JP2009199573A - Attribute information disclosure system, attribute information disclosure method and attribute information disclosure processing program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent undisclosable information from being disclosed on a service providing site. <P>SOLUTION: An information management device refers to a disclosure policy, upon receipt of an attribute information acquisition request from a service providing device, to determine and obtain, of permission attribute items and confirmation attribute items corresponding to both of service providing device information for specifying the service providing device that is the transmitter of the attribute information acquisition request (for example, Company A) and a user ID contained in the attribute information acquisition request (for example, "07ab"), a one matched to an attribute item that is an object of the attribute information acquisition request (for example, mail address, address, or birthday). <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention includes a service providing device that provides a service via a network, a user device that uses a service provided from the service providing device, and information on a plurality of attribute items related to the user of the user device. An attribute information management system that manages personal attribute information, an attribute information disclosure system that controls the disclosure of personal attribute information from the attribute information management apparatus to the service providing apparatus, and an attribute realized by the attribute information disclosure system The present invention relates to an attribute information disclosure processing program executed by an information disclosure method and an attribute information disclosure apparatus.

  Currently, with the spread of the Internet and broadband services, various financial services such as banks and credit cards, and technologies for providing EC (Electronic Commerce) to users online from a service providing site exist (for example, Non-Patent Document 1). reference).

  When the service providing site receives a service request from the user, the service providing site sends attribute information related to the user of the service request source to an information management site that manages personal attribute information such as the user's name, address, account number, and credit card number. Various online services are provided upon request and acquisition.

“Go one billing”, [online], [searched on January 16, 2004], Internet <http://www-6.ibm.com/jp/Products/news/030522/gaiyo.html>

  However, the above-described conventional technology has a problem that information that is not desired to be disclosed among various information included in the personal attribute information is disclosed on the service providing site. In other words, the above-described conventional technology performs setting of attribute items to be disclosed for each service providing site for personal attribute information composed of information of a plurality of attribute items disclosed from the information management site to the service providing site. Therefore, for example, even if the attribute item information that is not desired to be disclosed to a certain service providing site is included in the personal attribute information, the information of all the attribute items is disclosed (for example, FIG. 9). (See), and there is a problem that information that is not desired to be disclosed is disclosed on the service providing site.

  Accordingly, the present invention has been made to solve the above-described problems of the prior art, and among various information included in the personal attribute information, only the personal attribute information suitable for the purpose of use is disclosed and desired to be disclosed. It is an object of the present invention to provide an attribute information disclosure system, an attribute information disclosure method, and an attribute information disclosure processing program capable of preventing information that has not been disclosed to a service providing site.

  In order to solve the above-described problems and achieve the object, the present invention provides a service providing device that provides a service via a network, a user device that uses a service provided from the service providing device, and a user device. Attribute information including an attribute information management device that manages personal attribute information composed of information on a plurality of attribute items related to users, and controls the disclosure of the personal attribute information from the attribute information management device to the service providing device In the disclosure system, the user device sets a permission attribute item for identifying personal attribute information permitted to be disclosed for each service providing device permitted to disclose personal attribute information to the attribute information management device. And a setting confirmation unit that receives the disclosure confirmation request for confirming whether or not to permit disclosure of the permission attribute item from the attribute information management apparatus. Answer reply means for replying an answer indicating whether or not disclosure to the service providing device is permitted, and the attribute information management device is configured to accept each user based on the setting received from the user of the user device. Disclosure policy management means for managing service providing apparatus information for identifying service providing apparatus permitting disclosure of personal attribute information and a disclosure policy including the permission attribute item for each user information for identifying a user of the apparatus And the personal attribute information request including the user information of the service request source with reference to the disclosure policy managed by the disclosure policy management means when the personal attribute information request is received from the service providing apparatus. The permission attribute corresponding to both the service providing apparatus information for specifying the service providing apparatus and the user information included in the personal attribute information request Disclosure policy determination means that determines and acquires the attribute items that are the target of the personal attribute information request, and the user device of the user corresponding to the user information of the service request source A disclosure confirmation request transmitting unit for transmitting a disclosure confirmation request for confirming whether or not to permit disclosure of personal attribute information corresponding to the permission attribute item acquired by the disclosure policy determining unit; and the disclosure confirmation request transmitting unit Corresponding to the permission attribute item based on an answer indicating whether or not disclosure of the personal attribute information corresponding to the permission attribute item returned from the user device is permitted. And attribute information providing means for providing the personal attribute information to the service providing apparatus.

  In addition, according to the present invention, in the above invention, the setting means provides not only the permitted attribute item but also the service providing apparatus for each service providing apparatus that permits the attribute information management apparatus to disclose personal attribute information. A confirmation attribute item for identifying personal attribute information that requires confirmation of disclosure permission at the time of disclosure, and when the reply reply means receives the disclosure confirmation request from the attribute information management device, the permission attribute item For the confirmation attribute item, a reply indicating whether or not disclosure to the service providing device is permitted is returned, and the disclosure policy management means is configured for each user information based on a setting received from the user device. In addition to managing the service providing apparatus information and the permission attribute item, the disclosure policy including the confirmation attribute item is managed, and the disclosure policy is The service determination means refers to the disclosure policy managed by the disclosure policy management means, and provides service provision apparatus information for identifying the service provision apparatus that is the transmission source of the personal attribute information request, and the personal attribute information request. Among the permission attribute items and the confirmation attribute items corresponding to both of the user information included, the one that matches the attribute item that is the target of the personal attribute information request is determined and acquired, and the disclosure confirmation request transmitting unit Permits the disclosure of the individual attribute information corresponding to the permission attribute item and the confirmation attribute item acquired by the disclosure policy determination means to the user device corresponding to the user information of the service request source. A request for disclosure confirmation for confirming whether or not, the attribute information providing means corresponds to the permission attribute item and the confirmation attribute item returned from the user device That on the basis of disclosed reply indicating whether or not to permit the each individual attribute information, and providing each individual attribute information corresponding to the authorization attribute item and confirmation attribute items to the service providing apparatus.

  Further, the present invention includes a service providing apparatus that provides a service via a network, a user apparatus that uses a service provided from the service providing apparatus, and information on a plurality of attribute items related to the user of the user apparatus. An attribute information management method for managing personal attribute information, and an attribute information disclosure method for controlling the disclosure of personal attribute information from the attribute information management device to the service providing device. For the attribute information management device, for each service providing device that permits the disclosure of personal attribute information, a setting step for setting a permission attribute item indicating an attribute item of the personal attribute information that is permitted to be disclosed, and the permission attribute item, When a disclosure confirmation request for confirming whether or not to permit disclosure is received from the attribute information management device, disclosure to the service providing device is permitted. A reply reply step for replying an answer indicating whether or not, and the attribute information management device is a user for identifying a user of each user device based on a setting received from a user of the user device For each information, service providing device information for identifying a service providing device that permits disclosure of personal attribute information, a disclosure policy management step for managing a disclosure policy including the permission attribute item, and user information of a service request source Is received from the service providing apparatus, the service providing apparatus is identified with reference to the disclosure policy managed by the disclosure policy managing step. Among the permission attribute items corresponding to both the service providing device information and the user information included in the personal attribute information request, the personal attribute information request Disclosure policy determination step for determining and acquiring an item that matches the target attribute item, and for the user device corresponding to the user information of the service request source, acquired by the disclosure policy determination step. A disclosure confirmation request transmitting step for transmitting a disclosure confirmation request for confirming whether or not to permit disclosure of personal attribute information corresponding to a permission attribute item, and a disclosure confirmation request transmitted by the disclosure confirmation request transmitting step. And providing the service providing apparatus with the personal attribute information corresponding to the permission attribute item based on the answer indicating whether or not the disclosure of the personal attribute information corresponding to the permission attribute item returned from the user device is permitted. And an attribute information providing step.

  Further, according to the present invention, in the above invention, the setting step includes not only the permitted attribute item but also the service providing apparatus for each service providing apparatus that permits the attribute information management apparatus to disclose personal attribute information. A confirmation attribute item for identifying personal attribute information that requires confirmation of disclosure permission at the time of disclosure, and when the reply reply step receives the disclosure confirmation request from the attribute information management device, the permission attribute item And for the confirmation attribute item, a reply indicating whether or not disclosure to the service providing device is permitted is returned, and the disclosure policy management step is performed for each user information based on the setting received from the user device. In addition to managing the service providing apparatus information and the permission attribute item, a disclosure policy including the confirmation attribute item is managed. The disclosure policy determination step refers to the disclosure policy managed in the disclosure policy management step, and provides service provision device information for identifying the service provision device that is the transmission source of the personal attribute information request, and the personal attribute information request Among the permission attribute items and the confirmation attribute items corresponding to both of the user information included in the information, the one that matches the attribute item that is the target of the personal attribute information request is determined and acquired, and the disclosure confirmation request transmission The step permits the disclosure of the individual attribute information corresponding to the permission attribute item and the confirmation attribute item acquired by the disclosure policy determination step to the user device of the user corresponding to the user information of the service request source. A request for confirming whether or not to confirm, and the attribute information providing step includes a permission attribute returned from the user device. Providing the service providing apparatus with the individual attribute information corresponding to the permission attribute item and the confirmation attribute item based on the answer indicating whether or not the disclosure of the individual attribute information corresponding to the eye and the confirmation attribute item is permitted. It is characterized by.

  In addition, the present invention manages personal attribute information composed of information of a plurality of attribute items for a user of a user apparatus that uses a service provided from a service providing apparatus via a network, to the service providing apparatus. An attribute information disclosure processing program for causing a computer as an attribute information management device to execute a process for controlling the disclosure of personal attribute information of the computer, and a setting received from the user of the user device by the computer as the attribute information management device For each user information that identifies a user of each user device, service providing device information for identifying a service providing device that permits disclosure of personal attribute information, and personal attribute information that permits disclosure It includes a disclosure policy management procedure for managing a disclosure policy including permission attribute items for identification, and user information of a service request source. When a personal attribute information request is received from a service providing apparatus, the service provision for identifying the service providing apparatus that is the transmission source of the personal attribute information request with reference to the disclosure policy managed by the disclosure policy management procedure Disclosure policy determination by determining and obtaining the permitted attribute item corresponding to both the device information and the user information included in the personal attribute information request that matches the attribute item subject to the personal attribute information request Whether or not to permit disclosure of personal attribute information corresponding to the permission attribute item acquired by the disclosure policy determination procedure to the user device corresponding to the user information of the service request source and the service request source A disclosure confirmation request transmission procedure for transmitting a disclosure confirmation request for confirmation; and for the disclosure confirmation request transmitted by the disclosure confirmation request transmission procedure, the user equipment Attribute information providing procedure for providing personal attribute information corresponding to the permission attribute item to the service providing apparatus based on an answer indicating whether or not disclosure of the personal attribute information corresponding to the permission attribute item returned from is permitted; , Is executed.

  Further, according to the present invention, in the above-described invention, the disclosed policy management procedure includes not only the service providing apparatus information and the permission attribute item for each user information based on a setting received from the user apparatus. Further, a disclosure policy including a confirmation attribute item for identifying personal attribute information that requires confirmation of disclosure permission upon disclosure to the service providing apparatus is managed, and the disclosure policy determination procedure is managed by the disclosure policy management procedure. The permission attribute item corresponding to both the service providing apparatus information for identifying the service providing apparatus that is the transmission source of the personal attribute information request and the user information included in the personal attribute information request with reference to the disclosed disclosure policy Among the confirmation attribute items, those that match the attribute item that is the target of the personal attribute information request are determined and acquired, and the disclosure confirmation item is obtained. The request transmission procedure is to disclose the individual attribute information corresponding to the permission attribute item and the confirmation attribute item acquired by the disclosure policy determination procedure to the user device of the user corresponding to the user information of the service request source. The attribute information providing procedure permits the disclosure of the individual attribute information corresponding to the permission attribute item and the confirmation attribute item returned from the user device. On the basis of an answer indicating whether or not to perform, each personal attribute information corresponding to the permission attribute item and the confirmation attribute item is provided to the service providing apparatus.

  According to the present invention, the user device sets a permission attribute item for identifying personal attribute information permitted to be disclosed for each service providing device permitted to disclose personal attribute information to the attribute information management device. When a disclosure confirmation request for confirming whether or not to permit disclosure is received from the attribute information management device, an answer indicating whether or not disclosure to the service providing device is permitted is returned. The attribute information management device is a service providing device that permits disclosure of personal attribute information for each user information that identifies a user of each user device based on a setting received from a user of the user device. The service providing apparatus information for specifying and the disclosure policy including the permission attribute item are managed, and the personal attribute information request including the user information of the service request source is transmitted from the service providing apparatus. In response to the request, the disclosure policy is referred to, and both the service providing device information for identifying the service providing device that is the transmission source of the personal attribute information request and the user information included in the personal attribute information request are supported. Among the permitted attribute items, the one that matches the attribute item that is the target of the personal attribute information request is determined and acquired, and the personal attribute is assigned to the user device corresponding to the user information of the service request source. A disclosure confirmation request for confirming whether or not to permit disclosure of personal attribute information corresponding to the permission attribute item acquired as a match with the attribute item subject to the information request is transmitted, and is returned from the user device. Since the personal attribute information corresponding to the permission attribute item is provided to the service providing apparatus based on the answer indicating whether or not the disclosure of the personal attribute information corresponding to the permitted attribute item is permitted, Disclose only the personal attribute information that matches the user's purpose of use, it is possible to prevent that would be disclosed to the service provider site to information that you do not want to disclose.

  Further, according to the present invention, the user apparatus discloses not only the permitted attribute item but also the disclosure to the service providing apparatus for each service providing apparatus that allows the attribute information management apparatus to disclose the personal attribute information. When a confirmation attribute item for identifying personal attribute information that requires permission confirmation is further set and a disclosure confirmation request for personal attribute information corresponding to the permission attribute item and the confirmation attribute item is received from the attribute information management device, For the permission attribute item and the confirmation attribute item, an answer indicating whether or not disclosure to the service providing device is permitted is returned, and the information management device returns the user information for each user information based on the setting received from the user device. In addition to managing the service providing device information and the permission attribute item, the disclosure policy including the confirmation attribute item is managed, and the disclosure policy is referred to. Among the permission attribute item and the confirmation attribute item corresponding to both the service providing device information for identifying the service providing device that is the transmission source of the human attribute information request and the user information included in the personal attribute information request , By determining what is matched with the attribute item that is the target of the personal attribute information request, and obtaining the permission attribute item and the confirmation attribute item for the user device of the user corresponding to the user information of the service request source A disclosure confirmation request for confirming whether or not to permit disclosure of the corresponding personal attribute information is transmitted, and the permission attribute item returned from the user device and the disclosure of each personal attribute information corresponding to the confirmation attribute item are permitted. Personal attribute information corresponding to the permission attribute item and the confirmation attribute item is provided to the service providing device based on the answer indicating whether or not Before the information is disclosed, it is possible to allow the service user to set the attribute item of the personal attribute information that can be determined whether to permit the disclosure or not, and before the personal attribute information is disclosed to the service provider It is possible to accurately reflect the intentions of users.

  Exemplary embodiments for implementing an attribute information disclosure system, an attribute information disclosure method, and an attribute information disclosure processing program according to the present invention will be described below in detail with reference to the accompanying drawings. In addition, below, after describing Example 1 as one embodiment for carrying out the attribute information disclosure system according to the present invention, other embodiments included in the present invention will be described.

  In the following first embodiment, the outline and features of the attribute information disclosure system according to the first embodiment, the configuration and processing of the attribute information disclosure system will be described in order, and finally the effects of the first embodiment will be described.

[Outline and Features of Attribute Information Disclosure System (Example 1)]
First, the outline and characteristics of the attribute information disclosure system according to the first embodiment will be described with reference to FIG. FIG. 1 is a diagram for explaining the outline and features of the attribute information disclosure system according to the first embodiment.

  For example, as shown in FIG. 1, the attribute information disclosure system according to the first embodiment is configured to control the disclosure of personal attribute information from the information management apparatus to the service providing apparatus. The main feature is that it is prevented from being disclosed to a service providing site.

  This main feature will be specifically described below. As shown in FIG. 1, the attribute information disclosure system according to the first embodiment is provided from a service providing site (for example, company A) operated by a service providing apparatus that provides a service via a network, and the service providing apparatus. And an information management site operated by an information management device that manages personal attribute information composed of information on a plurality of attribute items related to the user of the user terminal. .

  The service user who uses the service from the service providing device, permits the attribute information item for identifying the personal attribute information permitted to be disclosed for each service providing device permitted to disclose the personal attribute information to the information management device. , And a confirmation attribute item for identifying personal attribute information that requires confirmation of disclosure permission upon disclosure to the service providing apparatus is set in advance as a disclosure policy.

  The information management apparatus is a service providing apparatus that permits disclosure of personal attribute information for each user ID (for example, “07ab”) that identifies a user of a user terminal based on a setting received from a service user. It includes service providing device information (for example, company A or B) for identification, permission attribute items (for example, e-mail address, address, gender) and confirmation attribute items (for example, date of birth or telephone number). Manage the disclosed policy.

  When the service user requests the service providing apparatus to use the service using the user terminal (see (1) in FIG. 1), the service providing apparatus acquires attribute information including the user ID of the service request source. The request is transmitted to the information management apparatus, and the acquisition of the personal attribute information (for example, mail address, address, date of birth) of the user who is the request source of the service use is requested (see (2) in FIG. 2).

  Upon receiving the attribute information acquisition request from the service providing apparatus, the information management apparatus refers to the disclosure policy and provides service providing apparatus information (for example, company A) for identifying the service providing apparatus that is the transmission source of the attribute information acquisition request. ) And the attribute item (for example, e-mail) that is the target of the attribute information acquisition request among the permission attribute item and the confirmation attribute item corresponding to both the user ID (for example, “07ab”) included in the attribute information acquisition request Addresses, addresses, and birth dates) are determined and acquired (see (3) in FIG. 1).

  The information management apparatus determines, for the user terminal of the user corresponding to the user ID of the service request source, the permission attribute item (for example, acquired by determining that the attribute item is a target of the attribute information acquisition request) , E-mail address, address) and a confirmation request for confirmation as to whether or not disclosure of personal attribute information corresponding to confirmation attribute items (for example, date of birth) is permitted (see (4) in FIG. 1). ).

  When receiving the disclosure confirmation request from the information management apparatus, the user terminal outputs and displays the disclosure confirmation request and waits for reception of the disclosure confirmation result from the user. When the user terminal receives an input of a disclosure confirmation result from the user (for example, disclosure is not permitted for the date of birth of the confirmation attribute item), the user terminal returns the disclosure confirmation result to the information management apparatus ((( 5)).

  When the information management device receives the disclosure confirmation result response from the user terminal, the information management device uses the personal attribute information (for example, e-mail address) for the permission attribute item and the confirmation attribute item that are the disclosure confirmation result to permit the disclosure of the personal attribute information , Address) is transmitted to the service providing apparatus (see (6) in FIG. 1).

  When receiving the personal attribute information from the information management device, the service providing device provides the service to the user terminal that is the service request source (see (7) in FIG. 1).

  For this reason, the attribute information disclosure system according to the first embodiment can prevent information that is not desired to be disclosed from being disclosed to the service providing site, as in the main feature described above.

[Configuration of Attribute Information Disclosure System (Example 1)]
Next, the configuration of the attribute information disclosure system according to the first embodiment will be described with reference to FIGS. FIG. 2 is a block diagram illustrating the configuration of the attribute information disclosure system according to the first embodiment. FIG. 3 is a diagram illustrating a configuration example of the attribute information disclosure policy according to the first embodiment. FIG. 4 is a diagram illustrating a configuration example of a disclosure confirmation request screen according to the first embodiment.

  As shown in FIG. 2, the attribute information disclosure system according to the first embodiment includes a service providing apparatus 10 that provides a service via a network, a user terminal 20 that uses a service provided from the service providing apparatus 10, And an information management device 30 that manages personal attribute information composed of information of a plurality of attribute items related to the user of the user terminal 20. The service providing apparatus 10, the user terminal 20, and the information management apparatus 30 are connected through a network in a state where mutual communication is possible.

  The information management apparatus 30 includes a communication unit 31, a policy setting reception unit 32, an attribute information disclosure policy DB 33, a disclosure permission confirmation unit 34, and an attribute information provision unit 35.

  The communication unit 31 is a communication unit that controls communication related to various types of information exchanged between the service providing apparatus 10 and the user terminal 20.

  The policy setting receiving unit 32 is a processing unit that receives policy settings from the user of the user terminal 20. Specifically, the policy setting reception unit 32, for each service providing apparatus 10 that permits the disclosure of personal attribute information, a permission attribute item for identifying the personal attribute information that permits the disclosure, the personal attribute information that does not permit the disclosure. A non-permitted attribute item for identifying the personal attribute information, a confirmation attribute item for identifying personal attribute information that requires confirmation of disclosure permission upon disclosure to the service providing apparatus 10, and a condition for permitting the disclosure of the personal attribute information. When the disclosure policy information is received from the user terminal 20, the service providing apparatus 10 that permits the disclosure of the personal attribute information is specified in association with the user ID of the user of the user terminal 20 that is the transmission source of the disclosure policy information. Service providing device information, permission attribute items, non-permission attribute items, confirmation attribute items, and conditions for registration are registered in the attribute information disclosure policy DB 33.

  The attribute information disclosure policy DB 33 is a DB that manages personal attribute information that is permitted to be disclosed in response to an attribute information acquisition request from the service providing apparatus 10. Specifically, the information registered by the policy setting reception unit 32 is managed, and for example, a user ID for specifying the user of the user terminal 20 (for example, “07ab”, see FIG. 3 (1)). In order to identify the service providing device information for specifying the service providing device 10 that permits the disclosure of the personal attribute information (for example, company A, see FIG. 3 (2)) and the personal attribute information that permits the disclosure. Permission attribute items (for example, e-mail address, address, name, see FIG. 3 (3) -1) and non-permission attribute items (for example, telephone numbers, FIG. 3) -2) and confirmation attribute items for identifying personal attribute information that requires confirmation of disclosure permission upon disclosure to the service providing apparatus 10 (for example, date of birth and gender, see FIG. 3 (3) -3) ) And personal attribute information Condition for permitting shown (e.g., the information set to the disclosed authorized and requested information conditions such as only to allow disclosure when exact) manages the disclosure policy, which is configured to include.

  When the attribute information disclosure policy DB 33 receives an attribute information acquisition request from the service providing apparatus 10 via the communication unit 31, the attribute information disclosure policy DB 33 performs policy determination with reference to the disclosure policy. Specifically, the attribute information disclosure policy DB 33 includes service providing apparatus information (for example, company A) for specifying the service providing apparatus 10 that is the transmission source of the attribute information acquisition request, and the usage included in the attribute information acquisition request. Attribute items (for example, e-mail address, telephone number, date of birth, gender) that are the target of attribute information acquisition request among permission attribute items and confirmation attribute items corresponding to both the user ID (for example, “07ab”) Are determined, and permission attribute items and confirmation attribute items determined to match are acquired.

  The disclosure permission confirmation unit 34 is a processing unit that requests the user who is a service request source to the service providing apparatus 10 to confirm the disclosure of the permission attribute item and the confirmation attribute item acquired by the attribute information disclosure policy DB 33. Specifically, the disclosure permission confirmation unit 34 sets the attribute item that is the target of the personal attribute information request from the service providing apparatus 10 to the user terminal 20 of the user corresponding to the user ID of the service request source. Whether or not to permit disclosure of personal attribute information corresponding to a permission attribute item (for example, email address, address) and a confirmation attribute item (for example, date of birth) acquired by the attribute information disclosure policy DB 33 as a match Send a disclosure confirmation request for confirmation.

  The attribute information providing unit 35 is a processing unit that provides personal attribute information to the service providing apparatus 10. Specifically, when receiving the disclosure confirmation result from the user terminal 20, the attribute information providing unit 35, for the permission attribute item and the confirmation attribute item that is the disclosure confirmation result indicating that the disclosure of the personal attribute information is permitted, Attribute information (for example, e-mail address, date of birth, gender) is transmitted to the service providing apparatus 10.

  The user terminal 20 includes an input unit 21, an output unit 22, a communication unit 23, a policy setting unit 24, and a confirmation result receiving unit 25.

  The input unit 21 is an input reception unit that receives input of various types of information from a user, and includes a keyboard, a mouse, a microphone, and the like. For example, the input unit 21 is connected to the information management apparatus 30 via a policy setting unit 24 described later. In addition to receiving input related to the policy setting, disclosure input results and the like are also received from the user. In addition, when the output part 22 mentioned later is provided with the monitor, it cooperates with the mouse | mouth with which the input part 21 is provided, and implement | achieves a pointing device function.

  The output unit 22 is an output unit that outputs various types of information, and includes a monitor (or a display, a touch panel) and a speaker. For example, as illustrated in FIG. 4, the disclosure received from the information management apparatus 30. Output confirmation request.

  The communication unit 23 is a communication unit that controls communication related to various types of information exchanged between the service providing apparatus 10 and the information management apparatus 30.

  The policy setting unit 24 is a processing unit that sets personal attribute information that permits disclosure from the information management device 30 to the service providing device 10. Specifically, the policy setting unit 24 receives input from the user via the input unit 21 and identifies the personal attribute information permitted to be disclosed for each service providing apparatus 10 that permits the disclosure of the personal attribute information. A permission attribute item for identifying, a non-permitted attribute item for identifying personal attribute information that is not permitted to be disclosed, a confirmation attribute item for identifying personal attribute information that requires confirmation of disclosure permission upon disclosure to the service providing apparatus 10, And disclosure policy information including conditions for permitting disclosure of personal attribute information is transmitted to the information management apparatus 30.

  The confirmation result receiving unit 25 is a processing unit that receives a disclosure confirmation result for the disclosure confirmation request received from the information management apparatus 30. Specifically, when the confirmation result accepting unit 25 accepts an input of the disclosure confirmation result from the user via the input unit 21 in response to the disclosure confirmation request from the information management device 30 output and displayed on the output unit 22, The disclosure confirmation result is returned to the information management apparatus 30. For example, the confirmation result receiving unit 25 does not permit disclosure of confirmation results or confirmation attribute items from the user via the input unit 21 that do not permit disclosure of all permission attribute items and confirmation attribute items. Confirmation results such as are accepted.

  The user terminal 20 can also be realized by mounting the above-described processing functions on a mobile communication terminal such as a personal computer, a PDA, a mobile phone, or a PHS, and the service providing apparatus 10 and the information management apparatus 30. For example, the above-described processing functions can be mounted on an information processing apparatus such as a personal computer or a workstation.

[Processing of Attribute Information Disclosure System (Example 1)]
Subsequently, processing of the attribute information disclosure system according to the first embodiment will be described with reference to FIG. FIG. 5 is a diagram illustrating a process flow of the attribute information disclosure system according to the first embodiment.

  As shown in the figure, when a request from a user is received and a service request is transmitted from the user terminal 20 to the service providing apparatus 10 (step S501), the service providing apparatus 10 uses the user ID of the service request source. Is sent to the information management apparatus 30 (step S502).

  When receiving the attribute information acquisition request from the service providing apparatus 10, the information management apparatus 30 instructs the attribute information disclosure policy DB to confirm the content regarding the attribute information acquisition request (step S503).

  The attribute information disclosure policy DB performs policy determination with reference to the disclosure policy for the purpose of confirming the content of the attribute information acquisition request in accordance with an instruction from the information management apparatus 30 (step S504). Specifically, the attribute information disclosure policy DB includes service providing device information (for example, see Company A, FIG. 3 (2)) for specifying the service providing device 10 that is the transmission source of the attribute information acquisition request, and attributes. Among the permission attribute items and confirmation attribute items corresponding to both user IDs (for example, “07ab”, see FIG. 3 (1)) included in the information acquisition request, the attribute item (the attribute information acquisition request target) For example, by determining what matches the e-mail address, telephone number, date of birth, gender), permission attribute items determined to match (for example, e-mail address, see FIG. 3 (3) -1), and Confirmation attribute items (for example, date of birth, sex, see FIG. 3 (3) -3) are acquired. The attribute information disclosure policy DB notifies the information management apparatus 30 of the acquired permission attribute item and confirmation attribute item as a result of content confirmation (step S505).

  Then, the information management device 30 accepts the permission attribute item (for example, e-mail address, see FIG. 3 (3) -1) received from the attribute information disclosure policy DB as the content confirmation result, and the confirmation attribute item (for example, the date of birth, 3 (see FIG. 3 (3) -3), a disclosure confirmation request is transmitted to the user who is the service request source to the service providing apparatus 10 (step S506).

  When the user terminal 20 outputs and displays the disclosure confirmation request (see FIG. 4) received from the information management apparatus 30 and provides it to the user, and receives an input of a disclosure confirmation result for the disclosure confirmation request from the user, the user terminal 20 The confirmation result is returned to the information management apparatus 30 (step S507). For example, the user terminal 20 accepts, from the user, disclosure of an e-mail address that is a permission attribute item, a confirmation result that permits disclosure of the date of birth among the confirmation attribute items, and the like. Send to.

  Upon receiving the disclosure confirmation result from the user terminal 20, the information management apparatus 30 sets personal attribute information (for example, e-mail) for the permission attribute item and the confirmation attribute item that are the disclosure confirmation result indicating that the disclosure of the personal attribute information is permitted. Address and date of birth) are transmitted to the service providing apparatus 10 (step S508).

  When receiving the personal attribute information from the information management apparatus 30, the service providing apparatus 10 provides a service to the user terminal 20 that is a service request source (step S509).

[Effects of Example 1]
As described above, according to the first embodiment, the user terminal 20 displays the permission attribute item and the confirmation attribute item for each service providing device 10 that permits the information management device 30 to disclose personal attribute information. When the disclosure confirmation request for the personal attribute information corresponding to the permission attribute item and the confirmation attribute item is received from the information management device 30, disclosure of the permission attribute item and the confirmation attribute item to the service providing device 10 is permitted. The information management device 30 returns the service providing device information, the permission attribute item, and the confirmation attribute item for each user ID based on the setting accepted from the user terminal 20. Service providing apparatus information of the service providing apparatus 10 that is the transmission source of the attribute information acquisition request with reference to the disclosure policy. Among the permitted attribute items and confirmation attribute items corresponding to both the user ID included in the attribute information acquisition request and the attribute information acquisition request, the one that matches the attribute item subject to the attribute information acquisition request is determined and acquired, and the service request A disclosure confirmation request is transmitted to the user terminal 20 of the user corresponding to the original user ID, asking for confirmation as to whether or not disclosure of the personal attribute information corresponding to the permission attribute item and the confirmation attribute item is permitted. The individual corresponding to the permission attribute item and the confirmation attribute item based on the confirmation result indicating whether or not the disclosure of the individual attribute information corresponding to the permission attribute item and the confirmation attribute item returned from the user terminal 20 is permitted. Since the attribute information is provided to the service providing apparatus 10, only the personal attribute information suitable for the purpose of use of the service user is disclosed, and information that is not desired to be disclosed to the service providing site. It is possible to prevent that the. In addition, before the personal attribute information is disclosed to the service provider, the service user can set the attribute item of the personal attribute information that can be determined whether to permit the disclosure or not. It is possible to accurately reflect the user's intention before disclosing personal attribute information to the provider.

  For example, as shown in FIG. 6, a user who uses a mail order site, a medical related site, or a community site can disclose only information that seems to be necessary for using the site. That is, for mail order sites, address, phone number and credit card No. Only the information on the name, date of birth, and medical history is disclosed for the medical related site (see (6) in FIG. 6). 2), only the information on hobbies is disclosed to the community site (see (6) -3 in FIG. 6), and only personal information that meets the user's purpose of use is disclosed. Therefore, it is possible to prevent information that is not desired to be disclosed from being disclosed on the service providing site.

  In addition, the user, as a disclosure policy to be referred to by the information management apparatus when disclosing personal attribute information to the service providing apparatus, is a condition for permitting the disclosure of personal attribute information (for example, required information and disclosure permission). As shown in FIG. 7, it is possible to set attribute information from the service providing device for each service providing device (site). It is possible to control to disclose all personal attribute information to be requested or not to disclose all.

  In the above embodiment, the embodiment using the disclosure policy including the confirmation attribute item has been described. However, the present invention is not limited to this, and the disclosure policy not including the confirmation attribute item is used. In addition, the attribute information disclosure system described in the first embodiment can be similarly applied.

  That is, the user terminal 20 sets a permission attribute item for each service providing device 10 that permits the disclosure of personal attribute information to the information management device 30, and determines whether or not to permit disclosure of the permission attribute item. When a disclosure confirmation request for confirmation is received from the information management apparatus 30, a confirmation result indicating whether or not disclosure to the service providing apparatus 10 is permitted is returned, and the information management apparatus 30 uses the user terminal 20. Service providing device information and permission for identifying the service providing device 10 that permits the disclosure of personal attribute information for each user ID that identifies the user of each user terminal 20 based on the settings received from the user When the disclosure policy including the attribute item is managed and the attribute information acquisition request including the user ID of the service request source is received from the service providing apparatus 10, the disclosure policy is determined. Among the permitted attribute items corresponding to both the service providing apparatus information for specifying the service providing apparatus 10 that is the transmission source of the attribute information acquisition request and the user ID included in the attribute information acquisition request The attribute information acquisition request target is obtained from the user terminal 20 of the user corresponding to the user ID of the service request source by determining and acquiring an item that matches the attribute item that is the target of the attribute information acquisition request. The permission attribute returned from the user terminal 20 by transmitting a disclosure confirmation request for confirming whether or not to permit the disclosure of the personal attribute information corresponding to the permission attribute item acquired as a match with the attribute item to be Based on the confirmation result indicating whether or not disclosure of the personal attribute information corresponding to the item is permitted, the personal attribute information corresponding to the permitted attribute item is provided to the service providing apparatus 10. For this reason, as in the above embodiment, only personal attribute information suitable for the purpose of use of the service user is disclosed, and information that is not desired to be disclosed is prevented from being disclosed on the service providing site. Is possible.

  By the way, when a service user receives a service from a service providing apparatus, there may be a case where he / she wants to use personal attribute information of another person instead of his / her personal attribute information.

  For example, in the online shopping service, the case where the user wants to obtain the delivery address and telephone number of the sending partner and the case where the user wants to exchange information on the current status and hobbies between friends correspond to the above cases.

  Therefore, in the attribute information management system according to the present invention, Example 2 will be described as an embodiment in which disclosure of personal attribute information of another person different from the service user to the service providing apparatus is controlled.

  The outline | summary of the attribute information management system which concerns on Example 2 is demonstrated using FIG. FIG. 8 is a diagram for explaining the outline of the attribute information management system according to the second embodiment.

  First, referring to FIG. 8, Mr. A (ID (A)), who is B's net friend who has registered personal attribute information in the information management device, is mail of Mr. B (ID (B)). A case where an address reference is requested at the time of service use request in a service providing apparatus (for example, company α) will be described.

  When the service providing apparatus (for example, company α) receives a request for referring to Mr. B's mail address from Mr. A in response to a service use request received from Mr. A, an attribute information acquisition request for requesting reference to Mr. B's mail address. Is transmitted to the information management apparatus.

  When receiving the attribute information acquisition request from the service providing apparatus, the information management apparatus refers to the disclosure policy managed in the attribute information disclosure policy DB and controls whether to disclose Mr. B's mail address to the service providing apparatus. To do.

  More specifically, the information management device includes an information provider ID indicating a registrant of personal information based on a setting from a registrant of personal attribute information, and a permitted service providing device that is permitted to disclose personal information. A disclosure policy in which an ID, an attribute item of personal attribute information, and a user ID permitted to use the personal information are managed in the attribute information disclosure policy DB.

  Note that the attribute item is given information regarding whether or not to be disclosed, which is indicated by any of “public”, “private”, and “confirmation”.

  For example, as shown in FIG. 8, in the attribute information disclosure policy DB, “address (address)” is an attribute item to which an information provider ID of Mr. B (B) and information on whether disclosure is possible or not are assigned. ) ”,“ Telephone (telephone number) ”and“ mail (mail address) ”, and a disclosure policy in which the user ID, Mr. A (A) and family (ID indicating family), are managed. Has been.

  Then, the information management device acquires an information provider ID, a service providing device ID, an attribute item, and a user ID included in the attribute information acquisition request, respectively, and obtains an information provider ID, a service device ID, an attribute item, and a user ID. The disclosure policy that matches is extracted from the disclosure policy managed in the attribute information disclosure policy DB.

  Subsequently, the information management device refers to whether or not the extracted disclosure policy can be disclosed. If the disclosure result is “open” as a result of the reference, Mr. B's email address is disclosed to the service providing device, and whether or not disclosure is possible. Is “not disclosed”, the service providing apparatus is informed that Mr. B's mail address cannot be disclosed.

  In addition, when the disclosure permission is “confirmation”, the information management device transmits a disclosure confirmation request to the information provider B who is the registrant of personal information, and confirms that the disclosure is permitted. When Mr. B is received from Mr. B, the mail address of Mr. B is disclosed to the service providing apparatus.

  For example, in FIG. 8, the information management apparatus, as a disclosure policy that matches the attribute information acquisition request, from the disclosure policy managed in the attribute information disclosure policy DB, the information provider ID “ID (B)”, the permitted service The disclosure policy consisting of the providing device ID “α company site”, the attribute item “mail (mail address)” and the user ID “ID (A)” is extracted, and the disclosure possibility in the extracted disclosure policy is “public”. Therefore, Mr. B's mail address (for example, bsan@aaa.bbb.co.jp) is disclosed to the service providing apparatus.

  Next, referring to FIG. 8, Mr. A (ID (A)), who is a friend of B who has registered personal information in the information management device, has the address and telephone of Mr. B (ID (B)). A case where a number is requested at the time of service use request in a service providing apparatus (for example, α company) will be described.

  When a service use request received from Mr. A receives a request for acquiring Mr. B's address and telephone number from Mr. A, the service providing apparatus (for example, company α) requests acquisition of Mr. B's address and telephone number. An attribute information acquisition request is transmitted to the information management apparatus.

  When receiving the attribute information acquisition request from the service providing apparatus, the information management apparatus refers to the disclosure policy managed in the attribute information disclosure policy DB, as in the case of the mail address described above, and Mr. B's address and telephone number Is disclosed to the service providing apparatus.

  For example, in FIG. 8, the information management apparatus provides the information provider ID “ID (B)” from the disclosure policy managed in the attribute information disclosure policy DB as the disclosure policy that matches the attribute information acquisition request, the service to be permitted. A disclosure policy composed of a device ID “α company site”, an attribute item “address (address)”, and a user ID “ID (A)”, an information provider ID “ID (B)”, and a permitted service providing device ID “ The disclosure policy consisting of “alpha company site”, attribute item “telephone (telephone number)” and user ID “ID (A)” is extracted.

  Then, the information management apparatus notifies the service providing apparatus that the address and telephone number of Mr. B cannot be disclosed because the disclosure possibility in each extracted disclosure policy is “non-disclosure”.

  As described above, according to the second embodiment, for example, personal attribute information of another person different from the service user is disclosed such that the e-mail address is disclosed to an acquaintance on the net, but the address and the telephone number are not disclosed. It is possible to control the information operation for.

  In addition, with the increase in cases of using shared information on sites published on the network, not only controls the disclosure of personal attribute information of other people different from service users to the service providing device, When a reference or other information operation other than the reference is requested for the personal attribute information of another person different from the service user, there may be a case where the information operation is desired to be controlled according to the service user.

  For example, if you register a mailing address in the online shop, you and your family may refer to, create, update, and delete the address, and you may only want to refer to others other than you and your family. The case where teachers refer to, create, update, and delete grade data at sites such as prep schools and cram schools, and allow students to refer only, corresponds to the above cases.

  Therefore, in the attribute information management system according to the present invention, when a reference to the personal attribute information of another person different from the service user or an information operation other than the reference is requested, the information operation is performed according to the service user. Example 3 will be described as an embodiment for controlling the above.

  The outline of the attribute information management system according to the third embodiment will be described with reference to FIG. FIG. 9 is a diagram for explaining the outline of the attribute information management system according to the third embodiment.

  First, referring to FIG. 9, Mr. A (ID (A)) who is a friend of Mr. B who has registered personal attribute information in the information management apparatus refers to the address of Mr. B (ID (B)). A case where a request is made for service use in a service providing apparatus (for example, company α) will be described.

  When the service providing apparatus (for example, company α) receives a request for referring to Mr. B's address from Mr. A in response to a service use request received from Mr. A, information management request for requesting reference to Mr. B's address is managed. Send to device.

  When receiving the information operation request from the service providing apparatus, the information management apparatus refers to the disclosure policy managed in the attribute information disclosure policy DB and controls whether to disclose Mr. B's address to the service providing apparatus.

  More specifically, the information management device uses the information provider ID, permitted service providing device ID, attribute item, and user ID described in the second embodiment based on the setting from the registrant of personal information. In addition, a disclosure policy in which an allowed information operation type is associated with personal attribute information corresponding to the attribute item is managed in the attribute information disclosure policy DB.

  For example, as shown in FIG. 9, in the attribute information disclosure policy DB, “address (address) which is an attribute item to which information (ID) of Mr. B, who is an information provider ID, and information on whether disclosure is possible or not is assigned. ) "," Telephone (telephone number) "and" mail (mail address) ", the user's ID (A) and the ID indicating the family, and the information operation type" reference ", A disclosure policy in which “update” and “deletion” are associated is managed.

  Then, the information management device acquires an information provider ID, a service providing device ID, an attribute item, a user ID, and an information operation type included in the information operation request, respectively, and an information provider ID, a service device ID, an attribute item, A disclosure policy having a matching user ID and information operation type is extracted from the disclosure policy managed in the attribute information disclosure policy DB.

  Subsequently, the information management apparatus refers to whether or not the extracted disclosure policy can be disclosed in the same manner as in the above-described second embodiment. Disclosed in the providing apparatus.

  For example, in FIG. 9, the information management apparatus, as a disclosure policy that matches the attribute information acquisition request, from the disclosure policy managed in the attribute information disclosure policy DB, information provider ID “ID (B)”, permitted service A disclosure policy consisting of a providing device ID “α company site”, an attribute item “address (address)”, a user ID “ID (A)”, and an information operation type “reference” is extracted, and disclosure within the extracted disclosure policy is performed. Since the availability is “open”, Mr. B's address (for example, Midoricho xx-xx, Musashino City, Tokyo) will be disclosed to the service providing apparatus.

  Next, referring to FIG. 9, Mr. A (ID (A)), who is B's net friend who has registered personal information in the information management device, updates the address of Mr. B (ID (B)). Will be described when a service use request is made in a service providing apparatus (for example, company α).

  In response to the service use request received from Mr. A, the service providing apparatus (for example, α company) sends Mr. A an update request for Mr. B's address (including new address information for updating Mr. B's original address). If received, the information operation request (including new address information for updating Mr. B's original address) for requesting updating of Mr. B's address is transmitted to the information management apparatus.

  When the service providing device (for example, company α) receives a request for creating Mr. B's address from Mr. A, the service providing device (for example, company α) is configured to create Mr. B's address in an information operation request that requests updating of Mr. B's address. The address information is transmitted to the information management device.

  When receiving the information operation request from the service providing apparatus, the information management apparatus refers to the disclosure policy managed in the attribute information disclosure policy DB and updates the address of Mr. B as in the case of the address reference request described above. Control whether to accept or not.

  For example, in FIG. 9, the information management device, as a disclosure policy that matches the information operation request, includes an information provider ID “ID (B)” from within the disclosure policy managed in the attribute information disclosure policy DB, and the permitted service providing device. Disclosure policy composed of ID “α company site”, attribute item “address (address)”, user ID “ID (A)”, and information operation type “update” is extracted, and whether disclosure within each extracted disclosure policy is possible or not Is “unpublished (meaning that update is not permitted in this case)”, so that the service providing apparatus is informed that the address of B cannot be updated without updating the address of B. .

  As described above, according to the third embodiment, for example, a user is allowed to use personal attribute information, such as allowing family members to refer to, creating, updating and deleting addresses, and allowing friends to refer only. It is possible to finely control the types of information operations for each.

  In addition, as described in the third embodiment, when a personal attribute information of another person different from the service user is referred to or information operation other than the reference is requested, not only the service user but also the service There may be a case where the user wants to control the information operation in consideration of the type of service used by the user.

  For example, in the mail order service, reference to an address as a product delivery destination is permitted, but reference to an address as a catalog distribution destination in the mail order service is not allowed.

  Therefore, in the attribute information management system according to the present invention, when a personal attribute information of another person different from the service user is referred to or information operation other than the reference is requested, not only the service user but also the service use Example 4 will be described as an embodiment in which information operation is controlled in consideration of the type of service used by a user.

  The outline of the attribute information management system according to the fourth embodiment will be described with reference to FIG. FIG. 10 is a diagram for explaining the outline of the attribute information management system according to the fourth embodiment.

  First, referring to FIG. 10, Mr. A (ID (A)) who is a friend of Mr. B who has registered personal attribute information in the information management apparatus refers to the address of Mr. B (ID (B)). A case where a request is made for a mail order service use request in a service providing apparatus (for example, company α) will be described.

  When the service providing apparatus (for example, company α) receives a request for referring to Mr. B's address from Mr. A when the mail order service use request received from Mr. A is received, an information operation request for requesting reference to Mr. B's address is made. Send to the information management device.

  When receiving the information operation request from the service providing apparatus, the information management apparatus refers to the disclosure policy managed in the attribute information disclosure policy DB and controls whether to disclose Mr. B's address to the service providing apparatus.

  Specifically, the information management device, based on the setting from the registrant of the personal attribute information, the information provider ID, the permitted service providing device ID, the attribute item, and the usage described in the second or third embodiment. In addition to the user ID and information operation type, the attribute information disclosure policy DB manages a disclosure policy that associates a service that indicates the service type used by the service user.

  For example, as shown in FIG. 10, in the attribute information disclosure policy DB, “address (address)” is an attribute item to which information (ID) of Mr. B, who is an information provider ID, and information regarding whether or not disclosure is provided. ) ”,“ Telephone (telephone number) ”and“ mail (mail address) ”, user A's ID (A), and information operation types“ reference ”,“ update ”and“ deletion ” In addition, a disclosure policy in which “mail order service” and “catalog sending service” as usage services are associated with each other is managed.

  Then, the information management device acquires an information provider ID, a service provision device ID, an attribute item, a user ID, an information operation type, and a use service included in the information operation request, and obtains an information provider ID, a service device ID, A disclosure policy that matches the attribute item, user ID, information operation type, and usage service is extracted from the disclosure policy managed in the attribute information disclosure policy DB.

  Subsequently, the information management apparatus refers to whether or not the extracted disclosure policy can be disclosed in the same manner as in the above-described second embodiment. Disclosed in the providing apparatus.

  For example, in FIG. 10, the information management apparatus, as a disclosure policy that matches the attribute information acquisition request, from the disclosure policy managed in the attribute information disclosure policy DB, information provider ID “ID (B)”, permitted service A disclosure policy consisting of a providing device ID “α company site”, an attribute item “address (address)”, a user ID “ID (A)”, and an information operation type “reference” is extracted, and disclosure within the extracted disclosure policy is performed. Since the availability is “open”, Mr. B's address (for example, Midoricho xx-xx, Musashino City, Tokyo) will be disclosed to the service providing apparatus.

  Next, referring to FIG. 10, Mr. A (ID (A)) who is a friend of B who has registered personal information in the information management apparatus refers to the address of Mr. B (ID (B)). Will be described when requesting use of a catalog sending service in a service providing apparatus (for example, company α).

  When the service providing apparatus (for example, company α) receives a request for referring to Mr. B's address from Mr. A in response to the request for using the catalog sending service received from Mr. A, an information operation request for requesting reference to Mr. B's address Send to the information management device.

  When receiving the information operation request from the service providing apparatus, the information management apparatus refers to the disclosure policy managed in the attribute information disclosure policy DB and updates the address of Mr. B as in the case of the address reference request described above. Control whether to accept or not.

  For example, in FIG. 10, as the disclosure policy that matches the information operation request, the information management device has the information provider ID “ID (B)” from within the disclosure policy managed in the attribute information disclosure policy DB, the permitted service providing device. Disclosure policy consisting of ID “α company site”, attribute item “address (address)”, user ID “ID (A)”, information operation type “reference” and usage service “catalog sending service” is extracted and extracted The disclosure policy in each disclosure policy is “non-disclosure (meaning that renewal is not permitted in this case)”, so that the address of Mr. B cannot be disclosed without disclosing the address of Mr. B. It will be transmitted to the providing device.

  As described above, according to the third embodiment, for example, in a mail order service, reference to an address as a product delivery destination is permitted, and reference to an address as a catalog distribution destination in a mail order service is not allowed. It is possible to control the information operation of personal attribute information according to the type of service used by the service user.

  In the above-described embodiments, when a personal attribute information of another person different from the service user is requested to be referred to or information operation other than the reference is requested, a period for allowing the information operation is set. If it is within this period, it may be controlled to allow the information operation.

  Therefore, in the attribute information management system according to the present invention, when a personal attribute information of another person different from the service user is requested for reference or an information operation other than the reference is set, a period for allowing the information operation is set. In the meantime, Example 5 will be described as an embodiment in which control is performed so as to allow information operation within this period.

  The outline of the attribute information management system according to the fifth embodiment will be described with reference to FIG. FIG. 11 is a diagram for explaining the outline of the attribute information management system according to the fifth embodiment.

  First, referring to FIG. 11, Mr. A (ID (A)), who is B's net friend who has registered personal attribute information in the information management apparatus, is mail of Mr. B (ID (B)). A case will be described in which address reference is requested when a mail order service use request is made in a service providing apparatus (for example, company α).

  When a service providing apparatus (for example, company α) receives a request for referring to Mr. B's mail address when a mail order service use request received from Mr. A is received from Mr. A, information operation for requesting reference to Mr. B's mail address Send the request to the information management device.

  When receiving the information operation request from the service providing apparatus, the information management apparatus refers to the disclosure policy managed in the attribute information disclosure policy DB and controls whether to disclose Mr. B's mail address to the service providing apparatus. .

  More specifically, the information management device, based on the setting from the registrant of personal information, the information provider ID, permission target service providing device ID, attribute item, user ID, information described in the above embodiment In addition to the operation type and the service to be used, the attribute information disclosure policy DB manages a disclosure policy in which a public period permitting an information operation on personal attribute information is associated.

  For example, as shown in FIG. 11, the attribute information disclosure policy DB includes “ID (B), which is an information provider ID, and“ mail (email) ”which is an attribute item to which information on whether disclosure is possible is assigned. Address) ”, the user ID of Mr. A (A), the information operation type“ reference ”, the usage service“ mail order service ”, and the disclosure period during which the information operation is permitted ( For example, a disclosure policy associated with “2007.4.1 to 2008.3.31”) is managed.

  Then, the information management device acquires an information provider ID, a service provision device ID, an attribute item, a user ID, an information operation type, and a use service included in the information operation request, and obtains an information provider ID, a service device ID, A disclosure policy that matches the attribute item, user ID, information operation type, and use service and satisfies the disclosure period when the information operation request is received is extracted from the disclosure policy managed in the attribute information disclosure policy DB.

  If the disclosure policy that satisfies the disclosure period can be extracted, the information management apparatus refers to whether or not the extracted disclosure policy can be disclosed, as in the above-described embodiment. ", The address of Mr. B is disclosed to the service providing apparatus.

  On the other hand, if the disclosure policy that satisfies the disclosure period cannot be extracted, the information management device notifies the service providing device that the email address of B cannot be disclosed without disclosing the email address of Mr. B. It will be.

  Subsequently, a case will be specifically described in the attribute information disclosure system according to the present invention in which the processes of the above-described second to fifth embodiments are processed as a series of processes.

  In the following sixth embodiment, the configuration and processing of the attribute information disclosure system according to the sixth embodiment will be described in order.

[Configuration of Attribute Information Disclosure System (Example 1)
The attribute information disclosure system according to the sixth embodiment is different from the attribute information disclosure system according to the first embodiment in the following points.

  That is, the policy setting unit 32 shown in FIG. 2 receives the policy setting from the registrant of the personal attribute information, and the information provider ID, permission target service providing apparatus information, attribute item, and group ID described in the above embodiment. The disclosure policy in which the information operation type (group ID that permits the information operation for the personal attribute information), the information operation type, the use service, and the open period is associated is registered in the attribute information disclosure policy DB 33, and “public” is set for each attribute item. ”,“ Non-disclosure ”, or“ confirmation ”, information relating to whether or not disclosure is possible is registered.

  The policy setting unit 32 accepts the setting of the user ID for uniquely identifying the group member from the registrant of the personal attribute information for each group ID that permits the information operation on the personal attribute information. Register in the information disclosure policy DB 33.

  The attribute information disclosure policy DB 33 shown in FIG. 2 includes, for example, an information provider ID registered by the policy setting unit 32, a permitted service providing device ID, an attribute item, a group ID, an information operation type, as shown in FIG. Manages disclosure policies that associate usage services and disclosure periods. Note that each attribute item is managed in a state in which information relating to disclosure availability indicated by any of “public”, “non-public”, or “confirmation” is given.

  Further, as shown in FIG. 12, the attribute information disclosure policy DB 33 manages the user ID for each group ID in association with the information provider ID. When registering each disclosure policy, a unique ID is assigned to the policy.

  Note that a level indicating the strength of a policy and a priority order indicating the priority order of policies of the same level may be further managed in association with the policy ID. This level and priority are used to select a policy for extracting a policy that matches the information operation request when there are a plurality of policies for each attribute item.

  The disclosure permission confirmation unit 34 illustrated in FIG. 2 acquires an information provider ID, a service providing device ID, an attribute item, a group ID, an information operation type, and a usage service included in the information operation request received from the service providing device 10. .

  Next, the disclosure permission confirmation unit 34 refers to the attribute information disclosure policy DB 33, and for each attribute item acquired from the information operation request, the information provider ID of the policy ID associated with the attribute item, the service to be permitted The device ID, group ID, information operation type, and usage service match the information provider ID, service providing device ID, group ID, information operation type, and usage service included in the information operation request, and the information operation request is received. Disclosure policies whose times satisfy the disclosure period of the policy ID associated with the attribute item are extracted.

  Subsequently, the disclosure permission confirmation unit 34 refers to the disclosure permission / prohibition item for each disclosure policy extracted from the attribute information disclosure policy DB 33, and executes processing according to the setting contents of the disclosure permission / inhibition item.

  For example, the disclosure permission confirmation unit 34 has an information operation type included in the information operation request received from the service providing apparatus 10 when the disclosure policy disclosure availability extracted from the attribute information disclosure policy DB 33 is “public”. Is “reference”, the attribute information providing unit 35 shown in FIG. 2 is instructed to provide personal attribute information corresponding to the attribute item.

  In addition, the disclosure permission confirmation unit 34 has an information operation type included in the information operation request received from the service providing apparatus 10 in which the disclosure content of the disclosure policy extracted from the attribute information disclosure policy DB 33 is “public”. Is “update”, for example, update the personal attribute information of the attribute item included in the information operation request with the update information received together with the information operation request, and send a notification that the update has been completed. The attribute information providing unit 35 is instructed. The same processing is performed when the information operation type included in the information operation request received from the service providing apparatus 10 is “create” or “delete”.

  For example, the disclosure permission confirmation unit 34, when the disclosure policy disclosure availability extracted from the attribute information disclosure policy DB 33 is “undisclosed”, the personal attribute information of the attribute item included in the information operation request The attribute information providing unit 35 is instructed to reply to the service providing apparatus 10 that the information operation is not permitted. The same processing is performed when the information operation type included in the information operation request received from the service providing apparatus 10 is “update”, “create”, or “delete”.

  Furthermore, the disclosure permission confirmation unit 34, when the setting content of disclosure permission / non-permission of the disclosure policy extracted from the attribute information disclosure policy DB 33 is “confirmation”, the information included in the information operation request received from the service providing apparatus 10 A confirmation request is sent to the service providing apparatus 10 for confirming whether or not to permit the information operation on the personal attribute information of the attribute item included in the information operation request to the personal attribute information registrant of the provider ID.

  When the disclosure permission confirmation unit 34 receives the confirmation result indicating that the information operation on the personal attribute information is permitted from the service providing apparatus 10, the disclosure permission confirmation unit 34 performs the information operation included in the information operation request in the same manner as described above. Perform the corresponding process. On the other hand, when the confirmation result indicating that the information operation on the personal attribute information is not permitted is received from the service providing apparatus 10, the information operation on the personal attribute information of the attribute item included in the information operation request is performed as described above. The attribute information providing unit 35 is instructed to reply to the service providing apparatus 10 that it is not permitted.

[Processing by Attribute Information Disclosure System (Example 6)]
Subsequently, the flow of processing by the attribute information disclosure system according to the sixth embodiment will be described with reference to FIG. FIG. 13 is a diagram illustrating a process flow of the attribute information disclosure system according to the sixth embodiment.

  As shown in the figure, upon receiving an information operation request from the service providing device 10, the disclosure permission confirmation unit 34 receives an information provider ID, a service providing device ID, an attribute item, a group ID, and an information operation included in the information operation request. The type and the service used are acquired (step S1301).

  Next, the disclosure permission confirmation unit 34 refers to the attribute information disclosure policy DB 33 and, for each attribute item acquired from the information operation request, the information provider ID associated with the attribute item, the permitted service providing device ID, The group ID, information operation type, and service used, and the information provider ID, service providing device ID, group ID, information operation type, and service used included in the information operation request match, and the time when the information operation request is received is an attribute. Each disclosure policy that satisfies the disclosure period associated with the item is extracted (step S1302).

  Subsequently, the disclosure permission confirmation unit 34 refers to the disclosure permission item for each disclosure policy extracted from the attribute information disclosure policy DB 33 and executes processing according to the setting contents of the disclosure permission item (step S1303). .

  For example, the disclosure permission confirmation unit 34 has an information operation type included in the information operation request received from the service providing apparatus 10 when the disclosure policy disclosure availability extracted from the attribute information disclosure policy DB 33 is “public”. Is “reference”, the attribute information providing unit 35 shown in FIG. 2 is instructed to provide personal attribute information corresponding to the attribute item.

  In addition, the disclosure permission confirmation unit 34 has an information operation type included in the information operation request received from the service providing apparatus 10 in which the disclosure content of the disclosure policy extracted from the attribute information disclosure policy DB 33 is “public”. Is “update”, for example, update the personal attribute information of the attribute item included in the information operation request with the update information received together with the information operation request, and send a notification that the update has been completed. The attribute information providing unit 35 is instructed. The same processing is performed when the information operation type included in the information operation request received from the service providing apparatus 10 is “create” or “delete”.

  For example, the disclosure permission confirmation unit 34, when the disclosure policy disclosure availability extracted from the attribute information disclosure policy DB 33 is “undisclosed”, the personal attribute information of the attribute item included in the information operation request The attribute information providing unit 35 is instructed to reply to the service providing apparatus 10 that the information operation is not permitted. The same processing is performed when the information operation type included in the information operation request received from the service providing apparatus 10 is “update”, “create”, or “delete”.

  Furthermore, the disclosure permission confirmation unit 34, when the setting content of disclosure permission / non-permission of the disclosure policy extracted from the attribute information disclosure policy DB 33 is “confirmation”, the information included in the information operation request received from the service providing apparatus 10 A service providing apparatus that issues a confirmation request (for example, see FIG. 14) for requesting confirmation of whether or not the information operation on the personal attribute information of the attribute item included in the information operation request is permitted to the personal attribute information registrant of the provider ID 10 to send.

  When the disclosure permission confirmation unit 34 receives the confirmation result indicating that the information operation on the personal attribute information is permitted from the service providing apparatus 10, the disclosure permission confirmation unit 34 performs the information operation included in the information operation request in the same manner as described above. Perform the corresponding process. On the other hand, when the confirmation result indicating that the information operation on the personal attribute information is not permitted is received from the service providing apparatus 10, the information operation on the personal attribute information of the attribute item included in the information operation request is performed as described above. The attribute information providing unit 35 is instructed to reply to the service providing apparatus 10 that it is not permitted.

  It should be noted that the disclosure permission confirmation unit 34 requests confirmation of whether or not to permit the information operation on the personal attribute information when the disclosure policy disclosure availability extracted from the attribute information disclosure policy DB 33 is “confirmation”. As in the first embodiment described above, even when the disclosure policy disclosure permission setting is “public”, the user is requested to confirm whether or not the information operation on the personal attribute information is permitted. You may do it.

  As described above, according to the sixth embodiment, for example, when a purchased item is shipped from a mail-order site, an information operation such as address reference or update is permitted for a family, and an address reference information operation is performed for a friend. It is possible to control the information operation of the personal attribute information in detail according to various parameters.

  Now, the first embodiment has been described as an embodiment for carrying out the present invention, but the present invention may be implemented in various different forms other than the above-described embodiments. In the following, other embodiments included in the present invention will be described.

(1) Device Configuration, etc. Each component of the information management device 30 shown in FIG. 2 is functionally conceptual and does not necessarily need to be physically configured as illustrated. That is, the specific form of distribution / integration of the information management device 30 is not limited to the one shown in the figure. Depending on the load, usage conditions, etc., any unit can be functionally or physically distributed and integrated. Furthermore, all or any part of each processing function (for example, see FIG. 5) performed in the service providing apparatus 10, the user terminal 20, and the information management apparatus 30 is analyzed and executed by the CPU and the CPU. It can be realized by a program or a hardware by wired logic.

(2) Attribute Information Disclosure Processing Program Various processes (see FIGS. 5 and 13 and the like) of the information management apparatus 30 described in the above-described embodiment are executed by using a program such as a personal computer or a workstation. It can be realized by executing in the system. In the following, an example of a computer that executes an attribute information disclosure processing program having the same function as that of the above-described embodiment will be described with reference to FIG. FIG. 15 is a diagram illustrating a computer that executes an attribute information disclosure processing program.

  As shown in the figure, a computer 40 as the information management apparatus 30 is configured by connecting an input unit 41, an output unit 42, a communication control I / F unit 43, an HDD 44, a RAM 45, and a CPU 46 through a bus 50.

  Here, the input unit 41 receives input of various data from the user. The output unit 42 displays various information. The communication control I / F unit 43 controls the exchange of various information. The HDD 44 stores information necessary for executing various processes by the CPU 46. The RAM 45 temporarily stores various information. The CPU 46 executes various arithmetic processes.

  In the HDD 44, as shown in FIG. 15, an attribute information disclosure processing program 44a that exhibits the same function as each processing unit of the information management apparatus 30 shown in the above embodiment, and attribute information disclosure processing data 44b. Are stored in advance. Note that the attribute information disclosure processing program 44a may be appropriately distributed and stored in a storage unit of another computer that is communicably connected via a network.

  The CPU 46 reads out the attribute information disclosure processing program 44a from the HDD 44 and expands it in the RAM 45, whereby the attribute information disclosure processing program 44a functions as an attribute information disclosure processing process 45a as shown in FIG. . The attribute information disclosure processing process 45a reads the attribute information disclosure processing data 44b and the like from the HDD 44, expands them in the area allocated to itself in the RAM 45, and executes various processes based on the expanded data and the like. The attribute information disclosure process 45a is executed in the communication unit 31, policy setting receiving unit 32, attribute information disclosure policy DB 33, disclosure permission confirmation unit 34, and attribute information providing unit 35 of the information management apparatus 30 shown in FIG. Corresponding to each processing to be performed.

  The attribute information disclosure processing program 44a is not necessarily stored in the HDD 44 from the beginning. For example, a flexible disk (FD), a CD-ROM, a DVD disk, or a magneto-optical disk inserted into the computer 40. Each program is stored in a “portable physical medium” such as an IC card, and “another computer (or server)” connected to the computer 40 via a public line, the Internet, a LAN, a WAN, or the like. The computer 40 may read and execute each program from these.

(3) Attribute Information Disclosure Method The attribute information disclosure method described below is realized by the attribute information disclosure system described in the above embodiment.

  That is, the service providing apparatus 10 that provides a service via the network, the user terminal 20 that uses the service provided from the service providing apparatus 10, and information on a plurality of attribute items related to the user of the user terminal 20 In the attribute information disclosure system configured to control the disclosure of personal attribute information from the information management device 30 to the service providing device 10, the user terminal 20 A setting step of setting a permission attribute item indicating an attribute item of personal attribute information permitted to be disclosed for each service providing device 10 that permits disclosure of personal attribute information to the information management device 30; When a disclosure confirmation request for confirming whether or not to permit disclosure is received from the information management apparatus 30, a service is provided. The information management device 30 is received from the user of the user terminal 20, and includes an answer reply step of returning an answer indicating whether or not disclosure of the device 10 is permitted (see step S 507 in FIG. 5). For each user ID that identifies the user of each user terminal based on the setting, the service providing device information for identifying the service providing device 10 that permits the disclosure of the personal attribute information and the permission attribute item are included. When the disclosure policy management step for managing the disclosure policy (see FIG. 3) and the attribute information acquisition request including the user ID of the service request source are received from the service providing apparatus 10, the disclosure policy management step manages the disclosure policy. Referring to the disclosure policy, service providing apparatus information and attributes for specifying the service providing apparatus 10 that is the transmission source of the attribute information acquisition request A disclosure policy determination step of determining and acquiring a permission attribute item corresponding to both of the user IDs included in the information acquisition request that matches the attribute item targeted for the attribute information acquisition request (FIG. 5). In step S504, the user terminal 20 of the user corresponding to the user ID of the service request source is permitted to disclose the personal attribute information corresponding to the permission attribute item acquired in the disclosure policy determining step. A disclosure confirmation request transmission step for transmitting a disclosure confirmation request for confirmation of whether or not (step S506 in FIG. 5), and a reply from the user terminal 20 to the disclosure confirmation request transmitted in the disclosure confirmation request transmission step Based on an answer indicating whether or not disclosure of the personal attribute information corresponding to the permitted attribute item is permitted, the personal attribute information corresponding to the permitted attribute item is An attribute information disclosing method including an attribute information providing step to be provided to the service providing apparatus 10 (step S508 in FIG. 5) is realized.

  As described above, the attribute information disclosure system, the attribute information disclosure method, and the attribute information disclosure processing program according to the present invention are useful when controlling the disclosure of personal attribute information from the attribute information management device to the service providing device, In particular, it is suitable for preventing information that is not desired to be disclosed from being disclosed on the service providing site.

It is a figure for demonstrating the outline | summary and characteristic of the attribute information disclosure system which concern on Example 1. FIG. 1 is a block diagram illustrating a configuration of an attribute information disclosure system according to Embodiment 1. FIG. It is a figure which shows the structural example of the attribute information disclosure policy which concerns on Example 1. FIG. 6 is a diagram illustrating a configuration example of a disclosure confirmation request screen according to Embodiment 1. FIG. It is a figure which shows the flow of a process of the attribute information disclosure system which concerns on Example 1. FIG. It is a figure for demonstrating the effect by Example 1. FIG. It is a figure for demonstrating the effect by Example 1. FIG. It is a figure for demonstrating the outline | summary of the attribute information management system which concerns on Example 2. FIG. It is a figure for demonstrating the outline | summary of the attribute information management system which concerns on Example 3. FIG. It is a figure for demonstrating the outline | summary of the attribute information management system which concerns on Example 4. FIG. It is a figure for demonstrating the outline | summary of the attribute information management system which concerns on Example 5. FIG. It is a figure which shows the structural example of the attribute information disclosure policy which concerns on Example 6. FIG. It is a figure which shows the flow of a process of the attribute information disclosure system which concerns on Example 6. FIG. FIG. 10 is a diagram illustrating a configuration example of a disclosure confirmation request screen according to a sixth embodiment. It is a figure which shows the computer which executes an attribute information disclosure processing program. It is a figure which shows a prior art.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 Service provision apparatus 20 User terminal 21 Input part 22 Output part 23 Communication part 24 Policy setting part 25 Confirmation result reception part 30 Information management apparatus 31 Communication part 32 Policy setting reception part 33 Attribute information disclosure policy DB
34 Disclosure permission confirmation unit 35 Attribute information providing unit 40 Computer (information management device)
41 Input unit 42 Output unit 43 Communication control I / F unit 44 HDD (Hard Disk Drive)
44a Attribute information disclosure processing program 44b Attribute information disclosure processing data 45 RAM (Random Access Memory)
45a Attribute information disclosure process 50 Bus

Claims (14)

A service providing device that provides a service via a network, a user device that uses a service provided by the service providing device, and personal attribute information that includes information on a plurality of attribute items related to the user of the user device. An attribute information disclosure system that controls the disclosure of personal attribute information from the attribute information management device to the service providing device.
User device
A setting means for setting a permission attribute item for identifying personal attribute information permitted to be disclosed for each service providing device permitted to disclose personal attribute information to the attribute information management device;
Reply for reply indicating whether or not disclosure to the service providing device is permitted when a disclosure confirmation request for confirming whether or not to permit disclosure is received from the attribute information management device for the permission attribute item Reply means,
With
The attribute information management device
Service providing apparatus for identifying a service providing apparatus that permits disclosure of personal attribute information for each user information that identifies a user of each user apparatus based on a setting received from a user of the user apparatus A disclosure policy management means for managing a disclosure policy including information and the permission attribute item;
When the personal attribute information request including the user information of the service request source is received from the service providing apparatus, it is the transmission source of the personal attribute information request with reference to the disclosure policy managed by the disclosure policy management means. Of the permission attribute items corresponding to both the service providing device information for identifying the service providing device and the user information included in the personal attribute information request, it matches the attribute item that is the target of the personal attribute information request. A disclosure policy determination means for determining and acquiring a thing;
The user device corresponding to the user information of the service request source is requested to confirm whether or not the disclosure of the personal attribute information corresponding to the permission attribute item acquired by the disclosure policy determination unit is permitted. A disclosure confirmation request transmitting means for transmitting a disclosure confirmation request;
In response to a disclosure confirmation request transmitted by the disclosure confirmation request transmission means, based on an answer indicating whether or not to permit disclosure of personal attribute information corresponding to the permission attribute item returned from the user device, Attribute information providing means for providing personal attribute information corresponding to the permission attribute item to the service providing device;
An attribute information disclosure system characterized by comprising: The setting means, for each service providing device that permits the disclosure of personal attribute information to the attribute information management device, not only the permission attribute item but also a personal attribute that requires confirmation of disclosure permission when disclosing to the service providing device Set more confirmation attribute items to identify the information,
When the reply reply means receives the disclosure confirmation request from the attribute information management apparatus, the reply reply means replies with a reply indicating whether or not disclosure to the service providing apparatus is permitted for the permission attribute item and the confirmation attribute item. ,
The disclosure policy management means, based on the setting received from the user device, for each user information, the disclosure policy including not only the service providing device information and the permission attribute item but also the confirmation attribute item. Manage
The disclosure policy determination means refers to the disclosure policy managed by the disclosure policy management means, and provides service provision apparatus information for identifying the service provision apparatus that is the transmission source of the personal attribute information request, and personal attribute information Among the permission attribute item and the confirmation attribute item corresponding to both user information included in the request, the one that matches the attribute item that is the target of the personal attribute information request is determined and acquired,
The disclosure confirmation request transmission unit is configured to provide each of the personal attributes corresponding to the permission attribute item and the confirmation attribute item acquired by the disclosure policy determination unit for the user device corresponding to the user information of the service request source. Send a disclosure confirmation request to confirm whether to allow the disclosure of information,
The attribute information providing means, based on an answer indicating whether or not to permit disclosure of each personal attribute information corresponding to the permission attribute item and the confirmation attribute item returned from the user device, the permission attribute item and the confirmation The attribute information disclosure system according to claim 1, wherein each personal attribute information corresponding to the attribute item is provided to the service providing apparatus. A service providing device that provides a service via a network, a user device that uses a service provided by the service providing device, and personal attribute information that includes information on a plurality of attribute items related to the user of the user device. An attribute information disclosure method for controlling the disclosure of personal attribute information from the attribute information management device to the service providing device.
User device
A setting step for setting a permission attribute item indicating an attribute item of personal attribute information permitted to be disclosed for each service providing device permitted to disclose personal attribute information to the attribute information management device;
Reply for reply indicating whether or not disclosure to the service providing device is permitted when a disclosure confirmation request for confirming whether or not to permit disclosure is received from the attribute information management device for the permission attribute item A reply step;
Including
The attribute information management device
Service providing apparatus for identifying a service providing apparatus that permits disclosure of personal attribute information for each user information that identifies a user of each user apparatus based on a setting received from a user of the user apparatus A disclosure policy management step for managing a disclosure policy including information and the permission attribute item;
When the personal attribute information request including the user information of the service request source is received from the service providing apparatus, the service that is the transmission source of the personal attribute information request with reference to the disclosure policy managed by the disclosure policy management step Among the allowed attribute items corresponding to both the service providing device information for specifying the providing device and the user information included in the personal attribute information request, the one that matches the attribute item that is the target of the personal attribute information request A disclosure policy determination step of determining and acquiring
The user device corresponding to the user information of the service request source is requested to confirm whether or not to permit disclosure of the personal attribute information corresponding to the permission attribute item acquired in the disclosure policy determination step. A disclosure confirmation request sending step for sending a disclosure confirmation request;
In response to the disclosure confirmation request transmitted by the disclosure confirmation request transmission step, based on an answer indicating whether or not disclosure of personal attribute information corresponding to the permission attribute item returned from the user device is permitted, An attribute information providing step of providing personal attribute information corresponding to the permitted attribute item to the service providing device;
The attribute information disclosure method characterized by including In the setting step, for each service providing apparatus that permits the disclosure of personal attribute information to the attribute information management apparatus, not only the permitted attribute item but also a personal attribute that requires confirmation of disclosure permission upon disclosure to the service providing apparatus Set more confirmation attribute items to identify the information,
In the reply reply step, when the disclosure confirmation request is received from the attribute information management apparatus, a reply indicating whether or not disclosure to the service providing apparatus is permitted for the permission attribute item and the confirmation attribute item is returned. ,
The disclosure policy management step includes a disclosure policy including not only the service providing device information and the permission attribute item but also the confirmation attribute item for each user information based on a setting received from the user device. Manage
The disclosure policy determination step refers to the disclosure policy managed in the disclosure policy management step, and provides service provision device information for identifying the service provision device that is the transmission source of the personal attribute information request, and the personal attribute information request Among the permission attribute items and the confirmation attribute items corresponding to both of the user information included in the information, the one that matches the attribute item that is the target of the personal attribute information request is determined and acquired,
In the disclosure confirmation request transmission step, for each user attribute corresponding to the user information of the service request source, each personal attribute corresponding to the permission attribute item and the confirmation attribute item acquired by the disclosure policy determination step Send a disclosure confirmation request to confirm whether to allow the disclosure of information,
In the attribute information providing step, the permission attribute item and the confirmation are based on an answer indicating whether or not disclosure of each personal attribute information corresponding to the permission attribute item and the confirmation attribute item returned from the user device is permitted. 4. The attribute information disclosure method according to claim 3, wherein each piece of personal attribute information corresponding to the attribute item is provided to the service providing apparatus. For the user of the user device that uses the service provided from the service providing device via the network, the personal attribute information composed of information of a plurality of attribute items is managed, and the personal attribute information is disclosed to the service providing device. An attribute information disclosure processing program for causing a computer as an attribute information management device to execute processing for controlling
In the computer as the attribute information management device,
Service providing apparatus for identifying a service providing apparatus that permits disclosure of personal attribute information for each user information that identifies a user of each user apparatus based on a setting received from a user of the user apparatus A disclosure policy management procedure for managing a disclosure policy including a permission attribute item for identifying information and personal attribute information permitted to be disclosed;
When the personal attribute information request including the user information of the service request source is received from the service providing apparatus, the service that is the transmission source of the personal attribute information request with reference to the disclosure policy managed by the disclosure policy management procedure Among the allowed attribute items corresponding to both the service providing device information for specifying the providing device and the user information included in the personal attribute information request, the one that matches the attribute item that is the target of the personal attribute information request Disclosure policy determination procedure for determining and acquiring
The user device corresponding to the user information of the service request source is requested to confirm whether or not the disclosure of the personal attribute information corresponding to the permission attribute item acquired by the disclosure policy determination procedure is permitted. A disclosure confirmation request sending procedure for sending a disclosure confirmation request;
In response to a disclosure confirmation request transmitted by the disclosure confirmation request transmission procedure, based on an answer indicating whether or not disclosure of personal attribute information corresponding to the permission attribute item returned from the user device is permitted, Attribute information provision procedure for providing personal attribute information corresponding to the permission attribute item to the service providing device;
An attribute information disclosure processing program characterized in that The disclosure policy management procedure includes not only the service providing device information and the permission attribute item but also a disclosure permission for disclosure to the service providing device for each user information based on a setting received from the user device. Manage disclosure policy that includes confirmation attribute items to identify personal attribute information that requires confirmation,
The disclosure policy determining procedure refers to the disclosure policy managed by the disclosure policy management procedure, and provides service providing device information for identifying a service providing device that is a transmission source of a personal attribute information request, and a personal attribute information request Among the permission attribute items and the confirmation attribute items corresponding to both of the user information included in the information, the one that matches the attribute item that is the target of the personal attribute information request is determined and acquired,
The disclosure confirmation request transmission procedure includes a personal attribute corresponding to the permission attribute item and the confirmation attribute item acquired by the disclosure policy determination procedure for the user device of the user corresponding to the user information of the service request source. Send a disclosure confirmation request to confirm whether to allow the disclosure of information,
The attribute information provision procedure is based on an answer indicating whether or not disclosure of each personal attribute information corresponding to the permission attribute item and the confirmation attribute item returned from the user device is permitted. 6. The attribute information disclosure processing program according to claim 5, wherein the personal attribute information corresponding to the attribute item is provided to the service providing apparatus. The setting means is authorized user information that permits the use of the permission attribute item and the personal attribute information corresponding to the confirmation attribute item in association with the permission attribute item and the confirmation attribute item for each service providing device. Is further set in the attribute information management device,
The disclosure policy management means associates registrant information for identifying a registrant of personal attribute information, the service providing device information, the permission attribute item and the confirmation attribute item, and the permitted user information. Managed as a disclosure policy,
The disclosed policy determination means, when receiving a personal attribute information use request transmitted from the user device as a request for using another person's personal attribute information from the service providing device, registrant information that is a target of the personal attribute information use request The service provider device information and authorized user information that are the sender of the personal attribute information usage request are extracted from the personal attribute information usage request, and all of the extracted registrant information, service provider device information, and authorized user information are supported. Obtaining a permission attribute item and a confirmation attribute item to be referred to by referring to a disclosure policy managed by the disclosure policy management means,
The disclosure confirmation request transmission means discloses the individual attribute information corresponding to the permission attribute item and the confirmation attribute item acquired by the disclosure policy determination means to a registrant device used by a registrant of personal attribute information. Send a disclosure confirmation request to confirm whether to allow
The attribute information providing means, based on an answer indicating whether or not to permit disclosure of each personal attribute information corresponding to the permission attribute item and the confirmation attribute item returned from the registrant device, the permission attribute item and the confirmation The attribute information disclosure system according to claim 2, wherein personal attribute information corresponding to the attribute item is provided to the service providing apparatus. For each service providing device, the setting means associates the permission attribute item and the confirmation attribute item with each other, not only the authorized user information but also the personal attribute information corresponding to the permission attribute item and the confirmation attribute item. Further set an information operation type indicating the type of information operation allowed as a usage form in the attribute information management device,
The attribute information management device further includes information operation means for executing an information operation according to an information operation type other than the reference when the information operation type included in the personal attribute information request is other than a reference,
The disclosure policy management means manages the registrant information, the service providing device information, the permission attribute item, the permission attribute item, the confirmation attribute item, and the information operation type in association with each other,
The disclosure policy determination means refers to the disclosure policy managed by the disclosure policy management means when the personal attribute information use request is received from a service providing apparatus, and is included in the personal attribute information use request. Determining and obtaining permission attribute items and confirmation attribute items corresponding to all of the user information, service providing device information, authorized user information and information operation type,
The disclosure confirmation request transmission unit is configured to provide, for each individual attribute information corresponding to the permission attribute item and the confirmation attribute item acquired by the disclosure policy determination unit, a personal attribute for a registrant device used by a registrant of personal attribute information. Send an information operation confirmation request to confirm whether or not to allow information operation corresponding to the information operation type included in the information request,
The information operation type included in the personal attribute information request is a case where an answer indicating that the information operation of each personal attribute information corresponding to the permission attribute item and the confirmation attribute item is permitted is received from the registrant device. If it is other than a reference, the information operation means performs an information operation according to the information operation type for each personal attribute information corresponding to the permission attribute item and the confirmation attribute item,
The information operation type included in the personal attribute information request is a case where an answer indicating that the information operation of each personal attribute information corresponding to the permission attribute item and the confirmation attribute item is permitted is received from the registrant device. The attribute information providing means, when it is a reference, provides each piece of personal attribute information corresponding to the permission attribute item and the confirmation attribute item to a service providing apparatus. 8. The attribute information disclosure system according to 7. The setting means is associated with the permission attribute item and the confirmation attribute item for each of the service providing devices, and is used in response to the provision from the service providing device as well as the authorized user information and the information operation type. A service type indicating the service type used by the user of the user terminal is further set in the attribute information management device,
The disclosure policy management means includes the registrant information, the service providing device information, the permission attribute item and the confirmation attribute item, the permitted user information, the information operation type, and the service use type. Manage them in association,
The disclosure policy determination means refers to the disclosure policy managed by the disclosure policy management means when the personal attribute information use request is received from a service providing apparatus, and is included in the personal attribute information use request. The attribute according to claim 8, wherein the permission attribute item and the confirmation attribute item corresponding to all of the user information, the service providing device information, the authorized user information, the information operation type, and the used service type are determined and acquired. Information disclosure system. The setting means is associated with the permission attribute item and the confirmation attribute item for each service providing device, and includes not only the permitted user information, the information operation type and the used service type, but also the permission attribute item and Further setting a permission period for allowing the use of personal attribute information corresponding to the confirmation attribute item in the attribute information management device,
The disclosure policy management means includes registrant information for identifying a registrant of personal attribute information, the service providing apparatus information, the permission attribute item and the confirmation attribute item, the authorized user information, and the information. Managing the operation type, the service type used, and the permission period in association with each other,
The disclosure policy determination means refers to the disclosure policy managed by the disclosure policy management means when the personal attribute information use request is received from a service providing apparatus, and is included in the personal attribute information use request. A permission attribute item and a confirmation attribute item that correspond to all of the user information, service providing device information, authorized user information, information operation type, and used service type and that satisfy the permission period when the personal information use request is received. The attribute information disclosure system according to claim 9, wherein the attribute information disclosure system is determined and acquired. The setting procedure includes, for each service providing device, permission user information that permits use of the permission attribute item and the personal attribute information corresponding to the confirmation attribute item in association with the permission attribute item and the confirmation attribute item. Is further set in the attribute information management device,
The disclosure policy management procedure associates registrant information for identifying a registrant of personal attribute information, the service providing device information, the permission attribute item and the confirmation attribute item, and the authorized user information. Managed as a disclosure policy,
When the disclosure policy determination procedure receives a personal attribute information usage request transmitted from a user device as a usage request for the personal attribute information of another person from the service providing device, the registrant information that is the target of the personal attribute information usage request The service provider device information and authorized user information that are the sender of the personal attribute information usage request are extracted from the personal attribute information usage request, and all of the extracted registrant information, service provider device information, and authorized user information are supported. Obtaining a permission attribute item and a confirmation attribute item to be referred to by referring to a disclosure policy managed by the disclosure policy management means,
The disclosure confirmation request transmission procedure is for a registrant device used by a registrant of personal attribute information to disclose individual attribute information corresponding to the permission attribute item and the confirmation attribute item acquired by the disclosure policy determination procedure. Send a disclosure confirmation request to confirm whether to allow
The attribute information provision procedure is based on an answer indicating whether or not disclosure of each personal attribute information corresponding to the permission attribute item and the confirmation attribute item returned from the registrant device is permitted. 7. The attribute information disclosure processing program according to claim 6, wherein the personal attribute information corresponding to the attribute item is provided to the service providing apparatus. The setting procedure includes not only the permitted user information but also the personal attribute information corresponding to the permission attribute item and the confirmation attribute item in association with the permission attribute item and the confirmation attribute item for each service providing apparatus. Further set an information operation type indicating the type of information operation allowed as a usage form in the attribute information management device,
When the information operation type included in the personal attribute information request is other than a reference, the computer as the attribute information management apparatus further executes an information operation procedure for executing an information operation according to the information operation type other than the reference Let
The disclosure policy management procedure manages the registrant information, the service providing apparatus information, the permission attribute item, the permission attribute item, the confirmation attribute item, and the information operation type in association with each other.
The disclosure policy determination procedure refers to the disclosure policy managed by the disclosure policy management procedure when the personal attribute information usage request is received from a service providing apparatus, and includes the registration included in the personal attribute information usage request. Determining and obtaining permission attribute items and confirmation attribute items corresponding to all of the user information, service providing device information, authorized user information and information operation type,
The disclosure confirmation request transmission procedure is for a registrant device used by a registrant of personal attribute information, for each individual attribute information corresponding to the permission attribute item and the confirmation attribute item acquired by the disclosure policy determination procedure. Send an information operation confirmation request to confirm whether or not to allow information operation corresponding to the information operation type included in the information request,
The information operation type included in the personal attribute information request is a case where an answer indicating that the information operation of each personal attribute information corresponding to the permission attribute item and the confirmation attribute item is permitted is received from the registrant device. If it is other than a reference, the information operation procedure executes an information operation according to the information operation type for each personal attribute information corresponding to the permission attribute item and the confirmation attribute item,
The information operation type included in the personal attribute information request is a case where an answer indicating that the information operation of each personal attribute information corresponding to the permission attribute item and the confirmation attribute item is permitted is received from the registrant device. The attribute information providing procedure, when it is a reference, provides each personal attribute information corresponding to the permission attribute item and the confirmation attribute item to a service providing apparatus. 11. The attribute information disclosure processing program according to 11. For each service providing apparatus, the setting procedure is used in association with the permission attribute item and the confirmation attribute item in response to provision from the service providing apparatus as well as the authorized user information and the information operation type. A service type indicating the service type used by the user of the user terminal is further set in the attribute information management device,
The disclosure policy management procedure corresponds to the registrant information, the service providing device information, the permission attribute item, the permission attribute item and the confirmation attribute item, the information operation type, and the service type used. Manage,
The disclosure policy determination procedure refers to the disclosure policy managed by the disclosure policy management procedure when the personal attribute information usage request is received from a service providing apparatus, and includes the registration included in the personal attribute information usage request. 13. The attribute according to claim 12, wherein permission attribute items and confirmation attribute items corresponding to all of the user information, service providing device information, authorized user information, information operation type, and used service type are determined and acquired. Information disclosure processing program. In the setting procedure, for each service providing apparatus, the permission attribute item and the confirmation attribute item are associated with each other, not only the permitted user information, the information operation type, and the used service type, but also the permitted attribute item and Further setting a permission period for allowing the use of personal attribute information corresponding to the confirmation attribute item in the attribute information management device,
The disclosure policy management procedure includes registrant information for identifying a registrant of personal attribute information, the service providing device information, the permission attribute item and the confirmation attribute item, the authorized user information, and the information. Managing the operation type, the service type used, and the permission period in association with each other,
The disclosure policy determination procedure refers to the disclosure policy managed by the disclosure policy management procedure when the personal attribute information usage request is received from a service providing apparatus, and includes the registration included in the personal attribute information usage request. A permission attribute item and a confirmation attribute item that correspond to all of the user information, service providing device information, authorized user information, information operation type, and used service type and that satisfy the permission period when the personal information use request is received. The attribute information disclosure processing program according to claim 13, wherein the attribute information disclosure processing program is determined and acquired.

Images