JP7310043B2 - Program, device and method for using API - Google Patents

Description

The present disclosure relates to programs, devices, and methods for utilizing APIs. More specifically, the disclosure of this specification relates to a program, apparatus, and method for using an API according to the confidentiality of a data set to be processed.

APIs (Application Programming Interfaces) are widely used to build application software efficiently. For example, application software can be built by mashing up multiple WebAPIs. Developers can design application software to call APIs that provide desired functionality and to process responses from the APIs based on published API specifications. By using an API that has already been developed and made public, application software development can be made more efficient than in the case of coding a program for executing functions equivalent to the API.

APIs may be deployed through API gateways that act as reverse proxies. A conventional API gateway is described, for example, in Japanese Unexamined Patent Application Publication No. 2018-029241 (Patent Document 1). The API gateway can pass API requests from client applications to back-end APIs and return responses from APIs to the requesting client applications. That is, the application software can call the API via the API gateway and receive a response from the API.

JP 2018-029241 A

The level of information security that a client application requires of an API or a vendor that provides that API may vary depending on the data to be processed. For example, when a client application calls an API to process highly confidential data, the called API must ensure a high level of information security. For this reason, the developer of the client application selects an API that ensures a security level corresponding to the confidentiality of the processing data to be passed to the API, and designs the client application so that the selected API is called. . For this purpose, the client application developer must examine the published API specifications and select an API that meets the required information security requirements, and this process requires a great deal of effort. It is said that

Also, since API specifications can change at any time, the client application is constructed so that an API for processing highly confidential processing data is selected when the client application is developed, and that API is called when processing highly confidential processing data. Even if it does, there is a possibility that the selected API will be modified to lower the security level. In this case, it is necessary to modify the client application so that the sensitive data is processed by another API. However, it is difficult for developers and administrators of client applications to constantly monitor the security levels of all APIs used by client applications and to make necessary changes in a timely manner.

Conventional API gateways provide various functions useful to client applications, such as API key authentication and traffic control. However, an API gateway that provides a function for supporting API selection, particularly an API gateway that supports API selection according to the degree of confidentiality of processing data has not been known so far.

It is an object of the invention disclosed herein to solve or alleviate at least some of the above problems in the use of APIs by client applications. One of the more specific objects of the invention disclosed in this specification is to provide a program, apparatus, and method capable of selecting an API according to the confidentiality of the processing data set.

Other objects of the invention disclosed herein will become apparent upon reference to the specification as a whole. The invention disclosed in this specification may solve the problems understood from the description of this specification instead of or in addition to the above problems.

One or more embodiments of the present invention relate to an analysis program for analyzing accounting data. An analysis program according to one or more embodiments of the present invention has a function of receiving a processing request containing at least one degree of secrecy set in a data set to be processed, and receiving a processing request including the secrecy classification information, to one or more processors; and a function of selecting an execution API for processing the processing request from among a plurality of external APIs according to the security classification information.

The program in one embodiment of the present invention causes one or more processors to further perform the function of calling the execution API and receiving a response from the execution API.

In one embodiment of the present invention, the execution API is selected from among the plurality of APIs based on the security classification information and a security level set for each of the plurality of APIs.

In one embodiment of the present invention, a program is provided in one or a plurality of processors, based on the security classification information and a security level set for each of the plurality of APIs, the degree of secrecy from among the plurality of APIs. It further performs the function of selecting a plurality of candidate APIs having security levels that match the . In one embodiment of the invention, the execution API is selected from among the plurality of candidate APIs.

In one embodiment of the invention, the processing request is generated by a client application, and the execution API is selected from among the plurality of candidate APIs according to desired conditions defined for the client application.

In one embodiment of the present invention, when a plurality of confidentialities are set for the data set to be processed, each of the plurality of candidate APIs has a security level that matches the highest confidentiality among the plurality of confidentialities. is selected from among the plurality of APIs to have

In one embodiment of the invention, each of the one or more processors is located in an on-premises environment. In one embodiment of the present invention, the function to select is one or more on-premises environments in the on-premises environment when a flag included in the processing request indicates that the data set to be processed should be processed in the on-premises environment. It includes a function of selecting the execution API from among the APIs.

In one embodiment of the present invention, provided functions and security levels are set for each of the plurality of APIs. In one aspect of the present invention, the function of selecting includes a function of selecting the execution API according to the function requested by the processing request and the classified information.

An apparatus according to an embodiment of the present invention comprises a receiving unit for receiving a processing request containing at least one degree of confidentiality set in a data set to be processed, and a plurality of external devices according to the confidentiality information. an API selection unit that selects an execution API for processing the processing request from among the APIs.

One embodiment of the invention relates to a method of selecting an API by executing computer readable instructions by one or more processors. A method according to an embodiment of the present invention comprises the steps of: receiving a processing request including classification information representing at least one degree of sensitivity set in a data set to be processed; and selecting an execution API to process the processing request from among.

According to the embodiments of the present invention, there are provided a program, an apparatus, and a method for allowing client applications to easily use APIs according to the degree of confidentiality of processing data.

1 is a block diagram schematically showing one embodiment of an API providing system to which the present invention can be applied; FIG. 2 is a block diagram showing an API platform device included in the API providing system of FIG. 1; FIG. 2 is a diagram showing an example of API management data used in the API providing system of FIG. 1; FIG. FIG. 4 is a schematic diagram for explaining a processing request transmitted from a client application; FIG. FIG. 4 is a flow diagram showing the flow of processing in which a client application calls an API via an API platform device and receives a response from the API in one embodiment. FIG. 4 is a flow diagram illustrating a process flow for selecting an execution API in one embodiment; FIG. 4 is a block diagram schematically showing another embodiment of an API providing system to which the present invention is applicable; 8 is a block diagram showing an API platform device included in the API providing system of FIG. 7; FIG. FIG. 10 is a flow diagram showing the flow of processing for selecting an execution API in an embodiment in which a clearance flag is included in the processing request;

Hereinafter, embodiments of an API providing system to which the invention disclosed in this specification is applied will be described with reference to the drawings as appropriate. Hereinafter, the same or equivalent constituent elements, members, and processes shown in each drawing are denoted by the same reference numerals, and duplication of description will be omitted as appropriate. First, an API providing system 1 according to an embodiment of the present invention will be described with reference to FIGS. 1 to 6. FIG. In the API providing system 1, an API platform device is provided between a client and a plurality of external APIs provided by a plurality of external vendors, and the API platform device selects an external API according to the confidentiality of data of the client, can call external APIs. This mechanism makes it possible to respond to client security and privacy requirements while expanding the ecosystem to external vendors via the API platform device.

FIG. 1 is a block diagram showing an outline of an API providing system 1. As shown in FIG. As shown in FIG. 1, the API providing system 1 includes an on-premises environment 5 in which a user terminal 10 executing a client application 10a is located, and a vendor A different from the owner (or administrator) of the on-premises environment 5. , vendor environment A, vendor environment B, vendor environment C, and vendor environment D in which information devices of vendor B, vendor C, and vendor D are arranged. Each of the information devices placed in the on-premises environment 5 is connected to each of the information devices placed in the vendor environments A to D via a network 40 so as to be able to communicate with each other. The network 40 may be a single network, or may be configured by connecting a plurality of networks. Network 40 is, for example, the Internet, a mobile communication network, or a combination thereof. Any network that enables communication between information devices can be applied as the network 40 .

API is an interface for calling and using the functions of a certain computer program (software) and data managed by another external program. An "API" herein can include an enabler that performs a function invoked by a request.

The on-premises environment 5 includes user terminals 10 and API platform devices 20 . The user terminal 10 is a personal computer (PC), a tablet terminal, a smart phone, or various other information processing devices. The user terminal 10 has a processor (not shown), and implements the functions of the client application 10a by executing a predetermined set of instructions with the processor. The client application 10a is, for example, audit application software that supports accounting audit work. The audit application software can include functions to support the preparation of audit documentation, functions to perform sampling and statistical analysis of accounting data, and functions to support other audit tasks. The client application 10a that can be used in the API providing system 1 is not limited to audit application software, and may be tax application software that supports taxation, for example. The API platform device 20 may be provided outside the on-premises environment 5 .

The client application 10a is designed and developed to implement predetermined functions by calling external (or off-premises) APIs and processing responses received from the APIs as needed. In the illustrated embodiment, client application 10a can call at least one of APIs 31-36 and receive a response from the called API. The client application 10a may be built by mashing up multiple web APIs, for example. As will be described later, the client application 10a does not call the API directly, but rather sends a processing request requesting processing of the processing target data set by the API to the API platform device 20, and then calls the API (that is, , the enabler of the API). That is, the client application 10a calls the API via the API platform device 20 and receives a request from the API.

The client application 10a may be able to bypass the API platform device 20 and call at least one of the APIs 31-36. In other words, the client application 10a may be able to directly call the APIs 31-36 without going through the API platform device 20. FIG. For example, when a Web API is directly called, the client application 10a can specify the endpoint of the Web API to be used and send an API request. The client application 10a may have both the function of calling the API via the API platform device 20 and the function of directly calling the API.

Each of the APIs 31-36 that can be called from the client application 10a via the API platform device 20 provides a predetermined function or service to the client application 10a. For example, APIs 31 to 36 provide audit application software with matching (bouching) to verify whether two numbers that should match match, OCR ( Optical Character Recognition), machine learning analysis of accounting data, and other functions. In this specification, the API providing system 1 will be described assuming that the APIs 31, 33 and 35 provide OCR functions and the APIs 32, 34 and 36 provide matching functions.

In the illustrated embodiment, the APIs 31 - 36 are located outside the off-premises environment, ie the on-premises environment 5 . Specifically, APIs 31 and 32 are deployed in vendor environment A, API 33 is deployed in vendor environment B, API 34 is deployed in vendor environment C, and APIs 35 and 36 are deployed in vendor environment D. Information devices managed by vendors A to D are placed in each of vendor environments A to D. FIG. APIs published by each vendor environment are executed by the information devices installed in the vendor environment. For example, API 31 is in vendor environment A, so it is executed by a processor (not shown) arranged in vendor environment A. The data processed and/or the processed data by the APIs 31-36 may be stored in storage located in each vendor's environment, or may be stored in external storage such as the external storages 41 and 42. Each vendor can decide whether or not to use an external storage such as the external storages 41 and 42 based on its own information security policy. In the illustrated embodiment, vendor environment A uses external storage 41 and vendor environment D uses external storage 42 . On the other hand, vendor environment B and vendor environment C do not use external storage. Therefore, the data processed by the API 33 executed in the vendor environment B and the data processed by the API 33 are stored in the storage in the vendor environment B, and the data processed by the API 34 executed in the vendor environment C and the data processed by the API 34 are stored in the storage in the vendor environment B. The data obtained is stored in the storage within the vendor environment C.

Each of vendor environments AD may include an API gateway. The API gateway provides endpoints for client application 10a and other client applications. Also, the API gateway functions as a reverse proxy in the API providing system 1 . Therefore, the API gateway can pass a processing request from a client application to a backend API and return a response from the API to the requesting client application. In addition, the API gateway can provide API key authentication, traffic control, and other known API gateway functions for each of the APIs exposed through it.

APIs 31 to 36 are examples of APIs applicable to the API providing system 1 . The API providing system 1 may have more APIs than the APIs 31-36, or may have less APIs than the APIs 31-36. The environment that is the off-premises environment with respect to the on-premises environment 5 is not limited to the vendor environments A to D. On-premises environment 5 may be connected via network 40 to a greater or lesser number of vendor environments.

The API platform device 20 has a function of selecting an API for processing the processing request according to the confidentiality set for the processing target data set requested by the processing request from the client application 10a, and other functions. can be provided to the client application 10a.

Further referring to FIG. 2, the API platform device 20 will be described. FIG. 2 is a block diagram showing the API platform device 20. As shown in FIG. As illustrated, the API platform device 20 comprises a processor 21 , memory 22 , user interface 23 , communication interface 24 and storage 25 .

The processor 21 is an arithmetic device that loads an operating system and various other programs from the storage 25 or other storage into the memory 22 and executes instructions included in the loaded programs. The processor 21 is, for example, a CPU, MPU, DSP, GPU, various arithmetic units other than these, or a combination thereof. The processor 11 may be realized by integrated circuits such as ASIC, PLD, FPGA, and MCU. Instructions included in the API management program 25b are also executed by the processor 21, as will be described later.

The memory 22 is used to store instructions executed by the processor 21 and various other data. The memory 22 is a main storage device (main memory) that the processor 21 can access at high speed. The memory 22 is composed of a RAM such as a DRAM or an SRAM, for example.

The user interface 23 includes an input interface that receives user input and an output interface that outputs various information under the control of the processor 11 . The input interface is, for example, a keyboard, a pointing device such as a mouse, a touch panel, or any other information input device capable of inputting a user's input. The output interface is, for example, a liquid crystal display, a display panel, or any other information output device capable of outputting the computation results of the processor 21 .

Communication interface 24 is implemented as hardware, firmware, or communication software such as TCP/IP drivers or PPP drivers, or a combination thereof. The user terminal 10 can transmit and receive data to and from the information equipment arranged in the vendor environments A to D and the information equipment arranged in the on-premises environment 5 via the communication interface 24 .

Storage 25 is an external storage device accessed by processor 21 . The storage 25 is, for example, a magnetic disk, an optical disk, a semiconductor memory, or various other storage devices capable of storing data. The storage 25 can store API management data 25a, an API management program 25b, and various other data.

The API management data 25a is a data set containing various data for managing APIs used in the API providing system 1 . The API management data 25a will be further described with reference to FIG. In the API management data 25a, a vendor ID that identifies a vendor that provides an API is associated with data related to the vendor and data related to one or more APIs provided by the vendor. In the embodiment shown in FIG. 3, the API management data 25a includes "vendor name" as a data item related to the vendor, and "API name" of each API as data items related to the API provided by the vendor. Includes "provided functions", "security level", "responsiveness", and "cost". The data value of each data item of the API management data 25a may be numerical data, text data, or a combination thereof.

"Vendor name" is text data indicating the name of the vendor. In the example of FIG. 3, "vendor A" that provides vendor environment A is stored as the vendor name in association with the vendor ID "001". Similarly, "vendor B" to "vendor D" providing vendor environment B to vendor environment D are stored as vendor names in association with vendor IDs "002" to "004", respectively.

As described above, the API management data 25a stores information about APIs published by each vendor in association with the vendor ID of each vendor. As described with reference to FIG. 1, Vendor A publishes API 31 that provides an OCR function and API 32 that provides a match function in Vendor Environment A. , "API31" and "API32" are stored as API names of APIs published by Vendor A. Similarly, for other vendors and on-premise environments 5, API names of APIs published by each vendor and on-premise environment 5 are stored in association with vendor IDs.

"Provided function" is a data item for indicating the function provided by the API. The data value of the provided function may be text data indicating the function or a function ID specifying the function. In the illustrated example, the “provided functions” include “OCR” (Optical Character Recognition) and “match”. As described above, the functions provided by the API in the API management data 25a are not limited to OCR and matching. Therefore, the items of functions provided in the API management data 25a may include data other than OCR and matching.

"Security level" is a data item for representing the security level set for each API. In the illustrated example, the data value of the security level is represented by two levels of "high" and "low". The security level may be classified into three or more levels (for example, "high", "medium", "low", etc.), and may be data representing the level of security as a score. The security level associated with each API may indicate the level of security of the API on a scale of 10, for example. A security level may be defined for each vendor. For example, if the vendor has received certification based on ISO/IEC 27001:2005 or the corresponding certification based on JIS Q 27001:2006 in Japan, setting the security level of the API provided by the vendor to "high" and set the security level of APIs provided by these uncertified vendors to "low". When determining the security level of an API provided by a certain vendor, if the API uses off-premise storage from the vendor's perspective, the security level of the API may be set low. However, even if an API provided by a vendor uses external storage to store processed data, if the vendor has received ISMS cloud security certification based on ISO/IEC 27017:2015, the security of the API You can set the level higher. The higher the encryption strength in the communication between a certain vendor and the API platform device 20, the higher the security level of the API provided by that vendor. When API processing is performed in a secret state by using secure computation technology such as homomorphic encryption and MPC (Multi Party Computation), even if the security level of the API is set higher than otherwise. good. In this way, the security level of an API provided by a certain vendor depends on whether the vendor has received certification based on ISO/IEC 27001:2005, and whether the API handles external storage in an off-premises environment for the vendor. Whether or not it is used for data storage, whether or not the vendor has received ISMS cloud security certification based on ISO/IEC 27017:2015, whether or not there have been incidents such as information leaks or leaks related to the vendor, and the vendor It can be set based on the confidentiality of communication with and processing, and various other factors. The security level of an API is set, for example, by evaluating the API according to criteria defined by the operator of the API platform device 20. Even after a security level is set once for an API, the security level can be changed if there is a change that affects the information security of that API. Changes that affect the information security of APIs include changes in the specifications of the API, new information security certification of the vendor that provides the API, and cancellation of the information security certification of the vendor that provides the API. and other API changes that affect information security.

A security level may be set for each vendor or may be set for each API. In the example shown in FIG. 3, for Vendor A to Vendor C, the security level is set for each vendor, and for Vendor D, the security level is set for each API. Specifically, the security levels of the two APIs 31 and 32 of Vendor A are both set to "low", but among the APIs published by Vendor D, the security level of API 35 is set to "high". On the other hand, the security level of the API 36 is set to "low". For example, if the API 35 stores processing data in the vendor environment D and the API 36 stores processing data in a storage (for example, the storage 42) outside the vendor environment D, the security level for the API 35 is set to “high”. You may set a security level to "low" about API36 while setting.

"Responsiveness" of API is a data item indicating the response speed of API. The responsiveness of an API can be defined based on the response time from calling the API to receiving a correct response (non-error response). In the illustrated embodiment, API responsiveness is evaluated in three levels of "high", "medium", and "low", and the evaluation result is the data value of the item "responsiveness". API responsiveness may be evaluated in two stages, or may be evaluated in four or more stages. The API responsiveness may be a value obtained by normalizing the API response time.

"Cost" of API is a data item indicating an evaluation of the cost to be paid for using the API. In the illustrated embodiment, the API cost is evaluated in three levels of "high", "medium", and "low", and the evaluation result is stored as the data value of the cost data item. APIs may be published for a fee for the vendor's revenue, or they may be published for free. For example, an API that is open to the public free of charge or an API that can be used without paying a usage fee can be evaluated as having a "cheap" cost. APIs published for a fee are given a rating of "high", "medium", or "cheap" depending on the amount of money that needs to be paid. ” is set as the data value of the item. The API cost may be evaluated in two stages, or may be evaluated in four or more stages. The API cost may be a normalized value of the amount paid for using the API.

The API management data 25a shown in FIG. 3 is an example, and the API management data 25a that can be used in the API providing system 1 is not limited to that shown in FIG. The API management data 25a may not include some of the data items shown in FIG. 3, or may include data items not shown in FIG. For example, the API management data 25a may include data items related to storage used by the API, in addition to "responsiveness" and "cost". The data items related to the storage used by the API included in the API management data 25a can include the reliability of the storage used by the API and the installation country where the storage is installed. For example, since Vendor A uses an external storage 41 , it is possible to make the storage redundant by combining the storage of Vendor Environment A and the storage 41 . In this way, when redundancy is achieved in the storage that stores processing data of the API, it can be determined that the reliability of the storage of the API is high. Also, the reliability of the storage can be evaluated according to the RAID level used for the storage that stores API processing data. For example, when RAID-6 is used, it can be evaluated that the storage reliability is high. As the country where the storage is installed, for example, Japan, the United States, Australia, China, and other countries or regions are set as data values.

Data values of data items related to APIs included in the API management data 25a are set by the operator of the API platform device 20, for example. For example, the API cost can be evaluated by the operator of the API platform device 20 by investigating usage fees for each API.

In the API providing system 1, there are no particular restrictions on where data is stored. For example, various data that can be stored in the storage 25 may be stored in a storage or database server that is physically separate from the API platform device 20 within the on-premises environment 5 or outside the on-premises environment 5 . However, when the client application 10 a handles data that cannot be sent to the off-premises environment, the data is stored in the storage within the on-premises environment 5 . Although the storage 25 is illustrated as a single unit in FIG. 2, the storage 25 may be a collection of multiple physically separate storages. That is, in this specification, the data stored in the storage 25 may be stored in a single storage, or distributed and stored in a plurality of storages. In addition, in the present specification and claims, the term "storage" may refer to either a single storage or a collection of multiple storages, as long as the context permits. The API management program 25b can be stored in various types of non-transitory computer readable media other than the storage 25. FIG. Non-transitory computer-readable media include various types of tangible storage media. Examples of non-transitory computer-readable media include magnetic recording media (e.g., floppy disks, magnetic tapes, hard disk drives), magneto-optical recording media (e.g., magneto-optical discs), Compact Disc Read Only Memory (CD-ROM), CD -R, CD-R/W, semiconductor memory (e.g. Mask ROM, Programmable ROM (PROM), Erasable PROM (EPROM), Flash ROM, Random Access Memory (RAM)).

Next, functions of the API platform device 20 will be described. The processor 21 of the API platform device 20 executes the commands included in the API management program 25b and other commands as needed, thereby executing the request receiving unit 21a, the API selecting unit 21b, the request transmitting unit 21c, the response receiving unit 21d and a response transmission unit 21e. In this specification, a program or instructions included in the program described as being executed by the processor 21 may be executed by a single computer processor or distributed by a plurality of computer processors. good. Also, the program executed by the processor 21 or instructions included in the program may be distributed and executed by a plurality of virtual computer processors. However, as described above, if the client application 10a handles data that cannot be sent to the off-premises environment, the data is processed by the processors in the on-premises environment 5, and the distributed processing by the processors in the off-premises environment is Not done.

The request receiving unit 21a receives a processing request transmitted from the client application 10a. FIG. 4 is a data structure diagram schematically showing an example of a processing request. A processing request has a header portion 51 and a body portion 52 . In the header part 51 of the processing request transmitted from the client application 10a, at least one confidentiality level information set in the processing target data set and the function of the API to process the processing target data set are specified. and a function ID to be used.

The data set to be processed is a data set passed to the API for processing by the API among various data used by the client application 10a. The processing request may specify the file name of the file included in the processing target data set. The processed data set can include one or more files in PDF, CSV, JSON and other known formats. The data set to be processed may be included in the body of the processing request and sent to the API along with the processing request, or may be obtained by the API from the storage location specified in the processing request.

One or more degrees of confidentiality are set for the data set to be processed. The confidentiality of the data set to be processed may be classified according to ISO27001 (JISQ27001), which is an international standard for information security. ISO27001 (JISQ27001) classifies information into four categories: "top secret", "confidential", "confidential", and "general". The confidentiality of the data set to be processed may be set according to these four divisions. A user of the client application 10a may set the sensitivity of the data set to be processed. One degree of sensitivity may be set for the entire data set to be processed, or a degree of sensitivity may be set for each unit data set (for example, file) included in the data set to be processed. When the confidentiality is set for each file included in the data set to be processed, the processing request may include the confidentiality set for the file in association with the file name. Alternatively, the confidentiality of the processing target data set may be set to a value according to the client application 10a that is the transmission source of the processing target data set. In this case, the processing target data sets included in the processing request sent from the client application 10a all have the same confidentiality, while the processing target data sets included in the processing requests sent from other client applications have the same confidentiality. can have different sensitivities. For example, the confidentiality of data sets to be processed included in processing requests sent from business applications used within a company is uniformly set to "Top Secret", while applications other than business applications (for example, personal The confidentiality of the processing target data set included in the processing request transmitted from the SNS application, game application to be used) may be uniformly set to "general". Alternatively, the confidentiality of the processing target data set may be set to a value according to the user who sent the processing target data set. In this case, all of the processing target data sets included in the processing request sent by user A using the client application 10a have the same confidentiality, while the data sets included in the processing request sent by another user B using the client application 10a A dataset to be processed may have a sensitivity different from the sensitivity. For example, the data set to be processed included in the processing request sent by the audit corporation using the client application 10a is uniformly set to "top secret", while the internal audit staff of a general company sends using the client application 10a The confidentiality of the data set to be processed included in the processing request may be uniformly set to "confidential".

The function ID included in the processing request is an identifier specifying what kind of processing is to be performed on the processing target data set included in the processing request or specified in the processing request. With the function ID, it is possible to specify what function should be provided by the API that received the data set to be processed. As described above, when each API included in the API providing system 1 provides either matching or OCR functions, the function ID identifies either matching or OCR. When the API published in the API providing system 1 provides more functions, the function ID is extended accordingly. That is, the function ID may be designed to identify functions to be provided by three or more APIs. The function ID may be assigned to each API according to the evaluation, for example, by the operator of the API platform device 20 evaluating API functions based on the specifications of a plurality of APIs published in the API providing system 1. good.

Returning to FIG. 2, based on the processing request received from the client application 10a, the API selection unit 21b selects a processing target data set included in the processing request from among a plurality of APIs published in the API providing system 1. Select the API to process. In this specification, the API selected by the API selection unit 21b may be called "execution API". In the embodiment shown in FIG. 1, since the APIs 31-36 are open to the public in the API providing system 1, the API selector 21b selects an execution API from among the APIs 31-36.

In one embodiment of the present invention, the API selector 21b can select an execution API based on the function ID and security classification information included in the processing request. The API selection unit 21b, for example, identifies the requested function based on the function ID included in the processing request, refers to the API management data 25a, extracts an API that provides the identified function, and Among the extracted APIs, an API that matches the degree of secrecy specified by the secrecy classification information included in the processing request is selected as the execution API. That is, an API that provides the function specified by the function ID included in the processing request and has a security level that matches the degree of confidentiality specified by the security classification information can be selected as the execution API.

There are at least the following two criteria for determining whether the API security level conforms to the degree of secrecy specified by the security classification information. Any criteria may be adopted in the API providing system 1 .

In a first example of conformance criteria, each of the API's security levels specifies an upper sensitivity limit that conforms to each security level. For example, the API security level "high" specifies "top secret" as the upper limit of confidentiality suitable for the security level "high", and the security level "low" specifies the upper limit of confidentiality suitable for the security level "low". You can specify "general" as In this case, the API selection unit 21b selects APIs whose security level is set to "high" to have a degree of secrecy equal to or lower than the upper limit of "top secret" specified by the security level of "high". Confidential, Confidential, Confidential, and General, in order from top to bottom, Confidential, Confidential, and Confidential APIs that conform to the "general") sensitivity and whose security level is set to "low" must have the same or lower sensitivity than the "general" specified by the security level "low" (the above In the 4-level example, it can be determined that only "general" confidentiality is met). Thus, in the first example of the conformity criterion, the degree of confidentiality designated by the classified information designates the lower limit of the security level of the API that conforms to the degree of confidentiality. In another example where the API security level is classified into four categories, "highest", "high", "medium", and "low", the correspondence between the security level and the degree of secrecy is as follows. can be set as shown in Table 1.

In a second example of the conformance criterion, each confidentiality is associated with an API security level in a identifiable manner. In this case, a plurality of degrees of confidentiality may be associated with one security level, or each degree of confidentiality may be associated with the security level of the API on a one-to-one basis. As an example of the former, each of the three degrees of confidentiality, "top secret," "confidential," and "confidential," is associated with a security level of "high," and the degree of "general" is associated with a security level of "low." settings. In this case, the API selection unit 21b determines that the API whose security level is set to "high" conforms to the degree of secrecy of "top secret", "confidential", and "confidential", and that the security level is set to "low". It can be determined that the API that is being used meets the "general" sensitivity. As an example of the latter, when the confidentiality is classified into four levels of "top secret", "confidential", "confidential" and "general", the API security level is also "highest", "high" and "medium". , ”, ”Low”, and ”Highest”, ”High”, ”Medium” and ”Low” for ”Highest”, ”High”, ”Medium” and ”Low”. There are settings that are associated one-to-one with security levels.

If there are multiple APIs that provide the function specified by the function ID included in the processing request and have a security level that conforms to the degree of confidentiality specified by the classification information, each of the multiple APIs As candidate APIs, an execution API is selected from among the plurality of candidate APIs according to a predetermined criterion. For example, the processing request received from the client application 10a may include desired condition information that defines items to be emphasized when selecting an execution API. You may choose an execution API from. Desired condition information is data items of API management data 25a (for example, responsiveness, cost, storage reliability, country of installation of storage, or other data item) can be specified. The desired condition information may be notified to the API platform device 20 separately from the processing request. For example, the user of the client application 10a can register desired condition information using a registration form provided by the API platform device 20 before sending a processing request.

Some specific examples of execution API selection are described according to the embodiment shown in FIG. In the first example, in the processing request received from the client application 10a, the function ID specifies "OCR", the confidentiality is set to "top secret", and the desired condition information is set to "cost". assume that In this case, the API selector 21b extracts APIs 31, 33, and 35 as APIs that provide OCR from among the APIs 31-36. Next, the API selection unit 21b selects, as a candidate API, from among the APIs 31, 33, and 35 that provide OCR, APIs that match the confidentiality of "top secret" specified by the classification information. In the API management data 25a shown in FIG. 3, the security levels of two APIs 33 and 35 among the APIs that provide OCR are set to "high". selected. Next, since the desired condition information specifies that emphasis is placed on "cost", API 33, which is set to be "high" in cost among the candidate APIs 33 and 35, is not selected. The set API 35 is selected as the execution API.

In the second example, in the processing request received from the client application 10a, the function ID specifies "OCR", the confidentiality is set to "general", and the desired condition information is set to "cost". assume that In this case, the API selector 21b extracts APIs 31, 33, and 35 as APIs that provide OCR from among the APIs 31-36. Next, the API selection unit 21b selects, as a candidate API, from among the APIs 31, 33, and 35 that provide OCR, APIs that match the "general" confidentiality designated by the security classification information. In the API management data 25a shown in FIG. 3, among the APIs that provide OCR, the security level of API31 is set to "low", so this API31 is selected as a candidate API. Since only one candidate API is selected, this candidate API 31 is selected as the execution API.

By comparing the first example and the second example, even if a processing request requesting execution of the same function of "OCR" is received, the confidentiality of the processing target data set set in the processing request It is understood that the selected execution API differs depending on the degree. Thus, the API platform device 20 can select an external API according to the confidentiality of data.

In the third example, an example in which multiple degrees of sensitivity are set for the data set to be processed will be described. For example, if a match of two files is requested, the two files may have different sensitivities. Specifically, the data included in the PDF file created by scanning the transaction evidence is compared with the data included in the spreadsheet software file (hereinafter referred to as "spreadsheet file") that records the transaction. In this case, a PDF file created from a voucher may be assigned a confidentiality level of "top secret", and a spreadsheet file may be assigned a confidentiality level of "general". When receiving from the client application 10a a processing request requesting matching of the data of the file with the confidentiality of "top secret" and the data of the file with the "general" confidentiality, the API The selection unit 21b selects an execution API based on the higher one of the two different degrees of secrecy set in the processing target data set. In the above example, since a part of the data set to be processed (the PDF file of the voucher) is set with a confidentiality level of "top secret", the API selection unit 21b selects An API whose security level is set to "high" is selected as an execution API.

The request transmission unit 21c calls the execution API selected by the API selection unit 21b. Specifically, the request transmission unit 21c transmits an API request including, in the body portion, the processing data set or the processing data specifying information designating the storage location of the processing target data set to the execution API. API requests may include access tokens for authentication by known authentication protocols such as OAuth. When the execution API is open to the public through the API gateway, the API request is transmitted from the request transmission unit 21c to the execution API through the API gateway.

After the API request is transmitted to the execution API by the response transmission section 21c, the response reception section 21d receives a response from the execution API.

The response transmission unit 21e transmits the response received from the execution API by the response reception unit 21d to the client application 10a.

Next, with reference to FIG. 5, the flow of processing in which the client application 10a calls an API via the API platform device 20 and receives a response from the API will be described. First, in step S11, a processing request is transmitted from the client application 10a. The transmitted processing request is received by the request receiving unit 21a of the API platform device 20, for example.

Next, in step S12, the processing request received by the API platform device 20 is analyzed, and an execution API is selected based on the analysis. Specifically, in step S12, an execution API for processing the processing request is selected based on the function ID, security classification information, desired condition information, and, if necessary, other information included in the processing request.

Next, in step S13, the execution API selected in step S12 is called. For example, when the API 35 is selected as the execution API in step S 12 , an API request is sent from the API platform device 20 to the API 35 directly or via the API gateway for the API 35 . The process of calling the execution API is performed by, for example, the request transmission unit 21c.

Next, in step S14, the API platform device 20 receives a response from the execution API. When the API 35 is selected as the execution API, the API 35 converts the data set to be processed into digital character data, and the converted character data is received. The process of receiving a response from the execution API is performed by, for example, the response receiving unit 21d.

Next, in step S15, the response received from the execution API is sent to the client application 10a. The process of transmitting the response from the execution API to the client application 10a is performed by, for example, the response transmission unit 21e. As described above, the client application 10a causes the API corresponding to the confidentiality of the processing target data set to perform desired processing on the processing target data set via the API platform device 20, and outputs the processing result as a response. can receive. The client application 10a can, for example, receive data indicating the result of matching when the requested function is "match", and can digitize by OCR when the requested function is "OCR". can receive character data.

Subsequently, with further reference to FIG. 6, the flow of selection of the execution API in step S12 will be described more specifically. FIG. 6 is a flowchart showing an example of the flow of processing in step S12 for selecting an execution API in FIG. First, in step S121, the API selection unit 21b identifies the function requested by the processing request. For example, the API selector 21b identifies the function ID included in the processing request by analyzing it.

Next, in step S122, the API selection unit 21b refers to the API management data 25a to identify the API corresponding to the function identified in step S121 and its security level. The API selection unit 21b can acquire the name of the API having the provided function corresponding to the function ID specified in S121 and its security level from the API management data 25a.

Next, in step S123, the API selection unit 21b specifies the confidentiality of the processing target data set included in the processing request. By analyzing the processing request, the API selection unit 21b can acquire the security classification information included in the header section 51 of the processing request, and specify the confidentiality included in the acquired security classification information.

Next, in step S124, the API selection unit 21b selects an API that matches the degree of confidentiality specified in step S123 as a candidate API from among the APIs specified in step S122.

Next, in step S125, the API selection unit 21b determines whether or not there are multiple candidate APIs selected in step S124. If it is determined that there is one candidate API (that is, not multiple), the process proceeds to step S126, where the one candidate API is selected as the execution API. On the other hand, if it is determined in step S125 that there are multiple candidate APIs, the process proceeds to step S127. In step S127, the API selection unit 21b selects a candidate API that best matches the desired condition information from among the plurality of candidate APIs as an execution API. An execution API is selected as described above.

For example, in the example shown in FIG. 3, the function ID specifies "OCR" in the processing request, the confidentiality is set to "top secret", and the desired condition information is set to "cost". If so, "OCR" is identified as the requested function in step S121, APIs 31, 33, and 35 are identified as APIs that provide "OCR" in step S122, and are included in the processing request in step S123. The confidentiality of the data set to be processed is identified as "top secret", and the APIs 33 and 35 having security levels matching the confidentiality set as APIs matching the confidentiality of "top secret" in step S124 are candidate APIs. is selected as In this case, since there are a plurality of candidate APIs, the process proceeds to step S127 according to the determination result in step S125, and among the candidate APIs 33 and 35, the "cost" set in the desired condition information is more suitable. API 35 is selected as the execution API. In addition to the above examples, according to the information included in the processing request or other information, among a plurality of APIs published in the API providing system 1, the confidentiality of the data to be processed is suitable and desired. An API that satisfies the conditions is selected as the execution API.

In the processing procedures described in this specification, especially in the processing procedures described using flow diagrams, some of the steps that make up the processing procedure are omitted, and as a step that makes up the processing procedure It is possible to add steps that are not specified and/or change the order of the steps, and the processing procedures in which such omissions, additions, and order changes do not deviate from the spirit of the present invention. Included within the scope of the invention. For example, by changing the order of execution of steps S122 and S123 shown in FIG. may specify the sensitivity of

A brief description will be given of the effects achieved by the embodiment of the present invention. According to one embodiment of the present invention, an execution API is selected to perform the processing requested by the processing request according to the sensitivity of the processing data set processed by the API. Accordingly, by determining the degree of confidentiality of the data set to be processed in the client application 10a that uses the API, an execution API corresponding to the degree of confidentiality of the data set to be processed can be selected from a plurality of APIs published in the API providing system 1. is selected, there is no need to specify an API for processing the processing target data set in the client application 10a. Therefore, the client application 10a can be developed and constructed more efficiently while ensuring information security.

According to one embodiment of the present invention, even if the specification of the API published in the API providing system 1 is changed in terms of information security, the security level of the API can be updated in the API management data 25a. Therefore, it is possible to continuously use the API corresponding to the confidentiality of the processing target data set without modifying the client application 10a. For example, even if the security level of an API that has been selected as an execution API so far is lowered and does not conform to the confidentiality of the data set to be processed, the change in security level is reflected in the API management data 25a. Thus, another API that matches the degree of confidentiality can be selected as the execution API.

According to one embodiment of the present invention, the client application 10a can call an execution API via the API platform device 20 and receive a response from the called execution API. Since the execution API is selected according to the degree of confidentiality set for the data set to be processed, the information security of the data set to be processed can be ensured even when the API in the off-premises environment is used.

According to one embodiment of the present invention, an execution API is selected according to desired conditions defined for the client application 10a from candidate APIs having a security level that matches the sensitivity of the data set to be processed. As a result, an execution API more suitable for the desired conditions of the client application 10a can be selected. For example, a user of the client application 10a who places importance on cost can be provided with a service based on a low-cost execution API, and a user of the client application 10a who places importance on responsiveness can be provided with a service based on an execution API with high responsiveness. .

Next, an API providing system 7 according to another embodiment of the present invention will be described with reference to FIGS. 7 and 8. FIG. In the API providing system shown in FIGS. 7 and 8, an API is also prepared in the on-premises environment, and when a processing request satisfies predetermined conditions, the processing request is processed by the API provided from the on-premises environment. be. FIG. 7 is a block diagram showing an outline of an API providing system 7 in which an API is published from an on-premises environment.

The API providing system 7 shown in FIG. 7 includes an API platform device 70 in place of the API platform device 20, and also includes APIs 37 and 38 published from the on-premises environment 5. FIG. APIs published from the on-premises environment 5 are executed using processors and main memories arranged in the on-premises environment 5 . API 37 provides OCR functionality and API 38 provides matching functionality. In this specification, an API that is executed by an information device located in the on-premises environment 5 where the client application 10a is located and stores the processed data in the storage located in the on-premises environment 5 is referred to as an "on-premises API". sometimes called API 37 and API 38 are examples of on-premise APIs. The on-premises API is executed using only the information equipment of the on-premises environment 5 and does not send its processed data to the off-premises environment. Processing of data that cannot be sent to the environment is done by the on-premise API. An example of data that the client application 10a cannot transmit to the off-premises environment is data that falls under undisclosed material facts stipulated in the Financial Instruments and Exchange Act. For example, if the user of the client application 10a is an audit corporation, the unpublished financial results information of the client of the audit corporation becomes data that cannot be transmitted to the off-premises environment. In order to comply with laws and regulations regarding insider trading, it is not desirable to transmit material non-disclosure facts stipulated by the Financial Instruments and Exchange Act to an off-premises environment. Therefore, when the client application 10a processes data corresponding to unpublished material facts, it is necessary to process the data in the on-premises environment 5. selected.

FIG. 8 is a block diagram showing the API platform device 70 of the API providing system 7. As shown in FIG. Compared to the API platform device 20 of FIG. 2, the API platform device 70 of FIG.

In the API providing system 7, the processing request received from the client application 10a includes a clearance flag indicating whether the processing target dataset should be processed in the on-premises environment 5 or not. The clearance flag is included in the header portion 51 of the processing request. For example, a "true" clearance flag may indicate that the processed dataset should be processed within the on-premises environment 5 and that the processed dataset cannot be transmitted and stored in an off-premises environment. On the other hand, a "false" clearance flag can indicate that the processed dataset can be sent to an off-premises environment. The API selection unit 21b selects an execution API from a plurality of APIs open to the public in the API providing system 7 according to the clearance flag included in the processing request. Specifically, when the clearance flag is “true”, an execution API is selected from on-premise APIs published from the on-premise environment 5 . On the other hand, if the clearance flag is "false", an execution API is selected from the off-premises environment APIs 31 to 36 that are open to the public in the API provision system 7 in the same manner as the selection of the execution API in the API provision system 1. .

When the clearance flag of the processing request is set to "true", the clearance processing unit 21f may wait for selection of the execution API until the clearance flag is updated to "false". For example, if a function requested in a processing request is provided only by an API published in an off-premises environment, the processing request cannot be processed using the on-premises API. Assuming such a case, the clearance processing unit 21f can wait for selection of the execution API until the clearance flag is updated to "false". When it is determined that the clearance processing unit 21f should wait for the selection of the execution API based on the processing request whose clearance flag is set to "true", the clearance processing unit 21f waits for the selection of the execution API based on the processing request. , the processing request is stored in the temporary holding area 71 . When the clearance flag is updated to "false", the clearance processing unit 21f can read the target processing request from the temporary holding area 71 and select an execution API from the execution APIs in the off-premises environment.

A user of the client application 10a may issue a flag update request to the API platform to change the clearance flag from "true" to "false" when information contained in the data set to be processed becomes public or in other appropriate cases. It can be sent to device 70 . Alternatively, the clearance processing unit 21f may periodically and automatically determine whether or not to update the clearance flag. The user can preset a condition for changing the clearance flag from "true" to "false" (hereinafter referred to as "flag change condition"). The clearance processing unit 21f can periodically determine whether or not the flag change condition is satisfied. The clearance processing unit 21f can determine whether or not the flag change condition is satisfied, for example, once a day, once an hour, or at other intervals.

In another example, even if the function requested in the processing request with the clearance flag set to "true" can be processed by the on-premises API, the information device of the on-premises environment 5 that executes the on-premises API When overloaded or otherwise, the clearance processing unit 21f can suspend the processing of the processing request by the on-premise API. When it is determined that the processing of the processing request should be suspended, the clearance processing unit 21f stores the processing request whose processing is suspended in the temporary holding area 71 . The clearance processing unit 21f monitors the load state of the information equipment that processes the on-premises API, and when the load of the information equipment falls below a predetermined level, the clearance processing unit 21f reads the pending processing request from the temporary holding area 71. It can be processed by the on-premise API. When the clearance flag of the target processing request is updated to "false" while the processing of the processing request is pending, the clearance processing unit 21f reads the processing request from the temporary holding area 71 and executes the processing. An execution API for processing the request may be selected from among the APIs 31 to 36 in the off-premises environment, and the selected execution API may process the processing request.

Also in the API providing system 7, the flow of processing in which the client application 10a calls the API via the API platform device 20 and receives a response from the API is as shown in FIG. However, in the API providing system 7, the processing request may be processed by the on-premise API, so the processing of selecting the execution API in step S12 differs from the processing shown in FIG. Therefore, the flow of execution API selection processing for selecting an execution API in step S12 in the API providing system 7 will be described with reference to FIG. FIG. 9 is a flowchart showing the flow of processing for selecting an execution API to be executed in the API providing system 7. As shown in FIG.

First, in step S721, the API selection unit 21b determines whether the clearance flag of the received processing request is true or false. If the clearance flag is "false", the processing request can be sent to the off-premises environment, so the process proceeds to step S121. After that, in steps S121 to S127, the same processing as explained with reference to FIG. 5 is performed.

On the other hand, if the clearance flag is "true", the process proceeds to step S722. In step S722, the clearance processing unit 21f determines whether the received processing request can be processed by the on-premise API. Specifically, the clearance processing unit 21f identifies the function requested by the processing request, and determines whether or not there is an on-premises API that provides the identified function. For example, by managing the provision function of the on-premise API as the API management data 25a or other data set, determination in step S722 becomes possible. If there is an on-premises API that provides the function requested by the processing request, the clearance processing unit 72 acquires the load status of the information device that processes the on-premises API, and determines whether or not the information device is overloaded. do. In step S722, if there is an on-premises API that provides the function requested by the processing request, and the load on the information device that processes the on-premises API is not overloaded, it is determined that the processing request can be processed, The execution API selection process proceeds to step S723. In step S723, the API selection unit 21b selects the on-premise API that provides the function identified in step S722 as the execution API. On the other hand, in step S722, if there is no on-premises API that provides the function requested by the processing request, or if there is an on-premises API that provides the function requested by the processing request, the on-premises API is processed. If it is determined that the processing request cannot be processed immediately when the information device to be processed is overloaded, the execution API selection processing proceeds to step S724. In step S724, the clearance processing unit 21f notifies the client application 10a that processing of the processing request has entered a standby state. Next, in step S<b>725 , the clearance processing unit 21 f stores in the temporary holding area 71 the processing request determined to be unprocessable immediately.

A specific example will be described. It is assumed that the processing request received from the client application 10a specifies the function ID as "match", the confidentiality is set as "top secret", and the clearance flag is set as "false". In this case, since the clearance flag is "false", the API selection process proceeds from step S721 to step S121. Then, through the processing in steps S121 to S127, the API 34 is selected as the execution API according to the setting of the processing request with the function ID "match" and the confidentiality "top secret".

Another specific example will be described. It is assumed that the processing request received from the client application 10a specifies "match" for the function ID, sets the confidentiality to "top secret", and sets the clearance flag to "true". In this case, since the clearance flag is set to "true", the API selection process proceeds from step S721 to step S722. In step S722, the API selection unit 21b determines whether the APIs 37 and 38 published from the on-premises environment 5 include an API that provides a "match" function. Since the API 38 provides the "matching" function as described above, the API selector 21b determines whether or not the next information device that processes the API 38 is overloaded. If it is determined that there is an overload, the client application 10a is notified that processing of the processing request has entered a standby state in step S724, and the processing request is stored in the temporary holding area 71. FIG. When the overloaded state of the information device processing the API 38 is resolved, the API selection process proceeds to step S723, where the processing request is read from the temporary holding area 71 and the API 38 is selected as the execution API. If the clearance flag of the processing request is changed to "false" before the overloaded state of the information device that processes the API 38 is resolved, the API selection processing proceeds from step S721 to step S121, and the following steps , the API 34 is selected as the execution API in accordance with the setting of the processing request with the function ID "match" and the confidentiality "top secret".

According to this modified example of the API providing system 7 according to an embodiment of the present invention, when data to be processed in an on-premises environment (conversely, data that should not be processed in an off-premises environment) is included in the data set to be processed. , an execution API can be selected from on-premise APIs published from the on-premise environment. As a result, data that cannot be sent to the off-premises environment can be reliably closed to the on-premises environment for processing, even when APIs are used.

In the API providing system 7 according to one embodiment of the present invention, when the API platform device 70 receives a processing request from a client such as an auditing firm and processes it with the API, processing of the clearance flag "true" that may constitute insider trading A request can be treated differently from other processing requests. Therefore, the processing requests can be processed more efficiently than the case where the audit firm manually distinguishes between processing requests that constitute insider trading and processing requests that do not. In addition, when utilizing data for machine learning, etc., it is possible to dispel client concerns that the provision of data may constitute insider trading.

Each of the above-described embodiments does not limit the invention according to the scope of the claims. The elements described in the above embodiments are not necessarily essential to the solution of the invention. For example, in the API providing system 7, a clearance flag is set in the processing request, and the on-premises API is published from the on-premises environment 5, but while the clearance flag can be set in the processing request, the on-premises API is not provided. good too. In this case, if the clearance flag is "true", the clearance processing unit 21f stores the processing request in the temporary holding area 71, and waits for selection of the execution API until the clearance flag is updated to "false". can. When the clearance flag is updated to "false", the clearance processing unit 21f reads the target processing request from the temporary holding area 71 and causes the execution API in the off-premises environment to process it. In addition, even in an embodiment in which a clearance flag is not set in a processing request, by using an on-premise API, it is possible to use an on-premise API with good responsiveness at low cost (without paying a usage fee to an off-premise API vendor). can be done.

Although the processes and procedures described herein are described as being performed by a single device, software, component or module, such processes or procedures may be performed by multiple devices, software, components or modules. and/or by multiple modules. In addition, even if the data, tables, or databases described herein are described as being stored in a single storage device (storage or memory), such data, tables, or databases are It can be distributed and stored in a plurality of storage devices provided in one device or in a plurality of storage devices distributed in a plurality of devices. Furthermore, the software and hardware elements described herein can be implemented by consolidating them into fewer components or decomposing them into more components.

Elements referred to herein in the singular shall include the plural unless contradicted.

1, 7 API provision system 5 On-premise environment A to D Vendor environment (off-premise environment)
10 User terminal 10a Client application 20, 70 API platform device 21 Processor 21a Request receiver 21b API selector 21c Request transmitter 21d Response receiver 21e Response transmitter 21f Clearance processor 25 Storage 25a API management data 25b API management program 31- 38 APIs
71 Temporary storage area

Claims (10)

to one or more processors,
a function of receiving a processing request containing at least one confidentiality classification information representing the confidentiality set in the data set to be processed;
a first selection function for selecting an execution API for processing the processing request from among a plurality of external APIs according to the security classification information;
program to run. causing the one or more processors to further perform a function of calling the execution API and receiving a response from the execution API;
A program according to claim 1. The execution API is selected from among the plurality of APIs based on the security classification information and a security level set for each of the plurality of APIs;
3. A program according to claim 1 or 2. Based on the security classification information and the security level set for each of the plurality of APIs, a plurality of APIs having a security level that matches the degree of secrecy among the plurality of APIs in the one or more processors further executing a second selection function that selects a candidate API;
the execution API is selected from among the plurality of candidate APIs;
A program according to any one of claims 1 to 3. the processing request is generated by a client application;
the execution API is selected from among the plurality of candidate APIs according to desired conditions defined for the client application;
5. A program according to claim 4. When a plurality of confidentialities are set for the data set to be processed, each of the plurality of candidate APIs has a security level that matches the highest confidentiality among the plurality of confidentiality. selected from
6. A program according to claim 4 or 5. each of the one or more processors is located in an on-premises environment;
The first selection function selects from among one or more on-premises APIs in the on-premises environment when a flag included in the processing request indicates that the data set to be processed should be processed in the on-premises environment. Including the ability to select the execution API,
A program according to any one of claims 1 to 5. provided functions and security levels are set for each of the plurality of APIs;
The first selection function includes a function of selecting the execution API according to the function requested by the processing request and the security classification information.
A program according to any one of claims 1 to 7. a receiving unit that receives a processing request containing at least one confidentiality class information representing the confidentiality set in the data set to be processed;
an API selection unit that selects an execution API for processing the processing request from among a plurality of external APIs according to the security classification information;
A device comprising 1. A method of selecting an API by one or more processors executing computer readable instructions, comprising:
a step of receiving a processing request containing at least one confidentiality class information representing a confidentiality set in a data set to be processed;
selecting an execution API for processing the processing request from among a plurality of external APIs according to the security classification information;
How to prepare.

Images