JP6979099B2 - Electronic certificate delivery system and program - Google Patents

Description

The present invention relates to an electronic certificate delivery system and program composed of a computer that performs processing related to the delivery of an electronic certificate from a qualified person to a certified person, and for example, a job seeker or a cloud worker wants to find a job. It can be used to issue and receive an electronic certificate to be used when proving one's ability to a job requester or conducting self-promotion.

Traditionally, various certificates such as qualification pass certificates and graduation certificates have been issued on paper. The certificate issued on this paper (hereinafter referred to as "paper certificate") describes "who, who, when, what", and submits a copy of the paper certificate. It is a proof that the certification has been obtained by the method.

The following system is known as a system for managing information by linking a certificate and a blockchain. That is, authenticity verification of course completion certificate documented information issued by a registered training organization, verification of passports, and authenticity verification of documents issued by law offices, accounting offices, government agencies, etc. A system for verifying the authenticity of document information is known (see Patent Document 1). This system uses the document content metadata to generate a metadata hash, creates a blockchain transaction that contains the metadata hash, identifies the metadata hash within the blockchain transaction, and verifies the authenticity of the document content metadata. I'm verifying.

Further, a system that realizes blockchain type multi-factor personal identity authentication is known (see Patent Document 2). In this system, passports, identification cards, extracted passport information, driver's licenses, extracted driver's license information, fingerprints, retinas, etc. are stored in the blockchain. Then, an individual is identified by unique information such as a secret key, a fingerprint, a fingerprint hash, a retina, and a hash of the retina.

Furthermore, the hash value of the target confirmation information, which is personal information disclosed by the user, is recorded in the blockchain, the validity of the target confirmation information is verified using the block in the blockchain, and the disclosure request of the target confirmation information is made. There is known a personal information management system that discloses target confirmation information after receiving permission from the user (see Patent Document 3).

Further, the standard "Blockcerts" for blockchain certificates is known (see Non-Patent Document 1). This block sarts is a blockchain-based blockchain certificate standard developed by research institutes at the Massachusetts Institute of Technology, and is an SDK (development tool) for issuing blockchain certificates that meet that standard. It is an open source platform that includes it.

Special Table 2019-511758 Gazette JP-A-2019-57271 Publication of Patent No. 6494004

Blockserts community, "BLOCKCERTS", [online], Blockserts homepage, [Search on March 1, 2nd year of Reiwa], Internet <URL: https://www.blockcerts.org/>

With the conventional paper certificate mentioned above, the possibility of falsification cannot be ruled out (problem of falsification prevention). In addition, if the paper certificate has been tampered with, it cannot be reliably detected (problem of tampering detection). Furthermore, although the paper certificate contains information for identifying the person such as name and date of birth, the information cannot be used to uniquely identify the person, so the paper certificate cannot be uniquely identified. When submitting a paper certificate to a third party, it is not possible to distinguish the paper certificate of the person from the paper certificate of another person with the same name, date of birth, etc. (problem of uniqueness).

In addition, with a paper certificate, there is no way to prove to a third party that you own the certificate while hiding your real name. For example, it is used in work styles such as cloud working where the real name is not disclosed. Cannot (problem of anonymity).

Further, in the Blockcerts described in Non-Patent Document 1 described above, the hash value of the certification information (certified content information) is recorded in the blockchain, but falsification is detected only by recording the hash value. Even if it can be done, it does not prevent tampering.

Therefore, in order to solve these problems, it is conceivable to issue an electronic certificate instead of a paper certificate, or to use a distributed ledger as a method for recording the data of the electronic certificate.

At this time, when the data of the electronic certificate is recorded in the distributed ledger, generally, the key set for both is used as information for identifying both the certified person and the certified person of the qualification related to the electronic certificate. (A set of private key and public key) is required. In addition, when recording data in the distributed ledger, it is necessary to pay the bookkeeping fee to the builder of the distributed ledger, and since this fee is generally paid in virtual currency, the certified person is electronically certified. If a certificate is issued and the data is recorded in a distributed ledger, the certified person must handle virtual currency.

However, when developing services for consumers using distributed ledgers, key sets that need to be booked in distributed ledgers and virtual currencies paid as rewards for bookkeeping are not widely used, so certified persons and certified persons. There is a problem that the restrictions required for the cryptocurrency are high and the burden is heavy.

For example, as of January 2020, even in Ethereum, which is the world's second largest distributed ledger in terms of the total amount of virtual currencies in circulation, MetaMask is a tool for individual users to write data to the distributed ledger. The number of downloads is about 1 million times worldwide, and it cannot be said that it is widely used.

Therefore, under such circumstances, the certified person issues an electronic certificate and records the data directly in the distributed ledger, or the certified person directly obtains the electronic certificate stored in the distributed ledger. It is considered difficult to do. This is because it may be difficult for the certified person to handle the virtual currency paid as a reward for bookkeeping, and it may be difficult for the certified person to prepare his / her own key set. For this reason, direct access to the distributed ledger by certified persons and certified persons while realizing the above-mentioned falsification prevention, falsification detection, ensuring uniqueness in identity identification, and anonymous submission of certificates to third parties. It is desired to develop a system that can solve the problem of burden associated with the difficulty of.

An object of the present invention is to reduce the burden on the certified person and the certified person while realizing prevention of falsification of the certificate, detection of falsification, ensuring uniqueness in personal identification, and anonymous submission of the certificate. It is located to provide a certificate delivery system and program.

<Basic configuration of the present invention>

The present invention is an electronic certificate delivery system composed of a computer that executes processing related to delivery of an electronic certificate from a qualified person to a certified person.
Multiple participant nodes that make up the distributed ledger are connected by a peer-to-peer network for forming the distributed ledger, and
The certified person system operated and managed by the certified person, the certified person terminal operated by the certified person, and the certificate service provider system that provides services related to electronic certification are networks other than the peer-to-peer network. The certificate service provider system is configured to be able to connect to the participant node.
The certified system is
A key set generation means that performs a process of generating an authorized person's key set consisting of an authorized person's decryption key, encryption key, signature key, and verification key.
The certified person's verification key, the certified person's verification key, the credential information including the certified name, and the certified person's verification key, the certified person's verification key, and the certified person's signature key for the credential information. Electronic certificate creation means that performs the process of creating an electronic certificate, including
A common key generation means on the certified person side that executes a process of generating a common key between the certified person and the certified person by using the personal authentication information predetermined between the certified person and the certified person.
From the hash value or other conversion information obtained from the personal authentication information, or the personal identification information predetermined between the certified person and the certified person as information different from the personal authentication information, the certified person sets his / her own key. Create a key set receiving ID to receive the key set, encrypt the key set of the certified person generated by the key set generation means with the common key generated by the common key generation means on the certified person side, and encrypt the certified person. Information transmission means for certified persons that executes the process of transmitting the key set of the key set together with the key set receiving ID to the certificate service provider system via the network.
It is configured to include an electronic certificate register means that performs the process of sending the electronic certificate created by the electronic certificate creation means to the certificate service provider system via the network in order to register it in the distributed ledger.
The certificate service provider system is
An electronic certificate proxy bookkeeping method that executes the process of storing the electronic certificate received from the certifier system via the network in the distributed ledger.
The certified person's verification key sent from the certified person's terminal via the network is used to obtain the electronic certificate stored in the distributed ledger, and the obtained electronic certificate is used by the certified person via the network. An electronic certificate proxy acquisition method that executes the process of sending to the terminal,
An information storage means for certified persons that stores the encrypted key set of the certified person transmitted from the certified person system via the network in association with the key set receiving ID.
The encrypted subject that receives the key set receiving ID transmitted from the certified person terminal via the network, is associated with the received key set receiving ID, and is stored in the information storage means for the certified person. It is configured to include an information delivery means for certified persons that executes a process of transmitting a certified person's key set to a certified person's terminal via a network.
The certified person's terminal is
A common key generation means on the certified person side that accepts input of personal authentication information and executes a process of generating a common key using the input personal authentication information.
A key set receiving ID is created by obtaining a hash value or other conversion information from the input personal authentication information, or by accepting input of personal identification information, and the created key set receiving ID is used via the network. Information acquisition means for certified persons that executes the process of acquiring the encrypted key set of the certified person by sending it to the certificate service provider system.
The key for the certified person who executes the process of decrypting the encrypted key set of the certified person acquired by the information acquisition means for the certified person using the common key generated by the common key generation means on the certified person side. Set decryption means and
By sending the verification key of the certified person included in the key set of the certified person to the certificate service provider system via the network, the process of acquiring the electronic certificate stored in the distributed ledger is executed. It is characterized by including electronic certificate acquisition means.

Here, "qualification" is a qualification in a narrow sense (for example, English test, lawyer qualification, doctor's license, danger) that can be certified and obtained by taking and passing a certification test (so-called test) for certification. Including the fact that not only (material handlers, etc.) but also various schools, courses, seminars, etc. were educated by graduation, completion, enrollment, participation, etc. (including bachelor's degree, master's degree, doctoral degree, etc.) .), The fact that he had a special job (for example, self-defense officer, guarding important persons, cyber measures, etc.), the status given as identification such as a passport, lifesaving and social service activities, etc. It also includes the fact that a letter of appreciation was given by the above. Therefore, the "qualification" referred to in the present application is the content to be certified when the certified person broadly recognizes the ability, achievement, activity, status, status, etc. of the certified person. In addition, the certification of "qualification" may be certification by a public institution such as issuance of a driver's license or passport, or certification by a private sector.

Further, the "distributed ledger" is also referred to as a distributed ledger or a DLT (Distributed Ledger Technology), and a blockchain can be preferably adopted as the distributed ledger of the present invention, but it is not necessarily a blockchain. Not limited. Therefore, posting to the distributed ledger does not necessarily have to be done in blocks, nor does it necessarily have to form a chain.

In such an electronic certificate delivery system of the present invention, the electronic certificate to be created includes the "certified person's verification key", the "certified person's verification key", and the "qualification information including the certified name". The electronic certificate can function as information indicating "who, who, what" has been certified. If the certification date is included in the qualification information, the electronic certificate can be used as information indicating "who, who, when, and what".

In addition, since the created electronic certificate is stored in the distributed ledger, it is possible to prevent falsification of the certification information (certified content information). That is, in the Blockcerts described in Non-Patent Document 1 described above, only the hash value of the certification information (certified content information) is recorded in the blockchain, whereas in the present invention, the electronic certification certificate is recorded. Since the entire information is stored in the distributed ledger, it is possible to prevent falsification.

Furthermore, since the electronic certificate to be created contains the signature of the certified person with the signature key of the certified person, the third party who received the electronic certificate submitted by the certified person (in this application, the recipient). (Called) can perform verification processing on the signature of the certified person on its own terminal (referred to as a recipient terminal in the present application). Therefore, the integrity of the data of the electronic certificate can be confirmed, and falsification can be detected.

In addition, since the certified person can submit an electronic certificate instead of a paper certificate to a third party (recipient), it is possible to ensure uniqueness in personal identification. That is, by submitting an electronic certificate, it is possible to prove that the certificate is not owned by another person such as the same sex.

Furthermore, since it is possible to submit the electronic certificate to a third party (recipient), if the electronic certificate contains personal information, the part of the personal information should be encrypted and submitted. Therefore, it will be possible to submit an electronic certificate anonymously, and it will be possible to use anonymous working styles such as cloud working.

The electronic certificate created by the certified person system is not recorded in the distributed ledger directly from the certified person system, but is recorded in the distributed ledger via the certificate service provider system. The certified person does not have to deal with the virtual currency for paying the bookkeeping fee, and the burden on the certified person can be reduced.

In addition, the key set of the certified person is generated by the certified person system, sent to the certified person terminal via the certificate service provider system, and received by the certified person at the certified person terminal. Therefore, the certified person does not have to prepare his / her own key set, and the burden on the certified person can be reduced.

Furthermore, the delivery of the certified person's key set via this certificate service provider system is performed in a state encrypted with the common key between the certified person and the certified person, so that the certificate service is performed. Since the person in charge of the operator system cannot refer to the private key (decryption key, signing key) of the certified person's key set, the certified person's key set can be safely delivered. With these, the above-mentioned purpose is achieved.

<Structure in which pass / fail information is passed along with the key set of the certified person>

In addition, in the electronic certificate delivery system mentioned above,
The means of transmitting information for certified persons in the certified person system is
It is configured to execute the process of transmitting the encrypted key set of the certified person and the pass / fail information to the certificate service provider system via the network together with the key set receiving ID that is also used as the pass / fail confirmation ID. ,
Information storage means for certified persons in the certificate service provider system is
The encrypted key set of the certified person and the pass / fail information are stored in association with the key set receiving ID.
The means of acquiring information for certified persons on the certified person terminal is
A key set receiving ID is created by obtaining a hash value or other conversion information from the input personal authentication information, or by accepting input of personal identification information, and the created key set receiving ID is used via the network. By transmitting the information to the certificate service provider system, it is possible to execute the process of acquiring the encrypted key set of the certified person and the pass / fail information.

Here, the "pass / fail information" is information indicating whether the pass / fail is passed or not, but for the certification test in which the pass / fail information is generated, the pass / fail information can be passed together with the delivery of the key set of the certified person. It is only necessary to have a system configuration that allows it, and for certification tests that do not generate pass / fail information, pass / fail information may not be available (may be NULL). Among the certification tests, there are tests that do not fail, that is, tests that do not have the concept of pass / fail. For example, if the result of taking the test, the rank is determined by the grade, and the rank is the certification content, or if the score as the test result is the certification content, there may be no state of failure. In such a case, there is no need for pass / fail information (may be NULL).

When the pass / fail information is passed together with the certified person's key set in this way, the certified person uses the certified person's terminal to use the certified person's (own) key set generated by the certified person's system. At the same time, you can receive the pass / fail information of the certification test. For this reason, the certified person shall hand over the key set of the certified person generated when creating the electronic certificate to the certified person, and at the same time, notify the certified person of the pass / fail of the certification test. You can also.

<The certified person's key set is encrypted with the certified person's basic encryption key and stored in the certificate service provider system, and the certified person's basic verification key or an alternative certified person ID is used. Configuration to obtain electronic certificates in a batch>

Furthermore, in the electronic certificate delivery system described above,
The certified person's terminal is
Key set for certified person The key set of the certified person decrypted using the common key by the decryption means is encrypted using the basic encryption key of the certified person, and the encrypted key set of the certified person is encrypted. It consists of a key set transmission means for certified persons that performs a process of transmitting to the certificate service provider system together with a certified person's basic verification key or an alternative certified person ID.
The certificate service provider system is
Includes a certified person key information storage means that stores an encrypted certified person's key set for at least one electronic certificate in association with a certified person's underlying verification key or an alternative certified person's ID. Consists of
The means of obtaining an electronic certificate for the certified person's terminal is
When acquiring the electronic certificate held by the certified person stored in the distributed ledger, the certificate service provider can obtain the basic verification key of the certified person or the certified person ID in place of it via the network. By sending to the system, the encrypted certified person's key set stored in the certified person's key information storage means associated with the certified person's basic verification key or an alternative certified person's ID. All acquired, all of the acquired encrypted certified person's key sets are decrypted using the certified person's basic decryption key, and the certified person's key set included in each of the decrypted certified person's key sets It is desirable that all the verification keys are sent to the certificate service provider system to execute the process of collectively acquiring the electronic certificate held by the certified person stored in the distributed ledger. ..

In this way, the certified person's key set is encrypted with the certified person's basic encryption key and stored in the certificate service provider system, and the certified person's basic verification key or an alternative certified person ID is used. If the configuration is such that the electronic certificates are collectively acquired by using the system, the certified person can collectively acquire a plurality of electronic certificates owned by the certified person. In addition, since the key set of the certified person is stored in the certificate service provider system in an encrypted state, the person in charge of the certificate service provider system can keep the secret of the key set of the certified person. Since the key (decryption key, signing key) cannot be referred to, the key set of the certified person can be safely stored.

<Structure in which the electronic certificate is recorded in the distributed ledger after the certified person requests the book or an operation equivalent to it>

Then, in the electronic certificate delivery system described above,
The certificate service provider system is
It consists of an electronic certificate storage means that stores electronic certificates sent from the certifier system over the network.
The electronic certificate proxy bookkeeping method of the certificate service provider system is
After storing the electronic certificate received from the certified person system via the network in the electronic certificate storage means, the first to the certificate service provider system for the certified person to confirm the pass / fail from the certified person's terminal. It is stored in the electronic certificate storage means at the timing when there is an access to the distributed ledger of the electronic certificate by a successful candidate among the certified persons or an operation corresponding to this entry request. It is desirable that the system is configured to execute the process of storing the electronic certificate in the distributed ledger.

In this way, if the electronic certificate is posted in the distributed ledger after the certified person requests the book or an operation equivalent to it, the multiple certified persons generated by the certified person system It is possible to record electronic certificates in the distributed ledger in a timely manner instead of concentrating them at one time. For this reason, since the bookkeeping process for the distributed ledger, which takes a relatively long time, can be performed in a distributed manner, it is possible to avoid the occurrence of a load that is concentrated on the certificate service provider system that performs proxy bookkeeping for a period of time. .. In addition, instead of making a book entry in the distributed ledger immediately after the first access to the certificate service provider system for pass / fail confirmation by the certified person, it corresponds to the bookkeeping request or this bookkeeping request by the certified person. Since it is performed after access by operation, it is possible for the certified person to record in the distributed ledger at an appropriate timing. For example, in the case of requesting the certified person to bear the cost for recording in the distributed ledger, when the certified person only confirms the pass / fail, the certified person does not incur the cost burden and the intention of recording in the distributed ledger is confirmed. Since it is possible to incur a cost burden on the certified person by performing the bookkeeping at the stage where the bookkeeping is performed, it is possible to realize the bookkeeping at a preferable timing for the certified person.

<Configuration to verify the signature of the certified person on the recipient terminal>

In addition, in the electronic certificate delivery system mentioned above,
On the network
The recipient terminal operated by the recipient who receives the electronic certificate submitted by the certified person is connected and
The certified person's terminal is
It is configured to include an electronic certificate submission means that performs the process of transmitting the electronic certificate acquired by the electronic certificate acquisition means directly to the recipient terminal via the network or via the certificate service provider system. ,
The recipient terminal is
The authenticity of the accredited person and the authenticity of the accredited person using the accredited person's verification key and the accredited person's signature contained in the electronic certificate received directly from the certified person's terminal over the network or via the certificate service provider system. It should be configured to include a certifier verification means that performs a certifier signature verification process to verify the integrity of the electronic certificate data.

When the process of verifying the signature of the certified person is performed on the recipient terminal in this way, the recipient can confirm the integrity of the data of the electronic certificate provided by the certified person. , Falsification can be detected.

<Structure for submitting an electronic certificate using My Page>

Further, in the case where the above-mentioned recipient terminal is configured to verify the signature of the certified person, the configuration is such that the signature of the certified person is verified.
The means of submitting the electronic certificate of the certified person's terminal is
My page creation means that executes the process of creating a My Page containing the contents of the electronic certificate held by the certified person to be submitted to the recipient using the electronic certificate acquired by the electronic certificate acquisition means. Consists of, including
The certificate service provider system is
My page creation assistance means that assists the creation of My Page by the My Page creation means of the certified person's terminal and executes the process of associating the created My Page with the URL of My Page and storing it in the My Page storage means.
Processing to send My Page stored in My Page storage means and the electronic certificate posted on My Page to the recipient terminal via the network in response to the access to the URL of My Page from the recipient terminal. It is desirable that it is configured to include a My Page transmission means for executing.

When the electronic certificate is submitted using My Page in this way, the recipient can easily receive the electronic certificate with the general-purpose WEB browser installed in the recipient terminal. It will be like. In addition, since the signature of the certified person can be verified with the electronic certificate attached to My Page, the recipient receives My Page with the general-purpose WEB browser installed in the recipient terminal. (Or it may be another WEB page received from the certificate service provider system before the display of the My Page.) Without being particularly aware that the certificater signature verification process is being performed by the program attached to it. The process can be easily performed.

<Structure that automatically sends the URL of My Page that matches the recruiting conditions of the recipient to the recipient as an intermediary process between the certified person and the recipient>

Then, in the case where the electronic certificate is submitted using the above-mentioned My Page,
The certificate service provider system is
An intermediary means that carries out processing related to intermediation between the certified person and the recipient who requests the certified person to work,
It is configured to include an intermediary information storage means that stores information about the eligibility of the certified person for whom an electronic certificate is issued in association with the basic verification key of the certified person or an alternative certified person ID.
The means of mediation is
The certified person receives the information on whether or not the URL of My Page, which is input by the certified person and is transmitted from the certified person's terminal via the network, can be automatically transmitted, and the information on whether or not the accepted My Page URL can be automatically transmitted is sent to the certified person. As information related to the possession qualification of, the mediation information setting means that executes the process of storing the information in the mediation information storage means in association with the verification key of the certified person's basics or the substitute ID of the certified person, and
Requesting work from the certified person Entered by the recipient and sent from the recipient terminal via the network, the recruiting conditions determined by the eligibility required of the certified person and the recipient's contact information. Recipient information input receiving means that executes the process of accepting recipient information including
Using the recruitment conditions accepted by this recipient information input reception means and the information on the possession qualifications of each certified person stored in the mediation information storage means, all the certified persons meet the recruiting conditions. The certified person who holds the qualification is extracted, and among all the My Page created by each extracted person, the My Page is the My Page that can automatically send the URL of the My Page, and Condition-matched My Page extraction means that executes the process of extracting My Page that contains information on possession qualifications that match the recruiting conditions,
Includes a My Page URL automatic transmission means that executes a process of transmitting the URL of the My Page extracted by the condition-matching My Page extraction means to the contact information of the recipient received by the recipient information input reception means via the network. It may be configured with.

In this way, if the URL of My Page that matches the recruiting conditions of the recipient is automatically sent to the recipient as an intermediary process between the certified person and the recipient, the recipient will be satisfied with his / her recruiting conditions. If the matching My Page is created by the certified person, it is possible to actively refer to the My Page by himself / herself instead of waiting passively for the provision of the My Page from the certified person. Smooth and effective mediation between the certified person and the recipient is realized.

<Structure that performs intermediary processing using information on whether or not to activate possessed qualifications, which indicates whether or not work can be accepted using qualifications>

In addition, as an intermediary process between the certified person and the recipient described above, in the case where the URL of My Page that matches the recruiting conditions of the recipient is automatically transmitted to the recipient.
The mediation information setting means of the mediation means is
Accepted and accepted information on whether or not to activate the qualifications of the certified person, which is input by the certified person as information indicating whether or not the work utilizing the qualification can be accepted and sent from the certified person's terminal via the network. It also executes the process of storing the activation availability information of each possession qualification in the intermediary information storage means by associating it with the verification key of the certified person's basics or the certified person ID instead as the information on the possession qualification of the certified person. Is configured to
The condition of the mediation means is met. My page extraction means is
When extracting a certified person who holds a qualification that matches the recruiting conditions from all the certified persons, the extraction process using the activated qualification may be executed.

In this way, if the system is configured to perform intermediary processing using information on whether or not to activate the possession qualification, which indicates whether or not the work can be accepted using the qualification, the intention of the certified person to utilize the possession qualification is respected. Then, it is possible to automatically send the URL of My Page that matches the recruitment conditions of the recipient to the recipient, so for example, a certified person who holds a qualification will work using that qualification. If you think that it is premature, or if you do not want to be accepted for some reason, you can realize an intermediary process that respects that intention.

<Invention of the program>

The program of the present invention is for operating the computer as a certified person system constituting the electronic certificate delivery system described above.

Further, the program of the present invention is for making a computer function as a terminal of a certified person constituting the electronic certificate delivery system described above.

Further, the program of the present invention is for operating a computer as a certificate service provider system constituting the electronic certificate delivery system described above.

Further, the program of the present invention is for operating a computer as a recipient terminal constituting the electronic certificate delivery system described above.

The above program or a part thereof may be, for example, a magneto-optical disk (MO), a compact disk (CD), a digital versatile disk (DVD), a flexible disk (FD), a magnetic tape, or a read-only memory (ROM). , Electrically erased and rewritable read-only memory (EEPROM), flash memory, random access memory (RAM), hard disk drive (HDD), solid state drive (SSD), flash disk and other recording media. It can be stored and distributed, and for example, local area network (LAN), metropolitan area network (MAN), wide area network (WAN), Internet, intranet, extranet, etc. It is possible to transmit using a transmission medium such as a wired network, a wireless communication network, or a combination thereof, and it is also possible to carry it on a carrier. Further, the above program may be a part of another program, or may be recorded on a recording medium together with a separate program.

Further, each program for operating the computer as the certified person system, the certified person terminal, and the recipient terminal constituting the electronic certificate delivery system described above is, for example, a program provided accompanying the WEB page. (For example, JavaScript (ECMAScript) etc .: JavaScript is a registered trademark), that is, like a program acquired by a WEB browser, each time each process is executed, each of the certified person system, the certified person terminal, and the recipient terminal is configured. It may be a program provided to the computer to be used, or it may be a program installed (installed) in advance on the computers constituting each of the certified person system, the certified person terminal, and the recipient terminal before executing each process.

As described above, according to the present invention, an electronic certificate signed by the certified person is created and stored in the distributed ledger, and the certified person receives the electronic certificate obtained from the distributed ledger by a third party (receipt). Since it can be submitted to a person), it is possible to prevent falsification of the certificate, detect falsification, ensure uniqueness in personal identification, and submit the certificate anonymously to a third party. The registration of the certificate in the distributed ledger is performed via the certificate service provider system, and the key set of the certified person is generated by the certified person system and the certified person is generated via the certificate service provider system. Since it is transmitted to the terminal, it has the effect of reducing the burden on the certified person and the certified person.

The whole block diagram of the electronic certificate delivery system of one Embodiment of this invention. The block diagram of the participant node constituting the distributed ledger of the said embodiment. The figure which shows the data content of the electronic certificate stored in the distributed ledger of the said embodiment. The explanatory view of the type of the key set of the said embodiment. FIG. 3 is a detailed configuration diagram related to processing until the electronic certificate of the embodiment is registered in the certificate service provider system and becomes a ledger entry standby state. FIG. 3 is a detailed configuration diagram related to pass / fail confirmation, acquisition of an electronic certificate, and processing of recording of an electronic certificate in a distributed ledger in the terminal of the certified person according to the embodiment. A detailed configuration diagram related to the process of creating a self-certificate (fictitious electronic certificate by self-certification) using the paper certificate held by the certified person in the embodiment. A detailed configuration diagram related to processing when the electronic certificate of the embodiment is directly recorded from the certified person system to the distributed ledger and when the electronic certificate is directly acquired from the distributed ledger at the certified person terminal. A detailed configuration diagram related to the process of submitting an electronic certificate (including a self-certificate) from the certified person's terminal to the recipient's terminal according to the embodiment. The detailed block diagram which concerns the mediation process between the accredited person and the recipient of the said embodiment. The block diagram of the mediation information storage means of the said embodiment. The figure of the flowchart which shows the flow of the process until the electronic certificate of the said embodiment is registered in a certificate service provider system, and it becomes a ledger bookkeeping standby state. The figure of the flowchart which shows the flow of the process of the pass / fail confirmation, the acquisition of the electronic certificate, and the entry of the electronic certificate in the distributed ledger in the terminal of the certified person of the said embodiment. The figure of the flowchart which shows the flow of the process of making and registering the self-certificate (fictitious electronic certificate by self-certification created from the paper certificate image) of the said embodiment. The figure of the flowchart which shows the flow of the process when the electronic certificate of the said embodiment is directly recorded in the distributed ledger from the certified person system, and when it is acquired directly from the distributed ledger by the certified person terminal. The figure of the flowchart which shows the flow of the submission process of the electronic certificate (including self-certification) from the certified person terminal to the recipient terminal of the said embodiment. The figure which shows the screen example for the pass / fail notification displayed on the certified person terminal of the said embodiment. Explanatory drawing of arbitrariness of creation of my page of the said embodiment. The figure which shows the display example of the my page (anonymous page, real name page) of the said embodiment. The figure of the flowchart which shows the flow of the mediation processing between the certified person and the recipient of the said embodiment. The figure which shows the screen example which is displayed on the authorized person terminal at the time of making / editing the My Page of the said embodiment.

Hereinafter, an embodiment of the present invention will be described with reference to the drawings. FIG. 1 shows the overall configuration of the electronic certificate delivery system 10 of the present embodiment. FIG. 2 shows the configuration of the participant nodes that make up the distributed ledger, FIG. 3 shows the data content of the electronic certificate stored in the distributed ledger, and FIG. 4 shows the type of key set. It is shown. Further, FIGS. 5 to 10 show a detailed configuration related to each process executed by the electronic certificate delivery system 10, and FIG. 11 shows a configuration of the mediation information storage means 81. Further, FIGS. 12 to 16 show a flow chart of each process executed by the electronic certificate delivery system 10. Further, FIG. 17 shows an example of a screen for pass / fail notification displayed on the certified person terminal 40, FIG. 18 is an explanatory diagram of the arbitrariness of creating My Page, and FIG. 19 shows My. A display example of the page (anonymous page, real name page) is shown. Further, FIG. 20 shows a flow chart of the mediation process between the certified person and the recipient, and FIG. 21 shows an example of a screen displayed on the certified person terminal 40 when creating / editing My Page. Has been done.

<Overall configuration of electronic certificate delivery system 10>

In FIG. 1, the electronic certificate delivery system 10 includes one or more certified person systems 20 operated and managed by qualified persons, and a plurality of (usually many) certified persons operated by qualified persons. A terminal 40, a certificate service provider system 60 operated and managed by a certificate service provider that provides services related to electronic certificates, and a plurality of operations operated by a recipient who receives an electronic certificate provided by a certified person. (Usually a large number) recipient terminals 90 are connected by network 1 and configured.

Further, a plurality of participant nodes 100 are connected by a peer-to-peer network 2 (hereinafter referred to as P2P network 2) for forming a distributed ledger to form a distributed ledger. The certificate service provider system 60 can be connected to any one of a plurality of participant nodes 100. Note that FIG. 1 shows that the certificate service provider system 60 appears to be connected to the participant node 100 via the P2P network 2, but this description is not the case. It shows that the service provider system 60 can directly access the distributed ledger. Therefore, the certificate service provider system 60 and any one of the plurality of participant nodes 100 are connected by a communication line (either network 1 or a dedicated line) other than the P2P network 2 for forming the distributed ledger. ing. The certificate service provider system 60 may become the participant node 100 constituting the distributed ledger.

Further, the certified person system 20 (20Y) and the certified person terminal 40 (40Q) can also be directly connected to any one of the plurality of participant nodes 100 as shown by the dotted line in FIG. The dotted line in FIG. 1 also describes that the certified person system 20 (20Y) and the certified person terminal 40 (40Q) appear to be connected to the participant node 100 via the P2P network 2. However, this description also indicates that the distributed ledger can be directly accessed by the certified person system 20 (20Y) and the certified person terminal 40 (40Q). Therefore, the certified person system 20 (20Y), the certified person terminal 40 (40Q), and any one of the plurality of participant nodes 100 may be a communication line (network 1 may be used) other than the P2P network 2 for forming the distributed ledger. , May be a dedicated line). The certified person system 20 may become the participant node 100 constituting the distributed ledger.

The certified person system 20Y in the above description is the certified person system 20 that directly accesses the distributed ledger, while the certified person system 20X is the certified person system 20 that does not directly access the distributed ledger. However, the details will be described later with reference to FIGS. 8 and 15. Similarly, the certified person terminal 40Q is a certified person terminal 40 that directly accesses the distributed ledger, while the certified person terminal 40P is a certified person terminal that does not directly access the distributed ledger. Although it is 40, the details will be described later with reference to FIGS. 8 and 15.

Here, the network 1 is not a P2P network (the computers in the network 1 are not connected to the P2P), but is an external network mainly composed of the Internet, and the Internet and an internal network such as a LAN or an intranet (for example,). , In-house, in group companies, in offices, in factories, in hospitals, schools, in government offices, etc.), whether wired or wireless, and even wired and Regardless of whether it is a mixed type of wireless network, in short, it is sufficient as long as it can transmit information at a certain speed between a plurality of points (regardless of the length of the distance).

Further, the P2P network 2 is a network for forming a distributed ledger, and the participant node 100 to the distributed ledger is connected to P2P. Specifically, the P2P network 2 is a virtual network (VPN (Virtual Private Network) on the Internet) formed by using a public network such as the Internet or various service networks provided by a telecommunications carrier. Including the intranet constructed using it.) Etc. Therefore, the P2P network 2 may physically use the same communication line as the network 1 (other than P2P).

<Outline configuration of certified person system 20>

The certified person system 20 is composed of one or a plurality of computers, and stores a processing means 20A that executes various processes performed by the certified person and data used in various processes executed by the processing means 20A. It is configured to include a storage means 30 to be used. For example, the certified person system 20 may be configured by a server and a person in charge terminal (a terminal operated by a person in charge in the certified person) connected to this server, and has the functions of a server and a person in charge terminal 1 It may be configured by a single computer. The person in charge terminal includes, for example, an input means such as a mouse, a keyboard, and a touch panel, and a display means such as a liquid crystal display. The certified person is usually an organization, but may be an individual. Further, in the present embodiment, the certified person is a certification company that conducts a certification test (certification test), but the certification is not limited to this, and certification by the certified person requires the implementation of the test. do not do.

The processing means 20A includes an examinee management means 21, an examinee file creating means 22, a certification processing means 23 for proxy bookkeeping, an electronic certification certificate bookkeeping means 24, and a certification processing means 25 for direct bookkeeping. It is configured. At this time, the certification processing means 23 for proxy bookkeeping and the certification processing means 25 for direct bookkeeping do not necessarily have to be functions provided in the same computer, and the certification processing means 23 for proxy bookkeeping are distributed. The certification processing means 25 for direct entry is provided by the certification system 20X (see FIG. 5) of the certification person X who does not have direct access to the ledger, and the certification processing means 25 of the certification person Y who has direct access to the distributed ledger. The system 20Y (see FIG. 8) may be provided. However, one certified person system 20 includes both the certified processing means 23 for proxy bookkeeping and the certified processing means 25 for direct bookkeeping, and at a certain time (for example, a certain holding time), the certified person system 20X (FIG. 5). (See), and may be certified system 20Y (see FIG. 8) at different times (eg, at different times). For example, the effect and effectiveness of the qualification to be certified at each holding is the same, but the number of holdings is odd in the sense that it gives the certified person various options or because of the contract with the certificate service provider. In the case of, the certified person system 20X (see FIG. 5) may be used, and in the case of an even number of times, the certified person system Y (see FIG. 8) may be used.

As shown in FIG. 5, the examinee management means 21 includes an examination application receiving means 21A and an examinee information editing means 21B. Further, as shown in FIG. 5, the authorization processing means 23 for proxy bookkeeping includes the setting information input receiving means 23A, the key set generating means 23B, the electronic certificate creating means 23C, and the authorized person side common key generating means 23D. And the information transmission means 23E for the certified person. Further, as shown in FIG. 8, the certification processing means 25 for direct bookkeeping includes a setting information input receiving means 25A, an electronic certificate creating means 25B, an electronic certification certificate bookkeeping means 25C, and a pass / fail notification means 25D. It is composed of.

Each of the means 21 to 25 included in these processing means 20A is a central processing unit (CPU) provided inside a computer main body constituting the certified person system 20, and one or one that defines an operation procedure of the CPU. It is realized by a plurality of programs and working memory such as main memory and cache memory. The details of each of these means 21 to 25 will be described later.

The storage means 30 includes an examinee information storage means 31, an acquisition program storage means 32, and a certified person key set storage means 33.

Each of the storage means 31 to 33 included in these storage means 30 is preferably realized by, for example, a hard disk drive (HDD), a solid state drive (SSD), or the like, but is within a range in which there is no problem in storage capacity, access speed, or the like. If so, for example, other recording media such as DVD, CD, MO, and magnetic tape may be adopted. Further, the data storage format of the examinee information storage means 31 and the certified person key set storage means 33 may be a database or a file format such as a flat file. The details of each of these storage means 31 to 33 will be described later.

<Outline configuration of certified person terminal 40>

The certified person terminal 40 is composed of a computer, includes input means such as a mouse, keyboard, and touch panel, and display means such as a liquid crystal display, and further scans a paper certificate to obtain image data thereof. It may be equipped with a scanner. The certified person terminal 40 may be a mobile device such as a smartphone or a tablet terminal. Further, the same certified person uses a personal computer as a certified person terminal 40 at a certain time, and a mobile device such as a smartphone or a tablet terminal as a certified person terminal 40 at another time. A plurality of physically different computers (computers in a broad sense) may be used. The certified person is usually an individual, but may also be an organization (eg, a team, a municipality, etc.).

The certified person terminal 40 includes a processing means 40A for executing various processes performed by the certified person, and a storage means 50 for storing data used in various processes executed by the processing means 40A. Has been done.

The processing means 40A includes a service use start registration means 41, a pass / fail confirmation processing means 42, an electronic certificate acquisition means 43, a self-certificate creation request means 44, a certificate receiving means 45 for direct acquisition, and electronic certification. It is configured to include a certificate submission means 46. At this time, the electronic certificate acquisition means 43 and the certificate receiving means 45 for direct acquisition (including the electronic certificate acquisition means 45B) do not necessarily have to be functions provided in the same computer, and are electronically certified. The certificate acquisition means 43 includes a certified person terminal 40 (40P) (see FIG. 6) that does not directly access the distributed ledger, and includes a certificate receiving means 45 (electronic certificate acquisition means 45B) for direct acquisition. ) Shall be provided by the certified person terminal 40 (40Q) (see FIG. 8) that directly accesses the distributed ledger. However, one certified person terminal 40 includes both an electronic certificate acquisition means 43 and a certificate receiving means 45 for direct acquisition, and at a certain time (for example, when receiving an electronic certificate issued by a certain certified person). The certified person terminal 40P (see Fig. 6), and the certified person terminal 40Q (see Fig. 8) at another time (for example, when receiving an electronic certificate issued by another certified person). good.

Then, as shown in FIG. 6, the pass / fail confirmation processing means 42 includes an information acquisition means 42A for the certified person, a failure notification display means 42B, a common key generation means 42C on the certified person side, and a key for the certified person. The set decryption means 42D, the pass notification display means 42E, and the key set transmission means 42F for the certified person are included. Further, as shown in FIG. 7, the self-certification certificate creation requesting means 44 includes a paper certificate image reading means 44A, a key set generation means 44B for a certified person, a key set transmitting means 44C for a certified person, and paper. It is configured to include the certificate image transmitting means 44D and the extraction information confirmation means 44E. Further, as shown in FIG. 8, the certificate receiving means 45 for direct acquisition includes the key set generating means 45A for the certified person, the electronic certificate acquiring means 45B, the pass confirmation display means 45C, and the certified person. It is configured to include a key set transmitting means 45D. Further, as shown in FIG. 9, the electronic certificate submitting means 46 includes a My Page creating means 46A, an electronic certificate direct submitting means 46B, and a certified person confirmation and response means 46C.

Each of the means 41 to 46 included in these processing means 40A defines a central processing unit (CPU) provided inside the computer main body constituting the certified person terminal 40, and an operation procedure of the CPU. Alternatively, it is realized by a plurality of programs and working memory such as main memory and cache memory. The details of each of these means 41 to 46 will be described later.

The storage means 50 includes an acquisition program storage means 51 and a key set storage means 52 for a certified person.

Each of the storage means 51 and 52 included in these storage means 50 is preferably realized by, for example, a hard disk drive (HDD), a solid state drive (SSD), or the like, but is within a range in which there is no problem in storage capacity, access speed, or the like. If so, for example, other recording media such as DVD, CD, MO, and magnetic tape may be adopted. The details of each of these storage means 51 and 52 will be described later.

<Outline configuration of certificate service provider system 60>

The certificate service provider system 60 is composed of one or a plurality of computers, and is a processing means 60A that executes various processes provided by the certificate service provider, and various processes executed by the processing means 60A. It is configured to include a storage means 70 for storing the data used in the above. Specifically, for example, the certificate service provider system 60 can be configured by a WEB server, a WEB application server, a database server, one or a plurality of person in charge terminals, and the like. The certificate service provider is usually an organization (company, etc.), but may be an individual.

The processing means 60A includes a program providing means 61, a certification auxiliary processing means 62 for proxy bookkeeping, an electronic certificate proxy bookkeeping means 63, a certified person key information initial registration means 64, a pass / fail confirmation auxiliary processing means 65, and the like. It includes an electronic certificate proxy acquisition means 66, a self-certificate proxy creation means 67, an electronic certificate submission assisting means 68, and an intermediary means 69.

Then, as shown in FIG. 5, the certification auxiliary processing means 62 for proxy bookkeeping includes the setting information registration means 62A and the information registration means 62B for the certified person. Further, as shown in FIG. 6, the pass / fail confirmation assist processing means 65 includes the certified ID transmitting means 65A, the information delivery means 65B for the certified person, the pass notification display assisting means 65C, and the certified person key information additional registration means. It is configured to include 65D. Further, as shown in FIG. 7, the self-certification proxy creation means 67 includes the certified person key information additional registration means 67A, the paper certificate image acquisition means 67B, the text conversion means 67C, the extraction means 67D, and the self. It includes a certificate creating means 67E and a self-certification bookkeeping means 67F. Further, as shown in FIG. 9, the electronic certificate submission assisting means 68 includes a my page creation assisting means 68A and a my page transmitting assisting means 68B. Further, as shown in FIG. 10, the intermediary means 69 is certified as an intermediary information setting means 69A, a recipient information input reception means 69B, a condition-matching my page extraction means 69C, a my page URL automatic transmission means 69D, and the like. It is configured to include a notification means 69E for persons.

Each of the means 61 to 69 included in these processing means 60A defines a central processing unit (CPU) provided inside the computer main body constituting the certificate service provider system 60, and an operation procedure of the CPU. It is realized by one or more programs, as well as working memory such as main memory and cache memory. The details of each of these means 61 to 69 will be described later.

The storage means 70 includes a provided program storage means 71, a setting information storage means 72, an information storage means 73 for certified persons, an electronic certificate storage means 74, a certified person key information storage means 75, and a template storage means. 76, a certificate service provider key set storage means 77, a self-certificate storage means 78, a My Page storage means 79, a recipient information storage means 80, and an intermediary information storage means 81. ing.

Each of the storage means 71 to 81 included in these storage means 70 is preferably realized by, for example, a hard disk drive (HDD), a solid state drive (SSD), or the like, but is within a range in which there is no problem in storage capacity, access speed, or the like. If so, for example, other recording media such as DVD, CD, MO, and magnetic tape may be adopted. Further, the data storage format of each storage means 72 to 81 may be a database or a file format such as a flat file. The details of each of these storage means 71 to 81 will be described later.

<Outline configuration of recipient terminal 90>

The recipient terminal 90 is composed of a computer and includes, for example, input means such as a mouse, keyboard, and touch panel, and display means such as a liquid crystal display. The recipient terminal 90 may be a portable device such as a smartphone or a tablet terminal. Further, the same recipient uses a personal computer as a recipient terminal 90 at a certain time, and a mobile device such as a smartphone or a tablet terminal as a recipient terminal 90 at another time. In addition, a plurality of physically different computers (computers in a broad sense) may be used. The recipient is usually a group (company, etc.), but it can also be an individual.

The recipient terminal 90 is configured to include a processing means 90A for executing various processes performed by the recipient and a storage means 95 for storing data used in various processes executed by the processing means 90A. There is.

The processing means 90A includes an electronic certificate receiving means 91. Then, as shown in FIG. 9, the electronic certificate receiving means 91 includes the My Page display means 91A, the electronic certificate direct receiving means 91B, the certified person confirmation means 91C, and the certified person confirmation means 91D. It is configured.

The electronic certificate receiving means 91 included in the processing means 90A is a central processing unit (CPU) provided inside a computer main body constituting the recipient terminal 90, and one or one that defines an operation procedure of the CPU. It is realized by a plurality of programs and working memory such as main memory and cache memory. The details of the electronic certificate receiving means 91 will be described later.

The storage means 95 is configured to include the acquisition program storage means 96. The acquisition program storage means 96 included in the storage means 95 is preferably realized by, for example, a hard disk drive (HDD), a solid state drive (SSD), or the like, but as long as there is no problem in storage capacity, access speed, or the like. For example, other recording media such as DVD, CD, MO, and magnetic tape may be adopted. The details of the acquisition program storage means 96 will be described later.

<Structure of Participant Node 100: Fig. 2>

In FIG. 2, the participant node 100 is configured by a computer and includes a processing means 101 for executing various processes necessary for recording and referencing data, and a distributed ledger storage means 104 for storing data. There is. The distributed ledger is composed of a plurality of participant nodes 100 connected by the P2P network 2. The distributed ledger in the present invention is not limited to the blockchain, but in the present embodiment, the blockchain is used as an example.

The processing means 101 includes a central processing unit (CPU) provided inside a computer main body constituting the participant node 100, one or a plurality of programs defining an operation procedure of the CPU, and a main memory and a cache. It is realized by working memory such as memory. The distributed ledger storage means 104 is preferably realized by, for example, a hard disk drive (HDD), a solid state drive (SSD), or the like, but as long as there is no problem in storage capacity, access speed, or the like, for example, a magnetic tape or the like. Other recording media may be adopted.

The processing means 101 executes a block adding means 102 that executes a process of adding a block to the distributed ledger storage means 104, and a process of acquiring the data related to the reference request recorded in the block in response to the data reference request. The reference request response means 103 is provided.

When the block adding means 102 receives the bookkeeping data from the certificate service provider system 60 or the certified person system 20 via the communication line, the block adding means 102 generates a block containing the bookkeeping data, and the generated block is generated in the P2P network 2. The block addition process for sharing and storing with the other participant nodes 100 that have been approved and connected to the P2P network 2 is executed. The block addition process (that is, the process for creating, approving, and sharing the block) is not performed by itself, but is executed by distributed processing with other participant nodes 100.

Here, as shown in FIG. 2, the blocks generated by the block generation process in the block addition process include a time stamp indicating the generation time, chain formation information such as a hash value of the previous block, and bookkeeping data (booking data (). Includes the ledger's verification key and electronic certificate data). The chain formation information may be a hash value of the previous block like a normal block chain, or may be formed by using information other than the previous block, for example, and the chain formation method is Optional.

The reference request response means 103 obtains the verification key βV (βV1, βV2, ..., βVk, ...) Of the certified person from the certificate service provider system 60 or the certified person terminal 40 via the communication line. When there is an accompanying electronic certificate acquisition request (reference request), the electronic certificate data related to the acquisition request is acquired from the block using the verification key βVk of the certified person as a key, and the acquired electronic certificate data is used. , The process of transmitting to the certificate service provider system 60 or the certified person terminal 40 via the communication line is executed.

<Configuration of external service system 110>

The external service system 110 is composed of one or a plurality of computers. The external service system 110 is, for example, instructed by the text conversion means 67C of the self-certificate proxy creation means 67 of the certificate service provider system 60, and is transmitted from the certificate service provider system 60 via the network 1. It receives the image data of the kurugami certificate, executes OCR processing (optical character reading processing), and executes a process of transmitting the read character information to the certificate service provider system 60 via the network 1.

Further, the external service system 110 may include a My Page storage means instead of the My Page storage means 79 of the certificate service provider system 60. Therefore, the My Page storage means in the present invention may be provided at any place on the network 1.

Further, the external service system 110 receives an instruction from the certificate service provider system 60's My Page creation assisting means 68A (see FIG. 9), and the name transmitted from the certificate service provider system 60 via the network 1. Use to provide information about intellectual property rights (classification and content of the classification, publication number) that is the inventor of the patent, the creator of the utility model, and the creator of the design that matches this name. A process of extracting from the information database and transmitting the extracted intellectual property information (classification and contents of the classification, publication number) to the certificate service provider system 60 via the network 1 is executed. The intellectual property information database provided in the external service system 110 stores text data corresponding to the classification and briefly showing the contents of the classification.

<Type of key set: Fig. 4>

In FIG. 4, the certified person owns the key set α, the certified person owns the key set β, and the certificate service provider owns the key set γ.

More specifically, there are four types of certified key set α: Decryption key αD, Encryption key αE, Signature key αS, and Verification key αV. It is composed of the key of. The decryption key αD and the signature key αS are private keys, and the encryption key αE and the verification key αV are public keys. Of these, the verification key αV of the certified person is used as the certified person ID for managing the certified person (certified business operator) by the certificate service provider in this embodiment.

Further, depending on the type of encryption system, there is a key that can be used as a key (private key) that is also used as the decryption key αD and the signature key αS. Therefore, there are some that can be used as a key (public key) that is used for both the encryption key αE and the verification key αV. This also applies to the key set β of the certified person and the key set γ of the certificate service provider.

Further, since the key set α of the certified person does not depend on the algorithm handled by the distributed ledger, it can be replaced with an algorithm having high security strength, or the key set already owned by the certified person can be used.

The key set α (αD, αE, αS, αV) of the certified person is also the basic key set α0 (αD0) generated at the start of service use, as in the case of the key set β of the certified person described below. , ΑE0, αS0, αV0) and the key set αk (αDk, αEk, αSk, αVk: however, k = 1, 2, 3, ..., N) generated at each certification (each holding time). Although they may be prepared, for the sake of simplification of the explanation, the key set α (αD, αE, αS, αV) will be used for the explanation without distinguishing them.

The key set β of the certified person is also composed of four types of keys: a decryption key βD, an encryption key βE, a signature key βS, and a verification key βV.

The key set β of the certified person includes the basic key set β0 (decryption key βD0, encryption key βE0, signature key βS0, verification key βV0) generated at the start of service use, and receipt of each electronic certificate. Key set βk generated each time (decryption key βDk, encryption key βEk, signature key βSk, verification key βVk: where k = 1, 2, 3, ..., n, where n is received by the certified person. The total number of electronic certificates or the total number of electronic certificates issued to the person to be certified) is prepared. Of these, the verification key βV0, which is the basis of the certified person, is used as the certified person ID for managing the certified person (user) by the certificate service provider in the present embodiment.

Since the key set β is a key set owned by the certified person, consider mainly the certified person of one person or one group, for example, (βD1, βE1, βS1, βV1) may be assigned to a certain certified person. Considering the key set β1 generated upon receipt of the first electronic certificate issued, (βD2, βE2, βS2, βV2) is generated upon receipt of the second electronic certificate issued to the certified person. The key set β2 can be considered, and (βDk, βEk, βSk, βVk) can be considered as the key set βk generated at the time of receiving the kth electronic certificate issued to the certified person. However, k = 1, 2, 3, ... Are not numbered in the order in which they are received, and the same certified person (for example, Taro Yamato) has a different certified person (certified person X, Y, Z, ... When each electronic certificate issued by each of) is received one after another, a different key set β (βD, βE, βS, βV) is generated each time the electronic certificate is received, and those key sets β are generated. Are only numbered for convenience of explanation to indicate that they will be received one after another.

When a person to be certified receives the electronic certificates issued to him / her one after another, he / she usually receives the most recent (last) electronic certificate issued at each time of receipt. The order of issuance and the order of receipt may not match. Therefore, if a certified person issues one electronic certificate to himself, the certified person will receive that one electronic certificate, which is the most recent (last) to himself. It is not always an electronic certificate issued. As mentioned above, the numbers k = 1, 2, 3, ... Do not strictly indicate the order of issuance or receipt of electronic certificates, and there are issuances and receipts one after another, each time. It only shows that different key sets β are being generated one after another. Therefore, in the following, for example, the key set βk (any of k = 1, 2, ..., N) may be described, but this description is simply a large number of key sets β1, β2. It does not indicate the generation or receipt of one key set β. However, even if it indicates the generation or receipt of one key set β, if processing is performed for multiple (many) certified persons, it means that a large number of key sets β are handled. The term "one key set β" in the above means that one person or one group of certified persons is executing a process of handling one key set β. Also, as mentioned above, the order of issuance and the order of receipt may not match, so the statement that the kth issue is received in the kth order, or the last issue is the last one. There is no statement that it will be received (a statement that the nth issue will be received in the nth).

Also, from the perspective of the accredited person, one accredited person generates different key sets β (βD, βE, βS, βV) for each accredited person at each accreditation (each holding time), but (βDk, βEk). , ΒSk, βVk) k does not indicate each certification (each holding time) in the certified person because it focuses on the certified person (for example, Taro Yamato). For example, even if an electronic certificate is issued by the same certified person at the same certification (same holding time), it will be the first electronic certificate received by Taro Yamato, and the key set β received there will be β1 (βD1, βE1, This is because it becomes βS1 and βV1), while it becomes the second electronic certificate received by Hanako Yamato, and the key set β received there may be β2 (βD2, βE2, βS2, βV2).

The key set β1, β2, ..., βk, ..., βn of the certified person may be the same key set. In that case, the verification keys βV1, βV2, ..., βVk, ..., βVn of the certified person may be used. Is the same key, so when acquiring an electronic certificate from the distributed ledger using the verification key βV of the certified person, all the electronic certificates held by the certified person will be obtained. ..

The key set γ of the certificate service provider is also composed of four types of keys: a decryption key γD, an encryption key γE, a signature key γS, and a verification key γV.

Further, as the key handled in this embodiment, there is a common key δ (common key) between the certified person and the certified person. This common key δ is a key used for both encryption and decryption, and is also called a shared key.

<Detailed configuration of certified person system 20>

<Structure of certified person system 20 / processing means 20A / examinee management means 21: FIGS. 5 and 12>

In FIG. 5, the examinee management means 21 executes a process of managing information about the examinee. The examinee management means 21 may be a system that has been conventionally operated and managed by a certified person. Therefore, the examinee information storage means 31 for storing information about the examinee may also have the conventional configuration.

The examination application receiving means 21A executes a process of accepting an examination application by a certified person (however, at this point, it is merely an examinee). For example, the test application receiving means 21A is configured by a WEB system, and in response to a request from the certified person (testee) from the certified person terminal 40, the WEB page for the test application is displayed on the WEB page for the test application via the network 1. The application information sent to the terminal 40 and sent from the certified person terminal 40 (including personal information such as name, date of birth, telephone number, e-mail address, etc.) is accepted, and the accepted application information is received by the certified person. The process of storing the information in the examinee information storage means 31 in association with the personal ID for managing the examinee is executed. The application information referred to here also includes information set by the certified person (for example, an examination number, etc.) for the application of the certified person.

Further, the examination application receiving means 21A accepts and inputs the application information received from other than the WEB system, for example, the application information received by the paper examination application form, telephone, facsimile, e-mail, etc. from the person in charge terminal. The process of associating the applied application information with the personal ID for managing the examinee by the certified person and storing it in the examinee information storage means 31 is also executed.

Further, the test application receiving means 21A inputs the application information received on the day of the certification test (information entered on the test form on the day of the test, etc.) from the person in charge terminal, and is an individual for the test taker management by the certified person. In some cases, a process of associating with the ID and storing it in the examinee information storage means 31 may be executed.

Then, as shown in FIG. 15, the examination application receiving means 21A accepts the public key (verification key βV and encryption key βE) of the certified person as the application information and associates it with the personal ID for the examinee management by the certified person. In some cases, a process of storing the information in the examinee information storage means 31 may be executed.

The examinee information editing means 21B executes an editing process of information about the examinee. For example, the examinee information editing means 21B provides pass / fail information (pass / fail), qualification information (score, rank, etc.), and addition after the certification test is conducted (after the judgment act such as scoring is performed). It receives input from the terminal in charge of personal information (certification number, etc.), associates it with a personal ID for managing the examinee by the accredited person, and executes a process of storing it in the examinee information storage means 31.

Further, the examinee information editing means 21B also executes a process of accepting addition / correction of application information at an arbitrary time from the time of the first application for the examination to the time of the start of the certification examination.

In addition, the examinee management means 21 accepts the application information by filling out the examination form on the day of the certification examination, and after performing the judgment act such as scoring, the application information (including personal information such as the name) and the pass / fail information. (Pass / Fail), qualification information (score, rank, etc.), and additional personal information (certification number, etc.) are collectively input from the person in charge terminal, and the individual for test taker management by the certified person. It may be configured to execute a process of storing the information in the examinee information storage means 31 in association with the ID.

<Structure of certified person system 20 / processing means 20A / examinee file creating means 22: FIG. 5>

In FIG. 5, the examinee file creating means 22 executes a process of creating an examinee file (for example, a CSV file) by using the information about the examinee stored in the examinee information storage means 31. The created examinee file exists on the accredited person system 20. The examinee file creation means 22 downloads, for example, the examinee file creation program from the program storage means 71 provided by the certificate service provider system 60 via the network 1, stores it in the acquisition program storage means 32, and installs it. It may be realized by receiving a test taker file creation program stored in a recording medium such as a CD, DVD, or USB memory from a certificate service provider, and installing and implementing it. In addition, it may be realized by a test taker file creation program independently developed by the certified person. Since the examinee management means 21 and the examinee information storage means 31 are usually different for each accredited person, when the certificate service provider provides each accredited person with an examinee file creation program, it is usually for each accredited person. Prepared individually.

In principle, the examinee file (for example, CSV file) created by the examinee file creation means 22 has a common format for each accredited person (or each accreditation of each accredited person (accreditation of each holding time)). , Or a customized format according to common rules. This format allows some customization for each accredited person (or for each accredited person), but the accredited processing means 23 for proxy bookkeeping described below is the certificate service provider system in this embodiment. 60 Settings for proxy bookkeeping This is realized by communication with the auxiliary processing means 62 by WEB, and is common to each certified person (or each certified person of each certified person), so the certification for proxy bookkeeping. It is a customization within a range that can be handled by a program that realizes the processing means 23 (in this embodiment, as described below, it is a program attached to a WEB page such as Javascript (ECMAScript) or the like).

As shown in FIG. 5, the examinee file (for example, CSV file) includes the examinee management ID (personal ID) by the certified person and the personal information (for example, name, date of birth, etc.) among the information written in the certificate. Certification number, face photo data, etc.), information not written on the electronic certificate (for example, examination number, venue number, password written on the examination ticket, etc.), pass / fail information (pass / fail), and certification Qualification information (for example, score, rank, qualification expiration date, certification conditions (use of glasses, contacts, etc.), etc.) among the certificate writing information is stored in association with it.

Of these, the personal information (for example, name, date of birth, certification number, facial photograph data, etc.) among the information written on the certificate is the encryption key βEk (k = 1, 2, ..., N) of the certified person. It is an encryption target by).

In addition, personal information (name, date of birth, etc.) among the information written on the certificate and information not written on the electronic certificate (for example, examination number, venue number, etc.) are information that can be selected as personal authentication information. Yes, for example, a combination of an examination number, a name, and a date of birth can be used as personal authentication information. The details of the personal authentication information will be described later in the description of the authorized person side common key generation means 23D.

Further, the information not written in the electronic certificate (for example, the examination number and the venue number) is information that can be selected as the person identification information. The details of the personal identification information will be described later in the description of the information transmission means 23E for the certified person.

The address, telephone number, e-mail address, etc. may be included in the personal information (name, date of birth, etc.) of the certificate written information, and the information not written in the electronic certificate (for example, examination number, venue). It may be included in the number).

In addition, the qualification information (for example, score, rank, etc.) in the certificate written information does not include the certification management information (certification name, certification date, etc.). This is because the certification management information is not information for each examinee, but information common to each examinee. However, the certification management information may be included in the qualification information (for example, score, rank, etc.) in the certificate writing information.

<Structure of certified person system 20 / processing means 20A / certified processing means 23 for proxy bookkeeping: FIG. 5>

In FIG. 5, the certification processing means 23 for proxy bookkeeping is provided in the certification system 20X that does not directly access the distributed ledger, creates an electronic certificate, and creates the certification service provider system 60. It executes the process of requesting proxy entry to the distributed ledger for the electronic certificate that has been created. In this respect, it is different from the certification processing means 25 for direct bookkeeping provided in the certified person system 20Y (see FIG. 8) that directly accesses the distributed ledger.

In the present embodiment, the certification processing means 23 for proxy bookkeeping is a WEB browser (web browser) mounted on the certified person system 20 and a setting auxiliary processing means 62 for proxy bookkeeping of the certificate service provider system 60. It is realized by a WEB page (web page) transmitted via the network 1 by (see FIG. 5) and a program associated therewith (for example, a program running on a WEB browser such as JavaScript (ECMAScript)). It may be realized by a program installed (installed) in advance in the certified person system 20.

<Structure of certified person system 20 / processing means 20A / certified processing means 23 for proxy bookkeeping / setting information input receiving means 23A: FIG. 5>

In FIG. 5, the setting information input receiving means 23A accepts the reading or input of the authorized person's key set α (αD, αE, αS, αV), and uses the authorized person's public key (verification key αV, encryption key αE). Processing to be sent to the certificate service provider system 60 via network 1, certification management information (certification name, certification test holding time, certification date, pass / fail confirmation URL (also used as key set receiving URL), template image It accepts the input of the ID, the format of the examinee file (CSV file, etc.), etc.) and executes the process of transmitting the input certification management information to the certificate service provider system 60 via the network 1. Is. The public key transmission process of these certified persons and the certified management information transmission process may be performed at the same time, or may be performed at different times. Here, the public key of the certified person and the certified management information (certified name, etc.) are collectively referred to as setting information (caution: not certified information).

At this time, if the key set α of the certified person is already stored in the key set storage means 33 for the certified person, the setting information input receiving means 23A may read it and describes it in the memo of the person in charge or the like. If so, the person in charge may enter it, and if the certified person's key set α does not yet exist, a program for realizing the key set generation means provided by the certificate service provider system 60. It may be generated by.

Further, in the present embodiment, the setting information input receiving means 23A creates a pass / fail confirmation WEB page (also used as a key set receiving URL) and a corresponding pass / fail confirmation URL (also used as a key set receiving URL). They are transmitted to the certificate service provider system 60, and the pass / fail confirmation URL (URL for receiving the key set) is stored in the setting information storage means 72 (see FIG. 5) for pass / fail confirmation (for receiving the key set). The WEB page of is stored in the information delivery page storage means (not shown) for the certified person. In addition, the person in charge of the authorized person creates the WEB page for pass / fail confirmation (for receiving the key set) and the corresponding URL for pass / fail confirmation (URL for receiving the key set), and inputs them. It may be accepted by means 23A.

Then, the public key (verification key αV, encryption key αE) of the certified person transmitted to the certificate service provider system 60, the certification management information (certification name, the holding time of the certification test, the certification date, the pass / fail confirmation URL ( The key set receiving URL (also used as the key set receiving URL), the template image ID, the format of the examinee file (CSV file, etc.), etc.) are stored in the setting information storage means 72 by the setting information registration means 62A (see FIG. 5). ). At this time, the accreditation management information is stored in association with the accreditation ID so that the accreditation ID is unique for each accredited person holding the accreditation test (that is, for each accredited person and). It is an ID given (so that it becomes a different ID for each event), and there is a one-to-one correspondence with the pass / fail confirmation URL (also used as the key set receiving URL). It may be considered as certification management information including this certification ID. The certification ID may be automatically assigned by the certificate service provider system 60, may be automatically assigned by the certification system 20, or may be designated by the certification person if it is unique.

<Structure of certified person system 20 / processing means 20A / certified processing means 23 for proxy bookkeeping / key set generation means 23B: FIG. 5>

In FIG. 5, the key set generation means 23B is the key set βk of the certified person (decryption key βDk, encryption key βEk, signature key βSk, verification key βVk: however, k = 1, 2, ..., N). Is to execute the process of generating. The key set generation means 23B generates a different key set βk for each of the plurality of certified persons, and also generates a different key set βk for each certification (each holding time). In this embodiment, this function is realized by a program attached to a WEB page such as Javascript (ECMAScript) or the like.

<Structure of certified person system 20 / processing means 20A / certification processing means 23 for proxy bookkeeping / electronic certificate creating means 23C: FIG. 5>

In FIG. 5, the electronic certificate creating means 23C executes a process of creating an electronic certificate (see FIG. 3). In this embodiment, this function is realized by a program attached to a WEB page such as Javascript (ECMAScript) or the like.

Specifically, the electronic certificate creating means 23C uses "personal information (for example, name, date of birth, certification number, face photo) among the information written in the certificate" in the examinee file (CSV file, etc.) shown in FIG. Data, etc.) ”is read, and the process of encrypting personal information is executed by the encryption key βEk (any of k = 1, 2, ..., N) of the certified person generated by the key set generation means 23B. If the certified person's encryption key βEk is obtained by the certified person (for example, provided at the time of application for the examination), the certified person's encryption key βEk may be used.

Further, as shown in FIG. 3, the electronic certificate creating means 23C has a dynamically generated certificate ID, a verification key αV of the certified person, and a verification key βVk (k = 1, 2, ... , N), the encrypted key βEk (the same k as βVk k), the credential information (certification name, certification date, template image ID, etc.), and encrypted personal information. Then, the process of creating the data of the electronic certificate before signing is executed.

Then, the electronic certificate creating means 23C attaches an electronic signature to the data of the electronic certificate before signature created above with the signature key αS of the certifier, and executes a process of completing the data of the electronic certificate. .. Therefore, the electronic signature will be applied to the data including the encrypted personal information.

Here, the certificate ID is an ID dynamically generated so that all the electronic certificates issued to each certified person at each certification (each holding time) can be identified, and is the qualification for the electronic certificate. Different certificate IDs are automatically assigned if the type, the number of times the certification test is held for the same type of qualification, or the person to be certified who holds the qualification is different.

Further, the verification key αV of the certified person is received by the setting information input receiving means 23A, and if it does not remain on the certified person system 20, the setting information storage means 72 of the certificate service provider system 60 You may get it. The verification key βVk and the encryption key βEk (any of k = 1, 2, ..., N) of the certified person are generated by the key set generation means 23B.

Further, the qualification information includes all or part of the certification management information (certification name, certification date, template image ID, etc.) received by the setting information input reception means 23A, and the examinee file (CSV file, etc.) in FIG. It was created based on "qualification information (for example, score, rank, etc.) among the information written on the certificate". If the certification management information (certification name, certification date, template image ID, etc.) does not remain on the certification system 20, it may be acquired from the setting information storage means 72 of the certification service provider system 60. .. After all, the qualification information to be included in the electronic certificate includes, for example, the certification name, the certification date, the template image ID, the expiration date of the qualification, the certification conditions (use of glasses / contacts, etc.), the score (score as a test result), and the rank ( Here, for example, it is described as excellent / good / acceptable, A / B / C, etc., which means a rank determined by the quality of the result of the examination.), Qualification type (here, it is described). , For example, 1st grade, 2nd grade, advanced, special, general, etc., which means the qualification type when taking an examination aiming to pass any of the grades and categories prepared in advance. There are.) Etc. The qualification type referred to here may be included in the certification name. The electronic certificate does not include all the data listed above as credential information, but can be selected as appropriate according to the nature of the certifier and the content of the certification, and at least the certification name is included. Just do it.

Further, the encrypted personal information is encrypted by the electronic certificate creating means 23C using the encrypted key βEk (any of k = 1, 2, ..., N) of the certified person. In addition, personal information is encrypted on the premise that the electronic certificate is recorded in the distributed ledger, but once it is written in the distributed ledger, due to the nature of the distributed ledger, it is an individual's convenience. This is because it becomes difficult to hide the information.

Further, the signature key αS of the authorized person used for the electronic signature is read or received by the setting information input receiving means 23A.

<Structure of certified person system 20 / processing means 20A / certified processing means 23 for proxy bookkeeping / certified person side common key generation means 23D: FIG. 5>

In FIG. 5, the certified person side common key generation means 23D executes a process of generating each common key δ between the certified person and each certified person by using the person authentication information for each certified person. Is. In this embodiment, this function is realized by a program attached to a WEB page such as Javascript (ECMAScript) or the like.

Here, the personal authentication information is information for identifying each certified person, which is predetermined between the certified person and each certified person, and is information that only the certified person and the certified person can know. This personal authentication information is composed of a combination of several pieces of information (for example, examination number, examination venue, name, date of birth, etc.), and the combination is arbitrary and may be different for each certified person. Therefore, even if the person in charge of the certificate service provider is malicious, the common key δ cannot be generated because the person's authentication information cannot be known, and the certified person encrypted with the common key δ. The key set βk (βDk, βEk, βSk, βVk) of the above is prevented from leaking.

In the present embodiment, the personal authentication information can be configured by combining the information described as "personal authentication information (information that can be selected as)" in the examinee file (CSV file or the like) of FIG. That is, from "personal information among the information written on the certificate (for example, name, date of birth, certification number, etc.)" and "information not written on the electronic certificate (for example, examination number, venue number, etc.)", the certified person Information specified for each is read, and they are combined to form personal authentication information.

<Structure of certified person system 20 / processing means 20A / certified processing means 23 for proxy bookkeeping / information transmitting means 23E for certified persons: FIG. 5>

In FIG. 5, the information transmission means 23E for the certified person encrypts the key set βk of the certified person by using the process of creating the key set receiving ID (also used as the pass / fail confirmation ID) and the common key δ. The certificate service provider system 60 for processing, pass / fail information of the certified person (examinee), and the key set βk of the certified person encrypted with the common key δ, together with the key set receiving ID, via the network 1. It executes the process of sending to.

Specifically, when the information transmission means 23E for the certified person creates the key set receiving ID (also used as the pass / fail confirmation ID), the person who has read it from the examinee file (CSV file or the like) shown in FIG. Using the authentication information and the certification ID included in the certification management information, the hash value or other conversion information for the person authentication information and the certification ID is obtained, and the conversion information such as the obtained hash value is received as a key set. Executes the process of using the ID. The hash value or other conversion information is used because if the key set receiving ID is the person authentication information itself, the common key δ can be generated using the key set receiving ID and encrypted with the common key δ. This is to prevent leakage of the key set βk (βDk, βEk, βSk, βVk) of the certified person. In addition, the personal authentication information (for example, the combination of examination number, name, and date of birth) may have the same value as other certification tests (certification tests), so by adding the certification ID, a key set can be set. The receiving ID is unique.

Further, the key set receiving ID is not the ID obtained by the personal authentication information and the conversion process such as hashing using the certified ID, but the personal authentication information (that is, the information used for generating the common key δ). May create a key set receiving ID using different personal identification information. That is, the key set receiving ID may be created using the personal identification information and the authorized ID. This personal identification information is the same as the personal authentication information in that it is information for identifying each certified person, which is predetermined between the certified person and each certified person, but is in charge of the certificate service provider. It differs from personal authentication information in that it may be known to a person. Even if the personal identification information is known to a malicious person in charge of the certificate service provider, the common key δ cannot be generated from the personal identification information (that is, the personal identification information generates the common key δ). (Because it is not the information used for), it does not lead to the leakage of the key set βk of the certified person.

In the present embodiment, the personal identification information is read from "information not written in the electronic certificate (for example, examination number, venue number, etc.)" in the examinee file (CSV file, etc.) of FIG. 5, and the key set receiving ID. Can be used to create. In addition, "personal information (name, date of birth, etc.) among the information written in the certificate" in the examinee file (CSV file, etc.) is not used for personal identification information. It is preferable to use personal information because the personal identification information is not subjected to conversion processing such as hashing, and is information on the premise that it may be known to a malicious person in charge of the certificate service provider. Because there isn't.

Further, the information transmission means 23E for the certified person uses the common key δ to use the key set βk of the certified person (decoding key βDk, encryption key βEk, signature key βSk, verification key βVk: however, k = 1, 2, ..., When encrypting any of n), the common key δ generated by the certified person's common key generation means 23D is used.

Further, when the information transmission means 23E for the certified person transmits the pass / fail information of the certified person (examinee) and the key set βk of the certified person encrypted with the common key δ, the examination in FIG. 5 is performed. The pass / fail information (pass / fail) in the person file (CSV file, etc.) is read, and the read pass / fail information and the certified person encrypted using the common key δ by the information transmission means 23E for the certified person. Certificate service business via network 1 with the key set βk (βDk, βEk, βSk, βVk) together with the key set receiving ID (also used as the pass / fail confirmation ID) created by the information transmission means 23E for the certified person. The process of transmitting to the person system 60 is executed.

The pass / fail information transmitted to the certificate service provider system 60 and the key set βk (βDk, βEk, βSk, βVk) of the certified person encrypted with the common key δ are information registration means for the certified person. By 62B, it is associated with the key set receiving ID (also used as the pass / fail confirmation ID) and stored in the information storage means 73 for the certified person (see FIG. 5).

<Structure of Certified Person System 20 / Processing Means 20A / Electronic Certification Certificate Bookkeeping Means 24: FIG. 5>

In FIG. 5, the electronic certificate bookkeeping means 24 distributes the electronic certificates by transmitting the electronic certificates created by the electronic certificate creating means 23C to the certificate service provider system 60 via the network 1. It executes the process of requesting the certificate service provider to record in the ledger. The electronic certificates of all certified persons issued in one certification (one holding) may be sent together or one by one, or may be sent in several parts. You may.

In this embodiment, when the certificate service provider system 60 receives the electronic certificate from the electronic certificate bookkeeping means 24 (when the proxy bookkeeping request is received), the electronic certificate proxy bookkeeping means 63 (when the proxy bookkeeping request is received). The bookkeeping (proxy bookkeeping) in the distributed ledger by (see FIG. 5) is not performed immediately, and the bookkeeping standby state is set.

<Structure of certified person system 20 / processing means 20A / certified processing means 25 for direct bookkeeping: FIG. 8>

In FIG. 8, the certification processing means 25 for direct bookkeeping is provided in the certified person system 20Y that directly accesses the distributed ledger, creates an electronic certificate, and records the created electronic certificate in the distributed ledger by itself. It executes the process. In this respect, it is different from the certification processing means 23 for proxy bookkeeping provided in the certified person system 20X (see FIG. 5) that does not directly access the distributed ledger.

Unlike the certification processing means 23 for proxy bookkeeping (see FIG. 5), the certification processing means 25 for direct bookkeeping does not request the certificate service provider system 60 to record the electronic certificate in the distributed ledger. , The process of creating an electronic certificate by communication with the certificate service provider system 60 (communication by WEB) is not performed. Therefore, the certification processing means 25 for direct bookkeeping is realized not by the WEB but by a program installed (installed) in the certified person system 20Y in advance.

Therefore, as shown in FIG. 8, in the case of direct bookkeeping, since communication with the certificate service provider system 60 by WEB is not performed, setting assistance for proxy bookkeeping provided in the certificate service provider system 60 is provided. The processing means 62 (see FIG. 5) is not used. Therefore, the certification processing means 25 for direct bookkeeping is not a function realized by a program (a program provided from the certificate service provider system 60 each time) attached to a WEB page such as Javascript (ECMAScript). ..

However, the program installed in the certified person system 20Y (the program for realizing the certified processing means 25 for direct bookkeeping) may be developed by the certified person himself, but the certification service provider is requested to develop the program. It may be a program provided by a certificate service provider.

<Structure of certified person system 20 / processing means 20A / certified processing means 25 for direct bookkeeping / setting information input receiving means 25A: FIG. 8>

In FIG. 8, the setting information input receiving means 25A reads the key set α (αD, αE, αS, αV) of the certified person stored in the key set storage means 33 for the certified person, or accepts the input. , The process of accepting the input of certification management information (certification name, holding time, certification date, etc.) is executed. This point is the same as the setting information input receiving means 23A of FIG.

However, the pass / fail confirmation URL (also used as the key set receiving URL) is not entered in the certification management information. Since the key set βk of the certified person is not generated by the key set generating means 23B as in the case of the proxy bookkeeping request in FIG. 5, there is no need to hand over the key set βk to the certified person, and the key set is received. This is because the pass / fail URL is not required, and the pass / fail notification is not performed using the pass / fail confirmation URL.

Further, unlike the case of the setting information input receiving means 23A of FIG. 5 described above, the setting information input receiving means 25A exchanges the key set α of the certified person and the certification management information with the certificate service provider system via the network 1. The process of transmitting to 60 is not performed.

In addition, in order to enable the issued electronic certificate to be used by the certified person in services such as creating My Page by the certificate service provider system 60, the certificate management information is used in the certificate service provider system. It may be transmitted to 60 and stored in the setting information storage means 72 (see FIG. 5). At this time, the template image ID may be included in the certification management information. Provide the template image to the certificate service provider system 60 and store it in the template storage means 76 in association with the template image ID, or write it in the distributed ledger and use the template image ID as certification management information or electronic certificate. By including it in, it can be used for creating the certificate image display units 310 and 410 (see FIG. 19) in My Page.

<Structure of certified person system 20 / processing means 20A / certification processing means 25 for direct bookkeeping / electronic certificate creating means 25B: FIG. 8>

In FIG. 8, the electronic certificate creating means 25B executes a process of creating an electronic certificate (see FIG. 3) having the same configuration as the electronic certificate created by the electronic certificate creating means 23C of FIG. 5 described above. Is what you do. At this time, as shown in FIG. 8, since the certification processing means 25 for direct bookkeeping does not generate the key set βk of the certified person, the electronic certificate creating means 25B is subject to the test at an appropriate time such as when applying for an examination. An electronic certificate is created using the verification key βVk and the encryption key βEk (one of k = 1, 2, ..., N) of the certified person provided by the certified person (examinee).

Further, the electronic certificate creating means 23C of FIG. 5 described above has read the necessary information to be included in the electronic certificate from the examinee file (for example, CSV file, etc.), but the electronic certificate creating means 25B of FIG. 8 has been read. Reads necessary information from the information about the examinee stored in the examinee information storage means 31. However, as in the case of the certification processing means 23 for proxy bookkeeping in FIG. 5 described above, a test taker file (for example, a CSV file) is created from the information about the test taker stored in the test taker information storage means 31 and electronically. The certificate creating means 25B may also read the necessary information from the examinee file.

<Structure of certified person system 20 / processing means 20A / certification processing means 25 for direct bookkeeping / electronic certification certificate bookkeeping means 25C: FIG. 8>

In FIG. 8, the electronic certificate bookkeeping means 25C connects the electronic certificate created by the electronic certificate creating means 25B to the P2P network 2 for forming a distributed ledger via a communication line (network 1 or a dedicated line). By transmitting to any of the plurality of participant nodes 100, the process of directly recording the electronic certificate in the distributed ledger is executed. At this time, as shown in FIG. 3, the data of the created electronic certificate plus the verification key αV of the certified person system 20 (20Y), which is the book holder, is used as the bookkeeping data, and this bookkeeping data is used as the distributed ledger. Remember. The electronic certificate may be booked in the distributed ledger as shown in FIG. 3, but the details thereof will be described later in the description of the electronic certificate proxy bookkeeping means 63 (see FIG. 6).

<Structure of certified person system 20 / processing means 20A / certification processing means 25 for direct bookkeeping / pass / fail notification means 25D: FIG. 8>

In FIG. 8, the pass / fail notification means 25D reads the pass / fail information (whether pass / fail) and the contact information of the certified person (examinee) from the information about the examinee stored in the examinee information storage means 31. , Perform the process of creating and sending an e-mail for pass / fail notification to the certified person (examinee), and the process of printing the pass / fail notification (paper) to be sent to the certified person (examinee). It is a thing.

<Structure of certified person system 20 / storage means 30>

The examinee information storage means 31 contains application information (including personal information such as name, date of birth, telephone number, e-mail address, etc.) by the examinee and pass / fail information as information about the examinee of the certification examination (certification examination). (Pass / fail) and subsequent addition / correction information (certification number, etc.) are stored in association with the personal ID for examinee management by the certified person.

The acquisition program storage means 32 stores a program (for example, a test taker file creation program, a certified person support program) downloaded from the provided program storage means 71 of the certificate service provider system 60 via the network 1. However, the certified person support program referred to here is not a program provided accompanying the WEB page (for example, Javascript (ECMAScript) or the like), but is a program installed in the certified person system 20 in advance. Therefore, the accredited person support program includes the program provided along with the WEB page transmitted from the accredited person service operator system 60 to the accredited person system 20, and the accredited person service operator at the request of the accredited person. There is a program that is developed and provided to certified persons, and here it refers to the latter program.

The certified person key set storage means 33 stores the certified person's key set α (decryption key αD, encryption key αE, signature key αS, verification key αV). However, if the person in charge of the certified person writes the key set α in a memo or the like and inputs it when necessary, the key set storage means 33 for the certified person is not indispensable.

<Detailed configuration of certified person terminal 40>

<Structure of certified person terminal 40 / processing means 40A / service use start registration means 41: FIG. 6>

In FIG. 6, in the service use start registration means 41, the certified person creates a My Page provided by the certificate service provider, receives a pass / fail notification of the certification test (certification test), and sets the key set βk of the certified person. It executes the service use start registration process for receiving various services such as receipt of.

Specifically, the service use start registration means 41 generates the basic key set β0 (decryption key βD0, encryption key βE0, signature key βS0, verification key βV0) of the certified person, and the generated basic key set β0. (ΒD0, βE0, βS0, βV0) is stored in the key set storage means 52 for the certified person, and the basic public key (verification key βV0 and encryption key βE0) of the certified person is certified via the network 1. The process of transmitting to the service provider system 60 is executed. When the certified person describes the basic key set β0 in a memo or the like, it is not necessary to store the basic key set β0 in the key set storage means 52 for the certified person.

Then, the basic public key (verification key βV0 and encryption key βE0) of the certified person transmitted to the certificate service provider system 60 is the certified person key information storage means 75 by the certified person key information initial registration means 64. It is stored in (see FIG. 6).

The process of generating the key set β0 of the certified person's basic key set by the service use start registration means 41 is provided along with the WEB page transmitted from the certificate service provider system 60 to the certified person terminal 40 ( For example, it is a function realized by JavaScript (ECMAScript) and the like). It may be realized by a program installed (installed) in advance in the certified person terminal 40.

<Structure of certified person terminal 40 / processing means 40A / pass / fail confirmation processing means 42: FIG. 6>

In FIG. 6, the pass / fail confirmation processing means 42 executes pass / fail confirmation of the certification test (certification test) by the certified person and processing associated therewith. In this embodiment, the pass / fail confirmation processing means 42 uses the WEB browser mounted on the certified person terminal 40 and the pass / fail confirmation auxiliary processing means 65 (see FIG. 6) of the certificate service provider system 60 to connect the network 1. It is realized by a WEB page transmitted via the WEB page and a program associated therewith (for example, a program running on a WEB browser such as Javascript (ECMAScript)). It may be realized by a program installed (installed) in advance in the certified person terminal 40.

<Structure of certified person terminal 40 / processing means 40A / pass / fail confirmation processing means 42 / information acquisition means 42A for certified person: FIG. 6>

In FIG. 6, the information acquisition means 42A for the certified person accesses the pass / fail confirmation URL, and the pass / fail information and the encrypted key set βk (decryption key βDk, encryption key βEk, signature) of the certified person (own). Key βSk, verification key βVk: However, k = 1, 2, ..., N) is to be acquired.

Specifically, the information acquisition means 42A for the certified person first accesses the pass / fail confirmation URL notified to the certified person in advance, and the certified ID transmitting means 65A of the certificate service provider system 60 (Fig.). 6), the process of receiving the certification ID transmitted via the network 1 is executed. The pass / fail confirmation URL is not a URL prepared individually for each certified person (each examinee), but a URL common to all certified persons (examinees). However, since the pass / fail confirmation URL is different if the certified person is different, for example, the pass / fail confirmation URL prepared by the certified person X and the pass / fail confirmation URL prepared by the certified person Y are different URLs. This pass / fail confirmation URL is, for example, transmitted by WEB communication when an examinee applies for an examination, posted on a handout (paper), wall surface, etc. on the day of the examination, or transmitted on a board. ) Will be notified in advance to the certified person by means of transmission on the homepage, transmission by e-mail, etc.

Further, the information acquisition means 42A for the certified person accepts the input of the personal authentication information by the certified person, and obtains the hash value or other conversion information by using the input personal authentication information and the acquired certification ID. , The process of creating the key set receiving ID (also used as the pass / fail confirmation ID) is executed. The personal identification information and the authorized ID may be used to create the key set receiving ID. The personal authentication information has already been described in detail in the explanation of the authorized person side common key generation means 23D (see FIG. 5), and the personal identification information has already been explained in the explanation of the information transmitting means 23E for the certified person (see FIG. 5). Since it is described in detail, detailed description thereof will be omitted here.

Further, the information acquisition means 42A for the certified person transmits the created key set receiving ID to the certificate service provider system 60 via the network 1, and also for the certified person of the certificate service provider system 60. The pass / fail information transmitted from the information delivery means 65B (see FIG. 6) via the network 1 and the key set βk (βDk, βEk, βSk, βVk) of the certified person encrypted with the common key δ are received. Execute the process.

<Structure of the certified person terminal 40 / processing means 40A / pass / fail confirmation processing means 42 / failure notification display means 42B: FIG. 6>

In FIG. 6, when the reject notification display means 42B determines that the certified person has failed using the pass / fail information acquired by the information acquisition means 42A for the certified person, for example, the failure notification in FIG. 17 is shown. As shown on the screen 200, a process of displaying the failure is executed on the screen of the certified person terminal 40.

<Structure of the certified person terminal 40 / processing means 40A / pass / fail confirmation processing means 42 / certified person side common key generation means 42C: FIG. 6>

In FIG. 6, the certified person side common key generation means 42C is input by the certified person when it is determined that the certified person has passed by using the pass / fail information acquired by the information acquisition means 42A for the certified person. The process of generating the common key δ between the certified person and the certified person is executed by using the person authentication information. In this embodiment, this function is realized by a program attached to a WEB page such as Javascript (ECMAScript) or the like. The algorithm for generating the common key δ by the certified person-side common key generating means 42C is the same as the above-mentioned certified person-side common key generating means 23D in FIG.

<Structure of certified person terminal 40 / processing means 40A / pass / fail confirmation processing means 42 / key set decryption means 42D for certified person: FIG. 6>

In FIG. 6, the key set decryption means 42D for the certified person uses the pass / fail information acquired by the information acquisition means 42A for the certified person to determine that the certified person has passed, and the common key on the certified person side. Using the common key δ generated by the generation means 42C, the key set βk (βDk, βEk, βEk, βEk, of the certified person encrypted with the common key δ in the certified person system 20 acquired by the information acquisition means 42A for the certified person It executes a process of decoding (βSk, βVk). In this embodiment, this function is realized by a program attached to a WEB page such as Javascript (ECMAScript) or the like.

The key set βk (βDk, βEk, βSk, βVk) of the certified person decoded by the key set decoding means 42D for the certified person may be stored in the key set storage means 52 for the certified person, but the basics. When using a service that can acquire all the key sets βk (k = 1, 2, ...) Of the certified person using the key set β0 (βD0, βE0, βS0, βV0) of βk (βDk, βEk, βSk, βVk) does not have to be stored in the key set storage means 52 for the certified person. Further, if it is described in the memo of the certified person, it is not necessary to store it in the key set storage means 52 for the certified person.

<Structure of certified person terminal 40 / processing means 40A / pass / fail confirmation processing means 42 / pass notification display means 42E: FIG. 6>

In FIG. 6, when the pass / fail notification display means 42E determines that the certified person has passed by using the pass / fail information acquired by the information acquisition means 42A for the certified person, the pass notification display means 42E is displayed on the screen of the certified person terminal 40. It executes a process to display that it has passed. In this embodiment, this function is realized by a program attached to a WEB page such as Javascript (ECMAScript) or the like.

Specifically, the pass notification display means 42E obtains the verification key βVk (any of k = 1, 2, ..., N) of the certified person obtained by decoding with the key set decoding means 42D for the certified person. , An electronic certificate transmitted to the certificate service provider system 60 via the network 1 and transmitted from the pass notification display assisting means 65C (see FIG. 6) of the certificate service provider system 60 via the network 1. And, the image data of the template is received, and for example, as shown in the pass notification screen 210 of FIG. 17, a process of displaying the pass is executed.

In FIG. 17, on the pass notification screen 210, the certificate image display unit 211 for pass notification and the "register electronic certificate ledger" selection for indicating the intention to record the electronic certificate in the distributed ledger are selected. Section 212, "Download Electronic Certificate" selection section 213 to obtain the recorded electronic certificate stored in the distributed ledger from the distributed ledger, and "My Page" to proceed to the creation / editing work. A "Create My Page" selection unit 214 is provided. The notation of each of these selections is only an example.

The certificate image display unit 211 for passing notification includes an electronic certificate stored in the electronic certificate storage means 74 of the certificate service provider system 60 (that is, an electronic certificate waiting to be recorded in the distributed ledger). , The display process is performed using the image data of the template stored in the template storage means 76 of the certificate service provider system 60 in association with the template image ID included in the electronic certificate. Here, the display is performed using the electronic certificate of the book waiting state (that is, the unbooked state) in the distributed ledger, but it is stored in the distributed ledger after the book is recorded in the distributed ledger. The display may be performed using an electronic certificate. In that case, a message indicating that the product has passed is displayed only by text at first, and after recording in the distributed ledger, the certificate image display unit 211 for notification of acceptance is displayed. Should be displayed.

Further, since the personal information part of the electronic certificate stored in the electronic certificate storage means 74 of the certificate service provider system 60 is encrypted with the encrypted key βEk of the certified person, the certified person After decrypting the part of the personal information using the decryption key βDk, the display process of the certificate image display unit 211 for pass notification is performed.

Then, in the present embodiment, the certified person selects and operates the selection unit 212 of “Registering the ledger of the electronic certificate” in FIG. 17 on the certified person terminal 40, and records the electronic certificate in the distributed ledger. The following key for the certified person, which is necessary to enable the use of the electronic certificate in services such as the creation of My Page provided by the certificate service provider, when the intention is displayed. The process proceeds to the process of the set transmission means 42F.

<Structure of certified person terminal 40 / processing means 40A / pass / fail confirmation processing means 42 / key set transmitting means 42F for certified person: FIG. 6>

In FIG. 6, the key set transmitting means 42F for the certified person is the key set βk (βDk, βEk, βSk, βVk: k = 1, 2, ... , N) is encrypted with the certified person's basic encryption key βE0, and the encrypted key set βk of the certified person is used as the certified person's basic verification key βV0 (that is, the certified person ID). At the same time, the process of transmitting to the certificate service provider system 60 via the network 1 and the process of issuing an instruction for recording the electronic certificate in the bookkeeping standby state in the distributed ledger are executed. In this embodiment, this function is realized by a program attached to a WEB page such as Javascript (ECMAScript) or the like.

Then, the key set βk (any of k = 1, 2, ..., N) of the certified person encrypted with the encryption key βE0 transmitted to the certificate service provider system 60 is the certificate service provider. By the certified person key information additional registration means 65D (see FIG. 6) of the system 60, it is associated with the verification key βV0 (that is, the certified person ID) of the basic of the certified person and stored in the certified person key information storage means 75. Will be done.

Further, the certified person's key set transmitting means 42F is the verification key βVk (k = 1, 2) of the certified person obtained by decoding by the certified person's key set decoding means 42D as a bookkeeping instruction to the distributed ledger. , ..., n) (the one that is not encrypted with the encrypted key βE0 of the certified person) is transmitted to the certificate service provider system 60 via the network 1. Then, in the certificate service provider system 60, when the certified person key information additional registration means 65D (see FIG. 6) receives this bookkeeping instruction, the instruction of ledger bookkeeping linkage is sent to the electronic certificate proxy bookkeeping means 63 (FIG. 6). It is transmitted to (see), and posting to the distributed ledger is executed.

<Structure of certified person terminal 40 / processing means 40A / electronic certificate acquisition means 43: FIGS. 6 and 9>

In FIGS. 6 and 9, the electronic certificate acquisition means 43 includes an individual acquisition request process for requesting acquisition of one electronic certificate from the distributed ledger, and all electronic certificates held by the certified person from the distributed ledger. It executes a batch acquisition request process that requests batch acquisition of. In this embodiment, these individual acquisition request processing and batch acquisition request processing are performed by selecting and operating the "download electronic certificate" selection unit 213 in FIG. 17 described above as an example, and further selecting individual acquisition / batch acquisition. Is executed by doing. Note that while bookkeeping in the distributed ledger requires payment of remuneration, referencing the bookkeeping data in the distributed ledger usually does not cost money, so it is always possible to acquire all at once (that is, a configuration without individual acquisition). May be.

Further, the electronic certificate acquisition means 43 may also execute a self-certificate acquisition request process for requesting the acquisition of a self-certificate from the distributed ledger or the self-certificate storage means 78 of the certificate service provider system 60. good. The details of the self-certificate will be described later in the explanation of the self-certificate creation request means 44 (see FIG. 7).

Specifically, when the electronic certificate acquisition means 43 performs an individual acquisition request process for requesting acquisition of one electronic certificate from the distributed ledger, the electronic certificate acquisition means 43 is included in the electronic certificate to be acquired. The verification key βVk (one of k = 1, 2, ..., N) of the certified person is transmitted to the certificate service provider system 60 via the network 1, and the electronic certificate of the certificate service provider system 60 is transmitted. The process of receiving the electronic certificate transmitted from the proxy acquisition means 66 (see FIG. 6) via the network 1 is executed.

Further, the electronic certificate acquisition means 43 performs a batch acquisition request process for all electronic certificates held by the certified person from the distributed ledger (for example, when creating / editing My Page shown in FIG. 9). First, the verification key βV0 (that is, the certified person ID) of the certified person's basics is transmitted to the certificate service provider system 60 via the network 1, and the electronic certificate service provider system 60 is used. Execute the process of receiving all the key sets βk (k = 1, 2, ..., All of n) of the certified person transmitted from the certificate proxy acquisition means 66 (see FIG. 6) via the network 1. .. These key sets βk (all of k = 1, 2, ..., N) are acquired from the certified person key information storage means 75 (see FIG. 6) by the electronic certificate proxy acquisition means 66, and are subject to the key set βk. All the key sets βk of the certified person stored in the certified person key information storage means 75 in association with the verification key βV0 (that is, the certified person ID) of the certified person's basics are acquired. Then, these key sets βk (all of k = 1, 2, ..., N) are encrypted with the encryption key βE0 which is the basis of the certified person.

Next, in the case of batch acquisition, the electronic certificate acquisition means 43 uses the certified person's basic decryption key βD0 and all the key sets βk encrypted with the certified person's basic encryption key βE0 ( By decoding (all of k = 1, 2, ..., N), the process of obtaining all the verification keys βVk (all of k = 1, 2, ..., N) of the certified person is executed.

Further, in the case of batch acquisition, the electronic certificate acquisition means 43 provides the obtained verification key βVk (all of k = 1, 2, ..., N) of the certified person to the certificate service via the network 1. All electronic certificates held by the certified person that are transmitted to the operator system 60 and also transmitted from the electronic certificate proxy acquisition means 66 (see FIG. 6) of the certificate service operator system 60 via the network 1. Is executed.

Further, when requesting the acquisition of the self-certificate, the electronic certificate acquisition means 43 can acquire the self-certificate stored in the distributed ledger regardless of individual acquisition or collective acquisition. Performs the same processing as when requesting the acquisition of. However, although the details of the self-certificate will be described later, in principle, the self-certificate is not recorded in the distributed ledger, and may only be stored in the self-certificate storage means 78 of the certificate service provider system 60. .. Therefore, when the electronic certificate proxy acquisition means 66 (see FIG. 6) of the certificate service provider system 60 receives an acquisition request from the electronic certificate acquisition means 43, it is certified regardless of individual acquisition or collective acquisition. A self-certificate is obtained from the self-certificate storage means 78 using the verification key βVk of the person, and the obtained self-certificate is transmitted to the electronic certificate acquisition means 43 via the network 1 and handed over.

<Structure of certified person terminal 40 / processing means 40A / self-certification certificate creation request means 44: FIG. 7>

In FIG. 7, the self-certification creation requesting means 44 requests the certificate service provider to create a self-certification by the self-certification of the certified person using the paper certificate held by the certified person. It is what you do. In the present embodiment, the self-certificate creation request means 44 is provided by the WEB browser mounted on the certified person terminal 40 and the self-certificate proxy creation means 67 (see FIG. 7) of the certificate service provider system 60. It is realized by a WEB page transmitted via the network 1 and a program associated therewith (for example, a program running on a WEB browser such as Javascript (ECMAScript)). It may be realized by a program installed (installed) in advance in the certified person terminal 40.

Here, the self-certificate is created by using the image data of the paper certificate provided by the certified person to the certificate service provider. Therefore, when the image data of the paper certificate is brought to the certificate service provider, the content of the data may have already been tampered with, so it is an electronic certificate issued by the certifier and signed by the certifier. Is distinguished, and in this embodiment, it is called a self-certification certificate. However, the structure of the self-certificate (see FIG. 7) has the same structure as the structure of the electronic certificate (see FIG. 3) in appearance, and both can be handled in substantially the same manner (service). In that case, the self-certificate is regarded as an electronic certificate and treated as a fictitious electronic certificate.

Also, since the original certifier who issued the paper certificate may be a non-existent organization or a dead individual, in principle, the self-certificate includes the verification key αV of the original certifier. No. However, for example, if the information about the examinee (application information, pass / fail information, etc.) at the time of issuance of the paper certificate by the original certified person remains and the data contents can be confirmed, the original certificate will be used as the original. The verification key αV of the certified person may be included.

Furthermore, as mentioned above, the image data of the paper certificate used to create the self-certificate may be falsified. Therefore, in principle, the self-certificate includes anyone including the certificate service provider. No electronic signature is attached. However, for example, if the image data of the paper certificate brought to the certificate service provider has the purpose of showing that the data content has not been tampered with since then, the certificate service provider's electronic data. It may be signed.

And, even if data that may have already been tampered with is recorded in the distributed ledger, its significance is small, so in principle, the self-certificate does not record in the distributed ledger. However, if the certified person has the purpose of preventing falsification of the data contents after the self-certification certificate is created, the data may be recorded in the distributed ledger.

In the self-certification creation request means 44, the certified person who has received the electronic certificate issued by the certified person, or the certified person who will receive it, has a paper certificate issued by another certified person and is self-certified. Since we may also want to create a certificate, we will work with other means to realize the functions related to receiving the electronic certificate (pass / fail confirmation processing means 42 in FIG. 6 and certificate receiving means 45 for direct acquisition in FIG. 8). , It is provided in the same certified person terminal 40. The self-certification creation request is made in a state where the certified person terminal 40 is not provided with other means (pass / fail confirmation processing means 42 in FIG. 6 and certificate receiving means 45 for direct acquisition in FIG. 8). Means 44 may be provided.

Configuration of the certified person terminal 40 / processing means 40A / self-certification certificate creation requesting means 44 / paper certificate image reading means 44A, certified person key set generating means 44B, certified person key set transmitting means 44C: FIG. 7>

In FIG. 7, the paper certificate image reading means 44A executes a process of reading the image data of the paper certificate obtained by scanning the paper certificate or taking a photograph of the certified person.

The key set generation means 44B for the certified person is the key set βk of the certified person (decryption key βDk, encryption key βEk, signature key βSk, verification key βVk: however, k = 1, 2, ..., N). Is executed, and is the same as the key set generation means 23B (see FIG. 5) of the certified person system 20. In this embodiment, this function is realized by a program attached to a WEB page such as Javascript (ECMAScript) or the like.

The key set transmitting means 44C for the certified person is any of the key set βk (βDk, βEk, βSk, βVk: k = 1, 2, ..., N of the certified person generated by the key set generating means 44B for the certified person. Is encrypted with the certified person's basic encryption key βE0, and the encrypted key set βk of the certified person is used together with the certified person's basic verification key βV0 (that is, the certified person ID) to network 1. The process of transmitting to the certificate service provider system 60 is executed via the above. In this embodiment, this function is realized by a program attached to a WEB page such as Javascript (ECMAScript) or the like.

Therefore, in order to process the key set transmission means 44C for the certified person, the basic encryption key βE0 and the verification key βV0 of the certified person are required, and therefore the certified person has already completed the service use start registration. Is a premise. If the certified person has not yet registered to start using the service, the service use start registration process may be performed by the service use start registration means 41 (see FIG. 6).

Then, the key set βk (any of k = 1, 2, ..., N) of the certified person encrypted with the encryption key βE0 transmitted to the certificate service provider system 60 is the certificate service provider. By the certified person key information additional registration means 67A (see FIG. 7) of the system 60, it is associated with the verification key βV0 (that is, the certified person ID) of the basic of the certified person and stored in the certified person key information storage means 75. Will be done. Therefore, you can also receive services such as creating My Page for your self-certification certificate.

<Structure of certified person terminal 40 / processing means 40A / self-certification certificate creation request means 44 / paper certificate image transmission means 44D, extraction information confirmation means 44E: FIG. 7>

In FIG. 7, the paper certification image transmitting means 44D is the public key (verification key βVk, encryption key βEk) of the key set βk of the certified person generated by the key set generating means 44B for the certified person, and the paper certification. The image data of the paper certificate read by the certificate image reading means 44A and the masking information when the input (arbitrary) of the masking information is accepted are transmitted to the certificate service provider system 60 via the network 1. It executes the process. In this embodiment, this function is realized by a program attached to a WEB page such as Javascript (ECMAScript) or the like.

Here, the masking information is information input and designated by the certified person terminal 40 as coordinate information indicating the position of a portion of personal information in the image data of the paper certificate. The input designation of the masking information is arbitrary, and for example, when the certified person terminal 40 is a terminal that is not suitable for the input designation of the masking information, or when the input designation of the masking information by the certified person is difficult or troublesome. For example, it is not necessary to specify the input of masking information. It should be noted that the installation of the function itself for specifying the input of this masking information may be omitted. Then, when the input designation of the masking information is not performed and the personal information is hidden and the submission is realized anonymously, the entire paper certificate image is masked and displayed.

The public key (verification key βVk, encryption key βEk), image data of the paper certificate, and masking information (optional) of the certified person are not transmitted by WEB, but are transmitted by e-mail, CD or DVD, for example. It may be provided to the certificate service provider by a method such as storing it in a recording medium such as a USB memory or a USB memory and mailing it.

The extraction information confirmation means 44E is a qualification extracted after converting the extraction information (image data of the paper certificate into text) transmitted from the extraction means 67D (see FIG. 7) of the certificate service provider system 60 via the network 1. Information, personal information, etc.) is received, and the confirmation result including whether or not the received extraction information is correct and its correction information is transmitted to the extraction means 67D of the certificate service provider system 60 via the network 1. It is what you do. When the session with the certificate service provider system 60 is interrupted once, or when the confirmation work is performed after a lapse of time, etc., the URL notified to the certified person in advance is accessed. The URL of the access destination is notified to the certified person by, for example, transmitted at the time of transmission of the paper certificate image transmitting means 44D, and then transmitted by e-mail or the like addressed to the certified person. The installation of the extraction information confirmation means 44E may be omitted.

<Structure of certified person terminal 40 / processing means 40A / certificate receiving means 45 for direct acquisition: FIG. 8>

In FIG. 8, the certificate receiving means 45 for direct acquisition is provided on the certified person terminal 40 (40Q) that directly accesses the distributed ledger, and is electronically certified without going through the certificate service provider system 60. It executes the process of acquiring the certificate directly from the distributed ledger. In this respect, the pass / fail confirmation processing means 42 and the pass / fail confirmation processing means 42, which are provided on the certified person terminal 40 (40P) (see FIG. 6) that do not directly access the distributed ledger and perform processing via the certificate service provider system 60. It is different from the electronic certificate acquisition means 43.

Unlike the pass / fail confirmation processing means 42 and the electronic certificate acquisition means 43 (see FIG. 6), the certificate receiving means 45 for direct acquisition does not request the certificate service provider system 60 to obtain an electronic certificate. Therefore, the process of acquiring the electronic certificate by communication with the certificate service provider system 60 (communication by WEB) is not performed. Therefore, the certificate receiving means 45 for direct acquisition is realized not by the WEB but by a program installed (installed) in advance in the certified person terminal 40Q.

Therefore, as shown in FIG. 8, in the case of direct acquisition, communication with the certificate service provider system 60 by WEB is not performed, so that the pass / fail confirmation assist processing means 65 provided in the certificate service provider system 60 is provided. (See FIG. 6) is not used. Therefore, the certificate receiving means 45 for direct acquisition is a function realized by a program (a program provided from the certificate service provider system 60 each time) attached to a WEB page such as Javascript (ECMAScript). No.

However, the program installed in the certified person terminal 40Q (the program for realizing the certificate receiving means 45 for direct acquisition) may be developed by the certified person himself, but is provided by the certificate service provider. It may be a program (certified person support program). Further, the certificate receiving means 45 for direct acquisition is partially on a WEB page such as a program (for example, Javascript (ECMAScript)) provided by communication with the certificate service provider system 60 (communication by WEB). It may be realized by an accompanying program).

<Structure of certified person terminal 40 / processing means 40A / certificate receiving means 45 for direct acquisition / key set generating means 45A for certified person: FIG. 8>

In FIG. 8, the key set generation means 45A for the certified person is the key set βk (decoding key βDk, encryption key βEk, signature key βSk, verification key βVk: where k = 1, 2, ..., N) of the certified person. Is executed, and is similar to the key set generation means 23B (see FIG. 5) and the key set generation means 44B for certified persons (see FIG. 7) of the certified person system 20. be. In this embodiment, this function is realized by a program installed (installed) in advance on the certified person terminal 40Q, but by communicating with the certificate service provider system 60 (communication by WEB), for example. It may be realized by a program attached to a WEB page such as Javascript (ECMAScript).

The public key (verification key βVk, encryption key βEk) of the certified person's key set βk generated by the certified person's key set generating means 45A is sent to the certified person system 20 on the WEB, for example, at the time of application for an examination. It will be communicated to the certified person by means of sending by, sending by e-mail, filling out the examination application form, filling out the examination form, etc.

<Structure of certified person terminal 40 / processing means 40A / certificate receiving means 45 for direct acquisition / electronic certificate acquiring means 45B, pass confirmation display means 45C: FIG. 8>

In FIG. 8, the electronic certificate acquisition means 45B is generated by the certified person key set generating means 45A after receiving the pass / fail notification from the certified person (provided that the result is passed) or at any time thereafter. Using the verification key βVk in the key set βk of the certified person, the process of directly acquiring the electronic certificate from the distributed ledger is executed. Specifically, the verification key βVk of the certified person is transmitted to one of a plurality of participant nodes 100 connected to the P2P network 2 for forming the distributed ledger via the communication line (network 1 or dedicated line). Execute the process to be performed.

Further, the pass confirmation display means 45C uses the data of the electronic certificate directly acquired from the distributed ledger by the electronic certificate acquisition means 45B on the screen of the certified person terminal 40 by text and / or a certificate image. It executes the process of displaying the contents of the electronic certificate. The certified person knows that he / she has passed by receiving the pass / fail notification from the certified person, but can confirm the passed contents by displaying the contents of the issued electronic certificate.

At this time, when the pass confirmation display means 45C displays the contents of the electronic certificate by the certificate image, the image data of the template corresponding to the electronic certificate and the template image ID included in the electronic certificate is displayed from the distributed ledger. To get. Further, the image data of the template may be acquired not from the distributed ledger but from the template storage means 76 of the certified person system 20 or the certificate service provider system 60 by using the template image ID.

Further, the pass confirmation display means 45C uses the key set βk of the certified person generated by the key set generating means 45A for the certified person for the part of the personal information in the electronic certificate directly acquired from the distributed ledger. The process of displaying is executed after decoding using the decryption key βDk.

<Structure of certified person terminal 40 / processing means 40A / certificate receiving means 45 for direct acquisition / key set transmitting means 45D for certified person: FIG. 8>

In FIG. 8, the key set transmitting means 45D for the certified person is the key set βk (βDk, βEk, βSk, βVk: k = 1, 2, ... , N) is encrypted with the certified person's basic encryption key βE0, and the encrypted key set βk of the certified person is used as the certified person's basic verification key βV0 (that is, the certified person ID). At the same time, the process of transmitting to the certificate service provider system 60 via the network 1 is executed. In this embodiment, this function is realized by a program installed (installed) in advance on the certified person terminal 40Q, but by communicating with the certificate service provider system 60 (communication by WEB), for example. It may be realized by a program attached to a WEB page such as Javascript (ECMAScript).

Therefore, in order to process the key set transmission means 45D for the certified person, the basic encryption key βE0 and the verification key βV0 of the certified person are required, and therefore the certified person has already completed the service use start registration. Is a premise. If the certified person has not yet registered to start using the service, the service use start registration process may be performed by the service use start registration means 41 (see FIGS. 8 and 6).

Then, the key set βk (any of k = 1, 2, ..., N) of the certified person encrypted with the encryption key βE0 transmitted to the certificate service provider system 60 is the certificate service provider. By the certified person key information additional registration means 65D (see FIG. 6) of the system 60, it is associated with the verification key βV0 (that is, the certified person ID) of the basic of the certified person and stored in the certified person key information storage means 75. Will be done.

The key set transmission means 45D for the certified person may be omitted if the service such as the creation of My Page by the certificate service provider is not used.

<Structure of certified person terminal 40 / processing means 40A / electronic certificate submission means 46: FIG. 9>

In FIG. 9, the electronic certificate submission means 46 executes a process in which the certified person submits his / her own electronic certificate to the recipient.

The electronic certificate submission means 46 is via the My Page creation means 46A for submitting an electronic certificate to the recipient by My Page via the certificate service provider system 60 and the certificate service provider system 60. It is used regardless of whether or not the electronic certificate direct submission means 46B for directly submitting the electronic certificate to the recipient and the certificate service provider system 60 for the submission of the electronic certificate are performed. It is configured to include the certified person confirmation and response means 46C.

<Structure of certified person terminal 40 / processing means 40A / electronic certificate submission means 46 / my page creation means 46A: FIGS. 9, 19>

In FIG. 9, the My Page creating means 46A has a process of issuing an instruction to collectively acquire an electronic certificate and a self-certificate, a process of creating a My Page (anonymous page, a real name page), and an automatically assigned My Page. It executes the process of displaying the URL.

In this embodiment, the My Page creating means 46A connects the network 1 by the WEB browser mounted on the certified person terminal 40 and the My Page creating assisting means 68A (see FIG. 9) of the certificate service provider system 60. It is realized by a WEB page transmitted via the WEB page and a program associated therewith (for example, a program running on a WEB browser such as Javascript (ECMAScript)). It may be realized by a program installed (installed) in advance in the certified person terminal 40.

Specifically, the My Page creation means 46A executes a process of instructing the electronic certificate acquisition means 43 to collectively acquire all the electronic certificates and self-certificates held by the certified person. Upon receiving this instruction, the electronic certificate acquisition means 43 performs a batch acquisition request process to the electronic certificate proxy acquisition means 66 of the certificate service provider system 60, and this process is performed by the electronic certificate acquisition means 43. Since it has already been described in detail in the explanation, a detailed explanation will be omitted here. Then, as described in detail above, when the batch acquisition is performed, the electronic certificate acquisition means 43 is encrypted with the authenticated person's basic encryption key βD0 and the certified person's basic encryption key βE0. Since all the key sets βk (all of k = 1, 2, ..., N) are decrypted, all the key sets βk of the certified person can be used in the certified person terminal 40. It should be noted that only the electronic certificate may be acquired in a batch, and the self-certificate may be instructed not to be acquired in a batch, that is, the self-certificate may be instructed not to be used for creating My Page.

Further, the My Page creating means 46A executes a process of creating / editing a My Page as shown in FIG. 19 by using the collectively acquired electronic certificate and self-certificate.

Here, My Page is a WEB page on which the contents of the electronic certificate held by the certified person and the contents of the self-certificate for submission to the recipient are posted, and the My Page creation means 46A is used as My Page. An anonymous page for anonymously submitting the contents of the electronic certificate and self-certificate to the recipient, and a real name page for submitting the contents of the electronic certificate and self-certificate to the recipient with their real names. Can be created. The person to be certified can choose whether to use an anonymous page or a real name page, and both an anonymous page and a real name page can be created for the same electronic certificate or self-certification (see FIG. 18). ).

In FIG. 19, the anonymous page 300 is provided with a certificate image display unit 310 that displays the contents of an electronic certificate or a self-certificate in a certificate image format, and a text display unit 320 that displays the contents of the electronic certificate or self-certificate in a text format. .. The intellectual property information display unit 330 may be provided to display the intellectual property information.

Similarly, the real name page 400 is also provided with a certificate image display unit 410 and a text display unit 420. Further, the intellectual property information display unit 430 may be provided.

As shown in FIG. 18, the My Page creating means 46A is the number and type, or number of electronic certificates and self-certificates to be posted on one My Page (anonymous page 300 or real name page 400). , Type, and placement order can be set arbitrarily. One person or one group of certified persons can create multiple My Pages with different posting contents. Therefore, the My Page storage means 79 (see FIG. 9) of the certificate service provider system 60 can store a plurality of My Pages for one person or one group of certified persons.

In FIG. 19, when the My Page creation means 46A creates the text display unit 320 of the anonymous page 300, the encryption key of the certified person among the electronic certificate and the self-certification acquired by the electronic certificate acquisition means 43. For the part of personal information including the name encrypted using, the alternative display information (for example, "private", "OOOO", etc.) is posted or remains encrypted. Execute the process to be posted in.

Further, when creating the text display unit 420 of the real name page 400, the My Page creation means 46A uses the encryption key βEk of the certified person among the electronic certificate and the self-certificate acquired by the electronic certificate acquisition means 43. The portion of personal information including the name encrypted using the name is decrypted and posted using the decryption key βDk of the certified person. At this time, since the electronic certificate and the self-certificate include the verification key βVk and the encryption key βEk of the certified person (see FIGS. 3 and 7), the decryption key βDk in the key set βk corresponding to them is included. Is used to perform decryption.

Then, when the my page creating means 46A creates the certificate image display unit 310 of the anonymous page 300, the data of the electronic certificate acquired by the electronic certificate acquiring means 43 is embedded in a template prepared in advance. For the encrypted personal information part, the process of embedding the alternative display information (for example, "private", "OOOO", etc.) or the data in the encrypted state is executed. At this time, the template uses the template image ID included in the electronic certificate, and the My Page creation assisting means 68A of the certificate service provider system 60 that has received the template acquisition request by the My Page creation means 46A (FIG. 9). (See) obtains from the template storage means 76 or the distributed ledger of the certificate service provider system 60.

The My Page creating means 46A executes a process of masking the entire image data of the paper certificate when creating the certificate image display unit 310 of the anonymous page 300 for the self-certification. At this time, the image data of the paper certificate is certified by receiving a request to acquire the paper certificate image by the My Page creation means 46A using the verification key βVk of the certified person included in the self-certification or the paper certificate image ID. The My Page creation assisting means 68A (see FIG. 9) of the certificate service provider system 60 obtains from the self-certificate storage means 78 (see FIG. 7) of the certificate service provider system 60.

Further, in the case of creating the certificate image display unit 310 of the anonymous page 300 for the self-certification, the My Page creation means 46A inputs masking information by the certified person on the certified person terminal 40 at the time of creating the self-certification. When the designation is made (when the partial masking is selected), instead of the process of masking the entire image data of the paper certificate described above, the input-designated masking information is used. The process of masking and posting the personal information part of the image data of the paper certificate is executed. At this time, the masking information is acquired from the self-certification certificate storage means 78 (see FIG. 7) together with the image data of the paper certificate.

Further, when the My Page creating means 46A creates the certificate image display unit 410 of the real name page 400, the data of the electronic certificate acquired by the electronic certificate acquiring means 43 is embedded in a template prepared in advance. The encrypted personal information portion is decrypted and embedded using the decryption key βDk of the certified person. At this time, since the electronic certificate includes the verification key βVk and the encryption key βEk of the certified person (see FIG. 3), decryption is performed using the decryption key βDk in the key set βk corresponding to them (see FIG. 3). .. Further, the template is acquired from the template storage means 76 or the distributed ledger as described above by using the template image ID included in the electronic certificate.

When creating the certificate image display unit 410 of the real name page 400, the My Page creation means 46A executes a process of posting the image data of the paper certificate without masking. At this time, the image data of the paper certificate is obtained from the self-certificate storage means 78 (see FIG. 7) as described above by using the verification key βVk of the certified person or the paper certificate image ID included in the self-certificate. get.

In addition, the My Page creation means 46A is a portion of personal information including a name encrypted using the encrypted key βEk of the certified person among the electronic certificate and the self-certification acquired by the electronic certificate acquisition means 43. The name obtained by decrypting and decrypting with the decryption key βDk of the certified person, or the name input by the certified person on the certified person terminal 40, is entered through the network 1 by the certificate service provider system. In addition to transmitting to 60 My Page creation assisting means 68A (see FIG. 9), receiving intellectual property information that may be possessed by the certified person transmitted from My Page creation assisting means 68A via network 1. Then, the received intellectual property information is displayed on the screen of the certified person terminal 40, and the certified person confirms that the information is the intellectual property information of the certified person (self) (intellectual property information of the same sex and the same name). (Confirmation input that it is not) is accepted, and when confirmation input that it is your own intellectual property information is performed, the process of posting the intellectual property information on My Page is executed.

At this time, the My Page creation means 46A posts the classification (international patent classification, contents of the classification, etc.) when creating the anonymous page 300, and the publication number (public number) when creating the real name page 400. , Patent number, utility model registration number, etc.), or execute the process of posting the classification and publication number.

Further, the My Page creating means 46A executes a process of displaying the URL (Uniform Resource Locator) of the My Page assigned to the created My Page on the screen of the certified person terminal 40. This is because the certified person needs to convey the URL of My Page to the recipient in some way in order to refer to the My Page created by the recipient. When one or one group of certified persons creates a plurality of My Pages, different URLs for each My Page are given to each My Page. Further, if the My Page of a different certified person, a different URL is given. Specifically, in the present embodiment, a complicated URL whose meaning cannot be inferred even by looking at the URL is automatically assigned. This URL may be automatically assigned by the My Page creation means 46A or by the My Page creation assisting means 68A of the certificate service provider system 60, and finally, the automatically assigned URL may be executed. It suffices if it exists in the certified person terminal 40.

<Structure of certified person terminal 40 / processing means 40A / electronic certificate submission means 46 / electronic certificate direct submission means 46B: FIG. 9>

In FIG. 9, the electronic certificate direct submission means 46B executes the process of directly submitting the electronic certificate to the recipient.

At this time, when the electronic certificate direct submission means 46B submits the electronic certificate with the real name, the part of the personal information included in the electronic certificate to be submitted to the recipient (with the encrypted key βEk of the certified person). Encrypted) is decrypted with the decryption key βDk of the certified person.

Since the electronic certificate direct submission means 46B does not submit the electronic certificate using My Page, the electronic certificate is submitted without going through the certificate service provider system 60. Therefore, since communication with the certificate service provider system 60 by WEB is not performed, the processing of the electronic certificate direct submission means 46B is, for example, when the electronic certificate is submitted anonymously, the electronic certificate (e-mail) is used. It may be a process of attaching an electronic certificate with personal information encrypted) and sending it to the recipient's e-mail address. In that case, the function of a general-purpose mailer installed in the certified person terminal 40 may be used. It will be realized. However, in order to submit anonymously, the sender of the e-mail must also be displayed anonymously. If the certified person is an anonymous cloud worker, for example, after having the recipient confirm his / her qualification with an electronic certificate, a return email from the recipient will be sent to anonymous cloud working. It is possible to take a method such as having the information for the transition (form of work, method of receiving reward, etc.) transmitted.

On the other hand, when submitting an electronic certificate with a real name, it is necessary to decrypt personal information. Therefore, it is not possible to realize the processing of the electronic certificate direct submission means 46B only by the function of a general-purpose mailer. Program is required. Therefore, a program for directly submitting an electronic certificate may be installed (installed) on the certified person terminal 40, and the program in that case may be a program developed by the certified person, but the certificate service. It may be a program provided by the business operator to the certified person (certified person support program). In addition, the decryption process of personal information is realized by a program attached to the WEB page such as Javascript (ECMAScript) by communicating with the certificate service provider system 60 by WEB, and then by a general-purpose mailer. , An e-mail with an electronic certificate obtained by decrypting personal information may be sent to the recipient.

<Structure of certified person terminal 40 / processing means 40A / electronic certificate submitting means 46 / certified person confirmation and response means 46C: FIG. 9>

In FIG. 9, the certified person confirmation and response means 46C executes a process of responding to a challenge from the recipient terminal 90, and specifically, a challenge from the recipient terminal 90 is transmitted via the network 1. A response process is performed in which the received random numbers are received, the received random numbers are signed using the signature key βSk of the certified person, and the signed random numbers are transmitted to the recipient terminal 90 via the network 1. It is something to do.

At this time, the certified person terminal 40 uses the signature key βSk of the certified person corresponding to any of the electronic certificates owned by the certified person for the random number transmitted by the challenge from the recipient terminal 90. In the challenge from the recipient terminal 90, it is preferable that the challenge target specific information that identifies the electronic certificate received by the recipient is transmitted together with the random number because it may not be possible to specify whether to sign the signature. This challenge target specific information can be, for example, the verification key βVk of the certified person included in the electronic certificate (see FIG. 3) received by the recipient. In that case, the certified person terminal 40 can be used. The verification key βVk of the certified person is received together with the random number, and the random number is digitally signed using the signature key βSk of the certified person corresponding to the verification key βVk (for example, βS3 corresponding to βV3). be able to. It should be noted that the challenge target specific information is not limited to the verification key βVk of the certified person as long as it can identify the electronic certificate that has been challenged. For example, the certified person included in the electronic certificate. The encryption key βEk, etc. may be used, but it is a challenge in the sense of confirming that the certified person has the signature key βSk of the certified person corresponding to the verification key βVk of the certified person included in the electronic certificate. As the target specific information, the verification key βVk of the certified person is suitable.

Further, when transmitting the signed random number to the recipient terminal 90, the certified person confirmation / response means 46C preferably transmits the signed random number together with the challenge target specific information. This is because even the recipient terminal 90 may not be able to specify which electronic certificate is the response to the challenge when receiving a plurality of electronic certificates. If the recipient terminal 90 receives the signed random number together with the challenge target identification information, the verification key βVk of the certified person used for the verification of the signature can be easily specified.

The process of the certified person confirmation and response means 46C is a process in the certified person terminal 40 that responds to the challenge from the recipient terminal 90, but the random number received from the recipient terminal 90 is used as the certified person terminal. If stored in the memory of 40, the process of signing the random number can also be realized by communication with the certificate service provider system 60 (communication by WEB). Therefore, the process of the certified person confirmation and response means 46C may be realized by a program provided accompanying the WEB page (for example, Javascript (ECMAScript) or the like), and is mounted (installed) on the certified person terminal 40. It may be realized by the program that has been installed. In the latter case, the program may be developed by the certified person, or may be a program provided to the certified person by the certificate service provider (certified person support program).

<Structure of certified person terminal 40 / storage means 50: FIG. 1>

The acquisition program storage means 51 stores a program (certified person support program) downloaded from the provision program storage means 71 of the certificate service provider system 60 via the network 1. However, the certified person support program referred to here is not a program provided accompanying the WEB page (for example, Javascript (ECMAScript), etc.), but is a program installed in the certified person terminal 40 in advance. .. Therefore, the certified person support program includes a program provided along with the WEB page transmitted from the certificate service provider system 60 to the certified person terminal 40, and the certificate service provider provided to the certified person. There is a program that needs to be pre-installed, and here it refers to the latter program.

The key set storage means 52 for the certified person stores the basic key set β0 (decoding key βD0, encryption key βE0, signature key βS0, verification key βV0) of the certified person. However, if the certified person writes the key set β0 in a memo or the like and inputs it when necessary, the key set storage means 52 for the certified person is not indispensable. Further, the key set storage means 52 for the certified person may store all the key sets βk (all of k = 1, 2, ..., N) of the certified person, but the certificate service provider system 60 Since it can be obtained from the certified person key information storage means 75, those key sets βk do not have to be stored.

<Detailed configuration of certificate service provider system 60>

<Structure of Certificate Service Provider System 60 / Processing Means 60A / Program Providing Means 61: FIGS. 1 and 5>

In FIG. 1, the program providing means 61 responds to a download request from the certified person system 20, the certified person terminal 40, and the recipient terminal 90, and the program stored in the provided program storage means 71 (examinee file creation program, The process of transmitting the certified person support program (certified person support program, recipient support program) to the certified person system 20, the certified person terminal 40, and the recipient terminal 90 via the network 1 is executed.

The certified person support program, the certified person support program, and the recipient support program referred to here are not programs provided in association with the WEB page (for example, Javascript (ECMAScript) or the like).

<Structure of certification service provider system 60 / processing means 60A / certification auxiliary processing means 62 for proxy bookkeeping: FIG. 5>

In FIG. 5, the accreditation auxiliary processing means 62 for proxy bookkeeping is for proxy bookkeeping in which an electronic certificate is created by a certified person system 20 (20X) that records in a distributed ledger via a certificate service provider system 60. The server-side processing for assisting the processing of the setting processing means 23 of the above is executed.

The setting information registration means 62A stores the public key (verification key αV, encryption key αE) of the certified person transmitted from the setting information input receiving means 23A of the certified person system 20 via the network 1 in the setting information storage means 72. Processing to be performed and certification management information sent from the setting information input reception means 23A (certification name, certification test holding time, certification date, pass / fail confirmation URL (also used as key set receiving URL), template image ID, examination The process of associating the person file (including the format of the CSV file, etc.) with the certified ID and the certified person's public key (verification key αV, encryption key αE) and storing the information in the setting information storage means 72 is executed. be.

The information registration means 62B for the certified person is encrypted with the pass / fail information of the certified person (examinee) transmitted from the information transmitting means 23E for the certified person of the certified person system 20 via the network 1 and the common key δ. The key set βk (βDk, βEk, βSk, βVk: however, k = 1, 2, ..., N) of the certified person is used as the key set receiving ID (also used as the pass / fail confirmation ID). The process of associating and storing the information in the information storage means 73 for the certified person is executed.

<Structure of Certificate Service Provider System 60 / Processing Means 60A / Electronic Certificate Proxy Bookkeeping Means 63: FIGS. 5 and 6>

In FIGS. 5 and 6, the electronic certificate proxy bookkeeping means 63 receives the electronic certificate transmitted from the electronic certificate bookkeeping means 24 of the certifier system 20 via the network 1, and receives the received electronic certificate. , The process of storing in the electronic certificate storage means 74 to put it in the bookkeeping standby state (see FIG. 5) and the access from the certified person terminal 40 (indication of the certified person's intention to record the electronic certificate in the distributed ledger). After receiving (bookkeeping request) or an operation equivalent thereto, the electronic certificate in the bookkeeping standby state stored in the electronic certificate storage means 74 is distributed in the distributed ledger via the communication line (network 1 or dedicated line). By transmitting to any of a plurality of participant nodes 100 connected to the P2P network 2 for formation, a process of proxy posting to the distributed ledger (see FIG. 6) is executed.

At this time, as shown in FIG. 3, the data of the electronic certificate plus the verification key γV of the certificate service provider who is the book holder is used as the bookkeeping data, and the bookkeeping data is stored in the distributed ledger. The verification key γV of the certificate service provider is stored in the key set storage means 77 (see FIG. 6) for the certificate service provider. In the present embodiment, the block addition means 102 of the participant node 100 executes the recording process of the electronic certificate in the distributed ledger.

In addition, the timing for writing the electronic certificate to the distributed ledger is to access from the certified person terminal 40 (indication of the certified person's intention (booking request) or equivalent operation for recording the electronic certificate in the distributed ledger). Although it is the timing after receiving the receipt, in the present embodiment, as an example, from the key set transmission means 42F for the certified person of the certified person terminal 40 to the certified person key information additional registration means 65D of the certificate service provider system 60. The transmission of the verification key βVk (one of k = 1, 2, ..., N) of the certified person to the distributed ledger is used as a bookkeeping instruction to the distributed ledger, and the certified person key information is additionally registered at the timing of the transmission. Coordination (transmission of bookkeeping instructions) from the means 65D to the electronic certificate proxy bookkeeping means 63 is being performed.

As described above, in the present embodiment, the selection operation of the selection unit 212 of “Registering the ledger of the electronic certificate” in FIG. 17 is an indication of intention (bookkeeping request) to record the electronic certificate in the distributed ledger. Although it is said that there is, it is not necessarily limited to such a direct / explicit selection operation, but it may be an operation equivalent to the intention display of the ledger, and the intention display of the ledger is displayed through more multi-step operations. It may be an operation to confirm indirectly. As a result, for example, if the certified person bears the cost of the ledger, it is possible to avoid incurring the cost burden to the certified person who only wants to confirm the pass / fail. In addition, since bookkeeping in the distributed ledger is a relatively time-consuming task, if the book is posted in the distributed ledger by access from the certified person after the bookkeeping standby state is set in this way, the certificate will be registered. It is possible to avoid load concentration on the service provider system 60.

Of the plurality of electronic certificates stored in the electronic certificate storage means 74 in the standby state, which electronic certificate is to be recorded in the distributed ledger is determined by the verification key βVk (k = 1, 2) of the certified person. , ..., n). The verification key βVk of the certified person is obtained by a bookkeeping instruction from the key set transmitting means 42F for the certified person of the certified person terminal 40 to the certified person key information additional registration means 65D of the certificate service provider system 60. ing.

Further, as shown in FIG. 3, when the electronic certificate is recorded in the distributed ledger, it may be divided. In the example of FIG. 3, it is divided into three records. The detailed information of the certification constituting the certification information is recorded in another record in association with the certification ID, and is extracted by the reference request response means 103 (see FIG. 2) of the participant node 100 using the certification ID as a key. The remaining two records are a record of credential information including the certification ID (mainly a record of information about the certified person and its certification contents) and a record of personal information (mainly a record of information about the certified person). , The reference request response means 103 extracts the verification key βVk of the certified person as a key. The certification ID is also a qualification ID that identifies the qualifications given by each certification person, but the content may differ depending on each certification (each holding time) of each certification person (for example, the certification date is different in the first place). The template is updated, the certification name is changed in the middle, etc.), and the certification ID is used here.

<Certificate service provider system 60 / processing means 60A / configuration of certified person key information initial registration means 64: FIG. 6>

In FIG. 6, the certified person key information initial registration means 64 is a basic public key (verification key βV0 and verification key βV0) of the certified person transmitted from the service use start registration means 41 of the certified person terminal 40 via the network 1. The process of storing the encryption key βE0) in the certified person key information storage means 75 is executed. This process is executed as the start registration of the service (service provided by the certificate service provider) by the certified person.

<Structure of certificate service provider system 60 / processing means 60A / pass / fail confirmation auxiliary processing means 65: FIG. 6>

In FIG. 6, the pass / fail confirmation auxiliary processing means 65 performs pass / fail confirmation processing on the certified person terminal 40 (40P) that acquires an electronic certificate from the distributed ledger via the certificate service provider system 60. The server-side processing for assisting the processing of the means 42 is executed.

When the certified ID transmitting means 65A receives access to the pass / fail confirmation URL from the certified person information acquisition means 42A of the certified person terminal 40, the setting information storage means 72 (see FIG. 6) is associated with the pass / fail confirmation URL. ) Is extracted, and the extracted certification ID is transmitted to the information acquisition means 42A for the certified person of the certified person terminal 40 via the network 1.

The information delivery means 65B for the certified person receives the key set receiving ID transmitted from the information acquisition means 42A for the certified person of the certified person terminal 40 via the network 1, and the received key set receiving ID. The pass / fail information stored in the information storage means 73 for the certified person (see FIG. 6) in association with the key set βk (βDk, βEk, βSk, βVk) of the certified person encrypted with the common key δ. , The process of transmitting to the information acquisition means 42A for the certified person of the certified person terminal 40 via the network 1 is executed.

The pass notification display assisting means 65C is a verification key βVk (one of k = 1, 2, ..., N) of the certified person transmitted from the pass notification display means 42E of the certified person terminal 40 via the network 1. Is received, the electronic certificate is obtained from the electronic certificate storage means 74 using the received verification key βVk, and the template image ID included in the obtained electronic certificate is used as a template. The process of acquiring the image data of the template from the storage means 76 or the distributed ledger and transmitting the acquired electronic certificate and the image data of the template to the pass notification display means 42E of the certified person terminal 40 via the network 1 is executed. It is a thing.

The certified person key information additional registration means 65D is the certified person's key set βk (the basics of the certified person) transmitted from the certified person's key set transmitting means 42F of the certified person terminal 40 via the network 1. The encrypted key βE0 (encrypted) is received together with the certified person's basic verification key βV0 (that is, the certified person ID), and the received certified person's key set βk (k = 1, 2, 2, ..., N) is associated with the verification key βV0 (certified person ID) of the certified person's basics and stored in the certified person key information storage means 75 (see FIG. 6). ..

Further, the certified person key information additional registration means 65D receives the network 1 as an instruction for recording the electronic certificate in the bookkeeping standby state in the distributed ledger from the certified person key set transmitting means 42F of the certified person terminal 40. Receives the verification key βVk (one of k = 1, 2, ..., N) of the certified person (one that is not encrypted with the basic encryption key βE0 of the certified person) sent via Then, as an instruction for linking the ledger bookkeeping, the received verification key βVk of the certified person is transmitted to the electronic certificate proxy bookkeeping means 63 (see FIG. 6).

<Structure of certificate service provider system 60 / processing means 60A / electronic certificate proxy acquisition means 66: FIGS. 6 and 9>

In FIGS. 6 and 9, the electronic certificate proxy acquisition means 66 collectively acquires one electronic certificate from the distributed ledger and all the electronic certificates held by the certified person from the distributed ledger. It executes batch acquisition processing. In this embodiment, these individual acquisition processes and batch acquisition processes are performed by, as an example, the electronic certificate acquisition means 43 of the certified person terminal 40 of the selection unit 213 for “downloading the electronic certificate” in FIG. 17 described above. It is executed when the selection operation is accepted and the selection of individual acquisition / batch acquisition is accepted. Note that while bookkeeping in the distributed ledger requires payment of remuneration, referencing the bookkeeping data in the distributed ledger usually does not cost money, so it is always possible to acquire all at once (that is, a configuration without individual acquisition). May be.

Further, the electronic certificate proxy acquisition means 66 may also be configured to execute a self-certification acquisition process for acquiring a self-certification from the distributed ledger or the self-certification storage means 78.

Specifically, the electronic certificate proxy acquisition means 66 verifies the certified person included in the electronic certificate to be acquired when performing the individual acquisition process for acquiring one electronic certificate from the distributed ledger. A plurality of participant nodes 100 in which the key βVk (one of k = 1, 2, ..., N) is connected to the P2P network 2 for forming a distributed ledger via a communication line (network 1 or a dedicated line). By sending to one of them, the process of acquiring the electronic certificate from the distributed ledger is executed. In the present embodiment, the reference request response means 103 of the participant node 100 acquires an electronic certificate from the distributed ledger using the verification key βVk of the certified person, and obtains the acquired electronic certificate from the communication line (network 1 or). It is transmitted to the electronic certificate proxy acquisition means 66 via the dedicated line). Then, the electronic certificate proxy acquisition means 66 executes a process of transmitting the electronic certificate received from the reference request response means 103 to the electronic certificate acquisition means 43 of the certified person terminal 40 via the network 1.

In addition, the electronic certificate proxy acquisition means 66 performs batch acquisition processing of all electronic certificates held by the certified person from the distributed ledger (for example, when creating / editing My Page shown in FIG. 9). First, the certified person's basic verification key βV0 (that is, the certified person ID) transmitted from the electronic certificate acquisition means 43 of the certified person terminal 40 via the network 1 is received and received. Using the verification key βV0, all the key sets βk (k = 1, 2, ..., N) of the certified person are acquired from the certified person key information storage means 75 (see FIG. 6), and the acquired subject. The process of transmitting all the key sets βk of the certified person (encrypted with the encrypted key βE0 of the certified person's basic) to the electronic certificate acquisition means 43 of the certified person terminal 40 via the network 1. Run. Then, in the certified person terminal 40, the electronic certificate acquisition means 43 decodes all the key sets βk of the certified person using the basic decryption key βD0 of the certified person, and all the verifications of the certified person. The key βVk (all of k = 1, 2, ..., N) is obtained.

Next, in the case of batch acquisition, the electronic certificate proxy acquisition means 66 receives all the verification keys βVk (k) of the certified person transmitted from the electronic certificate acquisition means 43 of the certified person terminal 40 via the network 1. = 1, 2, ..., All of n) are received, and all of these verification keys βVk are connected to the P2P network 2 for forming the distributed ledger via the communication line (network 1 or dedicated line). By transmitting to any of the participant nodes 100 of the above, the process of acquiring the electronic certificate from the distributed ledger is executed. In the present embodiment, the reference request response means 103 of the participant node 100 acquires all the electronic certificates from the distributed ledger using all the verification keys βVk of the certified person, and obtains all the acquired electronic certificates. It is transmitted to the electronic certificate proxy acquisition means 66 via the communication line (network 1 or dedicated line). Then, the electronic certificate proxy acquisition means 66 executes a process of transmitting all the electronic certificates received from the reference request response means 103 to the electronic certificate acquisition means 43 of the certified person terminal 40 via the network 1. ..

Further, when acquiring the self-certificate, the electronic certificate proxy acquisition means 66 obtains the electronic certificate regardless of individual acquisition or collective acquisition as long as the self-certification is acquired in the distributed ledger. Execute the same process as when acquiring. However, as described in detail above, the self-certificate may not be recorded in the distributed ledger in principle, but may only be stored in the self-certificate storage means 78 of the certificate service provider system 60. .. Therefore, the electronic certificate proxy acquisition means 66 acquires the self-certificate from the self-certificate storage means 78 using the verification key βVk of the certified person, regardless of individual acquisition or batch acquisition, and the acquired self-certificate. Is transmitted to the electronic certificate acquisition means 43 of the certified person terminal 40 via the network 1.

<Structure of certificate service provider system 60 / processing means 60A / self-certificate proxy creation means 67: FIG. 7>

In FIG. 7, the self-certificate proxy creation means 67 is on the server side for responding to the processing of the self-certificate creation request means 44 for the certified person to request the certificate service provider to create the self-certificate. It executes the process.

The certified person key information additional registration means 67A is a key set βk (βDk, βEk, βSk, βDk, βEk, βSk, of the certified person transmitted from the certified person key set transmitting means 44C of the certified person terminal 40 via the network 1. βVk: k = 1, 2, ..., N) is received together with the certified person's basic verification key βV0 (that is, the certified person ID), and the received certified person's key set βk (certified person). (Encrypted with the person's basic encryption key βE0) is stored in the certified person key information storage means 75 (see FIG. 6) in association with the certified person's basic verification key βV0 (certified person ID). Execute the process to make it. Therefore, you can also receive services such as creating My Page for your self-certification certificate.

The paper certificate image acquisition means 67B is a public key (verification key βVk, encryption key βEk) of the certified person transmitted from the paper certificate image transmitting means 44D of the certified person terminal 40 via the network 1, and paper certification. Receives certificate image data and masking information (arbitrary), and associates the received paper certificate image data and masking information (arbitrary) with the verification key βVk and / or paper certificate image ID of the certified person for self-certification. It executes a process of storing in the testimony storage means 78.

The text conversion means 67C executes an OCR process (optical character reading process) for reading character information from the image data of the paper certificate received by the paper certificate image acquisition means 67B. This OCR process may be requested to the external service system 110.

The extraction means 67D performs an extraction process for extracting credential information including a certified name, personal information including a name, etc. from the character information read by the text conversion means 67C, and extracts information (qualification information, personal information, etc.) through a network. The confirmation result (whether or not the extracted information is correct and its correction information) transmitted from the extracted information confirmation means 44E via the network 1 while being transmitted to the extracted information confirmation means 44E of the certified person terminal 40 via 1. Executes confirmation processing to receive). The latter confirmation process may be omitted.

The self-certificate creating means 67E creates a self-certificate (fictitious electronic certificate by self-certification of the certified person) as shown in FIG. 7, and stores the created self-certificate in the self-certificate storage means 78. It executes the process. This self-certificate has the same structure as the electronic certificate (see FIG. 3), but there are some differences. For details and reasons, refer to the self-certificate creation request means 44 (see FIG. 7). Since it has already been described in detail in the description, detailed description thereof will be omitted here.

Here, the public key (verification key βVk, encryption key βEk) of the subject to be included in the self-certification certificate is obtained by the paper certification image acquisition means 67B in the present embodiment. Personal information is also encrypted with the encryption key βEk. In addition, the verification key αV of the original certifier (issuer of the paper certificate) is not included, and no electronic signature is attached to anyone, including the original certifier and the certificate service provider. The electronic certificate (see FIG. 3) includes the template image ID, but the self-certificate includes the paper certificate image ID.

The self-certification bookkeeping means 67F is a plurality of participants in which the self-certification certificate created by the self-certification certificate creation means 67E is connected to the P2P network 2 for forming a distributed ledger via a communication line (network 1 or a dedicated line). By transmitting to any of the person nodes 100, the process of directly recording the self-certification in the distributed ledger is executed. The installation of the self-certification certificate bookkeeping means 67F may be omitted. Further, the bookkeeping in the distributed ledger may be divided into three parts, for example, as in the case of the electronic certificate shown in FIG.

<Structure of Certificate Service Provider System 60 / Processing Means 60A / Electronic Certificate Submission Assistance Means 68: FIGS. 9, 10>

In FIG. 9, the electronic certificate submission assisting means 68 executes server-side processing for assisting the certified person to create a My Page and the recipient to refer to the My Page (accompanying receipt of the electronic certificate). It is a thing.

The my page creation assisting means 68A executes server-side processing for assisting the processing of the my page creating assisting means 46A of the certified person terminal 40. The My Page creation assisting means 68A assists in the creation of My Page (anonymous page, real name page), and stores the created My Page in the My Page storage means 79 in association with the URL automatically assigned to the My Page. It executes the process. The My Page storage means 79 may be provided in the external service system 110. In that case, the My Page storage means 79 and the My Page transmission function in the external service system 110 are provided in the certificate service business in the present invention. It is considered to be a part of the person system 60. Further, the automatic assignment of the URL of the My Page may be executed by the My Page creating means 46A of the certified person terminal 40.

Further, the My Page creation assisting means 68A also stores the electronic certificate and the self-certificate posted on the My Page in the My Page storage means 79 in association with the URL of the My Page. These electronic certificates and self-certificates include those in which the portion of personal information encrypted with the certified person's encryption key βEk is decrypted with the certified person's decryption key βDk. When submitting an electronic certificate or self-certificate to the recipient with his / her real name, it is necessary to perform decryption processing of personal information on the certified person terminal 40, but from the certificate service provider system 60 to the recipient terminal 90. If you send an electronic certificate or self-certificate together with My Page, it will not go through the certified person terminal 40, so it is necessary to prepare the decrypted personal information in the certificate service provider system 60. be.

Further, the My Page creation assisting means 68A uses the name transmitted from the My Page creation means 46A of the certified person terminal 40 via the network 1, and is the inventor of the patent that matches this name, and devises a utility model. Information on the intellectual property right that is the creator of the person and the design is extracted from the intellectual property information database (not shown), and the extracted intellectual property information is obtained from the certified person terminal 40 via the network 1. The process of transmitting to the My Page creation means 46A is executed.

Here, the intellectual property information to be extracted is a classification (international patent classification, FI, etc. and an explanation of the contents of those classifications, etc.) and a publication number (publication number, patent number, utility model registration number, etc.). Further, the My Page creation assisting means 68A may request the external service system 110 to perform the extraction processing of the intellectual property information. Therefore, the intellectual property information database (not shown) may be provided in the external service system 110.

Further, as shown in FIGS. 9 and 10, the My Page creation assisting means 68A is about to create, or is creating / editing, My Page stored in the mediation information storage means 81 (see FIG. 11). Using the possession qualifications of the certified person and the recruitment conditions of each recipient stored in the recipient information storage means 80 (see FIG. 10), the recipient's qualifications including the possession qualifications of the certified person can be used. The display data (WEB screen data) of the screen (see FIG. 21) that totals the numbers and displays the obtained total result as reference information for creating / editing My Page is displayed on the certified person terminal 40 via the network 1. The process of transmitting to the My Page creation means 46A of the above is executed.

FIG. 21 shows an example of the reference information screen 500 displayed on the certified person terminal 40 when creating / editing My Page. Screen 500 lists the electronic certificates (booked, unbooked) held by the certified person who is about to create or create / edit My Page, the certified names of qualifications related to the self-certificate, etc. Display section 501 of the holding qualification list to be displayed, and a list of aggregated results for each recruiting condition including the holding qualification of the certified person regarding the holding qualification (recruiting condition) required by the company requesting the work (receipt). A total result list display unit 502 is provided.

The holding qualification list display unit 501 displays a list of only electronic certificates that have been recorded in the distributed ledger, displays a list of electronic certificates that include both booked and unrecorded (booking standby state), and electronically certifies them. Various list displays such as a list display in which a self-certification certificate (usually unrecorded) is added to the certificate are performed. At this time, the certified person who is about to create or is creating / editing My Page is identified by the verification key βV0 (certified person ID) which is the basis of the certified person, and mediation using this verification key βV0 as a key. By performing the extraction process from the information storage means 81 (see FIG. 11), various list displays as described above can be performed.

The total number of recipients for each recruiting condition by the recipient (result of totaling the number of recipients who have registered each recruiting condition for each recruiting condition) is displayed in the aggregation result list display unit 502. The displayed job offer conditions are only the job offer conditions that can be configured by combining the qualifications held by the certified person who is about to create My Page or is creating / editing. Therefore, although various recipients have registered various recruiting conditions in the recipient information storage means 80 (see FIG. 10), they do not display the total number of recipients for each of all the recruiting conditions. For example, if the person who creates / edits My Page is Taro Yamato and the qualification of Jiro Yamato is only qualification A, the total number of recipients with "qualification A only" as the recruiting condition is displayed. Is. If Saburo Yamato has two qualifications, qualification B and qualification C, the total number of recipients who have "qualification B only" as a recruiting condition and the total number of recipients who have "qualification C only" as a recruiting condition. And the total number of recipients with both "qualification B and qualification C" as the recruiting conditions are listed. In other words, for recruitment conditions including qualifications that the person who creates / edits My Page (certified person) does not have, even if the total number of recipients who have registered such recruitment conditions is displayed, it will be used as reference information. Therefore, only the recruiting conditions that can be configured by combining the qualifications held by the person who creates / edits My Page (certified person) are displayed here.

Further, if the recruiting condition of Company X (recipient) is, for example, "(qualification A and qualification B) or (qualification A and qualification C)", the "OR (or)" of the recruiting condition is decomposed. , Company X (recipient) has registered the recruiting conditions of "qualification A and qualification B" and the recruiting conditions of "qualification A and qualification C".

Further, since the tabulation result list display unit 502 displays the recruiting conditions in descending order of the total number of recipients, it is easy to use as reference information. However, they may be displayed in a random order or in ascending order.

In the example of the screen 500 of FIG. 21, each qualification A, B, C, ... Is replaced with a certificate serial number and displayed. For example, the job offer condition "Qualification A only" is displayed as "1only", and the job offer condition "Qualification A and Qualification B" is displayed as "1and2". And qualification B "etc. may be displayed.

Further, when the "reference" of each recruiting condition is selected and operated in the aggregation result list display unit 502, screens 510 and 520 displaying a list of companies and the like (recipients) who have registered the recruiting condition are displayed. Further, when the name of the company or the like (recipient) is selected and operated on the screens 510 and 520, the details of the information registered in the recipient information storage means 80 (see FIG. 10) by the company or the like (recipient) are displayed. Screen 530 is displayed. In the example of FIG. 21, since the recruiting condition of company X (recipient) is "(qualification A and qualification B) or (qualification A and qualification C)", the name of company X is both screens 510 and 520. It is displayed on the screen, and the screen 530 can be reached from both of them.

In FIG. 9, the My Page transmission means 68B executes server-side processing for assisting the processing of the My Page display means 91A of the recipient terminal 90. When the My Page transmission means 68B receives access to the URL of the My Page (anonymous page, real name page) from the My Page display means 91A of the recipient terminal 90, the My Page storage means is associated with the URL of the My Page. The My Page (anonymous page, real name page) stored in 79 and the electronic certificate and self-certificate posted on the My Page are transmitted to the My Page display means 91A of the recipient terminal 90 via the network 1. It executes the process of (submitting by proxy).

<Structure of certificate service provider system 60 / processing means 60A / intermediary means 69: FIG. 10>

In FIG. 10, the mediation means 69 executes a process relating to mediation between the certified person and the recipient who requests the certified person to perform the work.

The mediation information setting means 69A has a process of collecting mediation information in the certificate service provider system 60 or in the distributed ledger in addition to the process, and a process of accepting and registering input of information on whether or not the URL of My Page can be automatically transmitted. , The process of accepting and registering the input of information on whether or not to activate the possession qualification is executed.

Specifically, the intermediary information setting means 69A periodically collects information stored in the storage means 70 of the certificate service provider system 60 or in the distributed ledger in addition to the storage means 70, and the intermediary information storage means 81 ( The process of storing in (see FIG. 11) is executed.

Further, the mediation information setting means 69A receives and accepts information on whether or not the URL of each My Page of the certified person, which is input by the certified person and transmitted from the certified person terminal 40 via the network 1, can be automatically transmitted. The information on whether or not the URL of each My Page can be automatically transmitted is associated with the verification key βV0 (that is, the certified person ID) of the certified person's basics as information on the possession qualification of the certified person, and the mediation information storage means 81 (that is, the certified person ID). The process of storing in (see FIG. 11) is executed.

Further, the intermediary information setting means 69A receives and receives the information on whether or not the qualification of the certified person can be activated, which is input by the certified person and transmitted from the certified person terminal 40 via the network 1. The information on whether or not to activate the qualification (information on whether or not to accept the work utilizing the qualification) is associated with the certified person's basic verification key βV0 (that is, the certified person ID) as information on the possessed qualification of the certified person. The process of storing the information in the mediation information storage means 81 (see FIG. 11) is executed.

In FIG. 10, the recipient information input receiving means 69B accepts and accepts the recipient information including the recruiting conditions and the recipient's contact information input by the recipient and transmitted from the recipient terminal 90 via the network 1. The process of associating the received recipient information with the recipient ID and storing it in the recipient information storage means 80 (see FIG. 10) is executed.

Here, the recruiting conditions are conditions determined by the qualifications that the recipient (company, etc.) who requests the certified person (for example, cloud worker, etc.) requires from the certified person, and as shown in FIG. , AND and OR are used.

In addition, the recipient information that accepts input includes the recruitment conditions and the recipient's contact information (email address, telephone number, address, etc.), as well as the organization name such as the company name or, in the case of an individual, the name and industry. (For example, English conversation school, etc.), work content (for example, English online instructor, etc.), reward information (hourly wage, payment method, etc.), search count / cycle setting information (one-time search, or repeated at intervals (for example) For example, setting information) such as once a day, once a week, once a month, etc.) is included.

The condition-matching my page extraction means 69C uses the recruitment conditions accepted by the recipient information input reception means 69B and the information regarding the possession qualification of each certified person stored in the mediation information storage means 81 (see FIG. 11). , From all the certified persons, the certified persons who have the qualifications that meet the recruiting conditions are extracted, and among all the My Pages created by each of the extracted certified persons, the URL of the My Page It executes a process of extracting My Page, which is My Page that can be automatically transmitted and contains information on possession qualifications that match the recruiting conditions.

At this time, the condition-matching My Page extraction means 69C is activated when extracting a certified person who holds a qualification that matches the recruiting conditions from all the certified persons (whether or not activation is possible). Information = Extraction processing using only "qualifications that are accepted") is executed. That is, the extraction process is executed in consideration of only the qualifications that enable the certified person to accept the work utilizing the qualifications.

The My Page URL automatic transmission means 69D receives the URL of the My Page extracted by the condition-matching My Page extraction means 69C by the recipient information input reception means 69B and stores it in the recipient information storage means 80 (see FIG. 10). It executes a process of transmitting to a recipient's contact information (for example, an e-mail address) via the network 1.

The My Page URL automatic transmission means 69D basically transmits all of the extracted My Page URLs, but if the number of extracted My Page URLs is large, a part (for example, randomly selected) is selected. You may send the URL of My Page (part).

The notification means 69E for the certified person receives the recipient's selection information (URL of the certified person's My Page selected by the recipient) transmitted from the recipient terminal 90 via the network 1 together with the recipient ID. , Identify the certified person who created the My Page from the received URL of the My Page (for example, the posted information of the My Page associated with the URL of the My Page and stored in the My Page storage means 79 and the information thereof. (Specify from the information contained in the electronic certificate and self-certification posted on My Page), and the recipient's contact information from the recipient information storage means 80 (see FIG. 10) using the received recipient ID. Recipients (company, etc.) who wish to obtain recipient information, including (eg, e-mail address, etc.) and contact the identified person with the identified contact information. It executes the process of notifying the recipient information (including contact information) of. This notification may be, for example, an e-mail addressed to the certified person.

<Configuration of certificate service provider system 60 / storage means 70>

As shown in FIG. 5, the provided program storage means 71 is a program (examinee file creation program) provided by the program providing means 61 in response to a download request from the certified person system 20, the certified person terminal 40, and the recipient terminal 90. , Certified person support program, Certified person support program, Recipient support program). The program referred to here does not include a program provided accompanying a WEB page such as Javascript (ECMAScript).

As shown in FIGS. 5 and 6, the setting information storage means 72 stores the public key (verification key αV, encryption key αE) of the certified person, and also stores the certification management information (certification name, holding times of the certification test, certification). The date, the pass / fail confirmation URL (also used as the key set receiving URL), the template image ID, etc.) are stored in association with the certified ID.

As shown in FIGS. 5 and 6, the information storage means 73 for the certified person has the pass / fail information of the certified person (examinee) and the key set βk (βDk, βDk) of the certified person encrypted with the common key δ. βEk, βSk, βVk: However, k = 1, 2, ..., N) is stored in association with the key set receiving ID (also used as the pass / fail confirmation ID).

The electronic certificate storage means 74 stores the data of the electronic certificate as shown in FIG.

As shown in FIG. 6, the certified person key information storage means 75 is a key set βk (decryption key βDk, encryption key βEk, signature key βSk) of the certified person encrypted with the basic encryption key βE0 of the certified person. , Verification key βVk: k = 1, 2, ..., N) is stored in association with the verification key βV0 (that is, the certified person ID) and the encryption key βE0 which are the basics of the certified person.

The template storage means 76 stores the image data of the template of each certification (each holding time) by each certified person in association with the template image ID.

As shown in FIG. 6, the key set storage means 77 for the certificate service provider stores the key set γ (decryption key γD, encryption key γE, signature key γS, verification key γV) of the certificate service provider. Is.

As shown in FIG. 7, the self-certification storage means 78 stores the self-certification, and also stores the image data and masking information (optional) of the paper certificate as the verification key βVk and / or the paper certificate of the certified person. It is stored in association with the image ID.

As shown in FIG. 9, the My Page storage means 79 stores the My Page (anonymous page, real name page), and the electronic certificate and the self-certificate posted on the My Page in association with the URL of the My Page. It is a thing.

As shown in FIG. 10, the recipient information storage means 80 includes the recruitment conditions determined by the qualifications required by the recipient who requests the certified person to perform the work, and the recipient information (recipient's contact information). , Group name such as company name, industry, work content, reward information, search count / cycle setting information, etc.) is associated with the recipient ID (ID for managing the recipient by the certificate service provider). It is something to remember.

As shown in FIG. 11, the mediation information storage means 81 is provided with information on the possession qualifications of the certified person for whom an electronic certificate or a self-certificate is issued (information on whether or not the URL of My Page can be automatically transmitted, and active possession qualifications). (Including information on whether or not the certification is possible) is stored in association with the verification key βV0 (that is, the certified person ID) which is the basis of the certified person.

<Detailed configuration of recipient terminal 90: FIG. 9>

In FIG. 9, the electronic certificate receiving means 91 executes a process in which the recipient receives the electronic certificate or the self-certificate submitted by the certified person at the recipient terminal 90.

The electronic certificate receiving means 91 is certified as a My Page display means 91A for the recipient to receive an electronic certificate and a self-certificate from the certified person together with My Page via the certificate service provider system 60. Electronic certificate direct receiving means 91B for the recipient to receive the electronic certificate and self-certificate directly from the certified person without going through the certificate service provider system 60, and the received electronic certificate and self-certificate. It is configured to include a certified person confirmation means 91C and a certified person confirmation means 91D that are used regardless of whether or not the certificate service provider system 60 is used.

<Structure of Recipient Terminal 90 / Processing Means 90A / Electronic Certificate Receiving Means 91 / My Page Display Means 91A: FIGS. 9, 19>

The My Page display means 91A accesses the URL of the My Page (anonymous page, real name page) notified by the certified person, and is connected to the network 1 from the My Page transmission means 68B (see FIG. 9) of the certificate service provider system 60. It receives the My Page sent via the above and the electronic certificate and self-certificate posted on the My Page, and executes the process of displaying the received My Page on the screen of the recipient terminal 90. Is.

In this embodiment, the My Page display means 91A is provided via the network 1 by the WEB browser mounted on the recipient terminal 90 and the My Page transmission means 68B (see FIG. 9) of the certificate service provider system 60. It is realized by a transmitted WEB page and a program associated therewith (for example, a program running on a WEB browser such as Javascript (ECMAScript)). It may be realized by a program installed (installed) in advance in the recipient terminal 90.

At this time, the My Page display means 91A displays My Page (anonymous page 300, real name page 400) as shown in FIG. 19 on the screen of the recipient terminal 90. Since the My Page of FIG. 19 has already been described in detail in the description of the My Page creating means 46A (see FIG. 9) described above, detailed description thereof will be omitted here.

<Structure of recipient terminal 90 / processing means 90A / electronic certificate receiving means 91 / electronic certificate direct receiving means 91B: FIG. 9>

In FIG. 9, the electronic certificate direct receiving means 91B is the contents of the electronic certificate and the self-certificate transmitted from the electronic certificate direct submitting means 46B (see FIG. 9) of the certified person terminal 40 via the network 1. Is executed on the screen of the recipient terminal 90 in the text format and / or the certificate image format.

At this time, when the electronic certificate direct receiving means 91B displays the contents of the electronic certificate or the self-certificate in the certificate image format, the electronic certificate direct submitting means 46B of the certified person terminal 40 (see FIG. 9). In addition to the electronic certificate and self-certification, the image data of the template and the image data of the paper certificate are received from, and the image data of the certificate is displayed using them.

Further, when the electronic certificate direct receiving means 91B receives the submission of the electronic certificate or the self-certificate with the real name, the electronic certificate is obtained in a state where the personal information is decrypted from the electronic certificate direct submitting means 46B. And a self-certificate will be sent to you, and you will receive it and display the decrypted personal information. On the other hand, when the electronic certificate direct receiving means 91B receives the submission anonymously, the electronic certificate or the self-certificate is transmitted from the electronic certificate direct submitting means 46B with the personal information encrypted. Personal information will be displayed in the encrypted state, or alternative display information ("OOOO", "private", etc.) will be displayed.

Since the electronic certificate direct receiving means 91B does not receive the electronic certificate or the self-certificate using My Page, the electronic certificate or the self-certificate is received without going through the certificate service provider system 60. Will be done. Therefore, since the communication with the certificate service provider system 60 by the WEB is not performed, it is not realized by a program attached to the WEB page such as Javascript (ECMAScript). Therefore, the recipient terminal 90 is to be equipped (installed) with a program for displaying the contents of the received electronic certificate and self-certificate, and the program in that case may be a program developed by the recipient. However, it may be a program provided to the recipient by the certificate service provider (recipient support program).

<Structure of recipient terminal 90 / processing means 90A / electronic certificate receiving means 91 / certified person confirmation means 91C: FIG. 9>

In FIG. 9, when using the My Page, the certified person confirmation means 91C is transmitted together with the My Page from the My Page transmitting means 68B (see FIG. 9) of the certificate service provider system 60 via the network 1. Receive the electronic certificate (electronic certificate posted on My Page), and the verification key αV of the certified person and the signature of the certified person (electronic signature by the signature key αS of the certified person) included in the received electronic certificate. It is used to perform a certifier signature verification process that confirms the authenticity of the certifier and the integrity of the electronic certificate data.

At this time, when the certified person confirmation means 91C receives the submission of the electronic certificate with the real name, when executing the certified person signature verification process using the certified person's verification key αV and the certified person's signature, the individual After re-encrypting the information part with the certified person's encryption key βEk, the certified person signature verification process is executed. When the electronic certificate is submitted with the real name, the personal information part of the electronic certificate is in the state of being decrypted by the certified person terminal 40, but the signature of the certified person is the personal information. Since the part is attached to the encrypted electronic certificate, if the part of the personal information is in the decrypted state, the signature of the certified person cannot be verified. Therefore, the portion of the personal information decrypted by the certified person terminal 40 is re-encrypted by the recipient terminal 90, the personal information is returned to the encrypted state, and then the certified person signature verification process is executed. The encryption key βEk of the certified person used for re-encryption is included in the electronic certificate (see FIG. 3).

On the other hand, when the electronic certificate is submitted anonymously, the personal information part of the electronic certificate is not decrypted by the certified person terminal 40, so that the personal information is encrypted by the recipient terminal 90. You will receive the electronic certificate as it is. Therefore, if the submission is anonymous, the certified person signature verification process is executed without re-encryption.

When using My Page, communication with the certificate service provider system 60 (communication by WEB) is performed, so the processing of the certified person confirmation means 91C is a program provided along with the WEB page (communication by WEB). For example, it is realized by JavaScript (ECMAScript) and the like).

When the My Page is not used, the certified person confirmation means 91C receives the electronic certificate transmitted from the electronic certificate direct submission means 46B (see FIG. 9) of the certified person terminal 40 via the network 1. Then, the certified person's signature verification process is executed using the certified person's verification key αV and the certified person's signature included in the received electronic certificate. Re-encrypting personal information is the same as when using My Page.

If My Page is not used, communication with the certificate service provider system 60 (communication by WEB) is not performed, so the process of the certificater confirmation means 91C is pre-installed (installed) in the recipient terminal 90. It is realized by the program, and the program in that case may be a program developed by the recipient, or may be a program provided to the recipient by the certificate service provider (recipient support program).

The signature (electronic signature) and the verification algorithm in the present invention, including the certified person signature verification process by the certified person confirmation means 91C, are arbitrary. For example, in the signature, the hash value of the data is calculated, and the hash value is encrypted with the signature key αS (more generally, S including βS and γS) to create a signature, and in the verification of the signature, the signature is created. The person who receives the signed data calculates the hash value of the data, and the hash value matches the value obtained by decrypting the signature with the verification key αV (more generally, V including βV and γV). It is possible to adopt a method of confirming whether or not it is present. In addition, there is no need to calculate the hash value or encrypt with the signature in this way. In short, in the signature, the signature is created using the data and the signature key S, and the created signature is attached to the data. In the verification of the signature, the signature may be verified using the verification key V and the signature attached to the received data.

<Structure of recipient terminal 90 / processing means 90A / electronic certificate receiving means 91 / certified person confirmation means 91D: FIG. 9>

In FIG. 9, the certified person confirmation means 91D executes a challenge process of generating a random number and transmitting the random number to the certified person terminal 40 via the network 1, and confirms the certified person of the certified person terminal 40. Using the random number with the signature of the certified person obtained as a response from the response means 46C (see FIG. 9) and the verification key βVk of the certified person, the certified person's signature verification process for confirming the authenticity of the certified person is performed. It is something to do. At this time, as described in detail in the explanation of the certified person confirmation response means 46C on the response side, in the challenge from the recipient terminal 90, the challenge target identification that specifies the electronic certificate received by the recipient together with the random number is specified. It is preferable to send the information.

The processing of the certified person confirmation means 91D is a processing with the certified person terminal 40, but the generation of random numbers, the random number signed by the certified person, and the verification using the verification key βV of the certified person are used. The processing can also be realized by communication with the certificate service provider system 60 (communication by WEB). Therefore, the process of the certified person confirmation means 91D may be realized by a program provided accompanying the WEB page (for example, Javascript (ECMAScript) or the like), and is mounted (installed) on the recipient terminal 90. It may be realized by the existing program. In the latter case, the program may be developed by the recipient, or may be a program provided to the recipient by the certificate service provider (recipient support program).

<Recipient terminal 90 / storage means 95 / acquisition program storage means 96>

The acquisition program storage means 96 stores a program (recipient support program) downloaded from the provision program storage means 71 of the certificate service provider system 60 via the network 1. However, the recipient support program referred to here is not a program provided accompanying the WEB page (for example, Javascript (ECMAScript) or the like), but is a program installed in the recipient terminal 90 in advance. Therefore, the recipient support program includes a program provided accompanying the WEB page transmitted from the certificate service provider system 60 to the recipient terminal 90 and a pre-installed program provided by the certificate service provider to the recipient. There is a program that requires, and here it refers to the latter program.

<Process flow until the electronic certificate is registered in the certificate service provider system 60 and enters the ledger entry standby state: FIGS. 12 and 5>

In FIGS. 12 and 5, when the certified person (examinee) aiming to acquire the qualification inputs the application information for the examination on the certified person terminal 40, the application information (name, date of birth, telephone number, e-mail address, etc.) is entered. (Including the personal information of the certified person) is transmitted to the certified person system 20 (here, the certified person system 20X of the certified person X who requests proxy bookkeeping) via the network 1. In the accredited person system 20, the examination application receiving means 21A of the examinee management means 21 accepts the examination application and receives the application information (including the examination number set by the accredited person for the application) by the accredited person. It is stored in the examinee information storage means 31 in association with the personal ID for examinee management (step S1).

Subsequently, after the certification test is conducted, pass / fail information (pass / fail), qualification information (score, rank, etc.), and additional personal information (pass / fail), additional personal information (pass / fail, etc.), and additional personal information (pass / fail), qualification information (score, rank, etc.), and additional personal information (pass / fail), qualification information (score, rank, etc.) Regarding the certification number, etc.), the input from the person in charge terminal is accepted, and the information is stored in the examinee information storage means 31 in association with the personal ID (step S2).

Then, in the certified person system 20, the setting information input receiving means 23A reads the certified person's key set α (αD, αE, αS, αV) from the certified person key set storage means 33, or inputs the key set α (αD, αE, αS, αV). Is accepted, and the public key (verification key αV, encryption key αE) of the certified person is transmitted to the certificate service provider system 60 via the network 1. In addition, as certification management information, settings such as certification name, certification test holding time, certification date, pass / fail confirmation URL (also used as key set receiving URL), template image ID, examinee file (CSV file, etc.) format, etc. The input is accepted, and the accepted certification management information (the certification ID may be determined at this point, or the certification ID may be determined after transmission) is transmitted to the certificate service provider system 60 via the network 1. (Step S3). Here, the public key (verification key αV, encryption key αE) of the certified person and the certified management information (certified name, etc.) are collectively referred to as setting information.

In the certificate service provider system 60, the public key (verification key αV, encryption key αE) of the certified person transmitted from the certified person system 20 via the network 1 is set by the setting information registration means 62A. Information storage means 72. To memorize. In addition, the certification management information (certification name, the number of times the certification test was held, the certification date, the pass / fail confirmation URL (also used as the key set receiving URL), the template image ID, and the test taker file (CSV) sent from the certified person system 20). The format of the file or the like) is stored in the setting information storage means 72 in association with the certified ID and the public key (verification key αV, encryption key αE) of the certified person (step S4).

In the certificate service provider system 60, when there is an acquisition request from the setting information input receiving means 23A of the certification system 20, the certification person stored in the setting information storage means 72 by the setting information registration means 62A. Public key (verification key αV, encryption key αE), certification management information (certification ID, certification name, certification test holding time, certification date, pass / fail confirmation URL (also used as key set receiving URL), template image ID Etc.) to the certified person system 20 via the network 1 (step S5).

In the certified person system 20, the public key (verification key αV, encryption key αE) of the certified person transmitted from the certificate service provider system 60 by the setting information input receiving means 23A and the certification management information (certification ID, certification). Receive the name, certification date, etc. (step S6). However, if the public keys (αV, αE) and certification management information of these certified persons, including the certified ID, remain in the memory of the certified person system 20, steps S5 and S6 may be omitted. ..

Then, in the certified person system 20, the examinee file (for example, CSV file) as shown in FIG. 5 is created by the examinee file creating means 22 using the information about the examinee stored in the examinee information storage means 31. Create (step S7).

Subsequently, in the certified person system 20, the person authentication information read from the examinee file (CSV file, etc.) of FIG. 5 by the information transmission means 23E for the certified person is used, and the certification ID included in the certification management information is used. , The hash value or other conversion information about the personal authentication information and the authentication ID is obtained, and the obtained conversion information such as the hash value is used as the key set receiving ID (step S8). This key set receiving ID is also used as a pass / fail confirmation ID. Further, the information transmitting means 23E for the certified person uses the personal identification information different from the personal authentication information (that is, the information used for generating the common key δ) to obtain the key set receiving ID (also used as the pass / fail confirmation ID). You may create it. Since the personal authentication information and the personal identification information have already been described in detail, detailed description thereof will be omitted here.

Then, in the certified person system 20, the key set βk (decryption key βDk, encryption key βEk, signature key βSk, verification key βVk: however, k = 1, 2, ..., N) of the certified person is used by the key set generation means 23B. (Any of) is generated (step S9).

Subsequently, in the accredited person system 20, the information about the examinee read from the examinee file (CSV file, etc.) of FIG. 5 by the electronic certificate creating means 23C, and the accreditation management information (certification name, accreditation date, etc.) are used. Then, an electronic certificate as shown in FIG. 3 is created (step S10). At this time, the electronic certificate creating means 23C encrypts the personal information by the encryption key βEk (any of k = 1, 2, ..., N) of the certified person. Then, the electronic certificate creating means 23C attaches an electronic signature to the created electronic certificate data (including encrypted personal information) with the signature key αS of the certifier, and completes the electronic certificate data. Let me.

Then, in the certified person system 20, the certified person side common key generation means 23D generates each common key δ between the certified person and each certified person by using the person authentication information for each certified person (the certified person and each certified person). Step S11).

Further, in the certified person system 20, the certified person's key set βk (decryption key βDk, encryption key βEk, signature key βSk) is used by the information transmission means 23E for the certified person using the common key δ generated in step S11 above. , Verification key βVk: However, k = 1, 2, ..., N) is encrypted (step S12).

After that, in the certified person system 20, pass / fail information (pass / fail) of the certified person (examinee) read from the examinee file (CSV file, etc.) of FIG. 5 by the information transmission means 23E for the certified person. , And the key set βk (βDk, βEk, βSk, βVk) of the certified person encrypted with the common key δ, together with the key set receiving ID (also used as the pass / fail confirmation ID) created in step S8 described above. It is transmitted to the certificate service provider system 60 via the network 1 (step S13).

In the certificate service provider system 60, the pass / fail information of the certified person (examinee) transmitted from the certified person system 20 via the network 1 by the information registration means 62B for the certified person, and the encryption with the common key δ are used. The key set of the certified person βk (βDk, βEk, βSk, βVk: however, k = 1, 2, ..., N) is received, and the pass / fail information and the key set of the certified person are received. βk is stored in the information storage means 73 for the certified person in association with the key set receiving ID (also used as the pass / fail confirmation ID) (step S14).

Further, in the certified person system 20, if the result is passed, the electronic certificate (see FIG. 3) created in the above-mentioned step SS10 is transmitted to the certified person service provider system via the network 1 by the electronic certificate recording means 24. By transmitting to 60, the certificate service provider is requested to record the electronic certificate in the distributed ledger (step S15).

In the certificate service provider system 60, the electronic certificate transmitted from the certified person system 20 via the network 1 is received by the electronic certificate proxy bookkeeping means 63, and the received electronic certificate is stored in the electronic certificate. It is stored in the means 74 and put into a bookkeeping standby state (step S16).

<Flow of pass / fail confirmation on the certified person terminal 40, acquisition of the electronic certificate, and recording of the electronic certificate in the distributed ledger: FIGS. 13 and 6>

In FIGS. 13 and 6, first, the certified person is the certified person terminal 40 (here, the certified person terminal 40P of the certified person P who requests the proxy acquisition of the electronic certificate from the distributed ledger). Register to start using the service provided by the service provider. In the certified person terminal 40, the service use start registration means 41 generates the basic key set β0 (decryption key βD0, encryption key βE0, signature key βS0, verification key βV0) of the certified person, and the generated basic key. The set β0 (βD0, βE0, βS0, βV0) is stored in the key set storage means 52 for the certified person, and the basic public key (verification key βV0 and encryption key βE0) of the certified person is stored via the network 1. It is transmitted to the certificate service provider system 60 (step S21).

In the certificate service provider system 60, the certified person's basic public key (verification key βV0 and encryption key) transmitted from the certified person terminal 40 via the network 1 by the certified person key information initial registration means 64. βE0) is stored in the certified person key information storage means 75 (see FIG. 6) (step S22). The above steps S21 and S22 need only be performed once for each person or group of certified persons.

Subsequently, on the certified person terminal 40, the certified person accesses the pass / fail confirmation URL previously notified to the certified person by the information acquisition means 42A for the certified person (step S23). In the certificate service provider system 60, when the pass / fail confirmation URL is accessed from the certified person information acquisition means 42A of the certified person terminal 40, the certified ID transmitting means 65A associates it with the pass / fail confirmation URL. The certification ID stored in the setting information storage means 72 (see FIG. 6) is extracted, and the extracted certification ID is transmitted to the certified person terminal 40 via the network 1 (step S24). The certified person terminal 40 receives the certification ID transmitted from the certificate service provider system 60 via the network 1 by the information acquisition means 42A for the certified person (step S23).

Then, the certified person terminal 40 accepts the input of the personal authentication information by the certified person by the information acquisition means 42A for the certified person (step S25), and uses the input personal authentication information and the acquired certification ID. By obtaining the hash value or other conversion information, a key set receiving ID (also used as a pass / fail confirmation ID) is created (step S26). The personal identification information and the authorized ID may be used to create the key set receiving ID.

Further, in the certified person terminal 40, the created key set receiving ID is transmitted to the certificate service provider system 60 via the network 1 by the information acquisition means 42A for the certified person (step S27). In the certificate service provider system 60, the key set receiving ID transmitted from the certified person terminal 40 via the network 1 is received by the information delivery means 65B for the certified person, and the received key set receiving ID is received. The pass / fail information stored in the information storage means 73 for the certified person (see FIG. 6) in association with the key set βk (βDk, βEk, βSk, βVk) of the certified person encrypted with the common key δ. , Sent to the certified person terminal 40 via the network 1 (step S28). In the certified person terminal 40, the pass / fail information transmitted from the certificate service provider system 60 via the network 1 by the information acquisition means 42A for the certified person, and the certified person encrypted with the common key δ. The key set βk (βDk, βEk, βSk, βVk) is received (step S27).

Then, when the rejected person terminal 40 determines that the certified person has failed by using the pass / fail information acquired in the above-mentioned step S27 by the failure notification display means 42B, for example, FIG. 17 fails. As shown in the notification screen 200, on the screen of the certified person terminal 40, the fact that the test has failed is displayed (step S29).

Subsequently, when the certified person determines that the certified person has passed by using the pass / fail information acquired in step S27 described above by the certified person side common key generation means 42C on the certified person terminal 40, the certified person decides to pass. Using the entered personal authentication information, a common key δ between the certified person and the certified person is generated. Further, using this common key δ, the key set of the certified person encrypted with the common key δ in the certified person system 20 acquired in step S27 described above by the key set decryption means 42D for the certified person. Decoding βk (βDk, βEk, βSk, βVk) (step S30).

Then, in the certified person terminal 40, the verification key βVk (one of k = 1, 2, ..., N) of the certified person obtained by decoding in the above step S30 by the pass notification display means 42E is used. It is transmitted to the certificate service provider system 60 via the network 1 (step S31). In the certificate service provider system 60, the verification key βVk (k = 1, 2, ..., N of the certified person, which is transmitted from the certified person terminal 40 via the network 1 by the pass notification display assisting means 65C, (Any) is received, and the received verification key βVk of the certified person is used to obtain an electronic certificate from the electronic certificate storage means 74, and the template image ID included in the obtained electronic certificate is used. Then, the image data of the template is acquired from the template storage means 76 or the distributed ledger, and the acquired electronic certificate and the image data of the template are transmitted to the certified person terminal 40 via the network 1 (step S32). The certified person terminal 40 receives the image data of the electronic certificate and the template transmitted from the certificate service provider system 60 via the network 1 by the pass notification display means 42E, and receives, for example, the pass notification of FIG. As shown on the screen 210, it is displayed that the result is passed (step S31). At this time, the pass notification display means 42E decodes the personal information portion using the decryption key βDk of the certified person, and then displays the certificate image display unit 211 (see FIG. 17) for pass notification. conduct.

After that, in the certified person terminal 40, the key set βk (βDk, βEk, βSk, βVk: k = 1, 2, ... , N) is encrypted with the certified person's basic encryption key βE0, and the encrypted key set βk of the certified person is used as the certified person's basic verification key βV0 (that is, the certified person ID). At the same time, the key is transmitted to the certificate service provider system 60 via the network 1 (step S33). At the same time, the key set transmission means 42F for the certified person issues an instruction for recording the electronic certificate in the bookkeeping standby state in the distributed ledger.

In the certificate service provider system 60, the certified person's key set βk (certified person's basic encryption) transmitted from the certified person's terminal 40 via the network 1 by the certified person's key information additional registration means 65D. The key βE0 encrypted) is received together with the certified person's basic verification key βV0 (that is, the certified person ID), and the received certified person's key set βk (k = 1, 2, ... , N) is stored in the certified person key information storage means 75 (see FIG. 6) in association with the certified person's basic verification key βV0 (certified person ID) (step S34).

Further, the certified person key information additional registration means 65D receives the network 1 as an instruction for recording the electronic certificate in the bookkeeping standby state in the distributed ledger from the certified person key set transmitting means 42F of the certified person terminal 40. Receives the verification key βVk (one of k = 1, 2, ..., N) of the certified person (one that is not encrypted with the basic encryption key βE0 of the certified person) sent via Then, as an instruction for linking the ledger bookkeeping, the received verification key βVk of the certified person is transmitted to the electronic certificate proxy bookkeeping means 63 (step S34).

Then, in the certificate service provider system 60, the certificate service business that is the bookkeeper is added to the data of the electronic certificate in the bookkeeping standby state stored in the electronic certificate storage means 74 by the electronic certificate proxy bookkeeping means 63. A plurality of participants who create bookkeeping data by adding the verification key γV of the person and connect the bookkeeping data to the P2P network 2 for forming a distributed ledger via a communication line (network 1 or a dedicated line). By transmitting to any of the nodes 100, proxy posting is performed in the distributed ledger. In the participant node 100, the block addition means 102 (see FIG. 2) is used to generate a block containing the bookkeeping data and perform a process for sharing and storing the block in the plurality of participant nodes 100 (step S35).

<Flow of process for creating and registering a self-certification (self-certified fictitious electronic certificate created from a paper certificate image: Fig. 14, Fig. 7>

In FIGS. 14 and 7, first, the certified person scans his / her own paper certificate or takes a photograph to create image data of the paper certificate. Any device may be used for this work. Next, the image data of the created paper certificate is read by the paper certificate image reading means 44A on the certified person terminal 40 (step S41).

Subsequently, at the certified person terminal 40, the certified person's key set βk (decryption key βDk, encryption key βEk, signature key βSk, verification key βVk: however, k = 1) is used by the certified person's key set generation means 44B. , 2, ..., N) is generated (step S42). However, if the key set βk is possessed, it may be omitted.

Then, on the certified person terminal 40, the key set βk (βDk, βEk, βSk, βVk: k = 1, 2, ... , N) is encrypted with the certified person's basic encryption key βE0, and the encrypted key set βk of the certified person is used as the certified person's basic verification key βV0 (that is, the certified person ID). At the same time, the key is transmitted to the certificate service provider system 60 via the network 1 (step S43).

In the certificate service provider system 60, the key set βk (βDk, βEk, βSk, βVk) of the certified person transmitted from the certified person terminal 40 via the network 1 by the certified person key information additional registration means 67A. : K = 1, 2, ..., N) is received together with the certified person's basic verification key βV0 (that is, the certified person ID), and the received certified person's key set βk (certified person). (Encrypted with the basic encryption key βE0) is stored in the certified person key information storage means 75 (see FIG. 6) in association with the certified person's basic verification key βV0 (certified person ID). (Step S44).

Subsequently, on the certified person terminal 40, the public key (verification key βVk, encryption key βEk) of the certified person's key set βk generated in step S42 described above by the paper certification image transmitting means 44D, and the above-mentioned The image data of the paper certificate read in step S41 and the masking information when the input (arbitrary) of the masking information is accepted are transmitted to the certificate service provider system 60 via the network 1 (step). S45). Since the masking information has already been described in detail, detailed description thereof will be omitted here.

In the certificate service provider system 60, the certified person's public key (verification key βVk, encryption key βEk) and paper transmitted from the certified person terminal 40 via the network 1 by the paper certificate image acquisition means 67B. Receives the image data of the certificate and masking information (arbitrary), and associates the received image data of the paper certificate and masking information (arbitrary) with the verification key βVk and / or the paper certificate image ID of the certified person. It is stored in the certificate storage means 78 (step S46).

Then, in the certificate service provider system 60, the OCR process (optical character reading process) for reading the character information from the image data of the paper certificate received in the above step S46 is executed by the text conversion means 67C (step S47). ). This OCR process may be requested to the external service system 110.

Subsequently, in the certificate service provider system 60, the extraction means 67D extracts the qualification information including the certified name, the personal information including the name, and the like from the character information read in the above step S47 (step S48).

Then, the extraction means 67D transmits the extraction information (qualification information, personal information, etc.) to the certified person terminal 40 via the network 1 (step S49). The certified person terminal 40 receives the extracted information transmitted from the certificate service provider system 60 via the network 1 by the extracted information confirmation means 44E, and whether or not the received extracted information is correct and its correction information. The confirmation result including the above is transmitted to the certificate service provider system 60 via the network 1 (step S50). In the certificate service provider system 60, the extraction means 67D receives the confirmation result transmitted from the certified person terminal 40 via the network 1 (step S49). The processing of steps S49 and S50 may be omitted.

After that, the self-certificate service provider system 60 creates a self-certificate (fictitious electronic certificate by self-certification of the certified person) as shown in FIG. 7 by the self-certificate creation means 67E, and the created self-certificate. Is stored in the self-certification storage means 78 (step S51).

Further, if necessary, in the certificate service provider system 60, the self-certification created in the above step S51 is transmitted by the self-certification recording means 67F via the communication line (network 1 or dedicated line). The self-certification is directly recorded in the distributed ledger by transmitting it to any of the plurality of participant nodes 100 connected to the P2P network 2 for forming the distributed ledger (step S52).

<Process flow when the electronic certificate is directly recorded from the certified person system 20 to the distributed ledger and when the electronic certificate is directly obtained from the distributed ledger by the certified person terminal 40: FIGS. 15 and 8)

In FIGS. 15 and 8, first, the certified person is the certified person terminal 40 (here, the certified person terminal 40Q of the certified person Q who directly obtains the electronic certificate from the distributed ledger), and is a certificate service provider. Register to start using the service provided by (step S61). However, it may be omitted if the usage start registration has already been completed. This process is the same as in the case of step S21 of FIG. 13 described above.

In the certificate service provider system 60, the certified person's basic public key (verification key βV0 and encryption key) transmitted from the certified person terminal 40 via the network 1 by the certified person key information initial registration means 64. βE0) is stored in the certified person key information storage means 75 (see FIG. 6) (step S62). This process is the same as in the case of step S22 in FIG. 13 described above. If the service such as the creation of My Page provided by the certificate service provider is not used, the processes of these steps S61 and S62 may be omitted.

Next, at the certified person terminal 40, the certified person's key set βk (decryption key βDk, encryption key βEk, signature key βSk, verification key βVk: however, k = 1) is used by the certified person's key set generation means 45A. , 2, ..., N) is generated (step S63). However, if the key set βk is possessed, it may be omitted.

Subsequently, the certified person (examinee) applies for the examination on the certified person terminal 40, and the application information (name, date of birth, telephone number, personal information such as e-mail address, and disclosure of the certified person). The key (including the verification key βVk and the encryption key βEk) is transmitted to the certified person system 20 (here, the certified person system 20Y of the certified person Y who directly records in the distributed ledger) via the network 1 (step S64). ).

In the certified person system 20 (20Y), the test application receiving means 21A of the test taker management means 21 receives the application information transmitted from the certified person terminal 40 (40Q) via the network 1 and accepts the test application. , The received application information (including personal information such as name, date of birth, telephone number, e-mail address, and public key of the certified person (verification key βVk, encryption key βEk)) is managed by the certified person. It is stored in the examinee information storage means 31 in association with the personal ID for (step S65). The difference from the case of step S1 of FIG. 12 described above is that the public key (verification key βVk, encryption key βEk) of the certified person is accepted as the application information from the certified person. The certified person system 20 (20Y) does not generate the key set βk (βDk, βEk, βSk, βVk) of the certified person, and the key set βk of the certified person via the certificate service provider system 60. This is because the delivery is not performed.

Subsequently, after the certification test is conducted, pass / fail information (pass / fail), qualification information (score, rank, etc.), and additional personal information (pass / fail), additional personal information (pass / fail, etc.), and additional personal information (pass / fail), qualification information (score, rank, etc.), and additional personal information (pass / fail), qualification information (score, rank, etc.) (Certification number, etc.) is received from the person in charge terminal and stored in the examinee information storage means 31 in association with the personal ID (step S66).

Then, in the certified person system 20, the setting information input receiving means 25A reads the certified person's key set α (αD, αE, αS, αV) from the certified person key set storage means 33, or inputs the key set α (αD, αE, αS, αV). And also accepts the input of certification management information (certification name, holding time, certification date, etc.) (step S67).

At this time, unlike the case of step S3 of FIG. 12 described above, the pass / fail confirmation URL (also used as the key set receiving URL) is not input in the certification management information. This is because the certified person system 20Y does not generate the key set βk of the certified person, so that it is not necessary to pass the key set βk to the certified person, the URL for receiving the key set is not required, and the pass / fail notification is given. This is because the pass / fail confirmation URL is not used.

Then, in the certified person system 20, the certified person (examinee) who has passed the test has the same configuration as the electronic certificate created by the process of step S10 in FIG. 12 described above by the electronic certificate creating means 25B. Create an electronic certificate (see FIG. 3) (step S68). At this time, since the certified person system 20Y does not generate the key set βk of the certified person, the electronic certificate creating means 25B uses the verification key βVk of the certified person included in the application information received in step S65 described above. And the encryption key βEk (one of k = 1, 2, ..., N) is used to create an electronic certificate.

Further, in the process of step S10 of FIG. 12 described above, necessary information to be included in the electronic certificate was read from the examinee file (for example, a CSV file), but in the process of this step S68, the electronic certificate is created. The means 25B directly reads necessary information from the information about the examinee stored in the examinee information storage means 31. However, you may create an examinee file (for example, CSV file, etc.) and read it from there.

Subsequently, in the certified person system 20, the verification key αV of the certified person system 20 (20Y), which is the book holder, is added to the data of the electronic certificate created in the above step S68 by the electronic certification bookkeeping means 25C. , Create bookkeeping data and send this bookkeeping data to any of the plurality of participant nodes 100 connected to the P2P network 2 for forming the distributed ledger via the communication line (network 1 or dedicated line). The electronic certificate is directly recorded in the distributed ledger (step S69).

Subsequently, in the certified person system 20, the pass / fail information (pass / fail) and the certified person (examinee) are obtained from the information about the examinee stored in the examinee information storage means 31 by the pass / fail notification means 25D. Read the contact information, create and send an e-mail for pass / fail notification to the certified person (examinee), and print the pass / fail notification (paper) to be sent to the certified person (examinee). The process or the like is executed (step S70).

After that, the certified person (examinee) receives the pass / fail notification e-mail on the certified person terminal 40 (40Q), or receives the mailed pass / fail notification (paper), and the result of the pass / fail. (Step S71).

Subsequently, on the certified person terminal 40 (40Q), after receiving the pass / fail notification from the certified person (provided that the result is passed) by the electronic certificate acquisition means 45B, or at any time thereafter, the above-mentioned step The verification key βVk (verification key βVk of the certified person included in the application information in the process of step S64 described above and transmitted to the certified person system 20) in the key set βk of the certified person generated in S63 is connected to the communication line ( Obtain the electronic certificate directly from the distributed ledger by transmitting it to any of the plurality of participant nodes 100 connected to the P2P network 2 for forming the distributed ledger via the network 1 or a dedicated line (step). S72). At this time, in the participant node 100, the reference request response means 103 (see FIG. 2) acquires the electronic certificate by using the verification key βVk of the certified person.

Then, on the certified person terminal 40 (40Q), the pass confirmation display means 45C uses the electronic certificate data directly acquired from the distributed ledger in step S72 above to display the data on the screen of the certified person terminal 40Q. The contents of the electronic certificate are displayed by text and / or the certificate image (step S73). At this time, the pass confirmation display means 45C uses the decryption key βDk of the key set βk of the certified person generated in step S63 described above for the personal information part of the electronic certificate directly acquired from the distributed ledger. Decode using and then display.

After that, the key set βk (βDk, βEk, βSk, βVk: k = 1, of the certified person generated in the above-mentioned step S63 by the key set transmitting means 45D for the certified person on the certified person terminal 40 (40Q)). 2, ..., N) is encrypted with the certified person's basic encryption key βE0, and the encrypted key set βk of the certified person is used as the certified person's basic verification key βV0 (that is, certified). It is transmitted to the certificate service provider system 60 via the network 1 together with the person ID) (step S74).

In the certificate service provider system 60, the key set βk (k = 1, 2, ..., N) of the certified person encrypted with the encryption key βE0 by the certified person key information additional registration means 65D (see FIG. 6). Is stored in the certified person key information storage means 75 in association with the verification key βV0 (that is, the certified person ID) of the certified person's basics (step S75). The processing of steps S74 and S75 may be omitted if the service such as the creation of My Page by the certificate service provider is not used.

<Flow of submission process of electronic certificate (including self-certification) from the certified person terminal 40 to the recipient terminal 90: FIGS. 16 and 9>

In FIGS. 16 and 9, when the certified person submits an electronic certificate or a self-certification to the recipient using My Page, the certified person first creates the My Page on the certified person terminal 40. Specifically, on the certified person terminal 40, the My Page creation means 46A issues an instruction to the electronic certificate acquisition means 43 to collectively acquire all the electronic certificates and self-certificates held by the certified person. (Step S81). Then, the electronic certificate acquisition means 43 cooperates with the electronic certificate proxy acquisition means 66 of the certificate service provider system 60 via the network 1, and all the electronic certificates and self-certification by the electronic certificate proxy acquisition means 66. Collective proxy acquisition of certificates is performed (step S82).

More specifically, first, in the certified person terminal 40, the certification key βV0 (that is, the certified person ID), which is the basic verification key of the certified person, is transmitted to the certified person terminal 40 by the electronic certificate acquisition means 43 via the network 1. It is transmitted to the person system 60 (step S81).

The certificate service provider system 60 receives the basic verification key βV0 (certified person ID) of the certified person transmitted from the certified person terminal 40 via the network 1 by the electronic certificate proxy acquisition means 66. Then, using the received verification key βV0, all the key sets βk (k = 1, 2, ..., N) of the certified person are acquired from the certified person key information storage means 75 (see FIG. 6). , All the acquired key sets βk of the certified person (encrypted with the basic encryption key βE0 of the certified person) are transmitted to the certified person terminal 40 via the network 1 (step S82).

In the certified person terminal 40, all the key sets βk (k = 1, 2, ..., Of the certified person transmitted from the certificate service provider system 60 via the network 1 by the electronic certificate acquisition means 43. All key sets βk (k = 1, 2, ...,) Received (all of n) and encrypted with the certified person's basic encryption key βE0 using the certified person's basic decryption key βD0, By decrypting all of n), all verification keys βVk (k = 1, 2, ..., All of n) of the certified person are obtained. Further, all the verification keys βVk (all of k = 1, 2, ..., N) of the certified person obtained by the electronic certificate acquisition means 43 are transferred to the certificate service provider system 60 via the network 1. Transmit (step S81).

In the certificate service provider system 60, all verification keys βVk (k = 1, 2, ... , N) are received, and all of these verification keys βVk are connected to the P2P network 2 for forming the distributed ledger via the communication line (network 1 or dedicated line) of the plurality of participant nodes 100. Obtain all electronic certificates of the certified person from the distributed ledger by sending to either. At this time, in the present embodiment, all the electronic certificates are acquired from the distributed ledger by using the reference request response means 103 of the participant node 100 using all the verification keys βVk of the certified person, and all the acquired electronic certifications are obtained. The certificate is transmitted to the electronic certificate proxy acquisition means 66 via the communication line (network 1 or dedicated line). Then, all the electronic certificates received from the reference request response means 103 are transmitted to the certified person terminal 40 via the network 1 by the electronic certificate proxy acquisition means 66 (step S82).

Further, in the case of batch acquisition of self-certificates, if the self-certificates stored in the distributed ledger are acquired, the same processing as in the case of acquiring an electronic certificate is performed by the electronic certificate proxy acquisition means 66. Run. However, as described in detail above, the self-certificate may not be recorded in the distributed ledger in principle, but may only be stored in the self-certificate storage means 78 of the certificate service provider system 60. .. Therefore, the self-certification is obtained from the self-certification storage means 78 by using the verification key βVk of the certified person by the electronic certificate proxy acquisition means 66, and the obtained self-certification is certified via the network 1. Transmission to the user terminal 40 (step S82).

The certified person terminal 40 receives all the electronic certificates and self-certificates held by the certified person transmitted from the certificate service provider system 60 via the network 1 by the electronic certificate acquisition means 43. (Step S81).

Subsequently, at least one My Page (anonymous page, real name page) is created by the My Page creation means 46A on the certified person terminal 40. In the case of creating a real name page, the decryption key βDk of the certified person is used to decrypt the part of the personal information included in the electronic certificate or the self-certification. Then, the URL of each created My Page is displayed on the screen of the certified person terminal 40 (step S83).

Further, in the certificate service provider system 60, the My Page creation assisting means 68A cooperates with the My Page creating means 46A of the certified person terminal 40 via the network 1 to assist in the creation of the My Page. At this time, the image data of the template is acquired and transmitted to the certified person terminal 40, the intellectual property information is acquired and transmitted to the certified person terminal 40 (optional), and the created My Page and its My Page are displayed. The posted electronic certificate or self-certificate is stored in the My Page storage means 79 in association with the URL of the My Page (step S84). Since the processing of these steps S83 and S84 is described in detail in the description of the My Page creation means 46A and the My Page creation assisting means 68A, detailed description thereof will be omitted here.

Then, the certified person transmits the URL of the My Page created by the certified person (self) to the recipient by a method such as sending an e-mail addressed to the recipient from the certified person terminal 40 (step S85). .. Further, it is possible to transmit by mailing a paper containing the URL of My Page or by facsimile transmission, but in this embodiment, since the URL of My Page is complicated, it is possible to input by keystroke on the recipient terminal 90. Since it is not suitable, it is preferable to transmit the URL by converting it into a two-dimensional bar code or the like. The My Page creating means 46A of the certified person terminal 40 also has a function of converting the URL of the My Page into a two-dimensional bar code.

Subsequently, the recipient receives an e-mail addressed to the recipient (self) on the recipient terminal 90, displays the URL of My Page described in the e-mail, or converts the URL of My Page 2 Obtain the URL of My Page transmitted from the certified person by a method such as reading a dimensional bar code (step S86).

After that, the recipient terminal 90 accesses the URL of the My Page (anonymous page, real name page) notified by the certified person by the My Page display means 91A (step S87). In the certificate service provider system 60, upon receiving this access, the My Page transmitted means 68B associates with the URL and is stored in the My Page storage means 79, and the electronic certification posted on the My Page. The certificate and the self-certificate are acquired, and the electronic certificate and the self-certificate are transmitted to the recipient terminal 90 via the network 1 together with My Page (step S88). In the recipient terminal 90, the My Page display means 91A receives the My Page transmitted from the certificate service provider system 60, the electronic certificate and the self-certificate accompanying the My Page, and the My Page is the recipient terminal 90. Display on the screen (step S87). At this time, the recipient terminal 90 receives the electronic certificate and the self-certificate in which the personal information is encrypted in the case of submission by the anonymous page, and the personal information in the case of submission by the real name page. You will receive an electronic certificate and a self-certificate in the state of being decrypted with the decryption key βDk of the certified person. Since the electronic certificate received in step S87 was acquired by the certificate service provider system 60 on behalf of the distributed ledger at the request of the certified person terminal 40 at the time of creating My Page, it is eventually recorded in the distributed ledger. The electronic certificate that has been used is transmitted from the certified person terminal 40 to the recipient terminal 90 via the certificate service provider system 60, and is submitted.

The above steps S81 to S88 are the flow of submission and receipt of the electronic certificate and the self-certificate using My Page, but when My Page is not used, it is as follows. In addition, as a case where My Page is not used, there are cases where a proxy acquisition is requested and cases where acquisition is performed directly.

When the certified person (certified person P requesting proxy acquisition) requests the certification service provider system 60 to obtain an electronic certificate or self-certification, the certified person terminal 40 (40P) is used electronically. The verification key βVk (k = 1, 2, ..., N) of the certified person included in the electronic certificate or self-certificate to be acquired by the certificate acquisition means 43 (see FIG. 6), or all of them. (May be), is transmitted to the certificate service provider system 60 via the network 1 (step S89), and the certificate service provider system 60 is certified by the electronic certificate proxy acquisition means 66 (see FIG. 6). The electronic certificate and the self-certificate are obtained by proxy from the distributed ledger using the verification key βVk of the person, or the self-certificate of the unregistered ledger is obtained from the self-certificate storage means 78 and received via the network 1. It is transmitted to the electronic certificate acquisition means 43 of the certified person terminal 40 (40P) (step S90).

On the other hand, if the certified person (certified person Q who directly obtains the certificate) obtains the electronic certificate or self-certificate by himself / herself, that is, without going through the certificate service provider system 60, the certified person At the terminal 40 (40Q), the verification key βVk (k = 1, 2, ... , N, or all) to obtain an electronic certificate and a self-certificate (provided that the self-certificate is recorded in the distributed ledger) directly from the distributed ledger (step S89). .. When requesting the certificate service provider system 60 to create a self-certificate, the certified person (certified person Q) has received the completed self-certificate from the certificate service provider system 60. In that case, since the self-certification certificate already exists on the certified person terminal 40 (40Q), there is no need to perform the acquisition work.

Then, on the certified person terminal 40 (either 40P or 40Q), the electronic certificate and the self-certificate obtained in the above step 89 are connected to the network by the electronic certificate direct submission means 46B (see FIG. 9). It is transmitted to the recipient terminal 90 via 1 (step S91). At this time, when submitting the electronic certificate or self-certificate with the real name, the part of the personal information included in the electronic certificate or self-certificate to be submitted to the recipient by the electronic certificate direct submission means 46B ( Encrypted with the certified person's encryption key βEk) is decrypted with the certified person's decryption key βDk and then transmitted to the recipient terminal 90. Further, when the electronic certificate or the self-certificate is submitted anonymously, the electronic certificate or the self-certificate in which the personal information is encrypted is transmitted to the recipient terminal 90.

Then, at the recipient terminal 90, the contents of the electronic certificate and the self-certificate transmitted from the certified person terminal 40 via the network 1 by the electronic certificate direct receiving means 91B (see FIG. 9) are input to the recipient. It is displayed in a text format and / or a certificate image format on the screen of the terminal 90 (step S92). At this time, the recipient terminal 90 receives the electronic certificate and the self-certificate in which the personal information is encrypted in the case of submission by the anonymous page, and the personal information in the case of submission by the real name page. You will receive an electronic certificate and a self-certificate in the state of being decrypted with the decryption key βDk of the certified person.

Then, on the recipient terminal 90, the certified person verification key αV and the certified person included in the received electronic certificate are included in the received electronic certificate regardless of whether or not the My Page is used by the certified person confirmation means 91C (see FIG. 9). Using the signature (electronic signature by the signature key αS of the certifier), the certifier signature verification process for confirming the authenticity of the certifier and the integrity of the data of the electronic certificate is executed (step S93). At this time, if the electronic certificate has been submitted with the real name, the personal information part is re-encrypted with the certified person's encryption key βEk by the certified person confirmation means 91C, and then the certified person's signature verification process is performed. To execute.

Subsequently, the recipient terminal 90 executes a challenge process of generating a random number by the certified person confirmation means 91D (see FIG. 9) and transmitting the random number to the certified person terminal 40 via the network 1 (step). S94). In this challenge process, it is preferable to transmit the challenge target specific information that identifies the electronic certificate or self-certificate (that is, the confirmation target) received by the recipient together with the random number.

The certified person terminal 40 receives a random number transmitted from the recipient terminal 90 via the network 1 by the certified person confirmation and response means 46C (see FIG. 9) (step S95), and with respect to the received random number. A response process is executed in which a signature is attached using the signature key βSk of the certified person and a signed random number is transmitted to the recipient terminal 90 via the network 1 (step S96).

The recipient terminal 90 receives a random number signed by the certified person transmitted from the certified person terminal 40 via the network 1 by the certified person confirmation means 91D (see FIG. 9), and the received certified person terminal 90 receives the random number. Using the random number with the signature of the person and the verification key βVk of the certified person, the certified person's signature verification process for confirming the authenticity of the certified person is executed (step S97).

<Flow of mediation processing between certified person and recipient: Fig. 20, Fig. 10>

In FIGS. 20 and 10, the certified person has each qualification (recorded in the distributed ledger) stored in the mediation information storage means 81 (see FIG. 11) of the certificate service provider system 60 in the certified person terminal 40. It may be limited to the qualifications related to the electronic certificate of, and the qualifications related to the self-certificate may or may not be included. In addition to inputting the setting of the enable / disable information), set the enable / disable information of the URL automatic transmission for each My Page created by the certified person (self), and enter the activation enable / disable information and the URL automatic transmission of the My Page. Information on whether or not the above is possible is transmitted to the certificate service provider system 60 via the network 1 (step S121). It should be noted that the setting input at the time of creating My Page may be used, or the setting input may be performed after the fact.

In the certificate service provider system 60, information on whether or not the possession qualification of the certified person can be activated, which is transmitted from the certified person terminal 40 via the network 1 by the mediation information setting means 69A (see FIG. 10), and The certified person possesses the information on whether or not the URL of each My Page of the certified person can be automatically transmitted, and the information on whether or not the accepted qualification of the certified person can be activated and the information on whether or not the URL of each My Page can be automatically transmitted. As the information regarding the qualification, it is stored in the mediation information storage means 81 (see FIG. 11) in association with the verification key βV0 (that is, the certified person ID) which is the basis of the certified person (step S122).

On the other hand, the recipient requests the acquisition of the latest qualification list (at least the list of qualifications known by the certificate service provider) on the recipient terminal 90, and the certificate service provider system 60 to the network 1 The qualification list information transmitted via the above is received, and the qualification list is displayed on the screen of the recipient terminal 90 (step S123). In the certificate service provider system 60, the information of the qualification list is transmitted to the recipient terminal 90 via the network 1 in response to the acquisition request from the recipient terminal 90 by the recipient information input receiving means 69B (see FIG. 10). Transmission (step S124). Further, when the processing of steps S123 and S124 is the first time, the certificate service provider sets the recipient ID for managing the recipient.

Subsequently, the recipient creates the qualification holding conditions (recruiting conditions) required of the certified person (worker such as a cloud worker) who requests the work on the recipient terminal 90 by AND or OR, and also creates the recipient's conditions. Group name such as company name (name in the case of an individual), contact information, industry, work content, reward, search frequency / cycle setting information (one-time search or once a day, one week Enter the setting information of the repeated search at intervals such as once a month, etc.), and enter the created job conditions and the entered recipient's contact information, etc. Information is transmitted to the certificate service provider system 60 via the network 1 (step S125).

In the certificate service provider system 60, the recipient information including the recruitment conditions and the recipient's contact information transmitted from the recipient terminal 90 via the network 1 by the recipient information input receiving means 69B (see FIG. 10). Is received, and the received recipient information is stored in the recipient information storage means 80 (see FIG. 10) in association with the recipient ID (step S126).

Then, in the certificate service provider system 60, the condition-matching my page extraction means 69C (see FIG. 10) accepts in step S126 above and stores the recruitment conditions and the mediation information storage means in the recipient information storage means 80. Using the information on the possession qualifications of each certified person stored in 81 (see FIG. 11), the qualifications that meet the recruitment conditions from all the certified persons (however, in this embodiment, they are activated. Only the certified persons who have the qualifications (activation availability information = qualifications that are "possible") are extracted (step S127), and further created by each of the extracted certified persons. From all the My Pages that have been created, extract the My Page that is the My Page that allows automatic transmission of the URL of the My Page and that contains the information on the qualifications that match the recruitment conditions (step). S128).

Subsequently, the certificate service provider system 60 accepts the URL of one or more My Pages extracted in step S128 above by the My Page URL automatic transmission means 69D (see FIG. 10) in step S126 described above. To the recipient's contact information (eg, e-mail address) stored in the recipient information storage means 80 (see FIG. 10) via the network 1 (step S129).

After that, the recipient receives the URL of one or more My Pages transmitted from the certificate service provider system 60 on the recipient terminal 90, for example, by e-mail, and the URL of each received My Page. Is displayed on the screen of the recipient terminal 90 by the mailer. Then, the URL of each received My Page is selectively accessed by the My Page display means 91A (see FIG. 9) (for example, one of the URLs of each My Page displayed by the mailer is selected and clicked, and clicked. The WEB browser is started.), And the accessed My Page is displayed (step S130). This process is the same as the process of steps S87 and S88 of FIG. 16 described above.

Further, the recipient selects the My Page of the certified person to be contacted from the My Page referred to in step S130 above, and the URL of the selected My Page is entered along with the Recipient ID via the network 1. It is transmitted to the certificate service provider system 60 (step S131). This transmission may be transmission by e-mail or the like, or may be transmission using a WEB page transmitted from the notification means 69E (see FIG. 10) for certified persons of the certificate service provider system 60. At this time, in the present embodiment, the URL of My Page is complicated and not suitable for input by keystroke. Therefore, when it is necessary to pass the URL between a plurality of programs started on the recipient terminal 90. For example, it is preferable to copy and paste the URL on the recipient terminal 90, or to move the URL between programs by dragging and dropping.

In the certificate service provider system 60, the recipient's selection information (certified selected by the recipient) transmitted from the recipient terminal 90 via the network 1 by the notification means 69E (see FIG. 10) for the certified person. The person's My Page URL) is received together with the recipient ID, and the authorized person who created the My Page is identified from the received My Page URL (for example, My Page is stored in association with the URL of the My Page). (Specify from the information posted on My Page stored in the means 79 and the information contained in the electronic certificate and self-certificate posted on the My Page), and the recipient information stored using the received recipient ID. Recipient information including the recipient's contact information (eg, e-mail address, etc.) is acquired from means 80 (see FIG. 10) (step S132).

Then, in the certificate service provider system 60, the recipient (company) who wishes to contact the certified person by the notification means 69E for the certified person toward the contact information of the identified person. Etc.) to notify the recipient information (including contact information) (step S133). This notification may be, for example, an e-mail addressed to the certified person.

The certified person receives a notification from the certificate service provider system 60 on the certified person terminal 40 (step S134). The notification may be received, for example, by receiving an e-mail.

Subsequently, the certified person contacts the recipient (company or the like) who wishes to contact himself / herself on the certified person terminal 40 (step S135). This communication may be made by e-mail or the like addressed to the recipient. At this time, for example, by sending an e-mail to the recipient, the URL of the person to be certified (own)'s My Page (anonymous page, real name page) may be sent, or the electronic certificate or self-certificate held by the person may be sent. You may send (in the case of submission with your real name, send after decrypting your personal information). When contacting the recipient anonymously, the sender of the e-mail or the like must also be anonymous.

After that, the recipient receives a contact from the certified person terminal 40 (step S136). At this time, when the URL of My Page is transmitted from the certified person terminal 40 via the network 1, the recipient terminal 90 can access the URL and refer to the contents of My Page again. .. Further, when the electronic certificate or the self-certificate is transmitted from the certified person terminal 40 via the network 1, the contents of the electronic certificate or the self-certificate are confirmed on the recipient terminal 90 or attached to the electronic certificate. Signature verification can be performed.

<Effect of this embodiment>

According to the present embodiment as described above, there are the following effects. That is, in the electronic certificate delivery system 10, the electronic certificate (see FIG. 3) to be created has the verification key αV of the certified person and the verification key βVk (k = 1, 2, ..., N) of the certified person. , And credential information including the certification name, so that the electronic certificate can function as information indicating "who, who, what" the certification. Further, in the present embodiment, since the certification date is included in the qualification information, the electronic certificate can function as information indicating "who, who, when, what" the certification.

Further, in the electronic certificate delivery system 10, since the created electronic certificate is stored in the distributed ledger, it is possible to prevent falsification of the certification information (certified content information). That is, in the Blockcerts described in Non-Patent Document 1 described above, only the hash value of the certification information (certified content information) is recorded in the blockchain, whereas in the electronic certificate delivery system 10 , Since the entire electronic certificate is stored in the distributed ledger, it is possible to prevent falsification.

Further, in the electronic certificate delivery system 10, the electronic certificate to be created (see FIG. 3) includes the signature of the certified person by the signature key αS of the certified person, so that the electronic certificate submitted by the certified person is included. The recipient who received the data can confirm the integrity of the data of the electronic certificate by executing the certifier signature verification process by the certifier confirmation means 91C (see FIG. 9) on the recipient terminal 90. Falsification can be detected.

In addition, since the certified person can submit an electronic certificate instead of a paper certificate to the recipient, it is possible to ensure uniqueness in personal identification. That is, by submitting an electronic certificate, it can be proved that the electronic certificate is not owned by another person of the same sex and the same name.

Furthermore, when submitting an electronic certificate to the recipient, the personal information contained in the electronic certificate can be encrypted and submitted, so the electronic certificate can be submitted anonymously. , Cloud working and other anonymous working styles can be used.

Further, the certified person confirmation means 91C (see FIG. 9) of the recipient terminal 90 can re-encrypt the personal information decrypted by the certified person terminal 40 by the recipient terminal 90 and verify the signature of the certified person. Since the configuration is such that the recipient can submit the electronic certificate with the personal information decrypted in order to submit the contents of the electronic certificate to the recipient with the real name, the recipient terminal 90 Then, the signature of the certified person can be verified. That is, when the electronic certificate is recorded in the distributed ledger with the personal information encrypted, in order for the certified person to submit the contents of the electronic certificate to the recipient with his / her real name, the certified person terminal Personal information will be decrypted at 40, but if it is decrypted, it will be a process equivalent to falsification of data by a third party, so at the recipient terminal 90, using the verification key αV of the certified person, It will not be possible to verify the signature of the certified person. Therefore, in order to prevent this, the recipient terminal 90 is used to re-encrypt the personal information with the encrypted key (public key) βEk (either k = 1, 2, ..., N) of the certified person. While receiving the submission with the real name, it is possible to verify the signature of the certified person. At this time, in the present embodiment, since the electronic certificate (see FIG. 3) includes the encryption key (public key) βEk of the certified person, the certified person confirmation means 91C (see FIG. 9) uses this. Can be re-encrypted.

Further, in the electronic certificate delivery system 10, the recipient terminal 90 performs a challenge process using random numbers by the certified person confirmation means 91D (see FIG. 9), and the certified person terminal 40 performs the certified person confirmation response means 46C. (See FIG. 9), it is possible to perform response processing for adding a signature to a random number using the signature key βSk (any of k = 1, 2, ..., N) of the certified person. Therefore, when the recipient receives the electronic certificate (see Fig. 3) or self-certificate (see Fig. 7), the certified person who submitted the electronic certificate or self-certificate is the electronic certification. Possess the signature key βSk of the certified person corresponding to the verification key βVk of the certified person included in the certificate or self-certification (k of the signature key βSk is the same as k of the verification key βVk). Since it is possible to confirm the authenticity of the person to be certified who submitted the electronic certificate or self-certificate.

Then, in the present embodiment, when the electronic certificate is stored in the distributed ledger, the certified person X's certified person system 20X (see FIG. 5) that records the electronic certificate in the distributed ledger via the certificate service provider system 60. , The certified person system 20Y (see FIG. 8) of the certified person Y who directly records in the distributed ledger is connected to the network 1. In the case of the former certified person system 20X, the electronic certificate created by the certified person system 20X is not recorded directly in the distributed ledger from the certified person system 20X, but via the certificate service provider system 60. Since the book is recorded in the distributed ledger (Fig. 12, Fig. 13, Fig. 5, Fig. 6), the certified person X does not have to handle the virtual currency for paying the bookkeeping fee, so that the certified person X bears the burden. Can be reduced.

Further, in the case of the former certified person system 20X, the key set β of the certified person is generated by the certified person system 20X and transmitted to the certified person terminal 40 via the certificate service provider system 60 to be certified. Since the person is to receive the key at the certified person terminal 40 (FIG. 12, FIG. 13, FIG. 5, and FIG. 6), the certified person does not need to prepare his / her own key set β. The burden on the certified person can be reduced.

Further, since the delivery of the key set β of the certified person via the certificate service provider system 60 is performed in a state of being encrypted with the common key δ between the certified person and the certified person. Since the person in charge of the certificate service provider system 60 cannot refer to the private key (decryption key βD, signature key βS) of the key set β of the certified person, the key set β of the certified person is delivered. Can be done safely.

Further, the former certificate system 20X includes information transmission means 23E (see FIG. 5) for certified persons, and the certificate service provider system 60 includes information storage means 73 for certified persons (see FIGS. 5 and 6). ), And the certified person terminal 40 is provided with the information acquisition means 42A (see FIG. 6) for the certified person, so that the pass / fail information can be passed together with the key set β of the certified person. Therefore, the certified person can receive the key set β of the certified person (self) generated by the certified person system 20X and also receive the pass / fail information of the certification test on the certified person terminal 40. In addition, the certified person X hands over the key set β of the certified person generated when creating the electronic certificate to the certified person, and at the same time, notifies the certified person of the pass / fail of the certification test. You can also do it.

Further, in the electronic certificate delivery system 10, the certified person terminal 40 includes key set transmitting means 42F, 44C, 45D for the certified person (see FIGS. 6, 7, and 8), and is a certificate service provider system. Since the 60 is equipped with the certified person key information storage means 75 (see FIGS. 6 and 7), the certified person can use the key set β of the certified person (self) as the basis of the certified person (self). It is encrypted with the encryption key βE0 of the above and stored in the certificate service provider system 60, and the self is used by using the verification key βV0 (in this embodiment, this is the certified person ID) which is the basis of the certified person (self). It is possible to obtain multiple electronic certificates and multiple self-certificates held by the company at once. Since the key set β of the certified person is stored in the certificate service provider system 60 in an encrypted state, the person in charge of the certificate service provider system 60 can perform the key set β of the certified person. Since the private key (decryption key βD, signing key βS) cannot be referred to, the key set β of the certified person can be safely stored.

In the electronic certificate delivery system 10, the certificate service provider system 60 is configured to record the electronic certificate in the distributed ledger after the certified person requests the book or an operation equivalent thereto. There is. That is, the certificate service provider system 60 includes an electronic certificate proxy bookkeeping means 63 and an electronic certificate storage means 74 (see FIGS. 5 and 6), and the electronic certificate proxy bookkeeping means 63 has FIGS. 12 and 13. As shown in the above, after the electronic certificate received from the certified person system 20 is stored in the electronic certificate storage means 74, the certified person requests the certified person to record in the distributed ledger from the certified person terminal 40, or this bookkeeping. The electronic certificate stored in the electronic certificate storage means 74 is stored in the distributed ledger at the timing when the access is made by the operation corresponding to the request. Therefore, it is possible to record the electronic certificates of the plurality of certified persons generated by the certified person system 20 in the distributed ledger, instead of centralizing them at one time, but distributing them in time. Therefore, since the bookkeeping process to the distributed ledger, which takes a relatively long time, can be performed in a distributed manner, it is possible to avoid the occurrence of a load that is concentrated on the certificate service provider system 60 that performs proxy bookkeeping for a period of time. .. In addition, instead of making a book in the distributed ledger immediately after the first access to the certificate service provider system 60 for pass / fail confirmation by the certified person, it corresponds to the bookkeeping request or this bookkeeping request by the certified person. Since the access is performed after the access is performed, the certified person can also record in the distributed ledger at an appropriate timing. For example, in the case of requesting the certified person to bear the cost for recording in the distributed ledger, when the certified person only confirms the pass / fail, the certified person does not incur the cost burden and the intention of recording in the distributed ledger is confirmed. Since it is possible to incur a cost burden on the certified person by performing the bookkeeping at the stage where the bookkeeping is performed, it is possible to realize the bookkeeping at a preferable timing for the certified person.

Further, as shown in FIG. 9, the electronic certificate delivery system 10 includes the My Page creation means 46A of the certified person terminal 40, the My Page creation assisting means 68A of the certificate service provider system 60, and the My Page transmission means 68B. Therefore, the certified person can submit an electronic certificate or a self-certification to the recipient using My Page. Then, the recipient can easily receive the electronic certificate or the self-certificate with the general-purpose WEB browser mounted on the recipient terminal 90.

Further, the electronic certificate submitted using My Page can be subjected to the certifier signature verification process by the certifier confirmation means 91C (see FIG. 9) on the recipient terminal 90, so that the recipient receives it. When receiving My Page with a general-purpose WEB browser mounted on the personal terminal 90, My Page (or another WEB page received from the certificate service provider system 60 before displaying the My Page may be used). By the program attached to the above, the process can be easily performed without being particularly aware that the certified person signature verification process is performed.

In addition, in the electronic certificate delivery system 10, any number of My Pages containing electronic certificates and self-certificates can be created in various posting formats (see FIG. 18), so to any recipient. Depending on whether you submit an electronic certificate or a self-certificate, you can prepare various posting formats of My Page. Therefore, you may post the contents of all the electronic certificates and self-certificates you own on My Page, but you may also post the contents of some electronic certificates and some self-certificates. Often, some electronic certificates and some self-certificates can be changed at will depending on the recipient who will receive them in the future. Then, in such a case, each recipient will access the URL of each My Page with different contents prepared by one or one group of certified persons.

Further, the My Page creating means 46A (see FIG. 9) is an anonymous page 300 for anonymously submitting the contents of the electronic certificate and the self-certificate to the recipient as My Page, as shown in FIG. , A real name page 400 for submitting the contents of the electronic certificate or self-certification to the recipient with the real name can be created. For both anonymous pages and real name pages, the text display units 320 and 420 that display the contents of the electronic certificate and self-certification in text format and the certificate image display units 310 and 410 that display the contents of the certificate image format. And are provided. Therefore, when submitting an electronic certificate or self-certificate using My Page, you can also submit anonymously or with your real name, and you can submit electronic certificates and self-certificates in various forms. It can be realized.

Further, since the My Page creation means 46A (see FIG. 9) can create the certificate image display units 310 and 410 (see FIG. 19) of the anonymous page and the real name page by using the template, the anonymous page can also be created. , You can easily create a real name page.

Then, in the electronic certificate delivery system 10, the certified person can create a self-certificate. Therefore, the certified person can also submit the contents of the self-certification to the recipient, and can submit more information about the qualifications held by the recipient. Furthermore, since the content of the self-certification can be posted on My Page, it is possible to further diversify the form of information provision to recipients using My Page.

Further, for the self-certification, the My Page creation means 46A (see FIG. 9) creates a certificate image display unit 410 of the real name page 400 using the image data of the paper certificate, and the certificate image of the anonymous page 300. The display unit 310 can be created by masking (see FIG. 19). Therefore, when the content of the self-certificate is provided to the recipient in the certificate image format, both anonymous provision and real name provision can be realized.

Further, the My Page creation means 46A (see FIG. 9) selects to mask the personal information part of the self-certification by using the masking information on the certificate image display unit 310 (see FIG. 19) of the anonymous page 300. Since it is possible, the content of the self-certification can be provided to the recipient in more detail by the certificate image display unit 310 of the anonymous page 300, as compared with the case of masking the entire image. Further, since the masking process using the masking information is selected by the certified person, it is possible to give diversity to the form of providing the contents of the self-certification certificate. For example, if the certified person finds it troublesome or difficult to specify the input of masking information, or if the certified person terminal 40 is not suitable for specifying the input of masking information, the input specification is not performed. May be good.

The certificate service provider system 60 includes an intermediary means 69 (see FIG. 10), a recipient information storage means 80 (see FIG. 10), and an intermediary information storage means 81 (see FIG. 10) that mediate between the certified person and the recipient. Since FIG. 11) is provided, the My Page creation assisting means 68A (see FIGS. 10 and 9) of the certificate service provider system 60 is used as an intermediary process when the recipient creates the My Page. The aggregated result of the recruitment conditions can be transmitted to the My Page creation means 46A (see FIGS. 10 and 9) of the certified person terminal 40 via the network 1. Therefore, the certified person can create a more appropriate or effective My Page by referring to the aggregated result of the recruiting conditions of the recipient (see FIG. 21).

In addition, since the My Page creation means 46A (see FIG. 9) can post intellectual property information in addition to the possession qualification information on My Page, the certified person can post more self to the recipient. Can provide information about.

Further, since the mediation means 69 includes the mediation information setting means 69A, the recipient information input reception means 69B, the condition-matching my page extraction means 69C, and the my page URL automatic transmission means 69D (see FIG. 10), it is certified. As an intermediary process between the recipient and the recipient, the URL of My Page that matches the recruiting conditions of the recipient can be automatically sent to the recipient. Therefore, as shown in FIG. 20, if the certified person has created a My Page that matches his / her recruiting conditions, the recipient may passively wait for the certified person to provide the My Page. Instead, you can actively refer to the My Page by yourself, so you can realize smooth and effective mediation between the certified person and the recipient.

In addition, the intermediary information setting means 69A receives information on whether or not the qualifications possessed by the certified person can be activated, and the condition-matching My Page extraction means 69C holds qualifications that match the recruiting conditions from all the certified persons. When extracting the certified person, the extraction process using the activated qualification is executed, so it matches the recruiting conditions of the recipient while respecting the intention of the certified person to utilize the possessed qualification. The URL of My Page can be automatically sent to the recipient. For example, if a certified person who holds a qualification thinks that it is premature to work with that qualification or does not want to accept it for some reason, respect that intention. It is possible to realize the mediation processing.

<Form of deformation>

The present invention is not limited to the above embodiment, and modifications and the like within the range in which the object of the present invention can be achieved are included in the present invention.

For example, in the above-described embodiment, an explanation is given using an electronic certificate issued by a certification operator who conducts a certification test (written, practical skill, dictation, and various certification tests based on a combination thereof) as an example. However, the electronic certificate of the present invention is not limited to this, and a wider range of electronic certificates certify the abilities, achievements, activities, status, status, etc. of the certified person to the certified person. included. For example, a graduation certificate, a certificate of completion, a certificate of enrollment, a certificate of background certifying that you have a special job, a certificate of appreciation given for lifesaving or social service activities, a passport, a driver's license. Includes delay certificates due to accidents such as trains, passports, parking permits, road occupancy permits, flight permits, etc. In addition, the electronic certificate may be issued by a public institution or a private company.

Further, in the above embodiment, pass / fail information is output to the examinee file (CSV file or the like) as shown in FIG. 5, and the pass / fail information is received from the certified person system 20 as shown in FIGS. 5 and 6. It was handed over to the certified person terminal 40, and as shown in FIG. 17, a display indicating that it failed or a display when it passed was displayed. However, the certification test handled by the present invention passes or fails in this way. It is not limited to tests that generate information, but also includes tests that do not fail, that is, tests that do not have the concept of pass / fail. For example, if the result of taking the test, the rank is determined by the grade, and the rank is the certification content, or if the score as the test result is the certification content, there may be no state of failure. In such a case, the pass / fail information is not output to the examinee file (CSV file, etc.), so that even if there is no "pass / fail information" passed from the certified person to the certified person in the above embodiment. Good (may be NULL data). In this case, the fail notification screen 200 of FIG. 17 is not displayed, and the pass notification screen 210 of FIG. 17 is not a pass notification screen but a test result notification screen, and the certificate image display unit 211 for pass notification. Is a certificate image display unit for notification of test results. Similarly, the pass / fail notification and the pass confirmation in FIG. 8 may be the test result notification and the test result confirmation in the certification test in which the pass / fail information is not generated. In addition, the names of pass / fail confirmation ID, pass / fail confirmation URL, and pass / fail confirmation WEB page are also used in certification tests where pass / fail information does not occur, such as test result confirmation ID, test result confirmation URL, and test result confirmation WEB page. May be.

Then, in the case of a certification test in which pass / fail information is generated, pass / fail information is passed from the certified person to the certified person regardless of whether the test is passed or failed, as in the above embodiment. The generation and delivery of βk (any of k = 1, 2, ..., N) is performed only when the electronic certificate is delivered (see FIGS. 5 and 6). Therefore, the electronic certificate will be issued (created) when it passes, and the electronic certificate will be handed over. Therefore, the key set βk of the certified person will be generated and handed over only when it passes. ..

On the other hand, in the case of a certification test in which pass / fail information is not generated, the pass / fail information is not output to the examinee file (CSV file, etc.) as described above, and the pass / fail information is not passed, but the certified person's key set βk. The generation and delivery of (any of k = 1, 2, ..., N) will be performed for all examinees (certified persons). In other words, since there is no concept of pass / fail, an electronic certificate will be issued (created) to all examinees regardless of pass / fail, and the electronic certificate will be handed over. The generation and delivery of the set βk is also performed for all test takers.

As described above, the electronic certificate delivery system and program of the present invention are, for example, when a job seeker or a cloud worker proves his / her ability or conducts self-promotion to a job seeker or a work requester. Suitable for issuance and receipt of electronic certificates used in.

1 Network 2 Peer-to-peer network for forming a distributed ledger (P2P network)
10 Electronic certificate delivery system 20 Certified person system 20X Certified person system that does not have direct access to the distributed ledger 20Y Certified person system that has direct access to the distributed ledger 23B Key set generation means 23C Electronic certificate creation means 23D Certification Person-side common key generation means 23E Information transmission means for certified persons 24 Electronic certification registration means 25B Electronic certification creation means 25C Electronic certification registration means 40 Certified person terminal 40P Certified without direct access to distributed ledger Person terminal 40Q Certified person terminal that directly accesses the distributed ledger 42A Information acquisition means for certified person 42C Common key generation means for certified person 42D Key set decryption means for certified person 42F Key set transmission for certified person Means 43 Electronic certificate acquisition means 45B Electronic certificate acquisition means 46 Electronic certificate submission means 46A My page creation means 46C Certified person confirmation response means 60 Certificate service provider system 63 Electronic certificate proxy bookkeeping means 65A Certification ID transmission means 65B Information delivery means for certified persons 65D Additional registration means for certified person key information 66 Electronic certificate proxy acquisition means 67B Paper certificate image acquisition means 67C Text conversion means 67D Extraction means 67E Self-certification creation means 68A My page creation assistance means 68B My page transmission means 69 Mediation means 69A Mediation information setting means 69B Recipient information input reception means 69C Condition matching My page extraction means 69D My page URL automatic transmission means 72 Setting information storage means 73 Information storage means for certified persons 74 Electronic certification Certificate storage means 75 Certified person key information storage means 76 Template storage means 78 Self-certification certificate storage means 79 My page storage means 80 Recipient information storage means 81 Mediation information storage means 90 Recipient terminal 91 Electronic certificate receiving means 91A My page Display means 91C Certified person confirmation means 91D Certified person confirmation means 100 Participant nodes that make up the distributed ledger

Claims (12)

An electronic certificate delivery system consisting of a computer that performs processing related to the delivery of an electronic certificate from a qualified person to a certified person.
Multiple participant nodes that make up the distributed ledger are connected by a peer-to-peer network for forming the distributed ledger, and
The certified person system operated and managed by the certified person, the certified person terminal operated by the certified person, and the certificate service provider system that provides the service related to the electronic certificate are other than the peer-to-peer network. The certificate service provider system is connected to the participant node and is connected to the participant node.
The certified person system is
A key set generation means that performs a process of generating an authorized person's key set consisting of an authorized person's decryption key, encryption key, signature key, and verification key.
The certified person's verification key, the certified person's verification key, the credential information including the certified name, and the certified person's verification key, the certified person's verification key, and the certified person's signature key for the credential information. Electronic certificate creation means that performs the process of creating an electronic certificate, including
A common key generation means on the certified person side that executes a process of generating a common key between the certified person and the certified person by using the personal authentication information predetermined between the certified person and the certified person.
The certified person is the person to be certified from the hash value or other conversion information obtained from the person authentication information, or the person identification information predetermined between the certified person and the certified person as information different from the person authentication information. An ID for receiving a key set for receiving a key set is created, and the key set of the certified person generated by the key set generation means is encrypted with the common key generated by the common key generation means on the authorized person side, and encrypted. An information transmission means for the certified person that executes a process of transmitting the converted key set of the certified person to the certificate service provider system via the network together with the key set receiving ID.
Including an electronic certificate recording means that executes a process of transmitting the electronic certificate created by the electronic certificate creating means to the certificate service provider system via the network in order to register the electronic certificate in the distributed ledger. Configured
The certificate service provider system is
An electronic certificate proxy bookkeeping means that executes a process of storing the electronic certificate received from the certified person system via the network in the distributed ledger.
The electronic certificate stored in the distributed ledger is acquired by using the verification key of the certified person transmitted from the certified person terminal via the network, and the acquired electronic certificate is used in the network. Electronic certificate proxy acquisition means that executes the process of transmitting to the certified person's terminal via
An information storage means for certified persons that stores an encrypted key set of a certified person transmitted from the certified person system via the network in association with the key set receiving ID.
The key set receiving ID transmitted from the certified person terminal via the network is received, and is stored in the information storage means for the certified person in association with the received key set receiving ID. It is configured to include an information delivery means for the certified person that executes a process of transmitting the encrypted key set of the certified person to the certified person terminal via the network.
The certified person terminal is
A common key generation means on the certified person side that accepts the input of the personal authentication information and executes a process of generating the common key using the input personal authentication information.
The key set receiving ID is created by obtaining a hash value or other conversion information from the input personal authentication information, or by accepting the input of the personal identification information, and the created key set receiving ID is used. , An information acquisition means for certified persons that executes a process of acquiring an encrypted key set of a certified person by transmitting to the certificate service provider system via the network.
The certified person who executes the process of decrypting the encrypted key set of the certified person acquired by the information acquisition means for the certified person using the common key generated by the common key generation means on the certified person side. Key set decryption means and
By transmitting the verification key of the certified person included in the key set of the certified person to the certificate service provider system via the network, the electronic certificate stored in the distributed ledger is acquired. An electronic certificate delivery system characterized by including electronic certificate acquisition means for performing processing. The information transmission means for the certified person of the certified person system is
A process of transmitting the encrypted key set of the certified person and the pass / fail information to the certificate service provider system via the network together with the key set receiving ID that is also used as the pass / fail confirmation ID is executed. It is composed and
The information storage means for the certified person of the certificate service provider system is
The encrypted key set of the certified person and the pass / fail information are stored in association with the key set receiving ID.
The information acquisition means for the certified person of the certified person terminal is
The key set receiving ID is created by obtaining a hash value or other conversion information from the input personal authentication information, or by accepting the input of the personal identification information, and the created key set receiving ID is used. It is characterized in that it is configured to execute a process of acquiring an encrypted key set of the certified person and pass / fail information by transmitting the information to the certificate service provider system via the network. The electronic certificate delivery system according to claim 1. The certified person terminal is
The key set of the certified person decrypted using the common key by the key set decryption means for the certified person is encrypted using the basic encryption key of the certified person, and the encrypted key set of the certified person is obtained. It is configured to include a key set transmission means for the certified person, which performs a process of transmitting to the certificate service provider system together with the verification key of the certified person's basics or an alternative certified person ID.
The certificate service provider system is
Includes a certified person key information storage means that stores an encrypted certified person's key set for at least one electronic certificate in association with a certified person's underlying verification key or an alternative certified person's ID. Consists of
The electronic certificate acquisition means of the certified person terminal is
When the electronic certificate held by the certified person stored in the distributed ledger is collectively acquired, the certified person's basic verification key or the certified person ID in place of the verification key is obtained via the network. Encrypted certified person stored in the certified person key information storage means associated with the certified person's basic verification key or an alternative certified person ID by transmitting to the certificate service provider system. All of the acquired key sets of the certified person are acquired, and all of the obtained encrypted key sets of the certified person are decrypted using the decryption key of the certified person and included in each of the decrypted key sets of the certified person. By transmitting all of the verification keys of the certified person to the certificate service provider system, a process of collectively acquiring the electronic certificate held by the certified person stored in the distributed ledger is executed. The electronic certificate delivery system according to claim 1 or 2, characterized in that it is configured. The certificate service provider system is
It is configured to include an electronic certificate storage means for storing the electronic certificate transmitted from the certified person system via the network.
The electronic certificate proxy bookkeeping means of the certificate service provider system is
After storing the electronic certificate received from the certified person system via the network in the electronic certificate storage means, the certificate service for the certified person to confirm the pass / fail from the certified person terminal. After the first access to the business system, and at the timing when a successful candidate among the certified persons makes a request to record the electronic certificate in the distributed ledger or an operation corresponding to this bookkeeping request. The electronic certificate according to any one of claims 1 to 3, wherein the electronic certificate stored in the electronic certificate storage means is stored in the distributed ledger. Delivery system. The network
The recipient terminal operated by the recipient who receives the submission of the electronic certificate from the certified person is connected.
The certified person terminal is
Electronic certificate submission means that executes a process of transmitting the electronic certificate acquired by the electronic certificate acquisition means directly to the recipient terminal via the network or via the certificate service provider system. Consists of including
The recipient terminal is
A certified person using the certified person's verification key and the certified person's signature contained in the electronic certificate received directly from the certified person terminal via the network or via the certificate service provider system. 1. Electronic certificate delivery system. The means for submitting the electronic certificate of the certified person terminal is
Using the electronic certificate acquired by the electronic certificate acquisition means, My Page for executing the process of creating a My Page containing the contents of the electronic certificate held by the certified person for submission to the recipient. Consists of creation means
The certificate service provider system is
My page that assists the creation of the My Page by the My Page creation means of the certified person terminal, automatically assigns a URL to the created My Page, and executes a process of storing the My Page in the My Page storage means. Creation assistance means and
In response to the access to the URL of the My Page from the recipient terminal, the My Page stored in the My Page storage means and the electronic certificate posted on the My Page are transmitted via the network. The electronic certificate delivery system according to claim 5, further comprising a My Page transmission means for executing a process of transmitting to the recipient terminal. The certificate service provider system is
An intermediary means that carries out processing related to intermediation between the certified person and the recipient who requests the certified person to work,
It is configured to include an intermediary information storage means that stores information on the qualifications of the certified person for whom the electronic certificate is issued in association with the verification key of the certified person's basics or an alternative certified person ID. ,
The intermediary means
Accepts the information on whether or not the URL of the My Page can be automatically transmitted, which is input by the certified person and is transmitted from the terminal of the certified person via the network, and the information on whether or not the URL of the My Page is automatically transmitted is received. As information on the possessed qualifications of the certified person, a mediation information setting means that executes a process of associating with the verification key of the certified person's basics or a substitute ID of the certified person and storing it in the mediation information storage means, and
Recruitment conditions determined by the qualifications that the recipient seeks from the certified person, which is input by the recipient who requests the certified person to work and is transmitted from the recipient terminal via the network, and the recipient's Recipient information input receiving means that executes the process of accepting recipient information including contact information,
Using the information regarding the qualifications of each certified person stored in the mediation information storage means and the recruiting conditions received by the recipient information input receiving means, the recruiting conditions are selected from all the certified persons. The certified person who holds the qualification that matches the above is extracted, and among all the My Page created by each of the extracted My Page, the My Page URL can be automatically transmitted. A condition-matched My Page extraction means that executes a process of extracting the My Page, which is a page and contains information on possession qualifications that match the recruiting conditions.
My page URL automatic transmission means for executing a process of transmitting the URL of the My Page extracted by the condition-matching My Page extraction means to the contact information of the recipient received by the recipient information input receiving means via the network. The electronic certificate delivery system according to claim 6, wherein the electronic certificate delivery system is configured to include and. The mediation information setting means of the mediation means
Accepts the information on whether or not the certified person's possession qualification can be activated, which is input by the certified person as information indicating whether or not the job can be accepted using the qualification and is transmitted from the certified person's terminal via the network. The information on whether or not to activate each of the received qualifications is stored in the intermediary information storage means as information on the qualifications of the certified person in association with the basic verification key of the certified person or an alternative certified person ID. It is configured to execute processing as well.
The condition-matching my page extraction means of the mediation means is
When extracting a certified person who holds a qualification that meets the above-mentioned recruiting conditions from all the certified persons, the feature is that the extraction process using the activated qualification is executed. The electronic certificate delivery system according to claim 7. A program for operating a computer as a certified person system constituting the electronic certificate delivery system according to any one of claims 1 to 8. A program for operating a computer as a terminal of a certified person constituting the electronic certificate delivery system according to any one of claims 1 to 8. A program for operating a computer as a certificate service provider system constituting the electronic certificate delivery system according to any one of claims 1 to 8. A program for operating a computer as a recipient terminal constituting the electronic certificate delivery system according to any one of claims 5 to 8.

Images