JP6999013B1 - Data receiving device, data receiving method and data receiving program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To realize spoofing prevention and non-repudiation prevention without depending on a third-party certification body. A data acquisition unit 311 acquires electronic data that is an electronic data delivered from a participant at a meeting and has an electronic signature of the participant. The signature verification unit 313 verifies the electronic signature attached to the electronic data using the personal certificate which is the participant's certificate data, and determines whether or not the electronic signature is valid. When the digital signature is determined to be valid, the certificate storage unit 315 stores the personal certificate as authenticated certificate data in the storage device. [Selection diagram] FIG. 4

Description

The present disclosure relates to an electronic signature technology using a public key cryptosystem.

The electronic signature technology is a technology that realizes falsification detection of electronic data, spoofing prevention, and non-repudiation prevention.

Patent Document 1 describes a method for generating an electronic business card with an electronic signature including a certificate. Patent Document 2 describes a method of generating an electronic business card with an electronic signature that does not include a certificate and obtaining a public key from the service of a business card issuing organization.

Japanese Unexamined Patent Publication No. 2006-09716 Japanese Unexamined Patent Publication No. 2007-288546

In the method described in Patent Document 1, falsification can be detected by verifying the electronic signature using the public key included in the certificate. However, spoofing prevention and non-repudiation prevention depend on the reliability of the certificate attached to the digital signature. Therefore, the certificate given to the electronic signature must be issued by a trusted government agency or a private third-party certification body.

In the method described in Patent Document 2, falsification can be detected by verifying the electronic signature using the public key obtained from the service of the business card issuing organization. However, since there is no sufficient basis to trust the service of the business card issuing organization, it is not possible to realize spoofing prevention and non-repudiation prevention.

The purpose of this disclosure is to make it possible to prevent spoofing and non-repudiation without relying on a third-party certification body.

The data receiving device according to the present disclosure is
The data acquisition unit that acquires the electronic data that is the electronic data passed from the participants at the meeting and has the electronic signature of the participants.
The electronic signature attached to the electronic data acquired by the data acquisition unit is verified using a personal certificate which is the certificate data of the participant, and whether or not the electronic signature is valid is verified. The signature verification unit for judgment and
When the signature verification unit determines that the electronic signature is valid, the signature storage unit includes a certificate storage unit that stores the personal certificate as authenticated certificate data in a storage device.

The certificate storage unit stores the personal certificate as authenticated certificate data in the storage device together with evidence data indicating that the participant participated in the meeting.

The data acquisition unit acquires the electronic data by receiving the electronic data from the data transmission device used by the participant or by reading the print information printed on the paper passed from the participant. ..

The electronic data is digitized business card data.

The storage device is a shared storage device accessible to other data receiving devices.

The electronic signature includes the affiliation certificate which is the certificate data of the affiliation of the participant.
When the electronic signature is determined to be valid, the certificate storage unit stores the personal certificate and the affiliation certificate in the storage device as authenticated certificate data.

The electronic signature includes server information indicating the server to which the participant belongs, and the electronic signature includes server information indicating the server to which the participant belongs.
The data receiving device further
A validity check unit for acquiring a determination result of whether or not the personal certificate is valid from the server indicated by the server information is provided.
The certificate storage unit determines that the electronic signature is valid, and the determination result obtained by the validity confirmation unit indicates that the personal certificate is valid. The document and the certificate of affiliation are stored in the storage device as authenticated certificate data.

The data acquisition unit acquires other electronic data with the electronic signature, and obtains the data.
The signature verification unit verifies the electronic signature attached to the other electronic data using the personal certificate stored in the storage device, and determines whether or not the electronic signature is valid. do.

The data receiving method according to this disclosure is
The data acquisition department acquires the electronic data that is the electronic data passed from the participants at the meeting and has the electronic signature of the participants.
The signature verification unit verifies the electronic signature attached to the electronic data using the personal certificate which is the certificate data of the participant, determines whether or not the electronic signature is valid, and determines whether or not the electronic signature is valid.
When the certificate storage unit determines that the electronic signature is valid, the certificate storage unit stores the personal certificate in the storage device as authenticated certificate data.

The data receiving program related to this disclosure is
Data acquisition processing to acquire electronic data that is the electronic data passed from the participants at the meeting and has the electronic signature of the participants.
The electronic signature attached to the electronic data acquired by the data acquisition process is verified using a personal certificate which is the certificate data of the participant, and whether or not the electronic signature is valid is verified. Signature verification process to judge and
The computer functions as a data receiving device that performs a certificate storage process of storing the personal certificate as authenticated certificate data in a storage device when the digital signature is determined to be valid by the signature verification process. Let me.

In this disclosure, the certificate data used for verification of the electronic data delivered from the participants at the meeting is stored as certified certificate data. The certified certificate data is credible that it was able to verify the electronic data obtained from the participants attending the meeting. Therefore, if the electronic signature is verified using the certified certificate data, it is possible to prevent spoofing and non-repudiation without depending on a third-party certification body.

The block diagram of the communication system 100 which concerns on Embodiment 1. FIG. The block diagram of the transmitting side server 10 which concerns on Embodiment 1. FIG. The block diagram of the data transmission apparatus 20 which concerns on Embodiment 1. FIG. The block diagram of the data receiving apparatus 30 which concerns on Embodiment 1. FIG. The block diagram of the receiving side server 40 which concerns on Embodiment 1. FIG. The flowchart which shows the flow of the whole processing of the communication system 100 which concerns on Embodiment 1. The flowchart of the business card generation processing which concerns on Embodiment 1. An explanatory diagram of an electronic signature according to the first embodiment. The flowchart of the business card exchange process which concerns on Embodiment 1. The flowchart of the business card exchange process which concerns on Embodiment 1. The flowchart of the certificate trust processing which concerns on Embodiment 1. The flowchart of the certificate sharing process which concerns on Embodiment 1. The flowchart of the electronic data acquisition process which concerns on Embodiment 1. The block diagram of the communication system 100 which concerns on modification 4.

Embodiment 1.
*** Explanation of configuration ***
The configuration of the communication system 100 according to the first embodiment will be described with reference to FIG.
The communication system 100 includes a transmitting side server 10, a data transmitting device 20, a data receiving device 30, and a receiving side server 40.
The transmission side server 10 and the data transmission device 20 are connected to each other via a transmission line 91. The data transmitting device 20 and the data receiving device 30 are connected to each other via a transmission line 92. The data receiving device 30 and the receiving side server 40 are connected to each other via a transmission line 93. The transmission line 91 and the transmission line 93 are, as a specific example, a LAN (Local Area Network) or a dedicated line. The transmission line 92 is, as a specific example, the Internet.

The configuration of the transmitting side server 10 according to the first embodiment will be described with reference to FIG.
The transmitting server 10 is a server to which the original user who is the user of the data transmitting device 20 belongs.
The transmitting server 10 includes hardware such as a processor 11, a memory 12, a storage 13, and a communication interface 14. The processor 11 is connected to other hardware via a signal line and controls these other hardware.

The transmitting server 10 includes an authentication unit 111, a business card issuing unit 112, a printing unit 113, a certificate management unit 114, and a key generation unit 115 as functional components. The functions of each functional component of the transmitting server 10 are realized by software.
The storage 13 stores a program that realizes the functions of each functional component of the transmitting server 10. This program is read into the memory 12 by the processor 11 and executed by the processor 11. As a result, the functions of each functional component of the transmitting server 10 are realized.

The storage 13 stores the personnel data 131, the issue list 132, and the revocation list 133.

The configuration of the data transmission device 20 according to the first embodiment will be described with reference to FIG.
The data transmission device 20 is a PC (Personal) used by a source user who transmits data.
Computers) and computers such as smartphones.
The data transmission device 20 includes hardware for a processor 21, a memory 22, a storage 23, and a communication interface 24. The processor 21 is connected to other hardware via a signal line and controls these other hardware.

The data transmission device 20 includes an issuance request unit 211, a data transmission unit 212, a printing unit 213, and a signature generation unit 214 as functional components. The functions of each functional component of the data transmission device 20 are realized by software.
The storage 23 stores a program that realizes the functions of each functional component of the data transmission device 20. This program is read into the memory 22 by the processor 21 and executed by the processor 21. As a result, the functions of each functional component of the data transmission device 20 are realized.

The configuration of the data receiving device 30 according to the first embodiment will be described with reference to FIG.
The data receiving device 30 is a computer such as a PC and a smartphone used by a destination user who is a user who receives data.
The data receiving device 30 includes hardware including a processor 31, a memory 32, a storage 33, and a communication interface 34. The processor 31 is connected to other hardware via a signal line and controls these other hardware.

The data receiving device 30 includes a data acquisition unit 311, a certificate extraction unit 312, a signature verification unit 313, a validity confirmation unit 314, and a certificate storage unit 315 as functional components. The functions of each functional component of the data receiving device 30 are realized by software.
The storage 33 stores a program that realizes the functions of each functional component of the data receiving device 30. This program is read into the memory 32 by the processor 31 and executed by the processor 31. As a result, the functions of each functional component of the data receiving device 30 are realized.

The storage 33 stores the authenticated certificate data 331 and the basis data 332.

The configuration of the receiving side server 40 according to the first embodiment will be described with reference to FIG.
The receiving server 40 is a server to which the destination user of the data receiving device 30 belongs.
The receiving server 40 includes hardware such as a processor 41, a memory 42, a storage 43, and a communication interface 44. The processor 41 is connected to other hardware via a signal line and controls these other hardware.

The receiving server 40 includes an authentication unit 411 and a certificate synchronization unit 412 as functional components. The functions of each functional component of the receiving server 40 are realized by software.
The storage 43 stores a program that realizes the functions of each functional component of the receiving server 40. This program is read into the memory 42 by the processor 41 and executed by the processor 41. As a result, the functions of each functional component of the receiving server 40 are realized.

The storage 43 stores the authenticated certificate data 431 and the evidence data 432.

Processors 11, 21, 31, and 41 are ICs (Integrated Circuits) that perform processing. Specific examples of the processors 11,21,31,41 are a CPU (Central Processing Unit), a DSP (Digital Signal Processor), and a GPU (Graphics Processing Unit).

The memories 12, 22, 32, and 42 are storage devices for temporarily storing data. Specific examples of the memories 12, 22, 32, and 42 are SRAM (Static Random Access Memory) and DRAM (Dynamic Random Access Memory).

The storages 13, 23, 33, and 43 are storage devices for storing data. The storages 13, 23, 33, and 43 are, as a specific example, an HDD (Hard Disk Drive). The storages 13, 23, 33, and 43 are SD (registered trademark, Secure).
It may be a portable recording medium such as a Digital memory card, CF (CompactFlash, registered trademark), NAND flash, flexible disk, optical disk, compact disk, Blu-ray (registered trademark) disk, DVD (Digital Versaille Disc).

Communication interfaces 14, 24, 34, 44 are interfaces for communicating with an external device. Specific examples of the communication interfaces 14, 24, 34, and 44 are Ethernet (registered trademark), USB (Universal Serial Bus), and HDMI (registered trademark, High-Definition Multimedia Interface) ports.

In FIG. 2, only one processor 11 is shown. However, the number of processors 11 may be plural, and the plurality of processors 11 may execute programs that realize each function in cooperation with each other. Similarly, the processors 21, 31 and 41 of FIGS. 3 to 5 may be plural, and the plurality of processors 21, 31 and 41 may execute programs for realizing each function in cooperation with each other.

*** Explanation of operation ***
The operation of the communication system 100 according to the first embodiment will be described with reference to FIGS. 6 to 13.
The operation procedure of the communication system 100 according to the first embodiment corresponds to the communication method according to the first embodiment. Further, the program that realizes the operation of the communication system 100 according to the first embodiment corresponds to the communication program according to the first embodiment.
In particular, the operation procedure of the data receiving device 30 in the communication system 100 according to the first embodiment corresponds to the data receiving method according to the first embodiment. Further, the program that realizes the operation of the data receiving device 30 in the communication system 100 according to the first embodiment corresponds to the data receiving program according to the first embodiment.

The overall processing flow of the communication system 100 according to the first embodiment will be described with reference to FIG.
(Step S1: Business card generation process)
The transmitting server 10 generates business card data with an electronic signature and transmits it to the data transmitting device 20.

(Step S2: Business card exchange process)
The former user of the data transmitting device 20 and the destination user of the data receiving device 30 exchange business card data at a meeting. A meeting is a gathering of meetings and events such as parties. The meeting may be face-to-face or online.

(Step S3: Certificate trust processing)
The data receiving device 30 verifies the electronic signature attached to the business card data acquired in step S2, and stores the certificate used for the verification as the authenticated certificate data 331 in the storage 33 which is a storage device. At this time, the data receiving device 30 stores the ground data 332 indicating the validity of the certificate used for the verification together with the authenticated certificate data 331 in the storage device in the storage device 33.

(Step S4: Certificate sharing process)
The receiving side server 40 has a pair of authenticated certificate data 331 and evidence data 332 stored in the storage 33 of the data receiving device 30, and authenticated certificate data 331 and evidence data 332 stored in the storage 43. Synchronize with the pair.

The business card generation process (step S1 in FIG. 6) according to the first embodiment will be described with reference to FIG. 7.
(Step S11: Generation request processing)
The issuance request unit 211 of the data transmission device 20 requests the transmission side server 10 to issue business card data.
Specifically, the issuing request unit 211 transmits the request data for requesting the issuance of the business card data to the transmitting side server 10. Then, the authentication process by the authentication unit 111 of the transmission side server 10 is performed. If the authentication is successful, the request data is accepted by the business card issuing unit 112 of the sending server 10.
The authentication process is a process of determining whether or not the data transmission device 20 is an appropriate device. An existing method is used as the authentication processing method.

(Step S12: Business card issuance process)
The business card issuing unit 112 generates business card data with an electronic signature.
Specifically, the business card issuing unit 112 refers to the personnel data 131 and specifies the attribute information of the original user corresponding to the data transmitting device 20 of the transmitting source of the request data. The attribute information is information such as the department to which the employee belongs, the name, and the telephone number. The business card issuing unit 112 generates business card data indicating the specified attribute information. The business card issuing unit 112 calculates the signature value of the business card data using the private key of the original user. As a specific example, the business card issuing unit 112 calculates the hash value of the business card data, and calculates the signature value by encrypting the hash value with the private key. Then, the business card issuing unit 112 attaches an electronic signature including the signature value to the business card data.
As shown in FIG. 8, the digital signature includes a signature value, a personal certificate which is the certificate data of the original user, an affiliation certificate which is the certificate data of the affiliation of the ex-user, and a contact. include. The personal certificate contains the public key of the former user. The public key of the original user is the public key corresponding to the private key used when calculating the signature value. The affiliation certificate contains the public key of the affiliation. The inquiry destination is server information indicating the server to which the user belongs.

Here, when the business card issuing unit 112 calculates the signature value, the certificate management unit 114 refers to the issuing list 132 and the revocation list 133 to determine whether or not the certificate data of the original user is valid. do. The issuance list 132 is a list showing issued certificate data, and the revocation list 133 is a list showing revoked certificate data.
Specifically, in the certificate management unit 114, when the certificate data of the original user is registered in the issue list 132 and is not registered in the revocation list 133, the certificate data of the original user is valid. Is determined to be. Then, when the certificate data of the original user is valid, the certificate management unit 114 causes the business card issuing unit 112 to calculate the signature value using the private key of the certificate data. On the other hand, when the certificate data of the original user is not valid, the certificate management unit 114 newly generates a pair of the private key and the public key, and registers the pair as new certificate data in the issue list 132. Then, the certificate management unit 114 causes the business card issuing unit 112 to calculate the signature value using the private key of the new certificate data.

(Step S13: Business card transmission process)
The business card issuing unit 112 transmits the business card data with the electronic signature generated in step S12 to the data transmission device 20 from which the request data is transmitted via the transmission path 91.

(Step S14: Business card printing process)
The business card issuing unit 112 converts the business card data with the electronic signature generated in step S12 into a reading code such as a bar code and a two-dimensional code that can be read by a reader. The printing unit 113 prints a business card displaying the reading code. The printed business card is sent to the original user corresponding to the data transmission device 20 from which the request data is transmitted.
The business card issuing unit 112 may transmit the printing data of the business card displaying the reading code to the data transmission device 20. Then, the printing unit 213 of the data transmission device 20 may print a business card displaying the reading code.

The business card exchange process (step S2 in FIG. 6) according to the first embodiment will be described with reference to FIGS. 9 and 10.
With reference to FIG. 9, the first flow of the business card exchange process according to the first embodiment will be described. The first flow is the flow when business cards are exchanged electronically.
(Step S21A: Business card transmission process)
The data transmission unit 212 of the data transmission device 20 transmits the business card data with the electronic signature transmitted in step S13 to the data reception device 30.

(Step S22A: Business card reception processing)
The data acquisition unit 311 of the data receiving device 30 receives the business card data transmitted in step S21A.

A second flow of the business card exchange process according to the first embodiment will be described with reference to FIG. 10. The second flow is the flow when business cards are exchanged using paper business cards.
(Step S21B: Business card delivery process)
The paper business card printed in step S14 is handed over from the original user of the data transmitting device 20 to the destination user of the data receiving device 30.

(Step S22B: Reading process)
The data acquisition unit 311 of the data receiving device 30 reads the reading code which is the print information printed on the paper business card passed in step S21B, and acquires the business card data with the electronic signature.

The certificate trust processing (step S3 in FIG. 6) according to the first embodiment will be described with reference to FIG.
(Step S31: Certificate extraction process)
The certificate extraction unit 312 of the data receiving device 30 inquires about the signature value, the personal certificate, the affiliation certificate, and the electronic signature attached to the business card data received in step S22A or the business card data acquired in step S22B. Extract the destination.

(Step S32: Signature verification process)
The signature verification unit 313 of the data receiving device 30 uses the personal certificate, which is the participant's certificate data, to attach the electronic signature attached to the business card data received in step S22A or the business card data acquired in step S22B. Verify and determine if the digital signature is valid.
As a specific example, the signature verification unit 313 decrypts the signature value extracted in step S31 by using the public key included in the personal certificate extracted in step S31. If the value obtained by decoding matches the hash value of the business card data, the signature verification unit 313 determines that the electronic signature is valid. On the other hand, the signature verification unit 313 determines that the electronic signature is not valid unless the value obtained by decoding matches the hash value of the business card data.
If the signature verification unit 313 determines that the electronic signature is valid, the signature verification unit 313 proceeds to step S33. On the other hand, the signature verification unit 313 ends the process when it is determined that the electronic signature is not valid.

(Step S33: Validity confirmation process)
The validity confirmation unit 314 of the data receiving device 30 accesses the server indicated by the inquiry destination extracted in step S31 and confirms the validity of the personal certificate.
Specifically, the validity confirmation unit 314 makes a validity inquiry to the sending server 10. Then, the authentication process by the authentication unit 111 of the transmission side server 10 is performed. If the authentication is successful, encrypted communication using the server certificate of the sending server 10 is performed between the validity confirmation unit 314 and the authentication unit 111. A server certificate is a certificate certified by a third-party certification body. As a specific example, the encrypted communication is a communication by SSL (Secure Sockets Layer). If the encrypted communication is successful, the validity of the sending server 10 is confirmed. Then, the certificate management unit 114 of the sender server 10 determines the validity of the personal certificate, and the determination result is notified to the validity confirmation unit 314. The process of determining the validity of the personal certificate is a process of determining whether or not the certificate data is valid based on the issue list 132 and the revocation list 133 described in step S12.
When the validity confirmation unit 314 indicates that the determination result is valid, the process proceeds to step S34. On the other hand, the validity confirmation unit 314 ends the process when it indicates that the determination result is not valid.

(Step S34: Grounds data acquisition process)
The data acquisition unit 311 of the data receiving device 30 acquires the basis data showing the validity of the personal certificate.
As a specific example, the evidence data 332 is the following (1) to (5). (1) When the meeting in step S2 is held online, the portrait image data of the former user acquired when exchanging business cards in the online meeting. (2) When the meeting in step S2 is held face-to-face, portrait image data of a former user obtained by taking a picture with a camera when exchanging business cards. (3) Minutes of the meeting in step S2. (4) Data showing the determination result that the transmitting server 10 responded to in step S33. (5) The server certificate of the sending server 10 used for encrypted communication in step S33.
(1) to (3) are data indicating that the former user participated in the meeting. In other words, when (1) to (3) are used as the basis data 332, the personal certificate is valid if the former user who passed the business card data is the person who participated in the meeting. be. On the other hand, when (4) and (5) are used as the basis data 332, the personal certificate is considered to be valid because the server certificate of the sender server 10 of the issuer of the business card data is valid. Is.

(Step S35: Certificate storage process)
The certificate storage unit 315 stores the personal certificate and the affiliation certificate extracted in step S31 as authenticated certificate data 331 in the storage 33 which is a storage device together with the basis data 332 acquired in step S34. ..

The certificate sharing process (step S4 in FIG. 6) according to the first embodiment will be described with reference to FIG.
(Step S41: Synchronous processing)
The authentication unit 411 of the receiving server 40 periodically authenticates the data receiving device 30. When the authentication is successful, the certificate synchronization unit 412 of the receiving side server 40 has the pair of the authenticated certificate data 331 and the basis data 332 stored in the storage 33 of the data receiving device 30 and the authentication stored in the storage 43. Synchronize with the pair of completed certificate data 431 and evidence data 432.
Specifically, the certificate synchronization unit 412 adds the pair only in the storage 33 to the storage 43, and adds the pair only in the storage 43 to the storage 33.

Here, the certificate synchronization unit 412 also performs synchronization processing with the data receiving device 30 of another user belonging to the destination of the destination user. Therefore, the pair stored in the storage 33 of the data receiving device 30 of the previous user is also stored in the storage 33 of the data receiving device 30 of the other user. Similarly, the pair stored in the storage 33 of the data receiving device 30 of another user is also stored in the storage 33 of the data receiving device 30 of the previous user.

Here, the certificate synchronization unit 412 has a pair of authenticated certificate data 331 and ground data 332 stored in the storage 33 of the data receiving device 30, and authenticated certificate data 431 stored in the storage 43. And the pair of evidence data 432 were synchronized.
However, the certificate storage unit 315 of the data receiving device 30 uses the pair of the authenticated certificate data 331 and the evidence data 332 as the pair of the authenticated certificate data 431 and the evidence data 432 as the storage 43 of the receiving server 40. You may write in. Further, the certificate storage unit 315 of the data receiving device 30 stores the pair of the authenticated certificate data 431 and the basis data 432 stored in the storage 43 and not stored in the storage 33 as the authenticated certificate data. It may be written to the storage 33 as a pair of 331 and the basis data 332.

The electronic data acquisition process according to the first embodiment will be described with reference to FIG.
The electronic data acquisition process is a process in which the data receiving device 30 acquires electronic data with an electronic signature from the data transmitting device 20 after the process of step S3 in FIG. For example, it is a process in which electronic data is acquired from the data transmission device 20 after the meeting in which the business card is exchanged in step S2.

(Step S51: Data transmission process)
The signature generation unit 214 of the data transmission device 20 calculates the signature value of the electronic data to be transmitted. As a specific example, the signature generation unit 214 calculates the signature value by calculating the hash value of the electronic data and encrypting the hash value with the private key. Then, the signature generation unit 214 attaches an electronic signature including the signature value to the electronic data. The structure of the electronic signature is the same as that of the electronic signature attached to the business card data, and is as shown in FIG.
The data transmission unit 212 transmits electronic data with an electronic signature to the data receiving device 30.

(Step S52: Data reception process)
The data acquisition unit 311 of the data receiving device 30 receives electronic data with an electronic signature.

(Step S53: Certificate extraction process)
The certificate extraction unit 312 of the data receiving device 30 extracts the signature value, the personal certificate, the affiliation certificate, and the inquiry destination from the electronic signature attached to the electronic data received in step S52.

The processing of steps S54 and S55 is the same as the processing of steps S32 and S33 of FIG.
Here, the personal certificate used when verifying the electronic signature in step S54 is stored in the storage 33 as the authenticated certificate data 331. Therefore, the data receiving device 30 treats the personal certificate as trusted certificate data. Therefore, if the electronic signature is verified to be valid in step S54 and the personal certificate is determined to be valid in step S55, the electronic data is determined to be valid data.

It is also conceivable that the data transmitting device 20 transmits electronic data with an electronic signature to the data receiving device 30 of another user belonging to the destination of the destination user.
Even in this case, as long as the pair of the authenticated certificate data 331 and the basis data 332 is shared in the process of step S4 of FIG. 6, the data receiving device 30 of another user can do the same. It is possible to perform electronic data acquisition processing. That is, the data receiving device 30 of another user treats the personal certificate as trusted certificate data. Therefore, if the electronic signature is verified to be valid in step S54 and the personal certificate is determined to be valid in step S55, the electronic data is determined to be valid data.

*** Effect of Embodiment 1 ***
As described above, in the communication system 100 according to the first embodiment, the data receiving device 30 stores the personal certificate obtained by exchanging business cards as the authenticated certificate data 331. In other words, a unique certificate store is built with a personal certificate that can verify the digital signature obtained by exchanging business cards. That is, if it is a personal certificate that can verify the electronic signature obtained by exchanging business cards, the certificate store is constructed assuming that it has a certain degree of reliability.
As a result, even if the personal certificate is a certificate that has not been certified by a third-party certification body, it is possible to realize not only falsification detection but also spoofing prevention and non-repudiation prevention by using the personal certificate.

In the communication system 100 according to the first embodiment, the pair of the authenticated certificate data 331 and the basis data 332 of the data receiving device 30 is shared with another data receiving device 30 by the receiving side server 40 to which the data receiving device 30 belongs.
As a result, the certificate store constructed by the user exchanging business cards is shared with other users belonging to the same organization. As a result, trusted certificates can be widely used.

In the communication system 100 according to the first embodiment, the data receiving device 30 stores the evidence data 332 together with the authenticated certificate data 331. By confirming the rationale data 332, it is possible to confirm whether the authenticated certificate data 331 is really a reliable certificate.
For example, when it is confirmed by the examination department of the affiliation that a truly reliable personal certificate is a certificate based on the evidence data 332, the receiving side receives a pair of the authenticated certificate data 331 and the evidence data 332. It is also possible to operate so that the server 40 shares it.

Further, in the communication system 100 according to the first embodiment, the affiliation certificate is stored as the authenticated certificate data together with the personal certificate. As a result, even if the affiliation certificate is a certificate that has not been certified by a third-party certification body, it is possible to realize not only falsification detection but also spoofing prevention and non-repudiation prevention by using the affiliation certificate. can.

Obtaining a certificate from a third-party credential is costly. Obtaining the personal certificate of each user belonging to an organization from a third-party credential can be very costly. On the other hand, when exchanging data with a user who belongs to an organization that has a close relationship such as with a business partner company, the identity of the other user can be confirmed to some extent without authentication by a third-party certification body. If possible, there are cases where you can trust the certificate of the other party.
In such a case, the communication system 100 according to the first embodiment can construct a certificate store accumulating reliable certificates while reducing unnecessary costs.

*** Other configurations ***
<Modification 1>
The process of step S33 in FIG. 11 is not an essential process. By executing the process of step S33, the validity of the personal certificate can be confirmed. However, even if the process of step S33 is not performed, it is possible to determine that the personal certificate is valid because the former user has participated in the meeting.
However, if the process of step S33 is not performed, the data of (4) and (5) cannot be used as the basis data 332 in step S34.

<Modification 2>
In the first embodiment, the business card data, which is the electronic data of the business card, is first acquired, stored as the authenticated certificate data 331, and then the electronic data such as the document data is acquired. However, the electronic data to be acquired first is not limited to business card data, but may be other types of data such as document data. In other words, the personal certificate used to verify the electronic signature attached to the business card data obtained by exchanging business cards is not saved as authenticated certificate data 331, but is attached to the electronic data of the documents passed at the meeting. The personal certificate used for the verification of the digital signature may be saved as the authenticated certificate data 331.

<Modification 3>
In the first embodiment, the revocation list 133 is stored in the storage 13. For example, when a notification is received from the data transmission device 20 or the like when the private key is compromised, the certificate management unit 114 adds the certificate data corresponding to the private key to the revocation list 133. If the certificate data has an expiration date, the certificate management unit 114 periodically refers to the revocation list 133 and adds the expired certificate data to the revocation list 133. As a result, the certificate data becomes revoked, the digital signature by the private key is not generated, and the certificate data is determined to be invalid. Specifically, when a user who was an employee leaves the company, a processing example of registering the certificate data of the corresponding user in the revocation list 133 in conjunction with the personnel data can be considered.
When the certificate data is added to the revocation list 133, the certificate management unit 114 may notify the user of the certificate data and urge the user to recreate the certificate data.

Further, the certificate data may be deleted from the revocation list 133 by the notification from the data transmission device 20 or the like.

<Modification example 4>
A time stamp with an electronic signature may be added to the certificate or the like.

*** Explanation of configuration ***
The configuration of the communication system 100 according to the modified example 4 will be described with reference to FIG.
The communication system 100 is different from the communication system 100 shown in FIG. 1 in that the time server 50 is provided. The time server 50 is a server that manages the time and issues a time stamp signature with an electronic signature attached to the time. The transmission side server 10, the data transmission device 20, and the time server 50 are connected to each other via a transmission line 94.

*** Explanation of operation ***
In step S12 of FIG. 7, the business card issuing unit 112 of the transmitting server 10 acquires the time when the business card data is generated and the time stamp signature with an electronic signature attached to the time from the time server 50. Then, the business card issuing unit 112 attaches the acquired time and time stamp signature to the business card data.
As a result, the time when the business card data is generated is proved by the external time server 50.

In step S51 of FIG. 13, the signature generation unit 214 of the data transmission device 20 transmits the time when the signature value of the electronic data to be transmitted is calculated and the time stamp signature with the electronic signature attached to the time from the time server 50. get. Then, the signature generation unit 214 attaches the acquired time and time stamp signature to the electronic data.
As a result, the time when the electronic data is digitally signed is proved by the external time server 50.

The validity confirmation unit 314 of the data receiving device 30 may determine whether or not to trust the business card data or the electronic data depending on whether or not the time attached to the business card data or the electronic data is within the reference period. ..
For example, in step S33 of FIG. 11, the validity confirmation unit 314 of the data receiving device 30 determines whether or not the time attached to the business card data is within the reference period. The validity confirmation unit 314 may determine that the business card data or the electronic data is not trusted unless it is within the reference period, and even if the validity of the personal certificate is confirmed, the process may not proceed to step S34.

<Modification 5>
In the first embodiment, each functional component is realized by software. However, as a modification 5, each functional component may be realized by hardware. The difference between the modified example 5 and the first embodiment will be described.

The configuration of the transmitting side server 10 according to the modification 5 will be described.
When each functional component is realized by hardware, the transmitting server 10 includes an electronic circuit instead of the processor 11, the memory 12, and the storage 13. The electronic circuit is a dedicated circuit that realizes the functions of each functional component, the memory 12, and the storage 13.

The configuration of the data transmission device 20 according to the modified example 5 will be described.
When each functional component is realized by hardware, the data transmission device 20 includes an electronic circuit instead of the processor 21, the memory 22, and the storage 23. The electronic circuit is a dedicated circuit that realizes the functions of each functional component, the memory 22, and the storage 23.

The configuration of the data receiving device 30 according to the modified example 5 will be described.
When each functional component is realized by hardware, the data receiving device 30 includes an electronic circuit instead of the processor 31, the memory 32, and the storage 33. The electronic circuit is a dedicated circuit that realizes the functions of each functional component, the memory 32, and the storage 33.

The configuration of the receiving side server 40 according to the modification 5 will be described.
When each functional component is realized by hardware, the receiving server 40 includes an electronic circuit instead of the processor 41, the memory 42, and the storage 43. The electronic circuit is a dedicated circuit that realizes the functions of each functional component, the memory 42, and the storage 43.

As the electronic circuit, a single circuit, a composite circuit, a programmed processor, a parallel programmed processor, a logic IC, a GA (Gate Array), an ASIC (Application Specific Integrated Circuit), and an FPGA (Field-Programmable Gate Array) are assumed. Will be done.
Each functional component may be realized by one electronic circuit, or each functional component may be distributed and realized by a plurality of electronic circuits.

<Modification 6>
As a modification 6, some functional components may be realized by hardware, and other functional components may be realized by software.

The processor 11, the memory 12, the storage 13, and the electronic circuit are referred to as a processing circuit. That is, the function of each functional component is realized by the processing circuit.

Further, the "part" in the above description may be read as "circuit", "process", "procedure", "processing" or "processing circuit".

The embodiments and modifications of the present disclosure have been described above. Some of these embodiments and modifications may be combined and carried out. In addition, any one or several may be partially carried out. The present disclosure is not limited to the above embodiments and modifications, and various modifications can be made as necessary.

10 sender server, 11 processor, 12 memory, 13 storage, 14 communication interface, 111 authentication department, 112 business card issuing department, 113 printing department, 114 certificate management department, 115 key generator department, 131 personnel data, 132 issuing list, 133 Revocation list, 20 data transmitter, 21 processor, 22 memory, 23 storage, 24 communication interface, 211 issue request unit, 212 data transmitter, 213 print unit, 214 signature generator, 30 data receiver, 31 processor, 32 Memory, 33 storage, 34 communication interface, 311 data acquisition unit, 312 certificate extraction unit, 313 signature verification unit, 314 validity confirmation unit, 315 certificate storage unit, 331 certified certificate data, 332 evidence data, 40 Receiving server, 41 processor, 42 memory, 43 storage, 44 communication interface, 411 authentication unit, 431 certified certificate data, 432 basis data, 91 transmission line, 92 transmission line, 93 transmission line, 94 transmission line, 100 Communications system.

Claims (9)

The data acquisition unit that acquires the electronic data that is the electronic data passed from the participants at the meeting and has the electronic signature of the participants.
The electronic signature attached to the electronic data acquired by the data acquisition unit is verified using a personal certificate which is the certificate data of the participant, and whether or not the electronic signature is valid is verified. The signature verification unit for judgment and
It is provided with a certificate storage unit that stores the personal certificate as authenticated certificate data in a storage device when the signature verification unit determines that the electronic signature is valid .
The electronic signature includes the affiliation certificate which is the certificate data of the affiliation of the participant.
The certificate storage unit is a data receiving device that stores the personal certificate and the affiliation certificate as authenticated certificate data in the storage device when the electronic signature is determined to be valid . The data according to claim 1, wherein the certificate storage unit stores the personal certificate as authenticated certificate data in the storage device together with evidence data indicating that the participant participated in the meeting. Receiver. The data acquisition unit acquires the electronic data by receiving the electronic data from the data transmission device used by the participant or by reading the print information printed on the paper passed from the participant. The data receiving device according to claim 1 or 2. The data receiving device according to any one of claims 1 to 3, wherein the electronic data is digitized business card data. The data receiving device according to any one of claims 1 to 4, wherein the storage device is a shared storage device accessible to another data receiving device. The electronic signature includes server information indicating the server to which the participant belongs, and the electronic signature includes server information indicating the server to which the participant belongs.
The data receiving device further
A validity check unit for acquiring a determination result of whether or not the personal certificate is valid from the server indicated by the server information is provided.
The certificate storage unit determines that the electronic signature is valid, and the determination result obtained by the validity confirmation unit indicates that the personal certificate is valid. The data receiving device according to any one of claims 1 to 5, wherein the document and the affiliation certificate are stored in the storage device as authenticated certificate data. The data acquisition unit acquires other electronic data with the electronic signature, and obtains the data.
The signature verification unit verifies the electronic signature attached to the other electronic data using the personal certificate stored in the storage device, and determines whether or not the electronic signature is valid. The data receiving device according to any one of claims 1 to 6 . The data acquisition department acquires the electronic data that is the electronic data passed from the participants at the meeting and has the electronic signature of the participants.
The signature verification unit verifies the electronic signature attached to the electronic data using the personal certificate which is the certificate data of the participant, determines whether or not the electronic signature is valid, and determines whether or not the electronic signature is valid.
When the certificate storage unit determines that the electronic signature is valid, the certificate storage unit stores the personal certificate as authenticated certificate data in the storage device.
The electronic signature includes the affiliation certificate which is the certificate data of the affiliation of the participant.
The certificate storage unit is a data receiving method for storing the personal certificate and the affiliation certificate as authenticated certificate data in the storage device when the electronic signature is determined to be valid . Data acquisition processing to acquire electronic data that is the electronic data passed from the participants at the meeting and has the electronic signature of the participants.
The electronic signature attached to the electronic data acquired by the data acquisition process is verified using a personal certificate which is the certificate data of the participant, and whether or not the electronic signature is valid is verified. Signature verification process to judge and
The computer functions as a data receiving device that performs a certificate storage process of storing the personal certificate as authenticated certificate data in a storage device when the digital signature is determined to be valid by the signature verification process. Let me
The electronic signature includes the affiliation certificate which is the certificate data of the affiliation of the participant.
In the certificate storage process, a data receiving program that stores the personal certificate and the affiliation certificate as authenticated certificate data in the storage device when it is determined that the electronic signature is valid .

Images