WO2015002321A1 - Système de communication - Google Patents

Système de communication Download PDF

Info

Publication number
WO2015002321A1
WO2015002321A1 PCT/JP2014/068047 JP2014068047W WO2015002321A1 WO 2015002321 A1 WO2015002321 A1 WO 2015002321A1 JP 2014068047 W JP2014068047 W JP 2014068047W WO 2015002321 A1 WO2015002321 A1 WO 2015002321A1
Authority
WO
WIPO (PCT)
Prior art keywords
communication
communication terminal
terminal device
user
personal identification
Prior art date
Application number
PCT/JP2014/068047
Other languages
English (en)
Japanese (ja)
Inventor
摩利夫 岡部
Original Assignee
株式会社Gct研究所
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社Gct研究所 filed Critical 株式会社Gct研究所
Priority to JP2015525306A priority Critical patent/JP6312672B2/ja
Publication of WO2015002321A1 publication Critical patent/WO2015002321A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Definitions

  • the embodiment described in this specification relates to a communication system.
  • the contents of communication When sending and receiving data via data communication, the contents of communication must not be acquired by a receiver that is not intended by the sender, but the contents of communication may be leaked due to erroneous transmission or server intrusion.
  • Measures such as setting a password on the document to be sent are taken as means to prevent such inconvenience.
  • One embodiment of the present invention allows only the person originally intended by the sender to view without sending fingerprint data to another person (sender or receiver of the other party of communication). It aims at providing the technique which prevents a person who is not originally intended for browsing from browsing.
  • the first embodiment of the present invention is proposed as a communication system.
  • This communication system includes storage means, management means, and request processing means.
  • the storage means includes first personal identification data corresponding to the user of the transmission source communication terminal device and registration data paired with the user identification information of the user, and second corresponding to the user of the transmission destination communication terminal device. Personal identification data of the user and registration data paired with the user identification information of the user.
  • the management means stores the communication content transmitted from the transmission source communication terminal device, sets at least a part of the communication content, and sets a browsing restriction portion that is a portion that cannot be viewed in the transmission destination communication terminal device, Before the fingerprint authentication of the user of the transmission destination communication terminal device is successful, the communication content in which the browsing restriction portion is disabled to be browsed is transmitted to the transmission destination communication terminal device, and the user of the transmission destination communication terminal device After fingerprint authentication is successful, the transmission destination communication terminal apparatus transmits data that enables browsing of the browsing restricted portion to the transmission destination communication terminal apparatus.
  • the request processing means When receiving the browsing restriction release request message from the transmission destination communication terminal device, the request processing means receives third personal identification data transmitted together with the user identification information from the transmission destination communication terminal device, and includes the user identification information in the user identification information.
  • the management means An instruction is sent to the destination communication terminal apparatus for transmitting the data that allows the browsing restricted portion to be viewed on the destination communication terminal apparatus.
  • the block diagram which shows the structural example of the communication system concerning this Embodiment.
  • Functional block diagram showing a configuration example of a transmission source communication terminal device
  • Functional block diagram showing a configuration example of a destination communication terminal device
  • Functional block diagram showing a configuration example of the communication management server
  • Sequence diagram showing an operation example at the time of fingerprint / user registration for the user of the transmission source communication terminal device
  • Sequence diagram showing an operation example at the time of fingerprint / user registration for the user of the destination communication terminal device
  • the flowchart which shows the example of the browsing restriction cancellation request process which is the main operation
  • Fingerprint data refers to a fingerprint image or data generated based on the fingerprint image, and refers to data that can uniquely identify a user.
  • fingerprint image data either a fingerprint or a part of a fingerprint may be used
  • Fingerprint feature value data and data obtained as a result of transforming fingerprint feature value data by a predetermined transformation method (such as fast Fourier transform).
  • Perfect identification data refers to data that can uniquely identify an individual.
  • the personal identification data includes so-called biometric data such as fingerprint data, face image data, and vein pattern data.
  • FIG. 1 is a block diagram illustrating a configuration example of a communication system according to the present embodiment.
  • the communication system 1 includes a transmission source communication terminal device 10 that can be connected to the communication network 40 and a transmission destination communication terminal device 30 that can be connected to the communication network 40 when connected to the communication network 40.
  • the transmission source communication terminal device 10 is a device that transmits some content to the transmission destination communication terminal device 30 via the communication management server 20.
  • the transmission source communication terminal device 10 is an information processing device having a communication function such as a computer (including a tablet computer), a mobile phone (including a smartphone), a game machine, and the like.
  • FIG. 2 is a functional block diagram showing a configuration example of the transmission source communication terminal device 10.
  • the components shown in the functional block diagram are the functions of the transmission source communication terminal device 10 that are collectively regarded as a block for each function, and the transmission source communication terminal device 10 corresponds to each component. It does not mean that physical components such as circuits, parts, etc. must be provided. “Connected” means that data, information, instructions, etc. can be sent, received, delivered, etc. It is not limited. The same applies to the description of other functional block diagrams in this specification.
  • the transmission source communication terminal device 10 includes a communication control unit 11 that can be connected to the communication network 40, a client unit 12 connected to the communication control unit 11, a fingerprint reading unit 14 connected to the client unit 12, an input unit 15, And an output unit 16.
  • the client unit 12 has a fingerprint registration request unit 13.
  • the communication control unit 11 converts the data generated by the client unit 12 into an electric signal or the like, transmits the individual electric signal or the like to the communication network 40 according to a predetermined communication protocol, and transmits the electric signal or the like from the communication network 40 to the predetermined signal. It has a function of receiving according to a communication protocol, converting the data into data readable by the client unit 12, and passing the converted data to the client unit 12.
  • the communication control unit 11 is, for example, a LAN adapter or a communication board.
  • the client unit 12 has a function of processing transmission / reception of communication contents in cooperation with the communication management server 20.
  • the client unit 12 is, for example, a mail client, a Web browser, a mobile application, or the like.
  • the fingerprint registration request unit 13 has a function of executing the fingerprint / user registration of the user (communication executor) in the communication management server 20.
  • Fingerprint / user registration refers to recording a pair of image data of a user's fingerprint and user identification information, which is information that uniquely identifies the user.
  • the fingerprint registration request unit 13 is, for example, an add-in, an application, or an application.
  • the fingerprint reading unit 14 has a function of reading a fingerprint of a user (communication executor) and outputting fingerprint image data that is fingerprint image data.
  • the fingerprint reading unit 14 is, for example, a fingerprint reading device and its driver software.
  • the fingerprint reader may be either a fingerprint sensor built in a PC or a mobile phone, or a so-called external fingerprint sensor.
  • the input unit 15 has a function of inputting user's instruction content to the transmission source communication terminal device 10, and is, for example, a keyboard, a numeric keypad, a touch panel, a pointing device, or the like.
  • the output unit 16 has a function of outputting the processing result of the transmission source communication terminal device 10 in a manner that can be recognized by the user, and is, for example, a liquid crystal panel device.
  • the transmission destination communication terminal device 30 is a device that receives communication contents from the transmission source communication terminal device 10 via the communication management server 20.
  • the destination communication terminal device 30 is an information processing device having a communication function such as a computer (including a tablet computer), a mobile phone (including a smartphone), a game machine, and the like.
  • FIG. 3 is a functional block diagram showing a configuration example of the transmission destination communication terminal device 30.
  • the destination communication terminal device 30 includes a communication control unit 31 that can be connected to the communication network 40, a client unit 32 connected to the communication control unit 31, a fingerprint reading unit 34 connected to the client unit 32, an input unit 35, and And an output unit 36.
  • the client unit 32 has a fingerprint registration request unit 33 and a browsing restriction release request unit 37.
  • the communication control unit 31, the client unit 32, the fingerprint reading unit 34, the input unit 35, and the output unit 36 of the transmission destination communication terminal device 30 are respectively the communication control unit 11, the client unit 12, and the fingerprint reading unit of the transmission source communication terminal device 10. 14, since it is a component which has the same function as the input part 15 and the output part 16, these detailed description is abbreviate
  • the browsing restriction release request unit 37 can browse the contents restricted by the communication management server 20 when a part of the communication contents is restricted.
  • a browsing restriction release request which is a message requesting that the communication management server 20 be generated.
  • the browsing cancellation request message includes image data of the fingerprint of the user of the destination communication terminal device 30 and user identification information that is information for uniquely identifying the user, or is transmitted separately.
  • the viewing restriction release request unit 37 is, for example, an add-in, an application, an application, or the like.
  • the communication management server 20 has a function of receiving communication contents from the transmission source communication terminal apparatus 10 and causing the transmission destination communication apparatus to receive the communication contents.
  • the communication management server 20 transmits a part of the communication contents to the transmission destination communication terminal apparatus 30 so that the contents of the browsing restriction area cannot be browsed with the browsing restriction area.
  • the communication management server 20 makes it possible for the user of the destination communication terminal apparatus 30 to view the contents of the viewing restricted area on condition that the user of the destination communication terminal apparatus 30 succeeds in fingerprint authentication.
  • the communication management server 20 is an information processing apparatus having a communication function such as a computer, a workstation, or a server.
  • the information processing apparatus includes an arithmetic processing unit (CPU), a main memory (RAM), and a read-only memory (ROM), an input / output device (I / O), and, if necessary, an external storage device such as a hard disk device.
  • CPU central processing unit
  • RAM main memory
  • ROM read-only memory
  • I / O input / output device
  • an external storage device such as a hard disk device.
  • the present embodiment is also established as a configuration in which a plurality of computers, workstations, and servers are connected to each other and function as the communication management server 20.
  • FIG. 4 is a functional block diagram showing a configuration example of the communication management server 20.
  • the communication management server 20 includes a server-side communication control unit 21 connected to the communication network 40, a fingerprint data registration unit 22 connected to the server-side communication control unit 21, and a fingerprint database unit connected to the fingerprint data registration unit 22. 23, a communication management unit 24 connected to the server side communication control unit 21, and a browsing restriction release request processing unit connected to the server side communication control unit 21 and connected to the fingerprint database unit 23 and the communication management unit 24 25.
  • the fingerprint database unit 23 corresponds to the storage unit according to the present embodiment
  • the communication management unit 24 corresponds to the management unit of the present embodiment
  • the browsing restriction release request processing unit 25 performs the request processing according to the present embodiment. Corresponds to means.
  • the server-side communication control unit 21 converts the data generated by the communication management server 20 into an electric signal or the like, and transmits the individual electric signal or the like to the communication network 40 according to a predetermined communication protocol. Is received according to a predetermined communication protocol, converted into readable data, and the converted data is passed to each unit.
  • the server side communication control unit 21 is, for example, a LAN adapter, a communication board, or the like.
  • the fingerprint data registration unit 22 has a function of executing a fingerprint / user registration when receiving a fingerprint / user registration request from the transmission source communication terminal device 10 and the transmission destination communication terminal device 30.
  • the fingerprint data registration unit 22 generates fingerprint / user registration data that is a pair of fingerprint data and user identification information, and stores the fingerprint / user registration data in the fingerprint database unit 23.
  • the fingerprint database unit 23 has a function of storing the fingerprint / user registration data generated by the fingerprint data registration unit 22.
  • the fingerprint database unit 23 corresponds to the storage unit of the present embodiment.
  • the communication management unit 24 stores the communication content transmitted from the transmission source communication terminal device 10, sets a browsing restriction area in this communication content, and transmits the communication before the user's fingerprint authentication of the transmission destination communication terminal device 30 succeeds.
  • the communication content is transmitted to the destination communication terminal device 30 in a state in which the browsing restricted area is not viewable, and after the fingerprint authentication of the user of the destination communication terminal device 30 is successful, the browsing restricted region (or the destination communication terminal device 30 is displayed).
  • the browsing restriction itself may be canceled) and the communication content is transmitted.
  • the communication management unit 24 corresponds to the management unit of the present embodiment.
  • the method for making the browsing-restricted area unviewable is as follows, for example.
  • the browsing restriction release is performed by transmitting only the deleted data or the communication content before the deletion to the transmission destination communication terminal device 30 by the communication management server, more specifically, the communication management unit 24.
  • the communication management server more specifically, the communication management unit 24 adds data indicating the browsing restriction area to the communication content. For example, a tag indicating the start of the browsing restricted area, a tag indicating the end of the browsing restricted area, and the like.
  • the communication management server more specifically, the communication management unit 24, transmits the communication content to which the data indicating the browsing restriction area is added to the transmission destination communication terminal device 30.
  • the transmission destination communication terminal device 30 that has received the communication content to which the data indicating the browsing restriction area is added, more specifically, the client unit 12 specifies the data specified by the data indicating the browsing restriction area in displaying and reproducing the communication content. Is replaced with other data (for example, blank, a specific symbol (asterisk, etc.), and the replaced content data is displayed.
  • Browsing restriction release is performed according to a browsing restriction release permission message from the communication management server 20.
  • the transmission destination communication terminal device 30, more specifically, the client unit 12 displays the communication content before the replacement is performed.
  • the communication management server, more specifically, the communication management unit 24 encrypts a portion corresponding to the browsing restricted area in the communication content. Any encryption method may be used.
  • the communication management server, more specifically, the communication management unit 24, transmits the communication content in which the browsing restriction area is encrypted to the transmission destination communication terminal device 30.
  • the transmission destination communication terminal device 30 that has received the communication content in which the browsing restriction area is encrypted more specifically, the client unit 12 displays the communication content as it is. A message indicating that the browsing restricted area is encrypted may be displayed in the communication content.
  • the browsing restriction release in response to a browsing restriction release permission message from the communication management server 20, the destination communication terminal device 30, more specifically, the client unit 12 decrypts the encrypted part, and the communication content after decryption By displaying.
  • the browsing restriction area is a method in which the original communication content is not displayed as it is before the browsing restriction is released and the communication content is displayed with the original content after the browsing restriction is released. It is applicable to the present invention.
  • the browsing restriction release request processing unit 25 When the browsing restriction release request processing unit 25 receives the browsing restriction release request message from the transmission destination communication terminal device 30, the browsing restriction release request processing unit 25 associates the fingerprint data transmitted together with the user identification information from the transmission destination communication terminal device 30 with the user identification information. If the fingerprint data stored in the fingerprint database unit 23 is compared and collated and it is determined that the two fingerprint data match, the communication management unit 24 releases the browsing restriction area of the communication content (releases the browsing restriction itself). ).
  • the browsing restriction release request processing unit 25 corresponds to request processing means of the present invention.
  • the communication network 40 may be any communication line that connects the transmission destination communication terminal device 30 and the communication management server 20, and the transmission source communication terminal device 10 and the communication management server 20 so that they can communicate with each other. .
  • the communication network 40 may be any communication line that connects the transmission destination communication terminal device 30 and the communication management server 20, and the transmission source communication terminal device 10 and the communication management server 20 so that they can communicate with each other.
  • FIG. 5 is a sequence diagram showing an operation example at the time of fingerprint / user registration for the user of the transmission source communication terminal device 10.
  • the transmission source communication terminal device 10 When the user of the transmission source communication terminal device 10 activates the fingerprint registration request unit 13 of the transmission source communication terminal device 10, the transmission source communication terminal device 10, more specifically, the fingerprint registration request unit 13 registers the fingerprint in the communication management server 20. A request message is transmitted (S110). The communication management server 20 that has received the fingerprint registration request message activates the fingerprint data registration unit 22, and the fingerprint data registration unit 22 transmits a fingerprint registration request acceptance message to the transmission source communication terminal device 10 (S120).
  • the source communication terminal device 10 that has received the fingerprint registration request acceptance message, more specifically, the fingerprint registration request unit 13 activates the fingerprint reading unit 14 to enable the fingerprint reading and causes the output unit 16 to read the fingerprint to the user.
  • a prompt message (for example: “Start fingerprint reading. Touch your index finger in the fingerprint reading area”) is displayed, and the fingerprint reading unit 14 reads the fingerprint (S130).
  • the fingerprint reading unit 14 When the fingerprint reading is successful, the fingerprint reading unit 14 generates fingerprint data and passes the fingerprint data to the fingerprint registration requesting unit 13.
  • the fingerprint registration request unit 13 that has received the fingerprint data transmits user identification information of the user who is executing the fingerprint registration request to the communication management server 20 together with the fingerprint data (S140).
  • the user registration information is automatically read by the fingerprint registration requesting unit 13 from information stored in the source communication terminal device 10 or the client unit 12 (for example, individual identification information, telephone number, web service user ID).
  • the fingerprint registration request unit 13 may display a message prompting the user to input user identification information on the output unit 16, and information input by the user using the input unit 15 ( For example, any one of characters, symbols, numbers, or a combination of two or more thereof may be transmitted as the user identification information.
  • the communication management server 20 that has received the fingerprint data and the user identification information from the transmission source communication terminal device 10, more specifically, the fingerprint data registration unit 22, generates fingerprint / user registration data paired with the fingerprint data and the user identification information, A fingerprint / user registration process, which is a process to be stored in the fingerprint database unit 23, is executed (S150).
  • the communication management server 20 When the fingerprint / user registration process is completed, the communication management server 20, more specifically the fingerprint data registration unit 22, transmits a registration completion notification message to the transmission source communication terminal device 10 (S160).
  • the transmission source communication terminal device 10 that has received the registration completion notification message, more specifically, the fingerprint registration request unit 13 displays a display informing the user that the fingerprint registration process has been completed normally on the output unit 16 and ends the fingerprint registration process. To do.
  • FIG. 6 is a sequence diagram illustrating an operation example at the time of fingerprint / user registration for the user of the transmission destination communication terminal device 30. Since each of step S210 to step S260 shown in FIG. 6 has the same processing contents as step S110 to step S160 shown in FIG. 5, description of these processing contents is omitted.
  • the communication management server 20 is a process for enabling the user of the destination communication terminal apparatus 30 to view the contents of the browsing restricted area on condition that the user of the destination communication terminal apparatus 30 succeeds in fingerprint authentication.
  • FIG. 7 shows a sequence diagram showing an example of communication management processing in the communication system 1.
  • a case where the user of the transmission source communication terminal apparatus 10 transmits Web mail to the user of the transmission source communication terminal apparatus 10 will be described as an example.
  • the user of the source communication terminal device 10 activates the client unit 12 of the source communication terminal device 10 and inputs communication contents (destination address, mail subject, mail text) from the input unit 15.
  • communication contents destination address, mail subject, mail text
  • the user causes the client unit 12 of the transmission source communication terminal device 10 to transmit a Web mail (S310).
  • the communication content transmitted from the client unit 12 of the transmission source communication terminal device 10 is received by the communication management server 20 (corresponding to a Web mail server in this example), and the communication management server 20, more specifically, communication management.
  • the unit 24 stores the communication content (S320).
  • communication content identification information (referred to as a mail ID) for uniquely specifying the communication content is assigned to each communication content and stored.
  • the communication management server 20, more specifically, the communication management unit 24, sets the mail text in the communication restriction in the browsing restriction area. It should be noted that which part is set as the browsing restriction area may be set in the communication management unit 24 in advance, or can be arbitrarily designated when the user of the transmission source communication terminal device 10 transmits the communication contents. Also good.
  • the user of the transmission destination communication terminal apparatus 30 activates the client unit 32 of the transmission destination communication terminal apparatus 30 in order to view the Web mail addressed to the user.
  • the client unit 32 of the transmission destination communication terminal device 30 browses the communication contents together with information (for example, user ID, mail address, etc.) that identifies the user of the transmission destination communication terminal device 30 to the communication management server 20, more specifically, the communication management unit 24.
  • a request message is transmitted (S330).
  • the communication management server 20 that has received the communication content browsing request message, more specifically, the communication management unit 24, extracts and extracts the communication content addressed to the user of the destination communication terminal device 30 from the stored communication content.
  • the communication content is transmitted to the destination communication terminal apparatus 30 (S340).
  • the content of communication transmitted at this time has been deleted from the browsing-restricted area or has been replaced with another content (for example, “browsing is restricted”).
  • the transmission destination communication terminal device 30 that has received the communication content transmitted in step S340, more specifically, the client unit 32 causes the output unit 36 to display the communication content.
  • the content of the viewing restricted area is deleted or replaced with another content (for example, “browsing restricted” is displayed)
  • the actual content of the viewing restricted area is displayed in the output unit 36.
  • the user of the destination communication terminal device 30 is in a state where the sender and the subject of the Web mail addressed to himself / herself can be viewed but the mail text cannot be viewed.
  • the browsing restriction release request unit 37 is activated by activating a predetermined icon or button.
  • the activated browsing restriction release request unit 37 starts a browsing restriction release request process (S360).
  • the browsing restriction release request unit 37 that has started the browsing restriction release request process activates the fingerprint reading unit 34 to make the fingerprint readable state and prompts the output unit 36 to read the fingerprint (for example: “print fingerprint reading”). Touch the index finger in the fingerprint reading area. ”) And the fingerprint reading unit 34 reads the fingerprint (S370).
  • the fingerprint reading unit 34 When the fingerprint reading is successful, the fingerprint reading unit 34 generates fingerprint data and passes the fingerprint data to the browsing restriction release requesting unit 37.
  • the browsing restriction release request unit 37 that has received the fingerprint data, together with the browsing restriction release request message, sets the fingerprint data read in step S370, the user identification information of the user who is executing the fingerprint registration request, and the target of the browsing restriction release.
  • Communication content identification information (for example, mail ID) for specifying the communication content is transmitted to the communication management server 20 (S380).
  • the communication management server 20, more specifically, the browsing restriction release request processing unit 25 performs fingerprint data authentication processing (S390). Specifically, the browsing restriction release request processing unit 25 reads out fingerprint data corresponding to the user identification information from the fingerprint database unit 23 using the user identification information transmitted in step S380 as a key, and in step S380. The sent fingerprint data is collated (S390).
  • the browsing restriction release request processing unit 25 releases the browsing restriction area for the communication content corresponding to the communication content identification information transmitted to the communication management unit 24 in step S380. Then, it instructs the transmission destination communication terminal apparatus 30 that has transmitted the browsing restriction release request message to transmit it. On the other hand, when it is determined that they do not match as a result of the collation, the browsing restriction release request processing unit 25 transmits a message notifying that the authentication has failed to the transmission destination communication terminal device 30 that has transmitted the browsing restriction release request message. (Not shown).
  • the communication management unit 24 instructed to release the browsing restriction releases the browsing restriction area and browses the communication content corresponding to the communication content identification information transmitted in step S380.
  • the restriction release request message is transmitted to the transmission destination communication terminal device 30 (S400).
  • the communication management unit 24 transmits the communication content in which the content of the mail text remains as it is to the transmission destination communication terminal device 30.
  • “Release the browsing restriction area” means that the contents of the browsing restriction area can be browsed in the destination communication terminal device 30.
  • the transmission destination communication terminal device 30 that has received the communication content whose browsing restriction area has been released, more specifically, the client unit 32, displays the communication content on the output unit 16 in a state where the browsing restricted area can be browsed ( S410). Specifically, the mail text (viewing restricted area) whose contents were not displayed on the output unit 36 in step S350 is displayed in step S410.
  • FIG. 8 is a flowchart illustrating an example of processing (viewing restriction release request processing) when a browsing restriction release request that is the main operation of the communication management server 20 is received.
  • the communication management server 20, more specifically, the browsing restriction release request processing unit 25 receives a communication content browsing request message from the destination communication terminal device 30 (S10).
  • the communication management server 20 that has received the communication content browsing request message, more specifically, the communication management unit 24, determines whether there is communication content addressed to the user of the destination communication terminal device 30 among the stored communication content. (S20). When it is determined that there is no communication content addressed to the user of the destination communication terminal device 30 (S20, No), the communication management server 20, more specifically, the communication management unit 24 sends a message that there is no communication content addressed to the user. The data is transmitted to the destination communication terminal device 30 (S30), and the process is terminated. On the other hand, when it is determined that there is communication content addressed to the user of the destination communication terminal device 30 (S20, Yes), the communication management server 20, more specifically, the communication management unit 24, addresses the user of the destination communication terminal device 30. The communication content is extracted, and the extracted communication content is transmitted to the destination communication terminal device 30 (S40).
  • the communication management server 20 more specifically, the browsing restriction release request processing unit 25 waits for a browsing restriction release request message from the transmission destination communication terminal device 30 (S50).
  • the communication management server 20 When receiving the browsing restriction release request message from the transmission destination communication terminal device 30, the communication management server 20, more specifically, the browsing restriction release request processing unit 25, uses the user identification information transmitted from the transmission destination communication terminal device 30 as a key. Then, the fingerprint data corresponding to the user identification information is read from the fingerprint database unit 23, and it is determined whether or not the fingerprint data transmitted from the destination communication terminal device 30 matches (S60).
  • the browsing restriction release request processing unit 25 displays the communication content corresponding to the communication content identification information transmitted to the communication management unit 24 in the browsing restriction area. And the communication management unit 24 instructed to transmit the browsing restriction release request message to the transmission destination communication terminal apparatus 30 and instructed to release the browsing restriction, corresponds to the transmitted communication content identification information.
  • the communication content is released from the browsing restriction area and transmitted to the destination communication terminal device 30 that has sent the browsing restriction release request message (S70), and then the communication management server 20 ends the browsing restriction release request process.
  • the communication management server 20 when it is determined that these do not match as a result of the collation (S60, No), the communication management server 20, more specifically, the browsing restriction release request processing unit 25, transmits the destination communication terminal device 30 that has transmitted the browsing restriction release request message. (S80), and then the communication management server 20 ends the browsing restriction release request process.
  • the communication management server 20 ends the browsing restriction release request process.
  • the communication system according to the second embodiment has basically the same configuration as the communication system 1 according to the first embodiment. In the following, differences between the communication system according to the second embodiment and the communication system 1 according to the first embodiment will be described.
  • FIG. 9 shows a functional block diagram of the transmission source communication terminal apparatus in the present embodiment.
  • the source communication terminal device 10A in the present embodiment is different in that the client unit 12A further includes a fingerprint data providing unit 17 for identity verification, and other configurations are related to the first embodiment. This is the same as the transmission source communication terminal device 10.
  • the same components are denoted by the same reference numerals, and detailed description thereof is omitted.
  • the personal identification fingerprint data providing unit 17 The fingerprint data of the user of the communication terminal device 10A is newly acquired by the fingerprint reading unit 14, or the fingerprint data of the user of the transmission source communication terminal device 10A that has been stored in the transmission source communication terminal device 10A in advance is read. The fingerprint data is transmitted to the communication management server 20A.
  • the personal identification fingerprint data providing unit 17 corresponds to a personal identification data providing unit.
  • FIG. 10 shows a functional block diagram of the communication management server in the present embodiment.
  • the communication management server 20A in the present embodiment is different in that it further includes an identity verification processing unit 26, and the other configuration is the same as that of the communication management server 20 according to the first embodiment.
  • the same components are denoted by the same reference numerals, and detailed description thereof is omitted.
  • the identity verification processing unit 26 is connected to the server side communication control unit 21 and the fingerprint database unit 23.
  • the identity confirmation processing unit 26 When the identity confirmation processing unit 26 receives the identity confirmation request message from the transmission destination communication terminal device 30A, the fingerprint data transmitted together with the communication content from the transmission destination communication terminal device 30A and the user of the transmission source communication terminal device 10A.
  • the user's fingerprint data stored in the fingerprint database unit 23 at the time of user registration is compared, and if both fingerprint data match, a notification message indicating that the identity verification was successful is sent to the destination communication terminal device 30A. It has the function to do.
  • the identity verification processing unit 26 sends a fingerprint data transmission request message to the transmission source communication terminal device 10A, more specifically, to the identity verification fingerprint data providing unit 17.
  • the fingerprint data transmitted from the transmission source communication terminal device 10A, more specifically, the personal identification fingerprint data providing unit 17 may be used in accordance with this.
  • the identity verification processing unit 26 corresponds to identity verification processing means.
  • FIG. 11 shows a functional block diagram of the transmission destination communication terminal apparatus in the present embodiment.
  • the destination communication terminal device 30A in the present embodiment is different in that the client unit 32 further includes an identity confirmation requesting unit 38, and the other configuration is the source communication according to the first embodiment. This is the same as the terminal device 30.
  • the same components are denoted by the same reference numerals, and detailed description thereof is omitted.
  • the identity confirmation requesting unit 38 communicates an identity confirmation request message, which is a message requesting confirmation that the communication content is transmitted by the user himself / herself of the destination communication terminal device 30A, in accordance with a user operation or the like. It has a function of transmitting to the management server 20A, more specifically to the identity confirmation processing unit 26).
  • the identity verification request unit 38 corresponds to a sender identity verification request unit.
  • FIG. 12 is a sequence diagram illustrating an operation of the communication system according to the second embodiment.
  • the user of the transmission source communication terminal device 10A inputs communication contents (e-mail text etc.) (not shown) and executes fingerprint data reading (S310A).
  • the fingerprint data is read by the fingerprint reading unit 14, and the fingerprint data generated as a result of the fingerprint data reading is passed to the client unit 12.
  • the client unit 12 transmits fingerprint data (hereinafter referred to as “identification fingerprint data for identification”) to the communication management server 20A together with information for identifying the user and communication contents (S310B).
  • fingerprint data hereinafter referred to as “identification fingerprint data for identification”
  • the communication management server 20A that has received the communication content and the fingerprint data for identity verification stores these (S310C). More specifically, the communication content is stored by the communication management unit 24, and the personal identification fingerprint data is stored in the personal verification processing unit 26.
  • the client unit 32 of the transmission destination communication terminal apparatus 30 includes information (for example, a user ID, a mail address, etc.) that identifies the user of the transmission destination communication terminal apparatus 30 to the communication management server 20, more specifically, the communication management unit 24.
  • a communication content browsing request message is transmitted (S501).
  • the transmission destination communication terminal device 30 transmits a sender identity confirmation request message to the communication management server 20 (S502).
  • the communication management server 20A uses the information for specifying the user as a key to print fingerprint data corresponding to the information for specifying the user from the fingerprint database unit 23 (“user registration fingerprint”). Data)).
  • the personal identification processing unit 26 collates the personal identification fingerprint data with the user registration fingerprint data, and determines whether these fingerprint data match (S503). If it is determined that the fingerprint data match, the communication management server 20A, more specifically the identity verification processing unit 26, sends a message notifying that the identity of the sender who is the user of the transmission source communication terminal device 10A has been successfully verified. A certain identity verification success message is transmitted to the destination communication terminal apparatus 30A (S504). If it is determined that these fingerprint data do not match, a message notifying that the identity of the sender who is the user of the transmission source communication terminal apparatus 10A has not been successfully transmitted is transmitted to the transmission destination communication terminal apparatus 30A.
  • step S504 the communication system executes the processing from step S340 to step S410 described above, as in the first embodiment.
  • FIG. 13 is a sequence diagram illustrating an operation example of a modification of the communication system according to the second embodiment.
  • steps S310 and S320 are executed (not shown) as in the first embodiment.
  • the transmission destination communication terminal apparatus 30 transmits a sender identity confirmation request message to the communication management server 20 prior to the above-described step S330 or simultaneously with the transmission of the communication content browsing request message in step S330 (S601). ).
  • the communication management server 20A more specifically, the identity verification processing unit 26 transmits a fingerprint data request message to the destination communication terminal device 10A that is the destination of the communication contents (S602).
  • the destination communication terminal device 10A that has received the fingerprint data request message activates the fingerprint reading unit 14 to prompt the user to read the fingerprint, and the user responds accordingly.
  • the fingerprint reading unit 14 When the fingerprint reading process is executed (S603), the fingerprint reading unit 14 generates fingerprint data (hereinafter referred to as “identification fingerprint data”), and passes it to the identity verification fingerprint data providing unit 17.
  • the identity verification fingerprint data providing unit 17 sends this fingerprint data to the communication management server 20A, more specifically to the identity verification processing unit 26, together with information specifying the user, which is information specifying the user of the transmission source communication terminal device 20A. Transmit (S604).
  • the communication management server 20A that has received the fingerprint data for identity verification more specifically, the identity verification processing unit 26 stores the fingerprint data for identity verification (S605). Note that information identifying the user is stored in association with the fingerprint data for identity verification.
  • the communication management server 20A uses the information for specifying the user as a key to print fingerprint data corresponding to the information for specifying the user from the fingerprint database unit 23 (“user registration fingerprint”). Data)).
  • the personal identification processing unit 26 collates the personal identification fingerprint data with the user registration fingerprint data, and determines whether these fingerprint data match (S606). If it is determined that the fingerprint data match, the communication management server 20A, more specifically the identity verification processing unit 26, sends a message notifying that the identity of the sender who is the user of the transmission source communication terminal device 10A has been successfully verified. A certain identity verification success message is transmitted to the destination communication terminal device 30A (S607). If it is determined that these fingerprint data do not match, a message notifying that the identity of the sender who is the user of the transmission source communication terminal apparatus 10A has not been successfully transmitted is transmitted to the transmission destination communication terminal apparatus 30A.
  • step S607 the communication system executes the processing after step S330 described above, as in the first embodiment.
  • the communication management server 20 does not transmit the contents of the browsing restriction area to the transmission destination communication terminal device 30, but the communication management server 20 does not transmit the contents of the browsing restriction area.
  • the transmission destination communication terminal device 30 transmits the data as it is without deletion or replacement to the transmission destination communication terminal device 30 until the confirmation of fingerprint data matching is transmitted from the communication management server 20 to the transmission destination communication terminal device 30.
  • the present embodiment is established even when the client unit 12 is configured to suppress the display of the browsing restriction area.
  • the fingerprint data may not be the entire image of the read fingerprint, and a part (or a plurality of locations) of the image may be registered and collated.
  • the present invention is not limited to the Web mail, but an electronic mail and a file storage system. Browsing on systems that send and distribute data and information by identifying senders and information providers such as data exchange systems, personal pages such as auction sites, online securities, SNS, and corporate websites It is also possible to apply to.
  • the present invention can also be realized by using “personal identification data”, which is data that can uniquely identify an individual, instead of the fingerprint data of the above embodiment. [5. Summary, etc.] As mentioned above, although embodiment of this invention was described, this invention is not limited to these, A various change, addition, a combination, etc. are possible in the range which does not deviate from the meaning of invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Telephonic Communication Services (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

Le but de l'invention est d'empêcher toute personne autre que le destinataire d'un contenu de communication, prévu par l'expéditeur, d'avoir accès à ce contenu de communication, en donnant une autorisation d'accès uniquement au destinataire initialement prévu par l'expéditeur et en évitant que toute autre personne n'acquière les données d'empreinte digitale. A cet effet, une unité de gestion de communication (24) assure le stockage du contenu de communication envoyé à partir d'une source de transmission, le réglage d'une zone d'accès limité dans le contenu de communication, l'envoi du contenu de communication qui est en mode zone d'accès limité non accessible, à une destination d'envoi avant l'authentification effectuée avec succès de l'empreinte digitale d'une personne utilisant la destination d'envoi, et l'envoi du contenu de communication dont la zone d'accès limité a été annulée, à la destination d'envoi après authentification effectuée avec succès de l'empreinte digitale. Si une unité de traitement de demande d'annulation d'accès limité (25) reçoit un message de demande d'annulation d'accès limité provenant de la destination d'envoi, cette unité de traitement effectue une comparaison entre : les données empreinte digitale transmises conjointement avec les données identification utilisateur à partir de la destination d'envoi ; avec les données empreinte digitale associées aux données identification utilisateur et enregistrées dans un moyen mémoire. S'il s'avère que les deux ensembles de données empreinte digitale coïncident, l'unité de traitement (25) de demande d'annulation d'accès limité donne l'instruction à l'unité de gestion de communication (24) d'annuler la zone d'accès limité du contenu de communication.
PCT/JP2014/068047 2013-07-05 2014-07-07 Système de communication WO2015002321A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2015525306A JP6312672B2 (ja) 2013-07-05 2014-07-07 通信システム

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2013141310 2013-07-05
JP2013-141310 2013-07-05

Publications (1)

Publication Number Publication Date
WO2015002321A1 true WO2015002321A1 (fr) 2015-01-08

Family

ID=52143888

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2014/068047 WO2015002321A1 (fr) 2013-07-05 2014-07-07 Système de communication

Country Status (2)

Country Link
JP (1) JP6312672B2 (fr)
WO (1) WO2015002321A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016200864A (ja) * 2015-04-07 2016-12-01 バイオニクス株式会社 メッセージサービスシステム

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001125871A (ja) * 1999-10-28 2001-05-11 Minolta Co Ltd 電子伝言板および電子伝言板システム
US20040049686A1 (en) * 2002-09-05 2004-03-11 Chun-Yu Chen Fingerprint identification applied data storage system and method
JP2007115228A (ja) * 2005-09-20 2007-05-10 Iti:Kk マスキングプログラムおよびマスキングシステム
JP2013030157A (ja) * 2011-06-24 2013-02-07 Nihon Univ 非公開情報閲覧方法及び非公開情報閲覧システム

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3227031B2 (ja) * 1993-06-14 2001-11-12 富士通株式会社 電子メール処理システム

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001125871A (ja) * 1999-10-28 2001-05-11 Minolta Co Ltd 電子伝言板および電子伝言板システム
US20040049686A1 (en) * 2002-09-05 2004-03-11 Chun-Yu Chen Fingerprint identification applied data storage system and method
JP2007115228A (ja) * 2005-09-20 2007-05-10 Iti:Kk マスキングプログラムおよびマスキングシステム
JP2013030157A (ja) * 2011-06-24 2013-02-07 Nihon Univ 非公開情報閲覧方法及び非公開情報閲覧システム

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016200864A (ja) * 2015-04-07 2016-12-01 バイオニクス株式会社 メッセージサービスシステム

Also Published As

Publication number Publication date
JP6312672B2 (ja) 2018-04-18
JPWO2015002321A1 (ja) 2017-02-23

Similar Documents

Publication Publication Date Title
RU2522024C2 (ru) Способ подписания электронных документов аналого-цифровой подписью с дополнительной верификацией
JP5711430B2 (ja) 身分認証管理装置及びその方法
JP6882080B2 (ja) 画像処理装置、方法、プログラム及びシステム
US10848304B2 (en) Public-private key pair protected password manager
US10992838B2 (en) System for executing process associated with biometric information, and method in system, information processing apparatus, and method in information processing apparatus for same
US9998288B2 (en) Management of secret data items used for server authentication
US20070136820A1 (en) Server apparatus, client apparatus, control method therefor, and computer program
JP7278802B2 (ja) サービス利用装置、方法、及びプログラム
JP4555322B2 (ja) 画像通信システムおよび画像通信装置
JP2008181178A (ja) ネットワーク出力システム、認証情報登録方法、および認証情報登録プログラム
JP2006155547A (ja) 本人認証システム、端末装置、およびサーバ
JP2006048651A (ja) ネットワーク印刷システム及びファクシミリ通信システム
JP2022044080A (ja) 情報処理装置及びプログラム
JP6325654B2 (ja) ネットワークサービス提供装置、ネットワークサービス提供方法、及びプログラム
JP6312672B2 (ja) 通信システム
JP7079528B2 (ja) サービス提供システム及びサービス提供方法
KR101831381B1 (ko) 메신저서비스를 이용한 스마트 로그인 방법 및 그 장치
JP6989906B1 (ja) パスワード管理システム、パスワード管理装置、パスワード管理方法、パスワード管理プログラムおよび記録媒体
JP5005394B2 (ja) メールサーバアクセス方法及び電子メールシステム
JP4749017B2 (ja) 擬似生体認証システム、及び擬似生体認証方法
JP2008225831A (ja) シンクライアントシステム、これに用いるサーバ、クライアント端末、セキュリティカード並びにデータ通信方法
JP2019003509A (ja) 情報処理装置及び情報処理プログラム
JP6470006B2 (ja) 共有認証情報更新システム
JP4717356B2 (ja) 情報処理デバイス及びそれを用いた情報処理方法並びに情報処理プログラム
JP2020141357A (ja) サーバ装置、端末装置、認証システム及び認証方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14819323

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2015525306

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14819323

Country of ref document: EP

Kind code of ref document: A1