JP2006040043A - Charge management system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To use an IC card used for separate and independent utilization by an individual belonging to an organization, to collectively claim a settlement to a corporation concerned in prescribed unified units, and further to prevent personal utilization by an individual belonging to an organization. <P>SOLUTION: A system for limiting the claim and utilization of charges by receiving information from a terminal 7 concerned, when the IC card 6 for storing an electronic certification from a certification bureau 5 is used, comprises: a user policy DB 2; a charge management DB 8; a certificate verification server 4 for verifying the validity of an electronic certificate of at least the IC card; a CRL storage server 9 for storing CRL and transmitting the CRL according to a request from the terminal 7; and a management server 3 for storing the utilization history information in the charge management DB 8 when receiving the utilization history information from the terminal 7, reading the charge information included in the utilization history information from the charge management DB 8 for claim, and collectively claiming the charges to the corporation after giving an electronic signature. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a usage fee management system.

  Conventionally, in companies, it has been common to separately settle the small amount of transportation expenses used by employees when they receive a report from each employee. That is, there is a problem in that the settlement of small-lot transportation expenses is complicated and the work burden is large. Today, since it is possible to settle when getting on and off using an IC card such as Suica (registered trademark), companies may consider distributing IC cards to employees in advance. Each IC card distributed to each employee is made independent and the business burden on the company side is still large.

Here, for example, in Patent Document 1, billing data relating to travel product transactions provided by a plurality of individuals belonging to an organization is collectively calculated based on the transaction data and issued to a predetermined administrator of the organization A collective billing system for travel expenses and transportation expenses is output.
Japanese Patent Laid-Open No. 2004-110577

  However, Patent Document 1 is based on the premise of normal travel product transactions, and is not intended for simple settlement using an IC card or the like. In other words, it is assumed that a travel agency system provided by a travel agency that arranges travel products is used. Organizations such as corporations must arrange travel products such as transportation facilities and accommodation facilities, and the arrangements You will be burdened with work. Moreover, it is unrelated to preventing private use of travel products by individuals belonging to the organization, and no consideration is given to such points.

  The purpose of the present invention is to use, for example, an IC card that is provided for independent use by individuals belonging to an organization such as a corporation, and the liquidation for the corporation is collectively performed for the corporation in a predetermined unit. It is also possible to prevent private use by individuals belonging to the organization.

In order to achieve the above object, according to one aspect of the present invention, when an IC card in which an electronic certificate is stored by a certificate authority is used in a terminal, the usage fee is charged based on the information received from the terminal. In a restriction system, a user policy database for managing a policy for a user to use the IC card, a usage fee management database for managing user usage history information, and at least the validity of an electronic certificate for the IC card A certificate verification server that verifies the certificate, a certificate revocation list, a certificate revocation list storage server that transmits the certificate revocation list in response to a request from the terminal, and a usage history from the terminal When the information is received, the usage history information is stored in the charge management database. Utilization charge management system characterized by comprising a management server that performs charge for billing with respect to corporations by sending read the usage fee information included in the provided.

  In this aspect, the management server may make a collective billing of the usage fee by giving an electronic signature to the usage fee information and then transmitting it to the corporation. In this aspect, the usage fee management database may manage the usage history information for each corporation to which the user belongs. Further, in this aspect, the user policy database may request the management server to revoke the electronic certificate of the corresponding user when the registered policy satisfies a certain condition. .

  According to the present invention, for example, an IC card provided for separate use by an individual belonging to an organization such as a corporation is used, and the liquidation for the corporation is collectively billed to the corporation in a predetermined unit. In addition, it is possible to provide a usage fee management system that can prevent private use by individuals belonging to an organization.

  Embodiments of the present invention will be described below with reference to the drawings.

  FIG. 1 shows and describes the configuration of a usage fee management system according to an embodiment of the present invention.

  As shown in FIG. 1, this system includes a management server 3, a user policy database (hereinafter abbreviated as DB) 2, a charge management DB 8, a certificate verification server 4, or a certificate revocation list (CRL). The storage server 9 is used. CRL is a list of serial numbers of electronic certificates that have become invalid due to various reasons. 509 etc. The management server 3 controls the entire system. The certificate validation server 4 is composed of, for example, a DVCS (Data Validation Certification Server) or an OCSP (Online Certificate Status Protocol) server. The DVCS provides a data verification service and verifies the correctness of an electronic signature, the validity of an electronic certificate, and the like. The OCSP is a server based on a protocol for confirming the validity of an electronic certificate in real time, and is normally operated by a VA (Validation Authority) that centrally manages CRLs. The CRL storage server 9 includes an LDAP (Lightweight Directory Access Protocol) server or the like.

  The user policy DB 2 stores policies for each group.

  More specifically, FIG. 2 shows an example of the user policy DB 2. As shown in FIG. 2, a company name as a group, a status for each group, setting items, and conditions are stored in association with each other. For example, for company A as a group, Saturdays, Sundays, and holidays, 22:00 to 5:00, are set as use prohibition dates.

  The fee management DB 8 is used for centrally managing service usage history information using an IC card or the like. This usage history information can be managed in groups. That is, the group unit usage history is linked to a charging system (not shown) to enable collective billing.

  More specifically, FIG. 3 shows an example of the fee management DB 8. As shown in FIG. 3, the charge management DB 8 stores a company name as a group, a user name belonging to the group, a use date / time of each user, a section, and a charge in association with each other. For example, it can be seen from the figure that the user E of the company A as a group boarded between the section Kayabacho and Otemachi on the use date 2004/03/27 and used a fee of ¥ 160.

  The certificate authority 5 issues an electronic certificate stored in the IC card. In addition, the CRL, which is a list of electronic certificates that have become invalid due to various reasons, is periodically notified to the usage fee management system 1. By storing the electronic certificate in the IC card or the like in this way, it is possible to restrict the use of the IC card or the like based on the policy.

  The IC card in which the electronic certificate is stored can be used for payment at the time of getting on and off at a terminal 7 such as an automatic ticket gate. For example, an example of such an IC card is Suica (registered trademark). The usage fee of the IC card at the terminal is billed to the corporation by the usage fee management system 1 in a lump.

  Next, FIG. 4 further illustrates and describes the configuration of the terminal 7 of FIG.

  As shown in the figure, the terminal 7 has a CRL acquisition function 7a, a user's electronic signature attaching function 7b, an electronic signature attaching function 7c of the terminal 7, and a certificate verification function 7d.

  In such a configuration, the terminal 7 makes a CRL acquisition request to the usage fee management system 1 when the IC card is used. At this time, user data (the user's electronic signature and the terminal's electronic signature are attached) is sent. Upon receiving this, the charge usage management system 1 verifies the validity of the electronic certificate by the certificate verification server 4. As a result, if the CRL is a distribution target, the CRL is sent to the terminal 7.

  Hereinafter, with reference to the flowchart of FIG. 5, the flow of the IC card issuing process by the charge usage management system and its peripheral devices according to the present embodiment will be described in detail.

  For example, when the number of issued IC cards is determined in the corporation and the information stored in the electronic certificate is determined (step S1), an electronic certificate issuance request is made to the certificate authority 5 (step S2). Upon receiving this request, the certificate authority 5 examines the corporation issuing the IC card and examines the individual, and then stores the electronic certificate in the IC card (step S3), and the IC storing the electronic certificate. A card is issued to the corporation (step S4). The corporation distributes or notifies the IC card to members (employees, etc.) that are end users (step S5). Thereafter, the certificate authority 5 appropriately distributes the CRL to the certificate verification server 4 and the CRL storage server (steps S6 and S7).

  Next, the flow of the user policy setting process by the charge usage management system and its peripheral devices according to the present embodiment will be described in detail with reference to the flowchart of FIG.

  For example, when a user policy is formulated in a corporation or the like (step S11), a policy registration request is made to the management server 3 (step S12). Upon receiving this request, the management server 3 registers the policy in the user policy DB 2 (step S13).

  Thereafter, when the application condition of the policy registered in the user policy DB 2 is satisfied (step S14), a policy application request is made to the management server 3 (step S15). Then, the management server 3 makes a certificate revocation request for the corresponding end user to the certificate authority 5 (step S16). Upon receiving the request from the management server 3, the certificate authority 5 performs a digital certificate temporary revocation process and issues a CRL (step S17). The certificate authority 5 stores the CRL in the CRL storage server 9 (step S18).

  On the other hand, if the application condition of the policy registered in the user policy DB 2 is not satisfied (step S19), the user policy DB 2 makes a policy cancellation request to the management server 3 (step S20). Upon receiving this request, the management server 3 requests revalidation of the corresponding end user's electronic certificate (step S21). Upon receiving this request, the certificate authority 5 cancels the revocation of the electronic certificate, issues a CRL (step S22), stores the CRL in the CRL storage server 9 (step S23), and ends the operation.

  Next, with reference to the flowchart of FIG. 7, the flow of processing when using the charge usage management system and its peripheral devices according to the present embodiment (when using CRL) will be described.

  First, in the terminal 7, the CRL income interval is set so that the policy is reflected without delay (step S24). Thereafter, a CRL acquisition request is made to the CRL storage server 9 based on the acquisition interval (step S25). Upon receiving this request, the CRL storage server 9 transmits the CRL to the terminal 7 (step S26). When the end user actually uses (boards) the IC card (step S27). The terminal 7 verifies the electronic certificate stored in the IC card (step S28), and determines that the electronic certificate is invalid or violates the usage rules if the verification result is unauthorized. (Step S29).

  In this way, the terminal 7 suggests the use availability / unavailability notification to the end user by an output via its own display unit or voice output unit (step S30).

  On the other hand, when the end user makes further use (gets off) (step S31), the terminal 7 creates fare data with an electronic signature (step S32) and registers it in the use management DB 8 via the management server 3 (step S31). S33, S34).

  Next, with reference to the flowchart of FIG. 8, the flow of processing when charging a usage fee by the fee usage management system according to the present embodiment and its peripheral devices will be described in detail.

  When the management server 3 makes a fare data acquisition request to the fee management DB 8 (step S40), the fee management DB 8 transmits the fare data (step S41). When the management server 3 acquires the fare data, it gives an electronic signature (step S42), and charges the corporation for a usage fee (sends fare data with an electronic signature) (step S43). Upon receiving this request, the corporation requests the certificate verification server 4 to verify the certificate of the charge management server (step S44), and the certificate verification server 4 verifies and sends the result to the corporation. (Step S45). In this way, the corporation verifies the electronic signature (step S46) and traces the history (step S47).

  As described above, according to an embodiment of the present invention, when an IC card 6 in which an electronic certificate is stored by the certificate authority 5 is used in a terminal 7 such as an automatic ticket gate, the terminal 7 A usage fee management system is provided that charges usage fees and restricts usage fees. This system includes a user policy DB 2 that manages policies for a user to use the IC card 6, a usage fee management DB 8 that manages user usage history information, and at least the validity of the electronic certificate of the IC card 6. When the certificate verification server 4 that verifies the security and the CRL is stored, the CRL storage server 9 that transmits the CRL in response to the request from the terminal and the usage history information from the terminal 7 are received. The usage history information is stored in the fee management DB 8, and when charging, the usage fee information included in the usage history information is read from the fee management DB 8 and sent to the corporation after being given an electronic signature and sent to the corporation. With a simple configuration including the management server 3 that performs the above, it is possible to efficiently charge the usage fee.

  The usage fee management DB 8 is configured to manage the usage history information for each corporation to which the user belongs. That is, management can be performed based on the classification desired by the corporation. Furthermore, the user policy DB 2 requests the management server 3 to revoke the electronic certificate of the corresponding user when the registered policy satisfies a certain condition. In this way, it is possible to easily limit use by using an electronic certificate.

  The embodiment of the present invention has been described above, but the present invention is not limited to this, and it is needless to say that various improvements and changes can be made without departing from the spirit of the present invention. For example, the terminal includes various devices in addition to an automatic ticket gate.

The figure which shows the structure of the usage fee management system which concerns on one embodiment of this invention. The figure which shows an example of user policy DB2. The figure which shows an example of charge management DB8. The figure which further materializes and shows the structure of the terminal 7 of FIG. The flowchart explaining in detail the flow of the IC card issuing process by the charge utilization management system and its peripheral devices according to the embodiment of the present invention. The flowchart explaining in detail the flow of a user policy setting process by the charge usage management system and its peripheral devices according to an embodiment of the present invention. The flowchart explaining the flow (when using CRL) at the time of the utilization by the charge utilization management system which concerns on one embodiment of this invention, and its peripheral device. The flowchart explaining in detail the flow of the process at the time of the usage fee charge by the fee usage management system and its peripheral devices according to an embodiment of the present invention.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 ... Usage fee management system, 2 ... User policy DB, 3 ... Management server, 4 ... Certificate verification server, 5 ... Certification authority, 6 ... IC card, 7 ... -Terminal, 8 ... charge management DB, 9 ... CRL storage server.

Claims (4)

When a smart card with an electronic certificate stored by a certificate authority is used in a terminal, the system charges the usage fee by receiving information from the terminal and restricts usage.
A user policy database for managing a policy for a user to use the IC card;
A usage charge management database for managing user usage history information;
A certificate verification server for verifying at least the validity of the electronic certificate of the IC card;
A certificate revocation list storage server that stores a certificate revocation list and transmits the certificate revocation list in response to a request from the terminal;
When the usage history information is received from the terminal, the usage history information is stored in the fee management database, and when charging, the usage fee information included in the usage history information is read from the fee management database and transmitted to the corporation. A management server that performs billing of usage charges at once,
A usage charge management system comprising:   The usage fee management system according to claim 1, wherein the management server further charges the usage fee by giving an electronic signature to the usage fee information and then transmitting it to the corporation.   The usage fee management system according to claim 1, wherein the usage fee management database further manages the usage history information for each corporation to which a user belongs.   The said user policy database further requests | requires with respect to the said management server to revoke the electronic certificate of the applicable user, when the registered policy satisfy | fills a certain condition. Usage fee management system described in 1.

Images