US20070136202A1 - Personal-information managing apparatus, method of providing personal information, computer product, and personal-information-providing system - Google Patents

Personal-information managing apparatus, method of providing personal information, computer product, and personal-information-providing system Download PDF

Info

Publication number
US20070136202A1
US20070136202A1 US11/391,237 US39123706A US2007136202A1 US 20070136202 A1 US20070136202 A1 US 20070136202A1 US 39123706 A US39123706 A US 39123706A US 2007136202 A1 US2007136202 A1 US 2007136202A1
Authority
US
United States
Prior art keywords
information
personal
terminal
destination
managing apparatus
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US11/391,237
Inventor
Yasuhiro Noma
Akira Shinozawa
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujitsu Ltd
Original Assignee
Fujitsu Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Ltd filed Critical Fujitsu Ltd
Assigned to FUJITSU LIMITED reassignment FUJITSU LIMITED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: NOMA, YASUHIRO, SHINOZAWA, AKIRA
Publication of US20070136202A1 publication Critical patent/US20070136202A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q99/00Subject matter not provided for in other groups of this subclass
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/77Graphical identity

Definitions

  • the present invention relates to a technology for providing electronic personal information with enhanced convenience of confirming a user while preventing a leakage of the personal information.
  • ID identification
  • authentication information such as a code number and biometrics information using fingerprint and vein
  • certificates such as a driver's license, an insurance card, and a passport are usually issued as a paper medium by government authorities.
  • a printing technique of hologram and a rewrite preventing seal is used for the paper certificates, and these certificates are obligatorily updated every constant period to prevent falsification of the certificates.
  • Japanese Patent Application Laid-Open No. 2002-207838 discloses a technique of transmitting an electronic certificate (such as a driver's license and an insurance card, which are hereinafter referred to as an “electronic certificate”) to a user's portable terminal.
  • Japanese Patent Application Laid-Open No. 2002-366675 discloses a technique of transmitting an electronic certificate to a user-confirmation terminal based on a transmission request sent from a user's terminal.
  • a personal-information managing apparatus includes an access-permission-information issuing unit that issues access permission information for accessing personal information on a user, in response to a request from a personal terminal of the user; and a personal-information notifying unit that notifies a destination terminal of the personal information corresponding to the access permission information, under conditions that the destination terminal that received the access permission information from the personal terminal presents the access permission information.
  • a method is for providing personal information using a personal-information managing apparatus that manages electronic personal information.
  • the method includes issuing including the personal-information managing apparatus issuing access permission information for accessing personal information on a user, in response to a request from a personal terminal of the user; and notifying including the personal-information managing apparatus notifying a destination terminal of the personal information corresponding to the access permission information, under conditions that the destination terminal that received the access permission information from the personal terminal presents the access permission information.
  • a computer-readable recording medium stores a computer program for a personal-information managing apparatus that manages electronic personal information.
  • the computer program causes a computer to execute issuing access permission information for accessing personal information on a user, in response to a request from a personal terminal of the user; and notifying a destination terminal of the personal information corresponding to the access permission information, under conditions that the destination terminal that received the access permission information from the personal terminal presents the access permission information.
  • a personal-information-providing system includes a personal-information managing apparatus that manages electronic personal information; a personal terminal that is used by a user; and a destination terminal that is a disclosure destination of the personal information.
  • the personal-information managing apparatus includes an access-permission-information issuing unit that issues access permission information for accessing personal information on a user, in response to a request from a personal terminal of the user; and a personal-information notifying unit that notifies a destination terminal of the personal information corresponding to the access permission information, under conditions that the destination terminal that received the access permission information from the personal terminal presents the access permission information.
  • the personal terminal includes an access-permission-information delivering unit that delivers the access permission information issued by the personal-information managing apparatus to the destination terminal.
  • the destination terminal includes an access-permission-information presenting unit that presents the access permission information delivered from the personal terminal to the personal-information managing apparatus.
  • a method is for providing personal information using a personal-information managing apparatus that manages electronic personal information, a personal terminal that is used by a user, and a destination terminal that is a disclosure destination of the personal information.
  • the method includes issuing including the personal-information managing apparatus issuing access permission information for accessing personal information on a user, in response to a request from the personal terminal of the user; delivering including the personal terminal delivering the access permission information issued by the personal-information managing apparatus to the destination terminal; presenting including the destination terminal presenting the access permission information delivered from the personal terminal to the personal-information managing apparatus; and notifying including the personal-information managing apparatus notifying the destination terminal of the personal information corresponding to the access permission information under conditions that the destination terminal presented the access permission information.
  • FIG. 1 is a schematic for illustrating a personal-information providing method according an embodiment of the present invention
  • FIG. 2 is a block diagram of a personal-information managing apparatus according to the present embodiment
  • FIG. 3 is a flowchart of a processing procedure for a process performed by a personal-information-providing system
  • FIG. 4 is a flowchart of a processing procedure for a process when a quick-response (QR) code includes an effective period;
  • QR quick-response
  • FIG. 5 is a flowchart of a processing procedure for a process when the QR code does not include the effective period
  • FIG. 6 is a flowchart of a processing procedure for a process when a change of the effective period is permitted
  • FIG. 7 is a schematic for illustrating an authentication of a personal terminal
  • FIG. 8 is a schematic for illustrating an authentication of a destination terminal
  • FIG. 9 is a block diagram of a personal-information managing apparatus having an authentication function
  • FIG. 10 is a schematic for illustrating an example of personal authentication information and destination authentication information
  • FIG. 11 is a schematic for illustrating an example of the destination authentication information in accordance with personal information items
  • FIG. 12 is a block diagram of the destination terminal according to the present embodiment.
  • FIG. 13 is a schematic for illustrating a personal-information-reference notifying process
  • FIG. 14 is a schematic for illustrating a personal-information updating process and a personal-information-update notifying process
  • FIG. 15 is a block diagram of a personal-information managing apparatus having a personal-information updating function and a personal-information notifying function;
  • FIG. 16 is a schematic for illustrating a charging process
  • FIG. 17 is a schematic for illustrating a charge-information updating process
  • FIG. 18 is a block diagram of a personal-information managing apparatus having a record function and a charge function.
  • FIG. 1 is a schematic for illustrating a personal-information providing method according an embodiment of the present invention.
  • personal information is provided by mutually exchanging data between a personal-information managing apparatus 10 , a destination terminal 20 , and a personal terminal 30 .
  • Commercially available portable telephones and personal digital assistant (PDA) terminals can be used for the destination terminal 20 and the personal terminal 30 .
  • PDA personal digital assistant
  • the personal-information managing apparatus 10 issues access permission information (such as a QR code) for permitting access to personal information, in response to a request from the personal terminal 30 .
  • the personal terminal 30 delivers the obtained QR code to the destination terminal 20 .
  • the destination terminal 20 presents the QR code to the personal-information managing apparatus 10 , thereby obtaining the personal information corresponding to the QR code.
  • the personal terminal 30 transmits a QR code obtaining request to the personal-information managing apparatus 10 (see ( 1 ) in FIG. 1 )
  • the personal-information managing apparatus 10 having received this request generates a QR code for accessing corresponding personal information (see ( 2 ) in FIG. 1 ), and transmits the QR code to the personal terminal 30 .
  • the personal terminal 30 obtains the transmitted QR code (see ( 3 ) in FIG. 1 ).
  • the personal terminal 30 delivers the QR code to the destination terminal 20 which is a destination of the personal information (see ( 4 ) in FIG. 1 ).
  • the QR code is delivered to the destination terminal 20 when a user of the personal terminal 30 operates the personal terminal 30 to make the destination terminal 20 , installed in a shop register or the like, read the QR code (or transmit the QR code to the destination terminal 20 ), to identify the own self.
  • the personal-information managing apparatus 10 searches the personal information corresponding to the presented QR code (see ( 6 ) in FIG. 1 ), and transmits the personal information to the destination terminal 20 .
  • the destination terminal 20 obtains the personal information (see ( 7 ) in FIG. 1 ).
  • the personal terminal 30 receives only the QR code that indicates the personal information instead of receiving the personal information. Therefore, the personal terminal 30 does not hold the personal information. A terminal that can obtain the personal information based on the presentation of the QR code is limited to the destination terminal 20 . Therefore, even when the personal terminal 30 is lost, the personal information is not leaked out.
  • the personal-information providing method includes the operation of delivering the QR code from the personal terminal 30 to the destination terminal 20 . Therefore, the personal information is provided via the user of the personal terminal 30 . In other words, the user's confirmation is necessary to provide the personal information. Consequently, it is possible to prevent an unaware transmission of the personal information to an unknown third person.
  • the use of the QR code that indicates personal information as access permission information is explained.
  • a uniform resource locator (URL), a file identifier, and a data identifier can be also used to indicate the personal information.
  • the personal-information managing apparatus 10 can extract corresponding personal information from a personal information database (DB), copy the extracted personal information to a predetermined temporary area, and generate the QR code which indicates the copy of the personal information.
  • DB personal information database
  • the QR code which indicates the copy of the personal information.
  • FIG. 2 is a block diagram of the personal-information managing apparatus 10 according to the present embodiment.
  • the block diagram in FIG. 2 depicts a minimum configuration of the personal-information managing apparatus 10 .
  • Configurations of the personal-information managing apparatus 10 shown in FIG. 2 added with other constituent elements are explained later with reference to FIG. 9 , FIG. 15 , and FIG. 18 .
  • the personal-information managing apparatus 10 includes an interface 11 a , an interface 11 b , an access-permission-information generating unit 12 a , an access-permission-information issuing unit 12 b , a personal-information obtaining unit 12 c , a personal-information notifying unit 12 d , a personal-information DB 13 a , and an access-permission-information DB 13 b.
  • the interface 11 a is configured by a communication device that exchanges data with the personal terminal 30 .
  • the interface 11 a is a processor that receives a request of obtaining access permission information, from the personal terminal 30 , delivers the obtaining request to the access-permission-information generating unit 12 a , and transmits the access permission information received from the access-permission-information issuing unit 12 b to the personal terminal 30 .
  • the interface 11 a can be configured by a radio device or a wired device.
  • the interface 11 b is configured by a communication device that exchanges data with the destination terminal 20 .
  • the interface 11 b is a processor that receives presentation of the access permission information from the destination terminal 20 , delivers the access permission information to the personal-information obtaining unit 12 c , and transmits the personal information received from the personal-information notifying unit 12 d to the destination terminal 20 .
  • the interface 11 b can be configured by a radio device or a wired device similarly to the interface 11 a . While the interface 11 a is separated from the interface 11 b in this embodiment, the interfaces 11 a and 11 b can be configured as one processor.
  • the access-permission-information generating unit 12 a is a processor that receives an access permission information obtaining request from the personal terminal 30 via the interface 11 a , and extracts personal information corresponding to the obtaining request from the personal-information DB 13 a .
  • the access-permission-information generating unit 12 a also generates access permission information indicating the extracted personal information, delivers the access permission information to the access-permission-information issuing unit 12 b , and stores the access permission information in the access-permission-information DB 13 b.
  • the access-permission-information generating unit 12 a generates a QR code that indicates corresponding personal information, as the access permission information.
  • a URL, a file identifier, and a data identifier can be also generated, instead of the QR code.
  • the access-permission-information issuing unit 12 b is a processor that issues the access permission information (QR code) generated by the access-permission-information generating unit 12 a , to the personal terminal 30 via the interface 11 a.
  • QR code access permission information
  • the personal-information obtaining unit 12 c is a processor that receives the access permission information (QR code) from the destination terminal 20 via the interface 11 b , and obtains personal information corresponding to the access permission information by searching the access-permission-information DB 13 b . Specifically, the personal-information obtaining unit 12 c extracts information that coincides with the access permission information presented by the destination terminal 20 , from the access-permission-information DB 13 b , and obtains personal information indicated by the extracted access permission information from the personal-information DB 13 a . The personal-information obtaining unit 12 c delivers the obtained personal information to the personal-information notifying unit 12 d.
  • QR code access permission information
  • the personal-information notifying unit 12 d is a processor that notifies the personal information received from the personal-information obtaining unit 12 c , to the destination terminal 20 via the interface 11 b.
  • the personal-information DB 13 a stores electronic certificates of a driver's license, an insurance card, a passport, and the like.
  • the personal information stored in the personal-information DB 13 a is information having various kinds of information such as name and address related to an identifier such as an ID code that uniquely identifies each person.
  • the access-permission-information DB 13 b stores the access permission information (such as a QR code) generated by the access-permission-information generating unit 12 a , together with a date of generating the access permission information and an effective period of the access permission information. While the access-permission-information DB 13 b is configured separately from the personal-information DB 13 a in this embodiment, the personal-information DB 13 a can be also configured to store same information as that stored in the access-permission-information DB 13 b.
  • the access permission information such as a QR code
  • FIG. 3 is a flowchart of a processing procedure for a process performed by the personal-information-providing system.
  • a “QR code” is used as the “access permission information”.
  • the personal-information managing apparatus 10 When the personal terminal 30 transmits a request for obtaining a QR code to the personal-information managing apparatus 10 (step S 101 ), the personal-information managing apparatus 10 having received this obtaining request extracts corresponding personal information from the personal-information DB 13 a , and copies the extracted personal information (step S 102 ). The personal-information managing apparatus 10 generates a QR code indicating this copy (step S 103 ), and transmits the generated QR code to the personal terminal 30 (step S 104 ).
  • the user of the personal terminal 30 operates the personal terminal 30 to make the destination terminal 20 read the QR code, thereby delivering the QR code to the destination terminal 20 (step S 105 ).
  • the destination terminal 20 having received the QR code presents this QR code to the personal-information managing apparatus 10 (step S 106 ).
  • the personal-information managing apparatus 10 presented with the QR code searches personal information (searches the copy) corresponding to the QR code (step S 107 ), and transmits the extracted personal information to the destination terminal 20 (step S 108 ).
  • the destination terminal 20 receives the personal information, and display units the personal information (step S 109 ).
  • the QR code can be set with an effective period so that personal information can be provided during only this effective period of the QR code.
  • a process flow when the QR code has an effective period is explained below with reference to FIG. 4 .
  • FIG. 4 is a flowchart of a processing procedure for a process when a quick-response (QR) code includes an effective period.
  • a process procedure corresponding to step S 103 shown in FIG. 3 is expressed as step S 201 in FIG. 4 , and subsequent process procedure is shown in FIG. 4 .
  • Process procedures corresponding to steps S 101 and S 102 shown in FIG. 3 are omitted from FIG. 4 .
  • the personal-information managing apparatus 10 When receiving a QR code obtaining request from the personal terminal 30 , the personal-information managing apparatus 10 generates a QR code with an effective period (step S 201 ), and transmits the generated QR code to the personal terminal 30 (step S 202 ).
  • the user of the personal terminal 30 operates the personal terminal 30 to make the destination terminal 20 read the QR code, thereby delivering the QR code to the destination terminal 20 (step S 203 ).
  • the destination terminal 20 receives the QR code, and presents or transmits the QR code to the personal-information managing apparatus 10 (step S 204 ).
  • the personal-information managing apparatus 10 presented with the QR code compares the effective period included in the QR code with the current time, and determines whether the current time is within the effective period of the QR code (step S 205 ).
  • the personal-information managing apparatus 10 searches personal information (searches the copy) corresponding to the QR code (step S 206 ), and transmits the extracted personal information to the destination terminal 20 (step S 207 ).
  • the destination terminal 20 receives the personal information, and display units the personal information (step S 208 ).
  • step S 205 No
  • the process after step S 206 is not carried out.
  • the effective period management using the QR code having an effective period is explained above with reference to FIG. 4
  • the effective period can be also managed without including an effective period in the QR code.
  • the effective period management without including an effective period in the QR code is explained below with reference to FIG. 5 .
  • FIG. 5 is a flowchart of a processing procedure for a process when the QR code does not include the effective period.
  • the QR code indicates a “QR code that does not include an effective period”.
  • a process procedure corresponding to step S 202 in FIG. 4 is expressed as step S 301 in FIG. 5 , and subsequent process procedure is shown in FIG. 5 .
  • the personal-information managing apparatus 10 transmits a generated QR code (that does not include an effective period) to the personal terminal 30 (step S 301 ).
  • the personal-information managing apparatus 10 manages the QR code by relating it to the effective period, in the access-permission-information DB 13 b (step S 302 ).
  • the user of the personal terminal 30 operates the personal terminal 30 to make the destination terminal 20 read the QR code, thereby delivering the QR code to the destination terminal 20 (step S 303 ).
  • the destination terminal 20 receives the QR code, and presents or transmits the QR code to the personal-information managing apparatus 10 (step S 304 ).
  • the personal-information managing apparatus 10 presented with the QR code searches the access-permission-information DB 13 b for the effective period corresponding to the QR code (step S 305 ).
  • the personal-information managing apparatus 10 compares the extracted effective period with the current time to determine whether the current time is within the effective period (step S 306 ). When it is determined that the current time is within the effective period (step S 306 : Yes), the personal-information managing apparatus 10 searches personal information (searches the copy) corresponding to the QR code (step S 307 ), and transmits the extracted personal information to the destination terminal 20 (step S 308 ).
  • step S 309 The destination terminal 20 having received the personal information display units the personal information.
  • FIG. 6 is a flowchart of a processing procedure for a process when a change of the effective period is permitted.
  • the personal-information managing apparatus 10 transmits a QR code to the personal terminal 30 (step S 401 ), and manages the QR code by relating it to the effective period, in the access-permission-information DB 13 b (step S 402 ).
  • the user of the personal terminal 30 wanting to change the effective period operates the personal terminal 30 to transmit an effective period change request to the personal-information managing apparatus 10 (step S 403 ). It is also possible to instantly terminate the effective period based on the effective period change request.
  • the personal-information managing apparatus 10 having received the effective period change request refers to the access-permission-information DB 13 b , thereby determining whether the current time is within the effective period of the QR code (step S 404 ).
  • the personal-information managing apparatus 10 changes the effective period (step S 405 ).
  • the personal-information managing apparatus 10 ends the processing without changing the effective period.
  • the personal-information managing apparatus 10 can be also configured not to permit a change of the effective period. While the effective period is permitted to be changed during only the effective period of the QR code with reference to FIG. 6 , it can be arranged such that only a reduction of an initially set effective period is permitted without permitting extension of the effective period. With this arrangement, it is possible to avoid repetitive extension of the effective period, which can make the effective period itself meaningless.
  • the personal-information managing apparatus 10 having a minimum configuration shown in FIG. 2 is used, personal information is not transmitted to the personal terminal 30 . Therefore, even when the personal terminal 30 is lost, a leakage of the personal information can be prevented. Since the personal terminal 30 is configured to deliver a QR code, indicating personal information, to the destination terminal 20 , disclosure of the personal information can be permitted only after the user of the personal terminal 30 confirms the QR code. Therefore, it is possible to prevent an unaware disclosure of the personal information an unknown third person. Further, by providing the effective period to the QR code, it is possible to decrease a possibility of browsing of the personal information by a third person who has illegally obtained the QR code.
  • the personal-information managing apparatus 10 having a minimum configuration shown in FIG. 2 , it is assumed that a legitimate person operates the destination terminal 20 or the personal terminal 30 . However, when a malicious third person operates the destination terminal 20 or the personal terminal 30 , a leakage of personal information is permitted.
  • the personal-information managing apparatus 10 that additionally includes an authentication function of the destination terminal 20 or the personal terminal 30 is explained next.
  • FIG. 7 is a schematic for illustrating an authentication of the personal terminal 30 .
  • the personal terminal 30 transmits a QR obtaining request, including a user ID and a telephone number, to the personal-information managing apparatus 10 (see ( 1 ) in FIG. 7 )
  • the personal-information managing apparatus 10 compares the received user ID and the received telephone number with a user ID and a telephone number that are registered in advance and managed in a “personal information” DB shown in FIG. 7 , thereby authenticating the personal terminal 30 (see ( 2 ) in FIG. 7 ).
  • a detailed process of the authentication is described later.
  • the personal-information managing apparatus 10 When the personal terminal 30 is authenticated successfully, the personal-information managing apparatus 10 generates a QR code for accessing personal information (see ( 3 ) in FIG. 7 ), and transmits this QR code to the personal terminal 30 . Thus, the personal terminal 30 obtains the QR code that indicates personal information (see ( 4 ) in FIG. 7 ).
  • FIG. 8 is a schematic for illustrating an authentication of the destination terminal 20 .
  • the personal-information managing apparatus 10 When the destination terminal 20 presents or transmits the QR code to the personal-information managing apparatus 10 (see ( 1 ) in FIG. 8 ), the personal-information managing apparatus 10 having received the QR code compares a destination terminal ID and an operator ID that are transmitted together with the QR code, with a destination terminal ID and an operator ID that are registered in advance and managed in a “destination information” DB in FIG. 8 , thereby authenticating the destination terminal 20 (see ( 2 ) in FIG. 8 ).
  • the personal-information managing apparatus 10 searches personal information corresponding to the received QR code (see ( 3 ) in FIG. 8 ), and transmits the extracted personal information to the destination terminal 20 .
  • the destination terminal 20 obtains personal information (see ( 4 ) in FIG. 8 ).
  • FIG. 9 is a block diagram of the personal-information managing apparatus 10 having an authentication function. Differences of the block diagram shown in FIG. 9 from the block diagram shown in FIG. 2 are mainly explained below, and explanation of common points is omitted.
  • the personal-information managing apparatus 10 added with the authentication function includes a user-authentication processing unit 12 e , a destination-authentication processing unit 12 f , an encryption processing unit 12 g , and a destination-information DB 13 c .
  • FIG. 9 depicts management in the personal-information DB 13 a of personal authentication information of the user of the personal terminal 30 .
  • the personal-information managing apparatus 10 can be also configured to manage the personal authentication information in a DB other than the personal-information DB 13 a.
  • the user-authentication processing unit 12 e authenticates the personal terminal 30 that has transmitted a request for obtaining access permission information (QR code). Specifically, the user-authentication processing unit 12 e compares information such as a telephone number, a user ID, and a code number that is received from the personal terminal 30 , with personal authentication information registered in advance in the personal-information DB 13 a , thereby authenticating the personal terminal 30 .
  • the personal authentication information is described later with reference to FIG. 10 .
  • the destination-authentication processing unit 12 f authenticates the destination terminal 20 that tries to obtain personal information by presenting a QR code. Specifically, the destination-authentication processing unit 12 f compares information such as the destination ID and the code number that is received from the destination terminal 20 , with the destination authentication information registered in advance in the destination-information DB 13 c , thereby authenticating the destination terminal 20 .
  • the encryption processing unit 12 g encrypts personal information to be transmitted by the personal-information notifying unit 12 d to the destination terminal 20 .
  • the encrypted and then transmitted personal information is decrypted by a decryption program that is installed in the legitimate destination terminal 20 , to be used.
  • a decryption program that is installed in the legitimate destination terminal 20 , to be used.
  • the destination-information DB 13 c is used to manage the destination authentication information of the destination terminal 20 or the operator of the destination terminal 20 .
  • FIG. 10 is a schematic for illustrating an example of personal authentication information and destination authentication information.
  • a table indicated by a reference numeral 101 shows an example of the personal authentication information
  • a table indicated by a reference numeral 102 shows an example of the destination authentication information.
  • the personal authentication information includes “telephone number”, “user ID”, and “code number”. Biometrics information of a fingerprint and a vein pattern can be also used instead of the code number.
  • the destination authentication information includes “destination ID”, “code number”, “reference”, “register”, “update”, and “delete”. For example, for a destination with a destination ID of “abcd1234”, only “reference” of the personal information is permitted. For a destination with a destination ID of “efgh5678”, “reference”, “register”, “update”, and “delete” are permitted.
  • a presentation level of personal information to the destination can be changed flexibly.
  • Biometrics information of a fingerprint and a vein pattern can be also used instead of the code number, like the personal authentication information.
  • an access level to the personal information is set for each destination.
  • a further detailed access level that is, an access level for each item of personal information.
  • FIG. 11 is a schematic for illustrating an example of the destination authentication information in accordance with personal information items.
  • the destination authentication information includes “destination ID”, “code number”, “item” that expresses personal information, “reference”, “register”, “update”, and “delete”.
  • the destination terminal 20 can be configured as a dedicated terminal for browsing personal information.
  • the destination terminal 20 that is configured as a dedicated terminal is explained below.
  • FIG. 12 is a block diagram of the destination terminal 20 according to the present embodiment.
  • the destination terminal 20 includes an interface 21 a , a display unit 21 b , a QR-code receiving unit 22 a , a personal-information requesting unit 22 b , a personal-information obtaining unit 22 c , and a data deleting unit 22 d .
  • FIG. 12 only key processors among many included in the destination terminal 20 are shown.
  • the interface 21 a can be configured by a communication device that exchanges data between the personal-information managing apparatus 10 and the personal terminal 30 .
  • the interface 21 a receives a QR code from the personal terminal 30 , presents or transmits the QR code to the personal-information managing apparatus 10 , and receives personal information.
  • the interface 21 a can be also configured by a radio device or a wired device.
  • the display unit 21 b is configured by a display unit device such as a liquid crystal display unit.
  • the display unit 21 b display units personal information obtained from the personal-information managing apparatus 10 .
  • the QR-code receiving unit 22 a is a processor that receives a QR code from the personal terminal 30 via the interface 21 a , and delivers the received QR code to the personal-information requesting unit 22 b .
  • the personal-information requesting unit 22 b transmits the QR code received from the QR-code receiving unit 22 a , to the personal-information managing apparatus 10 .
  • the personal-information requesting unit 22 b transmits the QR code together with the destination ID and the code number shown in the table indicated by 102 in FIG. 10 , to the personal-information managing apparatus 10 .
  • the personal-information obtaining unit 22 c is a processor that obtains personal information from the personal-information managing apparatus 10 via the interface 21 a , and outputs the obtained personal information to the display unit 21 b .
  • the data deleting unit 22 d is a processor that erases personal information stored in a random access memory (RAM) or the like after the personal information is display united on the display unit 21 b . By erasing the personal information after this information is used, it is possible to effectively prevent a leakage of the personal information that remains in the destination terminal 20 .
  • RAM random access memory
  • the personal-information managing apparatus 10 can be added with a function of notifying the reference of personal information, a function of updating personal information, and a function of notifying the update of the personal information.
  • the personal-information managing apparatus 10 added with the function of updating personal information and the function of notifying the update of the personal information is explained below with reference to FIG. 14 .
  • FIG. 13 is a schematic for illustrating a personal-information-reference notifying process.
  • the personal-information managing apparatus 10 searches personal information corresponding to the QR code (see ( 2 ) in FIG. 13 ), and transmits the obtained personal information to the destination terminal 20 .
  • the destination terminal 20 obtains the personal information (see ( 3 ) in FIG. 13 ).
  • the personal-information managing apparatus 10 transmits a personal information reference notice, indicating that the personal information is disclosed to the destination terminal 20 , to the personal terminal 30 (see ( 4 ) in FIG. 13 ).
  • a personal information reference notice indicating that the personal information is disclosed to the destination terminal 20
  • the personal terminal 30 can confirm the reference state of the personal information, and can quickly know a leakage of the personal information attributable to an illegitimate practice.
  • An e-mail, a short message, a telephone, a facsimile, and the like can be used as means for notifying the reference of the personal information in ( 4 ) in FIG. 13 .
  • FIG. 14 is a schematic for illustrating a personal-information updating process and a personal-information-update notifying process.
  • the personal-information managing apparatus 10 updates the personal information subject to a condition that the destination terminal 20 has passed the authentication process (see ( 2 ) in FIG. 14 ), and transmits a personal information update notice, indicating that the personal information is updated, to the personal terminal 30 (see ( 3 ) in FIG. 14 ).
  • the personal terminal 30 can confirm the updated state of the personal information, and can quickly know tampering and the like of the personal information.
  • Email, short message, telephone, facsimile, and the like can be used as means for notifying the updating of the personal information in ( 3 ) in FIG. 14 .
  • FIG. 15 is a block diagram of the personal-information managing apparatus 10 having a personal-information updating function and a personal-information notifying function. Differences of the block diagram shown in FIG. 15 from the block diagram shown in FIG. 9 are mainly explained below, and an explanation of common points is omitted.
  • the personal-information managing apparatus 10 added with the personal information updating and notification functions has a personal-information-reference-and-update notifying unit 12 h and a personal-information updating unit 12 i .
  • the personal-information-reference-and-update notifying unit 12 h monitors the access state of the personal-information DB 13 a , and notifies a reference or updating of the personal information, if any, to the personal terminal 30 .
  • the personal-information updating unit 12 i receives a request for updating personal information subject to a condition that the “update” item of the destination authentication information shown in the table of 102 in FIG. 10 or FIG. 11 is permitted, regarding the destination terminal 20 that is successful in authenticating the destination-authentication processing unit 12 f .
  • the personal-information updating unit 12 i updates the personal-information DB 13 a based on the received request for updating the personal information.
  • the personal-information managing apparatus 10 can also additionally have a charge function.
  • the personal-information managing apparatus 10 can charge according to the provision of personal information. Further, the personal-information managing apparatus 10 can charge the user of the personal terminal 30 a penalty for violating the driver's license and medical service fee regarding an insurance card.
  • the personal-information managing apparatus 10 added with the charge function is explained next.
  • FIG. 16 is a schematic for illustrating a charging process.
  • the destination terminal 20 transmits a request for referencing personal information or a request for updating the personal information to the personal-information managing apparatus 10 (see ( 1 ) in FIG. 16 )
  • the personal-information managing apparatus 10 having received this request updates charge information for each reference and update of the personal information (see ( 2 ) in FIG. 16 ).
  • the personal-information managing apparatus 10 charges the user of the personal terminal 30 based on the charge information.
  • FIG. 17 is a schematic for illustrating a charge-information updating process.
  • the destination terminal 20 transmits a request for updating the charge information to the personal-information managing apparatus 10 (see ( 1 ) in FIG. 17 )
  • the personal-information managing apparatus 10 having received this request updates the charge information (see ( 2 ) in FIG. 17 ).
  • the charge-information updating process shown in FIG. 17 corresponds to a charge of penalty for a traffic violation.
  • FIG. 18 is a block diagram of the personal-information managing apparatus 10 having a record function and a charge function. Differences of the block diagram shown in FIG. 18 from the block diagram shown in FIG. 15 are mainly explained below, and explanation of common points is omitted.
  • the personal-information managing apparatus 10 added with the record function and the charge function further includes a charging processing unit 12 j , a disclosure-record DB 13 d , and a charge-information DB 13 e .
  • the charging processing unit 12 j charges the user of the personal terminal 30 based on charge information stored in the charge-information DB 13 e .
  • the personal terminal 30 is charged.
  • the disclosure-record DB 13 d stores a disclosure record (for example, a disclosure content, a type of access such as updating and deleting, and date and time).
  • a disclosure record for example, a disclosure content, a type of access such as updating and deleting, and date and time.
  • the charge-information DB 13 e calculates charge amount based on an issuance state (including a change of the effective period) of access permission information (QR code) stored in the access-permission-information DB 13 b , and a disclosure record of personal information stored in the disclosure-record DB 13 d .
  • the charge-information DB 13 e stores charge information with the calculated amount related to a charge destination.
  • the access permission information for accessing personal information of a specific user is issued in response to a request from the personal terminal used by the user.
  • the destination terminal having received the access permission information from the personal terminal notifies the destination terminal about the personal information corresponding to the access permission information subject to a condition that the access permission information has been presented.
  • the access permission information can be delivered easily from the personal terminal to the destination terminal.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Business, Economics & Management (AREA)
  • Medical Informatics (AREA)
  • Computing Systems (AREA)
  • General Business, Economics & Management (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

An access-permission-information issuing unit issues access permission information for accessing personal information on a user, in response to a request from a personal terminal of the user. A personal-information notifying unit notifies a destination terminal of the personal information corresponding to the access permission information, under conditions that the destination terminal that received the access permission information from the personal terminal presents the access permission information.

Description

    BACKGROUND OF THE INVENTION
  • 1. Field of the Invention
  • The present invention relates to a technology for providing electronic personal information with enhanced convenience of confirming a user while preventing a leakage of the personal information.
  • 2. Description of the Related Art
  • Recently, digital authentication systems that combine an identification (ID) code for identifying a person and authentication information (such as a code number and biometrics information using fingerprint and vein) for certifying that the ID code is used by the identified person is widely used.
  • While such digital authentication systems are being spread, certificates such as a driver's license, an insurance card, and a passport are usually issued as a paper medium by government authorities. A printing technique of hologram and a rewrite preventing seal is used for the paper certificates, and these certificates are obligatorily updated every constant period to prevent falsification of the certificates.
  • However, it is troublesome to always carry the paper certificate for an identification of an individual. There is also a possibility of occurrence of an error in visual confirmation of the certificate when a third person tries to identify the person holding the certificate. Therefore, there are various proposals of techniques for increasing convenience of the certificate by computerization or digitalization of the certificate.
  • For example, Japanese Patent Application Laid-Open No. 2002-207838 discloses a technique of transmitting an electronic certificate (such as a driver's license and an insurance card, which are hereinafter referred to as an “electronic certificate”) to a user's portable terminal. Japanese Patent Application Laid-Open No. 2002-366675 discloses a technique of transmitting an electronic certificate to a user-confirmation terminal based on a transmission request sent from a user's terminal.
  • However, according to the technique disclosed in the former literature, if the portable terminal having received the electronic certificate is lost, a malicious third person who obtains this portable terminal can misuse the electronic certificate.
  • It is considered to directly transmit the electronic certificate to the user-confirmation terminal instead of the user's portable terminal by using the technique disclosed in the latter literature. However, according to this technique, since the electronic certificate is delivered to a third person without passing through the user of the certificate, there is a possibility of a personal information leakage. Therefore, this technique is unpopular among general users.
  • Therefore, it is very important to realize a personal-information providing method that can increase convenience of confirming a user while preventing leakage of the personal information.
    • SUMMARY OF THE INVENTION
  • It is an object of the present invention to at least solve the problems in the conventional technology.
  • A personal-information managing apparatus according to one aspect of the present invention includes an access-permission-information issuing unit that issues access permission information for accessing personal information on a user, in response to a request from a personal terminal of the user; and a personal-information notifying unit that notifies a destination terminal of the personal information corresponding to the access permission information, under conditions that the destination terminal that received the access permission information from the personal terminal presents the access permission information.
  • A method according to another aspect of the present invention is for providing personal information using a personal-information managing apparatus that manages electronic personal information. The method includes issuing including the personal-information managing apparatus issuing access permission information for accessing personal information on a user, in response to a request from a personal terminal of the user; and notifying including the personal-information managing apparatus notifying a destination terminal of the personal information corresponding to the access permission information, under conditions that the destination terminal that received the access permission information from the personal terminal presents the access permission information.
  • A computer-readable recording medium according to still another aspect of the present invention stores a computer program for a personal-information managing apparatus that manages electronic personal information. The computer program causes a computer to execute issuing access permission information for accessing personal information on a user, in response to a request from a personal terminal of the user; and notifying a destination terminal of the personal information corresponding to the access permission information, under conditions that the destination terminal that received the access permission information from the personal terminal presents the access permission information.
  • A personal-information-providing system according to still another aspect of the present invention includes a personal-information managing apparatus that manages electronic personal information; a personal terminal that is used by a user; and a destination terminal that is a disclosure destination of the personal information. The personal-information managing apparatus includes an access-permission-information issuing unit that issues access permission information for accessing personal information on a user, in response to a request from a personal terminal of the user; and a personal-information notifying unit that notifies a destination terminal of the personal information corresponding to the access permission information, under conditions that the destination terminal that received the access permission information from the personal terminal presents the access permission information. The personal terminal includes an access-permission-information delivering unit that delivers the access permission information issued by the personal-information managing apparatus to the destination terminal. The destination terminal includes an access-permission-information presenting unit that presents the access permission information delivered from the personal terminal to the personal-information managing apparatus.
  • A method according to still another aspect of the present invention is for providing personal information using a personal-information managing apparatus that manages electronic personal information, a personal terminal that is used by a user, and a destination terminal that is a disclosure destination of the personal information. The method includes issuing including the personal-information managing apparatus issuing access permission information for accessing personal information on a user, in response to a request from the personal terminal of the user; delivering including the personal terminal delivering the access permission information issued by the personal-information managing apparatus to the destination terminal; presenting including the destination terminal presenting the access permission information delivered from the personal terminal to the personal-information managing apparatus; and notifying including the personal-information managing apparatus notifying the destination terminal of the personal information corresponding to the access permission information under conditions that the destination terminal presented the access permission information.
  • The above and other objects, features, advantages and technical and industrial significance of this invention will be better understood by reading the following detailed description of presently preferred embodiments of the invention, when considered in connection with the accompanying drawings.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a schematic for illustrating a personal-information providing method according an embodiment of the present invention;
  • FIG. 2 is a block diagram of a personal-information managing apparatus according to the present embodiment;
  • FIG. 3 is a flowchart of a processing procedure for a process performed by a personal-information-providing system;
  • FIG. 4 is a flowchart of a processing procedure for a process when a quick-response (QR) code includes an effective period;
  • FIG. 5 is a flowchart of a processing procedure for a process when the QR code does not include the effective period;
  • FIG. 6 is a flowchart of a processing procedure for a process when a change of the effective period is permitted;
  • FIG. 7 is a schematic for illustrating an authentication of a personal terminal;
  • FIG. 8 is a schematic for illustrating an authentication of a destination terminal;
  • FIG. 9 is a block diagram of a personal-information managing apparatus having an authentication function;
  • FIG. 10 is a schematic for illustrating an example of personal authentication information and destination authentication information;
  • FIG. 11 is a schematic for illustrating an example of the destination authentication information in accordance with personal information items;
  • FIG. 12 is a block diagram of the destination terminal according to the present embodiment;
  • FIG. 13 is a schematic for illustrating a personal-information-reference notifying process;
  • FIG. 14 is a schematic for illustrating a personal-information updating process and a personal-information-update notifying process;
  • FIG. 15 is a block diagram of a personal-information managing apparatus having a personal-information updating function and a personal-information notifying function;
  • FIG. 16 is a schematic for illustrating a charging process;
  • FIG. 17 is a schematic for illustrating a charge-information updating process; and
  • FIG. 18 is a block diagram of a personal-information managing apparatus having a record function and a charge function.
    • DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • Exemplary embodiments of the present invention are explained below in detail with reference to the accompanying drawings.
  • FIG. 1 is a schematic for illustrating a personal-information providing method according an embodiment of the present invention. In the personal-information providing method according to the present invention, personal information is provided by mutually exchanging data between a personal-information managing apparatus 10, a destination terminal 20, and a personal terminal 30. Commercially available portable telephones and personal digital assistant (PDA) terminals can be used for the destination terminal 20 and the personal terminal 30.
  • In the personal-information providing method according to the present invention, the personal-information managing apparatus 10 issues access permission information (such as a QR code) for permitting access to personal information, in response to a request from the personal terminal 30. The personal terminal 30 delivers the obtained QR code to the destination terminal 20. The destination terminal 20 presents the QR code to the personal-information managing apparatus 10, thereby obtaining the personal information corresponding to the QR code.
  • Specifically, when the personal terminal 30 transmits a QR code obtaining request to the personal-information managing apparatus 10 (see (1) in FIG. 1), the personal-information managing apparatus 10 having received this request generates a QR code for accessing corresponding personal information (see (2) in FIG. 1), and transmits the QR code to the personal terminal 30. Thus, the personal terminal 30 obtains the transmitted QR code (see (3) in FIG. 1).
  • The personal terminal 30 delivers the QR code to the destination terminal 20 which is a destination of the personal information (see (4) in FIG. 1). The QR code is delivered to the destination terminal 20 when a user of the personal terminal 30 operates the personal terminal 30 to make the destination terminal 20, installed in a shop register or the like, read the QR code (or transmit the QR code to the destination terminal 20), to identify the own self.
  • When the destination terminal 20 presents the QR code to the personal-information managing apparatus 10 (see (5) in FIG. 1), the personal-information managing apparatus 10 searches the personal information corresponding to the presented QR code (see (6) in FIG. 1), and transmits the personal information to the destination terminal 20. Thus, the destination terminal 20 obtains the personal information (see (7) in FIG. 1).
  • The personal terminal 30 receives only the QR code that indicates the personal information instead of receiving the personal information. Therefore, the personal terminal 30 does not hold the personal information. A terminal that can obtain the personal information based on the presentation of the QR code is limited to the destination terminal 20. Therefore, even when the personal terminal 30 is lost, the personal information is not leaked out.
  • The personal-information providing method according to the present invention includes the operation of delivering the QR code from the personal terminal 30 to the destination terminal 20. Therefore, the personal information is provided via the user of the personal terminal 30. In other words, the user's confirmation is necessary to provide the personal information. Consequently, it is possible to prevent an unaware transmission of the personal information to an unknown third person.
  • According to the present embodiment, the use of the QR code that indicates personal information as access permission information is explained. Alternatively, a uniform resource locator (URL), a file identifier, and a data identifier can be also used to indicate the personal information.
  • In generating the QR code (see (2) in FIG. 1), the personal-information managing apparatus 10 can extract corresponding personal information from a personal information database (DB), copy the extracted personal information to a predetermined temporary area, and generate the QR code which indicates the copy of the personal information. With this arrangement, an illegal use of the personal information such as tampering can be prevented effectively.
  • FIG. 2 is a block diagram of the personal-information managing apparatus 10 according to the present embodiment. The block diagram in FIG. 2 depicts a minimum configuration of the personal-information managing apparatus 10. Configurations of the personal-information managing apparatus 10 shown in FIG. 2 added with other constituent elements are explained later with reference to FIG. 9, FIG. 15, and FIG. 18.
  • The personal-information managing apparatus 10 includes an interface 11 a, an interface 11 b, an access-permission-information generating unit 12 a, an access-permission-information issuing unit 12 b, a personal-information obtaining unit 12 c, a personal-information notifying unit 12 d, a personal-information DB 13 a, and an access-permission-information DB 13 b.
  • The interface 11 a is configured by a communication device that exchanges data with the personal terminal 30. The interface 11 a is a processor that receives a request of obtaining access permission information, from the personal terminal 30, delivers the obtaining request to the access-permission-information generating unit 12 a, and transmits the access permission information received from the access-permission-information issuing unit 12 b to the personal terminal 30. The interface 11 a can be configured by a radio device or a wired device.
  • The interface 11 b is configured by a communication device that exchanges data with the destination terminal 20. The interface 11 b is a processor that receives presentation of the access permission information from the destination terminal 20, delivers the access permission information to the personal-information obtaining unit 12 c, and transmits the personal information received from the personal-information notifying unit 12 d to the destination terminal 20. The interface 11 b can be configured by a radio device or a wired device similarly to the interface 11 a. While the interface 11 a is separated from the interface 11 b in this embodiment, the interfaces 11 a and 11 b can be configured as one processor.
  • The access-permission-information generating unit 12 a is a processor that receives an access permission information obtaining request from the personal terminal 30 via the interface 11 a, and extracts personal information corresponding to the obtaining request from the personal-information DB 13 a. The access-permission-information generating unit 12 a also generates access permission information indicating the extracted personal information, delivers the access permission information to the access-permission-information issuing unit 12 b, and stores the access permission information in the access-permission-information DB 13 b.
  • The access-permission-information generating unit 12 a generates a QR code that indicates corresponding personal information, as the access permission information. A URL, a file identifier, and a data identifier can be also generated, instead of the QR code.
  • The access-permission-information issuing unit 12 b is a processor that issues the access permission information (QR code) generated by the access-permission-information generating unit 12 a, to the personal terminal 30 via the interface 11 a.
  • The personal-information obtaining unit 12 c is a processor that receives the access permission information (QR code) from the destination terminal 20 via the interface 11 b, and obtains personal information corresponding to the access permission information by searching the access-permission-information DB 13 b. Specifically, the personal-information obtaining unit 12 c extracts information that coincides with the access permission information presented by the destination terminal 20, from the access-permission-information DB 13 b, and obtains personal information indicated by the extracted access permission information from the personal-information DB 13 a. The personal-information obtaining unit 12 c delivers the obtained personal information to the personal-information notifying unit 12 d.
  • The personal-information notifying unit 12 d is a processor that notifies the personal information received from the personal-information obtaining unit 12 c, to the destination terminal 20 via the interface 11 b.
  • The personal-information DB 13 a stores electronic certificates of a driver's license, an insurance card, a passport, and the like. The personal information stored in the personal-information DB 13 a is information having various kinds of information such as name and address related to an identifier such as an ID code that uniquely identifies each person.
  • The access-permission-information DB 13 b stores the access permission information (such as a QR code) generated by the access-permission-information generating unit 12 a, together with a date of generating the access permission information and an effective period of the access permission information. While the access-permission-information DB 13 b is configured separately from the personal-information DB 13 a in this embodiment, the personal-information DB 13 a can be also configured to store same information as that stored in the access-permission-information DB 13 b.
  • FIG. 3 is a flowchart of a processing procedure for a process performed by the personal-information-providing system. In the following explanation, a “QR code” is used as the “access permission information”.
  • When the personal terminal 30 transmits a request for obtaining a QR code to the personal-information managing apparatus 10 (step S101), the personal-information managing apparatus 10 having received this obtaining request extracts corresponding personal information from the personal-information DB 13 a, and copies the extracted personal information (step S102). The personal-information managing apparatus 10 generates a QR code indicating this copy (step S103), and transmits the generated QR code to the personal terminal 30 (step S104).
  • The user of the personal terminal 30 operates the personal terminal 30 to make the destination terminal 20 read the QR code, thereby delivering the QR code to the destination terminal 20 (step S105). The destination terminal 20 having received the QR code presents this QR code to the personal-information managing apparatus 10 (step S106). The personal-information managing apparatus 10 presented with the QR code searches personal information (searches the copy) corresponding to the QR code (step S107), and transmits the extracted personal information to the destination terminal 20 (step S108). The destination terminal 20 receives the personal information, and display units the personal information (step S109).
  • While the process flow of providing personal information via a QR code is explained above with reference to FIG. 3, the QR code can be set with an effective period so that personal information can be provided during only this effective period of the QR code. A process flow when the QR code has an effective period is explained below with reference to FIG. 4.
  • FIG. 4 is a flowchart of a processing procedure for a process when a quick-response (QR) code includes an effective period. A process procedure corresponding to step S103 shown in FIG. 3 is expressed as step S201 in FIG. 4, and subsequent process procedure is shown in FIG. 4. Process procedures corresponding to steps S101 and S102 shown in FIG. 3 are omitted from FIG. 4.
  • When receiving a QR code obtaining request from the personal terminal 30, the personal-information managing apparatus 10 generates a QR code with an effective period (step S201), and transmits the generated QR code to the personal terminal 30 (step S202). The user of the personal terminal 30 operates the personal terminal 30 to make the destination terminal 20 read the QR code, thereby delivering the QR code to the destination terminal 20 (step S203). The destination terminal 20 receives the QR code, and presents or transmits the QR code to the personal-information managing apparatus 10 (step S204).
  • The personal-information managing apparatus 10 presented with the QR code compares the effective period included in the QR code with the current time, and determines whether the current time is within the effective period of the QR code (step S205). When the current time is within the effective period (step S205: Yes), the personal-information managing apparatus 10 searches personal information (searches the copy) corresponding to the QR code (step S206), and transmits the extracted personal information to the destination terminal 20 (step S207). The destination terminal 20 receives the personal information, and display units the personal information (step S208). When it is determined that the current time has passed the effective period at step S205 (step S205: No), the process after step S206 is not carried out.
  • While the effective period management using the QR code having an effective period is explained above with reference to FIG. 4, the effective period can be also managed without including an effective period in the QR code. The effective period management without including an effective period in the QR code is explained below with reference to FIG. 5.
  • FIG. 5 is a flowchart of a processing procedure for a process when the QR code does not include the effective period. The QR code indicates a “QR code that does not include an effective period”. A process procedure corresponding to step S202 in FIG. 4 is expressed as step S301 in FIG. 5, and subsequent process procedure is shown in FIG. 5.
  • The personal-information managing apparatus 10 transmits a generated QR code (that does not include an effective period) to the personal terminal 30 (step S301). At the same time, the personal-information managing apparatus 10 manages the QR code by relating it to the effective period, in the access-permission-information DB 13 b (step S302). The user of the personal terminal 30 operates the personal terminal 30 to make the destination terminal 20 read the QR code, thereby delivering the QR code to the destination terminal 20 (step S303). The destination terminal 20 receives the QR code, and presents or transmits the QR code to the personal-information managing apparatus 10 (step S304).
  • The personal-information managing apparatus 10 presented with the QR code searches the access-permission-information DB 13 b for the effective period corresponding to the QR code (step S305). The personal-information managing apparatus 10 compares the extracted effective period with the current time to determine whether the current time is within the effective period (step S306). When it is determined that the current time is within the effective period (step S306: Yes), the personal-information managing apparatus 10 searches personal information (searches the copy) corresponding to the QR code (step S307), and transmits the extracted personal information to the destination terminal 20 (step S308).
  • The destination terminal 20 having received the personal information display units the personal information (step S309). When it is determined at step S306 that the current time has passed the effective period (step S306: No), the process after step S307 is not carried out.
  • While an example of setting in advance the effective period during which personal information can be accessed is explained with reference to the flowcharts shown in FIG. 4 and FIG. 5 respectively, it is also possible to configure the personal-information managing apparatus such that the device can change the effective period. An example of permitting a change of the effective period is explained next with reference to FIG. 6. FIG. 6 is a flowchart of a processing procedure for a process when a change of the effective period is permitted.
  • The personal-information managing apparatus 10 transmits a QR code to the personal terminal 30 (step S401), and manages the QR code by relating it to the effective period, in the access-permission-information DB 13 b (step S402). The user of the personal terminal 30 wanting to change the effective period operates the personal terminal 30 to transmit an effective period change request to the personal-information managing apparatus 10 (step S403). It is also possible to instantly terminate the effective period based on the effective period change request.
  • The personal-information managing apparatus 10 having received the effective period change request refers to the access-permission-information DB 13 b, thereby determining whether the current time is within the effective period of the QR code (step S404). When the current time is within the effective period (step S404: Yes), the personal-information managing apparatus 10 changes the effective period (step S405). On the other hand, when the current time has passed the effective period (step S404: No), the personal-information managing apparatus 10 ends the processing without changing the effective period.
  • While an example in which the effective period can be changed has been explained with reference to the flowchart shown in FIG. 6, the personal-information managing apparatus 10 can be also configured not to permit a change of the effective period. While the effective period is permitted to be changed during only the effective period of the QR code with reference to FIG. 6, it can be arranged such that only a reduction of an initially set effective period is permitted without permitting extension of the effective period. With this arrangement, it is possible to avoid repetitive extension of the effective period, which can make the effective period itself meaningless.
  • As described above, when the personal-information managing apparatus 10 having a minimum configuration shown in FIG. 2 is used, personal information is not transmitted to the personal terminal 30. Therefore, even when the personal terminal 30 is lost, a leakage of the personal information can be prevented. Since the personal terminal 30 is configured to deliver a QR code, indicating personal information, to the destination terminal 20, disclosure of the personal information can be permitted only after the user of the personal terminal 30 confirms the QR code. Therefore, it is possible to prevent an unaware disclosure of the personal information an unknown third person. Further, by providing the effective period to the QR code, it is possible to decrease a possibility of browsing of the personal information by a third person who has illegally obtained the QR code.
  • In the personal-information managing apparatus 10 having a minimum configuration shown in FIG. 2, it is assumed that a legitimate person operates the destination terminal 20 or the personal terminal 30. However, when a malicious third person operates the destination terminal 20 or the personal terminal 30, a leakage of personal information is permitted. The personal-information managing apparatus 10 that additionally includes an authentication function of the destination terminal 20 or the personal terminal 30 is explained next.
  • FIG. 7 is a schematic for illustrating an authentication of the personal terminal 30. As shown in FIG. 7, when the personal terminal 30 transmits a QR obtaining request, including a user ID and a telephone number, to the personal-information managing apparatus 10 (see (1) in FIG. 7), the personal-information managing apparatus 10 compares the received user ID and the received telephone number with a user ID and a telephone number that are registered in advance and managed in a “personal information” DB shown in FIG. 7, thereby authenticating the personal terminal 30 (see (2) in FIG. 7). A detailed process of the authentication is described later.
  • When the personal terminal 30 is authenticated successfully, the personal-information managing apparatus 10 generates a QR code for accessing personal information (see (3) in FIG. 7), and transmits this QR code to the personal terminal 30. Thus, the personal terminal 30 obtains the QR code that indicates personal information (see (4) in FIG. 7).
  • FIG. 8 is a schematic for illustrating an authentication of the destination terminal 20. When the destination terminal 20 presents or transmits the QR code to the personal-information managing apparatus 10 (see (1) in FIG. 8), the personal-information managing apparatus 10 having received the QR code compares a destination terminal ID and an operator ID that are transmitted together with the QR code, with a destination terminal ID and an operator ID that are registered in advance and managed in a “destination information” DB in FIG. 8, thereby authenticating the destination terminal 20 (see (2) in FIG. 8).
  • When the destination terminal 20 is authenticated successfully, the personal-information managing apparatus 10 searches personal information corresponding to the received QR code (see (3) in FIG. 8), and transmits the extracted personal information to the destination terminal 20. Thus, the destination terminal 20 obtains personal information (see (4) in FIG. 8).
  • As shown in FIGS. 7 and 8, when the function of authenticating the destination terminal 20 or the personal terminal 30 is added to the personal-information managing apparatus 10, it is possible to prevent a malicious third person from operating the destination terminal 20 or the personal terminal 30. Therefore, a leakage of personal information can be prevented effectively.
  • FIG. 9 is a block diagram of the personal-information managing apparatus 10 having an authentication function. Differences of the block diagram shown in FIG. 9 from the block diagram shown in FIG. 2 are mainly explained below, and explanation of common points is omitted.
  • The personal-information managing apparatus 10 added with the authentication function includes a user-authentication processing unit 12 e, a destination-authentication processing unit 12 f, an encryption processing unit 12 g, and a destination-information DB 13 c. FIG. 9 depicts management in the personal-information DB 13 a of personal authentication information of the user of the personal terminal 30. Alternatively, the personal-information managing apparatus 10 can be also configured to manage the personal authentication information in a DB other than the personal-information DB 13 a.
  • The user-authentication processing unit 12 e authenticates the personal terminal 30 that has transmitted a request for obtaining access permission information (QR code). Specifically, the user-authentication processing unit 12 e compares information such as a telephone number, a user ID, and a code number that is received from the personal terminal 30, with personal authentication information registered in advance in the personal-information DB 13 a, thereby authenticating the personal terminal 30. The personal authentication information is described later with reference to FIG. 10.
  • The destination-authentication processing unit 12 f authenticates the destination terminal 20 that tries to obtain personal information by presenting a QR code. Specifically, the destination-authentication processing unit 12 f compares information such as the destination ID and the code number that is received from the destination terminal 20, with the destination authentication information registered in advance in the destination-information DB 13 c, thereby authenticating the destination terminal 20.
  • The encryption processing unit 12 g encrypts personal information to be transmitted by the personal-information notifying unit 12 d to the destination terminal 20. The encrypted and then transmitted personal information is decrypted by a decryption program that is installed in the legitimate destination terminal 20, to be used. By encrypting the personal information to be transmitted, a leakage of the personal information in a transmission path can be effectively prevented.
  • The destination-information DB 13 c is used to manage the destination authentication information of the destination terminal 20 or the operator of the destination terminal 20.
  • FIG. 10 is a schematic for illustrating an example of personal authentication information and destination authentication information. A table indicated by a reference numeral 101 shows an example of the personal authentication information, and a table indicated by a reference numeral 102 shows an example of the destination authentication information.
  • As shown in the table indicated by 101 in FIG. 10, the personal authentication information includes “telephone number”, “user ID”, and “code number”. Biometrics information of a fingerprint and a vein pattern can be also used instead of the code number.
  • As shown in the table indicated by 102 in FIG. 10, the destination authentication information includes “destination ID”, “code number”, “reference”, “register”, “update”, and “delete”. For example, for a destination with a destination ID of “abcd1234”, only “reference” of the personal information is permitted. For a destination with a destination ID of “efgh5678”, “reference”, “register”, “update”, and “delete” are permitted.
  • As explained above, by setting an access level to personal information for each destination ID, a presentation level of personal information to the destination can be changed flexibly. Biometrics information of a fingerprint and a vein pattern can be also used instead of the code number, like the personal authentication information.
  • In the destination authentication information shown in the table indicated by 102 in FIG. 10, an access level to the personal information is set for each destination. Alternatively, it is also possible to set a further detailed access level, that is, an access level for each item of personal information.
  • FIG. 11 is a schematic for illustrating an example of the destination authentication information in accordance with personal information items. The destination authentication information includes “destination ID”, “code number”, “item” that expresses personal information, “reference”, “register”, “update”, and “delete”.
  • For example, for a destination with a destination ID of “abcd1234”, all items from “reference” to “delete” are permitted with respect to item A (name and address). On the other hand, no operation is permitted with respect to item B (occupation) and item C (annual income). By setting an access level to each item of the personal information in this way, a disclosure range of the personal information can be flexibly changed for each destination.
  • In the above explanation, a portable telephone and a PDA terminal that are commercially available are used as the destination terminal 20. Alternatively, the destination terminal 20 can be configured as a dedicated terminal for browsing personal information. The destination terminal 20 that is configured as a dedicated terminal is explained below.
  • FIG. 12 is a block diagram of the destination terminal 20 according to the present embodiment. The destination terminal 20 includes an interface 21 a, a display unit 21 b, a QR-code receiving unit 22 a, a personal-information requesting unit 22 b, a personal-information obtaining unit 22 c, and a data deleting unit 22 d. In FIG. 12, only key processors among many included in the destination terminal 20 are shown.
  • The interface 21 a can be configured by a communication device that exchanges data between the personal-information managing apparatus 10 and the personal terminal 30. The interface 21 a receives a QR code from the personal terminal 30, presents or transmits the QR code to the personal-information managing apparatus 10, and receives personal information. The interface 21 a can be also configured by a radio device or a wired device. The display unit 21 b is configured by a display unit device such as a liquid crystal display unit. The display unit 21 b display units personal information obtained from the personal-information managing apparatus 10.
  • The QR-code receiving unit 22 a is a processor that receives a QR code from the personal terminal 30 via the interface 21 a, and delivers the received QR code to the personal-information requesting unit 22 b. The personal-information requesting unit 22 b transmits the QR code received from the QR-code receiving unit 22 a, to the personal-information managing apparatus 10. The personal-information requesting unit 22 b transmits the QR code together with the destination ID and the code number shown in the table indicated by 102 in FIG. 10, to the personal-information managing apparatus 10.
  • The personal-information obtaining unit 22 c is a processor that obtains personal information from the personal-information managing apparatus 10 via the interface 21 a, and outputs the obtained personal information to the display unit 21 b. The data deleting unit 22 d is a processor that erases personal information stored in a random access memory (RAM) or the like after the personal information is display united on the display unit 21 b. By erasing the personal information after this information is used, it is possible to effectively prevent a leakage of the personal information that remains in the destination terminal 20.
  • The personal-information managing apparatus 10 can be added with a function of notifying the reference of personal information, a function of updating personal information, and a function of notifying the update of the personal information. The personal-information managing apparatus 10 added with the function of updating personal information and the function of notifying the update of the personal information is explained below with reference to FIG. 14.
  • FIG. 13 is a schematic for illustrating a personal-information-reference notifying process. When the destination terminal 20 presents a QR code to the personal-information managing apparatus 10 (see (1) in FIG. 13), the personal-information managing apparatus 10 searches personal information corresponding to the QR code (see (2) in FIG. 13), and transmits the obtained personal information to the destination terminal 20. Thus, the destination terminal 20 obtains the personal information (see (3) in FIG. 13).
  • The personal-information managing apparatus 10 transmits a personal information reference notice, indicating that the personal information is disclosed to the destination terminal 20, to the personal terminal 30 (see (4) in FIG. 13). As explained above, when the fact that the personal information is referenced is notified to the personal terminal 30, the personal terminal 30 can confirm the reference state of the personal information, and can quickly know a leakage of the personal information attributable to an illegitimate practice.
  • An e-mail, a short message, a telephone, a facsimile, and the like can be used as means for notifying the reference of the personal information in (4) in FIG. 13.
  • FIG. 14 is a schematic for illustrating a personal-information updating process and a personal-information-update notifying process. When the destination terminal 20 transmits a personal information updating request to the personal-information managing apparatus 10 (see (1) in FIG. 14), the personal-information managing apparatus 10 updates the personal information subject to a condition that the destination terminal 20 has passed the authentication process (see (2) in FIG. 14), and transmits a personal information update notice, indicating that the personal information is updated, to the personal terminal 30 (see (3) in FIG. 14).
  • As explained above, if the personal information can be updated, information such as a violation record of a driver's license and a test record at a hospital regarding an insurance card can always be kept up to date.
  • By notifying the personal terminal 30 that the personal information has been updated, the personal terminal 30 can confirm the updated state of the personal information, and can quickly know tampering and the like of the personal information. Email, short message, telephone, facsimile, and the like can be used as means for notifying the updating of the personal information in (3) in FIG. 14.
  • FIG. 15 is a block diagram of the personal-information managing apparatus 10 having a personal-information updating function and a personal-information notifying function. Differences of the block diagram shown in FIG. 15 from the block diagram shown in FIG. 9 are mainly explained below, and an explanation of common points is omitted.
  • The personal-information managing apparatus 10 added with the personal information updating and notification functions has a personal-information-reference-and-update notifying unit 12 h and a personal-information updating unit 12 i. The personal-information-reference-and-update notifying unit 12 h monitors the access state of the personal-information DB 13 a, and notifies a reference or updating of the personal information, if any, to the personal terminal 30.
  • The personal-information updating unit 12 i receives a request for updating personal information subject to a condition that the “update” item of the destination authentication information shown in the table of 102 in FIG. 10 or FIG. 11 is permitted, regarding the destination terminal 20 that is successful in authenticating the destination-authentication processing unit 12 f. The personal-information updating unit 12 i updates the personal-information DB 13 a based on the received request for updating the personal information.
  • The personal-information managing apparatus 10 can also additionally have a charge function. When the personal-information managing apparatus 10 additionally has the charge function, the personal-information managing apparatus 10 can charge according to the provision of personal information. Further, the personal-information managing apparatus 10 can charge the user of the personal terminal 30 a penalty for violating the driver's license and medical service fee regarding an insurance card. The personal-information managing apparatus 10 added with the charge function is explained next.
  • FIG. 16 is a schematic for illustrating a charging process. When the destination terminal 20 transmits a request for referencing personal information or a request for updating the personal information to the personal-information managing apparatus 10 (see (1) in FIG. 16), the personal-information managing apparatus 10 having received this request updates charge information for each reference and update of the personal information (see (2) in FIG. 16). The personal-information managing apparatus 10 charges the user of the personal terminal 30 based on the charge information.
  • FIG. 17 is a schematic for illustrating a charge-information updating process. When the destination terminal 20 transmits a request for updating the charge information to the personal-information managing apparatus 10 (see (1) in FIG. 17), the personal-information managing apparatus 10 having received this request updates the charge information (see (2) in FIG. 17). The charge-information updating process shown in FIG. 17 corresponds to a charge of penalty for a traffic violation.
  • FIG. 18 is a block diagram of the personal-information managing apparatus 10 having a record function and a charge function. Differences of the block diagram shown in FIG. 18 from the block diagram shown in FIG. 15 are mainly explained below, and explanation of common points is omitted.
  • The personal-information managing apparatus 10 added with the record function and the charge function further includes a charging processing unit 12 j, a disclosure-record DB 13 d, and a charge-information DB 13 e. The charging processing unit 12 j charges the user of the personal terminal 30 based on charge information stored in the charge-information DB 13 e. In this embodiment, the personal terminal 30 is charged. Alternatively, it is also possible to charge the destination terminal 20 or charge the destination terminal 20 and the personal terminal 30 at a predetermined rate.
  • Each time when the personal-information notifying unit 12 d provides personal information to the destination terminal 20, the disclosure-record DB 13 d stores a disclosure record (for example, a disclosure content, a type of access such as updating and deleting, and date and time). By storing the disclosure record, a leakage route of personal information, if any, can be found out easily, thereby effectively preventing a secondary leakage of information.
  • The charge-information DB 13 e calculates charge amount based on an issuance state (including a change of the effective period) of access permission information (QR code) stored in the access-permission-information DB 13 b, and a disclosure record of personal information stored in the disclosure-record DB 13 d. The charge-information DB 13 e stores charge information with the calculated amount related to a charge destination.
  • As explained above, according to the present embodiment, the access permission information for accessing personal information of a specific user is issued in response to a request from the personal terminal used by the user. The destination terminal having received the access permission information from the personal terminal notifies the destination terminal about the personal information corresponding to the access permission information subject to a condition that the access permission information has been presented. With this arrangement, even when the personal terminal is lost, the personal information is not leaked out. To provide the personal information, the user needs to confirm this provision of the personal information. Therefore, it is possible prevent transmission of the personal information to a third person while the user is not aware of this transmission.
  • According to the present invention, it is possible to increase convenience of confirming the user while preventing a leakage of the personal information.
  • Furthermore, according to the present invention, tampering of the personal information can be prevented effectively.
  • Moreover, according to the present invention, the access permission information can be delivered easily from the personal terminal to the destination terminal.
  • Although the invention has been described with respect to a specific embodiment for a complete and clear disclosure, the appended claims are not to be thus limited but are to be construed as embodying all modifications and alternative constructions that may occur to one skilled in the art that fairly fall within the basic teaching herein set forth.

Claims (19)

1. A personal-information managing apparatus comprising:
an access-permission-information issuing unit that issues access permission information for accessing personal information on a user, in response to a request from a personal terminal of the user; and
a personal-information notifying unit that notifies a destination terminal of the personal information corresponding to the access permission information, under conditions that the destination terminal that received the access permission information from the personal terminal presents the access permission information.
2. The personal-information managing apparatus according to claim 1, wherein
the access-permission-information issuing unit copies the personal information into a temporary storage area, and issues access permission information for accessing the temporary storage area to the personal terminal.
3. The personal-information managing apparatus according to claim 1, wherein
the access-permission-information issuing unit and the personal-information notifying unit use a uniform resource locator or a quick-response code for accessing the personal information as the access permission information.
4. The personal-information managing apparatus according to claim 1, further comprising:
a personal-terminal authenticating unit that authenticates that the personal terminal is operated by a legitimate user, wherein
the access-permission-information issuing unit issues the access permission information to the personal terminal under conditions that the personal-terminal authenticating unit successfully authenticated that the personal terminal is operated by the legitimate user.
5. The personal-information managing apparatus according to claim 1, further comprising:
a destination-terminal authenticating unit that authenticates that the destination terminal is a legitimate terminal, wherein
the personal-information notifying unit notifies the destination terminal of the personal information under conditions that the destination-terminal authenticating unit successfully authenticated that the destination terminal is the legitimate terminal.
6. The personal-information managing apparatus according to claim 1, wherein
the personal-information notifying unit encrypts the personal information before notifying the destination terminal of the personal information.
7. The personal-information managing apparatus according to claim 1, further comprising:
a destination managing unit that manages a disclosure destination of the personal information for every personal information, wherein
the personal-information notifying unit notifies the destination terminal of the personal information under conditions that an identifier of a user of the destination terminal corresponds to the disclosure destination.
8. The personal-information managing apparatus according to claim 7, wherein
the destination managing unit manages the disclosure destination for every item contained in the personal information, and
the personal-information notifying unit notifies the item under conditions that the identifier of the user of the destination terminal corresponds to the disclosure destination.
9. The personal-information managing apparatus according to claim 1, further comprising:
a charging unit that charges the user under conditions that the personal-information notifying unit notified the personal information to the destination terminal that presented the access permission information in units of the access permission information.
10. The personal-information managing apparatus according to claim 1, wherein
the access-permission-information issuing unit sets an effective period of the access permission information before issuing the access permission information, and
the personal-information notifying unit notifies the destination terminal of the personal information under condition that the effective period of the access permission information presented by the destination terminal is valid.
11. The personal-information managing apparatus according to claim 1, further comprising:
an effective-period managing unit that manages the effective period for every piece of the access permission information issued by the access-permission-information issuing unit, wherein
the personal-information notifying unit notifies the destination terminal of the personal information when the access permission information presented by the destination terminal is within the effective period obtained from the effective-period managing unit.
12. The personal-information managing apparatus according to claim 11, wherein
the effective-period managing unit permits an extension of the effective period that is once set, within the effective period.
13. The personal-information managing apparatus according to claim 11, wherein
the effective-period managing unit does not permit an extension of the effective period that is once set.
14. The personal-information managing apparatus according to claim 9, further comprising:
a personal-information updating unit that updates the personal information based on an instruction from the destination terminal.
15. A computer-readable recording medium that stores therein a computer program for a personal-information managing apparatus that manages electronic personal information, wherein
the computer program causes a computer to execute:
issuing access permission information for accessing personal information on a user, in response to a request from a personal terminal of the user; and
notifying a destination terminal of the personal information corresponding to the access permission information, under conditions that the destination terminal that received the access permission information from the personal terminal presents the access permission information.
16. A personal-information-providing system comprising:
a personal-information managing apparatus that manages electronic personal information;
a personal terminal that is used by a user; and
a destination terminal that is a disclosure destination of the personal information, wherein
the personal-information managing apparatus includes
an access-permission-information issuing unit that issues access permission information for accessing personal information on a user, in response to a request from a personal terminal of the user; and
a personal-information notifying unit that notifies a destination terminal of the personal information corresponding to the access permission information, under conditions that the destination terminal that received the access permission information from the personal terminal presents the access permission information,
the personal terminal includes an access-permission-information delivering unit that delivers the access permission information issued by the personal-information managing apparatus to the destination terminal, and
the destination terminal includes an access-permission-information presenting unit that presents the access permission information delivered from the personal terminal to the personal-information managing apparatus.
17. The personal-information-providing system according to claim 16, wherein
the destination terminal is a dedicated terminal manufactured as a reference terminal for the personal information.
18. The personal-information-providing system according to claim 16, wherein
the destination terminal is a commercially available terminal with a program including a function of referring to the personal information.
19. The personal-information-providing system according to claim 16, wherein
the destination terminal further includes a personal-information deleting unit that deletes the personal information from the destination terminal after displaying the personal information.
US11/391,237 2005-12-13 2006-03-29 Personal-information managing apparatus, method of providing personal information, computer product, and personal-information-providing system Abandoned US20070136202A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2005359473A JP2007164449A (en) 2005-12-13 2005-12-13 Personal information management device, personal information provision method using personal information management device, program for personal information management device, and personal information provision system
JP2005-359473 2005-12-13

Publications (1)

Publication Number Publication Date
US20070136202A1 true US20070136202A1 (en) 2007-06-14

Family

ID=38140626

Family Applications (1)

Application Number Title Priority Date Filing Date
US11/391,237 Abandoned US20070136202A1 (en) 2005-12-13 2006-03-29 Personal-information managing apparatus, method of providing personal information, computer product, and personal-information-providing system

Country Status (2)

Country Link
US (1) US20070136202A1 (en)
JP (1) JP2007164449A (en)

Cited By (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100037288A1 (en) * 2008-08-06 2010-02-11 International Business Machines Corporation Inherited Access Authorization to a Social Network
US20100259549A1 (en) * 2009-04-08 2010-10-14 Research In Motion Limited Systems, devices, and methods for displaying a barcode at a computing device
US20100316218A1 (en) * 2007-02-06 2010-12-16 Nec Corporation Personal information managing device for falsification prevention of personal information and non repudiation of personal information circulation
US20110055547A1 (en) * 2009-08-27 2011-03-03 Academia Sinica Personal information management and delivery mechanism
US20110081860A1 (en) * 2009-10-02 2011-04-07 Research In Motion Limited Methods and devices for facilitating bluetooth pairing using a camera as a barcode scanner
US20110099120A1 (en) * 2009-10-27 2011-04-28 Wavemarket, Inc. System and method for storing and distributing profiles
US20110137817A1 (en) * 2009-06-01 2011-06-09 Wavemarket, Inc. System and method for aggregating and disseminating personal data
US20110210171A1 (en) * 2010-02-26 2011-09-01 Research In Motion Limited Methods and devices for transmitting and receiving data used to activate a device to operate with a server
US20120199647A1 (en) * 2011-02-07 2012-08-09 Samsung Electronics Co., Ltd. Method and apparatus for managing user devices and contents by using quick response codes
WO2013078427A1 (en) * 2011-11-21 2013-05-30 Rume, Inc. Method and system for registering and scanning an id tag linked to information about a user
US20130299569A1 (en) * 2012-05-14 2013-11-14 Carl Gentile Method and system for retrieving information using serialized scannable codes
US20140007195A1 (en) * 2012-06-27 2014-01-02 Vikas Gupta User Authentication of Applications on Third-Party Devices Via User Devices
US20140045472A1 (en) * 2012-08-13 2014-02-13 Qualcomm Incorporated Provisioning-free memberless group communication sessions
US8683554B2 (en) 2009-03-27 2014-03-25 Wavemarket, Inc. System and method for managing third party application program access to user information via a native application program interface (API)
US20140181911A1 (en) * 2012-12-22 2014-06-26 John Scott Kula Method, system and program product for secure authentication
US8818412B2 (en) 2009-03-18 2014-08-26 Wavemarket, Inc. System for aggregating and disseminating location information
WO2015015134A1 (en) * 2013-08-02 2015-02-05 Mobilead Method for encoding an access to a computer resource
WO2015072114A1 (en) * 2013-11-14 2015-05-21 Sony Corporation Information processing apparatus and method, and program
US9141726B1 (en) * 2012-01-10 2015-09-22 Cerner Innovation, Inc. Computerized systems and methods for providing mobile-device updates of electronic health records
US20160164958A1 (en) * 2014-12-08 2016-06-09 Ebay Inc Delivering personalized content to authenticated user devices
US9542540B2 (en) 2009-03-20 2017-01-10 Location Labs, Inc. System and method for managing application program access to a protected resource residing on a mobile device
US20170249453A1 (en) * 2014-10-13 2017-08-31 Hewlett Packard Enterprise Development Lp Controlling access to secured media content
US20170346945A1 (en) * 2016-05-27 2017-11-30 Samsung Electronics Co., Ltd. Methods for managing communication note during call and electronic device thereof
US9979725B1 (en) * 2014-04-14 2018-05-22 Symantec Corporation Two-way authentication using two-dimensional codes
US10318229B2 (en) * 2015-09-21 2019-06-11 Alibaba Group Holding Limited Method and apparatus for displaying digital object identifier
US10566082B1 (en) 2012-01-10 2020-02-18 Cerner Innovation, Inc. Proximity-based mobile-device updates of electronic health records
US11037664B1 (en) 2012-01-10 2021-06-15 Cerner Innovation, Inc. Decision support tool for managing autoimmune inflammatory disease
US20210383368A1 (en) * 2019-07-22 2021-12-09 Tariq JALIL System and method for managing fund transfers
US11244131B2 (en) * 2018-03-22 2022-02-08 Marcus Sassan Motamedi Method and system for emergency data retrieval from two dimensional code
US20220366076A1 (en) * 2021-05-17 2022-11-17 Bank Of America Corporation Information security by preventing unauthorized data access
US20220366075A1 (en) * 2021-05-17 2022-11-17 Bank Of America Coporation Prevention of unauthorized access to information
US20230162234A1 (en) * 2021-11-24 2023-05-25 Capital One Services, Llc Automated profile sharing system
EP4195141A4 (en) * 2020-08-21 2024-07-31 TESNOLOGY Inc. DOCUMENT GENERATING DEVICE, COMMUNICATION TERMINAL, RELAY TERMINAL AND DOCUMENT GENERATING SYSTEM

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009043066A (en) * 2007-08-09 2009-02-26 Sony Corp Information processing system, information processing apparatus and method, and program
JP2009294754A (en) * 2008-06-03 2009-12-17 Chih Cheng Lin Vehicle management system and document importing/exporting device thereof
JP6178112B2 (en) * 2013-05-15 2017-08-09 株式会社Hde Authentication server, authentication system and program
JP6524635B2 (en) * 2013-11-06 2019-06-05 株式会社リコー Information storage system and information storage method
JP6351061B2 (en) * 2014-02-25 2018-07-04 日本電気株式会社 Management system, management method, program, and user terminal
JP6503953B2 (en) * 2015-07-16 2019-04-24 富士ゼロックス株式会社 Image processing apparatus and program
JP6566990B2 (en) * 2017-05-29 2019-08-28 ソニー株式会社 Drug history management apparatus and method, and program
JP2019057288A (en) * 2018-10-04 2019-04-11 株式会社ニコン Electronic apparatus
JP7092906B2 (en) * 2021-02-22 2022-06-28 東芝テック株式会社 Tax exemption processing system
JP7449574B2 (en) * 2021-02-24 2024-03-14 株式会社イセトー Pre-input system, personal information provision method and program

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030084294A1 (en) * 2001-10-30 2003-05-01 Hirokazu Aoshima System and method for authentication
US20050059380A1 (en) * 2003-09-17 2005-03-17 Nec Corporation System and method for storing and managing personal information
US20050089034A1 (en) * 2003-08-07 2005-04-28 Canon Kabushiki Kaisha Network switching apparatus, route management server, network interface apparatus, control method therefor, computer program for route management server, and computer-readable storage medium
US20050211770A1 (en) * 1997-10-16 2005-09-29 Dentsu, Inc. Software code for permitting a user to access broadcast media
US20090055904A1 (en) * 2006-02-17 2009-02-26 Hidehito Gomi Distributed Authentication System and Distributed Authentication Method

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002082855A (en) * 2000-06-30 2002-03-22 Denso Corp Radio communication terminal, communication system, reservation or ordering method, and program
JP2002229953A (en) * 2001-01-30 2002-08-16 Canon Inc Personal information management system and its method
JP2002288134A (en) * 2001-03-23 2002-10-04 Ntt Communications Kk Access controlling system, method and recording medium
JP2005157881A (en) * 2003-11-27 2005-06-16 Canon Inc Server terminal equipment, client terminal equipment, object management system, object management method, computer program and recording medium
JP2005197804A (en) * 2003-12-26 2005-07-21 Victor Co Of Japan Ltd Streaming distribution server
US7124953B2 (en) * 2003-12-29 2006-10-24 Nokia Corporation Visual encoding of a content address to facilitate data transfer in digital devices

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050211770A1 (en) * 1997-10-16 2005-09-29 Dentsu, Inc. Software code for permitting a user to access broadcast media
US20060071067A1 (en) * 1997-10-16 2006-04-06 Dentsu, Inc. Resolving station for system for permitting access to media selections
US20030084294A1 (en) * 2001-10-30 2003-05-01 Hirokazu Aoshima System and method for authentication
US20050089034A1 (en) * 2003-08-07 2005-04-28 Canon Kabushiki Kaisha Network switching apparatus, route management server, network interface apparatus, control method therefor, computer program for route management server, and computer-readable storage medium
US20050059380A1 (en) * 2003-09-17 2005-03-17 Nec Corporation System and method for storing and managing personal information
US20090055904A1 (en) * 2006-02-17 2009-02-26 Hidehito Gomi Distributed Authentication System and Distributed Authentication Method

Cited By (65)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100316218A1 (en) * 2007-02-06 2010-12-16 Nec Corporation Personal information managing device for falsification prevention of personal information and non repudiation of personal information circulation
US20100037288A1 (en) * 2008-08-06 2010-02-11 International Business Machines Corporation Inherited Access Authorization to a Social Network
US8818412B2 (en) 2009-03-18 2014-08-26 Wavemarket, Inc. System for aggregating and disseminating location information
US9542540B2 (en) 2009-03-20 2017-01-10 Location Labs, Inc. System and method for managing application program access to a protected resource residing on a mobile device
US8683554B2 (en) 2009-03-27 2014-03-25 Wavemarket, Inc. System and method for managing third party application program access to user information via a native application program interface (API)
US9349088B2 (en) 2009-04-08 2016-05-24 Blackberry Limited Systems, devices, and methods for displaying a barcode at a computing device
US20100259549A1 (en) * 2009-04-08 2010-10-14 Research In Motion Limited Systems, devices, and methods for displaying a barcode at a computing device
US8720780B2 (en) 2009-04-08 2014-05-13 Blackberry Limited Systems, devices, and methods for displaying a barcode at a computing device
US20110137817A1 (en) * 2009-06-01 2011-06-09 Wavemarket, Inc. System and method for aggregating and disseminating personal data
US20110055547A1 (en) * 2009-08-27 2011-03-03 Academia Sinica Personal information management and delivery mechanism
US20110081860A1 (en) * 2009-10-02 2011-04-07 Research In Motion Limited Methods and devices for facilitating bluetooth pairing using a camera as a barcode scanner
US9185735B2 (en) 2009-10-02 2015-11-10 Blackberry Limited Methods and devices for facilitating bluetooth pairing using a camera as a barcode scanner
US8879994B2 (en) 2009-10-02 2014-11-04 Blackberry Limited Methods and devices for facilitating Bluetooth pairing using a camera as a barcode scanner
US20110099120A1 (en) * 2009-10-27 2011-04-28 Wavemarket, Inc. System and method for storing and distributing profiles
US9105023B2 (en) 2010-02-26 2015-08-11 Blackberry Limited Methods and devices for transmitting and receiving data used to activate a device to operate with a server
US20110210171A1 (en) * 2010-02-26 2011-09-01 Research In Motion Limited Methods and devices for transmitting and receiving data used to activate a device to operate with a server
US9449294B2 (en) * 2011-02-07 2016-09-20 Samsung Electronics Co., Ltd. Method and apparatus for managing user devices and contents by using quick response codes
KR101993239B1 (en) 2011-02-07 2019-06-26 삼성전자주식회사 Method and apparatus for managing user device and contents using QR code
US20120199647A1 (en) * 2011-02-07 2012-08-09 Samsung Electronics Co., Ltd. Method and apparatus for managing user devices and contents by using quick response codes
KR20120090388A (en) * 2011-02-07 2012-08-17 삼성전자주식회사 Method and apparatus for managing user device and contents using qr code
WO2013078427A1 (en) * 2011-11-21 2013-05-30 Rume, Inc. Method and system for registering and scanning an id tag linked to information about a user
US9633169B1 (en) 2012-01-10 2017-04-25 Cerner Innovation, Inc. Computerized systems and methods for providing mobile-device updates of electronic health records
US10354751B1 (en) 2012-01-10 2019-07-16 Cerner Innovation, Inc. Computerized systems and methods for providing mobile-device updates of electronic health records
US11538565B1 (en) 2012-01-10 2022-12-27 Cerner Innovation, Inc. Decision support tool for managing autoimmune inflammatory disease
US11139055B1 (en) 2012-01-10 2021-10-05 Cerner Innovation, Inc. Computerized systems and methods for providing mobile-device updates of electronic health records
US9141726B1 (en) * 2012-01-10 2015-09-22 Cerner Innovation, Inc. Computerized systems and methods for providing mobile-device updates of electronic health records
US11037664B1 (en) 2012-01-10 2021-06-15 Cerner Innovation, Inc. Decision support tool for managing autoimmune inflammatory disease
US11636932B1 (en) 2012-01-10 2023-04-25 Cerner Innovation, Inc. Proximity-based mobile-device updates of electronic health records
US10847260B1 (en) 2012-01-10 2020-11-24 Cerner Innovation, Inc. Proximity-based mobile-device updates of electronic health records
US10726947B1 (en) 2012-01-10 2020-07-28 Cerner Innovation, Inc. Computerized systems and methods for providing mobile-device updates of electronic health records
US11862310B2 (en) 2012-01-10 2024-01-02 Cerner Innovation, Inc. Proximity-based mobile-device updates of electronic health records
US10566082B1 (en) 2012-01-10 2020-02-18 Cerner Innovation, Inc. Proximity-based mobile-device updates of electronic health records
US12148514B2 (en) 2012-01-10 2024-11-19 Cerner Innovation, Inc. Proximity-based mobile-device updates of electronic health records
US11227678B1 (en) 2012-01-10 2022-01-18 Cerner Innovation, Inc. Proximity-based mobile-device updates of electronic health records
US20130299569A1 (en) * 2012-05-14 2013-11-14 Carl Gentile Method and system for retrieving information using serialized scannable codes
US9721223B2 (en) * 2012-05-14 2017-08-01 Atrium Windows And Doors, Inc. Method and system for retrieving information using serialized scannable codes
US9055050B2 (en) * 2012-06-27 2015-06-09 Facebook, Inc. User authentication of applications on third-party devices via user devices
US20140007195A1 (en) * 2012-06-27 2014-01-02 Vikas Gupta User Authentication of Applications on Third-Party Devices Via User Devices
US20140045472A1 (en) * 2012-08-13 2014-02-13 Qualcomm Incorporated Provisioning-free memberless group communication sessions
US20140181911A1 (en) * 2012-12-22 2014-06-26 John Scott Kula Method, system and program product for secure authentication
US9027085B2 (en) * 2012-12-22 2015-05-05 John Scott Kula Method, system and program product for secure authentication
CN105723373A (en) * 2013-08-02 2016-06-29 行动先驱公司 Method for encoding an access to a computer resource
FR3009409A1 (en) * 2013-08-02 2015-02-06 Mobilead METHOD FOR ENCODING ACCESS TO A COMPUTER RESOURCE
WO2015015134A1 (en) * 2013-08-02 2015-02-05 Mobilead Method for encoding an access to a computer resource
WO2015072114A1 (en) * 2013-11-14 2015-05-21 Sony Corporation Information processing apparatus and method, and program
US20160197925A1 (en) * 2013-11-14 2016-07-07 Sony Corporation Information processing apparatus and method, and program
US10148658B2 (en) * 2013-11-14 2018-12-04 Sony Corporation Information processing apparatus and method, and program
EP3264315A1 (en) * 2013-11-14 2018-01-03 Sony Corporation Information processing apparatus and method, and program
US9979725B1 (en) * 2014-04-14 2018-05-22 Symantec Corporation Two-way authentication using two-dimensional codes
US20170249453A1 (en) * 2014-10-13 2017-08-31 Hewlett Packard Enterprise Development Lp Controlling access to secured media content
US10178166B2 (en) * 2014-12-08 2019-01-08 Ebay Inc. Delivering personalized content to authenticated user devices
US20160164958A1 (en) * 2014-12-08 2016-06-09 Ebay Inc Delivering personalized content to authenticated user devices
US10318229B2 (en) * 2015-09-21 2019-06-11 Alibaba Group Holding Limited Method and apparatus for displaying digital object identifier
US11314473B2 (en) 2015-09-21 2022-04-26 Advanced New Technologies, Co., Ltd. Method and apparatus for displaying digital object identifier
US10908867B2 (en) 2015-09-21 2021-02-02 Advanced Newr Technologies Co., Ltd. Method and apparatus for displaying digital object identifier
US10705787B2 (en) 2015-09-21 2020-07-07 Alibaba Group Holding Limited Method and apparatus for displaying digital object identifier
US20170346945A1 (en) * 2016-05-27 2017-11-30 Samsung Electronics Co., Ltd. Methods for managing communication note during call and electronic device thereof
US11244131B2 (en) * 2018-03-22 2022-02-08 Marcus Sassan Motamedi Method and system for emergency data retrieval from two dimensional code
US20210383368A1 (en) * 2019-07-22 2021-12-09 Tariq JALIL System and method for managing fund transfers
EP4195141A4 (en) * 2020-08-21 2024-07-31 TESNOLOGY Inc. DOCUMENT GENERATING DEVICE, COMMUNICATION TERMINAL, RELAY TERMINAL AND DOCUMENT GENERATING SYSTEM
US20220366076A1 (en) * 2021-05-17 2022-11-17 Bank Of America Corporation Information security by preventing unauthorized data access
US20220366075A1 (en) * 2021-05-17 2022-11-17 Bank Of America Coporation Prevention of unauthorized access to information
US11934554B2 (en) * 2021-05-17 2024-03-19 Bank Of America Corporation Information security by preventing unauthorized data access
US12118120B2 (en) * 2021-05-17 2024-10-15 Bank Of America Corporation Prevention of unauthorized access to information
US20230162234A1 (en) * 2021-11-24 2023-05-25 Capital One Services, Llc Automated profile sharing system

Also Published As

Publication number Publication date
JP2007164449A (en) 2007-06-28

Similar Documents

Publication Publication Date Title
US20070136202A1 (en) Personal-information managing apparatus, method of providing personal information, computer product, and personal-information-providing system
US8918633B2 (en) Information processing device, information processing system, and program
US7802112B2 (en) Information processing apparatus with security module
US9400891B2 (en) Owner controlled transmitted file protection and access control system and method
CN1992586B (en) Electronic document management system and method
US7895450B2 (en) Data management system, data management method and storage medium storing program for data management
CN109274650B (en) Electronic image retrieval management system and method
KR19990022620A (en) Access control system and method for data storage media
EP1063579A2 (en) Method, apparatus and storage medium for authentication on the world wide web
EP1850233A1 (en) Authentication method, authentication system, and tag device thereof, information reference client, authentication server, and information server
JP2001016655A (en) Portable terminal with security
JP2012074079A (en) Information processor, information processing system and program
JP7521540B2 (en) Access control device, control method, and program
KR100656402B1 (en) Method and device for securely distributing digital content
CN102222195B (en) E-book reading method and system
JP2008158864A (en) Property management system, property management method, removed property, and removed property control program
JP3833635B2 (en) Information management system, key distribution server, information management method, and program
JP3809495B1 (en) Software management system
JP3636087B2 (en) Personal information providing system, personal information providing method, and personal information providing program
KR101478526B1 (en) System and method of managing and offering cryptographic key with using authentication information
KR100401935B1 (en) System and method for protecting of information in information offering system
JP5234503B2 (en) Electronic document management system, browsing terminal device, and electronic document management program
KR102383050B1 (en) Device for changing caller indentification using encryption algorithm
JP2004297333A (en) Digital certificate accreditation system, digital certificate accreditation server, pki token, digital certificate accreditation method and program
JP3690685B1 (en) Electronic file management system and electronic file management program

Legal Events

Date Code Title Description
AS Assignment

Owner name: FUJITSU LIMITED, JAPAN

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:NOMA, YASUHIRO;SHINOZAWA, AKIRA;REEL/FRAME:017738/0367

Effective date: 20060222

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION