JP2014038524A - Information collection system - Google Patents

Information collection system Download PDF

Info

Publication number
JP2014038524A
JP2014038524A JP2012181134A JP2012181134A JP2014038524A JP 2014038524 A JP2014038524 A JP 2014038524A JP 2012181134 A JP2012181134 A JP 2012181134A JP 2012181134 A JP2012181134 A JP 2012181134A JP 2014038524 A JP2014038524 A JP 2014038524A
Authority
JP
Japan
Prior art keywords
information
terminal
collection
provision request
query
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
JP2012181134A
Other languages
Japanese (ja)
Other versions
JP5903015B2 (en
Inventor
Tomohiro Inoue
知洋 井上
Ikuo Yoda
育生 依田
Koichi Takasugi
耕一 高杉
Hiroyuki Maeomichi
浩之 前大道
Original Assignee
Nippon Telegr & Teleph Corp <Ntt>
日本電信電話株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegr & Teleph Corp <Ntt>, 日本電信電話株式会社 filed Critical Nippon Telegr & Teleph Corp <Ntt>
Priority to JP2012181134A priority Critical patent/JP5903015B2/en
Publication of JP2014038524A publication Critical patent/JP2014038524A/en
Application granted granted Critical
Publication of JP5903015B2 publication Critical patent/JP5903015B2/en
Application status is Active legal-status Critical
Anticipated expiration legal-status Critical

Links

Images

Abstract

An object of the present invention is to enable a user who owns a plurality of terminals to trade personal information of the user in a unified manner.
The present invention is a system for searching personal management data of a plurality of terminal devices managed by the same user in response to a query from the outside, and sending the search result as an answer to a query destination. A personal information management agent is operated in each of the plurality of terminal devices, one of the personal information management agents has a function of a query execution management agent, and the query execution management agent executes an external query and Have the decision to send responses all at once.
[Selection] Figure 1

Description

  The present invention is capable of providing and managing personal information (hereinafter referred to as personal management data) safely while protecting personal privacy for businesses that want to use various personal information for advanced service provision or research purposes. The present invention relates to a system construction method and an information control method in an information distribution platform that enables information.

  Conventionally, for the purpose of third-party services to utilize personal management data stored in the terminal owned by the user, information transaction of personal management data (to be provided to a third party after anonymization) An information collection system for personal management data that has been made possible has been proposed. In this technology, a data management agent that operates under the management of the individual is installed in a terminal (user terminal) owned by the user, and the agent determines whether or not it can answer an inquiry about personal management data ( For example, refer nonpatent literature 1 and 2.).

"Prototype implementation and evaluation of real-world data management agent", IEICE Technical Report, vol. 111, no. 469, IN2011-182, pp. 269-274, March 2012. "Architect of real-world data management agents that distribute and distribute data anonymously", IEICE Technical Report, vol. 111, no. 469, IN2011-181, pp. 265-268, March 2012.

  In the conventional method, since a data management agent for information management is installed in a terminal (user terminal) owned by the user, and the agent determines whether the information can be traded centrally, an individual (in the embodiment, When “User (A)”) has a plurality of terminals, this cannot be handled. As a result, for service providers who want to utilize personal management data, it is possible to collect only the data accumulated in one terminal owned by the user, and one user accumulates across multiple terminals Such personal management data cannot be accessed.

  On the other hand, as an extension method that can be considered naturally, a data management agent is installed in each of a plurality of user terminals, and the data management agent judges a transaction and receives information on an inquiry about personal management data from a service provider. In this method, the user makes a transaction decision on information for each terminal in response to an inquiry about personal management data from the service provider. There is a problem that it is not possible to judge comprehensively whether or not is traded.

  On the other hand, as another method, personal management data on multiple user terminals can be copied to one master database, and then the data management agent can make a transaction decision. It is necessary to synchronize with the master database when all the data is updated, which is not practical in terms of cost.

  Therefore, an object of the present invention is to make it possible for a user who owns a plurality of terminals to trade personal information of the user in a unified manner.

  In order to achieve the above object, the present invention searches for personal management data possessed by a plurality of terminal devices managed by the same user in response to an inquiry from the outside, and sends the search result as an answer to the inquiry destination. In the sending system, a personal information management agent is operated in each of a plurality of terminal devices, one of the personal information management agents has a function of a query execution management agent, and the query execution management agent is Make a decision to execute an inquiry and send an answer at once.

  Specifically, the terminal device according to the present invention obtains an information provision request including an instruction to collect information stored in the terminal, and sends information related to the collection instruction to the terminal of the terminal in advance. A collection unit that collects information from a terminal registered in the network, and a response creation unit that executes the collection instruction using the collected information and creates a response to the information provision request.

  In the terminal device according to the present invention, the information provision request is acquired, and it is determined whether or not any of the own terminal and the terminal registered in advance in the own terminal is the target of the information provision request. And when it is an object, you may further provide the answer determination part which starts the said collection | recovery part.

  In the terminal device according to the present invention, the information provision request further includes an aggregation process that defines a process after collecting the information, and the response creating unit performs the aggregation process using the information after the execution of the collection instruction. May be executed.

  Specifically, the information collection system according to the present invention receives the information provision request and transmits the answer, and a plurality of terminal devices according to the invention transmits the information provision request and receives the reply. An information collector terminal and the information collector request from the information collector terminal are received, the identification information of the information collector terminal in the information provider request is converted, and the converted information provider request is sent to the plurality of terminals Transaction support that distributes to devices, receives the responses from the plurality of terminal devices, converts identification information of the plurality of terminal devices in the responses, and provides the converted responses to the information collector terminal And a server.

  In the information collection system according to the present invention, when the plurality of terminal devices receive the information provision request, the plurality of terminal devices acquire the credit rating of the information collector terminal from the credit management record for managing the credit rating, and manage the privacy level of the information When the privacy level of the information requested in the information provision request is obtained from a privacy level management record, and the difference between the credit level of the transmission source of the information provision request and the privacy level of the information is less than a set value, the information provision Displays whether or not the information requested in the request is to be replied to the sender of the information provision request, and when an input to the effect is obtained, the information of the information described in the privacy management record When the privacy level is reduced by a certain value and an input indicating that the answer is not given is obtained, the information of the information described in the privacy level management record is obtained. The Ibashi degree may be increased a certain value.

  Specifically, in the information collection method according to the present invention, when an information provision request including an information collection instruction stored in a terminal is acquired, information related to the collection instruction is transmitted to the terminal of the terminal in advance. A collection procedure for collecting from the terminal registered in the terminal, and a reply creation procedure for executing the collection instruction using the collected information and creating a reply to the information provision request are sequentially provided.

  In the information collection method according to the present invention, when the information provision request is acquired in the collection procedure, either one of its own terminal or a terminal registered in advance in the own terminal is the target of the information provision request. It may be determined whether or not there is a target, and if it is a target, information related to the collection instruction may be collected from its own terminal and a predetermined terminal.

  Specifically, when the collection unit obtains an information provision request including an instruction to collect information stored in the terminal, the information collection program according to the present invention transmits information about the collection instruction to its own terminal and A collection procedure for collecting from a terminal registered in advance in the terminal, and an answer creating unit that executes the collection instruction using the collected information and creates a reply to the information provision request; This is a program that causes a computer to execute in order.

  The above inventions can be combined as much as possible.

  ADVANTAGE OF THE INVENTION According to this invention, also about the user who owns several terminals, the said user's personal information can be managed centrally, and it can be made transactionable.

1 shows an example of an information collection system according to an embodiment of the present invention. An example of a structure of a user terminal is shown. An example of a query is shown. An example of a collection processing command is shown. An example of the command of an aggregation process is shown. The sequence diagram which shows an example of operation | movement of an information collection system is shown. An example of the information collection system which concerns on Embodiment 2 is shown. An example of the sequence of the transaction which concerns on Embodiment 2 is shown. 10 illustrates a configuration example of a data access management unit according to a third embodiment. FIG. 9 is a flowchart of an information collection method according to Embodiment 3. An example of a credit management record is shown. An example of a privacy management record is shown.

  Embodiments of the present invention will be described with reference to the accompanying drawings. The embodiments described below are examples of the present invention, and the present invention is not limited to the following embodiments. In the present specification and drawings, the same reference numerals denote the same components.

  FIG. 1 shows an example of an information collection system according to an embodiment of the present invention. The information collection system according to the present embodiment includes a plurality of user terminals 20 used by a user A who owns personal management data, and a questionnaire used by a user B who wants to utilize the information of the user A distributed to the plurality of user terminals 20. A practitioner server 10 and a transaction support server 30 that mediates between user A and user B are provided. In this embodiment, the user terminal 20 functions as a terminal device according to the present invention, and the questionnaire performer server 10 functions as an information collector terminal.

  Each user terminal 20 includes a data store 21 that stores user A's personal management data and a data management agent 26 that manages user A's personal management data. The personal management data is information corresponding to the user terminal 20. In the present embodiment, the first user terminal 20 is a personal computer, and the web browsing history is stored in the data store 21 of the first user terminal 20. The second user terminal 20 is a television recording device, and a television recording history is stored in the data store 21 of the second user terminal 20. An example in which the third user terminal 20 is a mobile phone and the position (GPS) history is stored in the data store 21 of the third user terminal 20 will be described.

  User B uses queryer server 10 to inquire about personal management data of user A, and uses query relay unit 35 to send a search expression (equivalent to an information provision request for information to be collected) that specifies the transaction content of information. In Then, the data management agent 26 provided in each user terminal 20 operates.

  FIG. 2 shows an example of the configuration of the user terminal. The data management agent 26 includes a policy management unit 23, a data access management unit 22, a query execution management unit 24, and a connection management unit 25. In one of the user terminals 20 (the first user terminal in this embodiment), the data access management unit 22 functions as an answer determination unit, and the query execution management unit 24 and connection management of the first user terminal 20 The unit 25 functions as a collection unit, and the query execution management unit 24 functions as an answer creation unit.

The data access management unit 22 manages the entire execution. The data access management unit 22 acquires a query and transmits a response. The data access management unit 22 makes an inquiry to the policy management unit 23 to determine whether the query can be executed. The policy management unit 23 determines whether the query can be executed and returns a response to the data access management unit 22. The data access management unit 22 executes a data search command for the data store 21, acquires a result, and transmits the result to the query execution management unit 24.
The query execution management unit 24 manages the execution of (a plurality of) subqueries.
The connection management unit 25 has an address list of other user terminals 20 of the user A, and transmits / receives messages / commands between a plurality of data management agents 26. Further, the user A grasps the connection state (whether or not the user A is disconnected) with other user terminals 20 through periodic connection confirmation.

  The data management agents 26 provided in the first to third user terminals 20 are distributed and coordinated with the query execution management unit 24 of the first user terminal 20 as the center. Thereby, the personal management data stored in each user terminal 20 is searched, and it is determined whether or not the searched personal management data can be traded. In the query, information collection processing and aggregation processing are separately described, and “collection processing + aggregation processing” is executed sequentially (sequentially).

  FIG. 3 shows an example of the query. The query includes a query ID, an executor name, transaction conditions, execution conditions, one or a plurality of subqueries, and an answer collection server. The query ID is an identification number unique to the query, the executor name is the name of the user B, the transaction condition is the price of the answer, the execution condition is a condition for executing the query such as the target age, and the subquery is The answer collection server is the storage location of the answer after query execution. As the name of the executor, it is preferable to use a pseudonym as described in the second embodiment. It is also preferable to use a pseudonym for the name of the user A who executes the query. The sub-query includes a command for collecting information to be inquired and a command for aggregation processing. Although the answer collection server can be set to an arbitrary address, in this embodiment, the answer collection server is used as the query relay unit 35 for simplicity. Details of the data search processing by the query will be described in the sequence example.

  FIG. 4 and FIG. 5 show examples of a collection processing command and a collection processing command, respectively. The collection processing command is a command for reading data from the data store 21 and is, for example, a command string such as SQL (Structured Query Language). The aggregation processing command is a command for generating a search result of the personal management data of the user A using the data read from the data store 21.

  For example, for marketing research, it is assumed that the user B is collecting information on spots (stations) where the user and the viewing history of various users and the TV and TV frequently stop by. In that case, the user B describes the information to be inquired as a query and inputs it to the information trading platform. The query is composed of three subqueries. Each subquery collects a user's Web browsing history (subquery QS1), TV recording history (subquery QS2), and position history (subquery QS3).

  FIG. 6 is a sequence diagram showing an example of the operation of the information collection system. The information collection method according to the present embodiment includes an answer determination procedure, a collection procedure, and an answer creation procedure in order. Step S2 is executed in the answer determination procedure, steps S4 to S7 are executed in the collection procedure, and step S8 is executed in the answer creation procedure. In this embodiment, for the sake of simplicity, the data store 21 and the data management agent 26 provided in the first user terminal 20 are represented as the data store 21-1 and the data management agent 26-1, respectively, and are provided in the second user terminal 20. The data store 21 and the data management agent 26 are represented as a data store 21-2 and a data management agent 26-2, respectively. The data store 21 and the data management agent 26 provided in the third user terminal 20 are respectively represented as a data store 21-3 and a data store. This is represented as a management agent 26-3.

(Step S1)
The questionnaire executor server 10 issues a query to the query relay unit 35. The questionnaire executor server 10 managed by the user B inputs a query describing data to be collected to the query relay unit 35. At this time, user attribute information to be queried is set as an execution condition. In this embodiment, it is assumed that the execution condition = male in their 30s. A query is composed of one or a plurality of subqueries. The sub-query is composed of collection processing and aggregation processing of information to be queried.

(Step S2)
The data management agent 26-1 (data access management unit 22) periodically queries the query relay unit 35 and obtains a query. The data access management unit 22 functions as an answer determination unit, and is one of the second user terminal 20 to the third user terminal 20 whose addresses are stored in the first user terminal 20 and the connection management unit 25. Determines whether or not is a query target. For example, when the execution condition included in the query is the attribute of the user A (age = 35 years), the fact that the age of the user A is 35 years is stored in the memory of the data management agent 26-1, the query It is determined that it is the target of. The query may be acquired after determining that it is the target of the query. In the present embodiment, it is assumed that the attribute of user A (age = 35 years old) is stored in the memory of the data management agent 26-1.

(Step S3)
The data management agent 26-1 that has acquired the query from the query relay unit 35 parses the query and audits the content of the query. The data management agent 26-1 (data access management unit 22) becomes the execution subject of the query. The data management agent 26-1 that becomes the query execution subject validates the internal query execution management unit 24. In the case of this embodiment, the query execution management unit 24 of only the first user terminal 20 among the user terminals 20 is validated. In the data management agents 26-2 and 26-3 that are not the query execution subject, the query execution management unit 24 is not activated (does not function).

  When executing a query, the data access management unit 22 of the data management agent 26-1 passes the query to the query execution management unit 24, and the query execution management unit 24 decomposes the query into sub-queries. For example, the query execution management unit 24 of the first user terminal 20 dispatches each task necessary for executing the decomposed subquery to the data management agents 26-2 and 26-3 of the other user terminals 20. . Subqueries in the query are executed in order. That is, first, the subquery QS1 is executed.

  Here, apart from the sequence, the structure of the subquery and its execution method will be described. A subquery is composed of a collection process and an aggregation process of information to be queried.

  The collection process includes a search expression for the data store. The collection process may include a process (filter or the like) process for the search result. Since the collection process is relatively simple as described above, it can be easily executed on a terminal having limited resources such as a mobile terminal. In other words, this is a distributed processing method suitable for mobile terminals.

  The query execution management unit 24 in the data management agent 26-1 sends data management agents 26-1, 26-2, and 26-3 on all user terminals 20 (own terminal and other terminals) managed by the connection management unit 25. Instruct the execution of the collection process. When the instruction destination is its own data management agent 26-1, it instructs its own data access management unit 22 to execute the collection process.

  When the instruction destination is the data management agents 26-2 and 26-3 that are the other user terminals 20, the data management agents 26-2 and 26-2 of all the other user terminals 20 are connected via the connection management unit 25. 26-3 is instructed to execute the collection process. In this case, the connection management unit 25 of the data management agents 26-2 and 26-3 receives the execution instruction of the collection process from the connection management unit 25 of the data management agent 26-1.

  The data management agents 26-1, 26-2, 26-3 of each user terminal 20 are described in the collection process for the data stores 21-1, 21-2, 21-3 on the user terminal 20 of the user terminal 20. A search expression is input, and a response (searched result) from the data store 21 is returned to the query execution management unit 24 of the data management agent 26-1. However, when the collection process includes a modification process, the data management agents 26-1, 26-2, and 26-3 reply after applying the modification process to the retrieved result data. At the time of answering, the data management agents 26-2 and 26-3 transmit to the data management agent 26-1 via the connection management unit 25.

The aggregation process describes post-processing such as aggregation for the data collected in the collection process. The aggregation process is executed by the data management agent 26-1.
The above is the structure and execution method of the subquery.

(Step S4)
Data management agent 26-1 executes a collection process F 1 subqueries QS1 to the data store 21 of his terminal. In the present embodiment, the collection process F 1 of the subquery QS 1 is a search expression that collects the web browsing history for the last month from the data stored in the data store 21. For example, in order to acquire the browsing history of the Firefox browser, the above-described collection process can be realized by throwing a known browsing history DB file into an SQL query.

(Step S5)
Data management agent 26-2 which has received the execution instruction for the subquery QS1 via connection management unit 25 from the data management agent 26-1 executes a collection process F 1 subqueries QS1 as in step S4. Then, the result (search result) obtained by the execution is returned to the data management agent 26-1 via the connection management unit 25.

(Step S6)
Similar to step S5, the data management agent 26-3 executes the subquery QS1 and returns the search result to the query execution management unit 24 of the data management agent 26-1. At this time, the connection management unit 25 of the data management agent 26-1 knows that the third user terminal 20 is disconnected, for example (that is, the periodic access performed by the connection management unit 25 is impossible). In this case, the connection management unit 25 of the data management agent 26-1 does not need to request the third user terminal 20 to execute the subquery. In this case, the subquery is not executed in the third user terminal 20. In other words, the subquery (or all queries) is executed only between the user terminals 20 connected to the network.

(Step S7)
The query execution management unit 24 of the data management agent 26-1 performs the aggregation process R 1 (described in the subquery QS1) after connecting the search results respectively executed by the respective user terminals 20, and uses the result as the subquery QS1. As a result. In the present embodiment, aggregates frequent URL of Views from the Web browsing history obtained by the collection processing F 1, processing for listing the top 10 is described in the aggregation process R 1 subqueries QS1 Shall.
As a result, after the Web browsing history stored in each user terminal 20 is connected, the top 10 URLs with the highest browsing frequency in total are the results of the subquery QS1. The collection processing and aggregation processing of the subqueries QS2 and QS3 are also executed in the same manner as described above (however, the collection target is the TV recording history and the position history).

In this way, each subquery is executed in order within the query.
The output result of each subquery is stored in the memory by the data management agent 26-1. In the present embodiment, the data management agent 26-1 stores the execution result of the subquery QS1 (the top 10 URL list of Web browsing frequencies). After the execution of the subquery QS1 is completed, the data management agent 26-1 continues to execute the subqueries QS2 and QS3 in the same manner as the subquery QS1. Then, the data management agent 26-1 stores the result of each subquery in the memory.

(option)
The output of the subquery can also be referred to by the following subquery. For example, if the "previous subquery result reading flag" subqueries QS2 was "true", in addition to collecting process F 2 of the execution results of the subquery QS2 (collection processing result returned from the terminal 1, 2, 3), subqueries execution result of QS1 but also connected becomes the eligible aggregation processing R 2. By doing in this way, it becomes possible not only to concatenate data by a plurality of subqueries but also to process data by a chain of subqueries.

(Step S8)
When execution of all the subqueries is completed, the query execution management unit 24 of the data management agent 26-1 combines (for example, lists) the results of the subqueries to create an answer for the entire query. The combination of the subquery results may be other than the list, for example, as follows. Pattern that invalidates the answer of the query itself depending on the result of the subquery. For example, when the output result of the subquery is a character string “query failure”, the query execution management unit 24 invalidates the entire query without combining the results of the subquery, and does not transmit an answer.

(Step S9)
In the data management agent 26-1, the query execution management unit 24 transmits the query answer to the query relay unit 35. At this time, the query execution management unit 24 may audit the contents of the answer and determine whether or not to send the answer to the query based on its own policy set by the user A.

(Step S10)
The questionnaire executor server 10 accesses the query relay unit 35 and collects the query answers transmitted from each user including the user A.

  As described above, the present invention is a system in which the data management agent 26 operates on each of a plurality of user terminals 20 managed by (the same) individual and receives an inquiry (query) of personal management data from the outside. , One of the agents (in this embodiment, the data management agent 26-1) is validated as a query execution management agent, and the query execution management agent concentrates to make an inquiry execution decision and an answer sending decision. Distributed search method, communication protocol, and distributed database management method.

  The apparatus of the present invention can also be realized by a computer and a program, and the program can be recorded on a recording medium or provided through a network.

  The present invention makes it possible for a user who owns a plurality of user terminals 20 to manage personal information of the user in a unified manner and to trade personal information. For this reason, it is possible to determine in a unified manner what kind of information is going to be traded across a plurality of terminals possessed by an individual, and to trade.

In addition, the present invention copies and aggregates the user's personal data in one place, that is, instead of building a single database for personal data in advance, distributes queries to each terminal and acquires data by distributing queries. Therefore, the following effects can be obtained.
First, it is not necessary to collect (copy) all personal information in a central server such as a cloud. For this reason, it is possible to reduce network bandwidth use costs and storage costs.
Second, it is an acceptable data search method for users who do not want to store personal management data in a terminal managed by another person such as a cloud.
Therefore, the present invention can avoid high-cost operations that require a very high level of security, such as collecting and managing personal management data.

(Embodiment 2)
FIG. 7 shows an example of an information collection system according to this embodiment. The information collection system according to the present embodiment includes a questionnaire performer server 10 that is an information collector terminal, a user terminal 20 that is an information provider terminal, a transaction support server 30, a credit information server 40, and a query distribution server 50. And an answer collection server 60 and a point server 70.

  Questionnaire server 10, user terminal 20, query distribution server 50 and answer collection server 60 exchange questionnaires and responses, and transaction support server 30, credit information server 40 and point server 70 provide credit functions and money for information transactions. Responsible for the mechanism to resolve transactions.

  The combination of the transaction support server 30 and the credit information server 40 makes it possible to check the creditworthiness of B viewed from A even when both the user A and the user B are anonymous. In addition, with the combination of the transaction support server 30 and the point server 70, the compensation payment (money, points, etc.) from B to A for the information provision by the answer (answer) of the user A to the questionnaire (query) of the user B is anonymous for both. It is possible to maintain the sex.

  FIG. 8 shows an example of a transaction sequence. Before starting the procedure, the real name information of the user A and the real name information of the user B are registered in the transaction support server 30 in advance in different procedures. The information collection method according to this embodiment includes an information provision request distribution procedure, an answer procedure, and a point clearing procedure in this order. The information provision request distribution procedure is executed before the collecting procedure described in the first embodiment, and the answer determination procedure, the collecting procedure, and the answer creating procedure described in the first embodiment are executed in the answer procedure.

  In the information provision request distribution procedure, a questionnaire practitioner pseudonym issue step S201, a questionnaire (query) distribution step S202, a questionnaire (query) acquisition step S203, and a questionnaire response pseudonym acquisition step S204 are executed. To do. In the reply procedure, a reply transmission (answer placement) step S205 and a reply collection (answer collection) step S206 are executed. In the point clearing procedure, the point clearing step S207 is executed.

Questioner issuer pseudonym issuing step (S201)
The questionnaire executor server 10 creates a questionnaire (query) as an information provision request, assigns a query ID (QID) as an identification mark of the information provision request, and together with real name information including the real name of the user B, the transaction support server 30 is requested to issue a pseudonym in this query. The transaction support server 30 confirms the real name registration of B in its own database, generates a temporary name (Ba) of the user B for the query ID (while the query ID is valid), and stores it in the own database. After recording, the pseudonym is returned to the questionnaire executor server 10.

Questionnaire (query) distribution step (S202)
The questionnaire implementer server 10 describes the query ID and the pseudonym of the user B acquired in step S201 in the questionnaire (query), and arranges them in the query distribution server 50 in a state that can be acquired from the user terminal 20.

Questionnaire (query) acquisition step (S203)
The user terminal of the user A acquires the questionnaire (query) arranged in the query distribution server 50 in step S202, and obtains the query ID and the pseudonym Ba of the user B described.

Step for obtaining a pseudonym for answering a questionnaire (S204)
The user terminal 20 requests the transaction support server 30 to issue a pseudonym in this query together with the query ID acquired in step S203, the pseudonym Ba of B, and the real name of the user A. The transaction support server 30 confirms the real name registration of A in its own database, generates a temporary name (Aa) of the user A (only while the query ID is valid) for the query ID, and stores it in the own database. After recording, the answer status of the record is set to unanswered, and the pseudonym Aa is returned to the user terminal 20.

Response sending (answer arrangement) step (S205)
The user terminal 20 creates an answer to the questionnaire by performing query processing, describes the query ID, the pseudonym Ba of B, and the pseudonym Aa of A, and arranges them in the answer collection server 60. At this time, the contents of the questionnaire (answer) and the query ID, the pseudonym Ba of B, and the pseudonym Aa of A can be divided and handled when the electronic signature by the user A is + ( Assume that an electronic signature is applied to the entire query ID, K pseudonym Ba, A pseudonym Aa) and (query ID, K pseudonym Ba, A pseudonym Aa).

Response collection (answer collection) step (S206)
The questionnaire server 10 makes an inquiry to the answer collection server 60 asynchronously, and if a questionnaire (query) corresponding to a combination of (query ID, pseudonym Ba of user B) is arranged (stored), the contents Request acquisition. At that time, the answer collection server 60 extracts (query ID, user B's pseudonym Ba, user A's pseudonym Aa) from the corresponding answer, and requests the transaction support server 30 to check double answers and fraudulent answers. The transaction support server 30 confirms from the (query ID, the pseudonym of the user B, the pseudonym of A) that there is a respondent to the query (exists in the record), and if it does not exist, it is an illegal answer immediately. (NG) is returned to the answer collection server 60. If it exists and the answer status is unanswered, OK is returned to the answer collection server 60, and NG is returned otherwise. When the answer collection server 60 receives NG, it does nothing. As a result, multiple responses due to anonymity (injustice transactions in which an individual impersonates a plurality of people and responds to the same questionnaire multiple times) can be prevented. When the answer collection server 60 receives OK, the answer collection server 60 sends the contents of the questionnaire response to the questionnaire executor server 10, and sends an answer to the transaction support server 30 (query ID, user B pseudonym Ba, user A pseudonym Aa). Tell the content has been delivered. When the transaction support server 30 receives the delivered response, the transaction support server 30 sets the corresponding response count record as answered. At the same time, the transaction support server 30 transmits (query ID, the real name of the user B, the real name of the user A) to the point server 70 and informs that it has been answered.

Point clearing step (S207)
The point server 70 acquires the real name of the user B and the real name of the user A regarding the answered query, and transfers the price designated by the transaction support server 30 from the user B to the user A (such as remittance).

  As mentioned above, since the information collection system which concerns on this embodiment is provided with the questionnaire implementer server 10, the user terminal 20, and the transaction support server 30, and performs step S201-step S205 in order, anonymity of a questionnaire respondent and a questionnaire implementer is shown. A questionnaire can be conducted while maintaining it. Moreover, since the information collection system which concerns on this embodiment is further provided with the query distribution server 50 and the answer collection | recovery server 60, it can strengthen anonymity maintenance of a questionnaire respondent and a questionnaire implementer. Furthermore, since the information collection system according to the present embodiment further includes the point server 70, it enables information transactions (money transactions) while maintaining the anonymity of the questionnaire respondents.

(Embodiment 3)
In the present embodiment, in the answer determination procedure described in the first embodiment, the data access management unit 22 requests the policy management unit 23 to audit the contents of the query prior to the execution of the query and determine whether the query can be executed. Do. Thereby, it is possible to determine whether or not to reply according to the intention of the user A.

  FIG. 9 shows a configuration example of the data access management unit according to the present embodiment. The data access management unit 22 includes a reliability determination unit 31, a confirmation unit 32, a record update unit 33, and a query processing unit 34. FIG. 10 shows a flowchart of an answer determination procedure according to this embodiment. The answer determination procedure according to the present embodiment includes a credit determination procedure, a confirmation procedure, a privacy update procedure, and a query processing procedure in order. In the credit determination procedure, steps S401 to S402 are executed. In the confirmation procedure, step S403 is executed. In the privacy level update procedure, step S404 or S406 is executed. In the query processing procedure, step S405 or S407 is executed.

  In step S401, the credit quality determination unit 31 inquires of the credit information server 40 about the credit level X of the pseudonym Ba and inquires about the privacy level Z of the information requested in the information provision request. The credit information server 40 queries the transaction support server 30 for the real name of the pseudonym Ba, acquires the real name B, and acquires the credit rating X of the real name B with reference to the credit management record stored by itself. Further, the credit information server 40 refers to the privacy level management record stored by itself and acquires the privacy level Z of the information i requested in the information provision request. Then, the credit information server 40 transmits the credit level X of the pseudonym Ba and the privacy level Z of the information i to the credit level determination unit 31.

  FIG. 11 shows an example of the credit management record. FIG. 12 shows an example of the privacy level management record. In the credit management record, the credit rating X of each information collector is recorded together with the real name of the information collector. In the privacy level management record, the privacy level Z of information stored as personal management data is recorded for each type of information. The privacy level Z is, for example, high when the information type i is the name of the user A, and low when the information type i is a hobby. The reliability degree X and the privacy degree Z recorded in these records are digitized and can be set from the user terminal 20.

Next, the reliability determination unit 31 determines whether or not the reliability X of the transmission source of the information provision request is lower than the privacy level Z of the information.
If X ≧ Z, the creditworthiness determination unit 31 outputs an answer to the query processing unit 34 and proceeds to step S405.
On the other hand, if X <Z, the creditworthiness determination unit 31 proceeds to step S402.

In step S402, the trustworthiness determination unit 31 calculates a difference between the trustworthiness X and the privacy degree Z, and determines whether or not the difference is less than a predetermined set value.
If the difference is greater than or equal to the set value, the trustworthiness determination unit 31 outputs a message indicating that no answer is given to the query processing unit 34 and proceeds to step S407.
On the other hand, when the difference is less than the set value, the trustworthiness determination unit 31 outputs the trustworthiness X of the user Ba and the requested information to the confirmation unit 32, and the process proceeds to step S403.

  In step S <b> 403, the confirmation unit 32 outputs the reliability Ba X of the user Ba and the requested information to a display unit (not shown) of the user terminal 20. As a result, a confirmation message is displayed on the display unit. The confirmation message includes the information collector's trustworthiness X and information i, asking whether or not to provide information. The user A inputs to the user terminal 20 whether or not to answer based on the confirmation message. When the input to the effect that the confirmation unit 32 answers is obtained, the process proceeds to step S404. When the input indicating that the confirmation unit 32 does not answer is acquired, the process proceeds to step S406.

  In step S404, the record updating unit 33 lowers the privacy level Z of the requested information by a certain value, and the information i inputted as “reply” by the user A out of the privacy levels stored in the credit information server 40. Update your privacy level. For example, when the privacy level is 20 levels from level 1 to level 20, the privacy level is lowered by level 1.

  In step S405, the query processing unit 34 outputs to the query execution management unit 24 that the query processing is performed.

  In step S 406, the record update unit 33 increases the privacy level Z of the requested information by a certain value, and the information i entered as “not answered” by the user A among the privacy levels stored in the credit information server 40. Update your privacy level. For example, when the privacy level is 20 levels from level 1 to level 20, the privacy level is increased by level 1.

  In step S407, the query processing unit 34 outputs to the query execution management unit 24 that the query processing is not performed.

  The above is the flow of the answer determination procedure according to this embodiment. The answer determination procedure according to the present embodiment confirms whether or not the information can be disclosed to the user A, who is the information owner, when the credit level X of the user B is close to the privacy level Z of the information. . At this time, if the user A accepts the disclosure, the privacy level of the information is slightly lowered. If you refuse, raise the privacy of the information.

  The present invention can be applied to the information communication industry.

10: Questionnaire server 20: User terminal 21: Data store 22: Data access management unit 23: Policy management unit 24: Query execution management unit 25: Connection management unit 26: Data management agent 30: Transaction support server 31: Credit judgment Unit 32: Confirmation unit 33: Record update unit 34: Query processing unit 35: Query relay unit 40: Credit information server 50: Query distribution server 60: Answer collection server 70: Point server

Claims (8)

  1. A collection unit that acquires an information provision request including an instruction to collect information stored in the terminal, and collects information related to the collection instruction from the terminal registered in the terminal and the terminal in advance;
    Executing the collection instruction using the collected information, and creating an answer to the information provision request;
    A terminal device comprising:
  2.   When the information provision request is acquired, it is determined whether any of the terminal and the terminal registered in advance in the terminal is the target of the information provision request. The terminal device according to claim 1, further comprising an answer determination unit that activates the collection unit.
  3. The information provision request further includes an aggregation process that defines a process after collecting information,
    The terminal apparatus according to claim 1, wherein the answer creating unit executes the aggregation process using information after the collection instruction is executed.
  4. A plurality of terminal devices according to any one of claims 1 to 3, which receive the information provision request and transmit the answer;
    An information collector terminal that transmits the information provision request and receives the answer;
    Receiving the information provision request from the information collector terminal, converting the identification information of the information collector terminal in the information provision request, distributing the converted information provision request to the plurality of terminal devices, and A transaction support server that receives the answers from the plurality of terminal devices, converts the identification information of the plurality of terminal devices in the answers, and provides the converted answers to the information collector terminal;
    An information collection system comprising:
  5.   Upon receiving the information provision request, the plurality of terminal devices obtains the credit level of the information collector terminal from the credit level management record for managing the credit level, and receives the information provision request from the privacy level management record for managing the privacy level of the information. If the difference between the creditworthiness of the sender of the information provision request and the privacy level of the information is less than a set value, the information requested in the information provision request is Displaying whether or not to reply to the sender of the information provision request, and obtaining input to reply, lowering the privacy level of the information described in the privacy management record by a certain value and not responding The privacy level of the information described in the privacy level management record is increased by a certain value. Information collection system according to claim 4,.
  6. When obtaining an information provision request including an instruction to collect information stored in the terminal, a collection procedure for collecting information related to the collection instruction from the own terminal and a terminal registered in advance in the own terminal;
    An answer creation procedure for executing the collection instruction using the collected information and creating an answer to the information provision request;
    Information collection method having in order.
  7.   In the collection procedure, when the information provision request is acquired, it is determined whether any one of the terminal and the terminal registered in advance in the terminal is the target of the information provision request. 7. The information collecting method according to claim 6, wherein information relating to the collection instruction is collected from the terminal and a predetermined terminal.
  8. When the collection unit obtains an information provision request including an instruction to collect information stored in the terminal, information on the collection instruction is collected from the terminal registered in the terminal in advance. Collection procedure;
    An answer creating unit executes the collection instruction using the collected information and creates an answer to the information provision request;
    Information collection program that causes computers to execute
JP2012181134A 2012-08-17 2012-08-17 Information collection system Active JP5903015B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2012181134A JP5903015B2 (en) 2012-08-17 2012-08-17 Information collection system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2012181134A JP5903015B2 (en) 2012-08-17 2012-08-17 Information collection system

Publications (2)

Publication Number Publication Date
JP2014038524A true JP2014038524A (en) 2014-02-27
JP5903015B2 JP5903015B2 (en) 2016-04-13

Family

ID=50286611

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2012181134A Active JP5903015B2 (en) 2012-08-17 2012-08-17 Information collection system

Country Status (1)

Country Link
JP (1) JP5903015B2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016206802A (en) * 2015-04-17 2016-12-08 株式会社オプティム Information processing system and information processing device

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH09298543A (en) * 1996-05-02 1997-11-18 Sumitomo Electric Ind Ltd Network management system and intermediate management equipment
JP2000184597A (en) * 1998-12-18 2000-06-30 Toshiba Corp Power system monitoring control system and storage medium for recording processing program thereof
JP2002271866A (en) * 2000-12-22 2002-09-20 Microsoft Corp Context-aware and location-aware cellular phones and methods
JP2004234644A (en) * 2003-01-07 2004-08-19 Matsushita Electric Ind Co Ltd Information delivery device and information delivery method
US20060053219A1 (en) * 2002-11-22 2006-03-09 Hiroshi Kutsumi Operation history utilization system and method thereof
JP2006072629A (en) * 2004-09-01 2006-03-16 Meitetsu Agency Inc Personal information management system
US20070130070A1 (en) * 2005-12-02 2007-06-07 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
JP2009140385A (en) * 2007-12-10 2009-06-25 Yamatake Corp Data collection system and method

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH09298543A (en) * 1996-05-02 1997-11-18 Sumitomo Electric Ind Ltd Network management system and intermediate management equipment
JP2000184597A (en) * 1998-12-18 2000-06-30 Toshiba Corp Power system monitoring control system and storage medium for recording processing program thereof
JP2002271866A (en) * 2000-12-22 2002-09-20 Microsoft Corp Context-aware and location-aware cellular phones and methods
US20060053219A1 (en) * 2002-11-22 2006-03-09 Hiroshi Kutsumi Operation history utilization system and method thereof
JP2004234644A (en) * 2003-01-07 2004-08-19 Matsushita Electric Ind Co Ltd Information delivery device and information delivery method
JP2006072629A (en) * 2004-09-01 2006-03-16 Meitetsu Agency Inc Personal information management system
US20070130070A1 (en) * 2005-12-02 2007-06-07 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
JP2009140385A (en) * 2007-12-10 2009-06-25 Yamatake Corp Data collection system and method

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016206802A (en) * 2015-04-17 2016-12-08 株式会社オプティム Information processing system and information processing device

Also Published As

Publication number Publication date
JP5903015B2 (en) 2016-04-13

Similar Documents

Publication Publication Date Title
Langheinrich A privacy awareness system for ubiquitous computing environments
US6845448B1 (en) Online repository for personal information
US6886101B2 (en) Privacy service
US9348918B2 (en) Searching content in distributed computing networks
US6381651B1 (en) Information processing apparatus and method enabling users to easily acquire information that occurs on a network and suits their favorites
KR100952548B1 (en) Contact schema
US8255978B2 (en) Verified personal information database
JP4109452B2 (en) Job offer / job hunting information processing system
US20050187786A1 (en) Electronic commerce using personal preferences
US20050125289A1 (en) Audience targeting system with segment management
US20020002552A1 (en) Method and apparatus for a GIS based search engine utilizing real time advertising
JP5735969B2 (en) System and method for analyzing social graph data for determining connections within a community
US20030046159A1 (en) Safe advertising campaign aggregation system
CN101334792B (en) Personalized service recommendation system and method
JPWO2007148562A1 (en) Share management system, share management method and program
US7036149B2 (en) Computer system
US20040225687A1 (en) Method, device and computer program product for identifying visitors of websites
US20110119361A1 (en) System and method for managing redacted electronic documents using callback triggers
JP4997950B2 (en) Network management system, network management program, and network management method
RU2463654C2 (en) Aggregating and searching profile data from different services
JP5161267B2 (en) Screen customization support system, screen customization support method, and screen customization support program
US7047212B1 (en) Method and system for storing prospect lists in a computer database
US20060282408A1 (en) Search system and method via proxy server
JP5088968B2 (en) Data collection method and system in content distribution network
JP2006190200A (en) Information sharing system in network

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20140815

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20150514

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20150602

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20150731

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20160308

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20160311

R150 Certificate of patent or registration of utility model

Ref document number: 5903015

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150