JP2002117350A - Service issuing method, service providing method, and system therefor - Google Patents

Abstract

(57) Abstract: The present invention makes it possible to specify a user without using a special recording medium by embedding information for specifying the user in data with little redundancy. The purpose is to: According to the present invention, a service issuing system (1110)
In response to an application from the user system 1210, identification is performed by an identification number issuing unit 1120 that issues an identification number 1130 necessary for receiving a service, and a secret key 1140 corresponding to a public key owned by the service provider. An encryption unit 1150 that encrypts the number 1130 to generate encrypted data 1160 and an encryption unit 1170 that encrypts the encrypted data 1160 by using an encryption key 1240 corresponding to a decryption key owned by the user system 1210 to generate the encrypted data 1180 Is provided.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a service issuing method for issuing identification information necessary for receiving a service to a user, a system thereof, and determination of whether or not the service can be provided according to the user. And a system for providing the service.

[0002]

2. Description of the Related Art As a conventional technique, Japanese Patent Application Laid-Open No. H11-239129 discloses that a content purchased by a purchaser is encrypted with the purchaser's public key and sent to the purchaser, and the purchaser uses the content. In the case of (decryption), it is disclosed that a digital signature is created using a private key of a purchaser himself and the digital signature is embedded in a content as a digital watermark. If an unauthorized copy is found, the purchaser can be identified by detecting the electronic signature.

[0003] Japanese Patent Application Laid-Open No. 11-261550 discloses a technique of extracting features from an electronic document to generate feature data, encrypting the feature data with an encryption key of a party, and creating encrypted data.
Further, by attaching external authentication data such as a date to the encrypted data and encrypting the data with the encryption key of the external authenticator, it is possible to prevent falsification of the document even by a party. It promotes the conversion.

[0004]

The invention described in Japanese Patent Application Laid-Open No. 11-239129 is to create an electronic signature using a purchaser's own private key, and to embed the created electronic signature in a content as an electronic watermark. Yes, this makes it possible to identify the buyer who made the illegal copy. However, digital watermarks can be embedded in content such as images and music, but it is difficult to embed them in data with little redundancy. And the fact that the target for embedding the buyer's digital signature is large data,
This means that it is necessary to have a recording medium for storing this large data.

[0005] Further, the electronic signature described in the invention described in Japanese Patent Application Laid-Open No. 11-239129 is information by which a third-party organization or a content distributor can identify a purchaser.
The electronic signature alone cannot identify the purchaser himself. That is, regardless of the content of the information described in the electronic signature, the watermark data detected from the content is identified by a third party or a content distributor by matching a database for managing purchaser information. Therefore, a database is indispensable at the place where the buyer is identified. That is, the place where the conventional technology is used is limited to a place where the database of the purchaser can be managed and installed, or a place where the database can be accessed through the network.

[0006] The invention described in JP-A-11-261550,
By encrypting the electronic document with the public key of the external authenticator, even the person who created the electronic document cannot falsify the document. This makes the external certifier the only trusted entity. That is, the authenticator proves the correctness of the electronic document on the assumption that the electronic document is correct, thereby giving trust to the creator of the document. Therefore, it cannot be introduced to applications where a large number of places that cannot be said to have high security become authentication places, such as a general store or an entrance gate machine.

[0007] An object of the present invention is to embed information for identifying a user in data having little redundancy, thereby enabling a service issuing method and a service issuing method which can identify a user without using a special recording medium. It is to provide a service providing method and a system thereof.

Another object of the present invention is to provide a service for judging whether a user or a user's right is legitimate even in a place where a user database or a sufficient network environment cannot be maintained at the place of use. An issue method, a service providing method, and a system thereof are provided.
Alternatively, an object of the present invention is to provide a service issuing method, a service providing method, and a system thereof that can be used as a place where transactions can be reliably proved even in a store with low creditworthiness by suppressing improper use of the place of use itself. It is.

[0009]

According to the present invention, a service issuing system generates identification information necessary for receiving a service in response to an application of a user, and a first service provider owns the identification information. The identification information is encrypted with the first encryption key corresponding to the decryption key, and the encrypted identification information is encrypted again with the second encryption key corresponding to the second decryption key owned by the user.

According to the present invention, a service providing system stores a first decryption key owned by a service provider and first identification information necessary for receiving a service in a storage medium in advance, and stores the service in a storage medium. The second necessary to receive the offer
And the second decryption key owned by the user are obtained from the user, the second identification information is decrypted by the second decryption key, and the decrypted second identification information is The first decryption key is again used for decryption, and the second decrypted second identification information is compared with the first identification information.

[0011]

Embodiments of the present invention will be described below.

FIG. 1 is a processing flow of the service issuer system and the user system of the present invention. FIG. 2 is a diagram showing a data configuration of a medium for storing encrypted data of the present invention. FIG. 3 is a system configuration diagram of the service issuer system and the service provider of the present invention. FIG. 4 is a configuration diagram of a table in the service issuer system of the present invention. Figure
A database including this table exists in the third storage device 3060. FIG. 5 is a processing flow of the validity verification processing in the service provider system and the user system. Encrypted data refers to data encrypted with an encryption key. The decrypted data is data decrypted by the decryption key.

The participants in the present invention include a user who uses a service (receives a service), a service provider who provides a service to a user at a place where the service is actually used, and A service issuer that issues identification information necessary to receive the information. And
The service issuer and the service provider may be physically separated. For example, in the case of concert ticket sales, the service issuer is a company that issues and sells tickets, and the service provider is a concert operating company that collects tickets at concert sites. The two are usually separate organizations (company). The medium that connects these two parties is a ticket. For this reason, if the ticket is forged, the service provider has no means for rejecting an unauthorized user. In order to ensure that only the user who has contracted with the service issuer can provide the service from the service provider, the present invention utilizes the following encryption processing. However, the service issuer and the service provider may be the same business entity.

The service issuer system 1110 is a system (computer or the like) used by the service issuer.
It is. The service issuer system 1110 includes a display device (display) 3010 (for example, a CR) for displaying information.
T, a liquid crystal display, etc.), a data output device 3020 (for example, a printer, etc.) for outputting data, and a communication device 30 for communicating with other devices via a network or the like.
30 (for example, a modem, a terminal adapter, a LAN card, etc.) and an encryption key management device 30 for managing encryption keys.
40, an arithmetic unit 3050 (for example, CPU or the like) for performing an operation for executing each process, and a storage device 3060 (for example, a hard disk device) for storing data.
The service issuer system 1110 executes each process by the arithmetic device 3050 executing a program.

The service provider system 3100 is a system (computer or the like) used by the service provider.
It is. The service provider system 3100 includes a display device (display) 3110 (for example, CR) for displaying information.
T, liquid crystal display, etc.), a data output device 3120 (for example, a printer, etc.) for outputting data, a decryption key input device 3130 for receiving the input of a decryption key, and a decryption key storage device for storing the decryption key The system includes a 3140 (for example, a hard disk device), an arithmetic device 3150 (for example, a CPU) for performing an operation for executing each process, and a validity confirmation device 3160 for confirming the validity of the user. still,
The validity confirmation device 3160 may be realized by software.

The user system 1210 is a system (computer or the like) used by the user. The user system 1210 includes a display device (for example, a CRT, a liquid crystal display, etc.) for displaying information, and an arithmetic device (for example, a CPU) for performing an operation for executing each process.
Etc.), and a storage device for storing data necessary for the operation, data obtained as a result of the operation, and a program for executing each process.

The user system 1210 applies for a service to the service issuer system 1110. At this time, the user system 1210 transmits the user authentication information 1220 as its own information. The user authentication information is an identifier previously given to the user system 1210 by the service issuer system 1110, and is preferably a combination of a user ID and a password. The user authentication information is managed in association with use information 4250 such as a user's name 4230, a user's address 4240, and the type and frequency of a used service by a table 4210 in a storage device 3060.

The user system 1210 includes an encryption key generation unit 12
It has 30 and uses it to create an encryption key 1240.
The encryption key 1240 may be a value that can be obtained only by the user, and may be an encryption key created by the user himself or a value such as a password.

The service issuer system 1110 assigns an identification number 1130 for distinguishing service contents to an identification number issuing means.
Created in 1120. Taking the above concert ticket as an example, the process of assigning unique serial numbers to tickets corresponds to this.

The service issuer system stores the secret key 1140 created by the public key cryptosystem in the encryption key management device 3040, and encrypts the identification number with the secret key 1140 in the encryption means 1150. The data created by this encryption is referred to as encrypted data 1160. The service issuer system 1110 re-encrypts the encrypted data 1160 with the user's encryption key 1240 in the encryption means 1170. Note that the encryption means 1170 may be any function that inputs the encryption key 1240 and the encryption value and outputs the encryption data, and is not limited to so-called encryption processing. The data created by this encryption is referred to as encrypted data 1180. Since these numerical processes are performed in the arithmetic unit 3050, it is desirable that the arithmetic unit 3050 be a high-speed CPU. The encryption key 1240 is transmitted from the user system 1210 to the service issuer system in response to a request from the encryption unit 1180. The encrypted data 1180 created by the service issuer system 1110 is output from the data output device 3020 of the service issuer system 1110, and a paper ticket 211 as shown in FIG.
0 or stored in a medium such as a magnetic card or an IC card.

FIG. 2A shows a layout of data printed on a service use ticket when paper is used as a storage medium for the encrypted data 1180. Service ticket 2
At 110, at least a service name 2120 is printed as a title that allows the user to understand the service content in a single word, and at least a service content 2130 that describes the content of the service and the date and time at which the service is provided is printed. In the present invention, the service issuer system 11
Copy the encrypted data 1180 created in 10 into the encrypted data print area 21
Print on 40. The encrypted data 1180) is an encrypted data print area as numeric or / and character string data (symbol string data).
Although described in 2140, this data may be converted to a barcode or a two-dimensional code. When such a code is used, there is an advantage that the service provider system 3100 can be constructed at a low price because the reading device is general-purpose. Note that the two-dimensional code includes a stack type in which bar codes are stacked, a matrix type in which cells of the same size are arranged vertically and horizontally in black and white, and the like. Representative examples of the two-dimensional code include a QR code developed by Denso, a data matrix developed by ID Matrix, and a PDF417 developed by Symbol Technology. The decryption key entry field 2150 is an area to be filled in immediately before the user passes the service ticket to the service provider. When the service issuer prints the service ticket, the decryption key entry field 2150 is printed in a blank state. I do. However, the decryption key entry field 2150 may be of a mark sheet type. In this case, the service use ticket can be used by painting out the mark sheet before using the service use ticket. FIGS.2 (b) and (c) show the case where the paper service ticket 2210 is used in combination with the portable recording medium 2300 owned by the user.
It shows the layout of the data printed on the service ticket. In this case, the composite key 5230 is a magnetic card or IC
Decryption key recording area 23 of portable recording medium 2300 such as a card
Recorded in 10. Therefore, the service use ticket 2110
In, data excluding the decryption key entry field 2150, that is, the service name 2220, the service content 2230, and the encrypted data print area 2240 are printed on the service usage ticket 2210. In the present embodiment, the service use ticket is a so-called paper ticket or cyber spring ticket (paper with a magnetic material attached to the back side).
Etc., but may be a magnetic card or an IC card capable of storing the data shown in FIG. 2, or may be a portable information terminal such as a mobile phone, for example, and is not limited to a so-called paper ticket. .

Next, the table shown in FIG. 4 will be described. Tables 4010, 4110, and 4210 show databases constructed in the storage device 3060 of the service issuer system 1110. That is, there are a table 4010 defining each service provided by the service issuer, a table 4210 for managing users, and a table 4110 for linking users and services.

The table 4010 has at least elements of a service name 4020 for describing the service in one word, a service content 4030 describing the service content, and a unique identification number 4040 for identifying the service. . The table 4210 includes the user authentication information 4220 assigned to the user, the user's name 4230, and the user's address 4240.
And the elements of usage information 4250 such as frequency. However, the contents described in the table 4210 for managing the user may be any means capable of contacting the user himself, and is not limited to information on the name and address. For example, if the address is an e-mail address, it is possible to contact the user himself while being anonymous. The table 4110 is a table that links a user with a service. That is, the table 4110 includes a user ID 4120, an encryption key 4130,
It is composed of an identification number 4140 and encrypted data 4150.
In the present invention, the table 4110 is not required in principle. However, when the actual service is provided, the user may lose the service ticket or the encryption key, and without this table, it is impossible to perform any reissuing process.
Therefore, this table is necessary as a user support function. Next, FIG. 5 will be described. FIG. 5 is a basic processing flow for proving that the user is the owner of the encrypted data in the validity checking device 3160 of the service provider system 3100. The service issuing system 1110 is a service provider system
To 3100, provide a table 4010. The service provider system 3100 stores the table 4010 in the storage device. The user system 1210 stores the decryption key 5230 paired with the encryption key 1240, and moves this to the portable storage medium 2300. Also, the encrypted data 5220 is recorded on the service use tickets 2110 and 2210 so that the user can carry it lightly. In the service provider system 3100, the encrypted data reading means 5120 of the encrypted data input device 3120 reads the encrypted data 5220 recorded on a recording medium such as the service ticket 2110. At this time, if the data is a barcode or a two-dimensional code, the reading unit 5120 can use a general-purpose reading device.

Next, the decryption means 15 of the decryption key input device 3130
At 130, the decryption key 5230 is read, and the encrypted data 5220 is decrypted with the decryption key. At this time, the decrypted data 5140 becomes encrypted data 1160. Note that this decryption key is temporarily stored in the decryption key recording device 3140. Next, decoding means 51
At 60, the decrypted data 5140 is
Decrypt at 5150. At this time, the decoded data 5170 becomes the identification number 1130. In addition, the service provider system
The 3100 records a table 4010, and the validity check device
3160, identification number 1130 and identification number of table 4010
4040 and the same value as the identification number 1130 in the table 4010
It is determined whether or not it exists in the column where the identification number 4040 is recorded. If there is the same value, the user is confirmed to be valid. If the same value exists, the service name 4020 and the service content 4030 can be specified from the identification number 4040. And the display device of the service provider system 3100
In 3110, a service name 4020 and a service content 4030 are displayed as the comparison result (judgment result). However, use tickets
If the identification number is entered in 2110, refer to Table 4010
Even if there is no, the validity of the user can be confirmed.
Further, the identification number does not need to be directly written in the use ticket 2110, but may be written in the encrypted data print area 2140 together with the encrypted data (for example, by adding a character string). The processing described above is performed by the arithmetic unit 3150.

In this embodiment, a service issuer system, a service provider system, and a user system use a so-called personal computer, workstation, or the like. Each of the above means is functionally realized. In particular, the user's computer may be a multifunctional portable terminal having a storage means, a display / input means, and a communication means and capable of mounting a program, or may be a so-called mobile phone. Not something.

Further, since the encryption key 1240 and the decryption key 5230 are keys owned by the user, the user system can decrypt the encrypted data (however, only the encrypted data 1 is obtained). That is, the service issuer system:
It is necessary to use an encryption method that cannot be decrypted by the user system. Specifically, the encryption key is a password of several digits, and the operation performed by the encryption unit 1170 (for example, the password is added to the encrypted data 1160) is kept secret. This makes it difficult to decrypt the encrypted data 1180 even if the user knows the password that is the decryption key.

In the embodiment described above, the program is installed in the user system 1210 in advance. In other words, the service cannot be received unless a special program is installed in the user system 1210, and the involved person is forced to work. However, if a process corresponding to a special program is implemented as a Java applet using technology such as Java and the applet can be downloaded from the service issuer system 1110 and used, installation work is not required.
Most computers connected to the network have a generic browser already installed,
Using va technology eliminates the need to impose a special burden on the user.

FIGS. 6 and 7 show an example in which the present invention is applied to a concert ticket issuing system. FIG. 6 shows the configuration of a ticket issuing system, and FIG. 7 is a flowchart showing the flow of processing.

The ticket issuing system 6110 includes a step 71
At 10, an application for a concert ticket from the user system 6310 is accepted. That is, the user system
Enter the name of the concert and the date and time of the concert from 6310, and select the type of ticket.

Next, the ticket issuing system 6110 assigns a unique management number (hereinafter referred to as a ticket number) for each ticket in the ticket number issuing means 6120. This ticket number may include the concert information, or may include information of a purchaser. If the information of the purchaser is included, the participant can be specified when the ticket is illegally copied and used.

Next, the ticket number is encrypted by the encryption means 6130.
Is encrypted with the private key of the service provider. These processes are performed in step 7120, and the output of step 7120 is cipher data. In step 7130, the ticketing system 6110 issues a request to send the user's encryption key.

On the other hand, the encryption key generating means 63 of the user system
20 creates an encryption key in step 7140, and
At 7150, the ticket is transmitted to the ticket issuing system 6110. As described above, this encryption key may be a public key encryption key, a common key encryption key, or a combination of a lock and a password whose encryption / decryption method is not disclosed.

The ticket issuing system 6110 is an encryption unit.
At 26140, the encrypted data is encrypted again with the user's encryption key (step 7160). This output is used as encrypted data. Also, in step 7160, data having the configuration shown in the service ticket 2110 is created using the encrypted data, and this is transmitted to the user system 6310 as ticket data (step 7170).

The transmission and reception of the data described above is performed by the communication means 6150 of the ticket issuing system 6110 and the user system 63.
Ten communication means 6340 communicate via the network 6210. The network 6210 may be any network such as the Internet, a telephone line, a wireless communication network, or a combination thereof, and is not limited to the type or scale of the network. The user system 6310 determines in step 7180 that the printing
The ticket data is output from 6330. That is, in step 7160, the ticket data is created as image data, and a print of this image data becomes a concert ticket.

On the other hand, the ticket use location system 6410
This is an authentication system installed at the concert hall. The ticket data is input in the ticket data input means 6420, and the user decryption key is input in the decryption key input means 6440 (step 7210). Further, in step 7220, the decryption means 6430 decrypts the data using the user's decryption key, and the decryption means 6450 decrypts the data using the service provider's public key. When this decryption result is referred to as decrypted data, the ticket use location system 6410 opens the concert entrance gate because the ticket can be determined to be valid if the decrypted data matches the ticket number recorded on the paper. be able to. Conventionally, as a method of obtaining a concert ticket, it is common to purchase the ticket directly at a ticket store or make a reservation on the Internet and have the ticket mailed. Therefore, it has been time-consuming to go to a store or mail it. However, according to the present invention, the user system 1
The ticket can be downloaded and printed at 210, eliminating the need for time to go to a store or mail. In selling tickets, settlement means becomes a problem. If the user is a member and has a credit card or bank account open, a ticket issuing system
The 6110 can issue a ticket and, at the same time, request a settlement process from a financial institution. However, if the user is not a member, other payment means such as electronic money must be used.

FIGS. 8 to 10 show examples in which the present invention is applied to a traveler's check or a check (hereinafter referred to as "check etc."). 8 is a system configuration diagram for issuing a check, FIG. 9 is a flowchart of a check issuance process, and FIG. 10 is an explanatory diagram showing information and an arrangement described in the check and the like. In FIG. 8, a check ticket issuing system 8110 is a system of a financial institution, a check use place system 8410 is a system of a place (for example, a retail store) where a user uses a check or the like, and a user system 8310 is a consumer terminal. . First, the check ticketing system 8110 has a user system 83
Accept applications such as checks from 10 (Step 911
0). At this time, the type (par value) and the number of checks are designated, and the check number issuing means 8120 is specified based on this information.
Issue a check management number (hereinafter referred to as a "check number"). The check number includes at least a number indicating the type of check or the like and a unique number for each check or the like. Further, the encryption unit 8130 encrypts the check number with the private key of the financial institution (step 9120). This encrypted check number is used as encrypted data.

Next, the check ticketing system proceeds to step 91.
At 30, a request is made to send the user's encryption key, and at step 9150, the user's encryption key is accepted. Then, the encryption means 8140 encrypts the encrypted data with the encryption key of the user to generate encrypted data (step 916).
0). In addition, using the encrypted data, the check of FIG.
Alternatively, 10200 data such as a check is created. Further, the check ticketing system has a printing unit 8160, and prints data of the check 10100 or the check 10200 in step 9170. The user obtains this check by mail or by going to the issuing financial institution. These checks include the name of the issuer, such as a financial institution.
110, a check type 10130, and encrypted data 10140 are printed. Further, watermark data 10150 is embedded to prevent unauthorized copying. What is watermark data 10150?
By embedding electronic data that can identify the purchaser, fraudulent acts are suppressed. However, the watermark data 10150 is not an essential element as long as the paper itself used for checking or the like, such as a bill, is special. Furthermore, the check etc. 10100 has a decryption key entry column 10120, and when the check etc. is used in a store, the check etc. can be used by entering the decryption key in this entry column. Note that the decryption key may be entered in the entry column 10120, but is stored in the decryption key recording area 10310 of a portable recording medium 10300 such as a magnetic card or an IC card, and is used when checking and the like. (Input to the check use place system). The check use place system 8410 inputs the encryption data 2 in the check encryption data input means 8420 and inputs the user decryption key in the decryption key input means 8440 (step 92).
Ten). Then, the encrypted data 2 is decrypted by the decryption means 18430 to generate decrypted data. Further, the check use place system 8410 uses the public key of the check issuing system to decrypt the decrypted data in the decryption means 8450.
When this output is used as decoded data, the decoded data includes a number indicating the type of the check, and if the number is correct, the validity checking means 8460 determines that the check or the like is valid (step 9220). .

Finally, the check ticket issuing system 8110 collects the check and the like and the user decryption key, and checks whether the combination of the user decryption key recovered by the scrutinizing means 8170 and the user encryption key used by the encryption means 2 is correct. Judgment is made, and if the combination is correct, payment is made to the check use place.

According to the above embodiment, the secret information of the user is embedded in the check or the like in advance, so that the security can be ensured without signing in advance. That is, since the check or the like can be delivered without using registered mail or the like, the service of the financial institution that issues the check or the like can be improved at low cost.

FIGS. 11 and 12 show examples in which the present invention is used for postal mail, home delivery, and information transmission. The flowchart of FIG. 11 is a mechanism in which the receiving location is not fraudulent even when the receiving location and the sending location have a sparse relationship. That is, when the sender 11100 brings in the package and designates the recipient (step 12110), the shipping location system 1
The 1200 generates a voucher number in step 12120, creates a hash value by applying a hash function to the voucher number, and further encrypts the hash value with the secret key of the shipping location to generate a first encryption value. . The hash function is an appropriate function for associating a character string with a numerical value (hash value). The hash function associates a numeric value with a character string representing a data item. Therefore, a hash function is an irreversible one-way function.

In step 12130, the first encryption value is notified to the recipient 11400. In step 12150, the recipient sends the information of the receiving location and the password 1. This password is a value irrelevant to the hash value, and is preferably a value that can be easily stored by the recipient.

The shipping location system 11200 includes a step 12160
Creates encrypted data to be written on the tag. For example, a password is added to the first encryption value to create a second encryption value, and the second encryption value is printed or stored on a tag. Here, the calculation of addition is taken as an example, but this calculation is not limited to addition, and any function may be used as long as the function has a one-to-one correspondence between input and output. In step 12170, the second cryptographic value is transported to the receiving location along with the package. The receiving location system 11500 reads the encryption value from the tag of the luggage in step 12180, subtracts the password brought by the recipient, and then decrypts it with the public key of the shipping location. This is a decoded value. Step 12
At 220, the hash value and the decrypted value are compared, and if the two values match, it is recognized as a valid recipient, and at step 12210, delivery of the package is permitted. In addition, shipping place system 11
200 may be a system used by a shipping company that delivers luggage or mail or a person entrusted by the company, or an information processing device (a personal computer,
Includes portable information terminals, mobile phones, etc. ).

Further, the receiving location 11500 encrypts and stores the password input by the recipient with the public key of the shipping location, and transmits this password to the shipping location 11200 in step 12220 instead of the delivery note of the package. The receiving location system 11500 has the public key of the shipping location,
Since the password cannot be correctly decrypted without the password, the shipping location system 11200 collects the password (including the process of decrypting with the secret key), and thereby the recipient 1140.
It can be confirmed that the package has been delivered to 0. The receiving place 11500 is a place (including a system) used or managed by a shipping company or a person entrusted by the company.

Note that the embodiment of the present invention is also applicable to commercial products.

According to the above embodiment, the user only needs to remember the hash value of a short number of digits and the password specified by the user. In addition, since it is not necessary to use a different value every time as in a one-time password, the burden on the user is considered to be relatively light. Further, when practicing the present invention, irrelevant shipping and receiving locations can be used, so that consumers such as senders and recipients can enjoy services using more familiar stores. Become. Also, in this example, the case where the luggage is brought to the shipping place is described.However, the application is made from a home using a personal computer or a telephone, necessary information is exchanged via a network, and the shipping place picks up the luggage. Also available when coming to. Further, in the embodiment, the luggage is transported from individual to individual, but it can also be used when giving a gift to a third party by mail order or when shopping for yourself or family by mail order. . Information that only the purchaser knows can be embedded in the data with little redundancy. This eliminates the need for the purchaser to carry around a special recording medium or to set up a database at the place of use and maintain a sufficient network environment.

When this mechanism is applied to a ticket, a user obtains ticket data via the Internet,
You can print on your own printer. However, since it is easy to copy a printed matter, it is necessary to embed purchaser information by means such as a digital watermark.

When the present invention is applied to a traveler's check, it is possible to request the issuance of a traveler's check via the Internet, and to enjoy a service of being delivered by ordinary mail. Furthermore, traveler's checks using this method are more secure than conventional ones (it is very unlikely that they will be used even if they are lost or stolen), and they are convenient because they do not need to be signed in advance. Further, when the present invention is applied to a home delivery service, by providing a mechanism for preventing unauthorized use of a place of use, a store with low creditworthiness can be used as a place where reliable authentication can be performed. In addition, the user does not need to show privacy information such as a license to the store, does not need to memorize long digits, and does not need to worry about changing the password every time. It is possible to provide an authentication method that places less burden on the user.

[0048]

According to the present invention, by embedding information for identifying a user in data with little redundancy,
The user can be specified without using a special recording medium.

Alternatively, according to the present invention, it is possible to determine whether a user or a user's right is legitimate even in a place where a user database or a sufficient network environment cannot be prepared in a place of use. Alternatively, according to the present invention, by suppressing improper use of a place of use, it can be used as a place where a credential of a transaction can be surely obtained even in a store with low creditworthiness.

[Brief description of the drawings]

FIG. 1 is a processing flowchart of a service issuer system and a user system of the present invention.

FIG. 2 is a data configuration diagram of a medium storing encrypted data of the present invention.

FIG. 3 is a system configuration diagram of a service issuer system and a service provider of the present invention.

FIG. 4 is a configuration diagram of a table in a service issuer system of the present invention.

FIG. 5 is a processing flowchart of a validity verification process in the service provider system and the user system of the present invention.

FIG. 6 is an example in which the present invention is used for a concert ticket issuing system, and is a configuration diagram of the ticket issuing system.

FIG. 7 is an example in which the present invention is used in a concert ticket issuing system, and is a flowchart for showing a processing flow in detail.

FIG. 8 is an example of a case where the invention is applied to a traveler's check or a check, and is a system configuration diagram for issuing a traveler's check.

FIG. 9 is a flow chart showing an example of a case where the present invention is applied to a traveler's check or a check, and shows a traveler's check ticketing process of the present invention.

FIG. 10 is an example of a case where the present invention is applied to a traveler's check or a check, and is an explanatory diagram showing information and arrangement described in the check.

FIG. 11 is an example of a case where the present invention is used for a home delivery reservation service, and is a configuration diagram of a reservation service reception system.

FIG. 12 is an example of a case where the present invention is used for a courier service reservation service, and is a flow chart showing the processing flow in detail.

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) G09C 1/00 660 G09C 1/00 660E H04L 9/14 H04L 9/00 641 9/32 675B (72) Invention Person Shuji Terada 890 Kashimada, Saiwai-ku, Kawasaki-shi, Kanagawa Prefecture, Ltd.Information Service Division, Hitachi, Ltd. Mitsuru 2-14-17 Nakamura, Nerima-ku, Tokyo F-term (reference) 5J104 AA07 AA14 AA16 EA04 EA26 NA02 NA05 NA11 NA12 NA35 NA37 PA07

Claims (15)

[Claims] 1. A service issuing method by a computer for issuing identification information necessary for receiving a service to a user who desires to provide the service, the method comprising: Generating identification information; encrypting the identification information with a first encryption key corresponding to a first decryption key owned by a service provider that provides the service to the user; A service issuing method for encrypting the encrypted identification information again with a second encryption key corresponding to the second decryption key, and outputting the encrypted identification information again or transmitting the encrypted identification information to the user. 2. The method according to claim 1, wherein the second decryption key is obtained from the user or the service provider, and whether the correspondence between the second decryption key and the second encryption key is correct or not is determined. Service issuance method described in. 3. The service issuing method according to claim 1, wherein the second decryption key and the second encryption key include a password generated by the user. 4. The service issuing method according to claim 1, wherein after the user is authenticated, the re-encrypted identification information is issued to the user. 5. The service issuing method according to claim 1, wherein the identification information is included in a ticket, a traveler's check, a bill, or a receipt. 6. The first decryption key and the first encryption key are generated by the service provider, and the second decryption key and the second encryption key are generated by the user. The service issuing method according to claim 1. 7. A service issuing system for issuing identification information necessary for receiving provision of a service to a user who desires to provide the service, wherein the identification information is provided in response to an application of the user. Generating means for generating; first encrypting means for encrypting the identification information with a first encryption key corresponding to a first decryption key owned by a service provider that provides the service to the user; A second encryption unit that re-encrypts the identification information encrypted with a second encryption key corresponding to a second decryption key owned by the user; and the identification information re-encrypted. Output means for outputting or transmitting to the user. 8. A service providing method by a computer for determining whether to provide a service according to a user, a first decryption key owned by a service provider providing the service to the user, and First identification information necessary for receiving the provision of the service is stored in a storage medium in advance, second identification information required for receiving the provision of the service, and second identification information owned by the user A decryption key is obtained from the user, the second identification information is decrypted by the second decryption key, and the decrypted second identification information is decrypted again by the first decryption key. A service providing method for comparing the second identification information and the first identification information that have been combined again and displaying and / or outputting the comparison result. 9. A service providing system for determining whether or not to provide a service according to a user, comprising: a first decryption key owned by a service provider that provides the service to the user; Storage means for storing first identification information necessary for receiving the provision; second identification information necessary for receiving the provision of the service; and a second decryption key owned by the user, Acquiring means for acquiring from the user; first decrypting means for decrypting the second identification information by the second decryption key; and decrypting the decrypted second identification information to the first Second decryption means for decrypting again with the decryption key of the above, comparison means for comparing the second decrypted second identification information with the first identification information, and displaying and / or displaying the comparison result Output means for outputting Service providing system equipped. 10. A ticket issuing method by a computer for issuing a ticket in response to a user's application, comprising: generating ticket identification information; and determining whether the ticket is valid. Encrypting the identification information with a first encryption key corresponding to a first decryption key; and encrypting the identification information with a second encryption key corresponding to a second decryption key owned by the user. A ticketing method for generating the ticket including the encrypted identification information again encrypted. 11. A ticket issuing system for issuing a ticket in response to a user's application, comprising: a generating means for generating identification information of the ticket; and a ticket use location system for determining validity of the ticket. A first encryption unit that encrypts the identification information with a first encryption key corresponding to one decryption key; and a second encryption key corresponding to a second decryption key owned by the user. A ticketing system comprising: a second encryption unit that re-encrypts the encrypted identification information; and a generation unit that generates the ticket including the re-encrypted identification information. 12. A computer ticketing method for issuing a traveler's check or a bill in response to a user's application, comprising: generating a traveler's check or a bill's identification information; and issuing a traveler's check or a bill. The identification information is encrypted by a first encryption key corresponding to a first decryption key owned by the user, and the identification information is encrypted by a second encryption key corresponding to a second decryption key owned by the user. A ticketing method for re-encrypting the identification information and generating the traveler's check or bill including the re-encrypted identification information. 13. A ticket issuing system for issuing a traveler's check or a bill in response to a user's application, a generating means for generating the traveler's check or the bill's identification information, and a financial institution issuing the traveler's check or the bill. A first encryption unit that encrypts the identification information with a first encryption key corresponding to a first decryption key owned by a user, and a second encryption unit corresponding to a second decryption key owned by the user. A ticket issuing system comprising: a second encryption unit that re-encrypts the encrypted identification information with an encryption key; and a generation unit that generates the traveler's check or the bill including the re-encrypted identification information. . 14. A computer-accepted application receiving method for receiving an application of a sender desiring delivery of a package or mail, comprising: acquiring recipient information on a recipient of the package or mail; Generating identification information of an object, calculating the identification information by a one-way function, and determining a validity of the recipient by a first encryption key corresponding to a first decryption key owned by a receiving location system; Encrypting the calculated identification information, notifying the calculated identification information to the recipient, obtaining the password generated by the recipient from the recipient, and encrypting the password by the password. An application receiving method for calculating the identification information, and printing or storing the identification information calculated by the password on a tag added to the package or mail. 15. An application receiving system for receiving an application of a sender desiring delivery of a package or mail, wherein: an obtaining means for obtaining recipient information relating to a recipient of the package or mail; Generating means for generating identification information of an object; first calculating means for calculating the identification information by a one-way function; and a first decryption key owned by a receiving location system for determining the validity of the recipient. Encrypting means for encrypting the calculated identification information using a corresponding first encryption key; notifying means for notifying the receiver of the calculated identification information; and a password generated by the receiver Acquiring means for acquiring the identification information from the recipient, and second computing means for computing the encrypted identification information using the password. Application receiving system and output means said identification information, printed or stored in a tag to be added to said package or mail piece.