JP2016151773A - Data management device and data management method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a data management device and a data management method which enable effective utilization of device resources and which can secure the security preventing network-unique information from appearing on other networks.SOLUTION: A data management device 10 for unitarily managing data used in networks A, B, and C comprises: a data storage unit 11A for coupling all elements of the data used in the networks A, B, and C to store the same in one record; a provision condition storage unit 11B for storing a provision condition specified for each of the networks A, B, and C as to whether the elements are the ones to be provided or not; a reception unit 12 for receiving a request for the data from a request source device; a determination unit 13 for, on the basis of the request received by the reception unit 12, among the data stored in the data storage unit 11A, selecting and determining elements meeting the provision condition stored in the provision condition storage unit 11B; and a transmission unit 14 for transmitting to the request source device only the elements determined to meet the provision condition by the determination unit 13 among the data stored in the data storage unit 11A.SELECTED DRAWING: Figure 2

Description

  The present invention relates to a data management apparatus and a data management method for connecting to a plurality of networks and managing data used in each network in a centralized manner, and more particularly to a contract information providing technique that ensures confidentiality in a large-scale database.

  Conventionally, in a telephone communication system service, contract information is held in each carrier network (see, for example, Patent Documents 1 and 2). Such information is composed of similar information elements such as a telephone number and contract status, but there is also information specific to the network. From the viewpoint of improving the efficiency of data retention, a system configuration in which a database that holds contract information in common is arranged outside the network is being studied, but this database requires a mechanism that does not show network-specific information to other networks. is there. Each database can distribute information while being independent, and there is a system in which requests from the outside are handled by one system.

JP 2012-238039 A JP2011-159189A

  As described above, necessary information such as contract information tends to have many common elements in each network, but the holding method and the providing method have the following problems. That is, when necessary information is held for each network in order to maintain confidentiality, it is unlikely that network specific information will be shown to other networks, but it is difficult to efficiently hold necessary information. On the other hand, when the necessary information of each network is held in common, there is a high possibility that the necessary information can be efficiently held, but a method that does not show the network specific information to other networks is required.

  The present invention provides a data management apparatus and a data management method capable of effectively utilizing apparatus resources and ensuring security that does not show network specific information to other networks in view of the above-described conventional technology. With the goal.

  In order to achieve the above object, the invention according to the first aspect is a data management apparatus for centrally managing data used in each network, and combines all elements of data used in each network into one record. A data storage unit that stores data, a provision condition storage unit that stores provision conditions for each network as to whether or not it is an element to be provided, a reception unit that receives a request for data from a request source device, and the reception A determination unit that determines only elements that match the provision condition stored in the provision condition storage unit out of the data stored in the data storage unit based on the request received by the unit, and the data storage unit The gist of the present invention is to include a transmission unit that transmits only the elements determined to be matched by the determination unit among the stored data to the request source device.

  The invention according to a second aspect is the invention according to the first aspect, further comprising a data management unit for managing data stored in the data storage unit, wherein the data management unit is stored in the data storage unit The gist is to update only the elements determined to be matched by the determination unit among the determined data.

  The invention according to a third aspect is the invention according to the first or second aspect, further comprising a provision condition management unit that manages provision conditions stored in the provision condition storage unit, wherein the provision condition management unit includes: The gist is to update the provision condition stored in the provision condition storage unit when data stored for another specific network becomes available when changing the service in the specific network.

  In order to achieve the above object, the invention according to the fourth aspect is a data management method for a data management apparatus for centrally managing data used in each network, and includes all elements of data used in each network. A data storage step for storing data in one record, a provision condition storage step for storing provision conditions for each network as to whether or not it is an element to be provided, and a request for data from the request source device A receiving step, and a determination step of determining only elements that match the provision condition stored in the provision condition storage step out of the data stored in the data storage step based on the request received in the reception step; A transmission step of transmitting only the elements determined to match in the determination step among the data stored in the data storage step to the request source device; And summarized in that provided.

  ADVANTAGE OF THE INVENTION According to this invention, it is possible to provide the data management apparatus and data management method which can ensure the security which can utilize an apparatus resource effectively and does not show network specific information to another network.

It is explanatory drawing of the communication system which concerns on embodiment of this invention. It is a block diagram of the data management apparatus which concerns on embodiment of this invention. It is explanatory drawing of the communication system of the comparative example 1 (conventional method 1). It is explanatory drawing of the communication system of the comparative example 2 (conventional method 2). It is explanatory drawing of the communication system which concerns on the Example of this invention. It is explanatory drawing of the evaluation 1 with respect to the Example of this invention. It is explanatory drawing of the evaluation 2 with respect to the Example of this invention. It is a figure which shows the specific example of the database in the Example of this invention, (a) Data storage part, (b) Provision condition storage part, (c) Correspondence table of telephone number and contract identifier. It is a flowchart which shows the operation example of the data management apparatus which concerns on the Example of this invention. It is a flowchart which shows the operation example of the data management apparatus which concerns on the Example of this invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. The following embodiment exemplifies a communication system for embodying the technical idea of the present invention, and the configuration of the apparatus, the configuration of the database, and the like are not limited to the following embodiment. Absent.
(Communications system)
While the integration of fixed telephone networks and mobile communication networks for telephone communication systems is being considered, in order to separate and share data (for example, contract information) from the network (service control device), data is efficiently retained. Therefore, a provision method that ensures confidentiality is necessary. A communication system according to an embodiment of the present invention is a system that provides data suitable for each network with respect to one data in an apparatus that holds data used in each network by connecting to a plurality of networks.

  FIG. 1 is an explanatory diagram of a communication system according to an embodiment of the present invention. As shown in this figure, it is assumed that a fixed telephone 21 is connected to the network A, a PC terminal 22 is connected to the network B, and a portable terminal 23 is connected to the network C. In addition, the database 11 is arranged outside the network via the interfaces IF-a, IF-b, and IF-c. From the networks A, B, and C, reference / update to the same data is performed. For example, the same data X (contract information) can be referred / updated from the respective networks A, B, and C. The IF condition is a condition specific to each of the networks A, B, and C, and IF−a ≠ IF−b ≠ IF−c. Even for reference / update to the same data, the data elements to be provided are different for each of the networks A, B, and C.

In the telephone communication system, the contract information corresponding to the data X tends to have many common elements in the respective networks A, B, and C. However, there is also network-specific information, and a mechanism that does not leak to other networks is essential. When data is requested from each of the networks A, B, and C, key information (primary key) such as a common telephone number is designated. In that case, it is necessary to provide different data elements for the networks A, B, and C even when referring / updating to the same data. This system handles information of a plurality of networks A, B, and C with one device, and achieves both the effective use of device resources and the security ensuring that network-specific information is not shown to other networks.
(Data management device)
FIG. 2 is a configuration diagram of the data management apparatus 10 according to the embodiment of the present invention. The data management device 10 is a device that centrally manages data used in the networks A, B, and C, and includes a database 11, a reception unit 12, a determination unit 13, a transmission unit 14, and data management. Unit 15 and provision condition management unit 16. The database 11 includes a data storage unit 11A and a provision condition storage unit 11B. The data storage unit 11A combines all elements of data (for example, contract information) used in the networks A, B, and C and stores them in one record. The provision condition storage unit 11B stores provision conditions for each of the networks A, B, and C as to whether or not the provision condition storage unit 11B is an element to be provided. The receiving unit 12 receives a request for data (data reference request / data update request) from the request source device. The request source device is, for example, a service control device in networks A, B, and C. Based on the request received by the reception unit 12, the determination unit 13 determines only elements that match the provision conditions stored in the provision condition storage unit 11B among the data stored in the data storage unit 11A. The transmission unit 14 transmits only the elements determined to be matched by the determination unit 13 among the data stored in the data storage unit 11A to the request source device. The data management unit 15 manages (references / updates) the data stored in the data storage unit 11A. The provision condition management unit 16 manages (references / updates) the data stored in the provision condition storage unit 11B.

As the data management apparatus 10 according to the embodiment of the present invention, for example, a general-purpose computer system including a CPU, a memory, an external storage device, an input device, and an output device can be used. In such a computer system, each function of the data management apparatus 10 is realized by the CPU executing a program for the data management apparatus 10 loaded on the memory. The program for the data management apparatus 10 can be stored in a computer-readable recording medium such as a hard disk, flexible disk, CD-ROM, MO, DVD-ROM, or can be distributed via a network.
(Comparative Example 1)
Next, a conventional communication system will be described as a comparative example.

FIG. 3 is an explanatory diagram of a communication system according to Conventional Method 1. As shown in this figure, the database 31 stores data 31A, 31B, and 31C for each of the networks A, B, and C. For this reason, even if a certain network requests data exceeding the IF specified range, there is an advantage that data exceeding the IF specified range cannot be obtained. For example, even if the network B requests data exceeding the IF-b specified range by an SQL operation or the like, since only the necessary data 31B is held in the IF-b, the data 31A and 31C do not flow out. However, since the data 31A, 31B, and 31C are held for each of the networks A, B, and C, there is a drawback that it is necessary to define a holding format (schema) and secure an area for each of the networks A, B, and C.
(Comparative Example 2)
FIG. 4 is an explanatory diagram of a communication system according to Conventional Method 2. As shown in this figure, the database 41 holds data 41A in a holding format in which all elements of the networks A, B, and C are included. Therefore, there is an advantage that the accommodation efficiency is improved as compared with the case where data is held in each of the networks A, B, and C. However, when a certain network requests data exceeding the IF specified range, a problem arises in terms of security. For example, when the network B requests data exceeding the IF-b specified range by an SQL operation or the like, data for the other networks A and C may flow out.
(Example)
FIG. 5 is an explanatory diagram of the communication system according to the embodiment of the present invention.

  As shown in this figure, the data storage unit 11A holds data in a holding format in which all elements of the networks A, B, and C are included. For example, as contract information corresponding to data X, a main key “X1”, terminal information “X2”, position information “X4”, video quality “X5”, service 1 “XS1”,..., Service Z “XSZ” are held. Yes. Such data X is held for each contractor, for example.

  Also, the provision condition storage unit 11B holds provision conditions for the networks A, B, and C for each element (column). A circle in the figure means an element necessary for service provision on the network, and an x in the figure means an element unnecessary for service provision on the network.

  Thereby, the determination part 13 determines the element which corresponds to the provision conditions hold | maintained in the provision condition memory | storage part 11B among the elements requested | required from the network, and provides only an applicable element. For example, it is assumed that the primary key is designated by the network A and all elements are requested to be referenced. In this case, referring to the provision condition storage unit 11B, it can be seen that the primary key, the video quality, and the service 1 are elements necessary for service provision on the network A. Therefore, the determination unit 13 reads the primary key “X1”, the video quality “X5”, and the service 1 “XS1” from the data storage unit 11A and returns them to the network A.

In this way, the data retention is performed in common with the network, so that the accommodation efficiency is improved. Further, by performing an operation equivalent to the logical product between the accommodation data and the provision conditions to each network, it becomes easy to determine the elements to be provided and secure the confidentiality. That is, it is possible to achieve both ensuring the confidentiality of the database 11 and improving the data accommodation efficiency.
(Evaluation 1)
FIG. 6 is an explanatory diagram of Evaluation 1 for the embodiment of the present invention. As shown in this figure, according to the comparative example 1, data confidentiality can be ensured even if the network makes a request exceeding the IF standard, but the common elements are retained and redundant. Moreover, according to the comparative example 2, although the duplication holding | maintenance is avoided about a common element and accommodation efficiency increases, confidentiality is not ensured when a network violates IF regulation. On the other hand, according to the embodiment of the present invention, data confidentiality can be ensured even if the network makes a request exceeding the IF standard. In addition, the provision conditions to the network increase, but duplication is avoided. That is, it is possible to achieve two viewpoints (confidentiality and accommodation efficiency).
(Evaluation 2)
FIG. 7 is an explanatory diagram of Evaluation 2 for the embodiment of the present invention. As shown in this figure, according to the embodiment of the present invention, it is possible to flexibly cope with a service change in the network. For example, it is assumed that the location information is an element unnecessary for providing the service on the network A. Even in such a case, if the position information is an element necessary for service provision on the network C, the position information “X4” is stored in the data storage unit 11A. Therefore, when the location information is necessary for providing the service on the network A, the provision condition management unit 16 changes the location information of the network A, which is the provision condition, from “×” to “◯”. That is, when an element already stored for another network becomes available, it can be dealt with only by changing the provision conditions, and it is not necessary to change individual contract information.
(Specific example of database)
FIG. 8 is a diagram showing a specific example of the database 11 in the embodiment of the present invention.

  FIG. 8A shows the data storage unit 11A. Here, a case where a contract identifier (described later) is used as a primary key is illustrated. Also, “fixed” “mobile” as terminal information, “address” “GPS” as location information, “high” “medium” “low” as video quality A, B, C, “ON” “OFF” as service contract, “Address” is held as the contract address. In the terminal information and the position information, for example, a value last updated by the user is stored. Video quality A, B, and C are columns with network-specific values. Terminal information, position information, service contract, and contract address are columns whose values are determined for each contractor.

  FIG. 8B shows the provision condition storage unit 11B. The contents of the provision conditions are as described above. Of course, the contents of the provision conditions can be appropriately changed according to the contents of the contract information.

FIG. 8C is a correspondence table between telephone numbers and contract identifiers. This correspondence table is also included in the database 11. As shown in FIG. 8C, a telephone number and a contract identifier may be associated with each contractor. For example, if the telephone numbers of networks A, B, and C of a certain contractor are “03-AAAAA-AAA1”, “050-BBB-BBB1”, “090-CCC-CCC1”, these telephone numbers are assigned to the contract identifier “ It may be associated with “XXXXXXX1”. Thereby, not only a telephone number but a contract identifier can be used as a primary key. The network side can appropriately select which telephone key or contract identifier is used for the request.
(Operation example)
FIG. 9 is a flowchart showing an operation example of the data management apparatus 10 according to the embodiment of the present invention. Here, an operation example when referring to data will be described.

  First, all data elements used in the networks A, B, and C are combined and stored in the data storage unit 11A as one record (S1). Further, the provision condition determined for each of the networks A, B, and C as to whether or not the element is to be provided is stored in the provision condition storage unit 11B (S2). In this state, it is assumed that the receiving unit 12 has received a data reference request from the network A (request source apparatus) (S3). In this case, based on the data reference request received by the reception unit 12, the determination unit 13 selects only elements that match the provision condition stored in the provision condition storage unit 11B from the data stored in the data storage unit 11A. Determine (S4). Thereby, the transmission part 14 transmits only the elements determined to be matched by the determination part 13 among the data stored in the data storage part 11A to the network A (request source apparatus) (S5).

  FIG. 10 is a flowchart showing an operation example of the data management apparatus 10 according to the embodiment of the present invention. Here, an operation example in the case of updating data will be described.

  First, all data elements used in the networks A, B, and C are combined and stored in the data storage unit 11A as one record (S11). In addition, the provision condition determined for each of the networks A, B, and C as to whether or not the element should be provided is stored in the provision condition storage unit 11B (S12). In this state, it is assumed that the receiving unit 12 has received a data update request from the network A (request source device) (S13). In this case, based on the data update request received by the reception unit 12, the determination unit 13 selects only elements that match the provision condition stored in the provision condition storage unit 11B from the data stored in the data storage unit 11A. Determine (S14). Thereby, the data management unit 15 updates only the elements determined to be matched by the determination unit 13 among the data stored in the data storage unit 11A (S15).

  As described above, the data management device 10 according to the embodiment of the present invention is a device that centrally manages data used in the networks A, B, and C, and is used in the networks A, B, and C. A data storage unit 11A that combines all elements of data and stores them in one record; a provision condition storage unit 11B that stores provision conditions determined for each of the networks A, B, and C as to whether or not the element is to be provided; The receiving unit 12 that receives a request for data from the request source device, and the provision stored in the provision condition storage unit 11B among the data stored in the data storage unit 11A based on the request received by the receiving unit 12 A determination unit 13 that determines only elements that match the condition, and a transmission unit 14 that transmits only the elements determined to be matched by the determination unit 13 among the data stored in the data storage unit 11A to the request source apparatus. . As a result, only elements that match the provision conditions are determined, so that the device resources can be used effectively, and security that prevents the network-specific information from being shown to other networks can be ensured. In other words, since contract information is centrally aggregated and provided with confidentiality, data can be separated from the network and shared, enabling efficient use of equipment and reliability. Improvement is possible.

  The data management unit 15 further manages data stored in the data storage unit 11A. The data management unit 15 includes only elements determined to be matched by the determination unit 13 among the data stored in the data storage unit 11A. May be updated. As a result, only elements that match the provision conditions are determined, and thus it is possible to update data while ensuring confidentiality.

  The provision condition management unit 16 further manages provision conditions stored in the provision condition storage unit 11B, and the provision condition management unit 16 stores data stored for another specific network when a service is changed in the specific network. May be updated, the provision condition stored in the provision condition storage unit 11B may be updated. As a result, when the data stored for other networks is available when changing the service in a certain network, it is only necessary to update the provision conditions, and it is possible to respond without inputting data into each contract information Become.

  Note that the present invention can be realized not only as such a data management apparatus 10 but also as a data management method using a characteristic processing unit included in such a data management apparatus 10 as a step. It can also be realized as a program for causing a computer to execute steps. Needless to say, such a program can be distributed via a recording medium such as a CD-ROM or a transmission medium such as the Internet.

DESCRIPTION OF SYMBOLS 10 ... Data management apparatus 11 ... Database 11A ... Data storage part 11B ... Provision condition storage part 12 ... Receiving part 13 ... Determination part 14 ... Transmission part 15 ... Data management part 16 ... Provision condition management part A, B, C ... Network

Claims (4)

A data management device that centrally manages data used in each network,
A data storage unit that combines all elements of data used in each network and stores them in one record;
A provision condition storage unit for storing provision conditions for each network as to whether or not it is an element to be provided;
A receiver that receives a request for data from the requesting device; and
Based on the request received by the receiving unit, the determination unit that determines only the elements that match the provision condition stored in the provision condition storage unit among the data stored in the data storage unit;
A data management apparatus comprising: a transmission unit that transmits only elements determined to be matched by the determination unit among data stored in the data storage unit to the request source device. Furthermore, a data management unit for managing data stored in the data storage unit is provided,
The data management apparatus according to claim 1, wherein the data management unit updates only elements determined to be matched by the determination unit among data stored in the data storage unit. And a provision condition management unit for managing provision conditions stored in the provision condition storage unit,
The provision condition management unit updates the provision condition stored in the provision condition storage unit when data stored for another specific network becomes available when performing a service change in the specific network. The data management apparatus according to claim 1 or 2, characterized in that A data management method for a data management device that centrally manages data used in each network,
A data storage step of combining all elements of data used in each network and storing them in one record;
A provision condition storage step for storing provision conditions for each network as to whether or not it is an element to be provided;
A receiving step of receiving a request for data from the requesting device;
Based on the request received in the reception step, a determination step of determining only elements that match the provision condition stored in the provision condition storage step out of the data stored in the data storage step;
A data management method comprising: a transmission step of transmitting, to the request source device, only elements determined to match in the determination step among the data stored in the data storage step.

Images