JP2023103033A - Communication management method and communication management system - Google Patents

Abstract

To provide a communication management method and a communication management system capable of managing entities by using low resources in a unified manner.SOLUTION: In a communication management method for managing communication between entity groups that process data, by a first device and a second device, the first device has a DB that registers entity IDs, and the second device has an entity management function of managing entities and a block-chain network implementation function of issuing non-overlapping address codes in a block-chain network. The entity management function obtains a first address code from the block-chain network implementation function. The entity management function transmits a subscription request for the block-chain network containing an address code. When the first device receives a response including the address code and approving the subscription request, it registers the address code in the DB as an entity ID.SELECTED DRAWING: Figure 1

Description

The present invention relates to a communication management method and communication management system for managing communication.

In recent years, with the spread of the Internet of Things (IoT), there is a growing need for an IoT system that provides stable services by coordinating a large number of IoT entities (sensor devices, actuators, applications, network switches, servers, data storages) from multiple vendors.

IoT systems are expected to improve productivity by linking factory production management information, manufacturing equipment operation information and maintenance information, and to provide highly reliable and safe services for connected cars. In particular, in order to establish such reliability and safety, centralization and centralized management of meta information queries (identity confirmation queries) of IoT entities, which may exist in large numbers, are desired.

Note that the IoT entity referred to here means an element that constitutes an IoT system. In addition, in the following description and drawings, for readability, "identification ID of IoT entity" may be abbreviated as "entity ID", "application" may be abbreviated as "AP", and "database" may be abbreviated as "DB". In addition, "IoT" may be abbreviated such as "device apparatus" for "IoT device apparatus" and "entity" for "IoT entity". Also, "AP program" indicates program code, and simply describing "AP" indicates an instance (process, thread, container, virtual machine) in which the AP program code is executed.

Patent Literature 1 discloses a mechanism for centrally managing meta information (inventory information) of content in sharing distributedly stored information (content such as files).

U.S. Pat. No. 6,044,374

Recently, it is feared that the following problems will occur with the increase in the number of devices. The Internet is used for communication between devices and APs. In the future, when the number of IoT entities increases further, there will be a shortage of IP addresses for identifying entities in the currently popular Internet in communication to APs. Therefore, there is concern that stable communication will become difficult in the case of constant connection.

Also, this makes it impossible to use an IP address as an identification ID for distinguishing between devices. Also in communication, it is necessary to implement communication with this large number of devices and manage them so that they can be distinguished. In particular, mission-critical applications require a stable IoT system including always-on communication.

Also, for the convenience and reliability of the IoT system, it is required to centrally manage multi-vendor and enormous devices. Centralized management of IoT entity meta information (including inventory information) by a Data Base Management System (DBMS) also requires a huge amount of computational and storage resources, is expensive, and is difficult to realize.

An object of the present invention is to centrally manage entities with low resources.

A communication management method, which is one aspect of the invention disclosed in the present application, is a communication management method for managing communication between a group of entities processing data by a first device and a second device, wherein the first device has a first database for registering an entity ID that uniquely identifies the entity, the second device has an entity management function for managing the entity, and a blockchain network realization function for issuing a unique address code in the blockchain network to realize a blockchain network, wherein the entity management function implements the blockchain network. A first address code is obtained from a function, the entity management function transmits a first request to join the blockchain network including the first address code, and the first device registers the first address code as the entity ID in the first database upon receiving a first response including the first address code and approving the first join request.

According to exemplary embodiments of the present invention, entities can be centrally managed with low resources. Problems, configurations, and effects other than those described above will be clarified by the following description of the embodiments.

FIG. 1 is an explanatory diagram showing an example of the overall configuration of an IoT system. FIG. 2 is a block diagram showing a hardware configuration example of a server device. FIG. 3 is a block diagram showing a hardware configuration example of the device. FIG. 4 is a block diagram showing a hardware configuration example of a user terminal. FIG. 5 is a block diagram showing a hardware configuration example of a network switch device. FIG. 6 is an explanatory diagram showing an example of data stored in the main storage device of the server device of the management site. FIG. 7 is an explanatory diagram showing an example of data stored in the main storage device of the server device of Company A's site. FIG. 8 is an explanatory diagram showing an example of data stored in the main storage device of the server device of Company B's site. FIG. 9 is an explanatory diagram showing an example of a connection relationship between instances of AP programs that the IoT system has. FIG. 10 is an explanatory diagram of an example of unified management processing for identity confirmation. FIG. 11 is an explanatory diagram of an example of network management processing. FIG. 12 is an explanatory diagram showing an example of a block chain network joining process of an entity management AP instance. FIG. 13 is an explanatory diagram showing an example of processing for joining a device management AP instance and a device AP instance to a blockchain network. FIG. 14 is an explanatory diagram of an example of data collection processing from device AP instances. FIG. 15 is an explanatory diagram showing an example of device operation. FIG. 16 is an explanatory diagram of an example of an entity management table. FIG. 17 is an explanatory diagram of an example of an inquiry mediation management table. FIG. 18 is an explanatory diagram of an example of a group of tables in the business DB. FIG. 19 is an explanatory diagram of an example of an access control management table. FIG. 20 is a flow chart showing an example of an entity integration management processing procedure by an entity integration management AP instance. FIG. 21 is a flow chart showing an example (first half) of an entity management processing procedure by an entity management AP instance. FIG. 22 is a flow chart showing an example (second half) of an entity management processing procedure by an entity management AP instance. FIG. 23 is a flowchart illustrating an example of device management processing procedures by a device management AP instance. FIG. 24 is a flow chart showing an example of a device processing procedure by a device AP instance. FIG. 25 is a flow chart showing an example of a terminal processing procedure by a user terminal AP instance. FIG. 26 is a flowchart illustrating an example of a management processing procedure by a network management AP instance; FIG. 27 is a flowchart illustrating an example of a processing procedure by a network switch AP instance; FIG. 28 is a flowchart illustrating an example of a processing procedure by a BCNAP instance; FIG. 29 is a flow chart showing an example of a management processing procedure of a supply chain management AP instance.

Embodiments of the present invention will be described with reference to the accompanying drawings. In the following description, the internal operations and specifications of a blockchain network program that implements a blockchain network (hereinafter referred to as BCNAPP or a blockchain network implementation function) will be described. Although there are differences in the names of the functions that call the functions, it is assumed that the functions provided by any blockchain platform will be used, so detailed explanations of the internal operations will be omitted hereafter.

<Overall IoT system configuration example>
FIG. 1 is an explanatory diagram showing an example of the overall configuration of an IoT system. The IoT system 1 has a management site 101 and one or more managed sites (A company site 102 and B company site 103 in this example). The management site 101 , company A site 102 , and company B site 103 are each connected to a data communication network 107 such as the Internet, a LAN (Local Area Network), or a WAN (Wide Area Network) via a network switch device 500 . A device 301 of company A is connected to the data communication network 107, and a device 302 of company A and a user terminal 401 of company B are connected to the data communication network 107 via a communication carrier network 108 for mobile communication.

The server device 111 in the management site 101 has programs related to management such as a supply chain management AP program, an entity integrated management program, and a network management AP program, an inquiry mediation management DB (Database), an access control management DB 1900, and BCNAPP. Also, as an example, the server device 112 of the company A site 102 has a device management AP program, a business data DB, an entity management AP program, an entity management DB 1600, and BCNAPP, and the server device 113 of the company B site 103 has an entity management AP program, an entity management DB 1600, and BCNAPP. These are the minimum resources for this embodiment.

<Hardware Configuration Example of Server Devices 111 to 113>
FIG. 2 is a block diagram showing a hardware configuration example of the server devices 111-113. The server device 201 is used when the server devices 111 to 113 are not distinguished. The server devices 111 to 113 are distinguished by program codes and data stored in the main storage device 209, and the details will be described with reference to FIGS. 6 to 8. FIG.

The server device 201 has a processor 204, a user interface (IF) 205, a NIC (Network Interface Card) 207 connected to the network switch device 500, a main storage device 209, a DB 210 (eg, data storage), a data bus 213 connecting them, and a display 202 and keyboard 203 connected to the user IF 205.

The processor 204 executes various programs of FIG. 1 stored in the main storage device 209 . The main storage device 209 stores various programs of FIG. 1 in the server device 201 . The DB 210 is various DBs shown in FIG. 1 in the server device 201 .

<Hardware configuration example of devices 301 and 302>
FIG. 3 is a block diagram showing a hardware configuration example of the devices 301 and 302. As shown in FIG. When the devices 301 and 302 are not distinguished from each other, they are referred to as a device 300 . The device apparatus 300 has a processor 303 that executes programs stored in a main storage device 306, a wireless communication interface 304 or NIC 305 that ultimately connects to the data communication network 107, a main storage device 306 that stores programs, a sensor group 307, an actuator interface 308, a data bus 411 that connects them, and an actuator 320 that is connected and controlled from the actuator interface 308. Main memory 306 has device AP program 309 , work area 410 , and BCNAPP 604 .

<Hardware configuration example of user terminal>
FIG. 4 is a block diagram showing a hardware configuration example of the user terminal 401. As shown in FIG. In the following description of the user terminal 401, a smart phone is used as an example, but a personal computer may also be used. The user terminal 401 has a touch display 402, an audio input/output 403, a user IF 405 connected to them, a processor 404 executing a program, a wireless communication IF 406 (equivalent to NIC) connected to a communication carrier network, a main storage device 407, and a data bus 411 connecting them. The main storage device 407 has a user terminal AP program 408 , a work area 409 and a BCNAPP 604 .

FIG. 5 is a block diagram showing a hardware configuration example of the network switch device 500. As shown in FIG. The network switch device 500 has a controller 501 that executes programs, one or more NICs 502, a main storage device 505, and a data bus 508 that connects them. Network switch devices 500, 502 and 503 mediate communications from server devices 111, 112 and 113 to the data communication network, respectively. Main storage device 505 has network switch AP program 506 , access control information 507 , and BCNAPP 604 .

<Example of Data Stored in Main Storage Device 209 of Server Device 201>
Next, examples of data stored in the server device 201 will be described with reference to FIGS. 6 to 8. FIG.

FIG. 6 is an explanatory diagram showing an example of data stored in the main storage device 209 (hereinafter referred to as main storage device 601) of the server device 111 of the management site 101. As shown in FIG. The main storage device 601 of the server device 111 has a supply chain management AP program 602 , an entity integrated management AP program 603 , a BCNAPP 604 , a network management AP program 605 and a work area 606 .

FIG. 7 is an explanatory diagram showing an example of data stored in the main storage device 209 (hereinafter referred to as main storage device 701) of the server device 112 of the A company site 102. As shown in FIG. The main storage device 701 has a device management AP program 702, an entity management AP program 703, and a BCNAPP604.

FIG. 8 is an explanatory diagram showing an example of data stored in the main storage device 209 (hereinafter referred to as main storage device 801) of the server device 112 of the B company site 103. As shown in FIG. The main storage device 801 has an entity management AP program 802 and a BCNAPP 604 .

The hardware configuration has been described above. The operation of the program executed on this hardware configuration will be described below. First, after briefly explaining the macro-like operation intervening each AP program across the board, the processing flow of each AP program will be explained.

<Example of instance configuration of AP program possessed by IoT system 1>
FIG. 9 is an explanatory diagram showing an example of a connection relationship between instances of AP programs that the IoT system 1 has.

BCNAP instance 901 is an instance of BCNAPP 604 . The BCNAP instance 901 is a blockchain network implementation function that issues a unique address code in the blockchain network to implement the blockchain network. The BCNAP instance 901 does not change the address code once assigned to the address code requester. When receiving multiple address code requests from the same requester, the BCNAP instance 901 returns the first assigned address code to the requester.

The network switch AP instance group 902 is an instance (network switch AP instance) of the network switch AP program 506 that controls the network switch device 500, that is, a set of network switch control functions. Specifically, a network switch AP instance is realized by causing the controller 501 to execute the network switch AP program 506, for example.

The device management AP instance 903 is an instance of the A company's device management AP program 702 that manages (eg, maintains) the device apparatuses 301 and 302 under the control of A company. The device management AP instance 903 is a device management function that manages a device to be managed such as the device apparatus 300, and is specifically realized by causing the processor 204 to execute the device management AP program 702, respectively.

The entity management AP instance 904 is an instance of the entity management AP program 703 that manages the entity IDs of the devices 301 and 302 under the control of Company A (for example, manages and confirms the identity of the entities under control), and is, for example, a database management system. The entity management AP instance 904 is an entity management function that manages an entity, which is a data processing function realized by a data processing device or software.

A device AP instance 905 is an instance of the device AP program 309 that executes the operations of the devices 301 and 302 under the control of Company A. The device AP instance 905 is a device control function that controls managed devices such as the devices 301 and 302, and is specifically realized by causing the processor 303 to execute the device AP program 309, for example.

A user terminal AP instance 906 is an instance of the user terminal AP program 408 that controls the user terminal 401 under the jurisdiction of B company. The user terminal AP instance 906 is a terminal control function that controls the user terminal 401, and is specifically realized by causing the processor 404 to execute the user terminal AP program 408, for example.

An entity management AP instance 907 is an instance of the entity management AP program 703 under the jurisdiction of Company B. Like the entity management AP instance 904, the entity management AP instance 907 is an entity management function that manages entities.

Network management AP instance 908 is an instance of network management AP program 605 . The network management AP instance 908 is a network management function that manages the network switch device 500, and is specifically realized by causing the processor 204 to execute the network management AP program 605, for example.

An entity integration management AP instance 909 is an instance of the entity integration management AP program 603 . The entity integration management AP instance 909 is an entity integration management function that integrates and manages all entities.

Supply chain management AP instance 910 is an instance of supply chain management AP program 602 that manages the supply chain. The supply chain management AP instance 910 is a supply chain management function that manages the supply chain, and is specifically realized by causing the processor 204 to execute the supply chain management AP program 602, for example.

Device management AP instance 903 to supply chain management AP instance 910 are connected between instances 901 and 902, respectively. The BCNAP instance 901 exists in each of the server devices 111 to 113 in a distributed manner, but is described as one instance in FIG. 9 because it has the property of operating as one instance across the board.

<Unified management of identity confirmation>
FIG. 10 is an explanatory diagram of an example of unified management processing for identity confirmation. In FIG. 10, an external jurisdictional entity 1001 connected to a BCNAP instance 901, which is a blockchain network, is used as a background check source.

(1) Inquiry External jurisdiction entity 1001 issues a background check to BCNAP instance 901 . The background check includes the entity ID of the background-checked entity or information about the background-checked entity that identifies the entity ID.

(2) Inquiry The integrated entity management AP instance 909 of the server device 111 receives the identity confirmation from the CNAP instance 901 . If the background check includes the entity ID of the entity to be background-checked, the entity integration management AP instance 909 performs (3) inquiry. When the background check includes information about a background-checked entity that specifies an entity ID, the entity integrated management AP instance 909 refers to a virtual entity management DB that associates the background-checked entity ID with information about the background-checked entity, and specifies the identity-checked entity ID.

(3) Inquiry The integrated entity management AP instance 909 of the server device 111 searches the inquiry mediation management DB 1700 using the entity ID of the identity confirmation target, and acquires the inquiry destination entity ID associated with the identity confirmation target entity ID. The integrated entity management AP instance 909 mediates identity confirmation to the entity management AP instance 904 of company A specified by the reference entity ID. That is, the integrated entity management AP instance 909 requests the entity management AP instance 904 of Company A specified by the reference entity ID to inquire with the entity ID to be verified.

(4) (3) Response to Inquiry Company A's entity management AP instance 904 refers to the entity management DB 1600 it holds, executes identity confirmation of the entity specified by the identity confirmation target entity ID, and returns the identity confirmation result to the entity integrated management AP instance 909. The identity confirmation result includes meta information (or inventory information) of the entity identified by the identity confirmation target entity ID.

(5) (2) Response to Inquiry The integrated entity management AP instance 909 holds the identity confirmation result received from the entity management AP instance 904 of Company A in the work area 606, converts it into a predetermined format, and transmits it to the BCNAP instance 901, which is the source of the inquiry. In the inquiry mediation management DB 1700, when the device 300 is added, a record is added in which the entity ID of the device 300 and the inquiry destination entity ID are associated with each other.

(6) (3) Response to Inquiry The BCNAP instance 901 returns the identity confirmation result received from the entity integrated management AP instance 909 to the external jurisdiction entity 1001 . Thereby, the identity of the device apparatus 300 to be identity-confirmed can be confirmed.

<Network management>
FIG. 11 is an explanatory diagram of an example of network management processing. The IoT system 1 uses the data communication network 107 without going through the BCNAP instance 901 in order to transfer a large amount of data that is not suitable through the BCNAP instance 901 . For this purpose, the IoT system 1 uses the data communication network 107 via access control of the network switch device 500 in order to establish a reliable connection between communication entities.

(1) Setting The entity integrated management AP instance 909 of the server device 111 sets an entity ID that permits connection to the network management AP instance 908 via the BCNAP instance 901 . Since the network management AP instance 908 can access the access control management DB 1900 , an entity ID that permits connection is set in the access control management DB 1900 . The access control management DB 1900 has network AP entity IDs, source entity IDs, and receiver entity IDs. The entity ID that permits connection is set as either the sender entity ID or the receiver entity ID.

(2) Control The network management AP instance 908 controls the network switch AP with the entity of the entity ID set in the access control management DB 1900 in (1) setting. This controls communication. That is, when the entity ID permitting connection is set as the source entity ID, the integrated entity management AP instance 909 of the server device 111 receives the data from the source entity and transfers it to the existing destination entity. Also, when the entity ID that permits connection is set as the entity ID of the receiver, the integrated entity management AP instance 909 of the server device 111 receives data from the existing source entity and transfers it to the receiver entity.

<Blockchain Network Joining of Entity Management AP Instances 904, 907>
FIG. 12 is an explanatory diagram showing an example of processing for joining the entity management AP instances 904 and 907 to the blockchain network. FIG. 12 shows an example of processing for joining the entity management AP program 703 of Company A itself to the blockchain network.

(1) Join request Entity management AP instance 904, which is an entity of entity management AP program 703 of company A, acquires an address code from BCNAP instance 901 by applying for joining the blockchain network, and sends a join request including the acquired address code to supply chain management AP instance 910.

(2) Approval Response The supply chain management AP instance 910 sends a manual or automatic approval response to the received subscription request to the entity management AP instance 904 and the entity integration management AP instance 909 via the BCNAP instance 901 .

The entity management AP instance 904 registers the acquired address code as an entity ID in the entity management DB 1600 in association with the meta information (or inventory information) of the entity management AP instance 904 .

The entity integrated management AP instance 909 registers the address code acquired by the entity management AP instance 904 requesting the subscription in the inquiry mediation management DB 1700 as an entity ID. As a result, the entity management AP instance 904 comes under the control of the entity integrated management AP instance 909 .

<Blockchain network participation of device management AP instance and device AP instance>
FIG. 13 is an explanatory diagram showing an example of processing for joining the device management AP instance 903 and the device AP instance 905 to the blockchain network. FIG. 13 shows a processing example in which company A's device management AP instance 903 and company A's device AP instance 905 join the entity management AP instance 904 under the umbrella of the entity integrated management AP instance 909 .

(1) Join request Company A's device management AP instance 903 acquires an address code from the BCNAP instance 901 by applying for joining the blockchain network, and sends a join request including the acquired address code and meta information (or inventory information) of the device management AP instance 903 to the entity management AP instance 904 of A.

(2) Approval Response Company A's entity management AP instance 904 (1) returns an approval response to the subscription request to A's device management AP instance 903 ((2)-1) and also transmits it to the BCNAP instance 901 ((2)-2). The approval response includes the address code acquired by the A company's device management AP instance 903 and the entity ID of the A company's entity management AP instance 904 .

Company A's entity management AP instance 904 uses the address code of Company A's device management AP instance 903 as an entity ID, associates it with the meta information (or inventory information) of Company A's device management AP instance 903, and registers it in the entity management DB 1600 .

(3) Approval Response The BCNAP instance 901 transmits the approval response from the entity management AP instance 904 of Company A to the entity integrated management AP instance 909 . The entity integrated management AP instance 909 registers the address code acquired by the device management AP instance 903 of company A as an entity ID and the entity ID of the entity management AP instance 904 of company A as a reference entity ID in the inquiry mediation management DB 1700 .

(4) Join request Company A's device AP instance 905 acquires an address code from the BCNAP instance 901 by applying for joining the blockchain network, and sends a join request including the acquired address code and meta information (or inventory information) of the device AP instance 905 to the entity management AP instance 904 of A.

(5) Approval Response Company A's entity management AP instance 904 (4) returns an approval response to the subscription request to A's device AP instance 905 ((5)-1) and also transmits it to the BCNAP instance 901 ((5)-2). The authorization response includes the address code acquired by Company A's device AP instance 905 and the entity ID of Company A's entity management AP instance 904 . The address code acquired by A's device AP instance 905 does not overlap with the address code acquired by A's device management AP instance 903 .

Company A's entity management AP instance 904 uses the address code of company A's device AP instance 905 as an entity ID, associates it with the meta information (or inventory information) of company A's device AP instance 905, and registers it in the entity management DB 1600 .

(6) Approval Response The BCNAP instance 901 transmits the approval response from the entity management AP instance 904 of Company A to the entity integration management AP instance 909 . The entity integrated management AP instance 909 registers the address code acquired by the device AP instance 905 of company A as an entity ID and the entity ID of the entity management AP instance 904 of company A as a reference entity ID in the inquiry mediation management DB 1700 .

<Data collection from device AP instance>
FIG. 14 is an explanatory diagram of an example of data collection processing from device AP instances. FIG. 14 shows a processing example in which the A company's device management AP instance 903 collects data from the A company's device AP instance 905 .

(1) Company A Device Connection Application The device management AP instance 903 of company A sends a connection application to the device AP instance 905 to the entity management AP instance 904 of company A via the BCNAP instance 901 .

(2) Company A AP Connection Application The device AP instance 905 transmits a connection application to the device management AP instance 903 to the entity management AP instance 904 via the BCNAP instance 901 .

(3) Connection Permission Notification The entity management AP instance 904 transmits entity connection permission notifications for (1) Company A device connection application and (2) Company A AP connection application to the entity integrated management AP instance 909 via the BCNAP instance 901 .

Prior to issuing the entity connection permission notification, the entity management AP instance 904 transmits the identity confirmation request shown in FIG. As a result, when the identity is confirmed, the entity management AP instance 904 transmits (1) the company A device connection application and (2) the entity connection permission notification for the company A AP connection application to the entity integration management AP instance 909 .

(4) Network Connection Permission Setting The entity integrated management AP instance 909 sends the connection permission setting to the network management AP instance 908 . Thereby, the network management AP instance 908 controls the network switch AP instance group 902 and permits communication between the device AP instance 905 and the device management AP instance 903 .

(5) Data Collection After communication between the device AP instance 905 and the device management AP instance 903 is permitted, the device management AP instance 903 receives data from the device AP instance 905 and stores it in the business DB 1800 .

<Device operation>
FIG. 15 is an explanatory diagram showing an example of device operation. FIG. 15 shows an example of a process in which a maintenance person has a user terminal 401 of company B, operates a user terminal AP 401 possessed by the user terminal 401, and operates a device AP instance 905 of company A. FIG.

12 and 13, the entity ID of the entity management AP instance 907 of Company B is assumed to be obtained in advance as an address code from the BCNAP instance 901 and registered in the inquiry mediation management DB 1700. In addition, the entity ID of the entity management AP instance 907 of Company B and the entity ID of the user terminal AP instance 906 are acquired in advance as address codes from the BCNAP instance 901, and are registered in the inquiry mediation management DB 1700 in association with the entity ID (inquiry destination entity ID) of the entity management AP instance 907 of Company B. It is also assumed that the entity ID of the entity management AP instance 907 of the company B and the entity ID of the user terminal AP instance 906 are registered in the entity management DB 1600 of the company B. FIG.

(1) Operation of User Terminal 401 The user terminal 401 inputs the entity ID of the user terminal AP instance 906 manually by maintenance personnel or through wireless communication (eg, infrared rays, Bluetooth (registered trademark)).

(2) Company B user terminal connection application By operating the user terminal 401, the device AP instance 905 of company A transmits a connection application to the entity management AP instance 904 of company A. FIG. The connection request contains the entity ID of the user terminal AP instance 906 .

(3) Company B user terminal identity confirmation Company A's entity management AP instance 904 transmits a identity confirmation request to the entity integrated management AP instance 909 via the BCNAP instance 901 . The identity verification request includes the entity ID of the user terminal AP instance 906 .

(4) Company B user terminal identity confirmation request The integrated entity management AP instance 909 searches the inquiry mediation management DB 1700 it owns, acquires the inquiry destination entity ID, and transmits the identity confirmation to the entity management AP instance 907 of company B. The background check includes the retrieved referenced entity ID.

(5) Response of (4) The entity management AP instance 907 transmits the identity confirmation response to the identity confirmation of (4) to the integrated entity management AP instance 909 . Entity integration management AP instance 909 sends the identity confirmation response to entity management AP instance 904 .

(6) Connection Permission Notification The entity management AP instance 904 transmits a connection permission notification to the entity integration management AP instance 909 based on the identity confirmation response from the entity integration management AP instance 909 .

(7) Network connection permission setting When the entity integrated management AP instance 909 receives the (6) connection permission notification, it transmits the network connection permission setting to the network management AP instance 908, and controls the network switch AP group instances to permit communication between the device AP instance 905 and the user terminal AP.

(8) Operation (after permission)
After the connection is permitted, the user terminal 401 operates the device AP instance 905 of company A using the user terminal AP instance 906 .

(9) Information provision (after permission)
After connection authorization, entity management AP instance 904 provides information to user terminal AP instance 906 . This information is a record of the device AP instance 905 registered in the entity management DB 1600 held by the entity management AP instance 904. FIG.

In the above, the cross-sectional, macro-like operation intervening each AP program has been simply described. Next, the DB record definition will be explained, and the operation of each AP program will be explained.

<DB record definition>
FIG. 16 is an explanatory diagram of an example of an entity management table. An entity management table 1610 is provided in the entity management DB 1600. FIG. The entity management table 1610 has, as record columns, an entity ID 1611 that uniquely identifies an entity, a valid period start date and time 1612 for the valid period for which the record is valid, a valid period end date and time for the valid period for the relevant record 1613, an entity type 1614 specified by the entity ID, and a client electronic certificate 1615. The type 1614 holds codes or character strings that can distinguish device types (sensors, actuators), APs (entity management APs, etc.), services, and the like. Valid period start date and time 1612, valid period end date and time 1613, type 1614, and client electronic certificate 1615 are examples of meta information (or inventory information).

FIG. 17 is an explanatory diagram of an example of an inquiry mediation management table. An inquiry mediation management table 1710 is provided in the inquiry mediation management DB 1700 . The inquiry mediation management table 1710 has an entity ID 1611 and an inquiry destination entity ID 1711 as columns of records. The referral destination entity ID 1711 is an entity ID 1611 that uniquely identifies the referral destination entity. A referral entity is an entity that can refer to an entity whose background is to be confirmed.

In the (2) approval response in FIG. 12, the address code of the entity management AP instance 904 requesting the subscription is registered in each of the entity ID 1611 and reference entity ID 1711, and a record is created.

In the (3) approval response in FIG. 13, the address code acquired by the device management AP instance 903 of Company A is registered as the entity ID 1611, and the entity ID of the entity management AP instance 904 is registered as the reference entity ID 1711 in association with the entity ID 1611, creating a record.

In the (6) approval response in FIG. 13, the address code acquired by the device AP instance 905 of company A is registered in the entity ID 1611, and the entity ID of the entity management AP instance 904 is registered in the inquiry destination entity ID 1711 in association with the entity ID 1611, and a record is created.

FIG. 18 is an explanatory diagram showing an example of a group of tables in the business DB 1800. As shown in FIG. The business DB 1800 has a device table 1801 and a device data table 1802 . The device table 1801 has a managed entity ID 1810 as a column of records. A managed entity ID 1810 is an entity ID 1611 that uniquely identifies a managed entity. A managed entity is an entity managed by the server device 201 holding the business DB 1800 . In this example, the business DB 1800 is provided only in the server device 112 of the A company site 102, so the managed entities are the device devices 301 and 302 managed by the A company.

The device data table 1802 has a managed entity ID 1810 and acquired data 1820 as columns of records. Acquired data 1820 is data acquired by the managed entity identified by the managed entity ID 1810 .

FIG. 19 is an explanatory diagram of an example of an access control management table. An access control management table 1910 is provided in the access control management DB 1900 . The access control management table 1910 has a network switch AP entity ID 1911 , a sender entity ID 1912 , and a receiver entity ID 1913 as columns of records that are the access control information 507 .

A network switch AP entity ID 1911 is an entity ID 1611 that uniquely identifies a network switch AP instance within the network switch AP instance group 902 .

The sender entity ID 1912 is the entity ID 1611 that uniquely identifies the sender entity. A transmitting entity is an entity that is a source of transmission. The receiving entity ID 1913 is the entity ID 1611 that uniquely identifies the receiving entity. A receiving entity is an entity that serves as a destination.

Assume that only the record 1921 is registered in the access control management table 1910 in the initial state. The record 1921 defines a communication path from the device AP instance 905 in the existing device apparatus 301 of Company A identified by the sender entity ID 1912 (xxx...x) to the device management AP instance 903 of Company A identified by the receiver entity ID 1913 (ddd...d) via the network switch AP instance identified by the network switch AP entity ID 1911 (aaa...a).

When the work shown in FIG. 14 is performed at the A company site 102, a record 1922 is added. The record 1922 defines a communication path from the device AP instance 905 in the new company A device apparatus 302 identified by the sender entity ID 1912 (yyy...y) to the device management AP instance 903 of company A identified by the receiver entity ID 1913 (ddd...d) via the network switch AP instance identified by the network switch AP entity ID 1911 (aaa...a). The addition of the record 1922 permits connection between the A company's device AP instance 905 and the A company's device management AP instance 903, as shown in FIG.

When the work shown in FIG. 15 is performed between the A company site 102 and the B company site 103, a record 1923 is added. The record 1923 defines a communication path from the device AP instance 905 in the user terminal 401 of the new company B identified by the sender entity ID 1912 (bbb...b) to the device AP instance 905 in the device apparatus 302 of the company AA identified by the receiver entity ID 1913 (yyy...y) via the network switch AP instance identified by the network switch AP entity ID 1911 (aaa...a). The addition of the record 1923 permits connection between the device AP instance 905 of company A and the user terminal 401 of company B, as shown in FIG.

Next, an example of a processing procedure by the AP program mentioned above will be explained. In the following processing by the AP program, since the AP program is executed by the processor, the execution subject of the AP program is the processor.

<Entity Integration Management Processing by Entity Integration Management AP Instance 909>
FIG. 20 is a flow chart showing an example of an entity integration management processing procedure by the entity integration management AP instance 909. As shown in FIG.

[Step S2001]
The entity integrated management AP instance 909 determines whether or not there is a background confirmation request. The integrated entity management AP instance 909 proceeds to step S2004 if there is a background confirmation request (step S2001: Yes), and proceeds to step S2002 if there is no background confirmation request (step S2001: No).

[Step S2002]
The entity integrated management AP instance 909 determines whether or not an approval response has been received, and if an approval response has been received (step S2002: Yes), the process proceeds to step S2008. If no approval response is received (step S2002: No), the process proceeds to step S2003.

[Step S2003]
The entity integrated management AP instance 909 determines whether or not a connection permission notification has been received. If the connection permission notice is received (step S2003: Yes), the process proceeds to step S2009. If no connection permission notification is received (step S2003: No), the process ends.

[Step S2004]
The entity integration management AP instance 909 receives the data including the entity ID 1611 to be identified, searches the inquiry mediation management table with the entity ID 1611, and proceeds to step S2005.

[Step S2005]
The entity integrated management AP instance 909 determines whether there is registration as a result of the search in step S2004. If there is registration (step S2005: Yes), step S2006 is executed. If there is no registration (step S2005: No), the process proceeds to step S2007.

[Step S2006]
The integrated entity management AP instance 909 mediates the identity confirmation to the entity management AP instance specified by the reference entity ID, and responds the mediation result to the originator of the identity confirmation inquiry. This ends the processing.

[Step S2007]
The entity integrated management AP instance 909 responds to the originator of the identity confirmation inquiry with no registration. This ends the processing.

[Step S2008]
The entity integration management AP instance 909 receives the approved entity ID 1611 and data including the approved entity ID 1611, and registers them in the inquiry mediation management table. In the case of notification without an intermediary, the integrated entity management AP instance 909 may register the intermediary with a blank or the same value as the notified entity ID. At this time, if already registered, the entity integrated management AP instance 909 updates the record. This ends the processing.

[Step S2009]
The entity integrated management AP instance 909 sends to the network management AP instance 908 a setting enabling communication between entity IDs permitted to connect. This ends the processing. The processing of the entity integrated management AP instance 909 has been described above.

<Entity Management Processing by Entity Management AP Instances 904 and 907>
FIG. 21 is a flow chart showing an example (first half) of entity management processing procedures by the entity management AP instances 904 and 907 .

[Step S2101]
Entity management AP instances 904 and 907 determine whether a subscription request has been received. If a subscription request has been received (step S2101: Yes), the process proceeds to step S2104. If no subscription request has been received (step S2101: No), the process proceeds to step S2102.

[Step S2102]
The entity management AP instances 904 and 907 determine whether or not the identity confirmation has been received. If the identity confirmation has been received (step S2102: Yes), the process proceeds to step S2105, and if the identity confirmation has not been received (step S2102: No), the process proceeds to step S2103.

[Step S2103]
Entity management AP instances 904 and 907 determine whether or not to apply for membership, and if application for membership is required (step S2103: Yes), the process proceeds to step S2106. However, a subscription application occurs when the entity management AP instances 904 and 907 themselves are newly added to the IoT system 1 .

[Step S2104]
Entity management AP instances 904 and 907 receive an input of approval or disapproval for the entity ID for which subscription is requested, and proceed to step S2107. This approval or disapproval may be input manually from the keyboard 203 of the server device 201 or the like, or may be prepared in advance by preparing approval-scheduled data and judging from that data.

[Step S2107]
The entity management AP instances 904 and 907 determine whether or not the result of step S2104 is approval. If approved (step S2107: Yes), the process proceeds to step S2109. If not approved (step S2107: No), the process proceeds to step S2108.

[Step S2109]
The entity management AP instance 904, 907 registers the entity ID requesting the subscription in the entity management table and responds "Approve" to the entity identified by the entity ID requesting the subscription. This ends the processing.

[Step S2108]
The entity management AP instance 904, 907 responds "not approved" to the entity identified by the entity ID requesting enrollment. This ends the processing.

[Step S2105]
The entity management AP instances 904 and 907 retrieve entity IDs to be identified from the entity management table. The entity management AP instances 904 and 907 respond to the inquirer as to whether or not the entity ID whose identity is to be confirmed obtained from the search result is registered. This ends the processing.

[Step S2106]
Entity management AP instances 904 and 907 acquire an address code from BCNAP instance 901, acquire the acquired address code as an entity ID, send a subscription request to itself, and receive an approval response. This ends the processing.

FIG. 22 is a flow chart showing an example (second half) of entity management processing procedures by the entity management AP instances 904 and 907 .

[Step S2201]
The entity management AP instances 904 and 907 determine whether or not a connection application has been received. If a connection application has been received (step S2101: Yes), the process proceeds to step S2202. If no connection application has been received (step S2101: No), the process ends.

[Step S2202]
The entity management AP instances 904 and 907 confirm the identity of the entity ID for which the connection request has been made to the entity integrated management AP instance 909, and the process proceeds to step S2203.

[Step S2203]
The entity management AP instances 904 and 907 determine whether or not the entity ID requested for connection is registered based on the identity confirmation result of step S2202. If the entity ID requested for connection is registered (step S2203: Yes), the process proceeds to step S2205. If the entity ID requested for connection is not registered (step S2203: No), the process proceeds to step S2204.

[Step S2205]
The entity management AP instances 904 and 907 receive an input as to whether connection permission is required from the operator or the like, and proceed to step S2206.

[Step S2206]
Entity management AP instances 904 and 907 determine whether connection permission is required. If connection permission is required (step S2206: Yes), the process proceeds to step S2207. If connection permission is not required (step S2206: No), the process ends.

[Step S2204]
Entity management AP instances 904 and 907 respond with disapproval and terminate processing. The processing of the entity management AP instances 904 and 907 has been described above.

<Entity Management Processing by Device Management AP Instance 903>
FIG. 23 is a flow chart showing an example of a device management processing procedure by the device management AP instance 903. As shown in FIG.

[Step S2301]
The device management AP instance 903 determines whether or not a connection application has been received. If a connection application has been received (step S2301: Yes), the process proceeds to step S2304. If no connection application has been received (step S2301: No), the process proceeds to step S2302.

[Step S2302]
The device management AP instance 903 determines whether or not a subscription application is required. If a subscription application is required (step S2302: Yes), the process proceeds to step S2310. If a subscription application is not required (step S2302: No), the process proceeds to step S2303. The determination as to whether or not a subscription application is necessary occurs when adding the device management AP instance 903 to the IoT system 1 .

[Step S2303]
The device management AP instance 903 determines whether or not data is received from the device apparatus 300. If data is received (step S2303: Yes), the process proceeds to step S2311, and if data is not received (step S2303: No), the process ends.

[Step S2304]
The device management AP instance 903 confirms the identity of the entity ID for which connection has been applied to the entity integrated management AP instance 909, and shifts to step S2305.

[Step S2305]
As a result of the identity confirmation in step S2304, the device management AP instance 903 proceeds to step S2307 if the entity ID requested for connection is registered (step S2305: Yes), and proceeds to step S2306 if the entity ID requested for connection is not registered (step S2305: No).

[Step S2307]
The device management AP instance 903 receives input as to whether or not connection permission is required, and proceeds to step S2308. This input of necessity of connection permission may be manually input, or list data of entity IDs for which connection permission is to be issued may be prepared in advance, and the device management AP instance 903 may make a determination based on the data.

[Step S2306]
The device management AP instance 903 responds with disapproval and shifts to step S2302.

[Step S2308]
The device management AP instance 903 determines whether connection permission is required. If connection permission is required (step S2308: Yes), the process proceeds to step S2309. If connection permission is not required (step S2308: No), the process proceeds to step S2302.

[Step S2309]
The device management AP instance 903 sends a connection permission notice to the request source and the entity integration management AP instance 909, and moves to step S2302.

[Step S2302]
The device management AP instance 903 determines whether or not a subscription application is required. If a subscription application is required (step S2302: Yes), the process proceeds to step S2310. If a subscription application is not required (step S2302: No), the process proceeds to step S2303. Step S2302 occurs when the device management AP instance 903 is added by the IoT system 1. FIG.

[Step S2310]
The device management AP instance 903 acquires the address code from the BCNAP instance 901, uses the acquired address code as the entity ID, transmits a join request to the entity management AP instances 904 and 907, receives approval responses from the entity management AP instances 904 and 907, and proceeds to step S2303.

[Step S2311]
The device management AP instance 903 registers the received data from the device apparatus 300 in the device data table 1802. FIG. This ends the processing. The processing of the device management AP instance 903 has been described above.

<Device Processing by Device AP Instance 905>
FIG. 24 is a flow chart showing an example of a device processing procedure by the device AP instance 905. As shown in FIG.

[Step S2401]
The device AP instance 905 determines whether or not a subscription application is required. If a subscription application is required (step S2401: Yes), the process proceeds to step S2403. If a subscription application is not required (step S2401: No), the process proceeds to step S2402.

[Step S2403]
The device AP instance 905 acquires the address code from the BCNAP instance 901, uses the acquired address code as the entity ID, transmits a join request to the entity management AP instances 904 and 907, receives approval responses from the entity management AP instances 904 and 907, and proceeds to step S2402.

[Step S2402]
The device AP instance 905 determines whether or not a connection application is required. If a connection application is required (step S2402: Yes), the process proceeds to step S2404. If a connection application is not required (step S2402: No), the process proceeds to step S2405. Whether or not a connection application is necessary may be decided by manual input, or a function such as a timer may be used to prepare a mechanism that requires it at regular intervals or at a fixed time.

[Step S2404]
The device AP instance 905 sends an application for connection with the device management AP instance 903 to the entity management AP instances 904 and 907, and proceeds to step S2405.

[Step S2405]
The device AP instance 905 determines whether or not connection permission and data transmission are necessary. If connection permission and data transmission are necessary (step S2405: Yes), the process proceeds to step S2406. Regarding the determination of necessity of connection permission and data transmission, in conjunction with step S2402, if there is data to be transmitted, the device AP instance 905 may determine that it is necessary.

[Step S2406]
The device AP instance 905 sends data to the device management AP instance 903 and ends the processing. The processing of the device AP instance 905 has been described above.

<Terminal processing by user terminal AP instance 906>
FIG. 25 is a flow chart showing an example of a terminal processing procedure by the user terminal AP instance 906. FIG.

[Step S2501]
The user terminal AP instance 906 determines whether or not a subscription application is required. If a subscription application is required (step S2501: Yes), the process proceeds to step S2503. If a subscription application is not required (step S2501: No), the process proceeds to step S2502.

[Step S2502]
The user terminal AP instance 906 determines whether or not it is a maintenance operation. If it is a maintenance operation (step S2502: Yes), the process proceeds to step S2504. If it is not a maintenance operation (step S2502: No), the process ends.

[Step S2503]
The user terminal AP instance 906 acquires an address code from the BCNAP instance 901, uses the acquired address code as an entity ID, transmits a join request to the entity management AP instances 904 and 907, receives approval responses from the entity management AP instances 904 and 907, and proceeds to step S2502. Note that when the address code is first acquired in step S2504, the user terminal AP instance 906 acquires the same address code.

[Step S2504]
The user terminal AP instance 906 acquires an address code from the BCNAP instance 901, inputs the acquired address code as an entity ID to the maintenance target device AP instance 905, applies for connection permission to the entity management AP instance 904 to which the device apparatus 300 belongs, and proceeds to step S2505. Note that when the address code is first acquired in step S2503, the user terminal AP instance 906 acquires the same address code.

[Step S2505]
The user terminal AP instance 906 determines whether or not the connection is permitted. If the connection is permitted (step S2505: Yes), the process proceeds to step S2506, and if the connection is not permitted (step S2505: No), the process ends.

[Step S2506]
The user terminal AP instance 906 operates the device and ends the process. The device may be operated directly by the operator other than via the user terminal AP instance 906 . The terminal processing of the user terminal AP instance 906 has been described above.

<Management Processing by Network Management AP Instance 908>
FIG. 26 is a flow chart showing an example of a management processing procedure by the network management AP instance 908. As shown in FIG.

[Step S2601]
The network management AP instance 908 determines whether or not a connection permission notification has been received. If a connection permission notification has been received (step S2601: Yes), the process proceeds to step S2602. If no connection permission notification has been received (step S2601: No), the process ends.

[Step S2602]
The network management AP instance 908 updates the access control management table and moves to step S2909.

[Step S2603]
The network management AP instance 908 distributes configuration information to network switch AP instances. This ends the processing. The processing of the network management AP instance 908 has been described above.

<Processing by network switch AP instance>
FIG. 27 is a flowchart illustrating an example of a processing procedure by a network switch AP instance;

[Step S2701]
The network switch AP instance determines whether or not setting information has been received. If setting information has been received (step S2701: Yes), the process proceeds to step S2702. If setting information has not been received (step S2701: No), the process proceeds to step S2703.

[Step S2702]
The network switch AP instance updates the connectability status, and moves to step S2703.

[Step S2703]
The network switch AP instance maintains a connectability state based on the setting information. This ends the processing. The above describes the processing of a network switch AP instance.
<Processing by BCNAP Instance 901>
FIG. 28 is a flow chart showing an example of a processing procedure by the BCNAP instance 901. As shown in FIG. The BCNAP instance 901 is an instance widely used in OSS (Open Source Software), and FIG. 28 explains only the processing related to this embodiment.

[Step S2801]
The BCNAP instance 901 determines whether or not it is the initial activation, and if it is the initial activation (step S2801: Yes), it proceeds to step S2805, and if it is not the initial activation (step S2801: No), it proceeds to step S2802.

[Step S2802]
The BCNAP instance 901 determines whether or not it is an address code inquiry, and if it is an inquiry (step S2802: Yes), it proceeds to step S2806, and if it is not an inquiry (step S2802: No), it proceeds to step S2803.

[Step S2803]
The BCNAP instance 901 determines whether or not there is a data transmission request, and if there is a data transmission request (step S2803: Yes), it proceeds to step S2807, and if there is no data transmission request (step S2803: No), it proceeds to step S2804.

[Step S2804]
The BCNAP instance 901 determines whether or not there is a data reception request, and if there is a data reception request (step S2804: Yes), the process proceeds to step S2808, and if there is no data reception request (step S2804: No), the process ends.

[Step S2805]
The BCNAP instance 901 generates and holds an address code that has never been duplicated, and proceeds to step S2802.

[Step S2806]
The BCNAP instance 901 returns the retained address code to the address code inquiry source, and proceeds to step S2803.

[Step S2807]
The BCNAP instance 901 transmits the data to the destination address and moves to step S2804.

[Step S2808]
BCNAP instance 901 acquires the received data. This ends the processing. The processing of the BCNAP instance 901 has been described above.

<Management Processing of Supply Chain Management AP Instance 910>
FIG. 29 is a flow chart showing an example of a management processing procedure of the supply chain management AP instance 910. As shown in FIG.

[Step S2901]
The supply chain management AP instance 910 determines whether or not it is the initial activation, and if it is the initial activation (step S2901: Yes), the process proceeds to step S2903. If it is not the initial activation (step S2901: No), the process moves to step S2902.

[Step S2902]
The supply chain management AP instance 910 determines whether or not a subscription request has been received, and if there is a subscription request (step S2902: Yes), proceeds to step S2904. If no subscription request is received (step S2902: No), the process ends.

[Step S2903]
The supply chain management AP instance 910 acquires the address code from the BCNAP instance 901, holds the acquired address code as its own entity ID, sends an approval response (ID notification) to the entity integrated management AP instance 909, and proceeds to step S2902.

[Step S2904]
The supply chain management AP instance 910 acquires the approval or rejection input in step S2903, and proceeds to step S2905. Input from the keyboard 203 may be used as a means for acquiring the input of approval or rejection, or a list of subjects to be approved is stored in the main storage device 209 in advance. A target list is a list of entity IDs. The supply chain management AP instance 910 may approve based on the target list. Specifically, for example, the supply chain management AP instance 910 approves if the entity ID (address code) included in the subscription request matches any entity ID in the target list.

[Step S2905]
If the supply chain management AP instance 910 determines approval (step S2904: Yes), the process proceeds to step S2906. If it is determined to be non-approval (step S2904: No), the process moves to step S2907.

[Step S2906]
The supply chain management AP instance 910 approves and responds to the sender of the subscription request and the entity integrated management AP instance 909, and ends the process.

[Step S2907]
The Supply Chain Management AP instance 910 responds with a denial to the originator of the subscription request. This ends the processing. The processing of the supply chain management AP instance 910 has been described above. The processing of each AP instance has now been described.

Thus, the IoT system 1 has devices 301 and 302 , a user terminal 401 , server devices 111 to 113 , and a network switch device 500 that connects them to provide mutual data communication and connection with the data communication network 107 .

In addition, the server device 111 has a BCNAP program that assigns unique address codes to some or all of the components of the IoT system 1, that is, all or all of the entities, via the network switch device 500 to provide mutual data communication, and an entity management database 1600 that holds records that use the address codes assigned by the BCNAP program as entity IDs and associate them with the meta information (inventory information) of the entities to which the address codes are assigned.

As a result, the product vendor allows each entity to participate in the blockchain network generated by the BCNAP instance 901, obtains a unique address code assigned on the blockchain network, adopts the address code as the identification ID of the entity, and manages the entity from the entity management AP instances 904 and 907 provided by Company A and Company B. Here, not only the devices 301 and 302 are treated as entities, but also instances on programs such as applications and services are uniformly treated as entities, thereby reducing resources.

Also, the IoT system 1 may build a blockchain network for each corporate group that requires communication and provide communication only between entities participating in the blockchain network. In this example, A company and B company built a blockchain network as one corporate group, but B company, C company, and D company may build another block chain network, for example.

In addition, the blockchain network issues a unique address code that is not duplicated with the approval of the administrator or management application for the participation application, and based on the unique address code, enables data communication between entities and service provision by the smart construct function (remote AP execution function).

The server device 111 also has an entity integration management AP instance 909 and an inquiry mediation management table 1710 . The server device 111 refers to the inquiry mediation management table 1710, identifies the reference entity ID of the IoT entity management application program holding the inventory information or meta information from the entity ID, and operates to obtain the inventory information or the meta information by inquiring the entity management AP instances 904 and 907 associated with the identified reference entity ID, thereby providing centralized management of the inventory information or the meta information.

The entity integration management AP instance 909 issues an inquiry to the entity management AP instance 904 of the company that holds the entity information via the smart construct function based on the entity ID of the entity for which the background check (meta information inquiry) is requested, acquires the entity's meta information, and returns it to the requester. As a result, when the entity integrated management AP instance 909 provides the IoT system 1 with one-stop unified management, there is no need to hold meta information of all the entities to be handled, and the resource usage of the IoT system 1 can be reduced.

As described above, in the unified management of a huge number of entities in the IoT system 1, it is possible to reduce the resources used. In communications between entities, it becomes possible to communicate using entity IDs as addresses, and it is possible to reduce the number of used IP addresses that are likely to run out.

It should be noted that the present invention is not limited to the embodiments described above, but includes various modifications and equivalent configurations within the scope of the appended claims. For example, the above-described embodiments have been described in detail in order to facilitate understanding of the present invention, and the present invention is not necessarily limited to those having all the described configurations. Also, part of the configuration of one embodiment may be replaced with the configuration of another embodiment. Moreover, the configuration of another embodiment may be added to the configuration of one embodiment. Moreover, other configurations may be added, deleted, or replaced with respect to a part of the configuration of each embodiment.

In addition, each configuration, function, processing unit, processing means, etc. described above may be implemented in hardware, for example, by designing a part or all of them using an integrated circuit, or may be implemented in software by a processor interpreting and executing an instance that implements each function.

Information such as instances, tables, and files that implement each function can be stored in a storage device such as a memory, hard disk, SSD (Solid State Drive), or in a recording medium such as an IC (Integrated Circuit) card, an SD card, or a DVD (Digital Versatile Disc).

Also, the control lines and information lines indicate those considered necessary for explanation, and do not necessarily indicate all the control lines and information lines necessary for mounting. In fact, it can be considered that almost all configurations are interconnected.

101 management site 102 company A site 103 company B site 107 data communication network 108 communication carrier network 111 to 113 server devices 301, 302 devices (devices to be managed)
401 User terminal 500 Network switch device 901 BCNAP instance (blockchain network realization function)
902 Network switch AP instance group (network switch control function)
903 Device management AP instance (device management function)
904, 907 Entity Management AP Instance (Entity Management Function)
905 Device AP instance (device control function)
906 User terminal AP instance (terminal control function)
908 Network Management AP Instance (Network Management Function)
909 entity integration management AP instance (entity integration management function)
910 Supply Chain Management AP Instance (Supply Chain Management Function)
1600 Entity management DB
1610 Entity management table 1611 Entity ID
1700 Inquiry mediation management DB
1710 Inquiry mediation management table 1711 Inquiry destination entity ID
1800 Business database
1801 Device table 1802 Device data table 1900 Access control management DB
1910 Access control management table

Claims (9)

A communication management method for managing communication between a group of entities that process data by a first device and a second device,
The first device has a first database that registers an entity ID that uniquely identifies the entity,
The second device has an entity management function that manages the entity, and a blockchain network implementation function that issues a unique address code in the blockchain network to implement the blockchain network,
the entity management function obtaining a first address code from the blockchain network implementation function;
the entity management function sending a first request to join the blockchain network including the first address code;
upon receiving a first response including the first address code and approving the first subscription request, the first device registers the first address code as the entity ID in the first database;
A communication management method characterized by: The communication management method according to claim 1,
the second device has a second database that associates information about the entity with the entity ID;
When the entity management function receives the first response, the entity management function registers the first address code as the entity ID in the second database in association with information related to the entity management function.
A communication management method characterized by: The communication management method according to claim 1,
the second device has a device management function for managing managed devices that are entities of the device;
the device management function obtaining a second address code from the blockchain network realization function;
the device management function sending a second request to join the blockchain network including the second address code to the entity management function;
said entity management function sending a second response to said first device including said first address code and said second address code and approving said second join request;
When the first device receives the second response, it associates the first address code and the second address code with the second address code as the entity ID and the first address code as the entity ID of the entity to which the device management function is referred, and registers the second address code in the first database.
A communication management method characterized by: The communication management method according to claim 3,
the second device has a second database that associates information about the entity with the entity ID;
The entity management function registers the second address code as the entity ID in the second database in association with information related to the device management function.
A communication management method characterized by: The communication management method according to claim 3,
The managed device has a device control function for controlling the managed device and the blockchain network realization function,
The device control function acquires a third address code from the blockchain network realization function possessed by the device control function,
the device control function sending a third request to join the blockchain network including the third address code to the entity management function;
said entity management function sending a third response to said first device including said first address code and said third address code and approving said third join request;
When the first device receives the third response, the third address code is set as the entity ID, the first address code is set as the entity ID of the entity to which the device control function is referred, and the first address code and the third address code are associated and registered in the first database.
A communication management method characterized by: A communication management method according to claim 5,
the second device has a second database that associates information about the entity with the entity ID;
The entity management function registers the third address code as the entity ID in the second database in association with information related to the device control function.
A communication management method characterized by: A communication management method according to claim 5,
the device management function sending a first connection application to the device control function including the second address code to the entity management function;
When the entity management function receives the first connection request, the entity management function transmits a first connection permission notification permitting connection to the device control function to the device management function and the first device;
the device control function sending a second connection application to the device management function including the third address code to the entity management function;
When the entity management function receives the second connection request, the entity management function transmits a second connection permission notification permitting connection to the device management function to the device control function and the first device,
When the first device receives the first connection permission notification and the second connection permission notification, the device management function and the device control function are communicatively connected and set.
A communication management method characterized by: A communication management method according to claim 7,
When the entity management function receives the first connection application, the entity management function transmits a first identity confirmation request including the second address code to the first device;
When the first device receives the first identity confirmation request, the first device refers to the first database to confirm whether the second address code exists, and if the second address code exists, transmits a first identity confirmation result indicating the existence of the second address code to the entity management function,
When the entity management function receives the first identity confirmation result, the first connection permission notification is sent to the device management function and the first device;
When the entity management function receives the second connection application, the entity management function transmits a second identity confirmation request including the third address code to the first device;
When the first device receives the second identity confirmation request, the first device refers to the first database to confirm the presence or absence of the third address code, and if the third address code exists, transmits a second identity confirmation result indicating the existence of the third address code to the entity management function,
When the entity management function receives the second identity confirmation result, the second connection permission notification is sent to the device control function and the first device.
A communication management method characterized by: A communication management system for managing communication between a group of entities that process data using a first device and a second device,
The first device has a first database that registers an entity ID that uniquely identifies an entity that is a data processing device or a data processing function realized by software,
The second device has an entity management function that manages the entity, and a blockchain network implementation function that issues a unique address code in the blockchain network to implement the blockchain network,
the entity management function obtaining a first address code from the blockchain network implementation function;
the entity management function sending a first request to join the blockchain network including the first address code;
upon receiving a first response including the first address code and approving the first subscription request, the first device registers the first address code as the entity ID in the first database;
A communication management system characterized by:

Images