TWI486808B - System for validating electronic insurance policy with certificate and method thereof - Google Patents

System for validating electronic insurance policy with certificate and method thereof Download PDF

Info

Publication number
TWI486808B
TWI486808B TW102122779A TW102122779A TWI486808B TW I486808 B TWI486808 B TW I486808B TW 102122779 A TW102122779 A TW 102122779A TW 102122779 A TW102122779 A TW 102122779A TW I486808 B TWI486808 B TW I486808B
Authority
TW
Taiwan
Prior art keywords
file
electronic
policy
host
delivery
Prior art date
Application number
TW102122779A
Other languages
Chinese (zh)
Other versions
TW201500955A (en
Inventor
Chun Hsiu Chen
Hung Yi Tu
Tzu Ching Lien
Original Assignee
Taiwan Ca Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Taiwan Ca Inc filed Critical Taiwan Ca Inc
Priority to TW102122779A priority Critical patent/TWI486808B/en
Publication of TW201500955A publication Critical patent/TW201500955A/en
Application granted granted Critical
Publication of TWI486808B publication Critical patent/TWI486808B/en

Links

Landscapes

  • Storage Device Security (AREA)

Description

使用電子憑證驗證電子保單之系統及其方法System and method for verifying electronic policy using electronic voucher

一種電子檔案驗證系統及其方法,特別係指一種使用電子憑證驗證電子保單之系統及其方法。An electronic file verification system and method thereof, in particular, a system and method for verifying an electronic policy using an electronic certificate.

由於保存紙本文件需要合適的環境,否則紙本文件容易遭到損壞,而除了環境的因素之外,紙本文件也需要空間來保存,因此,紙本文件的保存需要一定的成本。Since the paper file requires a suitable environment, the paper document is easily damaged, and in addition to the environmental factors, the paper document requires space to be stored, and therefore, the storage of the paper document requires a certain cost.

而隨著資訊處理技術與通信技術的快速發展,由於電子文件不容易因為環境因素而遭到破壞,且幾乎不需要保存空間,這造成紙本文件逐漸轉變為電子文件的趨勢。不過,相對的,電子文件比紙本文件容易被竊取、篡改、或偽造,也就是電子文件的安全性也較紙本文件來得低,所以,不論個人或是企業都相當關注電子文件之安全性的問題。With the rapid development of information processing technology and communication technology, electronic files are not easily destroyed by environmental factors, and there is almost no need to save space, which causes the trend of paper documents to be gradually converted into electronic files. However, in contrast, electronic documents are easier to steal, falsify, or falsify than paper documents, that is, the security of electronic documents is lower than that of paper documents. Therefore, both individuals and companies are concerned about the security of electronic documents. The problem.

也因此,目前對於竊取電子文件的防範,可藉由將電子文件進行加密而確保電子文件的安全性,而對於偽造或篡改電子文件的防範,則可利用數位簽章而確保正確性。Therefore, at present, for the prevention of stealing electronic files, the security of electronic files can be ensured by encrypting electronic files, and for counterfeiting or tampering with electronic files, digital signatures can be used to ensure correctness.

不過,對於部分的文件而言,例如需要擁有人確認內容的文件,比如合約、保單等,使用紙本的形式仍然遠多於使用電子的形式。這是通常因為隨著時間的遞移,電子文件的擁有人無法直接確認文件是否遭到篡改或偽造,因此,仍然使用傳統容易發現被修改之處的紙本文件來記錄內容。However, for some documents, such as documents that require the owner to confirm the content, such as contracts, policies, etc., the use of paper is still much more than the use of electronic forms. This is usually because the owner of an electronic file cannot directly confirm whether the file has been tampered with or falsified over time, and therefore, the paper is still recorded using a conventional paper file that is easily found to be modified.

綜上所述,可知先前技術中長期以來一直存在電子文件的擁有人無法直接確認電子文件是否遭到篡改或偽造的問題,因此有必要提出改進的技術手段,來解決此一問題。In summary, it can be seen that the owner of electronic documents in the prior art has not been able to directly confirm whether the electronic file has been tampered with or forged. Therefore, it is necessary to propose an improved technical means to solve this problem.

有鑒於先前技術存在電子文件的擁有人無法直接確認電子文件是否遭到篡改或偽造的問題,本發明遂揭露一種使用電子憑證驗證電子保單之系統及其方法,其中:本發明所揭露之使用電子憑證驗證電子保單之系統,至少包含:文件提供主機,用以產生送簽文件,送簽文件包含待認證文件及提供驗證待認證文件之第二數位簽章;驗證伺服器,用以接收文件提供主機所傳送之送簽文件,並於成功驗證送簽文件後,產生電子保單,電子保單包含送簽文件及提供驗證送簽文件之第三數位簽章,及用以傳送電子保單至文件提供主機儲存;客戶端,用以接收文件提供主機所傳送之電子保單,及用以驗證送簽文件與待認證文件,並顯示待認證文件與送簽文件之驗證結果。In view of the prior art, the owner of an electronic document cannot directly confirm whether the electronic document has been tampered with or forged. The present invention discloses a system for verifying an electronic policy using an electronic voucher and a method thereof, wherein: the electronic device disclosed in the present invention is disclosed. The system for verifying the electronic policy of the voucher includes at least: a file providing host for generating a mailing file, the sending document includes a file to be authenticated and a second digital signature for verifying the file to be authenticated; and the verification server is configured to receive the file. The delivery document transmitted by the host, and after successfully verifying the delivery document, generates an electronic policy, the electronic policy includes a delivery document and a third digital signature for providing the verification delivery document, and is used to transmit the electronic policy to the file providing host The client is configured to receive the file to provide an electronic policy transmitted by the host, and to verify the file to be sent and the file to be authenticated, and display the verification result of the file to be authenticated and the file to be sent.

本發明所揭露之使用電子憑證驗證電子保單之方法,其步驟至少包括:提供原始保單;文件提供主機產生提供驗證原始保單之第一數位簽章;文件提供主機產生待認證文件,待認證文件包含第一數位簽章及原始保單被加密後所產生之加密文件;文件提供主機產生送簽文件,送簽文件包含待認證文件及提供驗證待認證文件之第二數位簽章;文件提供主機傳送送簽文件至驗證伺服器;驗證伺服器於成功驗證待認證文件後,產生電子保單,電子保單包含送簽文件及提供驗證送簽文件之第三數位簽章;驗證伺服器傳送電子保單至文件提供主機;文件提供主機傳送電子保單至客戶端;客戶端於成功驗證電子保單及待認證文件後,解密加密文件為解密文件;客戶端傳送解密文件及電子保單至驗證伺服器;驗證伺服器驗證解密文件及送簽文件;驗證伺服器傳送驗證結果至客戶端;客戶端顯示驗證結果。The method for verifying an electronic policy by using an electronic voucher disclosed in the present invention comprises the steps of: providing an original policy; the file providing host generates a first digital signature providing the original verification certificate; and the file providing host generates a file to be authenticated, and the file to be authenticated includes The first digital signature and the encrypted file generated by the original policy are encrypted; the file providing host generates a delivery document, the delivery document includes the to-be-certified file and a second digital signature for verifying the to-be-certified file; the file provides host delivery After signing the file to the verification server; the verification server generates an electronic policy after successfully verifying the file to be authenticated, the electronic policy includes the delivery document and the third digit signature of the verification delivery document; the verification server transmits the electronic policy to the file providing The host provides the host to transmit the electronic policy to the client; after successfully verifying the electronic policy and the file to be authenticated, the client decrypts the encrypted file as a decrypted file; the client transmits the decrypted file and the electronic policy to the verification server; and the verification server verifies the decryption. Document and delivery document; verification server transmission test Results to the client; client displays the authentication result.

本發明所揭露之另一種使用電子憑證驗證電子保單之方法,其步驟至少包括:提供待認證文件;文件提供主機產生送簽文件,送簽文件包含待認證文件及提供驗證待認證文件之第二數位簽章;文件提供主機傳送送簽文件至驗證伺服器;驗證伺服器於成功驗證待驗證文件後, 產生電子保單,電子保單包含送簽文件及提供驗證送簽文件之第三數位簽章;驗證伺服器傳送電子保單至文件提供主機;文件提供主機傳送電子保單至客戶端;客戶端驗證送簽文件與待認證文件並產生驗證結果;客戶端顯示驗證結果。Another method for verifying an electronic policy by using an electronic voucher disclosed in the present invention, the method comprising the steps of: providing a file to be authenticated; the file providing host generates a delivery file, the delivery file includes a file to be authenticated, and providing a second verification document to be authenticated Digital signature; the file provides the host to send the delivery file to the verification server; after the verification server successfully verifies the file to be verified, Generate an electronic policy, the electronic policy includes a delivery document and a third digit signature for providing the verification delivery document; the verification server transmits the electronic policy to the file providing host; the file provides the host to transmit the electronic policy to the client; the client verifies the delivery document The verification result is generated with the file to be authenticated; the client displays the verification result.

本發明所揭露之系統與方法如上,與先前技術之間的差異在於本發明透過文件提供主機對待認證文件進行數位簽章後,驗證伺服器也會對數位簽章後的待認證文件再次進行數位簽章,客戶端可以驗證驗證伺服器與文件提供主機的數位簽章,並顯示驗證結果,藉以解決先前技術所存在的問題,並可以達成提高電子保單之使用方便性的技術功效。The system and method disclosed in the present invention are as above, and the difference from the prior art is that the present invention provides a digital signature to the authentication file by the host after the file is provided, and the verification server also digitizes the to-be-certified file after the digital signature. Signature, the client can verify the digital signature of the authentication server and the file providing host, and display the verification result, so as to solve the problems existing in the prior art, and can achieve the technical effect of improving the convenience of using the electronic policy.

110‧‧‧文件提供主機110‧‧‧ Documents provided host

120‧‧‧驗證伺服器120‧‧‧Verification server

130‧‧‧客戶端130‧‧‧Client

步驟200‧‧‧提供待認證文件Step 200‧‧‧Provide documents to be certified

步驟202‧‧‧提供原始保單Step 202‧‧‧ Provide original policy

步驟204‧‧‧文件提供主機產生提供驗證原始保單之第一數位簽章Step 204‧‧‧ Document Providing Host Generates First Digital Signature Providing Verification Original Policy

步驟206‧‧‧文件提供主機加密原始保單產生加密文件Step 206‧‧‧ file provides host encryption original policy to generate encrypted file

步驟208‧‧‧文件提供主機產生待認證文件,待認證文件包含第一數位簽章及加密文件Step 208‧‧‧ The file providing host generates a file to be authenticated, and the file to be authenticated includes the first digital signature and the encrypted file

步驟210‧‧‧文件提供主機產生送簽文件,送簽文件包含待認證文件及提供驗證待認證文件之第二數位簽章Step 210‧‧‧ The document provides the host to generate a delivery document, the delivery document includes the document to be authenticated and the second digit signature of the document to be verified

步驟222‧‧‧文件提供主機傳送送簽文件至驗證伺服器Step 222‧‧‧ file provides the host to send the delivery file to the verification server

步驟226‧‧‧驗證伺服器是否成功驗證待認證文件Step 226‧‧‧Verify that the server successfully verified the file to be authenticated

步驟230‧‧‧驗證伺服器產生電子保單,電子保單包含送簽文件及提供驗證送簽文件之第三數位簽章Step 230‧‧‧Verification server generates an electronic policy, the electronic policy contains the delivery document and the third digit signature of the verification delivery document

步驟242‧‧‧驗證伺服器傳送電子保單至文件提供主機Step 242‧‧‧ Verify the server to send the electronic policy to the file providing host

步驟246‧‧‧文件提供主機傳送電子保單至客戶端Step 246‧‧‧ file provides the host to transfer the electronic policy to the client

步驟251‧‧‧客戶端驗證送簽文件與待認證文件Step 251‧‧‧ Client verification of the delivery document and the document to be certified

步驟253‧‧‧客戶端是否成功驗證送簽文件與待認證文件Step 253‧‧‧ Whether the client successfully verifies the delivery document and the document to be authenticated

步驟255‧‧‧客戶端顯示驗證結果Step 255‧‧‧ The client displays the verification result

步驟260‧‧‧客戶端解密加密文件為解密文件Step 260‧‧‧ The client decrypts the encrypted file as a decrypted file

步驟271‧‧‧客戶端顯示解密文件Step 271‧‧‧ The client displays the decrypted file

步驟275‧‧‧客戶端傳送解密文件及電子保單至驗證伺服器Step 275‧‧‧ The client transmits the decrypted file and the electronic policy to the authentication server

步驟280‧‧‧驗證伺服器驗證解密文件及送簽文件Step 280‧‧‧Verify the server to verify the decrypted file and the delivery file

步驟291‧‧‧驗證伺服器傳送驗證結果至客戶端Step 291‧‧‧ Verify the server to send the verification result to the client

步驟295‧‧‧客戶端顯示驗證結果Step 295‧‧‧ The client displays the verification result

第1圖為本發明所提之使用電子憑證驗證電子保單之系統架構圖。1 is a system architecture diagram of an electronic security certificate verification using an electronic voucher according to the present invention.

第2A圖為本發明所提之使用電子憑證驗證電子保單之方法流程圖。2A is a flow chart of a method for verifying an electronic policy using an electronic voucher according to the present invention.

第2B圖為本發明所提之提供待認證文件之附加方法流程圖。FIG. 2B is a flow chart of an additional method for providing a file to be authenticated according to the present invention.

第2C圖為本發明所提之使用電子憑證驗證電子保單之附加方法流程圖。FIG. 2C is a flow chart of an additional method for verifying an electronic policy using an electronic voucher according to the present invention.

以下將配合圖式及實施例來詳細說明本發明之特徵與實施方式,內容足以使任何熟習相關技藝者能夠輕易地充分理解本發明解決技術問題所應用的技術手段並據以實施,藉此實現本發明可達成的功效。The features and embodiments of the present invention will be described in detail below with reference to the drawings and embodiments, which are sufficient to enable those skilled in the art to fully understand the technical means to which the present invention solves the technical problems, and The achievable effects of the present invention.

本發明可以在文件提供主機以及驗證伺服器依序對待認證文件進行數位簽章產生電子保單後,由文件提供主機將包含數位簽章的電子保單傳送給客戶端,客戶端可以依據電子保單中的數位簽章驗證產生待 認證文件中之原始保單的內容是否正確無誤,並顯示驗證結果。The invention can send the electronic insurance policy including the digital signature to the client by the file providing host after the file providing host and the verification server sequentially process the authentication file to generate the electronic insurance certificate, and the client can be based on the electronic policy. Digital signature verification The contents of the original policy in the certification document are correct and the verification results are displayed.

以下先以「第1圖」本發明所提之使用電子憑證驗證電子保單之系統架構圖來說明本發明的系統運作。如「第1圖」所示,本發明之系統含有文件提供主機110、驗證伺服器120、以及客戶端130。其中,文件提供主機110通常被設置在提供原始保單及/或電子保單的保險機構,例如保險公司等,驗證伺服器120則通常被設置在憑證機構,例如憑證發行單位等,或可以被設置在提供原始保單及/或電子保單的保險機構,但本發明對於文件提供主機110與驗證伺服器120所設置的位置並沒有特別的限制。The system operation of the present invention will be described below with reference to the system architecture diagram of the electronic voucher verification electronic policy referred to in the "FIG. 1". As shown in "FIG. 1", the system of the present invention includes a file providing host 110, a verification server 120, and a client 130. Wherein, the document providing host 110 is usually set up in an insurance institution that provides an original policy and/or an electronic policy, such as an insurance company, etc., and the verification server 120 is usually set in a voucher institution, such as a voucher issuing unit, or the like, or may be set in An insurance institution that provides an original policy and/or an electronic policy, but the present invention is not particularly limited to the location where the file providing host 110 and the authentication server 120 are set.

文件提供主機110負責產生送簽文件。文件提供主機110所產生的送簽文件包含待認證文件以及被提供來驗證待認證文件的第二數位簽章,也就是說,文件提供主機110會先使用文件提供主機110的公開金鑰(public key)對待認證文件進行演算,並取得演算產生的第二數位簽章,以及將待認證文件與第二數位簽章、或將待認證文件、第二數位簽章與其他資料合併為送簽文件。The file providing host 110 is responsible for generating the delivery file. The file providing file generated by the host 110 includes a file to be authenticated and a second digital signature provided to verify the file to be authenticated, that is, the file providing host 110 first uses the file to provide the public key of the host 110 (public) Key) Calculate the document to be certified, and obtain the second digit signature generated by the calculation, and combine the document to be certified with the second digit, or merge the document to be certified, the second digit signature and other materials into the delivery document. .

送簽文件所包含的待認證文件可以是記錄使用者之保單內容的原始保單,也可以是包含一個加密文件與第一數位簽章的電子文件。文件提供主機110可以將原始保單加密以取得加密文件,並使用文件提供主機110的公開金鑰對原始保單進行演算,藉以在演算後取得被提供來驗證原始保單的第一數位簽章,以及將加密文件與第一數位簽章、或將加密文件、第一數位簽章與其他資料合併為待認證文件。The file to be authenticated included in the delivery document may be the original policy for recording the content of the policy of the user, or may be an electronic file containing an encrypted file and the first digital signature. The file providing host 110 may encrypt the original policy to obtain the encrypted file, and calculate the original policy using the public key of the file providing host 110, thereby obtaining the first digital signature provided to verify the original policy after the calculation, and The encrypted file is signed with the first digit, or the encrypted file, the first digit signature, and other materials are merged into the file to be authenticated.

文件提供主機110也負責將所產生的送簽文件傳送到驗證伺服器120,並接收驗證伺服器120對送簽文件進行數位簽章後所傳回的電子保單,以及將所接收到的電子保單傳送到客戶端130。在部分的實施例中,文件提供主機110是透過電子郵件將電子保單傳送給客戶端130,但本發明並不以此為限。The file providing host 110 is also responsible for transmitting the generated delivery file to the verification server 120, and receiving the electronic policy returned by the verification server 120 after digitally signing the delivery document, and the received electronic policy. Transfer to client 130. In some embodiments, the file providing host 110 transmits the electronic policy to the client 130 via email, but the invention is not limited thereto.

驗證伺服器120負責接收文件提供主機110所傳送的送簽文件,並依據送簽文件中的第二數位簽章驗證送簽文件中的待認證文件。The verification server 120 is responsible for receiving the delivery file transmitted by the file providing host 110, and verifying the to-be-certified file in the delivery file according to the second digital signature in the delivery file.

驗證伺服器120也負責在成功驗證待認證文件後產生電子 保單,並將所產生的電子保單傳回文件提供主機110儲存。驗證伺服器120所產生的電子保單包含所接收到的送簽文件以及被提供來驗證送簽文件的第三數位簽章。也就是說,驗證伺服器120會在接收到電子保單後,使用驗證伺服器120的公開金鑰對送簽文件進行演算以取得演算產生的第三數位簽章,以及將送簽文件與第三數位簽章、或將送簽文件、第三數位簽章與其他資料合併為電子保單。其中,一起被合併到電子保單中的其他資料包含但不限於版本資訊。The verification server 120 is also responsible for generating an electronic after successfully verifying the file to be authenticated. The policy and the generated electronic policy are returned to the file to be stored by the host 110. The electronic policy generated by the verification server 120 includes the received delivery document and a third digital signature provided to verify the delivery document. That is to say, after receiving the electronic policy, the verification server 120 uses the public key of the verification server 120 to calculate the delivery document to obtain the third digital signature generated by the calculation, and the third file to be sent and the third Digital signature, or the combination of the delivery document, the third digit signature and other materials into an electronic policy. Among other things, the other materials that are merged into the electronic policy include, but are not limited to, version information.

另外,驗證伺服器120可以接收客戶端130所傳送的解密文件以及電子保單。由於電子保單中包含送簽文件以及第三數位簽章,送簽文件中包含待認證文件,且待認證文件中可能包含第一數位簽章,因此,驗證伺服器120可以依據第一數位簽章驗證解密文件,以及依據第三數位簽章驗證送簽文件,並在驗證後產生驗證結果,以及將所產生的驗證結果傳送到客戶端130。In addition, the authentication server 120 can receive the decrypted file transmitted by the client 130 and the electronic policy. Since the electronic policy includes the delivery document and the third digital signature, the delivery document includes the file to be authenticated, and the first digit signature may be included in the to-be-certified file. Therefore, the verification server 120 may sign according to the first digit. The decrypted file is verified, and the delivery file is verified according to the third digit signature, and the verification result is generated after verification, and the generated verification result is transmitted to the client 130.

客戶端130負責接收文件提供主機110所傳送的電子保單。一般而言,客戶端130可以是使用者所使用的裝置或是使用者所使用之裝置中的軟體或硬體,客戶端130可以開啟電子保單,並由電子保單中讀取出送簽文件與第三數位簽章,並依據電子保單中的第三數位簽章驗證電子保單中的送簽文件;也可以開啟送簽文件,由送簽文件中讀取出待認證文件與第二數位簽章,並依據送簽文件中的第二數位簽章驗證送簽文件中的待認證文件。甚至在待認證文件包含加密文件以及第一數位簽章時,客戶端130可以開啟待認證文件,並由待認證文件中讀取出加密文件與第一數位簽章。另外,客戶端130也可以顯示送簽文件與待認證文件的驗證結果。The client 130 is responsible for receiving the electronic policy transmitted by the file providing host 110. Generally, the client 130 can be a device used by the user or a software or hardware in the device used by the user, and the client 130 can open the electronic policy and read the delivery document from the electronic policy. The third digit is signed and the signature file in the electronic policy is verified according to the third digit signature in the electronic policy; the delivery document can also be opened, and the document to be authenticated and the second digit signature are read from the delivery document. And verify the file to be authenticated in the delivery document according to the second digit signature in the delivery document. Even when the file to be authenticated includes the encrypted file and the first digital signature, the client 130 can open the file to be authenticated, and the encrypted file and the first digital signature are read from the file to be authenticated. In addition, the client 130 can also display the verification result of the delivery file and the file to be authenticated.

客戶端130在成功驗證送簽文件與待認證文件後,若待認證文件包含加密文件與第一數位簽章,則客戶端130可以解密待認證文件中的加密文件以取得解密文件(也就是文件提供伺服器110所提供之原始保單)。客戶端130也可以傳送解密所得的解密文件以及電子保單至驗證伺服器120,藉以由驗證伺服器120驗證解密文件與送簽文件的正確性。After the client 130 successfully verifies the file to be authenticated and the file to be authenticated, if the file to be authenticated includes the encrypted file and the first digital signature, the client 130 can decrypt the encrypted file in the file to be authenticated to obtain the decrypted file (that is, the file). The original policy provided by the server 110 is provided). The client 130 can also transmit the decrypted decrypted file and the electronic policy to the verification server 120, whereby the verification server 120 verifies the correctness of the decrypted file and the delivery file.

客戶端130也可以顯示解密產生的解密文件及/或驗證伺服器120所傳回的驗證結果。其中,客戶端130可以將驗證結果以圖示的方 式顯示在使用者介面的特定位置,例如,將驗證結果顯示在狀態列等,但本發明並不以此為限,客戶端130也可以將驗證結果以可視化的電子印章顯示在被客戶端130顯示的解密文件中,其中,驗證結果表示為通過驗證時,客戶端130所顯示的電子印章也會表示為通過驗證,而當驗證結果表示為未通過驗證時,電子印章也會表示為未通過驗證,也就是說,表示為通過驗證與未通過驗證的電子印章並不相同,使得使用者可以在觀看後直接確認解密文件是否通過驗證。The client 130 can also display the decrypted file generated by the decryption and/or the verification result returned by the verification server 120. Wherein, the client 130 can use the verification result as the illustrated party. The display is displayed at a specific location of the user interface, for example, the verification result is displayed in the status column, etc., but the present invention is not limited thereto, and the client 130 may display the verification result on the client 130 by using a visual electronic stamp. In the decrypted file displayed, wherein the verification result is indicated as passing verification, the electronic seal displayed by the client 130 is also indicated as passing the verification, and when the verification result is indicated as failing the verification, the electronic seal is also indicated as failing. Verification, that is to say, is not the same as the electronic seal that passes the verification and fails verification, so that the user can directly confirm whether the decrypted file passes the verification after viewing.

接著以一個實施例來解說本發明的運作系統與方法,並請參照「第2A圖」本發明所提之使用電子憑證驗證電子保單之方法流程圖。Next, an operational system and method of the present invention will be described with reference to an embodiment, and reference is made to the flowchart of the method for verifying an electronic policy using an electronic voucher according to the "2A".

首先,需要提供待認證文件(步驟200)。若原始的電子保單不需要加密,例如,沒有包含個人資料,則待認證文件可以是原始的電子保單。First, a file to be authenticated needs to be provided (step 200). If the original electronic policy does not require encryption, for example, without personal data, the document to be certified may be the original electronic policy.

不過在實務上,由於原始保單是記錄使用者之保單內容的電子檔案,為了讓保險公司可以保護使用者的個人資料不被第三方獲得,例如提供驗證的憑證機構,但又要讓使用者可以透過第三方的驗證伺服器120對電子保單中所記錄的保單內容進行驗證,文件提供主機110可以如「第2B圖」之流程所示,在取得被提供的原始保單(步驟202)後,產生用來驗證原始保單的第一數位簽章(步驟204),並加密原始保單產生加密檔案(步驟206),之後,產生包含加密文件與第一數位簽章的待認證文件(步驟208)。However, in practice, since the original policy is an electronic file that records the contents of the user's policy, in order to allow the insurance company to protect the user's personal information from third parties, such as providing a certificate authority, but also allowing the user to The third party verification server 120 verifies the policy content recorded in the electronic policy, and the file providing host 110 can generate the original policy (step 202) after obtaining the provided original policy as shown in the flow of "FIG. 2B". The first digital signature used to verify the original policy (step 204), and the original policy is encrypted to generate an encrypted file (step 206), after which a file to be authenticated containing the encrypted file and the first digital signature is generated (step 208).

繼續回到「第2A圖」,在待認證文件被提供後,文件提供主機110可以產生送簽文件(步驟210)。也就是文件提供主機110會產生用來驗證待認證文件的第二數位簽章,並產生包含待認證文件以及第二數位簽章的送簽文件。Continuing back to "FIG. 2A", after the file to be authenticated is provided, the file providing host 110 can generate a delivery file (step 210). That is, the file providing host 110 generates a second digital signature for verifying the file to be authenticated, and generates a delivery file containing the file to be authenticated and the second digital signature.

在文件提供主機110產生送簽文件(步驟210)後,文件提供主機110可以將所產生的送簽文件傳送到驗證伺服器120(步驟222)。After the file providing host 110 generates the delivery file (step 210), the file providing host 110 can transmit the generated delivery file to the verification server 120 (step 222).

驗證伺服器120在接收到文件提供主機110所傳送的送簽文件後,可以依據送簽文件中的第二數位簽章驗證送簽文件中的待認證文件(步驟226)。也就是使用文件提供主機110的公鑰對待認證文件進行演算, 並比對演算所產生的資料與第二數位簽章是否相同。After receiving the mailing file transmitted by the file providing host 110, the verification server 120 may verify the file to be authenticated in the mailing file according to the second digit signature in the mailing file (step 226). That is, using the file to provide the host 110's public key to calculate the authentication file, And compare the data generated by the calculation with whether the second digit signature is the same.

若不同即表示待認證文件沒有通過驗證,也就是待認證文件可能經過竄改,沒有繼續執行本發明的必要;而若相同則表示待認證文件通過驗證,驗證伺服器120可以產生電子保單(步驟230)。也就是驗證伺服器120會產生用來驗證送簽文件的第三數位簽章,並產生至少包含送簽文件、以及第三數位簽章的電子保單。If the difference indicates that the file to be authenticated has not passed the verification, that is, the file to be authenticated may have been tampered with, it is not necessary to continue the execution of the present invention; if the same, the file to be authenticated is verified, and the verification server 120 can generate an electronic policy (step 230). ). That is, the verification server 120 generates a third digital signature for verifying the delivery document and generates an electronic policy including at least the delivery document and the third digital signature.

在驗證伺服器120產生電子保單(步驟230)後,驗證伺服器可以將所產生的電子保單傳回文件提供主機110(步驟242),文件提供主機110在接收到驗證伺服器120所傳回的電子保單後,可以儲存所接收到的電子保單,並將所儲存的電子保單傳送給客戶端130(步驟246)。在本實施例中,假設文件提供主機110會將電子保單寄送到使用者的電子郵件信箱。After the verification server 120 generates the electronic policy (step 230), the verification server can transmit the generated electronic policy back to the file providing host 110 (step 242), and the file providing host 110 receives the verification from the verification server 120. After the electronic policy, the received electronic policy can be stored and the stored electronic policy transmitted to the client 130 (step 246). In the present embodiment, it is assumed that the file providing host 110 will send the electronic policy to the user's email address.

客戶端130在接收到文件提供主機110所傳送的電子保單後,可以驗證電子保單所包含的送簽文件以及送簽文件所包含的待認證文件(步驟251),並顯示驗證結果(步驟255)。After receiving the electronic policy transmitted by the file providing host 110, the client 130 can verify the mailing file included in the electronic policy and the file to be authenticated included in the mailing file (step 251), and display the verification result (step 255). .

另外,如「第2C圖」所示,客戶端130在成功驗證送簽文件以及待認證文件(步驟253)後,可以將待認證文件所包含的加密文件解密為解密文件(步驟260),並顯示解密文件(步驟271)。In addition, as shown in FIG. 2C, after successfully verifying the delivery file and the file to be authenticated (step 253), the client 130 may decrypt the encrypted file included in the file to be authenticated into a decrypted file (step 260), and The decrypted file is displayed (step 271).

之後,客戶端130可以傳送解密文件以及電子保單至驗證伺服器120(步驟275),驗證伺服器120在接收到客戶端130所傳送的解密文件以及電子保單後,可以驗證所接收到的解密文件以及電子保單(步驟280),並可以將驗證結果傳回客戶端130(步驟291),客戶端130可以在接收到驗證伺服器120所傳送的驗證結果後,顯示驗證結果(步驟295)。假設在本實施例中,客戶端130會在顯示解密文件時,顯示與驗證結果對應的電子印章。Thereafter, the client 130 can transmit the decrypted file and the electronic policy to the verification server 120 (step 275). After receiving the decrypted file transmitted by the client 130 and the electronic policy, the verification server 120 can verify the received decrypted file. And the electronic policy (step 280), and the verification result can be transmitted back to the client 130 (step 291), and the client 130 can display the verification result after receiving the verification result transmitted by the verification server 120 (step 295). It is assumed that in the present embodiment, the client 130 displays an electronic seal corresponding to the verification result when the decrypted file is displayed.

綜上所述,可知本發明與先前技術之間的差異在於具有由文件提供主機對待認證文件進行數位簽章後,驗證伺服器也會對簽章後的待認證文件再次進行數位簽章,客戶端可以驗證驗證伺服器與文件提供主機的數位簽章,並顯示驗證結果之技術手段,藉由此一技術手段可以解決先 前技術所存在電子保單的擁有人無法直接確認電子保單中所記錄之保單內容是否遭到篡改或偽造的問題,進而達成提高電子保單之使用方便性的技術功效。In summary, it can be seen that the difference between the present invention and the prior art is that after the digital signature of the file to be authenticated by the file providing host, the verification server will digitally sign the document to be authenticated after the signature, the client The terminal can verify the digital signature of the verification server and the file providing host, and display the technical means of the verification result, which can be solved by using a technical means. The owner of the electronic policy in the prior art cannot directly confirm whether the content of the policy recorded in the electronic policy has been tampered with or forged, thereby achieving the technical effect of improving the ease of use of the electronic policy.

再者,本發明之使用電子憑證驗證電子保單之方法,可實現於硬體、軟體或硬體與軟體之組合中,亦可在電腦系統中以集中方式實現或以不同元件散佈於若干互連之電腦系統的分散方式實現。Furthermore, the method for verifying an electronic policy using the electronic voucher of the present invention can be implemented in hardware, software or a combination of hardware and software, or can be implemented in a centralized manner in a computer system or spread over several interconnections with different components. The decentralized implementation of the computer system.

雖然本發明所揭露之實施方式如上,惟所述之內容並非用以直接限定本發明之專利保護範圍。任何本發明所屬技術領域中具有通常知識者,在不脫離本發明所揭露之精神和範圍的前提下,對本發明之實施的形式上及細節上作些許之更動潤飾,均屬於本發明之專利保護範圍。本發明之專利保護範圍,仍須以所附之申請專利範圍所界定者為準。While the embodiments of the present invention have been described above, the above description is not intended to limit the scope of the invention. Any modification of the form and details of the practice of the present invention, which is a matter of ordinary skill in the art to which the present invention pertains, is a patent protection of the present invention. range. The scope of the invention is to be determined by the scope of the appended claims.

步驟200‧‧‧提供待認證文件Step 200‧‧‧Provide documents to be certified

步驟210‧‧‧文件提供主機產生送簽文件,送簽文件包含待認證文件及提供驗證待認證文件之第二數位簽章Step 210‧‧‧ The document provides the host to generate a delivery document, the delivery document includes the document to be authenticated and the second digit signature of the document to be verified

步驟222‧‧‧文件提供主機傳送送簽文件至驗證伺服器Step 222‧‧‧ file provides the host to send the delivery file to the verification server

步驟226‧‧‧驗證伺服器是否成功驗證待認證文件Step 226‧‧‧Verify that the server successfully verified the file to be authenticated

步驟230‧‧‧驗證伺服器產生電子保單,電子保單包含送簽文件及提供驗證送簽文件之第三數位簽章Step 230‧‧‧Verification server generates an electronic policy, the electronic policy contains the delivery document and the third digit signature of the verification delivery document

步驟242‧‧‧驗證伺服器傳送電子保單至文件提供主機Step 242‧‧‧ Verify the server to send the electronic policy to the file providing host

步驟246‧‧‧文件提供主機傳送電子保單至客戶端Step 246‧‧‧ file provides the host to transfer the electronic policy to the client

步驟251‧‧‧客戶端驗證送簽文件與待認證文件Step 251‧‧‧ Client verification of the delivery document and the document to be certified

步驟255‧‧‧客戶端顯示驗證結果Step 255‧‧‧ The client displays the verification result

Claims (10)

一種使用電子憑證驗證電子保單之方法,該方法至少包含下列步驟:提供一原始保單;一文件提供主機產生提供驗證該原始保單之一第一數位簽章;該文件提供主機產生一待認證文件,該待認證文件包含該第一數位簽章及該原始保單被加密後所產生之一加密文件;該文件提供主機產生一送簽文件,該送簽文件包含該待認證文件及提供驗證該待認證文件之一第二數位簽章;該文件提供主機傳送該送簽文件至一驗證伺服器;該驗證伺服器於成功驗證該待認證文件後,產生一電子保單,該電子保單包含該送簽文件及提供驗證該送簽文件之一第三數位簽章;該驗證伺服器傳送該電子保單至該文件提供主機;該文件提供主機傳送該電子保單至一客戶端;該客戶端於成功驗證該電子保單及該待認證文件後,解密該加密文件為一解密文件;該客戶端傳送該解密文件、及該電子保單至該驗證伺服器;該驗證伺服器驗證該解密文件及該送簽文件;該驗證伺服器傳送一驗證結果至該客戶端;及該客戶端顯示該驗證結果。 A method for verifying an electronic policy using an electronic voucher, the method comprising at least the steps of: providing an original policy; a file providing host generating a first digital signature providing verification of the original policy; the file providing a host to generate a file to be authenticated, The to-be-certified file includes the first digital signature and an encrypted file generated by the original policy; the file providing host generates a delivery file, the delivery file includes the to-be-certified file, and provides verification to the authentication a second digit signature of the file; the file provides a host to transmit the delivery file to a verification server; the verification server generates an electronic policy after successfully verifying the to-be-certified file, and the electronic policy includes the delivery document And providing a third digit signature for verifying the delivery document; the verification server transmitting the electronic policy to the file providing host; the file providing the host to transmit the electronic policy to a client; the client successfully verifying the electronic After the policy and the file to be authenticated, decrypt the encrypted file as a decrypted file; the client transmits the decrypted file And the electronic policy to the authentication server; decrypt the authentication server validate the document and send the signed document; the authentication server transmits a verification result to the client; and the client displays the verification result. 如申請專利範圍第1項所述之使用電子憑證驗證電子保單之方法,其中該文件提供主機傳送該電子保單至該客戶端之步驟為該文件提供主機透過電子郵件傳送該電子保單。 The method for verifying an electronic policy by using an electronic voucher as described in claim 1, wherein the file provides a host to transmit the electronic policy to the client, and the host for providing the file transmits the electronic policy by email. 如申請專利範圍第1項所述之使用電子憑證驗證電子保單之方法,其中該方法於該客戶端解密該加密文件為該解密文件後,更包含顯示該 解密文件之步驟。 The method for verifying an electronic policy by using an electronic voucher according to claim 1, wherein the method further comprises displaying the encrypted file after the decrypting the encrypted file. The steps to decrypt the file. 一種使用電子憑證驗證電子保單之方法,該方法至少包含下列步驟:提供一待認證文件,該待認證文件包含一原始保單;一文件提供主機產生一送簽文件,該送簽文件包含該待認證文件及提供驗證該待認證文件之一第二數位簽章;該文件提供主機傳送該送簽文件至一驗證伺服器;該驗證伺服器於成功驗證該待認證文件後,產生一電子保單,該電子保單包含該送簽文件及提供驗證該送簽文件之一第三數位簽章;該驗證伺服器傳送該電子保單至該文件提供主機;該文件提供主機傳送該電子保單至一客戶端;該客戶端驗證該送簽文件與該待認證文件並產生一驗證結果;及該客戶端顯示該驗證結果。 A method for verifying an electronic policy by using an electronic voucher, the method comprising at least the following steps: providing a file to be authenticated, the file to be authenticated includes an original policy; and the file providing host generates a delivery file, the method comprising the to-be-certified file And providing a second digital signature for verifying the to-be-certified file; the file provides a host to transmit the delivery file to a verification server; the verification server generates an electronic policy after successfully verifying the to-be-certified file, The electronic policy includes the delivery document and a third digit signature for verifying the delivery document; the verification server transmits the electronic policy to the file providing host; the file provides a host to transmit the electronic policy to a client; The client verifies the delivery file and the to-be-certified file and generates a verification result; and the client displays the verification result. 一種使用電子憑證驗證電子保單之系統,該系統至少包含:一文件提供主機,用以產生一送簽文件,該送簽文件包含一待認證文件及提供驗證該待認證文件之一第二數位簽章;一驗證伺服器,用以接收該文件提供主機所傳送之該送簽文件,並於成功驗證該送簽文件後,產生一電子保單,該電子保單包含該送簽文件及提供驗證該送簽文件之一第三數位簽章,及用以傳送該電子保單至該文件提供主機儲存;及一客戶端,用以接收該文件提供主機所傳送之該電子保單,及用以驗證該送簽文件與該待認證文件,並顯示該待認證文件與該送簽文件之驗證結果。 A system for verifying an electronic policy by using an electronic voucher, the system comprising: a file providing host for generating a delivery file, the delivery file comprising a file to be authenticated and providing a verification of the second digit of the document to be authenticated a verification server for receiving the file to provide the delivery document transmitted by the host, and after successfully verifying the delivery document, generating an electronic policy, the electronic policy including the delivery document and providing verification Signing a third digit signature of the document, and transmitting the electronic policy to the file to provide host storage; and a client for receiving the file to provide the electronic policy transmitted by the host, and for verifying the delivery The file and the file to be authenticated, and the verification result of the file to be authenticated and the file to be sent is displayed. 如申請專利範圍第5項所述之使用電子憑證驗證電子保單之系統,其中該待認證文件包含一原始保單被加密後所產生一加密文件及該文件 提供主機所產生之提供驗證該原始保單之一第一數位簽章。 The system for verifying an electronic policy using an electronic voucher as described in claim 5, wherein the file to be authenticated includes an encrypted file generated by the original policy and the file is encrypted. Provide the first digital signature of the original policy provided by the host to provide verification. 如申請專利範圍第5項所述之使用電子憑證驗證電子保單之系統,其中該客戶端更用以於成功驗證該送簽文件與該待認證文件後,解密一加密文件為一解密文件,並傳送該解密文件及該電子保單至該驗證伺服器,該驗證伺服器更用以驗證該解密文件及該送簽文件,並傳送一驗證結果至該客戶端顯示。 The system for verifying an electronic policy by using an electronic voucher as described in claim 5, wherein the client is further configured to decrypt the encrypted file as a decrypted file after successfully verifying the delivery file and the to-be-certified file, and Transmitting the decrypted file and the electronic policy to the verification server, the verification server is further configured to verify the decrypted file and the delivery file, and transmit a verification result to the client display. 如申請專利範圍第5項所述之使用電子憑證驗證電子保單之系統,其中該文件提供主機是透過電子郵件傳送該電子保單。 A system for verifying an electronic policy using an electronic voucher as described in claim 5, wherein the file providing host transmits the electronic policy by email. 如申請專利範圍第5項所述之使用電子憑證驗證電子保單之系統,其中該電子保單更包含版本資訊。 The system for verifying an electronic policy using an electronic voucher as described in claim 5, wherein the electronic policy further includes version information. 如申請專利範圍第5項所述之使用電子憑證驗證電子保單之系統,其中該驗證伺服器可設置於憑證機構或提供一原始保單或該電子保單之保險機構。 A system for verifying an electronic policy using an electronic voucher as described in claim 5, wherein the verification server is configurable to the voucher authority or an insurance institution that provides an original policy or the electronic policy.
TW102122779A 2013-06-26 2013-06-26 System for validating electronic insurance policy with certificate and method thereof TWI486808B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW102122779A TWI486808B (en) 2013-06-26 2013-06-26 System for validating electronic insurance policy with certificate and method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW102122779A TWI486808B (en) 2013-06-26 2013-06-26 System for validating electronic insurance policy with certificate and method thereof

Publications (2)

Publication Number Publication Date
TW201500955A TW201500955A (en) 2015-01-01
TWI486808B true TWI486808B (en) 2015-06-01

Family

ID=52717950

Family Applications (1)

Application Number Title Priority Date Filing Date
TW102122779A TWI486808B (en) 2013-06-26 2013-06-26 System for validating electronic insurance policy with certificate and method thereof

Country Status (1)

Country Link
TW (1) TWI486808B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI596561B (en) * 2016-04-20 2017-08-21 臺灣網路認證股份有限公司 System for checking insurance policy status online based on reading identifications and method thereof
TWI618007B (en) * 2016-12-09 2018-03-11 臺灣網路認證股份有限公司 System for signing insurance policy through verifying result by third party and method thereof

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI660324B (en) * 2015-01-23 2019-05-21 Lleidanetworks Serveis Telematics, S A Method for producing electronic contracts certified by a user of a telecommunications operator
TWI563412B (en) * 2015-04-30 2016-12-21 Taiwan Ca Inc System for using trust token to make application obtain digital certificate signature from another application on device and method thereof
TWI676959B (en) * 2017-12-29 2019-11-11 心統科技有限公司 Insurance contract online signing system and method thereof for confirmation
CN110891061B (en) * 2019-11-26 2021-08-06 中国银联股份有限公司 Data encryption and decryption method and device, storage medium and encrypted file
CN110995685B (en) * 2019-11-26 2022-07-19 中国银联股份有限公司 Data encryption and decryption method, device, system and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6928548B1 (en) * 2000-09-29 2005-08-09 Intel Corporation System and method for verifying the integrity of stored information within an electronic device
TWI340579B (en) * 2006-12-14 2011-04-11 Inst Information Industry System, apparatus, method, application program, and computer readable medium thereof for requesting a digital certificate and delivering a secret key for a mobile devices
TW201121280A (en) * 2009-12-10 2011-06-16 Mao-Cong Lin Network security verification method and device and handheld electronic device verification method.

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6928548B1 (en) * 2000-09-29 2005-08-09 Intel Corporation System and method for verifying the integrity of stored information within an electronic device
TWI340579B (en) * 2006-12-14 2011-04-11 Inst Information Industry System, apparatus, method, application program, and computer readable medium thereof for requesting a digital certificate and delivering a secret key for a mobile devices
TW201121280A (en) * 2009-12-10 2011-06-16 Mao-Cong Lin Network security verification method and device and handheld electronic device verification method.

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI596561B (en) * 2016-04-20 2017-08-21 臺灣網路認證股份有限公司 System for checking insurance policy status online based on reading identifications and method thereof
TWI618007B (en) * 2016-12-09 2018-03-11 臺灣網路認證股份有限公司 System for signing insurance policy through verifying result by third party and method thereof

Also Published As

Publication number Publication date
TW201500955A (en) 2015-01-01

Similar Documents

Publication Publication Date Title
US10606986B2 (en) Systems and methods for managing and protecting electronic content and applications
TWI486808B (en) System for validating electronic insurance policy with certificate and method thereof
US8924302B2 (en) System and method for electronic transmission, storage, retrieval and remote signing of authenticated electronic original documents
US20180359092A1 (en) Method for managing a trusted identity
US8583931B2 (en) Electronic signing apparatus and methods
US7502934B2 (en) Electronic signatures
EP2465246B1 (en) Layered protection and validation of identity data delivered online via multiple intermediate clients
CN109978688A (en) The access control method and its contract generator and server of distributed common recognition system
US20110289318A1 (en) System and Method for Online Digital Signature and Verification
CN106599729A (en) Safety verification method and system for driving program
TWI734729B (en) Method and device for realizing electronic signature and signature server
US20050060544A1 (en) System and method for digital content management and controlling copyright protection
EP1921554A1 (en) Data delivery system, issuance apparatus, terminal apparatus and intermediate node
EP1704667B1 (en) Electronic signing apparatus and methods
CN111369364A (en) Electronic signature method and device based on super counter
JP2008035019A (en) Digital signature device
US11550931B1 (en) Data certification system and process for centralized user file encapsulation, encryption, notarization, and verification using a blockchain
Kuechler et al. Digital signatures: A business view
TWM508733U (en) Authentication system of electronic insurance policy
US20070192589A1 (en) System and method for encrypting webpage logs
TWM579789U (en) Electronic contract signing device
TW201541376A (en) Network insuring system using financial certificate and method thereof
JP2003263647A (en) Signing method in electronic document
JP2004045607A (en) Electronic certificate, recording medium having electronic certificate recorded thereon, and method, device and program for issuing electronic certificate, and method, device and program for displaying electronic certificate
TWI311429B (en) System and method for signing electronic documents automatically