JP2024008407A - Information processing apparatus, information processing system and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a simple mechanism by which a specific network service can be used from a convenience point of view while being isolated from a backbone network and a specific network terminal in a base from a security point of view.

SOLUTION: An electronic board is provided with: a radio AP unit that invalidates routing for determining a route for data transmission on a network and emits radio waves; information display means that displays radio connection information necessary for radio connection on a display unit; virtual ID generation means that generates a virtual ID associated with a service usage right of a previously granted IT service when an information processing terminal is connected to the radio AP unit based on the radio connection information; virtual ID portal display means that displays a virtual ID portal site equipped with a service proxy function for an IT service unique to each generated virtual ID on the information processing terminal; and service provision means that provides the service usage right associated with the virtual ID for the IT service selected via the displayed virtual ID portal site.

SELECTED DRAWING: Figure 4

COPYRIGHT: (C)2024,JPO&INPIT

Description

The present invention relates to an information processing device, an information processing system, and a program.

In recent years, a usage pattern called BYOD (Bring Your Own Device), in which personal portable information processing terminals such as personal computers (PCs) and smartphones are used in environments such as companies and universities, has become popular.

On the other hand, there are concerns about building an environment for BYOD use, such as expensive network infrastructure, security risks, and a lack of operational experts.

Patent Document 1 discloses a technology for authenticating a portable information processing terminal used in BYOD using two-step authentication.

However, according to the conventional technology, multiple IDs (Identifications) are required for authentication, which places a heavy burden on BYOD users.

The present invention has been made in view of the above, and is a simple method that allows specific network services to be used from the perspective of convenience while isolating them from the backbone network and specific network terminals within the base from the perspective of security. The purpose is to provide a mechanism.

In order to solve the above problems and achieve the objects, the present invention provides a display section, an information display means for displaying wireless connection information necessary for wireless connection on the display section, and a data transfer route on a network. When the information processing terminal connects to the wireless AP (Access Point) unit that emits wireless radio waves and the wireless AP unit based on the wireless connection information, the service usage right of the IT service granted in advance is set to invalid. A virtual ID generation means for generating a virtual ID linked to a virtual ID, and a virtual ID portal site having a service proxy function of a unique IT service for each virtual ID generated by the virtual ID generation means, is provided to the information processing terminal. and the right to use the service associated with the virtual ID for the IT service selected through the virtual ID portal site displayed by the virtual ID portal display means. A service providing means for providing the following.

According to the present invention, it is possible to provide a simple mechanism that allows specific network services to be used from the perspective of convenience while isolating them from the core network and specific network terminals within the base from the perspective of security. be effective.

FIG. 1 is a diagram showing the configuration of an information processing system according to an embodiment. FIG. 2 is a hardware configuration diagram of an information processing terminal for BYOD. FIG. 3 is a hardware configuration diagram of the electronic whiteboard. FIG. 4 is a functional block diagram showing the functions performed by the electronic whiteboard. FIG. 5 is a sequence diagram showing the flow of processing in the BYOD information processing terminal and electronic whiteboard. FIG. 6 is a diagram schematically showing the flow of processing. FIG. 7 is a diagram showing an example of a virtual ID portal site. FIG. 8 is a diagram showing an example of the use of an electronic blackboard.

Embodiments of an information processing device, an information processing system, and a program will be described in detail below with reference to the accompanying drawings.

FIG. 1 is a diagram showing the configuration of an information processing system 1 according to an embodiment. As shown in FIG. 1, the information processing system 1 has a configuration in which a first network 101 and a second network 102 are connected via a communication network 100.

The first network 101 is, for example, an intranet, and includes an information processing terminal 10 and a file server 11 as network resources. The information processing terminal 10 is an information processing device owned by a user, such as a smartphone, a tablet terminal, or a PC (Personal Computer). The file server 11 is a server whose main role is file management.

The second network 102 includes a printer 3, a file server 4, and an electronic whiteboard 2.

The electronic blackboard 2, which is an information processing device, is a large electronic paper with good visibility and is portable. The electronic whiteboard 2 is battery-powered and can be used outdoors. The electronic blackboard 2 has the same visibility as paper even under sunlight. The electronic blackboard 2 allows handwritten input using a special pen. The electronic blackboard 2 can store written contents as digital data inside/outside the device.

Further, the electronic whiteboard 2 connects a wireless LAN device such as an information processing terminal 5 for BYOD (Bring Your Own Device) to the second network 102 via Wi-Fi for data communication. It is equipped with a wireless AP (Access Point) function that disables the routing that determines the data transfer route. Thereby, the BYOD information processing terminal 5 can be directly connected to the electronic blackboard 2 via Wi-Fi. That is, a BYOD guest terminal network is formed between the electronic whiteboard 2 and the BYOD information processing terminal 5. The BYOD information processing terminal 5 is an information processing terminal owned by a user, such as a smartphone, a tablet terminal, or a notebook PC (Personal Computer). In this embodiment, the electronic whiteboard 2 is configured to guard against unauthorized access, but the BYOD information processing terminal 5 may be protected by a third means to prevent unauthorized access.

The electronic whiteboard 2 provides the BYOD information processing terminal 5 with a Web UI for using the network resources (printer 3, file server 4, electronic whiteboard 2, etc.). Since the electronic whiteboard 2 provides the Web UI, the BYOD information processing terminal 5 can use each network resource without installing a driver corresponding to each network resource.

For example, the electronic whiteboard 2 can upload/download electronic data to and from the BYOD information processing terminal 5 via the Web UI.

The BYOD information processing terminal 5 is an information processing terminal such as a smartphone, a tablet terminal, or a PC (Personal Computer) owned by the guest user. The BYOD information processing terminal 5 is equipped with a web browser capable of displaying the web UI provided by the electronic whiteboard 2. For example, the BYOD information processing terminal 5 outputs data to be printed by the printer 3 to the printer 3 via the Web UI.

Note that the information processing device constituting the information processing system 1 is not limited to the electronic whiteboard 2 described above, as long as it has a communication function. Information processing devices that constitute the information processing system 1 include, for example, a PJ (Projector), an IWB (Interactive White Board: a whiteboard with an electronic blackboard function that allows mutual communication), an output device such as a digital signage, and a HUD. (Head Up Display) equipment, industrial machinery, imaging devices, sound collection devices, medical equipment, network home appliances, automobiles (Connected Cars), notebook PCs (Personal Computers), mobile phones, smartphones, tablet terminals, game consoles, PDAs (Personal Computers), Digital Assistant), digital camera, wearable PC, desktop PC, etc.

Next, the hardware configuration of the information processing terminal 5 for BYOD will be explained.

FIG. 2 is a hardware configuration diagram of the information processing terminal 5 for BYOD. Here, an example in which a notebook PC is used as the information processing terminal 5 for BYOD will be described.

As shown in FIG. 2, the BYOD information processing terminal 5 is constructed by a computer. The information processing terminal 5 for BYOD includes a CPU (Central Processing Unit) 501, a ROM (Read Only Memory) 502, a RAM (Random Access Memory) 503, an HD (Hard Disk) 504, an HDD (Hard Disk Drive) controller 505, and a display. 506, an external device connection I/F (Interface) 508, a network I/F 509, a bus line 510, a keyboard 511, a pointing device 512, a DVD-RW (Digital Versatile Disc Rewritable) drive 514, and a media I/F 516.

Among these, the CPU 501 controls the entire operation of the BYOD information processing terminal 5. The ROM 502 stores programs used to drive the CPU 501 such as IPL. RAM 503 is used as a work area for CPU 501. The HD 504 stores various data such as programs. The HDD controller 505 controls reading and writing of various data to the HD 504 under the control of the CPU 501.

The display 506 displays various information such as a cursor, menu, window, characters, or images. External device connection I/F 508 is an interface for connecting various external devices. The external device in this case is, for example, a USB (Universal Serial Bus) memory, a printer, or the like. The network I/F 509 is an interface for data communication using the communication network 100. The bus line 510 is an address bus, a data bus, etc. for electrically connecting each component such as the CPU 501 shown in FIG. 2.

Further, the keyboard 511 is a type of input means that includes a plurality of keys for inputting characters, numerical values, various instructions, and the like. The pointing device 512 is a type of input means for selecting and executing various instructions, selecting a processing target, moving a cursor, and the like. The DVD-RW drive 514 controls reading and writing of various data on a DVD-RW 513, which is an example of a removable recording medium. Note that it is not limited to DVD-RW, but may be DVD-R or the like. The media I/F 516 controls reading or writing (storage) of data to a recording medium 515 such as a flash memory.

Next, the hardware configuration of the electronic whiteboard 2 will be explained.

FIG. 3 is a hardware configuration diagram of the electronic whiteboard 2. As shown in FIG. As shown in FIG. 3, the electronic whiteboard 2 includes a CPU (Central Processing Unit) 201, a ROM (Read Only Memory) 202, a RAM (Random Access Memory) 203, an SSD (Solid State Drive) 204, a network I/O F205, an external device connection I/F (Interface) 206, and a wireless AP (Access Point) unit 207.

Among these, the CPU 201 controls the entire operation of the electronic whiteboard 2 . The ROM 202 stores programs used to drive the CPU 201, such as the CPU 201 and an IPL (Initial Program Loader). RAM 203 is used as a work area for CPU 201. The SSD 204 stores various data such as programs for the electronic whiteboard 2.

Network I/F 205 controls communication with communication network 100. External device connection I/F 206 is an interface for connecting various external devices. The external devices in this case are, for example, a USB (Universal Serial Bus) memory 230 and external devices (microphone 240, speaker 250, camera 260).

The wireless AP unit 207 connects a wireless LAN device such as the BYOD information processing terminal 5 to the second network 102 for data communication. More specifically, the wireless AP unit 207 separates networks using NAPT (Network Address Port Translation), which is a network address translation technology for sharing one global IP address among multiple terminals. The wireless AP unit 207 serves as a proxy for only authorized IT services (for example, HTTP Proxy, FTP Proxy, print server, etc.).

The electronic whiteboard 2 also includes a capture device 211, a GPU 212, a display controller 213, a contact sensor 214, a sensor controller 215, an electronic pen controller 216, a short-range communication circuit 219, an antenna 219a of the short-range communication circuit 219, a power switch 222, and Selection switches 223 are provided.

Among these, the capture device 211 causes the display 506 of the BYOD information processing terminal 5 to display video information as a still image or a moving image. A GPU (Graphics Processing Unit) 212 is a semiconductor chip that specializes in graphics. The display controller 213 controls and manages screen display in order to output the output image from the GPU 212 to a display unit such as a display 280.

The contact sensor 214 detects when the electronic pen 290, the user's hand H, or the like comes into contact with the display 280. Sensor controller 215 controls processing of contact sensor 214. The contact sensor 214 performs coordinate input and coordinate detection using an electromagnetic induction method that detects electromagnetic induction generated when a contact object contacts the display 280 and specifies the contact position. The contact sensor 214 outputs information that the object has touched the display 280 to the sensor controller 215, and the sensor controller 215 identifies the coordinate position that is the contact position of the object. The electronic pen controller 216 communicates with the electronic pen 290 to determine whether or not the display 280 is touched with the tip of the pen or the end of the pen.

The near field communication circuit 219 is a communication circuit such as NFC (Near Field Communication) or Bluetooth (registered trademark). The power switch 222 is a switch for switching the power of the electronic whiteboard 2 ON/OFF. The selection switches 223 are, for example, a group of switches for adjusting the brightness, shade, etc. of the display on the display 280.

Further, the electronic whiteboard 2 includes a bus line 210. The bus line 210 is an address bus, a data bus, etc. for electrically connecting each component such as the CPU 201 shown in FIG. 3.

Note that the contact sensor 214 is not limited to an electromagnetic induction type touch panel, and may also be an infrared cut-off type touch panel that identifies the contact position by emitting multiple infrared rays and detects the infrared rays blocked by an object, or a touch panel that detects changes in capacitance. Various detection means may be used, such as a capacitive type touch panel that specifies the touch position by detecting the contact position, or a resistive film type touch panel that specifies the touch position based on voltage changes of two opposing resistive films. Furthermore, the electronic pen controller 216 may determine whether or not a portion of the electronic pen 290 that the user grasps or other portions of the electronic pen is touched, in addition to the pen tip and pen tail of the electronic pen 290.

Next, the characteristic functions of the CPU 201 of the electronic whiteboard 2 that operate according to the program will be explained.

Here, FIG. 4 is a functional block diagram showing the functions exhibited by the electronic whiteboard 2. As shown in FIG. 4, the electronic blackboard 2 includes an information display means 21, a virtual ID generation means 22, a virtual ID portal display means 23, and a service provision means 24.

The information display means 21 displays wireless connection information (SSID, passcode (Key)) necessary for wireless connection on the display 280 of the electronic blackboard 2.

When the BYOD information processing terminal 5 connects to the wireless AP section 207 based on the wireless connection information, the virtual ID generation means 22 generates a virtual ID that is linked to the service usage right of the IT service granted in advance.

The virtual ID (access token) is an ID that is associated with the right to use the IT service of the second network 102 that has been assigned to the electronic whiteboard 2 in advance. Conventionally, a guest user ID prepared in advance is lent to a user, but the electronic whiteboard 2 of this embodiment automatically generates a virtual ID based on some information.

The virtual ID generation means 22 uses a unique value (such as MAC ADDRES) of the BYOD information processing terminal 5 to generate the virtual ID. In this way, by hashing the unique information of the BYOD information processing terminal 5, the same virtual ID can be continuously generated, and IT services (for example, storage areas) can also be continuously reused.

The virtual ID generation means 22 can classify the virtual ID in units of users of the BYOD information processing terminal 5. By doing so, it is possible to differentiate the IT services provided for each user of the BYOD information processing terminal 5.

The virtual ID generation means 22 can classify the virtual ID in units of devices of the electronic whiteboard 2. By doing so, users of a plurality of BYOD information processing terminals 5 can use a shared network service.

The virtual ID generation means 22 can group the plurality of electronic whiteboards 2 into one virtual ID classification. In this way, a plurality of electronic blackboards 2 can be arranged at one location and used for the same purpose (lectures, etc.), thereby making it possible to utilize them for group work.

The virtual ID generation means 22 can make the classification of the virtual ID unique in units of time. By doing this, the expiration date of the virtual ID can be divided into time periods such as 1 hour, 24 hours, etc., and the quality of service can be differentiated depending on the rental office or the like.

The virtual ID generation means 22 can make the virtual ID classification unique for each location. By linking the virtual ID with the location information and making it unique in this way, the virtual ID when the electronic blackboard 2 is brought into conference room A is: ○○, and the virtual ID when the electronic blackboard 2 is brought into conference room B is :Can be set as XX.

The virtual ID generation means 22 can classify virtual IDs into conference units by combining time and location. By doing this, the quality of service can be changed on a conference-by-conference basis.

The virtual ID portal display means 23 displays on the BYOD information processing terminal 5 a virtual ID portal site having a service proxy function of a unique IT service for each virtual ID generated by the virtual ID generation means 22. The virtual ID portal display means 23 automatically redirects to the virtual ID portal site when wirelessly connected to the BYOD information processing terminal 5.

The virtual ID portal display means 23 generates a two-dimensional code including the URL of the virtual ID portal site and displays it on the display 280 of the electronic blackboard 2 when connected wirelessly to the BYOD information processing terminal 5. You may also do so.

The service providing means 24 provides service usage rights associated with the virtual ID for the IT service selected via the virtual ID portal site displayed by the virtual ID portal display means 63. For example, when setting storage for an available IT service, the service providing means 24 provides a dedicated isolated area on the storage for each electronic whiteboard 2 or for each virtual ID.

The service providing means 24 releases the resources of the IT service to which the right to use the service has been provided after a certain period of time has elapsed. For example, by releasing resources on the file server 4 after temporary use after a certain period of time, data can be retained for a certain period of time.

The service providing means 24 deletes the resource release of the IT service that has provided the service usage right in synchronization with the deletion of the virtual ID.

Next, the flow of processing in the BYOD information processing terminal 5 and the electronic blackboard 2 will be described.

Here, FIG. 5 is a sequence diagram showing the flow of processing in the BYOD information processing terminal 5 and electronic whiteboard 2, and FIG. 6 is a diagram schematically showing the flow of processing.

As shown in FIG. 5, the electronic whiteboard 2 first displays the SSID and passcode (Key) required for wireless connection on the display 280 (step S1).

Regarding the safe distribution of SSIDs and passcodes (keys), which has traditionally been an issue in BYOD operations, a device such as the electronic whiteboard 2 that has the function of displaying the SSIDs and passcodes (keys) is optimal. A device equipped with a wireless AP function having such a display device can display the SSID and passcode (Key) in an easy-to-understand manner, and can change the passcode (Key) periodically. Therefore, the operational security issue of continuing to use the same passcode (Key) can be addressed without requiring any human intervention.

The BYOD information processing terminal 5 connects to Wi-Fi using the SSID and passcode (key) displayed on the electronic whiteboard 2 (step S2).

The electronic whiteboard 2 automatically generates a virtual ID (hash) (step S3), and displays a virtual ID portal site on the BYOD information processing terminal 5 via the Web UI (step S4).

Here, FIG. 7 is a diagram showing an example of the virtual ID portal site 50. As shown in FIG. 7, the virtual ID portal site 50 includes an automatically generated virtual ID 51 and a virtual ID service link 52 associated with the virtual ID.

When any of the service links 52 on the virtual ID portal site 50 is clicked, the BYOD information processing terminal 5 transmits the clicked service link 52 on the virtual ID portal site 50 to the electronic blackboard 2. (Step S5). In the following, it is assumed that a service link 52 called "upload" is clicked.

The electronic whiteboard 2 creates a virtual ID isolation area on the file server 4 (step S6), and provides a network service (operates like an http proxy or ftp proxy) within the isolation area (step S7). That is, as shown in FIG. 6, the electronic whiteboard 2 prohibits direct access to the IT services of the second network 102, and only uses a proxy (proxy) for only the permitted IT services of the second network 102, which are unique to each virtual ID. ) (e.g., HTTP Proxy, FTP Proxy, print server, etc.). Further, as shown in FIG. 6, the electronic whiteboard 2 inhibits BYOD access to the first network 101 by prohibiting routing, and does not serve as a proxy for IT services.

The BYOD information processing terminal 5 uses HTTP, FTP, printing, etc. (step S8).

The electronic whiteboard 2 discards the virtual ID after detecting the service usage termination conditions (elapsed time, etc.) (step S9). Note that it is desirable to be able to select whether or not to discard a storage area or the like.

Next, BYOD in which the electronic whiteboard 2 of this embodiment is utilized in a university laboratory will be described. FIG. 8 is a diagram showing an example of how the electronic whiteboard 2 is used.

At universities, PCs are used in daily learning activities such as creating reports and presentation materials, preparing for and reviewing lessons using learning support systems, and studying using e-learning. In addition, PCs and smartphones are used for searching for courses based on the syllabus, registering for courses, announcing grades, submitting reports, job hunting, etc., and BYOD allows students to use computers anytime and anywhere, not just in the computer classroom. . On the other hand, there are concerns about building an environment for BYOD use, such as expensive network infrastructure, security risks, and a lack of operational experts.

To solve this problem, instead of using a highly functional and expensive network system, the electronic whiteboard 2 of this embodiment is used to target a limited range of one location within the campus (classroom, laboratory, library, etc.). One solution is to select an inexpensive network system that supports only the necessary and sufficient functions.

First, a plurality of research students hold a discussion using the electronic blackboard 2 as a whiteboard. In this case, it is possible that the research student is visiting the university for reasons such as joint research, but is affiliated with an organization outside the university (another university or company). These users basically do not have access rights to the campus network.

During a discussion, a researcher may want to distribute electronic data (for example, a presentation file or a spreadsheet file) held in a BYOD information processing terminal 5, such as a personal computer or a smartphone, to discussion members. At this time, the conventional electronic blackboard 2 can only upload/download PDFs, and cannot be shared because it cannot access the campus network. It is possible to exchange files via USB memory or cloud services, but there are issues such as security and the hassle of advance preparation.

From a security perspective, it is not desirable to allow an unspecified number of BYOD information processing terminals 5 to freely access the campus network. Therefore, a mechanism is desired that allows a specific second network 102 to be used from the viewpoint of convenience while isolating it from the first network 101 from the viewpoint of security.

Therefore, in the electronic whiteboard 2 of this embodiment, the service is provided in the following flow in sharing the electronic data described above.

The electronic whiteboard 2 displays the SSID and passcode (Key) on the display 280 to provide the user with access to the wireless AP.

The user inputs the SSID and passcode (key) into the BYOD information processing terminal 5 and connects to the wireless AP section 207 of the electronic whiteboard 2 via Wi-Fi.

The electronic whiteboard 2 generates a virtual ID and a temporary user-dedicated Web UI including the virtual ID.

The electronic blackboard 2 provides a user-dedicated Web UI (a virtual ID portal site with a service proxy function for IT services specific to each virtual ID) to the BYOD information processing terminal 5 of the user who has connected to the wireless AP section 207. I will provide a.

The user selects a service link on the user-dedicated Web UI displayed on the BYOD information processing terminal 5.

The electronic whiteboard 2 creates an isolated area for a virtual ID on the file server 4 as a designated IT service (storage in this case).

The electronic whiteboard 2 provides a URL for accessing the file server 4 to the BYOD information processing terminal 5 of the user, and starts operating as a service proxy (HTTP Proxy or FTP Proxy) for the file server 4.

The user uploads/downloads files to the isolated area on the file server 4 to use the IT service.

The electronic whiteboard 2 discards the virtual ID according to the usage termination conditions. Note that it is desirable to be able to select whether or not to discard a storage area or the like.

As described above, the electronic whiteboard 2 provides a URL for accessing the file server 4 through the Web UI, and operates as an HTTP Proxy. By preparing a secure isolated storage area allocated to the electronic whiteboard 2 in the file server 4, even researchers who do not have access rights to the second network 102, which is a campus network, can use the file server 4.

At that time, the research student uses the file server 4 not with a user-specific account but with an account for the electronic blackboard 2 device. In other words, the key is to use a shared account rather than an individual account. This makes it possible to easily share files via the electronic whiteboard 2 while controlling access on the file server 4.

This configuration is the same in the print scenario as well. By registering an account for the electronic blackboard 2 device on the printer 3, the research student can use the printing service with the electronic blackboard 2 account.

Note that it is desirable that the storage area secured when the file server 4 is used be released under certain conditions, rather than being released immediately (file deletion). This can be expected to improve convenience.

Further, the virtual ID may be provided for each user, or may be generated to be shared by multiple people. Furthermore, the ID may be common to a plurality of electronic whiteboards 2.

In this way, according to the present embodiment, the network services of a specific second network 102 are isolated from the first network 101, which is the backbone network, and specific network terminals within the base from the perspective of security, while the network services of the specific second network 102 are isolated from the perspective of convenience. It becomes possible to provide a simple mechanism for making it available.

More specifically, in this embodiment, the right to use the service is granted to the electronic whiteboard 2 in advance, a virtual ID linked to the right to use the service is generated, and the virtual ID is lent to the BYOD user along with the entry point of the IT service. . As a result, BYOD users can use the automatically generated virtual ID without personal authentication to temporarily replace the authority granted to the electronic whiteboard 2 for the user's individual IT services to the extent permitted by security. It becomes possible to use it. That is, in this embodiment, a unique IT service environment is virtually provided for each virtual ID. As a result, various IT services are actually used based on access rights granted to the electronic whiteboard 2, rather than user authentication. Therefore, the burden on the BYOD user is reduced because the user does not need to be aware of the temporary ID.

The program executed on the electronic whiteboard 2 of this embodiment is an installable or executable file that can be stored on a CD-ROM, flexible disk (FD), CD-R, DVD (Digital Versatile Disc), etc. Provided recorded on a computer-readable recording medium.

Further, the program executed by the electronic whiteboard 2 of this embodiment may be stored on a computer connected to a network such as the Internet, and may be provided by being downloaded via the network. Further, the program executed on the electronic whiteboard 2 of this embodiment may be provided or distributed via a network such as the Internet.

Further, the program to be executed on the electronic whiteboard 2 of this embodiment may be configured to be provided by being incorporated in a ROM or the like in advance.

Each function of the embodiments described above can be realized by one or more processing circuits. Here, the term "processing circuit" as used herein refers to a processor programmed to execute each function by software, such as a processor implemented by an electronic circuit, or a processor designed to execute each function explained above. It includes devices such as ASIC (Application Specific Integrated Circuit), DSP (Digital Signal Processor), FPGA (Field Programmable Gate Array), and conventional circuit modules.

1 Information processing system 2 Information processing device 5 Information processing terminal 21 Information display means 22 Virtual ID generation means 23 Virtual ID portal display means 24 Service provision means 207 Wireless AP section 280 Display section

Patent No. 6424820

Claims (15)

A display section;
information display means for displaying wireless connection information necessary for wireless connection on the display section;
A wireless AP (Access Point) unit that disables the routing that determines the data transfer route on the network and emits wireless radio waves;
a virtual ID generation unit that generates a virtual ID associated with a service usage right of an IT service granted in advance when the information processing terminal connects to the wireless AP unit based on the wireless connection information;
virtual ID portal display means for displaying, on the information processing terminal, a virtual ID portal site having a service proxy function of a unique IT service for each virtual ID generated by the virtual ID generation means;
a service providing means for providing the service usage rights associated with the virtual ID for an IT service selected via the virtual ID portal site displayed by the virtual ID portal display means;
An information processing device comprising: The virtual ID portal display means automatically redirects to the virtual ID portal site when wirelessly connected to the information processing terminal.
The information processing device according to claim 1, characterized in that: The virtual ID portal display means generates a two-dimensional code including a URL of the virtual ID portal site and displays it on the display unit when wirelessly connected to the information processing terminal.
The information processing device according to claim 1, characterized in that: The service providing means, when setting storage for the available IT service, provides a dedicated isolated area on the storage for each information processing device or for each virtual ID;
The information processing device according to claim 1, characterized in that: The virtual ID generation means uses a unique value of the information processing terminal to generate the virtual ID.
The information processing device according to claim 1, characterized in that: The virtual ID generation means classifies the virtual ID in units of users of the information processing terminal.
The information processing device according to claim 1, characterized in that: The virtual ID generation means classifies the virtual ID in units of devices of the information processing apparatus.
The information processing device according to claim 1, characterized in that: The virtual ID generation unit groups the virtual ID into one group for a plurality of information processing devices.
The information processing device according to claim 1, characterized in that: The virtual ID generation means makes the classification of the virtual ID unique in units of time.
The information processing device according to claim 1, characterized in that: The virtual ID generation means makes the classification of the virtual ID unique for each location.
The information processing device according to claim 1, characterized in that: The virtual ID generation means divides the virtual ID into conference units by combining time and location.
The information processing device according to claim 1, characterized in that: The service providing means releases the resources of the IT service to which the service usage right has been provided after a certain period of time has elapsed;
The information processing device according to claim 1, characterized in that: The service providing means deletes the resource release of the IT service that provided the service usage right in synchronization with the deletion of the virtual ID.
The information processing device according to claim 1, characterized in that: An information processing device according to any one of claims 1 to 13,
at least one information processing terminal;
An information processing system comprising: A computer that controls an information processing device that includes a display unit and a wireless AP (Access Point) unit that disables routing that determines a data transfer route on the network and emits wireless radio waves.
information display means for displaying wireless connection information necessary for wireless connection on the display section;
a virtual ID generation unit that generates a virtual ID associated with a service usage right of an IT service granted in advance when the information processing terminal connects to the wireless AP unit based on the wireless connection information;
virtual ID portal display means for displaying, on the information processing terminal, a virtual ID portal site having a service proxy function of a unique IT service for each virtual ID generated by the virtual ID generation means;
a service providing means for providing the service usage rights associated with the virtual ID for an IT service selected via the virtual ID portal site displayed by the virtual ID portal display means;
A program to function as

Images