JP2001331454A - Authentication system, information recording method and information management method - Google Patents

Abstract

(57) [Summary] [Problem] To provide an authentication system, an information recording method, and an information management method that enable access to personal information managed after performing personal authentication from biometric information. SOLUTION: In an authentication system 10 for authenticating a specific person via a network, personal information storage means 24b capable of storing or storing personal information, and biological information capable of storing or storing biological information Storage means 24a
And biological information reading means 12 capable of reading biological information relating to a specific person; first communication means 16 for transmitting biological information read by biological information reading means 12; The second communication means 21 for receiving the biometric information, the personal information storage means 24b, and the biometric information stored in the biometric information storage means 24a, which are connected to the biometric information storage means 24a and authenticate the identity of the specific person. Is compared with the biometric information received by the second communication means 21, and only when the biometric information matches, the personal information storage means 2
And a biometric information collating unit 30 for enabling access to personal information relating to a specific person stored in 4b.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an authentication system, an information recording method, and an information management method that enable access to managed personal information after performing personal authentication from biological information.

[0002]

2. Description of the Related Art In recent years, with the rapid development and spread of the Internet, electronic commerce (EC) for buying and selling goods, information, and services via the Internet has been in full swing. When buying and selling via such a network such as the Internet, it is necessary to prevent others from impersonating and trading illegally. Therefore, it is necessary to perform reliable personal authentication by some means.

One of the means for performing this authentication is an encryption technique on a network. In the encryption technology, a specific sentence or the like is encrypted using a sequence of numbers called an encryption key, and the encryption key is also used for decryption. In the current encryption technology using an encryption key, it is urgently necessary to develop a highly reliable encryption.

[0004] In order to perform reliable authentication with high reliability, one of the techniques that has attracted attention is a biometric authentication technique. The biometrics authentication technology authenticates an individual based on unique biometric information possessed by each individual. In this biometric (biological feature), a feature that is different for every person and that does not change so much over the years is used.

More specifically, biometrics authentication technologies include fingerprint matching technology, face matching technology, retinal pattern matching technology, iris pattern matching technology, palm shape matching technology, voiceprint / voiceprinting technology.
There are voice collation technology and handwriting collation technology. For example, Japanese Unexamined Utility Model Publication No. 1-127051 and Japanese Unexamined Patent Publication No.
There is a technique described in Japanese Patent Application No. 0-143270. The former uses a fingerprint instead of a bank ID card, and the latter stores biometric information on an IC card to reduce the load of collating a fingerprint read with a mouse with registration data, and stores the biometric information. The mouse, which is a reading device for reading, reads its own biometric information directly, and performs collation with the biometric information registered in the IC card.

[0006]

As described above, when conducting e-commerce or receiving services via the Internet, if a transaction is performed using a specific password or the like, this password information is stolen and another person becomes a specific person. There is a problem of masturbation. Conventionally, in order to prevent such spoofing, electronic authentication and electronic signature are performed using a certification authority. However, in these methods, the above-described encryption is premised, and if the management of the secret key is neglected, it becomes possible for others to impersonate a specific person.

[0007] For example, IDs and passwords for accessing bank cash cards and various credit cards, or Internet providers can be memorized at their own risk or stored in a predetermined location such as a notebook. At present, it is managed by writing down.

[0008] However, when the number of such IDs and passwords increases, it becomes very difficult for individuals to remember and manage them individually. In other words, although IDs and passwords that are frequently used are remembered, IDs and passwords that are not frequently used are often forgotten.
In addition, it may be confused with an ID or password of another card or the like. Further, when writing down and managing in a notebook or the like, the notebook or the like may be lost.

[0009] The present invention has been made based on the above circumstances, and an object thereof is to easily and surely manage personal information such as IDs, passwords, and target services used on a network or a normal life. To provide a new way to do it. That is, an object of the present invention is to provide an authentication system, an information recording method, and an information management method that enable access to personal information managed after performing personal authentication from biometric information.

[0010]

In order to achieve the above-mentioned object, the present invention manages personal information of a specific person via a network and authenticates whether a person accessing the personal information is the specific person. In the authentication system, a personal information storage unit capable of storing or storing personal information relating to a specific person, a biological information storage unit capable of storing or storing biological information relating to a specific person, and a biological information relating to a specific person being readable Biometric information reading means, first communication means for transmitting biometric information read by the biometric information reading means,
The second communication means for receiving the biological information transmitted by the communication means, the personal information storage means and the biological information storage means are connected to each other. The biometric information is obtained by comparing the biometric information with the biometric information received by the second communication means, and enables access to the personal information on the specific person stored in the personal information storage means only when the two biometric information matches each other. And information collating means.

For this reason, after the biological information is read by the biological information reading means, the biological information is received through the first communication means and the second communication means, and the biological information and the identification information stored in advance are stored. If the biometric information of a person is collated by the biometric information collating means, it can be surely authenticated whether or not the person is the specific person. Then, since the biometric information is collated by the biometric information collating means, only the specific person who is surely authenticated by the biometric information can access the personal information storage means. For this reason, it becomes impossible for anyone other than the specific person to access the personal information storage means, whereby the confidentiality can be maintained even if the personal information of the specific person is stored in the personal information storage means.

[0012] That is, since it is checked whether or not a specific person is performed by performing verification using biometric information whose characteristics are different for each individual, it is possible to authenticate the specific person with extremely high accuracy. Even if an attempt is made to access the personal information storage means, it is possible to prevent the access by collation by the biometric information collation means.

Further, another invention relates to a biometric information storage means capable of storing or storing biometric information on a specific person, and directly or indirectly associating personal information required on a network with the specific person with the biometric information. Personal information storage means that can be stored or stored, biological information reading means capable of reading biological information about a specific person, personal information storage means and biological information storage means, Authentication is performed by comparing the biometric information stored in the biometric information storage means with the biometric information read by the biometric information reading means, and the specific person stored in the personal information storage means only when the two biometric information matches. And a biometric information collating unit that makes it possible to access or display personal information related to the subject.

As described above, the personal information required on the network is stored in the personal information storage means directly or indirectly associated with the biological information. Therefore, when personal information such as a PIN is required on the network, the PIN is displayed after the personal information is collated by the biometric information collation unit, or access is performed with the PIN retrieved. By doing so, for example, it is possible to quickly access a specific site or the like that requires a password or the like.

In order to derive personal information such as a personal identification number required on a network, a biometric information collating unit authenticates whether or not a specific person is used by using unique biometric information. It becomes possible to authenticate a specific person with extremely high accuracy, and even if another person tries to access the personal information storage means, it is possible to prevent the access by matching by the biometric information matching means.

Still another aspect of the present invention is a biological information storage means capable of storing or storing biological information relating to a specific person,
Personal information storage means capable of storing or storing personal information relating to a specific person and information to be kept secret directly or indirectly in association with biological information, and biological information reading means capable of reading biological information relating to a specific person; The personal information storage means and the biological information storage means are connected to each other, and the authentication of the specific person is performed by comparing the biological information stored in the biological information storage means with the biological information read by the biological information reading means. And a biometric information collating unit that can access or display the personal information on the specific person stored in the personal information storage unit only when the two biometric information matches each other.

For this reason, if the biometric information on the specific person stored in the biometric information storage means matches the biometric information read by the biometric information reading means by collation by the biometric information collation means, the personal information By accessing the storage means, it is possible to obtain personal information about a specific person who wants to keep secret, and it is possible to browse personal information about the specific person who wants to keep secret.

Even in this case, the authentication of the specific person is performed by the biometric information collating means using the unique biometric information. Therefore, the authentication of the specific person can be performed with extremely high accuracy. In addition, even if another person tries to access the personal information storage means, the access can be prevented by collation by the biometric information collation means. As a result, it is possible to keep the confidentiality of the personal information to be kept secret.

In another aspect of the present invention, in addition to the above-described inventions, the personal information stored in the personal information storage means can be displayed on the display means while being opened or can be displayed at any time. This is to access a site that requires the above personal authentication. For this reason, at a site on the network that requires personal authentication, based on the personal information stored in the personal information storage means, the site can be immediately authenticated as to whether or not it is a specific person.

Further, in another aspect of the present invention, in addition to the above-mentioned inventions, a specific person operates a personal information storage unit and / or a biological information storage unit and connects the network to a network. It is provided in. For this reason, when the biometric information storage means is provided in the information terminal device, it becomes possible to make this information terminal device function as an authentication station that authenticates whether or not a specific person is based on the biometric information. When both the biometric information storage unit and the personal information storage unit are provided in the information terminal device, the information terminal device performs authentication based on the biometric information as to whether or not the user is a specific person. In this case, it is possible to access the personal information storage means and obtain personal information of a specific person. Thus, personal information that can be accessed only by a specific person can be created in the information terminal device, and personal information that can be known only by the specific person can be stored.

According to another aspect of the present invention, in addition to the above-mentioned inventions, the biological information storage means and the personal information storage means are shared by one server, and the biological information and the personal information are stored in one server for each individual.
It is to be saved in two file formats. This eliminates the need to provide a plurality of servers. Also, by storing the biometric information and personal information in one file format for each individual, the correspondence between the biometric information and personal information becomes clear, and when the biometric information matches and a specific person can be authenticated, the personal information is immediately obtained. The information can be obtained by the specific person.

Further, according to another invention, in addition to the above-mentioned inventions, the biometric information collating means further comprises a step of inputting information which is useful for identifying an individual before collating biometric information.
Based on the information, a database is searched to narrow down the target biometric information, and when no reference information is input, all the biometric information in the biometric information storage unit is searched. .

With this configuration, first, when there is information that is useful for identifying an individual, the information is input to narrow down the biological information to be searched. Thus, when performing authentication using biometric information, it is possible to reduce the time required to search for the extracted biometric information when comparing biometric information when authenticating a specific person.

According to another aspect of the present invention, in addition to the above-mentioned inventions, both or one of the biometric information in the biometric information storage means and the personal information in the personal information storage means can be specified by a specific device connected to a network. The information is stored in both an information terminal device operated by a person and a server accessed by the information terminal device via a network.

[0025] With this configuration, even if the biological information and / or personal information is lost from the server or the information terminal device accessed via the network, the backup status is maintained. Therefore, recovery of biological information or personal information becomes easy. Also,
When the biometric information is stored in both the information terminal device and the server, a configuration is possible in which both the information terminal device and the server can authenticate whether or not the user is a specific person based on the biometric information.

Further, in another invention, in addition to the above-mentioned inventions, a first encrypting means for encrypting at least one of biometric information and personal information, and encryption by the first encrypting means. A first decoding means for decoding the applied information is provided.

For this reason, even if another person illegally obtains the biometric information on the network, the biometric information cannot be determined by performing the encryption by the first encryption means. As a result, another person cannot use the biological information at all, and the security of the biological information is improved. Also, by providing the first decryption means,
The biological information encrypted by the first encrypting means can be decrypted, and thereafter, when the biological information is stored in the biological information storage means, it is possible to confirm whether the biological information is appropriate.
In addition, it is possible to perform collation with the biological information stored in the biological information storage means.

According to another invention, in addition to the above-mentioned invention, a second encryption means is connected to the biometric information storage means, and the biometric information storage means encrypts biometric information relating to a specific person. A second decryption unit is connected to the biometric information storage unit and the biometric information comparison unit, and the biometric information encrypted by the second encryption unit is transmitted to the biometric information comparison unit. This is to be decrypted at the time of collation.

For this reason, the biological information stored in the biological information storage means is encrypted, so that even if another person accesses the biological information storage means, the biological information cannot be determined. Become. Further, by performing the encryption in this way, even if another person takes this biometric information out of the biometric information storage means, it cannot be used at all. For this reason, security for biological information is improved. Also, by providing the second decryption means,
When it is necessary to verify the biometric information, the biometric information can be decrypted and verified.

Further, another invention relates to an information recording method for recording information on a specific person via a network, wherein a biological information reading step for reading the biological information of the specific person, and a biological information read in the biological information reading step. A transmitting step of transmitting information, and receiving the biological information transmitted in the transmitting step, and comparing the received biological information with the biological information of the specific person stored in advance in the biological information storage means, thereby identifying the specific individual. In the biometric information authentication step of performing the authentication of whether or not, in the authentication in the biometric information authentication step, when the biometric information transmitted in the transmission step and the biometric information stored in the biometric information storage means in advance, Recording a personal information relating to a specific person in the personal information storage means.

In this way, when the personal information relating to the specific person is stored in the personal information storage means, only the specific person whose biometric information matches can be stored.
In this manner, since personal information storage is accessed and personal information can be stored after authenticating whether or not the individual is a specific person using biometric information, a person other than the specific person can access the personal information storage. Even if it is stored here, it is possible to prevent the access by collation by the biometric information collation means.

Another aspect of the present invention is an information recording method, comprising: a biometric information reading step of reading biometric information of a specific person; a transmitting step of transmitting biometric information read in the biometric information reading step; Biometric information authentication that receives the biometric information transmitted in step 1 and authenticates the specific person by comparing the biometric information of the specific person previously stored in the biometric information storage unit with the received biometric information. In the authentication process in the biometric information authentication process, when the biometric information transmitted in the transmission process matches the biometric information stored in the biometric information storage device in advance, the personal information storage device stores information on a network related to a specific person. And a recording step of directly or indirectly associating the necessary personal information with the biological information and recording the personal information.

By doing so, when storing personal information necessary for a specific person on the network in the personal information storage means, only the specific person whose biometric information matches can store the personal information. As described above, after performing authentication of a specific person using the biometric information, the user can access the personal information storage unit and store the personal information.
Even if a person other than a specific person accesses the personal information storage means and attempts to store it here, the access can be prevented by the matching by the biometric information matching means. Then, only the specific person matched by the collation can record the personal information required on the network directly or indirectly in association with the biological information.

Still another aspect of the present invention is an information recording method, comprising: a biometric information reading step of reading biometric information of a specific person; a transmitting step of transmitting the biometric information read in the biometric information reading step; Biometric information authentication that receives the biometric information transmitted in step 1 and authenticates the specific person by comparing the biometric information of the specific person previously stored in the biometric information storage unit with the received biometric information. The biometric information transmitted in the biometric information authentication step and the biometric information stored in the biometric information storage means in advance in the authentication in the biometric information authentication step. A recording step of directly or indirectly associating the information desired to be kept secret with the biological information and recording the information.

With this configuration, when storing personal information relating to a specific person and information to be kept secret in the personal information storage means, only the specific person whose biometric information matches can store the personal information. In this manner, since personal information storage is accessed and personal information can be stored after authenticating whether or not the individual is a specific person using biometric information, a person other than the specific person can access the personal information storage. Even if it is stored here, it is possible to prevent the access by collation by the biometric information collation means. Then, only the specific person matched by the collation can record the personal information about this specific person, which is desired to be kept secret, directly or indirectly in association with the biological information.

According to another aspect of the invention, in addition to the above-described information recording methods, the transmitting step further includes identifying the biological information together with the biological information read in the biological information reading step. In addition to transmitting the personal information, the biological information authentication step is to receive personal information for identifying who the biological information transmitted with the biological information transmitted in this transmission step is. .

Therefore, not only can the biometric information read in the biometric information reading step be transmitted, but also personal information for specifying who the biometric information is can be transmitted together. Thus, when searching for and extracting the biometric information of the specific person from the biometric information storage unit, the biometric information can be searched with reference to the personal information. This makes it possible to improve the search speed.

Further, in another invention, in addition to the invention of each of the information recording methods described above, at least one of biometric information and personal information is encrypted by an encryption step by an encryption step. It is. By doing so, even if another person illegally obtains at least one of the biological information and the personal information, it cannot be determined. As a result, another person cannot use the biometric information and personal information at all, and the security of the biometric information and personal information is improved.

Further, in addition to the above-described information recording method, another invention further comprises a decrypting step of decrypting the information encrypted in the encrypting step. . For this reason, at least one of the biometric information and the personal information transmitted in the transmission step can be decrypted, and the biometric information is compared in the biometric information collation step, and the transmitted biometric information or personal information is correct. It can be checked whether or not there is.

Further, another invention comprises personal information storage means for storing personal information of a specific person, and biometric information storage means for storing biometric information of the same specific person, wherein the specific person is connected via a network. In an information management method for managing access to personal information stored in personal information storage means, a biometric information reading step of reading biometric information of a specific person, and a transmitting step of transmitting biometric information read in the biometric information reading step And receiving the biological information transmitted in the transmission step, and performing authentication of whether or not the individual is a specific person by comparing the biological information of the specific person stored in the biological information storage means with the biological information received in the transmission step. A biometric information authentication step, and storing personal information when the biometric information stored in the biometric information storage unit matches the biometric information received in the transmission step in the biometric information authentication step. In which the personal information stored on stage specific person was to anda information browsing step of viewable.

With this configuration, it is impossible to access information stored in the personal information storage means except for a person who has been authenticated as a specific person by comparing the biometric information in the biometric information matching step. That is, since it is checked whether the individual is a specific person by performing matching with biometric information having different characteristics depending on the individual, it is possible to perform authentication of the specific person with extremely high accuracy. By performing such authentication, it is possible to prevent another person from improperly accessing the personal information storage means by impersonating a specific person. Sex can be maintained.

Further, another invention relates to a biometric information storage means for storing biometric information of a specific person, and directly or indirectly associating personal information required on a network relating to the same specific person with the biometric information. Information management method for managing access to personal information stored in the personal information storage means of the specific person, the personal information storage means storing the personal information stored in the personal information storage means. A transmitting step of transmitting the biological information read in the biological information reading step, and receiving the biological information transmitted in the transmitting step, and transmitting the biological information of the specific person stored in the biological information storage means. A biometric information authentication step of performing authentication of a specific person or not by collation with the received biometric information,
When the biometric information stored in the biometric information storage unit matches the biometric information received in the transmission process in the biometric information authentication process, the specific person can view the personal information stored in the personal information storage device. And an information browsing step.

For this reason, when browsing necessary personal information on a network relating to a specific person, access by anyone other than the person who has been authenticated as a specific person by the biometric information collation in the biometric information collation step is impossible. As described above, when personal information such as a password is required on the network, by displaying the biometric information collated by the biometric information collation means or by accessing the state where the password is extracted, For example, it is possible to quickly access a specific site that requires a password or the like while managing so that only a specific person and an authenticated person can access. By managing personal information by such authentication, it is possible to prevent another person from improperly accessing the personal information storage means by impersonating a specific person, and maintain the confidentiality of the personal information.

Further, another invention is a biometric information storage means for storing biometric information of a specific person, and personal information about the same specific person, which is to be kept secret, is directly or indirectly associated with this biometric information. A personal information storage means for storing the personal information stored in association with the personal information, wherein in the information management method for managing access to the personal information stored in the personal information storage means for the specific person, the biometric information for reading the biometric information of the specific person A reading step, a transmitting step of transmitting the biological information read in the biological information reading step, and receiving the biological information transmitted in the transmitting step and transmitting the biological information of the specific person stored in the biological information storage means. A biometric information authentication step of performing authentication of whether or not the individual is a specific person by collating with the biometric information received in the step, and biometric information stored in the biometric information storage unit in the biometric information authentication step If the feed and biological information received by the process were consistent, in which the personal information stored in the personal information storage means specific person was to anda information browsing step of viewable.

By doing so, it becomes impossible for anyone other than the person who has been authenticated as a specific person to be able to access the information stored in the personal information storage means by comparing the biometric information in the biometric information matching step. That is, since it is checked whether the individual is a specific person by performing matching with biometric information having different characteristics depending on the individual, it is possible to perform authentication of the specific person with extremely high accuracy. By performing such authentication, it is possible to prevent another person from improperly accessing the personal information storage means by impersonating a specific person, and store personal information that the specific person wants to keep secret in the personal information storage means. Can also keep confidentiality and can safely manage personal information that you want to keep secret.

According to another invention, in addition to the invention of each of the information management methods described above, the transmitting step further specifies the biological information read in the biological information reading step and the identity of the biological information. In addition to transmitting the personal information, the biological information authentication step is to receive personal information for identifying who the biological information transmitted with the biological information transmitted in this transmission step is. .

By doing so, it becomes possible not only to transmit the biological information read in the biological information reading step, but also to transmit personal information for specifying who the biological information is. Thereby, when searching and extracting the biological information of the specific person from the biological information storage means,
Biological information can be searched with reference to the personal information. This makes it possible to improve the search speed.

Further, in another invention, in addition to the invention of each of the information management methods described above, at least one of biometric information and personal information is encrypted by an encryption step. By doing so, even if another person illegally obtains at least one of the biological information and the personal information, it cannot be determined. As a result, another person cannot use the biometric information and personal information at all, and the security of the biometric information and personal information is improved.

[0049] Further, in addition to the above-mentioned invention of the information management method, the invention further comprises a decryption step of decrypting the information encrypted in the encryption step. . For this reason, at least one of the biometric information and the personal information transmitted in the transmission step can be decrypted, and the biometric information is compared in the biometric information collation step, and the transmitted biometric information or personal information is correct. It can be checked whether or not there is.

Further, in another invention, the biological information stored in the biological information storage means and the personal information stored in the personal information storage means are encrypted. For this reason, even if another person illegally accesses the biometric information storage means and the personal information storage means, the biometric information cannot be discriminated because these are encrypted. Further, by performing the encryption in this way, even if another person takes out the biological information and the personal information from the biological information storage means, it cannot be used at all. For this reason, security for biological information is improved.

[0051]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS One embodiment of the present invention will be described below with reference to FIGS. In the following description, the configuration of the authentication system is shown, and a procedure for registering with the authentication system and a procedure for performing authentication using the authentication system after registration are also described.

FIG. 1 is a system diagram showing a configuration of an authentication system 10 according to the present invention. In this figure, an individual A who is a user first registers his / her biometric information in the certificate authority 20. At the time of this registration, predetermined personal information (hereinafter referred to as initial personal information) such as the address and telephone number of the individual A is entered in the information terminal device 11 such as a personal computer possessed by the individual A, and Reading device 12 connected to device 11
To read the biological information of the individual A. The reading device 12 reads, for example, a fingerprint, a face shape, a retinal pattern, an iris pattern, a palm shape, a voiceprint / voice, or a blood vessel pattern in the retina. Note that the biometric information may be read immediately without registering the initial personal information. Alternatively, a simple ID, for example, a date of birth, may be input instead of the initial personal information to increase the speed of searching for subsequent biometric information.

Here, when using the authentication system 10 of the present invention, it is necessary to perform a first procedure for registering the biometric information of the individual A who is the user. Hereinafter, the registration procedure of the biometric information will be described with reference to the flowchart of FIG.

The biological information of the individual A is read by the reading device 12 as a biological information reading means (step S).
1). The reading device 12 is provided with a reading sensor 13 for reading biological information such as a fingerprint, and the read information read by the reading sensor 13 is transmitted to an authentication station 20 in a network server via a network such as the Internet. This is a configuration that is transmitted.

Further, the reading device 12 may be provided with only the reading sensor 13, but a card reader (not shown) that inserts an IC card storing fingerprint information and other information and reads information on the IC card is also provided. The configuration may be provided. In this way, if the information of the IC card is read by the card reader, it is possible to confirm whether or not the person is the person with the IC card, and it is possible to confirm the person by reading the biological information X with the reading sensor 13. . This provides a configuration that can ensure double safety. Also,
By collating both data, the function of the certificate authority 20 can be replaced by the information terminal device 11.

As shown in FIG. 1, the biological information X read by the reading device 12 is temporarily stored in the memory 14 or the like of the information terminal device 11 (step S2). The biological information X stored in the memory 14 or the like is encrypted by the first encryption unit 15 existing inside the information terminal device 11 (step S3). The first encryption unit 15 is configured by activating an encryption program stored in a storage unit of the information terminal device 11. That is, when the biometric information X is encrypted by the first encryption unit 15, the biometric information X is transmitted from the first communication unit 16 of the information terminal device 12, and the biometric information X is transmitted to another person in the middle of the network. Will not be able to determine anything.

The biological information X read by the reading device 12 and encrypted by the first encrypting means 15
, Along with the initial personal information of the person A
Is transmitted to the certificate authority 20 operating on the Internet by the communication means 16 (step S4). In this transmission, encryption may be performed not only on the biometric information X but also on its own initial personal information.

The initial personal information of the individual A and the encrypted biometric information X transmitted to the certificate authority 20 are stored in the second
(Step S5).
The second communication unit 21 receives only the mail transmitted in a predetermined format, and performs operations such as checking information such as a mail address relating to the individual A of the transmission source. Then, the initial personal information attached to the mail regarding the individual A and the encrypted biometric information X are decrypted using the first decryption means 23 (step S).
6). Note that the first decryption means 23 is a
The decryption program stored in the application server 22 is activated.

After the decryption, it is checked whether or not the decrypted biometric information X is appropriate, or whether there is any abnormality in the decryption. This check may be performed in the first decoding unit 23, or may be performed using a separate abnormality check unit. Thereafter, step S7 (described later) is preferably performed, but step S8 may be performed immediately after step S7 is skipped.

That is, the restored initial personal information and biometric information X on the individual A are registered in the database server 24 (step S8). In this case, an appropriate ID or password is assigned to each individual, and biometric information is registered together with the ID and password. At the same time, the registration of the initial personal information relating to the individual A is also performed together with the ID or the password. These are sent to the database server 24,
Each individual may be registered collectively, but in order to further secure the database, the initial personal information such as the address and the biological information X are associated with each other and the respective databases are stored in the database server 24. It may be created individually. In FIG. 1, a biometric information storage server 24a as biometric information storage means and a personal information storage server 24b as personal information storage means for storing initial personal information and personal information to be kept secret, which will be described later, are separately provided. Configuration.

Here, when registering the biometric information X in the biometric information storage server 24a, the biometric information X is encrypted by the second encryption means 25 constituted by the encryption program of the application server 22. (Step S7). The second encrypting means 25 reads the biometric information X of the individual A with the
The same encryption as the encryption means 15 may be performed, but encryption of another format may be performed to further improve security. When encrypting in a separate format, this separate format is supported.
The configuration is such that a second decoding unit 26 described later is provided.

The above is the first procedure for registering the biometric information X. After the registration of the biometric information X, an appropriate ID and password are given to the individual A who is the user (step S9). The ID and the password are input before the biometric information Y to be authenticated to identify the individual A when the authentication system 10 is used thereafter. However, in addition to providing such an ID or password, a configuration may be adopted in which personal information such as the date of birth is input to increase the authentication speed. Further, the identification of the individual A may be performed only by the biometric information Y for authentication without giving an ID or a password at all. That is, the ID, the password, the date of birth, etc. help identify the individual A, but the absolute identification of the individual A is performed only based on the biological information.

After performing the above first procedure, the individual A who is the user performs a second procedure for inputting and registering information desired to be managed by the authentication system 10. Hereinafter, this will be described with reference to FIG.

As described above, after the registration and management of the biometric information X, if the user wants to continue to register the personal information,
The individual A transmits information desired for information management to the certificate authority 20 and registers this information. This information is used for personal authentication such as various services used on the network, an ID for using the service, a password, and the like. These are those that the individual A wishes to keep secret and manage information.
It is optional by the individual A's will. In the following description, the information desired to be registered will be described as registration desired information. The case where the individual A accesses the certificate authority 20 again and wants to register the registration request information will be described below.

Prior to transmitting the registration request information to the certificate authority 20, it is confirmed whether or not the individual A is himself / herself. In this confirmation, the individual A first accesses the certification authority 20, inputs an appropriate ID and password (step S10), and causes the reader 12 to read the biometric information Y for authentication (step S11). Then, the biometric information Y is stored in the memory 14 (step S12), and is stored in the certificate authority 20.
This is done by transmitting it to This authentication target biometric information Y
Is transmitted by the first encryption unit 15 (step S13). After that, the first communication means 16 transmits the biological information Y (step S1).
4).

Note that a flow in which step S10 is omitted may be adopted. Further, even if the flow includes step S10, if the user forgets the ID or password, the flow may be such that the subsequent steps operate normally even if step S10 is omitted. Of these flows, the latter is preferable.

After receiving the encrypted biometric information Y in the second communication means 21 (step S15),
The biological information Y encrypted by the first decryption means 23 is decrypted (step S16). Subsequently, the biological information X of the individual A is extracted from the biological information storage server 24a (step S17). The extraction of the biometric information X is performed by specifying the biometric information X based on information such as an ID and a password input by the individual A. In the case of the flow in which step S10 is omitted, or in the case of the flow in which step S10 may be omitted, the raw data of the biological information X is compared with the biological information Y.

After the encrypted biometric information X is extracted, if the biometric information X has been encrypted by the second encrypting means 25, it is decrypted by the second decrypting means 26 (step). S18). The second decryption means 26 is also configured by activating a decryption program stored in the application server 22 in the same manner as the first decryption means 23 described above.

After each of the biometric information X and the biometric information Y is decrypted and collated, the biometric information collating means 30 checks whether or not the biometric information X and the biometric information Y match (see FIG. 4). Step S19). The biometric information matching means 30 is also configured by starting a biometric information matching program stored in the application server 22. However, a configuration in which a biometric information matching unit is separately provided as hardware may be employed.

If it is determined that they match, as a result of the collation, the registration request information is transmitted as follows and registered in the personal information storage server 24b in association with the ID or password (step S20). Conversely, when it is determined that the biological information X and the biological information Y do not match,
By stopping the second communication means 21 or not displaying the homepage for inputting the registration desired information, the subsequent registration desired information cannot be transmitted and the subsequent operation does not proceed. Have been.

When the ID and the password are not registered, the personal information as the registration request information is stored in the personal information storage server 2 using the address or the like storing the biometric information X.
4b. In addition, 2 in the database server 24
If you do not separate into two servers 24a, 24b, ID,
The password, the initial biometric information, the biometric information X, and the registration request information are stored in a format arranged in a position row. In this case, I
A format in which D, password, and initial personal information are not registered can also be adopted.

When it is determined that the biometric information X and the biometric information Y match, the certificate authority 20 can access the personal information storage server 24b for storing the information of the individual A. Then, it is possible to freely store or delete the registration request information in the database of the individual A stored in the personal information storage server 24b in association with the biological information X (step). S2
0). When the individual A transmits the registration request information, the first encryption unit 15 encrypts the registration information. Then, after the encryption, the registration information is stored in the database of the individual A in the biological information storage server 24a. Then, if the registration has been made surely, the fact is transmitted to the individual A.

The above is the second procedure, the authentication system 1
0 is a procedure for inputting and registering information desired to be registered and managed. Next, a third procedure in the case where the individual A who is the user makes an inquiry about the registered unique information will be described below with reference to FIG.

Also in this case, first, similarly to the above-described second procedure, an ID and a password for specifying the individual A are input (step S30), and the certificate authority 20 is first accessed. It should be noted that the flow may be such that step S30 is omitted, or the flow may operate even if step S30 is omitted. When step S30 is performed,
If the person who has input such an ID or password, or if step S30 is not performed, the certificate authority 20 confirms whether or not the person making the inquiry is truly the individual A, by using the reading device 12 Of the individual A to be authenticated is read by the reading sensor 13 (step S31). Subsequently, the biological information Y read by the reading device 12 is stored in the memory 14 (step S32), and thereafter, is encrypted by the first encryption unit 15 (step S33). Then, it is transmitted to the certificate authority 20 via the first communication means 16 (step S34).

Then, in the same manner as described in the above-mentioned second procedure, the transmitted biological information Y is received after the biological information Y is received by the second communication means 21 (step S3).
5) Decrypt by the first decryption means 23 (Step S)
36). Subsequently, the biological information X specified by the information such as the ID and the password is extracted from the database (step S37), and is decoded by the second decoding unit 26 (step S38).

Then, the biometric information collating means 30 checks whether or not the biometric information X and the biometric information Y match (step S39). As a result, if it is determined that they match, the database of the individual A in the personal information storage server 24b can be accessed, and the information previously registered by the individual A can be displayed and freely browsed (step S40). ). Conversely, if it is determined that the biological information X and the biological information Z do not match, the database of the individual A in the personal information storage server 24b cannot be accessed, and the operation does not proceed thereafter. When step S30 is omitted, the raw data of the biometric information X and the biometric information Y are collated.

According to the authentication system 10 configured as described above, after the reading device 12 reads the biometric information Y, the biometric information Y is received via the first communication means 16 and the second communication means 21. Then, the biometric information Y and the prestored biometric information X of the individual A are compared with the biometric information matching means 3.
It has a configuration for matching by 0. As described above, since the authentication of the individual A is performed by using the biometric information matching means 30 using the biometric information unique to each individual, the authentication of the individual A is surely performed. I can do it.

As described above, as a result of comparing the biometric information X and the biometric information Y by the biometric information matching means 30, only the individual A whose biometric information matches can access the database of the individual A in the personal information storage server 24b. . This makes it impossible for anyone other than the individual A to access the personal A database of the personal information storage server 24b, thereby maintaining high confidentiality even if the personal information of the individual A is stored in the database. Becomes possible.

That is, since it is confirmed whether or not the individual A is the individual A by performing the collation with the biometric information having different characteristics depending on the individual, it is possible to authenticate the individual A with extremely high accuracy, and it is possible for another person to perform the authentication. Even if an attempt is made to access the database, it is possible to prevent the access by collation by the biometric information collation means 30.

As described above, the database of the individual A in the personal information storage server 24b can keep high confidentiality. For example, here, the ID and the password of the bank operating on the network, the ID of the Internet connection provider are stored. Even if a password, an e-mail address, a server address, an ID of a site providing a service on the Internet, a password, and the like are described, there is no risk of being seen by others. Further, even if the user A forgets the various passwords and the like on the network possessed by the individual A, the individual A can access the database of the individual A in the personal information storage server 24b at any time and can recall it again.

When the user accesses the certification authority 20 while connected to a network such as the Internet, and accesses a service receiving site with the personal information opened, the user can easily enter the service site. . In other words, by copying the necessary ID and password from the opened personal information page and copying it into the ID entry field and password entry field of the site that you want to enter,
It is possible to enter the service site. Further, by interposing a predetermined program, an ID or a password in a page of the opened personal information can be clicked, and thereby, an ID or a password of a service site to be entered can be inserted. .

The biometric information transmitted from the first communication means 16 is encrypted by the first encryption means 15 so that the biometric information transmitted from the first communication means 16 is transmitted to the network. Even if another person obtains the information illegally, the biological information cannot be determined. For this reason, even if another person obtains biological information, it cannot be used at all,
Security for biological information is improved.
That is, the security is maintained even if the biometric information is transmitted via the network.

Further, since the first decrypting means 23 decrypts the biometric information encrypted by the first encrypting means 15, the biometric information is stored in the biometric information storage server 24a thereafter. It is possible to confirm whether or not there is any abnormality. In addition to the case where the information is stored in the biological information storage server 24a, the first decryption unit 23 decodes the information by performing the matching with the biological information stored in the biological information storage server 24a. Then, the matching by the biometric information matching means 30 can be performed.

When the biometric information is stored in the biometric information storage server 24a by the second encryption means 25,
It becomes possible to perform encryption. Therefore, even if another person illegally accesses the biometric information storage server 24a, the biometric information cannot be determined. Further, even if another person takes out the biological information from the biological information storage server 24a, it cannot be used by encryption. For this reason, security for biological information can be improved.

Further, since the second decoding means 26 decodes the biometric information stored in the biometric information storage server 24a, if it becomes necessary to verify the biometric information, the second decoding means 26 It is possible to decrypt the biometric information encrypted by the encrypting means 26 and immediately perform collation.

Next, a second embodiment of the present invention will be described with reference to FIG. The second embodiment is provided in the information terminal device 11 described in the first embodiment.
That is, in the authentication system 40 of this embodiment, the reading sensor 13, the memory 14, the first encryption unit 15, and the first communication unit 16 are installed on the mouse 41 as the input unit. The mouse 41 and a personal computer 42 serving as an information terminal device are connected by wireless means such as infrared rays. Note that both may be connected by wire instead of wirelessly.

In the second embodiment, the second encryption means 25 and the second decryption means 26 in the first embodiment are not interposed, but they may be provided. Also, each procedure in the second embodiment is
The procedure is the same as that of the first embodiment, except that the second encryption unit 25 and the second decryption unit 26 are not included. When the two pieces of biometric information X and Y match with each other by the biometric information matching means 30, the application server 22
The first decryption unit 23 decrypts the personal information stored in the personal information storage server 24b in the display unit 43 connected to the personal computer 42 and displays the decrypted personal information.

First, the application program in the application server 22 is started, and at that time,
A screen corresponding to the flow described in the first to third procedures is displayed on the display means 43, and personal information is displayed when the two pieces of biometric information X and Y match, and "Personal recognition" Do not match "and the personal information may not be displayed. The activation and display of the application program can be similarly performed in the case of the certificate authority 20 in the first embodiment.

After the personal information is displayed, the individual A connects to a network such as the Internet. At this time, since all the IDs, passwords, and the like required on the network are known from the point of connection, it is possible to smoothly access the network from the point of connection and receive various services on the network.

Although the embodiments of the present invention have been described above, the present invention can be variously modified in addition to the embodiments. Hereinafter, this will be described.

In each of the above embodiments, the information terminal device 1
Although a case where a personal computer is used as the device 1 and a case where the personal computer 42 is used as the device having the certificate authority 20 is described, the information terminal device 11 and the device having the certificate authority 20 are not limited to the personal computer. Connectable mobile phone terminals and portable information terminals (P
DA) and terminal devices such as game machines, mice,
Computer peripheral devices such as a keyboard and a scanner may be used.

In the above-described first embodiment, when initial personal information is first registered, the information is digitized and transmitted via a network. It is preferred that That is, the individual A may first transmit only the biometric information X, and return only the registered information and the ID or the registered information from the certification authority 20 via the network. In this case, only the biometric information X or the biometric information X and the ID are stored in the database server 24. In the case of a system for identifying and authenticating an individual, the returned ID and information for identifying the individual such as a name are written in a form and sent to the operator of the certification authority 20. If you want your system to remain anonymous,
This system is operated only with the biometric information X or only with the biometric information X and the ID without sending the information for revealing the individual.

The biometric information includes a fingerprint, a human signature,
There are a palm shape, a face shape, an ear shape, a body odor, a finger length, a blood vessel pattern such as a vein, a DNA, a voice print, and the like, and any of these biological information may be used. When using any of these biometric information, the reading device 12 and the reading sensor 13 corresponding to the biometric information are used.

Further, the reading device 12 can be variously modified, for example, the reading device 13 may be provided with a reading sensor 13 for reading a fingerprint on a portable telephone terminal, or a mouse for a personal computer 42 as in the second embodiment. Various modifications are possible, such as a configuration in which the reading sensor 13 for reading the fingerprint is provided on the reading device 41.

The biometric information matching means 30 may be configured to authenticate an individual by combining a plurality of biometric information such as a fingerprint and an iris. As described above, when a plurality of pieces of biometric information are combined, authentication can be performed with extremely high accuracy.

In each of the above-described embodiments, various types of authentication for using personal information on a network have been described. However, in addition to those used on these networks, or in addition to these, actual information may be used. Everything you use in your life, such as your bank card PIN, credit card PIN, safe key number, acquaintance's address, name, date of birth, popularity, memo, memorandum, etc. The subject can be treated as personal information in the present invention. These can be applied to both the case where the network is accessed and the case where the network is not accessed.

Further, in each of the above-described embodiments, the certification authority 20 on the Internet or the certification authority 20 in the personal computer 42 is used.
Has described the configuration for managing the biological information storage server 24a and the personal information storage server 24b.
4b may be managed by a personal computer, a mobile phone, a portable information terminal, a game machine, or the like owned by an individual, and the other may be managed by a predetermined server on a network. In this case, the certificate authority 20 is constituted by a device owned by an individual and a server on a network. Specifically, authentication can be performed by equipping a device owned by an individual with the reading device 12 and performing the above-described first to third procedures via a network.

Further, the biometric information Y managed by the biometric information storage server 24a and the personal information managed by the personal information storage server 24b are stored and managed in both the device owned by the individual and the server on the network. May be. In this case, the owner can use the device to confirm personal information before connecting to the network as in the second embodiment, and access the server on the network when using another device for claims or the like. Then, the personal information can be confirmed from the certificate authority 20 therein. Further, instead of storing both pieces of information, one of the two pieces of information may be stored and managed in a double manner.

In each of the embodiments, encryption and decryption are performed. However, the configuration is such that neither encryption nor decryption is performed, or one of biometric information and personal information is encrypted. Alternatively, the other may not be encrypted. Also, the encryption may be three or more steps other than one or two steps, or may be a combination of a public key method or another encryption method.

Further, the case where the biometric information, the user ID, and the password are used to perform the authentication of the specific person has been described. However, the place where the authentication of the specific person is performed (the information terminal device 11, Alternatively, the combination of the certificate authorities 20) can be changed at any time. When all the patterns of these combinations are illustrated, there are eight patterns in all. For example, as a first pattern, biometric authentication using a fingerprint or the like is performed on the information terminal device 1 on the specific person (client) side.
1. Some user IDs are used by the information terminal device 11 on the specific person side, and passwords are used by the information terminal device 11 on the specific person side.
As a second pattern, the biometric authentication is performed by the information terminal device 11 on the specific person side, the user ID is performed by the information terminal device 11 on the specific person side, and the password is performed by the authentication station 20 side.

As a third pattern, the biometric authentication is performed on the information terminal device 11 on the specific person side, and the user ID is defined on the authentication station 2.
There are those on the 0 side and the password on the certificate authority 20 side. In a fourth pattern, biometric authentication is performed by the information terminal device 11 on the specific person side, user ID is performed by the information terminal device 11 on the specific person side, and password is performed by the information terminal device 11 on the specific person side.

Further, as a fifth pattern, there is a pattern in which biometric authentication is performed by the certificate authority 20 side, the user ID is performed by the information terminal device 11 on the specific person side, and the password is performed by the information terminal device 11 on the specific person side. As a sixth pattern, there is a pattern in which biometric authentication is performed by the certificate authority 20, a user ID is performed by the information terminal device 11 on the specific person side, and a password is performed by the certificate authority 20.

Further, as a seventh pattern, there is a pattern in which the biometric authentication is performed by the authentication station 20 side, the user ID is performed by the authentication station 20 side, and the password is performed by the information terminal apparatus 11 of the specific person.
As an eighth pattern, biometric authentication is performed by the certification authority 20.
Side, the user ID is performed by the certificate authority 20 side, and the password is performed by the information terminal device 11 of the specific person side.

[0104]

According to the present invention, after the biological information is read by the biological information reading means, the biological information is received through the first communication means and the second communication means, and the biological information is read in advance. If the stored biometric information of the specific person is collated by the biometric information collating means, it can be surely authenticated whether or not the specific person. Then, since the biometric information is collated by the biometric information collating means, only the specific person who is surely authenticated by the biometric information can access the personal information storage means. For this reason, it becomes impossible for anyone other than the specific person to access the personal information storage means, whereby the confidentiality can be maintained even if the personal information of the specific person is stored in the personal information storage means.

That is, since it is confirmed whether or not a specific person is performed by performing verification using biometric information having different characteristics depending on individuals, it is possible to authenticate the specific person with extremely high accuracy. Even if an attempt is made to access the personal information storage means, it is possible to prevent the access by collation by the biometric information collation means.

[Brief description of the drawings]

FIG. 1 is a diagram showing a configuration of an authentication system according to a first embodiment of the present invention.

FIG. 2 is a flowchart showing a procedure for registering biometric information in the authentication system of FIG. 1;

FIG. 3 is a diagram showing a procedure for registering personal information in a personal information storage server in the authentication system of FIG. 1;

FIG. 4 is a diagram showing a procedure for accessing a personal information storage server and browsing personal information stored therein in the authentication system of FIG. 1;

FIG. 5 is a diagram showing a configuration of an authentication system according to a second embodiment of the present invention.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 10 ... Authentication system 11 ... Information terminal device 12 ... Reading device (biological information reading means) 13a ... Reading sensor 15 ... First encryption means 16 ... First communication means 20 ... Authentication station 21 ... Second communication means 22 ... Application server 23 ... First decryption means 24 ... Database server 24a ... Biometric information storage server (biological information storage means) 24b ... Personal information storage server (Personal information storage means) 25 ... Second encryption means 26 ... 2 decryption means 30 ... Biometric information collation means

──────────────────────────────────────────────────の Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI theme coat ゛ (reference) G06F 17/60 222 G06F 17/60 222 F term (reference) 5B017 AA03 BA05 BA07 BB09 CA15 CA16 5B055 HB01 HB02 HB03 HB04 5B075 KK43 KK54 KK63 ND20 PP03 PQ02 UU08 5B085 AE23 AE25

Claims (23)

[Claims] 1. An authentication system for managing personal information of a specific person via a network and authenticating whether or not a person accessing the personal information is a specific person, wherein personal information relating to the specific person can be stored or stored. Personal information storage means, a biological information storage means capable of storing or storing biological information about a specific person, a biological information reading means capable of reading biological information about a specific person, A first communication unit for transmitting the obtained biological information; a second communication unit for receiving the biological information transmitted by the first communication unit; a personal information storage unit and a biological information storage unit. The authentication of the specific person is performed by comparing the biometric information stored in the biometric information storage unit with the biometric information received by the second communication unit. An authentication system comprising: biometric information matching means that enables access to personal information on a specific person stored in the personal information storage means only when the codes match. 2. A biological information storage means capable of storing or storing biological information relating to a specific person, and personal information required on a network relating to the specific person being directly or indirectly associated with the biological information. Personal information storage means for storing, biometric information reading means capable of reading biometric information relating to a specific person, connected to the personal information storage means and the biometric information storage means, The biometric information stored in the biometric information storage unit is compared with the biometric information read by the biometric information reading unit, and the identification stored in the personal information storage unit is performed only when both biometric information matches. An authentication system comprising: biometric information matching means for enabling access or display of personal information on a person. 3. Biological information storage means capable of storing or storing biological information relating to a specific person, and storing personal information relating to the specific person, which is to be kept secret, directly or indirectly in association with the biological information. Or, a personal information storage unit that stores therein, a biological information reading unit that can read biological information about a specific person, and a personal information authentication unit that is connected to the personal information storage unit and the biological information storage unit and determines whether the user is a specific person. Is performed by comparing the biometric information stored in the biometric information storage unit with the biometric information read by the biometric information reading unit, and is stored in the personal information storage unit only when both biometric information matches. An authentication system comprising: biometric information matching means for enabling access or display of personal information on a specific person. 4. Accessing a site that requires personal authentication on a network while opening the personal information in the personal information storage means so that the personal information can be displayed on the display means or in a state where the personal information can be displayed at any time. The authentication system according to any one of claims 1 to 3, wherein the authentication system is performed. 5. The information terminal device according to claim 1, wherein said personal information storage means and / or said biological information storage means are provided in an information terminal device operated by said specific person and connected to a network. 5. The authentication system according to any one of items 1 to 4. 6. The server according to claim 1, wherein said biometric information storage means and said personal information storage means are combined in one server, and said biometric information and said personal information are stored in one file format for each individual. 6. The authentication system according to any one of claims 1 to 5. 7. The biometric information matching means, when information that is helpful in identifying an individual is input, searches a database based on the information before matching biometric information,
7. The method according to claim 1, wherein target biometric information is narrowed down, and when the reference information is not input, all biometric information in the biometric information storage unit is searched. An authentication system according to any one of the preceding claims. 8. An information terminal device which is operated by the specific person connected to a network, wherein the information terminal device is connected to a network by using the biological information in the biological information storage means and / or the personal information in the personal information storage means. The authentication system according to any one of claims 1 to 7, wherein the information is stored in both servers accessed by the information terminal device. 9. A first encryption unit for encrypting at least one of the biometric information and the personal information, and a first decryption for decrypting information encrypted by the first encryption unit. The authentication system according to any one of claims 1 to 8, further comprising an authentication unit. 10. A biometric information storage means is connected to a second encryption means for encrypting the biometric information storage means for storing biometric information relating to a specific person, A second decryption unit is connected to the biometric information matching unit, and the biometric information encrypted by the second encryption unit is decrypted at the time of the comparison by the biometric information matching unit. The authentication system according to any one of claims 1 to 9, wherein: 11. An information recording method for recording information relating to a specific person via a network, wherein a biometric information reading step for reading the biometric information of the specific person, and the biometric information read in the biometric information reading step are transmitted. A transmitting step, and receiving the biological information transmitted in the transmitting step,
A biometric information authentication step of performing authentication of a specific person by comparing the biometric information of a specific person stored in advance in the biometric information storage means with the received biometric information, and authentication in the biometric information authentication step. In the case where the biological information transmitted in the transmission step and the biological information stored in advance in the biological information storage means coincide with each other, a recording step in which personal information relating to a specific person can be recorded in the personal information storage means; An information recording method, comprising: 12. A biological information reading step of reading biological information of a specific person, a transmitting step of transmitting biological information read in the biological information reading step, and receiving the biological information transmitted in the transmitting step. ,
A biometric information authentication step of performing authentication of a specific person by comparing the biometric information of a specific person stored in advance in the biometric information storage means with the received biometric information, and authentication in the biometric information authentication step. In the case where the biological information transmitted in the transmission step matches the biological information stored in the biological information storage means in advance, the personal information required for the specific person on the network is stored in the personal information storage means. A recording step of enabling recording in direct or indirect association with biological information. 13. A biological information reading step for reading biological information of a specific person, a transmitting step for transmitting the biological information read in the biological information reading step, and receiving the biological information transmitted in the transmitting step. ,
A biometric information authentication step of performing authentication of a specific person by comparing the biometric information of a specific person stored in advance in the biometric information storage means with the received biometric information, and authentication in the biometric information authentication step. In the case where the biological information transmitted in the transmission step matches the biological information stored in advance in the biological information storage means, the personal information storage means stores the personal information relating to the specific person and the information to be kept secret. A recording step of enabling recording in direct or indirect association with the biological information. 14. The transmitting step transmits personal information for identifying who the biological information is with the biological information read in the biological information reading step, and the biological information authentication step includes: The personal information for identifying who transmitted the biological information together with the biological information transmitted in the transmitting step is received.
14. The information recording method according to any one of 1 to 13. 15. The information recording method according to claim 11, wherein at least one of the biological information and the personal information is encrypted by an encryption step. 16. The information recording method according to claim 15, further comprising a decrypting step of decrypting the information encrypted by said encrypting step. 17. A personal information storage means for storing personal information of a specific person, and a biometric information storage means for storing biometric information of the same specific person, wherein the specific person stores the personal information in the personal information storage means via a network. An information management method for managing access to stored personal information, comprising: a biological information reading step of reading biological information of a specific person; a transmitting step of transmitting the biological information read in the biological information reading step; While receiving the biological information transmitted in the process,
A biometric information authentication step of performing authentication of whether or not a specific person is performed by comparing biometric information of a specific person stored in the biometric information storage unit with biometric information received in the transmission step; An information browsing step of enabling a specific person to browse the personal information stored in the personal information storage means when the biological information stored in the biological information storage means matches the biological information received in the transmission step; An information management method, comprising: 18. A biometric information storage means for storing biometric information of a specific person, and personal information necessary on the network for the same specific person, directly or indirectly associated with the biometric information and stored. An information management method for managing access to personal information stored in the personal information storage means of the specific person, comprising: a personal information storage means; a biometric information reading step of reading biometric information of the specific person; A transmitting step of transmitting the biological information read in the information reading step, and receiving the biological information transmitted in the transmitting step,
A biometric information authentication step of performing authentication of whether or not a specific person is performed by comparing biometric information of a specific person stored in the biometric information storage unit with biometric information received in the transmission step; An information browsing step of enabling a specific person to browse the personal information stored in the personal information storage means when the biological information stored in the biological information storage means matches the biological information received in the transmission step; An information management method, comprising: 19. A biometric information storing means for storing biometric information of a specific person, and storing personal information relating to the same specific person, which is to be kept secret, in direct or indirect association with the biometric information. Personal information storage means,
An information management method for managing access to personal information stored in personal information storage means of the specific person, comprising: a biological information reading step for reading the biological information of the specific person; and a biological information read in the biological information reading step. And transmitting the biological information transmitted in the transmitting step,
A biometric information authentication step of performing authentication of a specific person by comparing biometric information of a specific person stored in the biometric information storage unit with biometric information received in the transmission step; An information browsing step of allowing a specific person to browse the personal information stored in the personal information storage means when the biological information stored in the biological information storage means matches the biological information received in the transmission step; An information management method, comprising: 20. The transmitting step transmits personal information for identifying who the biometric information is with the biometric information read in the biometric information reading step, and the biometric information authentication step includes: The personal information for identifying who transmitted the biological information together with the biological information transmitted in the transmitting step is received.
20. The information management method according to any one of 7 to 19. 21. The information management method according to claim 17, wherein at least one of the biological information and the personal information is encrypted by an encryption step. 22. The information management method according to claim 21, further comprising a decryption step of decrypting the information encrypted in the encryption step. 23. The biometric information stored in the biometric information storage means and the personal information stored in the personal information storage means are encrypted. The information management method according to any one of the above.