JP7185989B2 - Time stamp storage agency system and agency system management program - Google Patents

Description

The present invention relates to a time stamp storage proxy system, a proxy system management program, and a proxy system utilization program for proxying storage processing such as deposit and withdrawal of time stamp token files.

For example, a time stamp (time stamp token) is issued by a time stamp authority (time stamp authority) for managed files of electronic data such as documents, images, videos, and sounds, and the managed files are verified using the time stamp token. Time authentication technology that Also, a time stamp storage service that stores a time stamp token in a time stamp storage institution (INPIT) has become widespread.

For example, Patent Literature 1 below describes a technique for storing a hash value generated from an electronic file to be managed in a storage server operated by a public institution.

JP 2016-218554 A

By the way, in order to deposit the timestamp token with the timestamp depository, the user needs to identify the electronic file corresponding to the timestamp token that needs to be deposited. Therefore, the user can identify and manage the electronic files subject to time stamp management among the electronic files owned by the user, and the electronic files for which the time stamp token has been issued and the electronic files for which the time stamp token has not been issued. It is necessary to identify and manage electronic files. However, it is difficult and burdensome for users to identify and manage a large number of electronic files as described above. Thus, it becomes difficult to easily and properly deposit the time-stamped tokens of electronic files with time-stamping institutions.

In addition, while the user's terminal device stores the electronic file subject to time stamp management, the time stamp token is issued by the time stamping authority independently of the electronic file. If the electronic file and the time stamp token are stored independently, it will be difficult to understand and manage them in relation to each other.

Furthermore, each time a time stamp token is deposited or withdrawn from the time stamp storage service, it is necessary to obtain a one-time password issued by the time stamp storage service. Therefore, it may not be possible to smoothly deposit or withdraw the time stamp token, and use of the time stamp storage service is troublesome and troublesome.

SUMMARY OF THE INVENTION The present invention has been made in view of the above problems, for example, and an object of the present invention is to easily and appropriately deposit and withdraw a time stamp token added to a file to be managed to and from a time stamp storage institution. To provide a time stamp storage proxy system, proxy system management program, and proxy system utilization program for performing

In order to solve the above problems, a first time stamp storage agency system of the present invention requests deposit or withdrawal of a time stamp token file consisting of a time stamp token added to a managed file subject to time stamp management. and a time stamp token storage server that deposits or pays out the time stamp token file in response to a request for deposit or payout from the user terminal. and a proxy storage device communicably connected to the user terminal and the time stamp token storage server via a predetermined network, the proxy storage device receiving the time stamp token file from the user terminal. When receiving the proxy request for the deposit together with the time stamp token storage server, the time stamp token file is deposited on behalf of the time stamp token storage server, and the time stamp token file is sent from the user terminal together with the payment identification information of the time stamp token file. When receiving a proxy payment request, the user terminal performs the payment of the time stamp token file from the time stamp token storage server based on the payment identification information. Direct deposit request to the time stamp token storage server and indirect deposit agency to the time stamp token storage server via the storage agent device when the corresponding managed file is specified for deposit The storage agency device transmits the business account of the agency business to the time stamp token storage server and is logged in, and the time stamp token file and the time stamp token file from the user terminal. When receiving a proxy deposit request, a deposit request including the user account of the user of the user terminal and the time stamp token file is transmitted to the time stamp token storage server, and the time stamp token storage server The time stamp token file is deposited in association with the user account and the operator account when a deposit request is received from the storage agency apparatus.

Also, in order to solve the above problems, a first program of the present invention is used to request deposit or withdrawal of a time stamp token file consisting of a time stamp token added to a managed file subject to time stamp management. and a time stamp token storage server that deposits or pays out the time stamp token file in response to a request for deposit or payout from the user terminal. A management program, wherein a storage agent device communicatively connected to the user terminal and the time stamp token storage server via a predetermined network receives the deposit together with the time stamp token file from the user terminal. a step of proxying the deposit of the time stamp token file to the time stamp token storage server when a proxy request is received; a step of proxying the payment of the time stamp token file from the time stamp token storage server based on the payment identification information, when the proxy request for the payment is received together with the payment identification information , and a user account of the user of the user terminal and a business account of an agency business operator, in order to cause the time stamp token storage server to make the deposit of the time stamp token file, the storage agency device associates the business operator account with the time stamp token storage server and logged in to the user terminal, when the proxy request for deposit is received from the user terminal together with the time stamp token file, the deposit request including the user account and the time stamp token file is sent to the time stamp token storage and transmitting to the server are executed by the computer of the storage agency apparatus.

According to the first time stamp storage agent system and the first program of the present invention, every time a user performs storage processing such as depositing or withdrawing a time stamp token file, the user can obtain a one-time password or use the time stamp token. There is no need to perform operations such as logging into the storage server. Therefore, users can deposit and withdraw timestamp token files smoothly, and can use the timestamp storage service without feeling troublesome and troublesome, thus promoting the use of the timestamp storage service. can do. In this way, while maintaining the security of the time stamp storage institution, the time stamp token added to the file to be managed can be easily and appropriately deposited and withdrawn from the time stamp token storage server of the time stamp storage institution. can be done.
Further, according to the first time stamp custody acting system of the present invention, the time stamp token file can be deposited either automatically via the custody acting device or manually by directly accessing the time stamp token custody server. It can be used in combination with a deposit, and convenience can be improved.

A second time stamp storage agency system of the present invention is the first time stamp storage agency system of the present invention described above, in which the user terminal, with respect to the issue of the time stamp token file, stores the original managed file is designated, the time stamp token storage server can be configured so as to be able to select an indirect withdrawal agency request via the storage agency device.

According to the second time stamp custody transfer system of the present invention, it is possible to selectively use automatic payment via the custody transfer service device for the time stamp token file payment, thereby improving convenience. can.

A third timestamp storage agency system of the present invention is the first or second time stamp storage agency system of the present invention described above, wherein the agency request for deposit or withdrawal is made by the user terminal. and execution results of the time stamp token storage server for the deposit or withdrawal request for each user account of the user terminal.

Further, a second program of the present invention is, in the above-described first program of the present invention, The computer of the custody agent apparatus is caused to execute a step of recording execution results by the token custody server in a customer history database for each user account of the user terminal.

According to the third time stamp storage agency system and the second program of the present invention, the storage agency manages and checks the customer history database for the time stamp token file deposited in the time stamp token storage server, User convenience is improved, and it is possible to contribute to the prevention of deposit mistakes and deposit omissions. Also, even if a plurality of time stamp token files are generated and stored for the same file to be managed, the storage agency device checks the time information of each time stamp token file by referring to the customer history database. be able to. Therefore, the storage agency device can determine the oldest time stamp token file when issuing time stamp token files. It can contribute to prevention of mistakes.

According to the present invention, the time stamp storage proxy system, the proxy system management program, and the proxy system usage program easily and appropriately deposit and withdraw the time stamp token added to the file to be managed to and from the time stamp storage institution. make it possible to do

1 is a block diagram showing the configuration of a time stamp storage agency system according to an embodiment of the present invention; FIG. FIG. 4 is an explanatory diagram schematically showing the flow of processing in the time stamp storage agency system according to the embodiment of the present invention; 1 is a block diagram showing configurations of a TST storage server, a proxy storage device, and a user terminal in a proxy timestamp storage system according to an embodiment of the present invention; FIG. 4 is a table showing an example of a history of deposit results of TST files by the TST storage server in the time stamp storage agent system according to the embodiment of the present invention; 4 is a table showing an example of a deposit-related history stored in a customer history DB of a storage agency device in the time stamp storage agency system according to the embodiment of the present invention; FIG. 4 is an explanatory diagram showing an example of a context menu for executing a proxy system utilization program of a user terminal in the proxy timestamp storage system according to the embodiment of the present invention; FIG. 4 is a plan view showing an example of an environment setting screen executed by a proxy system utilization program of a user terminal in the time stamp storage proxy system according to the embodiment of the present invention; FIG. 4 is a plan view showing an example of a TST deposit object list screen executed by a proxy system utilization program of a user terminal in the time stamp storage proxy system according to the embodiment of the present invention; 4 is a flow chart showing the operation of the user terminal of the time stamp storage agent system according to the embodiment of the present invention; 4 is a flow chart showing operations related to adding time stamps to managed files in the time stamp storage agent system according to the embodiment of the present invention. 4 is a flow chart showing operations related to batch verification of managed files in the time stamp storage agency system according to the embodiment of the present invention.

BEST MODE FOR CARRYING OUT THE INVENTION Hereinafter, embodiments of the present invention will be described with reference to the drawings. The following embodiments are preferred specific examples of the present invention and disclose various preferred techniques, but the technical scope of the present invention is not limited to these aspects.

A time stamp storage agent system 1 according to an embodiment of the present invention will be described with reference to FIG. The time stamp storage agent system 1 deposits time stamp tokens 72 (so-called time stamps) issued using a time stamp token issuing server (TST issuing server) 2, a time distribution server 3, and an electronic authentication management server 4. This system is configured to perform a storage process such as payout on behalf of the user (a storage agent), and includes a time stamp token storage server (TST storage server) 5, a storage agent device 6, and a user terminal 7. The TST storage server 5, storage agency device 6, and user terminal 7 are connected to communicate with each other via a network 8 such as the Internet. User terminal 7 is connected to TST issuing server 2 via network 8 , and TST issuing server 2 is connected to time distribution server 3 and electronic authentication management server 4 via network 8 . For convenience of explanation, the timestamp token 72 (see FIG. 2) is sometimes referred to as "TST".

In this embodiment, an electronic file subject to time stamp management is referred to as a managed file 70 (see FIG. 2). The file to be managed 70 includes electronic data such as documents, images, moving images, and audio, and is composed of, for example, a PDF file.

As shown in FIG. 2, a TST 72 based on the hash value 71 of the electronic data can be added to the managed file 70 in order to certify the existence and integrity of the electronic data. TST 72 can be embedded in 70 to form one file. The TST 72 includes, for example, a hash value 71, time information indicating the issue time of the TST 72, an electronic signature for the hash value 71 and the time information, and an electronic certificate for verifying the electronic signature.

The TST issuing server 2 is provided and operated by a time stamping authority (TSA) such as a time stamp authority, and provides a time stamping technology for issuing a TST 72 added to the managed file 70 . In this time authentication technology, TST 72 proves that the electronic data existed at the date and time of issue of TST 72 (existence proof), and proves that the electronic data has not been tampered with after the date and time of issue of TST 72 ( completeness proof).

Specifically, the TST issuing server 2 receives the hash value 71 of the electronic data of the managed file 70 and the request for issuing the TST 72 from the user terminal 7 via the network 8 . The TST issuing server 2 generates time information indicating the issuing time of the TST 72 based on the time delivered from the time delivery server 3 in response to the issuing request. The TST issuing server 2 generates a TST 72 including the received hash value 71 and generated time information. The TST issuing server 2 encrypts the combined data such as the hash value 71 and time information with a predetermined secret key to generate an electronic signature, and adds the electronic signature to the TST 72 . The TST 72 also includes an electronic certificate issued by the electronic authentication management server 4 for the public key paired with the private key. Then, the TST issuing server 2 transmits the TST 72 thus generated to the user terminal 7 which is the source of the issuing request.

The time distribution server 3 is provided and operated by a time distribution agency (TAA), distributes time to the TST issuing server 2 of the time certification agency, and audits the clock of the TST issuing server 2 .

The electronic authentication management server 4 is provided and operated by an electronic authentication authority (CA), and issues and revokes electronic certificates. Specifically, when the electronic authentication management server 4 receives a public key and electronic certificate issuance request from the TST issuing server 2 , it generates an electronic certificate for this public key and transmits it to the TST issuing server 2 . This electronic certificate includes a corresponding public key.

The TST storage server 5 will be explained in detail. The TST storage server 5 is provided and operated by a time stamp storage institution (INPIT), and is a device that provides a time stamp storage service that performs storage processing such as depositing and withdrawing of the TST 72 . When the TST storage server 5 receives a deposit request for the TST file 73 together with a time stamp token file 73 (hereinafter referred to as a TST file) containing the TST 72 from the agent storage device 6 or the user terminal 7 and approves the deposit, Save the TST file 73 . When the TST storage server 5 receives a request for issuing the stored TST file 73 from the proxy storage device 6 or the user terminal 7 and approves the delivery, the TST file 73 is sent to the proxy storage device that sent the delivery request. 6 or to the user terminal 7.

The TST storage server 5 includes, for example, an arithmetic processing unit 11, a storage unit 12, a communication unit 13, an operation unit 14, a display unit 15, and an input/output unit 16, as shown in FIG. The TST storage server 5 also includes functional units such as an account management unit 18, a login processing unit 19, a TST deposit unit 20, a TST payout unit 21, a certificate issuing unit 22, and a storage history processing unit 23. Furthermore, the TST storage server 5 includes a business operator information database (DB) 25, a user information database (DB) 26 and a storage database (DB) 27. FIG.

Note that the functional units of the TST storage server 5 described above may be configured by programs stored in the storage unit 12 and executed by the arithmetic processing unit 11 . That is, the storage unit 12 stores a program for causing a computer to function as the TST storage server 5 having these functional units. In other words, the control device of the TST storage server 5 is configured by the arithmetic processing unit 11 and the storage unit 12 . Further, the TST storage server 5 may define an API for using each functional unit and provide it to the storage agent device 6 .

The arithmetic processing unit 11 is composed of, for example, a CPU (Central Processing Unit). The storage unit 12 includes, for example, a main storage device such as a semiconductor storage device and an auxiliary storage device such as a magnetic storage device. The communication unit 13 is a communication control circuit for communicating with external devices via the network 8 . The operation unit 14 is composed of, for example, a keyboard and a pointing device. The display unit 15 is, for example, a display device such as a display. The input/output unit 16 is an interface that connects to an external storage device such as a USB (Universal Serial Bus) memory or another device such as an optical disk drive device and inputs/outputs data to/from the other device.

The account management unit 18 provides a company account (account ID, password, etc.) to the agency when the time stamp storage institution concludes a contract permitting the agency of the storage agency device 6 to store the TST on behalf of the agency. is given, and the company account is registered in the company information DB 25 and managed. In addition to the business account, the identification number, name, and contact information (address, telephone number, e-mail address, etc.) of the agency are also registered in the business information DB 25 as business information for each agency. you can

In addition, the account management unit 18 provides the user with a user account (account ID, password, etc.) when the time stamp storage institution concludes a contract permitting the user of the user terminal 7 to store the TST. Along with giving it, the user account is registered in the user information DB 26 and managed. In the user information DB 26, in addition to the user account, the user's identification number, name, contact information (address, telephone number, e-mail address, etc.) may also be registered as user information for each user. . For example, the account management unit 18 directly assigns a one-time password to the TST storage server 5 as the password of the user account to the user who performs the storage processing of the TST 72 each time the storage processing is permitted. In addition, the account management unit 18 provides a long-term password that can be used for a long period of time (for example, several months) for proxy storage as a user account password for a user who uses the proxy storage of the proxy storage device 6. to give

The login processing unit 19 refers to the business operator information DB 25 and the user information DB 26 to authenticate the business operator account received from the storage agency device 6 and the user account received from the user terminal 7 . For example, the login processing unit 19 displays a login screen on the proxy storage device 6 or the user terminal 7 using a web page published on the network 8 or an application distributed to the proxy storage device 6 or the user terminal 7 . receive via the network 8 the business account and the user account entered in the . The storage agent device 6 and the user terminal 7 authenticated by the operator account and the user account are connected to each functional unit of the TST storage server 5 (TST deposit unit 20, TST payout unit 21, certificate issuing unit 22 and storage history processing). 23) becomes available.

The TST deposit unit 20 receives a deposit request for the TST file 73 from the custodial agency device 6 or the user terminal 7 . For example, when the TST deposit unit 20 receives a deposit request from the logged-in user terminal 7 , the TST deposit unit 20 identifies the user based on the user account of the user terminal 7 . In this case, the deposit request includes, for example, a TST file 73 consisting of a TST 72 added to the managed file 70 . The TST deposit unit 20 assigns and assigns a management number to the TST file 73 , associates it with the user account, and deposits (stores) the TST file 73 and the user account in the storage DB 27 .

Further, when receiving a deposit request from the logged-in custody transfer apparatus 6 , the TST deposit unit 20 identifies the transfer agent based on the business account of the custody transfer apparatus 6 . In this case, the deposit request includes, for example, the TST file 73 consisting of the TST 72 added to the managed file 70 and the user account of the user to whom the deposit request is made. The TST deposit unit 20 assigns and assigns a management number to the TST file 73, associates it with the user account and the company account, and deposits the TST file 73, the user account and the company account in the storage DB 27 ( store).

The TST deposit unit 20 transmits the deposit result history generated by the storage history processing unit 23 to the storage agent device 6 and the user terminal 7 as a response to the deposit request regardless of whether the deposit is successful or unsuccessful. For example, the history of deposit results includes, as shown in FIG. 4, the date and time of deposit, item number in order of transmission, deposit result (OK or NG), management number, file name, account ID of user account, and the like.

The TST payout unit 21 accepts a payout request for the TST file 73 from the storage agency device 6 or the user terminal 7 . For example, when the TST payout unit 21 receives a payout request from the logged-in user terminal 7 , the TST payout unit 21 identifies the user based on the user account of the user terminal 7 . In this case, the payout request includes, for example, payout identification information such as the management number assigned to the TST file 73 at the time of deposit and the hash value 71 of the original managed file 70 . The TST payout unit 21 searches the corresponding TST file 73 by referring to the storage DB 27 based on the user account and payout identification information. When the corresponding TST file 73 can be retrieved, the TST issuing unit 21 issues (transmits) the TST file 73 to the user terminal 7 . On the other hand, if the corresponding TST file 73 cannot be retrieved, the TST issuing unit 21 may return an error that the TST file 73 does not exist.

Further, when receiving a payment request from the logged-in storage agency device 6 , the TST payment unit 21 identifies the agency business operator based on the business account of the storage agency device 6 . In this case, the withdrawal request includes, for example, the management number given to the TST file 73 at the time of deposit, the withdrawal identification information such as the hash value 71 of the original managed file 70, and the user who is the substitute for the withdrawal request. Accounts and. The TST payout unit 21 searches the corresponding TST file 73 by referring to the storage DB 27 based on the user account and payout identification information. At this time, the business account may be used to narrow down the search. When the corresponding TST file 73 can be retrieved, the TST issuing unit 21 issues (transmits) the TST file 73 to the storage agency device 6 . On the other hand, if the corresponding TST file 73 cannot be retrieved, the TST issuing unit 21 may return an error that the TST file 73 does not exist.

The TST payout unit 21 transmits the payout result history generated by the storage history processing unit 23 to the proxy storage device 6 or the user terminal 7 as a response to the payout request regardless of whether the payout is successful or unsuccessful.

When the TST issuing unit 21 can retrieve the TST file 73, the certificate issuing unit 22 creates a deposit certificate 74 that certifies that the TST file 73 has been deposited, and sends the TST file 73 to the custodial agent device 6 or the user. to the user terminal 7.

The storage history processing unit 23 generates a history of deposit results by the TST deposit unit 20 and payout results by the TST payout unit 21 . The storage history processing unit 23 may store the history of deposit results and withdrawal results in the storage DB 27 in association with the TST file 73 .

The storage agency device 6 will be described in detail. The custodial agency device 6 is a device operated by an agency that performs custodial processing such as deposit and withdrawal of the TST file 73 (custodial agency). In FIG. 1 , one custody transfer apparatus 6 is illustrated, but a plurality of custody transfer apparatus 6 may be connected to one TST storage server 5 . Upon receipt of a proxy deposit request for the TST file 73 from the user terminal 7, the proxy storage device 6 accesses the TST storage server 5 instead of the user terminal 7 to proxy the deposit request. When a proxy storage device 6 receives a proxy delivery request for a TST file 73 stored in a TST storage server 5 from a user terminal 7, it accesses the TST storage server 5 in place of the user terminal 7 and executes the delivery request. .

The storage agent device 6 includes, for example, an arithmetic processing unit 31, a storage unit 32, a communication unit 33, an operation unit 34, a display unit 35, and an input/output unit 36, similar to the TST storage server 5. FIG. Further, the storage agent device 6 includes functional units such as an account management unit 38, a login processing unit 39, a TST deposit agent unit 40, a TST withdrawal agent unit 41, and a storage history processing unit . Further, the storage agency device 6 has a customer history database (DB) 44 .

Note that the functional units of the storage agent device 6 described above may be configured by programs stored in the storage unit 32 and executed by the arithmetic processing unit 31 . That is, the storage unit 32 stores a program (agent system management program) for causing a computer to function as the agent storage device 6 having these functional units. In other words, the control device of the storage agency device 6 is configured by the arithmetic processing unit 31 and the storage unit 32 . The proxy system management program may be started when the proxy storage device 6 is started, or may be started in response to the operation of the proxy storage device 6 .

The account management unit 38 stores and manages in the storage unit 32 an enterprise account used when the storage agency device 6 logs in to the TST storage server 5 . Further, the account management unit 38 assigns a customer account (account ID, password, etc.) to the user when the agent company makes a contract to allow the user to store the TST file 73 on behalf of the user. A customer account is registered in a storage unit 32 or a customer history DB 44 and managed.

The customer history DB 44 also stores a history of deposits and withdrawals in the TST file 73 for each customer account. For example, as shown in FIG. 5, the deposit history includes the deposit date and time of the TST file 73, the management number, the file name, the account ID of the user account, the TST issuance date and time (time information), the hash value, and the like. . In addition to the customer account, the user's identification number, name, contact information (address, telephone number, e-mail address, etc.) are also registered as customer information for each user registered in the storage unit 32 and the customer history DB 44. good. The same customer information as the user information registered in the user information DB 26 of the TST storage server 5 may be used as this customer information, or different information newly added by the storage agency device 6 may be used. In the latter case, the customer history DB 44 associates a customer account with which the user obtains permission to use the storage agency device 6 and a user account with which the user obtains permission to use the TST storage server 5. may be stored.

The login processing unit 39 sends the business operator account stored in the storage unit 32 to the login processing unit 19 of the TST storage server 5 , thereby causing the proxy storage device 6 to log in to the TST storage server 5 . For example, the login processing unit 39 executes such login processing when the proxy storage device 6 is activated. It should be noted that the storage agency apparatus 6 continues to be logged in during operation, that is, maintains the logged-in state at all times.

The login processing unit 39 authenticates the customer account received from the user terminal 7 by referring to the storage unit 32 and the customer history DB 44 . For example, the login processing unit 39 displays a login screen on the user terminal 7 using a web page published on the network 8 or an application distributed to the user terminal 7, and transfers the customer account entered on the login screen to the network 8. to receive via The user terminal 7 whose customer account has been authenticated can use each functional unit (TST deposit agency unit 40, TST withdrawal agency unit 41, and storage history processing unit 42) of the storage agency device 6. FIG.

The TST deposit agency unit 40 receives a deposit agency request for the TST file 73 from the user terminal 7 . The proxy deposit request includes, for example, a TST file 73 consisting of a TST 72 added to the file to be managed 70 and the user account of the user for whom the deposit request is proxy. The TST deposit agent unit 40 may grasp the user account from the deposit agent request from the user terminal 7 in this way. The user account may be grasped based on the customer account of the terminal 7, or if the customer history DB 44 stores the customer account and the user account in association with each other, the logged-in user terminal 7 The user account may be grasped by referring to the customer history DB 44 based on the customer account.

The TST deposit agency unit 40 deposits the TST file 73 in the TST storage server 5 by sending a deposit request including the TST file 73 and the user account to the TST deposit unit 20 of the TST storage server 5 . The TST deposit agency unit 40 refers to the customer history DB 44 based on the deposit agency request from the user terminal 7, and confirms that the TST file 73 for which the deposit agency request has been requested has already been deposited in the TST storage server 5. If determined, it is preferable to notify the user terminal 7 that the deposit has been completed without transmitting a deposit request, and display and inform the user that the deposit has been completed.

The TST dispensing proxy unit 41 receives a proxy dispensing request for the TST file 73 from the user terminal 7 . The withdrawal request includes, for example, the management number given to the TST file 73 at the time of deposit, the withdrawal identification information such as the hash value 71 of the original managed file 70, and the user account of the user who is acting as the withdrawal request. is included. The TST payment agency unit 41 may grasp the user account by the payment proxy request from the user terminal 7 in this way, but if the customer account and the user account are the same, the logged-in user The user account may be grasped based on the customer account of the terminal 7, or if the customer history DB 44 stores the customer account and the user account in association with each other, the logged-in user terminal 7 The user account may be grasped by referring to the customer history DB 44 based on the customer account.

When the payout identification information is the hash value 71, the TST payout agency unit 41 refers to the deposit result history of the customer history DB 44 based on this hash value 71, and searches for the management number of the TST file 73 corresponding to the hash value 71. do. Incidentally, referring to the customer history DB 44, when TST files 73 having the same hash value 71 and different time information are stored in the TST storage server 5, the TST dispensing agency unit 41 The TST file 73 to be paid out is determined based on the "TST file payout target" 92 (see FIG. 7) of the agent setting of the environment setting of the terminal 7. FIG. For example, when the "TST file payout target" 92 is the "oldest TST file", the TST payout agency unit 41 selects the TST file 73 with the oldest time information as the payout target based on the deposit result history of the customer history DB 44. Judge as. The TST payout agency unit 41 transmits a payout request containing the management number of these TST files 73 and the user account to the TST payout unit 21 of the TST storage server 5 .

The TST payout agency unit 41 receives the TST file 73 from the TST payout unit 21 as a response to the payout request. Further, the TST withdrawal agency unit 41, when the "issuance of deposit certificate" 93 (see FIG. 7) of the agent setting of the environment setting of the user terminal 7 included in the withdrawal agency request is "issue", A request for issuing a deposit certificate 74 is transmitted to the certificate issuing unit 22 of the TST storage server 5 together with the request for withdrawal. The TST payout agency unit 41 receives the deposit certificate 74 from the certificate issuing unit 22 as a response to the issue request. The TST payout agency unit 41 transmits the TST file 73 and the deposit certificate 74 received from the TST storage server 5 to the user terminal 7 as a response to the payout agency request from the user terminal 7 . At this time, the TST payment agency unit 41 changes the file name of the deposit certificate 74 received from the certificate issuing unit 22 to a name including the file name of the corresponding managed file 70 and the date and time of issue of the deposit certificate 74. good.

When the TST deposit agent unit 40 transmits a deposit request to the TST storage server 5 in response to the deposit agent request from the user terminal 7, the storage history processing unit 42 stores and manages the deposit request history in the customer history DB 44. . The deposit request history includes information related to the deposit request, such as identification information of the TST file 73 (e.g., hash value 71 and time information), reception date and time of the deposit proxy request, date and time of transmission of the deposit request, etc., and associates them with the customer account. stored.

When the TST deposit agency unit 40 receives the deposit result history from the storage history processing unit 23 of the TST storage server 5, the storage history processing unit 42 stores and manages it in the customer history DB 44. FIG. The deposit result history includes, as information related to the deposit result, for example, identification information of the TST file 73 (e.g., hash value 71, management number and time information), date and time of receipt of deposit request, date and time of execution of deposit, success or failure of deposit. is stored in association with the customer account. When the deposit result is successful, the storage history processing unit 42 counts the corresponding deposit agency request as a billing target, and stores and manages the billing status in the deposit result history of the customer history DB 44 . The storage history processing unit 42 may also transmit the deposit result history to the user terminal 7 in response to a request from the user terminal 7 .

A storage history processing unit 42 stores and manages a payment request history in a customer history DB 44 when the TST payment agency unit 41 transmits a payment request to the TST storage server 5 in response to the payment proxy request from the user terminal 7. . The payout request history includes information related to payout requests, such as identification information of the TST file 73 (e.g., hash value 71, management number and time information), receipt date and time of payout proxy request, date and time of payout request transmission, etc. Stored in association with an account.

The storage history processing unit 42, when the TST payout agency unit 41 receives the payout result from the storage history processing unit 23 of the TST storage server 5, stores it in the customer history DB 44 and manages it. The payout result history includes information related to payout results, such as identification information of the TST file 73 (e.g., hash value 71, management number and time information), date and time of receipt of payout request, date and time of payout execution, success or failure of payout. is stored in association with the customer account. When the payout result is successful, the storage history processing unit 42 counts the corresponding payout agency request as a billing target, and stores and manages the billing status in the payout result history of the customer history DB 44 . In addition, the storage history processing section 42 may transmit the payout result history to the user terminal 7 in response to a request from the user terminal 7 .

The user terminal 7 will be explained in detail. The user terminal 7 is a device such as a personal computer used by a user who utilizes the issuance and storage of the TST 72 for proof of existence and proof of integrity of the file 70 to be managed. Although one user terminal 7 is illustrated in FIG. of user terminals 7 may be connected. The user terminal 7 manually communicates with the TST storage server 5 according to the user's operation, or automatically communicates with the TST storage server 5 via the storage agent device 6 to store the file to be managed. Deposit and withdrawal of TST file 73 consisting of TST 72 added to 70 are executed.

The user terminal 7 includes, for example, an arithmetic processing unit 51 , a storage unit 52 , a communication unit 53 , an operation unit 54 , a display unit 55 and an input/output unit 56 like the TST storage server 5 and storage agency device 6 . The user terminal 7 also includes an account management unit 58, a time stamp addition unit 59, a TST deposit request unit 60, a TST deposit proxy request unit 61, a time stamp verification unit 62, a TST payout request unit 63, and a TST payout proxy request unit 64. etc. are provided.

Note that the functional units of the user terminal 7 described above may be configured by programs stored in the storage unit 52 and executed by the arithmetic processing unit 51 . That is, the storage unit 52 stores a program (agent system use program) for causing a computer to function as the user terminal 7 having these functional units. In other words, the control device of the user terminal 7 is configured by the arithmetic processing unit 51 and the storage unit 52 .

The proxy system utilization program may be started when the user terminal 7 is started, or may be started according to the operation of the user terminal 7 . The proxy system use program, when activated, sends the customer account of the user terminal 7 to the proxy storage device 6 and causes the user terminal 7 to log in to the proxy storage device 6 .

The proxy system utilization program executes various processes such as time stamp addition, time stamp verification, certificate issuance, environment setting, etc. according to the user's operation. The proxy system utilization program enables selection of either manual deposit or proxy deposit as time stamp addition, and enables selection of either manual withdrawal or proxy payment as time stamp verification. The proxy system use program enables setting of various setting conditions such as system setting, time stamp setting, file setting, collective verification setting, and proxy business setting as environment setting.

The proxy system utilization program provides the user with an interface such as a GUI (graphical user interface) that accepts the operations of the various processes described above. Operation items for various processes are displayed and made operable by the operation unit 54 . For example, as shown in FIG. 6, in the context menu when a predetermined file 70 to be managed is specified in the operating system of the user terminal 7, an operation item "agent system use program" is displayed.

In the context menu, if you select ``Substitute system usage program'', ``Image information selection'', ``Time stamping'', ``CSV output for search information setting'', ``Bulk verification'', ``Issuance of deposit certificate'', `` Operation items such as “Environment setting” are displayed.

When "time stamping" is selected, further selection items of "TST file manual deposit" and "TST file proxy deposit" are displayed. When "TST file manual deposit" is selected, the proxy system use program executes time stamp adding section 59 and TST deposit requesting section 60, and when "TST file proxy deposit" is selected, time stamp adding section 59 is executed. and the TST deposit agency requesting unit 61 is executed.

When "Batch Verification" is selected, further selection items of "TST File Manual Issue" and "TST File Proxy Issue" are displayed. When "TST file manual issue" is selected, the substitution system utilization program executes time stamp verification unit 62 and TST issuance request unit 63, and when "TST file substitution distribution" is selected, timestamp verification unit 62 is executed. and the TST payout proxy requesting unit 64 is executed.

When "environment setting" is selected, the substitute system use program displays an environment setting screen 80 on the display unit 55 as shown in FIG. The environment setting screen 80 includes, for example, a system setting tab 81 for making system settings, a time stamp setting tab 82 for making time stamp settings, and a file/batch verification setting tab 83 for making file settings and batch verification settings. , an agency setting tab 84 for setting an agency is displayed.

In the system setting tab 81, for example, setting conditions for a license for using the substitute system use program in the context menu, communication of the TST issuing server 2, Internet connection environment, operation log of the substitute system use program, time stamp generation log, etc. display the system settings screen where you can set

The time stamp setting tab 82 displays a time stamp setting screen on which setting conditions can be set for, for example, the imprint of the time stamp, the verification at the time of time stamp generation, the date and time format, the display of the time zone, and the like.

The file/batch verification setting tab 83 displays a file/batch verification setting screen on which setting conditions can be set for, for example, the managed file 70, input person information, time stamp verification, and the like.

As shown in FIG. 7, in the agent setting tab 84, "agent designation" 85, "account ID" 86, "password" 87, "deposit TST file folder" 88, "withdrawal TST file folder" 89, An agent setting screen on which setting conditions such as "deposit certificate folder" 90, "TST file deposit target" 91, "TST file withdrawal target" 92, and "whether or not to issue a deposit certificate" 93 can be set is displayed.

When a user who has made a contract with an agency to deposit and withdraw the TST file 73 to and from the TST storage server 5 (time stamp storage institution) accesses the storage agency device 6, the "agent designation" 85 is entered. Set access information such as the URL of

"Account ID" 86 and "Password" 87 are provided by the time stamp storage institution for authentication by a user who has made a contract/registered with the time stamp storage institution in advance in order to use the TST storage server 5. Preconfigure user accounts. The agency system utilization program can use a preset user account to access the TST storage server 5 via the storage agency device 6 to deposit and withdraw the TST file 73 .

In the "account ID" 86, the user sets a unique ID given by the time stamp storage institution as a user account. The “account ID” 86 may be an ID that is common both when the user terminal 7 communicates directly with the TST storage server 5 and when it communicates indirectly via the storage agent device 6 . “Password” 87 sets a long-term password used when the user terminal 7 indirectly communicates with the TST storage server 5 via the storage agent device 6 .

In the “deposited TST file folder” 88, a folder for saving the TST file 73 that the user terminal 7 deposits in the TST storage server 5 via the proxy storage device 6 is set. The TST deposit agency requesting unit 61 transmits the TST file 73 from this folder to the storage agency apparatus 6 as a deposit target.

In the "disbursed TST file folder" 89, the TST sent from the TST storage server 5 to the user terminal 7 via the storage proxy device 6 as a result of the payment proxy request by the TST payment proxy request unit 64 of the user terminal 7 is stored. Set the folder where the file 73 is to be saved.

In the "deposit certificate folder" 90, the deposit sent from the TST storage server 5 to the user terminal 7 via the storage agency device 6 as a result of the payment agency request by the TST payment agency request unit 64 of the user terminal 7 is stored. Set the folder where the certificate 74 is to be saved.

In the "TST file deposit target" 91, selection items such as "all TST files", "selected TST files", and "no deposit" are displayed. If "all TST files" is selected, all the TST files 73 of the files 70 to be managed specified by the user at the time of the deposit proxy request are subject to the deposit proxy request. If "selected TST files only" is selected, a TST deposit object list screen 95 (see FIG. 8) is displayed at the time of the deposit agency request, and only the TST file 73 selected on this screen is subject to the deposit agency request. . If "do not deposit" is selected, the TST file 73 deposit proxy request is not performed.

In the "TST file issue target" 92, selection items of "oldest TST file" and "latest TST file" are displayed. When "oldest TST file only" is selected, when a plurality of TST files 73 are stored in the TST storage server 5 for the file 70 to be managed specified by the user, the TST 73 file with the oldest time information is issued by proxy. subject to request. When "only the latest TST file" is selected, when a plurality of TST files 73 are stored in the TST storage server 5 for the file 70 to be managed specified by the user, the TST file 73 with the latest time information is issued by proxy. subject to request.

In the "whether or not a deposit certificate is issued" 93, selection items of "issue" and "not issue" are displayed. When "Issue" is selected, the issuance of the deposit certificate 74 is also requested in the withdrawal proxy request by the TST withdrawal proxy request unit 64 of the user terminal 7, and the deposit certificate 74 is stored from the TST storage server 5 together with the TST file 73. It is transmitted to the user terminal 7 via the proxy device 6 . If "do not issue" is selected, the issuance of the deposit certificate 74 is not requested in the payment proxy request by the TST payment proxy request unit 64 of the user terminal 7, and only the TST file 73 is transferred from the TST storage server 5 to the storage proxy device 6. is sent to the user terminal 7 via the

The account management unit 58 stores and manages the user account used when the user terminal 7 logs into the TST storage server 5 in the storage unit 52, and also stores and manages the user account used when the user terminal 7 logs into the storage agent device 6. The customer account used for this purpose is stored in the storage unit 52 and managed. Note that the account management unit 58 previously acquires and stores a long-term password from the TST storage server 5 as a user account.

The time stamp adding unit 59 acquires the TST 72 from the TST issuing server 2 for the managed file 70 specified by the user, adds the TST 72 to the managed file 70, and generates a TST file 73 consisting of the TST 72. . Note that the time stamp adding unit 59 may be specified by the user for a plurality of files 70 to be managed, or may be specified by the user for a folder containing a plurality of files 70 to be managed.

Specifically, the time stamp adding unit 59 calculates a hash value 71 using a predetermined hash function based on the electronic data of the file 70 to be managed, and sends a TST 72 issue request together with the hash value 71 to the communication unit 13 and It is transmitted to the TST issuing server 2 via the network 8 . Time stamp adding unit 59 receives TST 72 corresponding to the issue request from TST issuing server 2 via network 8 and communication unit 13 . The time stamp adding unit 59 temporarily stores the received TST 72 in the storage unit 52, adds the TST 72 to the file to be managed 70, and generates a TST file 73 including the TST 72. FIG. Also, the time stamp adding unit 59 deposits the generated TST file 73 in the TST storage server 5 . The deposit of the TST file 73 is performed by the TST deposit requesting section 60 and the TST deposit proxy requesting section 61 .

The TST deposit request unit 60 deposits the TST file 73 to the TST storage server 5 through direct communication between the user terminal 7 and the TST storage server 5 . Specifically, the TST deposit request unit 60 first requests the TST storage server 5 to deposit the TST file 73 and acquires the one-time password from the TST storage server 5 . The TST deposit requesting unit 60 transmits the user account of the user terminal 7 including this one-time password to the TST storage server 5 and causes the user terminal 7 to log in to the TST storage server 5 . The TST deposit request unit 60 deposits the TST file 73 in the TST storage server 5 by transmitting a deposit request to the TST storage server 5 together with the TST file 73 of the file 70 to be managed designated by the user.

The TST deposit agency requesting unit 61 deposits the TST file 73 to the TST storage server 5 through indirect communication between the user terminal 7 and the TST storage server 5 , that is, communication via the storage agency device 6 . Specifically, the TST deposit agency requesting unit 61 first confirms the "TST file deposit target" 91 in the agency setting of the environmental settings. When the "TST file deposit target" 91 is "all TST files", the TST deposit agency requesting unit 61 checks all the TST files generated by the time stamp adding unit 59 for the management target file 70 specified by the user. All the TST files 73 are deposited in the TST storage server 5 by sending a deposit agency request to the storage agency device 6 together with the user account including the long-term password 73 .

When the "TST file deposit object" 91 is the "selected TST file", the TST deposit agency requesting unit 61 displays a TST deposit object list screen 95 on the display unit 55 as shown in FIG. On the TST deposit target list screen 95, the file name of the management target file 70 designated by the user, the check box of the deposit target, the date and time of issue of the TST file 73 (time information), the account ID of the user account at the time of deposit, etc. Is displayed. The TST deposit agency requesting unit 61 treats only the management object files 70 whose check boxes for deposit objects are checked as TST file deposit objects, and corresponds to the TST file deposit object among the TST files 73 generated by the time stamp adding unit 59. The selected TST file 73 is deposited in the TST storage server 5 by transmitting a deposit agency request to the storage agency device 6 together with the TST file 73 and the user account including the long-term password.

The time stamp verification unit 62 compares the TST 72 added to the managed file 70 specified by the user with the TST 72 stored in the TST storage server 5 corresponding to this managed file 70, Existence proof, integrity proof, etc. of the managed file 70 are verified. For example, the time stamp verification unit 62 uses the hash function used by the time stamp addition unit 59 to calculate the hash value 71 of the managed file 70 . Also, the time stamp verifying unit 62 issues the TST file 73 corresponding to the managed file 70 from the TST storage server 5 and extracts the hash value 71 from the TST 72 of this TST file 73 . Then, the time stamp verification unit 62 performs verification by comparing these hash values 71 . The TST file 73 is issued by the TST issue request section 63 and the TST issue proxy request section 64 .

The TST issue requesting unit 63 issues the TST file 73 from the TST storage server 5 through direct communication between the user terminal 7 and the TST storage server 5 . Specifically, the TST payout request unit 63 first requests the TST storage server 5 to pay out the TST file 73 and acquires the one-time password from the TST storage server 5 . The TST payout request unit 63 transmits the user account of the user terminal 7 including this one-time password to the TST storage server 5 to log the user terminal 7 into the TST storage server 5 . The TST payout request unit 63 calculates the hash value 71 of the file 70 to be managed designated by the user as payout identification information, and stores this hash value 71 and other information (file name, time information, etc.) about the file 70 to be managed. In addition, by transmitting a release request to the TST storage server 5 , the TST file 73 corresponding to the file 70 to be managed is delivered from the TST storage server 5 . The TST payout request unit 63 receives the TST file 73 and deposit certificate 74 transmitted from the TST storage server 5 in response to the payout request.

The TST dispensing agency requesting unit 64 issues the TST file 73 from the TST storage server 5 through indirect communication between the user terminal 7 and the TST storage server 5 , that is, communication via the storage agency device 6 . Specifically, the TST payment agency requesting unit 64 calculates the hash value 71 of the file 70 to be managed designated by the user as the payment identification information, and uses the hash value 71, the user account including the long-term password, A TST file 73 corresponding to the managed file 70 is delivered from the TST storage server 5 by transmitting a delivery agency request to the storage agency device 6 together with other information (file name, time information, etc.) related to the managed file 70 . The withdrawal agency request includes "TST file withdrawal target" 92 and "whether or not deposit certificate is issued" 93 set by the agency. The TST withdrawal proxy request unit 64 receives the TST file 73 and deposit certificate 74 transmitted from the TST storage server 5 via the storage proxy device 6 in response to the payment proxy request.

Next, the operation of the time stamp storage proxy system 1 of this embodiment will be described with reference to the flow charts of FIGS. 9, 10 and 11. FIG.

First, in the time stamp storage agency system 1, a user concludes a contract with the time stamp storage agency and the agency business regarding storage processing of the TST file 73 via the agency business, and a user account given by the time stamp storage agency. and a customer account provided by the agent is set in the user terminal 7.

In the user terminal 7, verification software for verifying the managed file 70 is started as shown in FIG. 9 at the time of startup or in accordance with the user's operation (step S1). This verification software incorporates a substitute system utilization program, and also activates the substitute system utilization program.

In the user terminal 7, when the management target file 70 is specified using the operation unit 54 or the display unit 55 (step S2: YES), a context menu display operation (for example, a right click of the mouse on the operation unit 54) is performed. ) is performed, a context menu (see FIG. 6) for the managed file 70 is displayed on the display unit 55 . By operating this context menu, the substitute system utilization program is executed.

In the following, the operation associated with the deposit proxy request of the TST file 73 will be described with respect to time stamping of the proxy system utilization program. When "time stamp addition" of the context menu displayed on the display unit 55 is operated (step S3: YES), TST addition processing is performed as an operation of adding a time stamp to the specified managed file 70. (Step S4).

As shown in FIG. 10, the TST addition process is started at the user terminal 7. First, the time stamp adding unit 59 calculates the hash value 71 of the managed file 70 (step S11), and the calculated hash value 71 At the same time, a request for issuing TST 72 is sent to the TST issuing server 2 (step S12).

The TST issuing server 2 issues (assigns) the TST 72 to the hash value 71 (file 70 to be managed) in response to the issuing request received from the user terminal 7 and transmits the TST 72 to the user terminal 7 .

When the user terminal 7 receives the TST 72 issued by the TST issuing server 2 (step S13), the time stamp adding unit 59 adds the received TST 72 to the management target file 70, and further creates a TST file 73 composed of the TST 72. is generated (step S14). In addition, in order for the user terminal 7 to store the generated TST file 73 in the TST storage server 5, the TST deposit agency request unit 61 transmits a deposit agency request to the storage agency device 6 together with the TST file 73 and the user account. (step S15). At this time, if the "TST file deposit target" 91 in the agency setting of the environment setting is "selected TST file", the TST deposit agency request unit 61 displays the TST deposit target list screen 95 (see FIG. 8). The TST file 73 to be displayed and transmitted to the storage agency device 6 is selected.

When the custodial agency device 6 receives the deposit agency request together with the TST file 73 and the user account from the user terminal 7 (step S21), the TST deposit agency unit 40 responds to the deposit agency request and stores the received TST file 73. and a deposit request together with the user account to the TST storage server 5 (step S22). At this time, the storage history processing unit 42 stores the deposit request history to the TST storage server 5 in the customer history DB 44 .

When the TST storage server 5 receives the deposit request together with the TST file 73 and the user account from the storage agency device 6 (step S31), the TST deposit unit 20 selects the user who deposits the TST file 73 based on the user account. A management number is assigned to the TST file 73 (step S32). Also, the TST deposit unit 20 deposits the TST file 73 together with the user account and the management number into the storage DB 27 (step S33). At this time, the storage history processing unit 23 generates a history of deposit results (OK or NG) of the TST file 73 by the TST deposit unit 20, and transmits the deposit result history to the custodial agency device 6 as a response to the deposit request. (Step S34).

When the storage agent device 6 receives the deposit result history from the TST storage server 5 (step S23), the storage history processing unit 42 stores the deposit result history in the customer history DB 44 (step S24). In addition, the TST deposit agency unit 40 or the storage history processing unit 42 transmits the deposit result history to the user terminal 7 as a response to the deposit agency request (step S25).

When the user terminal 7 receives the deposit result history from the storage agency device 6 (step S16), the deposit result is displayed on the display unit 55 (step S17), and the TST giving process ends.

In this way, the user terminal 7 designates the file to be managed 70 (step S2: YES) and selects "add time stamp" from the context menu while the verification software is running (step S1, step S7: NO). By the operation (step S3: YES), the TST file 73 can be deposited in the TST storage server 5 via the storage proxy device 6 as well as the addition of the TST 72 to the file 70 to be managed.

Next, a description will be given of the operation related to the proxy dispensing request for the TST file 73 using the program for using the proxy system. When "verify collectively" in the context menu displayed on the display unit 55 is operated (step S5: YES), the process moves to verification processing (step S6) as an operation for verifying the designated managed file 70. FIG.

As shown in FIG. 11, the verification process is started at the user terminal 7. First, the time stamp verification unit 62 verifies the designated managed file 70 by verifying the hash value 71 of the managed file 70. is calculated (step S41). In addition, in order for the TST issue requesting unit 63 to issue the TST file 73 used for verification of the managed file 70 from the TST storage server 5, the calculated hash value 71 and a proxy issue request for the TST file 73 are sent to the storage agent device 6. Send (step S42). Note that the TST withdrawal requesting unit 63 includes the "whether or not a deposit certificate is issued" 93 in the agent setting of the environmental settings in the withdrawal agent request.

When the proxy storage device 6 receives the proxy withdrawal request together with the hash value 71 from the user terminal 7 (step S51), the TST payment proxy unit 41 stores the customer history DB 44 based on the hash value 71 in response to the proxy withdrawal request. to search for the management number of the TST file 73 corresponding to the hash value 71 (the managed file 70 to be verified) (step S52). Further, the TST dispensing agency unit 41 transmits a request for dispensing the TST file 73 together with the searched management number to the TST storage server 5 (step S53). At this time, the storage history processing unit 42 stores the payout request history to the TST storage server 5 in the customer history DB 44 . It should be noted that the TST withdrawal agency unit 41 also includes in the withdrawal request the "whether or not a deposit certificate is issued" 93 set by the agency operator included in the withdrawal agency request.

When the TST storage server 5 receives a withdrawal request together with the management number from the storage agent device 6 (step S61), the TST withdrawal unit 21 refers to the storage DB 27 based on the management number and obtains the management number (the management object to be verified). The TST file 73 corresponding to the file 70) is retrieved (step S62). Further, the TST payout unit 21 transmits the searched TST file 73 to the storage agent device 6 as a response to the payout request (step S63). At this time, if the "whether or not a deposit certificate is issued" 93 in the agency setting included in the withdrawal request is "issue", the certificate issuing unit 22 creates and stores the deposit certificate 74 in the TST file 73. Send to proxy device 6 . The storage history processing unit 23 also generates a history of the result (OK or NG) of the output of the TST file 73 by the TST output unit 21 and transmits it to the proxy storage device 6 .

When the proxy storage device 6 receives the TST file 73 from the TST storage server 5 (step S54), the TST dispensing proxy unit 41 transmits the received TST file 73 to the user terminal 7 as a response to the proxy dispensing request (step S54). step S55). At this time, when the proxy storage device 6 receives the deposit certificate 74 from the TST storage server 5 , the TST withdrawal proxy unit 41 similarly transmits the received deposit certificate 74 to the user terminal 7 . Further, when the storage agency device 6 receives the payout result history from the TST storage server 5, the storage history processing unit 42 stores the payout result history in the customer history DB 44 (step S56).

When the user terminal 7 receives the TST file 73 issued from the TST storage server 5 (issued TST file 73) from the storage agent device 6 (step S43), the time stamp verification unit 62 uses the issued TST file 73 to Verification of the managed file 70 is performed.

Specifically, the time stamp verification unit 62 extracts the electronic certificate included in the TST72 of the issued TST file 73 (issued TST72), confirms that the expiration date of the electronic certificate has not passed, and confirms that the electronic certificate has expired. make sure it's not. The time stamp verification unit 62 verifies that the signature of the electronic certificate is normal, and further verifies the signature of the payout TST 72 using the public key of the normal electronic certificate. The time stamp verification unit 62 acquires the hash value 71 included in the payout TST 72 (step S44). Then, the time stamp verification unit 62 compares the hash value 71 calculated from the managed file 70 to be verified with the hash value 71 acquired from the payout TST 72 to prove the existence, completeness, etc. of the managed file 70 . is verified (step S45).

The user terminal 7 displays the verification result of the managed file 70 on the display unit 55 (step S46), and the verification process ends. Further, when the payout result of the TST file 73 from the TST storage server 5 is NG, the user terminal 7 displays the payout result on the display unit 55 as a verification result.

In this way, the user terminal 7 designates the file to be managed 70 (step S2: YES) and operates "batch verification" on the context menu while the verification software is running (step S1, step S7: NO). By (step S5: YES), the TST file 73 can be delivered from the TST storage server 5 via the storage agency device 6, and the managed file 70 can be verified.

As described above, according to this embodiment, the time stamp storage agency system 1 allows a user who requests deposit or withdrawal of a TST file 73 consisting of a TST 72 added to a managed file 70 subject to time stamp management. A terminal 7 and a TST storage server 5 for depositing or withdrawing a TST file 73 in response to a deposit or withdrawal request from the user terminal 7 . The time stamp storage proxy system 1 further includes a storage proxy device 6 communicably connected to the user terminal 7 and the TST storage server 5 via a predetermined network 8 . When receiving a proxy request for deposit together with the TST file 73 from the user terminal 7, the proxy storage device 6 deposits the TST file 73 to the TST storage server 5 on behalf of the server 5, and transfers the TST file 73 from the user terminal 7. When receiving a substitution request for payment together with the payment identification information, the payment of the TST file 73 based on the payment identification information from the TST storage server 5 is performed by proxy.

With such a configuration, in the time stamp storage proxy system 1 according to the present embodiment, the user can obtain a one-time password and access the TST storage server 5 every time the TST file 73 is deposited or withdrawn. There is no need to perform operations such as logging in to Therefore, the user can deposit and withdraw the TST file 73 smoothly and can use the time stamp storage service without feeling troublesome and troublesome, thus promoting the use of the time stamp storage service. be able to. In this way, while maintaining the security of the time stamp storage institution, the TST 72 added to the managed file 70 can be easily and appropriately deposited and withdrawn from the TST storage server 5 of the time stamp storage institution. .

Further, in this embodiment, in the time stamp storage agency system 1, when the user terminal 7 designates the corresponding managed file 70 for the deposit of the TST file 73, the user terminal 7 directly requests the deposit to the TST storage server 5. and an indirect deposit agency request to the TST storage server 5 via the storage agency device 6 can be selected.

With such a configuration, automatic deposit via the storage agent device 6 and manual deposit by directly accessing the TST storage server 5 can be used together for the deposit of the TST file 73, which improves convenience. can be improved.

Further, in the present embodiment, in the time stamp storage agent system 1, the user terminal 7 instructs the TST storage server 5 to send the storage agent device to the TST storage server 5 when the original managed file 70 is specified for the delivery of the TST file 73. 6 can be configured to be able to select an indirect payment agency request.

With such a configuration, it is possible to selectively use automatic delivery via the storage agency device 6 for delivery of the TST file 73, thereby improving convenience.

In the present embodiment, in the time stamp storage agency system 1, the storage agency device 6 stores the history of deposit or withdrawal agency requests from the user terminal 7 and the execution results of the TST storage server 5 for the deposit or withdrawal requests. are recorded for each user account of the user terminal 7.

With such a configuration, the storage agent manages and confirms the customer history DB 44 for the TST file 73 deposited in the TST storage server 5, thereby improving user convenience and preventing deposit errors and deposit omissions. can contribute to Further, even when a plurality of TST files 73 are generated and stored for the same file 70 to be managed, the proxy storage device 6 checks the time information of each TST file 73 by referring to the customer history DB 44. be able to. Therefore, the storage agent device 6 can determine the oldest (earliest) TST file 73 when issuing the TST files 73, thereby improving the convenience of issuing the TST files 73 for the user. It is possible to contribute to prevention of payout errors. In addition, the customer history DB 44 can store the billing status of the use of the deposit agency and the withdrawal agency of the storage agency device 6 , which contributes to the operation of the storage agency device 6 .

In the above-described embodiment, an example in which the proxy system utilization program displays a context menu on the display unit 55 as an interface for accepting various processing operations has been described, but the present invention is not limited to this example. For example, in another embodiment, the proxy system usage program may operably display the same operation items as the above-described context menu on the software menu for verifying, browsing, editing, etc. of the managed file 70. . Further, the proxy system utilization program may automatically execute any operation item when processing the file 70 to be managed by this software. Further, in a further embodiment, the proxy system utilization program is composed of an application that displays an operation screen on the display unit 55 when started on the user terminal 7, and operation keys for various processes are displayed on the operation screen. good.

In the above embodiment, the TST deposit proxy requesting unit 61 and the TST withdrawal proxy requesting unit 64 of the user terminal 7, together with the deposit proxy request and the withdrawal proxy request, enter the user account consisting of the "account ID" 86 and the "password" 87. has been described, the present invention is not limited to this example. For example, in another embodiment, the user terminal 7 uses an "account ID" 86 and a "password" 87 when activating the substitute system management program or when setting an "account ID" 86 and a "password" 87. The customer account may be transmitted to the custodial agency device 6 and stored in advance as customer information for each user.

In the above embodiment, the TST deposit proxy requesting unit 61 and the TST withdrawal proxy requesting unit 64 of the user terminal 7 send the "TST file payout target" 92 and "whether or not the deposit certificate is issued" 93 together with the payout proxy request. Although an example has been described, the invention is not limited to this example. For example, in another embodiment, the user terminal 7, when starting the substitute system management program or when setting the "account ID" 86 and "password" 87, the "TST file payout target" 92 and the "deposit certificate Issuance or not” 93 may be sent to the custodial agent device 6 and stored in advance as customer information for each user.

In the above embodiment, an example has been described where the proxy storage device 6 performs proxy deposits and withdrawals of the TST file 73, but the present invention is not limited to this example. Various processing that has been performed by direct communication can be performed on behalf of the proxy storage device 6. - 特許庁For example, when issuing only a deposit certificate for the TST file 73 deposited in the TST storage server 5, the user terminal 7 transmits a proxy request for certificate issuance to the storage agent device 6. good too.

For example, the user terminal 7 can issue a proxy request for certificate issuance by operating the above-described "deposit certificate issue" in the context menu. The proxy request for certificate issuance includes the payment identification information such as the hash value 71 of the original managed file 70 and the user account of the user to whom the payment request is made on behalf of, as in the case of the proxy payment. The storage agent device 6 grasps the management number of the TST file 73 based on the payment identification information, and requests the TST storage server 5 to issue a certificate based on this management number, in the same way as during the delivery agency. If the TST file 73 corresponding to this management number has been deposited, the TST storage server 5 generates a deposit certificate and transmits it to the user terminal 7 via the proxy storage device 6 . This improves convenience for the user in issuing the deposit certificate of the TST file 73 .

In another embodiment, when the user terminal 7 directly (manually) communicates with the TST storage server 5 to make a deposit request or a withdrawal request for the TST file 73, the TST storage server 5 sends the deposit result or A payout result history may be received and stored in the storage unit 52 . User terminal 7 communicates with custodial agent device 6 when deposit result history is accumulated for a predetermined amount or for a predetermined period, and transmits the accumulated deposit result history to custodial agent device 6 . When receiving the deposit result history from the user terminal 7, the storage agency device 6 stores the deposit result while comparing it with the history already stored in the customer history DB 44.例文帳に追加As a result, the deposit results and payout results of each TST file 73 of each user can be fully stored and managed in the customer history DB 44 regardless of manual or automatic operation.

Alternatively, in another embodiment, the proxy storage device 6 and the TST storage server 5 are configured to periodically synchronize the histories of deposit results and withdrawal results, so that the proxy storage device 6 always The deposit results and payout results of each TST file 73 may be stored and managed in the customer history DB 44 regardless of whether it is done manually or automatically.

Furthermore, in another embodiment, if the TST storage server 5 sets a predetermined deadline (for example, 10 years) for the deposit of the TST files 73, the custodial agency device 6 will notify each TST file 73 that the deposit deadline has passed. It is configured to receive a deposit deadline approaching notification from the TST storage server 5 before. In this case, the TST storage server 5 uses the business operator information DB 25 and the storage DB 27 to record the TST file 73 deposited from the proxy storage device 6 in association with the proxy storage device 6 (business operator account). . As a result, the TST storage server 5 can determine which storage agent device 6 should be notified of the TST file 73 whose deposit deadline is approaching.

Upon receipt of the notification of the approaching deposit deadline for the TST file 73 from the TST storage server 5, the storage agent device 6 notifies the corresponding user terminal 7 that the deposit deadline is approaching. In addition, the user terminal 7 can set in advance automatic updating of the deposit of the TST file 73 to the custodial agency apparatus 6 . In this case, upon receiving the notice of approaching the deposit deadline of the TST file 73 from the TST storage server 5, the storage agent device 6 automatically updates the deposit of the TST file 73. FIG. The storage agent device 6 may notify the user terminal 7 of the automatic update schedule before the update, and notify the user terminal 7 of the completion of the automatic update after the update.

In addition, the present invention can be modified as appropriate within the scope not contrary to the gist or idea of the invention that can be read from the scope of claims and the entire specification. and a substitute system utilization program are also included in the technical idea of the present invention.

INDUSTRIAL APPLICABILITY The present invention can be used to manage and operate computerized documents related to intellectual property, documents related to taxation, documents related to medical care, etc., and stores time stamp tokens added to electronic files in a time stamp storage institution. can be used as a means of extracting timestamp tokens from electronic files.

1 time stamp system 2 time stamp token issuing server (TST issuing server)
5 Timestamp token storage server (TST storage server)
6 storage agent device 7 user terminal 8 network 18 account management unit 19 login processing unit 20 TST deposit unit 21 TST payment unit 22 certificate issuing unit 23 storage history processing unit 25 business operator information database (DB)
26 User information database (DB)
27 Storage database (DB)
38 account management unit 39 login processing unit 40 TST deposit agency unit 41 TST withdrawal agency unit 42 storage history processing unit 44 customer history database (DB)
58 Account management unit 59 Time stamp addition unit 60 TST deposit request unit 61 TST deposit proxy request unit 62 Time stamp verification unit 63 TST withdrawal request unit 64 TST withdrawal proxy request unit 70 File to be managed 71 Hash value 72 Time stamp token (TST)
73 Time Stamp Token (TST) File 74 Deposit Certificate

Claims (5)

A user terminal requesting the deposit or withdrawal of a timestamp token file consisting of a timestamp token added to a managed file subject to timestamp management, and in response to the deposit or withdrawal request from the user terminal A time stamp storage agency system comprising a time stamp token storage server that deposits or pays out the time stamp token file,
further comprising a storage agency device communicatively connected to the user terminal and the time stamp token storage server via a predetermined network;
When the proxy storage device receives a proxy request for the deposit together with the time stamp token file from the user terminal, the proxy storage device deposits the time stamp token file on behalf of the time stamp token storage server,
Further, when receiving the payment identification information of the time stamp token file and the payment proxy request from the user terminal, the payment of the time stamp token file from the time stamp token storage server based on the payment identification information is performed. acting on behalf of
Further, when the corresponding managed file is specified for the deposit of the timestamp token file, the user terminal requests the deposit directly to the timestamp token storage server and the timestamp token storage server. is configured to be able to select an indirect deposit agency request via the custody agency device for
When the proxy storage device receives the proxy request for deposit together with the time stamp token file from the user terminal in a state in which the business account of the agency is transmitted to the time stamp token storage server and logged in, sending a deposit request including the user account of the user of the user terminal and the time stamp token file to the time stamp token storage server;
When the time stamp token storage server receives a deposit request from the storage agent device, the time stamp token storage server performs the deposit of the time stamp token file in association with the user account and the business operator account.
A time stamp storage agency system characterized by: The user terminal indirectly requests the time stamp token storage server via the storage agency device to perform the delivery of the time stamp token file when the original managed file is specified. 2. The proxy time stamp storage system according to claim 1, wherein the time stamp storage agency system is configured to be able to select . The proxy custody device sends the history of the proxy request for deposit or withdrawal by the user terminal and the result of execution of the request for deposit or withdrawal by the time stamp token storage server to the user of the user terminal. 3. The time stamp storage agency system according to claim 1 , further comprising a customer history database for recording each account. A user terminal requesting the deposit or withdrawal of a timestamp token file consisting of a timestamp token added to a managed file subject to timestamp management, and in response to the deposit or withdrawal request from the user terminal A proxy system management program in a proxy system for time stamp storage, comprising: a time stamp token storage server for depositing or withdrawing the time stamp token file;
When a proxy storage device communicably connected to the user terminal and the time stamp token storage server via a predetermined network receives the proxy deposit request together with the time stamp token file from the user terminal , proxying the deposit of the timestamp token file to the timestamp token storage server;
When the proxy storage device receives the proxy request for payment together with the payment identification information of the time stamp token file from the user terminal, the time stamp token file based on the payment identification information is sent from the time stamp token storage server. a step of acting on behalf of said payout of
In order to cause the time stamp token storage server to deposit the time stamp token file in association with the user account of the user of the user terminal and the business account of the agency business, the proxy storage device is configured to: When the operator account is sent to the time stamp token storage server and logged in, and the proxy request for the deposit is received from the user terminal together with the time stamp token file, the user account and the time stamp token sending a deposit request containing a file to the timestamp token storage server ;
A program to be executed by a computer of the storage agency apparatus. A customer history database for each user account of the user terminal, storing the history of the proxy request for deposit or withdrawal by the user terminal and the execution result of the time stamp token storage server for the request for deposit or withdrawal for each user account of the user terminal the steps to record in
5. The program according to claim 4, which is executed by a computer of said storage agency apparatus.

Images