JP2004133618A - Communication terminal, program, and recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent user's individual data from being transmitted to the outside of a communication terminal without the permission of a user. <P>SOLUTION: A cellphone 400, when downloading Java(R)-AP software from an AP software distribution server 100, lets the user know that the Java-AP is for sending individual data, and downloads the Java-AP software when the user permits its downloading. The cellphone 400, when executing the Java-AP software, lets the user know that the Java-AP is for sending individual data, and executes the Java-AP software when the user permits its execution. <P>COPYRIGHT: (C)2004,JPO

Description

[0001]
TECHNICAL FIELD OF THE INVENTION
The present invention relates to a technique for controlling the execution of an application program that can use data unique to an individual.
[0002]
[Prior art]
2. Description of the Related Art In recent years, distribution of Java (registered trademark) application software executable on a mobile phone from a WWW (World Wide Web) server connected to the Internet has been widely performed. The Java application software has a JAR (Java Archive) file containing a program created using the Java programming language, and an ADF (Application Descriptor File) describing data related to the JAR file. When a user of the mobile phone downloads the file to the mobile phone and instructs the mobile phone to execute Java application software, the Java application (hereinafter, Java-AP) is realized on the mobile phone. Various functions are added to the mobile phone.
[0003]
A user of a mobile phone can download desired software from a number of WWW servers connected to the Internet and add a desired function to the mobile phone. However, if any function can be added, for example, data stored in the mobile phone may be destroyed by malicious software, or data specific to an individual stored in the mobile phone (hereinafter, individual Data) may be leaked out of the mobile phone against the intention of the user.
[0004]
Therefore, a mobile phone that can execute Java-AP software is designed to restrict the behavior of Java-AP that is realized by executing Java-AP software. For example, a storage area that can be used by Java-AP is limited to a specific storage area different from a storage area in which personal data is stored. Further, a Java-AP that performs communication can communicate only with a server that has distributed Java-AP software. Furthermore, in a mobile phone, when a Java-AP communicates with a server that provides Java-AP software, the Java-AP inquires of the user whether communication is permitted or not, and performs communication only when the communication is permitted. In this case, the Java-AP is allowed only to behave.
[0005]
In addition, a technique for restricting execution of Java-AP software is known (for example, refer to Patent Document 1). Patent Literature 1 describes that a user is inquired whether or not to permit execution of a program, and the program is executed only when the user has given permission.
[0006]
[Patent Document 1]
JP 2001-117770 A
[0007]
[Problems to be solved by the invention]
By the way, there is a case where a provider of Java-AP software that communicates with a distribution source WWW server wants to specify a user of the Java-AP communicating with the server. However, since the conventional Java-AP can use only a specific storage area, the user is required to notify the Java-AP of personal data such as identification data for identifying the user of the Java-AP. The notified identification data is transmitted to the server of the Java-AP software provider. However, it can be said that it is troublesome for the user to notify the identification data to the Java-AP every time the Java-AP transmits the identification data.
[0008]
In order to avoid trouble for the user, it is conceivable that the specification allows the writing of the identification data notified by the user to a specific storage area for Java-AP. In this case, the identification data notified by the user is specified. After that, the Java-AP can transmit the data for identifying the user to the server without requiring the notification of the user. If the user wants to always send data to identify the user, such a specification is acceptable, but for a user who does not, such a specification may be contrary to the user's intention. turn into.
[0009]
The present invention has been made in view of the circumstances described above, and prevents a personal data of a user of a communication terminal from being transmitted from the communication terminal without permission of the user, a communication terminal, an application execution method, a program, and recording. The purpose is to provide a medium.
[0010]
[Means for Solving the Problems]
In order to solve the above-described problems, the present invention provides a first storage unit that stores a program, an execution unit that executes the program stored in the first storage unit, and the execution unit executes the program. Inputting a user's instruction in a communication terminal having second storage means for storing data read and written by an application realized by the above, and transmission means for transmitting the data to an external device by the application. And an instruction input means for executing a program for realizing an application which is stored in the first storage means and which can acquire personal data of the user and transmit the personal data to an external device. When an instruction is input by the instruction input unit, the input of an instruction indicating whether to permit execution of the program is A communication terminal comprising: first confirmation means for prompting a user; and execution permission means for permitting execution of the program by the execution means only when an instruction to permit execution is input by the instruction input means. I will provide a.
[0011]
Also, the present invention provides a first storage unit for storing a program, an execution unit for executing the program stored in the first storage unit, and an application realized by executing the program by the execution unit. Instruction input means for inputting a user's instruction, a computer device having a second storage means for storing data to be read and written, and a transmission means for transmitting data to the external device by the application; An instruction to execute a program, which is a program stored by the first storage unit and realizes an application capable of acquiring personal data of the user and transmitting the personal data to an external device, is issued by the instruction input unit. When input, the first confirmation prompts the user to input an instruction indicating whether to permit execution of the program. Means, only when the instruction to allow the execution is input by said instruction input means to provide a program for functioning as an execution permission means for permitting execution of the program by the execution unit.
[0012]
Also, the present invention provides a first storage unit for storing a program, an execution unit for executing the program stored in the first storage unit, and an application realized by executing the program by the execution unit. Instruction input means for inputting a user's instruction, a computer device having a second storage means for storing data to be read and written, and a transmission means for transmitting data to the external device by the application; An instruction to execute a program, which is a program stored by the first storage unit and realizes an application capable of acquiring personal data of the user and transmitting the personal data to an external device, is issued by the instruction input unit. When input, the first confirmation prompts the user to input an instruction indicating whether to permit execution of the program. Means, and a computer-readable program storing a program for functioning as execution permission means for permitting execution of the program by the execution means only when an instruction to permit execution is input by the instruction input means. A recording medium is provided.
[0013]
According to the present invention, when the user inputs an instruction to execute a program for realizing an application capable of acquiring personal data of a user and transmitting the personal data to an external device, the communication terminal executes the program The user is prompted to input an instruction indicating whether or not execution of the program is permitted, and the execution of the program is permitted only when the user inputs an instruction to permit execution of the program.
[0014]
BEST MODE FOR CARRYING OUT THE INVENTION
Hereinafter, embodiments of the present invention will be described with reference to the drawings.
[0015]
[1. Configuration of Embodiment]
[1-1. overall structure]
FIG. 1 is a diagram illustrating an overall configuration of a communication system 10 according to the present invention. Although a large number of mobile phones and a Java-AP software distribution server exist in the communication system 10, only one mobile phone 400 and one Java-AP software distribution server 100 are shown to prevent the drawing from becoming complicated. ing.
[0016]
The Java-AP software distribution server 100 is a server operated by a company that distributes Java-AP software to the mobile phone 400. The Java-AP software distribution server 100 is capable of performing packet communication, and is connected to the Internet 200. The Java-AP software distribution server 100 has functions similar to those of a general WWW server, such as performing communication in accordance with HTTP (HyperText Transfer Protocol), and has a domain name of “www.abc.co”. .Jp ". The Java-AP software distribution server 100 distributes software for realizing Java-AP for displaying stock price information, and provides a service of providing stock price information to the mobile phone 400 that has downloaded this software.
[0017]
The mobile packet communication network 300 is a communication network that provides mobile data communication services. The mobile packet communication network 300 is connected to a wireless base station that performs wireless communication with a mobile phone 400 owned by a person who has made a subscriber contract with a communication carrier that operates the mobile packet communication network 300, and a wireless base station. And a gateway exchange connected to the exchange. The mobile packet communication network 300 has a gateway server for relaying communication performed between the gateway exchange and the Internet 200 (both are not shown). The mobile packet communication network 300 uses the above-described device installed in the mobile packet communication network 300 and a mobile phone 400 accommodated in the mobile packet communication network 300 and Java-AP software connected to the Internet 200. It relays packet communication performed with a WWW server such as the distribution server 100.
[0018]
The mobile phone 400 is a mobile phone owned by a user (not shown) and can receive a mobile data communication service provided by the mobile packet communication network 300. The mobile phone 400 has a packet communication function, and performs packet communication between the mobile packet communication network 300 and the WWW server such as the Java-AP software distribution server 100 connected to the Internet 200 via the Internet 200. It can be performed.
[0019]
[1-2. Configuration of Java-AP software distribution server]
[1-2-1. Hardware configuration]
FIG. 2 is a block diagram illustrating a hardware configuration of the Java-AP software distribution server 100. As shown in FIG. 2, each unit of the Java-AP software distribution server 100 is connected to a bus 101, and data is exchanged between the units via the bus 101.
[0020]
The communication unit 102 is a communication interface for performing communication using the Internet 200, and is connected to the Internet 200. The operation unit 103 is for inputting an instruction for operating the Java-AP software distribution server 100, and has a keyboard and a mouse (not shown). When the operation unit 103 is operated by the user of the Java-AP software distribution server 100, the operation unit 103 outputs a signal indicating the operation contents of the user to the CPU 108. The display unit 104 includes a liquid crystal display panel (not shown) and a control circuit that controls display of the liquid crystal display panel. The display unit 104 operates a character or graphic screen and the Java-AP software distribution server 100 under the control of the CPU 108. To display a menu screen or the like.
[0021]
The storage unit 105 includes a device (not shown) that permanently stores data, such as a hard disk device. The storage unit 105 stores a server program for causing the Java-AP software distribution server 100 to function as a general WWW server, such as a data transmission / reception function based on HTTP. The storage unit 105 also stores a JAR (Java Archive) file 105C containing a program created using the Java programming language, an ADF (Application Descriptor File) 105B describing data related to the JAR file, and a JAR file 105C. And an explanation file 105A for explaining the contents of the Java-AP software including the ADF 105B to the user of the mobile phone serving as a client. Further, the storage unit 105 stores a Java-AP user table 105D in order to provide a service for providing stock price information to a device that has downloaded the Java-AP software distributed by the Java-AP software distribution server 100. , A stock price information table 105E. The stock price information table 105E is a table in which stock prices of listed companies are stored. As illustrated in FIG. 3, stock names of stocks and stock prices of individual stocks are stored in association with each other. The Java-AP user table 105D will be described later.
[0022]
The ROM (Read Only Memory) 106 stores an IPL (Initial Program Loader). When the user of the Java-AP software distribution server 100 turns on the power of the Java-AP software distribution server 100, the CPU 108 sets the RAM (Random Access Memory) 107 as a work area, reads the IPL from the ROM 106, reads the IPL from the ROM 106, and reads the CPU 108 and Java. -Initialize each unit of the AP software distribution server 100. When the initialization is completed, the CPU 108 reads out the server program from the storage unit 105 and executes it.
[0023]
[1-2-2. Explanation file, ADF, JAR file]
As illustrated in FIG. 4, the description file 105A is described in CHTML (Compact HyperText Markup Language), which is one of markup languages, and the URL is “http://www.abc.co.jp/java”. /Kabuka.html ". When the description file 105A is interpreted by a WWW browser capable of interpreting CHTML, a page P01 for introducing Java-AP software provided by the Java-AP software distribution server 100 is displayed as shown in FIG. On this page P01, a hyperlink P01A for downloading Java-AP software provided by the Java-AP software distribution server 100 is displayed.
[0024]
In the description file 105A, an A tag and an OBJECT tag are used in order to download a Java-AP software to a mobile phone as a client. The A tag is a tag for displaying a hyperlink on a page. When the description file 105A illustrated in FIG. 4 is interpreted by the WWW browser, the description between “<A” and “/ A>” is displayed on the page P01 as a hyperlink P01A. The ijam attribute described in the A tag is an attribute for referring to the OBJECT tag when the hyperlink displayed by the A tag is clicked. The OBJECT tag is a tag used to specify the ADF of Java-AP software. The data attribute is used to specify a URL indicating the storage location of the ADF of the Java-AP software. In the description file 105A, the URL of the ADF 105B is “http://www.abc.co.jp/java/kabuka. jam ”is described.
[0025]
From the Java-AP software distribution server 100, software for realizing Java-AP (hereinafter, referred to as stock price information AP) named “stock price information” is delivered. When the stock price information AP software is executed on a mobile phone serving as a client, the stock price information AP software obtains stock price information of a brand designated by a user of the stock price information AP from the Java-AP software distribution server 100 that has delivered the stock price information AP software. Display function.
[0026]
The JAR file 105C is a file in which class files and resource files necessary for realizing Java-AP are combined into one, and is used when distributing software created using the Java language. The JAR file 105C stores class files and resource files necessary to realize the above-described stock price information AP.
[0027]
The ADF 105B is a text file that describes a JAR file 105C that is paired with the ADF 105B and Java-AP data that is realized by a class file and a resource file stored in the JAR file 105C. As the data relating to the Java-AP, for example, as shown in FIG. 6, a package URL (http://www.abc) indicating the file size of the JAR file 105C paired with the ADF 105B and the position where the JAR file 105C is stored. .Co.jp / java / kabuka.jar). When the Java-AP is a Java-AP having a function of transmitting a terminal identifier, which is one of personal data stored in a mobile phone serving as a client, to the outside of the mobile phone, the ADF 105B stores Describes “UsePersonal = utn” which is an attribute indicating that. When the stock price information AP realized by the stock price information AP software distributed by the Java-AP software distribution server 100 is executed by a mobile phone serving as a client, a terminal identifier which is personal data of the mobile phone serving as a client is transmitted from the mobile phone. Therefore, "UsePersonal = utn" is described in the ADF 105B.
[0028]
[1-2-3. File Delivery]
The Java-AP software distribution server 100 transmits the description file 105A, ADF 105B, and JAR file 105C to the client mobile phone in response to an HTTP request from the client mobile phone.
[0029]
When receiving the HTTP request using the GET method using the URL of the description file 105A as a parameter, the Java-AP software distribution server 100 reads the description file 105A from the storage unit 105. Upon reading the description file 105A, the Java-AP software distribution server 100 generates an HTTP response including the read description file 105A, and transmits the HTTP response to a mobile phone serving as a client that has transmitted the HTTP request.
[0030]
When the URL that is the parameter of the GET method is the URL of the ADF 105B, the ADF 105B is read from the storage unit 105 and the read ADF 105B is transmitted to the mobile phone 400, as in the case of the description file 105A. If the URL that is the parameter of the GET method is the URL of the JAR file 105C, the JAR file 105C is read from the storage unit 105 and the JAR file read to the mobile phone serving as the client, as in the case of the description file 105A. Send 105C.
[0031]
[1-2-4. Distribution of Stock Price Information]
The server program stored in the ROM 106 has a function of communicating with a mobile phone serving as a client executing the stock price information AP and transmitting stock price information to the mobile phone serving as a client.
[0032]
When the stock price information AP is executed on the mobile phone serving as a client and the user of the stock price information AP performs an operation of registering the brand of the desired stock price information, the name of the brand desired by the user is registered from the mobile phone serving as the client. And the terminal identifier of the mobile phone serving as the client are transmitted to the Java-AP software distribution server 100.
[0033]
The CPU 108 of the Java-AP software distribution server 100 receives the registration request transmitted from the mobile phone 400 executing the stock price information AP and including the brand name and the terminal identifier of the stock price information desired by the user. The obtained terminal identifier and the company name are stored in the Java-AP user table 105D in association with each other. The Java-AP user table 105D is a table for managing users of the stock price information AP, and as illustrated in FIG. 7, the terminal identifier of the mobile phone transmitted from the mobile phone 400 and the user's desire. The brand name of the stock price information and the company name are associated with each other.
[0034]
When the stock price information AP is executed on the mobile phone serving as a client and the user of the stock price information AP performs an operation of acquiring stock price information of a brand registered, the terminal identifier of the mobile phone serving as the client is transmitted from the mobile phone serving as the client. Is transmitted to the Java-AP software distribution server 100.
[0035]
When the CPU 108 of the Java-AP software distribution server 100 receives a stock price information acquisition request including a terminal identifier transmitted from a mobile phone serving as a client on which the stock price information AP is executed, the CPU 108 is included in the stock price information acquisition request. The Java-AP user table 105D stored in the storage unit 105 is searched using the terminal identifier as a key. When finding the corresponding terminal identifier from the Java-AP user table 105D, the CPU 108 reads out the brand name stored in association with the terminal identifier. Next, the CPU 108 searches the stock price information table 105E using the read brand name as a key, and reads out the stock price information stored in association with the brand name from the stock price information table 105E. Next, the CPU 108 generates a stock price information response including the read stock price information, and transmits the generated response to the mobile phone serving as the client identified by the terminal identifier.
[0036]
[1-3. Configuration of Mobile Phone]
FIG. 8 is a block diagram illustrating a hardware configuration of the mobile phone 400. As shown in FIG. 8, each unit of the mobile phone 400 except the antenna 403 is connected to a bus 401, and data is exchanged between the units via the bus 401.
[0037]
The communication section 402 includes an antenna 403 and performs wireless communication with a wireless base station installed in the mobile packet communication network 300 under the control of the CPU 409. The operation unit 404 has ten keys (not shown) and a plurality of keys for inputting operation instructions and the like. When the user of the mobile phone 400 operates the operation unit 404, a signal indicating the operation content is output from the operation unit 404 to the CPU 409 according to the operation of the user. The display unit 405 includes, for example, a liquid crystal display panel (not shown) and a control circuit that controls display of the liquid crystal display panel. Under the control of the CPU 409, a character or graphic screen, a menu for operating the mobile phone 400, Display the screen etc. on the liquid crystal display. The non-volatile memory 406 stores data for controlling the mobile phone 400 and ADF and JAR files downloaded from a server that distributes Java-AP software.
[0038]
Various programs executed by the CPU 409 are stored in the ROM 407. For example, OS (Operating System) software for controlling the entirety of the IPL or the mobile phone 400, WWW browser software capable of interpreting CHTML, and the mobile phone 400 Stores Java execution environment software for executing Java-AP software. The ROM 407 stores a terminal identifier “MS0001” which is an identifier for uniquely identifying the mobile phone 400. The RAM 408 is used as a work area of the CPU 409, and temporarily stores data used by a program executed by the CPU 409.
[0039]
When the power of the mobile phone 400 is turned on, the CPU 409 reads and executes the IPL from the ROM 407 when the power is turned on, and initializes the CPU 409 and each unit of the mobile phone 400. Upon completion of the initialization, the CPU 409 reads the OS software from the ROM 407 and executes it. When the user of the mobile phone 400 operates the operation unit 404, the CPU 409 executing the OS software generates a signal output from the operation unit 404 in response to the user operation and a screen displayed on the display unit 404. Based on the instruction of the user based on the instruction, a process corresponding to the instruction of the user is performed.
[0040]
[1-3-1. Description of Java execution environment]
FIG. 9 is a diagram illustrating a configuration of the Java-AP execution environment in the mobile phone 400.
[0041]
The JAR storage is a storage area for storing the JAR file 105C, and is secured in the nonvolatile memory 406 by a JAM (Java Application Manager). The scratch pad is a storage area for storing persistent data (data that is maintained even after termination of the application), and is secured in the nonvolatile memory 406. The scratch pad is secured in the non-volatile memory 406 for each Java-AP by JAM.
[0042]
JAM manages Java-AP software. JAM displays a list of executable Java-AP software stored in the JAR storage, manages execution of Java-AP software (starts / forces termination of Java-AP software), and installs and deletes Java-AP software Has the function of performing
[0043]
In addition, the JAM reads data written in a storage area other than the scratch pad used by the Java-AP, writes the data in the scratch pad used by the Java-AP, and stores the read data in the portable memory. It has a function of monitoring transmission from the telephone 400.
[0044]
When the JAM reads the terminal identifier stored in the ROM 407 and receives an instruction to write the read terminal identifier to the scratch pad from the Java-AP, the JAM reads the terminal identifier from the ROM 407 and reads the terminal identifier to the scratch pad used by the Java-AP. Write the terminal identifier. Also, when “UsePersonal = utn” is described in the referenced ADF, the JAM reads the terminal identifier written in the scratchpad upon receiving an instruction from the Java-AP to transmit the terminal identifier to the outside of the mobile phone. Out of the mobile phone.
[0045]
If “UsePersonal = utn” is not described in the referenced ADF, the JAM reads the terminal identifier stored in the ROM 407 and reads the terminal identifier from the Java-AP even when receiving an instruction from the Java-AP to write the terminal identifier. And writing the terminal identifier to the scratchpad. Also, if “UsePersonal = utn” is not described in the referenced ADF, the JAM may receive an instruction from the Java-AP to read the terminal identifier written in the scratchpad and transmit the terminal identifier to the outside of the mobile phone. And the terminal identifier is not transmitted from the mobile phone.
[0046]
KVM (K Virtual Machine) is a redesigned Java Virtual Machine (JVM) that converts Java bytecodes into native codes and executes them for small embedded devices, and has limitations on memory, CPU capacity, and battery consumption. Designed to be used on some devices.
[0047]
[1-3-2. Processing at the time of acquiring Java-AP software]
Next, a process performed by the mobile phone 400 when downloading Java-AP software will be described.
[0048]
[1-3-2-1. Execution of browser and Java runtime environment]
When the user of the mobile phone 400 operates the operation unit 404 to instruct execution of the WWW browser software, the CPU 409 reads out the WWW browser software and the Java execution environment software from the ROM 407 and executes them. When the WWW browser software is executed, the display unit 405 is controlled by the CPU 409, and a browser screen serving as a user interface illustrated in FIG. 10 is displayed. Thereafter, the CPU 409 specifies a user's instruction based on the state of the browser screen serving as a user interface and a signal supplied from the operation unit 404, and performs processing according to the instruction. In addition, Java execution environment software is executed, and a Java-AP execution environment is realized.
[0049]
[1-3-2-2. WWW page acquisition]
The user of the mobile phone 400 uses the operation unit 404 to input a URL of a file for displaying a page provided by the WWW server on the mobile phone 400 on which the browser screen illustrated in FIG. 10 is displayed. Then, the CPU 409 controls the display unit 405 to display the input URL on the browser screen. When the user performs an operation of instructing display of a page specified by the input URL, that is, an operation of clicking a “display” button on the browser screen illustrated in FIG. The communication unit 402 is controlled to establish a TCP connection with the WWW server that provides the file specified by the URL. The CPU 409 transmits an HTTP request using a GET method with the input URL as a parameter to the WWW server device via the established TCP connection, and requests a file specified by the URL. In addition, the CPU 409 receives an HTTP response including a file transmitted from the WWW server device as a response to the HTTP request, and disconnects the connection.
[0050]
[1-3-2-3. Download of Java-AP software]
When the user of mobile phone 400 obtains a page for downloading Java-AP software on mobile phone 400 and then performs an operation to instruct download of Java-AP software on operation unit 404, the user's instruction Is notified to the running JAM.
[0051]
Specifically, the instruction of the user of the mobile phone 400 is notified to the JAM as follows. When the user performs an operation of clicking a hyperlink portion of the page displayed on the mobile phone 400, the ijam attribute is described in the A tag for displaying the hyperlink in the file for displaying the page by the WWW browser. It is determined whether or not. If the WWW browser determines that the i attribute is described in the A tag, the WWW browser extracts the URL described in the data attribute of the OBJECT tag. When the URL specifies the ADF, that is, when the extension of the file specified by the URL is “jar” indicating the ADF, the WWW browser instructs the user to download the Java-AP software. The JAM is notified that the download of the Java-AP software has been requested.
[0052]
When the JAM is notified of the request to download the Java-AP software, the JAM extracts the URL of the ADF described in the data attribute of the OBJECT tag. JAM establishes a TCP connection with the server specified by the URL and generates an HTTP request using a GET method using the extracted URL as a parameter. JAM transmits the generated HTTP request to the WWW server specified by the URL via the established TCP connection.
[0053]
The JAM receives an HTTP response including an ADF, which is transmitted from the WWW server as a response to the HTTP request. When the JAM receives the HTTP response including the ADF, the JAM refers to the included ADF and determines whether or not the Java-AP software can be stored in the nonvolatile memory 406. Specifically, the JAM refers to the “AppSize” key indicating the size of the JAR file and the “SPsize” key indicating the size of the scratchpad used by the Java-AP described in the ADF. JAM compares the size of the Java-AP software described in the ADF and the size of the scratchpad to be used with the free space of the JAR storage and the scratchpad, and determines whether the JAR file can be stored in the JAR storage. After downloading, it is determined whether or not the capacity of the scratch pad used by the Java-AP can be secured.
[0054]
When the JAM determines that it is possible to newly download Java-AP software, the JAM refers to the ADF and determines whether or not “UsePersonal = utn” is described in the ADF. When the JAM finds that “UsePersonal = utn” is described in the ADF, the Java-AP realized by executing the Java-AP software to be downloaded is stored in the mobile phone 400. It is determined that the terminal identifier, which is the personal data, is the Java-AP transmitted from the mobile phone 400, and the screen illustrated in FIG. 11 is displayed on the display unit 405. In the JAM, by displaying the screen illustrated in FIG. 11, the Java-AP realized by the Java-AP software to be downloaded is a Java-AP that transmits a terminal identifier, that is, personal data from the mobile phone 400. To the user.
[0055]
The user who has viewed the screen illustrated in FIG. 11 has input an instruction to stop the download of the Java-AP software by operating the operation unit 404 because there is a fear that personal data is used outside the mobile phone 400. In such a case, JAM stops downloading the Java-AP software.
[0056]
The user who saw the screen illustrated in FIG. 11 acknowledged that the personal data was used outside the mobile phone 400, and operated the operation unit 404 to input an instruction to download the Java-AP software. If so, the JAM continues downloading the Java-AP software. Specifically, the JAM refers to a “Package URL” key described in the ADF and extracts a URL indicating a location where the JAR file is stored. When the JAM extracts the URL, the JAM establishes a TCP connection with the WWW server specified by the URL, and generates an HTTP request using a GET method using the URL as a parameter. JAM sends the generated HTTP request to the server via the established TCP connection. JAM receives an HTTP response containing a JAR file, which is transmitted from the server as a response to the HTTP request. When receiving the HTTP response including the JAR file, the JAM extracts the JAR file from the HTTP response and stores the extracted JAR file in the JAR storage. JAM refers to the “SPsize” key indicating the size of the scratch pad described in the ADF, and changes the capacity designated by the “SPsize” key to the scratch size for Java-AP realized by the downloaded Java-AP software. Secure on the pad.
[0057]
[1-3-3. Processing at the time of execution of Java-AP software]
Next, a process performed when the mobile phone 400 is instructed to execute the Java-AP software will be described with reference to a flowchart illustrated in FIG.
[0058]
When the user performs an operation on the operation unit 404 to display a list of Java-AP software stored and executable in the non-volatile memory 406, the CPU 409 reads the Java execution environment software from the ROM 407 and reads the Java execution environment software. Execute (step SA1). By executing the Java execution environment software, a Java-AP execution environment is realized in the mobile phone 400. When the Java-AP execution environment is realized, the CPU 409 is provided with JAM and KVM functions. The CPU 409 having the JAM function refers to the non-volatile memory 406 and generates a list of Java-AP software stored in the non-volatile memory 406 and executable. After generating the list, the CPU 409 controls the display unit 405 to display the generated list on the display unit 405 (step SA2).
[0059]
After displaying the Java-AP software list, the CPU 409 waits for an input of an instruction to execute the Java-AP software from the user (step SA3). When the user selects the Java-AP software displayed on the display unit 405 and performs an operation to instruct execution of the selected Java-AP software on the operation unit 404 (step SA3: YES), the CPU 409 determines Based on the signal output from the operation unit 404 and the screen displayed on the display unit 405, the Java-AP software that the user instructed to execute is specified. The CPU 409 reads the ADF of the specified Java-AP software from the non-volatile memory 406 (Step SA4).
[0060]
The CPU 409 refers to the read ADF and determines whether or not the “UsePersonal = utn” attribute is described in the ADF, so that the Java-AP realized by the Java-AP software instructed by the user to execute is executed. Then, it is determined whether or not the terminal identifier stored in mobile phone 400 is a Java-AP transmitted from mobile phone 400 (step SA5).
[0061]
When the CPU 409 determines that the Java-AP realized by the Java-AP software instructed to be executed is a Java-AP that does not transmit the terminal identifier stored in the mobile phone 400 from the mobile phone 400, (Step SA5: NO), the CPU 409 reads the JAR file from the nonvolatile memory 406 (Step SA9) and executes it (Step SA10).
[0062]
When the CPU 409 determines that the Java-AP realized by the Java-AP software instructed to be executed by the user is the Java-AP that transmits the terminal identifier stored in the mobile phone 400 from the mobile phone 400, Is displayed (step SA5: YES), the display unit 405 displays a screen prompting the user to input an instruction to permit or reject execution (step SA6), and confirms with the user whether or not the Java-AP software can be executed. Let it. After displaying a screen for prompting input of an instruction to permit or reject execution, CPU 409 waits for an instruction from the user to be input (step SA7).
[0063]
When the operation unit 404 is operated by the user and a signal indicating the operation content of the user is input to the CPU 409, the CPU 409 determines whether the operation performed by the user is an instruction to execute the Java-AP software. (Step SA8). When the user's instruction is to instruct to stop the execution of the Java-AP software (step SA8: NO), the CPU 409 does not execute the Java-AP software.
[0064]
When the user's instruction is to instruct execution of the Java-AP software (step SA8: YES), the CPU 409 reads the JAR file from the nonvolatile memory 406 (step SA9). When the Java execution environment software is executed, the CPU 409 provided with the KVM function converts the Java bytecode contained in the read JAR file into native code, and executes the Java-AP software (step SA10).
[0065]
After executing the Java-AP software, the CPU 409 waits for an input of an instruction to end the executed Java-AP software (step SA11). When the user operates the operation unit 404 to input an instruction to end the Java-AP software being executed, a signal indicating the content of the user's operation is input to the CPU 409, and the CPU 409 executes the Java-AP software being executed. Exit the software.
[0066]
[2. Operation example]
[2-1. Operation example when downloading Java-AP software]
Next, an operation example when Java-AP software is downloaded from the Java-AP software distribution server 100 will be described with reference to a sequence diagram shown in FIG. It is assumed that the mobile phone 400 is powered on by a user operation and the WWW browser is already running. The operations performed by the OS, the WWW browser, the JAM, the KVM, and the Java-AP stored in the mobile phone 400 are operations of the mobile phone 400. It is assumed that the telephone is 400.
[0067]
The operation of installing the Java-AP software provided by the Java-AP software distribution server 100 on the mobile phone 400 is performed when the user of the mobile phone 400 operates the mobile phone 400 and is stored in the Java-AP software distribution server 100. The process starts by trying to obtain the description file 105A.
[0068]
After the user of the mobile phone 400 operates the operation unit 404 of the mobile phone 400 and inputs the URL (“http://www.abc.co.jp/java/kabuka.html”) of the description file 105A, When an operation of clicking a “display” button shown in the example of the screen shown in FIG. 10 is performed (step S101), the mobile phone 400 generates an HTTP request using a GET method with the URL of the description file 105A as a parameter. It is generated (step S102). This HTTP request is transmitted from the mobile phone 400 and transmitted to the Java-AP software distribution server 100 via the mobile packet communication network 300 and the Internet 200 (step S103).
[0069]
When the HTTP request is received by the Java-AP software distribution server 100, the explanation file 105A is read from the storage unit 105 (step S104), and an HTTP response including the read explanation file 105A is generated (step S104). Step S105). This HTTP response is transmitted from the Java-AP software distribution server 100, and transmitted to the mobile phone 400 via the Internet 200 and the mobile packet communication network 300 (Step S106).
[0070]
When the mobile phone 400 receives the HTTP response, the description file 105A included in the HTTP response is interpreted by the WWW browser, and a user interface corresponding to the contents of the description file 105A is provided. As a result, page P01 shown in FIG. 5 is displayed on display unit 405 of mobile phone 400 (step S107).
[0071]
When the user who has viewed the page P01 performs an operation of clicking on the hyperlink P01A of the page P01 (step S108), the mobile phone 400 causes the anchor tag (“<A”) described in the description file 105A to be displayed. (I.e., tag starting with) is referenced. In the mobile phone 400, since the ijam attribute is described, the OBJECT tag is referred to, and the URL for obtaining the ADF 105B described in the data attribute of the OBJECT tag (“http://www.abc.co.co.jp”). .Jp / java / kabuka.jam "). Next, in the mobile phone 400, an HTTP request using a GET method using the extracted URL as a parameter is generated (Step S109), and transmitted to the Java-AP software distribution server 100 (Step S110).
[0072]
When the HTTP request is received by the Java-AP software distribution server 100, the ADF 105B is read from the storage unit 105 in response to the HTTP request (Step S111). In the Java-AP software distribution server 100, an HTTP response including the read ADF 105B is generated (Step S112), and the generated HTTP response is transmitted to the mobile phone 400 (Step S113).
[0073]
When the mobile phone 400 receives the HTTP response including the ADF 105B, the ADF 105B included in the HTTP response is referred to. In the mobile phone 400, since "UsePersonal = utn" is described in the ADF 105B, the display unit 405 is displayed on the display unit 405 in order to ask the user whether to download the terminal identifier, that is, Java-AP software for transmitting personal data. The screen shown in FIG. 11 is displayed (Step S114). Thereby, the mobile phone 400 informs the user that the Java-AP realized by executing the Java-AP software to be downloaded is the terminal identifier, that is, the Java-AP transmitting the personal data, and performs the download. Ask them to do it.
[0074]
When the user of the mobile phone 400 who sees the screen shown in FIG. 11 performs an operation of clicking the “OK” button shown on the screen (step S115), the mobile phone 400 sends the package URL (“http: //Www.abc.co.jp/java/kabuka.jar ") is extracted, and an HTTP request is generated using a GET method using the extracted PackageURL as a parameter (step S116). The generated HTTP request is transmitted from mobile phone 400 to Java-AP software distribution server 100 (step S117).
[0075]
When the Java-AP software distribution server 100 receives the HTTP request including the Package URL, the JAR file 105C corresponding to the HTTP request is read from the storage unit 105 (Step S118). When the JAR file 105C is read, the Java-AP software distribution server 100 generates an HTTP response including the JAR file 105C (step S119). This HTTP response is transmitted from the Java-AP software distribution server 100 (step S120), and received by the mobile phone 400. When the mobile phone 400 receives the HTTP response, the JAR file 105C included in the HTTP response and the downloaded ADF 105B are stored in the nonvolatile memory 406 (step S121).
[0076]
[2-2. Example of operation when stock price information AP software download is stopped]
Next, an operation when the user of the mobile phone 400 stops downloading the Java-AP software will be described. Note that the operations from step S101 to step S114 are the same as the operations when downloading the Java-AP software described above, and thus the description thereof will be omitted.
[0077]
After the user of the mobile phone 400 sees the screen shown in FIG. 11 for asking the user whether or not to download, he does not want to use Java-AP in which personal data is transmitted, When the user clicks the “Cancel” button shown in the screen shown in FIG. 11, the mobile phone 400 displays the screen illustrated in FIG. 14 on the display unit 405, and stops downloading the Java-AP software. I do.
[0078]
[2-3. Operation example when executing stock price information AP]
Next, an operation example when the stock price information AP is executed by the mobile phone 400 will be described. In the following description of the operation example, it is assumed that the stock price information AP software has already been downloaded to the mobile phone 400 by the above-described operation.
[0079]
When a user of the mobile phone 400 inputs an instruction to display a list of Java-AP software stored and executable in the JAR storage, a Java-AP execution environment is realized in the mobile phone 400. You. In the mobile phone 400, when the Java-AP execution environment is realized, the Java-AP software stored in the nonvolatile memory 406 is referred to, and a list of executable Java-AP software is generated. In the mobile phone 400, the generated list is displayed on the display unit 405.
[0080]
When the user who has viewed the Java-AP software list selects the already downloaded and executable stock price information AP software and performs an operation of instructing execution of the selected stock price information AP software, the mobile phone 400 displays The ADF 105B of the selected stock price information AP is referred to. Since "UsePersonal = utn" is described in the ADF 105B referred to by the mobile phone 400, the stock price information AP of the mobile phone 400 is a Java-AP that transmits a terminal identifier, which is personal data, from the mobile phone 400. Is displayed, and a screen for confirming execution of the Java-AP software illustrated in FIG. 15 is displayed.
[0081]
The user who sees the screen illustrated in FIG. 15 acknowledges that the terminal identifier stored in the mobile phone 400, that is, the personal data is transmitted from the mobile phone 400, and performs an operation to instruct execution of the Java-AP software. Then, the stock price information AP is executed.
[0082]
When the stock price information AP is executed, the screen illustrated in FIG. 16 is displayed on the display unit 405 of the mobile phone 400. When the user of the mobile phone 400 performs an operation of clicking “designation / deletion of brand” on the operation unit 404 in order to register a brand for which stock price information is desired, the screen illustrated in FIG. Will be displayed. When the user of the mobile phone 400 operates the mobile phone 400, designates “ABC company” as a brand whose information is desired, and clicks “register”, the terminal identifier “MS0001” stored in the ROM 407 is obtained. Is read out and stored in the scratch pad for the stock price information AP. When the terminal identifier is stored in the scratch pad, a brand registration request including the brand name “ABC company” specified by the user and the terminal identifier “MS0001” of the mobile phone 400 is generated, and the generated brand registration request is Java. Transmitted to the AP software distribution server 100;
[0083]
In the Java-AP software distribution server 100 that has received the brand registration request, the brand name “ABC company” included in the received brand registration request is associated with the terminal identifier “MS0001”, and the Java-AP in the storage unit 105 is stored. It is stored in the AP user table 105E as shown in FIG.
[0084]
Next, the user of the mobile phone 400 performs an operation of clicking “acquire stock price information” on the screen shown in FIG. 16 displayed on the display unit 405 in order to view the stock price information of the designated brand. When the process is performed in 404, the terminal identifier “MS0001” stored in the scratch pad for the stock price information AP is read, and a stock price information acquisition request including the read terminal identifier is generated. The generated stock price information acquisition request is transmitted from the mobile phone 400 and transmitted to the Java-AP software distribution server 100 via the mobile packet communication network 300 and the Internet 200.
[0085]
When the Java-AP software distribution server 100 receives the stock price information acquisition request, the Java-AP software distribution server 100 stores the stock identifier in the storage unit 105 by using the terminal identifier “MS0001” included in the stock price acquisition request as a key. The stored Java-AP user table 105D is searched. In the Java-AP software distribution server 100, when the corresponding terminal identifier is found in the Java-AP user table 105D, the user of the mobile phone 400 registered in association with the terminal identifier “MS0001” has registered. The brand name “ABC company” is read. Next, the Java-AP software distribution server 100 searches the stock price information table 105E shown in FIG. 3 stored in the storage unit 105 using the read brand name “ABC company” as a key, and searches for “ABC company”. Is read out. In the Java-AP software distribution server 100, a stock price information response including the read stock price information "100 yen" of the "ABC company" is generated, and generated to the mobile phone 400 identified by the terminal identifier "MS0001". A stock quote response is sent.
[0086]
Upon receiving the stock price information response, the mobile phone 400 extracts the stock price information of “ABC company” included in the response. The extracted stock price information is displayed on the display unit 405 as illustrated in FIG.
[0087]
As described above, according to the present embodiment, the person who intends to download the Java-AP software recognizes that the Java-AP is a Java-AP that transmits personal data inside the mobile phone 400 from the mobile phone 400. It will be downloaded after confirming. Therefore, a user who does not want to transmit personal data inside the mobile phone 400 from the mobile phone 400 may download Java-AP software for transmitting the personal data inside the mobile phone 400 from the mobile phone 400. Can be eliminated. Also, when the Java-AP software is executed in the mobile phone 400, the Java-AP realized by executing the Java-AP software transmits the personal data inside the mobile phone 400 from the mobile phone 400. The Java-AP software is executed after the user of the mobile phone 400 confirms that it is the AP. Therefore, a user who does not want the personal data inside the mobile phone 400 to be transmitted from the mobile phone 400 can use a Java-AP for transmitting the personal data inside the mobile phone 400 to the outside of the mobile phone 400. -The possibility of executing the AP software can be eliminated.
[0088]
[3. Modification]
In the embodiment described above, the Java-AP software distribution server 100 is connected to the mobile packet communication network 300 via the Internet 200. However, the Java-AP software distribution server 100 is connected to the mobile packet communication network 300 by a dedicated line. You may make it connect.
[0089]
In the above-described embodiment, the mobile phone 400 communicates with the server of the Java-AP software distribution source when Java-AP is realized. The communication of the 400 is not limited to the server of the distribution source of the Java-AP software. For example, in the embodiment described above, a WWW server for distributing stock price information is separately provided, and the mobile phone 400 executing the stock price information AP software communicates with a newly provided server for stock price information distribution. Stock price information may be obtained.
[0090]
In the above-described embodiment, a terminal identifier for uniquely identifying a mobile phone is used as personal data transmitted from the mobile phone 400 in which Java-AP is realized to the Java-AP software distribution server 100. , Personal data transmitted from the mobile phone 400 in which the Java-AP is realized is not limited to the terminal identifier. The personal data transmitted from the mobile phone 400 in which the Java-AP is realized may be other personal data such as the telephone number of the user who owns the mobile phone 400.
[0091]
Further, the above-described mobile phone 400 and mobile packet communication network 300 may be based on IMT-2000 (International Mobile Telecommunication 2000). An IMT-2000 compliant mobile phone uses an IC card called UIM (User Identity Module) that records subscriber data of a user of the mobile phone. When the mobile phone on which the Java-AP is realized is a mobile phone based on IMT-2000, the personal data transmitted from the mobile phone to the Java-AP software distribution server 100 is the identification of the UIM stored in the UIM. It may be a combination of a number or a UIM identification number and a mobile phone terminal identifier.
[0092]
In the above-described embodiment, the personal data transmitted from the mobile phone 400 to the Java-AP software distribution server 100 is transmitted in plain text. However, the personal data is converted by an arbitrary algorithm, and the data obtained by the conversion is transmitted. You may do so.
[0093]
In the embodiment described above, HTTP is used for communication between the mobile phone 400 and the Java-AP software distribution server 100, but the protocol used for communication is not limited to this, and HTTPS ( The communication may be performed using a protocol to which an encryption function is added, such as Hypertext Transfer Protocol Security (Hypertext Transfer Protocol Security).
[0094]
In the above-described embodiment, when the mobile phone 400 transmits the personal data to the Java-AP software distribution server 100, the user of the mobile phone 400 may be asked whether the personal data may be transmitted. .
[0095]
In the above-described embodiment, after the download of the Java-AP software is completed, a setting screen related to the details of the Java-AP illustrated in FIG. The user may be reconfirmed that the Java-AP to be transmitted is the Java-AP for transmitting the personal data.
[0096]
In the above-described embodiment, the mobile phone 400 downloads the stock price information AP software from the Java-AP software distribution server 100, but stores the stock price information AP software in the storage unit of the mobile phone 400 before shipping the mobile phone 400. You may make it ship it.
[0097]
The timing at which the terminal identifier is written to the scratch pad is not limited to the timing described in the above-described embodiment. The terminal identifier may be read from the ROM 407 at the start of execution of the stock price information AP and stored in the scratchpad.
[0098]
The various software stored in the ROM 407 of the mobile phone 400 described above may be made rewritable. An example of a method of rewriting various software includes the following method. For example, a recording medium such as a CD-ROM (Compact Disc Only Memory) in which various software is recorded is inserted into a CD-ROM drive of a personal computer, and the personal computer and a portable computer using a flash ROM instead of the ROM 407 are used. Connect to the phone with a cable. A personal computer reads various software recorded on a CD-ROM, and transmits the read software to a mobile phone connected by a cable. Then, the mobile phone that has received the software writes the received software into the flash ROM, so that various types of software stored in the mobile phone can be upgraded.
[0099]
In the above-described modification, a CD-ROM is used as a recording medium on which various software is recorded, but the recording medium is not limited to this. Other recording media such as a DVD-ROM, an IC card with a built-in flash ROM, and a floppy disk may be used.
[0100]
In the above-described embodiment, the terminal identifier stored in the ROM 407 of the mobile phone is read from the ROM 407 and transmitted as personal data. That is, the personal data stored in the mobile phone is read and Although transmitted as data, personal data input by the user of the mobile phone 400 using the operation unit 404 may be transmitted to the Java-AP software distribution server 100.
[0101]
In the above-described embodiment, the Java execution environment and the Java-AP are used. However, the personal data stored in the mobile phone may not be transmitted without permission of the user of the mobile phone. For example, the execution environment of the application software is not limited to the Java execution environment. In addition, the application software is not limited to software created using the Java programming language, but may be software created using another programming language.
[0102]
In the above-described embodiment, the personal data is transmitted from the mobile phone 400 as a trigger when the user of the mobile phone 400 operates the mobile phone 400 running the Java-AP software. -The personal data may be requested from the AP software distribution server 100 and transmitted from the mobile phone 400 as a trigger.
[0103]
【The invention's effect】
As described above, according to the present invention, when executing application software in a communication terminal, it is possible to prevent personal data of the user of the communication terminal from being transmitted from the communication terminal without permission of the user. .
[Brief description of the drawings]
FIG. 1 is a diagram illustrating an overall configuration of a communication system according to an embodiment of the present invention.
FIG. 2 is a block diagram illustrating a hardware configuration of a Java-AP software distribution server 100 according to the embodiment of the present invention.
FIG. 3 is a diagram showing the contents of a stock price information table 105E.
FIG. 4 is a diagram showing the contents of an explanation file 105A.
FIG. 5 is a diagram showing a page distributed by the Java-AP software distribution server 100.
FIG. 6 is a diagram showing the contents of an ADF 105B.
FIG. 7 is a diagram showing the contents of a Java-AP user table 105D.
FIG. 8 is a diagram exemplifying a hardware configuration of a mobile phone 400 according to the embodiment of the present invention.
FIG. 9 is a diagram illustrating a configuration of a Java-AP execution environment.
FIG. 10 is a diagram exemplifying a browser screen displayed when a WWW browser is executed on mobile phone 400.
FIG. 11 is a diagram showing a message displayed when downloading Java-AP software for transmitting personal data.
FIG. 12 is a flowchart illustrating a processing flow when the mobile phone 400 according to the embodiment of the present invention executes Java-AP software.
FIG. 13 is a sequence diagram showing an operation example when the mobile phone 400 downloads Java-AP software.
FIG. 14 is a diagram illustrating a screen displayed when downloading of Java-AP software is stopped.
FIG. 15 is a diagram showing a warning message displayed when executing Java-AP software for transmitting personal data to the outside of the mobile phone 400.
FIG. 16 is a diagram exemplifying a screen displayed at the start of execution of stock price information AP.
FIG. 17 is a diagram exemplifying a screen displayed after clicking “register / delete brand” shown on the screen displayed at the start of execution of stock price information AP.
FIG. 18 is a diagram exemplifying a screen on which stock price information acquired from the Java-AP software distribution server 100 is displayed.
FIG. 19 is a diagram exemplifying a setting screen related to Java-AP details displayed on the display unit 405 of the mobile phone 400 in a modified example of the embodiment.
[Explanation of symbols]
100: Java-AP software distribution server, 101: bus, 102: communication unit, 103: operation unit, 104: display unit, 105: storage unit, 105A: explanation File, 105B: ADF, 105C: JAR file, 105D: Java-AP user table, 105E: Stock price information table, 106: ROM, 107: RAM, 108 ... CPU
200 ・ ・ ・ Internet
300: Mobile packet communication network
400 mobile phone, 401 bus, 402 communication unit, 403 antenna, 404 operation unit, 405 display unit, 406 nonvolatile memory, 407 ..ROM, 408 RAM, 409 CPU

Claims (10)

First storage means for storing a program, execution means for executing the program stored in the first storage means, and data read and written by an application realized by the execution means executing the program A communication terminal, comprising: a second storage unit for performing the transmission of data to the external device by the application;
An instruction input means for inputting an instruction of the user,
An instruction to execute a program, which is a program stored by the first storage unit and realizes an application capable of acquiring personal data of the user and transmitting the personal data to an external device, is issued by the instruction input unit. First confirmation means for prompting the user to input an instruction indicating whether or not to permit execution of the program,
A communication terminal comprising: an execution permitting unit that permits execution of the program by the execution unit only when an instruction to permit execution is input by the instruction input unit. The communication terminal according to claim 1, wherein the first confirmation unit further notifies the user that the program is a program that can acquire personal data and transmit the personal data to an external device. A third storage unit that stores information indicating characteristics of the program;
The first confirmation unit determines whether the program is a program that can acquire the data and transmit the data to an external device based on information indicating characteristics of the program stored in the third storage unit. The communication terminal according to claim 1, wherein when determining that the program is a program that can be transmitted, the user is prompted to input an instruction indicating whether to permit execution of the program. A third storage unit that stores information indicating characteristics of the program;
The first confirmation unit determines whether the program is a program that can acquire the data and transmit the data to an external device based on information indicating characteristics of the program stored in the third storage unit. 2. The communication terminal according to claim 1, wherein when the determination is made that the program cannot be transmitted, execution of the program by the execution unit is permitted. First acquisition means for acquiring information indicating the characteristics of the program from a server device that distributes the program and information indicating the characteristics of the program via a communication network;
A second confirmation unit that prompts the user to input an instruction indicating whether to permit acquisition of the program, based on the information indicating the characteristics of the program acquired by the first acquisition unit;
A second acquisition unit that acquires the program from the server via a communication network only when an instruction to permit acquisition of the program is input by the instruction input unit. The communication terminal according to claim 3 or 4. The communication terminal according to claim 5, wherein the communication network is a mobile communication network, and the communication terminal is a mobile phone. The communication terminal according to claim 1, wherein the personal data is data capable of uniquely identifying the user. The communication terminal according to claim 1, wherein the program is a program described in a Java programming language. First storage means for storing a program, execution means for executing the program stored in the first storage means, and data read and written by an application realized by the execution means executing the program A computer device having a second storage unit for transmitting data and a transmission unit for the application to transmit data to an external device.
An instruction input means for inputting an instruction of the user,
An instruction to execute a program, which is a program stored by the first storage unit and realizes an application capable of acquiring personal data of the user and transmitting the personal data to an external device, is issued by the instruction input unit. First confirmation means for prompting the user to input an instruction indicating whether or not to permit execution of the program,
A program for functioning as execution permission means for permitting execution of the program by the execution means only when an instruction to permit execution is input by the instruction input means. A computer-readable recording medium on which the program according to claim 9 is recorded.

Images