Service Providing System, Outsourcer Apparatus, Service Providing Method, and Program

US 20090089575A1
Filed: 05/31/2006
Published: 04/02/2009
Est. Priority Date: 06/23/2005
Status: Abandoned Application

First Claim

Patent Images

1. A service providing system including a user apparatus, an entrustor apparatus for registering the user apparatus as a member for receiving a predetermined service when a registration request for enrolling the user apparatus as the member is received from the user apparatus, and an outsourcer apparatus for providing said predetermined service to the member which has requested said predetermined service on behalf of said entrustor apparatus, the arrangement being such that when said outsourcer apparatus is requested to provide said predetermined service by the user apparatus, said outsourcer apparatus authenticates whether the user apparatus is said member or not according to a group signature scheme, whereinsaid entrustor apparatus comprises:

a group key generator that generates public information, a member registration key, and an open key for use in said group signature scheme;

a public information provider that provides the public information generated by said group key generator to said outsourcer apparatus;

a signature key generator that generates a signature key corresponding to said user apparatus using said public information and said member registration key, in response to said registration request from said user apparatus; and

a signature information provider that provides the signature key generated by said signature key generator and said public information to said user apparatus;

said user apparatus comprises;

a group signature generator that generates group signature data using the signature key and the public information provided by said signature information provider, and a request for said predetermined service; and

a group signature data provider that provides the group signature data generated by said group signature generator and the request for said predetermined service to said outsourcer apparatus; and

said outsourcer apparatus comprises;

an authenticator that authenticates the group signature data provided by said group signature data provider as being legitimate or not using the public information provided by said public information provider; and

a service provider that provides said predetermined service to said user apparatus in response to the request for said predetermined service if said authenticator judges that said group signature data are legitimate.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

When an entrustor entrusts an outsourcer with the supply of a service for members, member information managed by the entrustor is kept secret from the outsourcer, and users can receive the service without communicating with the entrustor. For using the service, user apparatus 3 sends group signature data to outsourcer apparatus 2. Outsourcer apparatus 2 authenticates the group signature data using public information of entrustor apparatus 1. When the group signature data passes the authentication, confirming that user apparatus 3 is a member of entrustor apparatus 1, outsourcer apparatus 2 provides the service to user apparatus 3.

Citations

21 Claims

1. A service providing system including a user apparatus, an entrustor apparatus for registering the user apparatus as a member for receiving a predetermined service when a registration request for enrolling the user apparatus as the member is received from the user apparatus, and an outsourcer apparatus for providing said predetermined service to the member which has requested said predetermined service on behalf of said entrustor apparatus, the arrangement being such that when said outsourcer apparatus is requested to provide said predetermined service by the user apparatus, said outsourcer apparatus authenticates whether the user apparatus is said member or not according to a group signature scheme, whereinsaid entrustor apparatus comprises:
- a group key generator that generates public information, a member registration key, and an open key for use in said group signature scheme;
  
  a public information provider that provides the public information generated by said group key generator to said outsourcer apparatus;
  
  a signature key generator that generates a signature key corresponding to said user apparatus using said public information and said member registration key, in response to said registration request from said user apparatus; and
  
  a signature information provider that provides the signature key generated by said signature key generator and said public information to said user apparatus;
  
  said user apparatus comprises;
  
  a group signature generator that generates group signature data using the signature key and the public information provided by said signature information provider, and a request for said predetermined service; and
  
  a group signature data provider that provides the group signature data generated by said group signature generator and the request for said predetermined service to said outsourcer apparatus; and
  
  said outsourcer apparatus comprises;
  
  an authenticator that authenticates the group signature data provided by said group signature data provider as being legitimate or not using the public information provided by said public information provider; and
  
  a service provider that provides said predetermined service to said user apparatus in response to the request for said predetermined service if said authenticator judges that said group signature data are legitimate.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The service providing system according to claim 1, wherein said user apparatus further comprises:
    - a converted data provider that generates a group signature key based on said public information, and that converts said group signature key into converted data, and that provides the converted data to said entrustor apparatus;
      
      wherein said signature key generator generates a digital signature using the converted data provided by said converted data provider and said member registration key, thereby generating a member certificate as said signature key; and
      
      said group signature generator generates said group signature data using the request for said predetermined service, said member certificate, said group signature key, and said public information.
  - 3. The service providing system according to claim 1, wherein said entrustor apparatus further comprises:
    - an acquirer that acquires said group signature data from said outsourcer apparatus; and
      
      an identifier that identifies the user apparatus, which has provided said group signature data, from among members of said entrustor apparatus, using the group signature data acquired by said acquirer and the open key generated by said group key generator.
  - 4. The service providing system according to claim 3, wherein said entrustor apparatus further comprises:
    - a charger that calculates a usage fee for the predetermined service used by said user apparatus and charging said user apparatus with the calculated usage fee, based on the user apparatus identified by said identifier and the request for said predetermined service.
  - 5. The service providing system according to claim 1, wherein members of said entrustor apparatus are divided into a plurality of groups;
    - said group key generator generates public information, a member registration key, and an open key for use in said group signature scheme for each of said groups;
      
      said public information provider provides the public information generated for each of said groups to said outsourcer apparatus;
      
      said signature key generator, responsive to said registration request and group selecting information from said user apparatus, selects one of the groups to which said user apparatus belongs based on said group selecting information, and generates a signature key corresponding to said user apparatus using the public information and the member registration key of the selected group;
      
      said signature information provider provides the signature key generated by said signature key generator, the public information of the group selected by said signature key generator, and group information indicative of the group selected by said signature key generator, to said user apparatus;
      
      said group signature data provider provides the group signature data generated by said group signature generator, the request for said predetermined service, and the group information provided by said signature information provider, to said outsourcer apparatus;
      
      said authenticator authenticates the group signature data provided by said group signature data provider as legitimate or not, using the public information of the group indicated by the group information provided by said group signature data provider; and
      
      said service provider provides the service corresponding to the group indicated by said group information to said user apparatus in response to the request for said predetermined service if said authenticator judges that said group signature data are legitimate.
  - 6. The service providing system according to claim 1, comprising a plurality of said entrustor apparatus, whereinsaid signature information provider provides said signature key, said public information, and entrustor apparatus information indicative of the entrustor apparatus to said user apparatus;
    - said group signature data provider provides the group signature data generated by said group signature generator, the request for said predetermined service, and the entrustor apparatus information provided by said signature information provider, to said outsourcer apparatus; and
      
      said authenticator authenticates the group signature data provided by said group signature data provider as legitimate or not, using the public information which is provided by the entrustor apparatus indicated by the entrustor apparatus information provided by said group signature data provider.

7. A service providing method to be carried out by a service providing system including a user apparatus, an entrustor apparatus for registering the user apparatus as a member for receiving a predetermined service when a registration request for enrolling the user apparatus as the member is received from the user apparatus, and an outsourcer apparatus for providing said predetermined service to the member which has requested said predetermined service on behalf of said entrustor apparatus, the arrangement being such that when said outsourcer apparatus is requested to provide said predetermined service by the user apparatus, said outsourcer apparatus authenticates whether the user apparatus is said member or not according to a group signature scheme, said service providing method comprising:
- group key generating, which is executed by said entrustor apparatus, public information, a member registration key, and an open key for use in said group signature scheme;
  
  public information providing, which is executed by said entrustor apparatus, the public information to said outsourcer apparatus;
  
  signature key generating, which is executed by said entrustor apparatus, a signature key corresponding to said user apparatus using said public information and said member registration key, in response to said registration request from said user apparatus;
  
  signature information providing, which is executed by said entrustor apparatus, the signature key and said public information to said user apparatus;
  
  group signature generating, which is executed by said user apparatus, group signature data using the signature key and the public information provided by said signature information provider, and a request for said predetermined service;
  
  group signature data providing, which is executed by said user apparatus, the group signature data and the request for said predetermined service to said outsourcer apparatus;
  
  authenticating, which is executed by said outsourcer apparatus, the group signature data provided by said user apparatus as being legitimate or not, using the public information provided by said entrustor apparatus; and
  
  service providing, which is executed by said outsourcer apparatus, said predetermined service to said user apparatus in response to the request for said predetermined service if said group signature data are legitimate.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The service providing method according to claim 7, further comprising:
    - converted data providing, which is executed by said user apparatus, includes providing a group signature key based on said public information, converting said group signature key into converted data, and providing the converted data to said entrustor apparatus;
      
      wherein said signature key generating includes generating a digital signature using the converted data and said member registration key, thereby generating a member certificate as said signature key; and
      
      said group signature generating includes generating said group signature data using the request for said predetermined service, said member certificate, said group signature key, and said public information.
  - 9. The service providing method according to claim 7, further comprising:
    - acquiring, which is executed by said entrustor apparatus, said group signature data from said outsourcer apparatus; and
      
      identifying, which is executed by said entrustor apparatus, the user apparatus which has provided said group signature data from among members of said entrustor apparatus, using the group signature data and the open key.
  - 10. The service providing method according to claim 9, further comprising:
    - charging, which is executed by said entrustor apparatus, including calculating a usage fee for the predetermined service used by said user apparatus and charging said user apparatus with the calculated usage fee, based on the identified user apparatus and the request for said predetermined service.
  - 11. The service providing method according to claim 7, wherein members of said entrustor apparatus are divided into a plurality of groups;
    - said group key generating includes generating public information, a member registration key, and an open key for use in said group signature scheme for each of said groups;
      
      said public information providing includes providing the public information generated for each of said groups to said outsourcer apparatus;
      
      said signature key generating includes, responsive to said registration request and group selecting information from said user apparatus, selecting one of the groups to which said user apparatus belongs based on said group selecting information, and generating a signature key corresponding to said user apparatus using the public information and the member registration key of the selected group;
      
      said signature information providing includes providing the generated signature key, the public information of the selected group, and group information indicative of the selected group, to said user apparatus;
      
      said group signature data providing includes providing the generated group signature data, the request for said predetermined service, and the provided group information, to said outsourcer apparatus;
      
      said authenticating includes authenticating the provided group signature data as legitimate or not, using the public information of the group indicated by the group information provided by said user apparatus; and
      
      said service providing includes providing the service corresponding to the group indicated by said group information to said user apparatus in response to the request for said predetermined service if said outsourcer apparatus judges that said group signature data are legitimate.
  - 12. The service providing method according to claim 7, wherein said service providing system comprises a plurality of said entrustor apparatus;
    - said signature information providing which is executed by each of said entrustor apparatus, includes providing said signature key, said public information, and entrustor apparatus information indicative of the entrustor apparatus to said user apparatus;
      
      said group signature data providing includes providing the group signature data, the request for said predetermined service, and the entrustor apparatus information provided by said entrustor apparatus, to said outsourcer apparatus; and
      
      said authenticating includes authenticating the group signature data provided by said user apparatus as legitimate or not, using the public information which is provided by the entrustor apparatus indicated by the entrustor apparatus information provided by said user apparatus.

13. An outsourcer apparatus connected to a user apparatus and an entrustor apparatus for registering the user apparatus as a member for receiving a predetermined service when a registration request for enrolling the user apparatus as the member is received from the user apparatus, for providing said predetermined service to the member which has requested said predetermined service on behalf of said entrustor apparatus, the arrangement being such that when said outsourcer apparatus is requested to provide said predetermined service by the user apparatus, said outsourcer apparatus authenticates the user apparatus as said member or not according to a group signature scheme, said outsourcer apparatus comprising:
- a receiver that receives public information for use in the group signature scheme from said entrustor apparatus;
  
  an authenticator that authenticates group signature data as legitimate or not using said public information when the group signature data and a request for said predetermined service are received from said user apparatus; and
  
  a service provider that provides said predetermined service to said user apparatus in response to the request for said predetermined service if said authenticator judges that said group signature data are legitimate.
- View Dependent Claims (14, 15)
- - 14. The outsourcer apparatus according to claim 13, wherein members of said entrustor apparatus are divided into a plurality of groups;
    - said receiver receives the public information for use in said group signature scheme for each of said groups from said entrustor apparatus;
      
      said authenticator authenticates the group signature data as legitimate or not, using the public information of the group indicated by group information when said authenticator has received said group signature data, the request for said predetermined service, and the group information indicating the group to which said user apparatus belongs, from said user apparatus; and
      
      said service provider provides the service corresponding to the group indicated by said group information to said user apparatus in response to the request for said predetermined service if said authenticator judges that said group signature data are legitimate.
  - 15. The outsourcer apparatus according to claim 13, which is connected to a plurality of said entrustor apparatus, whereinwhen said authenticator has received said group signature data, the request for said predetermined service, and entrustor apparatus information indicative of said entrustor apparatus from said user apparatus, authenticates the group signature data as legitimate or not, using the public information which is provided by the entrustor apparatus indicated by the entrustor apparatus information.

16. A service providing method to be carried out by an outsourcer apparatus connected to a user apparatus and an entrustor apparatus for registering the user apparatus as a member for receiving a predetermined service when a registration request for enrolling the user apparatus as the member is received from the user apparatus, for providing said predetermined service to the member which has requested said predetermined service on behalf of said entrustor apparatus, the arrangement being such that when said outsourcer apparatus is requested to provide said predetermined service by the user apparatus, said outsourcer apparatus authenticates the user apparatus as said member or not according to a group signature scheme, said service providing method comprising:
- receiving public information for use in the group signature scheme from said entrustor apparatus;
  
  authenticating group signature data as legitimate or not using said public information when the group signature data and a request for said predetermined service are received from said user apparatus; and
  
  providing said predetermined service to said user apparatus in response to the request for said predetermined service if said group signature data are legitimate.
- View Dependent Claims (17, 18)
- - 17. The service providing method according to claim 16, wherein members of said entrustor apparatus are divided into a plurality of groups;
    - said receiving includes receiving the public information for use in said group signature scheme for each of said groups from said entrustor apparatus;
      
      said authenticating includes authenticating the group signature data as legitimate or not, using the public information of the group indicated by the group information when said group signature data, the request for said predetermined service, and the group information indicating the group to which said user apparatus belongs, are received from said user apparatus; and
      
      said service providing includes providing the service corresponding to the group indicated by said group information to said user apparatus in response to the request for said predetermined service if said group signature data are legitimate.
  - 18. The service providing method according to claim 16, wherein said outsourcer apparatus is connected to a plurality of said entrustor apparatus, whereinsaid authenticating includes, when said group signature data, the request for said predetermined service, and entrustor apparatus information indicative of said entrustor apparatus are received from said user apparatus, authenticating the group signature data as legitimate or not, using the public information which is provided by the entrustor apparatus indicated by the entrustor apparatus information.

19. A program for controlling a computer connected to a user apparatus and an entrustor apparatus for registering the user apparatus as a member for receiving a predetermined service when a registration request for enrolling the user apparatus as the member is received from the user apparatus, for providing said predetermined service to the member which has requested said predetermined service on behalf of said entrustor apparatus, the arrangement being such that when said computer is requested to provide said predetermined service by the user apparatus, said computer authenticates the user apparatus as said member or not according to a group signature scheme, said program enabling said computer to perform a service process comprising:
- receiving public information for use in the group signature scheme from said entrustor apparatus;
  
  authenticating group signature data as legitimate or not using said public information when the group signature data and a request for said predetermined service are received from said user apparatus; and
  
  providing said predetermined service to said user apparatus in response to the request for said predetermined service if said group signature data are legitimate.

20. A computer readable recording medium on which a program is embedded, the program for controlling a computer connected to a user apparatus and an entrustor apparatus for registering the user apparatus as a member for receiving a predetermined service when a registration request for enrolling the user apparatus as the member is received from the user apparatus, for providing said predetermined service to the member which has requested said predetermined service on behalf of said entrustor apparatus, the arrangement being such that when said computer is requested to provide said predetermined service by the user apparatus, said computer authenticates the user apparatus as said member or not according to a group signature scheme, said program enabling said computer to perform a service process comprising:
- receiving public information for use in the group signature scheme from said entrustor apparatus;
  
  authenticating group signature data as legitimate or not using said public information when the group signature data and a request for said predetermined service are received from said user apparatus; and
  
  providing said predetermined service to said user apparatus in response to the request for said predetermined service if said group signature data are legitimate.

21. An outsourcer apparatus connected to a user apparatus and an entrustor apparatus for registering the user apparatus as a member for receiving a predetermined service when a registration request for enrolling the user apparatus as the member is received from the user apparatus, for providing said predetermined service to the member which has requested said predetermined service on behalf of said entrustor apparatus, the arrangement being such that when said outsourcer apparatus is requested to provide said predetermined service by the user apparatus, said outsourcer apparatus authenticates the user apparatus as said member or not according to a group signature scheme, said outsourcer apparatus comprising:
- receiving means for receiving public information for use in the group signature scheme from said entrustor apparatus;
  
  authenticating means for authenticating group signature data as legitimate or not using said public information when the group signature data and a request for said predetermined service are received from said user apparatus; and
  
  service providing means for providing said predetermined service to said user apparatus in response to the request for said predetermined service if said authenticating means judges that said group signature data are legitimate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NEC Corporation
Original Assignee
NEC Corporation
Inventors
Sako, Kazue, Yonezawa, Shoko

Application Number

US11/922,431
Publication Number

US 20090089575A1
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

G06Q 10/06 Resources, workflows, human...

H04L 9/3255 using group based signature...

Service Providing System, Outsourcer Apparatus, Service Providing Method, and Program

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Service Providing System, Outsourcer Apparatus, Service Providing Method, and Program

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links