JP2006253769A - Information processing system and method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an information processing system with high reliability capable of providing diversified services. <P>SOLUTION: The information processing system comprises: an RP 200 for providing a resource 100; an AP 400 for providing an application program 300 for utilizing the resource 100; and an SP 500 for allowing the RP 200 to utilize the resource 100 for execution of an application 212 and providing a service to a terminal 600, wherein the SP 500 includes: a portal provision section 510 for accepting a log-in from the terminal 600 and receiving first authentication information and a program execution request from the terminal 600; a first authentication section 520 for authenticating the terminal 600 on the basis of the first authentication information in response to the log-in; a re-authentication request section 530 for generating second authentication information different from the first authentication information when the terminal 600 is authenticated and using the second authentication information to request the RP 200 to authenticate the terminal 600; and a transfer section 540 for receiving encrypted result data 252 from the RP 299 and transferring the data to the terminal 600. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to an information processing system and method, and in particular, separates the system into three, ie, a resource provider system, a service provider system, and an application provider system, and uses grid computing to coordinate these three systems. The present invention relates to an information processing system and method, and a resource provider system, a service provider system, an application provider system, and a terminal device.

  In recent years, with the development of high-performance computers and high-speed communication network environments, the scope of practical application of grid computing systems to various technical fields is approaching. As this type of technology, there is one described in Patent Document 1. In the system described in this document, an arithmetic processor that performs arithmetic processing receives data from a user who requires arithmetic processing, and the main processing unit is a unit that can process a huge amount of arithmetic data even at a resource providing terminal. The processing data is divided and distributed to the resource providing terminals via the monitoring device, and after the resource providing terminal performs the arithmetic processing, the processing result is transmitted to the main processing device via the monitoring device. Uses grid computing technology that collects computation results and returns the results to the user.

In recent years, an application service provider (ASP) service in which a communication company provides business application software such as business software via the Internet or the like has become widespread. As this type of technology, there is one described in Patent Document 2. The system described in this document provides an inexpensive ASP service with a certain quality and performance to a large number of users.
JP 2004-302741 A JP 2002-342188 A

  By the way, a specific application program that requires high-level and high-load calculation processing is expensive, so that a service using software by an application service provider (hereinafter referred to as “ASP”) can be received. Was desired. However, such an application program is often used by a specific user for each application program, and commercialization of such software usage service provision is made possible due to variations in usage frequency and various usage forms. It was difficult. At present, most ASPs do not support the provision of application programs that require such high-level arithmetic processing, and general mail services and groupware such as Cybozu (registered trademark) are the mainstream. It is.

  Further, in the conventional ASP system, it is general to fixedly specify and allocate resources to be used for each application program. Therefore, when the application program is not used by the user, the corresponding resource is not used and the use efficiency is lowered. Further, when the user tries to use another application program, it is necessary to separately access another ASP system, which is not convenient. Furthermore, in order to execute ASP system services, various business capabilities such as window operations and computer resource operations are required. To achieve these with a single ASP system, advanced technologies and facilities, abundant Human resources and enormous expenses were required, and there were many obstacles to establishing a business.

  Furthermore, in a system using a conventional grid computing technology, a processing processor collectively performs registration and deployment of resource providing terminals and reception of resource use requests from users. In order to deal with users with various usage forms and technical fields, it is desirable to separately provide a provider for a user window that integrates and manages a plurality of ASPs familiar with specialized technical fields. A system capable of comprehensively managing the deployment of application programs in these fields and the use of these services is required. For that purpose, these multiple providers are separated while separating the system into a provider that manages application programs, a provider that manages resources, and a provider that uses these to provide services according to user requests. A mechanism that can provide various services in cooperation is desired. In addition, since data submitted by users who use resources is often highly confidential, it is essential to ensure security among a plurality of providers.

  The present invention has been made in view of the above circumstances, and an object of the present invention is to provide an environment in which functions can be distributed and dedicated to a specialized industry in a system capable of providing various services. An object of the present invention is to provide a convenient information processing system that improves the utilization efficiency and allows various application programs to be used together. Another object of the present invention is to provide a highly reliable information processing system capable of minimizing the distribution of personal authentication information and confidential information when a user uses a service.

According to the present invention, a terminal device that accepts a user service request,
A resource provider system that provides resources;
An application provider system that provides an application program that uses the resource;
A service provider system that provides the service to the user by causing the resource provider system to execute the application program using the resource in response to the request from the user;
The service provider system is:
A first accepting unit for accepting login and first authentication information from the user;
A second reception unit that receives a request to execute the application program;
A first authenticator for authenticating the user based on the first authentication information in response to the login;
An authentication information generation unit configured to generate second authentication information different from the first authentication information in response to the request from the user when the first authentication unit authenticates the user;
In response to the request, an authentication request unit that requests authentication to the resource provider system using the second authentication information;
A transfer unit that receives an execution result of the application program using the resource from the resource provider system and transfers the execution result to the terminal device;
The application provider system is:
A providing unit for providing the application program to the resource provider system;
The resource provider system is:
A third accepting unit for accepting the authentication request of the user including the request and the second authentication information from the service provider system;
In response to the authentication request, a second authenticating unit authenticating the user according to the second authentication information;
An execution unit that executes the application program using the resource in response to the request when the second authentication unit authenticates the user;
An information processing system including the above is provided.

  Here, the resource includes, for example, a CPU that starts an application program provided from an application provider system, data and information used by the application program, and storage. The resource provider system is a system that includes a plurality of resources, distributes processing to each resource according to a request from a user or as necessary, and executes the processing, and provides the result to the user terminal.

  Application programs include, for example, CAE (Computer Aided Engineering) and collision analysis in the automotive design field, drug screening analysis in the pharmaceutical company, fluid and structural analysis in the aircraft design field, and credit risk in the financial industry. This includes design, calculation, and analysis programs related to molecular and atomic simulations in the field of analysis and material development. In addition, the application program may be an application program that is used in general business such as e-mail software or groupware different from the design / calculation / analysis program. In addition to these application programs, application programs provided by application providers may include middleware related to application programs and know-how information such as manuals that describe how to use and operate application programs. it can. Information such as how to deploy and execute these programs is provided to the resource provider system together with the application program, and the resource provider system installs and executes the application program based on these information.

  According to the present invention, the user authentication information only needs to be managed by the service provider system without informing the application provider system or the resource provider system, and the user can log in to the service provider system. Based on this, authentication to the resource provider system is performed automatically while maintaining confidentiality, so that each function can be distributed to multiple provider systems and each can be dedicated to a specialized industry, and resource utilization efficiency An information processing system that is convenient and enables various application programs to be aggregated and used. Furthermore, according to the present invention, a highly reliable information processing system capable of minimizing the distribution of personal authentication information and confidential information when a user uses a service is provided.

  That is, the user's personal information is managed only by the service provider system and is not notified to other provider systems. Further, the request content from the user and the execution result obtained by the executed application program are information that only the resource provider system can know, and can be kept secret from other provider systems. If the user logs in to the service provider system once, after that, it is not necessary to log in for each job, and authentication in the resource provider system is automatically performed, which is convenient.

  In addition, by separating the system into the resource provider system, the service provider system, and the application program, each provider can concentrate on specialized work, and management efficiency is greatly improved. Also, the service provider system can provide a high value-added service from a single portal site according to user preferences. Furthermore, the service provider system allows the user to use a wide variety of services using at least one portal site as an entrance, which greatly improves convenience.

  In the information processing system, the resource provider system includes an encryption unit that encrypts the execution result of the execution unit, and an encryption execution result encrypted by the encryption unit via the service provider system. A result transmitting unit that transmits to the terminal device, wherein the terminal device receives the encryption execution result transferred from the service provider system, and decrypts the encryption execution result And a decoding unit.

  According to this configuration, when the execution result is transmitted from the resource provider system to the terminal device, the confidentiality of the information can be maintained with respect to the service provider system interposed therebetween.

  In the information processing system, the transfer unit of the service provider system receives, from the terminal device, original data used when the execution unit of the resource provider system executes the application program, and transfers the original data to the terminal device The terminal device includes: an encryption unit that encrypts the original data; and a data transmission unit that transmits the encrypted original data encrypted by the encryption unit to the resource provider system via the service provider. The resource provider system includes a data receiving unit that receives the encrypted original data transferred from the service provider system, and a decrypting unit that decrypts the encrypted original data. Can do.

  According to this configuration, when transmitting the original data from the terminal device to the resource provider system, the confidentiality of the information can be maintained with respect to the service provider system interposed therebetween.

  In the information processing system, including a certificate authority that issues the user certificate, the service provider system generates an anonymous user identification information for each request from the user, and the generation unit generates An anonymous user identification information storage unit that stores the anonymous user identification information in association with the user, and a certificate that requests the certificate authority to issue an anonymous proxy certificate using the anonymous user identification information for each request. An issuing unit, a management table storage unit that stores a management table that manages the anonymous proxy certificate, and a notification unit that notifies the resource provider system of the request from the user using the anonymous proxy certificate; , Can be included.

  Here, the anonymous proxy certificate is issued for each request, that is, for each job, and the expiration date of the certificate is set to be relatively short.

  According to this configuration, since authentication is performed by specifying the user anonymously between the service provider system and the resource provider system, the personal authentication information of the user is concealed as information that only the service provider system can know, and the resource provider Since the system is not notified, the reliability of the system is improved.

  In the information processing system, the service provider system includes a program registration unit for registering the application program, a resource registration unit for registering the resource, the application program registered in the program registration unit, and the resource registration unit. A presentation unit that presents the registered resource to the terminal device of the user.

  Here, the presentation unit may be a portal site that can be referred to after login using a general browser, for example.

  According to this configuration, if a program and a resource registered in the service provider system are referred to from a user terminal using a browser or the like to request the use of the service, the service of the application provider system or the resource provider system can be obtained. Since it can be used, operability and convenience are good.

  In the information processing system, the resource provider system may include the application provider system.

According to the present invention, a resource provider system that provides resources in response to a request from a user via a service provider system,
A receiving unit that receives the user authentication request including the request and authentication information of the user from the service provider system;
An authentication unit for authenticating the user according to the authentication information in response to the authentication request;
When the authentication unit authenticates the user, an execution unit that executes an application program using the resource in response to the request;
A resource provider system characterized by comprising:

According to the present invention, a service provider system that provides a service to the user by executing an application program provided by the application provider system using a resource provided by the resource provider system in response to a request from the user,
A first accepting unit for accepting login and first authentication information from the user;
A second reception unit that receives a request to execute the application program;
An authentication unit for authenticating the user based on the first authentication information in response to the login;
When the authentication unit authenticates the user, an authentication information generation unit that generates second authentication information different from the first authentication information in response to the request from the user;
In response to the request, an authentication request unit that requests authentication to the resource provider system using the second authentication information;
A service provider system comprising: a transfer unit that receives an execution result of the application program using the resource from the resource provider system and transfers the result to the terminal device.

According to the present invention, a providing unit that provides the resource provider system with an application program that uses resources of the resource provider system;
A registration unit that registers the application program in a service provider system that provides a service that uses the application program to the terminal device and uses the resource;
An application provider system characterized by comprising:

  The application provider system may include a license unit that manages licenses of the application program provided by the providing unit.

According to the present invention, the terminal device accepts a service use request from a user,
The resource provider system provides resources,
An application provider system provides an application program that uses the resource,
An information processing method in which a service provider system causes the resource provider system to execute the application program using the resource in response to the request from the user, and provides the user with the service,
The service provider system is:
Accepting login and first authentication information from the user,
Receiving a request to execute the application program;
In response to the login, authenticating the user based on the first authentication information;
When authenticating the user, in response to the request from the user, generating second authentication information different from the first authentication information;
In response to the request, request authentication from the resource provider system using the second authentication information;
Receiving an execution result of the application program using the resource from the resource provider system;
Transferring the execution result to the terminal device;
The application provider system is:
Providing the application program to the resource provider system;
The resource provider system is:
Accepting the authentication request of the user including the request and the second authentication information from the service provider system;
In response to the authentication request, authenticate the user according to the second authentication information;
An information processing method is provided, wherein when the user is authenticated, the application program is executed using the resource in response to the request.

According to the present invention, a certificate acceptance unit that accepts a certificate from a certificate authority,
An authentication request unit that makes an authentication request to the service provider system via the network using the certificate;
A reference unit that references an application program provided via the network;
A designation receiving unit that accepts designation of application programs and resources to be used;
A notification unit for notifying the service provider system of the application program and the resource received by the designation receiving unit;
A data transmission unit for transmitting original data used when executing the application program to the resource provider system via the service provider system;
A result receiving unit that receives an execution result of the application program transmitted from the resource provider system via the service provider system;
A terminal device characterized by comprising:

  It should be noted that any combination of the above-described constituent elements and a conversion of the expression of the present invention between a method, an apparatus, a system, a recording medium, a computer program, etc. are also effective as an aspect of the present invention.

  According to the present invention, in a system capable of providing various services, it provides an environment in which functions can be distributed and each can concentrate on a specialized industry, resource utilization efficiency can be improved, and various application programs can be aggregated and used. A convenient information processing system is provided. Furthermore, according to the present invention, a highly reliable information processing system capable of minimizing the distribution of personal authentication information and confidential information when a user uses a service is provided.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. In all the drawings, the same reference numerals are given to the same components, and the description will be omitted as appropriate.

  FIG. 1 is a system configuration block diagram showing the configuration of the information processing system according to the embodiment of the present invention. The information processing system according to the present embodiment includes a terminal device (user terminal 600) that receives a service use request from a user (user 10), a resource provider system (resource provider system 200) that provides a resource (resource 100), a resource An application provider system (application provider system 400) that provides an application program (application program 300) that uses a resource, causes the resource provider system to execute the application program using resources in response to a request from the user, and provides services to the user An information processing system including a service provider system (service provider system 500) to be provided, A first accepting unit (portal providing unit 510 and first authenticating unit 520) that accepts login and first authentication information from a user, and a second accepting unit (portal providing unit) that accepts an application program execution request 510), a first authentication unit (first authentication unit 520) that authenticates the user based on the first authentication information in response to login, and the first authentication unit authenticates the user, the user An authentication information generation unit (re-authentication request unit 530) that generates second authentication information different from the first authentication information in response to the request from the server, and uses the second authentication information in response to the request. An authentication request unit (re-authentication request unit 530) that requests authentication to the resource provider system, and an application program that uses resources from the resource provider system A transfer unit (transfer unit 540) that receives the row result and transfers it to the terminal device, and the application provider system includes a providing unit (application providing unit 420) that provides the application program to the resource provider system, and the resource provider The system includes a third accepting unit (second authenticating unit 220) for accepting a user authentication request including a request and second authentication information from the service provider system, and second authentication information in response to the authentication request. Therefore, when the second authenticating unit authenticating the user and the second authenticating unit (second authenticating unit 220) authenticate the user, the executing unit (executing the application program using the resource in response to the request) Execution control unit 240).

  In FIG. 1, the configuration of parts not related to the essence of the present invention is omitted.

  Each component of the information processing system includes a CPU of any computer, a memory, a program for realizing the components shown in the figure loaded in the memory, a storage unit such as a hard disk for storing the program, and a network connection interface. It is realized by any combination of hardware and software. It will be understood by those skilled in the art that there are various modifications to the implementation method and apparatus. Each drawing described below shows a functional unit block, not a hardware unit configuration.

  The information processing system according to the present embodiment includes a resource provider system 200 (shown as “RP” in the figure) that provides a resource 100 (shown as “resource A”, “resource B”, and “resource C” in the figure). , An application provider system 400 (shown as “AP” in the figure) that provides an application program 300 (shown as “application program A”, “application program B”, and “application program C” in the figure) that uses the resource 100 And a service provider system 500 (indicated as “SP” in the figure) for causing the resource provider system 200 to execute the application program 300 using the resource 100 in response to a request from the user 10 and providing the user 10 with a service. .

  Here, the cooperation of the three provider systems of the resource provider system 200, the application provider system 400, and the service provider system 500 will be briefly described. First, an application program 300 is registered in the application provider system 400 by a software developer. The resource provider system 200 provides system information of the resource provider system 200 to the service provider system 500 in advance and registers (not shown).

  In response to the inquiry from the application provider system 400, the service provider system 500 provides the application provider system 400 with system information of the resource provider system 200. Then, the application program 300 is transferred from the application provider system 400 to the resource provider system 200, deployed in the resource provider system 200, and the application program 212 (shown as “application” in the figure) is automatically installed. . Further, the application provider system 400 registers application information regarding the application program 300 in the resource provider system 200.

  In this way, registration states of application programs in various fields are presented to the user 10 via the service provider system 500, and the user 10 is provided with a service using an appropriate resource 100.

  The resource provider system 200 includes a plurality of resources 100, receives a request from the user 10 via the service provider system 500, distributes processing to each resource 100, executes the application program 212, and outputs the execution result to the user 10. To the user terminal 600. The resource 100 includes, for example, a CPU (not shown) for starting the application program 212 provided from the application provider system 400, data and information used by the application program 300, and storage (not shown).

  The application provider system 400 is an application that includes, for example, arithmetic processing and analysis programs related to special science and technology fields that require sophisticated and high-load arithmetic processing, such as biotechnology, chemicals, physics, design, distribution, and finance. A program 300 is provided. Furthermore, the application program 300 includes e-mail software, groupware, middleware related to the application program, know-how information such as a manual describing how to deploy and handle the application program, an operation method, and the like. Information about these programs is provided to the resource provider system 200 together with the application program 300, and the resource provider system 200 installs or upgrades the application program 212 based on these information.

  Specifically, the application provider system 400 includes a plurality of application programs 300, a management unit 410, an application providing unit 420, and a license unit 430. Note that the application program 300 does not need to be included in the application provider system 400 but may be held by another system and managed by the application provider system 400.

  The management unit 410 manages the application program 300 and its application information. The application providing unit 420 registers the application program 300 in the service provider system 500, provides various information on the application program 300, and prompts the user to use the information. In addition, the application providing unit 420 causes the resource provider system 200 to deploy the application program 300. That is, each resource 100 is installed so that the application program 300 can be executed.

  The license unit 430 issues a license to the resource provider system 200 that uses the application program 300. The license unit 430 can also perform processing such as charging to the resource provider system 200 and processing such as registration and management of the installation destination resource 100.

  Note that these configurations of the application provider system 400 are not related to the essence of the present invention, and thus detailed description thereof is omitted.

  The service provider system 500 functions as a portal that provides various types of information in order to provide users with a wide variety of services using the resources and application programs described above. The service provider system 500 includes a portal providing unit 510, a first authentication unit 520 (shown as “authentication unit” in the figure), a re-authentication request unit 530, and a transfer unit 540.

  The portal providing unit 510 provides a portal site to the user terminal 600, accepts login and first authentication information, and accepts a request to execute the application program 300. The first authentication unit 520 authenticates the user 10 based on the first authentication information in response to the login from the user 10. When the first authentication unit 520 authenticates the user 10, the re-authentication request unit 530 generates second authentication information different from the first authentication information in response to the request from the user 10, and In response, authentication is requested from the resource provider system 200 using the second authentication information. The second authentication information includes an anonymous certificate 712 issued by a second certificate authority 710 (shown as “CA station 2” in the figure).

  Here, when the user 10 logs in to the service provider system 500 with the real name ID 12 from the user terminal 600, the authentication in the first authentication unit 520 is the first certificate authority 700 (shown as “CA station 1” in the figure). Is performed based on the certificate 702 issued. Further, an anonymous ID 14 is generated separately from the real name ID 12 for each request from the user 10, and the re-authentication request unit 530 uses the anonymous certificate 712 issued by the second certificate authority 710 to generate an application from the user 10. An authentication request is made to the resource provider system 200 for each request such as a program execution request.

  Here, although the first certificate authority 700 and the second certificate authority 710 are different certificate authorities, the present invention is not limited to this. They may be the same certificate authority or may be included in the service provider system 500.

  The transfer unit 540 receives encrypted data 634 obtained by encrypting the raw data 632 used when executing the application program 212 from the user terminal 600, transfers the encrypted data 634 to the resource provider system 200, and also transfers the application program from the resource provider system 200. The encrypted execution result 212 is received and transferred to the user terminal 600.

  The resource provider system 200 includes an application registration unit 210, a second authentication unit 220 (shown as “authentication unit” in the figure), a decryption unit 230, an execution control unit 240, and an encryption unit 250. .

  The application registration unit 210 deploys the application program 212 provided by the application provider system 400 in an executable manner. Information about these programs is provided to the resource provider system 200 together with the application program 212, and the resource provider system 200 installs or upgrades the application program 212 based on these information. The application registration unit 210 registers the license of the application program 212 with the application provider system 400.

  The second authentication unit 220 receives an authentication request for the user 10 including the request and the second authentication information from the service provider system 500, and authenticates the user 10 according to the second authentication information in response to the authentication request.

  The decryption unit 230 receives and decrypts the encrypted data 634 transmitted from the user terminal 600 through the service provider system 500. Here, decryption is performed using a key 714 issued from a key creation center (not shown in FIG. 1). When the second authentication unit 220 authenticates the user 10, the execution control unit 240 causes the resource 100 to execute the application program 212 in response to the request. The encryption unit 250 encrypts the execution result of the execution control unit 240 using the key 714 and transmits the result to the user terminal 600 via the service provider system 500. The key creation center 750 can also be provided in the resource provider system 200 or the application program 300. Further, the public key of the resource provider system 200 can be stored in the service provider system 500.

  User terminal 600 includes a browser 610, a login reception unit 620, an encryption unit 630, and a decryption unit 640. The browser 610 is a general web browser, and accesses a portal site provided by the service provider system 500 via a network (not shown) such as the Internet or a LAN. Using the browser 610, the user 10 can refer to and use various services provided by the service provider system 500. For example, the user 10 can refer to the application program 300 and the resource 100 provided via the network via the browser 610. Then, the browser 610 receives the application program 300 and the resource 100 used by the user 10. The browser 610 notifies the service provider system 500 of the received application program 300 and resource 100.

  Login accepting unit 620 accepts certificate 702 issued by first certificate authority 700 and accepts login request of user 10 and input of real name ID 12 and password using browser 610. Further, the login reception unit 620 uses the received certificate 702 to make an authentication request to the service provider system 500 via the network.

  The encryption unit 630 encrypts the raw data 632 used when the application program 300 is executed, and transmits the obtained encrypted data 634 to the resource provider system 200 via the service provider system 500. The decryption unit 640 receives the result data 242 that is the execution result of the encrypted application program 212 from the resource provider system 200 via the service provider system 500, decrypts the result data 242, and generates result data 642.

  In the information processing system configured as described above, the service provider system 500 issues an anonymous certificate 712 signed by the service provider system 500 using a different anonymous ID 14 for each service use request of the user 10. Conceal the actual username.

  Here, the anonymous certificate 712 is a proxy certificate, and has an expiration date set for a relatively short period, for example, 24 hours. The reliability of the certificate is improved by setting the expiration date to a relatively short time.

  FIG. 2 is a block diagram showing a system configuration in the security function of the information processing system of the present embodiment.

  In the present embodiment, the resource provider system 200 is built on grid construction middleware 270 (shown as “Globus Toolkit” in the figure) such as Globus Toolkit, and includes a security management unit 260. The application provider system 400 is built on grid construction middleware 450 (shown as “Globus Toolkit” in the figure) such as Globus Toolkit, and includes an APL (Advanced Product Line) server 440. The service provider system 500 is built on grid construction middleware 570 (shown as “Globus Toolkit” in the figure) such as Globus Toolkit, and includes a Web server 542. In the service provider system 500, the first authentication unit 520 includes a user management unit 522, and the re-authentication request unit 530 includes a job management unit 550 and a security management unit 560.

  The user management unit 522 manages the user 10 who logs in to the service provider system 500. The job management unit 550 receives and manages a job requested by the user, for example, an encrypted data upload request and a result data download request.

  Furthermore, the security management unit 560 includes an anonymity ensuring unit 562 at the time of user authentication, a data concealment unit 564 at the time of data use, and an anonymity ensuring unit 566 at the time of data use. The user terminal 600 includes a browser 610 and a security management unit 660.

  The user authentication anonymity securing unit 562 issues an anonymous certificate signed by the service provider system 500 using a different anonymous ID for each user service use request in order to ensure anonymity during user authentication. This hides the real user name. Specifically, the anonymity securing unit 562 during user authentication causes the second certificate authority 710 to issue an anonymous certificate, manages the anonymous ID and the anonymous certificate, confirms the validity of the anonymous certificate, and is anonymous. Performs mapping management of ID and real name ID. In the mapping management, the mapped date and usage period are also managed.

  The data concealment unit 564 when using data conceals data when using data. Here, the data utilization is a series of processes in which, for example, encrypted data is transmitted from the user terminal 600 to the resource provider system 200, an operation is executed, and the result is encrypted and transferred from the resource provider system 200 to the user terminal 600. Refers to processing. When the data is used, the data is encrypted and decrypted between the user terminal 600 and the resource provider system 200, and the data other than the user terminal 600 and the resource provider system 200 is concealed. The series of processing is performed by the security management unit 660 of the user terminal 600, the security management unit 560 of the service provider system 500, and the security management unit 260 of the resource provider system 200.

  The data use anonymity securing unit 566 ensures anonymity during data use. That is, the user who owns the data is stored in a form that cannot be inferred from outsiders, and management according to the data attributes is performed. For example, the data use anonymity securing unit 566 performs anonymous ID / data mapping management and data access management.

  The service provider system 500 conceals and transfers data when transferring data between the user terminal 600 and the resource provider system 200. In addition, the authentication confirmation of the user 10 is performed only once at the time of login to the service provider system 500 for each user 10, and thereafter, only an attribute of the user that does not include the user's actual personal information is described for each job. The actual user is concealed by issuing an attribute certificate. According to the information processing system of the present embodiment configured as described above, it is possible to minimize the distribution of personal authentication information and confidential information when a user uses a service.

  FIG. 3 is a functional block diagram illustrating details of the job management unit 550 of the re-authentication request unit 530 of the service provider system 500 according to the present embodiment.

  The re-authentication request unit 530 accesses the anonymous management database 800, refers to the anonymous user management table 584, and determines the anonymous ID by a round robin method. The re-authentication request unit 530 includes an anonymity management unit 580, an anonymous file management unit 590, a job execution unit 810, and a database information acquisition unit 820.

  Anonymity management unit 580 includes an anonymous proxy certificate issuing unit 582, an anonymous proxy certificate reissuing unit 586, and an anonymous proxy certificate deleting unit 588. The anonymous proxy certificate issuing unit 582 acquires an anonymous ID that can be used in the target resource provider system 200 from the anonymous user management table 584 using a round robin method, and issues an anonymous proxy certificate. The anonymous proxy certificate reissue unit 586 issues an anonymous proxy certificate corresponding to the designated anonymous ID. The anonymous proxy certificate deletion unit 588 deletes the anonymous proxy certificate corresponding to the designated anonymous ID. The anonymous proxy certificate is stored in a storage unit (not shown). The anonymous file management unit 590 will be described later.

  The job execution unit 810 includes a job input unit 812, an executing job status inquiry unit 814, an executing job cancellation unit 816, and a job result acquisition unit 818. The job submission unit 812 submits a job requested by the user 10 to the resource provider system 200. The job input operation will be described later.

  The in-execution job status inquiry unit 814 inquires the job status according to the specified job identification information. Specifically, the execution job ID is searched from the database using various identification information, for example, user ID, scenario ID, sub-scenario ID, etc. as a key, and the target of status inquiry is determined. The executing job cancel unit 816 cancels the job according to the specified job identification information. Specifically, the execution job ID is searched from the database using various identification information, for example, user ID, scenario ID, sub-scenario ID, etc. as a key, and a cancel target is determined.

  The job result acquisition unit 818 acquires the job result according to the specified job identification information. The file output from the resource provider system 200 side is extracted to the real name area via the anonymous area in cooperation with the anonymous file management unit 590. An execution job ID is searched from the database using identification information such as a user ID, a scenario ID, and a sub-scenario ID as a key, and a result acquisition target is determined.

  The database information acquisition unit 820 acquires a resource provider system name, user name, password, and the like from the anonymous user management table 584.

  The anonymous user management table 584 of the anonymous management database 800 can include the anonymous ID management table 830 and the anonymous ID user correspondence table 832 shown in FIG. As shown in FIG. 4A, the anonymous ID management table 830 stores a password, a resource provider system name, an available flag, and the like in association with each anonymous ID. As shown in FIG. 4B, the anonymous ID user correspondence table 832 stores an anonymous ID, a resource provider system name, the number of times of use, and the like in association with each user ID. The resource provider system name in the anonymous ID management table 830 and the anonymous ID user correspondence table 832 may be the entity name of the resource provider system 200 or the URL of the resource provider system 200.

  FIG. 5 is a diagram for explaining the function of the anonymous file management unit 590 of the present embodiment. Anonymous file management unit 590 includes a conversion unit 592 and a copy unit 594. Here, in particular, an example of a functional configuration for the purpose of ensuring anonymity when using data will be described. In addition, the transfer unit 540 of the service provider system 500 in FIG. 1 includes a first transfer unit 544 that performs data transfer with the user terminal 600 and a transfer unit 546 that performs data transfer with the service provider system 500. The user terminal 600 includes a transfer unit 680 that encrypts the raw data 632 and the result data 642 described in FIG. 1 and transfers the real file 682 between the user terminal 600 and the service provider system 500. The resource provider system 200 includes a transfer unit 280 that transfers the anonymous file 282 obtained by encrypting the raw data 232 and the result data 242 between the resource provider system 200 and the service provider system 500.

  The conversion unit 592 creates the information of the anonymous file 595 for the anonymous area based on the information of the real file 593 passed from the job management unit 550 in ensuring anonymity when using data. Here, the real file 593 is obtained by the first transfer unit 544 of the service provider system 500 receiving the real file 682 transferred from the user terminal 600 via the transfer unit 680. For the real file 593 transmitted from the user 10, a directory name and a file name not related to the user information are created. A first RSL (Resource Specification Language) file (not shown) in which these file information is written is converted into the file information of the anonymous file 595 and stored as a separate file in the second RSL file.

  Specifically, the information of the real file 593 includes, for example, the real name ID 12, the request scenario number, the request sub-scenario number, the anonymous ID 14, the factory of the resource provider system 200, and the URL of the first RSL file. The conversion unit 592 rewrites the information from the real name area directory to the anonymous area, and returns the URL of the second RSL file after the rewriting to the job management unit 550. The conversion unit 592 registers the real name ID 12, mapping information of the real file 593 and the anonymous file 595 in the scenario and sub-scenario.

  The copy unit 594 retrieves the actual file 593 from the anonymous management database 800 at the time of job and submission, and copies the corresponding file to the anonymous area. At the time of job result acquisition, the result file stored in the anonymous area is searched from the anonymous management database 800, and the corresponding file is copied to the real name area.

  More specifically, when copying from the real name area to the anonymous area, the real name ID 12, the request scenario number, and the request sub-scenario number are passed from the job management unit 550, and a file search is performed from the anonymous management database 800. The real file 593 is copied to the anonymous area and stored as the anonymous file 595.

  In this way, the second transfer unit 546 transfers the anonymous file 595 stored in the anonymous region from the service provider system 500 to the resource provider system 200, and the transfer unit 280 of the resource provider system 200 uses the anonymous file 282 in the anonymous region. Is transferred to the anonymous file 595 in the anonymous area of the service provider system 500.

  On the other hand, when copying from the anonymous area to the real name area, the real name ID 12, the request scenario number, and the request sub-scenario number are passed from the job management unit 550, a file search is performed from the anonymous management database 800, and the anonymous area is anonymous. The file 595 is copied to the real name area and saved as the real file 593.

  The real file 593 thus copied to the real name area is transferred from the service provider system 500 to the user terminal 600 by the first transfer unit 544.

  The operation of the information processing system of this embodiment configured as described above will be described below. First, the operation at the time of data upload from the user terminal 600 will be described. FIG. 6 is a flowchart showing an example of the operation at the time of data upload of the information processing system of this embodiment. Hereinafter, description will be made with reference to FIGS. 1 and 6.

  First, when the browser 610 accepts that the user 10 has pressed a RUN button (not shown) (step S11), a job execution object is created (step S13). Subsequently, an encrypted applet including a user ID, a scenario ID, a sub-scenario ID, and the like is created (step S15). Subsequently, a request for creating an encryption-compatible object is received from the service provider system 500 (step S17), and an encryption-compatible object is created (step S19).

  The service provider system 500 requests the provision of public key and file information (step S21), and the public key and file information are transmitted from the user terminal 600 to the service provider system 500 (step S23).

  A session key is created in the key creation center 750 via the service provider system 500 (step S25), and the session key is encrypted (step S27). In the service provider system 500, the data and key information are updated using the encrypted session key (step S29). A session key is transmitted from the service provider system 500 to the user terminal 600 (step S31), the session key is decrypted in the user terminal 600 (step S33), and the data to be transmitted is encrypted using the session key (step S31). S35).

  The encrypted data is uploaded from the user terminal 600 to the service provider system 500 (step S37), and when the upload is finished, the service provider system 500 notifies the user terminal 600 of the completion of data upload (step S39).

  In FIG. 6, the case where encryption is necessary at the time of data transmission has been described. However, when encryption is not necessary, steps S <b> 15 to S <b> 35 can be omitted.

  Next, an operation at the time of job execution in the user terminal 600 will be described. 7 and 8 are flowcharts showing an example of an operation at the time of job execution of the information processing system of this embodiment. The following description will be made with reference to FIGS. 1, 2, 7, and 8.

  First, in the service provider system 500 of FIG. 2, the portal providing unit 510 receives a job request from the user terminal 600 (step S51). In response to the job request, the job management unit 550 accesses a file key management database (not shown), searches for a session key (step S53), and acquires it. Subsequently, the job management unit 550 searches for and acquires the public key of the resource provider system 200 (step S55).

  The key creation center 750 decrypts the acquired session key (step S57) and encrypts the session key again (step S59).

  Subsequently, in the service provider system 500, the job management unit 550 requests the resource provider system 200 to execute a pre-job (shown as “Pre job” in the drawing) (step S61). Here, the pre-job is a process for transferring a session key between the service provider system 500 and the resource provider system 200 before executing this job.

  In the resource provider system 200, the pre-job execution is accepted and started (step S71). Subsequently, the session key is decrypted (step S73), and the data file is decrypted (step S75). Subsequently, the service provider system 500 requests the resource provider system 200 to execute this job (step S81). The resource provider system 200 receives and starts execution of this job (step S91).

  Subsequently, the execution control unit 240 executes the application program 212 using the resource 100, and outputs a result file (step S93). Next, proceeding to FIG. 8, the service provider system 500 accesses the file key management database, searches for the session key (step S103), and acquires it. Subsequently, the key creation center 750 in FIG. 2 decrypts the session key (step S105), and encrypts the session key again (step S107).

  Subsequently, the service provider system 500 requests the resource provider system 200 to execute a post job (shown as “Post job” in the figure) (step S109). Here, the post job is a process of exchanging a session key between the service provider system 500 and the resource provider system 200 after executing this job.

  The resource provider system 200 accepts and starts the execution of the post job (step S111). Subsequently, the session key is decrypted (step S113), and the data file is encrypted (step S115). The encrypted data file is sent from the resource provider system 200 to the service provider system 500, and the service provider system 500 receives the file (step S121).

  Next, an operation when data is downloaded to the user terminal 600 will be described. FIG. 9 is a flowchart showing an example of the operation at the time of data download of the information processing system of this embodiment. Hereinafter, a description will be given with reference to FIGS. 1 and 9.

  First, when the browser 610 accepts that the user 10 has pressed a DL button (not shown) (step S131), an encrypted applet including a user ID, a scenario ID, a sub-scenario ID, and the like is created (step S133). . Subsequently, a request for creating an encryption-compatible object is received from the service provider system 500 (step S135), and an encryption-compatible object is created (step S137).

  The user terminal 600 requests scenario information from the service provider system 500 (step S139), and scenario information including the user ID, scenario ID, and sub-scenario ID is transmitted from the user terminal 600 to the service provider system 500 (step S141). ). The service provider system 500 accesses the file key management database, searches for file information and a session key (step S143), and acquires (step S145).

  Subsequently, the download data is encrypted with the acquired session key, and the data and the session key are transmitted from the service provider system 500 to the user terminal 600 (step S147). Subsequently, the user terminal 600 decrypts the session key (step S149), and decrypts the received data using the session key (step S151). The decrypted data is stored (step S153).

  As described above, according to the information processing system according to the present embodiment, only the service provider system 500 manages the personal authentication information of the user terminal 600 without notifying the application provider system 400 and the resource provider system 200. Further, based on login authentication from the user terminal 600 to the service provider system 500, authentication to the resource provider system 200 is automatically performed while maintaining confidentiality. It provides an environment in which each function can be devoted to a specialized industry, increasing the efficiency of resource utilization, and making it possible to aggregate and use various application programs, improving convenience. Furthermore, it is possible to minimize the distribution of personal authentication information and confidential information when the user uses the service.

  In addition, if the program 300 and the resource 100 registered in the service provider system 500 are referred to from the user terminal 600 using the browser 610 or the like to request the use of the service, the application provider system 400 and the resource provider system 200 can be requested. Since the service can be used, operability and convenience are good.

  As mentioned above, although embodiment of this invention was described with reference to drawings, these are the illustrations of this invention, Various structures other than the above are also employable.

It is a system configuration block diagram showing a configuration of an information processing system according to an embodiment of the present invention. It is a block diagram which shows the system configuration | structure in the security function of the information processing system of FIG. It is a functional block diagram which shows the detail of the re-authentication request | requirement part of the service provider system of FIG. It is a figure which shows an example of the structure of the anonymous user management table of the anonymous management database of FIG. It is a figure for demonstrating the function of the anonymous file management part of FIG. 3 is a flowchart illustrating an example of an operation at the time of data upload of the information processing system of FIG. 1. 3 is a flowchart illustrating an example of an operation during job execution of the information processing system in FIG. 1. It is a flowchart which shows the continuation of the operation | movement of FIG. 3 is a flowchart illustrating an example of an operation at the time of data download of the information processing system of FIG. 1.

Explanation of symbols

10 User 12 Real name ID
14 Anonymous ID
DESCRIPTION OF SYMBOLS 100 Resource 200 Resource provider system 210 Application registration part 220 2nd authentication part 230 Decryption part 240 Execution control part 250 Encryption part 260 Security management part 270 Grid construction middleware 280 Transfer part 282 Anonymous file 300 Application program 400 Application provider system 410 Management Unit 420 Application providing unit 430 License unit 440 APL server 450 Grid construction middleware 500 Service provider system 510 Portal providing unit 520 First authentication unit 522 User management unit 530 Re-authentication request unit 540 Transfer unit 542 Web server 544 First transfer unit 546 Second transfer unit 550 Job management unit 560 Security management unit 562 User authentication Anonymity ensuring unit 564 Data concealment unit when using data 566 Anonymity ensuring unit when using data 570 Grid construction middleware 580 Anonymity management unit 582 Anonymous proxy certificate issuing unit 584 Anonymous user management table 586 Anonymous proxy certificate reissuing unit 588 Anonymous Proxy certificate deletion unit 590 Anonymous file management unit 592 Conversion unit 593 Real file 594 Copy unit 595 Anonymous file 600 User terminal 610 Browser 620 Login reception unit 630 Encryption unit 640 Decryption unit 660 Security management unit 680 Transfer unit 682 Real file 700 1 Certificate Authority 702 Certificate 710 2nd Certificate Authority 712 Anonymous Certificate 750 Key Creation Center 800 Anonymous Management Database 810 Job Execution Unit 812 Job Input Unit 814 Executing Job Status Meeting part 816 Execution job cancellation part 818 Job result acquisition part 820 Database information acquisition part 830 Anonymous ID management table 832 Anonymous ID user correspondence table

Claims (12)

A terminal device that accepts a user service request;
A resource provider system that provides resources;
An application provider system that provides an application program that uses the resource;
A service provider system that provides the service to the user by causing the resource provider system to execute the application program using the resource in response to the request from the user;
The service provider system is:
A first accepting unit for accepting login and first authentication information from the user;
A second reception unit that receives a request to execute the application program;
A first authenticator for authenticating the user based on the first authentication information in response to the login;
An authentication information generation unit configured to generate second authentication information different from the first authentication information in response to the request from the user when the first authentication unit authenticates the user;
In response to the request, an authentication request unit that requests authentication to the resource provider system using the second authentication information;
A transfer unit that receives an execution result of the application program using the resource from the resource provider system and transfers the execution result to the terminal device;
The application provider system is:
A providing unit for providing the application program to the resource provider system;
The resource provider system is:
A third accepting unit for accepting the authentication request of the user including the request and the second authentication information from the service provider system;
In response to the authentication request, a second authenticating unit authenticating the user according to the second authentication information;
An execution unit that executes the application program using the resource in response to the request when the second authentication unit authenticates the user;
An information processing system comprising: The information processing system according to claim 1,
The resource provider system is:
An encryption unit for encrypting the execution result of the execution unit;
A result transmission unit that transmits the encryption execution result encrypted by the encryption unit to the terminal device via the service provider system, and
The terminal device
A receiving unit for receiving the encryption execution result transferred from the service provider system;
An information processing system comprising: a decrypting unit configured to decrypt the encryption execution result. The information processing system according to claim 1 or 2,
The transfer unit of the service provider system receives, from the terminal device, original data used when the execution unit of the resource provider system executes the application program, transfers the original data to the terminal device,
The terminal device
An encryption unit for encrypting the original data;
A data transmission unit that transmits the original data encrypted by the encryption unit to the resource provider system via the service provider;
Including
The resource provider system is:
A data receiving unit for receiving the encryption source data transferred from the service provider system;
An information processing system comprising: a decrypting unit configured to decrypt the encrypted original data. The information processing system according to any one of claims 1 to 3,
Including a certificate authority that issues the user's certificate;
The service provider system is:
A generating unit that generates anonymous user identification information for each request from the user;
Anonymous user identification information storage unit that stores the anonymous user identification information generated by the generation unit in association with the user;
For each request, a certificate issuing unit that requests the certificate authority to issue an anonymous proxy certificate using the anonymous user identification information;
A management table storage unit for storing a management table for managing the anonymous proxy certificate;
A notification unit that notifies the resource provider system of the request from the user using the anonymous proxy certificate. The information processing system according to any one of claims 1 to 4,
The service provider system is:
A program registration unit for registering the application program;
A resource registration unit for registering the resource;
A presentation unit that presents the application program registered in the program registration unit and the resource registered in the resource registration unit to the terminal device of the user;
An information processing system comprising: The information processing system according to any one of claims 1 to 5,
The information processing system, wherein the resource provider system includes the application provider system. A resource provider system that provides resources in response to a request from a user via a service provider system,
A receiving unit that receives the user authentication request including the request and authentication information of the user from the service provider system;
An authentication unit for authenticating the user according to the authentication information in response to the authentication request;
When the authentication unit authenticates the user, an execution unit that executes an application program using the resource in response to the request;
A resource provider system comprising: A service provider system that provides a service to the user by executing an application program provided by the application provider system using a resource provided by the resource provider system in response to a request from the user,
A first accepting unit for accepting login and first authentication information from the user;
A second reception unit that receives a request to execute the application program;
An authentication unit for authenticating the user based on the first authentication information in response to the login;
When the authentication unit authenticates the user, an authentication information generation unit that generates second authentication information different from the first authentication information in response to the request from the user;
In response to the request, an authentication request unit that requests authentication to the resource provider system using the second authentication information;
A service provider system comprising: a transfer unit that receives an execution result of the application program using the resource from the resource provider system and transfers the result to the terminal device. A providing unit that provides the resource provider system with an application program that uses resources of the resource provider system;
A registration unit that registers the application program in a service provider system that provides a service that uses the application program to the terminal device and uses the resource;
An application provider system comprising: The application provider system according to claim 9,
An application provider system comprising: a license unit that manages a license of the application program provided by the providing unit. The terminal device accepts a service use request from the user,
The resource provider system provides resources,
An application provider system provides an application program that uses the resource,
An information processing method in which a service provider system causes the resource provider system to execute the application program using the resource in response to the request from the user, and provides the user with the service,
The service provider system is:
Accepting login and first authentication information from the user,
Receiving a request to execute the application program;
In response to the login, authenticating the user based on the first authentication information;
When authenticating the user, in response to the request from the user, generating second authentication information different from the first authentication information;
In response to the request, request authentication from the resource provider system using the second authentication information;
Receiving an execution result of the application program using the resource from the resource provider system;
Transferring the execution result to the terminal device;
The application provider system is:
Providing the application program to the resource provider system;
The resource provider system is:
Accepting the authentication request of the user including the request and the second authentication information from the service provider system;
In response to the authentication request, authenticate the user according to the second authentication information;
When the user is authenticated, the application program is executed using the resource in response to the request. A certificate acceptance unit that accepts a certificate from a certificate authority;
An authentication request unit that makes an authentication request to the service provider system via the network using the certificate;
A reference unit that references an application program provided via the network;
A designation receiving unit that accepts designation of application programs and resources to be used;
A notification unit for notifying the service provider system of the application program and the resource received by the designation receiving unit;
A data transmission unit for transmitting original data used when executing the application program to the resource provider system via the service provider system;
A result receiving unit that receives an execution result of the application program transmitted from the resource provider system via the service provider system;
A terminal device comprising:

Images