JP2013179472A - Mobile device and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a mobile device and a program that have eliminated the possibility of information leakage while securing availability.SOLUTION: A storage system 101 on a cloud 100 provides a data storage service provided as a web service. In a mobile device 200 connecting to the storage system 101 via a network, installed is an application software program 201 for communicating with the data storage service by a protocol used for the web service. The application software program 201 downloads and uses all data used for prescribed information processing from the storage system 101 and completely deletes the data from the mobile device after use.

Description

  The present invention relates to mobile devices and programs, and more particularly to mobile devices and programs that connect to a data storage service configured to provide access to storage as a web service.

  For mobile devices that are portable and can be connected to the network, such as smartphones, pad-type terminals, and notebook PCs, the environment settings and user-defined settings that the user has set can be transferred when the terminal is replaced or replaced. It is normal to have to do. Therefore, when such mobile devices are used for business, environment setting and migration of stored data have become operational barriers.

  On the other hand, the concept of using a mobile device (so-called “private property”) that is personally owned by a user for business in the movement for pursuing cost reduction and efficient business advancement has recently attracted attention. Such a concept is sometimes referred to as BYOD (Bring Your Own Device).

  However, there is great resistance to storing business information that often belongs to private terminals. Removing the possibility of erasing information and leaking information is a problem in the dissemination of BYOD.

  Whether it is privately owned or rented by a company, countermeasures against information leakage when a mobile device is lost is a major issue. After the enforcement of the Personal Information Protection Law (2005), personal information leakage accidents due to loss of mobile terminals, etc. have become a social problem, and countermeasures against information security by companies have become an important theme. For example, personal information and other company secret information are taken out using a mobile phone, and information leakage occurs due to loss or theft of the mobile phone.

  Conventionally, management groups (such as managers in corporations) have been able to grasp device status, device settings, etc., and perform appropriate management in response to such issues, that is, using device management systems. Has been done.

  However, such a conventional mobile device management system (MDM) can remotely control the mobile device, but substantially all of the environment settings and stored data that the user originally set in the mobile device. It was to be erased. Alternatively, the function of the mobile phone is merely switched remotely to enable / disable the function.

JP 2009-049564 A

  Japanese Patent Application Laid-Open No. 2004-151561 describes a technique that is intended to easily control remotely a mobile terminal having various functions. However, in Patent Document 1, a mode definition file having the same contents is stored in the control server and the terminal, and the terminal switches the mode based on an instruction from the control server. Therefore, if the data belonging to the secret is in the terminal, it is considered that the file entity remains in the terminal just as it cannot be used.

  In this case, the possibility of information leakage by a method such as storage device analysis cannot be removed. However, erasing all data from a remote location as in the prior art has a major disadvantage when the data is important.

  The present invention has been made in view of the above circumstances, and an object of the present invention is to provide a mobile device and a program that eliminate the possibility of information leakage while ensuring availability.

  In order to achieve the above object, according to a first aspect of the present invention, there is provided a mobile device that connects to a data storage service provided as a web service via a network, and is used in the web service for the data storage service. Application software that communicates using a protocol is installed, and the application software downloads and uses data used for predetermined information processing from the data storage service, and erases it completely from the mobile device after use. To provide mobile devices.

  In order to achieve the above object, according to a second aspect of the present invention, there is provided a program of application software installed on a mobile device, wherein the web is provided for a data storage service provided as a web service to the mobile device. A function for communicating with a protocol used in a service and connecting to the data storage service via a network; a function for downloading and using data used for predetermined information processing from the data storage service; and Provided is a program characterized by realizing a function of deleting from a mobile device.

  ADVANTAGE OF THE INVENTION According to this invention, it becomes possible to provide the mobile device and program which removed the possibility of information leakage, ensuring availability.

It is a figure which illustrates the whole network of embodiment of this invention. FIG. 2 is a diagram illustrating an example of a server group configuring the storage system 101 of FIG. 1. It is a sequence diagram which shows the communication between server applications of FIG. It is a functional block diagram of the application software 201 of FIG. It is a flowchart figure which shows the information processing of the control part 202 of FIG. It is a figure which shows the example of the authentication information table stored in the storage system 101 side of FIG.

  Hereinafter, the present invention will be described by way of embodiments with reference to the drawings.

  In the present embodiment, the mobile device is configured to be used in a cloud-type data storage service for the purpose of eliminating the possibility of information leakage in the mobile device as discussed in the above problem column.

[System configuration]
The storage system 101 according to the present embodiment is configured to provide access to storage as a web service in the entire network (see FIG. 1). The storage system 101 is placed on a network including a public network (typically the Internet, for example) called a “cloud”. Referring to FIG. 1, a storage system 101 is placed on the cloud 100 and is configured to perform data communication with various mobile devices 200.

  As the mobile device 200, various devices including a mobile terminal and a personal computer can be used. The portable terminal is not limited, but includes an operating system (hereinafter referred to as “OS”) provided by Apple Computer, Inc., a mobile phone terminal or pad-type terminal equipped with iOS, and an OS provided by Google Inc., USA. A portable terminal equipped with Android (registered trademark) can be used.

  More specifically, the storage system 101 communicates with application software 201 running on each mobile device 200. Here, in the present embodiment, the application software 201 is a so-called native application corresponding to each OS.

  The interaction between the storage system 101 and the application software 201 on the mobile device 200 is realized by a REST base interface. In this embodiment, in the REST-based interface, each web service call includes all the information necessary to process the call without reference to external state information.

  In the present embodiment, in the REST base interface, a web service is designated as a URI (Uniform Resource Identifier) such as a URL (“Uniform Resource Locator”) including a designated operation and one or more query parameters. In response to the service call request, data is returned in an XML (“eXtensible Markup Language”) format using HTTP (“HyperText Transport Protocol”).

[Infrastructure layer]
Various combinations of hardware for realizing the functions of the storage system 101 and software programs for performing predetermined information processing using the hardware can be used. In the present embodiment, a software program that virtually operates as a server group illustrated in FIG. 2 is used by using one or more general-purpose computers.

  FIG. 2 shows an example of a server group constituting the storage system 101 of FIG. As shown in FIG. 2, the storage system 101 includes a load balancer 102, a web service cluster 103, a database management cluster 104, and a distributed file system cluster 105, and constitutes a distributed data storage service as a whole.

  The load balancer 102 includes a proxy server, and provides various functions such as session maintenance with the mobile device 200, load distribution, and appropriate redirection of web service calls. The proxy server is not limited, but, for example, HAProxy (registered trademark) is used.

  The web service cluster 103 includes a web server that appropriately processes each web service call based on TCP / HTTP, and realizes a function of providing a web service. As a web server, although not limited, Apache (registered trademark) that has been continuously developed in open source is used, for example.

  The database management cluster 104 provides a large-scale distributed database function for efficiently accessing data recorded in the distributed file system cluster 105. Each function of the database management cluster 104 is provided by, for example, a Hadoop Base (hereinafter, “HBase”), although not limited thereto. When using HBase, the database management cluster 104 may include a master server and a region server.

  The master server manages the region server, manages life and death, and integrates data and changes the arrangement according to capacity. The region server is a large-scale distributed database for efficiently accessing data recorded in the distributed file system cluster 105.

  The distributed file system cluster 105 is a large-scale distributed file system including at least two name nodes and at least three data nodes. Each function of the distributed file system cluster 105 is provided by, but not limited to, a Hadoop Distributed File System (hereinafter, “HDFS”).

  Thus, the storage of this storage system 101 is made redundant by a plurality of computer nodes. Further, according to the present embodiment configured as described above, when the data capacity of the distributed file system cluster 105 becomes insufficient, the data capacity can be easily increased without a decrease in performance by simply adding data nodes. be able to. Therefore, it is scalable.

  Note that the configuration illustrated in FIG. 2 can be physically implemented by five server machines. Assuming that the five server machines are node # 1, node # 2,..., Node # 5, respectively, let node # 1 function as the proxy server 1, master server 1, and name node 1 in FIG. The node # 2 is caused to function as the proxy server 2, the master server 2, and the name node 2. Further, the node # 3 functions as the web server 1, the region server 1, and the data node 1, the node # 4 functions as the web server 2, the region server 2, and the data node 2, and the node # 5 is configured as the web server 3. , Function as a region server 3 and a data node 3.

  As described above, since a large-scale distributed database system can be constructed from only five server machines physically, a small business start is possible. In other words, a business using the large-scale distributed database system provided by the present embodiment can be started with a small initial investment cost.

  FIG. 3 shows a sequence of communication between server applications of the server group shown in FIG. As shown in FIG. 3, access to the storage system 101 according to this embodiment is divided into an authentication phase and a data access phase.

  In the authentication phase, when an authentication request query is made from the mobile device 200, the load is balanced by the load balancer 102 and transmitted to the available web service cluster 103 (S101, S102).

  The web service cluster 103 analyzes the query and executes a query according to the content of the query to the database management cluster 104 and the distributed file system cluster 105 in the subsequent stage (S103 to S106).

  The query in the authentication phase includes at least authentication information. On the other hand, the storage content to be accessed in the query or data access phase includes access authority to the storage content as meta information (file information), as will be described later. The web service cluster 103 determines whether access is possible based on the authentication information of the query and the access authority to the stored content to be accessed in the query or data access phase, and returns the result to the mobile device 200 (S107, S108, S109).

  In the data access phase, almost the same information processing is performed as in the authentication phase. When a query for a data access request is made from the mobile device 200, the load is balanced by the load balancer 102 and transmitted to the available web service cluster 103 (S110, S111).

  The web service cluster 103 analyzes the query and executes a query according to the content of the query to the database management cluster 104 and the distributed file system cluster 105 in the subsequent stage (S112 to S115).

[Application software]
The configuration and operation of the mobile device 200 used in the cloud-type data storage service and the application software 201 installed on the mobile device 200 will be described in more detail below.

  FIG. 4 is a functional block diagram schematically illustrating functions realized by the application software 201. As shown in the figure, the application software 201 is controlled by a control unit 202, a communication unit 203, a first storage unit 204, and a second storage unit 205 by information processing using general general-purpose hardware included in the mobile device 200. Each block can be called.

  The communication unit 203 communicates with the storage system 101 shown in FIGS. 1 to 3 using the HTTP (more preferably, HTTPS) protocol, and inputs data downloaded from the storage system 101 to the application software 201. When the downloaded data is processed by information processing using the control unit 202, it is immediately uploaded to the storage system 101 and synchronized with the data on the cloud.

  The communication unit 203 may be designed to exist as middleware between the operation system and the application software 201. In this case, middleware that performs the function of the communication unit 203 may be called, for example, SDK (Software Developer's Kit).

  The control unit 202 performs some information processing on data downloaded from the storage system 101 by the communication unit 203. At that time, it is also possible to perform a process such as interactively interacting with the OS using an API (Application Programming Interface) of the operating system and passing the information processing result to the OS. For example, when a JPEG image is downloaded, the control unit 202 performs decoding, passes the decoding result to the OS, and executes a process for displaying on a display unit (liquid crystal display device or the like) (not shown) of the mobile device 200.

  In addition, the control unit 202 detects the end of the session, and executes a process of deleting the download data temporarily stored in the second storage unit when the session ends. Note that the second storage unit 205 may be configured to automatically delete the storage.

  The application software 201 is configured to functionally have first and second storage means. It is not necessary to prepare a physically separate storage medium for each storage means, and the storage area may be simply formed on a single storage medium.

  The first storage unit 204 stores a device ID that is automatically generated when the application software 201 is installed in the mobile device 200. The device ID is non-volatile. Even if the power of the mobile device 200 is turned off or the application software 201 is terminated, the memory is not lost. In the present embodiment, it is assumed that one application software 201 is installed in one mobile device 200.

  The device ID is used when authenticating to the storage system 101. In particular, the communication unit 203 performs communication by including it in an authentication request query.

  The second storage unit 205 temporarily stores data downloaded from the storage system 101 by the communication unit 203. There may be a plurality of download data. Download data is automatically deleted when the session ends. Note that the control unit 202 may detect the end of the session, and at the end of the session, a process of deleting the download data temporarily stored in the second storage unit may be executed.

  FIG. 5 shows a flow of information processing of the application software 201. As shown in the flowchart of FIG. 5, the session is started when the application software 201 on the mobile device 200 side transmits an authentication request query (S201).

  The transmission of the authentication request query (S201) is preferably performed when the user starts up the application software 201. When the user starts up the application software 201, the control unit 202 displays a prompt requesting input of authentication information on the screen, and the information input thereto is stored in the first storage unit 204. A query including the device ID is generated and transmitted by the communication unit 203.

  In the process described with reference to FIG. 3, authentication is performed on the cloud side. An authentication result is returned in XML. If the authentication is successful, the session is started. If the authentication is not successful, the session is ended (S202).

  When the session continues, desired data access is performed (S203, S204). On the other hand, when the session is ended (Yes in S204), the application software 201 performs “wipe out” of the download data (S205). This “wipe out” is erasure of the download data temporarily stored in the second storage unit 205 as described above.

  Note that the wipeout is also performed when the session is not intentionally terminated, such as when the application software 201 is forcibly terminated.

  As described above, the mobile device is configured to be connected to the data storage service, and all the data is downloaded from the storage system 101 side, and is configured to be completely erased (wiped out) from the mobile device when finished. According to the present embodiment, there is no possibility of information leakage even when theft is lost, except in a special case where authentication information is leaked.

  On the other hand, as described with reference to FIGS. 1 to 3, according to the present embodiment, extremely large-scale information can be handled and the scalability is excellent. Therefore, availability is always ensured.

[Authentication]
Next, authentication performed on the storage system 101 side will be described. When viewed from the mobile device side, authentication is executed between S201 and S202 in FIG. On the other hand, when viewed from the storage system 101 side, authentication is executed in the authentication phase of S101 to S109 in FIG.

  An authentication table as shown in FIG. 6 is stored in the data node of the distributed file system cluster 105 in FIG. For example, when an authentication request query including a company ID, a department ID, a user ID, and a device ID is transmitted by the POST method of the HTTPS protocol, the web server provided by the received web service cluster 103 checks the authentication table, Judge the match or mismatch.

  As illustrated in FIG. 6, valid (usable) / invalid (unusable) information may be associated with each device ID in the authentication table. If authentication is performed for each device ID in addition to the user ID, the security becomes stronger. In addition, it becomes possible for a person in charge of managing a company's data storage service to use such a method that allows use of up to three mobile devices per user, for example.

  According to the above-described embodiment, even when a terminal is replaced or replaced in a mobile device that is portable and can be connected to a network, such as a smartphone, a pad-type terminal, and a notebook PC, the terminal before replacement or replacement The environment and data can be reproduced immediately, and business continuity is not hindered. It also reduces TCO.

  In addition, since the data itself is always on the data storage service side in the cloud and not on the mobile device side, confidentiality is maintained even in the case of theft or loss. Access to the data storage service is protected by authentication information such as a company ID, user ID, device ID, password, and passcode. Therefore, according to the present embodiment, the possibility of information leakage is eliminated even in the case of theft or loss, and BYOD can be realized. In other words, a business model for banning personal belongings becomes possible.

DESCRIPTION OF SYMBOLS 100 Cloud 101 Storage system 102 Load balancer 103 Web service cluster 104 Database management cluster 105 Distributed file system cluster 200 Mobile device 201 Application software 202 Control part 203 Communication part 204 1st memory | storage means 205 2nd memory | storage means

Claims (6)

A mobile device connected via a network to a data storage service provided as a web service,
Application software that performs communication using the protocol used in the web service is installed in the data storage service.
The application software downloads and uses data used for predetermined information processing from the data storage service, and completely deletes the data from the mobile device after use.   The application software acquires user authentication information associated with a user of the mobile device, and transmits the user authentication information to the data storage service prior to a data access phase in which data is downloaded from the data storage service. The mobile device according to claim 1, wherein authentication is obtained. When the application software is installed, a device ID that is unique for each mobile device is generated,
The mobile device according to claim 2, wherein the application software transmits the device ID together with the user authentication information to the data storage service, and obtains authentication for the device ID.   The mobile device according to any one of claims 1 to 3, wherein an interface between the data storage service and the application software is a REST interface.   5. The database storing data to be downloaded by the mobile device in the data storage service is made redundant by using a plurality of computer nodes by a distributed file system. 6. The listed mobile device. A program of application software installed on a mobile device,
On the mobile device,
A function of communicating with a data storage service provided as a web service using a protocol used in the web service, and connecting to the data storage service via a network;
A function to download and use data used for predetermined information processing from the data storage service;
A function of completely erasing from the mobile device after use;
A program characterized by realizing.

Images