JP2018073183A - Certificate issuance program, certificate issuance device, and certificate issuance method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To utilize the action history of a user for various purposes.SOLUTION: A certificate issuance program causes a computer to execute an acquisition procedure, an estimation procedure, and an issuance procedure. The acquisition procedure acquires log data indicating the action history of a user. The estimation procedure estimates a context of the user on the basis of the log data acquired by the acquisition procedure. The issuance procedure issues a certificate for certifying the context of the user on the basis of the context estimated by the estimation procedure.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a certificate issuing program, a certificate issuing device, and a certificate issuing method.

  In recent years, the spread of communication networks has progressed, and services via communication networks have been actively provided. When a user uses a service via a communication network, the behavior of the user on the network is accumulated as a usage history (action history in the network, that is, log data).

  Here, as a technology related to the user's network usage history, an action certificate is generated based on the use history information of the network service, and the user authentication information required when the generated action certificate is used to reissue a password for the network service The technique of extracting as is proposed.

JP 2008-217151 A

  However, with the above-described conventional technology, it is difficult to use the user's behavior history for various purposes. For example, in the prior art, the identity of the user is authenticated based on the user's behavior history, but the items that are proved using the behavior history are limited to a part of processing such as the identity authentication of a specific individual. That is, although the user's behavior history (log data) itself is used for processing, context information derived based on the behavior history, such as information on the user situation (context) that can be inferred from the behavior history, etc. Is currently not fully utilized.

  The present application has been made in view of the above, and an object thereof is to provide a certificate issuance program, a certificate issuance apparatus, and a certificate issuance method that can utilize a user's action history for various purposes. .

  The certificate issuing program according to the present application includes an acquisition procedure for acquiring log data indicating a user's action history, an estimation procedure for estimating the user's context based on the log data acquired by the acquisition procedure, and the estimation And a issuing procedure for issuing a certificate certifying the user's context based on the context estimated by the procedure.

  According to one aspect of the embodiment, there is an effect that the user's behavior history can be utilized for various purposes.

FIG. 1 is a diagram illustrating an example of issuance processing according to the embodiment. FIG. 2 is a diagram illustrating a configuration example of the issuing system according to the embodiment. FIG. 3 is a diagram illustrating a configuration example of a user terminal according to the embodiment. FIG. 4 is a diagram illustrating an example of an action history table according to the embodiment. FIG. 5 is a diagram illustrating an example of the definition table according to the embodiment. FIG. 6 is a diagram illustrating an example of a privilege information table according to the embodiment. FIG. 7 is a flowchart (1) illustrating a processing procedure according to the embodiment. FIG. 8 is a flowchart (2) illustrating a processing procedure according to the embodiment. FIG. 9 is a diagram (1) illustrating an example of the issuing process according to the modification. FIG. 10 is a diagram illustrating a configuration example of a management server according to a modification. FIG. 11 is a diagram (2) illustrating an example of the issuing process according to the modification. FIG. 12 is a diagram (3) illustrating an example of the issuing process according to the modification. FIG. 13 is a diagram (4) illustrating an example of the issuing process according to the modification. FIG. 14 is a hardware configuration diagram illustrating an example of a computer that realizes the function of the issuing device.

  Hereinafter, embodiments for implementing a certificate issuing program, a certificate issuing apparatus, and a certificate issuing method according to the present application (hereinafter referred to as “embodiments”) will be described in detail with reference to the drawings. The certificate issuing program, the certificate issuing device, and the certificate issuing method according to the present application are not limited by this embodiment. In addition, the embodiments can be appropriately combined within a range that does not contradict processing contents. In the following embodiments, the same portions are denoted by the same reference numerals, and redundant description is omitted.

[1. Example of issuance process)
First, an example of the issuing process according to the embodiment will be described with reference to FIG. FIG. 1 is a diagram illustrating an example of issuance processing according to the embodiment. In FIG. 1, an example of processing executed by a certificate issuing program (hereinafter simply referred to as “issuing program”) according to the present application in a certificate issuing device according to the present application (hereinafter simply referred to as “issuing apparatus”). explain.

  Specifically, in FIG. 1, when the issuing program according to the present application operates, the user terminal 10 which is an example of the issuing apparatus according to the present application estimates the user context based on log data indicating the user's action history. An example of a process for issuing a certificate that proves the user's context based on the estimated context will be described. For example, the user terminal 10 issues a certificate for use in determining whether the user has a predetermined attribute based on the estimated user context. In the example of FIG. 1, an example of processing in which the user terminal 10 issues a certificate used to prove that the user has an attribute (right) for receiving a predetermined privilege provided from the service side is shown.

  In the example shown in FIG. 1, the predetermined privilege is that a participant who participated in a bicycle race event (hereinafter simply referred to as “event”) held in a certain region uses the accommodation facility 70. It shall be a privilege that a discount can be obtained. Further, in the following description, data indicating a user's action history, for example, data such as a numerical value indicating position information itself is expressed as log data. In addition, based on data such as numerical values indicating position information, information indicating a state in which the user is moving while operating the terminal device or a situation in which the user is actually participating in an event in a predetermined area Is denoted as context. For example, although it is difficult to indicate the context that “the user has participated in the event” with only log data of information on the network, “the user was located at the location where the event is held at a predetermined date and time”, “ The log data indicating the behavior such as “the user shopped near the event venue” can be acquired by the terminal device. In this way, information indicating the status and state of the user (terminal device) estimated by collecting log data indicating each action is the context. That is, the context is a concept including a situation where a terminal device is used by a user and a state where a user who owns the terminal device is placed.

  A user terminal 10 shown in FIG. 1 is an information processing terminal used by a user. In the example of FIG. 1, the user terminal 10 is used by a user U01. Moreover, in the example of FIG. 1, the user terminal 10 is a smart phone (Smartphone), for example. The user terminal 10 acquires a change in position information associated with the movement of the user U01 as an action history, acquires usage information indicating that the user has purchased a product at a store that provides a service, or the like as an action history. It has a function of estimating a user's situation (context) based on a history or a behavior history of multiple or high abstraction obtained based on individual behavior histories. In the following description, the user terminal 10 may be described as the user U01.

Store apparatuses 50 ₁ and 50 ₂ illustrated in FIG. 1 are information processing apparatuses disposed in a facility or a store that provides a predetermined service. When the user terminal 10 uses a service, the store apparatuses 50 ₁ and 50 ₂ store the content used by the user terminal 10 in the user terminal 10 as an action history, or the action held by the user terminal 10 It has a function of reading a history and receiving a certificate issued by the user terminal 10. The store apparatuses 50 ₁ and 50 ₂ are provided with a communication function corresponding to, for example, the NFC (Near Field Communication) standard. For example, the user U01 has or place the user terminal 10 on the shop device 50 ₁ and 50 _2, by or held up, to establish the communication with the shop device 50 ₁ and 50 ₂ and the user terminal 10, transmission and reception of information To do. Note that the store apparatuses 50 ₁ and 50 ₂ may be integrated with a register device or a credit card reading device provided in a facility or store. Further, when it is not necessary to distinguish between the store apparatuses 50 ₁ and 50 ₂ , they are simply expressed as “store apparatus 50”.

The management server 100 shown in FIG. 1 is a server device that manages information related to a predetermined privilege provided by the service side. The management server 100 can communicate with the user terminal 10 and the store apparatuses 50 ₁ and 50 ₂ through a communication network. For example, the user terminal 10 acquires information related to the privilege from the management server 100, and executes a process of issuing a certificate that proves that the user U01 is a user who can receive the privilege based on the acquired information.

  In FIG. 1, an accommodation facility 70 is a facility that provides an event participant with a privilege for discounting the accommodation fee. When providing such a privilege, in general, the accommodation facility 70 receives a presentation of a certificate (for example, a participation certificate distributed at the time of event participation) indicating that the user has participated in the event, It is determined that the user who presented the certificate is a user who can receive the privilege. In other words, the user who participated in the event can prove by the participation certificate that the user has been granted a right (attribute) that he / she can receive benefits.

  However, when a privilege is provided by the above-described method, the user cannot receive the privilege at the accommodation facility 70 unless he / she carries a participation certificate. For example, a user who has lost his / her participation certificate cannot receive benefits at the accommodation facility 70. On the other hand, even if the user has not participated in the event, the user who has acquired the participation certificate in some form can receive the privilege at the accommodation facility 70 even though the user does not originally have the right to enjoy the privilege.

  Moreover, even if it is a user who participated in the event and has a participation certificate, there is a possibility that the privilege provided at the accommodation facility 70 is not acquired. Even if a user who has participated in an event has forgotten to present his / her participation certificate when visiting the accommodation facility 70, the user who has the right to enjoy the privilege will receive the benefit. Inconvenience that it is not possible may occur.

  In addition, as described above, even if the user tries to prove that he / she participated in the event based on log data such as location information recorded in the terminal device, the log data is said to have actually participated in the event. The context may not be shown. For example, even if location information recorded by a terminal device owned by a certain user corresponds to the event venue, it may not be possible to prove that the user has participated in the event using only the log data. As described above, it is difficult to prove the user's context using only the log data stored in the terminal device. For this reason, there may be a situation in which the privilege that the user is supposed to receive is missed.

  Therefore, the user terminal 10 that executes the issuing program according to the embodiment is a certificate that proves the user's context by the process described below, and shows that the user is a user who can receive a predetermined privilege. Processing to issue a certificate. Specifically, the user terminal 10 is a user who executes a process of estimating the context of the user U01 from log data acquired by the action of the user U01, and the user can receive a privilege based on the estimated context. Issue a certificate that proves Hereinafter, the flow of processing executed by the user terminal 10 will be described with reference to FIG. FIG. 1 is a diagram simulating a situation in which the user U01 uses the store 60, participates in an event, or uses the accommodation facility 70 while carrying the user terminal 10.

  First, it is assumed that the user U01 who owns the user terminal 10 moves to a region where the event is held in order to participate in the event (step S01). At this time, it is assumed that the user terminal 10 acquires position information as needed along with the movement of the user U01 and accumulates the acquired position information as log data.

Subsequently, it is assumed that the user U01 uses the store 60 in the vicinity of the place where the event is held (step S02). For example, it is assumed that the user U01 uses the store 60 in a form such as eating at the store 60 or purchasing a product. At this time, the user terminal 10 communicates with the shop device 50 ₁ provided in the store.

Information Specifically, the store apparatus 50 _1, which as an action history, associates and use the date and time of when the user U01 has used the store 60, and payments, items purchased (for example, cooking, etc. I ordered), and the like Is transmitted to the user terminal 10. For example, the user U01, by holding the user terminal 10 to the store unit 50 _1, to receive the action history store unit 50 ₁ is transmitted to the user terminal 10. The action history indicating that the user U01 has used the store 60 may be information of various modes. For example, if it has a wallet function of the user terminal 10 to exchange virtual currency, the user terminal 10, via the store 50 ₁ provided in the store 60 register, get the exchange of virtual currency as action history May be.

At this time, the store unit 50 ₁ with respect action history to be transmitted to the user terminal 10 may perform the signature using the private key K10 of the store 60 side manages. Such processing may be based on encryption processing by a known public key cryptosystem. That is, the action history signed with the secret key K10 managed by the store 60 side is not decrypted by using the public key K11 associated with the secret key K10 issued by the store 60 side (in other words, tampering or the like is performed). If it is not cryptographically verified, the action history cannot be used. In this way, the user terminal 10 acquires the action history A01 signed with the secret key K10 (step S03).

  Then, the user terminal 10 stores the action history A01 signed with the secret key K10 managed by the store 60 in the user terminal 10 (for example, a storage unit included in the user terminal 10) (step S04). Thereafter, the user U01 moves from the store 60 to the event venue and participates in the event (step S05).

  At this time, for example, the user terminal 10 acquires information that can be acquired from a terminal device used by another user participating in the event together with the user U01. For example, the user terminal 10 acquires a communication record or the like with a terminal device used by another user as an action history. Accordingly, the user terminal 10 acquires not only information that the user U01 is located in the vicinity of the event venue but also log data that proves that the user U10 was located in the event venue together with many other users at the event date and time. . Note that, for example, if there is a process of communicating with other users in an event, the user terminal 10 may separately acquire such communication records.

  Subsequently, the user terminal 10 inquires the management server 100 about a privilege related to the event (step S06). Such processing may be performed manually by the user U01 or automatically triggered by the user terminal 10 receiving a beacon transmitted from an access point installed in the event. It may be done. The user terminal 10 receives information (hereinafter, referred to as “privilege information”) indicating the privilege related to the event from the management server 100 (step S07).

  The user terminal 10 acquires, for example, the name of the facility providing the privilege, the content of the privilege, conditions for receiving the privilege, and the like as the privilege information regarding the event. In addition, when the condition for receiving the privilege is a context of “participating in an event”, the user terminal 10 defines what log data is used to estimate the context of “participating in an event” May be acquired from the management server 100 (hereinafter referred to as “definition information”). And based on the acquired privilege information and definition information, the user terminal 10 performs context estimation processing on the user U01 based on the log data (action history) acquired so far (step S08).

  For example, the definition information uses location information indicating the vicinity of the event venue on the date of the event, a log of communication with a predetermined number or more of terminal devices at the event date, and stores near the event It is described that the context of participation in the event can be estimated by combining the action history and the like. For this reason, the user terminal 10 collects log data that satisfies the definition information, and performs a process of estimating the context of the user U01.

  For example, the user terminal 10 first verifies the action history A01 using the public key K11 corresponding to the secret key K10. When the action history A01 is verified by the public key K11, the action history A01 indicates the action history that is truly issued from the store 60, and thus can be used for context processing. In addition, the user terminal 10 stores information related to an action history A02 in which position information indicating the vicinity of the event accumulated so far is recorded, and other users (terminal devices used by other users) acquired in the event. Reference is made to the recorded action history A03 and the like. In FIG. 1, the action histories A01 to A03 are conceptually illustrated as one piece of data, but actually, the action histories A01 to A03 are acquired periodically (for example, every second). Alternatively, the log data in the user terminal 10 may be collected information.

  Then, the user terminal 10 estimates the context of the user U01 based on these action histories. For example, when the user terminal 10 determines that the acquired action history is sufficient data to indicate the context that the user U01 has participated in the event based on the definition information, the user U01 becomes the event. The context of participation can be estimated.

  Furthermore, the user terminal 10 determines whether or not a condition for the user U01 to enjoy a predetermined privilege is satisfied based on the estimated context (that is, the context that the user U01 has participated in the event). For example, the user terminal 10 refers to the privilege information acquired from the management server 100, and acquires information indicating that the user terminal 10 can receive a predetermined privilege from the accommodation facility 70 if the user terminal 10 has “context to participate in the event”. That is, the user terminal 10 determines that the condition for the user U01 to enjoy a predetermined privilege is satisfied based on the context estimated for the user U01.

  Then, the user terminal 10 performs a process of issuing a certificate P01 certifying the context that the user U01 has participated in the event through the determination process (step S09). The user terminal 10 stores the issued certificate P01 in a storage unit inside the user terminal 10.

Subsequently, it is assumed that the user U01 uses the accommodation facility 70 that is a facility that provides a privilege (step S10). In accommodation 70, the user U01, for example at check-in, holding up the user terminal 10 to the shop 50 ₂ provided in the accommodation 70. Store unit 50 ₂ that communicate with the user terminal 10 reads out the certificate P01 from the user terminal 10.

Then, shop equipment 50 _2, it is determined that the certificate P01 is a certificate that shows the "user U01 that participated in the event." Also, the store unit 50 _2, for example on the basis of the privilege information provided from the management server 100, the certificate P01 is, it can become a certificate to meet the right to enjoy the benefits provided by the accommodation 70 To verify. As a result, the store device 50 _2, an admission that user U01 is the user who has the right to enjoy the benefits. That is, the user U01 can receive a privilege by presenting the certificate P01 issued through the user terminal 10 to the accommodation facility 70 (step S11).

  As described above, the user terminal 10 according to the embodiment acquires log data indicating the action history of the user U01, and estimates the context of the user U01 based on the acquired log data. Furthermore, the user terminal 10 determines whether or not a condition for the user U01 to enjoy a predetermined privilege is satisfied based on the estimated context. Then, the user terminal 10 issues a certificate P01, which is a certificate that proves the user's context based on the determined result and that the user U01 has the right to enjoy a predetermined privilege. To do.

  That is, the user terminal 10 according to the embodiment performs processing for issuing a certificate that proves the action actually performed by the user and the user's situation by estimating the context based on the acquired log data. Specifically, the user terminal 10 proves the user's context by deriving a context estimated based on knowledge and analysis obtained from a series of log data, not the log data itself. For example, the user terminal 10 estimates a context based on log data such as communication records with other users who participate in the event, thereby creating a context such as “participation in an event” that is difficult to prove for the individual user U01. Can be estimated. Further, the user terminal 10 proves the offline user's context (participation in the event) from the action history recorded online by using the context estimated from the log data instead of the log data itself for processing. be able to. In this way, the user terminal 10 does not use the action history itself, but enables the user terminal 10 to present the analysis result (context) derived therefrom as a certificate to the service providing facility. Action history can be used for various purposes.

  Further, as shown in FIG. 1, the user terminal 10 may use verification means using an electronic signature or the like as in the action history A01. The user terminal 10 eliminates a user who wants to obtain a privilege by an illegal act by performing a context estimation process using the action history signed by the store 60 (that is, the service side has authenticated that it is true). can do.

  Although details will be described later, the behavior history shown in FIG. 1 is an example, and the user terminal 10 may perform context estimation processing using various behavior histories. For example, the user terminal 10 may perform processing via known image recognition processing. For example, it is assumed that the user U01 uses the user terminal 10 to capture an image of an event venue or an event. In this case, the user terminal 10 says that the user U01 has participated in the event based on the combination of the position information at the time when the image was taken and the content of the bicycle image captured by the event obtained by the image recognition. Context may be estimated. Further, in the example of FIG. 1, the user terminal 10 determines whether or not the condition for the user U01 to enjoy the predetermined privilege is satisfied, and the right to receive the predetermined privilege is determined based on the determined result. An example of issuing a certificate P01 that the user U01 has is shown. However, the user terminal 10 may issue a certificate “used for determination” as to whether or not the user U01 has a predetermined attribute (right). That is, the user terminal 10 issues a certificate P01 certifying that it has participated in the event, but it is necessary to determine whether or not the certificate P01 is a certificate that allows the accommodation facility 70 to receive benefits. do not do. In this case, for example, the accommodation facility 70 side providing the privilege can receive a privilege that the accommodation fee is discounted based on the certificate P01 issued by the user terminal 10 (in the case of FIG. 1). It may be determined whether or not the user U01 has an attribute.

  In addition, the user terminal 10 does not need to use all the action histories used for the issuing process. For example, the user U01 can refuse to use the specific action history selected by the user U01 for the certificate issuing process. That is, the user terminal 10 may perform the issuing process using only the action history desired by the user U01. With this configuration, the user terminal 10 can perform flexible issuing processing such as processing using only the action history selected by the user U01. Further, the user terminal 10 does not need to always keep the log data of the usage history. For example, the user terminal 10 may hold a pointer (reference information) to log data of usage history stored in a predetermined server. In that case, the user terminal 10 accesses the storage location of the server indicated by the pointer and performs processing for extracting log data as necessary.

[2. Issuing system configuration]
Next, the configuration of the issuing system 1 including the user terminal 10 according to the embodiment will be described using FIG. FIG. 2 is a diagram illustrating a configuration example of the issuing system 1 according to the embodiment. As illustrated in FIG. 2, the issuing system 1 according to the embodiment includes a user terminal 10, a device used by the user, a user terminal 10, a store device 50, and a management server 100. These various devices are communicably connected via a network N by wire or wireless.

  The user terminal 10 is an information processing terminal such as the smartphone, the desktop PC (Personal Computer), the notebook PC, the tablet terminal, or the PDA (Personal Digital Assistant) shown in FIG. The user terminal 10 also includes a wearable device that is a glasses-type or watch-type information processing terminal. Furthermore, the user terminal 10 may include various smart devices having an information processing function. For example, the user terminal 10 may include a smart home appliance such as a TV (television), a refrigerator, and a vacuum cleaner, a smart vehicle such as an automobile, a drone, and a home robot.

  The user terminal 10 can acquire log data for estimating the user terminal 10 and the context of the user using the user terminal 10 according to the operation by the user and the function of the user terminal 10. For example, the user terminal 10 acquires various physical quantities such as position, acceleration, temperature, gravity, rotation (angular velocity), illuminance, geomagnetism, pressure, proximity, humidity, and rotation vector as log data by using various built-in sensors. . In addition, the user terminal 10 may acquire log data such as a connection status with various apparatuses using a built-in communication function.

  Further, the user terminal 10 may acquire the position information of its own device as log data by using a connection to a predetermined access point, GPS (Global Positioning System), or the like. For example, the user terminal 10 acquires position information indicating that the user terminal 10 is located at a position corresponding to the store 60 at the time of using the service, as information for certifying that the service has been received at the store 60. It may be.

  The store apparatus 50 is an information processing apparatus provided in a store or facility that provides a service. For example, the store apparatus 50 transmits the information regarding the action history indicating that the user terminal 10 has used the service to the user terminal 10 or the certificate issued by the user terminal 10 (that is, the issuance program according to the embodiment). The process of reading out is performed. The store apparatus 50 is realized as an apparatus such as a terminal reader capable of communicating with the user terminal 10 according to the NFC standard, but may be realized in various forms such as a desktop PC and a server. In addition, the store apparatus 50 continuously communicates with the management server 100, condition information indicating conditions for providing the user with the benefits provided by each service, and to which user terminal 10 or user the privilege is in each facility. You may make it transmit / receive the information etc. which showed whether it was provided.

  The management server 100 is a server device that manages information related to privileges provided by each service, information set regarding context estimation, and the like. For example, the management server 100 manages privilege information in which what privilege can be obtained by the user when what condition is achieved. Further, the management server 100 manages definition information such as what kind of context can be estimated when what kind of log data is acquired by the user terminal 10. The management server 100 may communicate with the user terminal 10 and the store apparatus 50 and provide privilege information and definition information to the user terminal 10 and the store apparatus 50. In addition, the management server 100 periodically communicates with the user terminal 10 and the store apparatus 50, and an action history that the service (facility or store) is used by the user, a certificate issued by the user terminal 10, and a privilege are stored. You may make it share the information regarding the provided user terminal 10, etc. with the user terminal 10 or the store apparatus 50. FIG.

[3. Configuration of user terminal]
Next, the configuration of the user terminal 10 according to the embodiment will be described with reference to FIG. FIG. 3 is a diagram illustrating a configuration example of the user terminal 10 according to the embodiment. As illustrated in FIG. 3, the user terminal 10 includes a communication unit 11, an input unit 12, a display unit 13, a detection unit 14, a storage unit 15, and a control unit 16.

(About the communication unit 11)
The communication unit 11 is connected to the network N by wire or wirelessly, and transmits / receives information to / from the store apparatus 50 and the management server 100. For example, the communication unit 11 is realized by a NIC (Network Interface Card) or the like.

(About the input unit 12 and the display unit 13)
The input unit 12 is an input device that receives various operations from the user. For example, the input unit 12 is realized by an operation key or the like provided in the user terminal 10. The display unit 13 is a display device for displaying various information. For example, the display unit 13 is realized by a liquid crystal display or the like. In addition, when a touch panel is employ | adopted for the user terminal 10, a part of input part 12 and the display part 13 are integrated.

(About the detector 14)
The detection unit 14 detects various information related to the user terminal 10. Specifically, the detection unit 14 detects a user operation on the user terminal 10, location information of the user terminal 10, information about a device connected to the user terminal 10, an environment in the user terminal 10, and the like. To do. Any data detected by the detection unit 14 can be log data used in processing by the control unit 16 described later. In the example illustrated in FIG. 3, the detection unit 14 includes an operation detection unit 141, a position detection unit 142, an external device detection unit 143, and an environment detection unit 144.

(About the operation detection unit 141)
The operation detection unit 141 detects a user operation on the user terminal 10. For example, the operation detection unit 141 detects a user operation based on information input to the input unit 12. That is, the operation detection unit 141 detects an input of an operation for touching the screen to the input unit 12, an input of a voice, or the like. Moreover, the operation detection part 141 may detect that the predetermined application was started by the user. When the application is an application that operates the imaging device in the user terminal 10, the operation detection unit 141 detects that the imaging function is used by the user. Further, the operation detection unit 141 may detect an operation in which the user terminal 10 itself is moved based on data detected by an acceleration sensor, a gyro sensor, or the like provided in the user terminal 10.

(About the position detection unit 142)
The position detection unit 142 detects the current position of the user terminal 10. Specifically, the position detection unit 142 receives radio waves transmitted from GPS satellites, and acquires position information (for example, latitude and longitude) indicating the current position of the user terminal 10 based on the received radio waves.

  The position detection unit 142 can acquire position information by various methods. For example, when the user terminal 10 has a function equivalent to that of a contactless IC card used at a station ticket gate or a store (or the user terminal 10 has a function of reading a history of the contactless IC card) ), The used position is recorded together with the information on the settlement of the boarding fee at the station by the user terminal 10. The position detection unit 142 detects such information and acquires it as position information. Further, the position detection unit 142 may detect position information that can be acquired from an access point when the user terminal 10 communicates with a specific access point. The position information may be acquired by an optical sensor, an infrared sensor, a magnetic sensor, or the like included in the user terminal 10.

(External device detection unit 143)
The external device detection unit 143 detects an external device connected to the user terminal 10. For example, the external device detection unit 143 detects the external device based on the exchange of communication packets with the external device. Then, the external device detection unit 143 recognizes the detected external device as a terminal connected to the user terminal 10. The external device detection unit 143 may detect the type of connection with the external device. For example, the external device detection unit 143 detects whether the external device is connected to the external device by wire or wireless communication. Further, the external device detection unit 143 may detect a communication method used in wireless communication. The external device detection unit 143 may detect the external device based on information acquired by a radio wave sensor that detects a radio wave emitted by the external device, an electromagnetic wave sensor that detects an electromagnetic wave, or the like.

  In addition, the external device detection unit 143 is established not only in a wide area network such as the Internet but also in a peripheral device (for example, a speaker) directly connected to the user terminal 10 without using an external network device. A communication log by distance communication (for example, Bluetooth (registered trademark)) may be detected.

(Regarding the environment detection unit 144)
The environment detection unit 144 detects the environment in the user terminal 10. Specifically, the environment detection unit 144 uses various sensors and functions provided in the user terminal 10 to detect information about the environment around the user terminal 10. For example, the environment detection unit 144 is a microphone that collects sounds around the user terminal 10, an illuminance sensor that detects illuminance around the user terminal 10, and an acceleration sensor that detects physical movement of the user terminal 10 (or , A gyro sensor, etc.), a humidity sensor that detects the humidity around the user terminal 10, a geomagnetic sensor that detects a magnetic field at the location of the user terminal 10, and the like. And the environment detection part 144 detects various information using various sensors. For example, the environment detection unit 144 detects a noise level around the user terminal 10 and whether the surroundings of the user terminal 10 have illuminance suitable for imaging the user's iris. Further, the environment detection unit 144 may detect surrounding environment information based on a photograph or video taken by the camera.

(About the storage unit 15)
The storage unit 15 stores various information. The storage unit 15 is realized by, for example, a semiconductor memory device such as a RAM (Random Access Memory) or a flash memory, or a storage device such as a hard disk or an optical disk. As illustrated in FIG. 3, the storage unit 15 according to the embodiment includes data tables such as an action history table 151, a definition table 152, and a privilege information table 153.

(About the action history table 151)
The action history table 151 stores an action history in the user terminal 10. Here, FIG. 4 shows an example of the action history table 151 according to the embodiment. FIG. 4 is a diagram illustrating an example of the action history table 151 according to the embodiment. In the example shown in FIG. 4, the action history table 151 includes “action history ID”, “acquisition date”, “behavior information”, “type”, “action content”, “signature”, “verification”, “use permission”. ”.

  “Action history ID” is identification information for identifying an action history stored in the action history table 151. It is assumed that the identification information matches the reference symbol used in the description. For example, the action history identified by the action history ID “A01” indicates the action history A01.

  “Acquisition date and time” indicates the date and time when the action history is acquired. “Behavior information” indicates information included in the behavior history. “Type” indicates the type of log data that is an action history. For example, if the log data is stored in the user terminal 10 when the user uses the service, the type is stored as “service use”.

  “Behavior content” indicates the content of log data acquired as a behavior history. For example, if the action content is a content in which a log remains as payment information, such as “product purchase at store 60”, the log is stored as the action content. If the action content is position information, data of actual position information is stored. In FIG. 4, the position information is indicated by a concept such as “G01”. Actually, however, the position information is a numerical value indicating the longitude or latitude detected by the user terminal 10 or communication with an access point. A numerical value indicating the installation position of the obtained access point is stored.

  “Signature” indicates key information used when signing an action history. “Verification” indicates key information used for verifying the signature. “Usage permission” indicates information indicating whether or not the user has permitted the use of the action history for the issuing process or the like. For example, if the usage permission corresponding to the action history is “1”, it indicates that the user has been permitted, and that the action history can be used for issuing processing and the like. On the other hand, if the use permission corresponding to the action history is “0”, it indicates that the user is not permitted, indicating that the action history cannot be used for the issuing process or the like.

  That is, in the example of the information illustrated in FIG. 4, the action history A01 identified by the action history ID “A01” is information acquired on “October 1, 2016 12:00”. . The action information in the action history A01 is the type “service use”, the action content is “product purchase at the store 60”, and the signature is attached using the “secret key K10”. It shows that “public key K11” is used for signature verification. Further, the action history A01 indicates that the action history is “permitted” to be used for the issuing process or the like by the user.

  In the example of FIG. 4, information such as “product purchase”, “location information G01”, and “communication with other terminal devices” is stored in the action content item. Although not shown in FIG. 4, the user terminal 10 not only stores “product purchase”, “accommodation”, “communication with other terminal devices”, and the like as action contents, , Amount paid by the user for each service, product name of the purchased product, transition information of location information, identification information for identifying other terminal devices, mutual location information when communicating with other terminals, etc. Detailed information may be stored as appropriate. Information other than “1” and “0” may be stored in the use permission item. For example, detailed setting information such as permitting use only within a predetermined period (for example, an event holding period) may be stored in the use permission item. Even if the usage permission is “1”, the user terminal 10 does not need to use all stored data. For example, if the user terminal 10 uses only the data “product purchase at an arbitrary store near the event” for processing, the user terminal 10 does not necessarily use the log data including the details of the action content “store 60”. Also good. Thus, the log data held in the action history table 151 may be used flexibly according to the processing mode.

  Further, in FIG. 4, the illustrated data is simply illustrated for explanation. For example, the information such as the action history A02 is the position information of the user terminal 10 acquired periodically (for example, every second). The information may include all of them.

(About the definition table 152)
The definition table 152 stores information relating to definition when context is estimated from log data held in the user terminal 10. Here, FIG. 5 shows an example of the definition table 152 according to the embodiment. FIG. 5 is a diagram illustrating an example of the definition table 152 according to the embodiment. In the example illustrated in FIG. 5, the definition table 152 includes items such as “definition ID”, “definition information”, “estimated content”, and “log data”.

  “Definition ID” is identification information for identifying a definition stored in the definition table 152. “Definition information” indicates the content included in the definition information defining the relationship between the estimated context and the log data used to estimate the context. “Estimated content” indicates an estimated context.

  “Log data” indicates the content of log data used in the estimation process. For example, if the log data is “data acquisition date / time (event date)”, it is a condition that the acquisition date / time of the acquired log data matches the event date. If the log data is “location information G01”, the fact that the log data indicating the location information G01 is held in the user terminal 10 can be an element for estimating the context “participation in an event”. Is shown. “Nearby service use” indicates, for example, that the user has used the service near the event venue (in the example of FIG. 1, the user U01 has used the store 60). In addition, the “location information in other terminal devices” means that, for example, in an event venue, it is assumed that the user terminal 10 communicates with many other terminal devices. The position information in the own device and other terminal devices, which corresponds to the event venue, can be a determination factor that the user has participated in the event.

  That is, in the example of the information illustrated in FIG. 5, the definition D01 identified by the definition ID “D01” is information for estimating “participation in an event” as the estimation content, and the context includes the log data “ This indicates that it is defined to be estimated based on “location information G01”, “data acquisition date / time”, “service use in the vicinity”, and “location information in other terminal devices”. .

  Note that the log data illustrated in FIG. 5 is an example, and does not necessarily indicate that the context of the estimated content is estimated only when all of the log data is confirmed. For example, the user terminal 10 may score each log data determination, and may determine that the user context can be estimated when a score equal to or higher than a predetermined threshold is observed. For example, in estimating the context of “participation in an event”, the user terminal 10 “data acquisition date / time (event date)”, “location information G01”, “service usage in the vicinity”, “other services” Even if not all log data with “location information in terminal device” is available, if each log data has enough log data to estimate the context of “participation in event” (predetermined threshold value is set) If so, the context that the user has participated in the event may be estimated.

  Further, the definition information set in the definition table 152 may be set from the management server 100, or may be set from the service side providing the privilege. For example, the management server 100 generates definition information for estimating a context based on a result of learning log data of a terminal device in which a specific context is actually observed as correct data and using the correct data as teacher data. You may perform the process to do. Or in order to provide a user with a predetermined privilege, the service side may set a context desired by the service side and generate definition information on which log data for satisfying the context is set on the service side.

(About the privilege information table 153)
The privilege information table 153 stores information related to privileges that the user can receive. Here, FIG. 6 shows an example of the privilege information table 153 according to the embodiment. FIG. 6 is a diagram illustrating an example of the privilege information table 153 according to the embodiment. In the example illustrated in FIG. 6, the privilege information table 153 includes items such as “privilege ID”, “privilege information”, “setting period”, “service”, “condition”, and “privilege content”.

  “Privilege ID” indicates identification information for identifying a privilege. “Privilege information” indicates information set for the privilege, such as the content of the privilege and conditions for receiving the privilege. The “setting period” indicates a period during which the user can receive a privilege. “Service” indicates the name of a service providing a privilege to the user.

  “Condition” indicates a condition to be satisfied in order for a user to be given a right (attribute) to receive a service. “Privilege content” indicates the content of the privilege provided to the user from the service side.

  That is, in the example of the information illustrated in FIG. 6, the privilege B01 identified by the privilege ID “B01” has the setting period “September 1, 2016 to October 30, 2016” as the privilege information. The name of the service providing the privilege is “accommodation facility 70”, the condition is “participation in an event”, and the privilege content is “accommodation fee discount”. Although illustration in FIG. 6 is omitted, the privilege information table 153 includes information such as whether or not the user terminal 10 has issued a certificate that satisfies the conditions, and actual certificate data, It may be associated with privilege information and stored.

(About the control unit 16)
The control unit 16 is, for example, a controller, and various programs (for example, in the embodiment) stored in a storage device inside the user terminal 10 by a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or the like. This issuance program is implemented by executing RAM (Random Access Memory) as a work area. The control unit 16 is a controller, and is realized by an integrated circuit such as an application specific integrated circuit (ASIC) or a field programmable gate array (FPGA). For example, the process executed by the acquisition unit 162 is realized by an acquisition procedure that the issuing program causes the user terminal 10 to execute. That is, the process executed by the acquisition unit 162 described below may be read as an acquisition procedure that the issuing program causes the user terminal 10 to execute. The same applies to other processing units.

  As illustrated in FIG. 3, the control unit 16 includes a reception unit 161, an acquisition unit 162, a selection unit 163, an estimation unit 164, a determination unit 165, an issue unit 166, and a transmission unit 167. Implements or executes the functions and operations of information processing described below. Note that the internal configuration of the control unit 16 is not limited to the configuration illustrated in FIG. 3, and may be another configuration as long as the information processing described below is performed.

(Receiving unit 161)
The receiving unit 161 receives various information. For example, the receiving unit 161 receives information related to an action history transmitted from the store apparatus 50, privilege information transmitted from the management server 100, and the like. The receiving unit 161 sends the received information to each processing unit of the control unit 16. In addition, the reception unit 161 stores the received information in the storage unit 15.

(About the acquisition unit 162)
The acquisition unit 162 acquires various types of information. For example, the acquisition unit 162 acquires log data indicating the user's behavior history. In this case, the acquisition unit 162 may acquire the action history signed by the facility providing the service. For example, when the service is used, the acquisition unit 162 acquires an action history when the user uses the service from the store apparatus 50 included in the service via communication according to the NFC standard.

  Note that the acquisition unit 162 may acquire action histories in various modes regardless of communication according to the NFC standard or the like. For example, the store apparatus 50 may attach a two-dimensional code to a receipt or receipt issued by the service and sign the two-dimensional code. And the user terminal 10 may acquire the action history in a service by taking in the information contained in a two-dimensional code using the camera function etc. which the detection part 14 has, for example.

  Furthermore, the acquisition unit 162 may acquire log data in the user terminal 10 when the service is used. Specifically, the acquisition unit 162 communicates with the environment information detected by the user terminal 10, device information of the user terminal 10 itself, user information about a user who uses the user terminal 10, and the user terminal 10 as log data. Get information about external devices.

  As the log data detected by the user terminal 10, the acquisition unit 162, for example, position information indicating the position where the user terminal 10 is located, temperature around the user terminal 10, humidity information, and optical information indicating the intensity of ambient light. The sound information indicating the noise level around the user terminal 10 is acquired. Further, the acquisition unit 162 may acquire environment information around the user terminal 10 based on a photograph or video taken by a camera provided in the user terminal 10. For example, the acquisition unit 162 acquires environment information around the user terminal 10 based on image information captured by the camera, position information included in the image information, date and time when the image was captured, and the like.

  The acquisition unit 162 acquires information identifying an external device in communication with the user terminal 10 as well as information about the external device that communicates with the user terminal 10 and the type and frequency band of established communication. May be.

(About the selection unit 163)
The selection unit 163 selects log data used for the estimation process by the estimation unit 164 from the log data (action history) acquired by the acquisition unit 162. Specifically, the selection unit 163 receives the designation of log data used for the estimation process from the user who uses the user terminal 10 via the input unit 12, thereby selecting the action history used for the estimation process.

  The selection unit 163 may select the log data used for the estimation process by accepting designation of the category of the service used by the user, for example, instead of the log data itself. For example, the selection unit 163 designates that log data of a service belonging to a category related to purchase such as food and drinks and miscellaneous goods is allowed to be used for estimation processing, and log data of a service belonging to a category related to accommodation is not allowed to be used. Is received from the user.

  The selection unit 163 appropriately updates the information stored in the “use permission” item of the data stored in the action history table 151 based on the content designated by the user.

(About the estimation unit 164)
The estimation unit 164 estimates the user context based on the log data acquired by the acquisition unit 162. For example, the estimation unit 164 estimates the user context from the log data stored in the action history table 151 based on the definition information acquired from the management server 100.

  In addition, when the action history signed by a predetermined service is acquired as log data by the acquisition unit 162, the estimation unit 164 corresponds to the action history verified by the public key corresponding to the predetermined service. The user's context is estimated based on the log data. Thereby, since the estimation part 164 can perform a determination process only using the action history which the service recognized to be true data, it can perform the process which excluded the user who tries to obtain a privilege illegally. it can.

  In addition, the estimation unit 164 estimates the user context using the log data approved for use by the user among the log data acquired by the acquisition unit 162. Specifically, the estimation unit 164 estimates the context using only the action history selected as permitted to be used by the selection unit 163. Thereby, the estimation part 164 can prevent performing a process using the personal information (action history) which a user does not want.

  Further, the estimation unit 164 may estimate the user's context when a request is received from a service side that provides a predetermined privilege. For example, a service that intends to provide a privilege may transmit a predetermined request to the user terminal 10 in order to promote the use of the privilege. As an example, as shown in FIG. 1, it is assumed that a service side that wants to provide a privilege provides an access point at an event venue and transmits a beacon. In this case, the acquisition unit 162 acquires privilege information regarding the event, triggered by communication transmitted from the beacon. Then, when “participation of event” is set as a condition in the acquired privilege information, the estimation unit 164 derives a user context for satisfying the condition based on the action history accumulated so far. . As described above, the estimation unit 164 may perform the context estimation process in response to a request from the service side. Note that the context in this case is not information indicating the user's behavior itself that “the user has participated in the event”, but the situation that “the user has participated in the event at a predetermined time” or This is information indicating the state.

  Note that the estimation unit 164 may perform the estimation process using a known learning process, regardless of the definition information for associating the log data with the context. For example, the estimation unit 164 may perform processing for estimating a context based on a result of learning log data related to a user whose specific context is actually observed as correct data and using the correct data as teacher data. That is, the estimation unit 164 may estimate the actual situation (context) of the user based on the knowledge obtained from the log data so far and the results of analysis, not the log data itself. .

(About determination unit 165)
Based on the context estimated by the estimation unit 164, the determination unit 165 determines whether or not a condition for the user to have a predetermined attribute is satisfied. Specifically, the determination unit 165 determines whether or not the user has an attribute for enjoying a predetermined privilege as a predetermined attribute (that is, whether or not a condition for having the attribute is satisfied). For example, when the context estimated by the estimation unit 164 matches the condition set in the privilege information, the determination unit 165 satisfies a condition for the user to have an attribute of receiving a predetermined privilege. judge. More specifically, the determination unit 165 satisfies the condition for the user to enjoy the predetermined privilege when the context estimated by the estimation unit 164 includes a context requested by the service side that provides the predetermined privilege. Is determined.

  Note that the determination unit 165 determines whether or not a condition for the user to enjoy a predetermined privilege is satisfied using a context approved for use by the user among the contexts estimated by the estimation unit 164. It may be. That is, the determination unit 165 may obtain use permission from the user not only for the process of estimating the context based on the log data selected by the user, but also for the estimated context. Thereby, the determination unit 165 can prevent a context that the user does not want to reveal to others from being transmitted to the outside (a predetermined service or the like). The determination unit 165 may perform determination using other contexts with usage restrictions in addition to approval and denial of context usage from the user. For example, the determination unit 165 may use a context with a time limit for use. In addition, the determination unit 165 has a context that has a predetermined use restriction in a certificate issued by the issuing unit 166 described later (for example, the name of the store in which a restriction is set so that the certificate is presented only to a certain store). The determination process may be performed using a context including the domain of the domain.

  In addition, the determination unit 165 presents information regarding a condition for receiving the predetermined privilege to the user when the context estimated by the estimation unit 164 does not include the context requested by the service providing the predetermined privilege. You may do it. For example, when the context estimated for the user does not match the condition for receiving the privilege, the determination unit 165 displays that on the screen (display unit 13) of the user terminal 10. Thereby, the user can know whether or not he / she satisfies the conditions for receiving a predetermined privilege.

(About issuer 166)
The issuing unit 166 issues a certificate certifying the user context based on the context estimated by the estimating unit 164. The certificate is used for determining whether or not the user has a predetermined attribute, for example. For example, the issuing unit 166 issues a certificate that the user has the right (attribute) to enjoy a predetermined privilege as the predetermined attribute. The issuing unit 166 may issue a certificate for certifying the context when the user's context is estimated, or the certificate is triggered by a request from the service side that provides a predetermined privilege. May be issued.

  For example, the issuing unit 166 may issue a certificate that the user has the right to enjoy a predetermined privilege based on the result determined by the determining unit 165. In other words, when it is determined that the user can enjoy the privilege based on the privilege information, the issuing unit 166 issues a certificate for proving that the user has the right to enjoy the privilege.

  Taking the process shown in FIG. 1 as an example, it is assumed that the determination unit 165 refers to the privilege information that the privilege can be obtained by using the accommodation facility 70 after participating in the event from the privilege information table 153. In this case, the determination unit 165 determines that a user who has participated in the event can receive a privilege when the accommodation facility 70 is subsequently used. In response to this, the issuing unit 166 issues a certificate indicating the context that “the user has participated in the event” estimated based on the log data acquired by the acquiring unit 162. In other words, the issuing unit 166 issues a certificate for transmitting to the service side that the user can receive a privilege when the user visits the accommodation facility 70.

  The issuing unit 166 issues a certificate signed with a specific private key, and also issues a public key corresponding to the specific private key, which is used for certificate verification. May be. That is, the issuing unit 166 may issue a certificate that employs a so-called public key cryptosystem. In this case, the certificate issued by the issuing unit 166 is attached with a signature that can only be attached by the issuing unit 166 (that is, the user terminal 10). Thereby, the issuing unit 166 can prevent the issued certificate from being misused.

  The issuing unit 166 may issue a certificate that proves the user's context based on the context derived by combining the contexts estimated by the estimating unit 164. For example, it is assumed that the context of visiting a store belonging to a specific group company is frequently observed for a predetermined user. In addition, regarding the user, a context of moving using a train belonging to the same specific group company is frequently observed. In this case, the issuing unit 166 can derive a context that the user is a heavy user who frequently uses a specific group company by combining these contexts. In this case, the user receives a predetermined discount for all services related to the group company, for example, by presenting a certificate certifying that the user is a user who frequently uses the specific group company. Benefits such as being able to. In this way, the issuing unit 166 can realize various service provision modes by issuing a context certificate derived by combining contexts.

  Note that the certificate issued by the issuing unit 166 may be used on-line or off-line. Specifically, the certificate may be stored in the user terminal 10 as data and presented by being transmitted to the store apparatus 50. Alternatively, the certificate may be displayed on the screen of the user terminal 10 to display the service. It may be a form that is actually presented to a person at a store or facility to be provided. Further, the issuing unit 166 stores the issued certificate in association with privilege information or the like and stores it in the storage unit 15, and the certificate is stored when the user visits a facility or the like that receives the benefit. You may perform the process which notifies a user of this.

(About transmitter 167)
The transmission unit 167 transmits various information. For example, the transmission unit 167 transmits the certificate issued by the issuing unit 166 to the store apparatus 50. In addition, the transmission unit 167 transmits a request for acquiring definition information, privilege information, and the like to the management server 100. The transmission unit 167 may transmit a request according to a user's operation, communicate with the management server 100 periodically (for example, every hour), acquire definition information, privilege information, and the like. You may make it update.

[4. Processing procedure)
Next, a processing procedure performed by the user terminal 10 according to the embodiment will be described with reference to FIGS. 7 and 8. FIG. 7 is a flowchart (1) illustrating a processing procedure according to the embodiment. In FIG. 7, the procedure of the process which the user terminal 10 acquires and stores a user's action history is demonstrated.

  As illustrated in FIG. 7, the acquisition unit 162 according to the user terminal 10 acquires a user's action history (step S101). Then, the acquisition unit 162 stores the acquired action history in the action history table 151 (step S102).

  Subsequently, the selection unit 163 determines whether or not the acquired action history is selected as an action history that can be used for an estimation process, an issuing process, and the like (step S103). When it is selected that it can be used (step S103; Yes), the selection unit 163 records the action history as data used for the issuance process (or estimation process) (step S104).

  On the other hand, when it is not selected as usable (step S103; No), the selection unit 163 records the action history as data that is not used for the issuing process (or estimation process) (step S105).

  Next, the procedure of the issuing process by the user terminal 10 according to the embodiment will be described with reference to FIG. FIG. 8 is a flowchart (2) illustrating a processing procedure according to the embodiment.

  As illustrated in FIG. 8, the acquisition unit 162 according to the user terminal 10 estimates whether or not privilege information and definition information are acquired from the management server 100 (step S201). When privilege information and definition information are not acquired (Step S201; No), acquisition part 162 stands by until acquisition.

  On the other hand, when privilege information and definition information are acquired (step S201; Yes), the estimation part 164 estimates the context regarding a privilege based on the stored action history (log data) (step S202).

  The estimation unit 164 determines whether or not a context has been estimated based on the stored action history (step S203). When the context is estimated (step S203; Yes), the determination unit 165 determines whether or not the estimated context satisfies a condition related to a privilege (step S204).

  When it is determined that the estimated context satisfies the condition regarding the privilege (step S204; Yes), the issuing unit 166 provides a certificate that proves that the user has the right to enjoy the privilege based on the estimated context. Issuing (step S205), the issuance process is terminated.

  Note that the user terminal 10 also issues a case where the context cannot be estimated from the stored action history (step S203; No) or when the estimated context does not satisfy the condition related to the privilege (step S204; No). The process ends. In this case, the issuing unit 166 performs processing such as notifying the user that a certificate certifying the right to enjoy the privilege cannot be issued based on the action history held by the user at the present time via the screen of the user terminal 10. May be.

[5. (Modification)
The issuing system 1 including the user terminal 10 described above may be implemented in various different forms other than the above embodiment. Therefore, in the following, another embodiment of the issuing system 1 will be described.

[5-1. Issuing program that runs on the management server)
In the said embodiment, the issue program which concerns on embodiment showed the example which implement | achieves issuing processing by operate | moving in the user terminal 10. FIG. Here, the issuing program may operate on the management server 100 to realize the above-described issuing process. In this case, the user terminal 10 functions as a client of the management server 100. This point will be described with reference to FIG.

  FIG. 9 is a diagram (1) illustrating an example of the issuing process according to the modification. In FIG. 9, log data indicating a user's action history is acquired by an issuing program that operates in the management server 100, the user's context is estimated based on the acquired log data, and based on the estimated context, An example of a flow of processing in which a certificate that a user U01 has a right to enjoy a predetermined privilege is issued is shown. In the example shown in FIG. 9, the predetermined privilege is a privilege that a discount can be obtained when the accommodation facility 70 is used on the condition that the store 60 is visited at a preset specific date and time. It shall be.

In the example shown in FIG. 9, when the user U01 utilizing the user terminal 10 has visited a store 60 via a store 50 _1, action history of the user U01 is transmitted to the management server 100 (step S21) . For example, the user terminal 10 via the communication with the shop device 50 _1, time and the user terminal 10 has reached the vicinity of the store 60, the time and the user U01 has entered the store 60, the user U01 stay in the store 60 The action history (log data) such as the performed time is transmitted to the management server 100.

  The management server 100 stores the acquired action history in the storage unit 120 in association with the user terminal 10 and the user U01 (step S22). And the management server 100 estimates a user's context based on the definition information etc. which were preset (step S23). The management server 100 may perform the context estimation process using only the action history permitted by the user U01, as described in the above embodiment.

  And the management server 100 displays the information regarding the estimated context so that the user U01 can browse through the application which operate | moves with the user terminal 10, for example.

  Among the displayed contexts, the user U01 selects information to be permitted as information used by the management server 100 for issuing processing and the like (step S24). For example, on the screen displayed on the user terminal 10, the user U01 selects to permit the context that the store 60 is visited at a specific date and time to be used for the issuing process.

  Based on the context of the user U01 estimated in the estimation process, the management server 100 issues a certificate that proves that “the user U01 has visited the store 60 at a predetermined date and time”. Then, the management server 100 transmits the certificate issued based on the estimation process to the user terminal 10 (step S25).

  Thereafter, when the user U01 visits the accommodation facility 70, the user U01 presents the certificate to the service side (step S26). For example, the user U01 is a certificate signed with the secret key K50 possessed by the management server 100 and certifies that the user U01 visited the store 60 at a specific date and time set in advance. Present certificate P11.

Store unit 50 ₂ of the accommodation 70 is a service side that provides benefits, certificate P11 presented by the user U01 to verify whether or not true (step S27). For example, the store unit 50 _2, the management obtains the public key K51 from the server 100, by decoding the certificate P11 by using the public key K51 acquired, verifies the certificate P11. Then, the store unit 50 _2, if it is verified that those certificates P11 presented by the user U01 is issued by the management server 100 definitely based on certificate P11, provide benefits to the user U01 To do.

  Thus, the issuing program according to the embodiment may operate in the management server 100 as well as the user terminal 10. Even if the issuing program operates on the management server 100, the issuing program can perform the same processing as that performed on the user terminal 10.

  Next, a configuration example of the management server 100 when the issuing program operates in the management server 100 will be shown using FIG. FIG. 10 is a diagram illustrating a configuration example of the management server 100 according to the modification.

  As illustrated in FIG. 10, the management server 100 includes a communication unit 110, a storage unit 120, and a control unit 130. The management server 100 includes an input unit (for example, a keyboard and a mouse) that receives various operations from the administrator of the management server 100 and a display unit (for example, a liquid crystal display) for displaying various types of information. May be.

  Each processing unit illustrated in FIG. 10 corresponds to each processing unit of the user terminal 10 illustrated in FIG. 3. That is, the communication unit 110 corresponds to the communication unit 11. The storage unit 120 corresponds to the storage unit 15, the behavior history storage unit 121 corresponds to the behavior history table 151, the definition information storage unit 122 corresponds to the definition table 152, and the privilege information storage unit 123 corresponds to the privilege information table 153. Corresponding to In addition, each processing unit of the control unit 130 corresponds to each processing unit of the control unit 16 related to the user terminal 10. That is, the reception unit 131 corresponds to the reception unit 161, the acquisition unit 132 corresponds to the acquisition unit 162, the selection unit 133 corresponds to the selection unit 163, the estimation unit 134 corresponds to the estimation unit 164, and the determination unit 135 Corresponding to the determination unit 165, the issuing unit 136 corresponds to the issuing unit 166, and the transmitting unit 137 corresponds to the transmitting unit 167.

[5-2. (Mutual use of certificates)
In the above embodiment, an example in which one issued certificate corresponds to one service (that is, a privilege provided by the service side) is shown. However, the user terminal 10 may issue a plurality of certificates and present the plurality of certificates to the service side so that the user can receive different privileges. This point will be described with reference to FIG.

  FIG. 11 is a diagram (2) illustrating an example of the issuing process according to the modification. In the example illustrated in FIG. 11, when it is proved that the accommodation facility 70 is used, the user U01 can receive a privilege when using the store 60, the store 61, or the store 62.

  For example, the user terminal 10 determines that the user U01 has stayed in the location information corresponding to the accommodation facility 70 based on log data indicating that the user U01 is located all night, a communication log with an access point in the accommodation facility 70, and the like. It is assumed that the facility 70 has been used and the certificate P21 has been issued based on the estimated information.

  In this case, the user U01 enjoys a privilege such as a discount at each store by presenting the certificate P21 and using the store 60, the store 61, or the store 62 (step S31). Thereafter, it is assumed that the user U01 moves to another store different from the store that enjoys the privilege and uses another store. For example, it is assumed that the user U01 first uses the store 60 and the store 61 and then moves to the store 62. At this time, the user terminal 10 issues a certificate based on the use of the store 60 and the store 61 of the user U01 (step S32). Then, when the user U01 visits the store 62, the user U01 may present a certificate indicating that a plurality of stores such as the accommodation facility 70, the store 60, and the store 61 are used. In this case, for example, the store 62 may provide a privilege superior to the user U01 having a certificate certifying the use of a plurality of stores, rather than a user who presents the certificate P21 alone.

  As described above, the user terminal 10 may combine the contexts that each store is used, derive a context that the usage has been performed across a plurality of stores, and issue a certificate regarding the derived context. . Thereby, the user terminal 10 can make use of the action history in various forms, such as providing a more flexible service corresponding to the action history of the user U01.

[5-3. (Proof by continuous use)
In the above embodiment, the process in which the user terminal 10 issues a certificate that the user has the right to enjoy a predetermined privilege based on the context estimated from the action history has been described. Here, the user terminal 10 is a certificate that proves the user context, for example, by estimating the user context based on the action history continuously observed over a predetermined period, and the user terminal 10 You may issue the certificate which proves that it has fixed reliability. In this case, the “predetermined attribute” in the user may be read as, for example, “an attribute that can receive a preferential treatment from the service side as compared to a user who has not been issued a certificate”.

  The above process will be described with reference to FIG. FIG. 12 is a diagram (3) illustrating an example of the issuing process according to the modification. The example shown in FIG. 12 shows a situation where the user U01 has continued to use the auction site managed by the web server for a predetermined period (for example, several years).

  In the example shown in FIG. 12, it is assumed that the user U01 is a so-called excellent member whose transaction amount is greater than or equal to a predetermined amount at the auction site or that there is no action history such as delayed payment. It is assumed that the user U01 continues to use the online auction site for a predetermined period of time (step S41).

  The user terminal 10 proves that the user U01 is an excellent member on the auction site based on, for example, definition information in which the usage amount or usage period in the auction site is set and such online behavior history. A certificate P31 is issued. In the example shown in FIG. 12, the certificate P31 is a certificate that proves the right to enjoy the privilege provided by the financial institution 63, for example. For example, the user U01 uses the issued certificate P31 as an off-line certificate (step S42). The financial institution 63 determines the creditworthiness using the certificate P31 (step S43). For example, based on the certificate P31, the financial institution 63 assumes that the user U01 is a user who is more reliable in transactions than other users, and expands the credit line or relaxes loan conditions. Do.

  As described above, the user terminal 10 estimates the context continuously observed from the user based on the log data acquired over a predetermined period. Then, the user terminal 10 issues a certificate certifying the user context based on the estimated continuously observed context.

  That is, the user terminal 10 can handle a past action built by the user U01 based on log data continuously recorded online as a context, and can issue a certificate P31 that can be used even offline, for example. Thereby, the user terminal 10 can make use of the context of the user U01 for more applications.

  The log data continuously recorded is not limited to online exchanges such as a web server. For example, it is assumed that the user U01 carries the user terminal 10 and runs every day. In this case, the user terminal 10 can estimate that the user U01 is a user who runs continuously every day based on the log data of the daily position information recorded, the log data of the gyro sensor, and the like. The user terminal 10 may issue a certificate for the user U01 based on such an estimation process. In this case, since the user U01 can prove that he is a user who exercises regularly, for example, the user U01 can enjoy a privilege such as preferential treatment of contract contents in a life insurance or medical insurance contract.

  Further, the user terminal 10 may perform a process of notifying the user U01 of a context that is insufficient until a certificate is issued based on the definition information. For example, the user terminal 10 may notify the user U01 via the screen that it is necessary to continue running only for a predetermined period in order to issue a certificate for receiving life insurance benefits. . Thereby, the user terminal 10 can give the incentive for the user U01 to perform the action which continued.

  As another example, it is assumed that the user U01 listens to music by periodically connecting the user terminal 10 and an external speaker of a specific brand having a communication function. In this case, the user terminal 10 periodically accumulates communication records with external speakers as a log. Based on this log data, the user terminal 10 issues a certificate that proves that the user U01 is a lover of a specific brand. In this case, since the user U01 can prove that he / she is a lover of a specific brand based on the log data, for example, the user U01 receives a preferential treatment such as a discount when purchasing the product of the brand, or the product from the brand. You can enjoy the benefits of receiving the guidance. Thus, according to the user terminal 10, since the user's context is estimated based on continuously observed log data, the information that the user U01 declares himself / herself (for example, he / she is a lover of a specific brand) In addition, a certificate can be issued to prove that user U01 is truly a dedicated user of a particular brand.

  As another example, the user terminal 10 may continuously store, as a log, information related to the user's chronic disease, medication content, and the like as the user visits the hospital. And when a user visits a hospital, the certificate issued based on the log of the current chronic disease and the medication content may be shown, and a treatment may be requested. Further, for example, when the user terminal 10 is realized as a dog tag (Dog Tag, personal identification tag) held by the user himself / herself, for example, a medical worker or a person engaged in emergency medical care reads the dog tag log, You may apply to the method of acquiring the information regarding the said user's treatment.

[5-4. (Certificate based on verification with correct data)
In addition to the context estimation, the user terminal 10 may perform processing for acquiring correct data related to the context and issuing a certificate by collating with the acquired correct data.

  This point will be described with reference to FIG. FIG. 13 is a diagram (4) illustrating an example of the issuing process according to the modification. In the example shown in FIG. 13, a situation is shown in which the user U01 moves on the Shinkansen while carrying the user terminal 10. In this case, the user terminal 10 acquires position information log data whose position changes at the same speed as the Shinkansen speed by periodically acquiring the position information. Further, the user terminal 10 acquires the date and time when the position information was observed in association with the position information.

  At this time, the management server 100 provides correct data according to a request received from the user terminal 10, for example (step S51). The correct answer data includes, for example, correct answer data regarding the departure and arrival times at each station of the Shinkansen on which the user U01 is boarded and the transition of the location information of the Shinkansen. That is, the correct answer data is data indicating when and what kind of position information the Shinkansen on which the user U01 is on is correct.

  The user terminal 10 collates the correct answer data acquired from the management server 100 with the action history such as position information acquired with movement. Then, the user terminal 10 issues a certificate P41 regarding the movement of the user U01 when these data match a predetermined threshold value or more. The certificate P41 is a certificate that proves that the user U01 has definitely got on a predetermined Shinkansen and moved between certain points.

  The user U01 uses the issued certificate P41 as an off-line certificate (step S52). For example, the user U01 submits the certificate P41 to the company 64 where he / she works. The certificate P41 may be signed by the management server 100. Based on the certificate P41, the user U01 certifies the history of actions performed by the user U01 (step S53). For example, the user U01 verifies the submitted certificate P41 by the company 64, so that the user U01 is surely moved on the Shinkansen, and the correct data (information on the Shinkansen is managed) on the management server 100. It can be proved that it matches with the data) indicating the transition of the position information when moving.

  Thus, the user terminal 10 acquires correct answer data for verifying the estimated context. Furthermore, the user terminal 10 issues a certificate certifying the user context based on the comparison between the estimated context and the acquired correct data.

  Thereby, the user terminal 10 can not only estimate the context that “the user has moved on the Shinkansen” based on the log data, but also prove that the estimated context is a context without error. For this reason, the user terminal 10 can issue a certificate with higher reliability.

[5-5. Use of other users' action history)
In the above-described embodiment, the example in which the user who receives the certificate is the same as the user who uses the certificate is shown. Here, the certificate issued by the issuing process according to the embodiment may be shared between different terminals and used.

  For example, assume that a user has issued a certificate. At this time, it is assumed that the user has set the user who shares the certificate via the issuing program according to the embodiment (for example, realized as a predetermined application installed in the user terminal 10). For example, it is assumed that the user shares an action history with his / her family and friends.

  For example, a user's family and friends acquire a certificate issued to the user via an application installed in a terminal device owned by the user. And when a user's family and friend use the service which provides a certain privilege, the certificate issued with respect to the user is shown. When such a certificate is verified from the service side, the user's family and friends can enjoy a privilege based on the certificate issued to the user.

  In this way, the user terminal 10 can perform a flexible issuing process such as sharing the right to enjoy a predetermined privilege with another user different from the user having the actual action history. Thereby, the user terminal 10 can have effects such as promoting mutual use of services between users. Note that the user terminal 10 may perform a process of sharing not only a certificate but also an action history among trusted users.

[5-6. Issued program)
As described above, the issue program according to the embodiment may be realized as an application installed in the user terminal 10. In this case, the issuance program can issue a certificate more flexibly by sharing an action history among users who have installed the application, sharing a right to enjoy a predetermined privilege, or the like.

[5-7. Dispersion of processing)
In the above embodiment, an example in which the user terminal 10 (that is, the issuing program) executes a process of acquiring a user's action history, a process of estimating a context based on log data indicating the action history, and a process of issuing a certificate. showed that. However, these processes may be distributed to the store apparatus 50 and the management server 100 and executed.

[5-8. Configuration of user terminal]
In the above embodiment, the configuration example of the user terminal 10 has been described with reference to FIG. However, the user terminal 10 does not necessarily include all the processing units illustrated in FIG. For example, the user terminal 10 does not necessarily include the display unit 13 and the detection unit 14. Further, the user terminal 10 may be separated into two or more devices to realize the configuration illustrated in FIG. For example, the user terminal 10 includes two or more devices having a configuration in which a detection device having at least the communication unit 11 and the detection unit 14 and a control device having at least the communication unit 11 and the control unit 16 are separated. It may be realized. Specifically, the user terminal 10 is not as multifunctional as an information processing terminal, such as an IoT (Internet of Things) device, but a plurality of devices having the same functions as the communication unit 11 and the detection unit 14 cooperate. It may be realized by doing.

[5-9. (Select action history)
In the said embodiment, it showed that a user selects whether each action history is used for an estimation process or an issuing process. Here, the user may execute the action history selection in more detail. For example, the user designates a service category corresponding to the action history, allows use for a service of a designated category, and does not allow use of a service of a category not designated. You may choose. For example, the user can set the behavior history on the shopping site to be usable and the behavior history on the auction site to be unavailable. Further, the user terminal 10 may not only select permission in advance, but may also perform processing such as displaying a notification prompting the user for permission on the screen at the timing when the action history is used for processing, for example.

[5-10. (Notice of benefits)
The user terminal 10 may notify the user that there is a timing for obtaining a privilege using various modes. In the example of FIG. 1, the user terminal 10 obtains location information of its own device at any time, and when a user who has participated in an event comes near the accommodation facility 70, there is a discount when staying here. Notifications similar to advertisements and promotions may be made. In addition, in embodiment, although the privilege which a user can enjoy was described as an example as a predetermined | prescribed attribute, a various aspect may be contained in a privilege. For example, in addition to the example shown in FIG. 12, etc., preferential treatment under the conditions for the user to take out insurance, use of specific facilities (permission to enter a dedicated room, access right to connect to a conference room notification network, etc.) Various features such as an access right to secret information outside the parties may be included in the privilege.

[5-11. (Reliability of log data)
The user terminal 10 may perform an estimation process including the reliability of the acquired log data. For example, among the acquired log data, the reliability of position information and the like may change depending on the performance of the device to be acquired. In this case, the user terminal 10 may perform an estimation process or the like by preferentially using data acquired from a highly reliable device among the acquired log data. For example, if the location information acquired by the latest terminal device is available, the user terminal 10 may preferentially use the location information acquired by the latest terminal device.

[5-12. Mutual estimation with other users)
The user terminal 10 may perform context estimation processing using log data stored in a terminal device used by another user. For example, if the position information can be acquired from a terminal device used by another user, the user terminal 10 checks the position information of the own device so that the user using the user terminal 10 and the other user can The context of being together at a certain date and time may be estimated.

  Further, the user terminal 10 may estimate the user context not only from the log data in the user terminal 10 but also from predetermined data held on the web server. For example, the user terminal 10 acquires image data posted on an SNS (Social Networking Service). Then, the user terminal 10 extracts an image in which both the user who uses the user terminal 10 and other users are captured by the image recognition process described above. Furthermore, the user terminal 10 acquires the date and position information and the position information when the image is captured. Based on these data, the user terminal 10 may estimate a context that the user who uses the user terminal 10 and the other user are together at a certain date and time.

[6. Others]
In addition, among the processes described in the above embodiment, all or part of the processes described as being automatically performed can be performed manually, or the processes described as being performed manually can be performed. All or a part can be automatically performed by a known method. In addition, the processing procedures, specific names, and information including various data and parameters shown in the document and drawings can be arbitrarily changed unless otherwise specified. For example, the various types of information illustrated in each drawing is not limited to the illustrated information.

  Further, each component of each illustrated apparatus is functionally conceptual, and does not necessarily need to be physically configured as illustrated. In other words, the specific form of distribution / integration of each device is not limited to that shown in the figure, and all or a part thereof may be functionally or physically distributed or arbitrarily distributed in arbitrary units according to various loads or usage conditions. Can be integrated and configured. For example, the selection unit 163 and the estimation unit 164 illustrated in FIG. 3 may be integrated. Further, for example, information stored in the storage unit 15 may be stored in a storage device provided outside via the network N.

  Further, for example, in the above-described embodiment, an example in which the user terminal 10 performs an acquisition process of acquiring an action history, an estimation process of estimating a context, and an issuing process of issuing a certificate is shown. However, the user terminal 10 described above may be separated into an acquisition device that performs an acquisition process, an estimation device that performs an estimation process, and an issue device that performs an issue process. In this case, for example, the processing by the user terminal 10 according to the embodiment is realized by the issuing system 1 having each device such as an acquisition device, an estimation device, and an issuing device.

  Moreover, each embodiment and modification which were mentioned above can be combined suitably in the range which does not contradict a process content.

[7. Hardware configuration)
The issuing device (for example, the user terminal 10 or the management server 100) according to the embodiment described above is realized by a computer 1000 having a configuration as shown in FIG. Hereinafter, a case where the issuing device is the user terminal 10 will be described as an example. FIG. 14 is a hardware configuration diagram illustrating an example of a computer 1000 that implements the functions of the issuing device. The computer 1000 includes a CPU 1100, RAM 1200, ROM 1300, HDD 1400, communication interface (I / F) 1500, input / output interface (I / F) 1600, and media interface (I / F) 1700.

  The CPU 1100 operates based on a program stored in the ROM 1300 or the HDD 1400 and controls each unit. The ROM 1300 stores a boot program executed by the CPU 1100 when the computer 1000 is started up, a program depending on the hardware of the computer 1000, and the like.

  The HDD 1400 stores a program executed by the CPU 1100, data used by the program, and the like. The communication interface 1500 receives data from other devices via the network N and sends the data to the CPU 1100, and transmits data generated by the CPU 1100 to other devices via the network N.

  The CPU 1100 controls an output device such as a display and a printer and an input device such as a keyboard and a mouse via the input / output interface 1600. The CPU 1100 acquires data from the input device via the input / output interface 1600. Further, the CPU 1100 outputs the data generated via the input / output interface 1600 to the output device.

  The media interface 1700 reads a program or data stored in the recording medium 1800 and provides it to the CPU 1100 via the RAM 1200. The CPU 1100 loads such a program from the recording medium 1800 onto the RAM 1200 via the media interface 1700, and executes the loaded program. The recording medium 1800 is, for example, an optical recording medium such as a DVD (Digital Versatile Disc) or PD (Phase change rewritable disk), a magneto-optical recording medium such as an MO (Magneto-Optical disk), a tape medium, a magnetic recording medium, or a semiconductor memory. Etc.

  For example, when the computer 1000 functions as the user terminal 10 according to the embodiment, the CPU 1100 of the computer 1000 executes the program loaded on the RAM 1200 (for example, the issuance program according to the embodiment), thereby Realize the function. The HDD 1400 stores data in the storage unit 15. The CPU 1100 of the computer 1000 reads these programs from the recording medium 1800 and executes them. However, as another example, these programs may be acquired from other devices via the network N.

[8. effect〕
As described above, the issue program according to the embodiment causes a computer (for example, the user terminal 10 or the management server 100) to execute an acquisition procedure, an estimation procedure, and an issue procedure. The acquisition procedure acquires log data indicating a user's action history. The estimation procedure estimates the user's context based on the log data acquired by the acquisition procedure. The issuing procedure issues a certificate certifying the user's context based on the context estimated by the estimation procedure.

  As described above, the issuing program according to the embodiment estimates the user context and issues a certificate for proving the user context based on the estimated context. For example, the issuance program issues a certificate used for determining whether or not the user has a predetermined attribute (for example, a right to enjoy a predetermined privilege) to the user. That is, according to the issuance program, by accurately estimating the context based on knowledge and analysis obtained from a series of log data, a user context (for example, a user who has been difficult to prove with log data alone) Issue a certificate certifying that you were participating in the event. By presenting the issued certificate to the service side, the user can prove that the user has a right to enjoy a predetermined privilege, for example. As a result, according to the process executed by the issuing program, the user's behavior history can be utilized for various purposes. Furthermore, according to the issuing program, there is an effect of protecting the personal information of the user. That is, according to the issuance program, even when a privilege is received from the service side, it is possible to prove its own context, and for example, it is not necessary to register personal information or the like on the service side. Thereby, the user can enjoy a privilege, without having concern about privacy. Specifically, even if the user does not disclose his / her name, age, address, etc., the context of “having stayed at the accommodation facility 70 at a certain date / time” or “the company in the predetermined location information continuously” Since the context of “working” and the context of “continuing use of a manufacturer's device” can be presented to the service side, it is possible to receive benefits appropriate to those contexts without revealing personal information. .

  Further, in the acquisition procedure, when a user uses a predetermined service, an action history signed by the predetermined service is acquired as log data. The estimation procedure estimates a user context based on log data corresponding to an action history verified by a public key corresponding to the predetermined service, out of the action history signed by the predetermined service.

  As described above, the issuing program according to the embodiment may perform the estimation process using the action history in which the verification unit using the electronic signature or the like is used. Thereby, the issuing program can exclude a user who tries to obtain a privilege by an illegal act.

  In addition, the issuing procedure issues a certificate signed with a specific private key and a public key corresponding to the specific private key, which is used to verify the certificate. Issue.

  As described above, the issuing program according to the embodiment may perform an encryption process using an electronic signature or the like on a certificate issued by itself. As a result, the issuing program can cause the service side to verify the validity of the certificate, so that the service side can eliminate the possibility of using a certificate issued by an unauthorized means.

  Moreover, an estimation procedure estimates the said user's context using the log data by which utilization was approved by the user among the log data acquired by the acquisition procedure.

  As described above, the issuing program according to the embodiment may cause the user to select log data to be used for processing. As a result, the issuing program can make adjustments such as not using the action history that the user does not want to leak to the outside, so that the estimation process can be performed while protecting the personal information of the user.

  The issuing procedure issues a certificate that proves the user's context based on the context derived by combining the contexts estimated by the estimating procedure.

  As described above, the issuing program according to the embodiment may issue a certificate based on not only a single context but also a context derived when these contexts are combined. Thereby, since the issuing program can inform the user that the right to enjoy a privilege from a company not directly related to the user is given to the user, various forms of providing services can be realized.

  Further, the estimation procedure estimates a context that is continuously observed by the user based on log data acquired over a predetermined period. The issuing procedure issues a certificate certifying the user's context based on the continuously observed context estimated by the estimation procedure.

  As described above, the issuance program according to the embodiment may issue a certificate based on a context derived as a result of continuous accumulation of a large number of log data, not just log data. According to this processing, the user can use the tendency and preference of the user's daily behavior in the form of a certificate, and thus can receive a privilege from the service side based on such tendency and preference.

  Further, the acquisition procedure acquires correct data for verifying the context estimated by the estimation procedure. The issuing procedure issues a certificate that proves the user's context based on the collation between the estimated context and the correct answer data acquired by the acquiring procedure.

  As described above, the issuing program according to the embodiment may issue a result indicating that the user is truly the context as a certificate by further comparing the context estimated from the log data with the correct answer data. As a result, the user can acquire data that proves his / her situation, which is difficult to prove only with log data, and can use the acquired data as an off-line certificate.

  In addition, the issuing program according to the embodiment further executes a determination procedure for determining whether or not a condition for the user to have a predetermined attribute is satisfied based on the context estimated by the estimation procedure.

  As described above, the issuing program according to the embodiment executes a process of determining whether or not a condition for the user to have a predetermined attribute (for example, a condition for the user to enjoy a predetermined privilege) is satisfied. May be. That is, since the issuing program can perform in advance a process of determining that the user is a user who can enjoy the privilege prior to the process of determining the user in order for the service side to provide the privilege, for example, the processing efficiency Can be achieved. In addition, when the issuing program performs the determination process together, for example, the user terminal 10 on which the issuing program operates can advance the processing in a stand-alone state that does not depend on the management server 100 or the store apparatus 50. it can.

  In addition, the determination procedure determines whether or not a condition for the user to have a predetermined attribute is satisfied using a context approved for use by the user among the contexts estimated by the estimation procedure.

  As described above, the issuing program according to the embodiment may cause the user to select a context to be used for the determination process. That is, according to the issuance program, flexible determination processing that meets the user's request can be performed.

  Moreover, an estimation procedure estimates a user's context, when a request | requirement is received from the service side which provides a predetermined privilege. The determination procedure determines that the user satisfies a condition for enjoying the predetermined privilege when there is a context required by the service providing the predetermined privilege in the context estimated by the estimation procedure.

  As described above, the issuing program according to the embodiment may perform a process of dynamically estimating a context satisfying a condition when a service-side request is received. For example, the issuing program may dynamically estimate a context that satisfies a condition according to a beacon transmitted from a facility that provides a service. Thereby, the issuing program can prevent the user who wants to use the service from receiving the privilege without noticing that the user can receive the privilege.

  In addition, the determination procedure presents to the user information related to a condition for receiving the predetermined privilege when there is no context required by the service providing the predetermined privilege in the context estimated by the estimation procedure.

  As described above, when the context corresponding to the request on the service side providing the privilege cannot be estimated, the issue program according to the embodiment provides the user with information such as what conditions can be obtained for the privilege, for example. You may make it notify. Thereby, the issuing program can give the user a motivation to obtain a privilege.

  The issuing procedure issues a certificate that certifies the user's context based on the result determined by the determining procedure and certifies that the user has a predetermined attribute.

  As described above, the issuing program according to the embodiment can perform not only the context proof but also the certificate issuing process indicating that the user has a predetermined attribute by performing the determination process. Thereby, since the issuing program can selectively issue a certificate related to the context determined that the user can enjoy the privilege, for example, the processing load can be reduced by suppressing issuing a certificate at random. Efficient issue processing can be performed.

  As described above, some of the embodiments of the present application have been described in detail with reference to the drawings. However, these are merely examples, and various modifications, including the aspects described in the disclosure section of the invention, based on the knowledge of those skilled in the art, It is possible to implement the present invention in other forms with improvements.

  In addition, the “section (module, unit)” described above can be read as “means” or “circuit”. For example, the acquisition unit can be read as acquisition means or an acquisition circuit.

DESCRIPTION OF SYMBOLS 1 Issuing system 10 User terminal 11 Communication part 12 Input part 13 Display part 14 Detection part 15 Storage part 151 Action history table 152 Definition table 153 Benefit information table 16 Control part 161 Reception part 162 Acquisition part 163 Selection part 164 Estimation part 165 Determination part 166 Issuer 167 Transmitter 50 Store device 60 Store 70 Accommodation facility 100 Management server

Claims (14)

An acquisition procedure for acquiring log data indicating a user's behavior history;
An estimation procedure for estimating the context of the user based on the log data acquired by the acquisition procedure;
An issuance procedure for issuing a certificate certifying the context of the user based on the context estimated by the estimation procedure;
Issuance of a certificate to a computer. The acquisition procedure is as follows:
When a user uses a predetermined service, an action history signed by the predetermined service is acquired as the log data,
The estimation procedure includes:
Estimating the user's context based on log data corresponding to an action history verified by a public key corresponding to the predetermined service out of the action history signed by the predetermined service;
The certificate issuing program according to claim 1, wherein: The issuing procedure is:
Issuing the certificate signed with a specific private key and issuing a public key corresponding to the specific private key for use in verifying the certificate;
The certificate issuance program according to claim 1 or 2. The estimation procedure includes:
Of the log data acquired by the acquisition procedure, using the log data approved for use by the user, the context of the user is estimated,
The certificate issuance program according to claim 1, wherein the certificate issuance program. The issuing procedure is:
Issuing a certificate certifying the context of the user based on a context derived by combining the contexts estimated by the estimation procedure;
The certificate issuing program according to any one of claims 1 to 4, wherein The estimation procedure includes:
Based on log data acquired over a predetermined period of time, estimate the context continuously observed from the user,
The issuing procedure is:
Issuing a certificate certifying the user's context based on the continuously observed context estimated by the estimation procedure;
The certificate issuing program according to any one of claims 1 to 5. The acquisition procedure is as follows:
Obtaining correct data for verifying the context estimated by the estimation procedure;
The issuing procedure is:
Issuing a certificate certifying the user's context based on a match between the estimated context and correct data obtained by the obtaining procedure;
The certificate issuing program according to any one of claims 1 to 6. A determination procedure for determining whether or not a condition for the user to have a predetermined attribute is satisfied based on the context estimated by the estimation procedure;
The certificate issuing program according to any one of claims 1 to 7, further comprising: The determination procedure is as follows:
Of the contexts estimated by the estimation procedure, use a context approved for use by the user to determine whether or not a condition for the user to have the predetermined attribute is satisfied.
The certificate issuing program according to claim 8, wherein: The estimation procedure includes:
When a request is received from a service side that provides a predetermined privilege, the user's context is estimated,
The determination procedure is as follows:
When the context estimated by the estimation procedure includes a context required by the service providing the predetermined privilege, the user determines that the condition for enjoying the predetermined privilege is satisfied.
The certificate issuing program according to claim 8 or 9, characterized in that The determination procedure is as follows:
In the context estimated by the estimation procedure, when there is no context required by the service providing the predetermined privilege, information related to the condition for enjoying the predetermined privilege is presented to the user.
The certificate issuing program according to claim 10. The issuing procedure is:
Issuing a certificate certifying the user's context based on the result determined by the determination procedure, certifying that the user has the predetermined attribute;
The certificate issuing program according to any one of claims 8 to 11, wherein An acquisition unit for acquiring log data indicating a user's behavior history;
An estimation unit that estimates the context of the user based on the log data acquired by the acquisition unit;
An issuing unit that issues a certificate certifying the context of the user based on the context estimated by the estimating unit;
A certificate issuing device comprising: A certificate issuing method executed by a computer,
An acquisition step of acquiring log data indicating a user's behavior history;
An estimation step of estimating the context of the user based on the log data acquired by the acquisition step;
Issuing a certificate certifying the user's context based on the context estimated by the estimating step;
A method for issuing a certificate characterized by including:

Images