| 摘要 |
Upon receiving ciphertext data transmitted by each service apparatus, a cooperation apparatus according to an embodiment generates re-encrypted data by performing re-encryption processing for the ciphertext data using a re-encryption key. Each of the service apparatuses transmits, to the cooperation apparatus, a request to acquire user information of a user specified by an ID indicated by the ciphertext data and stored in the other service apparatus, together with the ciphertext data. Upon receiving the re-encrypted data transmitted by the cooperation apparatus, the service apparatus acquires an ID by decrypting the re-encrypted data using a private key, reads out user information, and transmits the user information to the other service apparatus. |
| 主权项 |
1. A cooperation service providing system in which a re-encryption key issuing apparatus, a plurality of service apparatuses for providing various services to a user by using an ID issued for identifying the user, and a cooperation apparatus for causing the plurality of service apparatuses to cooperate with each other are communicably connected to each other, wherein
the cooperation apparatus comprises a first storage device configured to store public keys of the re-encryption key issuing apparatus and the service apparatuses, a second storage device configured to store a re-encryption key for implementing re-encryption processing of enabling ciphertext data transmitted by each of the service apparatuses to be decrypted using a private key of the other service apparatus without decrypting the ciphertext data into plaintext data, a first generation device configured to generate, upon receiving the ciphertext data transmitted by each of the service apparatuses, re-encrypted data by performing re-encryption processing for the ciphertext data using the stored re-encryption key, a first transmission device configured to transmit the generated re-encrypted data to the other service apparatus different from the service apparatus which has transmitted the ciphertext data, and a second transmission device configured to transmit the stored public key to each of the service apparatuses, and each of the service apparatuses comprises a third storage device configured to store the issued ID in association with user information indicating information of the user unique to the service apparatus, a fourth storage device configured to store a private key of the service apparatus, a third transmission device configured to transmit, to the cooperation apparatus, ciphertext data in which the ID of the user generated by using the public key of the re-encryption key issuing apparatus stored in the first storage device of the cooperation apparatus is encrypted, and a request to acquire user information of a user specified by the ID indicated by the ciphertext data and stored in the other service apparatus, in response to an operation of the user, an acquisition device configured to acquire, upon receiving the re-encrypted data transmitted by the cooperation apparatus, the encrypted ID by decrypting the re-encrypted data using the stored private key, a readout device configured to read out the user information corresponding to the acquired ID from the third storage device, and a fourth transmission device configured to transmit the readout user information to the other service apparatus via the cooperation apparatus. |
