JP7009743B2 - Wireless communication devices and information communication systems - Google Patents

Description

The present invention relates to a wireless communication device attached to an article to be transported and used as a tag, and an information communication system.

Some of the luggage carried by the passengers of the aircraft is loaded and carried on the aircraft separately from the passengers. Generally, a paper tag is attached to this baggage, and the flight number of the aircraft, the airport code of the airport of the destination, the baggage identification information, and the like are printed on the tag. When cargo is loaded or unloaded at the departure airport or the arrival airport, the cargo is sorted based on the information printed on the tag.

In recent years, a system using an electronic tag that stores information as electronic data has been proposed instead of a paper tag. In such a system, transportation data including information necessary for transportation such as the flight number of the above-mentioned aircraft is transmitted from a predetermined terminal to an electronic tag by wireless communication and stored in the electronic tag. At the departure airport and the arrival airport, luggage is sorted based on the transportation data being read from the electronic tag (see, for example, Patent Document 1).

Japanese Patent Application Laid-Open No. 2003-104562

By the way, in a system in which an electronic tag receives transportation data from an external terminal, it is important to enhance the security of using the received transportation data in the electronic tag in order to accurately transport the cargo. That is, when the electronic tag receives fake data created by a person other than the legitimate administrator of transportation or data altered by a malicious person, the electronic tag is appropriate for these invalid data. It is necessary to avoid handling it as transportation data.

In particular, in the present age when electronic terminals are becoming more multifunctional and information transmission by electronic data is becoming more widespread, passengers are not limited to systems that send transportation data to electronic tags using dedicated terminals installed at airports. It is also desired to adopt a system that sends transportation data to electronic tags from any terminal such as a smartphone. Therefore, it is very important to enhance the security for sending and receiving transport data and its use.

It should be noted that these problems are not limited to electronic tags attached to the luggage of passengers on aircraft, but devices used as electronic tags in systems that manage the transportation of goods by data stored in the electronic tags attached to the goods. Common in.
An object of the present invention is to provide a wireless communication device and an information communication system capable of enhancing security when using data used for transportation.

The wireless communication device that solves the above problems is a wireless communication device attached to an article to be transported, and includes a display unit having a non-volatile information display function and a storage area in which a key used for encrypted communication is stored. A control unit and a wireless communication unit that performs wireless communication with an external terminal at a short distance are provided, and the wireless communication unit is data including transportation information that is information used for transporting the article. The terminal receives encrypted data including authentication data generated by using the key corresponding to the key, and the control unit verifies the authentication data by using the key stored in the storage area. Based on the above, the validity of the transportation information is verified, and the transportation information whose validity has been confirmed is displayed on the display unit.

The information communication system for solving the above problems is an information communication system including a wireless communication device attached to the article to be transported and a server holding a key used for encrypted communication, and the server is the article. Data including transportation information, which is information used for transportation, and encrypted data including authentication data generated by using the key is generated and transmitted to an external terminal, and the wireless communication device is non-volatile. A display unit having an information display function, a control unit including a storage area containing a key held by the server and a corresponding key, and a wireless communication unit that performs wireless communication with the terminal at a short distance are provided. The wireless communication unit receives the encrypted data from the terminal, and the control unit verifies the authentication data using the key stored in the storage area, and the validity of the transportation information is based on the verification. Is verified, and the transportation information whose validity has been confirmed is displayed on the display unit.

According to the above configuration, the validity is confirmed based on the fact that the wireless communication device verifies the authentication data contained in the encrypted data received from the external terminal by using the key stored in the storage area. The transportation information is displayed on the display unit. Therefore, the security when using the data used for transportation is enhanced, and the reliability of the transportation information displayed on the wireless communication device is enhanced.

In the above configuration, the authentication data may be data in which a message digest generated from data including transportation data indicating the transportation information is encrypted.

According to the above configuration, by verifying the authentication data, it is possible to confirm the creator of the encrypted data and confirm whether or not the transportation data has been tampered with. Therefore, since it is possible to suppress the display of information on the display unit using fake data or falsified data, the reliability of the transportation information displayed on the wireless communication device is suitably improved. Further, the load required for the calculation using the key in the wireless communication device is smaller than that of the configuration in which the authentication data is the encrypted data of the transported data.
In the above configuration, the authentication data may be data obtained by encrypting a message digest generated from data showing identification information unique to the wireless communication device during the period in which the article is being transported.
According to the above configuration, it is possible to confirm the creator of the encrypted data by verifying the authentication data. In addition, the authentication data uses the key in the wireless communication device as compared with the configuration in which the transportation data is encrypted data or the message digest generated from the data including the transportation data is encrypted data. The load required for the calculation is small.
In the above configuration, the authentication data may be data in which data including transportation data indicating the transportation information is encrypted.

According to the above configuration, by verifying the authentication data, it is possible to confirm the creator of the encrypted data, and it is possible to prevent the transportation information from being leaked when the transportation data is intercepted.

In the above configuration, the wireless communication device holds identification information unique to each wireless communication device, and the identification information may be acquired by an external terminal prior to receiving the encrypted data.

According to the above configuration, it is possible to identify the wireless communication device and manage the information about the transportation of the article performed by using the wireless communication device by using the acquired identification information.

In the above configuration, the wireless communication unit includes a sensor unit that converts changes in the environment around the wireless communication device into a signal and outputs the signal, and the wireless communication unit is generated based on the output of the sensor unit during transportation of the article. Data indicating changes in the environment may be transmitted to an external terminal.

According to the above configuration, by analyzing the data acquired from the wireless communication device by the external terminal, it is possible to analyze the change in the environment around the wireless communication device during the transportation of the article.

According to the present invention, it is possible to enhance security when using data used for transportation in a wireless communication device.

The perspective view which shows the appearance composition of the wireless communication device about 1st Embodiment of a wireless communication device. The figure which shows the structure of the wireless communication device and the information communication system in 1st Embodiment. In the information communication system of the first embodiment, the flowchart which shows the flow of the process until the user terminal acquires a public key certificate. In the information communication system of the first embodiment, a sequence diagram showing a flow of processing until a wireless communication device acquires a public key. In the information communication system of the first embodiment, a sequence diagram showing a flow of processing until a wireless communication device displays transportation information. In the information communication system of the first embodiment, a sequence diagram showing a flow of processing in which a wireless communication device transmits sensor data. A flowchart showing a flow of processing until a wireless communication device acquires a common key for the second embodiment of the information communication system. In the information communication system of the second embodiment, the sequence diagram which shows the flow of the process until the wireless communication device displays the transportation information.

(First Embodiment)
A first embodiment of a wireless communication device and an information communication system will be described with reference to FIGS. 1 to 6. The wireless communication device of the first embodiment functions as a tag attached to a baggage deposited by a user who is a passenger of the aircraft and carried by the aircraft.

[Wireless communication device configuration]
The appearance configuration of the wireless communication device will be described with reference to FIG. As shown in FIG. 1, the wireless communication device 10 includes a display unit 11. The transportation information Ib is displayed on the display unit 11. The transportation information Ib is information used for transporting luggage, for example, the airport code of the airport of the departure point, the waypoint, or the arrival point, the flight number of the aircraft on which the cargo is loaded, the identification information assigned to the cargo, and the like. including. The transportation information Ib is the same type of information as the information described on the paper tag conventionally used for transporting passengers' luggage by an aircraft, and the display format thereof is not particularly limited. For example, the transportation information Ib is made of paper. It is expressed in the same format as the tag, that is, in a format using barcodes, numbers, alphabets, and the like.

The wireless communication device 10 is attached to the cargo that the user deposits at the airport when boarding the aircraft, that is, the cargo to be carried. The outer shape of the wireless communication device 10 is not particularly limited, and for example, the wireless communication device 10 may be integrated with the luggage by being incorporated in the side wall of the suitcase, or the luggage may be integrated with the luggage by using connecting parts. It may be connected to the handle or the like.

With reference to FIG. 2, the electrical configuration of the wireless communication device and the configuration of the information communication system including the wireless communication device will be described.

As shown in FIG. 2, the wireless communication device 10 includes a wireless communication unit 12, a control unit 13, a sensor unit 14, and a power supply unit 15 in addition to the display unit 11 described above.

The display unit 11 includes an electronic paper and a drive circuit thereof, and has a non-volatile information display function. The electronic paper may be a matrix-type electronic paper in which display information is formed by pixels arranged in a matrix, or a segment-type electronic paper in which display information is formed by a combination of patterns arranged in advance. May be good. Matrix-type electronic paper can be freely expressed such as characters and images, while segment-type electronic paper is used if the transportation information Ib is information expressed in a limited format such as numbers and barcodes. As a result, the configuration of the display unit 11 can be simplified.

The wireless communication unit 12 executes a connection process between the user terminal 20 operated by the user who is the owner of the cargo and the wireless communication device 10, and transmits and receives data between the user terminal 20 and the wireless communication device 10. conduct. The wireless communication used for communication between the wireless communication device 10 and the user terminal 20 includes, for example, non-contact communication by using the HF band such as NFC (Near Field Communication), non-contact communication by using the UHF band, and BLE (Bluetooth). Low Energy: Bluetooth is a registered trademark), Bluetooth5, Ant communication, communication using a mobile communication network, communication using various other mesh networks, and the like. The wireless communication unit 12 may be configured to be capable of transmitting and receiving data corresponding to a plurality of communication methods among these wireless communications. For example, it is preferable that the wireless communication unit 12 is configured to enable non-contact communication by at least one of the HF band and the UHF band and communication by BLE.

Further, the wireless communication unit 12 uses these wireless communications to process the connection between the terminal used for managing the transportation and the wireless communication device 10 and the data between these devices during the transportation of the cargo. You may send and receive.

The control unit 13 includes an MCU (Micro Controller Unit), and controls and performs arithmetic processing of each unit included in the wireless communication device 10 according to a program stored in the storage area included in the control unit 13. The MCU constituting the control unit 13 is preferably a secure MCU whose information processing safety is guaranteed, and specifically, an MCU conforming to the EMV standard or an EAL (Evaluation Access) in ISO / IEC15408. It is preferable that the MCU satisfies Level 4 or higher of Level). Further, the control unit 13 may be provided with a support MCU that assists such a connection, depending on the need for a terminal for connecting the MCU and each element included in the wireless communication device 10.

The control unit 13 verifies the validity of the data acquired from the external device, stores the data acquired from the external device in the storage area, and collects the data stored in the storage area and the sensor unit 14. The wireless communication unit 12 controls the transmission of data to an external device. Further, the control unit 13 causes the display unit 11 to display the transportation information Ib by using the data acquired from the external device.

The control unit 13 stores the device ID, which is the identification information of the wireless communication device 10, in the storage area included in the control unit 13. The device ID is an identifier unique to each wireless communication device 10, is assigned to the wireless communication device 10, is generated by the control unit 13 based on a predetermined algorithm, and is stored in the storage area in advance.

As the device ID, for example, a GUID (Globally Unique Identifier) is used. Further, instead of the GUID, a UID (Unique IDifier), a TID (Tag Indicator), or an EPC (Electronic Product Code) that functions as an identifier of the RFID tag may be used. Alternatively, arbitrary identification information other than such an identifier may be created and used as a device ID, or another IC connected to the MCU via a bus such as I2C in the wireless communication device 10 may be used. The possessed or storable identification information may be used as the device ID. In short, the device ID may be unique to each wireless communication device 10.

The sensor unit 14 includes a sensor that converts a change in the environment around the wireless communication device 10 into a signal and outputs the signal. Such sensors include a temperature sensor that detects the ambient temperature of the wireless communication device 10, a pressure sensor that detects the magnitude of the pressure received by the wireless communication device 10, and the magnitude of the acceleration of the wireless communication device 10 that is moved by transportation. Examples thereof include an acceleration sensor for detection and an impact sensor for detecting the application of an impact to the wireless communication device 10 and its magnitude. Further, the sensor included in the sensor unit 14 may be a sensor that detects the atmospheric pressure and humidity around the wireless communication device 10. Such a sensor is provided at an appropriate position of the wireless communication device 10 according to the detection target of the sensor. The sensor unit 14 may include a plurality of sensors having different detection targets.

The power supply unit 15 supplies electric power to each unit such as the display unit 11 and the control unit 13 included in the wireless communication device 10. The power supply unit 15 may include a primary battery and a secondary battery to supply electric power from the battery to each unit, or may include an antenna for non-contact power supply and the like to provide electric power supplied by non-contact power supply. Power may be supplied to each part based on the above. Further, the power supply unit 15 includes an energy harvesting element that converts energy obtained from the environment such as light, heat, and vibration into electric power, and may supply electric power to each unit based on the power generation of the energy harvesting element. ..

The information communication system includes a wireless communication device 10, a user terminal 20, and a management server 30, and uses encryption to exchange data such as baggage data including transportation information Ib between these devices. It is a system. In the first embodiment, public key cryptography is used as the encryption method.

The wireless communication device 10 and the user terminal 20 mutually transmit and receive data by wireless communication using the wireless communication unit 12 described above. Further, the user terminal 20 and the management server 30 are connected to a network of a general-purpose communication line such as the Internet, and data is transmitted and received to each other through the network.

The user terminal 20 is a computer terminal such as a smartphone or a tablet terminal. The user terminal 20 includes a communication unit 21, a control unit 22, and a storage unit 23.

The communication unit 21 executes connection processing between the user terminal 20 and the wireless communication device 10 by a communication method corresponding to the wireless communication unit 12, and transmits and receives data between these devices. Further, the communication unit 21 executes connection processing between the user terminal 20 and the management server 30 through the network, and transmits and receives data between these devices.

The control unit 22 has a configuration including a volatile memory such as a CPU and RAM, and controls and performs arithmetic processing of each unit in the user terminal 20. As a process in the information communication system, the control unit 22 transmits data such as a device ID received from the wireless communication device 10 to the management server 30, and wirelessly communicates data including public keys and baggage data received from the management server 30. Transmission to the device 10 is performed through the communication unit 21.
The storage unit 23 has a configuration including a non-volatile memory such as a flash memory, and stores programs and data necessary for processing executed by the control unit 22.

The function of the control unit 22 in the information communication system is embodied by, for example, software that gives a plurality of functions to one common hardware, and such software is stored in the storage unit 23. For example, the software is included in an application program provided by an airline company for a user, and is installed on a user terminal 20 via a download via a network.

Further, in addition to the above-mentioned configuration, the user terminal 20 includes a display unit composed of a liquid crystal panel and the like for displaying information, and an operation unit composed of a touch panel and the like for receiving user operations.

The management server 30 is a server managed by a transportation manager who is an administrator of transportation of cargo. The transportation manager is, for example, an airline company. The management server 30 includes a communication unit 31, a control unit 32, and a storage unit 33.

The communication unit 31 executes connection processing between the management server 30 and the user terminal 20 through the network, and transmits and receives data between these devices.

The control unit 32 has a configuration including a volatile memory such as a CPU and RAM, and controls and performs arithmetic processing of each unit in the management server 30. The control unit 32 transmits the public key certificate to the user terminal 20 through the communication unit 31 as a process in the information communication system. Further, the control unit 32 generates the above-mentioned baggage data, and further generates encrypted data including an electronic signature generated by using the private key held by the management server 30 from the baggage data. Then, the control unit 32 transmits the encrypted data to the user terminal 20 through the communication unit 31.

Further, the control unit 32 stores the device ID received from the user terminal 20 as device management data in the storage unit 33 in association with the user information which is information about the user as a process in the information communication system.

The storage unit 33 has a configuration including a non-volatile memory such as a hard disk drive, and stores programs and data necessary for processing executed by the control unit 32. As an example of such data, the storage unit 33 stores the above-mentioned private key and device management data.

The function of the control unit 32 in the information communication system may be embodied separately by various hardware such as a memory composed of a plurality of CPUs and RAMs and software that functions them, or is common 1 It may be embodied by software that gives multiple functions to one piece of hardware. The function of the management server 30 may be realized by a plurality of servers.

In the information communication system, the wireless communication device 10 acquires a public key paired with a private key used by the management server 30 for generating encrypted data via the user terminal 20 and stores it in the storage area of the control unit 13. The public key is preferably stored in an area having high tamper resistance in the storage area of the control unit 13, that is, an area where analysis from the outside is difficult. Then, the wireless communication device 10 verifies the encrypted data received via the user terminal 20 by using the public key to confirm the validity of the baggage data, and then uses the baggage data to display the transportation information on the display unit 11. Display Ib.

[Operation of information communication system]
The operation of the information communication system will be described with reference to FIGS. 3 to 6. In the processing of the information communication system, the wireless communication device 10 acquires a public key, the wireless communication device 10 acquires baggage data and displays the transportation information Ib, and the wireless communication device 10 uses the sensor unit 14. It includes steps to send the collected data to the outside world.
<Obtaining public key>
A procedure for the process until the wireless communication device 10 acquires the public key will be described with reference to FIGS. 3 and 4.

FIG. 3 is a flowchart showing a procedure until the user terminal 20 acquires the public key certificate. First, the transportation manager generates a private key and a public key that realize public key cryptography through a server, etc., or obtains these keys based on the request for generation, and becomes an organization that functions as a certification authority. Provide the public key and apply for the issuance of the public key certificate (step S10). The private key and the public key may be generated so as to correspond to a known algorithm for realizing public key cryptography, and are, for example, a key corresponding to RSA2048bit. The organization that functions as a certificate authority may be an organization that is engaged in the issuance of digital certificates, or an organization that supports or controls transportation operations by a transportation manager, such as an industry organization to which an airline company is a member. It may function as a certificate authority. The private key is stored in the storage unit 33 of the management server 30.

After confirming that the transportation manager is a reliable organization, for example, the certification authority that received the application confirms that the transportation manager is an airline that has received the prescribed certification. Issue a public key certificate (step S11).

The issued public key certificate is handed over to the transportation manager and transmitted from the management server 30 to the user terminal 20 (step S12). The transmission of the public key certificate may be performed, for example, when the passenger application, which is the application program, is installed on the user terminal 20, or the user communicates wirelessly through the operation of the passenger application. It may be triggered by the notification that the user terminal 20 wishes to carry the luggage using the device 10 to the management server 30.
FIG. 4 is a sequence diagram showing a procedure in which a public key is transmitted from the user terminal 20 to the wireless communication device 10.

As shown in FIG. 4, when the user terminal 20 receives the public key certificate, the control unit 22 of the user terminal 20 acquires the public key included in the public key certificate (step S20). At this time, the control unit 22 verifies the electronic signature of the certificate authority included in the public key certificate using the public key of the certificate authority, so that the public key included in the public key certificate is guaranteed by the certificate authority. Confirm that it is the public key of the transportation manager.

The public key certificate for acquiring the public key of the certificate authority may be acquired from a server or the like managed by the certificate authority, or may be stored in advance in the storage unit 23 of the user terminal 20. If there is a certificate authority higher than the certificate authority, the user terminal 20 obtains the public key certificate of the higher certificate authority up to the root certificate authority, and the public key of the higher certificate authority is lower. The public key of the transportation manager is acquired by verifying the electronic signature in the public key certificate of the certificate authority and acquiring the public key of the lower certificate authority in order from the upper level to the lower level.

Wireless communication with the user terminal 20 based on the user performing a predetermined operation such as arranging the user terminal 20 in the vicinity of the wireless communication device 10 according to a display or the like based on the operation of the passenger application installed on the user terminal 20. The device 10 starts communication.

When the user terminal 20 recognizes the wireless communication device 10 for the first time, that is, when data is transmitted / received between these devices for the first time, the user terminal 20 first transmits the device ID to the wireless communication device 10. Request (step S21). Upon receiving the request for transmission of the device ID, the control unit 13 of the wireless communication device 10 acquires the device ID from the storage area and transmits the device ID to the user terminal 20 through the wireless communication unit 12 (step S22).

Upon receiving the device ID, the control unit 22 of the user terminal 20 transmits the device ID to the management server 30 through the communication unit 21 (step S23). The control unit 32 of the management server 30 associates the received device ID with the user information and stores it in the storage unit 33 as device management data (step S24). The user information includes at least personal information such as a user's name and address. Further, the user information may include information indicating the status of use of the service by the user, such as the boarding history of the user on the aircraft.

The management server 30 acquires user information as follows. For example, prior to step S21, the registration of a member who uses the service provided by the airline company is performed by using the transmission / reception of data based on the operation of the Web page or the passenger application. At this time, user information is input to a terminal such as the user terminal 20 based on the user's operation, and the input user information is transmitted from the terminal to the management server 30 and stored in the storage unit 33 of the management server 30. .. A user ID, which is user identification information, is assigned to the user as a member, and the user ID is managed in association with the user information and notified to the user through the terminal. The user terminal 20 acquires a user ID based on input by a user's operation and stores it as necessary.

When the user terminal 20 transmits the device ID to the management server 30, the user terminal 20 also transmits the user ID to the management server 30. The management server 30 identifies the user information corresponding to the user based on the user ID, associates the specified user information with the device ID, and stores the specified user information in the storage unit 33 as device management data.

Alternatively, before or after the user terminal 20 acquires the device ID, the user is requested to input the user information to the user terminal 20, and the input user information is transmitted to the management server 30 together with the device ID. May be good. In this case, the management server 30 associates the received user information with the device ID and stores it in the storage unit 33 as device management data.

Upon acquiring the device ID, the user terminal 20 requests the wireless communication device 10 to perform a pairing process (step S25). In response to this request, the wireless communication device 10 performs the processing required for pairing and returns a response to the user terminal 20 (step S26). In response to this response, the user terminal 20 performs processing such as storing data for establishing pairing (step S27). Through such processing, the user terminal 20 and the wireless communication device 10 exchange and store data used for authentication and communication encryption between these devices, and each of the user terminal 20 and the wireless communication device 10 is used. Register each other as a pairing partner.

When the communication by pairing is established, the control unit 22 of the user terminal 20 transmits the public key of the transportation manager to the wireless communication device 10 through the communication unit 21 (step S28). Upon receiving the public key, the control unit 13 of the wireless communication device 10 stores the public key in the storage area (step S29).

As described above, the transmission of the public key from the user terminal 20 to the wireless communication device 10 and the subsequent transmission / reception of data between the user terminal 20 and the wireless communication device 10 use communication by pairing. Will be done. This enhances the security of communication between the user terminal 20 and the wireless communication device 10. Specifically, for example, in the above flow, the transfer of the device ID is performed by non-contact communication in the HF band or UHF band or communication by BLE that does not require pairing, and from these established communications, by BLE. Pairing is performed by shifting to communication.

Before the exchange of the device ID, the pairing of the user terminal 20 and the wireless communication device 10 may be performed, and the device ID may be exchanged by using the communication by the pairing. Further, in the exchange and pairing of the device ID between the user terminal 20 and the wireless communication device 10, that is, the processing of steps S21 to S27 in FIG. 4, the user terminal 20 obtains the public key certificate of the transportation manager. It may be performed before the acquisition, that is, before the processing of step S20.

Further, the device ID may be transmitted from the user terminal 20 to the management server 30 at an arbitrary timing until the encrypted data is generated by the management server 30.

<Acquisition of luggage data>
With reference to FIG. 5, the procedure for the wireless communication device 10 to acquire the baggage data and display the transportation information Ib will be described.
A user who intends to board an aircraft makes a reservation for boarding an aircraft by using data transmission / reception based on a Web page or the operation of a passenger application by inputting necessary information to a terminal such as a user terminal 20. As a result, reservation data is generated and stored in the storage unit 33 of the management server 30. The reservation data includes, for example, information such as the user's name, the flight of the aircraft to be boarded, the departure / arrival airport, the scheduled departure date / time, and the scheduled arrival date / time. The information included in the reservation data may be associated with the user information and the device ID included in the above-mentioned device management data, for example, through the identification of the user using the identification information such as the user ID.

It should be noted that the reservation for boarding the aircraft by the user, that is, the generation of the reservation data may be performed before or after the registration of the device ID in the device management data. Further, before or after the user terminal 20 acquires the device ID, the information necessary for reservation is input to the user terminal 20 by the user, and the input information is transmitted to the management server 30 together with the device ID to be a device. Reservation data may be generated along with management data.

The control unit 32 of the management server 30 generates baggage data based on the reservation data (step S30). The package data includes transportation data which is data indicating transportation information Ib. The transportation data is data for displaying an image as transportation information Ib on the display unit 11 of the wireless communication device 10, may be data of an image showing transportation information Ib, or may be display unit as transportation information Ib. It may be binary data that defines the image to be displayed in 11. Further, the management server 30 may use device management data for generating baggage data, and may include identification information such as a user ID and a device ID in the baggage data.

When the departure time of the aircraft approaches, a check-in request is made from the user terminal 20 to the management server 30 based on the user's operation (step S31), and the control unit 32 of the management server 30 confirms the reservation as a check-in process. (Step S32). In a configuration in which the process corresponding to which user is managed by the identification information such as the user ID, the check-in request may be made from a terminal different from the user terminal 20. ..

Subsequently, the control unit 32 of the management server 30 generates encrypted data based on the generation of authentication data from the baggage data using the transport manager's private key stored in the storage unit 33 (step S33). ). Specifically, the control unit 32 uses a hash function to generate a message digest that is a hash value from the baggage data, and encrypts the generated message digest with a private key to generate an electronic signature. The generated electronic signature is the authentication data, and the encrypted data includes the baggage data and the authentication data. As a method for generating an electronic signature, a known method may be used, including a hash function to be used.

The order of the generation of the baggage data and the encrypted data and the check-in process is not particularly limited, the baggage data may be generated after the check-in process, and the encrypted data may be generated from the check-in process. May be done before. In short, it is sufficient that the encrypted data is generated after the baggage data is generated.

After the check-in process is completed, the control unit 32 of the management server 30 transmits the generated encrypted data to the user terminal 20 through the communication unit 31 (step S34). Upon receiving the encrypted data, the control unit 22 of the user terminal 20 requests that the user terminal 20 be arranged at a position where it can communicate with the wireless communication device 10 through the display on the display unit, and uses the communication by pairing. Then, the encrypted data is transmitted to the wireless communication device 10 through the communication unit 21 (step S35).

For the establishment of communication by pairing, for example, it is preferable to use a handover that shifts to communication by BLE after establishment of communication by NFC. According to this, the encrypted data is transmitted to the wireless communication device 10 triggered by the clear operation that the user holds the user terminal 20 over the wireless communication device 10, so that the user can use the user terminal 20 to the wireless communication device 10. It is easy to be aware of the transmission of data to. Further, since the communication by BLE capable of transmitting a large amount of data at a higher speed than the NFC is used for the transmission of the encrypted data itself, the encrypted data can be efficiently transmitted to the wireless communication device 10.

Upon receiving the encrypted data, the control unit 13 of the wireless communication device 10 verifies the authentication data included in the encrypted data by using the public key of the transportation manager stored in the storage area, thereby validating the baggage data. Is verified (step S36). That is, if the electronic signature, which is the authentication data, can be decrypted with the public key of the transportation manager, it can be confirmed that the creator of the encrypted data is the transportation manager. Then, the control unit 13 calculates a hash value from the package data included in the encrypted data, and verifies whether or not the calculated hash value matches the data obtained by decrypting the electronic signature. If the calculated hash value and the data obtained by decrypting the electronic signature match, it can be confirmed that the received package data has not been tampered with. As a result, the validity of the package data, that is, the validity of the transportation information Ib indicated by the transportation data is confirmed.

When the validity of the baggage data can be confirmed, the control unit 13 of the wireless communication device 10 stores the baggage data in the storage area, and displays the transport information Ib on the display unit 11 using the transport data included in the baggage data. (Step S37). As a result, the transportation information Ib whose validity has been confirmed is displayed on the display unit 11. When the validity of the baggage data cannot be confirmed, that is, when the digital signature cannot be decrypted with the public key of the transportation manager, or when the hash value calculated from the baggage data does not match the data obtained by decrypting the digital signature. Does not display using the baggage data in the control unit 13. In this case, the control unit 13 may display the notification that the received data is inappropriate data on the display unit 11, or inform the user terminal 20 that the received data is inappropriate data. Based on the notification, a notification that the data is inappropriate may be displayed on the display unit of the user terminal 20.

As described above, according to the configuration of the first embodiment, the wireless communication device 10 verifies the authentication data included in the encrypted data by using the public key of the transport manager, so that the transport information Ib included in the received data The validity of the above is verified, and the transportation information Ib whose validity is confirmed is displayed on the display unit 11. Therefore, the security when using the data used for transportation is enhanced, and the reliability of the transportation information Ib displayed on the wireless communication device 10 is enhanced.

In particular, by using the electronic signature, it is possible to confirm the creator of the encrypted data and whether or not the package data has been tampered with. It is possible to suppress the display of information on the display unit 11 using the data. Therefore, the reliability of the transportation information Ib displayed on the wireless communication device 10 is suitably enhanced.

Since the encrypted data includes unencrypted transportation data, there is a possibility that this transportation data may be intercepted, but the transportation information Ib indicated by the transportation data is meaningful only when it is displayed together with the package to be transported. It is information, and its usefulness is often low with the transportation information Ib alone. Therefore, if the transportation information Ib whose validity has been confirmed based on the verification of the electronic signature is displayed on the display unit 11, the security when using the data used for transportation is sufficiently enhanced.

Further, the generation of the electronic signature based on the package data and its verification have a smaller load required for the calculation than the encryption and decryption of the entire package data. Therefore, if the encrypted data has a configuration including an electronic signature generated from the baggage data and unencrypted baggage data, it can be transported while reducing the calculation load on the management server 30 and the wireless communication device 10. It is possible to enhance the security when using the data to be used.

The authentication data included in the encrypted data may be generated from some data included in the baggage data. For example, the baggage data includes identification information such as a user ID, a device ID, and baggage identification information, and the hash value calculated from this identification information is encrypted with the transport manager's private key to obtain electronic authentication data. A signature may be generated. Such identification information is the identification information unique to the wireless communication device 10, that is, the transportation of other luggage transported during the above period, and the wireless communication device 10 at least during the period in which the package to be transported is being transported. It functions as information that can be distinguished from the transportation of the used luggage. It is preferable that the device ID is used as such identification information.
According to such a configuration, it is possible to further reduce the load required for generating and verifying the electronic signature as compared with the case where the electronic signature is created from the entire package data. Further, when the electronic signature is generated from the device ID, the encrypted data does not include the device ID from which the electronic signature is generated, and the wireless communication device 10 uses the device ID stored in the wireless communication device 10. The electronic signature may be verified.

Even with these configurations, if the electronic signature can be decrypted with the public key of the transportation manager, it can be confirmed that the creator of the encrypted data is the transportation manager, and the baggage data is encrypted without being digitally signed. There is reasonable confirmation of the legitimacy of the baggage data as compared to when it is transmitted in the unencrypted state. That is, the verification of the validity of the package data may include at least confirmation of the creator of the encrypted data.

Further, the encrypted data may be data in which the entire package data is encrypted without including the electronic signature. In this case, the data obtained by encrypting the entire package data is the authentication data. Even with such a configuration, if the authentication data can be decrypted with the public key of the transportation manager, it can be confirmed that the creator of the encrypted data is the transportation manager. Then, since the transportation information Ib included in the package data cannot be obtained unless it is decrypted using the public key, it is possible to prevent the transportation information Ib from being leaked even when the encrypted data is intercepted. Such a configuration is useful when the transportation information Ib contains information that is highly damaged by leakage. Further, the encrypted data may be data in which a part of the identification information or the like in the package data is encrypted without including the electronic signature.

That is, the encrypted data is data including transportation information Ib as unencrypted transportation data, or data including transportation information Ib as encrypted transportation data, and is the authentication data to be verified by the public key. May include the transportation information Ib separately, and the transportation information Ib may be included in the authentication data.

As described above, the reliability of the transportation information Ib displayed on the wireless communication device 10 is enhanced, so that the transportation using the transportation information Ib is accurately performed. This is because the user can use the wireless communication device 10 as a tag attached to the luggage by displaying the transportation information Ib on the wireless communication device 10 using the user terminal 20 at home or the like before boarding the aircraft. It is possible to reduce the waiting time compared to the case where the paper tag that has been used conventionally is issued at the airport. It is also possible to reduce the labor cost required to issue paper tags at the airport.

If the transportation information Ib is represented in the same format as the paper tag, the wireless communication device 10 can be used as the tag without significantly changing the transportation system using the paper tag. Is. Since the display unit 11 of the wireless communication device 10 of the present embodiment is composed of electronic paper, the contrast of the displayed information is closer to the information written on the paper as compared with the liquid crystal panel or the like. Therefore, the information displayed on the display unit 11 can be suitably read by a terminal for reading the information from the paper tag. Further, the information display function of the display unit 11 is a non-volatile information display function, and since the power required to hold information on the display surface is smaller than that of a liquid crystal panel or the like, information is displayed on the display unit 11. It is possible to reduce the energy required for this. Therefore, the wireless communication device 10 is suitable for being used as a tag attached to a load carried over a long distance.

The transportation information Ib is read by a predetermined terminal in a state of being displayed on the display unit 11 of the wireless communication device 10, or is used for transportation by being visually confirmed, and also for wireless communication. It may be used for transportation by being transmitted to a predetermined terminal through the unit 12, that is, being read by wireless communication from the wireless communication device 10.

<Sensor data transmission>
With reference to FIG. 6, the procedure of the process in which the wireless communication device 10 transmits the data collected by the sensor unit 14 to the outside will be described.
While being attached to the luggage and being carried together with the luggage, the sensors included in the sensor unit 14 continuously or periodically, as changes in the surrounding environment of the wireless communication device 10, are sensors such as temperature and pressure. The change of the detection target is converted into a signal and output to the control unit 13. In the control unit 13, sensor data, which is data generated based on the output of the sensor unit 14, is stored in the storage area. That is, the sensor data is data indicating changes in the environment around the wireless communication device 10. In addition, the sensor data includes information indicating the time when the change in the environment is observed.

After the transportation of the cargo is completed and the wireless communication device 10 returns to the user, the process shown in FIG. 6 is performed.
First, the user arranges the user terminal 20 in the vicinity of the wireless communication device 10 according to the display of the user terminal 20 based on the operation of the passenger application, and the user terminal 20 and the wireless communication device 10 communicate with each other by pairing. Is started, and the user terminal 20 requests the wireless communication device 10 to transmit the sensor data (step S40). For the establishment of communication by pairing, for example, it is preferable to use a handover that shifts to communication by BLE after establishment of communication by NFC.

Upon receiving the request for the sensor data, the control unit 13 of the wireless communication device 10 acquires the sensor data stored in the storage area and transmits the sensor data to the user terminal 20 through the wireless communication unit 12 (step S41). ..

The user terminal 20 that has received the sensor data performs a predetermined process using the sensor data (step S42). For example, the user terminal 20 analyzes the sensor data and displays the change in the environment around the wireless communication device 10 during the transportation of the cargo, that is, the change in the detection target of the sensor on the display unit of the user terminal 20. Alternatively, the warning instruction may be displayed on the display unit only when it is determined that there is an abnormality in such a change in the environment. Further, the user terminal 20 may transmit the sensor data to the management server 30, and the management server 30 may analyze the sensor data and notify the user of the analysis result.

According to such a configuration, the analysis of the sensor data changes the environment around the cargo during transportation, such as when the temperature around the cargo changes significantly during transportation or when the cargo receives a large pressure or impact. When there is an abnormality, the abnormality can be detected together with the time when the abnormality occurs. Therefore, for example, when an abnormality such as damage occurs in the exterior or contents of the package after transportation, the sensor data can be used for investigating the cause of the abnormality.

When the sensor data is sent to the management server 30 via the user terminal 20, the wireless communication device 10 encrypts the sensor data using the transport manager's public key held by the wireless communication device 10. , The encrypted sensor data may be transmitted to the management server 30 via the user terminal 20. The management server 30 acquires sensor data by decrypting the received data using the transport manager's private key, and uses it for analysis and the like. With such a configuration, leakage of sensor data can be suppressed.

The terminal to which the wireless communication device 10 transmits the sensor data is not limited to the user terminal 20, and may be a terminal owned by the transportation manager or the like. If the sensor data is transmitted from the wireless communication device 10 to an external terminal, the sensor data taken out from the wireless communication device 10 through the external terminal can be used as the environment around the wireless communication device 10 during transportation of luggage. It can be used to analyze changes in.

Further, the wireless communication device 10 transmits the device ID held by the wireless communication device 10 together with the sensor data, and in a device such as the management server 30 that has received the sensor data and the device ID, the wireless communication device 10 is based on the device ID. The wireless communication device 10 that has transmitted the sensor data may be identified.

As described above, according to the first embodiment, the following effects can be obtained.
(1) The wireless communication device 10 verifies the authentication data included in the encrypted data received from the external terminal by using the key stored in the storage area of the wireless communication device 10, and the transportation information Ib is valid. The display unit 11 displays the transportation information Ib whose validity has been verified and whose validity has been confirmed. Therefore, the security when using the data used for transportation is enhanced, and the reliability of the transportation information Ib displayed on the wireless communication device 10 is enhanced.

(2) Public key cryptography is used as an encryption method used for encrypted communication in an information communication system. Therefore, as compared with the common key cryptography, the damage caused when the key held by the wireless communication device 10 is leaked at the time of delivery to the wireless communication device 10 or due to external access to the wireless communication device 10 is small. The load required for key management is small.

(3) In a configuration in which the authentication data is an electronic signature, that is, in a configuration in which the message digest generated from the baggage data including the transportation data is encrypted data, the authentication data is stored by the key held by the wireless communication device 10. By verifying, it is possible to confirm the creator of the encrypted data and confirm whether or not the baggage data has been tampered with. Therefore, since it is possible to suppress the display of information on the display unit 11 using fake data or falsified data, the reliability of the transportation information Ib displayed on the wireless communication device 10 is suitably enhanced. .. Further, the load required for the calculation using the key in the wireless communication device 10 and the management server 30 is smaller than the configuration in which the authentication data is the encrypted data of the package data.
(4) In a configuration in which the authentication data is data in which the message digest generated from the data indicating the identification information unique to the wireless communication device 10 during the period in which the luggage is being transported is encrypted, the wireless communication device 10 holds the data. By verifying the authentication data with the key to be used, it is possible to confirm the creator of the encrypted data. Further, the load required for the calculation using the key in the wireless communication device 10 and the management server 30 is smaller than the configuration in which the authentication data is an electronic signature generated from the package data including the transportation data.

(5) In a configuration in which the authentication data is encrypted data including baggage data including transportation data, the creator of the encrypted data can be confirmed by verifying the authentication data with the key held by the wireless communication device 10. Further, it is possible to prevent the transportation information Ib from being leaked when the transportation data is intercepted.

(6) In a configuration in which the device ID held by the wireless communication device 10 is acquired by an external terminal before the wireless communication device 10 receives the encrypted data, the acquired device ID is used for wireless communication. It is possible to identify the device 10 and manage information about the transportation of goods performed by using the wireless communication device 10.

(7) In the configuration in which the wireless communication device 10 transmits the sensor data generated based on the output from the sensor unit 14 during the transportation of the article to an external terminal, the wireless communication during the transportation of the article is performed by analyzing the sensor data. It is possible to analyze changes in the environment around the communication device.

(Second Embodiment)
A second embodiment of the wireless communication device and the information communication system will be described with reference to FIGS. 7 and 8. In the second embodiment, common key cryptography is used for communication in the information communication system. Hereinafter, the differences from the first embodiment will be mainly described, and the same reference numerals will be given to the same configurations as those of the first embodiment, and the description thereof will be omitted.

The wireless communication device 10 of the second embodiment has the same configuration as that of the first embodiment, but the communication using the common key cryptography has the wireless communication device 10 as compared with the communication using the public key cryptography. When the key is leaked to the outside, it is easy to disguise the data, so the damage caused by the key leak is great. Therefore, in the second embodiment, the sure MCU is used as the MCU constituting the control unit 13, and the common key acquired by the wireless communication device 10 is stored in the storage area having high tamper resistance in the control unit 13. Will be done. With such a configuration, the risk of leakage of the common key is reduced, and the reliability that the common key is a key shared only between the management server 30 and the wireless communication device 10 is increased.

[Operation of information communication system]
The operation of the information communication system will be described with reference to FIGS. 7 and 8. In the processing of the information communication system, the wireless communication device 10 acquires a common key, the wireless communication device 10 acquires baggage data and displays the transportation information Ib, and the wireless communication device 10 uses the sensor unit 14. It includes steps to send the collected data to the outside world.

<Acquisition of common key>
With reference to FIG. 7, a procedure of processing until the wireless communication device 10 acquires the common key will be described.
First, a master common key is generated by a higher-level organization of the transportation manager (step S50). The generated master common key is passed to the transportation manager through a server or the like. The higher-level organization may be an organization similar to the organization that functioned as a certificate authority in the first embodiment, may be an organization whose business is the generation and management of a common key, or an industry organization to which an airline company is a member. As such, it may be an organization that supports and controls the transportation business by the transportation manager.

The transportation manager who has acquired the master common key generates a derived common key from the master common key (step S51). The derived common key may be generated so as to correspond to a known algorithm that realizes common key cryptography.

The generated derived common key is stored in the storage unit 33 of the management server 30, and is also handed over to the manufacturing manager of the wireless communication device 10 through the server or the like. It is stored in the storage area (step S52). The derived common key is sent to the wireless communication device 10 by non-contact communication using the HF band or the UHF band from a terminal owned by the manufacturing manager, for example, a terminal arranged on the production line of the wireless communication device 10. The wireless communication device 10 stores the derived common key acquired through the wireless communication unit 12 in the storage area.

The derived common key can also be passed to the wireless communication device 10 through the management server 30 and the user terminal 20 as in the first embodiment. However, as described above, in the communication using the common key cryptography, the damage caused by the leakage of the key is large. If the manufacturing manager stores the derived common key in the wireless communication device 10 before shipment, an environment in which data is difficult to be intercepted is constructed and the derived common key is stored in the wireless communication device 10 under that environment. Therefore, it is possible to enhance the security for the acquisition of the derived common key by the wireless communication device 10. Therefore, the reliability that the derived common key is a key shared only between the management server 30 and the wireless communication device 10 is enhanced.

<Acquisition of luggage data>
With reference to FIG. 8, a procedure for processing until the wireless communication device 10 acquires baggage data and displays the transportation information Ib will be described.
Similar to the first embodiment, reservation data is generated based on the user's reservation, and the control unit 32 of the management server 30 generates baggage data based on the reservation data (step S60).

When a check-in request is made from the user terminal 20 to the management server 30 (step S61), the control unit 32 of the management server 30 performs a process of confirming the reservation as a check-in process (step S62). Subsequently, the control unit 32 generates encrypted data by encrypting the package data using the derived common key stored in the storage unit 33 (step S63). That is, the encrypted data of the second embodiment is the data in which the baggage data is encrypted by the derived common key, and this data is the authentication data. The order of the generation of the package data and the encrypted data and the check-in process is not particularly limited, and the encrypted data may be generated after the package data is generated.

When the check-in process is completed, the control unit 32 of the management server 30 transmits the generated encrypted data to the user terminal 20 through the communication unit 31 (step S64). Upon receiving the encrypted data, the control unit 22 of the user terminal 20 requests that the user terminal 20 be arranged at a position where it can communicate with the wireless communication device 10 through the display on the display unit, and uses the communication by pairing. Then, the encrypted data is transmitted to the wireless communication device 10 through the communication unit 21 (step S65).

For the establishment of communication by pairing, for example, it is preferable to use a handover that shifts to communication by BLE after establishment of communication by NFC. The pairing registration may be performed in the same procedure as in the first embodiment before transmission / reception of encrypted data. Further, the user terminal 20 acquires the device ID from the wireless communication device 10 and transmits it to the management server 30, and the management server 30 associates the device ID with the user information before the transmission / reception of the encrypted data. The procedure may be the same as that of the first embodiment.

Upon receiving the encrypted data, the control unit 13 of the wireless communication device 10 verifies the authentication data by decrypting the encrypted data using the derived common key stored in the storage area, and verifies the validity of the baggage data. (Step S66). That is, on the premise that the derived common key is shared only between the management server 30 and the wireless communication device 10, if the encrypted data can be decrypted by the derived common key, the creator of the encrypted data is the transport administrator. Can be confirmed. As a result, the validity of the package data, that is, the validity of the transportation information Ib indicated by the transportation data is confirmed.

When the validity of the baggage data can be confirmed, the control unit 13 of the wireless communication device 10 stores the baggage data in the storage area, and displays the transport information Ib on the display unit 11 using the transport data included in the baggage data. (Step S67). As a result, the transportation information Ib whose validity has been confirmed is displayed on the display unit 11. If the validity of the baggage data cannot be confirmed, that is, if the encrypted data cannot be decrypted with the derived common key, the control unit 13 does not display using the baggage data. In this case, the control unit 13 may display the notification that the received data is inappropriate data on the display unit 11, or inform the user terminal 20 that the received data is inappropriate data. Based on the notification, a notification that the data is inappropriate may be displayed on the display unit of the user terminal 20.

As described above, according to the configuration of the second embodiment, the wireless communication device 10 verifies the authentication data by using the derived common key, so that the legitimacy of the transport information Ib included in the received data is verified and is legitimate. The transportation information Ib whose sex has been confirmed is displayed on the display unit 11. Therefore, the security when using the data used for transportation is enhanced, and the reliability of the transportation information Ib displayed on the wireless communication device 10 is enhanced. In such a configuration, the transportation information Ib included in the package data cannot be obtained unless it is decrypted using the derived common key. Therefore, even if the encrypted data is intercepted, the transportation information Ib is leaked. Is suppressed. Therefore, it is useful when the transportation information Ib contains information that is highly damaged by leakage.

As in the first embodiment, the encrypted data may be configured to include unencrypted package data and authentication data generated from the package data using the derived common key. That is, the control unit 32 of the management server 30 uses a hash function and a derived common key to generate a message digest which is a MAC (Message Authentication Code) from the whole baggage data or a part of the identification information and the like, and is generated. Encrypt the message digest with the derived common key. Then, the control unit 32 transmits the encrypted data including the baggage data and the authentication data which is the data obtained by encrypting the message digest to the user terminal 20 via the communication unit 31.

In this case, the wireless communication device 10 that has received the encrypted data verifies the validity of the package data by verifying the authentication data using the derived common key. That is, the control unit 13 decodes the authentication data with the derived common key stored in the wireless communication device 10, and also decodes the authentication data with the baggage data included in the encrypted data, the hash function, and the derived common key stored in the wireless communication device 10. Calculate MAC from the key. Then, the control unit 13 verifies whether or not the calculated MAC matches the decrypted authentication data. If the calculated MAC and the decrypted authentication data match, it can be confirmed that the received package data has not been tampered with, and it can be confirmed that the creator of the encrypted data is the transportation manager. The MAC may be generated using a block cipher algorithm.

According to such a configuration, the calculation load required for encryption and decryption in the management server 30 and the wireless communication device 10 is reduced as compared with the case where the encrypted data is the data in which the entire baggage data is encrypted. At the same time, it is possible to enhance the security when using the data used for transportation.

The common key used by the management server 30 and the wireless communication device 10 in the second embodiment is not limited to the derived common key generated from the master common key, and may be a common key having no master common key. ..

Further, in the second embodiment, the transmission of the sensor data by the wireless communication device 10 is performed in the same manner as in the first embodiment. That is, the sensor data stored in the wireless communication device 10 during the transportation of the cargo is transmitted from the wireless communication device 10 to an external terminal such as the user terminal 20, and further transmitted to the management server 30 to transport the cargo. It is used for analysis of changes in the surrounding environment of the wireless communication device 10 inside. When the sensor data is sent from the wireless communication device 10 to the management server 30 via the user terminal 20, the sensor data may be encrypted with the derived common key and sent to the management server 30.

As described above, according to the second embodiment, the following effects can be obtained in addition to the effects of (1), (3) to (7) of the first embodiment.
(8) Common key cryptography is used as an encryption method used for encrypted communication in an information communication system. Therefore, as compared with public key cryptography, the load required for the operation using the key in the wireless communication device 10 and the management server 30 is small.

[Modification example]
Each of the above embodiments can be modified and implemented as follows.
-In the first embodiment, as authentication data, a common key encrypted using the private key of the transport manager is transmitted from the management server 30 to the wireless communication device 10 via the user terminal 20, and the wireless communication device 10 is used. After verifying the authentication data using the public key of the transportation manager, that is, acquiring the common key by decrypting, the transmission / reception of the baggage data may be performed using encrypted communication using the common key. .. That is, when the encrypted data is composed of the authentication data and the baggage data, the authentication data is transmitted to the wireless communication device 10 before the baggage data, and the wireless communication device 10 verifies the authentication data and is justified. After the sex is confirmed, the baggage data may be transmitted to the wireless communication device 10 in an encrypted state or in an unencrypted state. Even with such a configuration, a reasonable degree of confirmation can be obtained regarding the validity of the transportation information Ib, as compared with a form in which the authentication data is not verified using the public key of the transportation manager at all.

-When the cargo is taken over and transported by different transportation managers, such as when the user transfers to an aircraft operated by a different airline, the validity of the transportation information Ib is confirmed by the following processing, for example. That is, in the same procedure as in the above embodiment, the wireless communication device 10 acquires the key of the transport manager for each of the plurality of transport managers who carry the cargo. The authentication data in the encrypted data includes data generated by using the keys of each of the plurality of transportation managers, and the wireless communication device 10 uses the keys of each transportation manager held by the wireless communication device 10. , The validity of the transportation information Ib is confirmed by verifying the authentication data. For example, the haul information Ib is configured to include information on the first origin, waypoint, and final destination, and the authentication data is a digital signature generated by the private key of the first haul manager. Also includes an electronic signature generated by the private key of the second carrier. Alternatively, the authentication data may include an electronic signature generated by the private key of the first carrier and an electronic signature generated by the private key of the second carrier.

-The transmission of the encrypted data from the user terminal 20 to the wireless communication device 10 may be performed based on the verification of the device ID. That is, the management server 30 stores the device ID in association with information such as the flight of the aircraft to be boarded and the airport of the departure place and the arrival place included in the reservation data. In other words, the management server 30 stores the device ID and the transportation information Ib in association with each other. The user terminal 20 acquires a device ID from the wireless communication device 10 and transmits it to the management server 30, and the control unit 32 of the management server 30 receives the device ID and the transportation information Ib associated with the management server 30. To identify. Then, the management server 30 transmits the encrypted data including the specified transportation information Ib to the wireless communication device 10 via the user terminal 20. With such a configuration, the certainty of specifying the wireless communication device 10 to which the transportation information Ib is transmitted is enhanced.

When the key held by the wireless communication device 10 is different for each wireless communication device 10, the management server 30 manages the key paired with the key held by the wireless communication device 10 in association with the device ID. Then, as described above, a key associated with this device ID may be specified based on the device ID received from the user terminal 20, and encrypted data may be generated using this key. The user ID may be used as the identification information for managing such a key.

Further, as described above, the device ID is used to specify the wireless communication device 10 which is the transmission destination of the transportation information Ib, or the management server 30 associates the user information with the transportation information Ib to the terminal. If the management server 30 specifies the transportation information Ib to be transmitted to the wireless communication device 10 by inputting the user ID, the terminal for transmitting the encrypted data to the wireless communication device 10 is a user terminal owned by the user. Not limited to 20. The terminal for transmitting encrypted data to the wireless communication device 10 may be a terminal installed at an airline counter at an airport or a terminal installed at an arbitrary location such as a store at an airport.

The wireless communication device 10 may store the device ID as a bar code or a two-dimensional code on the surface of the wireless communication device 10 instead of storing the device ID in the control unit 13. In this case, the user terminal 20 is provided with a reading unit corresponding to the format of the device ID, and acquires the device ID by optically reading the device ID. Even if the device ID is not transmitted to the management server 30 via the user terminal 20, the generation of encrypted data using the key and the verification of the authentication data between the wireless communication device 10 and the management server 30 can be performed. If the configuration is such that the validity of the transportation information Ib is confirmed by the operation, the security when using the data used for transportation is enhanced.

-The wireless communication used for communication between the user terminal 20 and the wireless communication device 10 is limited to the communication by NFC or BLE mentioned as a specific example in the flow of each of the above embodiments if it is a short-range wireless communication. do not have. For communication between the user terminal 20 and the wireless communication device 10, various types of communication mentioned as an example of the wireless communication carried by the wireless communication unit 12 in the first embodiment can be used, and encrypted data can be obtained by communication that does not require pairing. May be transmitted from the user terminal 20 to the wireless communication device 10.

-A large number of encrypted data transmitted to the wireless communication device 10 is included in the encrypted data, for example, by including a hash value of baggage data transmitted to another wireless communication device 10 before the encrypted data. The exchange of a large number of encrypted data for each item to be transported by the wireless communication device 10 may be configured to constitute a blockchain.

-The wireless communication device 10 does not include the sensor unit 14, and the sensor data may not be collected and transmitted to an external terminal. The effects of (1) to (5) and (7) above can be obtained even with such a configuration.

The wireless communication device 10 may include a storage unit composed of a flash memory, EEPROM, or the like separate from the MCU. For example, by storing an image template for displaying the transportation information Ib on the display unit 11 in such a storage unit, the amount of data of the transportation data transmitted from the management server 30 to the wireless communication device 10 is reduced. You can also do it.

-The article to which the wireless communication device 10 is attached is not limited to the cargo of an aircraft passenger as long as it is an article to be transported. The article to which the wireless communication device 10 is attached may be an article that requires movement management, such as various articles carried by physical distribution on the ground or by sea, goods transported in a factory, or a courier service. Further, the information included in the transportation information Ib may be set according to the type of the article, the purpose of the transportation, the transportation system, and the transportation information Ib is, for example, the owner of the article, the type and weight of the article, and the like. May contain information about the attributes of the article. In short, the transportation information Ib may be any information that is used at any time in the transportation from the start of the transportation to the completion of the transportation.

Ib ... Transportation information, 10 ... Wireless communication device, 11 ... Display unit, 12 ... Wireless communication unit, 13 ... Control unit, 14 ... Sensor unit, 15 ... Power supply unit, 20 ... User terminal, 21 ... Communication unit, 22 ... Control unit, 23 ... storage unit, 30 ... management server, 31 ... communication unit, 32 ... control unit, 33 ... storage unit.

Claims (4)

A wireless communication device attached to the goods to be transported.
A display unit with a non-volatile information display function and
A control unit that includes a storage area for storing keys used for encrypted communication,
Equipped with a wireless communication unit that performs wireless communication with an external terminal at a short distance,
The wireless communication unit is
Data including transportation information, which is information used for transportation of the goods, and encrypted data including authentication data generated by using the key corresponding to the key is received from the terminal.
The control unit
Based on the verification of the authentication data using the key stored in the storage area, the validity of the transportation information is verified, and the transportation information whose validity has been confirmed is displayed on the display unit. ,
The authentication data is data obtained by encrypting a message digest generated from data showing identification information unique to the wireless communication device during the period in which the article is being transported.
The encrypted data includes unencrypted data indicating the transportation information and the authentication data .
The goods are luggage that is deposited by the passengers of the aircraft and carried by the aircraft.
The transportation information includes information indicating the airport where the passengers arrive and information indicating the flight number of the aircraft on which the goods are loaded.
Wireless communication device. The wireless communication device holds identification information unique to each wireless communication device.
The wireless communication device according to claim 1, wherein the identification information is acquired by an external terminal before receiving the encrypted data. It is equipped with a sensor unit that converts changes in the surrounding environment of the wireless communication device into signals and outputs them.
The wireless communication device according to claim 1 or 2, wherein the wireless communication unit transmits data indicating a change in the environment generated based on the output of the sensor unit during transportation of the article to an external terminal. Wireless communication devices attached to the goods to be transported and
An information communication system including a server that holds a key used for encrypted communication.
The server
Data including transportation information which is information used for transportation of the goods, and encrypted data including authentication data generated by using the key is generated and transmitted to an external terminal.
The wireless communication device is
A display unit with a non-volatile information display function and
A control unit including a storage area containing a key held by the server and a corresponding key, and a control unit.
It is equipped with a wireless communication unit that performs wireless communication with the terminal at a short distance.
The wireless communication unit is
Receive the encrypted data from the terminal and
The control unit
Based on the verification of the authentication data using the key stored in the storage area, the validity of the transportation information is verified, and the transportation information whose validity has been confirmed is displayed on the display unit. ,
The authentication data is data obtained by encrypting a message digest generated from data showing identification information unique to the wireless communication device during the period in which the article is being transported.
The encrypted data includes unencrypted data indicating the transportation information and the authentication data.
The goods are luggage that is deposited by the passengers of the aircraft and carried by the aircraft.
The transportation information includes information indicating the airport where the passengers arrive and information indicating the flight number of the aircraft on which the goods are loaded.
Information communication system.

Images