JP2002351840A - Service management method, service management system, and starting method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a service management method capable of reducing alteration processes for processing of a service. SOLUTION: This service management method includes a creation step where a plurality of groups each of which represents a common attribute owned by a plurality of users and includes at least a first user are created, and an allocation step where a group to be admitted to execute the process of the service among a plurality of the above groups is allocated to each process of the plurality of services.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a service management method for managing whether a user is permitted to execute a service process,
The present invention relates to a service management system for performing the service management method and a start method for starting the service management system.

[0002]

2. Description of the Related Art For example, in a service management system that manages a service, which is confidential information such as a document and a schedule on a certain business of a company, by a computer, the service is involved in the business in addition to outsiders other than employees of the company. Not to employees,
In order to prevent leakage of the confidential information, those who can execute the processing of the service, for example, reading and writing of the document, are limited to employees involved in the business.

[0003] For this purpose, a certificate for certifying the employee has been issued in advance, and further, for example, a department,
Based on the attributes of the employee such as job or position, an employee who should be permitted to execute the processing of each service is registered in advance. When the execution of the service process is requested after the issuance of the certificate and the registration of the employee, whether to execute the service process is determined based on the presence or absence of the certificate and the presence or absence of the registration.

[0004] More specifically, when a person who does not have the certificate requests execution of service processing, no execution of service processing is permitted. Further, even if a person who has the certificate and is not permitted to execute the processing of one service requests the execution of the processing of the one service, the processing of the processing of the one service is performed. Do not allow execution. On the other hand, only when a person who has the certificate and is authorized to execute the processing of the one service requests execution of the processing of the one service, the processing of the processing of the one service is performed. Allow execution. As described above, permission or rejection of execution of service processing by the employee is determined according to the registration content determined by the attribute of the employee. Therefore, when the attribute of the employee is changed, it is necessary to respond to the change in the attribute. It is necessary to quickly change the contents of the employee registration.

[0005]

However, as described above, since registration for permission or rejection of execution of the processing of the service is performed for each service, the registration based on the attribute before the change and the attribute after the change is performed. The employee must change the registration of the employee for the processing of all related services, and since the change is enormous, it takes a lot of time to complete the change. There was a problem.

As described above, each time an employee having the certificate requests execution of a service process, it is determined whether or not the employee is registered as a person authorized to execute the service process. Since the determination is made directly and the determination process is enormous, there is a problem that the execution of other processes may be delayed due to the determination process.

[0007]

In order to solve the above-mentioned problem, a service management method according to the present invention represents a plurality of groups each including a common attribute of a plurality of users and including at least one user. A creation step to create the
An assignment step of assigning, to each of the processes of the plurality of services, a group to which execution of the process of the service is to be permitted among the plurality of groups.

[0008]

DESCRIPTION OF THE PREFERRED EMBODIMENTS A service management system for implementing a service management method according to the present invention will be described. FIG.
Shows the configuration of a service management system of a specific example. As shown in FIG. 1, the service management system of the specific example includes a management station 10, an issuing station 20, a service station 30,
The station includes an owning station 40 that owns the service station 30, a plurality of use stations 50, and an activation station 60. The stations are connected to each other via a network 95. Service bureau 30
Each station, except for, holds a password for itself, and in particular, the owning station 40 holds the password of the service station 30 in addition to the password of the owning station 40 itself.

The management station 10 manages the entire service management system. For this management, the management station 10 obtains a password for maintaining confidentiality of each station from each station, stores the obtained password of each station in the issuing station, In the issuing station, a group-use station relationship indicating a relationship with 50 and a service-process relationship indicating a relationship between the group and processing of a service described later are created.

The issuing station issues a use certificate to the use station 50 so that the use station 50 can use the processing of a service described below that can be provided by the service station 30. , To invoke service processing,
A boot certificate, a boot certificate including a public key based on a public key method well known in the art, and an encrypted private key corresponding to the public key are issued.

[0011] According to the public key method, information encrypted by the principal's public key possessed by a third party other than the principal is decrypted by the principal's private key possessed only by the principal. It is possible to maintain the confidentiality of the information, and, on the other hand, to decrypt the information encrypted with the secret key for the person possessed by the person with the public key for the person possessed by a third party. Accordingly, it is possible to authenticate the source of the information, that is, to authenticate the validity of the person. In this specific example, when activating the service management system, the former method of maintaining the confidentiality by the public key is used, and when providing the service to the use station 50 by the service management system, the latter method by the public key method is used. Use the authentication method.

FIG. 2 shows a use certificate. The use certificate 100 is, as shown in FIG.
Certifying information 110 including a secret key of 0 and one-way information 120 obtained by subjecting the certifying information to, for example, processing of a well-known one-way function, which is encrypted with a secret key for processing the service. .

FIG. 3 shows an activation certificate. As shown in FIG. 3A, the activation certificate 200 for the service station 30 includes certification information 2 including the public key of the service station 30.
10 and one-way information 220 encrypted with a secret key for processing the service. Further, as shown in FIG. 3B, the activation certificate 300 for service processing includes certification information 310 including a public key for service processing,
The result of similarly performing the one-way function processing on this proof information is the one-way information 3 encrypted with the service processing private key.
20.

Returning to FIG. 1, the service station 30 provides a plurality of processes for a plurality of services to the use station 50. Here, the service refers to, for example, information such as a schedule management table and a report for each project of the company, and the service processing includes, for example, reading out the schedule management table and performing both reading and writing. It refers to the handling of such services.

FIG. 4 shows the relationship between services and service processing. In FIG. 4 showing the service-process relationship described above, for example, the service 70A
For example, assuming that the service 70A is a document, a process 80A reads the document, and a process 80B reads the document /
Writing and processing 80C correspond to the distribution of the document, and the like. Further, for example, in the process 80A,
A group 90A described below is linked, which indicates that the group 90A, more precisely, the use station 50 belonging to the group 90A is permitted to execute the process 80A of the service 70A.

Returning to FIG. 1, the owning station 40 has ownership of the service, more precisely, for example, the service 70A itself and the processes 80A-80C of the service 70 shown in FIG. When the service management system shown in FIG. 1 is activated, the first half of the activation process is performed. The activation station 60 activates the service management system shown in FIG. 1 in cooperation with the owning station 40, and particularly performs the latter half of the above-described activation processing.

The plurality of use stations 50 obtain a use certificate required for executing the processing of the service in the service station 30 from the issue station 20, and use the use certificate to
The service station 30 is requested to execute the processing of the service. The plurality of use stations 50 include, for example, departments, duties, positions,
Or, it has an attribute like a member of the project, and is classified into a plurality of groups according to the attribute.

FIG. 5 shows the relationship between groups and use stations. The relationship between the group and the use station, that is, the group-use station relationship described above is, for example, as shown in FIG.
The group 90A shown in FIG.
A to 50C. Therefore, the service-processing relationship shown in FIG. 4 and the group shown in FIG.
From the use station relation, the use station 50A belonging to the group 90A
-50C are permitted to execute the process 80A of the service 70A. Similarly, the use stations 50A and 50B belonging to the group 90B are permitted to execute the process 80B of the service 70A.

Network 95 is a well-known computer network, such as the Internet or an intranet. In the service management system of this specific example, the processing of the service is, for example, OSI
According to the seven-layer model, the determination is made in the uppermost application layer, while the determination of whether or not the request for executing the processing of the service is permitted is made in the presentation layer or the session layer lower than the application layer. This makes it possible to reduce processing in the application layer.

For the group service management system, (1) a start operation for starting the service management system;
More precisely, a start operation for starting the service station 30,
There are (2) an operation of executing a service process, and (3) an addition operation of adding the usage station 50 to the group and a deletion operation of deleting the usage station 50 from the group. Hereinafter, these operations will be described.

FIG. 6 is a flowchart showing a start operation of the service management system of the specific example. Hereinafter, the starting operation will be described with reference to this flowchart. Step S10: The owner station 40, which is the owner of the service station 30, requests the management station 10 to register the service station 30.

Step S20: When the registration of the service station 30 is requested in step S10, the management station 10
The registration related to the service station 30 is performed via a route (not shown) other than the network 95. Specifically, the management station 10 first creates the service-processing relation shown in FIG. 4 and the group-processing relation shown in FIG.
Register within 0. When the above relationship is registered, the issuing authority 2
0 is based on the relationship, for example, for the use station 50A belonging to the group 90A, the use station 50A executes the process 80A of the service station 30A to which the group 90A is permitted to execute. User station 5 shown in
A use certificate 100 including a public key for the use station 0 is created, and the use station 50 encrypted with the password of the use station 50 is created.
Create a private key for The use certificate 100 and the secret key for the use station 50 are used when the use station 50 executes service processing, as described later.

Next, the management station 10 obtains the password of the owning station 40 and the password of the service station 30 from the owning station 40, obtains the password of the starting station 60 from the starting station 60, and obtains the password of the starting station 50 from the using station 50. Get the password for. The management station 10 further includes a public key and a secret key of the owning station 40, a public key and a secret key of the service station 30, a public key and a secret key for processing a service, a public key and a secret key of the activation station 60, and usage. A public key and a secret key of the station 50 are created. Finally, the management station 10 registers the obtained password and the created key in the issuing station 20.

Step S30: When the registration is completed in step S20, the owning station 40 performs the first half of the start-up process, which is the first half of the start-up process for starting up the service station 30. When the first half of the start-up process is completed, the activation station 60
Performs the latter half of the start-up process. Thereby, the service station 30 is activated.

FIG. 7 is a flowchart showing details of the service start-up processing. Hereinafter, the start-up processing will be described with reference to this flowchart. Step S100: The owning station 40 notifies the service station 30 of the password of the service station 30 and the position information indicating the position of the service of the service station 30 and the processing of the service, and the service station 30 receives the password from the own station 40. Notify the issuing station 20 of the location information.

Step S110: Upon receiving the location information in step S100, the issuing station 20 issues an activation certificate 200 for the service station 30 including the public key of the service station 30 shown in FIG. Creates a start-up certificate 300 including the public key of
A private key for the service station 30 encrypted with the password of the service station 30 and a private key for processing the service encrypted with the public key of the activation station 60 are created.
300 and their private keys are sent to the service station 30.

Step S120: When the transmission in step S110 is completed, the service bureau 30 transmits the encrypted secret key for the service bureau 30 received from the issuing bureau 20 to the service The secret key of the service station 30 is obtained by decrypting with the password of the station 30. The service station 30 is a service station 3
0 and the decrypted private key for the service station 30 using the start-up certificate 200 for the service station 30 and a well-known SSL for authentication and encryption.
(Secure Sockets Layer) Start the server. This SS
The L server operates in the above-described presentation layer or session layer.

Step S130: At step S120,
When the SSL server for the service station 30 starts, the issuing station 20 issues a start certificate for the service station 30 including the public key of the start station 60 and is similar to the start certificate 200 shown in FIG. And the activation certificate for the service station 30 and the activation station 6 encrypted with the password of the activation station 60
The secret key for 0 is sent to the activation station 60.

Step S140: At step S130,
Upon receiving the activation certificate and the private key, the activation authority 60 decrypts the encrypted activation certificate for the activation authority 60 received from the issuing authority 20 with the password of the activation authority 60. , The secret key of the activation station 60 is obtained. The activation station 60 further includes a public key for the activation station 60 included in the activation certificate for the service station 30 received from the issuing station 20, a decrypted private key for the activation station 60, A secret route is created with the service station 30 using the activation certificate of the station 30.

Step S150: At step S140,
When the secure route is completed, the service bureau 30 sends the private key for processing the service, which has been encrypted with the public key for the activating station 60, received from the issuing authority 20 to the activating station 60 via the secure route. Send it. The activation station 60 obtains the processing private key of the service station 30 by decrypting the encrypted secret key of the processing of the service with the secret key for the activation station 60.

Step S160: At step S150,
When the private key for processing the service is obtained, the activation station 60
Sends the service processing secret key to the service station 30 via the secret route. Service bureau 30
Starts an SSL server for service processing using the activation certificate 300 including the public key for service processing already received from the issuing authority 20 and the private key for processing the service. I do. S for processing this service
The SL server operates in the presentation layer or the session layer, which is a lower layer than the application layer in which the processing of the service is executed, like the SSL server for the service described above.

FIG. 8 is a flowchart showing the operation of executing the service processing. Hereinafter, the execution operation of the service process will be described with reference to this flowchart. Step S200: The use station 50 sends the use certificate 10 shown in FIG.
0 and the user station 5 encrypted with the password of the user station 50
The private key for 0 is received.

Step S210: At step S200,
When the usage certificate 100 and the encrypted secret key for the usage station 50 are obtained, the usage station 50 decrypts the encrypted secret key for the usage station 50 with the password of the usage station 50. As a result, a secret key for the use station 50 is obtained. Step S220: When the secret key for the use station 50 is obtained in step S210, the use station 50 uses the decrypted secret key of the use station 50 and the use certificate 100, and Connect to an SSL server for processing of the service that has already been activated within.

Step S230: At step S220,
When the connection to the SSL server is completed, the SSL server, in accordance with the well-known SSL method, uses the use certificate 100 received from the use station 50 and the service already received from the issue station 20. Using the processing public key, it is determined whether or not the use station 50 is permitted to execute the service certificate. When it is determined that the service is permitted, the application station causes the use station 50 to execute the processing of the service. On the other hand, when it is determined that the service is not permitted, the use layer 50 is transmitted to the use station 50 in the presentation layer or the session layer as described above. Prohibit processing.

FIG. 9 is a flowchart showing the operation of adding a use station. Hereinafter, the additional operation of the usage station 50 will be described with reference to this flowchart. Step S300: The management station 10 adds the use station 50D under the group 90A, for example, on the group-use station relationship shown in FIG.
The management station 10 further obtains the password of the usage station 50D from the usage station 50D, creates a public key and a secret key of the usage station 50D, and registers the public key and the secret key in the issuing station 20.

Step S310: At step S300,
After completing the registration, the issuing station 20 searches the service-processing relationship shown in FIG. 4 for a service process to which the group 90A to which the use station 50A has been added is assigned. Step S320: When the search is completed in step S310, the issuing authority 20 issues the use certificate 100 shown in FIG. 2 including the public key for the use station 50D for the use station 50D for the processing of the searched service. , And user station 50
A secret key for the use station 50D encrypted with the password of D is created.

Hereinafter, in the same manner as the above-described execution operation described with reference to FIG. 8, the added use station 50D receives the use certificate 100 and the encrypted use station 50D from the issue station 20. By obtaining the secret key, it becomes possible for the group 90A to execute the processing of the service that is permitted to be executed.

The operation of deleting the use station 50 will be described.
The operation of deleting the usage station 50 is almost the opposite of the operation of adding the usage station 50 described above. FIG. 10 is a flowchart showing the operation of deleting the use station. Hereinafter, the operation of deleting the usage station 50 will be described with reference to this flowchart. Step S400: The management station 10 deletes the registered use station 50D from the group 90A, for example, under the group-use station relationship shown in FIG.

Step S410: At step S400,
When the use station 50D has been deleted, the issuing station 20 searches for a service process to which the group 90A from which the use station 50A has been deleted is assigned on the service-processing relationship shown in FIG. Step S420: When the search is completed in step S410, the issuing authority 20 issues the use certificate 100 shown in FIG. 2 including the public key for the use station 50D, which has already been registered, for the process of the searched service. And use station 50D
The secret key for the use station 50D encrypted with the password is deleted from the registration. The issuing station 20 also deletes the password and the public key of the using station 50D from the registration.

Hereinafter, the deleted use station 50D cannot obtain the use certificate 100 and the encrypted secret key for the use station 50D from the issuing station 20. It becomes impossible to execute the processing of the permitted service.

As described above, according to the service management system of the specific example, the group-use station relationship created in accordance with the attribute of the use station 50 and the service-process relationship which is the relationship between the service and the service processing. With the use station, the use station 50 creates a use certificate for executing the service processing. Therefore, when the use station 50 is added or deleted, only the group-use station relationship is corrected. Thus, a change process such as addition or deletion of a usage certificate for the added or deleted usage station 50 can be performed. Therefore, compared to the conventional method where the relationship between service processing and user stations has been changed for each user station,
The change processing can be reduced.

[0042]

As described above, according to the service management method of the present invention, a plurality of groups each including at least one user are created by representing a common attribute possessed by a plurality of users. For each service processing, a group to which execution of the service processing is to be permitted among the plurality of groups is assigned. Thereby, even when the attribute of the user is changed, whether or not to permit processing of all services related to the user is changed one by one based on the attribute before or after the change as in the related art. Alternatively, by changing the group to which the user belonged before the change or the group to which the user belongs after the change, the type of processing of the service that the employee is permitted to execute is changed. It becomes possible. Therefore, it is possible to reduce the process of changing whether to permit or disallow service processing as compared with the related art.

[Brief description of the drawings]

FIG. 1 is a diagram showing a configuration of a service management system of a specific example.

FIG. 2 is a diagram showing a use certificate.

FIG. 3 is a diagram showing an activation certificate.

FIG. 4 is a diagram showing a relationship between services and processing of the services.

FIG. 5 is a diagram showing a relationship between groups and use stations.

FIG. 6 is a flowchart showing a starting operation of the service management system of the specific example.

FIG. 7 is a flowchart showing details of a service startup process.

FIG. 8 is a flowchart illustrating an operation of executing a service process.

FIG. 9 is a flowchart showing an operation of adding a use station.

FIG. 10 is a flowchart illustrating an operation of deleting a use station.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 10 Management station 20 Issuing station 30 Service station 40 Owning station 50A-50C User station 60 Starting station 95 Network

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) G06F 17/60 140 G06F 17/60 140 172 172 512 512 512 G09C 1/00 640 G09C 1/00 640Z H04L 9 / 08 H04L 9/00 601B F term (reference) 5B017 AA01 BA05 BA06 BA07 BB06 CA15 CA16 5B082 EA11 5B085 AE06 5J104 AA16 EA05 EA06 EA19 EA26 NA02 NA05 NA11

Claims (11)

[Claims] A plurality of groups each representing a common attribute possessed by a plurality of users and creating a plurality of groups including at least one user; and Allocating a group to which execution of the service processing is to be permitted. 2. An issuing step of issuing a certificate permitting execution of the processing of the service to a user belonging to the group assigned to the processing of the service; 2. A service management method according to claim 1, further comprising a permission step of permitting a request to execute a service process. 3. The method according to claim 1, further comprising: adding a user to the group, wherein the issuing step permits the added user to execute a process of a service to which the group is assigned. 3. The service management method according to claim 2, wherein a certificate for performing the service is issued. 4. A deleting step of deleting a user from the group, and discarding a certificate for permitting the deleted user to execute a process of a service to which the group is assigned. 3. The service management method according to claim 2, further comprising a discarding step. 5. The method according to claim 5, wherein the permission step includes transmitting the permission to an OS.
3. The service management method according to claim 2, wherein the service management method is executed in a layer lower than the application layer in the seven-layer model of I. 6. The service management method according to claim 2, wherein the issuing step issues the certificate according to a public key method using a public key and a private key corresponding to the public key. 7. The service management method according to claim 6, wherein in the issuing step, the public key is included in the certificate. 8. A service management system for performing the service management method according to claim 6, wherein the issuing station issues the certificate; a service station that executes processing of the service; A service management system comprising: a service station that requests the service station to execute processing of the service using the issued certificate. 9. The service management system according to claim 1, further comprising an owner station having ownership of the service and the processing of the service, and an activation station that starts up the service management system in cooperation with the owner station. 8. The service management system according to item 8. 10. The system according to claim 9, further comprising a network, wherein said service station, said issuing station, said use station, said owning station and said initiating station are connectable to each other via said network. Service management system. 11. The activation method for activating a service management system according to claim 10, wherein the issuing authority includes: a certificate for the service authority including a public key for the service authority; A secret key for the service station encrypted with a password for the service, a certificate for processing the service including a public key for the processing of the service, and the secret key encrypted with a public key for the activation station. Creating a private key for service processing, a certificate for the activation station including a public key for the activation station, and a secret key for the activation station encrypted with a password for the activation station. The owner station sends the service station a password of the service station; and the issuing station sends the service station a certificate for the service station and an encrypted certificate for the service station. Secret key and
Sending a certificate for processing the service and a secret key for processing the encrypted service, wherein the issuing station includes, in the starting station, a public key for the starting station; Sending a certificate for the activation station and a secret key for the activation station encrypted with a password for the activation station; andthe service station encrypts the activation station with the public key of the activation station. Sending a secret key for processing the service, wherein the activation station holds an encrypted secret key for the activation station received from the issuing station for the activation station. Obtaining the secret key for the activation station by decrypting with the password of the activation station; and the activation station converts the secret key for processing the encrypted service received from the service station to the activation station. Decryption with private key Obtaining a private key for processing the service, wherein the activating station receives a certificate for the activating station received from the issuing authority, a decrypted private key for the activating station, Establishing a confidential route with the service station by using the secret key for processing the service, wherein the initiating station processes the encrypted service received from the service station. Decrypting the secret key of the service with the secret key for the activation station to obtain a secret key for processing the service; and the activation station decrypts the service via the secret route. Sending the processing private key to the service bureau, wherein the service bureau sends a request for execution of the service processing to a user bureau having a service processing certificate received from the issuing bureau. Preparation for permitting in the permitting step using a certificate for processing the service received from the issuing authority and a secret key for processing the service received from the activation authority. An activation method characterized by the following.