JP4579592B2 - Information providing service system and method - Google Patents

Description

  The present invention relates to a network communication technique, and more particularly to an information providing technique for providing information on a user and its user position via a communication network.

  Currently, in a mobile communication system represented by a mobile phone system, a position related to the position of a user terminal such as a mobile phone, a PDA (Personal Digital Assistant), or a personal computer carried by the user in response to an access from the user. An information providing service system that provides related information has been introduced (for example, see Non-Patent Document 1).

  This is based on position information derived from access point identification information such as a base station to which the user terminal is connected and position information generated by a position information acquisition function such as GPS (Global Positioning System) possessed by the user terminal. Information related to the position, for example, location information such as store information of the area where the user terminal is located, movie screening information, map information, traffic information, weather information, etc. is provided from the information providing service system to the user terminal. It has become.

The applicant has not yet found prior art documents related to the present invention by the time of filing other than the prior art documents specified by the prior art document information described in this specification.
"Open i Area" Manual, Version 3.0, NTT DoCoMo, Inc., March 29, 2004, http://www.nttdocomo.co.jp/p_s/imode/

In such an information providing service system, as a more advanced service, a service that provides location-related information according to the user's preference and hobby, and also a high-value that differentiates the member user from other users. There is a need for services that can provide location-related information.
Therefore, in such a service system, it is necessary to select and provide the optimum position related information based on the user identification information and the position information of the user notified from the user terminal.

  At this time, a configuration using device information unique to the user terminal as identification information is also conceivable. However, when the user terminal is used by a third party, the location-related information unique to the user is surely leaked. It is necessary to use user identification information unique to the user, and security for this user identification information is required. In particular, when pay information is provided as position related information, higher security is required.

However, since the conventional information providing service system provides only general position-related information that does not require confidentiality with respect to arbitrary position information, the position information for specifying the provided information and further the position-related information provided There has been a problem that protection of information is not considered so much and security for information management is low.
In addition, it is conceivable to use an advanced encryption communication method in order to prevent leakage of user identification information notified from the user terminal. However, in order to implement such an encryption communication method, complicated arithmetic processing and signal processing are required. Therefore, the scale and facility cost of the user terminal and the entire system increase.

  The present invention has been made to solve such problems, and an object thereof is to provide an information providing service system and method capable of providing location-related information unique to each user while ensuring high security.

In order to achieve such an object, an information providing service system according to the present invention is connected to a user terminal via a communication network, and the user related to the position of the user terminal in response to a request from the user terminal. In an information providing service system that provides unique location-related information to the user terminal, an authentication system that performs user authentication based on the user's personal identification information , conversion identification information unique to the user identification information of the user, and location information of the user A location-related information database for managing location-related information to be provided to the user terminal in association with specific conversion location information, and the user identification information and location information of the user in response to an information provision request from the user terminal information Hisage providing have a user-specific location-related information from the location-related information database An information management system comprising a server, in response to the login request for requesting a connection to the information providing service system from a user terminal, the user at the authentication system based on the personal identification information of the user included in the login request Authentication is performed, a session ID unique to the login is generated according to the authentication success, the session ID is notified to the user terminal, and the session ID, the user identification information and the position of the user are transmitted to the information management system And a gateway for notifying a service start instruction including information, and the information providing server receives the user identification information, the position information, and the session ID included in the service start instruction in response to the service start instruction from the gateway. Unique conversion user identification information, conversion position information, and After conversion into the conversion session ID, the information generation request including the conversion user identification information, the conversion position information, and the conversion session ID is notified to the position related information database, and the position related information database receives the information generation request from the information providing server. Accordingly, the conversion user identification information and the position related information related to the conversion position information included in the information generation request are stored in association with the conversion session ID included in the information generation request, and information is provided. In response to the information provision request from the user terminal including the session ID notified by the service start instruction from the gateway, the server converts the session ID of the information provision request into the conversion session ID, and then includes the position including the conversion session ID. A related information request is notified to the position related information database, and the position related information data In response to the location related information request from the information providing server, the database acquires the location related information stored in association with the conversion session ID included in the location related information request and notifies the information providing server of the location related information. It is what I did.

  At this time, the session ID is calculated by combining at least the identification information of the gateway or the accommodation position information indicating the accommodation position where the user terminal is accommodated in the gateway and the date and time information at the time of the login process. Thus, a session ID may be generated.

  As for the user identification information, a part or all of the user password information may be used as user identification information at the gateway.

  For user-specific location related information, in the information management system, prior to the information provision request from the user terminal, the user-specific location related to the user identification information and location information included in the service start instruction notified from the gateway Related information may be generated and stored.

  As for the user location information, the gateway notifies the information management system of the location information of the gateway as the user location information or the location information indicating the location where the user terminal is accommodated in the gateway by the service start instruction. Then, the information management system may generate the user location information based on the gateway identification information or the accommodation location information included in the service start instruction from the gateway.

  At this time, as a service start instruction at the gateway, the IETF RFC2866 charging start message is used to notify the information management system of the gateway identification information or accommodation location information, session ID, and user identification information. Good.

  In addition, it further includes a service management server that manages whether to provide a service that provides location-related information to the user terminal for each user terminal, and notifies the authentication system of the generated session ID at the gateway. In response to the notification of the session ID from the gateway, the service management server is notified of the service provision request including the session ID, and after confirming the service provision start from the service management server according to this, the information provision request is managed. Notification to the system, the service management server confirms the validity of the session ID included in the service provision request by the authentication system in response to the service provision request from the user terminal, and services to the user terminal in accordance with the validity confirmation The start of provision may be notified.

  At this time, when the service management server notifies the start of service provision, the service management server notifies the start of service provision by generating a web page and transmitting it to the user terminal. A connection destination address, a session ID, and an operation button for transmission may be included.

  In addition, in response to a service provision start notification from the service management server, the user terminal automatically transmits an information provision request to the information provision server using the connection destination address and session ID of the information management system included in the notification. It may be.

  In addition, the information management system manages the set of the IP address and MAC address of the user terminal included in the service start instruction from the gateway instead of the session ID in association with the position-related information unique to the user, In response to the information provision request, the user terminal may be provided with location-related information associated with the set of the IP address and MAC address of the user terminal included in the information provision request.

  In the information management system, the user identification information and the location information included in the service start instruction notified from the gateway are stored in association with the session ID, and in response to the information provision request from the user terminal, You may make it produce | generate the positional relevant information specific to the said user relevant to the user identification information and positional information which were stored matched with the session ID contained.

  In addition, when a login request is made at the user terminal, user identification information including arbitrary realm information as user password information is notified to the gateway, and the gateway positions one of a plurality of information management systems based on the realm information. You may make it select as a provider of related information.

  Alternatively, when a login request is made at the user terminal, user identification information including arbitrary realm information as the user's personal identification information is notified to the gateway, and the location-related information is added according to the realm information added to the user identification information at the gateway. Connection to an information management system as an information provider may be restricted.

  Alternatively, at the time of login request at the user terminal, user identification information including arbitrary realm information as user password information is notified to the gateway, and the information management system adds the realm added to the user identification information notified from the gateway. Depending on the information, it may be determined whether or not position-related information needs to be provided.

  Alternatively, at the time of login request at the user terminal, user identification information including arbitrary realm information as user password information is notified to the gateway, and the information management system adds the realm added to the user identification information notified from the gateway. Depending on the information, a type of position related information to be provided to the user terminal may be selected, and the position related information corresponding to the type may be provided.

  Alternatively, at the time of login request at the user terminal, user identification information including arbitrary realm information as user password information is notified to the gateway, and the information management system adds the realm added to the user identification information notified from the gateway. Depending on the information, the position information of the user may be changed, and position related information corresponding to the changed position information may be provided.

  Alternatively, at the time of login request at the user terminal, user identification information including arbitrary realm information as user password information is notified to the gateway, and the information management system adds the realm added to the user identification information notified from the gateway. Depending on the information, the user identification information may be changed to general-purpose user identification information registered in advance, and position-related information corresponding to the changed user identification information may be provided.

An information providing service method according to the present invention includes an authentication system, an information management system, and a gateway, and is an information providing service system connected to a user terminal via a communication network in response to a request from the user terminal. An information providing service method for providing position-related information unique to the user related to the position of the user terminal to the user terminal, and conversion identification specific to the user identification information of the user by a position-related information database of the information management system and position-related information management step of managing location related information to be provided to the user terminal the information and the position information of the user in association with the specific transformation location information, the gateway connection to the information providing service system from a user terminal In response to a login request, included in the login request An authentication step for performing user authentication in the authentication system based on the personal identification information of the user, a session ID generation step for generating a session ID unique to the login in response to successful authentication of the user authentication by the gateway, and a user by the gateway A session ID notification step for notifying the terminal of the session ID and a service start instruction including the session ID and the user identification information and location information of the user , and a gateway by the information providing server of the information management system In response to the service start instruction from, the user identification information, the position information, and the session ID included in the service start instruction are converted into unique conversion user identification information, conversion position information, and conversion session ID, respectively. Conversion The information generation request including the identification information, the conversion position information, and the conversion session ID to the position related information database, and the information generation request according to the information generation request from the information providing server by the position related information database. Storing the converted user identification information and the position related information related to the converted position information included in the information in association with the conversion session ID included in the information generation request, and the service from the gateway by the information providing server In response to the information provision request from the user terminal including the session ID notified by the start instruction, after converting the session ID of the information provision request into the conversion session ID, the position related information request including the conversion session ID is The step of notifying the information database and the position-related information data Based on the location-related information request from the information providing server, the location-related information stored in association with the conversion session ID included in the location-related information request is acquired and notified to the information providing server. And an information position related information providing step of providing the user terminal with the position related information notified from the position related information database by the information providing server .

  According to the present invention, each time a user logs in to the information providing service system, a unique session ID is generated in the system and notified to the user terminal and managed by the system. The session ID from the user terminal is In response to the information provision request, the validity of the information provision request is confirmed based on the session ID, and the position related information specific to the user related to the position of the user is provided in accordance with the confirmation of the validity. Therefore, even when the user identification information is leaked as in the conventional case, the location-related information unique to the user is not leaked to a third party unless a valid session ID is used.

Moreover, since the session ID is generated as information unique to the login only after the login authentication based on the user's personal identification information is obtained, it is extremely difficult for a third party to forge the session ID.
When acquiring location-related information, the information management system uses the information providing server to notify the location-related information database of various types of secret information, for example, user identification information of a user used to generate desired location-related information, Since the position information and further the session ID are converted and notified, the desired position related information can be obtained without notifying the user's confidential information as it is to the position related information database.
Therefore, compared to conventional systems that provide only general location-related information that does not require confidentiality for arbitrary location information, location-specific information unique to each user is provided while ensuring high security. it can.

Next, embodiments of the present invention will be described with reference to the drawings.
[First Embodiment]
First, an information providing service system according to a first embodiment of the present invention will be described with reference to FIG. FIG. 1 is a block diagram showing a logical model of the information providing service system according to the first embodiment of the present invention.

  The information providing service system is a system that provides position related information unique to a user related to the position of the user to a user terminal connected via a communication network. The user terminal 1, the gateway 2, An authentication system 3 and an information management system 4 are provided.

  The information providing service system according to the present embodiment generates a unique session ID in the system every time a user logs in to the information providing service system, notifies the user terminal, and manages the user ID. In response to the information provision request including the session ID from the user, the validity of the information provision request is confirmed based on the session ID, and the position unique to the user related to the position of the user is confirmed according to the confirmation of the validity. It is intended to provide related information.

  The user terminal 1 includes an information processing terminal such as a mobile phone, a PDA, or a personal computer. The user terminal 1 executes a predetermined application program with a built-in computer and performs packet communication with an arbitrary website, thereby accumulating on the website. This is a terminal device that realizes a browser function for browsing the content information that is stored, for example, the location related information unique to the user related to the location of the user stored in the information management system 4.

  The gateway 2 includes a packet communication device that accommodates a plurality of user terminals 1 via a user network 7 and is connected to a service network 8 to which various websites are connected, and executes a predetermined program by a built-in computer. Thus, the communication device realizes a connection processing function for connecting the user terminal 1 to various websites on the service network 8.

In response to a login request for requesting connection to the information providing service system from the user terminal 1, the gateway 2 performs user authentication in the authentication system 3 based on the user's password information included in the login request. In response to the authentication success, a session ID unique to the login is generated.
Then, the session ID is notified to the user terminal 1, and a service start instruction including the session ID, the user identification information of the user, and the position information is notified to the information management system 4.

The authentication system 3 includes one or more information processing devices. When the user terminal 1 is connected to various websites in the gateway 2, password information input by the user at the user terminal 1, for example, a user ID or password is received. It is a system that performs user authentication to check whether the user is registered in advance.
In the example of FIG. 1, the authentication system 3 includes a proxy authentication server 3A, an authentication server 3B, and an authentication database (hereinafter referred to as an authentication DB) 3C.

The proxy authentication server 3A is connected between the authentication server 3B and the service network 8 for the purpose of load distribution and security, and executes a predetermined program on a built-in computer, thereby receiving an authentication confirmation request from the gateway 2. It is a server device that realizes a proxy response function that accepts and forwards the authentication server 3B.
The authentication DB 3C is connected to the authentication server 3B and executes a predetermined program on a built-in computer, thereby providing various registration information and service information including password information for each user who can use the system registered in advance. This is a database device that implements a database function for storing and managing user management information such as status.

The authentication server 3B is connected between the proxy authentication server 3A and the authentication DB 3C, and by executing a predetermined program with a built-in computer, it accepts only an authentication confirmation request transferred from the proxy authentication server 3A, and performs authentication. This is a server device that realizes a user authentication function for performing user authentication by referring to registration information registered in advance in the DB 3C and confirming the validity of the password information included in the authentication confirmation request.
For connection between the proxy authentication server 3A, the authentication server 3B, and the authentication database 3C, a dedicated line network or a public packet communication network such as the Internet may be used.

The information management system 4 is composed of one or more information processing apparatuses, and is associated with user identification information for identifying an arbitrary user and position information indicating the position of the user, and various position related information provided to the user terminal 1 It is a system to manage.
In the example of FIG. 1, the information management system 4 is composed of an information providing server 4A and a position related information database (hereinafter referred to as position related information DB) 4B.
The location related information DB 4B is connected to the information providing server 4A, and executes a predetermined program on a built-in computer, thereby storing and managing location related information in association with user identification information and location information of the user. It is a database device that realizes.

The information providing server 4A is connected between the service network 8 and the position-related information DB 4B, and executes a predetermined program on the built-in computer, so that the user's user can respond to the information providing request from the user terminal 1 The server device realizes an information provision management function for providing the user terminal 1 with location-related information unique to the user related to identification information and location information.
For the connection between the information providing server 4A and the position related information DB 4B, a dedicated line network may be used, or a public packet communication network such as the Internet may be used.

The user network 7 is a data communication network that realizes packet communication by the user terminal 1, and connects a plurality of user terminals 1 to the gateway 2. The user network 7 may be a wired communication network such as Ethernet (registered trademark), or may be a wireless communication network such as a wireless LAN or a mobile phone network.
Note that the user terminal 1 and the user network 7 are not limited to those prepared by the user, and may be prepared by a service provider or an arbitrary provider.

The service network 8 is a data communication network that realizes packet communication between devices constituting the information providing service system, and connects the authentication system 3 and the information management system 4 to the gateway 2. The service network 8 may be a public packet communication network such as the Internet, or a dedicated packet communication network.
Note that the authentication system 3 or the information management system 4 and the gateway 2 may be connected using individual packet communication networks or communication lines. For example, since the authentication system 3 and the information management system 4 do not directly perform data communication, the service network 8 uses a dedicated line that individually connects the authentication system 3 or the information management system 4 and the gateway 2. Also good.

[Operation of First Embodiment]
Next, the operation of the information providing service system according to the first embodiment of the present invention will be described with reference to FIG. FIG. 2 is a sequence diagram showing an operation of the information providing service system according to the first embodiment of the present invention.
The user terminal 1 executes an application program such as a browser in response to an operation by the user, and displays a login screen for performing a login process to the information providing service system on a screen display unit (not shown) of the user terminal 1. To do.

FIG. 3 shows an example of a login screen. The login screen is provided with an input field for inputting personal identification information used for login authentication, here, a user ID and a password, and a login button for instructing start of the login process. This login screen may be obtained by accessing the gateway 2 connected to the user network 7 or another Web site, or a screen prepared in advance by the own device may be used.
The user terminal 1 receives the password information from the user through this login screen in response to the user's operation (step 100), and issues a login request including the password information via the user network 7 in response to the subsequent pressing of the login button. The gateway 2 is notified (step 101).

In response to the login request from the user terminal 1, the gateway 2 notifies the authentication system 3 via the service network 8 of an authentication confirmation request including the password information of the user notified by the login request (step 102).
In response to the authentication confirmation request from the gateway 2, the authentication system 3 refers to registered information registered in advance and performs user authentication by confirming the validity of the password information included in the authentication confirmation request ( Step 103). Then, the authentication response including the authentication result is notified to the gateway 2 (step 104).

The gateway 2 receives the authentication response from the authentication system 3, and generates a session ID unique to the login of the user when the authentication result indicates successful authentication (step 105).
If the authentication response from the authentication system 3 indicates an authentication failure, the gateway 2 does not generate a session ID and notifies the user terminal 1 that login authentication has not been obtained as error processing.

The session ID is, for example, a combination of identification information unique to the gateway and date / time information at the time of the login process, for example, a hash that converts an indefinite-length input character into a fixed-length character string called a hash value. By generating using a transformation process such as a function, a spatially and temporally unique session ID can be generated with extremely high probability, and high security can be obtained against fraudulent acts such as forgery and reuse of the session ID. It is done.
In addition to the identification information and date / time information, a random number may be combined to generate a session ID, and a unique session ID can be easily generated even when a login request is generated at approximately the same time.

In addition, when many ports for accommodating user terminals are provided in the gateway, in addition to gateway identification information, accommodation position information indicating the accommodation position (port number) of the gateway in which the user terminal is accommodated May be combined to generate a session ID.
In addition, when a series of numbers is assigned so that the accommodation position of the gateway in which the user terminal is accommodated, for example, the port number is not duplicated in any gateway in the information providing service system, it is replaced with the gateway identification information. The session ID may be generated using accommodation position information indicating the accommodation position of the user terminal 1.

After generating the session ID in this way, the gateway 2 stores this in the login response and notifies the user terminal 1 (step 106).
Further, the gateway 2 stores the user ID information for identifying the user and the position information indicating the position of the user terminal 1 in the service start instruction together with the session ID, and sends the information to the information management system 4 via the service network 8. Notification is made (step 110). As these user identification information and position information, information input by the user by providing an input field for these information on the login screen of FIG. 3 may be used.

The user identification information is information for identifying a user by the information management system 4 and selecting information corresponding to the user. At this time, when the unique information of the user terminal 1 is used as the user identification information, the user identification information is different from the case of accessing from another terminal device, and the obtained information is different. For this reason, it is necessary to use information specific to the user as the user identification information.
Therefore, the gateway 2 may acquire user identification information separately by user operation on the user terminal 1 as described above. However, by using a part or all of the personal identification information, for example, the user ID as the user identification information, Information unique to the user can be easily acquired, and processing and operation for acquiring user identification information can be omitted.

  The information management system 4 receives the service start instruction from the gateway 2 and generates position-related information unique to the user related to the user identification information and position information included in the service start instruction (step 111). The position related information is stored in association with the session ID. In the information management system 4, various types of information are stored in association with user identification information and position information, and information related to the position information is selected as position related information unique to the user.

On the other hand, in the user terminal 1, after the session ID is notified from the gateway 2, in response to the information provision request operation by the user (step 120), the information provision request including the session ID is sent to the user network 7, the gateway 2, and The information management system 4 is notified via the service network 8 (step 121).
In response to the information provision request from the user terminal 1, the information management system 4 acquires the position related information stored in association with the session ID included in the information provision request (step 122). Information is provided to the user terminal 1 (step 123).
If the location related information associated with the session ID notified in the information provision request is not stored, the information management system 4 indicates that there is no location related information to be provided as error processing. To notify.

The user terminal 1 receives the position related information provided from the information management system 4 and displays it on the screen display unit (not shown) of its own device, and ends the series of position related information providing operations.
Thereby, after the user logs in to the information providing service system from the user terminal 1, by making an information provision request, the position related information unique to the user related to the position information of the user terminal 1 and the user personal information of the user Is provided from the user terminal 1 to the user.

  Thus, in this embodiment, every time a user logs in to the information providing service system, a unique session ID is generated in the system, notified to the user terminal, and managed by the system. In response to the information provision request including the session ID, the validity of the information provision request is confirmed based on the session ID, and the position related information unique to the user related to the position of the user is confirmed based on the confirmation of the validity. Therefore, even when user identification information leaks as in the prior art, position-related information unique to the user will not leak to a third party unless a valid session ID is used.

Moreover, since the session ID is generated as information unique to the login only after the login authentication based on the user's personal identification information is obtained, it is extremely difficult for a third party to forge the session ID.
Therefore, compared to conventional systems that provide only general location-related information that does not require confidentiality for arbitrary location information, location-specific information unique to each user is provided while ensuring high security. it can.

  When the gateway 2 confirms the logout of the user terminal 1 from the information management system, the gateway 2 notifies the information management system 4 of the service end notification including the session ID, and the information management system 4 The session ID becomes invalid. Therefore, when the same session ID is used after the user terminal 1 logs out, the position related information of the user is not provided because the position related information is not stored corresponding to the session ID. Therefore, unless a valid session ID is used, position-related information unique to the user is not leaked to a third party.

  Further, when generating a session ID in the gateway 2, at least the identification information of the gateway or the accommodation position information indicating the accommodation position where the user terminal 1 is accommodated in the gateway and the date / time information are combined and processed. Since the session ID is generated by the method, a spatially and temporally unique session ID can be generated with a very high probability in the information management system, and the illegal operation such as forgery or reuse of the session ID can be performed. High security can be obtained.

  In addition, the gateway 2 uses part or all of the password information notified from the user terminal 1 at the time of the login request, for example, the user ID, as the user identification information. While being able to identify, the process and operation for acquiring user identification information separately can be omitted.

  In addition, in the information management system 4, in response to the service start instruction from the gateway 2, position-related information unique to the user related to the user identification information and position information included in the service start instruction is generated. Since it did in this way, according to the information provision request | requirement from the user terminal 1 after that, the position relevant information matched with session ID contained in the said information provision request | requirement can be provided immediately, and the user terminal 1 Compared with the case where position-related information is generated in response to an information provision request, high responsiveness can be obtained for information provision to the user, and the stress felt by the user can be greatly reduced.

[Second Embodiment]
Next, with reference to FIG. 4, an information providing service system according to a second embodiment of the present invention will be described. FIG. 4 is a position information conversion table used in the information providing service system according to the second embodiment of the present invention. Note that the configuration and operation of the information providing service system according to the present embodiment are substantially the same as those of the first embodiment (see FIGS. 1 and 2) described above, and detailed description thereof is omitted here. .

  In the first embodiment described above, a case has been described in which position information input by a user operation is used as a position information indicating the position of the user when a login request is made from the user terminal 1. In the present embodiment, a case where position information is generated based on identification information of the gateway 2 will be described.

  The gateway 2 is assigned with individual identification information in advance, and its installation position is known information. Therefore, if the gateway 2 in which the user terminal 1 is accommodated is known, the position of the user terminal 1 can be almost determined. In particular, when the user network 7 connecting the user terminal 1 and the gateway 2 is composed of a wireless communication network, the distance from the wireless base station connected to the gateway 2 to the user terminal 1 is limited to some extent in the communication area. Therefore, the position of the user terminal 1 can be specified with higher accuracy.

The position information conversion table of FIG. 4 is managed by associating a gateway ID, which is gateway identification information, with latitude information and longitude information indicating the installation position.
Therefore, by using this location information conversion table, the user terminal 1, that is, the location information of the user can be obtained based on the identification information of the gateway 2, and processing and operations for obtaining location information from the user terminal 1 can be omitted. Can do.
Note that the process of acquiring the user location information from the location of the gateway 2 may be performed by the gateway 2, and in this case, the location information conversion table includes only one entry relating to the gateway.

On the other hand, a location information conversion table may be provided in the information management system 4 to generate user location information based on the gateway 2 identification information notified from the gateway 2 by a service start instruction.
Usually, when managing a pay connection service provided on a network, a charging start instruction is notified from the gateway to the charging management system. For example, in the RFC 2866 standard of Internet Engineering Task Force (IETF), a protocol for carrying charging information between a NAS (Network Access Server) on the Internet and a shared charging server is defined.

In the RFC2866 standard, a message including various types of billing information is defined as a billing request (Account-Request) used when starting a paid service. In this billing request message, information such as the NAS IP address, accommodation port information, and billing session ID for identifying the billing session are prepared as attributes.
Therefore, as shown in FIG. 5, this billing request message can be used as a service start instruction of the present embodiment. FIG. 5 is a configuration example of a service start instruction using a charge request message, and shows a correspondence relationship between the attribute of the charge request message and information included in the service start instruction.

In the example of FIG. 5, in particular, the identification information of the gateway 2 and the accommodation location information of the user terminal 1 are respectively stored in “NAS-IP-Address” and “NAS-Port” of the billing request message and generated by the gateway 2. The session ID is stored in “Acct-Session-Id” of the charging request message, and the user identification information including the user ID used in the password information is stored in “User-Name” of the charging request message.
As a result, various information required in the present embodiment can be notified from the gateway 2 to the information management system 4 by a service start instruction using an existing protocol without designing and implementing a new protocol. it can.

  Therefore, the location information is provided in the information management system 4 because the information management system 4 is notified of the identification information of the gateway 2 and the accommodation location information of the user terminal 1 by a service start instruction using the billing request message. In the position information conversion table, the position information of the user can be generated using the identification information of the gateway 2, the accommodation position information of the user terminal 1, or the combination information thereof.

[Third Embodiment]
Next, with reference to FIG. 6, an information providing service system according to a third embodiment of the present invention will be described. FIG. 6 is a sequence diagram showing the main part of the operation of the information providing service system according to the third embodiment of the present invention. Note that the configuration and operation of the information providing service system according to the present embodiment are substantially the same as those of the first embodiment (see FIGS. 1 and 2) described above, and detailed description thereof is omitted here. .

  In the first embodiment described above, on the premise that information management is strictly performed in the information management system 4, the user identification information and location information notified from the gateway 2 and further the session ID are obtained. The case has been described where the position related information related to the secret information is generated and stored as it is.

  However, depending on the system configuration, the management entity of the information providing server 4A and the position related information DB 4B constituting the information management system 4 may be different, and information management may not be performed strictly and may be leaked. For example, in order to enrich the position related information provided to the user from the information management system 4, it is effective to operate the position related information DB 4B individually with the content provider specialized in each field as the management entity. is there. Therefore, in such a form, it is difficult to strictly manage secret information at the same level in the position related information DB 4B of different management entities.

In the present embodiment, in order to improve security for such personal information, the information providing server 4A converts various secret information to be notified to the position related information DB 4B and notifies it.
In FIG. 6, when the service start instruction is notified from the gateway 2 (step 110), the information providing server 4A, the secret information included in the service start instruction, here the user identification information and location information of the user, and further the session The ID is converted into converted secret information such as converted user identification information, converted position information, and further converted session ID using, for example, the hash function described above (step 130).

Then, the information providing server 4A stores the converted secret information in an information generation request instructing generation of position related information and notifies the position related information DB 4B (step 131).
Based on each conversion secret information included in the information generation request, the position related information DB 4B has information related to the converted position information from information stored in association with the converted user identification information. The position-related information is selected and generated, and stored in association with the conversion session ID (step 132).

Thereafter, in response to the information provision request from the user terminal 1 (step 121), the information provision server 4A converts the session ID also included in the information provision request into the conversion session ID (step 135), and the position related information It is included in the request and notified to the position related information DB 4B (step 136).
The position related information DB 4B acquires the position related information stored in association with the conversion session ID included in the position related information request (step 137), and sends this to the information providing server 4A by the position related information notification. (Step 138).

  In response to this, the information providing server 4A provides the position related information notified by the position related information notification from the position related information DB 4B to the user terminal 1 by providing the position related information (step 123).

As described above, in the present embodiment, in the information management system 4, the user identification of the user used to generate various types of secret information notified from the information providing server 4 </ b> A to the position related information DB 4 </ b> B, for example, desired position related information. Since the information, the position information, and also the session ID are converted and notified, the desired position related information can be obtained without notifying the user related secret information as it is to the position related information DB 4B.
Thereby, even when the information providing server 4A constituting the information management system 4 and the location-related information DB 4B have different management entities, the security of such secret information can be improved. Therefore, the information providing service system can be configured more flexibly, such as a form in which the content provider specialized in each field is managed as a management entity and the position related information DB 4B is individually operated.

[Fourth Embodiment]
Next, with reference to FIGS. 7 and 8, an information providing service system according to a fourth embodiment of the present invention will be described. FIG. 7 is a block diagram showing a configuration of an information providing service system according to the fourth embodiment of the present invention. FIG. 8 is a sequence diagram showing the main part of the operation of the information providing service system according to the fourth embodiment of the present invention. 7 and 8, the same or equivalent parts as those in FIGS. 1 and 2 are denoted by the same reference numerals.

  In the present embodiment, a service management server 5 is additionally provided in the information providing service system according to the first embodiment described above, and service management is performed in response to a service provision request from the user terminal 1 using the session ID. The service provision status to the user is confirmed by the server 5 based on the session ID.

  In FIG. 7, the service management server 5 is connected to the gateway 2 and the authentication system 3 via the service network 8, and the user terminal notified via the gateway 2 by executing a predetermined program with a built-in computer. 1 is a server device that realizes a service management function for confirming a service provision status to the user in response to a service start request from 1. The other configuration of the information providing service system according to the present embodiment is substantially the same as that of the first embodiment (see FIG. 1) described above, and detailed description thereof is omitted here.

[Operation of Fourth Embodiment]
Next, with reference to FIG. 8, operation | movement of the information provision service system concerning the 4th Embodiment of this invention is demonstrated.
As shown in FIG. 8, the gateway 2 generates a session ID (step 105), stores it in the login response, and notifies the user terminal 1 (step 106). Further, the gateway 2 stores the user ID information for identifying the user and the position information indicating the position of the user terminal 1 in the service start instruction together with the session ID, and sends the information to the information management system 4 via the service network 8. Notification is made (step 110).

In this embodiment, in step 110, the service start instruction is also notified to the authentication system 3.
In response to the service start instruction from the gateway 2, the authentication system 3 confirms that the information providing service using the session ID included in the service start instruction has been started to be provided to any user, and notifies the service to that effect. The provision status is managed (step 140).

On the other hand, in response to the login permission from the gateway 2, the user terminal 1 notifies the service management server 5 via the gateway 2 of a service provision request including the session ID notified by the login permission (step 141).
In response to the service provision request from the user terminal 1, the service management server 5 notifies the authentication system 3 via the service network 8 of a service status inquiry including the session ID notified by the service provision request (step 142). ).

  In response to the service status inquiry from the service management server 5, the authentication system 3 checks the service provision status corresponding to the session ID included in the query, that is, whether or not the service is provided (step 143), and determines the service provision status. The service status response is returned to the service management server 5 (step 144).

The service management server 5 receives the service status response from the authentication system 3 and confirms the service provision status for the session ID notified by the service status response.
Then, only when the service provision status indicates that the service is provided (during service provision), a service start notification for notifying the start of service provision is sent to the user terminal 1 together with the session ID (step 145). If the service provision status indicates that the service is not provided (service is stopped), the service start notification is not notified to the user terminal 1, and a predetermined error process is executed to provide the service to the user terminal 1, for example. Notify that.

  In response to the service start notification from the service management server 5, the user terminal 1 displays on the screen that service provision has started and notifies the user. Thereby, the user confirms the start of the information providing service, and according to the subsequent operation (step 120), the information providing request is notified from the user terminal 1 to the information management system 4 in the same manner as described above (step 121). Desired position related information is provided to the user terminal 1.

As described above, in the present embodiment, the service provision status is managed by the authentication system 3 for each session ID generated by the gateway 2, and the service provision request including the session ID notified from the user terminal 1 is responded. The service management server 5 confirms the service provision status for the user with the authentication system 3 based on the session ID, so that the validity of the session ID and the service provision availability according to the service provision status are reliably determined. it can.
As a result, when a service provision request using a forged session ID is notified, the service provision status corresponding to the session ID is not confirmed, so that it is determined as an unauthorized access and the information provision service is not started.

  Further, when the logout of the user terminal 1 is confirmed by the gateway 2, the service end notification including the session ID is notified from the gateway 2 to the information management system 4. In the present embodiment, this service end notification is sent to the information management system 4. The authentication system 3 is also notified, and the authentication system 3 manages the end of service provision as the service provision status of the session ID. Thereby, when a service provision request using a past session ID is notified, the service management server 5 confirms that no service is provided to the session ID (the service is stopped), and the service start notification is sent to the user terminal 1. Not notified. Therefore, unless a valid session ID is used, position-related information unique to the user is not leaked to a third party.

When notifying the service start notification from the service management server 5 to the user terminal 1 in step 145 of FIG. 8 described above, the connection destination address (URL) of the information management system 4 and the session ID are set according to the user's operation. You may make it transmit the web page containing the operation button to transmit.
FIG. 9 shows an example of a Web page. In this example, store guidance information, movie screening information, and map information are prepared as position-related information unique to the user, and an operation button for acquiring information is provided for each piece of position-related information.

In the present embodiment, a Web page is configured by associating a URL indicating the connection destination address of the information management system 4 that provides the position related information and the session ID with each operation button.
As a result, the user terminal 1 receives the Web page as a service start notification from the service management server 5 and displays it on the screen. When an arbitrary operation button is pressed by the user, the URL associated with the operation button is displayed. The session ID is transmitted to the information management system 4 as an information provision request.

Therefore, the user can make an information provision request including the session ID to the information management system 4 that provides the desired position-related information without a user having to input the URL or session ID of the information management system 4 with a simple operation. This is extremely effective when a plurality of pieces of position-related information can be transmitted.
Further, since the URL and session ID of the information management system 4 are associated with the operation button of the Web page, the information is not displayed on the screen of the user terminal, and the opportunity for leaking the information to a third party can be eliminated.

In the present embodiment, a Web page is notified from the service management server 5 to the user terminal 1 as a service start notification, and from the user terminal 1 to the information management system 4 in response to an operation on the operation button of the Web page by the user. Although the case where the information provision request is transmitted has been described, the present invention is not limited to this.
For example, when the user terminal 1 receives a service start notification from the service management server 5 in step 145 of FIG. 8, the session ID is sent to the URL of the information management system 4 included in the service start notification as an information provision request. May be automatically transmitted. Thereby, the user can receive provision of desired position related information without performing any operation.

Further, when a service provision request is transmitted from the user terminal 1 to the service management server 5 in step 141 of FIG. 8, the connection destination address (URL) of the service management server 5 is set in the user terminal 1 in advance. May be used, but the address specified in the login response from the gateway 2 may be used.
As a result, the connection destination address of the service management server 5 can be kept secret, and unauthorized access to the service management server 5 can be reduced. In addition, an arbitrary service management server 5 can be selected by the gateway 2, and the load distribution of the service management server 5 becomes possible.

[Fifth Embodiment]
Next, an information providing service system according to a fifth embodiment of the present invention will be described. Note that the configuration and operation of the information providing service system according to the present embodiment are substantially the same as those of the first embodiment (see FIGS. 1 and 2) described above, and detailed description thereof is omitted here. .

In the first embodiment described above, the case where the validity of the information provision request is determined by including the session ID when the information provision request is notified from the user terminal 1 to the information management system 4 has been described.
In the present embodiment, a case will be described in which address information that combines the MAC address and IP address of the user terminal 1 is used instead of the session ID.

In the present embodiment, first, in step 110 of FIG. 2, the MAC address and IP address of the user terminal 1 are notified from the gateway 2 to the information management system 4 by a service start instruction. Then, the information management system 4 stores the position related information of the user in association with the address information obtained by combining the MAC address and the IP address.
Then, the location-related information managed in association with the address information obtained by combining the MAC address and IP address of the user terminal 1 notified by the information provision request from the user terminal 1 is acquired (step 122 in FIG. 2). ) To the user terminal 1 (step 123 in FIG. 2).

As described above, when notifying the information provision request from the user terminal 1 to the information management system 4, instead of the session ID, the address information combining the MAC address and the IP address of the user terminal 1 is used. Similarly, unless a valid session ID is used, position-related information unique to the user will not be leaked to a third party.
In particular, when a packet communication network in which the IP address assigned to the user terminal 1 is changed for each connection is used as the user network 7, the address information combining the MAC address and the IP address is different for each connection. Therefore, it is extremely difficult for a third party to forge address information combining a MAC address and an IP address, and high security can be obtained.

[Sixth Embodiment]
Next, an information providing service system according to the sixth embodiment of the present invention will be described with reference to FIG. FIG. 10 is a sequence diagram showing the main part of the operation of the information providing service system according to the sixth embodiment of the present invention. Note that the configuration and operation of the information providing service system according to the present embodiment are substantially the same as those of the first embodiment (see FIGS. 1 and 2) described above, and detailed description thereof is omitted here. .

In the first embodiment described above, the information management system 4 generates location-related information unique to the user related to the user identification information and location information in response to a service start instruction from the gateway 2 (see FIG. Step 111 of 2), the case of storing in association with the session ID has been described.
In the present embodiment, in response to an information provision request from the user terminal 1 (step 121 in FIG. 2), location-related information unique to the user is generated based on the session ID included in the information provision request. It is.

In FIG. 10, the information management system 4 does not generate location-related information in response to the service start instruction from the gateway 2 (step 110), and uses the user identification information and the position for the secret information notified by this service start instruction. Information is stored together with the session ID (step 150).
Then, in response to an information provision request from the user terminal 1 (step 121), user identification information and position information stored corresponding to the session ID notified in the information provision request are acquired (step 155). ), Desired position-related information is generated using the user identification information and position information (step 156), and is provided to the user terminal 1 (step 123).

As described above, according to the present embodiment, in response to the information provision request from the user terminal 1, the position related information unique to the user is generated based on the session ID included in the information provision request. In the information management system 4, it is not necessary to generate location-related information for each user in advance at the time when the necessity of provision is not determined, and the processing load on the information management system 4 can be reduced.
Further, when a forged session ID that is different from the session ID notified by the information provision request is notified by the information provision request from the user terminal 1, the user identification information and the position information stored in correspondence with the session ID Therefore, position related information is not generated and position related information is not provided. Therefore, unless a valid session ID is used, position-related information unique to the user is not leaked to a third party.

[Seventh Embodiment]
Next, with reference to FIGS. 11 and 12, an information providing service system according to a seventh embodiment of the present invention will be described. FIG. 11 is a configuration example of user identification information used in the information providing service system according to the seventh exemplary embodiment of the present invention. FIG. 12 is a configuration example of a realm determination table used in the information providing service system according to the seventh exemplary embodiment of the present invention. Note that the configuration and operation of the information providing service system according to the present embodiment are substantially the same as those of the first embodiment (see FIGS. 1 and 2) described above, and detailed description thereof is omitted here. .

In the above-described fourth embodiment, when there are a plurality of information management systems 4 that provide location-related information, an operation button is provided for each provided information, such as a Web page shown in FIG. The case of doing so was explained.
In the present embodiment, a case will be described in which, when a user makes a login request, a desired information management system 4 is selected by user identification information as a location-related information provider.

  As shown in FIG. 11, in a service system configured on a network such as an information providing service system, identification information including a user name 11 and a domain name 12 is often used as user identification information. Among these, the domain name 12 “hotspot.ne.jp” is information for identifying the service system, and the user name 11 “kensuke.suzuki” is information for identifying the user in the service system. . These user name 11 and domain name 12 are connected by an at sign “@” to constitute user identification information.

In the present embodiment, realm information 13 is provided between the at sign and the domain name 12, and the user selects a desired information management system 4 based on the realm information 13. In FIG. 11, realm information “service1” is added to the user identification information.
The gateway 2 receives this user identification information by a login request (step 101 in FIG. 2), and notifies the user terminal 1 and the information management system 4 of the session ID in advance based on the realm information of the user identification information. 2, the connection destination address of the information management system 4 that is the source of the position-related information is confirmed with reference to the realm determination table of FIG. In this example, “URL1” corresponding to the realm information “service1” is determined as the connection destination address of the information management system 4.

Then, the gateway 2 notifies the user terminal 1 of the address “URL1” of the selected information management system 4 by a login response (step 106 in FIG. 2). Further, the gateway 2 notifies the service start notification to the connection destination address “URL1” (step 110 in FIG. 2).
As a result, the user terminal 1 is notified of the information provision request to the information management system 4 of “URL1” (step 121 in FIG. 2), and the information management system 4 of “URL1” notifies the user terminal 1 of the user. Is provided (step 123 of FIG. 2).

  As described above, the gateway 2 selects any one of the plurality of information management systems 4 as the location-related information provider based on the realm information included in the user identification information from the user terminal 1. Can arbitrarily select a desired information management system 4 in advance. Thereby, only the position relevant information which a user desires can be provided exactly.

[Eighth Embodiment]
Next, an information providing service system according to an eighth embodiment of the present invention will be described with reference to FIG. FIG. 13 is a configuration example of a realm determination table used in the information providing service system according to the eighth embodiment of the present invention. Note that the configuration and operation of the information providing service system according to the present embodiment are substantially the same as those of the first embodiment (see FIGS. 1 and 2) described above, and detailed description thereof is omitted here. .

  In the seventh embodiment described above, the case where the user selects one of the information management systems 4 with the realm information added to the user identification information has been described. In the present embodiment, a case where the user regulates the connection destination information management system 4 serving as an information providing source will be described using realm information added to the user identification information.

  In the present embodiment, the gateway 2 receives this user identification information by a login request (step 101 in FIG. 2), and notifies the user ID 1 and the information management system 4 of the session ID before the realm of the user identification information. Based on the information, with reference to the realm determination table of FIG. 13 registered in the gateway 2 in advance, it is confirmed which connection destination restriction is used as the connection destination restriction for the information management system 4 that is the provider of the position related information. To do. For example, when the realm information “child” is designated, only the information management system 4 that allows the connection of minors is selected from the plurality of information management systems 4 prepared as candidates in advance.

Then, the gateway 2 notifies the user terminal 1 of the address of the selected information management system 4 by a login response (step 106 in FIG. 2). Further, the gateway 2 notifies the selected information management system 4 of a service start notification (step 110 in FIG. 2).
As a result, the user terminal 1 notifies an information provision request to any desired information management system 4 in accordance with, for example, the user's selection operation using the Web page as shown in FIG. 9 (step 121 in FIG. 2). The position management information of the user is provided from the information management system 4 to the user terminal 1 (step 123 in FIG. 2).

  As described above, the gateway 2 regulates the information management system 4 that provides the position-related information among the plurality of information management systems 4 based on the realm information included in the user identification information from the user terminal 1. The user can arbitrarily regulate the desired information management system 4 in advance. Thereby, the position relevant information which a user desires can be restrict | limited arbitrarily. In addition, about the detailed setting with respect to each connection destination regulation, a table may be provided separately and regulation may be performed.

[Ninth Embodiment]
Next, an information providing service system according to the ninth exemplary embodiment of the present invention will be described with reference to FIG. FIG. 14 is a configuration example of a realm determination table used in the information providing service system according to the ninth exemplary embodiment of the present invention. Note that the configuration and operation of the information providing service system according to the present embodiment are substantially the same as those of the first embodiment (see FIGS. 1 and 2) described above, and detailed description thereof is omitted here. .

  In the seventh embodiment described above, the case where the user selects one of the information management systems 4 with the realm information added to the user identification information has been described. In the present embodiment, a case where the user selects whether or not to provide location-related information using realm information added to user identification information will be described.

  In the present embodiment, the gateway 2 receives this user identification information by a login request (step 101 in FIG. 2), and notifies the user ID 1 and the information management system 4 of the session ID before the realm of the user identification information. Based on the information, referring to the realm determination table of FIG. For example, when the realm information “service” is designated, it is determined that the location related information needs to be provided, and the information management system 4 that provides the location related information is selected. On the other hand, when the realm information is not designated, it is determined that the position related information needs to be provided, and the information management system 4 that provides other information is selected.

Then, the gateway 2 notifies the user terminal 1 of the address of the selected information management system 4 by a login response (step 106 in FIG. 2). Further, the gateway 2 notifies the selected information management system 4 of a service start notification (step 110 in FIG. 2).
As a result, the user terminal 1 notifies an information provision request to any desired information management system 4 in accordance with, for example, the user's selection operation using the Web page as shown in FIG. 9 (step 121 in FIG. 2). The position management information or other information of the user is provided from the information management system 4 to the user terminal 1 (step 123 in FIG. 2).

  As described above, since the gateway 2 selects whether or not to provide the position related information based on the realm information included in the user identification information from the user terminal 1, the user arbitrarily determines whether or not the position related information needs to be provided in advance. Can be selected. Thereby, provision of position related information unnecessary for the user can be arbitrarily avoided.

[Tenth embodiment]
Next, an information providing service system according to the tenth embodiment of the present invention will be described with reference to FIG. FIG. 15 is a configuration example of a realm determination table used in the information providing service system according to the tenth exemplary embodiment of the present invention. Note that the configuration and operation of the information providing service system according to the present embodiment are substantially the same as those of the first embodiment (see FIGS. 1 and 2) described above, and detailed description thereof is omitted here. .

  In the seventh embodiment described above, the case where the user selects one of the information management systems 4 with the realm information added to the user identification information has been described. In the present embodiment, a case will be described in which the type of location-related information that the user needs to provide is selected using realm information added to the user identification information.

In the present embodiment, the information management system 4 refers to the realm determination table of FIG. 15 registered in advance in the information management system 4 based on the realm information of the user identification information notified from the gateway 2 by the service start instruction. Thus, the type of position related information desired by the user is confirmed. For example, when realm information “tempo” is designated, it is determined that it is necessary to provide location-related information related to “store information”, and location-related information of that type is generated (step 111 in FIG. 2).
Thereby, in response to the information provision request from the user terminal 1 (step 121 in FIG. 2), the information management system 4 provides the user terminal 1 with the location related information of the type specified by the user (FIG. 2). Step 123 of 2).

  As described above, since the gateway 2 selects the type of desired position-related information based on the realm information included in the user identification information from the user terminal 1, the position-related information of the type desired by the user is arbitrarily set in advance. Can be selected. Thereby, only the position related information of the type which a user requires can be provided.

[Eleventh embodiment]
Next, an information providing service system according to the eleventh embodiment of the present invention will be described with reference to FIG. FIG. 16 is a configuration example of a realm determination table used in the information providing service system according to the eleventh exemplary embodiment of the present invention. Note that the configuration and operation of the information providing service system according to the present embodiment are substantially the same as those of the first embodiment (see FIGS. 1 and 2) described above, and detailed description thereof is omitted here. .

  In the tenth embodiment described above, the case has been described where the type of position-related information desired by the user is selected with the realm information added to the user identification information. In the present embodiment, a case will be described where the user's location information used in the information providing system is changed using realm information added to the user identification information.

In the present embodiment, the information management system 4 refers to the realm determination table of FIG. 16 registered in advance in the information management system 4 based on the realm information of the user identification information notified by the service start instruction from the gateway 2. To change the position information of the user. For example, when realm information “area2” is designated, the original location information “subway Hibiya Station area” is changed to “city center”, and location-related information using this location information is generated (step in FIG. 2). 111).
Thereby, according to the information provision request from the user terminal 1 (step 121 in FIG. 2), the location information related to the location information designated by the user is provided from the information management system 4 to the user terminal 1 ( Step 123 of FIG.

  As described above, since the gateway 2 changes the user position information based on the realm information included in the user identification information from the user terminal 1, the user arbitrarily selects position information different from the original position information. Position-related information can be acquired. In this case, based on the realm information from the user, the area range included in the position information around the original position information “around Hibiya Station on the subway” may be changed, or the center position may be changed. Thereby, a user can acquire position related information without clarifying his / her position, and leakage of secret information called position information can be suppressed.

[Twelfth embodiment]
Next, an information providing service system according to the twelfth embodiment of the present invention will be described with reference to FIG. FIG. 17 is a configuration example of a realm determination table used in the information providing service system according to the twelfth embodiment of the present invention. Note that the configuration and operation of the information providing service system according to the present embodiment are substantially the same as those of the first embodiment (see FIGS. 1 and 2) described above, and detailed description thereof is omitted here. .

  In the tenth embodiment described above, the case has been described where the type of position-related information desired by the user is selected with the realm information added to the user identification information. In the present embodiment, a case where the user identification information of the user used in the information providing system is changed to general-purpose user identification information registered in advance using realm information added to the user identification information will be described.

In the present embodiment, the information management system 4 refers to the realm determination table of FIG. 17 registered in advance in the information management system 4 based on the realm information of the user identification information notified by the service start instruction from the gateway 2. The user identification information of the user is changed. For example, when realm information “guest” is designated, the user identification information indicating the person himself / herself is changed to user identification information indicating a general-purpose general person, and position-related information using the user identification information is generated (FIG. 2). Step 111).
Thereby, in response to the information provision request from the user terminal 1 (step 121 in FIG. 2), the location information related to the user identification information designated by the user is provided from the information management system 4 to the user terminal 1. (Step 123 in FIG. 2).

  As described above, since the gateway 2 changes the user identification information of the user based on the realm information included in the user identification information from the user terminal 1, the user arbitrarily selects user identification information different from the user himself / herself. Position-related information. Accordingly, since the user can intentionally change the user identification information, the user can acquire the position related information without clarifying the user identification information of the user, and the leakage of the secret information called the user identification information can be suppressed.

[Extended embodiment]
Each embodiment described above may be implemented independently, but may be implemented by combining two or more arbitrary embodiments.

  In the seventh to ninth embodiments, each realm determination table is provided in the gateway 2, and the gateway 2 provides a form of providing location-related information to the user based on the realm information specified by the user identification information. In the information management system 4, a realm determination table is provided, and the information management system 4 controls the form of providing location-related information to the user based on the realm information specified by the user identification information. You may make it do.

  In the tenth to twelfth embodiments, each realm determination table is provided in the information management system 4, and the information management system 4 provides position related information to the user based on the realm information specified by the user identification information. Although the case where the information provision form is controlled has been described, a realm determination table is provided in the gateway 2, and the provision form of the position related information provided to the user is controlled in the gateway 2 based on the realm information specified by the user identification information. You may make it do.

It is a block diagram which shows the logical model of the information provision service system concerning the 1st Embodiment of this invention. It is a sequence diagram which shows operation | movement of the information provision service system concerning the 1st Embodiment of this invention. It is an example of a login screen. It is a positional information conversion table used with the information provision service system concerning the 2nd Embodiment of this invention. It is an example of a structure of the service start instruction | indication using an accounting request message. It is a sequence diagram which shows the principal part of operation | movement of the information provision service system concerning the 3rd Embodiment of this invention. It is a block diagram which shows the structure of the information provision service system concerning the 4th Embodiment of this invention. It is a sequence diagram which shows the principal part of operation | movement of the information provision service system concerning the 4th Embodiment of this invention. It is an example of a Web page. It is a sequence diagram which shows the principal part of operation | movement of the information provision service system concerning the 6th Embodiment of this invention. It is a structural example of the user identification information used with the information provision service system concerning the 7th Embodiment of this invention. It is a structural example of the realm determination table used with the information provision service system concerning the 7th Embodiment of this invention. It is a structural example of the realm determination table used with the information provision service system concerning the 8th Embodiment of this invention. It is a structural example of the realm determination table used with the information provision service system concerning the 9th Embodiment of this invention. It is a structural example of the realm determination table used with the information provision service system concerning the 10th Embodiment of this invention. It is a structural example of the realm determination table used with the information provision service system concerning the 11th Embodiment of this invention. It is a structural example of the realm determination table used with the information provision service system concerning the 12th Embodiment of this invention.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 ... User terminal, 2 ... Gateway, 3 ... Authentication system, 3A ... Proxy authentication server, 3B ... Authentication server, 3C ... Authentication DB, 4 ... Information management system, 4A ... Information provision server, 4B ... Location related information DB, 5 ... service management server, 7 ... user network, 8 ... service network, 11 ... user name, 12 ... domain name, 13 ... realm information.

Claims (18)

An information providing service system connected to a user terminal via a communication network and providing the user terminal with location-related information specific to the user related to the location of the user terminal in response to a request from the user terminal,
An authentication system for performing user authentication based on the user's personal identification information;
And location-related information database for managing location-related information to be provided to the user terminal in association with the specific transformation location information to the location information of the specific transformation identification information and the user in the user identification information of the user, information from the user terminal An information management system comprising: an information providing server that acquires and provides location-related information unique to the user related to the user identification information and location information of the user in response to a provision request from the location-related information database ;
In response to a login request for requesting a connection from the user terminal to the information providing service system, the authentication system performs user authentication based on the user's password information included in the login request, and responds to the successful authentication. A session ID unique to the login is generated, the session ID is notified to the user terminal, and a service start instruction including the session ID and the user identification information and location information of the user is notified to the information management system. And a gateway to
In response to the service start instruction from the gateway, the information providing server converts the user identification information, the position information, and the session ID included in the service start instruction into unique conversion user identification information and conversion position, respectively. After converting the information and the conversion session ID, an information generation request including the conversion user identification information, the conversion position information, and the conversion session ID is notified to the position related information database.
In response to the information generation request from the information providing server, the position related information database includes the converted user identification information included in the information generation request and the position related information related to the converted position information. Store in association with the conversion session ID included in the information generation request;
After the information providing server converts the session ID of the information providing request into the converted session ID in response to the information providing request from the user terminal including the session ID notified by the service start instruction from the gateway. , Notifying the location related information database of the location related information request including the conversion session ID,
The location related information database acquires the location related information stored in association with the conversion session ID included in the location related information request in response to the location related information request from the information providing server. And notifying the information providing server of the information providing service system. In the information provision service system of Claim 1,
The gateway computes at least the session ID by combining the gateway identification information or accommodation location information indicating the accommodation location in which the user terminal is accommodated in the gateway and date and time information at the time of login processing. An information providing service system characterized by generating. In the information provision service system of Claim 1,
The gateway provides an information providing service system using a part or all of the user password information as the user identification information. In the information provision service system of Claim 1,
Prior to the information provision request from the user terminal, the information management system generates location-related information unique to the user related to the user identification information and location information included in the service start instruction notified from the gateway Information provision service system characterized by storing and storing. In the information provision service system of Claim 1,
The gateway notifies the information management system of the location information of the user by using the service start instruction as identification information of the gateway or accommodation location information indicating an accommodation location where the user terminal is accommodated in the gateway,
The information management service system generates the user location information based on identification information or accommodation location information of the gateway included in the service start instruction from the gateway. In the information provision service system of Claim 5,
The gateway uses the IETF (Internet Engineering Task Force) RFC2866 billing start message as the service start instruction, and uses the gateway identification information or accommodation location information, the session ID, and the user identification information as the information. An information providing service system characterized by notifying a management system. In the information provision service system of Claim 1,
A service management server that manages for each user terminal whether or not to provide a service that provides the location-related information to the user terminal;
The gateway notifies the generated session ID to the authentication system,
In response to the notification of the session ID from the gateway, the user terminal notifies the service management server of a service provision request including the session ID, and confirms the service provision start from the service management server in response to the notification. Then, the information management request is notified to the information management system,
The service management server confirms the validity of the session ID included in the service provision request with the authentication system in response to a service provision request from the user terminal, and provides the service to the user terminal according to the validity confirmation. An information providing service system characterized by notifying the start. In the information provision service system of Claim 7 ,
When the service management server notifies the start of service provision, the service management server notifies the start of service provision by generating a Web page and transmitting it to the user terminal;
The information providing service system, wherein the Web page includes an operation button that transmits a connection destination address of the information management system, the session ID, and the like according to a user operation. In the information provision service system of Claim 7 ,
In response to the service provision start notification from the service management server, the user terminal sends the information provision request to the information provision server using the connection destination address of the information management system and the session ID included in the notification. An information providing service system characterized by automatic transmission. In the information provision service system of Claim 1,
The information management system manages a set of the IP address and MAC address of the user terminal included in the service start instruction from the gateway instead of the session ID in association with the location-related information unique to the user, According to an information provision request from a user terminal, location related information associated with a set of the IP address and MAC address of the user terminal included in the information provision request is provided to the user terminal. Information service system. In the information provision service system of Claim 1,
The information management system stores the user identification information and the location information included in the service start instruction notified from the gateway in association with the session ID, and responds to an information provision request from the user terminal. An information providing service system that generates location-related information unique to the user related to user identification information and location information stored in association with a session ID included in the information provision request. In the information provision service system of Claim 1,
The user terminal notifies the gateway of user identification information including arbitrary realm information as password information of the user at the time of the login request,
The gateway selects one of a plurality of information management systems based on the realm information as a provider of the location-related information. In the information provision service system of Claim 1,
The user terminal notifies the gateway of user identification information including arbitrary realm information as password information of the user at the time of the login request,
The information providing service system, wherein the gateway regulates connection to an information management system that is a provider of position related information according to realm information added to the user identification information. In the information provision service system of Claim 1,
The user terminal notifies the gateway of user identification information including arbitrary realm information as password information of the user at the time of the login request,
The information management service system determines whether or not the location-related information needs to be provided according to realm information added to the user identification information notified from the gateway. In the information provision service system of Claim 1,
The user terminal notifies the gateway of user identification information including arbitrary realm information as password information of the user at the time of the login request,
The information management system selects a type of the location-related information to be provided to the user terminal according to realm information added to the user identification information notified from the gateway, and location-related information according to the type An information providing service system characterized by providing information. In the information provision service system of Claim 1,
The user terminal notifies the gateway of user identification information including arbitrary realm information as password information of the user at the time of the login request,
The information management system changes the position information of the user according to realm information added to the user identification information notified from the gateway, and provides position related information according to the changed position information. An information providing service system characterized by In the information provision service system of Claim 1,
The user terminal notifies the gateway of user identification information including arbitrary realm information as password information of the user at the time of the login request,
The information management system changes the user identification information to pre-registered general-purpose user identification information according to realm information added to the user identification information notified from the gateway, and the changed user An information providing service system that provides position related information according to identification information. An information providing service system having an authentication system, an information management system, and a gateway, connected to a user terminal via a communication network, and specific to the user related to the position of the user terminal in response to a request from the user terminal In the information providing service method for providing location related information to the user terminal,
The location-related information database of the information management system, manages the location-related information to be provided to the user identification information of the user of the position information of the specific transformation identification information and the user in association with the specific transformation location information to the user terminal A location-related information management step;
An authentication step of performing user authentication in an authentication system based on the user's password information included in the login request in response to a login request for requesting connection from the user terminal to the information providing service system by the gateway; ,
A session ID generation step of generating a session ID unique to the login in response to the authentication success of the user authentication by the gateway;
A session ID notification step of notifying the session ID to the user terminal by the gateway and notifying the information management system of a service start instruction including the session ID and the user identification information and location information of the user;
In response to the service start instruction from the gateway, the information providing server of the information management system converts the user identification information, the location information, and the session ID included in the service start instruction into unique conversion user identifications, respectively. A step of notifying the position related information database of an information generation request including the converted user identification information, the converted position information, and the converted session ID after converting the information, the converted position information, and the converted session ID;
In response to the information generation request from the information providing server, the position related information database includes the converted user identification information and the position related information related to the converted position information included in the information generation request. Storing in association with the conversion session ID included in the information generation request;
After the information providing server converts the session ID of the information providing request into the converted session ID in response to the information providing request from the user terminal including the session ID notified from the gateway by the service start instruction. Notifying the location related information database of a location related information request including the conversion session ID;
In response to the position related information request from the information providing server, the position related information database acquires the position related information stored in association with the conversion session ID included in the position related information request. And notifying the information providing server;
An information providing service method comprising: providing information location related information notified from the location related information database to the user terminal by the information providing server .

Images