| CPC H04L 9/3252 (2013.01) [H04L 9/0825 (2013.01); H04L 9/3213 (2013.01); H04L 9/50 (2022.05)] | 13 Claims |
|
1. A use right information processing apparatus for performing processes related to authentication and authorization for a user to use a device to be controlled using a smart contract that functions with a computer executing a code recorded on a blockchain, the use right information processing apparatus comprising:
a storage unit that stores authentication data shared with a user terminal used by the user and having a different value for each of the processes;
a receiving unit that receives, from the user terminal, signature data generated in the user terminal by signing the authentication data with a predetermined signature algorithm using a secret key corresponding to the user;
a deriving unit that derives, using the predetermined signature algorithm, a public key corresponding to the secret key from the authentication data and the signature data received by the receiving unit;
an acquisition unit that obtains, using the public key or identification information corresponding to the public key, information regarding a use right of the device of the user recorded in advance in association with the public key or the identification information in the smart contract;
a token generation unit that generates an access token and transmits the access token to the user terminal in a case where the user is determined to be allowed to use the device on a basis of the information regarding the use right obtained by the acquisition unit; and
a validity confirmation unit that receives an access token from the device that has received the access token together with a control instruction from the user terminal, determines whether or not the access token received from the device is same as the access token generated by the token generation unit, and in a case of being the same, transmits information indicating that the access token is valid to the device.
|