JP2018049575A - Position information verification system and verification method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an information system capable of verifying position information of users with guaranteed accuracy and reliability and without restrictions on usage environment.SOLUTION: A system verifies a position of a user using; a position information generator device 1 configured to provide position information that cannot be modified by the user by presenting the user with a prescribed position code and one-time password as position information, the one-time password being generated from an encryption seed specific to the position code; and a position information verification device 10 that is set up within the system to provide information services.SELECTED DRAWING: Figure 1

Description

The present invention relates to a method for verifying a user's position in using an information system connected to a network.

Conventionally, in the use of an information system connected to a network, as a means for specifying the position of a user, a terminal device such as a user's personal computer or mobile phone receives a signal from a GPS or a mobile phone base station, and positioning information Is generated and transmitted to a service device that provides an information service (see, for example, Patent Document 1).

Japanese Patent Laying-Open No. 2015-162235

However, since the above positioning information is derived from the user's terminal device, there is a case where an accurate position cannot be specified due to a difference in positioning accuracy of each terminal device. In addition, GPS and mobile phone base station signals cannot be received within a structure that blocks radio waves, and the user's terminal device cannot generate positioning information. Further, when a modified terminal device is used, there is a problem that the position can be forged.

The present invention provides means for solving the above problems as follows. That is, the present invention has an apparatus for presenting a user with a one-time password generated from a predetermined position code and an encryption seed specific to the position code as position information, and the apparatus is provided to the user via a network. In advance, the user inputs the location information presented by the device to the terminal device and transmits the location information to the location information verification device via the network. The location information verification device uses the received location information from the received location information. Retrieve the location code, search the database using the location code as a search key, extract the encryption seed, derive the one-time password, extract the one-time password from the location information, and compare the location of the user It is characterized by verifying.

The present invention can be configured using either the HOTP algorithm published in RFC 4226 of IETF or the TOTP algorithm published in RFC 6238 as an algorithm for deriving a one-time password.

The present invention can be configured with an arbitrary character and character length as a position code.

The present invention can be configured by any reversible calculation method including a position code and a one-time password as position information.

The present invention can be configured by using an arbitrary method for transmitting the position information to the user's sensory organ as a method of presenting the position information to the user by the position information generation device.

The present invention provides a method for inputting position information to a terminal device by a user, in addition to manual input, a method in which the position information generating device and the terminal device perform wireless communication and do not pass through the user. Can be configured.

The present invention can be configured as an arbitrary information transmission path such as a LAN or the Internet as a network.

The present invention can constitute an apparatus that provides an arbitrary information service between a user terminal device and a location information verification apparatus. At this time, the device has a function of relaying a user's location information verification request to the location information verification device, and a function of changing the type of information service provided to the user using the location information verification result. Can do.

In the invention described above or in the claims, terms such as system, device, program, and database do not limit the specific form or specific name of the device, but refer to a device having its general functions. It is for representation. A function of one component may be realized by two or more physical configurations, and a function of two or more components may be realized by one physical configuration. In the method invention, the steps are not limited to being performed in the order described, but can be performed in any order as long as the overall function can be performed consistently. . These inventions can be realized as a program for realizing a predetermined function in cooperation with a predetermined apparatus, and also as a recording medium on which the program is recorded.

In the present invention, since the position information generation device generates position information independently, the position information can be presented without limiting the user's usage environment.

Furthermore, since the position information is not derived from the user's terminal device, the accuracy and reliability of the position information can be guaranteed.

Furthermore, when an unauthorized user tries to illegally use an information service or intrude into an information system, it is necessary to first enter the location where the position information generating device is installed, so that the security of the entire information system is improved.

It is an Example of the information system containing the positional information verification system which concerns on one Embodiment of this invention. It is a conceptual diagram of the positional information which concerns on one Embodiment of this invention.

First, the encryption seed will be described. The encryption seed is key data that is used to generate a one-time password and is not changed. It is used to generate a one-time password in combination with data that changes according to a time series such as the time and the number of password generations. Details of the encryption seed are published by RFC4226 and RFC6238 of IETF.

Next, embodiments of the invention will be described with reference to the drawings. FIG. 1 is a block diagram of an information system including the present invention. FIG. 2 is a configuration example of position information.

Next, the position information generation device 1 will be described. In the position information generating apparatus 1, a position code 3 and an encryption seed 2 uniquely determined by the position code 3 are recorded in advance.

The one-time password generation device 4 built in the position information generation device 1 is a device that generates the one-time password 21 from the encryption seed 2.

The position information generation and presentation device 5 built in the position information generation device 1 is a device that generates position information by a reversible calculation from the position code 3 and the one-time password 21 and presents it to the user. In FIG. 2, as an example of the position information, the position information is configured by concatenating the character string constituting the one-time password after the character string constituting the position code.

With the above configuration, the position information generation device 1 presents the position information 22 to the user, recognizes the position information 22 as long as the user is in the vicinity of the position information generation device 1, and inputs the position information 22 to the terminal device 7. It is possible to make a request for verification of position information by transmitting to the service program 9 constituting the apparatus 8.

Next, the service device 8 will be described. The service device 8 is configured by a service program 9 that transmits the location information 22 received from the user terminal device to the location information verification device 10 to make a verification request and receive the verification result.

Next, the position information verification apparatus 10 will be described. The position information verification apparatus 10 includes a database 11 that stores position codes and encrypted seeds, and a verification program 12 that verifies position information.

The database 11 built in the position information verification server 10 stores a set of a position code uniquely determined for each position information generation apparatus and an encryption seed uniquely determined for each position code.

The verification program 12 built in the location information verification server 10 extracts the location information from the location information verification request received from the service program 9 and separates it into a location code and a one-time password. 11 is acquired, an encryption seed is acquired, a one-time password is calculated from the encryption seed, compared with the one-time password included in the position information, and the comparison result is transmitted to the service program 9.

With the above configuration, since the devices capable of generating and comparing location information can be limited to the location information generating device 1 and the location information verification device 10, no matter what configuration the user terminal device or service device has, It is possible to verify the position of the user with higher reliability than the conventional method using the GPS or the radio wave of the mobile phone base station.

In order to exert the effect of the present invention, it is important to fix the position authentication information device 1 so that it cannot be moved from a predetermined installation location.

DESCRIPTION OF SYMBOLS 1 Position information generation apparatus 2 Encryption seed 3 Position code 4 One time password generation apparatus 5 Position information generation and presentation apparatus 6 User 7 Terminal apparatus 8 Service apparatus 9 Service program 10 Position information verification apparatus 11 Database 12 Verification program 21 One time Password 22 Location information

Claims (3)

  An apparatus that calculates a one-time password from a predetermined position code and an encryption seed that is uniquely determined for each position code, and presents the position code and the one-time password in combination to the user as position information.   An apparatus having a database for storing a set of a position code and a one-time password stored in the apparatus, and having a program for verifying position information presented by the apparatus.   A method of configuring an information system and verifying a user's position using the apparatus according to claim 1 and the apparatus according to claim 2.

Images