| CPC H04L 9/3226 (2013.01) [H04L 9/0825 (2013.01); H04L 9/0861 (2013.01); H04L 9/0897 (2013.01); H04L 9/3247 (2013.01); H04L 9/3263 (2013.01)] | 13 Claims |
|
1. An online service providing system that provides a mechanism capable of safely using an online service provided by a portable device, the online service providing system comprising:
a service providing server configured to provide a registered user with the online service through the Internet;
a plurality of integrated circuit (IC) chips provided in a user device which is the portable device possessed by the user; and
an application program that is executed by a body processor included in the user device and causes the user device to function as a terminal using the online service,
wherein each of the plurality of IC chips includes:
a memory that non-transitorily stores at least personal information used for user authentication to confirm validity of a party using the user device, a private key of the user, a public key of the user paired with the private key, and an electronic certificate of the user including the public key, and
a processor that has at least an authentication function of executing the user authentication by collating information given from the application program with the personal information and an electronic signature function of executing an electronic signature on data given from the application program using the private key,
wherein the application program causes the user device to function as:
a user authentication unit configured to execute the user authentication using the authentication function of the IC chip based on information acquired from the party using the user device, and
a transmission unit configured to execute the electronic signature on a message describing information necessary for a procedure of the online service using the electronic signature function of the IC chip in a case where the party using the user device is confirmed to be valid through the user authentication, and transmit a procedure request including a message with the electronic signature to the service providing server through the Internet, and
wherein the service providing server includes:
a user information storage that stores the electronic certificate of the user as information regarding the user, and
a procedure control unit configured to confirm validity of the procedure request by verifying the message with the electronic signature included in the procedure request using the electronic certificate of the user in a case where the procedure request is received from the user device, and execute the procedure based on information described in the message with the electronic signature included in the procedure request in a case where the procedure request is confirmed to be valid,
wherein the plurality of IC chips have different identification information from each other, and
wherein the user device and the service providing server execute communication in which the IC chip to be used is identified with the identification information,
wherein each IC chip of the plurality of IC chips has an area that is inaccessible from the outside in the memory, and
wherein each IC chip of the plurality of IC chips stores at least the personal information, which is data used by the user authentication unit for the user authentication in order to allow the party using the user device to use the electronic signature function of the IC chip, and the private key in its own area that is inaccessible from the outside.
|