JP5592332B2 - Application usage management system - Google Patents

Description

  The present invention relates to a technology of a smart device (information processing apparatus) such as a smartphone or a tablet PC, and more particularly to a fee payment method for an application or service used in the smart device.

  Smart devices typified by smartphones and tablet PCs not only have basic functions required for mobile phones, such as calls, emails, and web browsing, but also by installing dedicated applications (programs). It is possible to extend the functionality of the device itself.

  Because smart devices can install various dedicated applications, they are as versatile as mobile PCs, and the usage phase of smart devices is increasing regardless of personal use or corporate (corporate) use. .

  As a prior art example, there is a mobile device management product (hereinafter referred to as MDM) as disclosed in Japanese Patent Laid-Open No. 2003-58786 (Patent Document 1) and Non-Patent Document 1.

  In Patent Document 1 (“Bill Information Management System” etc.), as a problem, there is a system that can replace the amount used at work from the billing items of the telephone bills addressed to individuals with the bills addressed to corporations. It is described as providing.

  In Non-Patent Document 1, as an explanation of MDM, a remote management function is provided for a smart device, and an administrator collects terminal information from a browser and applies a profile to individuals and groups in an organization. It is described that various instructions such as device lock and initialization can be forcibly executed.

JP 2003-58786 A

CLOMO MDM, [October 17, 2011 search], <URL: http://www.i3-systems.com/mdm.html>

  Consider the situation in which smart devices are used by companies (corporations). Smart devices distributed and used in a company require various restrictions on smart devices in order to cope with security risks such as information leakage. These are called security policies, for example, and realized by using a mobile device management product (MDM) as shown in Non-Patent Document 1, for example.

  As a typical function of the MDM, there is an application installation restriction. The administrator of the company can limit the applications that can be used in the company by using the application installation restriction.

  In addition, for smart devices distributed and used within a company, the company bears communication costs such as call charges and data communication charges. As for smart device applications, there are not only free applications but also those that require usage fees (temporary fees, monthly costs, etc.), and companies need to bear these usage fees.

  With the widespread use of smart devices, there is an increasing need to not only use smart devices distributed within the company but also use smart devices owned by individuals within the company. When a personally owned smart device is used in a company, the following problems (1) and (2) exist with respect to the above-described application installation restriction and the usage fee burden of the application.

  (1) There are applications such as online contents and games, cloud services, etc. that are desired to be used personally regardless of business. There are a wide variety of applications that can be used on smart devices. However, installation within applications that are not related to business (or use of cloud services, etc.) should be restricted when assuming in-house use.

  Therefore, by using MDM, it is possible to restrict the installation of applications that can be used within the company. However, when using a personally owned smart device within the company, it is not a simple installation restriction but a separation of public and private. It is assumed that the installation restrictions will be required.

  (2) I want to divide the payment of usage fees for the application etc. shown in (1) above. The company should bear the usage fee for the application used in the company, but the application fee that is not related to the business (1) is to be paid by the individual. It is.

  In view of this, there is a means for realizing the separation of payment between private and private by manually changing payments in units of terminals and contracts to individuals and corporations using the method of Patent Document 1 and the like. However, since it is impossible to judge whether the usage is public or private for each application and automatically change the payment of the usage fee, the payment of the usage fee for the application or the like is similarly required to separate the public and private.

  As described above, the main purpose of the present invention is to realize the efficiency by automating the use of applications and the payment of charges on corporate-owned / individually owned smart devices that can be used within the company (corporation). It is to provide technology that can.

  In order to achieve the above object, a representative embodiment of the present invention uses information processing of a computer to manage the use of applications, services, and the like in devices including smart devices used by users in organizations including companies. A system or the like that performs processing including the following features.

  In this form (application usage management system), companies (corporate) can use companies such as smart devices (information processing devices) and other applications (purchase / installation, etc.) and manage usage fee payment methods. By simply setting basic information such as applications that can be used within (corporation) and their payment methods, etc., it will automatically determine whether the application is used privately or privately (individually owned) or corporation (corporate owned) Realize separation (public / private separation) management (purchase / installation restrictions, determination of usage fee payment method / cooperation, etc.).

  This system has, for example, a usage determination subsystem (first subsystem) and a payment determination subsystem (second subsystem), and the available application list (first list information) as management information ), Company use application list (second list information), company payment information database (first payment information), personal payment information database (second payment information), and the like.

  The usage determination subsystem refers to the available application list {black list, white list} when purchasing an application in the market for an individual / corporate owned smart device used in the company, and The application that can be used / cannot be used is determined and the unusable application is restricted (for example, purchase / installation is prohibited). At the same time, with reference to the company use application list, it is determined whether the company (enterprise unit) is an application that should bear the cost or that the individual should bear.

  The payment determination subsystem determines the application usage fee payment method (payment details) for public / private separation by referring to the database information according to the processing result of the usage determination subsystem, and various payments / billing / settlement Cooperate with means (for example, external system). The payment determination subsystem refers to the corporate credit card information stored in the company payment information when the purchase determination application determines that the application to be purchased should bear the usage fee, Depending on the contents, the fee is paid by cooperating with the payment system. On the other hand, if the payment determination subsystem determines that the application to be purchased should not bear the usage fee but the individual should pay the usage fee in the usage determination subsystem, By referring to the stored personal credit information and the like and linking with the payment system or the like according to the contents, the fee payment is performed.

  This system includes, for example, a first subsystem that performs processing for determining whether to use an application on a user device of an organization using list information. The first subsystem holds first list information and second list information. The first list information includes at least one of information on applications that can be used uniformly or information on applications that cannot be used uniformly. The second list information includes information for setting a specific application that can be used in the organization for each target organization and the organization should bear the cost. The first subsystem refers to first processing for determining whether or not the application can be used by referring to the first and second list information at a stage before the use of the target application in the user device of the organization. Based on the first processing result, if available, the purchase or installation is controlled so that the target application can be used on the user's device of the organization, and if not available, the user of the organization And a second process for controlling purchase or installation so that the target application cannot be used in the device.

  According to the representative embodiment of the present invention, it is possible to realize efficiency by automating public / private separation for use of applications and the like and payment of charges in corporate / individually owned smart devices that can be used in a company.

1 is a diagram showing an overall configuration of a system (including a smart device application use management system) according to an embodiment of the present invention. In this Embodiment, it is a flowchart which shows operation | movement and a process of the whole system. In this Embodiment, it is a figure which shows an example of an available application list | wrist (in the case of a black list). In this Embodiment, it is a figure which shows an example of a company utilization application list. It is a figure which shows an example of company payment information in this Embodiment. It is a figure which shows an example of personal payment information in this Embodiment.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. Note that components having the same function are denoted by the same reference symbols throughout the drawings for describing the embodiment, and the repetitive description thereof will be omitted. In addition, it is set as application: AP etc. suitably from description.

  The system of the present embodiment is centered on the management system (smart device application utilization management system) 104 shown in FIG. 1, performs the processing shown in FIG. 2, and manages and processes data information as shown in FIGS. To do. With this configuration, the use (purchase / installation) of the application 103 and the like for the smart device 101 (corporate owned / privately owned) used by the company (the user), and the management of the public / private separation related to the payment of the charge / automatic It has a processing function for sorting. The management system 104 includes an application usage restriction system (function) and a payment information management system (function) for the smart device 101 of the company.

[system]
FIG. 1 shows the entire system according to the present embodiment. The entire system includes a smart device 101 (corporate ownership and personal ownership), an application 103 market 102, a management system 104 (smart device application use management system), and the like. Although not shown in the drawings, the prerequisite environment includes existing elements such as information processing systems and devices (for example, LAN, PC, etc.) used by companies and individuals, the Internet, and external payment / billing / settlement systems.

  The smart device 101 is a smart device (an information processing apparatus having various functions such as calling, mail, and Web browsing) used by a user (employee) in a company. The smart device 101 is a corporate-owned smart device (referred to as a “first (first type) device” or the like) distributed / provided to a user by a company, or a personally-owned smart device that a user brings into the company. It is assumed that there are two types (referred to as “second (second type) device” for explanation). Although only one company, one user, and one device are shown, there are a plurality of devices in the same manner, and each of these devices can be managed. The smart device 101 may include a program module for controlling communication with the management system 104.

  The market 102 is an existing seller, marketplace site, or the like that publishes / sells the application 103 that can be used by the smart device 101. Similarly, there are a plurality of applications 103.

  The management system (smart device application utilization management system) 104 is realized by predetermined hardware and software. The management system 104 includes a usage determination subsystem 105, a payment determination subsystem 108, and a setting interface unit 111 as subsystems (processing units).

  As an example of the hardware / software configuration of the management system 104, a configuration in which one or more computers such as a server or a PC including a CPU, a ROM, a RAM, an HDD, a communication interface device, an input device, and an output device are connected, for example, The processing of each subsystem is realized by executing each program of the present embodiment loaded into the RAM by the CPU. Or it is good also as a form which comprised by another computer for every subsystem, and was connected by communication.

  The usage determination subsystem 105 includes a control unit realized by software program processing (not shown), a storage unit realized by storage, and the like, and stores and manages data information (105, 107) shown in the figure. . The use determination subsystem 105 performs processing for determining whether or not the application 103 relating to the company smart device 101 (for each company, for each user, for each device) can be used by using the data (105, 107).

  The available application list 106 is information on a list of applications that can be used or cannot be used by all the smart devices 101 used in the company as the first list information (for the first restriction). This is application information that can be used / cannot be used uniformly regardless of the company or user, and public information such as general security information may be used. The white list describes information about applications that can be used, and the black list describes information about applications that cannot be used.

  The company use application list 107 is list information of applications for which the company bears a use fee as second list information (for second restriction). This can be set differently for each company.

  The payment determination subsystem 108 includes a control unit realized by software program processing (not shown), a storage unit realized by storage, and the like, and is configured to store and manage the data information (109, 110) shown. . The payment determination subsystem 108 determines the payment method (contents) of the usage fee of the target application by the company / user according to the processing result of the usage determination subsystem 105, and uses the actual payment / settlement system (external To be executed in conjunction with the system).

  The company payment information DB 109 is a database that manages information on a payment method (credit card or the like) when a company bears an application usage fee.

  The personal payment information DB 110 is a database that manages information on a payment method (such as a credit card) when an individual bears an application usage fee.

  The setting interface unit 111 provides user interface processing for setting the contents of each data information (106, 107, 109, 110) by an administrator (setting person) or the like. For example, the setting interface unit 111 performs display processing of a setting Web screen. For example, the contents of each data (particularly 107) can be set according to the security policy of the company. Setting is also possible from the smart device 101 (a3).

  The user installs the application 103 on the smart device 101 used in the company and uses it. In that case, it is necessary to purchase the application 103 from the market 102 selling the application 103 and install it on the smart device 101. In the case of the smart device 101, when the application 103 is purchased from the market 102, the management system 104 (105, 108) is used to determine whether the application can be used within the company, and the application usage fee. The payment method is automatically determined and entered.

  106 and 107 are used as list information for determining whether or not the application 103 can be used in the smart device 101 in the company. The available application list 106 includes one or both of a black list (BL) that is a list of unusable applications and a white list (WL) that is a list of available applications. The use determination subsystem 105 determines whether or not the application 103 can be used in the company based on the available application list 106 (BL, WL) at the time of purchase / installation (immediately before). Limit one.

  In FIG. 1, a <b> 1 indicates purchase of the application 103. a2 indicates installation of the application 103. a3 indicates use / payment settings from the smart device 101 to the management system 10; a4 represents control communication between the management system 104 and the market 102 (may be communication via the smart device 101). a5 indicates company payment (cooperation). a6 indicates personal payment (cooperation).

  Hereinafter, each data information example will be described with reference to FIGS. 3 to 6, and then the contents of the system processing will be described with reference to FIG. 2.

[Available application list]
FIG. 3 shows an example of the black list (BL) as the available application list 106. The table items include, for example, (a) application ID, (b) application name, (c) version, (d) vendor, (e) state, (f) reason, and the like. Applications in this list are basically unavailable. (E) The state has enable (valid) / disable (invalid) as a value, and becomes invalid when invalid. For example, in the first line, the application cannot be used because it is an application that may leak information.

  The available application list 106 corresponds to application restriction means that has already been realized in order to restrict applications to be used in a company in the prior art such as Non-Patent Document 1, for example. In the present embodiment, in the usage determination subsystem 105, the available application list 106 (BL, WL) is merely used as a material for determining an application having a general security risk such as information leakage. We are using.

  When it is allowed to use a personally owned smart device within the company, applications other than those with security risks as described above should not be restricted by the company and should be left to the discretion of the individual. Therefore, in the usage determination subsystem 105, in addition to the available application list 106 that realizes the first restriction, the enterprise usage application list 107 is held (set) and used for determination, so that the application 103 that can be used in the enterprise is related. There is another level of restriction.

  The company use application list 107 manages list information of applications for which a company should pay a cost (use fee) for each company. For example, in this list (107), information such as a specific application used for business in a company or an application developed in-house is held.

  By holding the list information (106, 107), the usage determination subsystem 105 not only determines whether the target application 103 itself can be used by the smart device 101 used in the company, but also the application. It is also possible to determine whether the company should bear the usage fee of 103. That is, it is possible to automatically determine and distribute usage / payment in units of the application 103 without depending on the smart device 101 that distinguishes between personal ownership and corporate ownership.

[Business application list]
FIG. 4 shows an example of the company use application list 107. The table items include, for example, (a) application ID, (b) application name, (c) version, (d) vendor, (e) state, (f) reason, and the like. Applications in this list are basically available. In this example, the setting information example of one company is shown, but a plurality of companies can be managed in the same manner. In this case, IDs and tables are managed for each company. For example, in the first line, a specific application used for in-house mail browsing is set as available and cost burden for the company.

  When it is determined by the usage determination subsystem 105 that the target application 103 is an application that can be used within the company and should be borne by the company, or can be used personally and expensed by the company. In any case, the process is transferred (linked) to the payment determination subsystem 108.

[Payment Information]
FIG. 5 shows an example of the company payment information DB 109 (company payment information therein) held in the payment determination subsystem 108. The company payment information DB 109 is used (referenced) when the use determination subsystem 105 determines that the application is used for business in the company. The company payment information DB 109 manages various payment information such as corporate credit card information, payment information of communication carriers that have concluded a corporate contract, and bill payment information. The payment determination subsystem 108 automatically extracts payment information related to the information of the user (company) who uses the target application 103. Further, when there are a plurality of corresponding payment information, the payment information can be automatically selected or manually selected according to the priority of the application unit or the user unit.

  In the example of FIG. 5, the items in the left table include (a) user ID, (b) user name, (c) device usage method, and the like. a and b correspond to company information and employee information. The device usage method c indicates a classification such as whether the smart device 101 is provided by a corporation or is a personal device. The table is associated with each table on the right using the user ID as a key. For example, a management table related to credit card information has a user ID, a credit number, a brand name, etc., and a management table related to communication carrier information has a user ID, a contractor number, a carrier name, etc., and claims payment information In the management table, user ID, address, account, and the like are included. These pieces of information are processed while maintaining a predetermined security level corresponding to the contents of information of the external system to be linked.

  FIG. 6 similarly shows an example of the personal payment information DB 109 (individual payment information therein). The personal payment information DB 110 is used (referenced) when the usage determination subsystem 105 determines that the application is for personal use. Similarly to the company payment information DB 109, the personal payment information DB 110 manages various payment information, and is linked with personal credit card information, electronic money, and the like. Similarly, when there are a plurality of corresponding payment information in the personal payment information DB 110, the payment information can be automatically selected or manually selected according to the priority of the application unit or the user unit.

  In the example of FIG. 6, the items in the left table include (a) user ID, (b) user name, (c) device usage method, and the like. a and b correspond to the employee's personal information. The management table related to credit card information on the right has user ID, credit number, brand name, etc., and the management table related to electronic money information has user ID, electronic money ID, type, etc.

[processing]
In the processing flow of FIG. 2, the processing steps after S1 are included.

  (S1) First, an application (AP) 103 to be used by the smart device 101 in the market 102 is purchased by a user or the like. However, the purchase is not confirmed at this point, but is confirmed after the subsequent processing. At this time, for example, a purchase request for the target AP 103 is transmitted from the smart device 101 to the market 102.

  (S2) The information of the target AP 103 is transmitted from the smart device 101 to the management system 104 at the opportunity of S1. For example, application ID, user information, device information, etc. are included.

  (S3) Based on the information of S2, the usage determination subsystem 105 reads the information of the available AP list 106.

  (S4) In S4, a branch is made depending on whether the available AP list 106 is BL or WL.

  (S5) In S5, the usage determination subsystem 105 determines whether or not the information on the purchase target AP 103 exists in the BL (whether the purchase target AP 103 is unusable (restriction target)). If yes (Y), go to S7; if not (N), go to S8.

  (S6) In S6, the usage determination subsystem 105 determines whether or not the information of the purchase target AP 103 exists in the WL (whether the purchase target AP 103 is applicable (no restriction)). If yes (Y), go to S8; if not (N), go to S9.

  (S7) In S7, information indicating that purchase of the target AP 103 is prohibited (not purchased) is returned to the market 102 (purchaser) or the smart device 101 in order to determine that use is not possible. Thus, control is performed so that the target AP 103 is not purchased by the smart device 101, and installation is not performed.

  (S9) In S9, similarly, information indicating that the target AP 103 is forbidden to purchase (not purchased) is returned to the market 102 (purchaser) or the smart device 101 in order to determine that use is not possible. Thereby, control is performed so that the target AP 103 is not purchased by the smart device 101.

  (S8) In S8, since it does not correspond to BL or corresponds to WL, it is first determined that the AP 103 can be used as the first stage, and the usage determination subsystem 105 determines for the second stage. Then, the information of the company use AP list 107 is read.

  (S10) In S10, the usage determination subsystem 105 determines whether or not the information of the AP 103 to be purchased exists (corresponds) in the information of the company usage AP list 107. The presence indicates that the AP 103 can be used by the company and the company should pay the cost. If yes (Y), go to S11, and if not (N), go to S12.

  (S11) In S11, in order to make the company payment, the payment determination subsystem 108 refers to the company payment information (109). Then, payment information (payment method information) related to the target company, user, device, application, etc. is extracted, and information for cooperation with the payment system etc. is generated in such a content that the company pays for the purchase of the AP 103, etc. .

  (S12) In S12, the personal payment information (110) is referred to by the payment determination subsystem 108 for personal payment. Then, payment information (payment method information) related to the target company, user, device, application, etc. is extracted, and information for cooperation with the payment system etc. is generated in such a manner that the individual pays the fee for the purchase of the AP 103, etc. .

  (S13) In S13, based on the results of S11 and S12, using the payment method information (for example, credit card information) of the corresponding company in the company payment information (109), payment / billing / settlement of the cooperation destination It transmits to a system etc. and cooperates (a5 of FIG. 1). In addition, in the case where the individual payment is paid independently, similarly, using the information on the payment method of the corresponding individual (for example, credit card information), the information is transmitted to the payment / billing / settlement system of the cooperation destination and linked (see FIG. 1 a6).

  (S14) In S14, information indicating that the purchase of the target AP 103 is completed is returned to the market 102 or the smart device 101, and the process ends.

[Effects]
As described above, according to the present embodiment, it is possible to achieve the efficiency by automating the use of the application 103 and the payment of its charges in the corporate / individually owned smart device 101 that can be used in the company. . The conventional manual distribution work is also reduced.

  As mentioned above, the invention made by the present inventor has been specifically described based on the embodiment. However, the present invention is not limited to the embodiment, and various modifications can be made without departing from the scope of the invention. Needless to say. For example, the system in FIG. 1 may be separated or integrated for each functional process. Further, for example, the information may be managed and determined not only in company units (organizational units) and individual units, but also in group units in the organization, for example.

  The present invention can be used for an information management / operation system in a company, an information management / operation system (service) outside a company, and the like.

  DESCRIPTION OF SYMBOLS 101 ... Smart device, 102 ... Market, 103 ... Application, 104 ... Management system (smart device application use management system), 105 ... Usage judgment subsystem, 106 ... Available application list, 107 ... Company use application list, 108 ... Payment Judgment subsystem, 109 ... company payment information DB, 110 ... personal payment information DB.

Claims (3)

An application usage management system that performs processing including management related to application usage in devices including smart devices used by users in organizations including companies using information processing of a computer,
A first subsystem that performs a process of determining whether to use an application on a user device of the organization using the first list information and the second list information;
The first list information includes at least one of application information that can be used uniformly or application information that cannot be used uniformly,
The second list information includes information on a specific application that can be used in the organization for each target organization and the organization should bear the cost,
The first subsystem is:
A first process for determining whether or not the application can be used by referring to the first and second list information at a stage before the use of the target application in the user device of the organization;
Based on the result of the first processing, if it is available, control is performed so that the target application can be used on the user's device of the organization. If not, the target on the user's device of the organization is used. There row and the second processing, the controlling so as to preclude the use of the application,
A second sub-system that performs processing for managing the payment of usage charges related to the use of an application on a user device of the organization using the first payment information and the second payment information;
The first payment information includes information on an organization payment method used when the organization pays an application usage fee,
The second payment information includes information on an individual payment method used when an individual in the organization pays an application usage fee.
The second subsystem is:
If the organization should bear the cost for the available application according to the processing result of the first subsystem, refer to the first payment information to determine the payment method of the corresponding organization. A third process of extracting information and extracting the information of the payment method of the corresponding individual with reference to the second payment information when the individual should bear the cost;
And performing a fourth process of performing fee payment in cooperation with a predetermined payment system using information on the payment method of the third processing result . In the application use management system according to claim 1,
The first list information uses information based on security risk,
The second list information uses information set by an administrator,
An interface processing unit for setting contents of information including the second list information;
When purchasing an application to be used from the market on the user device of the organization, a process of transmitting information on the purchase target application to the first subsystem is performed.
The first subsystem determines whether or not the application can be used as the first process by referring to the first and second list information based on the information of the application to be purchased, and the organization To determine whether to pay the cost by the individual or to pay the cost by the individual, and as the second process, based on the result of the first process, if available, the target application in the user device of the organization Use of an application characterized in that it is controlled so that the purchase and installation of the application can be performed, and when the use is not possible, the purchase and installation of the target application on the device of the user of the organization is disabled. Management system. In the application use management system according to claim 1 ,
As the third process, the second subsystem pays a fee related to the purchase of the application at the user device of the organization for the available application according to the processing result of the first subsystem. If the organization should bear the cost, the first payment information is referred to extract information on the payment method of the corresponding organization, and if the individual should bear the cost, the second The application use management system is characterized in that the third process is performed by referring to the payment information and extracting information on the payment method of the corresponding individual.

Images