memory 103 to the receiving device 900.

Step S7: Receiving Document The receiving device 900 receives the document 50 from the web device 100.

Step S8: Authentication Request The receiving device 900 transmits an authentication request for requesting authentication of the received document 50 to the web device 100.
The program that runs on the receiving device 900 performs reception processing as usual when the transmission address 51 of the document 50 includes an e-mail address that does not use the corporate number domain.
However, the program operating on the receiving device 900 transmits an authentication request to the web device 100 when the transmission address 51 of the document 50 includes the corporate number domain.
In this authentication request, the corporate number “1234567890001” is described, and the electronic certificate, the position authentication number, the time authentication number, and the terminal authentication number associated with the corporate number are included. Alternatively, the document 50 itself may be attached to this authentication request.

Step S9: Corporate Number Confirmation and Authentication Number Confirmation The management unit 150 determines the type of the received document, and if the received document is an authentication request, leaves the process to the authentication unit 151.
The authentication unit 151 extracts the corporate number from the authentication request, and transmits the corporate number “1234567890001” to the authentication center server 610 via the transmission unit 130. The authentication unit 151 extracts the electronic certificate, the position authentication number, the time authentication number, and the terminal authentication number from the authentication request, and converts the electronic certificate, the position authentication number, the time authentication number, and the terminal authentication number via the transmission unit 130. This is transmitted to the authentication center server 610.

Step S10: Authentication The same authentication as step R3 is performed.

Step S11: Pass The same pass or fail notification as in step R4 is transmitted.

Step S12: Pass Notification When the management unit 150 receives the rejection notification, the management unit 150 transmits a rejection notification instructing refusal to open the document 50 to the receiving device 900.
When the management unit 150 receives the pass notification, the authentication unit 151 determines that the corporate number used for the transmission address 51 of the document 50 has been authenticated, and then determines the corporate number domain used for the transmission address 51 of the document 50. Is checked with the corporate number domain 252 recorded in the domain table 250 to authenticate the corporate number domain used for the transmission address 51 of the document 50.
When the corporate number and the corporate number domain can be authenticated, the management unit 150 overwrites and records “OK” in the authentication result 223 of the document table 220, and transmits a pass notification to the receiving apparatus 900.

Step S13: Document Open Receiving device 900, upon receiving the pass notification, opens document 50 and checks whether the document 50 is an application from ABC Corporation using an electronic certificate. By checking with the electronic certificate of the electronic authentication unit 613, it can be confirmed that the document 50 is truly transmitted from ABC Corporation.

Step S14: Opening Notification The receiving device 900 transmits an opening notification indicating that the document 50 has been opened to the web device 100. In the opening notification, the opening device address, the fact of opening, and the opening time of the receiving device 900 that opened the document 50 are recorded. Further, the open notification may include the sender information of the document, the transmission date and time of the document, the reception date and time of the document, the size of the received document, and the data format of the received document. The tracing unit 152 records various information included in the opening notification in the trace information table 230 as opening information.

Step S15: When the trace information storage management unit 150 receives the opening notification, the processing is entrusted to the trace unit 152.
The tracing unit 152 records the trace information in the trace information table 230. Specifically, the tracing unit 152 records various information included in the opening notification as opening information in association with the document ID 231 of the trace information table 230.
FIG. 4 shows a case where the opening device address 232 and the opening time 233 are recorded.
Although not shown in FIG. 4, the sender notice of the document 50, the transmission date and time of the document 50, the reception date and time of the document 50, the size of the received document 50, and the data of the received document 50 are included in the opening notification. If the format is included as the opening information, the trace unit 152 records the reception date and time, the size, and the data format in the trace information table 230.
For example, in the opening notification, the transmission address “suzuki@1234567890001.co.jp” as the sender information of the document 50, “December 01, 2015 08:00:00” as the transmission date and time of the document 50, and the reception date and time of the document 50 "09:50:01, December 01, 2015", "10 kilobytes" as the size of the received document 50, and ".PDF" which is the file extension of the document as the data format of the received document 50. If it is included, the tracing unit 152
Sender information of document 50 = “suzuki@1234567890001.co.jp”,
Transmission date and time of the document 50 = “08:00:00 on December 01, 2015”,
Document 50 reception date and time = "09:50:01 on December 01, 2015"
Document 50 size = "10 kilobytes",
Data format of document 50 = ".PDF"
Is recorded in the trace information table 230.
Note that the open notification need not include all information on the sender information of the document 50, the transmission date and time of the document 50, the reception date and time of the document, the size of the received document, and the data format of the received document. The tracing unit 152 records the information in the open notification in the trace information table 230.

Step S16: Opening Notification The tracing unit 152 transmits an opening notification to the transmitting device 800.
When transmitting apparatus 800 receives the opening notification, transmitting apparatus 800 knows that document 50 has arrived at receiving apparatus 900 and has been opened.

<<< Domain name system >>>
FIG. 11 is a flowchart showing an operation of address resolution from the domain name of the web device 100 to the IP address.
Here, a case will be described where transmitting apparatus 800 accesses the home page of HP server 620. As described above, the corporate number domain of HP server 620 is “1234567890002.co.jp” shown in FIG. 6, and the web address is “XYZcompanyweb.co.jp”.

Step T1: Request for Searching IP Address by Domain Name When transmitting apparatus 800 searches for a home page by domain name, usually, a human-readable web address “XYZcompanyweb.co.jp”, that is, a domain name is input. Since transmitting apparatus 800 must convert this domain name into an IP address, transmitting apparatus 800 issues a request to search for an IP address corresponding to “XYZcompanyweb.co.jp”.
“XYZcompanyweb.co.jp” is described in the search request, and the corporation number of the corporation that owns the transmitting device 800, the electronic certificate associated with the corporation number, the location authentication number, and the time authentication number And a terminal authentication number.

Step T2: Corporate Number Confirmation and Authentication Number Confirmation The IP address conversion unit 154 extracts the corporate number of the corporation that owns the transmitting device 800 from the search request, and passes the corporate number “1234567890001” to the authentication center server 610 via the transmitting unit 130. Send to The authentication unit 151 extracts the electronic certificate, the position authentication number, the time authentication number, and the terminal authentication number from the search request, and converts the electronic certificate, the position authentication number, the time authentication number, and the terminal authentication number via the transmission unit 130. This is transmitted to the authentication center server 610.

Step T3: Authentication The same authentication as in Step R3 described above is performed.

Step T4: Pass The same pass or fail notification as in Step R4 described above is transmitted.

Step T5: Convert Domain Name to Corporate Number Domain When the management unit 150 receives the rejection notification, the management unit 150 transmits a rejection notification to the effect that address resolution is rejected to the transmitting device 800.
When the management unit 150 transmits the pass notification, the IP address conversion unit 154 searches the web address 251 of the domain table 250 for “XYZcompanyweb.co.jp” and acquires the corporate number domain “1234567890002.co.jp”. .

Step T6: Convert Corporate Number Domain to IP Address Next, the IP address conversion unit 154 searches “1234567890002.co.jp” from the corporate number domain 261 of the IP table 260, and obtains the IP address “55.66.77”. .88 ".

Step T7: IP Address Transmission The IP address conversion unit 154 transmits the obtained IP address “55.66.77.88” to the transmission device 800.

Step T8: Access to HP by IP address The transmitting device 800 receives the IP address “55.66.77.88” and accesses the homepage of the HP server 620 using the IP address “55.66.77.88”. I do.

Step T9: HP display The HP server 620 identified by the IP address “55.66.77.88” displays the home page on the transmission device 800.

<<<< Notification of personal number >>>>
FIG. 12 is a flowchart illustrating the operation of notifying the web device 100 of the personal number.
Here, for example, a case will be described in which the recipient is a tax accountant authorized to obtain a personal number of Suzuki, and the sender Suzuki discloses his / her personal number to the tax accountant.

Step U1: E-mail transmission using corporate number domain The transmission device 800 transmits an e-mail to the web device 100. This e-mail requests that the e-mail sender Suzuki discloses his / her personal number to the recipient, a tax accountant.
The e-mail has the same format as the document 50 shown in FIG. 2, and the sender's e-mail address “suzuki@1234567890001.co.jp” is entered as the transmission address 51. The mail address has a local part “suzuki” for specifying the sender and a domain part “1234567890001.co.jp”. In the domain part, the corporation number “1234567890001” is described.

Step U2: E-mail reception The receiving device 900 receives an e-mail.

Step U3: Email Address Notification The receiving device 900 notifies the web device 100 of the email address “suzuki@1234567890001.co.jp” of the sender of the received email. At that time, the owner of the receiving device 900 must be a person authorized to handle Suzuki's personal information, and the recipient must be a "personal number use clerk" or "personal number-related clerk" Is also transmitted. For example, an electronic certificate indicating that the recipient is a “personal number use clerk” or “personal number related clerk” is attached.

Step U4: Corporate Number Confirmation and Authentication Number Confirmation The management unit 150 extracts the corporate number of the corporation that owns the transmitting device 800 from the notification, and transmits the corporate number “1234567890001” and the electronic certificate via the transmitting unit 130 to the authentication center server. 610.

Step U5: Authentication The same authentication as in step R3 described above is performed on the corporate number “1234567890001” and the electronic certificate.

Step U6: Pass A pass notification or a reject notification similar to that in Step R4 described above is transmitted to the corporation number "1234567890001" and the electronic certificate.

Step U7: Converting E-mail Address to Personal Number When the management unit 150 receives the rejection notification, the management unit 150 transmits a rejection notification to the effect that the notification of the personal number is rejected to the receiving device 900.
When the management unit 150 receives the pass notification, the authentication unit 151 determines that the corporation number “1234567890001” used for the sender's mail address “suzuki@1234567890001.co.jp” has been authenticated, and then determines that the sender By checking whether the corporate number domain “1234567890001.co.jp” used for the e-mail address matches the corporate number domain 252 recorded in the domain table 250, the corporate number domain used for the sender's e-mail address Authenticate.
When the corporate number and the corporate number domain can be authenticated, the personal number conversion unit 155 searches for “suzuki@1234567890001.co.jp” from the mail address 242 of the personal number table 240, and obtains the Suzuki personal number “0000000000001”. To get.

Step U8: Transmission of Personal Number The personal number conversion unit 155 encrypts the acquired personal number “0000000000001” of Suzuki and transmits it to the receiving device 900. However, the personal number is transmitted only when the owner of the receiving device 900 is authorized to handle personal information and the recipient is a “personal number user clerk” or “personal number related clerk” I do.

Step U9: Receiving Personal Number The receiving device 900 receives the encrypted Suzuki's personal number “0000000000001”, and the tax accountant decompresses the encrypted personal number and uses it for tax processing.
The tax accountant is an example of a person who collects personal numbers or an example of a person who receives provision of personal numbers.

*** Explanation of effect of embodiment ***
In this embodiment, as shown in steps R1 to R10 in FIG. 8, when issuing a corporate number domain, the domain applicant sends company information including the corporate number to the web device 100, and 100 is authenticated by an authentication center and issues a corporate number domain after authentication.
Also, as shown in steps R11 to R17 in FIG. 8, the web device 100 authenticates the personal number when issuing the local part of the mail address.
With these authentications, the domain, the corporate number, and the personal number are linked, so that it is possible to more reliably prove who and who sent the data in the data transfer using the email address, High data transfer becomes possible.

In the present embodiment, as shown in FIG. 10, the data transfer cloud system utilizing the corporate number domain has been described. However, since the corporate number domain is authenticated by using this cloud system, a high creditworthiness is obtained. Data transfer becomes possible, and the risk of spoofing and spam is reduced.
In addition, the sender can use various numbers (corporate number / location authentication number / time authentication number / terminal authentication number / digital certificate) so that who belongs to which corporation, when, where, and from which terminal It becomes possible to authenticate whether or not it was sent.
Further, since the document 50 is stored in the storage and the opening information is acquired and recorded, the traceability of the document is improved.

Also, since the corporate number is a 13-digit number, its convenience is low, and it is expected that the corporate number domain will not penetrate. Therefore, in the present embodiment, as shown in FIG. 11, the corporate number domain can be linked to the existing domain that can be selected by the applicant by the IP address conversion unit 154.
With the address resolution function of the IP address conversion unit 154, the existing domain is converted into a corporate number domain, the corporate domain is converted into an IP address, and the selected server can be accessed. Since the existing domain is converted to a corporate number domain and authenticates the corporate number, security is improved.

Further, in the present embodiment, as shown in FIG. 12, an e-mail address using a corporate number domain is sent to a recipient instead of a personal number, and transmission of the personal number to the recipient is requested. Does not need to send a personal number, and the security of the personal number is improved.
When the receiver makes an inquiry about the personal number to the web apparatus 100, the web apparatus 100 authenticates the corporate number of the sender, and then converts the mail address of the sender into the personal number of the sender. Improve the character.

*** Other configuration ***
If transmitting apparatus 800 functions as receiving apparatus 900 and receiving apparatus 900 also functions as transmitting apparatus 800, transmitting apparatus 800 and receiving apparatus 900 can transmit and receive data to and from each other.
Further, a plurality of transmitting apparatuses 800 and receiving apparatuses 900 may exist.

The receiving address 52 of the document 50 shown in FIG. 2 does not need to use the corporate number domain.
As illustrated in FIG. 2, when the document 50 includes the reception address 52 using the corporate number domain, the authentication unit 151 determines the corporate number used for the corporate number domain of the reception address 52 in step S2. The verification may be performed by the corporate number authentication unit 611 of the authentication center server 610.

When the receiving apparatus 900 transmits the opening notification of the document 50 to the web apparatus 100 in step S14, similarly to the transmitting apparatus 800, the receiving apparatus 900 uses various numbers (corporate number, location authentication number, and time authentication number) of the receiving apparatus 900. (Terminal authentication number / electronic certificate) may be transmitted to the web apparatus 100 together with the opening notification. The web apparatus 100 can authenticate the receiving apparatus 900 by receiving various numbers (corporate number, location authentication number, time authentication number, terminal authentication number, and digital certificate) from the receiving apparatus 900, and belongs to any corporation. It is possible to authenticate who, when, where, and from which terminal received data.
It is preferable that the digital certificate, the location authentication number, the time authentication number, and the terminal authentication number are all used in the document or the application form to improve security. Neither the authentication number nor the terminal authentication number may be used, or one or more of them may be used.

In the domain name, the top-level domain does not include a country code such as “jp”, but may be a generic top-level domain such as “com” or “tokyo”. For example, “1234567890001.com” or “1234567890001.tokyo” may be used.
Further, the third level domain is not limited to the company number, but may be a description other than the company number. For example, “1234567890001ABCkaisha.co.jp” or “XYZcompany1234567890002.co.jp” may be used, and the third level domain may include the corporation number. Also, it is only necessary that the domain name includes the corporate number.

The web device 100 may have a conversion function of converting a mail address not using the corporate number domain into a mail address using the corporate number domain.
In the case where the mail address conversion function is provided, even if the mail address not using the corporate number domain is described in the transmission address 51 of the document 50 in step S1 of FIG. It may be transmitted to the device 100. In this case, the IP address conversion unit 154 of the web apparatus 100 checks whether the domain name of the mail address matches the web address 251 of the domain table 250, converts the domain name into a corporate number domain corresponding to the web address 251, and performs authentication. The unit 151 authenticates the corporation number and the corporation number domain, and can connect to a subsequent step.
If the domain name of the mail address does not exist in the web address 251 of the domain table 250, the IP address conversion unit 154 returns a notification that processing is impossible to the transmitting device 800. When receiving the notification that the processing cannot be performed, the transmitting apparatus 800 transmits the document 50 to the transmission address 51 via the network 700 as usual.

Similarly, in step S8 in FIG. 10 and in step 108 in FIG. 13, even when a mail address that does not use the corporate number domain is sent from the receiving device 900, the IP address conversion unit 154 checks the domain name of the mail address. Is matched with the web address 251 of the domain table 250, and is converted into a corporate number domain corresponding to the web address 251, and the authentication unit 151 can authenticate the corporate number and the corporate number domain.
Thus, if the domain table 250 exists, the web device 100 can also process the document 50 using the mail address using the web address as the domain name.
Similarly, the web device 100 may have a web address conversion function of converting a web address not using the corporate number domain into a web address using the corporate number domain. For example, when the web device 100 receives the web address “www.ABCkaishaweb.co.jp”, the IP address conversion unit 154 checks whether the web address 251 matches the web address 251 of the domain table 250, and “www.ABCkaishaweb.com”. co.jp "is converted to" 1234567890001.co.jp ", and the authentication unit 151 authenticates the corporation number and the corporation number domain, and can connect to a subsequent step.

In steps R2, R12, R19, steps S2, S9, step T2, and step U4, only the confirmation of the corporation number may be performed. In that case, the authentication center server 610 only needs to be configured with the corporate number authentication unit 611, and the authentication of the authentication center server 610 can be performed only for the corporate number. However, if the authentication center server 610 includes the personal number authentication unit 612, the electronic authentication unit 613, and the position / time terminal authentication unit 614, the authentication by the personal number authentication unit 612, the electronic authentication unit 613, and the position / time terminal authentication unit 614 is performed. And security is improved.
In steps R15, R22, steps S5, S12, and step U7, the process is continued when the corporation number and the corporation number domain can be authenticated, but the authentication unit 151 may omit the authentication of the corporation number domain. . In that case, the processing is continued only by the authentication of the corporate number by the authentication center server 610. However, it is preferable that the authentication unit 151 authenticates the corporate number domain because security is improved.
Further, the authentication unit 151 may authenticate the corporate number by checking whether the corporate number domain described in the document or the application form matches the corporate number domain 252 of the domain table 250. Since the corporate number domain 252 of the domain table 250 is registered after the corporate number is authenticated in step R2, the corporate number domain described in the document or the application form is the same as the corporate number domain 252 of the domain table 250. This is because a match is considered to be equivalent to the fact that the corporate number has been authenticated. When the corporate number is authenticated by matching the corporate number domain with the corporate number domain 252 of the domain table 250, the authentication unit 151 may omit the authentication of the corporate number by the authentication center server 610.
Further, when authenticating the corporate number domain, the authentication unit 151 may check whether or not it matches the corporate number domain 261 of the IP table 260 and authenticate the corporate number domain. Further, the authentication unit 151 may use the IP address of the transmitting device 800 that has transmitted the document or the application to check whether the IP address 262 matches the IP address 262 of the IP table 260 and authenticate the corporate number domain. In this manner, if the authentication unit 151 authenticates the corporate number domain using the IP table 260, security is further improved.
Also, although not stipulated in the My Number Act, if a corporate number card is issued in the same way as a personal number card, the transmitting device 800 reads the corporate number card with a card reader, and You may authenticate that you are doing the procedure. A corporate number card is a card issued only to a corporation by a public organization or a trusted private organization, and contains the corporate name, address, corporate number, and other corporate information, and these items are recorded by electromagnetic means. Cards The transmitting device 800 transmits the document or the application by writing the authentication result of the authentication of the corporate number by the corporate number card in the transmitting device 800 in the document or the application. The authentication unit 151 determines that the corporate number has been authenticated by confirming that the authentication result that the corporate number is authenticated by the corporate number card is described in the document or the application form. Authentication may be omitted.
When the authentication center server 610 has a record of a corporate number and a corporate number domain, the authentication center server 610 can authenticate the corporate number domain. 610. For example, the corporation number database 615 records the corporation number domain corresponding to the corporation number, and by searching the corporation number database 615, both the corporation number and the corporation number domain exist. It can authenticate that the corporate number domain correctly corresponds to the corporate number domain.
Further, the web device 100 and the authentication center server 610 may be realized by the same server. When the web device 100 and the authentication center server 610 are realized by the same server, the verification of the authentication unit 151 can be performed in the same server.
As described above, the authentication of the authentication unit 151 is for authenticating the corporate number and the corporate number domain. However, when the authentication of the corporate number domain also serves as the authentication of the corporate number domain, the authentication of the corporate number domain is omitted. I just need. If at least one of the corporate number and the corporate number domain is authenticated, the authentication unit 151 has authenticated the corporate number.
In addition, the authentication of one or both of the corporate number and the corporate number domain of the authentication unit 151 includes the case where the authentication unit 151 authenticates itself, and confirms the notification of the authentication result by the authentication center server 610 or the transmission device 800. Also includes authentication with
Note that assuming that the corporate number database 615 held by the authentication center server 610 is a reliable database that records the latest information, the authentication unit 151 performs the processing of the corporate number by the authentication center server 610. It is desirable to authenticate each time a document or application is received. Since the corporation number database 615 records real-time information such as the disappearance of a corporation due to an absorption merger or liquidation, and the occurrence of a corporation due to new registration, the reliability of data communication through authentication of a corporation number is improved.

  In step R11 of FIG. 8, an electronic certificate for authenticating an individual may be transmitted together with the mail address application. When the authentication unit 151 or the electronic authentication unit 613 verifies the electronic certificate for authenticating the individual, it is possible to confirm that the sender of the mail address application is the true sender.

In step R11 of FIG. 8, a private number backed by a personal number other than the personal number may be transmitted. The private number is a number for identifying an individual. Specific examples of the private number include an employee code, a driver's license number, a health insurance card number, a resident card code defined in the Basic Resident Register Act, and a mobile phone SIM card (Subscriber). ID number, credit card number, and the like. The private number backed by a personal number refers to a number associated with the personal number by the company after the company confirms the personal number of the employee. Here, the meaning of being backed by a personal number means that a private number corresponding to the personal number is registered in the specific personal information file 270.
When the personal number is not transmitted, the management unit 150 searches the specific personal information file 270 using the private number, and acquires a 12-digit personal number corresponding to the private number. The processing after the acquisition of the 12-digit personal number is the same as that after step R12.
When the private number backed by the personal number is transmitted, since the private number is already associated with the personal number in a one-to-one correspondence, the management unit 150 specifies the private number using the private number. The personal information file 270 may be searched, and if a private number exists, the existence of the personal number may be confirmed. In this case, the management unit 150 does not need to acquire the personal number from the specific personal information file 270, and can omit the operation of confirming the personal number in step R12.

  When the authentication center server 610 has the function of a certificate authority, and the authentication center server 610 has issued an electronic certificate, the electronic authentication unit 613 sends an electronic certificate to an external certificate authority in order to verify the electronic certificate. No need to ask.

The personal number table 240 shown in FIG. 5, the domain table 250 shown in FIG. 6, and the IP table 260 shown in FIG. 7 may be prepared in the storage unit 200 when the web apparatus 100 is initially operated.
When the corporate number domain system 10 is set up, the system designer preliminarily sets the personal number 241 of the employee, the email address 242 of the employee, the web address 251 of the corporate, and the IP address 262 of the web address 251 from the corporation using the corporate number domain. You only need to get it.

  The file format of each table in FIGS. 3 to 7 may be any format such as an index file, a sequential file, and a relational database.

  The document table 220 in FIG. 3 and the trace information table 230 in FIG. 4 need not be separate tables, but may be one table.

  The domain table 250 in FIG. 6 and the IP table 260 in FIG. 7 need not be separate tables, but may be one table.

The registry server 630 does not need to manage the registry database that registers “.jp”, and may store other existing top-level files such as “.com”, “.org”, “.net”, “.go”. You may manage the registry database which registers a domain.
Further, the registry server 630 may have a registry database for registering a new top-level domain dedicated to a corporate number domain instead of registering an existing top-level domain. For example, it is assumed that the registry server 630 manages a registry database for registering a top-level domain dedicated to a corporate number domain called “.comno”. When the domain issuing unit 156 has applied for the corporate number domain “1234567890001.comno” using the corporate number “1234567890001” to the registry server 630 using the shared registration system (SRS), the registry server 630 sets “ "1234567890001.comno" is registered in the registry database. The registry server 630 transmits a registration notification registered in the registry database to the web device 100 with the corporate number domain “1234567890001.comno” as a domain name. The registration notice describes the corporate number domain “1234567890001.comno” and the IP address corresponding to the corporate number domain.

In FIG. 1, one processor is illustrated in the web apparatus 100. However, the web apparatus 100 may include a plurality of processors. They may be executed in cooperation.
Although one storage device 102 is shown in the web device 100 in FIG. 1, the web device 100 may include a plurality of storage devices.

  The functions of the management unit 150 to the domain issuing unit 156 of the web device 100 may be realized by one server, or may be distributed to a plurality of servers connected to the network 700. The document table 220 to the specific personal information file 270 of the web device 100 may be distributed and stored in a plurality of storage devices connected to the network 700.

As the communication path of the network 700, for example, the following path or a combination of the following paths can be used. The communication route of the network 700 is not limited to the following route or a combination of the following routes.
the Internet.
Wireless LAN such as Wi-Fi (Wireless Fidelity).
Long-Term-Evolution mobile network.
3G (3rd. Generation) mobile network.
VPN (Virtual Private Network).
Cable TV network.
Wi-SUN (Wireless / Smart / Utility / Network).
MtoM (Machine to Machine) network.
PtoP (Peer to Peer) network.
Disaster prevention wireless network.
UWB (Ultra Wide Band) network.

Although the document 50 shown in FIG. 2 is an electronic mail, the document 50 may be a file or other communication data instead of the electronic mail. For example, the following data or a combination of the following data can be used as communication data. The communication data format is not limited to the following data format or a combination of the following data formats.
An illustration file with the extension ".ai".
Sound files with the extension ".aif"".aiff"".au"".mp2"".mp3"".mp4"".mid"".midi"".ra"".ram"".wav" .
Animation cursor with extension ".ani".
A moving image file with an extension of “.avi”, “.mov”, “.mpg”, “.mpeg”, “.png”, “.vdo”, and “.wrl”.
A backup file with the extension “.bak”.
Batch file with extension ".bat".
Binary file with extension ".bin".
Bitmap file with extension ".bmp".
File for Cad software with extension ".brl".
Source files with extensions “.c”, “.cpp”, “.h”, “.java”, and “.js”.
The extension is ".cab"".gz"".jar"".lzh"".lzs"".mim"".rar"".tar"".taz"".tbz"".uue"".xxe ”,“ .Zip ”,“ .Z ”and“ .Zoo ”compression format files.
Illustration font file with extension ".cef".
A CGI file with the extension “.cgi”.
Help file with extension ".chm" or ".hlp".
Cover Page Editor with extension ".cpe".
Style sheet file with extension ".css".
A data file with the extension ".dat".
A document file with the extension “.doc”, “.docm”, “.docx”.
An executable file with the extension ".com".
Video related files with the extension “.dcr”, “.dir”, “.dxr”.
File for Cad software with extension ".dxf".
Dictionary file with extension ".dic".
Dynamic link library with extension ".dll".
A mail software file with the extension ".eml".
Encapsulated Post Script file with extension ".eps".
An executable file with the extension ".exe" or ".class".
Font files with extensions ".fon" and ".fnt".
Image files whose extensions are “.gif”, “.jpg”, and “.jpeg”.
An HTML file with the extension ".htm" or ".html".
An icon file with the extension “.ico”.
DTP file with extension ".indd".
A setting file with an extension of “.ini” or “.inf”, and an initialization file.
A document file with an extension of ".JTDC / .JTTC", ".JTD / JTT", ".JFW / JVW", ".JBW / JUW", ".JAW / JTW".
Document files with the extension “.JSW”, “.JXW”, “.JTSD”, and “.JTDX”.
A log file with the extension ".log".
A MAKE file with the extension “.mak”.
Object files with extensions ".o" and ".obj".
An OCX file with the extension “.ocx”.
Old file with extension ".old".
Original file with extension ".org".
Script file with extension ".pl".
Image files whose extensions are ".ppt", ".psd", ".pst", and ".tif".
A registry file with the extension ".reg".
Screen saver file with extension ".scr".
A system file with the extension ".sys".
Temporary file with extension ".tmp".
A document file with an extension of “.txt”, “.pdf”, “.msg”.
Files with the extension ".wr".
Table calculation with extensions “.xls”, “.xlb”, “.xlc”, “.xld”, “.xlk”, “.xll”, “.xlm”, “.xls”, “.xlsb”, “.xlsx”, and “.xlt” File.

  The functions of the corporate number authentication unit 611 to the position / time terminal authentication unit 614 of the authentication center server 610 may be realized by one center server, or may be distributed to a plurality of center servers connected to the network 700. .

The processor 101 of the web device 100 may be realized by a processing circuit.
The processing circuit is a dedicated electronic circuit that implements the functions of the management unit 150 to the domain issuing unit 156. Specifically, the processing circuit is a single circuit, a composite circuit, a programmed processor, a parallel programmed processor, a logic IC, a GA (Gate Array), an ASIC (Application Specific Integrated Circuit), or It is an FPGA (Field-Programmable Gate Array).

  The functions of the management unit 150 to the domain issuing unit 156 may be realized by one processing circuit, or may be realized by being distributed to a plurality of processing circuits.

  Further, the function related to the control of the web device 100 may be realized by a combination of software and hardware. That is, a part of the functions related to the control of the web apparatus 100 may be realized by dedicated hardware, and the rest may be realized by software.

Embodiment 2 FIG.
The configuration of the device according to the present embodiment, the operation of the device according to the present embodiment, and the effects of the present embodiment will be described in order. Mainly, differences from the first embodiment will be described.

*** Configuration description ***
The configuration of the device according to the present embodiment is the same as that of FIG.

*** Explanation of operation ***
FIG. 13 is a flowchart showing the document authentication operation of the web apparatus 100, and the processing content of each step will be described below.

Step S101: Document transmission using corporate number domain The transmission device 800 transmits the document 50 shown in FIG. The document 50 is the same as the document 50 described in the first embodiment, and is a message from the transmitting device 800 to the receiving device 900.
The program running on the transmitting device 800 transmits the document 50 to the receiving device 900 as usual, regardless of whether the transmission address 51 of the document 50 uses the corporate number domain or not. Since the transmission address 51 is a domain registered in the registry server 630, the address is resolved by a DNS server as a normal electronic mail, and is transmitted to the receiving device 900.

Step S7: Document Receiving Step S7 is the same as step 7 shown in FIG. 10, and the receiving device 900 receives the document 50 from the transmitting device 800 via the network 700.

Step S108: Document Transmission and Authentication Request The receiving device 900 transmits the received document 50 and a request for authentication of the document 50 to the web device 100.
The program that runs on the receiving device 900 performs reception processing as usual when the transmission address 51 of the document 50 includes an e-mail address that does not use the corporate number domain.
However, the program operating on the receiving device 900 transmits an authentication request to the web device 100 when the transmission address 51 of the document 50 includes the corporate number domain. The document 50 is directly attached to this authentication request.

Steps S9 to S14
The management unit 150 stores the document 50 attached to the authentication request in the main memory 103.
Steps S9, S12 to S14 are the same as steps S9, S12 to S14 shown in FIG. In steps S9 and S12 to S14, the document 50 is authenticated by the web device 100, and the receiving device 900 opens the document 50.

Step S5: Document Storage Step S5 is the same as step S5 shown in FIG. 10, and the tracing unit 152 assigns a new number to the document ID 221 of the document table 220, and stores the document 50 in the main memory 103 as a document. 222, and a pass notification is registered in the authentication result 223. Also, the same ID as the document ID 221 is recorded in the document ID 231 of the trace information table 230.

Step S15, S16
Steps S15 and S16 are the same as steps S15 and S16 shown in FIG. 10, and the tracing unit 152 records the trace information in the trace information table 230, and the tracing unit 152 transmits an opening notification to the transmitting device 800. .

*** Explanation of effect of embodiment ***
According to the present embodiment, even when receiving device 900 receives an e-mail using a normal mailing application installed in transmitting device 800, verification of the corporate number by web device 100 can be performed.
Further, since the e-mail can be transmitted using the mailing application installed in the transmission device 800, a special program for transmission is not required.

  10 corporate number domain system, 50 documents, 51 transmission address, 52 reception address, 53 transmission data, 54 certificate, 100 web device, 101 processor, 102 storage device, 103 main memory, 105 transmitter, 106 receiver, 130 transmission unit, 140 receiving unit, 150 managing unit, 151 authentication unit, 152 tracing unit, 153 mail address issuing unit, 154 IP address converting unit, 155 personal number converting unit, 156 domain issuing unit, 200 storage unit, 210 OS & program, 220 document table 221 document ID, 222 document, 223 authentication result, 230 trace information table, 231 document ID, 232 opening device address, 233 opening time, 240 personal number No. table, 241 personal number, 242 mail address, 250 domain table, 251 web address, 252 corporate number domain, 260 IP table, 261 corporate number domain, 262 IP address, 270 specific personal information file, 610 authentication center server, 611 corporate Number authentication unit, 612 Personal number authentication unit, 613 Electronic authentication unit, 614 Location / time terminal authentication unit, 615 Corporate number database, 616 Personal number database, 620 HP server, 630 Registry server, 700 network, 800 transmitting device, 900 receiving device .

The present invention relates to a web device, an authentication center server, and a system .

The present invention aims to promote the use of personal numbers .

  The web device of the present invention
  A personal number table that stores identifiers and personal numbers in association with each other;
  A receiving unit that receives a request including the identifier from the electronic device;
  Referring to the personal number table, the personal number is determined based on the identifier received by the receiving unit. Number table for retrieving a number table and converting the identifier received by the receiving section into a personal number. When,
  A transmitting unit that transmits the personal number converted by the personal number converting unit to the electronic device;
It is characterized by having.

The present invention can promote the use of personal numbers.

Claims (2)

An authentication center server that receives a corporate number and electronic data,
A corporate number database that stores all issued corporate numbers, which is a corporate number defined in the "Act on the Use of Numbers to Identify Specific Individuals in Administrative Procedures"
A corporate number authentication unit that checks whether the received corporate number exists in the corporate number database,
An electronic authentication unit that checks whether the electronic data is electronic data that certifies a corporation indicated by the corporation number,
The corporation number authentication unit checks that the corporation number exists in the corporation number database, and the electronic authentication unit checks that the electronic data is electronic data that certifies the corporation indicated by the corporation number. If you do, a notice of acceptance will be issued,
The corporation number authentication unit checks that the corporation number does not exist in the corporation number database, or the electronic authentication unit checks that the electronic data is not electronic data that certifies the corporation indicated by the corporation number. If so, an authentication center server that issues a rejection notification. The authentication center server receives company information such as a company name or a company address,
The corporation number database stores corporation information corresponding to the corporation number,
The authentication center server according to claim 1, wherein the corporation number authentication unit checks whether the received corporation information matches the corporation information stored in the corporation number database.

Images