JP6444344B2 - Authentication server, mediation server, and advertisement distribution server - Google Patents

Description

  The present invention relates to an advertisement distribution system that distributes advertisements to user terminals via an advertisement medium, an authentication server that issues a distribution control program for controlling advertisement distribution, an intermediary server that mediates advertisement distribution, And an advertisement distribution server that distributes advertisements.

  In recent years, an RTB (Real Time Bidding) method in which an advertisement displayed on a user terminal is automatically auctioned and distributed has become mainstream. In the RTB method, a demand-side platform (DSP), that is, a plurality of servers of an advertising buying company, a supply-side platform (SSP), that is, an advertising supplying company. A large number of advertising agency servers, such as the server of No. 1, and an image server that distributes images of successful bid advertisements, are involved (FIG. 1-2-3 in Non-Patent Document 1, etc.).

“Introduction to DSP / RTB Audience Targeting” Ryuji Yokoyama, Kenichi Sugawara, Yoshiteru Hamada (Impress Japan)

  By the way, when a large number of servers are involved in advertisement distribution, the user terminal communicates with servers of various security levels, and the risk of malware infection or the like increases in the user terminal. For example, if there is at least one server with a low security level among the servers that mediate advertisement distribution, malware or the like may be transmitted to the user terminal due to unauthorized entry of the server and alteration of the mediation information. is there.

  Such an attack that exploits advertisement distribution and infects user terminals with malware is called malvertising, which is a problem because damage is easily spread in a short period of time.

However, it has been difficult to provide a user terminal with uniform and high security against malverting. That is, even if security is provided on a server basis or on an advertising agency basis, it is difficult to provide uniform and high security for the entire distribution system.
Many advertisements are often displayed on a part of a web page, an application screen, a game screen, and the like. In other words, since advertisements involving a large number of advertisement providers 'servers are distributed via a large number of advertisement medium providers' servers that further provide advertisement media, the user terminal has uniform and high security against malverting. It has become even more difficult to provide.

  The present invention has been made in view of the above problems, and is uniform in user terminals against attacks that exploit advertisement distribution involving a large number of servers, particularly attacks that exploit advertisement distribution via advertising media. An object of the present invention is to provide an authentication server that can provide high security.

  Another object of the present invention is to provide an intermediary server that mediates advertisement distribution to a user terminal using an authentication server that provides uniform and high security to the user terminal.

  Another object of the present invention is to provide an advertisement distribution server that distributes advertisements to user terminals using an authentication server that provides uniform and high security to the user terminals.

In order to solve this problem, the present invention provides an advertisement tag for an advertisement medium server that transmits an advertisement medium including an advertisement area to a user terminal to be transmitted to the user terminal and executed by the user terminal. An advertisement tag issuing unit that transmits to the advertisement medium server an advertisement tag describing a process for requesting the user terminal to transmit a distribution control program that controls distribution of advertisements when executed on the user terminal, and a public key encryption An intermediary signature issuing unit that generates an intermediary signature using its own private key for intermediary information that the intermediary server that mediates advertisement distribution sends to the user terminal, and transmits the intermediary signature to the intermediary server, At least the mediation verification process that verifies that the received information received by the user terminal is the mediation information received together with the mediation signature, and if the mediation verification process is successful, If the request from the user terminal that executed the advertisement tag is specified, a distribution control program that describes the mediation control process that permits the use of information and prohibits the use of received information by the user terminal if the mediation verification process fails. Accordingly, an authentication server is provided that includes a distribution control program issuing unit that transmits to the user terminal accordingly.

  In the authentication server, the mediation information includes the address of the mediation server or the address of the advertisement distribution server that distributes the advertisement, and the mediation control processing is performed to the address included in the mediation information when the mediation verification processing is successful. It is preferable that the connection is performed by the user terminal and the use of the received information by the user terminal is prohibited when the mediation verification process fails.

In addition, the authentication server further includes an advertisement signature issuing unit that generates an advertisement signature for the advertisement using the private key of the public key encryption method and transmits the advertisement signature to the advertisement distribution server, and performs distribution control. The program issuer succeeded in the mediation verification process, the mediation control process, the ad verification process that verifies that the advertisement received by the user terminal from the advertisement distribution server is received together with the advertisement signature for the advertisement, and the ad verification process. The user who executed the advertisement tag for the distribution control program that describes the display control process that permits the display of advertisement on the user terminal and prohibits the display of the advertisement on the user terminal if the advertisement verification process fails. It is preferable to transmit to the user terminal in response to a request from the terminal.

  In such an authentication server, the advertisement tag issuing unit transmits an advertisement tag describing a process for requesting the authentication server from the user terminal using HTTP (Hypertext Transfer Protocol) to transmit the distribution control program to the advertisement medium server. By doing so, it is preferable that the distribution control program can be operated with the authority of the authentication server.

In addition, the present invention provides a mediation server to send a mediation information to mediate the delivery of the ad to the user terminal, the brokerage information, the authentication server to the mediation information predetermined authentication server using the public key encryption scheme secret Provided is an intermediary server characterized by being transmitted to a user terminal together with an intermediary signature generated using a key .

  Further, in the mediation server, it is preferable to transmit the mediation information and the mediation signature to the user terminal by an HTTP (Hypertext Transfer Protocol) response including a cross-origin resource sharing permission code designating the authentication server.

The present invention is also an advertisement distribution server that distributes advertisements to user terminals, wherein the advertisement is generated by a predetermined authentication server using a secret key of the authentication server for the advertisement by a public key cryptosystem. In addition, an advertisement distribution server characterized by being transmitted to a user terminal is provided.

  Further, in such an advertisement distribution server, it is preferable to transmit the advertisement and the advertisement signature to the user terminal by an HTTP (Hypertext Transfer Protocol) response including a cross-origin resource sharing permission code specifying the authentication server.

  According to the authentication server, the mediation server, or the advertisement distribution server of the present invention, uniform and high security can be provided to the user terminal even if a large number of servers are involved in the advertisement distribution via the advertisement medium.

1 is an overall configuration diagram of an advertisement distribution system according to the present invention. It is a block diagram which shows the structure of the user terminal which concerns on one Embodiment of this invention. It is a block diagram which shows the structure of the authentication server which concerns on one Embodiment of this invention. It is a figure explaining the example of data which the key memory | storage part of an authentication server memorize | stores. It is a figure explaining the example of data which the delivery control information storage part of an authentication server memorize | stores. It is a figure explaining the example of an advertising medium. It is a figure explaining the example of a description of an advertising medium. It is a block diagram which shows the structure of the advertising media server which concerns on one Embodiment of this invention. It is a block diagram which shows the structure of the advertising area management server which concerns on one Embodiment of this invention. It is a schematic diagram explaining the example of an advertisement determination request | requirement and its reply. It is a block diagram which shows the structure of the advertisement management server which concerns on one Embodiment of this invention. It is a block diagram which shows the structure of the advertisement delivery server which concerns on one Embodiment of this invention. It is a flowchart explaining the operation | movement before advertisement delivery. It is a flowchart explaining operation | movement of advertisement delivery.

  Hereinafter, an embodiment of an advertisement distribution system using an authentication server, an intermediary server, or an advertisement distribution server according to the present invention will be described with reference to the drawings.

[Configuration example]
FIG. 1 is a configuration diagram showing a configuration of an advertisement distribution system 1 according to an example of a preferred embodiment of the present invention.

  The advertisement distribution system 1 includes a user terminal 2, an authentication server 3, an advertisement medium server 4-1, 4-2, ..., an advertisement area management server 5-1, 5-2, ..., an advertisement management server 6-1, 6 ,..., The advertisement distribution servers 7-1, 7-2,... And the advertiser terminal 8 are connected via the Internet 9.

The user terminal 2 is a terminal device owned by a user who uses various services via the Internet 9. For example, this service is realized by displaying an advertisement medium provided by the advertisement medium servers 4-1, 4-2,... On the user terminal 2 as a web page. In this case, the advertising medium is a file group including, for example, an HTML (Hypertext Markup Language) file, a style file, an image file, and the like whose content is a news article or the like.
In addition, these advertising media include an area in which processing for displaying an advertisement is described. Hereinafter, this area is referred to as an advertisement area. The advertisement provided by the advertisement distribution servers 7-1, 7-2,... Corresponding to the advertisement area is displayed, and the advertisement is provided for viewing by the user together with the advertisement medium. The advertisement provided by the advertisement distribution servers 7-1, 7-2,... Is transmitted from the advertiser terminal 8 to the advertisement distribution server in advance. The displayed advertisement is dynamically determined by auction.

The content of the advertising medium is not limited to a news article, but may be a blog, a game, an application, or the like. The format of the advertisement medium is not limited to the file group including the HTML file, and may be an executable file or the like.
The advertisement (advertisement data) is a still image file or a moving image file whose content is a logo of a company or service. An advertisement may include a link to a company site or service site.

  The advertisement area management servers 5-1, 5-2,... And the advertisement management servers 6-1, 6-2, and so on are mediation servers that mediate the distribution of advertisements to the user terminal 2. The user terminal 2 that has received the mediation connects to the introduced address. Information communicated to mediate advertisements is referred to as mediation information.

  As described above, the distribution of advertisements involves a large number of servers, and the more servers involved, the more likely the user terminal 2 that can communicate with these will be infected with malware or viruses.

For example, any one of the advertisement distribution servers 7-1, 7-2,... Is illegally intruded, and the user terminal 2 that displays the received information that has altered the advertisement or the received information that impersonates the advertisement from the server, The user terminal 2 connected to the link destination included in the reception information that has been falsified or the reception information that spoofed the advertisement can be infected with malware or a virus.
Further, for example, if any of the advertisement area management servers 5-1, 5-2,... And the advertisement management servers 6-1, 6-2,. The user terminal 2 that performs communication based on the disguised received information can be infected with malware or a virus.

  The authentication server 3 provides an electronic signature for the mediation information, an electronic signature for the advertisement and a program for controlling the execution of mediation and display by verifying the electronic signature, and the user terminal 2 is infected with malware or a virus. To prevent. Hereinafter, an electronic signature for mediation information is referred to as an intermediary signature, and an electronic signature for an advertisement is referred to as an advertisement signature. A program for verifying an intermediary signature or an advertisement signature and controlling execution of advertisement intermediation or display of an advertisement is referred to as a distribution control program.

  Hereinafter, the user terminal 2, the authentication server 3, the advertisement medium servers 4-1, 4-2,..., The advertisement area management servers 5-1, 5-2,. Each of the advertisement distribution servers 7-1, 7-2,.

<User terminal>
FIG. 2 shows an example of the configuration of the user terminal 2.

The user terminal 2 is a terminal device such as a personal computer, a smartphone, or a tablet, and includes a terminal communication unit 20, a terminal storage unit 21, a terminal display unit 22, a terminal processing unit 23, and the like.
The terminal communication unit 20 is connected to the Internet 9 and is connected to the authentication server 3, advertisement medium servers 4-1, 4-2,..., Advertisement area management servers 5-1, 5-2,. ,... And the advertisement distribution servers 7-1, 7-2,. The terminal storage unit 21 is a storage device such as a ROM or RAM that stores various programs such as a browser or various data. The terminal display unit 22 is a display device such as a liquid crystal display that displays advertisement media and advertisements. The terminal processing unit 23 is a computing device including a CPU (Central Processing Unit), an MCU (Micro Control Unit), and the like, and is connected to the terminal communication unit 20, the terminal storage unit 21, and the terminal display unit 22. The communication process and the display process are performed according to the program stored in the. Communication processing and display processing will be described later.

<Authentication server>
FIG. 3 shows an example of the configuration of the authentication server 3.

The authentication server 3 is a so-called server device, and includes an authentication communication unit 30, an authentication storage unit 31, an authentication processing unit 32, and the like.
The authentication communication unit 30 is connected to the Internet 9 to be connected to the user terminal 2, the advertisement medium servers 4-1, 4-2,..., The advertisement area management servers 5-1, 5-2,. , 6-2,... And the advertisement distribution servers 7-1, 7-2,.
The authentication storage unit 31 is a storage device such as a ROM or RAM that stores various programs and various data. The authentication storage unit 31 includes a key storage unit 310 and a distribution control information storage unit 311.

The key storage unit 310 stores a secret key unique to the authentication server 3 and a public key corresponding to the secret key in association with a key ID assigned to each pair of the secret key and the public key. These keys are generated in advance by the authentication processing unit 32 or generated in advance by a third party and stored in the key storage unit 310.
Preferably, the key storage unit 310 further stores the generation date / time and the expiration date in association with the secret key and the public key, and additionally writes the newly generated secret key and public key before the expiration date comes. Is done.

  FIG. 4 shows an example of data stored in the key storage unit 310. In this example, assuming that the current date is July 12, 2016, the currently invalid public key “FJAIERHI289TY ...” with the key ID 1 and the private key “JCAIUHV846A9 ...”, and the key ID is 2. The currently valid public key “FJAIERHI289TY…” and the secret key “JCAIUHV846A9…” are stored.

  The distribution control information storage unit 311 manages, for each advertisement area, the advertisement area of the advertisement area ID uniquely assigned to the advertisement area, and the advertisement area management servers 5-1, 5-2,. The address of the advertisement area management server, the information of the advertisement area, the mediation signature that can be received by the user terminal device 2 for the advertisement area, the key ID of the public key necessary for verifying the advertisement signature, and the like are stored.

  FIG. 5 shows an example of data stored in the distribution control information storage unit 311. The exemplified data is that the address of the advertisement area management server 5-1 that manages the advertisement area assigned with the advertisement area ID “ad123456” is “https://ssp1.ads.com”, and the advertisement area is an advertisement. The public key key ID included in the advertising medium “http://www.pub1.com/contents.htm” of the media server 4-1 and used for signature verification of the advertising area is 2, and the advertisement The address of the advertising area management server 5-1 that manages the advertising area to which the area ID “ad667788” is assigned is “https://ssp1.ads.com”, and the advertising area is the advertising medium server 4-2. It is included in the advertising medium “http://www.pub2.com/contents.htm” and indicates that the public key key ID used for verifying the signature of the advertising area is 2.

  The address of the advertisement area management server for each advertisement area, the key ID for each advertisement area, and the like stored in the distribution control information storage unit 311 are basic information for generating a distribution control program for each advertisement area.

  The authentication processing unit 32 is a computing device including a CPU, MCU, and the like, and is connected to the authentication communication unit 30 and the authentication storage unit 31. The authentication processing unit 32 operates as an advertisement tag issuing unit 320, an intermediary signature issuing unit 321, an advertisement signature issuing unit 322, a distribution control program issuing unit 323, and the like according to programs stored in the authentication storage unit 31.

  When the advertisement tag issuing unit 320 receives the advertisement area information from the advertisement area management servers 5-1, 5-2,... Via the authentication communication unit 30, the advertisement tag issuing unit 320 assigns an advertisement area ID that can uniquely identify the advertisement area. At the same time, an advertisement tag that is an initial code representing the advertisement area and includes the advertisement area ID of the advertisement area is generated, and the generated advertisement tag is returned via the authentication communication unit 30. The advertisement tag is transferred to the advertisement medium server that provides the advertisement medium including the corresponding advertisement area by the received advertisement area management server. The advertisement area information includes the address of the advertisement medium including the target advertisement area, the display position of the advertisement in the advertisement medium, the size of the advertisement, and the like. Further, the generation and transmission of the advertisement tag is performed prior to the advertisement distribution.

  The advertisement tag issuing unit 320 associates the assigned advertisement area ID, the address of the advertisement area management server that is the transmission source of the advertisement area information, the advertisement area information, and the currently valid key ID in the key storage unit 310. It is stored in the distribution control information storage unit 311. Note that the key ID of the distribution control information storage unit 311 may be updated in accordance with the addition of a key to the key storage unit 310 or the expiration of the expiration date.

  The advertisement tag is a code that the advertisement medium server 4-1, 4-2,... Transmits to the user terminal 2 and causes the user terminal to execute the authentication, and is authenticated when executed on the user terminal. It is a code describing a process for requesting the user terminal to transmit a distribution control program by the server 3. The distribution control program is a program that controls the distribution of advertisements, and details thereof will be described later.

  Incidentally, the advertisement medium servers 4-1, 4-2,... That have received the advertisement tag generate and store the advertisement medium including the received advertisement tag, and respond to the request from the user terminal 2. The advertising medium is transmitted to the user terminal.

  FIG. 6 shows an example of the advertisement medium 100 stored in the advertisement medium server 4-1. The advertisement medium 100 is transmitted to the user terminal 2, and when “trustad.js” written in the advertisement medium 100 is executed by the browser of the user terminal 2, the advertisement medium 100 is replaced with the advertisement medium 110.

  A code surrounded by a dotted line in the advertisement medium 100 is the advertisement tag 101. The advertisement tag 101 causes the user terminal 2 to request transmission of the program “trustad.js” to the authentication server 3 “ads.ttp.com” as the second stage of generating the advertisement tag of the advertisement area ID “ad123456”. Is shown.

  In response to this request, the advertisement tag issuing unit 320 transmits “trustad.js” to the user terminal 2, and when “trustad.js” is executed on the user terminal 2, the advertisement tag 101 becomes the advertisement tag 111. Replace.

  “<Iframe src =“ https://ads.ttp.com/frame.php?adtag_id=ad123456 ”/>” in the advertisement tag 111 is a delivery control for the advertisement area assigned with the advertisement area ID “ad123456”. As a first stage of the program transmission request, the user terminal 2 is requested to generate and transmit an inline frame file by the CGI (Common Gateway Interface) program “frame.php” of the authentication server 3 “ads.ttp.com”. It is shown that. The file transmitted by the CGI program “frame.php” includes a distribution control program.

  In the example described above with reference to FIG. 6, in order to improve the maintainability of the advertisement tag issuing unit 320 in the authentication server 3 (that is, in order to make it possible to upgrade “trustad.js” without changing the advertisement medium). ) Although the advertisement tag is generated in two stages, it can be made one stage. In this case, the advertisement tag issuing unit 320 transmits an advertisement tag as exemplified by the advertisement tag 111 in FIG. 6 to the advertisement medium server 4-1.

  The mediation signature issuing unit 321 confirms the security of the mediation information when mediation information is received from the mediation server, and generates a mediation signature for the mediation information by public key cryptography when the security is confirmed. Then, the generated mediation signature is returned to the mediation server.

Specifically, for example, the intermediary signature issuing unit 321 includes the advertisement management destination introduction information that the advertisement management server plans to transmit to the user terminal device 2 from any of the advertisement management servers 6-1, 6-2,. Is received via the authentication communication unit 30 and is automatically connected to the address of the advertisement management server included in the received advertisement management destination introduction information to check whether malware or virus is received. If the information is not received, the advertisement management destination introduction information is safe, and if it is received, it is determined that it is not safe. Alternatively, a white list in which addresses whose safety has been confirmed in advance is written is stored in the authentication storage unit 31, and the address of the advertisement management server included in the received advertisement management destination introduction information is included in the white list. In this case, the advertisement management destination introduction information can be determined to be safe, and if it is not included, it can be determined to be unsafe.
When the safety of the received advertisement management destination introduction information is confirmed, the currently valid private key is read from the key storage unit 310, an electronic signature is generated for the received advertisement management destination introduction information, and the generated electronic signature is generated. Is returned via the authentication communication unit 30.

  Further, the intermediary signature issuing unit 321 sends the advertisement distribution source introduction information that the advertisement management server plans to transmit to the user terminal device 2 from any one of the advertisement management servers 6-1, 6-2,. If it is received via, the security of the advertisement distribution source introduction information is confirmed, and when the safety is confirmed, the currently valid private key is read from the key storage unit 310, and an electronic signature for the received advertisement distribution source introduction information is obtained. The generated electronic signature is returned via the authentication communication unit 30.

  When receiving an advertisement from the advertisement distribution server 7-1, 7-2,..., The advertisement signature issuing unit 322 confirms the safety of the advertisement. An advertisement signature for the advertisement is generated, and the generated advertisement signature is returned to the advertisement distribution servers 7-1, 7-2,.

Specifically, for example, the advertisement signature issuing unit 322 authenticates an advertisement that the advertisement distribution server plans to transmit to the user terminal device 2 from any one of the advertisement distribution servers 7-1, 7-2,. 30, the advertisement is scanned to check whether malware or virus is detected. If malware or virus is not detected, the advertisement is determined to be safe and detected. If it is not safe.
When the safety of the received advertisement is confirmed, the currently valid private key is read from the key storage unit 310, an electronic signature is generated for the received advertisement, and the generated electronic signature is returned via the authentication communication unit 30. To do.

  When a plurality of valid private keys are stored in the key storage unit 310, the intermediary signature issuing unit 321 and the advertisement signature issuing unit 322 may generate an electronic signature using a private key with the latest generation date and time. .

  When the distribution control program issue unit 323 receives a distribution control program issue request from the user terminal 2 that has executed the advertisement tag for each advertisement area, the distribution control program issue unit 323 returns a distribution control program corresponding to the advertisement area to the user terminal. . Although the public key can be transmitted each time in response to a request from the user terminal, the distribution control program issuing unit 323 preferably returns a distribution control program including the public key in order to reduce the number of communications.

  Each of the distribution control programs for each advertisement area is a program in which the following advertisement determination request process, mediation verification process, mediation control process, advertisement verification process, and display control process are described. Executed.

  The advertisement determination request process is a process of transmitting an advertisement determination request process for requesting determination of an advertisement to be distributed to the advertisement area to an advertisement area management server that manages the advertisement area corresponding to the distribution control program issue request. Incidentally, the advertisement area management server that has received this advertisement determination request process executes an auction and determines an advertisement to be displayed in the advertisement area. Note that the user attribute stored as a cookie or the like in the terminal storage unit 21 may be included in the advertisement determination request. When the user attribute is included in the advertisement determination request, an auction is performed in consideration of the user attribute.

  The mediation verification process is a process for verifying that the received information received by the user terminal 2 is the mediation information received together with the mediation signature. The verification of the mediation signature is performed using the public key of the authentication server 3.

  The mediation control process is a process that permits the use of the received information by the user terminal 2 when the mediation verification process is successful, and prohibits the use of the received information by the user terminal 2 when the mediation verification process fails. In addition, what is permitted when the mediation verification process is successful is communication of the user terminal 2 based on the mediation information, specifically, redirect communication to the address included in the advertisement management destination introduction information, and For example, redirect communication to an address included in the advertisement distribution source introduction information.

  The mediation control process prohibits the use of received information that may be infected with malware or viruses. Therefore, the user terminal 2 can be protected from malware infection, virus infection, or the like caused by reception information obtained by falsifying the mediation information or reception information camouflaging the mediation information.

  The advertisement verification process is a process for verifying that the advertisement received by the user terminal 2 from any one of the advertisement distribution servers 7-1, 7-2,... Is received together with the advertisement signature for the advertisement. The verification of the advertisement signature is performed using the public key of the authentication server 3.

  The display control process is a process that permits display of an advertisement on the user terminal 2 when the advertisement verification process is successful, and prohibits display of an advertisement on the user terminal 2 when the advertisement verification process fails.

  Even the display control process prohibits the use of received information that may be infected by malware, virus, or the like. Therefore, the user terminal 2 can be protected from malware infection, virus infection, or the like caused by reception information obtained by falsifying advertisements or reception information disguised as advertisements.

  In the case where a plurality of public keys are within the validity period, in the mediation verification process and the advertisement verification process, if the verification can be performed with any of the valid public keys, the verification can be successful.

  Specifically, when the distribution control program issuance unit 323 receives a distribution control program issuance request including the advertisement region ID from the user terminal 2 via the authentication communication unit 30, the distribution control program issuance unit 323 reads the advertisement region from the distribution control information storage unit 311 The advertisement area management server address and the key ID stored in association with the ID are read out, and the public key corresponding to the key ID is read out from the key storage unit 310, and the advertisement determination request for the read advertisement area management server address is read. A distribution control program describing processing, mediation verification processing using the read public key, mediation control processing, advertisement verification processing using the read public key, and display control processing is generated and returned via the authentication communication unit 30.

FIG. 7 shows an example of a distribution control program transmitted from the distribution control program issuing unit 323 to the user terminal 2 by executing the advertisement tag exemplified in FIG.
The HTML file 200 in FIG. 7 is an inline frame file representing an advertisement area, and is transmitted from the authentication server 3 to the user terminal 2 when the user terminal 2 executes the CGI program “frame.php” illustrated in FIG. Is done. A code 201 which is a part of the HTML file 200 represents a part of the distribution control program. “GJAIIAJFMAW4...” In the code 201 represents a public key used for verification of the advertisement area assigned with the advertisement area ID “ad123456”, and “https://ssp1.ads.com” in the code 201 represents the advertisement. This indicates that the area advertisement determination request destination is the advertisement area management server 5-1.

The JavaScript (registered trademark) file 210 in FIG. 7 is the remaining part of the distribution control program. The JavaScript file 210 is obtained from the authentication server 3 when the user terminal 2 executes “<script src =“ https://ads.ttp.com/verify.js ”></script>” in the code 201. It is transmitted to the user terminal 2. In the JavaScript file 210, the code 211 describes the advertisement determination request process to “https://ssp1.ads.com”, and the code 212 describes the mediation verification process using the public key “GJAIIAJFMAW4. The code 213 describes an intermediary control process according to the verification result of the code 212, and the code 214 describes an advertisement verification process using the public key “GJAIIAJFMAW4. Describes a display control process corresponding to the verification result of the code 214.
That is, the code 201 and the JavaScript file 210 in the HTML file 200 are the distribution control program.

  Here, it is noted that the HTML file 200 including the distribution control program is generated by the authentication server 3 separately from the HTML 100 or 110 of the advertisement medium main body and transmitted to the user terminal 2 by HTTP (Hypertext Transfer Protocol) communication. I want to be. The distribution control program included in the HTML file 200 generated and transmitted in this way is executed with the authority of the authentication server 3 in the user terminal 2. As a result, the processing of the distribution control program can be executed with the authority of the authentication server 3 irrespective of the advertisement medium server that transmitted the advertisement medium and the user terminal that received the advertisement medium, and the user terminal 2 has uniform and high security. Can be provided.

  In the example described above with reference to FIG. 7, “verify.js” can be upgraded without changing “frame.php” in order to improve the maintainability of the distribution control program issuing unit 323 in the authentication server 3. For this reason, the distribution control program is transmitted in two stages, but this can be made one stage. In that case, the distribution control program issuing unit 323 transmits to the user terminal 2 an HTML file in which the code in the JavaScript file 210 is directly described in the HTML file 200 of FIG.

<Advertising media server>
Each of the advertising media servers 4-1, 4-2,... Is a server device positioned as a publisher in the ad network. Each of the advertisement medium servers 4-1, 4-2,... Is connected to the user terminal 2 and the advertisement area management servers 5-1, 5-2,.

  FIG. 8 shows an example of the configuration of the advertisement medium server 4-1.

The advertisement medium server 4-1 includes a PUB communication unit 40-1, a PUB storage unit 41-1, a PUB processing unit 42-1, and the like.
The PUB communication unit 40-1 is a communication interface circuit that is connected to the Internet 9 and communicates with the user terminal 2 and the advertisement area management servers 5-1, 5-2,. The PUB storage unit 41-1 is a storage device such as a ROM or a RAM that stores various programs and data. The PUB processing unit 42-1 is an arithmetic unit including a CPU, an MCU, and the like, and is connected to the PUB communication unit 40-1 and the PUB storage unit 41-1 to perform communication processing and the like.

  The data stored in the PUB storage unit 41-1 includes one or a plurality of advertisement media. Each advertisement medium includes an advertisement tag corresponding to the advertisement medium.

  For example, one of the advertisement media stored in the PUB storage unit 41-1 is the HTML file 100 illustrated in FIG. 6, and the advertisement tag included in the advertisement medium is the code 101 illustrated in FIG.

  The advertisement tag 101 in FIG. 6 is generated in advance by the advertisement tag issuing unit 320 of the authentication server 3 and transmitted to the advertisement medium server 4-1 via the advertisement area management server 5-1. The PUB processing unit 42-1 of the advertising medium server 4-1 receives the advertising tag 101 via the PUB communication unit 40-1, adds the advertising tag 101 to the advertising area of the advertising medium 100, and stores it in the PUB storage unit 41-1. Remember.

  Then, when the PUB processing unit 42-1 of the advertisement medium server 4-1 receives the advertisement medium request specifying the address of the advertisement medium 100 from the user terminal 2 via the PUB communication unit 40-1, the advertisement tag The advertising medium 100 including 101 is returned to the user terminal via the PUB communication unit 40-1.

  Up to this point, the advertisement medium server 4-1 has been described, but the other advertisement medium servers 4-2,... Also have the same PUB storage units 40-2 as the PUB storage units 40-1 of the advertisement medium server 4-1. (Not shown), the same PUB communication unit 41-2 as the PUB communication unit 41-1 of the advertising media server 4-1, ... (not shown) and the same as the PUB processing unit 42-1 of the advertising media server 4-1. A PUB processing unit 42-2, ... (not shown) are provided.

  That is, each of the advertisement medium servers 4-1, 4-2,... Sets an advertisement tag corresponding to each advertisement medium, one of the advertisement area management servers 5-1, 5-2,. An advertisement medium including the received advertisement tag is generated and stored.

  And each of the advertising media servers 4-1, 4-2,... Returns an advertising media including an advertising tag to the user terminal when receiving the advertising media request from the user terminal 2.

<Advertising area management server>
Each of the advertisement area management servers 5-1, 5-2,... Is a server device positioned as an SSP in the RTB type ad network. That is, each of the advertisement area management servers 5-1, 5-2,... Is a mediation server on the advertisement medium owner side. Each of the advertisement area management servers 5-1, 5-2,... Is connected to the user terminal 2, the authentication server 3, and the advertisement medium servers 4-1, 4-2,. 6-2, and so on.

  FIG. 9 shows an example of the configuration of the advertisement area management server 5-1.

The advertisement area management server 5-1 includes an SSP communication unit 50-1, an SSP storage unit 51-1, an SSP processing unit 52-1, and the like.
The SSP communication unit 50-1 is a communication interface circuit that is connected to the Internet 9 and communicates with the user terminal 2, the authentication server 3, and the advertisement management servers 6-1, 6-2,. The SSP storage unit 51-1 is a storage device such as a ROM or a RAM that stores various programs and various data such as the address of the authentication server 3. The SSP processing unit 52-1 is an arithmetic unit composed of a CPU, an MCU, and the like, and is connected to the SSP communication unit 50-1 and the SSP storage unit 51-1, and performs communication processing and the like.

  Further, when the advertisement area management server 5-1 receives an advertisement determination request from the user terminal 2 via the SSP communication unit 50-1, the advertisement area management server 5-1 communicates with the advertisement management servers 6-1, 6-2,. An advertisement to be distributed to the user terminal is determined by performing an auction.

  Further, the advertisement area management server 5-1 receives the advertisement management destination introduction information including the address of the advertisement management server from the advertisement management server (the successful bid management server) that manages the determined advertisement, and the advertisement management destination introduction information. When the mediation signature and the advertisement ID of the determined advertisement are received via the SSP communication unit 50-1, they are transferred to the user terminal 2 as the distribution destination via the SSP communication unit 50-1.

  This transfer is performed by an HTTP response including a cross-origin resource sharing (CRS (W3C Recommendation 16 January 2014)) permission code specifying the authentication server 3. FIG. 10 is a schematic diagram showing an example of this transfer.

  In FIG. 10, the advertisement area management server 5-1 “ads.ssp1.com” transfers data “IAJ49URA9HBAS.JFAIT2939T0HA.23VHAU92T” including advertisement management destination introduction information and an intermediary signature to the user terminal 2 using an HTTP response. Is shown. “Access-Control-Allow-Origin: https://ads.ttp.com” described in the header part of the HTTP response is the origin of the authentication server 3 (authorization authority) “https: //ads.ttp CORS permission code designating “.com”. With this description, the advertisement area management server 5-1 can transfer the advertisement management destination introduction information and the intermediary signature to the distribution control program operating under the authority of the authentication server 3 so as to be accepted.

  Up to this point, the advertisement area management server 5-1 has been described. However, the other advertisement area management servers 5-2,... Also have the same SSP storage section 51- as the SSP storage section 51-1 of the advertisement area management server 5-1. 2, (not shown), the SSP communication unit 50-2 similar to the SSP communication unit 50-1 of the advertisement area management server 5-1, ... (not shown) and the SSP processing part 52 of the advertisement area management server 5-1. -1 (not shown) and the like similar to S-1. In addition, the advertisement management server which cooperates at the time of an auction may overlap partly or entirely between advertisement area management server 5-1, 5-2, ....

  That is, each of the advertisement area management servers 5-1, 5-2,... Receives one of the advertisement management requests 6-1, 6-2,. The advertisement management destination introduction information including the address of the advertisement management server that determines the advertisement to be distributed to the user terminal 2 by auctioning with one or more and manages the decided advertisement, the advertisement management destination introduction The mediation signature for the information and the advertisement ID of the determined advertisement are returned to the user terminal. Accordingly, each of the advertisement area management servers 5-1, 5-2,... Can provide the user terminal 2 with uniform and high security with the authentication server 3 as a common trust point.

  Then, each of the advertisement area management servers 5-1, 5-2,... Performs the above reply to the user terminal 2 by an HTTP response including a cross-origin resource sharing permission code designating the authentication server 3. . That is, each of the advertisement area management servers 5-1, 5-2,... Is connected to the user terminal 2 via a distribution control program executed with the authority of the authentication server 3 that is a common trust point in the advertisement distribution system 1. Since communication is performed, uniform and high security can be provided to the user terminal 2.

<Advertising management server>
Each of the advertisement management servers 6-1, 6-2,... Is a server device positioned as a DSP in the RTB type ad network. That is, each of the advertisement management servers 6-1, 6-2,... Is an intermediary server on the advertiser side. Each of the advertisement management servers 6-1, 6-2,... Is connected to the user terminal 2, the authentication server 3, the advertisement area management servers 5-1, 5-2,. 7-2, and so on.

  FIG. 11 shows an example of the configuration of the advertisement management server 6-1.

The advertisement management server 6-1 includes a DSP communication unit 60-1, a DSP storage unit 61-1, a DSP processing unit 62-1, and the like.
The DSP communication unit 60-1 is connected to the Internet 9, and is connected to the user terminal 2, the authentication server 3, the advertisement area management servers 5-1, 5-2,... And the advertisement distribution servers 7-1, 7-2,. It is a communication interface circuit that performs communication. The DSP storage unit 61-1 is a storage device such as a ROM or a RAM for storing various programs and data. The DSP processing unit 62-1 is an arithmetic unit composed of a CPU, an MCU, and the like, and is connected to the DSP communication unit 60-1 and the DSP storage unit 61-1, and performs communication processing and the like.

  The data stored in the DSP storage unit 61-1 includes advertisement management destination introduction information including its own address, an electronic signature for each advertisement management destination introduction information, and the address of the authentication server 3. The advertisement management destination introduction information is one of the mediation information, and the electronic signature for the advertisement management destination introduction information is one of the mediation signatures. The mediation signature is generated by the authentication server 3, and the advertisement management server 6-1 acquires and stores them in advance.

  The data stored in the DSP storage unit 61-1 includes advertisement IDs of one or more advertisements managed by the DSP storage unit 61-1, advertisement distribution source introduction information including the addresses of the respective advertisement distribution servers storing each advertisement, and An electronic signature for each advertisement distribution source introduction information is included. The advertisement distribution source introduction information is one of the mediation information, and the electronic signature for the advertisement distribution source introduction information is one of the mediation signatures. The mediation signature is generated by the authentication server 3, and the advertisement management server 6-1 acquires and stores them in advance.

  Further, the data stored in the DSP storage unit 61-1 includes a successful bid condition for each advertisement (not shown), and the advertisement management server 6-1 includes the advertisement area management servers 5-1, 5-2,. When either receives the advertisement determination request, the auction is performed by transmitting the successful bid condition of the advertisement managed by itself to the advertisement area management server together with the advertisement ID of the advertisement. When the advertisement managed by itself is determined to be the advertisement distributed to the user terminal 2 (when the advertisement bid by itself is successful), the advertisement management server 6-1 includes the advertisement management destination introduction information including its own address. And the mediation signature for the advertisement management destination introduction information and the advertisement ID of the advertisement whose delivery has been determined are transmitted to the bid area advertisement area management server.

  The advertisement management destination introduction information, the mediation signature, and the advertisement ID are transferred from the bid area advertisement area management server to the user terminal 2, and the advertisement ID is sent from the user terminal 2 to the advertisement management server 6-1 in response to the transfer. A distribution source introduction request including is transmitted.

  When receiving the distribution source introduction request including the advertisement ID of the advertisement determined to be distributed from the user terminal 2 via the DSP communication unit 60-1, the advertisement management server 6-1 stores the distribution ID in association with the advertisement ID. The advertisement distribution source introduction information and the intermediary signature are returned to the user terminal 2 via the DSP communication unit 60-1.

  This reply is made by an HTTP response including a CORS authorization code designating the authentication server 3, and the advertisement management server 6-1 sends an advertisement distribution to a distribution control program operating under the authority of the authentication server 3. The original introduction information and the intermediary signature can be accepted and returned.

  Up to this point, the advertisement management server 6-1 has been described. However, the other advertisement management servers 6-2,... Have the same DSP communication unit 60-2 as the DSP communication unit 60-1 of the advertisement management server 6-1. (Not shown), a DSP storage unit 61-2 similar to the DSP storage unit 61-1 of the advertisement management server 6-1, ... (not shown) and the same as the DSP processing unit 62-1 of the advertisement management server 6-1 A DSP processing unit 62-2, ... (not shown) and the like are provided.

  That is, each of the advertisement management servers 6-1, 6-2,... Transmits to the authentication server 3 each of the advertisement management destination introduction information that is scheduled to be transmitted to the user terminal 2 prior to advertisement distribution. The mediation signature for the advertisement management destination introduction information is received from the authentication server 3 and stored in the respective DSP storage units 61-1, 61-2,.

  Further, each of the advertisement management servers 6-1, 6-2,... Transmits the advertisement distribution source introduction information scheduled to be transmitted to the user terminal 2 to the authentication server 3 and authenticates it before the advertisement distribution. An intermediary signature for the advertisement distribution source introduction information is received from the server 3 and stored in the respective DSP storage units 61-1, 61-2,.

  In addition, each of the advertisement management servers 6-1, 6-2,... Is used by performing an auction by cooperating with any one of the advertisement area management servers 5-1, 5-2,. The advertisement distributed to the person terminal 2 is determined.

  And each of the advertisement management servers 6-1, 6-2,..., When the advertisement managed by the advertisement management server 6-1, 6-2,. Then, the mediation signature for the advertisement management destination information and the advertisement ID of the advertisement determined to be distributed are transmitted to the advertisement area management server (sent to the user terminal 2 via the advertisement area management server).

  Further, each of the advertisement management servers 6-1, 6-2,... Receives the advertisement delivery source introduction request from the user terminal 2, and the advertisement management servers 6-1, 6-2,. The advertisement distribution source introduction information including the address of the advertisement distribution server storing the advertisement determined to be distributed to the user terminal 2 and the mediation signature for the advertisement distribution source introduction information are returned to the user terminal 2. Accordingly, each of the advertisement management servers 6-1, 6-2,... Can provide the user terminal 2 with uniform and high security with the authentication server 3 as a common trust point.

  Then, each of the advertisement management servers 6-1, 6-2,... Performs the above reply to the user terminal 2 using an HTTP response including a cross-origin resource sharing permission code designating the authentication server 3. That is, each of the advertisement management servers 6-1, 6-2,... Communicates with the user terminal 2 via a distribution control program executed with the authority of the authentication server 3 that is a common trust point in the advertisement distribution system 1. Therefore, uniform and high security can be provided to the user terminal 2.

<Advertising distribution server>
Each of the advertisement delivery servers 7-1, 7-2,... Is a server device that is positioned as a component of a content delivery network (CDN) in the ad network. Each of the advertisement distribution servers 7-1, 7-2,... Is connected to the user terminal 2, the advertisement management servers 6-1, 6-2,.

  FIG. 12 shows an example of the configuration of the advertisement distribution server 7-1.

The advertisement distribution server 7-1 includes a CDN communication unit 70-1, a CDN storage unit 71-1, a CDN processing unit 72-1, and the like.
The CDN communication unit 70-1 is a communication interface circuit that is connected to the Internet 9 and communicates with the user terminal 2, the advertisement management servers 6-1, 6-2,. The CDN storage unit 71-1 is a storage device such as a ROM or a RAM that stores various programs and data. The CDN processing unit 72-1 is an arithmetic unit configured by a CPU, MCU, and the like, and is connected to the CDN communication unit 70-1 and the CDN storage unit 71-1, and performs communication processing and the like.

  Data stored in the CDN storage unit 71-1 includes one or more advertisements, an advertisement ID uniquely assigned to each advertisement, an electronic signature for each advertisement, and an address of the authentication server 3. Hereinafter, an electronic signature for an advertisement is referred to as an advertisement signature. The advertisement signature is generated by the authentication server 3, and the advertisement distribution server 7-1 receives and stores these from the authentication server 3 via the CDN communication unit 70-1 in advance.

  Further, when the advertisement distribution server 7-1 receives an advertisement distribution request including the advertisement ID from the user terminal 2 via the CDN communication unit 70-1, the advertisement corresponding to the advertisement ID and the advertisement signature for the advertisement To the user terminal 2 via the CDN communication unit 70-1.

  This reply is made by an HTTP response including a CORS authorization code designating the authentication server 3, whereby the advertisement distribution server 7-1 sends an advertisement and a distribution control program operating under the authority of the authentication server 3 to the advertisement control server 3. A reply can be made so that the advertising signature is accepted.

  Up to this point, the advertisement distribution server 7-1 has been described. However, the other advertisement distribution servers 7-2,... Also have the same CDN communication unit 70-1, as the CDN communication unit 70-1 of the advertisement distribution server 7-1. (Not shown), the same CDN storage unit 71-2 as the CDN storage unit 71-1 of the advertisement distribution server 7-1, ... (not shown) and the same as the CDN processing unit 72-1 of the advertisement distribution server 7-1. A CDN processing unit 72-1,... (Not shown) are provided.

  That is, each of the advertisement distribution servers 7-1, 7-2,... Transmits each advertisement to the authentication server 3 and receives an advertisement signature for the advertisement from the authentication server 3 prior to the advertisement distribution. It memorize | stores in the memory | storage part 71-1, 71-2, ....

  When each of the advertisement distribution servers 7-1, 7-2,... Receives the advertisement distribution request including the advertisement ID from the user terminal 2, the advertisement corresponding to the advertisement ID and the advertisement signature for the advertisement Is returned to the user terminal 2. Accordingly, each of the advertisement distribution servers 7-1, 7-2,... Can provide the user terminal 2 with uniform and high security with the authentication server 3 as a common trust point.

  Then, each of the advertisement distribution servers 7-1, 7-2,... Performs the above reply to the user terminal 2 by an HTTP response including a cross-origin resource sharing permission code designating the authentication server 3. That is, each of the advertisement distribution servers 7-1, 7-2,... Communicates with the user terminal 2 via a distribution control program that is executed with the authority of the authentication server 3 that is a common trust point in the advertisement distribution system 1. Therefore, uniform and high security can be provided to the user terminal 2.

[Operation example]
<Operation before advertisement delivery>
Referring to FIG. 13, an example of an operation performed prior to advertisement distribution, that is, the user terminal 2 connects to any one of the advertisement medium servers 4-1, 4-2,... For browsing news articles and the like. An example of the previous operation will be described.

  In this example, it is assumed that the advertisement area management server 5-1 manages the advertisement area of the advertisement medium provided by the advertisement medium servers 4-1 and 4-2.

  The advertisement area management server 5-1 transmits an advertisement tag request including advertisement area information including the address of the advertisement medium provided by the advertisement medium server 4-1 to the authentication server 3, and the advertisement tag issuing unit of the authentication server 3. 320 receives this (S10).

  Upon receiving the advertisement tag request, the advertisement tag issuing unit 320 assigns an advertisement area ID to the advertisement area information included in the request, generates an advertisement tag including the advertisement area ID, and manages the advertisement area management server 5-1. The advertisement area management server 5-1 receives this (S11). Further, the advertisement tag issuing unit 320 distributes the assigned advertisement area ID, the address of the advertisement area management server 5-1 that is the request source, the advertisement area information included in the request, and the currently valid key ID in association with each other. The information is stored in the control information storage unit 311.

  The advertisement area management server 5-1 that has received the advertisement tag transfers the advertisement tag to the advertisement medium server 4-1, and the received advertisement medium server 4-1 adds the received advertisement tag to the advertisement medium and adds it. The subsequent advertisement medium is stored in the PUB storage unit 41-1 (S12).

  Similarly, the advertisement area management server 5-1 transmits an advertisement tag request including information on the advertisement area related to the advertisement medium provided by the advertisement medium server 4-2 to the authentication server 3, and the advertisement tag issuing unit of the authentication server 3 320 receives this (S13).

  The advertisement tag issuing unit 320 generates an advertisement tag by giving an advertisement area ID to the advertisement area information received in step S13, and returns the advertisement tag to the advertisement area management server 5-1. The advertisement area management server 5-1 Receive (S14). Further, the advertisement tag issuing unit 320 controls distribution by associating the assigned advertisement area ID, the address of the advertisement area management server 5-1, the information of the advertisement area included in the request in step S13, and the currently valid key ID. The information is stored in the information storage unit 311.

  The advertisement area management server 5-1 transfers the advertisement tag received in step S14 to the advertisement medium server 4-2, and the advertisement medium server 4-2 that has received the transfer adds the received advertisement tag to the advertisement medium and adds it. The subsequent advertisement medium is stored in the PUB storage unit 41-2 (S15).

  Similarly, the other advertisement medium server adds the advertisement tag issued from the advertisement tag issuing unit 320 to the advertisement medium, and stores the added advertisement medium in its own PUB storage unit.

  On the other hand, the advertisement management server 6-1 transmits a signature request including the advertisement management destination introduction information including its own address to the authentication server 3, and the intermediary signature issuing unit 321 of the authentication server 3 receives the request ( S20).

  Having received the signature request in step S20, the mediation signature issuing unit 321 generates a mediation signature for the advertisement management destination introduction information in the request by using the latest valid private key currently stored in the key storage unit 310, and the advertisement. A reply is sent to the management server 6-1 (S21). Upon receiving the reply, the advertisement management server 6-1 stores the received mediation signature in the SSP storage unit 51-1 in association with the advertisement management destination introduction information.

  Similarly, the advertisement management server 6-2 transmits advertisement management destination introduction information to itself to the authentication server 3, and the mediation signature issuing unit 321 of the authentication server 3 receives this (S22).

  The mediation signature issuing unit 321 generates a mediation signature for the advertisement management destination introduction information received in step S22 and returns it to the advertisement management server 6-2. The advertisement management server 6-2 associates the advertisement management destination introduction information with the mediation signature. In addition, the data is stored in the DSP storage unit 61-2 (S23).

  Similarly, the other advertisement management server stores the mediation signature for the advertisement management destination introduction information to itself generated by the mediation signature issuing unit 321 in association with the advertisement management destination introduction information in its own DSP storage unit.

  In this example, the advertisement management server 6-1 manages advertisement distribution by the advertisement distribution server 7-1, and the advertisement management server 6-2 manages advertisement distribution by the advertisement distribution server 7-2. Suppose that

  The advertisement management server 6-1 transmits a signature request including the advertisement distribution source introduction information including the address of the advertisement distribution server 7-1 to the authentication server 3, and the mediation signature issuing unit 321 of the authentication server 3 receives the request. (S30).

  The mediation signature issuing unit 321 that has received the signature request in step S30 generates a mediation signature for the advertisement distribution source introduction information in the request by using the latest valid private key currently stored in the key storage unit 310, It returns to the advertisement management server 6-1 (S31). Upon receiving the reply, the advertisement management server 6-1 stores the received mediation signature in the DSP storage unit 61-1 in association with the advertisement distribution source introduction information including the address of the advertisement distribution server 7-1.

  Similarly, the advertisement management server 6-2 transmits the advertisement distribution source introduction information for the advertisement distribution server 7-2 to the authentication server 3, and the mediation signature issuing unit 321 of the authentication server 3 receives the information (S32).

  The mediation signature issuing unit 321 generates a mediation signature for the advertisement distribution source introduction information received in step S32 and returns it to the advertisement management server 6-2. The advertisement management server 6-2 associates the advertisement distribution source introduction information with the mediation signature. In addition, the data is stored in the DSP storage unit 61-2 (S33).

  Similarly, other advertisement management servers also associate the mediation signature generated by the mediation signature issuing unit 321 with the advertisement distribution source introduction information for the advertisement distribution source introduction information to the advertisement distribution server managed by itself. It is stored in its own DSP storage unit.

  The advertisement distribution server 7-1 transmits a signature request including the advertisement stored therein to the authentication server 3, and the advertisement signature issuing unit 322 of the authentication server 3 receives the request (S40).

  The advertisement signature issuing unit 322 that has received the signature request in step S40 generates an advertisement signature for the advertisement in the request by using the latest valid private key currently stored in the key storage unit 310 and the advertisement distribution server 7. -1 is returned (S41). Upon receiving the reply, the advertisement distribution server 7-1 stores the received advertisement signature in the CDN storage unit 71-1 in association with the transmitted advertisement. When a plurality of advertisements are stored, an advertisement signature is issued for each advertisement.

  Similarly, the advertisement distribution server 7-2 transmits the advertisement stored therein to the authentication server 3, and the advertisement signature issuing unit 322 of the authentication server 3 receives the advertisement (S42).

  The advertisement signature issuing unit 322 generates an advertisement signature for the advertisement received in step S42 and returns it to the advertisement distribution server 7-2. The advertisement distribution server 7-2 associates the advertisement with the received advertisement signature, and stores the CDN storage unit. 7-2 is stored (S43). When a plurality of advertisements are stored, an advertisement signature is issued for each advertisement.

  Similarly, the other advertisement distribution servers store the advertisement signature generated by the advertisement signature issuing unit 322 for each advertisement stored therein in the CDN storage unit in association with the advertisement.

<Operation during advertisement delivery>
With reference to FIG. 14, the operation of the advertisement distribution system 1 will be described focusing on an example in which the advertisement of the advertisement distribution server 7-1 is displayed on the user terminal 2 together with the advertisement medium of the advertisement medium server 4-1.

  When the user operates the user terminal 2 to start the browser and inputs the advertisement medium address of the advertisement medium server 4-1, the user terminal 2 includes the advertisement medium address in the advertisement medium server 4-1. The advertisement medium request is transmitted (S100).

  Upon receiving the advertisement medium request, the advertisement medium server 4-1 returns the advertisement medium to the user terminal 2 (S101). The advertisement medium to be returned includes an advertisement tag, and the advertisement tag includes an advertisement area ID. For example, the advertisement medium to be returned is an HTML file 100 including the advertisement tag 101 as shown in FIG.

  The user terminal 2 that has received the advertisement medium transmits a distribution control program issuance request including the advertisement area ID to the authentication server 3, and the distribution control program issuance unit 323 of the authentication server 3 receives the request (S102).

  Upon receiving the distribution control program issue request, the distribution control program issue unit 323 reads the advertisement area management server address and key ID corresponding to the advertisement area ID in the request from the distribution control information storage unit 311 and further corresponds to the key ID. The public key to be read is read from the key ID storage unit 310, and a distribution control program including the read advertisement area management server address and public key is generated. Then, the distribution control program issuing unit 323 returns the advertisement area data including the distribution control program to the user terminal 2 (S103). The advertisement area data is, for example, the HTML file 200 of an inline frame shown in FIG.

  However, in this embodiment, the second stage of issuing the advertisement tag is also executed at this point. That is, the first stage advertisement tag 101 illustrated in FIG. 6 at the user terminal 2 requests the authentication server 3 to transmit “trustad.js”, and the advertisement tag issuing unit 320 of the authentication server 3 that has received the request. Returns "trustad.js". Then, “trustad.js” is executed on the user terminal 2, the first stage advertisement tag 101 is replaced with the second stage advertisement tag 111, and the second stage advertisement tag 111 is executed for distribution. A control program issue request is sent.

  The user terminal 2 that has received the distribution control program executes the program. In the user terminal 2, the distribution control program is executed with the authority of the authentication server 3 by receiving the distribution control program from the authentication server 3 by HTTP communication. That is, the received information related to the advertisement area is not received unless the received information is from the authentication server 3 or the HTTP response in which the CORS permission code specifying the authentication server 3 is set.

  In accordance with the program, the user terminal 2 that has executed the distribution control program first transmits an advertisement determination request to the advertisement area management server 5-1 (S104). Incidentally, the user terminal 2 causes the terminal display unit 22 to display contents other than the advertisement in the advertisement medium at this time.

  The advertisement area management server 5-1 that has received the advertisement determination request communicates with the advertisement management servers 6-1, 6-2,..., Auctions, and determines an advertisement to be distributed to the user terminal 2 (S 105). In this example, it is assumed that an advertisement managed by the advertisement management server 6-1 is determined as a distribution target.

  When the advertisement to be distributed is determined, the advertisement management server 6-1 managing the determined advertisement sends advertisement management destination introduction information including its own address and an intermediary signature for the advertisement management destination introduction information to the advertisement area management server 5- 1, the advertising area management server 5-1 transfers it to the user terminal 2 (S 106). Note that the transfer in step S108 is performed by an HTTP response including a CORS permission code designating the authentication server 3.

  The user terminal 2 that has received the advertisement management destination introduction information and the mediation signature performs mediation signature verification processing according to the distribution control program (S107). That is, the user terminal 2 verifies the mediation signature received in step S106 using the public key received in step S103.

  If the signature verification in step S107 fails, the user terminal 2 determines that the received advertisement management destination introduction information is invalid information that has not been digitally signed by the authentication server 3 and is at risk of malware infection or the like. Then, a warning to that effect is output, and the execution of the distribution control program is terminated. That is, in this case, the user terminal 2 does not communicate with the address included in the advertisement management destination introduction information.

  When advertisement management destination introduction information without a CORS permission code is received, the distribution control program is not accepted, and the user terminal 2 does not communicate with the address included in the advertisement management destination introduction information. In this case also, a warning output may be performed because the information is invalid.

  On the other hand, if the signature verification in step S107 is successful, the user terminal 2 determines that the received advertisement management destination introduction information is valid and sends a distribution source introduction request to the advertisement management server 6-1 indicated by the advertisement management destination introduction information. Transmit (S108). In this example, it is assumed that the advertisement distribution server 7-1 stores advertisements determined as distribution targets.

  Upon receiving the distribution source introduction request, the advertisement management server 6-1 responds to the advertisement distribution source introduction information including the address of the advertisement distribution server 7-1 storing the advertisement determined in step S105 and the advertisement distribution source introduction information. The mediation signature is returned to the user terminal 2 (S109). Note that the reply in step S109 is also performed by an HTTP response including the CORS permission code designating the authentication server 3.

  The user terminal 2 that has received the advertisement distribution source introduction information and the mediation signature performs mediation signature verification processing according to the distribution control program (S110). That is, the user terminal 2 verifies the mediation signature received in step S109 using the public key received in step S103.

  If the signature verification in step S110 fails, the user terminal 2 determines that the received advertisement distribution source introduction information is invalid information that has not been digitally signed by the authentication server 3 and is at risk of malware infection or the like. Then, a warning to that effect is output, and the execution of the distribution control program is terminated. That is, in this case, the user terminal 2 does not communicate with the address included in the advertisement distribution source introduction information.

  Further, when the advertisement distribution source introduction information without the CORS permission code is received, the distribution control program is not accepted, and the user terminal 2 does not communicate with the address included in the advertisement distribution source introduction information. In this case also, a warning output may be performed because the information is invalid.

  On the other hand, if the signature verification in step S110 is successful, the user terminal 2 transmits the advertisement distribution request to the advertisement distribution server 7-1 indicated by the advertisement distribution source introduction information, assuming that the received advertisement distribution source introduction information is valid. (S111).

  Upon receiving the advertisement distribution request, the advertisement distribution server 7-1 returns the advertisement determined in step S105 and the advertisement signature for the advertisement to the user terminal 2 (S112).

  Note that the reply in step S112 is also performed by an HTTP response including the CORS permission code designating the authentication server 3.

  The user terminal 2 that has received the advertisement and the advertisement signature performs advertisement verification processing according to the distribution control program (S113). That is, the user terminal 2 verifies the mediation signature received in step S112 using the public key received in step S103.

  If the signature verification in step S113 fails, the user terminal 2 determines that the received advertisement is an unauthorized advertisement that has not been digitally signed by the authentication server 3 and that there is a risk of malware infection and the like. A warning is output and execution of the distribution control program is terminated. In this case, advertisement display is not performed.

  When an advertisement without a CORS permission code is received, the distribution control program is not accepted, and the user terminal 2 does not display an advertisement. In this case, a warning may be output as an illegal advertisement.

  On the other hand, if the signature verification in step S113 is successful, the user terminal 2 displays the advertisement on the terminal display unit 22 assuming that the received advertisement is valid (S114). That is, execution of the code for displaying the advertisement is permitted in the distribution control program, and the browser receives the advertisement data and displays it on the terminal display unit 22.

[Modification]
In the above embodiment, the distribution control program issuing unit 323 generates and transmits the distribution control program when the advertisement tag is executed in the user terminal 2, but generates the distribution control program when the advertisement tag is issued. The distribution control program generated in this manner may be stored in the distribution control information storage unit 311 and read and transmitted when the advertisement tag is executed in the user terminal 2.

In the embodiment and the modification, the advertisement area management server 5-1, 5-2,... Requests the authentication server 3 to issue an advertisement tag, and the advertisement management server sends the advertisement medium server 4-1, 4-2. Although the advertisement tag is transferred to..., The advertisement medium server 4-1, 4-2,... Can request the authentication server 3 to directly issue the advertisement tag.
In that case, when the advertisement tag issuing unit 320 of the authentication server 3 receives the advertisement area information from the advertisement medium servers 4-1, 4-2,... Prior to the advertisement distribution, the advertisement area ID is assigned to the advertisement area. At the same time, an advertisement tag which is an initial code representing the advertisement area is generated, and the generated advertisement tag is returned. In that case, the advertisement tag issuing unit 320 associates the assigned advertisement area ID with the address of the advertisement medium server that is the transmission source of the advertisement area information, and causes the distribution control information storage unit 311 to store the association.

In the above embodiment and each modified example, the advertisement management servers 6-1, 6-2,... Store the advertisement management destination introduction information and the mediation signature thereof. -1, 5-2,... Can be stored.
In that case, the mediation signature issuing unit 321 of the authentication server 3 receives the advertisement management destination introduction information from any one of the advertisement management servers 6-1, 6-2,... And the safety of the received advertisement management destination introduction information. When the safety is confirmed, a mediation signature for the received advertisement management destination introduction information is generated, and the generated mediation signature is returned. That is, the processing illustrated in steps S20 to S23 in FIG. 13 is not performed between the advertisement management servers 6-1, 6-2,... And the authentication server 3, but the advertisement area management servers 5-1, 5-2,. This is performed between the authentication servers 3.
In this case, the advertisement management destination introduction information illustrated in step S108 of FIG. 14 is not transmitted through the advertisement management servers 6-1, 6-2,..., But the advertisement area management servers 5-1, 5-2,. To the user terminal 2 directly.

In the above embodiment and each modification, the example in which the advertisement distribution servers 7-1, 7-2,... Request the advertisement signature has been described, but these requests are sent to the advertisement management servers 6-1, 6-2,. Can be configured.
In that case, the advertisement signature issuing unit 322 of the authentication server 3 receives the advertisement from any one of the advertisement management servers 6-1, 6-2,..., Confirms the safety of the received advertisement, and confirms the safety. If it is, an advertisement signature for the received advertisement is generated, and the generated advertisement signature is returned to the advertisement management server. Then, the advertisement management server that has received the advertisement signature transfers the advertisement and the advertisement signature to the advertisement distribution server that manages the advertisement.

As described above, the authentication server of the present invention consistently issues advertisement tags, signatures, and distribution control programs, so that even if a large number of servers are involved in advertisement distribution via advertisement media, users Uniform and high security can be provided to the terminal.
Further, according to the mediation server of the present invention, the mediation information is displayed on the user terminal by displaying the mediation information together with the mediation signature issued by the authentication server that provides the user terminal with uniform and high security. And high security can be provided.
According to the advertisement distribution server of the present invention, the advertisement is displayed on the user terminal by displaying the advertisement together with the advertisement signature issued by the authentication server that provides the user terminal with uniform and high security. And high security can be provided.

DESCRIPTION OF SYMBOLS 1 ... Advertisement delivery system 2 ... User terminal 3 ... Authentication server 30 ... Authentication communication part 31 ... Authentication storage part 310 ... Key storage part 311 ... Delivery control information storage part 32 ... Authentication processing unit 320 ... Advertisement tag issuing unit 321 ... Mediation signature issuing unit 322 ... Advertisement signature issuing unit 323 ... Distribution control program issuing unit 4-1, 4-2, ... .... Advertisement media server 5-1, 5-2, ... ... Advertising area management server 6-1, 6-2, ... ... Advertisement management server 7-1, 7-2, ... ... Advertisement distribution Server 8 ... Advertiser terminal 9 ... Internet

Claims (8)

An advertisement medium server that transmits an advertisement medium including an advertisement area to a user terminal is an advertisement tag that is transmitted to the user terminal and executed by the user terminal, and is executed by the user terminal And an advertisement tag issuing unit for transmitting the advertisement tag describing a process for requesting the user terminal to transmit a distribution control program for controlling the distribution of the advertisement to the advertisement medium server,
Using a public key cryptosystem, a mediation server that mediates the distribution of the advertisement generates a mediation signature for the mediation information transmitted to the user terminal using its own secret key, and transmits the mediation signature to the mediation server An intermediary signature issuing department,
At least the mediation verification process for verifying that the received information received by the user terminal is the mediation information received together with the mediation signature, and the reception by the user terminal if the mediation verification process is successful The use of executing the advertisement tag with the distribution control program in which the mediation control process is described that permits the use of information and prohibits the use of the received information by the user terminal when the mediation verification process fails. A distribution control program issuing unit for transmitting to the user terminal in response to a request from the user terminal;
An authentication server comprising: The mediation information includes an address of the mediation server or an address of an advertisement distribution server that distributes the advertisement,
The mediation control process causes the user terminal to connect to the address included in the mediation information when the mediation verification process is successful, and when the mediation verification process fails, the user terminal performs the connection by the user terminal. A process that prohibits the use of received information.
The authentication server according to claim 1. The authentication server according to claim 1 or 2,
An advertisement signature issuing unit that generates an advertisement signature for the advertisement using its own private key by a public key cryptosystem, and transmits the advertisement signature to an advertisement distribution server;
The distribution control program issuing unit includes the mediation verification process, the mediation control process, and an advertisement verification process that verifies that the advertisement received by the user terminal from the advertisement distribution server is received together with the advertisement signature for the advertisement. And a display control process that permits the display of the advertisement on the user terminal when the advertisement verification process is successful, and prohibits the display of the advertisement on the user terminal when the advertisement verification process fails. An authentication server that transmits the described delivery control program to the user terminal in response to a request from the user terminal that has executed the advertisement tag. The advertisement tag issuing unit transmits the advertisement tag describing processing for requesting the authentication server from the user terminal using HTTP (Hypertext Transfer Protocol) to transmit the delivery control program to the advertisement medium server. Enabled the distribution control program to operate with the authority of the authentication server.
The authentication server as described in any one of Claims 1-3. A user terminal; an authentication server; an advertisement distribution server that distributes advertisements to the user terminal; and mediation information that the user terminal uses to request the advertisement distribution server to distribute the advertisement. An advertisement distribution system in which a mediation server that transmits to the network is connected via a network ,
The authentication server receives the mediation information from the mediation server, generates a mediation signature for the mediation information using its private key by public key cryptography, and transmits the mediation signature to the mediation server Has an intermediary signature issuing department,
The mediation server, receiving said transmit the intermediary information to the authentication server the mediation signature, the mediation information was and transmits to the user terminal together with the intermediary signature pairs to the intermediary information Ad delivery system . 6. The mediation server transmits the mediation information and the mediation signature to the user terminal by an HTTP (Hypertext Transfer Protocol) response including a cross-origin resource sharing permission code designating the authentication server. The advertisement distribution system described in. An advertisement distribution system in which a user terminal, an authentication server, and an advertisement distribution server that distributes advertisements to the user terminal are connected via a network ,
The authentication server receives the advertisement from the advertisement distribution server, generates an advertisement signature for the advertisement using its own private key by a public key cryptosystem, and transmits the advertisement signature to the advertisement distribution server. Has an advertising signature issuing department,
The advertisement distribution server, the sending the advertisement to the authentication server receives the advertisement signature, the ads, ad serving together with the advertising signature pairs to the advertisement was characterized by transmitting to the user terminal System . 8. The advertisement distribution server transmits the advertisement and the advertisement signature to the user terminal by an HTTP (Hypertext Transfer Protocol) response including a cross-origin resource sharing permission code designating the authentication server. The advertisement distribution system described in.

Images