WO2023145081A1 - System, server device, control method for server device, and storage medium - Google Patents

System, server device, control method for server device, and storage medium Download PDF

Info

Publication number
WO2023145081A1
WO2023145081A1 PCT/JP2022/003624 JP2022003624W WO2023145081A1 WO 2023145081 A1 WO2023145081 A1 WO 2023145081A1 JP 2022003624 W JP2022003624 W JP 2022003624W WO 2023145081 A1 WO2023145081 A1 WO 2023145081A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
electronic certificate
facility
user
casino
Prior art date
Application number
PCT/JP2022/003624
Other languages
French (fr)
Japanese (ja)
Inventor
隆 森川
裕之 岡田
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Priority to PCT/JP2022/003624 priority Critical patent/WO2023145081A1/en
Publication of WO2023145081A1 publication Critical patent/WO2023145081A1/en

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/27Individual registration on entry or exit involving the use of a pass with central registration

Definitions

  • the present invention relates to a system, a server device, a server device control method, and a storage medium.
  • Patent Literature 1 states that admission to amusement facilities is appropriately managed.
  • the entrance management system of Patent Literature 1 includes face authentication means, user determination means, entrance number determination means, and entrance availability determination means.
  • the face authentication means performs face authentication based on the face image of the user entering the facility and the face image obtained from the user's identification card.
  • the user determination means determines whether or not the user is a user requiring admission management to the facility, based on the identification card type of the identification card.
  • the number-of-entry determining means determines whether or not the user's number of times of entering the facility exceeds the limit of the number of times of entering the facility when the user is a user who needs to be managed to enter the facility.
  • the admission decision means decides whether or not the user is allowed to enter the facility based on the face recognition result and the admission limit decision result. Furthermore, Patent Document 1 describes that identity verification and number of times verification are required to enter a casino facility (see paragraphs [0051] to [0058] of the same document).
  • Patent Document 2 states that entry control to casino facilities is made more efficient.
  • Patent Literature 2 in a casino facility, as pre-registration, a user has his or her My Number card read, enters various passwords, pays an entrance fee, and has his or her own biometric information read via an operation terminal.
  • the information processing device executes personal authentication processing, confirmation processing for limiting the number of times of admission, and processing for collecting admission fees, and stores the confirmation results of each processing in the confirmation result database in association with the biometric information of the user.
  • a user who has performed pre-registration arrives at the entrance gate and has his/her biometric information read through the operation terminal.
  • the information processing device refers to the confirmation results stored in the confirmation result database, and the confirmation results associated with the read biometric information are "identity confirmed", "number of times limited OK", and "entrance fee collected”. , then permission to enter the casino facility.
  • Patent Document 1 when entering a facility such as a casino, identity verification and number of times verification are required.
  • Patent Document 1 requires the user to input a 6-digit to 16-digit personal identification number for reading out the signature electronic certificate every time the user is authenticated.
  • the main object of the present invention is to provide a system, a server device, a server device control method, and a storage medium that contribute to reducing the burden on users when entering facilities such as casinos.
  • a facility server that controls a user to enter a facility, and a first platform server that performs an authentication procedure using an electronic certificate stored in an identification card. and the facility server transmits the first electronic certificate stored in the identification card to the first platform server at the time of initial identity verification required before the user enters the facility.
  • the first platform server associates and stores the first identification information of the first electronic certificate and the second identification information of the second electronic certificate, and at the time of identity verification after the second time , extracting the second identification information from the second electronic certificate, and using at least the first identification information corresponding to the extracted second identification information, the second and subsequent identity verification processes
  • the first electronic certificate stored in the identification card is stored in the identification card.
  • a personal identification processing unit that transmits to a first platform server that performs an authentication procedure using an electronic certificate obtained from the user; an admission confirmation processing unit that transmits a second electronic certificate stored in a certificate to the first platform server.
  • the first electronic certificate stored in the identification card is used as the identification card at the time of initial identity verification required before the user enters the facility.
  • the identification card A method for controlling a server device is provided for transmitting a stored second digital certificate to the first platform server.
  • a computer installed in a server device stores a first electronic certificate stored in an identification card at the time of initial identity verification required before a user enters a facility. to the first platform server that performs the authentication procedure using the electronic certificate stored in the identification card, and the second and subsequent identity verifications required when the user enters the facility.
  • a computer-readable storage medium is provided storing a program for executing a process of transmitting a second digital certificate stored in said identification card to said first platform server.
  • Each aspect of the present invention provides a system, a server device, a server device control method, and a storage medium that contribute to reducing the burden on users when entering facilities such as casinos.
  • the effect of this invention is not limited above. Other effects may be achieved by the present invention instead of or in addition to this effect.
  • FIG. 1 is a diagram for explaining an overview of one embodiment.
  • FIG. 2 is a flow chart for explaining the operation of one embodiment.
  • FIG. 3 is a diagram showing an example of a schematic configuration of an entrance management system according to the first embodiment.
  • FIG. 4 is a diagram for explaining the operation of the entrance management system according to the first embodiment.
  • FIG. 5 is a diagram for explaining the operation of the entrance management system according to the first embodiment.
  • FIG. 6 is a diagram for explaining the operation of the entrance management system according to the first embodiment.
  • 7 is a diagram illustrating an example of a processing configuration of a reception terminal according to the first embodiment;
  • FIG. 8 is a diagram illustrating an example of a display on the reception terminal according to the first embodiment;
  • FIG. 9 is a diagram illustrating an example of a display on the reception terminal according to the first embodiment
  • 10A and 10B are diagrams showing examples of displays on the reception terminal according to the first embodiment.
  • 11 is a diagram illustrating an example of a processing configuration of an entrance terminal according to the first embodiment
  • FIG. 12 is a diagram illustrating an example of a display on an entrance terminal according to the first embodiment
  • FIG. 13 is a diagram illustrating an example of a display of an entrance terminal according to the first embodiment
  • FIG. 14 is a diagram showing an example of the processing configuration of the casino server according to the first embodiment.
  • FIG. 15 is a diagram illustrating an example of a user information database according to the first embodiment
  • 16 is a flowchart illustrating an example of the operation of an entry confirmation processing unit according to the first embodiment
  • FIG. 17 is a diagram illustrating an example of a processing configuration of the first PF server according to the first embodiment
  • FIG. 18 is a diagram showing an example of a user management database according to the first embodiment
  • 19 is a diagram illustrating an example of a processing configuration of a management server according to the first embodiment
  • FIG. FIG. 20 is a diagram showing an example of a visitor information database according to the first embodiment
  • 21 is a diagram illustrating an example of a processing configuration of a second PF server according to the first embodiment
  • FIG. 22 is a diagram showing an example of a visitor management database according to the first embodiment.
  • 23 is a diagram illustrating an example of a processing configuration of a certificate authority server according to the first embodiment;
  • FIG. 24 is a sequence diagram illustrating an example of the operation of the entrance management system according to the first embodiment;
  • FIG. 25 is a sequence diagram illustrating an example of the operation of the entrance management system according to the first embodiment;
  • FIG. 26 is a diagram showing an example hardware configuration of a casino server according to the disclosure of the present application.
  • a system includes a facility server 101 and a first platform server 102 (see FIG. 1).
  • the facility server 101 performs control for users to enter the facility.
  • the first platform server 102 performs an authentication procedure using the electronic certificate stored in the identification card.
  • the facility server 101 transmits the first electronic certificate stored in the identification card to the first platform server 102 at the time of initial identity verification required before the user enters the facility (step in FIG. 2). S1).
  • the facility server 101 transmits the second electronic certificate stored in the identification card to the first platform server 102 at the time of the second and subsequent identity verifications required when the user enters the facility ( step S2).
  • the first platform server 102 associates and stores the first identification information of the first electronic certificate and the second identification information of the second electronic certificate.
  • the first platform server 102 extracts the second identification information from the second electronic certificate during the second and subsequent identity verifications.
  • the first platform server 102 uses at least the first identification information corresponding to the extracted second identification information to perform the second and subsequent identity verification processes (execution of identity verification processing; step S3).
  • identity verification may be required.
  • a first electronic certificate for example, a signature electronic certificate stored in a My Number card
  • the burden on the user increases. Therefore, in the above system, the first identity verification is performed with the first electronic certificate, and the second and subsequent identity verifications are performed with the second electronic certificate linked to the first electronic certificate (for example, the user certificate electronic certificate).
  • the second electronic certificate can be read by a personal identification number with a smaller number of digits or by biometric authentication, thus reducing the burden on the user. In this way, the system according to one embodiment can reduce the user's burden when entering a facility such as a casino.
  • FIG. 3 is a diagram showing an example of a schematic configuration of an entrance management system (information processing system) according to the first embodiment.
  • An entrance management system according to the first embodiment performs entrance management for facilities in an integrated resort (IR).
  • the admission management system includes a plurality of server devices.
  • Integrated resorts include international conference halls, exhibition facilities, hotels, commercial facilities, restaurants, theaters, movie theaters, amusement parks, sports facilities, spa facilities, casino action areas, etc.
  • the explanation will be given by taking the "Casino action area" as an example of a facility where users enter.
  • the facility that the user enters may be another facility.
  • a user who enter the casino action area (hereinafter simply referred to as the casino facility or casino) for the first time must undergo identity verification in advance. Specifically, a user (a person wishing to enter) undergoes identity verification using a reception terminal 10 (kiosk terminal) installed in a corner of the integrated resort facility. The initial identity verification must be completed before entering the casino facility.
  • a reception terminal 10 Kiosk terminal
  • Identity verification is performed using an identification card issued by a public institution.
  • an IC (Integrated Circuit) card storing an electronic certificate is used for identity verification.
  • a My Number card will be described as an example of an IC card (identification card) in which an electronic certificate is stored.
  • the user operates the reception terminal 10 to carry out procedures related to initial identity verification. After completing the initial identification, the user can enter the casino facility through the entrance terminal 20. - ⁇
  • the admission terminal 20 When the user enters the casino facility, the admission terminal 20 performs identity verification of the visitor (identity verification for the second and subsequent times) and the number of visits. However, foreigners who do not have a residence in Japan do not need to confirm their identity and number of times.
  • the confirmation of the number of times is a confirmation as to whether or not the entry limit to the casino facility set by law has been exceeded. For example, there is a short-term limit on the number of visits, such as "the number of times of admission is limited to 3 times in a continuous 7-day period", and a limit of "the number of times of admission is limited to 10 times in a consecutive 28-day period" as a long-term limit.
  • the confirmation as to whether or not there is a conflict is the confirmation of the number of times.
  • a user who has successfully completed identity verification and number of times verification at the entrance terminal 20 can pass through the gate and enter the casino facility.
  • the entrance management system includes multiple server devices.
  • the admission management system includes a casino server 30, a first platform (PF) server 40, a management server 50, a second platform server 60, and a certificate authority server 70. included.
  • the casino server 30 is a server device managed by a casino operator or the like.
  • the casino server 30 manages casino users.
  • the casino server 30 performs control for the user to enter the casino facility.
  • the casino server 30 corresponds to the facility server 101 described above.
  • the first PF server 40 is a server device managed by an authentication business that performs authentication work for electronic certificates.
  • the first PF server 40 performs an authentication procedure using the electronic certificate stored in the identification card. More specifically, the first PF server 40 is a device that authenticates electronic certificates requested by casino operators.
  • the management server 50 is a server device managed by a casino management committee (an administrative body that creates rules regarding casino usage and manages casino business activities by casino operators).
  • the management server 50 manages the usage status of the casino facility. More specifically, the management server 50 checks the number of casino users and manages (stores) the identities of casino users.
  • the management server 50 does not manage the usage status of one casino facility, but manages the usage status of each casino facility (a plurality of casino facilities) that conduct business activities in Japan. That is, the management server 50 confirms the number of visits not only to the casino facility that the user intends to enter, but also to other casino facilities in Japan (confirms the above-described short-term and long-term number of visits).
  • the second PF server 60 is a server device managed by an authentication business that performs authentication work for electronic certificates.
  • the second PF server 60 performs an authentication procedure using the electronic certificate stored in the identification card. More specifically, the second PF server 60 is a device that performs authentication work for electronic certificates requested by the casino management committee.
  • the certificate authority server 70 is a server device managed by a corporation called J-LIS (Japan Agency for Local Authority Information Systems), which is jointly operated by the national government and local governments.
  • J-LIS Joint Agency for Local Authority Information Systems
  • the certificate authority server 70 verifies the validity of the electronic certificate. More specifically, the certificate authority server 70 is a device that provides a personal authentication service using electronic certificates.
  • a user entering the casino facility for the first time undergoes an initial identity verification at the reception terminal 10.
  • the reception terminal 10 acquires an electronic certificate for signature from the My Number card possessed by the user.
  • the reception terminal 10 transmits an identity verification request including the acquired signature electronic certificate to the casino server 30 (step S01).
  • the electronic signature certificate is an electronic certificate for signing documents submitted to public institutions, etc. , date of birth, gender, address).
  • the casino server 30 requests the first PF server 40 to verify the identity of the user. Specifically, the casino server 30 transmits to the first PF server 40 a personal identification request including the signature electronic certificate obtained from the reception terminal 10 (step S02).
  • the first PF server 40 Upon receiving the personal identification request, the first PF server 40 requests the certificate authority server 70 to verify the validity of the electronic signature certificate. Specifically, the first PF server 40 transmits a verification request including the issue number of the signature electronic certificate to the certificate authority server 70 (step S03).
  • the certificate authority server 70 verifies the signature electronic certificate.
  • the certificate authority server 70 transmits the verification result of the electronic certificate for signature (the electronic certificate for signature is valid, the electronic certificate for signature is invalid) to the first PF server 40 (step S04).
  • the certificate authority server 70 also sends the issue number of the electronic certificate for user certification linked to the electronic certificate for signature to the first PF. Send to server 40 .
  • the first PF server 40 creates an account for the user (the user entering the casino facility for the first time).
  • the first PF server 40 has an ID that identifies the user (hereinafter referred to as a user ID), the issue number of the electronic certificate for signature, the issue number of the electronic certificate for user certification, and the person himself/herself. Specific items are associated with each other and stored.
  • the personal identification information is information consisting of at least one or a combination of name, date of birth, gender and address.
  • a name or a combination of a name and a date of birth corresponds to personal identification items.
  • a combination of name, date of birth, sex and address may be the personal identification items.
  • the first PF server 40 transmits the confirmation result (identity confirmation success, identity confirmation failure) for the identity confirmation request to the casino server 30 (step S05). If the personal identification is successful, the first PF server 40 also transmits the user ID and personal identification items to the casino server 30 .
  • the casino server 30 transmits a response to the identity confirmation request (identity confirmation success, identity confirmation failure) to the reception terminal 10 (step S06).
  • the casino server 30 also stores the user ID and the like received from the first PF server 40 .
  • the reception terminal 10 notifies the user of the result of identity verification.
  • the casino server 30 uses the first electronic certificate (signature electronic certificate) stored in the identification card (my number card) at the time of initial identity verification required before the user enters the casino facility. ) to the first PF server 40 .
  • the first PF server 40 transmits the first identification information of the first electronic certificate (issuance number of the signature electronic certificate) to the certificate authority server 70 .
  • the certificate authority server 70 verifies the validity of the first electronic certificate based on the first identification information, and if the verification is successful, the second identification information (user (issue number of electronic certificate for proof) to the first PF server 40 .
  • the first PF server 40 uses the first identification information of the first electronic certificate (electronic certificate for signature) and the second identification information of the second electronic certificate (electronic certificate for user proof) as They are associated and stored.
  • the admission terminal 20 acquires an electronic certificate for user verification from the My Number card possessed by the user.
  • the admission terminal 20 transmits an admission confirmation request including the acquired electronic certificate for user verification to the casino server 30 (step S11 in FIG. 5).
  • the electronic certificate for user authentication is an electronic certificate used as a means of authenticating the identity of the person, and the personal information of the user (the resident to whom the My Number Card was issued) (so-called basic 4 information; name , date of birth, gender, address).
  • the admission management system will perform identity verification and number of times verification.
  • the identity confirmation and the number of times confirmation are executed in parallel, but for the sake of convenience, the identity confirmation and the number of times confirmation will be explained separately.
  • the casino server 30 After obtaining the electronic certificate for user verification from the admission terminal 20, the casino server 30 requests the first PF server 40 to verify the identity of the person who wishes to enter. Specifically, the casino server 30 transmits to the first PF server 40 a personal identification request including the electronic certificate for user verification obtained from the entrance terminal 20 (step S21).
  • the first PF server 40 determines whether or not the initial identity verification has been completed for those who wish to enter the casino facility. Specifically, the first PF server 40 uses the issue number of the user-certifying electronic certificate to determine whether or not the account of the person who wishes to enter has been generated.
  • the first PF server 40 requests the certificate authority server 70 to verify the validity of the signature electronic certificate and the user certification electronic certificate. Specifically, the first PF server 40 transmits a verification request including the issue number of the signature electronic certificate and the issue number of the user certification electronic certificate to the certificate authority server 70 (step S22).
  • the certificate authority server 70 verifies the electronic certificate for signature and the electronic certificate for user certification.
  • the certificate authority server 70 transmits the verification result of the electronic certificate for signature and the electronic certificate for user proof (certificate is valid, certificate is invalid) to the first PF server 40 (step S23).
  • the first PF server 40 transmits to the casino server 30 the confirmation result (identity verification success, identity verification failure) for the identity verification request received from the casino server 30 (step S24). If the personal identification is successful, the first PF server 40 notifies the casino server 30 of the user ID and personal identification information of the person who wishes to enter.
  • the casino server 30 stores the confirmation results (identity confirmation success, identity confirmation failure) for those who wish to enter the casino facility.
  • the casino server 30 requests the management server 50 to confirm the number of times the applicant wants to enter. Specifically, the casino server 30 transmits to the management server 50 a number-of-times confirmation request including the electronic certificate for user verification read out from the My Number card (step S31).
  • the management server 50 requests the second PF server 60 to identify the visitors. Specifically, the management server 50 transmits to the second PF server 60 a visitor identification request including the electronic certificate for user certification obtained from the casino server 30 (step S32).
  • the second PF server 60 Upon receiving the visitor identification request, the second PF server 60 requests the certificate authority server 70 to verify the validity of the electronic certificate for user certification. Specifically, the second PF server 60 transmits a verification request including the issue number of the electronic certificate for user certification to the certification authority server 70 (step S33).
  • the certificate authority server 70 verifies the electronic certificate for user certification.
  • the certificate authority server 70 transmits the verification result of the user certification electronic certificate (the user certification electronic certificate is valid, the user certification electronic certificate is invalid) to the second PF server 60 (step S34). ).
  • the second PF server 60 creates an account for the visitor.
  • the second PF server 60 associates and stores an ID that identifies a visitor (hereinafter referred to as a visitor ID) and an issue number of an electronic certificate for user certification of the visitor.
  • the second PF server 60 sends a response to the visitor identification request received from the management server 50 (the visitor is identified, the visitor is not identified) to the management server 50 (step S35).
  • the second PF server 60 also transmits the visitor ID of the identified visitor (expected visitor) to the management server 50 .
  • the management server 50 identifies the user who is subject to admission confirmation (confirmation of the number of times) based on the visitor ID, and confirms the number of times the identified user has used the casino facility.
  • the management server 50 transmits the result of the confirmation of the number of times (user can use the casino facility, user cannot use the casino facility) to the casino server 30 (step S36).
  • the casino server 30 stores the results of the confirmation of the number of times.
  • the casino server 30 determines whether or not the user can enter the casino facility at the timing when the result of the identity verification and the result of the number of times verification are complete.
  • the casino server 30 transmits a response to the admission confirmation request (allowed to enter the casino facility, not allowed to enter the casino facility) to the admission terminal 20 (step S12 in FIG. 5).
  • the entrance terminal 20 controls the gate according to the response to the entrance confirmation request (the user can enter the casino facility, and the user cannot enter the casino facility).
  • the casino server 30 performs processing related to confirmation of the number of visits to the casino facility in parallel with the second and subsequent personal identifications.
  • the casino server 30 uses the second electronic certificate (user-certifying electronic certificate) stored in the My Number Card at the time of identity verification for the second and subsequent times required when the user enters the casino facility.
  • Send to the first PF server 40 The first PF server 40 extracts the second identification information (issue number) from the second electronic certificate at the time of the second and subsequent identity verification, and at least the first identification corresponding to the extracted issue number.
  • the information (issuance number of electronic certificate for signature) is used to perform processing related to personal identification for the second and subsequent times.
  • the casino server 30 transmits the second electronic certificate to the management server 50.
  • the management server 50 sends a second electronic certificate to the second PF server 60 to request the second PF server 60 to identify a visitor who is going to enter the casino facility.
  • the second PF server 60 transmits the visitor ID of the visitor to the management server 50 when the second electronic certificate is valid.
  • a management server 50 permits a visitor who intends to enter the casino facility to enter the casino when the casino usage history of the user corresponding to the visitor ID does not violate the limit on the number of times of use of the casino facility.
  • FIG. 7 is a diagram showing an example of a processing configuration (processing modules) of the reception terminal 10 according to the first embodiment.
  • reception terminal 10 includes communication control section 201 , identity verification control section 202 , and storage section 203 .
  • the communication control unit 201 is means for controlling communication with other devices.
  • the communication control section 201 receives data (packets) from the casino server 30 .
  • the communication control unit 201 transmits data to the casino server 30 .
  • the communication control unit 201 transfers data received from other devices to other processing modules.
  • the communication control unit 201 transmits data acquired from other processing modules to other devices. In this manner, other processing modules transmit and receive data to and from other devices via the communication control unit 201 .
  • the communication control unit 201 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to the other device.
  • the identity verification control unit 202 is means for controlling identity verification for those who wish to enter the casino facility. More specifically, the identity verification control unit 202 controls the initial identity verification of the person who wishes to enter.
  • the personal identification control unit 202 uses a GUI (Graphical User Interface) or the like to acquire the user's (applicant's) desire to enter the casino facility.
  • GUI Graphic User Interface
  • the personal identification control unit 202 acquires an electronic certificate for signature from the My Number card possessed by the user.
  • the personal identification control unit 202 displays a GUI as shown in FIG. 8 and recognizes that the My Number card has been inserted into an IC (Integrated Circuit) card reader. After that, the personal identification control unit 202 reads the signature electronic certificate from the My Number card.
  • IC Integrated Circuit
  • the personal identification control unit 202 attempts to read out the signature electronic certificate from the My Number card using the acquired personal identification number. If the correct personal identification number is entered, the personal identification control unit 202 can read out the signature electronic certificate.
  • the identity verification control unit 202 transmits to the casino server 30 an identity verification request including the read electronic certificate for signature.
  • the personal identification control unit 202 receives a response (positive response, negative response) to the personal identification request from the casino server 30.
  • the identity verification control unit 202 displays a message or the like according to the identity verification result.
  • the identity confirmation control unit 202 notifies the user that the "first identity confirmation” has been successful. If the identity verification fails (if a negative response is received), the identity verification control unit 202 notifies the user that the “initial identity verification” has failed.
  • the identity verification control unit 202 displays a display as shown in FIG. 10A to inform the user that the user can enter the casino facility. If the personal identification fails, the personal identification control unit 202 displays a display as shown in FIG. 10B to inform the user that he/she cannot enter the casino facility.
  • the storage unit 203 is means for storing information necessary for the operation of the reception terminal 10 .
  • FIG. 11 is a diagram showing an example of a processing configuration (processing modules) of the entrance terminal 20 according to the first embodiment.
  • the admission terminal 20 includes a communication control section 301 , an admission control section 302 , a gate control section 303 and a storage section 304 .
  • the communication control unit 301 is means for controlling communication with other devices.
  • the communication control section 301 receives data (packets) from the casino server 30 .
  • the communication control unit 301 transmits data to the casino server 30 .
  • the communication control unit 301 passes data received from other devices to other processing modules.
  • the communication control unit 301 transmits data acquired from other processing modules to other devices. In this way, other processing modules transmit and receive data to and from other devices via the communication control unit 301 .
  • the communication control unit 301 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to the other device.
  • the admission control unit 302 is means for controlling admission confirmation for those who wish to enter the casino facility.
  • the entrance control unit 302 detects a user in front of its own device (in front of the entrance terminal 20) using a human sensor or the like, it acquires an electronic certificate for user verification from the My Number card possessed by the user. .
  • the entrance control unit 302 displays a GUI as shown in FIG. 12 and recognizes that the My Number card has been inserted into the IC card reader. After that, the admission control unit 302 reads the electronic certificate for user verification from the My Number card.
  • the entrance control unit 302 displays a GUI as shown in FIG. , personal identification number (four-digit sequence) or biometric information (face image).
  • the entrance control unit 302 controls a camera (not shown) to acquire the face image of the person who wishes to enter.
  • the admission control unit 302 attempts to read out the electronic certificate for user verification from the My Number card using the acquired personal identification number. If the correct password is entered, the admission control unit 302 can read out the electronic certificate for user verification.
  • the admission control unit 302 when the face image (face information) written on the My Number card and the face image (face information) obtained by photographing the user substantially match, the admission control unit 302 generates an electronic certificate for user authentication. can be read.
  • the admission control unit 302 sends an admission confirmation request including the read electronic certificate for user verification to the casino server 30 .
  • the admission control unit 302 receives a response (positive response, negative response) to the admission confirmation request from the casino server 30 .
  • the admission control unit 302 displays a message or the like according to the admission confirmation result. If the entry confirmation is successful (if an affirmative response is received), the entry control unit 302 notifies the user that he/she can enter the casino facility. If the entry confirmation fails (if a negative response is received), the entry control unit 302 notifies the user that he/she cannot enter the casino facility.
  • the entrance control unit 302 passes the confirmation result (entrance permitted, entrance not permitted) to the gate control unit 303 in response to the entrance confirmation request.
  • the gate control unit 303 is means for controlling the gate.
  • the gate control unit 303 controls gates that restrict the passage of users according to the confirmation result acquired from the entrance control unit 302 .
  • the gate control unit 303 Upon receiving the result that admission to the casino facility is prohibited, the gate control unit 303 closes the gate and refuses the user's passage.
  • the gate control unit 303 Upon receiving the result that admission to the casino facility is permitted, the gate control unit 303 opens the gate and permits the user to pass through. At that time, the gate control unit 303 uses a human sensor or the like installed in the entrance terminal 20 to detect that the user has passed through the gate.
  • the gate control unit 303 When the gate control unit 303 detects that the user has passed through the gate within a predetermined period of time after the gate is opened, the gate control unit 303 notifies the casino server 30 to that effect. Specifically, the gate control unit 303 transmits a “casino entry notification” to the casino server 30 .
  • the gate control unit 303 closes the gate.
  • the storage unit 304 is means for storing information necessary for the operation of the entrance terminal 20 .
  • FIG. 14 is a diagram showing an example of the processing configuration (processing modules) of the casino server 30 according to the first embodiment.
  • the casino server 30 includes a communication control section 401 , an identity verification processing section 402 , an admission verification processing section 403 , an admission notification section 404 and a storage section 405 .
  • the communication control unit 401 is means for controlling communication with other devices. For example, the communication control unit 401 receives data (packets) from the reception terminal 10 . Also, the communication control unit 401 transmits data to the reception terminal 10 . The communication control unit 401 transfers data received from other devices to other processing modules. The communication control unit 401 transmits data acquired from other processing modules to other devices. In this manner, other processing modules transmit and receive data to and from other devices via the communication control unit 401 .
  • the communication control unit 401 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to the other device.
  • the personal identification processing unit 402 is means for processing personal identification requests received from the reception terminal 10 .
  • the personal identification processing unit 402 requests the first PF server 40 to confirm the personal identification of the person who wishes to enter the casino facility.
  • the identity verification processing unit 402 extracts the signature electronic certificate included in the identity verification request, and transmits the identity verification request including the signature electronic certificate to the first PF server 40 .
  • the personal identification processing unit 402 receives a response (positive response, negative response) to the personal identification request from the first PF server 40 .
  • the identity verification processing unit 402 If the identity verification fails (if a negative response is received), the identity verification processing unit 402 notifies the reception terminal 10 that the identity verification has failed. Specifically, the identity verification processing unit 402 transmits a negative response to the identity verification request to the reception terminal 10 .
  • the identity verification processing unit 402 If the identity verification is successful (if an affirmative response is received), the identity verification processing unit 402 notifies the reception terminal 10 that the identity verification was successful. Specifically, the identity verification processing unit 402 transmits an affirmative response to the identity verification request to the reception terminal 10 .
  • the acknowledgment sent by the first PF server 40 (the response sent upon successful verification of the electronic certificate for signature) includes the user ID and personal identification information.
  • the personal identification processing unit 402 associates the user ID and personal identification items included in the affirmative response and stores them in the user information database (see FIG. 15).
  • the user information database shown in FIG. 15 is an example, and is not meant to limit the items to be stored.
  • the processing date and time of the personal identification request may be registered in the user information database.
  • the applicant field shown in FIG. 15 will be described later.
  • the admission confirmation processing unit 403 is means for processing an admission confirmation request received from the admission terminal 20 .
  • the admission confirmation processing unit 403 receives an admission confirmation request including an electronic certificate for user verification of a person who wishes to enter the casino.
  • the admission confirmation processing unit 403 Upon receipt of an admission confirmation request, the admission confirmation processing unit 403 concurrently executes processes related to identity verification and number of visits for those who wish to enter the casino. The operation of the entry confirmation processing unit 403 will be described with reference to FIG.
  • the entry confirmation processing unit 403 Upon receiving the entry confirmation request, the entry confirmation processing unit 403 generates identification information for managing (identifying) the inquiry corresponding to the entry confirmation request (step S101). Specifically, the entry confirmation processing unit 403 generates an inquiry ID upon receipt of the entry confirmation request. For example, the admission confirmation processing unit 403 generates an inquiry ID (inquiry number) by calculating a hash value of the reception date and time of the admission confirmation request.
  • the admission confirmation processing unit 403 requests the first PF server 40 to confirm the identity of the person who wishes to enter. In addition, the admission confirmation processing unit 403 requests the management server 50 to confirm the number of times the applicant wants to enter.
  • the admission verification processing unit 403 transmits to the first PF server 40 a request for identity verification including the electronic certificate for user verification obtained from the admission terminal 20 (step S102).
  • the admission confirmation processing unit 403 receives a response (positive response, negative response) to the identity verification request from the first PF server 40 .
  • the affirmative response includes the user ID of the person who wishes to enter and the personal identification information.
  • the admission confirmation processing unit 403 stores that the identity verification of the person wishing to enter has failed. Specifically, the admission confirmation processing unit 403 associates and stores (manages) the inquiry ID and the fact that the personal identification failed.
  • the admission confirmation processing unit 403 stores that the identity confirmation of the person wishing to enter has been successful. Specifically, the admission confirmation processing unit 403 associates and stores (manages) the inquiry ID, the fact that the identity confirmation was successful, the user ID, and the identity identification item.
  • the admission confirmation processing unit 403 stores the result of personal identification in association with the inquiry ID (step S103).
  • the admission confirmation processing unit 403 sends a request for confirmation of the number of visits including the inquiry ID and the electronic certificate for user certification obtained from the admission terminal 20 to the management server 50 (step S104).
  • the admission confirmation processing unit 403 receives a response (positive response, negative response) to the number of times confirmation request from the management server 50 .
  • a response (positive response, negative response) received from the management server 50 includes an inquiry ID.
  • the acknowledgment includes the visitor ID of the applicant.
  • the admission confirmation processing unit 403 stores that the confirmation of the number of times for the applicant has failed. Specifically, the admission confirmation processing unit 403 associates and stores (manages) the inquiry ID and the fact that the confirmation of the number of times has failed.
  • the admission confirmation processing unit 403 stores that the number of confirmations regarding the applicant for admission has been successful. Specifically, the admission confirmation processing unit 403 associates and stores (manages) the inquiry ID, the visitor ID, and the fact that the confirmation of the number of times has been successful.
  • the entry confirmation processing unit 403 stores the result of the number of times confirmation in association with the inquiry ID (step S105).
  • the admission confirmation processing unit 403 determines whether or not the applicant can enter the casino facility (determination of whether or not admission is possible; step S106).
  • the admission confirmation processing unit 403 determines that the person who wishes to enter the casino facility can enter the casino facility when the identity verification is successful and the casino facility is available.
  • the admission confirmation processing unit 403 determines that the user cannot enter the casino facility if the user's identity verification fails or the casino facility cannot be used.
  • the admission confirmation processing unit 403 transmits a response (confirmation result) to the admission confirmation request to the admission terminal 20 (step S107).
  • the admission confirmation processing unit 403 transmits a positive response to that effect to the admission terminal 20 .
  • the admission confirmation processing unit 403 searches the user information database using the user ID stored in association with the inquiry ID as a key to identify the corresponding entry.
  • the admission confirmation processing unit 403 sets a flag in the applicant field of the specified entry (see, for example, the first line in FIG. 15).
  • the admission confirmation processing unit 403 transmits a negative response to that effect to the admission terminal 20.
  • the entry notification unit 404 is means for notifying the management server 50 of the fact that a user (a person who wishes to enter the casino facility) has entered the casino facility.
  • the admission notification unit 404 processes the “casino admission notice” transmitted by the admission terminal 20 .
  • the admission notification unit 404 Upon receiving a casino admission notice from the admission terminal 20, the admission notification unit 404 identifies entries with a flag set in the applicant field among the entries contained in the user information database. The admission notification unit 404 transmits to the management server 50 a “user admission notice” including the date and time when the user passed through the gate, the identification items of the specified entry, and the visitor ID.
  • a user entry notification containing "NM01" as the name and “female” as the gender is sent to the management server 50.
  • the date and time when the user passes through the gate can be the date and time when the notification of admission to the casino is received.
  • the visitor ID is an ID stored in association with the inquiry ID.
  • the admission notification unit 404 clears the flag set in the field of applicants for admission.
  • the entry notification unit 404 clears the flag when a predetermined period of time has elapsed since the flag was set in the field of applicants for admission.
  • the storage unit 405 is means for storing information necessary for the operation of the casino server 30.
  • the first PF server 40 is a server that processes personal identification requests sent from the casino server 30 .
  • the first PF server 40 requests the certificate authority server 70 to verify the electronic certificate (signature electronic certificate, user proof electronic certificate) resulting from the first personal identification and the second and subsequent personal identification. .
  • the first PF server 40 controls the ID of the user to be verified (user ID).
  • FIG. 17 is a diagram showing an example of the processing configuration (processing modules) of the first PF server 40 according to the first embodiment.
  • the first PF server 40 includes a communication control unit 501, a verification control unit 502, and a storage unit 503.
  • the communication control unit 501 is means for controlling communication with other devices.
  • the communication control section 501 receives data (packets) from the casino server 30 .
  • the communication control unit 501 transmits data to the casino server 30 .
  • the communication control unit 501 passes data received from other devices to other processing modules.
  • the communication control unit 501 transmits data acquired from other processing modules to other devices. In this manner, other processing modules transmit and receive data to and from other devices via the communication control unit 501 .
  • the communication control unit 501 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to the other device.
  • the verification control unit 502 is means for controlling the validity verification of electronic certificates.
  • the verification control unit 502 processes an identity verification request received from the casino server 30 .
  • An electronic certificate for signature is included in the identity verification request for the first identity verification.
  • the verification control unit 502 extracts the issue number from the signature electronic certificate and transmits a verification request including the extracted issue number to the certificate authority server 70 .
  • the verification control unit 502 receives a response (positive response, negative response) to the verification request from the certificate authority server 70 .
  • the verification control unit 502 When receiving a negative response (the electronic certificate for signature is invalid), the verification control unit 502 notifies the casino server 30 that the identity verification has failed. Verification control unit 502 transmits a negative response to that effect to casino server 30 .
  • the verification control unit 502 When a positive response (signature electronic certificate is valid) is received, the verification control unit 502 creates a corresponding user account.
  • the verification control unit 502 generates the user ID of the person who wishes to enter as a processing target. Also, the verification control unit 502 extracts the issue number of the user-certifying electronic certificate from the affirmative response received from the certificate authority server 70 . Further, the verification control unit 502 acquires the personal identification data from the signature electronic certificate determined to be valid.
  • the verification control unit 502 stores the generated user ID, personal identification information, signature electronic certificate issue number, and user certification electronic certificate issue number in the user management database (see FIG. 18).
  • the user management database shown in FIG. 18 is an example, and is not meant to limit the items to be stored.
  • the verification control unit 502 After creating the account of the person to be processed, the verification control unit 502 notifies the casino server 30 that the identity verification has been successful. At that time, the verification control unit 502 notifies the casino server 30 of the generated user ID and the corresponding personal identification information together. Specifically, the verification control unit 502 transmits to the casino server 30 an acknowledgment including the user ID and personal identification information.
  • An electronic certificate for user verification is included in the identity verification request for identity verification when the user enters the casino facility (identity verification request for identity verification from the second time onwards).
  • the verification control unit 502 extracts the issue number from the electronic certificate for user certification.
  • the verification control unit 502 searches the user management database using, as a key, the issue number extracted from the user-certifying electronic certificate included in the identity verification request resulting from the second and subsequent identity verifications performed at the entrance terminal 20. , attempts to identify the corresponding entry.
  • the verification control unit 502 determines that the applicant has not completed the "initial identity verification (verification of validity of electronic certificate for signature)". and sets the identity verification of the user to failure.
  • the verification control unit 502 retrieves the issue number of the electronic certificate for user certification and the issue number of the electronic certificate for signature stored in the specified entry. to the certificate authority server 70.
  • the verification control unit 502 receives a response (positive response, negative response) to the verification request from the certificate authority server 70 .
  • the verification control unit 502 When receiving a negative response (at least one of the electronic certificate for signature and the electronic certificate for user verification is invalid), the verification control unit 502 sets the identity verification of the user to failure.
  • the verification control unit 502 sets the user identity verification to success.
  • the verification control unit 502 notifies the casino server 30 of the result of identity verification (success in identity verification, failure in identity verification).
  • the verification control unit 502 sends an affirmative response to that effect to the casino server 30. At that time, the verification control unit 502 transmits to the casino server 30 an affirmative response including the user ID of the user (person subject to identity verification) and the identity identification items.
  • the verification control unit 502 sends a negative response to that effect to the casino server 30.
  • the storage unit 503 is means for storing information necessary for the operation of the first PF server 40 .
  • FIG. 19 is a diagram showing an example of the processing configuration (processing modules) of the management server 50 according to the first embodiment.
  • the management server 50 includes a communication control unit 601 , a count confirmation processing unit 602 , an entrance/exit control unit 603 and a storage unit 604 .
  • the communication control unit 601 is means for controlling communication with other devices.
  • the communication control section 601 receives data (packets) from the casino server 30 .
  • the communication control unit 601 transmits data to the casino server 30 .
  • the communication control unit 601 passes data received from another device to another processing module.
  • the communication control unit 601 transmits data acquired from other processing modules to other devices. In this way, other processing modules transmit and receive data to and from other devices via the communication control unit 601 .
  • the communication control unit 601 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to another device.
  • the number-of-times confirmation processing unit 602 is means for processing a number-of-times confirmation request received from the casino server 30 .
  • the number-of-times confirmation processing unit 602 requests the second PF server 60 to identify a visitor (a person who wishes to enter the casino facility).
  • the number confirmation request includes an inquiry ID and an electronic certificate for user verification.
  • the number-of-times confirmation processing unit 602 transmits to the second PF server 60 a visitor identification request including the electronic certificate for user certification.
  • the number-of-times confirmation processing unit 602 receives a response (positive response, negative response) to the visitor identification request from the second PF server 60 .
  • the number-of-times confirmation processing unit 602 notifies the casino server 30 that the number-of-times confirmation has failed. Specifically, the number-of-times confirmation processing unit 602 transmits a negative response to the number-of-times confirmation request (casino facility unavailable) to the casino server 30 . At that time, the number-of-times confirmation processing unit 602 transmits a negative response including the inquiry ID acquired from the casino server 30 to the casino server 30 .
  • the number-of-times confirmation processing unit 602 confirms the number of times for the person who wishes to enter.
  • the acknowledgment sent by the second PF server 60 includes the visitor ID of the person who wishes to enter.
  • the number-of-times confirmation processing unit 602 performs the number-of-times confirmation using the visitor ID.
  • FIG. 20 is a diagram showing an example of a visitor information database according to the first embodiment. As shown in FIG. 20, the visitor information database stores visitor IDs, personal identification items, and casino usage histories (entrance histories, exit histories) in association with each other.
  • the number-of-times confirmation processing unit 602 searches the visitor information database using the visitor ID obtained from the second PF server 60 as a key to check whether there is a corresponding entry.
  • the number of times confirmation processing unit 602 creates a new entry and registers the received visitor ID in the visitor information database.
  • the frequency confirmation processing unit 602 determines that the applicant is using the casino facility for the first time, and adds "Casino facility available" as a result of the frequency confirmation of the applicant. set.
  • the number of times confirmation processing unit 602 uses the casino usage history of the corresponding person who wishes to enter to confirm the number of times. Specifically, the number-of-times confirmation processing unit 602 determines whether the casino usage history of the person wishing to enter the site is the short-term number of times limit (the number of times of admission is limited to three times in seven consecutive days) or the long-term number of times limit (in 28 consecutive days). up to 10 times).
  • the frequency confirmation processing unit 602 determines that the casino facility usage history of the person who wishes to enter conflicts with the frequency limit, it sets "casino facility use not allowed" as the result of frequency confirmation.
  • the number-of-times confirmation processing unit 602 determines that the casino facility usage history of the person who wishes to enter does not conflict with the number-of-times limit, it sets the result of number-of-times confirmation to "Casino facility use permitted".
  • the number-of-times confirmation processing unit 602 notifies the casino server 30 of the number-of-times confirmation result.
  • the number of times confirmation processing unit 602 sends a negative response to that effect to the casino server 30.
  • the number-of-times confirmation processing unit 602 transmits a negative response including the inquiry ID acquired from the casino server 30 to the casino server 30 .
  • the number of times confirmation processing unit 602 transmits an affirmative response to that effect to the casino server 30.
  • the number-of-times confirmation processing unit 602 transmits to the casino server 30 an affirmative response including the inquiry ID obtained from the casino server 30 and the visitor ID of the person who wishes to enter.
  • the entrance/exit control unit 603 is means for controlling the entrance/exit of users of the casino facility.
  • the entrance/exit control unit 603 Upon receiving a "user admission notice" from the casino server 30, the entrance/exit control unit 603 searches the visitor information database using the visitor ID included in the notice as a key to identify the corresponding entry. The entrance/exit control unit 603 updates the personal identification information field and the entrance history field of the specified entry using the personal identification information and the gate passage date and time included in the user entrance notification.
  • the entrance/exit control unit 603 may or may not update the field.
  • the entrance/exit control unit 603 also controls when the casino user exits the casino facility. The detailed description of the control for exiting from the casino facility is omitted because it is different from the gist of the disclosure of the present application.
  • the entrance/exit control unit 603 receives the visitor ID and exit history from an exit terminal (not shown in FIG. 3, etc.) installed at the exit of the casino facility, and reflects the exit history in the visitor information database. .
  • the storage unit 604 is means for storing information necessary for the operation of the management server 50.
  • the second PF server 60 is a server that processes visitor identification requests sent from the management server 50 .
  • the second PF server 60 requests the certificate authority server 70 to verify the electronic certificate for user certification resulting from the user's confirmation of the number of times. Furthermore, the second PF server 60 controls the user ID (visitor ID) to be checked for the number of visits.
  • FIG. 21 is a diagram showing an example of the processing configuration (processing modules) of the second PF server 60 according to the first embodiment.
  • the second PF server 60 includes a communication control section 701, a verification control section 702, and a storage section 703.
  • the communication control unit 701 is means for controlling communication with other devices. For example, the communication control unit 701 receives data (packets) from the management server 50 . Also, the communication control unit 701 transmits data to the management server 50 . The communication control unit 701 transfers data received from other devices to other processing modules. The communication control unit 701 transmits data acquired from other processing modules to other devices. In this manner, other processing modules transmit and receive data to and from other devices via the communication control unit 701 .
  • the communication control unit 701 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to another device.
  • the verification control unit 702 is means for controlling the validity verification of electronic certificates.
  • the verification control unit 702 processes visitor identification requests received from the management server 50 .
  • the visitor identification request sent from the management server 50 includes an electronic certificate for user verification.
  • the verification control unit 702 extracts the issue number from the user-certifying electronic certificate, and transmits a verification request including the extracted issue number to the certificate authority server 70 .
  • the verification control unit 702 receives a response (positive response, negative response) to the verification request from the certificate authority server 70 .
  • the verification control unit 702 When receiving a negative response (the electronic certificate for user verification is invalid), the verification control unit 702 notifies the management server 50 that the applicant cannot be identified. Specifically, the verification control unit 702 transmits a negative response to that effect to the management server 50 .
  • the verification control unit 702 Upon receiving a positive response (the electronic certificate for user verification is valid), the verification control unit 702 creates an account for the person who wishes to enter. Upon receiving the affirmative response, the verification control unit 702 searches the visitor management database using the issue number of the electronic certificate for user verification that has been determined to be valid as a key.
  • the visitor management database is a database that associates and stores the visitor ID and the issue number of the user's electronic certificate (see Fig. 22). Note that the visitor management database shown in FIG. 22 is an example, and is not meant to limit the items to be stored.
  • the verification control unit 702 does not perform any particular operation.
  • the verification control unit 702 If there is no entry corresponding to the issue number of the electronic certificate for user certification, the verification control unit 702 generates the visitor ID of the person who wishes to enter. Further, the verification control unit 702 stores the generated visitor ID and the issue number of the electronic certificate for user certification in the visitor management database.
  • the verification control unit 702 notifies the management server 50 that the applicant has been identified. Specifically, the verification control unit 702 transmits an affirmative response to that effect to the management server 50 . At that time, the verification control unit 702 transmits an affirmative response including the visitor ID of the person who wishes to enter to the management server 50 .
  • the storage unit 703 is means for storing information necessary for the operation of the second PF server 60 .
  • FIG. 23 is a diagram showing an example of a processing configuration (processing modules) of the certificate authority server 70 according to the first embodiment.
  • the certificate authority server 70 includes a communication control section 801 , a verification section 802 and a storage section 803 .
  • the communication control unit 801 is means for controlling communication with other devices. For example, the communication control unit 801 receives data (packets) from the first PF server 40 . Also, the communication control unit 801 transmits data to the first PF server 40 . The communication control unit 801 passes data received from other devices to other processing modules. The communication control unit 801 transmits data acquired from other processing modules to other devices. In this way, other processing modules transmit and receive data to and from other devices via the communication control unit 801 .
  • the communication control unit 801 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to the other device.
  • the verification unit 802 is means for verifying the validity of electronic certificates.
  • the verification unit 802 processes verification requests received from the first PF server 40 and the second PF server 60 .
  • the verification unit 802 refers to a database that stores the issue number of the electronic certificate for signature, the issue number of the electronic certificate for user authentication, the validity period of each certificate, etc. Validate the electronic certificate.
  • the verification unit 802 uses the issue number to issue the signature electronic certificate. Validate the effectiveness of
  • the verification unit 802 notifies the first PF server 40 of the verification result. If the signature electronic certificate is valid, the verification unit 802 sends an affirmative response to that effect to the first PF server 40 . At that time, the verification unit 802 transmits to the first PF server 40 an affirmative response including the issue number of the electronic certificate for user certification stored in association with the issue number of the electronic certificate for signature.
  • the verification unit 802 sends a negative response to that effect to the first PF server 40 .
  • the verification unit 802 When a verification request is received from the first PF server 40 and the verification request includes the issue number of the electronic certificate for signature and the issue number of the electronic certificate for user certification, the verification unit 802 These issue numbers are used to verify the validity of the two electronic certificates.
  • the verification unit 802 If the two electronic certificates (signature electronic certificate and user proof electronic certificate) are both valid, the verification unit 802 notifies the first PF server 40 that the two electronic certificates are valid. do. Specifically, the verification unit 802 transmits to the first PF server 40 an affirmative response indicating that the two electronic certificates are valid.
  • the verification unit 802 If at least one of the two electronic certificates (signature electronic certificate, user proof electronic certificate) is invalid, the verification unit 802 notifies the first PF server 40 that the electronic certificate is invalid. do. Specifically, the verification unit 802 transmits to the first PF server 40 a negative response indicating that the electronic certificate is invalid.
  • the verification unit 802 verifies the validity of the user-certification electronic certificate using the issue number of the user-certification electronic certificate included in the verification request. conduct.
  • the verification unit 802 notifies the second PF server 60 of the verification result. If the user-certifying electronic certificate is valid, the verification unit 802 sends an affirmative response to that effect to the second PF server 60 .
  • the verification unit 802 sends a negative response to that effect to the second PF server 60 .
  • the storage unit 803 is means for storing information necessary for the operation of the certificate authority server 70 .
  • FIG. 24 is a sequence diagram illustrating an example of the operation of the entrance management system according to the first embodiment; FIG. Referring to FIG. 24, the operation of the entrance management system regarding the first identity verification will be described.
  • the reception terminal 10 reads out the signature electronic certificate from the user's My Number card, and transmits an identity verification request including the signature electronic certificate to the casino server 30 (step S41).
  • the casino server 30 requests the first PF server 40 to verify the identity using the signature electronic certificate.
  • the casino server 30 transmits an identity verification request including the signature electronic certificate to the first PF server 40 (step S42).
  • the first PF server 40 requests the certificate authority server 70 to verify the validity of the signature electronic certificate.
  • the first PF server 40 transmits a verification request including the issue number of the signature electronic certificate to the certificate authority server 70 (step S43).
  • the certificate authority server 70 verifies the signature electronic certificate (step S44) and transmits the result to the first PF server 40 (step S45). If the electronic certificate for signature is valid, the first PF server 40 is notified of the issue number of the electronic certificate for user certification corresponding to the electronic certificate for signature.
  • the first PF server 40 transmits the result of personal identification to the casino server 30 (step S46).
  • the casino server 30 transmits the result of the process related to the personal identification request to the reception terminal 10 (step S47).
  • the reception terminal 10 notifies the user of the processing result for the identity verification request (notifies the identity verification result; step S48).
  • the reception terminal 10 outputs a message or the like according to the processing result.
  • admission management system regarding admission confirmation (personal identification and number of times confirmation from the second time onwards) will be described.
  • the entrance terminal 20 reads out the user-certifying electronic certificate from the user's My Number card, and transmits an entrance confirmation request including the user-certifying electronic certificate to the casino server 30 (step S51).
  • the casino server 30 requests the first PF server 40 for identity verification using the electronic certificate for user verification.
  • the casino server 30 transmits an identity verification request including the electronic certificate for user verification to the first PF server 40 (step S52).
  • the casino server 30 transmits a number of times verification request including the electronic certificate for user verification to the management server 50 (step S53).
  • the first PF server 40 Upon receiving the identity verification request, the first PF server 40 executes processing related to verification of the electronic certificate (step S54). Specifically, the first PF server 40 transmits to the certification authority server 70 a verification request containing the issue number of each of the two electronic certificates.
  • the management server 50 executes processing related to identification of visitors in response to the reception of the number-of-times confirmation request (step S55). Specifically, the management server 50 transmits to the second PF server 60 a visitor identification request including an electronic certificate for user authentication.
  • the first PF server 40 In response to the response from the certification authority server 70, the first PF server 40 generates a result for the identity verification request and transmits the verification result to the casino server 30 (step S56).
  • the management server 50 In response to the response from the second PF server 60, the management server 50 generates a result for the count confirmation request and transmits the confirmation result to the casino server 30 (step S57).
  • the casino server 30 acquires the result of the identity verification request and the result of the number of times verification, it generates a result of the admission verification request and transmits it to the admission terminal 20 (step S58).
  • the admission terminal 20 notifies the user of the processing result for the admission confirmation request (step S59).
  • the entrance terminal 20 outputs a message or the like according to the processing result.
  • the casino server 30 starts the first personal identification process in response to receiving the signature electronic certificate from the reception terminal 10 installed outside the casino facility.
  • the casino server 30 starts the second and subsequent identity verification and number of times verification processes in response to receiving the electronic certificate for user verification from the entrance terminal 20 installed at the entrance of the casino facility.
  • the casino server 30 allows the visitor to enter the casino facility. permit any person to enter the casino premises.
  • identity verification and number of times verification are performed in parallel when entering the casino facility. At that time, identity verification and number of times verification are performed using the electronic certificate for user verification obtained from the My Number Card, so the user must enter a complicated PIN (6 to 16 digit PIN) at the entrance terminal. No need to enter 20.
  • the user can enter the casino facility with a simple PIN (4-digit PIN) or face recognition. That is, for the user, the procedure for personal identification is simplified, so the user's convenience is improved.
  • the system automatically performs the identity verification using the signature electronic certificate in the second and subsequent identity verifications, the strength of the identity verification is not reduced.
  • FIG. 26 is a diagram showing an example of the hardware configuration of the casino server 30. As shown in FIG.
  • the casino server 30 can be configured by an information processing device (so-called computer), and has the configuration illustrated in FIG.
  • the casino server 30 includes a processor 311, a memory 312, an input/output interface 313, a communication interface 314, and the like.
  • Components such as the processor 311 are connected by an internal bus or the like and configured to be able to communicate with each other.
  • the configuration shown in FIG. 26 is not intended to limit the hardware configuration of the casino server 30 .
  • the casino server 30 may include hardware (not shown) and may not have the input/output interface 313 if necessary. Also, the number of processors 311 and the like included in the casino server 30 is not limited to the example shown in FIG.
  • the processor 311 is, for example, a programmable device such as a CPU (Central Processing Unit), MPU (Micro Processing Unit), DSP (Digital Signal Processor). Alternatively, processor 311 may be a device such as FPGA (Field Programmable Gate Array), ASIC (Application Specific Integrated Circuit), or the like. The processor 311 executes various programs including an operating system (OS).
  • OS operating system
  • the memory 312 is RAM (Random Access Memory), ROM (Read Only Memory), HDD (Hard Disk Drive), SSD (Solid State Drive), or the like.
  • the memory 312 stores an OS program, application programs, and various data.
  • the input/output interface 313 is an interface for a display device and an input device (not shown).
  • the display device is, for example, a liquid crystal display.
  • the input device is, for example, a device such as a keyboard or mouse that receives user operations.
  • the communication interface 314 is a circuit, module, etc. that communicates with other devices.
  • the communication interface 314 includes a NIC (Network Interface Card) or the like.
  • the functions of the casino server 30 are realized by various processing modules.
  • the processing module is implemented by the processor 311 executing a program stored in the memory 312, for example.
  • the program can be recorded in a computer-readable storage medium.
  • the storage medium can be non-transitory such as semiconductor memory, hard disk, magnetic recording medium, optical recording medium, and the like. That is, the present invention can also be embodied as a computer program product.
  • the program can be downloaded via a network or updated using a storage medium storing the program.
  • the processing module may be realized by a semiconductor chip.
  • first PF server 40, the management server 50, the second PF server 60, the certification authority server 70, etc. can also be configured by information processing devices in the same way as the casino server 30, and their basic hardware configuration is Since there is no difference from the server 30, the explanation is omitted.
  • the casino server 30 which is an information processing device, is equipped with a computer, and the functions of the casino server 30 can be realized by causing the computer to execute a program. Also, the casino server 30 executes a control method of the casino server 30 by the program.
  • the user uses the reception terminal 10 to receive the initial identity verification.
  • the initial identity verification may be performed by a terminal such as a smartphone possessed by the user.
  • the user's terminal may read out the signature electronic certificate from the My Number card and transmit to the casino server 30 a personal identification request including the read signature electronic certificate.
  • entrance confirmation identity confirmation and number of times confirmation from the second time onward
  • the entry confirmation may be performed at the reception terminal 10 installed outside the casino facility.
  • the entrance terminal 20 may hold the biometric information of the user who is permitted to enter for a predetermined period (for example, 30 minutes), and permit the user who has successfully passed the biometric authentication during the predetermined period to pass through the gate.
  • the entrance terminal 20 may acquire the biometric information of the user permitted to enter directly from the reception terminal 10 or indirectly via the casino server 30 . With such a response, the user does not need to perform the procedure of having the admission terminal 20 read the electronic certificate for user verification of the My Number card.
  • the entrance terminal 20 acquires biometric information without acquiring an electronic certificate for user authentication from the My Number card, and controls the passage of the user by biometric authentication (one-to-N authentication) using the biometric information. can.
  • biometric authentication one-to-N authentication
  • the reception terminal 10 kiosk terminal
  • the admission terminal 20 has a gate function for controlling the passage of the user. good.
  • the casino server 30 may store biometric information (face images) of users who have successfully completed the first identity verification or the second and subsequent identity verifications. Furthermore, the casino server 30 may store the face image of the user together with the personal identification information (name, date of birth, etc.). The casino server 30 may use the stored biometric information to identify a user who has visited a casino or IR facility, and utilize the information for various services. For example, the casino server 30 may identify the user by biometric authentication at the time of admission confirmation, and output a message regarding the identified user from the entrance terminal 20 . For example, the casino server 30 may output a message welcoming visitors to the casino (for example, a message such as "Thank you for visiting us, Mr. A").
  • the admission terminal 20 When the admission terminal 20 notifies the user of the permission or denial of admission to the casino, it may also notify the user of the casino usage status. For example, the entrance terminal 20 may notify information such as "how many times you have entered in 7 days" or "how many times you can enter in the next 7 days". Alternatively, when notifying that entry to the casino is not possible, the admission terminal 20 waits until the number of times limit (7 days, 28 days short-term, long-term number limit) is lifted (for example, after 3 days). The period during which re-entry is possible) may be notified to the user. In this case, the management server 50 may generate the casino usage information and notify the entrance terminal 20 of the casino usage information via the casino server 30 .
  • the casino server 30 and the management server 50 may verify the presence or absence of a written pledge by the user (a written pledge that the user does not belong to anti-social forces, etc.) when determining whether or not to enter the casino facility.
  • the first PF server 40 transmits a verification request including the issue number of the electronic certificate for signature and the issue number of the electronic certificate for user verification to the certificate authority server 70 in the personal identification in the entrance confirmation. explained to do. However, even if the first PF server 40 transmits a verification request including the issue number of the signature electronic certificate and a verification request including the issue number of the user certification electronic certificate to the certificate authority server 70, good.
  • the certificate authority server 70 may verify each verification request and transmit the verification result to the first PF server 40 .
  • the first PF server 40 does not need to request the certificate authority server 70 to verify the validity of the user-certifying electronic certificate at the time of the second and subsequent identity verifications.
  • the case where the inquiry ID is sent to the management server 50 when the casino server 30 requests the management server 50 to confirm the number of times has been described.
  • the casino server 30 may also transmit the inquiry ID to the first PF server 40 when requesting the first PF server 40 for personal identification.
  • the casino server 30 sends the electronic certificate to the first PF server 40 and the management server 50 sends the electronic certificate to the second PF server 60 . That is, the casino server 30 and the management server 50 send electronic certificates to different platform servers to request authentication procedures. However, the casino server 30 and management server 50 may request the authentication procedure from the same platform server. In other words, the functions of the first PF server 40 and the second PF server 60 may be integrated so that one platform server provides authentication services.
  • each server has been described, but the databases may be configured in an external database server or the like. That is, some functions of each server may be implemented in another server. More specifically, if the above-described "personal identification processing unit (personal identification processing means)", “admission confirmation processing unit (admission confirmation processing means)", etc. are implemented in any device included in the system good.
  • the form of data transmission/reception between each device is not particularly limited, but the data transmitted/received between these devices may be encrypted.
  • Electronic certificates and the like are transmitted and received between these devices, and in order to appropriately protect the information of the electronic certificates, it is desirable to transmit and receive encrypted data.
  • each embodiment may be used alone or in combination.
  • additions, deletions, and replacements of other configurations are possible for some of the configurations of the embodiments.
  • the industrial applicability of the present invention is clear, and the present invention can be suitably applied to an entrance management system that manages the entry and exit of casino facilities.
  • [Appendix 1] a facility server that performs control for users to enter the facility; a first platform server that performs an authentication procedure using an electronic certificate stored in an identification card; including The facility server is transmitting a first electronic certificate stored in the identification card to the first platform server at the time of initial identity verification required before the user enters the facility; transmitting the second electronic certificate stored in the identification card to the first platform server at the time of the second and subsequent identity verifications required when the user enters the facility; The first platform server, storing the first identification information of the first electronic certificate and the second identification information of the second electronic certificate in association with each other; The second identification information is extracted from the second electronic certificate at the time of identity verification for the second and subsequent times, and the first identification information corresponding to at least the extracted second identification information is used.
  • a system that performs processing related to identity verification from the second time onwards [Appendix 2] further comprising a certificate authority server that verifies the validity of the first and second electronic certificates; The first platform server transmits the first identification information to the certificate authority server; The certificate authority server verifies the validity of the first electronic certificate based on the first identification information, and if the verification is successful, the second identification corresponding to the first identification information. 10. The system of clause 1, transmitting information to the first platform server. [Appendix 3] 3. The system according to appendix 1 or 2, wherein the facility server performs processing related to confirmation of the number of times of the facility in parallel with the second and subsequent personal identifications.
  • [Appendix 4] a management server that manages the usage status of the facility; a second platform server that performs an authentication procedure using the electronic certificate stored in the identification card; The facility server transmits the second electronic certificate to the management server, The management server requests the second platform server to identify a visitor who intends to enter the facility by sending the second electronic certificate, the second platform server, when the second electronic certificate is valid, transmits the visitor ID of the visitor to the management server; Supplementary Note 3: The management server permits the visitor who intends to enter the facility to enter the facility when the usage history corresponding to the visitor ID does not violate the limit on the number of times the facility can be used. The system described in .
  • the facility server is A visitor who attempts to enter the facility when the first platform server succeeds in the identity verification and the management server permits the visitor who intends to enter the facility to enter the facility. 5. The system of Clause 4, wherein the system permits to enter the facility.
  • the facility server in response to receiving the second electronic certificate from the entrance terminal installed at the entrance of the facility, starts the process of the second and subsequent identity verification and the number of times verification. 6. The system according to 4 or 5.
  • [Appendix 7] 7. The system according to appendix 6, wherein the admission terminal acquires a personal identification number or biometric information for reading the second electronic certificate.
  • Appendix 8 8.
  • Appendix 11 11. The system according to appendix 10, wherein the first electronic certificate is a signature electronic certificate and the second electronic certificate is a user-certifying electronic certificate.
  • the first electronic certificate stored in the identification card is used for the authentication procedure using the electronic certificate stored in the identification card.
  • an identity verification processor for transmission to the first platform server;
  • An entrance confirmation processing unit that transmits a second electronic certificate stored in the identification card to the first platform server at the time of the second and subsequent identity confirmations required when the user enters the facility.
  • a server device A server device.
  • the first electronic certificate stored in the identification card is used for the authentication procedure using the electronic certificate stored in the identification card.
  • reception terminal 20 entrance terminal 30 casino server 40 first PF server 50 management server 60 second PF server 70 certification authority server 101 facility server 102 first platform server 201 communication control unit 202 identity verification control unit 203 storage unit 301 Communication control unit 302 Admission control unit 303 Gate control unit 304 Storage unit 311 Processor 312 Memory 313 Input/output interface 314 Communication interface 401 Communication control unit 402 Identity verification processing unit 403 Admission verification processing unit 404 Admission notification unit 405 Storage unit 501 Communication control unit 502 verification control unit 503 storage unit 601 communication control unit 602 number of times confirmation processing unit 603 entrance/exit control unit 604 storage unit 701 communication control unit 702 verification control unit 703 storage unit 801 communication control unit 802 verification unit 803 storage unit

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

Provided is a system that reduces the burden on a user when the user enters a facility such a casino. When first user identification confirmation, which is required before a user enters a facility, is carried out, a facility server sends, to a first PF server, a first electronic certificate stored in an identification card of the user. When a second or subsequent user identification confirmation, which is required when the user enters the facility, is carried out, the facility server sends, to the first PF server, a second electronic certificate stored in the identification card of the user. The first PF server associates and stores first identification information of the first electronic certificate and second identification information of the second electronic certificate. The first PF server extracts the second identification information from the second electronic certificate at a time of the second or subsequent identity confirmation. The first PF server uses at least the first identification information corresponding to the extracted second identification information to perform processing related to the second or subsequent identity confirmation.

Description

システム、サーバ装置、サーバ装置の制御方法及び記憶媒体SYSTEM, SERVER DEVICE, CONTROL METHOD FOR SERVER DEVICE, AND STORAGE MEDIUM
 本発明は、システム、サーバ装置、サーバ装置の制御方法及び記憶媒体に関する。 The present invention relates to a system, a server device, a server device control method, and a storage medium.
 カジノのような遊戯施設への入場を管理する入場管理システムが存在する。 There is an admission control system that manages admission to amusement facilities such as casinos.
 例えば、特許文献1には、遊戯施設への入場を適切に管理する、と記載されている。特許文献1の入場管理システムは、顔認証手段と、ユーザ判定手段と、入場回数判定手段と、入場可否判定手段と、を備える。顔認証手段は、施設に入場するユーザの顔画像とユーザの身分証から取得した顔画像とに基づいて、顔認証を行う。ユーザ判定手段は、身分証の身分証種に基づいて、ユーザが施設への入場管理が必要なユーザであるか否かを判定する。入場回数判定手段は、ユーザが施設への入場管理が必要なユーザである場合、ユーザの入場回数が、施設の入場回数制限を超えているか否かを判定する。入場可否判定手段は、顔認証の結果、及び入場回数制限の判定結果に基づいて、ユーザの施設への入場可否を判定する。さらに、特許文献1には、カジノ施設へ入場するために本人確認と回数確認が必要なことが記載されている(同文献の段落[0051]~[0058]参照)。 For example, Patent Literature 1 states that admission to amusement facilities is appropriately managed. The entrance management system of Patent Literature 1 includes face authentication means, user determination means, entrance number determination means, and entrance availability determination means. The face authentication means performs face authentication based on the face image of the user entering the facility and the face image obtained from the user's identification card. The user determination means determines whether or not the user is a user requiring admission management to the facility, based on the identification card type of the identification card. The number-of-entry determining means determines whether or not the user's number of times of entering the facility exceeds the limit of the number of times of entering the facility when the user is a user who needs to be managed to enter the facility. The admission decision means decides whether or not the user is allowed to enter the facility based on the face recognition result and the admission limit decision result. Furthermore, Patent Document 1 describes that identity verification and number of times verification are required to enter a casino facility (see paragraphs [0051] to [0058] of the same document).
 特許文献2には、カジノ施設への入場制御を効率化する、と記載されている。特許文献2では、カジノ施設において、ユーザは、事前登録として、操作端末を介して、マイナンバーカードを読み取らせ、各種パスワードを入力し、入場料を支払い、自身の生体情報を読み取らせる。情報処理装置は、本人認証処理、入場回数制限の確認処理及び入場料の徴収処理を実行し、各処理の確認結果を、ユーザの生体情報と対応付けて確認結果データベースに記憶する。事前登録を行ったユーザが入場ゲートに到達し、操作端末を介して、自身の生体情報を読み取らせる。情報処理装置は、確認結果データベースに記憶された確認結果を参照し、読み取られた生体情報に対応付けられた確認結果が、「本人確認済み」、「回数制限OK」、及び「入場料徴収済み」であれば、カジノ施設への入場を許可する。 Patent Document 2 states that entry control to casino facilities is made more efficient. In Patent Literature 2, in a casino facility, as pre-registration, a user has his or her My Number card read, enters various passwords, pays an entrance fee, and has his or her own biometric information read via an operation terminal. The information processing device executes personal authentication processing, confirmation processing for limiting the number of times of admission, and processing for collecting admission fees, and stores the confirmation results of each processing in the confirmation result database in association with the biometric information of the user. A user who has performed pre-registration arrives at the entrance gate and has his/her biometric information read through the operation terminal. The information processing device refers to the confirmation results stored in the confirmation result database, and the confirmation results associated with the read biometric information are "identity confirmed", "number of times limited OK", and "entrance fee collected". , then permission to enter the casino facility.
特開2021-144757号公報JP 2021-144757 A 特開2021-135813号公報JP 2021-135813 A
 特許文献1及び特許文献2に開示されたように、カジノのような施設に入場する際、本人確認と回数確認が必要となる。この点、特許文献1では、本人確認のたびに、署名用電子証明書を読み出すための6桁から16桁の暗証番号の入力を利用者に求めている。しかし、カジノ施設に入場するたびに桁数の多い暗証番号を入力することは利用者にとって負担が大きい。 As disclosed in Patent Literature 1 and Patent Literature 2, when entering a facility such as a casino, identity verification and number of times verification are required. In this respect, Patent Document 1 requires the user to input a 6-digit to 16-digit personal identification number for reading out the signature electronic certificate every time the user is authenticated. However, it is a heavy burden for the user to input a password with a large number of digits every time he/she enters the casino facility.
 本発明は、カジノ等の施設に入場する際の利用者の負担を軽減することに寄与する、システム、サーバ装置、サーバ装置の制御方法及び記憶媒体を提供することを主たる目的とする。 The main object of the present invention is to provide a system, a server device, a server device control method, and a storage medium that contribute to reducing the burden on users when entering facilities such as casinos.
 本発明の第1の視点によれば、利用者が施設に入場するための制御を行う、施設サーバと、身分証明書に格納された電子証明書を用いた認証手続きを行う第1のプラットフォームサーバと、を含み、前記施設サーバは、前記利用者が前記施設に入場する前に必要な最初の本人確認時に、前記身分証明書に格納された第1の電子証明書を前記第1のプラットフォームサーバに送信し、前記利用者が前記施設に入場する際に必要な2回目以降の本人確認時に、前記身分証明書に格納された第2の電子証明書を前記第1のプラットフォームサーバに送信し、前記第1のプラットフォームサーバは、前記第1の電子証明書の第1の識別情報と前記第2の電子証明書の第2の識別情報を対応付けて記憶し、前記2回目以降の本人確認時に、前記第2の電子証明書から前記第2の識別情報を抽出し、少なくとも前記抽出された第2の識別情報に対応する前記第1の識別情報を用いて前記2回目以降の本人確認に関する処理を行う、システムが提供される。 According to a first aspect of the present invention, a facility server that controls a user to enter a facility, and a first platform server that performs an authentication procedure using an electronic certificate stored in an identification card. and the facility server transmits the first electronic certificate stored in the identification card to the first platform server at the time of initial identity verification required before the user enters the facility. and sending the second electronic certificate stored in the identification card to the first platform server at the time of the second or later identity verification required when the user enters the facility, The first platform server associates and stores the first identification information of the first electronic certificate and the second identification information of the second electronic certificate, and at the time of identity verification after the second time , extracting the second identification information from the second electronic certificate, and using at least the first identification information corresponding to the extracted second identification information, the second and subsequent identity verification processes A system is provided for performing the
 本発明の第2の視点によれば、利用者が施設に入場する前に必要な最初の本人確認時に、身分証明書に格納された第1の電子証明書を、前記身分証明書に格納された電子証明書を用いた認証手続きを行う第1のプラットフォームサーバに送信する、本人確認処理部と、前記利用者が前記施設に入場する際に必要な2回目以降の本人確認時に、前記身分証明書に格納された第2の電子証明書を前記第1のプラットフォームサーバに送信する、入場確認処理部と、を備える、サーバ装置が提供される。 According to the second aspect of the present invention, at the time of initial identification required before the user enters the facility, the first electronic certificate stored in the identification card is stored in the identification card. a personal identification processing unit that transmits to a first platform server that performs an authentication procedure using an electronic certificate obtained from the user; an admission confirmation processing unit that transmits a second electronic certificate stored in a certificate to the first platform server.
 本発明の第3の視点によれば、サーバ装置において、利用者が施設に入場する前に必要な最初の本人確認時に、身分証明書に格納された第1の電子証明書を、前記身分証明書に格納された電子証明書を用いた認証手続きを行う第1のプラットフォームサーバに送信し、前記利用者が前記施設に入場する際に必要な2回目以降の本人確認時に、前記身分証明書に格納された第2の電子証明書を前記第1のプラットフォームサーバに送信する、サーバ装置の制御方法が提供される。 According to the third aspect of the present invention, in the server device, the first electronic certificate stored in the identification card is used as the identification card at the time of initial identity verification required before the user enters the facility. to the first platform server that performs the authentication procedure using the electronic certificate stored in the certificate, and when the user enters the facility for the second and subsequent identity verifications, the identification card A method for controlling a server device is provided for transmitting a stored second digital certificate to the first platform server.
 本発明の第4の視点によれば、サーバ装置に搭載されたコンピュータに、利用者が施設に入場する前に必要な最初の本人確認時に、身分証明書に格納された第1の電子証明書を、前記身分証明書に格納された電子証明書を用いた認証手続きを行う第1のプラットフォームサーバに送信する処理と、前記利用者が前記施設に入場する際に必要な2回目以降の本人確認時に、前記身分証明書に格納された第2の電子証明書を前記第1のプラットフォームサーバに送信する処理と、を実行させるためのプログラムを記憶する、コンピュータ読取可能な記憶媒体が提供される。 According to a fourth aspect of the present invention, a computer installed in a server device stores a first electronic certificate stored in an identification card at the time of initial identity verification required before a user enters a facility. to the first platform server that performs the authentication procedure using the electronic certificate stored in the identification card, and the second and subsequent identity verifications required when the user enters the facility. Sometimes, a computer-readable storage medium is provided storing a program for executing a process of transmitting a second digital certificate stored in said identification card to said first platform server.
 本発明の各視点によれば、カジノ等の施設に入場する際の利用者の負担を軽減することに寄与する、システム、サーバ装置、サーバ装置の制御方法及び記憶媒体が提供される。なお、本発明の効果は上記に限定されない。本発明により、当該効果の代わりに、又は当該効果と共に、他の効果が奏されてもよい。 Each aspect of the present invention provides a system, a server device, a server device control method, and a storage medium that contribute to reducing the burden on users when entering facilities such as casinos. In addition, the effect of this invention is not limited above. Other effects may be achieved by the present invention instead of or in addition to this effect.
図1は、一実施形態の概要を説明するための図である。FIG. 1 is a diagram for explaining an overview of one embodiment. 図2は、一実施形態の動作を説明するためのフローチャートである。FIG. 2 is a flow chart for explaining the operation of one embodiment. 図3は、第1の実施形態に係る入場管理システムの概略構成の一例を示す図である。FIG. 3 is a diagram showing an example of a schematic configuration of an entrance management system according to the first embodiment. 図4は、第1の実施形態に係る入場管理システムの動作を説明するための図である。FIG. 4 is a diagram for explaining the operation of the entrance management system according to the first embodiment. 図5は、第1の実施形態に係る入場管理システムの動作を説明するための図である。FIG. 5 is a diagram for explaining the operation of the entrance management system according to the first embodiment. 図6は、第1の実施形態に係る入場管理システムの動作を説明するための図である。FIG. 6 is a diagram for explaining the operation of the entrance management system according to the first embodiment. 図7は、第1の実施形態に係る受付端末の処理構成の一例を示す図である。7 is a diagram illustrating an example of a processing configuration of a reception terminal according to the first embodiment; FIG. 図8は、第1の実施形態に係る受付端末の表示の一例を示す図である。FIG. 8 is a diagram illustrating an example of a display on the reception terminal according to the first embodiment; 図9は、第1の実施形態に係る受付端末の表示の一例を示す図である。FIG. 9 is a diagram illustrating an example of a display on the reception terminal according to the first embodiment; 図10A及び図10Bは、第1の実施形態に係る受付端末の表示の一例を示す図である。10A and 10B are diagrams showing examples of displays on the reception terminal according to the first embodiment. 図11は、第1の実施形態に係る入場端末の処理構成の一例を示す図である。11 is a diagram illustrating an example of a processing configuration of an entrance terminal according to the first embodiment; FIG. 図12は、第1の実施形態に係る入場端末の表示の一例を示す図である。FIG. 12 is a diagram illustrating an example of a display on an entrance terminal according to the first embodiment; 図13は、第1の実施形態に係る入場端末の表示の一例を示す図である。FIG. 13 is a diagram illustrating an example of a display of an entrance terminal according to the first embodiment; 図14は、第1の実施形態に係るカジノサーバの処理構成の一例を示す図である。FIG. 14 is a diagram showing an example of the processing configuration of the casino server according to the first embodiment. 図15は、第1の実施形態に係る利用者情報データベースの一例を示す図である。FIG. 15 is a diagram illustrating an example of a user information database according to the first embodiment; 図16は、第1の実施形態に係る入場確認処理部の動作の一例を示すフローチャートである。16 is a flowchart illustrating an example of the operation of an entry confirmation processing unit according to the first embodiment; FIG. 図17は、第1の実施形態に係る第1のPFサーバの処理構成の一例を示す図である。17 is a diagram illustrating an example of a processing configuration of the first PF server according to the first embodiment; FIG. 図18は、第1の実施形態に係る利用者管理データベースの一例を示す図である。FIG. 18 is a diagram showing an example of a user management database according to the first embodiment; 図19は、第1の実施形態に係る管理サーバの処理構成の一例を示す図である。19 is a diagram illustrating an example of a processing configuration of a management server according to the first embodiment; FIG. 図20は、第1の実施形態に係る入場者情報データベースの一例を示す図である。FIG. 20 is a diagram showing an example of a visitor information database according to the first embodiment. 図21は、第1の実施形態に係る第2のPFサーバの処理構成の一例を示す図である。21 is a diagram illustrating an example of a processing configuration of a second PF server according to the first embodiment; FIG. 図22は、第1の実施形態に係る入場者管理データベースの一例を示す図である。FIG. 22 is a diagram showing an example of a visitor management database according to the first embodiment. 図23は、第1の実施形態に係る認証局サーバの処理構成の一例を示す図である。23 is a diagram illustrating an example of a processing configuration of a certificate authority server according to the first embodiment; FIG. 図24は、第1の実施形態に係る入場管理システムの動作の一例を示すシーケンス図である。24 is a sequence diagram illustrating an example of the operation of the entrance management system according to the first embodiment; FIG. 図25は、第1の実施形態に係る入場管理システムの動作の一例を示すシーケンス図である。25 is a sequence diagram illustrating an example of the operation of the entrance management system according to the first embodiment; FIG. 図26は、本願開示に係るカジノサーバのハードウェア構成の一例を示す図である。FIG. 26 is a diagram showing an example hardware configuration of a casino server according to the disclosure of the present application.
 はじめに、一実施形態の概要について説明する。なお、この概要に付記した図面参照符号は、理解を助けるための一例として各要素に便宜上付記したものであり、この概要の記載はなんらの限定を意図するものではない。また、特段の釈明がない場合には、各図面に記載されたブロックはハードウェア単位の構成ではなく、機能単位の構成を表す。各図におけるブロック間の接続線は、双方向及び単方向の双方を含む。一方向矢印については、主たる信号(データ)の流れを模式的に示すものであり、双方向性を排除するものではない。なお、本明細書及び図面において、同様に説明されることが可能な要素については、同一の符号を付することにより重複説明が省略され得る。 First, an outline of one embodiment will be described. It should be noted that the drawing reference numerals added to this outline are added to each element for convenience as an example to aid understanding, and the description of this outline does not intend any limitation. Also, unless otherwise specified, the blocks depicted in each drawing represent the configuration of each function rather than the configuration of each hardware unit. Connecting lines between blocks in each figure include both bi-directional and uni-directional. The unidirectional arrows schematically show the flow of main signals (data) and do not exclude bidirectionality. In addition, in the present specification and drawings, elements that can be described in the same manner can be omitted from redundant description by assigning the same reference numerals.
 一実施形態に係るシステムは、施設サーバ101と、第1のプラットフォームサーバ102と、を含む(図1参照)。施設サーバ101は、利用者が施設に入場するための制御を行う。第1のプラットフォームサーバ102は、身分証明書に格納された電子証明書を用いた認証手続きを行う。施設サーバ101は、利用者が施設に入場する前に必要な最初の本人確認時に、身分証明書に格納された第1の電子証明書を第1のプラットフォームサーバ102に送信する(図2のステップS1)。さらに、施設サーバ101は、利用者が施設に入場する際に必要な2回目以降の本人確認時に、身分証明書に格納された第2の電子証明書を第1のプラットフォームサーバ102に送信する(ステップS2)。第1のプラットフォームサーバ102は、第1の電子証明書の第1の識別情報と前記第2の電子証明書の第2の識別情報を対応付けて記憶する。第1のプラットフォームサーバ102は、2回目以降の本人確認時に、第2の電子証明書から第2の識別情報を抽出する。第1のプラットフォームサーバ102は、少なくとも抽出された第2の識別情報に対応する第1の識別情報を用いて2回目以降の本人確認に関する処理を行う(本人確認処理の実行;ステップS3)。 A system according to one embodiment includes a facility server 101 and a first platform server 102 (see FIG. 1). The facility server 101 performs control for users to enter the facility. The first platform server 102 performs an authentication procedure using the electronic certificate stored in the identification card. The facility server 101 transmits the first electronic certificate stored in the identification card to the first platform server 102 at the time of initial identity verification required before the user enters the facility (step in FIG. 2). S1). Furthermore, the facility server 101 transmits the second electronic certificate stored in the identification card to the first platform server 102 at the time of the second and subsequent identity verifications required when the user enters the facility ( step S2). The first platform server 102 associates and stores the first identification information of the first electronic certificate and the second identification information of the second electronic certificate. The first platform server 102 extracts the second identification information from the second electronic certificate during the second and subsequent identity verifications. The first platform server 102 uses at least the first identification information corresponding to the extracted second identification information to perform the second and subsequent identity verification processes (execution of identity verification processing; step S3).
 施設(例えば、カジノ)に入場するためには、本人確認が必要となることがある。その際、例えば、第1の電子証明書(例えば、マイナンバーカードに格納された署名用電子証明書)による本人確認が必要となる。ここで、利用者が施設に入場するたびに、第1の電子証明書を読み出すために桁数の多い暗証番号の入力が求められると、当該利用者の負担が増加する。そこで、上記システムは、最初の本人確認は、第1の電子証明書で行い、2回目以降の本人確認は、第1の電子証明書と紐付く第2の電子証明書(例えば、利用者証明用電子証明書)を用いて行う。第2の電子証明書は、より桁数の少ない暗証番号又は生体認証により読み出すことができるので、利用者の負担が軽減する。このように、一実施形態に係るシステムは、カジノ等の施設に入場する際の利用者の負担を軽減できる。 In order to enter facilities (eg casinos), identity verification may be required. At that time, for example, personal identification using a first electronic certificate (for example, a signature electronic certificate stored in a My Number card) is required. Here, if the user is required to enter a password with a large number of digits in order to read out the first electronic certificate every time the user enters the facility, the burden on the user increases. Therefore, in the above system, the first identity verification is performed with the first electronic certificate, and the second and subsequent identity verifications are performed with the second electronic certificate linked to the first electronic certificate (for example, the user certificate electronic certificate). The second electronic certificate can be read by a personal identification number with a smaller number of digits or by biometric authentication, thus reducing the burden on the user. In this way, the system according to one embodiment can reduce the user's burden when entering a facility such as a casino.
 以下に具体的な実施形態について、図面を参照してさらに詳しく説明する。 Specific embodiments will be described in more detail below with reference to the drawings.
[第1の実施形態]
 第1の実施形態について、図面を用いてより詳細に説明する。 [First embodiment]
The first embodiment will be described in more detail with reference to the drawings.
[システムの構成]
 図3は、第1の実施形態に係る入場管理システム(情報処理システム)の概略構成の一例を示す図である。第1の実施形態に係る入場管理システムは、統合型リゾート(IR;Integrated Resort)内の施設を対象として入場管理を行う。また、図3に示すように、入場管理システムには、複数のサーバ装置が含まれる。 [System configuration]
FIG. 3 is a diagram showing an example of a schematic configuration of an entrance management system (information processing system) according to the first embodiment. An entrance management system according to the first embodiment performs entrance management for facilities in an integrated resort (IR). Also, as shown in FIG. 3, the admission management system includes a plurality of server devices.
 統合型リゾートには、国際会議場、展示施設、ホテル、商業施設、レストラン、劇場、映画館、アミューズメントパーク、スポーツ施設、温浴施設、カジノ行為区域等が含まれる。 Integrated resorts include international conference halls, exhibition facilities, hotels, commercial facilities, restaurants, theaters, movie theaters, amusement parks, sports facilities, spa facilities, casino action areas, etc.
 第1の実施形態では、利用者が入場する施設として「カジノ行為区画」を例にとり説明を行う。ただし、利用者が入場する施設は他の施設であってもよいことは勿論である。 In the first embodiment, the explanation will be given by taking the "Casino action area" as an example of a facility where users enter. However, it goes without saying that the facility that the user enters may be another facility.
 カジノ行為区域(以下、単にカジノ施設又はカジノと表記する)に初めて入場する利用者は、事前に、本人確認を受ける必要がある。具体的には、利用者(入場希望者)は、統合型リゾート施設の一角に設置された受付端末10(キオスク端末)を用いて、本人確認を受ける。なお、最初の本人確認は、カジノ施設に入場する前に完了している必要がある。 Users who enter the casino action area (hereinafter simply referred to as the casino facility or casino) for the first time must undergo identity verification in advance. Specifically, a user (a person wishing to enter) undergoes identity verification using a reception terminal 10 (kiosk terminal) installed in a corner of the integrated resort facility. The initial identity verification must be completed before entering the casino facility.
 本人確認は、公的機関から発行された身分証明書を用いて行われる。具体的には、電子証明書が格納されたIC(Integrated Circuit)カードが本人確認に使用される。本願開示では、電子証明書が格納されたICカード(身分証明書)としてマイナンバーカードを例にとり説明を行う。 Identity verification is performed using an identification card issued by a public institution. Specifically, an IC (Integrated Circuit) card storing an electronic certificate is used for identity verification. In the disclosure of the present application, a My Number card will be described as an example of an IC card (identification card) in which an electronic certificate is stored.
 利用者は、受付端末10を操作して、初回の本人確認に関する手続きを行う。初回の本人確認が終了すると、利用者は、入場端末20を通過してカジノ施設に入場できる。 The user operates the reception terminal 10 to carry out procedures related to initial identity verification. After completing the initial identification, the user can enter the casino facility through the entrance terminal 20. - 特許庁
 利用者がカジノ施設に入場する際、入場端末20において、入場者の本人確認(2回目以降の本人確認)と回数確認が行われる。ただし、日本国内に住居を有しない外国人は、当該本人確認と回数確認は不要である。 When the user enters the casino facility, the admission terminal 20 performs identity verification of the visitor (identity verification for the second and subsequent times) and the number of visits. However, foreigners who do not have a residence in Japan do not need to confirm their identity and number of times.
 回数確認は、法律等で設定された、カジノ施設への入場制限を超えているか否かに関する確認である。例えば、短期の回数制限として「連続する7日間における入場回数は3回までとする」といった制限や、長期の回数制限として「連続する28日間での入場回数は10回までとする」といった制限に抵触するか否かに関する確認が回数確認である。 The confirmation of the number of times is a confirmation as to whether or not the entry limit to the casino facility set by law has been exceeded. For example, there is a short-term limit on the number of visits, such as "the number of times of admission is limited to 3 times in a continuous 7-day period", and a limit of "the number of times of admission is limited to 10 times in a consecutive 28-day period" as a long-term limit. The confirmation as to whether or not there is a conflict is the confirmation of the number of times.
 入場端末20における本人確認及び回数確認に成功した利用者は、ゲートを通過してカジノ施設内に入場できる。 A user who has successfully completed identity verification and number of times verification at the entrance terminal 20 can pass through the gate and enter the casino facility.
 図3に示すように、入場管理システムには、複数のサーバ装置が含まれる。具体的には、入場管理システムには、カジノサーバ30と、第1のプラットフォーム(PF;Plat Form)サーバ40と、管理サーバ50と、第2のプラットフォームサーバ60と、認証局サーバ70と、が含まれる。 As shown in FIG. 3, the entrance management system includes multiple server devices. Specifically, the admission management system includes a casino server 30, a first platform (PF) server 40, a management server 50, a second platform server 60, and a certificate authority server 70. included.
 カジノサーバ30は、カジノ事業者等により管理されるサーバ装置である。カジノサーバ30は、カジノ利用者の管理等を行う。カジノサーバ30は、利用者がカジノ施設に入場するための制御を行う。カジノサーバ30は、上述の施設サーバ101に相当する。 The casino server 30 is a server device managed by a casino operator or the like. The casino server 30 manages casino users. The casino server 30 performs control for the user to enter the casino facility. The casino server 30 corresponds to the facility server 101 described above.
 第1のPFサーバ40は、電子証明書の認証業務を行う認証事業者により管理されるサーバ装置である。第1のPFサーバ40は、身分証明書に格納された電子証明書を用いた認証手続きを行う。より具体的には、第1のPFサーバ40は、カジノ事業者から依頼された電子証明書の認証業務を執り行う装置である。 The first PF server 40 is a server device managed by an authentication business that performs authentication work for electronic certificates. The first PF server 40 performs an authentication procedure using the electronic certificate stored in the identification card. More specifically, the first PF server 40 is a device that authenticates electronic certificates requested by casino operators.
 管理サーバ50は、カジノ管理委員会(カジノ利用に関する規則の作成やカジノ事業者によるカジノ事業活動の管理等を行う行政機関)により管理されるサーバ装置である。管理サーバ50は、カジノ施設の利用状況を管理する。より具体的には、管理サーバ50は、カジノ利用者の回数確認を行ったりカジノ利用者の身元を管理(記憶)したりする。なお、管理サーバ50は、1つのカジノ施設に関する利用状況の管理ではなく、国内で事業活動を行う各カジノ施設(複数のカジノ施設)に関する利用状況を管理する。即ち、管理サーバ50は、利用者が入場しようとしているカジノ施設だけでなく、国内に存在する他のカジノ施設に関する回数確認等を行う(上記説明した短期、長期の回数確認を行う)。 The management server 50 is a server device managed by a casino management committee (an administrative body that creates rules regarding casino usage and manages casino business activities by casino operators). The management server 50 manages the usage status of the casino facility. More specifically, the management server 50 checks the number of casino users and manages (stores) the identities of casino users. The management server 50 does not manage the usage status of one casino facility, but manages the usage status of each casino facility (a plurality of casino facilities) that conduct business activities in Japan. That is, the management server 50 confirms the number of visits not only to the casino facility that the user intends to enter, but also to other casino facilities in Japan (confirms the above-described short-term and long-term number of visits).
 第2のPFサーバ60は、電子証明書の認証業務を行う認証事業者により管理されるサーバ装置である。第2のPFサーバ60は、身分証明書に格納された電子証明書を用いた認証手続きを行う。より具体的には、第2のPFサーバ60は、カジノ管理委員会から依頼された電子証明書の認証業務を執り行う装置である。 The second PF server 60 is a server device managed by an authentication business that performs authentication work for electronic certificates. The second PF server 60 performs an authentication procedure using the electronic certificate stored in the identification card. More specifically, the second PF server 60 is a device that performs authentication work for electronic certificates requested by the casino management committee.
 認証局サーバ70は、J-LIS(Japan Agency for Local Authority Information Systems)と称される国及び地方公共団体が共同して運営する法人により管理されるサーバ装置である。認証局サーバ70は、電子証明書の有効性を検証する。より具体的には、認証局サーバ70は、電子証明書を用いた個人認証サービスを提供する装置である。 The certificate authority server 70 is a server device managed by a corporation called J-LIS (Japan Agency for Local Authority Information Systems), which is jointly operated by the national government and local governments. The certificate authority server 70 verifies the validity of the electronic certificate. More specifically, the certificate authority server 70 is a device that provides a personal authentication service using electronic certificates.
[概略動作]
 続いて、第1の実施形態に係る入場管理システムの概略動作について説明する。 [General operation]
Next, a schematic operation of the entrance management system according to the first embodiment will be described.
<初回の本人確認>
 図4を参照して、初回の本人確認に関する入場管理システムの概略動作を説明する。 <Initial Identity Verification>
With reference to FIG. 4, the general operation of the entrance management system regarding the first personal identification will be described.
 カジノ施設に初めて入場する利用者は、受付端末10で初回の本人確認を受ける。受付端末10は、利用者が所持するマイナンバーカードから署名用電子証明書を取得する。受付端末10は、取得した署名用電子証明書を含む本人確認依頼をカジノサーバ30に送信する(ステップS01)。 A user entering the casino facility for the first time undergoes an initial identity verification at the reception terminal 10. The reception terminal 10 acquires an electronic certificate for signature from the My Number card possessed by the user. The reception terminal 10 transmits an identity verification request including the acquired signature electronic certificate to the casino server 30 (step S01).
 なお、署名用電子証明書は、公的機関等に提出する文書に署名するための電子証明書であり、利用者(マイナンバーカードが交付された住民)の個人情報(所謂、基本4情報;氏名、生年月日、性別、住所)を含む証明書である。 The electronic signature certificate is an electronic certificate for signing documents submitted to public institutions, etc. , date of birth, gender, address).
 カジノサーバ30は、利用者の本人確認を第1のPFサーバ40に要求する。具体的には、カジノサーバ30は、受付端末10から取得した署名用電子証明書を含む本人確認要求を第1のPFサーバ40に送信する(ステップS02)。 The casino server 30 requests the first PF server 40 to verify the identity of the user. Specifically, the casino server 30 transmits to the first PF server 40 a personal identification request including the signature electronic certificate obtained from the reception terminal 10 (step S02).
 本人確認要求の受信に応じて、第1のPFサーバ40は、署名用電子証明書の有効性検証を認証局サーバ70に要求する。具体的には、第1のPFサーバ40は、署名用電子証明書の発行番号を含む検証要求を認証局サーバ70に送信する(ステップS03)。 Upon receiving the personal identification request, the first PF server 40 requests the certificate authority server 70 to verify the validity of the electronic signature certificate. Specifically, the first PF server 40 transmits a verification request including the issue number of the signature electronic certificate to the certificate authority server 70 (step S03).
 認証局サーバ70は、署名用電子証明書の検証を行う。認証局サーバ70は、署名用電子証明書の検証結果(署名用電子証明書は有効、署名用電子証明書は無効)を第1のPFサーバ40に送信する(ステップS04)。その際、署名用電子証明書の検証に成功していれば、認証局サーバ70は、署名用電子証明書に紐づけられた利用者証明用電子証明書の発行番号も併せて第1のPFサーバ40に送信する。 The certificate authority server 70 verifies the signature electronic certificate. The certificate authority server 70 transmits the verification result of the electronic certificate for signature (the electronic certificate for signature is valid, the electronic certificate for signature is invalid) to the first PF server 40 (step S04). At that time, if the verification of the electronic certificate for signature is successful, the certificate authority server 70 also sends the issue number of the electronic certificate for user certification linked to the electronic certificate for signature to the first PF. Send to server 40 .
 署名用電子証明書が有効な場合、第1のPFサーバ40は、利用者(初めてカジノ施設に入場する利用者)のアカウントを生成する。第1のPFサーバ40は、当該アカウントにおいて、利用者を識別するID(以下、利用者IDと表記する)、署名用電子証明書の発行番号、利用者証明用電子証明書の発行番号及び本人特定事項を対応付けて記憶する。 If the signature electronic certificate is valid, the first PF server 40 creates an account for the user (the user entering the casino facility for the first time). In the account, the first PF server 40 has an ID that identifies the user (hereinafter referred to as a user ID), the issue number of the electronic certificate for signature, the issue number of the electronic certificate for user certification, and the person himself/herself. Specific items are associated with each other and stored.
 なお、本人特定事項は、氏名、生年月日、性別及び住所のうち少なくとも1つ又はその組み合わせからなる情報である。例えば、氏名や氏名と生年月日の組み合わせが本人特定事項に該当する。勿論、氏名、生年月日、性別及び住所の組み合わせが本人特定事項であってもよい。 In addition, the personal identification information is information consisting of at least one or a combination of name, date of birth, gender and address. For example, a name or a combination of a name and a date of birth corresponds to personal identification items. Of course, a combination of name, date of birth, sex and address may be the personal identification items.
 その後、第1のPFサーバ40は、本人確認要求に対する確認結果(本人確認成功、本人確認失敗)をカジノサーバ30に送信する(ステップS05)。本人確認が成功の場合、第1のPFサーバ40は、利用者ID及び本人特定事項もカジノサーバ30に送信する。 After that, the first PF server 40 transmits the confirmation result (identity confirmation success, identity confirmation failure) for the identity confirmation request to the casino server 30 (step S05). If the personal identification is successful, the first PF server 40 also transmits the user ID and personal identification items to the casino server 30 .
 第1のPFサーバ40から受信した確認結果に応じて、カジノサーバ30は、本人確認依頼に対する応答(本人確認成功、本人確認失敗)を受付端末10に送信する(ステップS06)。また、カジノサーバ30は、第1のPFサーバ40から受信した利用者ID等を記憶する。 According to the confirmation result received from the first PF server 40, the casino server 30 transmits a response to the identity confirmation request (identity confirmation success, identity confirmation failure) to the reception terminal 10 (step S06). The casino server 30 also stores the user ID and the like received from the first PF server 40 .
 受付端末10は、本人確認の結果を利用者に通知する。 The reception terminal 10 notifies the user of the result of identity verification.
 このように、カジノサーバ30は、利用者がカジノ施設に入場する前に必要な最初の本人確認時に、身分証明書(マイナンバーカード)に格納された第1の電子証明書(署名用電子証明書)を第1のPFサーバ40に送信する。第1のPFサーバ40は、第1の電子証明書の第1の識別情報(署名用電子証明書の発行番号)を認証局サーバ70に送信する。認証局サーバ70は、第1の識別情報に基づいて第1の電子証明書の有効性を検証し、検証に成功した場合には第1の識別情報に対応する第2の識別情報(利用者証明用電子証明書の発行番号)を第1のPFサーバ40に送信する。第1のPFサーバ40は、第1の電子証明書(署名用電子証明書)の第1の識別情報と第2の電子証明書(利用者証明用電子証明書)の第2の識別情報を対応付けて記憶する。 In this way, the casino server 30 uses the first electronic certificate (signature electronic certificate) stored in the identification card (my number card) at the time of initial identity verification required before the user enters the casino facility. ) to the first PF server 40 . The first PF server 40 transmits the first identification information of the first electronic certificate (issuance number of the signature electronic certificate) to the certificate authority server 70 . The certificate authority server 70 verifies the validity of the first electronic certificate based on the first identification information, and if the verification is successful, the second identification information (user (issue number of electronic certificate for proof) to the first PF server 40 . The first PF server 40 uses the first identification information of the first electronic certificate (electronic certificate for signature) and the second identification information of the second electronic certificate (electronic certificate for user proof) as They are associated and stored.
<カジノ施設入場時の2回目以降の本人確認及び回数確認>
 上述のように、カジノ施設に入場するためには、利用者の本人確認と回数確認が必要である。本人確認及び回数確認は、入場端末20(カジノ施設の入口に設置された端末)を介して行われる。 <Confirmation of identity and number of times after the second time when entering the casino facility>
As described above, in order to enter the casino facility, it is necessary to verify the identity of the user and verify the number of visits. The personal identification and the number of times confirmation are performed via the entrance terminal 20 (a terminal installed at the entrance of the casino facility).
 入場端末20は、利用者が所持するマイナンバーカードから利用者証明用電子証明書を取得する。入場端末20は、取得した利用者証明用電子証明書を含む入場確認依頼をカジノサーバ30に送信する(図5のステップS11)。 The admission terminal 20 acquires an electronic certificate for user verification from the My Number card possessed by the user. The admission terminal 20 transmits an admission confirmation request including the acquired electronic certificate for user verification to the casino server 30 (step S11 in FIG. 5).
 なお、利用者証明用電子証明書は、本人であることの認証手段として利用される電子証明書であり、利用者(マイナンバーカードが交付された住民)の個人情報(所謂、基本4情報;氏名、生年月日、性別、住所)を含まない証明書である。 In addition, the electronic certificate for user authentication is an electronic certificate used as a means of authenticating the identity of the person, and the personal information of the user (the resident to whom the My Number Card was issued) (so-called basic 4 information; name , date of birth, gender, address).
 入場管理システムは、本人確認と回数確認を実行する。当該本人確認と回数確認は並行して実行されるが、便宜上、本人確認と回数確認を分けて説明する。 The admission management system will perform identity verification and number of times verification. The identity confirmation and the number of times confirmation are executed in parallel, but for the sake of convenience, the identity confirmation and the number of times confirmation will be explained separately.
 はじめに、図6の下段に示される本人確認フローを参照して、カジノ施設入場時の本人確認に関する入場管理システムの概略動作を説明する。 First, with reference to the identity verification flow shown in the lower part of FIG. 6, the general operation of the entrance management system regarding identity verification when entering the casino facility will be described.
 入場端末20から利用者証明用電子証明書を取得すると、カジノサーバ30は、入場希望者の本人確認を第1のPFサーバ40に要求する。具体的には、カジノサーバ30は、入場端末20から取得した利用者証明用電子証明書を含む本人確認要求を第1のPFサーバ40に送信する(ステップS21)。 After obtaining the electronic certificate for user verification from the admission terminal 20, the casino server 30 requests the first PF server 40 to verify the identity of the person who wishes to enter. Specifically, the casino server 30 transmits to the first PF server 40 a personal identification request including the electronic certificate for user verification obtained from the entrance terminal 20 (step S21).
 第1のPFサーバ40は、カジノ施設への入場希望者に関し、初回の本人確認が完了しているか否か判定する。具体的には、第1のPFサーバ40は、利用者証明用電子証明書の発行番号を用いて入場希望者のアカウントが生成済か否か判定する。 The first PF server 40 determines whether or not the initial identity verification has been completed for those who wish to enter the casino facility. Specifically, the first PF server 40 uses the issue number of the user-certifying electronic certificate to determine whether or not the account of the person who wishes to enter has been generated.
 アカウントが生成されていれば、第1のPFサーバ40は、署名用電子証明書及び利用者証明用電子証明書の有効性検証を認証局サーバ70に要求する。具体的には、第1のPFサーバ40は、署名用電子証明書の発行番号と利用者証明用電子証明書の発行番号を含む検証要求を認証局サーバ70に送信する(ステップS22)。 If an account has been generated, the first PF server 40 requests the certificate authority server 70 to verify the validity of the signature electronic certificate and the user certification electronic certificate. Specifically, the first PF server 40 transmits a verification request including the issue number of the signature electronic certificate and the issue number of the user certification electronic certificate to the certificate authority server 70 (step S22).
 認証局サーバ70は、署名用電子証明書及び利用者証明用電子証明書の検証を行う。認証局サーバ70は、署名用電子証明書及び利用者証明用電子証明書の検証結果(証明書は有効、証明書は無効)を第1のPFサーバ40に送信する(ステップS23)。 The certificate authority server 70 verifies the electronic certificate for signature and the electronic certificate for user certification. The certificate authority server 70 transmits the verification result of the electronic certificate for signature and the electronic certificate for user proof (certificate is valid, certificate is invalid) to the first PF server 40 (step S23).
 認証局サーバ70から取得した検証結果に応じて、第1のPFサーバ40は、カジノサーバ30から受信した本人確認要求に対する確認結果(本人確認成功、本人確認失敗)をカジノサーバ30に送信する(ステップS24)。本人確認が成功の場合には、第1のPFサーバ40は、入場希望者の利用者ID及び本人特定事項を併せてカジノサーバ30に通知する。 According to the verification result obtained from the certification authority server 70, the first PF server 40 transmits to the casino server 30 the confirmation result (identity verification success, identity verification failure) for the identity verification request received from the casino server 30 ( step S24). If the personal identification is successful, the first PF server 40 notifies the casino server 30 of the user ID and personal identification information of the person who wishes to enter.
 カジノサーバ30は、カジノ施設への入場希望者に関し、確認結果(本人確認成功、本人確認失敗)を記憶する。 The casino server 30 stores the confirmation results (identity confirmation success, identity confirmation failure) for those who wish to enter the casino facility.
 続いて、図6の上段に示される回数確認フローを参照して、カジノ施設入場時の回数確認に関する入場管理システムの概略動作を説明する。 Next, with reference to the flow of confirmation of the number of visits shown in the upper part of FIG. 6, the general operation of the admission management system regarding confirmation of the number of visits to the casino facility will be described.
 入場端末20から利用者証明用電子証明書を取得すると、カジノサーバ30は、入場希望者の回数確認を管理サーバ50に要求する。具体的には、カジノサーバ30は、マイナンバーカードから読み出された利用者証明用電子証明書を含む回数確認要求を管理サーバ50に送信する(ステップS31)。 When the electronic certificate for user verification is obtained from the admission terminal 20, the casino server 30 requests the management server 50 to confirm the number of times the applicant wants to enter. Specifically, the casino server 30 transmits to the management server 50 a number-of-times confirmation request including the electronic certificate for user verification read out from the My Number card (step S31).
 管理サーバ50は、入場者の特定を第2のPFサーバ60に要求する。具体的には、管理サーバ50は、カジノサーバ30から取得した利用者証明用電子証明書を含む入場者特定要求を第2のPFサーバ60に送信する(ステップS32)。 The management server 50 requests the second PF server 60 to identify the visitors. Specifically, the management server 50 transmits to the second PF server 60 a visitor identification request including the electronic certificate for user certification obtained from the casino server 30 (step S32).
 入場者特定要求の受信に応じて、第2のPFサーバ60は、利用者証明用電子証明書の有効性検証を認証局サーバ70に要求する。具体的には、第2のPFサーバ60は、利用者証明用電子証明書の発行番号を含む検証要求を認証局サーバ70に送信する(ステップS33) Upon receiving the visitor identification request, the second PF server 60 requests the certificate authority server 70 to verify the validity of the electronic certificate for user certification. Specifically, the second PF server 60 transmits a verification request including the issue number of the electronic certificate for user certification to the certification authority server 70 (step S33).
 認証局サーバ70は、利用者証明用電子証明書の検証を行う。認証局サーバ70は、利用者証明用電子証明書の検証結果(利用者証明用電子証明書は有効、利用者証明用電子証明書は無効)を第2のPFサーバ60に送信する(ステップS34)。 The certificate authority server 70 verifies the electronic certificate for user certification. The certificate authority server 70 transmits the verification result of the user certification electronic certificate (the user certification electronic certificate is valid, the user certification electronic certificate is invalid) to the second PF server 60 (step S34). ).
 利用者証明用電子証明書が有効な場合、第2のPFサーバ60は、入場者のアカウントを作成する。第2のPFサーバ60は、入場者を識別するID(以下、入場者IDと表記する)と当該入場者の利用者証明用電子証明書の発行番号を対応付けて記憶する。 If the user-certifying electronic certificate is valid, the second PF server 60 creates an account for the visitor. The second PF server 60 associates and stores an ID that identifies a visitor (hereinafter referred to as a visitor ID) and an issue number of an electronic certificate for user certification of the visitor.
 第2のPFサーバ60は、管理サーバ50から受信した入場者特定要求に対する応答(入場者は特定、入場者は非特定)を管理サーバ50に送信する(ステップS35)。入場者が特定された場合には、第2のPFサーバ60は、当該特定された入場者(入場予定者)の入場者IDも併せて管理サーバ50に送信する。 The second PF server 60 sends a response to the visitor identification request received from the management server 50 (the visitor is identified, the visitor is not identified) to the management server 50 (step S35). When the visitor is identified, the second PF server 60 also transmits the visitor ID of the identified visitor (expected visitor) to the management server 50 .
 管理サーバ50は、入場者IDに基づいて入場確認(回数確認)の対象となっている利用者を特定し、当該特定された利用者のカジノ施設利用に関する回数確認を行う。管理サーバ50は、回数確認の結果(利用者はカジノ施設利用可、利用者はカジノ施設利用不可)をカジノサーバ30に送信する(ステップS36)。 The management server 50 identifies the user who is subject to admission confirmation (confirmation of the number of times) based on the visitor ID, and confirms the number of times the identified user has used the casino facility. The management server 50 transmits the result of the confirmation of the number of times (user can use the casino facility, user cannot use the casino facility) to the casino server 30 (step S36).
 カジノサーバ30は、回数確認の結果を記憶する。 The casino server 30 stores the results of the confirmation of the number of times.
 カジノサーバ30は、本人確認の結果と回数確認の結果が揃ったタイミングで、利用者がカジノ施設に入場できるか否か判定する。カジノサーバ30は、入場確認依頼に対する応答(カジノ施設に入場可、カジノ施設に入場不可)を入場端末20に送信する(図5のステップS12)。 The casino server 30 determines whether or not the user can enter the casino facility at the timing when the result of the identity verification and the result of the number of times verification are complete. The casino server 30 transmits a response to the admission confirmation request (allowed to enter the casino facility, not allowed to enter the casino facility) to the admission terminal 20 (step S12 in FIG. 5).
 入場端末20は、入場確認依頼に対する応答(利用者はカジノ施設に入場可、利用者はカジノ施設入場不可)に応じてゲートを制御する。 The entrance terminal 20 controls the gate according to the response to the entrance confirmation request (the user can enter the casino facility, and the user cannot enter the casino facility).
 このように、カジノサーバ30は、2回目以降の本人確認と並行して、カジノ施設の回数確認に関する処理を行う。また、カジノサーバ30は、利用者がカジノ施設に入場する際に必要な2回目以降の本人確認時に、マイナンバーカードに格納された第2の電子証明書(利用者証明用電子証明書)を前記第1のPFサーバ40に送信する。第1のPFサーバ40は、2回目以降の本人確認時に、第2の電子証明書から第2の識別情報(発行番号)を抽出し、少なくとも当該抽出された発行番号に対応する第1の識別情報(署名用電子証明書の発行番号)を用いて2回目以降の本人確認に関する処理を行う。 In this way, the casino server 30 performs processing related to confirmation of the number of visits to the casino facility in parallel with the second and subsequent personal identifications. In addition, the casino server 30 uses the second electronic certificate (user-certifying electronic certificate) stored in the My Number Card at the time of identity verification for the second and subsequent times required when the user enters the casino facility. Send to the first PF server 40 . The first PF server 40 extracts the second identification information (issue number) from the second electronic certificate at the time of the second and subsequent identity verification, and at least the first identification corresponding to the extracted issue number. The information (issuance number of electronic certificate for signature) is used to perform processing related to personal identification for the second and subsequent times.
 さらに、回数確認に関し、カジノサーバ30は、第2の電子証明書を管理サーバ50に送信する。管理サーバ50は、第2の電子証明書を第2のPFサーバ60に送信することでカジノ施設へ入場しようとする入場者の特定を当該第2のPFサーバ60に要求する。第2のPFサーバ60は、第2の電子証明書が有効な場合、入場者の入場者IDを管理サーバ50に送信する。管理サーバ50は、入場者IDに対応する利用者のカジノ利用履歴がカジノ施設の利用に関する回数制限に反しない場合に、カジノ施設へ入場しようとする入場者がカジノに入場することを許可する。 Furthermore, regarding the confirmation of the number of times, the casino server 30 transmits the second electronic certificate to the management server 50. The management server 50 sends a second electronic certificate to the second PF server 60 to request the second PF server 60 to identify a visitor who is going to enter the casino facility. The second PF server 60 transmits the visitor ID of the visitor to the management server 50 when the second electronic certificate is valid. A management server 50 permits a visitor who intends to enter the casino facility to enter the casino when the casino usage history of the user corresponding to the visitor ID does not violate the limit on the number of times of use of the casino facility.
 続いて、第1の実施形態に係る入場管理システムに含まれる各装置の詳細について説明する。 Next, details of each device included in the entrance management system according to the first embodiment will be described.
[受付端末]
 図7は、第1の実施形態に係る受付端末10の処理構成(処理モジュール)の一例を示す図である。図7を参照すると、受付端末10は、通信制御部201と、本人確認制御部202と、記憶部203と、を備える。 [Reception terminal]
FIG. 7 is a diagram showing an example of a processing configuration (processing modules) of the reception terminal 10 according to the first embodiment. Referring to FIG. 7 , reception terminal 10 includes communication control section 201 , identity verification control section 202 , and storage section 203 .
 通信制御部201は、他の装置との間の通信を制御する手段である。例えば、通信制御部201は、カジノサーバ30からデータ(パケット)を受信する。また、通信制御部201は、カジノサーバ30に向けてデータを送信する。通信制御部201は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部201は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部201を介して他の装置とデータの送受信を行う。通信制御部201は、他の装置からデータを受信する受信部としての機能と、他の装置に向けてデータを送信する送信部としての機能と、を備える。 The communication control unit 201 is means for controlling communication with other devices. For example, the communication control section 201 receives data (packets) from the casino server 30 . Also, the communication control unit 201 transmits data to the casino server 30 . The communication control unit 201 transfers data received from other devices to other processing modules. The communication control unit 201 transmits data acquired from other processing modules to other devices. In this manner, other processing modules transmit and receive data to and from other devices via the communication control unit 201 . The communication control unit 201 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to the other device.
 本人確認制御部202は、カジノ施設への入場希望者に関する本人確認を制御する手段である。より具体的には、本人確認制御部202は、当該入場希望者の初回の本人確認に関する制御を行う。 The identity verification control unit 202 is means for controlling identity verification for those who wish to enter the casino facility. More specifically, the identity verification control unit 202 controls the initial identity verification of the person who wishes to enter.
 本人確認制御部202は、GUI(Graphical User Interface)等を用いて利用者(入場希望者)のカジノ施設への入場希望を取得する。本人確認制御部202は、利用者がカジノ施設への入場を希望すると、当該利用者が所持するマイナンバーカードから署名用電子証明書を取得する。 The personal identification control unit 202 uses a GUI (Graphical User Interface) or the like to acquire the user's (applicant's) desire to enter the casino facility. When a user wishes to enter the casino facility, the personal identification control unit 202 acquires an electronic certificate for signature from the My Number card possessed by the user.
 例えば、本人確認制御部202は、図8に示すようなGUIを表示し、IC(Integrated Circuit)カードリーダにマイナンバーカードが挿入されたことを認識する。その後、本人確認制御部202は、マイナンバーカードから署名用電子証明書の読み取りを行う。 For example, the personal identification control unit 202 displays a GUI as shown in FIG. 8 and recognizes that the My Number card has been inserted into an IC (Integrated Circuit) card reader. After that, the personal identification control unit 202 reads the signature electronic certificate from the My Number card.
 その際、署名用電子証明書に対応した暗証番号(パスワード)の入力が必要になるので、本人確認制御部202は、図9に示すようなGUIを表示し、暗証番号(6桁から16桁の英数字が混在した文字列)を取得する。 At this time, it is necessary to enter a personal identification number (password) corresponding to the electronic certificate for signature. character string mixed with alphanumeric characters).
 本人確認制御部202は、取得した暗証番号を用いてマイナンバーカードから署名用電子証明書の読み出しを試みる。正しい暗証番号が入力されていれば、本人確認制御部202は、署名用電子証明書を読み出すことができる。 The personal identification control unit 202 attempts to read out the signature electronic certificate from the My Number card using the acquired personal identification number. If the correct personal identification number is entered, the personal identification control unit 202 can read out the signature electronic certificate.
 本人確認制御部202は、読み出した署名用電子証明書を含む本人確認依頼をカジノサーバ30に送信する。 The identity verification control unit 202 transmits to the casino server 30 an identity verification request including the read electronic certificate for signature.
 本人確認制御部202は、本人確認依頼に対する応答(肯定応答、否定応答)をカジノサーバ30から受信する。 The personal identification control unit 202 receives a response (positive response, negative response) to the personal identification request from the casino server 30.
 本人確認制御部202は、本人確認結果に応じたメッセージ等を表示する。本人確認が成功の場合(肯定応答を受信した場合)には、本人確認制御部202は、「初回の本人確認」に成功した旨を利用者に通知する。本人確認が失敗の場合(否定応答を受信した場合)には、本人確認制御部202は、「初回の本人確認」に失敗した旨を利用者に通知する。 The identity verification control unit 202 displays a message or the like according to the identity verification result. When the identity confirmation is successful (when an affirmative response is received), the identity confirmation control unit 202 notifies the user that the "first identity confirmation" has been successful. If the identity verification fails (if a negative response is received), the identity verification control unit 202 notifies the user that the “initial identity verification” has failed.
 例えば、本人確認に成功すると、本人確認制御部202は、図10Aに示すような表示を行い、利用者にカジノ施設へ入場できることを伝える。本人確認に失敗すると、本人確認制御部202は、図10Bに示すような表示を行い、利用者にカジノ施設へ入場できないことを伝える。 For example, when the identity verification is successful, the identity verification control unit 202 displays a display as shown in FIG. 10A to inform the user that the user can enter the casino facility. If the personal identification fails, the personal identification control unit 202 displays a display as shown in FIG. 10B to inform the user that he/she cannot enter the casino facility.
 記憶部203は、受付端末10の動作に必要な情報を記憶する手段である。 The storage unit 203 is means for storing information necessary for the operation of the reception terminal 10 .
[入場端末]
 図11は、第1の実施形態に係る入場端末20の処理構成(処理モジュール)の一例を示す図である。図11を参照すると、入場端末20は、通信制御部301と、入場制御部302と、ゲート制御部303と、記憶部304と、を備える。 [Entrance terminal]
FIG. 11 is a diagram showing an example of a processing configuration (processing modules) of the entrance terminal 20 according to the first embodiment. Referring to FIG. 11 , the admission terminal 20 includes a communication control section 301 , an admission control section 302 , a gate control section 303 and a storage section 304 .
 通信制御部301は、他の装置との間の通信を制御する手段である。例えば、通信制御部301は、カジノサーバ30からデータ(パケット)を受信する。また、通信制御部301は、カジノサーバ30に向けてデータを送信する。通信制御部301は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部301は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部301を介して他の装置とデータの送受信を行う。通信制御部301は、他の装置からデータを受信する受信部としての機能と、他の装置に向けてデータを送信する送信部としての機能と、を備える。 The communication control unit 301 is means for controlling communication with other devices. For example, the communication control section 301 receives data (packets) from the casino server 30 . Also, the communication control unit 301 transmits data to the casino server 30 . The communication control unit 301 passes data received from other devices to other processing modules. The communication control unit 301 transmits data acquired from other processing modules to other devices. In this way, other processing modules transmit and receive data to and from other devices via the communication control unit 301 . The communication control unit 301 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to the other device.
 入場制御部302は、カジノ施設への入場希望者に関する入場確認を制御する手段である。入場制御部302は、人感センサ等を用いて自装置の面前(入場端末20の面前)に利用者を検出すると、当該利用者が所持するマイナンバーカードから利用者証明用電子証明書を取得する。 The admission control unit 302 is means for controlling admission confirmation for those who wish to enter the casino facility. When the entrance control unit 302 detects a user in front of its own device (in front of the entrance terminal 20) using a human sensor or the like, it acquires an electronic certificate for user verification from the My Number card possessed by the user. .
 例えば、入場制御部302は、図12に示すようなGUIを表示し、ICカードリーダにマイナンバーカードが挿入されたことを認識する。その後、入場制御部302は、マイナンバーカードから利用者証明用電子証明書の読み取りを行う。 For example, the entrance control unit 302 displays a GUI as shown in FIG. 12 and recognizes that the My Number card has been inserted into the IC card reader. After that, the admission control unit 302 reads the electronic certificate for user verification from the My Number card.
 その際、利用者証明用電子証明書に対応した暗証番号、又は、利用者(入場希望者)の生体情報が必要になるので、入場制御部302は、図13に示すようなGUIを表示し、暗証番号(4桁の数列)又は生体情報(顔画像)を取得する。 At that time, since a personal identification number corresponding to the electronic certificate for user authentication or biometric information of the user (person who wishes to enter) is required, the entrance control unit 302 displays a GUI as shown in FIG. , personal identification number (four-digit sequence) or biometric information (face image).
 なお、入場制御部302は、図13に示す「撮影ボタン」が押下されると、カメラ(図示せず)を制御して、入場希望者の顔画像を取得する。 When the "shooting button" shown in FIG. 13 is pressed, the entrance control unit 302 controls a camera (not shown) to acquire the face image of the person who wishes to enter.
 入場制御部302は、取得した暗証番号を用いてマイナンバーカードから利用者証明用電子証明書の読み出しを試みる。正しい暗証番号が入力されていれば、入場制御部302は、利用者証明用電子証明書を読み出すことができる。 The admission control unit 302 attempts to read out the electronic certificate for user verification from the My Number card using the acquired personal identification number. If the correct password is entered, the admission control unit 302 can read out the electronic certificate for user verification.
 あるいは、マイナンバーカードに記載された顔画像(顔情報)と利用者を撮影することで得られる顔画像(顔情報)が実質的に一致すると、入場制御部302は、利用者証明用電子証明書を読み出すことができる。 Alternatively, when the face image (face information) written on the My Number card and the face image (face information) obtained by photographing the user substantially match, the admission control unit 302 generates an electronic certificate for user authentication. can be read.
 入場制御部302は、読み出した利用者証明用電子証明書を含む入場確認依頼をカジノサーバ30に送信する。 The admission control unit 302 sends an admission confirmation request including the read electronic certificate for user verification to the casino server 30 .
 入場制御部302は、入場確認依頼に対する応答(肯定応答、否定応答)をカジノサーバ30から受信する。 The admission control unit 302 receives a response (positive response, negative response) to the admission confirmation request from the casino server 30 .
 入場制御部302は、入場確認結果に応じたメッセージ等を表示する。入場確認が成功の場合(肯定応答を受信した場合)には、入場制御部302は、カジノ施設に入場できることを利用者に通知する。入場確認が失敗の場合(否定応答を受信した場合)には、入場制御部302は、カジノ施設に入場できないことを利用者に通知する。 The admission control unit 302 displays a message or the like according to the admission confirmation result. If the entry confirmation is successful (if an affirmative response is received), the entry control unit 302 notifies the user that he/she can enter the casino facility. If the entry confirmation fails (if a negative response is received), the entry control unit 302 notifies the user that he/she cannot enter the casino facility.
 また、入場制御部302は、入場確認依頼に対する確認結果(入場可、入場不可)をゲート制御部303に引き渡す。 In addition, the entrance control unit 302 passes the confirmation result (entrance permitted, entrance not permitted) to the gate control unit 303 in response to the entrance confirmation request.
 ゲート制御部303は、ゲートを制御する手段である。ゲート制御部303は、入場制御部302から取得した確認結果に応じて利用者の通行を制限するゲートを制御する。 The gate control unit 303 is means for controlling the gate. The gate control unit 303 controls gates that restrict the passage of users according to the confirmation result acquired from the entrance control unit 302 .
 カジノ施設への入場不可の結果を受信した場合、ゲート制御部303は、ゲートを閉じて利用者の通行を拒否する。 Upon receiving the result that admission to the casino facility is prohibited, the gate control unit 303 closes the gate and refuses the user's passage.
 カジノ施設への入場可の結果を受信した場合、ゲート制御部303は、ゲートを開いて利用者の通行を許可する。その際、ゲート制御部303は、入場端末20に設置された人感センサ等を用いて、利用者のゲート通過を検出する。 Upon receiving the result that admission to the casino facility is permitted, the gate control unit 303 opens the gate and permits the user to pass through. At that time, the gate control unit 303 uses a human sensor or the like installed in the entrance terminal 20 to detect that the user has passed through the gate.
 ゲートを開いてから所定期間内に利用者のゲート通過を検出した場合、ゲート制御部303は、その旨をカジノサーバ30に通知する。具体的には、ゲート制御部303は、「カジノ入場通知」をカジノサーバ30に送信する。 When the gate control unit 303 detects that the user has passed through the gate within a predetermined period of time after the gate is opened, the gate control unit 303 notifies the casino server 30 to that effect. Specifically, the gate control unit 303 transmits a “casino entry notification” to the casino server 30 .
 ゲートを開いてから所定期間内に利用者のゲート通過を検出できない場合、ゲート制御部303は、ゲートを閉じる。 If the user's passage through the gate cannot be detected within a predetermined period after the gate is opened, the gate control unit 303 closes the gate.
 記憶部304は、入場端末20の動作に必要な情報を記憶する手段である。 The storage unit 304 is means for storing information necessary for the operation of the entrance terminal 20 .
[カジノサーバ]
 図14は、第1の実施形態に係るカジノサーバ30の処理構成(処理モジュール)の一例を示す図である。図14を参照すると、カジノサーバ30は、通信制御部401と、本人確認処理部402と、入場確認処理部403と、入場通知部404と、記憶部405と、を備える。 [Casino Server]
FIG. 14 is a diagram showing an example of the processing configuration (processing modules) of the casino server 30 according to the first embodiment. Referring to FIG. 14 , the casino server 30 includes a communication control section 401 , an identity verification processing section 402 , an admission verification processing section 403 , an admission notification section 404 and a storage section 405 .
 通信制御部401は、他の装置との間の通信を制御する手段である。例えば、通信制御部401は、受付端末10からデータ(パケット)を受信する。また、通信制御部401は、受付端末10に向けてデータを送信する。通信制御部401は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部401は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部401を介して他の装置とデータの送受信を行う。通信制御部401は、他の装置からデータを受信する受信部としての機能と、他の装置に向けてデータを送信する送信部としての機能と、を備える。 The communication control unit 401 is means for controlling communication with other devices. For example, the communication control unit 401 receives data (packets) from the reception terminal 10 . Also, the communication control unit 401 transmits data to the reception terminal 10 . The communication control unit 401 transfers data received from other devices to other processing modules. The communication control unit 401 transmits data acquired from other processing modules to other devices. In this manner, other processing modules transmit and receive data to and from other devices via the communication control unit 401 . The communication control unit 401 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to the other device.
 本人確認処理部402は、受付端末10から受信する本人確認依頼を処理する手段である。本人確認処理部402は、カジノ施設への入場希望者に関する本人確認を第1のPFサーバ40に要求する。具体的には、本人確認処理部402は、本人確認依頼に含まれる署名用電子証明書を取り出し、当該署名用電子証明書を含む本人確認要求を第1のPFサーバ40に送信する。 The personal identification processing unit 402 is means for processing personal identification requests received from the reception terminal 10 . The personal identification processing unit 402 requests the first PF server 40 to confirm the personal identification of the person who wishes to enter the casino facility. Specifically, the identity verification processing unit 402 extracts the signature electronic certificate included in the identity verification request, and transmits the identity verification request including the signature electronic certificate to the first PF server 40 .
 本人確認処理部402は、第1のPFサーバ40から本人確認要求に対する応答(肯定応答、否定応答)を受信する。 The personal identification processing unit 402 receives a response (positive response, negative response) to the personal identification request from the first PF server 40 .
 本人確認が失敗の場合(否定応答を受信した場合)、本人確認処理部402は、本人確認に失敗した旨を受付端末10に通知する。具体的には、本人確認処理部402は、本人確認依頼に対する否定応答を受付端末10に送信する。 If the identity verification fails (if a negative response is received), the identity verification processing unit 402 notifies the reception terminal 10 that the identity verification has failed. Specifically, the identity verification processing unit 402 transmits a negative response to the identity verification request to the reception terminal 10 .
 本人確認が成功の場合(肯定応答を受信した場合)、本人確認処理部402は、本人確認に成功した旨を受付端末10に通知する。具体的には、本人確認処理部402は、本人確認依頼に対する肯定応答を受付端末10に送信する。 If the identity verification is successful (if an affirmative response is received), the identity verification processing unit 402 notifies the reception terminal 10 that the identity verification was successful. Specifically, the identity verification processing unit 402 transmits an affirmative response to the identity verification request to the reception terminal 10 .
 ここで、第1のPFサーバ40が送信する肯定応答(署名用電子証明書の検証成功時に送信される応答)には、利用者ID及び本人特定事項が含まれる。 Here, the acknowledgment sent by the first PF server 40 (the response sent upon successful verification of the electronic certificate for signature) includes the user ID and personal identification information.
 本人確認処理部402は、当該肯定応答に含まれる利用者ID及び本人特定事項を対応付けて利用者情報データベースに記憶する(図15参照)。なお、図15に示す利用者情報データベースは例示であって、記憶する項目等を限定する趣旨ではない。例えば、本人確認依頼の処理日時が利用者情報データベースに登録されていてもよい。また、図15に示す入場希望者フィールドについては後述する。 The personal identification processing unit 402 associates the user ID and personal identification items included in the affirmative response and stores them in the user information database (see FIG. 15). Note that the user information database shown in FIG. 15 is an example, and is not meant to limit the items to be stored. For example, the processing date and time of the personal identification request may be registered in the user information database. Further, the applicant field shown in FIG. 15 will be described later.
 入場確認処理部403は、入場端末20から受信する入場確認依頼を処理する手段である。入場確認処理部403は、カジノ入場希望者の利用者証明用電子証明書を含む入場確認依頼を受信する。 The admission confirmation processing unit 403 is means for processing an admission confirmation request received from the admission terminal 20 . The admission confirmation processing unit 403 receives an admission confirmation request including an electronic certificate for user verification of a person who wishes to enter the casino.
 入場確認処理部403は、入場確認依頼の受信に応じてカジノ入場希望者の本人確認と回数確認に関する処理を並行して実行する。図16を参照しつつ、入場確認処理部403の動作を説明する。 Upon receipt of an admission confirmation request, the admission confirmation processing unit 403 concurrently executes processes related to identity verification and number of visits for those who wish to enter the casino. The operation of the entry confirmation processing unit 403 will be described with reference to FIG.
 入場確認依頼を受信すると、入場確認処理部403は、当該入場確認依頼に対応する問合せを管理(識別)するための識別情報を生成する(ステップS101)。具体的には、入場確認処理部403は、入場確認依頼の受信に応じて、問合せIDを生成する。例えば、入場確認処理部403は、入場確認依頼の受信日時等のハッシュ値を計算することで問合せID(問合せ番号)を生成する。 Upon receiving the entry confirmation request, the entry confirmation processing unit 403 generates identification information for managing (identifying) the inquiry corresponding to the entry confirmation request (step S101). Specifically, the entry confirmation processing unit 403 generates an inquiry ID upon receipt of the entry confirmation request. For example, the admission confirmation processing unit 403 generates an inquiry ID (inquiry number) by calculating a hash value of the reception date and time of the admission confirmation request.
 入場確認処理部403は、第1のPFサーバ40に対し、入場希望者の本人確認を要求する。また、入場確認処理部403は、管理サーバ50に対し、入場希望者の回数確認を要求する。 The admission confirmation processing unit 403 requests the first PF server 40 to confirm the identity of the person who wishes to enter. In addition, the admission confirmation processing unit 403 requests the management server 50 to confirm the number of times the applicant wants to enter.
 入場希望者の本人確認に関し、入場確認処理部403は、入場端末20から取得した利用者証明用電子証明書を含む本人確認要求を第1のPFサーバ40に送信する(ステップS102)。 Regarding the identity verification of the person who wishes to enter, the admission verification processing unit 403 transmits to the first PF server 40 a request for identity verification including the electronic certificate for user verification obtained from the admission terminal 20 (step S102).
 入場確認処理部403は、第1のPFサーバ40から本人確認要求に対する応答(肯定応答、否定応答)を受信する。なお、肯定応答には、入場希望者の利用者ID及び本人特定事項が含まれる。 The admission confirmation processing unit 403 receives a response (positive response, negative response) to the identity verification request from the first PF server 40 . The affirmative response includes the user ID of the person who wishes to enter and the personal identification information.
 本人確認が失敗の場合(否定応答を受信した場合)、入場確認処理部403は、入場希望者に関する本人確認が失敗したことを記憶する。具体的には、入場確認処理部403は、問合せIDと本人確認が失敗した事実を対応付けて記憶(管理)する。 If the identity verification fails (if a negative response is received), the admission confirmation processing unit 403 stores that the identity verification of the person wishing to enter has failed. Specifically, the admission confirmation processing unit 403 associates and stores (manages) the inquiry ID and the fact that the personal identification failed.
 本人確認が成功の場合(肯定応答を受信した場合)、入場確認処理部403は、入場希望者に関する本人確認が成功したことを記憶する。具体的には、入場確認処理部403は、問合せID、本人確認が成功した事実、利用者ID及び本人特定事項を対応付けて記憶(管理)する。 If the identity confirmation is successful (if an affirmative response is received), the admission confirmation processing unit 403 stores that the identity confirmation of the person wishing to enter has been successful. Specifically, the admission confirmation processing unit 403 associates and stores (manages) the inquiry ID, the fact that the identity confirmation was successful, the user ID, and the identity identification item.
 このように、入場確認処理部403は、問合せIDと対応付けて本人確認の結果を記憶する(ステップS103)。 In this way, the admission confirmation processing unit 403 stores the result of personal identification in association with the inquiry ID (step S103).
 入場希望者の回数確認に関し、入場確認処理部403は、問合せIDと入場端末20から取得した利用者証明用電子証明書を含む回数確認要求を管理サーバ50に送信する(ステップS104)。 Regarding the confirmation of the number of visits by the applicant, the admission confirmation processing unit 403 sends a request for confirmation of the number of visits including the inquiry ID and the electronic certificate for user certification obtained from the admission terminal 20 to the management server 50 (step S104).
 入場確認処理部403は、管理サーバ50から回数確認要求に対する応答(肯定応答、否定応答)を受信する。管理サーバ50から受信する応答(肯定応答、否定応答)には問合せIDが含まれる。さらに、肯定応答には、入場希望者の入場者IDが含まれる。 The admission confirmation processing unit 403 receives a response (positive response, negative response) to the number of times confirmation request from the management server 50 . A response (positive response, negative response) received from the management server 50 includes an inquiry ID. In addition, the acknowledgment includes the visitor ID of the applicant.
 利用者がカジノ施設を利用できない場合(否定応答を受信した場合)、入場確認処理部403は、入場希望者に関する回数確認が失敗したことを記憶する。具体的には、入場確認処理部403は、問合せIDと回数確認が失敗した事実を対応付けて記憶(管理)する。 If the user cannot use the casino facility (if a negative response is received), the admission confirmation processing unit 403 stores that the confirmation of the number of times for the applicant has failed. Specifically, the admission confirmation processing unit 403 associates and stores (manages) the inquiry ID and the fact that the confirmation of the number of times has failed.
 利用者がカジノ施設を利用できる場合(肯定応答を受信した場合)、入場確認処理部403は、入場希望者に関する回数確認が成功したことを記憶する。具体的には、入場確認処理部403は、問合せID、入場者ID及び回数確認が成功した事実を対応付けて記憶(管理)する。 If the user can use the casino facility (if an affirmative response is received), the admission confirmation processing unit 403 stores that the number of confirmations regarding the applicant for admission has been successful. Specifically, the admission confirmation processing unit 403 associates and stores (manages) the inquiry ID, the visitor ID, and the fact that the confirmation of the number of times has been successful.
 このように、入場確認処理部403は、問合せIDと対応付けて回数確認の結果を記憶する(ステップS105)。 In this way, the entry confirmation processing unit 403 stores the result of the number of times confirmation in association with the inquiry ID (step S105).
 入場確認処理部403は、入場希望者の本人確認と回数確認の結果が揃うと、当該入場希望者がカジノ施設に入場可能か否かを判定する(入場可否判定;ステップS106)。 When the results of the identity verification and the number of times confirmation of the applicant are obtained, the admission confirmation processing unit 403 determines whether or not the applicant can enter the casino facility (determination of whether or not admission is possible; step S106).
 入場確認処理部403は、本人確認に成功し、且つ、カジノ施設が利用可の場合に、カジノ施設への入場希望者はカジノ施設に入場できると判定する。 The admission confirmation processing unit 403 determines that the person who wishes to enter the casino facility can enter the casino facility when the identity verification is successful and the casino facility is available.
 入場確認処理部403は、本人確認に失敗、又は、カジノ施設が利用不可の場合に、当該利用者はカジノ施設に入場できないと判定する。 The admission confirmation processing unit 403 determines that the user cannot enter the casino facility if the user's identity verification fails or the casino facility cannot be used.
 入場確認処理部403は、入場確認依頼に対する応答(確認結果)を入場端末20に送信する(ステップS107)。 The admission confirmation processing unit 403 transmits a response (confirmation result) to the admission confirmation request to the admission terminal 20 (step S107).
 具体的には、入場希望者がカジノ施設に入場可と判定された場合には、入場確認処理部403は、その旨を示す肯定応答を入場端末20に送信する。 Specifically, when it is determined that the person who wishes to enter is permitted to enter the casino facility, the admission confirmation processing unit 403 transmits a positive response to that effect to the admission terminal 20 .
 その際、入場確認処理部403は、問合せIDと対応付けられて記憶されている利用者IDをキーとして利用者情報データベースを検索し、対応するエントリを特定する。入場確認処理部403は、特定したエントリの入場希望者フィールドにフラグをセットする(例えば、図15の1行目参照)。 At that time, the admission confirmation processing unit 403 searches the user information database using the user ID stored in association with the inquiry ID as a key to identify the corresponding entry. The admission confirmation processing unit 403 sets a flag in the applicant field of the specified entry (see, for example, the first line in FIG. 15).
 入場希望者がカジノ施設に入場不可と判定された場合には、入場確認処理部403は、その旨を示す否定応答を入場端末20に送信する。 If it is determined that the person who wishes to enter is not allowed to enter the casino facility, the admission confirmation processing unit 403 transmits a negative response to that effect to the admission terminal 20.
 入場通知部404は、利用者(カジノ施設への入場希望者)がカジノ施設に入場した事実を管理サーバ50に通知する手段である。入場通知部404は、入場端末20が送信する「カジノ入場通知」を処理する。 The entry notification unit 404 is means for notifying the management server 50 of the fact that a user (a person who wishes to enter the casino facility) has entered the casino facility. The admission notification unit 404 processes the “casino admission notice” transmitted by the admission terminal 20 .
 入場端末20からカジノ入場通知を受信すると、入場通知部404は、利用者情報データベースに含まれる各エントリのうち入場希望者フィールドにフラグがセットされているエントリを特定する。入場通知部404は、利用者のゲート通過日時、特定されたエントリの本人特定事項及び入場者IDを含む「利用者入場通知」を管理サーバ50に送信する。 Upon receiving a casino admission notice from the admission terminal 20, the admission notification unit 404 identifies entries with a flag set in the applicant field among the entries contained in the user information database. The admission notification unit 404 transmits to the management server 50 a “user admission notice” including the date and time when the user passed through the gate, the identification items of the specified entry, and the visitor ID.
 図15に示す例では、氏名として「NM01」、性別として「女」を含む利用者入場通知が管理サーバ50に送信される。なお、利用者のゲート通過日時は、カジノ入場通知を受信した日時とすることができる。また、入場者IDは問合せIDと対応付けて記憶されているIDである。 In the example shown in FIG. 15, a user entry notification containing "NM01" as the name and "female" as the gender is sent to the management server 50. The date and time when the user passes through the gate can be the date and time when the notification of admission to the casino is received. The visitor ID is an ID stored in association with the inquiry ID.
 入場通知部404は、利用者入場通知を送信した後、入場希望者フィールドにセットされたフラグをクリアする。また、入場通知部404は、入場希望者フィールドにフラグがセットされてから所定期間経過した場合、当該フラグをクリアする。 After transmitting the user admission notice, the admission notification unit 404 clears the flag set in the field of applicants for admission. In addition, the entry notification unit 404 clears the flag when a predetermined period of time has elapsed since the flag was set in the field of applicants for admission.
 記憶部405は、カジノサーバ30の動作に必要な情報を記憶する手段である。 The storage unit 405 is means for storing information necessary for the operation of the casino server 30.
[第1のPFサーバ]
 第1のPFサーバ40は、カジノサーバ30から送信される本人確認要求を処理するサーバである。第1のPFサーバ40は、最初の本人確認及び2回目以降の本人確認に起因する電子証明書(署名用電子証明書、利用者証明用電子証明書)の検証を認証局サーバ70に要求する。さらに、第1のPFサーバ40は、本人確認の対象となる利用者のID(利用者ID)に関する制御を行う。 [First PF server]
The first PF server 40 is a server that processes personal identification requests sent from the casino server 30 . The first PF server 40 requests the certificate authority server 70 to verify the electronic certificate (signature electronic certificate, user proof electronic certificate) resulting from the first personal identification and the second and subsequent personal identification. . Furthermore, the first PF server 40 controls the ID of the user to be verified (user ID).
 図17は、第1の実施形態に係る第1のPFサーバ40の処理構成(処理モジュール)の一例を示す図である。図17を参照すると、第1のPFサーバ40は、通信制御部501と、検証制御部502と、記憶部503と、を備える。 FIG. 17 is a diagram showing an example of the processing configuration (processing modules) of the first PF server 40 according to the first embodiment. Referring to FIG. 17, the first PF server 40 includes a communication control unit 501, a verification control unit 502, and a storage unit 503.
 通信制御部501は、他の装置との間の通信を制御する手段である。例えば、通信制御部501は、カジノサーバ30からデータ(パケット)を受信する。また、通信制御部501は、カジノサーバ30に向けてデータを送信する。通信制御部501は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部501は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部501を介して他の装置とデータの送受信を行う。通信制御部501は、他の装置からデータを受信する受信部としての機能と、他の装置に向けてデータを送信する送信部としての機能と、を備える。 The communication control unit 501 is means for controlling communication with other devices. For example, the communication control section 501 receives data (packets) from the casino server 30 . Also, the communication control unit 501 transmits data to the casino server 30 . The communication control unit 501 passes data received from other devices to other processing modules. The communication control unit 501 transmits data acquired from other processing modules to other devices. In this manner, other processing modules transmit and receive data to and from other devices via the communication control unit 501 . The communication control unit 501 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to the other device.
 検証制御部502は、電子証明書の有効性検証に関する制御を行う手段である。検証制御部502は、カジノサーバ30から受信する本人確認要求を処理する。 The verification control unit 502 is means for controlling the validity verification of electronic certificates. The verification control unit 502 processes an identity verification request received from the casino server 30 .
 初回の本人確認に関する本人確認要求には署名用電子証明書が含まれている。検証制御部502は、当該署名用電子証明書から発行番号を抽出し、当該抽出した発行番号を含む検証要求を認証局サーバ70に送信する。 An electronic certificate for signature is included in the identity verification request for the first identity verification. The verification control unit 502 extracts the issue number from the signature electronic certificate and transmits a verification request including the extracted issue number to the certificate authority server 70 .
 検証制御部502は、認証局サーバ70から検証要求に対する応答(肯定応答、否定応答)を受信する。 The verification control unit 502 receives a response (positive response, negative response) to the verification request from the certificate authority server 70 .
 否定応答(署名用電子証明書は無効)を受信した場合、検証制御部502は、カジノサーバ30に対して本人確認に失敗した旨を通知する。検証制御部502は、その旨を示す否定応答をカジノサーバ30に送信する。 When receiving a negative response (the electronic certificate for signature is invalid), the verification control unit 502 notifies the casino server 30 that the identity verification has failed. Verification control unit 502 transmits a negative response to that effect to casino server 30 .
 肯定応答(署名用電子証明書は有効)を受信した場合、検証制御部502は、対応する利用者のアカウントを生成する。 When a positive response (signature electronic certificate is valid) is received, the verification control unit 502 creates a corresponding user account.
 具体的には、検証制御部502は、処理の対象となっている入場希望者の利用者IDを生成する。また、検証制御部502は、認証局サーバ70から受信した肯定応答から利用者証明用電子証明書の発行番号を取り出す。さらに、検証制御部502は、有効と判定された署名用電子証明書から本人特定事項を取得する。 Specifically, the verification control unit 502 generates the user ID of the person who wishes to enter as a processing target. Also, the verification control unit 502 extracts the issue number of the user-certifying electronic certificate from the affirmative response received from the certificate authority server 70 . Further, the verification control unit 502 acquires the personal identification data from the signature electronic certificate determined to be valid.
 検証制御部502は、生成した利用者IDと、本人特定事項、署名用電子証明書の発行番号、利用者証明用電子証明書の発行番号を利用者管理データベースに記憶する(図18参照)。なお、図18に示す利用者管理データベースは例示であって、記憶する項目等を限定する趣旨ではない。 The verification control unit 502 stores the generated user ID, personal identification information, signature electronic certificate issue number, and user certification electronic certificate issue number in the user management database (see FIG. 18). Note that the user management database shown in FIG. 18 is an example, and is not meant to limit the items to be stored.
 処理対象者のアカウントを生成すると、検証制御部502は、本人確認に成功した旨をカジノサーバ30に通知する。その際、検証制御部502は、上記生成した利用者IDと対応する本人特定情報を併せてカジノサーバ30に通知する。具体的には、検証制御部502は、利用者ID及び本人特定事項を含む肯定応答をカジノサーバ30に送信する。 After creating the account of the person to be processed, the verification control unit 502 notifies the casino server 30 that the identity verification has been successful. At that time, the verification control unit 502 notifies the casino server 30 of the generated user ID and the corresponding personal identification information together. Specifically, the verification control unit 502 transmits to the casino server 30 an acknowledgment including the user ID and personal identification information.
 利用者がカジノ施設に入場する際の本人確認に関する本人確認要求(2回目以降の本人確認時の本人確認要求)には利用者証明用電子証明書が含まれている。検証制御部502は、当該利用者証明用電子証明書から発行番号を抽出する。 An electronic certificate for user verification is included in the identity verification request for identity verification when the user enters the casino facility (identity verification request for identity verification from the second time onwards). The verification control unit 502 extracts the issue number from the electronic certificate for user certification.
 検証制御部502は、入場端末20で行われる2回目以降の本人確認に起因する本人確認要求に含まれる利用者証明用電子証明書から抽出された発行番号をキーとして利用者管理データベースを検索し、対応するエントリの特定を試みる。 The verification control unit 502 searches the user management database using, as a key, the issue number extracted from the user-certifying electronic certificate included in the identity verification request resulting from the second and subsequent identity verifications performed at the entrance terminal 20. , attempts to identify the corresponding entry.
 該当するエントリ(発行番号)が利用者管理データベースに存在しなければ、検証制御部502は、入場希望者は「初回の本人確認(署名用電子証明書の有効性検証)」が完了していないと判断し、当該利用者に関する本人確認を失敗に設定する。 If the corresponding entry (issuance number) does not exist in the user management database, the verification control unit 502 determines that the applicant has not completed the "initial identity verification (verification of validity of electronic certificate for signature)". and sets the identity verification of the user to failure.
 該当するエントリ(発行番号)が利用者管理データベースに存在すれば、検証制御部502は、特定されたエントリに記憶された利用者証明用電子証明書の発行番号及び署名用電子証明書の発行番号を含む検証要求を認証局サーバ70に送信する。 If the corresponding entry (issue number) exists in the user management database, the verification control unit 502 retrieves the issue number of the electronic certificate for user certification and the issue number of the electronic certificate for signature stored in the specified entry. to the certificate authority server 70.
 検証制御部502は、認証局サーバ70から検証要求に対する応答(肯定応答、否定応答)を受信する。 The verification control unit 502 receives a response (positive response, negative response) to the verification request from the certificate authority server 70 .
 否定応答(署名用電子証明書及び利用者証明用電子証明書の少なくとも1つが無効)を受信した場合、検証制御部502は、利用者の本人確認を失敗に設定する。 When receiving a negative response (at least one of the electronic certificate for signature and the electronic certificate for user verification is invalid), the verification control unit 502 sets the identity verification of the user to failure.
 肯定応答(署名用電子証明書及び利用者証明用電子証明書が有効)を受信した場合、検証制御部502は、利用者の本人確認を成功に設定する。 When a positive response (signature electronic certificate and user proof electronic certificate are valid) is received, the verification control unit 502 sets the user identity verification to success.
 検証制御部502は、本人確認の結果(本人確認成功、本人確認失敗)をカジノサーバ30に通知する。 The verification control unit 502 notifies the casino server 30 of the result of identity verification (success in identity verification, failure in identity verification).
 本人確認が成功の場合には、検証制御部502は、その旨を示す肯定応答をカジノサーバ30に送信する。その際、検証制御部502は、利用者(本人確認対象者)に関する利用者IDと本人特定事項を含む肯定応答をカジノサーバ30に送信する。 If the personal identification is successful, the verification control unit 502 sends an affirmative response to that effect to the casino server 30. At that time, the verification control unit 502 transmits to the casino server 30 an affirmative response including the user ID of the user (person subject to identity verification) and the identity identification items.
 本人確認が失敗の場合には、検証制御部502は、その旨を示す否定応答をカジノサーバ30に送信する。 If the identity verification fails, the verification control unit 502 sends a negative response to that effect to the casino server 30.
 記憶部503は、第1のPFサーバ40の動作に必要な情報を記憶する手段である。 The storage unit 503 is means for storing information necessary for the operation of the first PF server 40 .
[管理サーバ]
 図19は、第1の実施形態に係る管理サーバ50の処理構成(処理モジュール)の一例を示す図である。図19を参照すると、管理サーバ50は、通信制御部601と、回数確認処理部602と、入退制御部603と、記憶部604と、を備える。 [Management Server]
FIG. 19 is a diagram showing an example of the processing configuration (processing modules) of the management server 50 according to the first embodiment. Referring to FIG. 19 , the management server 50 includes a communication control unit 601 , a count confirmation processing unit 602 , an entrance/exit control unit 603 and a storage unit 604 .
 通信制御部601は、他の装置との間の通信を制御する手段である。例えば、通信制御部601は、カジノサーバ30からデータ(パケット)を受信する。また、通信制御部601は、カジノサーバ30に向けてデータを送信する。通信制御部601は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部601は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部601を介して他の装置とデータの送受信を行う。通信制御部601は、他の装置からデータを受信する受信部としての機能と、他の装置に向けてデータを送信する送信部としての機能と、を備える。 The communication control unit 601 is means for controlling communication with other devices. For example, the communication control section 601 receives data (packets) from the casino server 30 . Also, the communication control unit 601 transmits data to the casino server 30 . The communication control unit 601 passes data received from another device to another processing module. The communication control unit 601 transmits data acquired from other processing modules to other devices. In this way, other processing modules transmit and receive data to and from other devices via the communication control unit 601 . The communication control unit 601 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to another device.
 回数確認処理部602は、カジノサーバ30から受信する回数確認要求を処理する手段である。回数確認処理部602は、入場者(カジノ施設への入場希望者)に関する特定を第2のPFサーバ60に要求する。 The number-of-times confirmation processing unit 602 is means for processing a number-of-times confirmation request received from the casino server 30 . The number-of-times confirmation processing unit 602 requests the second PF server 60 to identify a visitor (a person who wishes to enter the casino facility).
 回数確認要求には、問合せIDと利用者証明用電子証明書が含まれる。回数確認処理部602は、当該利用者証明用電子証明書を含む入場者特定要求を第2のPFサーバ60に送信する。 The number confirmation request includes an inquiry ID and an electronic certificate for user verification. The number-of-times confirmation processing unit 602 transmits to the second PF server 60 a visitor identification request including the electronic certificate for user certification.
 回数確認処理部602は、第2のPFサーバ60から入場者特定要求に対する応答(肯定応答、否定応答)を受信する。 The number-of-times confirmation processing unit 602 receives a response (positive response, negative response) to the visitor identification request from the second PF server 60 .
 入場者が特定されない場合(否定応答を受信した場合)、回数確認処理部602は、回数確認に失敗した旨をカジノサーバ30に通知する。具体的には、回数確認処理部602は、回数確認要求に対する否定応答(カジノ施設利用不可)をカジノサーバ30に送信する。その際、回数確認処理部602は、カジノサーバ30から取得した問合せIDを含む否定応答をカジノサーバ30に送信する。 If the visitor is not specified (if a negative response is received), the number-of-times confirmation processing unit 602 notifies the casino server 30 that the number-of-times confirmation has failed. Specifically, the number-of-times confirmation processing unit 602 transmits a negative response to the number-of-times confirmation request (casino facility unavailable) to the casino server 30 . At that time, the number-of-times confirmation processing unit 602 transmits a negative response including the inquiry ID acquired from the casino server 30 to the casino server 30 .
 入場者が特定された場合(肯定応答を受信した場合)、回数確認処理部602は、入場希望者に関する回数確認を行う。第2のPFサーバ60が送信する肯定応答には、入場希望者の入場者IDが含まれる。回数確認処理部602は、当該入場者IDを使って当該回数確認を行う。 When the visitor is identified (when an affirmative response is received), the number-of-times confirmation processing unit 602 confirms the number of times for the person who wishes to enter. The acknowledgment sent by the second PF server 60 includes the visitor ID of the person who wishes to enter. The number-of-times confirmation processing unit 602 performs the number-of-times confirmation using the visitor ID.
 回数確認は、入場者情報データベースを用いて行われる。図20は、第1の実施形態に係る入場者情報データベースの一例を示す図である。図20に示すように、入場者情報データベースは、入場者ID、本人特定事項及びカジノ利用履歴(入場履歴、退場履歴)を対応付けて記憶する。 The number of visits is confirmed using the visitor information database. FIG. 20 is a diagram showing an example of a visitor information database according to the first embodiment. As shown in FIG. 20, the visitor information database stores visitor IDs, personal identification items, and casino usage histories (entrance histories, exit histories) in association with each other.
 回数確認処理部602は、第2のPFサーバ60から取得した入場者IDをキーとして入場者情報データベースを検索し、対応するエントリの有無を調べる。 The number-of-times confirmation processing unit 602 searches the visitor information database using the visitor ID obtained from the second PF server 60 as a key to check whether there is a corresponding entry.
 対応するエントリ(入場者ID)が入場者情報データベースに存在しなければ、回数確認処理部602は、新たなエントリを作成し、上記受信した入場者IDを入場者情報データベースに登録する。 If the corresponding entry (visitor ID) does not exist in the visitor information database, the number of times confirmation processing unit 602 creates a new entry and registers the received visitor ID in the visitor information database.
 また、対応する入場者IDが存在しなければ、回数確認処理部602は、入場希望者はカジノ施設を初めて利用すると判断し、当該入場希望者の回数確認の結果に「カジノ施設利用可」を設定する。 Also, if the corresponding visitor ID does not exist, the frequency confirmation processing unit 602 determines that the applicant is using the casino facility for the first time, and adds "Casino facility available" as a result of the frequency confirmation of the applicant. set.
 対応するエントリ(入場者ID)が存在すれば、回数確認処理部602は、対応する入場希望者のカジノ利用履歴を用いて回数確認を行う。具体的には、回数確認処理部602は、入場希望者のカジノ利用履歴が上記短期の回数制限(連続する7日間における入場回数は3回まで)や、長期の回数制限(連続する28日間での入場回数は10回まで)に抵触するか否か判定する。 If there is a corresponding entry (entrance ID), the number of times confirmation processing unit 602 uses the casino usage history of the corresponding person who wishes to enter to confirm the number of times. Specifically, the number-of-times confirmation processing unit 602 determines whether the casino usage history of the person wishing to enter the site is the short-term number of times limit (the number of times of admission is limited to three times in seven consecutive days) or the long-term number of times limit (in 28 consecutive days). up to 10 times).
 回数確認処理部602は、入場希望者のカジノ施設利用履歴は回数制限に抵触すると判定した場合には、回数確認の結果に「カジノ施設利用不可」を設定する。 When the frequency confirmation processing unit 602 determines that the casino facility usage history of the person who wishes to enter conflicts with the frequency limit, it sets "casino facility use not allowed" as the result of frequency confirmation.
 回数確認処理部602は、入場希望者のカジノ施設利用履歴は回数制限に抵触しないと判定した場合には、回数確認の結果に「カジノ施設利用可」を設定する。 When the number-of-times confirmation processing unit 602 determines that the casino facility usage history of the person who wishes to enter does not conflict with the number-of-times limit, it sets the result of number-of-times confirmation to "Casino facility use permitted".
 回数確認処理部602は、回数確認の結果をカジノサーバ30に通知する。 The number-of-times confirmation processing unit 602 notifies the casino server 30 of the number-of-times confirmation result.
 回数確認の結果が「カジノ施設利用不可」であれば、回数確認処理部602は、その旨を示す否定応答をカジノサーバ30に送信する。その際、回数確認処理部602は、カジノサーバ30から取得した問合せIDを含む否定応答をカジノサーバ30に送信する。 If the result of the number of times confirmation is "cannot use the casino facility", the number of times confirmation processing unit 602 sends a negative response to that effect to the casino server 30. At that time, the number-of-times confirmation processing unit 602 transmits a negative response including the inquiry ID acquired from the casino server 30 to the casino server 30 .
 回数確認の結果が「カジノ施設利用可」であれば、回数確認処理部602は、その旨を示す肯定応答をカジノサーバ30に送信する。その際、回数確認処理部602は、カジノサーバ30から取得した問合せID及び入場希望者の入場者IDを含む肯定応答をカジノサーバ30に送信する。 If the result of the number of times confirmation is that "casino facility can be used", the number of times confirmation processing unit 602 transmits an affirmative response to that effect to the casino server 30. At that time, the number-of-times confirmation processing unit 602 transmits to the casino server 30 an affirmative response including the inquiry ID obtained from the casino server 30 and the visitor ID of the person who wishes to enter.
 入退制御部603は、カジノ施設利用者の入退場を制御する手段である。 The entrance/exit control unit 603 is means for controlling the entrance/exit of users of the casino facility.
 カジノサーバ30から「利用者入場通知」を受信すると、入退制御部603は、当該通知に含まれる入場者IDをキーとして入場者情報データベースを検索し、対応するエントリを特定する。入退制御部603は、利用者入場通知に含まれる本人特定事項及びゲート通過日時を用いて、特定したエントリの本人特定事項フィールド及び入場履歴フィールドを更新する。 Upon receiving a "user admission notice" from the casino server 30, the entrance/exit control unit 603 searches the visitor information database using the visitor ID included in the notice as a key to identify the corresponding entry. The entrance/exit control unit 603 updates the personal identification information field and the entrance history field of the specified entry using the personal identification information and the gate passage date and time included in the user entrance notification.
 入場者情報データベースの本人特定事項フィールドに情報が既に設定されている場合には、入退制御部603は、当該フィールドを更新してもよいし更新しなくてもよい。 If information has already been set in the person identification field of the visitor information database, the entrance/exit control unit 603 may or may not update the field.
 なお、入退制御部603は、カジノ利用者がカジノ施設から退場する際の制御も行う。カジノ施設からの退場に関する制御は本願開示の趣旨とは異なるので詳細な説明を省略する。入退制御部603は、カジノ施設の出口に設置された出口端末(図3等に図示せず)等から入場者IDと退場履歴を受け取り、当該退場履歴を入場者情報データベースに反映すればよい。 The entrance/exit control unit 603 also controls when the casino user exits the casino facility. The detailed description of the control for exiting from the casino facility is omitted because it is different from the gist of the disclosure of the present application. The entrance/exit control unit 603 receives the visitor ID and exit history from an exit terminal (not shown in FIG. 3, etc.) installed at the exit of the casino facility, and reflects the exit history in the visitor information database. .
 記憶部604は、管理サーバ50の動作に必要な情報を記憶する手段である。 The storage unit 604 is means for storing information necessary for the operation of the management server 50.
[第2のPFサーバ]
 第2のPFサーバ60は、管理サーバ50から送信される入場者特定要求を処理するサーバである。第2のPFサーバ60は、利用者の回数確認に起因する利用者証明用電子証明書の検証を認証局サーバ70に要求する。さらに、第2のPFサーバ60は、回数確認の対象となる利用者のID(入場者ID)に関する制御を行う。 [Second PF server]
The second PF server 60 is a server that processes visitor identification requests sent from the management server 50 . The second PF server 60 requests the certificate authority server 70 to verify the electronic certificate for user certification resulting from the user's confirmation of the number of times. Furthermore, the second PF server 60 controls the user ID (visitor ID) to be checked for the number of visits.
 図21は、第1の実施形態に係る第2のPFサーバ60の処理構成(処理モジュール)の一例を示す図である。図21を参照すると、第2のPFサーバ60は、通信制御部701と、検証制御部702と、記憶部703と、を備える。 FIG. 21 is a diagram showing an example of the processing configuration (processing modules) of the second PF server 60 according to the first embodiment. Referring to FIG. 21, the second PF server 60 includes a communication control section 701, a verification control section 702, and a storage section 703.
 通信制御部701は、他の装置との間の通信を制御する手段である。例えば、通信制御部701は、管理サーバ50からデータ(パケット)を受信する。また、通信制御部701は、管理サーバ50に向けてデータを送信する。通信制御部701は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部701は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部701を介して他の装置とデータの送受信を行う。通信制御部701は、他の装置からデータを受信する受信部としての機能と、他の装置に向けてデータを送信する送信部としての機能と、を備える。 The communication control unit 701 is means for controlling communication with other devices. For example, the communication control unit 701 receives data (packets) from the management server 50 . Also, the communication control unit 701 transmits data to the management server 50 . The communication control unit 701 transfers data received from other devices to other processing modules. The communication control unit 701 transmits data acquired from other processing modules to other devices. In this manner, other processing modules transmit and receive data to and from other devices via the communication control unit 701 . The communication control unit 701 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to another device.
 検証制御部702は、電子証明書の有効性検証に関する制御を行う手段である。検証制御部702は、管理サーバ50から受信する入場者特定要求を処理する。 The verification control unit 702 is means for controlling the validity verification of electronic certificates. The verification control unit 702 processes visitor identification requests received from the management server 50 .
 管理サーバ50から送信された入場者特定要求には利用者証明用電子証明書が含まれている。検証制御部702は、当該利用者証明用電子証明書から発行番号を抽出し、当該抽出した発行番号を含む検証要求を認証局サーバ70に送信する。 The visitor identification request sent from the management server 50 includes an electronic certificate for user verification. The verification control unit 702 extracts the issue number from the user-certifying electronic certificate, and transmits a verification request including the extracted issue number to the certificate authority server 70 .
 検証制御部702は、認証局サーバ70から検証要求に対する応答(肯定応答、否定応答)を受信する。 The verification control unit 702 receives a response (positive response, negative response) to the verification request from the certificate authority server 70 .
 否定応答(利用者証明用電子証明書は無効)を受信した場合、検証制御部702は、管理サーバ50に対して入場希望者を特定できない旨を通知する。具体的には、検証制御部702は、その旨を示す否定応答を管理サーバ50に送信する。 When receiving a negative response (the electronic certificate for user verification is invalid), the verification control unit 702 notifies the management server 50 that the applicant cannot be identified. Specifically, the verification control unit 702 transmits a negative response to that effect to the management server 50 .
 肯定応答(利用者証明用電子証明書は有効)を受信した場合、検証制御部702は、入場希望者のアカウントを生成する。肯定応答を受信すると、検証制御部702は、有効と判定された利用者証明用電子証明書の発行番号をキーとして、入場者管理データベースを検索する。 Upon receiving a positive response (the electronic certificate for user verification is valid), the verification control unit 702 creates an account for the person who wishes to enter. Upon receiving the affirmative response, the verification control unit 702 searches the visitor management database using the issue number of the electronic certificate for user verification that has been determined to be valid as a key.
 入場者管理データベースは、入場者IDと利用者証明用電子証明書の発行番号を対応付けて記憶するデータベースである(図22参照)。なお、図22に示す入場者管理データベースは例示であって、記憶する項目等を限定する趣旨ではない。 The visitor management database is a database that associates and stores the visitor ID and the issue number of the user's electronic certificate (see Fig. 22). Note that the visitor management database shown in FIG. 22 is an example, and is not meant to limit the items to be stored.
 利用者証明用電子証明書の発行番号に対応するエントリが存在すれば、検証制御部702は、特段の動作をしない。 If there is an entry corresponding to the issue number of the electronic certificate for user certification, the verification control unit 702 does not perform any particular operation.
 利用者証明用電子証明書の発行番号に対応するエントリが存在しなければ、検証制御部702は、入場希望者の入場者IDを生成する。さらに、検証制御部702は、生成した入場者IDと利用者証明用電子証明書の発行番号を入場者管理データベースに記憶する。 If there is no entry corresponding to the issue number of the electronic certificate for user certification, the verification control unit 702 generates the visitor ID of the person who wishes to enter. Further, the verification control unit 702 stores the generated visitor ID and the issue number of the electronic certificate for user certification in the visitor management database.
 さらに、肯定応答を受信した場合、検証制御部702は、入場希望者が特定された旨を管理サーバ50に通知する。具体的には、検証制御部702は、その旨を示す肯定応答を管理サーバ50に送信する。その際、検証制御部702は、入場希望者の入場者IDを含む肯定応答を管理サーバ50に送信する。 Furthermore, when a positive response is received, the verification control unit 702 notifies the management server 50 that the applicant has been identified. Specifically, the verification control unit 702 transmits an affirmative response to that effect to the management server 50 . At that time, the verification control unit 702 transmits an affirmative response including the visitor ID of the person who wishes to enter to the management server 50 .
 記憶部703は、第2のPFサーバ60の動作に必要な情報を記憶する手段である。 The storage unit 703 is means for storing information necessary for the operation of the second PF server 60 .
[認証局サーバ]
 図23は、第1の実施形態に係る認証局サーバ70の処理構成(処理モジュール)の一例を示す図である。図23を参照すると、認証局サーバ70は、通信制御部801と、検証部802と、記憶部803と、を備える。 [Certificate authority server]
FIG. 23 is a diagram showing an example of a processing configuration (processing modules) of the certificate authority server 70 according to the first embodiment. Referring to FIG. 23 , the certificate authority server 70 includes a communication control section 801 , a verification section 802 and a storage section 803 .
 通信制御部801は、他の装置との間の通信を制御する手段である。例えば、通信制御部801は、第1のPFサーバ40からデータ(パケット)を受信する。また、通信制御部801は、第1のPFサーバ40に向けてデータを送信する。通信制御部801は、他の装置から受信したデータを他の処理モジュールに引き渡す。通信制御部801は、他の処理モジュールから取得したデータを他の装置に向けて送信する。このように、他の処理モジュールは、通信制御部801を介して他の装置とデータの送受信を行う。通信制御部801は、他の装置からデータを受信する受信部としての機能と、他の装置に向けてデータを送信する送信部としての機能と、を備える。 The communication control unit 801 is means for controlling communication with other devices. For example, the communication control unit 801 receives data (packets) from the first PF server 40 . Also, the communication control unit 801 transmits data to the first PF server 40 . The communication control unit 801 passes data received from other devices to other processing modules. The communication control unit 801 transmits data acquired from other processing modules to other devices. In this way, other processing modules transmit and receive data to and from other devices via the communication control unit 801 . The communication control unit 801 has a function as a receiving unit that receives data from another device and a function as a transmitting unit that transmits data to the other device.
 検証部802は、電子証明書の有効性検証を行う手段である。検証部802は、第1のPFサーバ40、第2のPFサーバ60から受信する検証要求を処理する。 The verification unit 802 is means for verifying the validity of electronic certificates. The verification unit 802 processes verification requests received from the first PF server 40 and the second PF server 60 .
 検証部802は、署名用電子証明書の発行番号、利用者証明用電子証明書の発行番号、各証明書の有効期間等を記憶するデータベースを参照し、署名用電子証明書、利用者証明用電子証明書の有効性検証を行う。 The verification unit 802 refers to a database that stores the issue number of the electronic certificate for signature, the issue number of the electronic certificate for user authentication, the validity period of each certificate, etc. Validate the electronic certificate.
 第1のPFサーバ40から検証要求を受信した場合であって、当該検証要求に署名用電子証明書の発行番号が含まれる場合、検証部802は、当該発行番号を用いて署名用電子証明書の有効性検証を行う。 When the verification request is received from the first PF server 40 and the verification request includes the issue number of the signature electronic certificate, the verification unit 802 uses the issue number to issue the signature electronic certificate. Validate the effectiveness of
 検証部802は、検証結果を第1のPFサーバ40に通知する。署名用電子証明書が有効な場合、検証部802は、その旨を示す肯定応答を第1のPFサーバ40に送信する。その際、検証部802は、署名用電子証明書の発行番号と対応付けて記憶されている利用者証明用電子証明書の発行番号を含む肯定応答を第1のPFサーバ40に送信する。 The verification unit 802 notifies the first PF server 40 of the verification result. If the signature electronic certificate is valid, the verification unit 802 sends an affirmative response to that effect to the first PF server 40 . At that time, the verification unit 802 transmits to the first PF server 40 an affirmative response including the issue number of the electronic certificate for user certification stored in association with the issue number of the electronic certificate for signature.
 署名用電子証明書が無効な場合、検証部802は、その旨を示す否定応答を第1のPFサーバ40に送信する。 If the signature electronic certificate is invalid, the verification unit 802 sends a negative response to that effect to the first PF server 40 .
 第1のPFサーバ40から検証要求を受信した場合であって、当該検証要求に署名用電子証明書の発行番号と利用者証明用電子証明書の発行番号が含まれる場合、検証部802は、これらの発行番号を用いて2つの電子証明書の有効性検証を行う。 When a verification request is received from the first PF server 40 and the verification request includes the issue number of the electronic certificate for signature and the issue number of the electronic certificate for user certification, the verification unit 802 These issue numbers are used to verify the validity of the two electronic certificates.
 2つの電子証明書(署名用電子証明書、利用者証明用電子証明書)が共に有効な場合、検証部802は、2つの電子証明書は有効である旨を第1のPFサーバ40に通知する。具体的には、検証部802は、2つの電子証明書は有効である旨を示す肯定応答を第1のPFサーバ40に送信する。 If the two electronic certificates (signature electronic certificate and user proof electronic certificate) are both valid, the verification unit 802 notifies the first PF server 40 that the two electronic certificates are valid. do. Specifically, the verification unit 802 transmits to the first PF server 40 an affirmative response indicating that the two electronic certificates are valid.
 2つの電子証明書(署名用電子証明書、利用者証明用電子証明書)の少なくとも1つが無効な場合、検証部802は、電子証明書は無効である旨を第1のPFサーバ40に通知する。具体的には、検証部802は、電子証明書は無効である旨を示す否定応答を第1のPFサーバ40に送信する。 If at least one of the two electronic certificates (signature electronic certificate, user proof electronic certificate) is invalid, the verification unit 802 notifies the first PF server 40 that the electronic certificate is invalid. do. Specifically, the verification unit 802 transmits to the first PF server 40 a negative response indicating that the electronic certificate is invalid.
 第2のPFサーバ60から検証要求を受信した場合、検証部802は、当該検証要求に含まれる利用者証明用電子証明書の発行番号を用いて利用者証明用電子証明書の有効性検証を行う。 When the verification request is received from the second PF server 60, the verification unit 802 verifies the validity of the user-certification electronic certificate using the issue number of the user-certification electronic certificate included in the verification request. conduct.
 検証部802は、検証結果を第2のPFサーバ60に通知する。利用者証明用電子証明書が有効な場合、検証部802は、その旨を示す肯定応答を第2のPFサーバ60に送信する。 The verification unit 802 notifies the second PF server 60 of the verification result. If the user-certifying electronic certificate is valid, the verification unit 802 sends an affirmative response to that effect to the second PF server 60 .
 利用者証明用電子証明書が無効な場合、検証部802は、その旨を示す否定応答を第2のPFサーバ60に送信する。 If the user-certifying electronic certificate is invalid, the verification unit 802 sends a negative response to that effect to the second PF server 60 .
 記憶部803は、認証局サーバ70の動作に必要な情報を記憶する手段である。 The storage unit 803 is means for storing information necessary for the operation of the certificate authority server 70 .
[システムの動作]
 続いて、第1の実施形態に係る入場管理システムの動作について説明する。図24は、第1の実施形態に係る入場管理システムの動作の一例を示すシーケンス図である。図24を参照しつつ、初回の本人確認に関する入場管理システムの動作を説明する。 [System operation]
Next, operation of the entrance management system according to the first embodiment will be described. 24 is a sequence diagram illustrating an example of the operation of the entrance management system according to the first embodiment; FIG. Referring to FIG. 24, the operation of the entrance management system regarding the first identity verification will be described.
 受付端末10は、利用者のマイナンバーカードから署名用電子証明書を読み出し、当該署名用電子証明書を含む本人確認依頼をカジノサーバ30に送信する(ステップS41)。 The reception terminal 10 reads out the signature electronic certificate from the user's My Number card, and transmits an identity verification request including the signature electronic certificate to the casino server 30 (step S41).
 カジノサーバ30は、署名用電子証明書を用いた本人確認を第1のPFサーバ40に要求する。カジノサーバ30は、署名用電子証明書を含む本人確認要求を第1のPFサーバ40に送信する(ステップS42)。 The casino server 30 requests the first PF server 40 to verify the identity using the signature electronic certificate. The casino server 30 transmits an identity verification request including the signature electronic certificate to the first PF server 40 (step S42).
 第1のPFサーバ40は、認証局サーバ70に署名用電子証明書の有効性検証を要求する。第1のPFサーバ40は、署名用電子証明書の発行番号を含む検証要求を認証局サーバ70に送信する(ステップS43)。 The first PF server 40 requests the certificate authority server 70 to verify the validity of the signature electronic certificate. The first PF server 40 transmits a verification request including the issue number of the signature electronic certificate to the certificate authority server 70 (step S43).
 認証局サーバ70は、署名用電子証明書の検証を行い(ステップS44)、その結果を第1のPFサーバ40に送信する(ステップS45)。署名用電子証明書が有効であれば、署名用電子証明書に対応する利用者証明用電子証明書の発行番号が第1のPFサーバ40に通知される。 The certificate authority server 70 verifies the signature electronic certificate (step S44) and transmits the result to the first PF server 40 (step S45). If the electronic certificate for signature is valid, the first PF server 40 is notified of the issue number of the electronic certificate for user certification corresponding to the electronic certificate for signature.
 第1のPFサーバ40は、本人確認の結果をカジノサーバ30に送信する(ステップS46)。 The first PF server 40 transmits the result of personal identification to the casino server 30 (step S46).
 カジノサーバ30は、本人確認依頼に関する処理の結果を受付端末10に送信する(ステップS47)。 The casino server 30 transmits the result of the process related to the personal identification request to the reception terminal 10 (step S47).
 受付端末10は、本人確認依頼に対する処理結果を利用者に通知する(本人確認結果を通知;ステップS48)。受付端末10は、処理結果に応じたメッセージ等を出力する。 The reception terminal 10 notifies the user of the processing result for the identity verification request (notifies the identity verification result; step S48). The reception terminal 10 outputs a message or the like according to the processing result.
 続いて、図25を参照しつつ、入場確認(2回目以降の本人確認及び回数確認)に関する入場管理システムの動作を説明する。 Next, with reference to FIG. 25, the operation of the admission management system regarding admission confirmation (personal identification and number of times confirmation from the second time onwards) will be described.
 入場端末20は、利用者のマイナンバーカードから利用者証明用電子証明書を読み出し、当該利用者証明用電子証明書を含む入場確認依頼をカジノサーバ30に送信する(ステップS51)。 The entrance terminal 20 reads out the user-certifying electronic certificate from the user's My Number card, and transmits an entrance confirmation request including the user-certifying electronic certificate to the casino server 30 (step S51).
 カジノサーバ30は、利用者証明用電子証明書を用いた本人確認を第1のPFサーバ40に要求する。カジノサーバ30は、利用者証明用電子証明書を含む本人確認要求を第1のPFサーバ40に送信する(ステップS52)。 The casino server 30 requests the first PF server 40 for identity verification using the electronic certificate for user verification. The casino server 30 transmits an identity verification request including the electronic certificate for user verification to the first PF server 40 (step S52).
 カジノサーバ30は、本人確認要求の送信に前後して、管理サーバ50に対し利用者証明用電子証明書を含む回数確認要求を送信する(ステップS53)。 Around the same time as the transmission of the identity verification request, the casino server 30 transmits a number of times verification request including the electronic certificate for user verification to the management server 50 (step S53).
 第1のPFサーバ40は、本人確認要求の受信に応じて、電子証明書の検証に関する処理を実行する(ステップS54)。具体的には、第1のPFサーバ40は、2つの電子証明書それぞれの発行番号を含む検証要求を認証局サーバ70に送信する。 Upon receiving the identity verification request, the first PF server 40 executes processing related to verification of the electronic certificate (step S54). Specifically, the first PF server 40 transmits to the certification authority server 70 a verification request containing the issue number of each of the two electronic certificates.
 管理サーバ50は、回数確認要求の受信に応じて、入場者特定に関する処理を実行する(ステップS55)。具体的には、管理サーバ50は、利用者証明用電子証明書を含む入場者特定要求を第2のPFサーバ60に送信する。 The management server 50 executes processing related to identification of visitors in response to the reception of the number-of-times confirmation request (step S55). Specifically, the management server 50 transmits to the second PF server 60 a visitor identification request including an electronic certificate for user authentication.
 認証局サーバ70からの応答に応じて、第1のPFサーバ40は、本人確認要求に対する結果を生成し、確認結果をカジノサーバ30に送信する(ステップS56)。 In response to the response from the certification authority server 70, the first PF server 40 generates a result for the identity verification request and transmits the verification result to the casino server 30 (step S56).
 第2のPFサーバ60からの応答に応じて、管理サーバ50は、回数確認要求に対する結果を生成し、確認結果をカジノサーバ30に送信する(ステップS57)。 In response to the response from the second PF server 60, the management server 50 generates a result for the count confirmation request and transmits the confirmation result to the casino server 30 (step S57).
 カジノサーバ30は、本人確認要求の結果と回数確認の結果を取得すると、入場確認依頼に対する結果を生成し、入場端末20に送信する(ステップS58)。 When the casino server 30 acquires the result of the identity verification request and the result of the number of times verification, it generates a result of the admission verification request and transmits it to the admission terminal 20 (step S58).
 入場端末20は、入場確認依頼に対する処理結果を利用者に通知する(ステップS59)。入場端末20は、処理結果に応じたメッセージ等を出力する。 The admission terminal 20 notifies the user of the processing result for the admission confirmation request (step S59). The entrance terminal 20 outputs a message or the like according to the processing result.
 このように、カジノサーバ30は、カジノ施設の外部に設置された受付端末10から、署名用電子証明書を受信したことに応じて、最初の本人確認に関する処理を開始する。また、カジノサーバ30は、カジノ施設の入口に設置された入場端末20から、利用者証明用電子証明書を受信したことに応じて、2回目以降の本人確認及び回数確認の処理を開始する。カジノサーバ30は、第1のPFサーバ40が本人確認に成功し、且つ、管理サーバ50がカジノ施設に入場しようとする入場者の入場を許可した場合に、当該カジノ施設に入場しようとする入場者がカジノ施設に入場することを許可する。 In this way, the casino server 30 starts the first personal identification process in response to receiving the signature electronic certificate from the reception terminal 10 installed outside the casino facility. In addition, the casino server 30 starts the second and subsequent identity verification and number of times verification processes in response to receiving the electronic certificate for user verification from the entrance terminal 20 installed at the entrance of the casino facility. When the first PF server 40 succeeds in identity verification and the management server 50 permits the entrance of the visitor who intends to enter the casino facility, the casino server 30 allows the visitor to enter the casino facility. permit any person to enter the casino premises.
 以上のように、第1の実施形態に係る入場管理システムにおいて、カジノ施設に入場する際の本人確認と回数確認が並行して行われる。その際の本人確認と回数確認は、マイナンバーカードから得られる利用者証明用電子証明書を用いて行われるので、利用者は、複雑な暗証番号(6桁~16桁の暗証番号)を入場端末20に入力する必要がない。利用者は、簡単な暗証番号(4桁の暗証番号)や顔認証によってカジノ施設に入場することができる。即ち、利用者にとっては、本人確認の手続きが簡略化されるので、当該利用者の利便性が向上する。また、第1の実施形態では、2回目以降の本人確認において、署名用電子証明書による本人確認がシステムにより自動的に実行されているので、本人確認の強度が低減するといったこともない。 As described above, in the entrance management system according to the first embodiment, identity verification and number of times verification are performed in parallel when entering the casino facility. At that time, identity verification and number of times verification are performed using the electronic certificate for user verification obtained from the My Number Card, so the user must enter a complicated PIN (6 to 16 digit PIN) at the entrance terminal. No need to enter 20. The user can enter the casino facility with a simple PIN (4-digit PIN) or face recognition. That is, for the user, the procedure for personal identification is simplified, so the user's convenience is improved. In addition, in the first embodiment, since the system automatically performs the identity verification using the signature electronic certificate in the second and subsequent identity verifications, the strength of the identity verification is not reduced.
 続いて、入場管理システムを構成する各装置のハードウェアについて説明する。図26は、カジノサーバ30のハードウェア構成の一例を示す図である。 Next, we will explain the hardware of each device that makes up the entrance management system. FIG. 26 is a diagram showing an example of the hardware configuration of the casino server 30. As shown in FIG.
 カジノサーバ30は、情報処理装置(所謂、コンピュータ)により構成可能であり、図26に例示する構成を備える。例えば、カジノサーバ30は、プロセッサ311、メモリ312、入出力インターフェイス313及び通信インターフェイス314等を備える。上記プロセッサ311等の構成要素は内部バス等により接続され、相互に通信可能に構成されている。 The casino server 30 can be configured by an information processing device (so-called computer), and has the configuration illustrated in FIG. For example, the casino server 30 includes a processor 311, a memory 312, an input/output interface 313, a communication interface 314, and the like. Components such as the processor 311 are connected by an internal bus or the like and configured to be able to communicate with each other.
 但し、図26に示す構成は、カジノサーバ30のハードウェア構成を限定する趣旨ではない。カジノサーバ30は、図示しないハードウェアを含んでもよいし、必要に応じて入出力インターフェイス313を備えていなくともよい。また、カジノサーバ30に含まれるプロセッサ311等の数も図26の例示に限定する趣旨ではなく、例えば、複数のプロセッサ311がカジノサーバ30に含まれていてもよい。 However, the configuration shown in FIG. 26 is not intended to limit the hardware configuration of the casino server 30 . The casino server 30 may include hardware (not shown) and may not have the input/output interface 313 if necessary. Also, the number of processors 311 and the like included in the casino server 30 is not limited to the example shown in FIG.
 プロセッサ311は、例えば、CPU(Central Processing Unit)、MPU(Micro Processing Unit)、DSP(Digital Signal Processor)等のプログラマブルなデバイスである。あるいは、プロセッサ311は、FPGA(Field Programmable Gate Array)、ASIC(Application Specific Integrated Circuit)等のデバイスであってもよい。プロセッサ311は、オペレーティングシステム(OS;Operating System)を含む各種プログラムを実行する。 The processor 311 is, for example, a programmable device such as a CPU (Central Processing Unit), MPU (Micro Processing Unit), DSP (Digital Signal Processor). Alternatively, processor 311 may be a device such as FPGA (Field Programmable Gate Array), ASIC (Application Specific Integrated Circuit), or the like. The processor 311 executes various programs including an operating system (OS).
 メモリ312は、RAM(Random Access Memory)、ROM(Read Only Memory)、HDD(Hard Disk Drive)、SSD(Solid State Drive)等である。メモリ312は、OSプログラム、アプリケーションプログラム、各種データを格納する。 The memory 312 is RAM (Random Access Memory), ROM (Read Only Memory), HDD (Hard Disk Drive), SSD (Solid State Drive), or the like. The memory 312 stores an OS program, application programs, and various data.
 入出力インターフェイス313は、図示しない表示装置や入力装置のインターフェイスである。表示装置は、例えば、液晶ディスプレイ等である。入力装置は、例えば、キーボードやマウス等のユーザ操作を受け付ける装置である。 The input/output interface 313 is an interface for a display device and an input device (not shown). The display device is, for example, a liquid crystal display. The input device is, for example, a device such as a keyboard or mouse that receives user operations.
 通信インターフェイス314は、他の装置と通信を行う回路、モジュール等である。例えば、通信インターフェイス314は、NIC(Network Interface Card)等を備える。 The communication interface 314 is a circuit, module, etc. that communicates with other devices. For example, the communication interface 314 includes a NIC (Network Interface Card) or the like.
 カジノサーバ30の機能は、各種処理モジュールにより実現される。当該処理モジュールは、例えば、メモリ312に格納されたプログラムをプロセッサ311が実行することで実現される。また、当該プログラムは、コンピュータが読み取り可能な記憶媒体に記録することができる。記憶媒体は、半導体メモリ、ハードディスク、磁気記録媒体、光記録媒体等の非トランジェント(non-transitory)なものとすることができる。即ち、本発明は、コンピュータプログラム製品として具現することも可能である。また、上記プログラムは、ネットワークを介してダウンロードするか、あるいは、プログラムを記憶した記憶媒体を用いて、更新することができる。さらに、上記処理モジュールは、半導体チップにより実現されてもよい。 The functions of the casino server 30 are realized by various processing modules. The processing module is implemented by the processor 311 executing a program stored in the memory 312, for example. Also, the program can be recorded in a computer-readable storage medium. The storage medium can be non-transitory such as semiconductor memory, hard disk, magnetic recording medium, optical recording medium, and the like. That is, the present invention can also be embodied as a computer program product. Also, the program can be downloaded via a network or updated using a storage medium storing the program. Furthermore, the processing module may be realized by a semiconductor chip.
 なお、第1のPFサーバ40、管理サーバ50、第2のPFサーバ60、認証局サーバ70等もカジノサーバ30と同様に情報処理装置により構成可能であり、その基本的なハードウェア構成はカジノサーバ30と相違する点はないので説明を省略する。 Note that the first PF server 40, the management server 50, the second PF server 60, the certification authority server 70, etc. can also be configured by information processing devices in the same way as the casino server 30, and their basic hardware configuration is Since there is no difference from the server 30, the explanation is omitted.
 情報処理装置であるカジノサーバ30は、コンピュータを搭載し、当該コンピュータにプログラムを実行させることでカジノサーバ30の機能が実現できる。また、カジノサーバ30は、当該プログラムによりカジノサーバ30の制御方法を実行する。 The casino server 30, which is an information processing device, is equipped with a computer, and the functions of the casino server 30 can be realized by causing the computer to execute a program. Also, the casino server 30 executes a control method of the casino server 30 by the program.
[変形例]
 なお、上記実施形態にて説明した入場管理システムの構成、動作等は例示であって、システムの構成等を限定する趣旨ではない。 [Modification]
It should be noted that the configuration, operation, etc. of the entrance management system described in the above embodiment are examples, and are not intended to limit the configuration of the system.
 上記実施形態では、利用者は、受付端末10を用いて初回の本人確認を受けることを説明した。しかし、当該初回の本人確認は、利用者が所持するスマートフォン等の端末によって行われてもよい。利用者の端末は、マイナンバーカードから署名用電子証明書を読み出し、当該読み出した署名用電子証明書を含む本人確認依頼をカジノサーバ30に送信してもよい。 In the above embodiment, the user uses the reception terminal 10 to receive the initial identity verification. However, the initial identity verification may be performed by a terminal such as a smartphone possessed by the user. The user's terminal may read out the signature electronic certificate from the My Number card and transmit to the casino server 30 a personal identification request including the read signature electronic certificate.
 上記実施形態では、カジノ施設に入場する際の入場確認(2回目以降の本人確認と回数確認)は入場端末20で行われることを説明した。しかし、当該入場確認は、カジノ施設の外部に設置された受付端末10で行われてもよい。この場合、入場端末20は、入場が許可された利用者の生体情報を所定期間(例えば、30分)保持し、当該所定期間に生体認証に成功した利用者のゲート通過を許可してもよい。なお、入場端末20は、受付端末10から直接的に、又は、カジノサーバ30を介して間接的に上記入場が許可された利用者の生体情報を取得すればよい。このような対応により、利用者は、入場端末20にマイナンバーカードの利用者証明用電子証明書を読み込ませる手続きが不要となる。即ち、入場端末20は、マイナンバーカードから利用者証明用電子証明書を取得することなく、生体情報を取得し、当該生体情報を用いた生体認証(1対N認証)で利用者の通行を制御できる。換言すれば、本願開示において、入場端末20が備える入場確認に関する機能は受付端末10(キオスク端末)が備え、入場端末20は利用者の通行を制御するゲート機能を備えている構成であってもよい。 In the above embodiment, it was explained that entrance confirmation (identity confirmation and number of times confirmation from the second time onward) when entering the casino facility is performed at the entrance terminal 20. However, the entry confirmation may be performed at the reception terminal 10 installed outside the casino facility. In this case, the entrance terminal 20 may hold the biometric information of the user who is permitted to enter for a predetermined period (for example, 30 minutes), and permit the user who has successfully passed the biometric authentication during the predetermined period to pass through the gate. . The entrance terminal 20 may acquire the biometric information of the user permitted to enter directly from the reception terminal 10 or indirectly via the casino server 30 . With such a response, the user does not need to perform the procedure of having the admission terminal 20 read the electronic certificate for user verification of the My Number card. That is, the entrance terminal 20 acquires biometric information without acquiring an electronic certificate for user authentication from the My Number card, and controls the passage of the user by biometric authentication (one-to-N authentication) using the biometric information. can. In other words, in the disclosure of the present application, even if the reception terminal 10 (kiosk terminal) has a function related to admission confirmation provided by the admission terminal 20, and the admission terminal 20 has a gate function for controlling the passage of the user. good.
 カジノサーバ30は、初回の本人確認や2回目以降の本人確認に成功した利用者の生体情報(顔画像)を記憶してもよい。さらに、カジノサーバ30は、利用者の顔画像を本人特定事項(氏名、生年月日等)と併せて記憶してもよい。カジノサーバ30は、記憶した生体情報を用いてカジノやIR施設に来場した利用者を特定し、各種のサービスに活用してもよい。例えば、カジノサーバ30は、入場確認時に生体認証によって利用者を特定し、特定された利用者に関するメッセージを入場端末20から出力してもよい。例えば、カジノサーバ30は、カジノへの来場を歓迎するメッセージ(例えば、「A様、ご来場ありがとうございます」のようなメッセージ)を出力してもよい。 The casino server 30 may store biometric information (face images) of users who have successfully completed the first identity verification or the second and subsequent identity verifications. Furthermore, the casino server 30 may store the face image of the user together with the personal identification information (name, date of birth, etc.). The casino server 30 may use the stored biometric information to identify a user who has visited a casino or IR facility, and utilize the information for various services. For example, the casino server 30 may identify the user by biometric authentication at the time of admission confirmation, and output a message regarding the identified user from the entrance terminal 20 . For example, the casino server 30 may output a message welcoming visitors to the casino (for example, a message such as "Thank you for visiting us, Mr. A").
 入場端末20は、利用者に対して、カジノへの入場許可、不許可を通知する際、カジノ利用状況等を併せて通知してもよい。例えば、入場端末20は、「7日間で何回入場したか」、又は、「今後の7日間で入場できる回数」等の情報を通知してもよい。あるいは、入場端末20は、カジノへの入場不可を通知する際、回数制限(7日間、28日間の短期、長期の回数制限)が解除されるまでの期間(例えば、3日経過後にカジノ施設に再入場可能といった期間)を利用者に通知してもよい。この場合、管理サーバ50は、上記カジノ利用状況情報を生成し、カジノサーバ30を介して入場端末20に当該カジノ利用状況情報を通知すればよい。 When the admission terminal 20 notifies the user of the permission or denial of admission to the casino, it may also notify the user of the casino usage status. For example, the entrance terminal 20 may notify information such as "how many times you have entered in 7 days" or "how many times you can enter in the next 7 days". Alternatively, when notifying that entry to the casino is not possible, the admission terminal 20 waits until the number of times limit (7 days, 28 days short-term, long-term number limit) is lifted (for example, after 3 days). The period during which re-entry is possible) may be notified to the user. In this case, the management server 50 may generate the casino usage information and notify the entrance terminal 20 of the casino usage information via the casino server 30 .
 カジノサーバ30や管理サーバ50は、カジノ施設への入場可否を判定する際、利用者による誓約書(反社会勢力等に属していないこと等の誓約書)の有無を検証してもよい。 The casino server 30 and the management server 50 may verify the presence or absence of a written pledge by the user (a written pledge that the user does not belong to anti-social forces, etc.) when determining whether or not to enter the casino facility.
 上記実施形態では、入場確認における本人確認において、第1のPFサーバ40は、署名用電子証明書の発行番号と利用者証明用電子証明書の発行番号を含む検証要求を認証局サーバ70に送信することを説明した。しかし、第1のPFサーバ40は、署名用電子証明書の発行番号を含む検証要求と、利用者証明用電子証明書の発行番号を含む検証要求を、それぞれ認証局サーバ70に送信してもよい。認証局サーバ70は、各検証要求を検証し、その検証結果を第1のPFサーバ40に送信してもよい。 In the above-described embodiment, the first PF server 40 transmits a verification request including the issue number of the electronic certificate for signature and the issue number of the electronic certificate for user verification to the certificate authority server 70 in the personal identification in the entrance confirmation. explained to do. However, even if the first PF server 40 transmits a verification request including the issue number of the signature electronic certificate and a verification request including the issue number of the user certification electronic certificate to the certificate authority server 70, good. The certificate authority server 70 may verify each verification request and transmit the verification result to the first PF server 40 .
 あるいは、第1のPFサーバ40は、2回目以降の本人確認時に、利用者証明用電子証明書の有効性検証を認証局サーバ70に要求しなくてもよい。 Alternatively, the first PF server 40 does not need to request the certificate authority server 70 to verify the validity of the user-certifying electronic certificate at the time of the second and subsequent identity verifications.
 上記実施形態では、カジノサーバ30が管理サーバ50に回数確認を要求する際、問合せIDが管理サーバ50に送信される場合について説明した。カジノサーバ30は、第1のPFサーバ40に本人確認を要求する際にも、当該問合せIDを第1のPFサーバ40に送信してもよい。 In the above embodiment, the case where the inquiry ID is sent to the management server 50 when the casino server 30 requests the management server 50 to confirm the number of times has been described. The casino server 30 may also transmit the inquiry ID to the first PF server 40 when requesting the first PF server 40 for personal identification.
 上記実施形態では、カジノサーバ30は第1のPFサーバ40に電子証明書を送信し、管理サーバ50は第2のPFサーバ60に電子証明書を送信することを説明した。即ち、カジノサーバ30と管理サーバ50は、異なるプラットフォームサーバに電子証明書を送信し、認証手続きを要求している。しかし、カジノサーバ30及び管理サーバ50は、同じプラットフォームサーバに認証手続きを要求してもよい。換言すれば、第1のPFサーバ40と第2のPFサーバ60の機能が統合され1台のプラットフォームサーバが認証サービスを提供してもよい。 In the above embodiment, it was explained that the casino server 30 sends the electronic certificate to the first PF server 40 and the management server 50 sends the electronic certificate to the second PF server 60 . That is, the casino server 30 and the management server 50 send electronic certificates to different platform servers to request authentication procedures. However, the casino server 30 and management server 50 may request the authentication procedure from the same platform server. In other words, the functions of the first PF server 40 and the second PF server 60 may be integrated so that one platform server provides authentication services.
 上記実施形態では、各サーバの内部に各種データベースが構成される場合について説明したが、当該データベースは外部のデータベースサーバ等に構築されてもよい。即ち、各サーバ等の一部の機能は別のサーバに実装されていてもよい。より具体的には、上記説明した「本人確認処理部(本人確認処理手段)」、「入場確認処理部(入場確認処理手段)」等がシステムに含まれるいずれかの装置に実装されていればよい。 In the above embodiment, the case where various databases are configured inside each server has been described, but the databases may be configured in an external database server or the like. That is, some functions of each server may be implemented in another server. More specifically, if the above-described "personal identification processing unit (personal identification processing means)", "admission confirmation processing unit (admission confirmation processing means)", etc. are implemented in any device included in the system good.
 各装置(受付端末10、入場端末20、カジノサーバ30等)間のデータ送受信の形態は特に限定されないが、これら装置間で送受信されるデータは暗号化されていてもよい。これらの装置間では、電子証明書等が送受信され、当該電子証明書の情報を適切に保護するためには、暗号化されたデータが送受信されることが望ましい。 The form of data transmission/reception between each device (reception terminal 10, entrance terminal 20, casino server 30, etc.) is not particularly limited, but the data transmitted/received between these devices may be encrypted. Electronic certificates and the like are transmitted and received between these devices, and in order to appropriately protect the information of the electronic certificates, it is desirable to transmit and receive encrypted data.
 上記説明で用いた流れ図(フローチャート、シーケンス図)では、複数の工程(処理)が順番に記載されているが、実施形態で実行される工程の実行順序は、その記載の順番に制限されない。実施形態では、例えば各処理を並行して実行する等、図示される工程の順番を内容的に支障のない範囲で変更することができる。 In the flowcharts (flowcharts, sequence diagrams) used in the above explanation, multiple steps (processes) are described in order, but the execution order of the steps executed in the embodiment is not limited to the described order. In the embodiment, the order of the illustrated steps can be changed within a range that does not interfere with the content, such as executing each process in parallel.
 上記の実施形態は本願開示の理解を容易にするために詳細に説明したものであり、上記説明したすべての構成が必要であることを意図したものではない。また、複数の実施形態について説明した場合には、各実施形態は単独で用いてもよいし、組み合わせて用いてもよい。例えば、実施形態の構成の一部を他の実施形態の構成に置き換えることや、実施形態の構成に他の実施形態の構成を加えることも可能である。さらに、実施形態の構成の一部について他の構成の追加、削除、置換が可能である。 The above embodiments have been described in detail to facilitate understanding of the disclosure of the present application, and are not intended to require all the configurations described above. Also, when a plurality of embodiments are described, each embodiment may be used alone or in combination. For example, it is possible to replace part of the configuration of the embodiment with the configuration of another embodiment, or to add the configuration of another embodiment to the configuration of the embodiment. Furthermore, additions, deletions, and replacements of other configurations are possible for some of the configurations of the embodiments.
 上記の説明により、本発明の産業上の利用可能性は明らかであるが、本発明は、カジノ施設の入退場を管理する入場管理システムなどに好適に適用可能である。 From the above description, the industrial applicability of the present invention is clear, and the present invention can be suitably applied to an entrance management system that manages the entry and exit of casino facilities.
 上記の実施形態の一部又は全部は、以下の付記のようにも記載され得るが、以下には限られない。
[付記1]
 利用者が施設に入場するための制御を行う、施設サーバと、
 身分証明書に格納された電子証明書を用いた認証手続きを行う第1のプラットフォームサーバと、
 を含み、
 前記施設サーバは、
 前記利用者が前記施設に入場する前に必要な最初の本人確認時に、前記身分証明書に格納された第1の電子証明書を前記第1のプラットフォームサーバに送信し、
 前記利用者が前記施設に入場する際に必要な2回目以降の本人確認時に、前記身分証明書に格納された第2の電子証明書を前記第1のプラットフォームサーバに送信し、
 前記第1のプラットフォームサーバは、
 前記第1の電子証明書の第1の識別情報と前記第2の電子証明書の第2の識別情報を対応付けて記憶し、
 前記2回目以降の本人確認時に、前記第2の電子証明書から前記第2の識別情報を抽出し、少なくとも前記抽出された第2の識別情報に対応する前記第1の識別情報を用いて前記2回目以降の本人確認に関する処理を行う、システム。
[付記2]
 前記第1及び第2の電子証明書の有効性を検証する、認証局サーバをさらに含み、
 前記第1のプラットフォームサーバは、前記第1の識別情報を前記認証局サーバに送信し、
 前記認証局サーバは、前記第1の識別情報に基づいて前記第1の電子証明書の有効性を検証し、検証に成功した場合には前記第1の識別情報に対応する前記第2の識別情報を前記第1のプラットフォームサーバに送信する、付記1に記載のシステム。
[付記3]
 前記施設サーバは、前記2回目以降の本人確認と並行して、前記施設の回数確認に関する処理を行う、付記1又は2に記載のシステム。
[付記4]
 前記施設の利用状況を管理する、管理サーバと、
 前記身分証明書に格納された電子証明書を用いた認証手続きを行う第2のプラットフォームサーバと、をさらに含み、
 前記施設サーバは、前記第2の電子証明書を前記管理サーバに送信し、
 前記管理サーバは、前記第2の電子証明書を送信することで前記施設へ入場しようとする入場者の特定を前記第2のプラットフォームサーバに要求し、
 前記第2のプラットフォームサーバは、前記第2の電子証明書が有効な場合、前記入場者の入場者IDを前記管理サーバに送信し、
 前記管理サーバは、前記入場者IDに対応する利用履歴が前記施設の利用に関する回数制限に反しない場合に、前記施設へ入場しようとする入場者が前記施設に入場することを許可する、付記3に記載のシステム。
[付記5]
 前記施設サーバは、
 前記第1のプラットフォームサーバが前記本人確認に成功し、且つ、前記管理サーバが前記施設に入場しようとする入場者の前記施設への入場を許可した場合に、前記施設に入場しようとする入場者が前記施設に入場することを許可する、付記4に記載のシステム。
[付記6]
 前記施設サーバは、前記施設の入口に設置された入場端末から、前記第2の電子証明書を受信したことに応じて、前記2回目以降の本人確認及び前記回数確認の処理を開始する、付記4又は5に記載のシステム。
[付記7]
 前記入場端末は、前記第2の電子証明書を読み出すための暗証番号又は生体情報を取得する、付記6に記載のシステム。
[付記8]
 前記施設サーバは、前記施設の外部に設置された受付端末から、前記第1の電子証明書を受信したことに応じて、前記最初の本人確認に関する処理を開始する、付記1乃至7のいずれか一項に記載のシステム。
[付記9]
 前記受付端末は、前記第1の電子証明書を読み出すための暗証番号を取得する、付記8に記載のシステム。
[付記10]
 前記身分証明書は、マイナンバーカードである、付記1乃至9のいずれか一項に記載のシステム。
[付記11]
 前記第1の電子証明書は署名用電子証明書であり、前記第2の電子証明書は利用者証明用電子証明書である、付記10に記載のシステム。
[付記12]
 利用者が施設に入場する前に必要な最初の本人確認時に、身分証明書に格納された第1の電子証明書を、前記身分証明書に格納された電子証明書を用いた認証手続きを行う第1のプラットフォームサーバに送信する、本人確認処理部と、
 前記利用者が前記施設に入場する際に必要な2回目以降の本人確認時に、前記身分証明書に格納された第2の電子証明書を前記第1のプラットフォームサーバに送信する、入場確認処理部と、
 を備える、サーバ装置。
[付記13]
 サーバ装置において、
 利用者が施設に入場する前に必要な最初の本人確認時に、身分証明書に格納された第1の電子証明書を、前記身分証明書に格納された電子証明書を用いた認証手続きを行う第1のプラットフォームサーバに送信し、
 前記利用者が前記施設に入場する際に必要な2回目以降の本人確認時に、前記身分証明書に格納された第2の電子証明書を前記第1のプラットフォームサーバに送信する、サーバ装置の制御方法。
[付記14]
 サーバ装置に搭載されたコンピュータに、
 利用者が施設に入場する前に必要な最初の本人確認時に、身分証明書に格納された第1の電子証明書を、前記身分証明書に格納された電子証明書を用いた認証手続きを行う第1のプラットフォームサーバに送信する処理と、
 前記利用者が前記施設に入場する際に必要な2回目以降の本人確認時に、前記身分証明書に格納された第2の電子証明書を前記第1のプラットフォームサーバに送信する処理と、
 を実行させるためのプログラムを記憶する、コンピュータ読取可能な記憶媒体。 Some or all of the above embodiments may also be described in the following additional remarks, but are not limited to the following.
[Appendix 1]
a facility server that performs control for users to enter the facility;
a first platform server that performs an authentication procedure using an electronic certificate stored in an identification card;
including
The facility server is
transmitting a first electronic certificate stored in the identification card to the first platform server at the time of initial identity verification required before the user enters the facility;
transmitting the second electronic certificate stored in the identification card to the first platform server at the time of the second and subsequent identity verifications required when the user enters the facility;
The first platform server,
storing the first identification information of the first electronic certificate and the second identification information of the second electronic certificate in association with each other;
The second identification information is extracted from the second electronic certificate at the time of identity verification for the second and subsequent times, and the first identification information corresponding to at least the extracted second identification information is used. A system that performs processing related to identity verification from the second time onwards.
[Appendix 2]
further comprising a certificate authority server that verifies the validity of the first and second electronic certificates;
The first platform server transmits the first identification information to the certificate authority server;
The certificate authority server verifies the validity of the first electronic certificate based on the first identification information, and if the verification is successful, the second identification corresponding to the first identification information. 10. The system of clause 1, transmitting information to the first platform server.
[Appendix 3]
3. The system according to appendix 1 or 2, wherein the facility server performs processing related to confirmation of the number of times of the facility in parallel with the second and subsequent personal identifications.
[Appendix 4]
a management server that manages the usage status of the facility;
a second platform server that performs an authentication procedure using the electronic certificate stored in the identification card;
The facility server transmits the second electronic certificate to the management server,
The management server requests the second platform server to identify a visitor who intends to enter the facility by sending the second electronic certificate,
the second platform server, when the second electronic certificate is valid, transmits the visitor ID of the visitor to the management server;
Supplementary Note 3: The management server permits the visitor who intends to enter the facility to enter the facility when the usage history corresponding to the visitor ID does not violate the limit on the number of times the facility can be used. The system described in .
[Appendix 5]
The facility server is
A visitor who attempts to enter the facility when the first platform server succeeds in the identity verification and the management server permits the visitor who intends to enter the facility to enter the facility. 5. The system of Clause 4, wherein the system permits to enter the facility.
[Appendix 6]
The facility server, in response to receiving the second electronic certificate from the entrance terminal installed at the entrance of the facility, starts the process of the second and subsequent identity verification and the number of times verification. 6. The system according to 4 or 5.
[Appendix 7]
7. The system according to appendix 6, wherein the admission terminal acquires a personal identification number or biometric information for reading the second electronic certificate.
[Appendix 8]
8. Any one of Supplementary Notes 1 to 7, wherein the facility server initiates the process related to the first personal identification in response to receiving the first electronic certificate from a reception terminal installed outside the facility. The system according to item 1.
[Appendix 9]
9. The system according to appendix 8, wherein the reception terminal acquires a personal identification number for reading the first electronic certificate.
[Appendix 10]
10. The system according to any one of the appendices 1 to 9, wherein the identification is a My Number card.
[Appendix 11]
11. The system according to appendix 10, wherein the first electronic certificate is a signature electronic certificate and the second electronic certificate is a user-certifying electronic certificate.
[Appendix 12]
At the time of initial identity verification required before the user enters the facility, the first electronic certificate stored in the identification card is used for the authentication procedure using the electronic certificate stored in the identification card. an identity verification processor for transmission to the first platform server;
An entrance confirmation processing unit that transmits a second electronic certificate stored in the identification card to the first platform server at the time of the second and subsequent identity confirmations required when the user enters the facility. and,
A server device.
[Appendix 13]
in the server device,
At the time of initial identity verification required before the user enters the facility, the first electronic certificate stored in the identification card is used for the authentication procedure using the electronic certificate stored in the identification card. send to the first platform server;
Controlling a server device that transmits a second electronic certificate stored in the identification card to the first platform server at the time of the second and subsequent identity verifications required when the user enters the facility. Method.
[Appendix 14]
The computer installed in the server device,
At the time of initial identity verification required before the user enters the facility, the first electronic certificate stored in the identification card is used for the authentication procedure using the electronic certificate stored in the identification card. a process of transmitting to the first platform server;
a process of transmitting a second electronic certificate stored in the identification card to the first platform server at the time of the second or later identity verification required when the user enters the facility;
A computer-readable storage medium that stores a program for executing
 なお、引用した上記の先行技術文献の各開示は、本書に引用をもって繰り込むものとする。以上、本発明の実施形態を説明したが、本発明はこれらの実施形態に限定されるものではない。これらの実施形態は例示にすぎないということ、及び、本発明のスコープ及び精神から逸脱することなく様々な変形が可能であるということは、当業者に理解されるであろう。即ち、本発明は、請求の範囲を含む全開示、技術的思想にしたがって当業者であればなし得る各種変形、修正を含むことは勿論である。 It should be noted that each disclosure of the above cited prior art documents shall be incorporated into this document by citation. Although the embodiments of the present invention have been described above, the present invention is not limited to these embodiments. Those skilled in the art will appreciate that these embodiments are illustrative only and that various modifications can be made without departing from the scope and spirit of the invention. That is, the present invention naturally includes various variations and modifications that can be made by those skilled in the art according to the entire disclosure including claims and technical ideas.
10  受付端末
20  入場端末
30  カジノサーバ
40  第1のPFサーバ
50  管理サーバ
60  第2のPFサーバ
70  認証局サーバ
101 施設サーバ
102 第1のプラットフォームサーバ
201 通信制御部
202 本人確認制御部
203 記憶部
301 通信制御部
302 入場制御部
303 ゲート制御部
304 記憶部
311 プロセッサ
312 メモリ
313 入出力インターフェイス
314 通信インターフェイス
401 通信制御部
402 本人確認処理部
403 入場確認処理部
404 入場通知部
405 記憶部
501 通信制御部
502 検証制御部
503 記憶部
601 通信制御部
602 回数確認処理部
603 入退制御部
604 記憶部
701 通信制御部
702 検証制御部
703 記憶部
801 通信制御部
802 検証部
803 記憶部 10 reception terminal 20 entrance terminal 30 casino server 40 first PF server 50 management server 60 second PF server 70 certification authority server 101 facility server 102 first platform server 201 communication control unit 202 identity verification control unit 203 storage unit 301 Communication control unit 302 Admission control unit 303 Gate control unit 304 Storage unit 311 Processor 312 Memory 313 Input/output interface 314 Communication interface 401 Communication control unit 402 Identity verification processing unit 403 Admission verification processing unit 404 Admission notification unit 405 Storage unit 501 Communication control unit 502 verification control unit 503 storage unit 601 communication control unit 602 number of times confirmation processing unit 603 entrance/exit control unit 604 storage unit 701 communication control unit 702 verification control unit 703 storage unit 801 communication control unit 802 verification unit 803 storage unit

Claims (14)

  1.  利用者が施設に入場するための制御を行う、施設サーバと、
     身分証明書に格納された電子証明書を用いた認証手続きを行う第1のプラットフォームサーバと、
     を含み、
     前記施設サーバは、
     前記利用者が前記施設に入場する前に必要な最初の本人確認時に、前記身分証明書に格納された第1の電子証明書を前記第1のプラットフォームサーバに送信し、
     前記利用者が前記施設に入場する際に必要な2回目以降の本人確認時に、前記身分証明書に格納された第2の電子証明書を前記第1のプラットフォームサーバに送信し、
     前記第1のプラットフォームサーバは、
     前記第1の電子証明書の第1の識別情報と前記第2の電子証明書の第2の識別情報を対応付けて記憶し、
     前記2回目以降の本人確認時に、前記第2の電子証明書から前記第2の識別情報を抽出し、少なくとも前記抽出された第2の識別情報に対応する前記第1の識別情報を用いて前記2回目以降の本人確認に関する処理を行う、システム。     a facility server that performs control for users to enter the facility;
    a first platform server that performs an authentication procedure using an electronic certificate stored in an identification card;
    including
    The facility server is
    transmitting a first electronic certificate stored in the identification card to the first platform server at the time of initial identity verification required before the user enters the facility;
    transmitting the second electronic certificate stored in the identification card to the first platform server at the time of the second and subsequent identity verifications required when the user enters the facility;
    The first platform server,
    storing the first identification information of the first electronic certificate and the second identification information of the second electronic certificate in association with each other;
    The second identification information is extracted from the second electronic certificate at the time of identity verification for the second and subsequent times, and the first identification information corresponding to at least the extracted second identification information is used. A system that performs processing related to identity verification from the second time onwards.
  2.  前記第1及び第2の電子証明書の有効性を検証する、認証局サーバをさらに含み、
     前記第1のプラットフォームサーバは、前記第1の識別情報を前記認証局サーバに送信し、
     前記認証局サーバは、前記第1の識別情報に基づいて前記第1の電子証明書の有効性を検証し、検証に成功した場合には前記第1の識別情報に対応する前記第2の識別情報を前記第1のプラットフォームサーバに送信する、請求項1に記載のシステム。     further comprising a certificate authority server that verifies the validity of the first and second electronic certificates;
    The first platform server transmits the first identification information to the certificate authority server;
    The certificate authority server verifies the validity of the first electronic certificate based on the first identification information, and if the verification is successful, the second identification corresponding to the first identification information. 2. The system of claim 1, transmitting information to the first platform server.
  3.  前記施設サーバは、前記2回目以降の本人確認と並行して、前記施設の回数確認に関する処理を行う、請求項1又は2に記載のシステム。  The system according to claim 1 or 2, wherein the facility server performs processing related to confirmation of the number of times of the facility in parallel with the second and subsequent identity confirmations.
  4.  前記施設の利用状況を管理する、管理サーバと、
     前記身分証明書に格納された電子証明書を用いた認証手続きを行う第2のプラットフォームサーバと、をさらに含み、
     前記施設サーバは、前記第2の電子証明書を前記管理サーバに送信し、
     前記管理サーバは、前記第2の電子証明書を送信することで前記施設へ入場しようとする入場者の特定を前記第2のプラットフォームサーバに要求し、
     前記第2のプラットフォームサーバは、前記第2の電子証明書が有効な場合、前記入場者の入場者IDを前記管理サーバに送信し、
     前記管理サーバは、前記入場者IDに対応する利用履歴が前記施設の利用に関する回数制限に反しない場合に、前記施設へ入場しようとする入場者が前記施設に入場することを許可する、請求項3に記載のシステム。     a management server that manages the usage status of the facility;
    a second platform server that performs an authentication procedure using the electronic certificate stored in the identification card;
    The facility server transmits the second electronic certificate to the management server,
    The management server requests the second platform server to identify a visitor who intends to enter the facility by sending the second electronic certificate,
    the second platform server, when the second electronic certificate is valid, transmits the visitor ID of the visitor to the management server;
    The management server permits a visitor who intends to enter the facility to enter the facility when the usage history corresponding to the visitor ID does not violate a limit on the number of times the facility can be used. 3. The system according to 3.
  5.  前記施設サーバは、
     前記第1のプラットフォームサーバが前記本人確認に成功し、且つ、前記管理サーバが前記施設に入場しようとする入場者の前記施設への入場を許可した場合に、前記施設に入場しようとする入場者が前記施設に入場することを許可する、請求項4に記載のシステム。     The facility server is
    A visitor who attempts to enter the facility when the first platform server succeeds in the identity verification and the management server permits the visitor who intends to enter the facility to enter the facility. 5. The system of claim 4, wherein the system permits to enter the facility.
  6.  前記施設サーバは、前記施設の入口に設置された入場端末から、前記第2の電子証明書を受信したことに応じて、前記2回目以降の本人確認及び前記回数確認の処理を開始する、請求項4又は5に記載のシステム。 wherein the facility server starts the process of the second and subsequent identity verification and the number of times verification in response to receiving the second electronic certificate from the entrance terminal installed at the entrance of the facility; 6. The system according to Item 4 or 5.
  7.  前記入場端末は、前記第2の電子証明書を読み出すための暗証番号又は生体情報を取得する、請求項6に記載のシステム。 The system according to claim 6, wherein the admission terminal acquires a personal identification number or biometric information for reading the second electronic certificate.
  8.  前記施設サーバは、前記施設の外部に設置された受付端末から、前記第1の電子証明書を受信したことに応じて、前記最初の本人確認に関する処理を開始する、請求項1乃至7のいずれか一項に記載のシステム。 8. The facility server according to any one of claims 1 to 7, wherein said facility server initiates said first identity verification process in response to receiving said first electronic certificate from a reception terminal installed outside said facility. or the system according to item 1.
  9.  前記受付端末は、前記第1の電子証明書を読み出すための暗証番号を取得する、請求項8に記載のシステム。 The system according to claim 8, wherein the reception terminal acquires a personal identification number for reading the first electronic certificate.
  10.  前記身分証明書は、マイナンバーカードである、請求項1乃至9のいずれか一項に記載のシステム。 The system according to any one of claims 1 to 9, wherein the identification card is a My Number card.
  11.  前記第1の電子証明書は署名用電子証明書であり、前記第2の電子証明書は利用者証明用電子証明書である、請求項10に記載のシステム。 The system according to claim 10, wherein the first electronic certificate is a signature electronic certificate, and the second electronic certificate is a user-certifying electronic certificate.
  12.  利用者が施設に入場する前に必要な最初の本人確認時に、身分証明書に格納された第1の電子証明書を、前記身分証明書に格納された電子証明書を用いた認証手続きを行う第1のプラットフォームサーバに送信する、本人確認処理部と、
     前記利用者が前記施設に入場する際に必要な2回目以降の本人確認時に、前記身分証明書に格納された第2の電子証明書を前記第1のプラットフォームサーバに送信する、入場確認処理部と、
     を備える、サーバ装置。     At the time of initial identity verification required before the user enters the facility, the first electronic certificate stored in the identification card is used for the authentication procedure using the electronic certificate stored in the identification card. an identity verification processor for transmission to the first platform server;
    An entrance confirmation processing unit that transmits a second electronic certificate stored in the identification card to the first platform server at the time of the second and subsequent identity confirmations required when the user enters the facility. and,
    A server device.
  13.  サーバ装置において、
     利用者が施設に入場する前に必要な最初の本人確認時に、身分証明書に格納された第1の電子証明書を、前記身分証明書に格納された電子証明書を用いた認証手続きを行う第1のプラットフォームサーバに送信し、
     前記利用者が前記施設に入場する際に必要な2回目以降の本人確認時に、前記身分証明書に格納された第2の電子証明書を前記第1のプラットフォームサーバに送信する、サーバ装置の制御方法。     in the server device,
    At the time of initial identity verification required before the user enters the facility, the first electronic certificate stored in the identification card is used for the authentication procedure using the electronic certificate stored in the identification card. send to the first platform server;
    Controlling a server device that transmits a second electronic certificate stored in the identification card to the first platform server at the time of the second and subsequent identity verifications required when the user enters the facility. Method.
  14.  サーバ装置に搭載されたコンピュータに、
     利用者が施設に入場する前に必要な最初の本人確認時に、身分証明書に格納された第1の電子証明書を、前記身分証明書に格納された電子証明書を用いた認証手続きを行う第1のプラットフォームサーバに送信する処理と、
     前記利用者が前記施設に入場する際に必要な2回目以降の本人確認時に、前記身分証明書に格納された第2の電子証明書を前記第1のプラットフォームサーバに送信する処理と、
     を実行させるためのプログラムを記憶する、コンピュータ読取可能な記憶媒体。     The computer installed in the server device,
    At the time of initial identity verification required before the user enters the facility, the first electronic certificate stored in the identification card is used for the authentication procedure using the electronic certificate stored in the identification card. a process of transmitting to the first platform server;
    a process of transmitting a second electronic certificate stored in the identification card to the first platform server at the time of the second or later identity verification required when the user enters the facility;
    A computer-readable storage medium that stores a program for executing
PCT/JP2022/003624 2022-01-31 2022-01-31 System, server device, control method for server device, and storage medium WO2023145081A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/003624 WO2023145081A1 (en) 2022-01-31 2022-01-31 System, server device, control method for server device, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/003624 WO2023145081A1 (en) 2022-01-31 2022-01-31 System, server device, control method for server device, and storage medium

Publications (1)

Publication Number Publication Date
WO2023145081A1 true WO2023145081A1 (en) 2023-08-03

Family

ID=87470977

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/003624 WO2023145081A1 (en) 2022-01-31 2022-01-31 System, server device, control method for server device, and storage medium

Country Status (1)

Country Link
WO (1) WO2023145081A1 (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2019133224A (en) * 2018-01-29 2019-08-08 富士通株式会社 Information provision program, information processing device and information provision method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2019133224A (en) * 2018-01-29 2019-08-08 富士通株式会社 Information provision program, information processing device and information provision method

Similar Documents

Publication Publication Date Title
US20190319944A1 (en) System and method for electronic credentials
EP3510510A1 (en) Architecture for access management
JP5127429B2 (en) Admission restriction system and relay device
US9992235B2 (en) Information processing system and user authentication method
JP2017182326A (en) Qualification authentication system using mobile terminal, qualification authentication tool and qualification authentication method
CN111567013A (en) Method and apparatus for managing user authentication in a blockchain network
WO2021212009A1 (en) Systems, methods, and non-transitory computer-readable media for secure biometrically-enhanced data exchanges and data storage
TWI744698B (en) Authentication system, terminal, authentication method, and program product
JP2020149115A (en) Entry and exit management system, passage management system, entry and exit management method, and entry and exit management program
JP2024028612A (en) Management server, information providing method, and computer program
JP7364057B2 (en) Information processing device, system, face image update method and program
US20230207077A1 (en) Cooperation server, system, immune certificate generation method, and non-transitory computer-readable medium
WO2023145081A1 (en) System, server device, control method for server device, and storage medium
JP7409411B2 (en) Servers, systems, server control methods, programs, terminals, and terminal control methods
WO2022024281A1 (en) Authentication server, authentication system, authentication request processing method, and storage medium
US11296893B2 (en) Method and system for identity verification
WO2021255821A1 (en) Authentication server, facial image update recommendation method and storage medium
WO2024075173A1 (en) System and method
JP7501822B1 (en) Server device, system, and method and program for controlling server device
WO2024024043A1 (en) System and method
WO2024122002A1 (en) Terminal, system, method for controlling terminal, and storage medium
WO2023170899A1 (en) Terminal, system, method for controlling terminal, and storage medium
WO2024057457A1 (en) Authentication terminal, system, control method of authentication terminal, and recording medium
WO2023157158A1 (en) System, server device, server device control method, and storage medium
WO2023053362A1 (en) Authentication terminal, system, control method for authentication terminal, and recording medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22923944

Country of ref document: EP

Kind code of ref document: A1