WO2003105002A1 - Systeme d'authentification polyvalent dans l'organisation - Google Patents

Systeme d'authentification polyvalent dans l'organisation Download PDF

Info

Publication number
WO2003105002A1
WO2003105002A1 PCT/JP2002/005813 JP0205813W WO03105002A1 WO 2003105002 A1 WO2003105002 A1 WO 2003105002A1 JP 0205813 W JP0205813 W JP 0205813W WO 03105002 A1 WO03105002 A1 WO 03105002A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
organization
information
data processing
authority
Prior art date
Application number
PCT/JP2002/005813
Other languages
English (en)
Japanese (ja)
Inventor
秀明 渡辺
輝一 浅海
宗樹 和田
敬 浅野
Original Assignee
株式会社帝国データバンク
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社帝国データバンク filed Critical 株式会社帝国データバンク
Priority to AU2002306326A priority Critical patent/AU2002306326A1/en
Priority to JP2004512005A priority patent/JP3622789B2/ja
Priority to PCT/JP2002/005813 priority patent/WO2003105002A1/fr
Publication of WO2003105002A1 publication Critical patent/WO2003105002A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • the present invention relates to a general-purpose in-organization personal authentication system for authenticating individuals belonging to an organization such as a company.
  • Conventional technology is a general-purpose in-organization personal authentication system for authenticating individuals belonging to an organization such as a company.
  • a certificate at the person in charge is required.
  • the digital certificate issued to a natural person cannot determine to which company the certificate holder belongs.
  • the Commercial Registration and Certification Authority is positioned like a seal of a company representative, and only one certificate is issued to the company, and no certificate is issued to the sole proprietor. For these reasons, the work after receiving the tender and application and the work on material procurement will not proceed smoothly.
  • the present invention solves the above various problems, and in the present invention, when an individual is authenticated in a transaction, a bid, a contract, or the like in an electronic space such as the Internet, the individual truly belongs to an organization such as a company. J] ⁇ Evaluate whether or not you have the authority to make decisions, decisions, etc. It aims at providing a possible system.
  • a further object of the present invention is to provide a system in which a single certificate can be used by a user even in a plurality of authentication systems, such as a plurality of authentication sites having different operators.
  • an authentication database for authentication using an electronic certificate with an organization information database of a company or the like, the authentication is performed based on the latest updated data at the time of authentication.
  • Another object of the present invention is to provide a system capable of performing such processing. Appropriate certification processing can be performed by retiring from companies, changing departments and positions, and responding to mergers, bankruptcies, changes in credit information, and other changes by the companies themselves.
  • the data is collected and stored and updated by the certification body, so that the websites that perform the respective certifications can use the certification system of the present invention without constructing a database individually. It becomes possible. Disclosure of the invention
  • a user-accessible authentication server system connected to the online data processing system via an online data processing network such as a web server accessed from a terminal;
  • the online data processing system includes an electronic certificate receiving unit that receives an electronic certificate transmitted from a user terminal, and an authentication unit that performs data transmission and reception between the certificate authority system and a user authentication process. At least including
  • the above-mentioned certification authority system is provided with an authentication database, and the data stored in the authentication database includes organization identification data such as a company code, and an association between the organization and the individual to authenticate individuals within the organization.
  • organization identification data such as a company code
  • a general-purpose individual in an organization wherein the authentication means performs user authentication in an online data processing system based on authentication information including at least authority information of the individual in the organization extracted from the authentication database. It is characterized by an authentication system.
  • the above-mentioned electronic certificate can be used to associate an organization with an individual by using an electronic certificate that incorporates organization identification data such as a general-purpose company code. It is a personal authentication system.
  • a general-purpose in-house personal authentication system that specializes in being able to associate an organization with an individual from a tape that corresponds to organization identification data such as a serial number and a company code included in the authentication database. It is characterized by having. Further, in order to solve the above-mentioned problems, in the invention described in Claim 4, 'In the invention described in Claims 1 to 3,
  • the certification authority system is provided so that it can be accessed from multiple online data processing systems, and can use the same digital certificate to authenticate users accessing multiple online data processing systems such as different web servers. It is a general-purpose in-house personal authentication system.
  • the above-mentioned authentication database stores organization identification data such as a company code and personal authentication data, and data including at least one of company basic information and authority information.
  • organization identification data such as a company code and personal authentication data
  • data including at least one of company basic information and authority information.
  • the feature is that it is an in-house personal authentication system.
  • the certification authority system includes an organization authority setting unit that allows a person having a predetermined authority of an organization such as a company to set the authority of an individual holding an electronic certificate belonging to the organization,
  • a general-purpose individual in an organization wherein the authentication means performs user authentication in an online data processing system based on authentication information including at least authority information of the individual in the organization extracted from the authentication database. It is characterized by an authentication system.
  • the certification authority system includes use authority setting means for setting which electronic certificate holder can use the person having the predetermined authority of the online data processing system,
  • a general-purpose individual in an organization characterized in that the authentication means performs user authentication in an online data processing system based on authentication information including at least personal authority information of an individual of an organization ⁇ extracted from an authentication database.
  • User authentication in the online data processing system described above includes user authentication about the availability of the use of system services, etc., user authentication about whether or not you have authority over transactions, business negotiations, contracts, etc., bid participation, various applications, examinations, etc. It is characterized by being a general-purpose in-house personal authentication system, characterized by including at least one of the user authentications for qualification.
  • the authentication database stores:
  • Registered users who own digital certificates are required to authenticate users regarding the use of the system and services, and to authenticate users who have authority over transactions, negotiations, contracts, etc.
  • General user authentication which eliminates the need for user registration in online data processing systems, such as websites, through user authentication such as user authentication for eligibility for the use of personal information It is characterized by being a system.
  • a use right application unit is provided in the certification authority system, wherein a user having an electronic certificate accesses the user terminal from the user terminal and requests the use right setting unit to set a use right in the online data processing system.
  • This is a general-purpose in-house personal authentication system.
  • the application for setting the use authority in the online data processing system is approved and stored in the angle-of-interest authority setting means, the individual who owns the relevant digital certificate belongs.
  • the system is characterized in that it is a general-purpose in-house personal authentication system, characterized in that user authentication is permitted for individuals who satisfy predetermined conditions belonging to an organization.
  • the data processing system that performs various data processing after user authentication is a system that uses organization identification data such as a company code used in the authentication and certification database. It is a general-purpose in-house personal authentication system.
  • the authentication database provided in the certification authority system is provided in cooperation with an organization information database that stores, stores, and updates organization information such as company information associated with organization identification data as a key, and
  • organization information database that stores, stores, and updates organization information such as company information associated with organization identification data as a key
  • the feature is that it is a general-purpose in-house personal authentication system characterized by the ability to perform user-one authentication reflecting information updates and fluctuations.
  • the online data processing system is provided with a user database of customers and the like, and stores and stores organization information such as company information provided in cooperation with the authentication database. It is characterized by being a general-purpose in-house personal authentication system that can be used for database updates and fluctuations.
  • the data stored in the organization information database includes organization credit information such as credit information of a company,
  • the authority information stored in the authentication database in advance includes eligibility screening information based on the credit information
  • FIG. 1 is a system configuration diagram showing an example of a basic configuration of the system of the present invention.
  • FIG. 2 is a system configuration diagram showing an example of a form in which a certification authority system is provided so as to be accessible from a plurality of online data processing systems.
  • FIG. 3 is a system outline diagram showing an example of a basic processing flow of the system of the present invention.
  • FIG. 4 is a system outline diagram showing an example of a basic processing flow of an embodiment of the system of the present invention.
  • FIG. 5 is a system outline diagram showing an example of a basic processing flow of an embodiment of the system of the present invention.
  • FIG. 6 is a system outline diagram showing an example of a basic processing flow of an embodiment of the system of the present invention.
  • FIG. 7 is a system outline diagram showing an example of a basic processing flow of an embodiment of the system of the present invention.
  • FIG. 8 is a schematic diagram showing an example of a basic processing flow of an embodiment of the system of the present invention.
  • the personal authentication system of the present invention is a system in which information processing is performed by operation on a terminal such as a computer including input means, control means, display means, output means, storage means, and the like.
  • FIG. 1 is a system configuration diagram showing an example of a basic configuration of the system of the present invention.
  • Online data processing such as a web server accessed from one user terminal It comprises a system and a certification authority system connected to the online data processing system via a network.
  • the certification body system uses the digital certificate to perform the authentication process that links the organizational identification data of a company etc. with the personal authentication data, which is characteristic of the present invention, and reports the result of the authentication to the website. Function to return to the online data processing system that performs In addition, it links the organization identification data of companies etc. with the personal information belonging to the organizations etc., and performs data maintenance and management.
  • the online data processing system accepts access from user terminals on the web site and performs electronic commerce, negotiations, bidding, contracts, and other data processing.
  • the system is provided so as to perform data processing in cooperation with the certification institution system, and transmits and receives data for personal authentication with the certification institution system.
  • a computer terminal such as a personal computer or a workstation is usually used.
  • user terminals include wireless communication terminals such as mobile phones equipped with a browser function that can be connected to the Internet, mobile information terminals, Internet TV, gaming devices, video conference systems, and other devices.
  • wireless communication terminals such as mobile phones equipped with a browser function that can be connected to the Internet, mobile information terminals, Internet TV, gaming devices, video conference systems, and other devices.
  • appliances such as home appliances with network connection functions.
  • the computer terminal includes control means, storage means, input means, output means, display means, and the like.
  • a computer network such as the Internet should have a function to send and receive connectives and data, and should also have an application program such as a browser, e-mail software, a ⁇ -Depth processor, and an operating system (OS). Is a normal form.
  • OS operating system
  • the online data processing system is usually composed of a server system, is connected to communication means represented by the Internet, is provided, and is accessed from a user terminal connected to the communication means.
  • the communication means includes a wide variety of forms, such as the Internet, a network connected by a dedicated line, an intra-company LAN, an inter-company LAN, and a WAN.
  • the form of the communication line used here includes the form of wired communication and wireless communication. Broadly included, including forms using satellite communications and B 1 uetooth.
  • the system can be configured by an application server, a database server, an authentication server, a web server, and if necessary, a mail server and other various devices.
  • an application server a database server
  • an authentication server a web server
  • a mail server a mail server and other various devices.
  • Each of these servers can be configured in the same physical device, physically configured with multiple devices, or physically configured with multiple devices connected via a network. Including, if various functions are realized, various forms are included.
  • the online data processing system is equipped with a web server that stores content data and programs for accessing from user terminals when accepting access from users at web sites and the like via the Internet. I have.
  • Content data includes data files displayed on the website such as HTML files and XML files, and data displayed on mobile phones that can access websites such as C-HTML files. Files etc. are included.
  • a more specific example of an online data processing system is as follows.
  • This system is accessed by users belonging to an organization such as a company to make a contract for receiving and placing orders for inter-company transactions and other electronic commerce.
  • users belonging to an organization such as a company to make a contract for receiving and placing orders for inter-company transactions and other electronic commerce.
  • whether the accessed user is an individual belonging to the organization such as the company, or whether the user is an individual who has authority to conduct transactions, contracts, etc. If authentication is required, personal authentication is performed in cooperation with the certification body system.
  • it is a system that is accessed by users belonging to organizations such as companies, and provides bids for delivery of goods, provision of services, construction orders, and participation in estimates. And for example, there is a case where the government or local government accepts bid participation. Even in such cases, the accessing user is an individual who belongs to the organization such as the applicable company, or not, or an individual who belongs and has the authority to participate in bids and submit estimates. If authentication is required, personal authentication is performed in cooperation with the certification body system.
  • the organization is not limited to companies.
  • qualified users such as lawyers and tax accountants are users
  • the administrative organizations bar associations and tax accountants associations
  • the accessed user is an individual belonging to the organization of the relevant qualified person, the power of an authorized individual, If authentication is required, perform personal authentication in cooperation with the authentication and certification authority system.
  • the online data processing system includes an electronic certificate receiving means for receiving an electronic certificate transmitted from a user terminal.
  • the electronic certificate receiving means is used for electronic commerce application, contract application, bid participation application, and other personal authentication required when accessing from the user terminal, and the electronic data transmitted from the user terminal together with the necessary data.
  • the received electronic certificate is stored in the storage means in the online data processing system together with the related data.
  • the digital certificate is used to make an inquiry to the certification authority system for personal authentication.
  • the above-mentioned online data processing system includes an authentication unit for transmitting and receiving data to and from an authentication institution system and performing a user authentication process.
  • the transmission of the electronic certificate from the user terminal to the online data processing system is performed by the user terminal holding the electronic certificate, such as the electronic commerce and bidding sites described above.
  • Required information such as commercial transactions and bids (what is sent and presented to the online data processing system of Japan.
  • An electronic certificate is attached to the specified information, or it is encrypted by an electronic certificate. Sent by
  • the means of authentication and proof are organization identification information such as a company code included in the electronic certificate sent from the user terminal, or a serial number for each individual. And other personal identification information, and store it together with the received data of the required predetermined items.
  • the authentication process is performed by transmitting the organization identification information or personal identification information required for the authentication process to the certification institution system described below and referring to the authentication database.
  • Each sent transaction condition information is securely protected by encrypted communication using an electronic certificate with a company code added.
  • the authentication using a digital certificate with a company code attached is one in which individuals belonging to organizations such as companies that transmit data by accessing transactions, bidding, and other various online data processing systems are issued. It is.
  • FIG. 2 is a system configuration diagram showing an example of a form in which a certification authority system is provided so as to be accessible from a plurality of online data processing systems. It is possible to use the same digital certificate for user authentication to access online data processing systems such as different web servers.
  • the personal authentication system of the present invention performs authentication processing using organization identification data such as a general-purpose company code, it can be used in various online data processing systems for general purposes.
  • organization identification data such as a general-purpose company code
  • the certification body system has a certification database.
  • the data stored in the authentication database includes at least the organization identification data such as the company code, and the personal authentication data for authenticating the individual in the organization by associating the organization with the individual.
  • the organization identification data is organization identification data such as a general-purpose company code, which is incorporated in a digital certificate as an example of a desirable form, and correspondingly, data that associates an organization with an individual is authenticated. Stored in the database. In addition, it is desirable to store and manage basic company information and authority information in the authentication database.
  • Still another form of data stored in the authentication database is a form in which an electronic certificate that does not incorporate organization identification data such as a company code as an electronic certificate and that incorporates an individual's serial number is used.
  • the authority information stored in the authentication database firstly indicates whether the individual to be authenticated belongs to the company or the like, or whether or not he / she has the predetermined authority. There is authority information within the organization.
  • the certification authority system In order to register and manage such authority information, the certification authority system requires that a person with the prescribed authority of the organization, such as a company, set the authority of the individual holding the digital certificate belonging to the organization. Means are provided.
  • the authentication means performs a user authentication in an online data processing system based on authentication information extracted from an authentication database and including authority information of individuals in an organization.
  • an online data processing system such as a website that performs e-commerce and bidding can be used for transactions and bidding for organizations such as companies and individuals belonging to them.
  • the power of giving or not giving the authority to apply for and participate in the event is given.
  • the certification authority system When granting such authority information, has a usage authority setting that sets which electronic certificate holder can use the person who has the predetermined authority of the online data processing system. Means are provided.
  • Online data processing system administrator ⁇ The operator has built a function to set which digital certificate holder can use the company's own system. When the holder accesses the authentication system, the set authority information is provided in response to a request from the authentication system.
  • the authentication means performs user authentication in the online data processing system based on authentication information including authority information of individuals in the organization extracted from the authentication database.
  • An example of the electronic certificate used here is, for example, as follows, which is issued by a certification authority system or the like connected to a network.
  • the certification authority system is preferably a form of a neutral third-party certification authority.
  • the issuance process is performed in a certification authority system described later or a server cooperating therewith. be able to.
  • Various types of known digital certificates can be used, but a typical example is a digital signature system using a public key cryptosystem.
  • the public key cryptosystem is a system in which a single key pair (public key and secret key) is used to perform encryption and decryption (decryption). What is encrypted with a private key cannot be decrypted without a public key. Proof that the public key is indeed the authenticity is provided by a trusted third-party certificate authority system.
  • the certification body issues an electronic certificate (electronic certificate) that proves the owner of the public key.
  • the association between a person who is a natural person and has an electronic certificate and a thread belonging to a company or the like to which the person belongs is made using organization identification data such as a general-purpose company code. In order to do so, the following requirements must be met as a desirable method.
  • an organization such as a company to which an individual who is issued a digital certificate belongs It is possible to accurately identify which identification code corresponds to the organization information (corporate information) database used.
  • the certification authority system since the minimum required information is disclosed free of charge when using the organization identification code, the information can be used effectively in an online data processing system that uses authentication.
  • an example of an electronic certificate issuance mode performed by the certification authority system will be described. First, access the certification authority system from the user terminal, report the public key to the certification authority system, and request issuance of a digital certificate.
  • the user of company A first submits an application to the certification body after filling in the company name, name, Roman character name, e-mail address, etc. Do.
  • the certification body confirms that the request was made by the principal. If there is an application for membership, the certification body system will conduct an examination of company A. In the examination, the examination of company A will be conducted using the existing company information database, etc. Can be.
  • the information of the applicant user of Applicant Company A is registered in the certification database in the certification organization system.
  • the “person” When registering in the authentication database, when issuing an electronic certificate by applying from the affiliated organization (company, etc.), the “person” is linked to the “company” to which it belongs.
  • the identification code of the company information database that is generally distributed is used for linking with the organization such as the company.
  • the correspondence between the unique information stored in the digital certificate such as a serial number and the company identification code of the relevant company Use a table.
  • a digital certificate (with public key) is sent to the requesting user.
  • a digital certificate (with public key) is sent to the requesting user.
  • FIG. 3 is a system outline diagram showing an example of a basic processing flow of the system of the present invention. .
  • an application for a transaction or a bid from an online data processing system such as a website that performs e-commerce or bidding to a company or other thread or an individual belonging to it.
  • Authorization access to the certification authority system, and registration of authority information (use authority information) in order to grant the authority to grant or deny the authority to use such as participation and participation (S100).
  • Authority information is used to determine whether or not an individual who accesses the system belongs to an organization such as a company. This is information such as permission to use by authentication processing such as bidding.
  • the administrator of an organization such as a company assigns authority information (organization authority information) to which of the individuals who belong to the organization in advance
  • the authority information (organization authority) It is information that, by judging whether or not the information has been granted, the user is authorized to use it by authentication processing such as e-commerce and bidding if it exists.
  • the contents of the user authentication include, for example, user authentication regarding the availability of use of the system and service, and the presence or absence of authority for transactions, User authentication, user authentication for eligibility for bid participation, various applications and examinations, etc.
  • the digital certificate is transmitted together (S101). If the digital certificate is a secret key system, the digital certificate is encrypted (digital signature) using this.
  • the electronic certificate contains organization identification data such as a company code or a serial number for identifying an individual. Send electronic documents, ciphertexts, and public keys.
  • the electronic certificate receiving means receives the data transmitted from the user terminal, decrypts the cipher text using the attached public key, and verifies the signature. By checking it against the original electronic document, it can be confirmed that no unauthorized tampering has been performed.
  • the authentication means makes an inquiry to the authentication database of the certification authority system to confirm that the owner of the private key corresponding to the public key has been digitally signed (S102). Based on the authentication information extracted from the authentication database and including at least the authority information of the individual in the organization, the authentication means determines whether or not there is predetermined authority information, and performs user authentication in the online data processing system. I do.
  • the authentication database stores in advance the settings of the holder of the above-mentioned online data processing system who has the specified authority and who can use it, A registered user who owns an online data processing system does not need to register as a user by passing the user authentication to the authentication institution system.
  • the certification authority system provide the attribute information of the linked "company" in response to an inquiry request from the online data processing system.
  • the result is notified to the user terminal (S103), and predetermined data necessary for data processing is transmitted and received.
  • a digital certificate In the normal authentication work, a digital certificate must be used and the user must be registered and entered in the authentication database. New applicants will not be able to use the certificate until after registration, and will need to perform registration work when bidding on multiple local governments or using multiple services. ⁇ Therefore, as shown in Fig. 4, a user who possesses an electronic certificate accesses from a user terminal and applies to the above-mentioned usage right setting means for setting the usage right in the online data processing system.
  • means are provided in said certification authority system.
  • This is a general-purpose application system that allows certificate holders (persons who own digital certificates) to register on other sites with their own hands.
  • the application for setting the use authority in the online data processing system is approved and stored in the use authority setting means, user authentication for the individual who satisfies the predetermined conditions belonging to the organization to which the individual who owns the relevant digital certificate belongs Is recognized. For example, if a municipality (A) qualifies for bid participation, and a certificate holder company (A) who is bidding electronically with a digital certificate, and another municipality (B) wants to qualify for bidding, In this case, the user, the certificate holder itself, takes the first action, even if the publisher does not take action to pass the authority information.
  • the company application information is transmitted from the application site to the local government B's bidding site (S202), the content is confirmed and qualification is examined. If OK, the company can directly participate in the bidding for the local government B (S203) 0
  • This system is effective when there is no prior data for each company on the site operator side It can be an effective means.
  • an online data processing system having at least an electronic certificate receiving means and an authentication means is connected to a Web site for transmitting and receiving data and processing data via the Internet, and is provided with a data processing system.
  • a data processing system is a core system in which an administrator who manages and operates a web site and the like performs data processing in the organization and the like. For example, a system that stores received data, performs transactions, billing, accounting, and other data processing, and a system that manages customers for each user is an example.
  • a data processing system that performs various data processing after user authentication is characterized by using thread identification data such as a company code used for the authentication database.
  • Ordinary digital certificates are only specially designed for authentication. After the certification is completed, the site operator is forced to perform new work such as calling the customer information of the relevant user and linking it to the transaction information in order to proceed to the core business system (actual commercial transaction), If a digital certificate incorporating a general-purpose company code is distributed and the use of an authentication database in which company information is entered becomes open, after authentication, the information of the company concerned will be linked using the company code as a key. It is possible to seamlessly advance to core business.
  • the authentication database provided in the certification institution system includes an organization information database for storing and storing and updating organization information such as company information associated with the organization identification data as a key.
  • organization information database for storing and storing and updating organization information such as company information associated with the organization identification data as a key.
  • companies are living creatures and can undergo a variety of changes, including mergers, bankruptcies, and dormancy.
  • a bankrupt company or a merged company due to a merger loses the eligibility to participate in the bidding, but a system in which these fluctuation information and digital certificates are linked is used by commercial registration certification authorities and ordinary private companies. There is no certificate authority, and no such response can be taken when such a situation occurs.
  • a digital certificate based on a commercial registration cannot cope with corporate dormancy or unauthorized use of the registration.
  • the authentication database is updated at any time in real time or close to it. It is reflected (S300).
  • the invalidation list (from the certification body system to the online data processing system) CRL) is provided (S301). Invalid processing lists are stored in the online data processing system.
  • the user accesses the online data processing system from the user terminal, and inputs data of predetermined data items that the online data processing system requests data input and transmission, such as e-commerce application and bid participation application, and the input electronic document Is transmitted (S302).
  • data input and transmission such as e-commerce application and bid participation application
  • the electronic certificate is also transmitted, and in the online data processing system, the data transmitted from the user terminal is received by the electronic certificate receiving means.
  • the online data processing system is provided with a user database of customers and the like.
  • the company fluctuates due to changes in trade name, address, etc., but maintenance is difficult (or impossible) in a normal authentication system, and information at the time of registration is often left as it is. .
  • the certification authority system provides the updated data to the online data processing system by sending it (S401) and updating the user database (S402). ). It can provide information such as business name changes and address changes, and can maintain the customer database on the site operator side.
  • the organization information such as company information provided in cooperation with the authentication database is stored, stored, and updated, and the update and fluctuation of the organization information database can be used for the update and fluctuation of the user database. I do.
  • the customer database can be maintained, and the latest data can be referred to when performing authentication processing by accessing the online data processing system from the user terminal (S403).
  • bidding restrictions and screening can be performed by objectively assessing construction capacity through management item screening, but in other industries, there is no alternative to management item screening.
  • management item screening In order to promote the digitization of goods procurement and applications in an open environment, it is necessary to link with a system that can obtain company information for understanding the status of bidders and applying companies. .
  • the site operator can check the credit status of each user.
  • qualified screening information as authority information has been input in the authentication database in advance, automatic company selection becomes possible.
  • the data stored in the organization information database includes organization credit information such as corporate credit information.
  • organizational credit information can be obtained by a third-party investigator, such as basic information about the company, organizational information, transaction volume, payment results, delivery results and other transaction information, financial information, member information, and other important information. It may include quantitative or qualitative information including item information. Also, based on such information, it is possible to store, accumulate, and update indices, ratings, rankings, and other credit information indicating credit information.
  • the authority information stored in advance in the authentication database include qualifying starry-jung information based on the credit information.
  • Eligibility screening information is data that serves as a basis for each online data processing system to perform screening processing based on the above-mentioned organizational credit information in order to determine the eligibility of a partner such as a transaction or a bid.
  • a partner such as a transaction or a bid.
  • data is created in advance to determine the standard value or rating value table from the company information.
  • the reference value is, for example, a numerical value that serves as a criterion such as not performing a transaction with a score of 50 or more, and the rating value is, for example, a ranking of 70 or more with a rating of A, etc. It is.
  • various scales serving as judgment criteria can be set in advance.
  • a screening process based on the credit information can be performed.
  • the company information acquisition agent extracts information (such as a company code) for acquiring company information from the transaction condition information to which the company code is added, and makes a search request to the company information providing server.
  • the search request is sent to the company information acquisition server for acquiring company information in real time or in batch processing.
  • the organization credit information stored in the organization information database is stored in association with the data stored in the authentication database and the organization identification data such as the company code. It can be extracted and referenced using a code or the like (S500).
  • qualified screening information is set in advance in the authentication database from the online data processing system and stored (S501).
  • the user accesses the online data processing system from the user terminal, and inputs the data of the specified data items that the online data processing system requests data input and transmission, such as e-commerce application and bidding participation application.
  • the electronic document is transmitted (S502).
  • the digital certificate is also transmitted, and in the online data processing system, the data transmitted from the user terminal is received by the digital certificate receiving means.
  • an inquiry is made to the authentication database (S503), and information including the credit information of the corresponding company or the like is extracted using the company code or the like (S504).
  • the data searched and extracted using the company code as key is business information and information such as sales and grades. In some cases, the data to be returned is only the judgment itself (Y ES, ⁇ ⁇ , etc.).
  • a general-purpose company code or serial number into the electronic certificate and entering the company code, serial number, personal information within the company, basic company information, and authority information into the authentication database, It is possible to perform authentication by associating with an individual, and it is also possible to authenticate a sole proprietor. Further, in the present invention, it is possible to provide a system in which a single certificate can be used by a user even in a plurality of authentication systems such as a plurality of authentication sites having different operators. If a general-purpose company code is incorporated into the digital certificate and the use of the authentication database becomes open, one general-purpose digital certificate will be used for both the authentication side of local governments and companies, etc., and the user to be authenticated such as bidders. Certification work can be completed with the certificate.
  • an authentication database for authentication using a digital certificate with an organization information database of a company or the like
  • authentication and the like are performed based on the latest updated data at any time during authentication. It is possible to provide a system capable of performing the above processing. Appropriate authentication processing can be performed by responding to retirement from a company or the like, changes in departments and positions, and in addition, the company itself responds to mergers, bankruptcies, changes in credit information, and other changes.
  • the data is collected, stored, and updated by the certification body, so that the websites that perform the respective certifications can use the certification system of the present invention without having to construct individual databases. It becomes possible to do.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

L'invention concerne un système polyvalent permettant d'identifier les personnes d'une organisation. Ce système comprend un système de traitement de données en ligne tels qu'un serveur web auquel on peut avoir accès par un terminal utilisateur, et un système institut d'authentification connecté par un réseau. Le système de traitement de données en ligne comprend un moyen de réception de certificat électronique destiné à la réception d'un certificat électronique transmis depuis un terminal utilisateur et un moyen destiné à l'authentification de l'utilisateur par des données de communication avec le système institut d'authentification. Le système institut d'authentification est équipé d'une base de données d'authentification contenant les données d'identification d'organisation, telles que les codes sociétés, et les données d'authentification d'un individu d'une organisation par mise en relation de l'organisation et de la personne. Un utilisateur est authentifié sur la base des données d'authentification qui sont extraites de la base de données d'authentification et contiennent au moins des données sur l'autorité d'un individu dans une organisation.
PCT/JP2002/005813 2002-06-11 2002-06-11 Systeme d'authentification polyvalent dans l'organisation WO2003105002A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
AU2002306326A AU2002306326A1 (en) 2002-06-11 2002-06-11 General-purpose autentication system in organization
JP2004512005A JP3622789B2 (ja) 2002-06-11 2002-06-11 汎用的組織内個人認証システム
PCT/JP2002/005813 WO2003105002A1 (fr) 2002-06-11 2002-06-11 Systeme d'authentification polyvalent dans l'organisation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2002/005813 WO2003105002A1 (fr) 2002-06-11 2002-06-11 Systeme d'authentification polyvalent dans l'organisation

Publications (1)

Publication Number Publication Date
WO2003105002A1 true WO2003105002A1 (fr) 2003-12-18

Family

ID=29727341

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2002/005813 WO2003105002A1 (fr) 2002-06-11 2002-06-11 Systeme d'authentification polyvalent dans l'organisation

Country Status (3)

Country Link
JP (1) JP3622789B2 (fr)
AU (1) AU2002306326A1 (fr)
WO (1) WO2003105002A1 (fr)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005198116A (ja) * 2004-01-09 2005-07-21 Nippon Telegr & Teleph Corp <Ntt> コンテンツ配信・再生方法、コンテンツ配信・再生システム、その管理装置及び再生装置
JP2014174915A (ja) * 2013-03-12 2014-09-22 Nomura Research Institute Ltd 社員交流システム
JP2015029246A (ja) * 2013-06-26 2015-02-12 株式会社リコー 通信装置、通信システム及びプログラム
JP2016062362A (ja) * 2014-09-18 2016-04-25 富士通株式会社 認証サービス方法、認証サービスサーバ、及び認証サービスシステム
JP2018074436A (ja) * 2016-10-31 2018-05-10 周樹 是枝 証明書管理装置
JP2018074546A (ja) * 2016-11-04 2018-05-10 周樹 是枝 証明書管理装置
JP2020508593A (ja) * 2017-04-28 2020-03-19 アリババ・グループ・ホールディング・リミテッドAlibaba Group Holding Limited コンセンサス検証方法およびデバイス
EP3690694A1 (fr) 2019-01-30 2020-08-05 Hitachi, Ltd. Système et procédé de liaison d'informations
EP3806014A1 (fr) 2019-10-11 2021-04-14 Hitachi, Ltd. Système de plate-forme de coordination, procédé de coordination d'informations et dispositif de pont de coordination d'informations
KR20210043598A (ko) 2019-10-09 2021-04-21 가부시키가이샤 히타치세이사쿠쇼 계산기 시스템 및 연계 제어 방법
US11151115B2 (en) 2019-03-15 2021-10-19 Hitachi, Ltd. Information linkage system and information management method
WO2021245887A1 (fr) 2020-06-04 2021-12-09 富士通株式会社 Procédé de commande, dispositif de traitement d'informations et programme de commande

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11298469A (ja) * 1998-04-08 1999-10-29 Nippon Telegr & Teleph Corp <Ntt> 認証システムおよび認証方法ならびに該システムまたは方法を実現するためのプログラムを記録した記録媒体
JP2000020377A (ja) * 1998-06-30 2000-01-21 Lion Corp データベースシステム、データ管理方法及びデータ管理用ソフトウェアを記録した記録媒体
JP2001216400A (ja) * 2000-02-04 2001-08-10 Teikoku Databank Ltd 電子商取引システム
JP2002026962A (ja) * 2000-07-12 2002-01-25 Nec Corp メンバ管理方法とメンバ管理システム

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001216371A (ja) * 2000-01-31 2001-08-10 Fuji Xerox Co Ltd 電子取引システム及び方法
JP2001306525A (ja) * 2000-04-27 2001-11-02 Secugen Japan Ltd ユーザ認証方法、ユーザ認証システム運用方法、ユーザ認証システム、認証サーバ、および、事業者サーバ
JP2002007930A (ja) * 2000-06-19 2002-01-11 Seiko Epson Corp 与信情報提供システム、販売システム、購買システム及び情報記憶媒体
JP2002149609A (ja) * 2000-11-13 2002-05-24 Nec Corp Webアクセス認証システム

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11298469A (ja) * 1998-04-08 1999-10-29 Nippon Telegr & Teleph Corp <Ntt> 認証システムおよび認証方法ならびに該システムまたは方法を実現するためのプログラムを記録した記録媒体
JP2000020377A (ja) * 1998-06-30 2000-01-21 Lion Corp データベースシステム、データ管理方法及びデータ管理用ソフトウェアを記録した記録媒体
JP2001216400A (ja) * 2000-02-04 2001-08-10 Teikoku Databank Ltd 電子商取引システム
JP2002026962A (ja) * 2000-07-12 2002-01-25 Nec Corp メンバ管理方法とメンバ管理システム

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
KAZUHIKO MAKINO, 4 April 2001, X-MEDIA CORP., article "Chozukai business e-business no risk management first edition", pages: 30 - 31, XP002953866 *
YASUHIRO KAWAI, YOICHI YAMAZAKI: "Tokushu 1 digital shomei jidai ga yattekuru hoseibi de kasokusuru denshi bunsho katsuyo he no michi", NIKKEI INTERNET TECHNOLOGY, 22 May 2001 (2001-05-22), pages 159 - 163, XP002953865 *

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4663242B2 (ja) * 2004-01-09 2011-04-06 日本電信電話株式会社 コンテンツ配信・再生方法、コンテンツ配信・再生システム、その管理装置及び再生装置
JP2005198116A (ja) * 2004-01-09 2005-07-21 Nippon Telegr & Teleph Corp <Ntt> コンテンツ配信・再生方法、コンテンツ配信・再生システム、その管理装置及び再生装置
JP2014174915A (ja) * 2013-03-12 2014-09-22 Nomura Research Institute Ltd 社員交流システム
JP2015029246A (ja) * 2013-06-26 2015-02-12 株式会社リコー 通信装置、通信システム及びプログラム
JP2016062362A (ja) * 2014-09-18 2016-04-25 富士通株式会社 認証サービス方法、認証サービスサーバ、及び認証サービスシステム
JP2018074436A (ja) * 2016-10-31 2018-05-10 周樹 是枝 証明書管理装置
JP2021158678A (ja) * 2016-11-04 2021-10-07 周樹 是枝 証明書管理装置
JP2018074546A (ja) * 2016-11-04 2018-05-10 周樹 是枝 証明書管理装置
JP7336485B2 (ja) 2016-11-04 2023-08-31 周樹 是枝 証明書管理装置
JP2020508593A (ja) * 2017-04-28 2020-03-19 アリババ・グループ・ホールディング・リミテッドAlibaba Group Holding Limited コンセンサス検証方法およびデバイス
EP3690694A1 (fr) 2019-01-30 2020-08-05 Hitachi, Ltd. Système et procédé de liaison d'informations
US11687643B2 (en) 2019-01-30 2023-06-27 Hitachi, Ltd. Information linkage system and information linkage method
US11151115B2 (en) 2019-03-15 2021-10-19 Hitachi, Ltd. Information linkage system and information management method
KR20210043598A (ko) 2019-10-09 2021-04-21 가부시키가이샤 히타치세이사쿠쇼 계산기 시스템 및 연계 제어 방법
EP3806014A1 (fr) 2019-10-11 2021-04-14 Hitachi, Ltd. Système de plate-forme de coordination, procédé de coordination d'informations et dispositif de pont de coordination d'informations
WO2021245887A1 (fr) 2020-06-04 2021-12-09 富士通株式会社 Procédé de commande, dispositif de traitement d'informations et programme de commande

Also Published As

Publication number Publication date
AU2002306326A1 (en) 2003-12-22
JP3622789B2 (ja) 2005-02-23
JPWO2003105002A1 (ja) 2005-10-13

Similar Documents

Publication Publication Date Title
Rizal Batubara et al. Unraveling transparency and accountability in blockchain
US6236972B1 (en) Method and apparatus for facilitating transactions on a commercial network system
RU2292589C2 (ru) Аутентифицированный платеж
US7472074B1 (en) Method and apparatus for a commercial network system designed to facilitate buyer-driven conditional purchase offers
US20080221945A1 (en) Ecosystem allowing compliance with prescribed requirements or objectives
CN110728494B (zh) 不动产业务的办理方法、不动产权信息系统及装置
Basu et al. Authentication in e-commerce
KR20080098492A (ko) 평판 정보 시스템, 평판 정보 제공 방법 및 컴퓨터 판독가능 매체
US8249921B2 (en) Method for facilitating a transaction between buyers and sellers
JP2003157402A (ja) オープンネットワーク販売システム及び取引トランザクションのリアルタイムでの承認を行う方法
JP4772449B2 (ja) 信託委託基盤への参加者を自動的に評価する方法及びシステム
KR101639024B1 (ko) 부동산 전속중개계약의 업무처리 방법 및 이를 실현하기 위한 프로그램을 기록한 컴퓨터로 읽을 수 있는 기록매체
US20070143173A1 (en) Method and system for anonymous communication of information about a home
JP3622789B2 (ja) 汎用的組織内個人認証システム
JP2004206187A (ja) コミュニティ管理システム
JP3982135B2 (ja) 予約証明証発行装置および方法
JP6074074B1 (ja) 電子契約の破棄システム、方法およびプログラム
US20020038424A1 (en) Apparatus and method for providing security for electronic signatures
JP4898883B2 (ja) ネットワークを用いた複数オークション運営方法とそのシステム
JP2017135590A (ja) 電子契約の管理システム、方法およびプログラム
US20060080256A1 (en) Method and system for establishing a trustworthy supplier
Wen et al. A conceptual framework for the trusted environment of e-commerce transaction
US20110093348A1 (en) Financial broker social-professional website internet system
JP2002117264A (ja) 電子商取引の仲介サーバーおよび仲介方法
US20160350863A1 (en) Rule-based platform to enable exchange of voting interests for specific voting events

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 2004512005

Country of ref document: JP

AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase