Electrical computers and digital processing systems: support – System access control based on user identification by...
Reexamination Certificate
2002-06-11
2003-05-13
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
System access control based on user identification by...
C713S170000, C713S186000
Reexamination Certificate
active
06564323
ABSTRACT:
BACKGROUND OF THE INVENTION
The present invention relates to an apparatus for electronically storing and controlling personal information. More particularly, the present invention relates to a processing method and apparatus used by a second party rendering services of providing personal information on a first party, who registered the information to the second party, only to a specified third party permitted by the first party to refer to the information online. Even more particularly, the present invention relates to a processing method and apparatus used by a second party rendering services of providing various kinds of personal information such as a resident card a certificate of a seal impression, birth certificates and the like, which have been registered to the second party by a first party to be used as a legal proof of the first party, only to a specified third party permitted by the first party to refer to the information online.
A local self-governing body such as a municipal office, that is, a second party, electronically keeps information on individuals and corporations such as information on composition of household members birth and death records, stamp data of a registered seal, articles of incorporation, etc. Such a second party renders services such as granting a copy of such information when requested by a first party, that is, a person who registered the information to the local self-governing body. It should be noted that, in the present specification, such information is generically referred to hereafter as personal information, whereas a person who registers personal information of the person to a second party is referred to hereafter as a personal information registrant.
At the present time, a request for a certificate based on the personal information is automated by using a magnetic card having magnetic stripes. The use of the magnetic card is intended to increase the efficiency of the processing to grant the certificate. In this automated method, the personal information registrant, who serves as an operator of an automatic certificate granting apparatus for granting such a certificate, inserts a magnetic card bearing the identification information assigned to the registrant, then enters a password to obtain a copy of a desired certificate. Receiving a password, the automatic certificate granting apparatus makes an inquiry to a data base for storing personal information on a host computer about the validity of the password. After verifying that the password is valid, the automatic certificate granting apparatus prints the desired personal information as a certificate. In addition, in order to avoid falsification of the certificate, the term of validity as a certificate and a seal impression of the local self-governing body granting the certificate are automatically put on the printed copy. Normally, the personal information registrant submits the certificate obtained by following the procedure explained above to an executive agency such as a motor vehicle administration or the Public Safety Agency or to an enterprise, a third party, as an attachment to some notice or contract. The belief of the executive agency or the enterprise in the contents of the certificate is based on the seal impression of the local self-governing body granting the certificate which is put on the printed copy of the certificate. The method described above is disclosed in Japanese Patent Laid-open No. Hei 8-129587.
However, the above described method for granting a certificate adopted by use of an automatic certificate granting apparatus has the following two disadvantages:
(1) The method is inconvenient since it is necessary for a person who wants to obtain a granted certificate to visit the office of a local self-governing body.
(2) The method is further inconvenient since items described in an already granted certificate may change after the issuance of the certificate. Thus, the certificate must always be provided with a term of validity of about several months. Therefore, when the term of validity expires before the certificate obtained from the office is used, it is necessary for the applicant to get the certificate granted again with a renewed term of validity even if the items thereof remain the same.
The above described disadvantages can be said to be attributed to the fact that a granted certificate is printed on a piece of paper. The above disadvantages can possibly be overcome if personal information described in a certificate can be obtained online from a host computer which is used for keeping the personal information at the time the certificate is needed. Then, the personal information output by the host computer can be used in place of the certificate.
If the host computer goes online and easy online access to the computer can be made by a user, other disadvantages described below will be raised. Thus, there are some difficulties in achieving a method which allows a party to acquire personal information described in a certificate from the host computer online and use the information output by the computer in place of a certificate.
If the personal information registrant is allowed to make online access to the host computer, it is no longer possible to provide a valid certificate of the personal information acquired from the computer. Particularly, if the personal information registrant is allowed to acquire personal information online from the host computer, the registrant will be capable of falsifying the acquired information before printing it on equipment such as a printer. As a result, a third party cannot trust the validity of the printed personal information as a certificate.
To overcome the above described disadvantages, the right of online access to the host computer may, instead, be granted to the third party such as an executive agency or an enterprise to which a certificate is to be submitted. This is done in order to eliminate the possibility of the personal information registrant falsifying data of the certificate. If the personal information referencer acquires the personal information described in the certificate directly from the host computer, there will no longer be a reason for the information referencer to worry about the chance of such falsification. In this case, however, there is a disadvantage that the privacy of the personal information registrant can not be adequately protected, since the personal information referencer is capable of freely referring to any personal information stored in the host computer without the consent of the registrant of the personal information.
Accordingly, simply making the host computer which stores personal information available for access online does not satisfy the need for efficient and trustable processing of personal information due to the disadvantages described above. Namely, online access to the personal information stored by a host computer does not allow for the same trustability as contemporary certificates with respect to personal information obtained from the host computer. Further, the privacy of the personal information registrant cannot be fully protected. As a result, the objective to acquire personal information used to from the host computer online and use the personal information in place of a certificate cannot be fully achieved.
Another method has been proposed to overcome the disadvantage of the conventional personal information controlling method and apparatus. This method involves a technique of simply applying a digital signature technology which can be used as a measure for avoiding falsification of personal information. Digital signature technology for example, is disclosed in “PGP: Pretty Good Privacy,” by Simson Garfinkel and published by O'Reilley & Associates Inc., on pages 218 to 227. However, this technique is inconvenient for both the personal information registrant and the personal information referencer due to the fact that a recording medium which has stored thereon acquired personal information cannot be conveniently attached to a printed contract.
Assume that t
Nitta Jun
Takahashi Hideo
Takeda Kei
Tasaka Mitsunobu
Antonelli Terry Stout & Kraus LLP
Hitachi , Ltd.
Peeso Thomas R.
Zand Kambiz
LandOfFree
Personal information controlling method and personal... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Personal information controlling method and personal..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Personal information controlling method and personal... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3064063