WO2009113154A1 - Système de gestion d'identifiant et procédé de gestion d'identifiant - Google Patents

Système de gestion d'identifiant et procédé de gestion d'identifiant Download PDF

Info

Publication number
WO2009113154A1
WO2009113154A1 PCT/JP2008/054321 JP2008054321W WO2009113154A1 WO 2009113154 A1 WO2009113154 A1 WO 2009113154A1 JP 2008054321 W JP2008054321 W JP 2008054321W WO 2009113154 A1 WO2009113154 A1 WO 2009113154A1
Authority
WO
WIPO (PCT)
Prior art keywords
management
main
sub
management device
allocation
Prior art date
Application number
PCT/JP2008/054321
Other languages
English (en)
Japanese (ja)
Inventor
泰次 岡本
Original Assignee
富士通株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 富士通株式会社 filed Critical 富士通株式会社
Priority to PCT/JP2008/054321 priority Critical patent/WO2009113154A1/fr
Publication of WO2009113154A1 publication Critical patent/WO2009113154A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Definitions

  • the present invention relates to an ID management system and an ID management method for managing a primary ID and a secondary ID issued in response to a request from a user.
  • the service user may have a large number of IDs for each use, such as a company employee ID, a supermarket customer ID, and an insurance contractor ID.
  • IDs for each use, such as a company employee ID, a supermarket customer ID, and an insurance contractor ID.
  • a company employee ID such as a company employee ID, a supermarket customer ID, and an insurance contractor ID.
  • an insurance contractor ID such as a company employee ID, a supermarket customer ID, and an insurance contractor ID.
  • the student ID and policyholder ID are owned by the same person. It may be necessary to manage something. Therefore, conventionally, for example, an ID management device provided in an insurance company that needs to manage that a student ID and a contractor ID are held by the same person is contracted with the student ID. The correspondence with the person ID is associated and managed.
  • the present invention has been made to solve the above-described problems of the prior art, and an ID management system and an ID that can prevent the correspondence between different types of IDs having different uses from being exposed.
  • the purpose is to provide a management method.
  • the present invention provides a user terminal used by a user, a main ID management device that manages a main ID for identifying the user for the first use,
  • An ID management system including a secondary ID management device for managing a secondary ID for identifying a user for the second use, wherein the primary ID management device includes a primary ID and the secondary ID management.
  • the sub-ID management means for managing the sub ID, the main ID management device ID for specifying the main ID management device, and the allocation management ID in association with each other is a requirement.
  • the sub ID management means manages the main ID management device ID and the allocation management ID that are different for each main ID management device in association with the sub ID. To do.
  • the secondary ID management device requests a secondary ID generation means for generating a secondary ID and a login by a primary ID when receiving a secondary ID issue request from the user terminal.
  • the main ID to be associated with the sub-ID generated by the sub-ID generation means is whether or not the user of the user terminal that is the user and the user of the user terminal that is the transmission source of the sub-ID issue request is the same person.
  • the same person confirmation means for confirming in cooperation with the managing main ID management device, the user terminal user who requests the login request, and the user terminal user who is the transmission source of the sub ID issue request are the same person.
  • an allocation management ID generating unit that generates an allocation management ID to be indicated; and an allocation management that transmits the allocation management ID generated by the allocation management ID generating unit to a main ID management device that manages a main ID to be associated with the sub ID
  • a sub-ID allocation management information recording unit that records the allocation management ID generated by the generating unit in association with each other; and when the recording by the sub-ID allocation management information recording unit is completed, the transmission source of the sub-ID issue request A sub-ID transmission unit that transmits the sub-ID generated by the sub-ID generation unit to the user terminal, wherein the main ID management device An allocation management ID receiving means for receiving an allocation management ID from the D management apparatus; an allocation management ID
  • the present invention also issues and manages a primary ID for identifying a user for the first use, and issues and manages a sub-ID for identifying the user for the second use.
  • An ID management method wherein a primary ID management device that manages a primary ID includes a primary ID, a secondary ID management device ID for specifying a secondary ID management device that manages a secondary ID, a secondary ID, and a primary ID.
  • the secondary ID management device that manages the secondary ID includes a primary ID management step that causes the primary ID management device to manage the primary ID management device in association with the allocation management ID for specifying the correspondence relationship.
  • the secondary ID management device manages the secondary ID and the primary ID. It is a requirement to include a sub-ID management step in which a main ID management device ID for specifying an ID management device and an allocation management ID are associated with each other and managed by the sub-ID management device.
  • the present invention requires that the sub ID management step manages a different main ID management device ID and allocation management ID for each main ID management device in association with the sub ID. To do.
  • the secondary ID management device when receiving a secondary ID issue request from a user terminal used by a user, a secondary ID generation step of generating a secondary ID, a user of a user terminal requesting login by a primary ID, Cooperation with the main ID management apparatus that manages the main ID to be associated with the sub ID generated by the sub ID generation step, as to whether or not the user of the user terminal that is the transmission source of the sub ID issue request is the same person
  • the same person confirmation step confirms that the user of the user terminal that requests the login request and the user of the user terminal that is the transmission source of the sub ID issue request are the same person. If confirmed, it indicates the correspondence between the sub ID generated in the sub ID generation step and the main ID to be associated with the sub ID.
  • a transmission step, a sub ID generated by the sub ID generation step, a main ID management device ID for specifying a main ID management device that manages a main ID to be associated with the sub ID, and the allocation management ID generation When the recording by the sub ID allocation management information recording step for recording the allocation management ID associated with the step in association with each other and the recording by the sub ID allocation management information recording step are completed, the transmission source of the sub ID issue request is A sub-ID transmission step of transmitting the sub-ID generated by the sub-ID generation step to a certain user terminal.
  • the primary ID management device includes an allocation management ID receiving step for receiving an allocation management ID from the secondary ID management device, an allocation management ID received by the allocation management ID receiving step, and a transmission source of the allocation management ID. It is a requirement that it further includes a main ID assignment management information recording step of recording a sub ID management device ID for specifying a certain sub ID management device in association with a main ID that has requested login.
  • the anonymity of the primary ID and the secondary ID is maintained, and the secondary ID can be issued on the condition that the primary ID exists.
  • FIG. 1 is a diagram for explaining the outline and features of the ID management system according to the first embodiment.
  • FIG. 2 is a diagram illustrating a system configuration of the ID management system according to the first embodiment.
  • FIG. 3 is a block diagram illustrating the configuration of the main ID management apparatus according to the first embodiment.
  • FIG. 4 is a diagram illustrating a configuration example of the main ID management information and the sub ID management information according to the first embodiment.
  • FIG. 5 is a block diagram illustrating the configuration of the secondary ID management apparatus according to the first embodiment.
  • FIG. 6 is a diagram illustrating a process flow of the ID management system according to the first embodiment.
  • FIG. 7 is a block diagram illustrating the configuration of the secondary ID management apparatus according to the second embodiment.
  • FIG. 1 is a diagram for explaining the outline and features of the ID management system according to the first embodiment.
  • FIG. 2 is a diagram illustrating a system configuration of the ID management system according to the first embodiment.
  • FIG. 3 is a block diagram illustrating the configuration of
  • FIG. 8 is a diagram illustrating a process flow of the ID management system according to the second embodiment.
  • FIG. 9 is a diagram illustrating a process flow of the ID management system according to the second embodiment.
  • FIG. 10 is a diagram for explaining the features of the ID management system according to the third embodiment.
  • FIG. 11 is a diagram illustrating a system configuration of the ID management system according to the third embodiment.
  • FIG. 12 is a diagram illustrating a configuration example of main ID management information and sub ID management information according to the third embodiment.
  • FIG. 13 is a diagram illustrating a process flow of the ID management system according to the third embodiment.
  • FIG. 14 is a diagram illustrating a process flow of the ID management system according to the third embodiment.
  • FIG. 15 is a diagram illustrating a process flow of the ID management system according to the third embodiment.
  • FIG. 16 is a diagram illustrating an overview of an ID management system according to the fourth embodiment.
  • Example 1 will be described as an embodiment of the ID management system according to the present invention, and then other embodiments included in the ID management system according to the present invention will be described in other examples.
  • FIG. 1 is a diagram for explaining the outline and features of the ID management system according to the first embodiment.
  • the ID management system outlines the management of the primary ID and the secondary ID issued in response to a request from the user, but the correspondence between different types of IDs with different uses is exposed.
  • the main feature is to prevent.
  • the ID management system includes a user terminal used by a user and a main ID management device that manages a main ID that issues a main ID for uniquely identifying the user. And a sub-ID management device that issues a sub-ID for uniquely identifying a virtual person used by the user on the network.
  • the main ID management device uses the main ID, the sub ID management device ID for specifying the sub ID management device, the allocation management ID for specifying the correspondence between the sub ID and the main ID, and the main ID.
  • Personal information for example, user bank account information and credit number information for use in a payment processing service, name and address for use in a logistics service, etc. is managed in association with each other.
  • the secondary ID management device manages the secondary ID, the primary ID management device ID for specifying the primary ID management device, and the allocation management ID in association with each other.
  • the ID management system according to the first embodiment can prevent the correspondence between different types of IDs having different uses from being exposed, like the main feature described above.
  • FIG. 2 is a diagram illustrating a system configuration of the ID management system according to the first embodiment.
  • FIG. 3 is a block diagram illustrating the configuration of the main ID management apparatus according to the first embodiment.
  • FIG. 4 is a diagram illustrating a configuration example of the main ID management information and the sub ID management information according to the first embodiment.
  • FIG. 5 is a block diagram illustrating the configuration of the secondary ID management apparatus according to the first embodiment.
  • the ID management system includes a user terminal 300 used by a user, and a main ID management device 100 that manages a main ID that issues a main ID for uniquely identifying the user. And a sub ID management device 200 that issues a sub ID for uniquely identifying a virtual person used by the user on the network. Further, the user terminal 300, the main ID management device 100, and the sub ID management device 200 are connected to each other so that they can communicate with each other via a network, and the main ID management device 100 and the sub ID management device 200 are connected to each other. They are connected so that they can communicate with each other via a network.
  • the main ID management device 100 includes a storage unit 110 and a control unit 120.
  • the storage unit 110 is a storage unit that stores data and programs necessary for various processes performed by the control unit 120.
  • the storage unit 110 includes main ID management information 111 that is closely related to the present invention.
  • the main ID management information 111 corresponds to “main ID management means” described in the claims.
  • the main ID management information 111 includes a main ID issued in advance for uniquely identifying a user and a main ID for authenticating the user of the user terminal 300 that has logged in using the main ID.
  • Authentication data for example, a password
  • a sub ID management device ID for specifying the sub ID management device 200 connected in a communicable state
  • An allocation management ID for specifying the correspondence relationship with the main ID (link relationship between the sub-ID and the main ID), and personal information (for example, a payment processing service) of the user specified by the main ID (not shown)
  • the control unit 120 has a predetermined control program, a program defining various processing procedures, and an internal memory for storing necessary data, and executes various processes using these, and is particularly suitable for the present invention.
  • a data transmission / reception unit 121, an owner confirmation unit 122, and a data registration unit 123 are provided.
  • the data transmission / reception unit 121 is a processing unit that performs transmission / reception of data between the user terminal 300 and the sub-ID management device 200. Specifically, the data transmission / reception unit 121 receives the main ID and the main ID password when accepting login from the user terminal 300.
  • the data transmitting / receiving unit 121 receives a request for assigning a main ID to a sub ID from the user terminal 300 and also receives an assignment management ID from the sub ID management device 200.
  • This assignment processing request includes data for identity verification.
  • the data transmission / reception unit 121 receives a request for assigning a main ID to a sub-ID from the user terminal 300, the authentication result of the main ID by the owner confirmation unit 122, which will be described later, and the personal identification data included in the assignment processing request
  • the allocation management ID issuance request combined with the above is transmitted to the secondary ID management device 200.
  • the data transmission / reception unit 121 transmits a main ID assignment process completion notification to the user terminal 300.
  • the owner confirmation unit 122 is a processing unit that authenticates the main ID when a login by the main ID is accepted. Specifically, the owner confirmation unit 122 confirms whether or not the main ID acquired at the time of login is already registered in the main ID management information 111. When the main ID is already registered, the owner confirmation unit 122 acquires the main ID password stored in the main ID management information 111 in association with the main ID, and logs in the main ID at the time of login. Compared with the main ID password received together with the ID, authentication is performed as to whether or not the owner is a valid owner of the main ID.
  • the data registration unit 123 is a processing unit that registers assignment management IDs and the like. Specifically, when the data management unit 121 receives the allocation management ID from the data transmission / reception unit 121, the data registration unit 123 identifies the allocation management ID and the secondary ID management device 200 that is the transmission source of the allocation management ID. The ID management device ID and the main ID acquired at the time of login reception are stored in the main ID management information 111 in association with each other.
  • the secondary ID management device 200 includes a storage unit 210 and a control unit 220.
  • the storage unit 210 is a storage unit that stores data and programs necessary for various processes performed by the control unit 220.
  • the storage unit 210 includes sub-ID management information 211 that is closely related to the present invention.
  • the secondary ID management information 211 corresponds to “secondary ID management means” recited in the claims.
  • the sub ID management information 211 includes a sub ID issued to uniquely identify a virtual person used by the user on the network, and the user terminal 300 that logs in using the sub ID.
  • sub-ID authentication data for example, password
  • main ID management device ID for specifying the main ID management device 100 connected in a communicable state
  • sub-ID management device 200 An allocation management ID for specifying the correspondence between the sub ID issued to the user and the main ID (link relationship between the sub ID and the main ID) is stored.
  • the primary ID “aaaaaa” in the primary ID management information is changed to the secondary ID “FJS” in the secondary ID management information, It is associated with the allocation management ID “8h49i”.
  • the control unit 220 has a predetermined control program, a program defining various processing procedures, and an internal memory for storing necessary data, and performs various processing using these, and is particularly suitable for the present invention.
  • a data transmission / reception unit 221, a sub ID generation unit 222, an identity verification data generation unit 223, an allocation management ID generation unit 224, and a data registration unit 225 are provided.
  • the data transmission / reception unit 221 is a processing unit that transmits and receives data between the user terminal 300 and the main ID management device 100. Specifically, a sub ID issue request, a personal identification data issue request, and a sub ID transmission request are received from the user terminal 300, and a sub ID and a sub ID password generated by a sub ID generation unit 222, which will be described later, The identity verification data generated by the identity verification data generation unit 223 is transmitted to the user terminal 300.
  • the data transmission / reception unit 221 receives an allocation management ID issue request from the main ID management device 100 and transmits an allocation management ID to the main ID management device 100.
  • the secondary ID generation unit 222 is a processing unit that generates a secondary ID. Specifically, when the data transmission / reception unit 221 receives a sub ID issue request from the user terminal 300, it generates a sub ID and a sub ID password.
  • the personal identification data generation unit 223 is a processing unit that generates personal identification data. Specifically, when the data transmission / reception unit 221 receives a personal identification data issuance request from the user terminal 300, personal identification data is generated.
  • the allocation management ID generation unit 224 is a processing unit that generates an allocation management ID for specifying the correspondence between the sub ID and the main ID (the link relationship between the sub ID and the main ID). Specifically, when the data transmission / reception unit 221 receives an allocation management ID issuance request from the main ID management device 100, the authentication result included in the allocation management ID issuance request proves the right owner of the main ID. When the personal identification data included in the allocation management ID issuance request matches the personal identification data transmitted to the user terminal 300, an allocation management ID is generated.
  • the data registration unit 225 is a processing unit that registers a sub ID, an allocation management ID, and the like. Specifically, in order to identify the secondary ID generated by the secondary ID generation unit 222, the allocation management ID generated by the allocation management ID generation unit 224, and the main ID management device 100 that is the transmission destination of the allocation management ID. Are stored in the secondary ID management information 211 in association with each other.
  • FIG. 6 is a diagram illustrating a process flow of the ID management system according to the first embodiment.
  • the sub ID management apparatus 200 when the user terminal 300 transmits a sub ID issue request to the sub ID management apparatus 200 (step S601), the sub ID management apparatus 200 generates a sub ID and a sub ID password (step S602). ) And stored in the sub ID management information 211 (step S603).
  • the user terminal 300 transmits a request for issuing personal identification data to the sub ID management device 200. (Step S605).
  • the secondary ID management device 200 generates identity verification data (step S606), and transmits the generated identity verification data to the user terminal 300 (step S607).
  • the user terminal 300 When the user terminal 300 receives the personal identification data from the secondary ID management device 200, the user terminal 300 attempts to log in to the main ID management device 100 using the main ID and the main ID password received from the user (step S608).
  • the main ID management device 100 checks whether or not the main ID acquired at the time of login is already registered in the main ID management information 111 (step S609).
  • the main ID management device 100 acquires the main ID password stored in the main ID management information 111 in association with the main ID, and logs in the main ID at the time of login. Compared with the main ID password received together with the ID, authentication is performed as to whether or not the owner is a valid owner of the main ID (step S610).
  • the user terminal 300 transmits a request for assigning the main ID to the sub ID following the login to the main ID management apparatus 100 (step S611).
  • the main ID management device 100 receives the request for assigning the main ID to the sub-ID from the user terminal 300, the assignment management ID issuance request that combines the authentication result of the main ID and the personal identification data included in the assignment processing request. Is transmitted to the secondary ID management device 200 (step S612).
  • the secondary ID management device 200 When the secondary ID management device 200 receives the allocation management ID issuance request from the main ID management device 100, the authentication result included in the allocation management ID issuance request proves the right owner of the main ID and the allocation management. It is confirmed whether or not the identity confirmation data included in the ID issuance request matches the identity confirmation data transmitted to the user terminal 300 (step S613). Then, the secondary ID management device 200 generates an allocation management ID when the personal identification data included in the allocation management ID issuance request matches the personal identification data transmitted to the user terminal 300 (step S614). .
  • the secondary ID management device 200 identifies the allocation management ID and the primary ID management device 100 that is the transmission destination of the allocation management ID in association with the secondary ID that has been generated and registered in the secondary ID management information 211.
  • the main ID management device ID is stored (step S615), and the allocation management ID is transmitted to the main ID management device 100 (step S616).
  • the primary ID management device 100 is acquired at the time of log-in reception, the allocation management ID received from the secondary ID management device 200, the secondary ID management device ID for identifying the secondary ID management device 200 that is the transmission source of the allocation management ID.
  • the main ID is stored in the main ID management information 111 in association with each other (step S617), and a main ID assignment process completion notification is transmitted to the user terminal 300 (step S618).
  • the user terminal 300 When the user terminal 300 receives the main ID assignment processing completion notification from the main ID management device 100, the user terminal 300 transmits a sub ID transmission request to the sub ID management device 200 (step S619).
  • the secondary ID management device 200 transmits the secondary ID and the secondary ID password to the user terminal 300 (step S620).
  • the user terminal 300 notifies the user of the sub ID and the sub ID password received from the sub ID management device 200 (step S621).
  • the main ID management device 100 has a correspondence between the main ID, the sub ID management device ID for specifying the sub ID management device 200, and the sub ID and the main ID.
  • the sub-ID management device 200 manages the sub-ID and the main ID management device 100 in association with the assignment management ID for specifying the ID and the personal information of the user specified by the main ID in association with each other.
  • the ID management device ID and the allocation management ID are managed in association with each other.
  • the main ID management apparatus 100 and the sub ID management apparatus 200 are distributed and managed, and the main ID, the sub ID, and the allocation management ID are associated with each other, thereby informing the main ID management apparatus 100 of the sub ID.
  • necessary information can be exchanged between the devices based on the assigned management ID without notifying the secondary ID management device 200 of the primary ID, and it is assumed that the primary ID management device 100 or the secondary ID management device 200 Even if any one of the managed information is exposed, it is possible to prevent the correspondence between the primary ID and the secondary ID from being exposed.
  • the secondary ID management device 200 when the main ID management device 100 authenticates that the main ID of the user who logs in to the main ID management device 100 is the main ID of a valid user, the secondary ID management device 200 Since the sub ID is provided and assigned to the main ID in response to a request from the user, the anonymity of the main ID and the sub ID can be maintained and the sub ID can be issued on condition that the main ID exists. There is an effect. In addition, when a problem occurs in providing a service using the sub-ID, there is an effect that the responsibility corresponding to the user corresponding to the main ID can be pursued as necessary.
  • the issuing procedure of the sub ID of the ID management system according to the present invention is not limited to the issuing procedure (see FIG. 6) described in the first embodiment. Therefore, in the following second embodiment, another form of the sub ID issuing procedure will be described.
  • FIG. 7 is a block diagram illustrating the configuration of the secondary ID management apparatus according to the second embodiment.
  • the configuration of the ID management system according to the second embodiment is basically the same as that of the ID management system according to the first embodiment, but differs in the points described below.
  • the encryption main ID acquired at the time of login is a secret key corresponding to the public key used for encryption.
  • the main ID is obtained by decryption, and it is confirmed whether or not this main ID is already registered in the main ID management information 111.
  • the owner confirmation unit 122 of the main ID management device 100 stores the main ID password stored in the main ID management information 111 in association with the main ID. And authenticate whether or not it is a legitimate owner of the main ID by comparing the main ID password obtained by decrypting the encrypted main ID password received with the encryption main ID at the time of login with a secret key. Do.
  • the data transmission / reception unit 121 of the main ID management device 100 transmits an allocation management ID issuance request including the authentication result of the main ID by the owner confirmation unit 122 to the sub ID management device 200.
  • the data transmission / reception unit 121 of the main ID management apparatus 100 transmits a main ID assignment process completion notification to the sub ID management apparatus 200.
  • the main ID authentication request unit 226 of the sub ID management device 200 uses the data transmission / reception unit 221 to transfer the sub ID to the sub ID together with the main ID management device ID, the encryption main ID, and the encryption main ID password.
  • the main ID assignment processing request is received from the user terminal 300, login to the main ID management device 100 is attempted using the encryption main ID and the encryption main ID password.
  • the allocation management ID generation unit 224 of the secondary ID management device 200 receives the allocation management ID issuance request from the main ID management device 100, the authentication result included in the allocation management ID issuance request proves the right owner of the main ID. If it is, an allocation management ID is generated.
  • the data transmission / reception unit 221 of the secondary ID management device 200 When the data transmission / reception unit 221 of the secondary ID management device 200 receives the main ID assignment processing completion notification from the main ID management device 100, it transfers the main ID assignment processing completion notification to the user terminal 300.
  • the owner confirmation unit 122 of the main ID management device 100 generates confirmation data (challenge data) and transmits it to the sub ID management device 200 when the main ID is already registered.
  • the owner confirmation unit 122 of the main ID management device 100 receives the encryption confirmation data from the sub ID management device 200, the owner confirmation unit 122 associates the main ID management information 111 with the main ID that has been confirmed as being registered first. Obtain the stored main ID password, compare the encryption confirmation data created by encrypting the confirmation data using the main ID password, and the encryption confirmation data received from the secondary ID management device 200, Authentication is performed as to whether or not the owner of the main ID is valid.
  • the main ID authentication request unit 226 of the secondary ID management device 200 receives a request for assigning a primary ID to the secondary ID from the user terminal 300 together with the primary ID management device ID and the encryption main ID by the data transmission / reception unit 221. Then, login to the main ID management device 100 is attempted using the encryption main ID.
  • the data transmission / reception unit 221 of the secondary ID management device 200 When the data transmission / reception unit 221 of the secondary ID management device 200 receives the confirmation data from the main ID management device 100, the data transmission / reception unit 221 transfers the received confirmation data to the user terminal 300 and receives the encryption confirmation data from the user terminal 300. The confirmation data is transferred to the main ID management device 100.
  • FIGS. 8 and 9 are diagrams illustrating a process flow of the ID management system according to the second embodiment.
  • Steps S804 to S815, steps S819, and S820 shown in FIG. 8 are different from the processing of the ID management system according to the first embodiment.
  • the user terminal 300 when the user terminal 300 receives input of the main ID, the main ID password, and the main ID management device ID from the user (step S804), the user terminal 300 acquires the public key of the main ID management device 100 (step S805).
  • the main ID is encrypted using the key to create an encrypted main ID (step S806).
  • the user terminal 300 encrypts the main ID password using the public key of the main ID management device 100 to create an encrypted main ID password (step S807), and the main ID management device ID, encryption main ID, and encryption Along with the main ID password, a request for assigning the main ID to the sub ID is transmitted to the sub ID management apparatus 200 (step S808).
  • the secondary ID management device 200 When the secondary ID management device 200 receives a request for assigning the primary ID to the secondary ID together with the primary ID management device ID, the cryptographic primary ID, and the cryptographic primary ID password from the user terminal 300, the secondary ID management device 200 uses the cryptographic primary ID and the cryptographic primary ID. A login to the main ID management device 100 is attempted using the password (step S809).
  • the main ID management device 100 When receiving the login from the secondary ID management device 200, the main ID management device 100 acquires the main ID by decrypting the encryption main ID acquired at the time of login with the private key corresponding to the public key used for encryption. (Step S810), it is confirmed whether or not the main ID is already registered in the main ID management information 111 (Step S811).
  • the main ID management device 100 decrypts the encryption main ID password received together with the encryption main ID at the time of login with the secret key, and obtains the main ID password. Whether it is a legitimate owner of the main ID as compared with the main ID password stored in the main ID management information 111 in association with the main ID acquired (step S812) and confirmed as registered No authentication is performed (step S813).
  • the main ID management device 100 transmits an allocation management ID issue request including the authentication result of the main ID to the sub ID management device 200 (step S814).
  • the main ID management apparatus 100 transmits a main ID allocation process completion notification to the secondary ID management apparatus 200 (step S819).
  • the secondary ID management apparatus 200 Upon receiving the main ID assignment process completion notification from the main ID management apparatus 100, the secondary ID management apparatus 200 transfers the main ID assignment process completion notice to the user terminal 300 (step S820).
  • processing of the ID management system shown in FIG. 9 is different from the processing described above with reference to FIG. 8 in the points described below.
  • the user terminal 300 encrypts the main ID using the public key of the main ID management device 100 to create an encrypted main ID (step S906), and sends the sub ID to the sub ID together with the main ID management device ID and the encryption main ID.
  • the main ID assignment processing request is transmitted to the sub ID management device 200 (step S907).
  • the secondary ID management device 200 When the secondary ID management device 200 receives a request for assigning a primary ID to the secondary ID together with the primary ID management device ID and the encryption main ID from the user terminal 300, the secondary ID management device 200 attempts to log in to the primary ID management device 100 using the encryption main ID. (Step S908).
  • the main ID management device 100 When the main ID is already registered, the main ID management device 100 generates confirmation data (challenge data) and transmits it to the sub ID management device 200 (step S912).
  • the sub ID management device 200 When the sub ID management device 200 receives the confirmation data from the main ID management device 100, the sub ID management device 200 transfers the received confirmation data to the user terminal 300 (step S913).
  • the user terminal 300 When the user terminal 300 receives the confirmation data from the secondary ID management apparatus 200, the user terminal 300 encrypts the confirmation data using the main ID password and creates encrypted confirmation data (step S914). Then, the user terminal 300 transmits the encryption confirmation data to the sub ID management device 200 (step S915). When receiving the encryption confirmation data from the user terminal 300, the secondary ID management device 200 transfers the received encryption confirmation data to the main ID management device 100 (step S916).
  • the primary ID management device 100 When the primary ID management device 100 receives the encryption confirmation data from the secondary ID management device 200, the primary ID password stored in the primary ID management information 111 in association with the primary ID that has been previously confirmed as registered. And the encryption confirmation data created by encrypting the confirmation data using the main ID password is compared with the encryption confirmation data received from the sub-ID management device 200, and the authorized owner of the main ID Authentication of whether or not there is is performed (step S917).
  • the present invention is not limited to this and is separately provided for each type of personal information of the user. Information of a plurality of main ID management devices that hold the personal information may be managed respectively.
  • the features, configuration, and processing of the ID management system according to the third embodiment will be described in order.
  • FIG. 10 is a diagram for explaining the features of the ID management system according to the third embodiment.
  • the ID management system outlines the management of the main ID and the sub ID issued in response to a request from the user, as in the above-described embodiment, but for each type of personal information of the user.
  • the main feature is that each piece of information of a plurality of main ID management devices having separate personal information is managed.
  • main ID management device A main ID management device ID: 0020
  • main ID management apparatus B for example, information that supports logistics such as address and family register information
  • main ID for example, “kx010”
  • the secondary ID management device S manages information.
  • the secondary ID management device S has a secondary ID (for example, “FJS”) issued in response to a request from the user and a primary ID (for example, “aaaaaa”) issued by the primary ID management device A to the user.
  • a secondary ID for example, “FJS”
  • a primary ID for example, “aaaaaa”
  • the main ID management device ID “0020” and the assignment of the main ID management device A The management ID “8h49i”, the main ID management device ID “3350” and the allocation management ID “00230” of the main ID management device B are managed together.
  • the main information managing personal information associated with the process is managed. It is possible to exchange with the ID management device individually.
  • FIG. 11 is a diagram illustrating a system configuration of the ID management system according to the third embodiment.
  • FIG. 12 is a diagram illustrating a configuration example of main ID management information and sub ID management information according to the third embodiment.
  • the ID management system according to the third embodiment has basically the same configuration as the above-described embodiment, but differs in the points described below.
  • the ID management system includes a user terminal 300 used by a user and a plurality of main IDs that manage a main ID that issues a main ID for uniquely identifying the user.
  • the management apparatus 100 includes a secondary ID management apparatus 200 that issues a secondary ID for uniquely identifying a virtual person used by a user on the network.
  • the user terminal 300, each main ID management device 100, and the sub ID management device 200 are connected to each other so that they can communicate with each other via a network, and each main ID management device 100 and each sub ID management device 200 are connected. Are connected to each other so that they can communicate with each other via a network.
  • the sub ID management information 211 includes a sub ID issued to uniquely identify a virtual person used by the user on the network, and a user terminal that logs in using the sub ID.
  • Sub ID authentication data for example, a password
  • main ID management device ID for identifying each main ID management device 100 connected in a communicable state
  • sub ID management The apparatus 200 is configured to store an allocation management ID for specifying a correspondence relationship (link relationship between the sub ID and the main ID) between the sub ID issued to the user by the device 200 and the main ID.
  • FIGS. 13 to 15 are flowcharts illustrating the processing flow of the ID management system according to the third embodiment.
  • the user terminal 300 when the user terminal 300 receives the assignment processing completion notification from the main ID management device 100 (see A in FIG. 13), it confirms whether or not acquisition of all the main IDs to be assigned to the sub-IDs has been completed. (Step S1304).
  • Step S1321 the process flows in the same manner as the process described in the above embodiment (see FIG. 6).
  • step S1305 if all the main IDs have not been acquired as a result of the confirmation (No at step S1305), the main ID, the main ID password and the main ID management device ID of the next main ID management device 100 are input. After being received and acquired from the user (step S1306), an identity verification data issuance request is transmitted to the secondary ID management device 200 (step S1307), and the process is the same as the process described in the above embodiment (see FIG. 6). Flowing.
  • FIG. 14 differs from the process described with reference to FIG. 8 in the above embodiment in the following points.
  • Step S1404 when the user terminal 300 receives the allocation process completion notification from the secondary ID management device 200 (see A in FIG. 14), it confirms whether or not acquisition of all the primary IDs to be allocated to the secondary ID has been completed.
  • Step S1405 If all the main IDs have been acquired as a result of the confirmation (Yes in step S1405, see B in FIG. 13), the user terminal 300 transmits a sub ID transmission request to the sub ID management device 200. (Step S1423), the process flows in the same manner as the process described in the above embodiment (see FIG. 8).
  • step S1404 if all the main IDs have not been acquired as a result of the confirmation (No at step S1404), the next main ID, main ID password, and main ID management device ID are input.
  • step S1406 After receiving and acquiring from the user (step S1406), the public key of the main ID management apparatus 100 is acquired (step S1407), and the main ID is encrypted using this public key to create an encrypted main ID (step S1408).
  • step S1408 The process flows in the same manner as the process described in the above embodiment (see FIG. 8).
  • FIG. 15 differs from the process described with reference to FIG. 9 in the above embodiment in the following points.
  • Step S1504 when the user terminal 300 receives the allocation process completion notification from the secondary ID management device 200 (see A in FIG. 15), it confirms whether or not acquisition of all the primary IDs to be allocated to the secondary ID has been completed.
  • Step S1505 If all the main IDs have been acquired as a result of the confirmation (Yes at step S1505, see FIG. 15B), the user terminal 300 sends a sub ID transmission request to the sub ID management device 200. (Step S1527), the process flows in the same manner as the process described in the above embodiment (see FIG. 9).
  • step S1505 if acquisition of all the main IDs is not completed as a result of the confirmation (No at step S1505), input of the main ID, main ID password, and main ID management device ID of the next main ID management device 100 is performed. After receiving and acquiring from the user (step S1506), the public key of the main ID management apparatus 100 is acquired (step S1507), and the main ID is encrypted using this public key to create an encrypted main ID (step S1508).
  • the process flows in the same manner as the process described in the above embodiment (see FIG. 9).
  • FIG. 16 is a diagram illustrating an overview of an ID management system according to the fourth embodiment.
  • the ID management system includes a user terminal X, a user terminal Y, a real person management apparatus A (corresponding to the main ID management apparatus described in the above embodiment), virtual person management.
  • a device corresponding to the sub ID management device described in the above embodiment
  • a real person management device B corresponding to the main ID management device described in the above embodiment
  • a plurality of service providing devices job search site, SNS (Social Networking Service), shopping site.
  • the user terminal X is connected in a communicable state with the real person management apparatus A, the virtual person management apparatus, and each service providing apparatus, and the user terminal Y is connected to the real person management apparatus B, the virtual person management apparatus, and each service providing apparatus. Connected in a communicable state.
  • the user X of the user terminal X obtains the real person ID (corresponding to the main ID) “XX” from the real person management apparatus A, and the virtual person ID (sub ID) that is a virtual personality when using the service from the virtual person management apparatus. Equivalent to) “x11” is acquired.
  • the user Y of the user terminal Y acquires the real person ID “YY” from the real person management apparatus B and also acquires the virtual person ID “y22” from the virtual person management apparatus.
  • the real person management apparatus A associates the personal information of the user X, the real person ID “XX” issued to the user X, and the real person ID “XX” and the virtual person ID managed by the virtual person management apparatus.
  • the allocation management ID “10kx” is managed in association with each other.
  • the real person management apparatus B associates the personal information of the user Y, the real person ID “YY” issued to the user Y, and the real person ID “YY” with the virtual person ID managed by the virtual person management apparatus. Are associated with the management ID “yh2k”.
  • the virtual person management apparatus issues a virtual person ID “x11” issued to the user X, and an assignment management ID “10 kx” for associating the virtual person ID “x11” with the real person ID managed by the real person management apparatus A.
  • the real person management apparatus ID for specifying the real person management apparatus A that manages the real person ID associated with the virtual person ID “x11” is managed in association with the virtual person ID “y22” issued to the user Y. ”.
  • the real person management apparatus ID for identifying the real person management apparatus B to be managed is associated and managed.
  • the user X and the user Y use the virtual person ID “x11” and the virtual person ID “y22” acquired from the virtual person management apparatus to access and operate each service providing apparatus.
  • the user X and the user Y can use the virtual person ID to act on the service providing apparatus without disclosing personal information.
  • each of the user X and the user Y accesses the service providing apparatus (SNS) using the virtual person ID, and the virtual person ID “x11” and the virtual person
  • SNS service providing apparatus
  • User Y transmits the mail and the mail transmission request to the virtual person management apparatus in order to request the transmission of the mail having the virtual person ID “y22” as the sender and the virtual person ID “x11” as the destination.
  • the virtual person management apparatus When receiving the mail transmission request from the user terminal Y, the virtual person management apparatus manages the real person ID associated with the virtual person ID “x11” that is the destination of the mail from the managed information.
  • a real person management device ID for identifying A, a virtual person ID “x11”, and an assignment management ID “10 kx” for associating the real person ID managed by the real person management device A are acquired,
  • the real person management apparatus A corresponding to the real person management apparatus ID is requested to send the mail received from the user Y to the user corresponding to the assignment management ID “10 kx”.
  • the real person management apparatus A When the real person management apparatus A receives the mail transmission request from the virtual person management apparatus, the real person management apparatus A acquires the mail address of the user X corresponding to the assignment management ID “10 kx” that is the destination of the mail from the managed information. , Forward the mail to this mail address. In this way, mail can be exchanged between the virtual person ID “x11” and the virtual person ID “y22” that are met on the service providing device (SNS) while keeping private information confidential.
  • SNS service providing device
  • the service providing apparatus performs an article sales transaction between the virtual person ID “x11” and the virtual person “y22”. An outline of the processing when sending the price from “y22” to “x11” will be described.
  • the user Y transmits the price and the remittance request to the virtual person management apparatus in order to request the remittance of the price with “y22” as the remittance source and “x11” as the remittance destination.
  • the virtual person management apparatus like the above-described mail transfer example, from the managed information, the real person management apparatus A and the allocation management ID “10 kx” of the real person management apparatus A corresponding to the remittance destination “x11”. And requests the real person management apparatus A to remit money from the user Y to the user corresponding to the allocation management ID “10 kx”.
  • the real person management apparatus A acquires the account number of the user X corresponding to the allocation management ID “10 kx” as the remittance destination from the information managed as in the mail transfer example described above, and this account number Send money to.
  • the real person ID and the virtual person ID are linked by the allocation management ID, and the real person ID, the personal information, and the virtual person ID are managed in a distributed manner, and exchange of information necessary when using the service While maintaining the function to perform the management, even if one of the information managed by the real person management apparatus and the virtual person management apparatus leaks, the correspondence relationship between the virtual person and the real person can be prevented from being exposed to the outside. Therefore, it is possible to prevent the personal information of the user who uses the service from being identified using the virtual person ID and leaked to the outside.
  • each component of the main ID management device 100 shown in FIG. 3 and the sub ID management device shown in FIG. 5 is functionally conceptual, and is not necessarily physically configured as shown. You don't need to be. That is, the specific form of distribution / integration of the main ID management device 100 and the sub ID management device 200 is not limited to the illustrated one, and the data transmission / reception unit 121 and the owner confirmation unit 122 of the main ID management device 100 shown in FIG. And the data registration unit 123, and the data transmission / reception unit 221, the sub ID generation unit 222, the personal identification data generation unit 223, and the allocation management ID generation unit 224 of the sub ID management device 200 shown in FIG. For example, all or a part of them may be integrated and functionally or physically distributed and integrated in arbitrary units according to various loads and usage conditions.
  • each processing function (FIGS. 6, 8, and 13, 13 to 15) performed in the main ID management device 100 and the sub ID management device 200 is entirely or arbitrarily part of the CPU and the It can be realized by a program that is analyzed and executed by the CPU.
  • the computer functioning as the primary ID management device 100 and the secondary ID management device 200 reads out and executes a program recorded in a predetermined recording medium, thereby executing each processing function similar to the above-described embodiment (FIGS. 6 and 6). 8 and FIG. 9 and FIGS. 13 to 15).
  • the predetermined recording medium includes the main ID management apparatus 100 in addition to “portable physical medium” such as a flexible disk (FD), a CD-ROM, an MO disk, a DVD disk, a magneto-optical disk, and an IC card.
  • HDD hard disk drive
  • a “fixed physical medium” such as RAM and ROM, a public line connected via a modem, and the like It can be read by a computer functioning as the primary ID management device 100 and the secondary ID management device 200 such as a “communication medium” that holds the program in a short time when transmitting the program, such as a LAN / WAN to which a computer system and server are connected.
  • a “communication medium” that holds the program in a short time when transmitting the program, such as a LAN / WAN to which a computer system and server are connected.
  • the program referred to in the other embodiments is recorded on a recording medium such as the above-mentioned “portable physical medium”, “fixed physical medium”, and “communication medium” in a computer-readable manner.
  • the computer functioning as the primary ID management device 100 and the secondary ID management device 200 reads out the program from such a recording medium and executes it to execute each processing function similar to the above-described embodiment (FIGS. 6, 8, and FIG. 9 and FIGS. 13 to 15).
  • the program in this other embodiment is not limited to being executed by a computer functioning as the primary ID management device 100 and the secondary ID management device 200, but is executed by another computer system or server.
  • the present invention can be similarly applied to the case where the programs are executed in cooperation with each other.
  • the secondary ID management device 200 receives a secondary ID issue request from a user terminal used by the user, a secondary ID generation step for generating a secondary ID, and a user of the user terminal that requests login by the primary ID,
  • the main ID management device that manages the main ID to be associated with the sub ID generated by the sub ID generation step as to whether or not the user of the user terminal that is the transmission source of the sub ID issuance request is the same person
  • the same person confirmation step that confirms in cooperation with the user, the user of the user terminal that requests the login request, and the user of the user terminal that is the transmission source of the sub ID issue request are the same person
  • An allocation management ID generation step for generating an allocation management ID indicating a relationship, and the allocation management ID generated by the allocation management ID generation step are transmitted to a main ID management device that manages a main ID to be associated with the sub ID.
  • the main ID management device further includes an allocation management ID receiving step for receiving an allocation management ID from the sub ID management device, an allocation management ID received by the allocation management ID receiving step, and transmission of the allocation management ID
  • An ID management method including a main ID assignment management information recording step of recording a sub ID management device ID for specifying the original sub ID management device in association with a main ID that has requested login is realized. To do.
  • the manager of the main ID management device 100 and the manager of the sub-ID management device 200 exchange allocation management IDs according to a request from the user by mail or the like.
  • the management apparatus 100 pre-registers the main ID, the allocation management ID, and personal information in association with each other, the sub-ID management apparatus 200 associates the sub-ID and the allocation management ID in advance with registration management, and has static information.
  • the primary ID management device 100 and the secondary ID management device 200 may be caused to execute processing accompanying a service request to the service providing device.
  • the ID management system and the ID management method according to the present invention are useful for managing the primary ID and the secondary ID issued in response to a request from the user, and in particular, between different types of IDs having different uses. It is suitable for preventing the correspondence relationship from being exposed.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention porte sur un dispositif de gestion d'identifiant principal qui gère un identifiant principal, sur un identifiant de dispositif de gestion d'identifiant auxiliaire qui spécifie un dispositif de gestion d'identifiant auxiliaire, sur un identifiant de gestion d'allocation qui spécifie une relation de correspondance de l'identifiant auxiliaire et de l'identifiant principal et sur des informations individuelles d'un utilisateur spécifié par l'identifiant principal (des informations sur un compte en banque ou un niveau de crédit d'un utilisateur, utilisées pour un service de traitement de règlement, et un nom et une adresse, utilisés pour un service de distribution physique, par exemple) en les associant les uns aux autres. De façon correspondante, le dispositif de gestion d'identifiant auxiliaire gère l'identifiant auxiliaire, l'identifiant de dispositif de gestion d'identifiant principal spécifiant le dispositif de gestion d'identifiant principal et l'identifiant de gestion d'allocation.
PCT/JP2008/054321 2008-03-10 2008-03-10 Système de gestion d'identifiant et procédé de gestion d'identifiant WO2009113154A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2008/054321 WO2009113154A1 (fr) 2008-03-10 2008-03-10 Système de gestion d'identifiant et procédé de gestion d'identifiant

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2008/054321 WO2009113154A1 (fr) 2008-03-10 2008-03-10 Système de gestion d'identifiant et procédé de gestion d'identifiant

Publications (1)

Publication Number Publication Date
WO2009113154A1 true WO2009113154A1 (fr) 2009-09-17

Family

ID=41064835

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2008/054321 WO2009113154A1 (fr) 2008-03-10 2008-03-10 Système de gestion d'identifiant et procédé de gestion d'identifiant

Country Status (1)

Country Link
WO (1) WO2009113154A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011070726A1 (fr) * 2009-12-07 2011-06-16 日本電気株式会社 Système de fourniture coopérative d'informations d'attribut, dispositif de gestion d'informations d'accès, dispositif de gestion de substitution d'informations d'accès, procédé et programme
JP2015510163A (ja) * 2012-01-08 2015-04-02 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation ソーシャル・ネットワーキング・ウェブ・サービスを介した機密情報アクセスのための方法、システム、コンピュータ・プログラム
WO2015186659A1 (fr) * 2014-06-03 2015-12-10 フィールズ株式会社 Programme, serveur et système de fourniture de sns

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000324094A (ja) * 1999-02-02 2000-11-24 Smithkline Beecham Corp 情報を非個人化する装置および方法
JP2005050330A (ja) * 2003-07-16 2005-02-24 Nippon Telegr & Teleph Corp <Ntt> サービス提供方法及びシステム
JP2007148903A (ja) * 2005-11-29 2007-06-14 Toshiba Corp 属性証明書処理システム、属性証明要求装置、属性証明書発行装置、属性検証装置、属性証明要求方法、属性証明書発行方法、属性検証方法及びプログラム

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000324094A (ja) * 1999-02-02 2000-11-24 Smithkline Beecham Corp 情報を非個人化する装置および方法
JP2005050330A (ja) * 2003-07-16 2005-02-24 Nippon Telegr & Teleph Corp <Ntt> サービス提供方法及びシステム
JP2007148903A (ja) * 2005-11-29 2007-06-14 Toshiba Corp 属性証明書処理システム、属性証明要求装置、属性証明書発行装置、属性検証装置、属性証明要求方法、属性証明書発行方法、属性検証方法及びプログラム

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011070726A1 (fr) * 2009-12-07 2011-06-16 日本電気株式会社 Système de fourniture coopérative d'informations d'attribut, dispositif de gestion d'informations d'accès, dispositif de gestion de substitution d'informations d'accès, procédé et programme
JP5678893B2 (ja) * 2009-12-07 2015-03-04 日本電気株式会社 属性情報連携提供システム、アクセス情報管理装置、アクセス情報代理管理装置、方法、およびプログラム
JP2015510163A (ja) * 2012-01-08 2015-04-02 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation ソーシャル・ネットワーキング・ウェブ・サービスを介した機密情報アクセスのための方法、システム、コンピュータ・プログラム
US9419967B2 (en) 2012-01-08 2016-08-16 International Business Machines Corporation Confidential information access via social networking web site
WO2015186659A1 (fr) * 2014-06-03 2015-12-10 フィールズ株式会社 Programme, serveur et système de fourniture de sns

Similar Documents

Publication Publication Date Title
US11374754B2 (en) System and method for generating trust tokens
CN101490689B (zh) 用于由存储装置验证实体的方法及使用该方法的存储装置
US8996423B2 (en) Authentication for a commercial transaction using a mobile module
US7539861B2 (en) Creating and storing one or more digital certificates assigned to subscriber for efficient access using a chip card
RU2501081C2 (ru) Многофакторная защита контента
US20090031426A1 (en) Method and System for Protected Distribution of Digitalized Sensitive Information
CN113632125A (zh) 使用非接触式卡安全地共享存储在区块链中的个人数据
JP4326443B2 (ja) 情報処理装置および情報処理方法、並びにプログラム
KR100411448B1 (ko) 공개키 기반구조의 개인키와 인증서를 저장하는 광학기록매체의 발급방법 및 발급시스템
TW486902B (en) Method capable of preventing electronic documents from being illegally copied and its system
KR20050008626A (ko) 정보 처리 장치 및 방법, 정보 처리 시스템, 기록 매체,및 프로그램
WO2006113834A2 (fr) Transactions commerciales en reseau
JP2006523995A (ja) 認可証明書におけるユーザ・アイデンティティのプライバシ
CN101390134A (zh) 用于重新分发drm保护的内容的方法
US20060080526A1 (en) Login system and method
JP2018534818A (ja) 2層二重暗号化デジタル情報鍵のシステム間の交換に基づく安全なデジタル共有のためのシステム及び方法
EP3185465A1 (fr) Procédé de chiffrement de données et procédé de déchiffrement de données
KR102131206B1 (ko) 법인 관련 서비스 제공 방법, 이를 지원하는 방법, 이를 수행하는 서비스 서버 및 인증 서버
JP7156889B2 (ja) 決済処理方法
JP2005149341A (ja) 認証方法および装置、サービス提供方法および装置、情報入力装置、管理装置、認証保証装置、並びにプログラム
WO2009113154A1 (fr) Système de gestion d&#39;identifiant et procédé de gestion d&#39;identifiant
JP2010128554A (ja) アカウント発行システム、割当装置、登録装置、アカウント発行方法およびプログラム
WO2011058629A1 (fr) Système de gestion d&#39;informations
JP7156888B2 (ja) 決済処理方法
JP6874700B2 (ja) 電子商取引システム、通信端末、第三者機関サーバ、電子商取引方法、およびプログラム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08721737

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08721737

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP