JP5767133B2 - Information trading system - Google Patents

Description

  The present invention relates to an information transaction system, and in particular, personal information (e.g., static information such as address, name, age, and sex, profile information such as hobbies and preferences, and various electronic information related to individuals such as health / physical state and behavior history). In addition, the present invention relates to an information transaction system that provides a mechanism for distributing data on the network of owners and managers, such as computerized business information held by corporations / organizations such as companies. Data that is generated or collected by individuals and corporations targeted by the system of the present invention and considered to have ownership and management rights will be collectively referred to as personal management data.

  Personal information on the network includes specific services such as Amazon (registered trademark) (credit card information, purchase history on the site, etc.), Google (registered trademark) (personal profile, email, schedule, search history, etc.) Accumulated data linked to services provided by providers or specific applications (photographs, GPS logs, pedometer logs, weights in health management applications, changes in body fat percentage, etc.) executed on smartphones and personal computers There are cases in which a part of the archive is provided and an interface is provided for the user's individual, but it is not mutually usable between different services and applications, but individual behavior history data, corporate business data Includes information that is valuable to the third party. Despite to have a mechanism that the administrator of these data causes the cross flow with the principal does not exist at present.

  Personal management data often contains information that is valuable to the third party. Information obtained by statistically processing purchase histories of all products among personal behavior histories is very useful for product development and marketing by companies. In addition, the records of deliveries and operations accumulated for the company by the shipping company and the like include information such as actual road conditions and traffic conditions. Until now, there is a form in which a specific company provides a specific service to individuals, etc., and provides a data archive that collects such information, and a processed analysis of it to a third party for a fee, As an example, Cookpad (registered trademark) provides cooking recipe disclosure and search services to individuals, while collecting collected recipes and search logs and selling them to the food industry (however, to third parties) (There is only a procedure for information distribution, such as information provision, and specific technical elements cannot be confirmed.)

  When distributing (trading) the value of personal management data over a network, with existing methods, the raw data is collected and sold in the form of files, or the raw data or information obtained from the data is in the form of a blog, etc. There are those that are publicly disclosed on the network and get money indirectly through browsing fees or affiliates through advertisements, but access to personal management data is controlled by the data owner (administrator). There is no mechanism for mutual distribution of only the information obtained from.

  In Patent Document 1, a system administrator applies data (which corresponds to a customer name list stored on a trader side in electronic commerce, etc.) into a database of static profile information such as an individual's address, name, and hobby. , We have proposed a method of deleting and selling some columns (names, addresses, etc.) in the database, processing them into the minimum database required by those who want to use the database (other vendors, etc.) .

  In Patent Document 2, for example, distribution of advertisements for individuals in electronic commerce on the Internet, etc., and in the case of distribution of advertisements that match profiles such as personal tastes and preferences, matching of personal information provision level and provision destination A mechanism has been proposed for controlling the personality on the individual side.

  Non-Patent Document 1 defines a mechanism for performing transmission / reception of data between service providers, taking over authentication, and the like by pseudonymizing users based on the specification of Security Association Markup Language (SAML).

Japanese Patent Laid-Open No. 2002-42012 JP 2001-308551 A

SAML Standard Specification Security Assessment Markup Language (SAML) v2.0, OASIS, March 2005 http: // sam. xml. org / sam-specifications http: // www. ieice. org / jpn / books / kaishikiji / 2009/200904. pdf (Japanese commentary)

  In general, even if personal management data is worth secondary use, it is not in a situation where it is freely distributed under the owner / manager of the target data. One factor that hinders distribution is the threat of privacy infringement.

  As a method of extracting valuable information such as statistical information from the personal information of multiple people while ensuring anonymity of individuals on the network, there is a web questionnaire method using web or direct mail, but it is only a specific method There is a server that distributes (presents) questionnaires to survey subjects and collects their responses, and anonymization is performed there, so there is information on the relay server and information that identifies individuals. Strictly, anonymity cannot be ensured because they can be associated with each other. In addition, since the target person directly answers the questionnaire, the number of answers and the amount of answers are limited, and it is not suitable for a very large and detailed questionnaire.

  In Patent Document 1, privacy is protected by deleting some columns of a database. However, in Patent Document 1, since an operator who is not an individual who should be an administrator of information corresponding to one record in the database (in this case, one customer corresponds to one person) manages personal information, information is provided. An individual who is a person cannot perform management control based on how data is processed for the use of his / her own information. For this reason, it cannot be said that privacy protection from an individual viewpoint is sufficient.

  In Patent Document 2, the provision level (provision range) can be limited, but since the raw data must still be provided (disclosed), the privacy of the information provider may be infringed. Further, the one-dimensional evaluation of the provision level can be limited only to static personal information such as a profile, and it is impossible to deal with personal information that sequentially accumulates and changes such as an action history. For this reason, the privacy of individuals cannot be protected against personal information that accumulates and changes sequentially, such as an action history.

  Non-Patent Document 1 defines only the pseudonym of the user who is the information provider, and does not establish data transmission / reception (transaction) with both the user and the service provider in a pseudonym state. In this case, there is a problem that the trend of service providers who are information collectors becomes public.

  Therefore, an object of the present invention is to provide a system that enables privacy protection from the viewpoint of an individual who is an information provider and does not disclose the trend of information collectors.

  In order to achieve the above object, the information transaction system and the information transaction method of the present invention are such that the transaction support server that handles the personally-identified information of the information collector and the information provider is completely aware of the content of the information subject to the transaction. The transaction support server is separated from the transaction so that the transaction cannot be performed. Thereby, the strict anonymity of the information collector and information provider who are the traders is ensured, and a mechanism for safely distributing data is provided.

  Specifically, the information transaction system of the present invention obtains a pseudonym from a transaction support server that generates and returns a pseudonym upon receipt of a pseudonym issuance request from an information collector terminal and an information provider terminal. The information collector terminal that distributes the information provision request using the acquired pseudonym as the distribution source and collects the response to the information provision request, acquires the pseudonym from the transaction support server, and uses the acquired pseudonym as the response source An information provider terminal that makes an answer to the information provision request.

  In the information transaction system according to the present invention, when the information provision request is received from the information collector terminal, the received information provision request is disclosed to the information provider terminal in a state where it can be acquired from the information provider terminal. A distribution server; and an answer collection server that, when receiving the answer from the information provider terminal, publishes the received answer to the information collector terminal in a state where the answer can be acquired from the information collector server. Good.

  In the information transaction system of the present invention, the answer collection server transmits the pseudonym of the information provider terminal that has received the response and an identification mark of the information provision request to the transaction support server, and the information provider terminal Inquiries as to whether or not the information provision request has been answered, if the answer has already been made, the answer is not sent to the information collector terminal, and if not answered, the answer is sent to the information collector terminal, When the transaction support server receives an inquiry from the answer collection server whether or not it has been answered, the transaction support server determines whether or not the information provider terminal has answered the information provision request and has answered If so, the fact may be transmitted to the answer collection server, and if not answered, the fact may be sent to the answer collection server and the fact that it has been answered may be registered.

  In the information transaction system of the present invention, a set of the real name of the information collector terminal and the real name of the information provider terminal is acquired from the transaction support server, and between the information collector terminal and the information provider terminal The information processing device further includes a point server for establishing a commercial transaction, and the transaction support server registers the information from the pseudonym of the information provider terminal that has been answered and the identification mark of the information provision request when registering that the response has been completed. The real name of the provider terminal and the real name of the information collector terminal may be derived, and the set of the real name of the information collector terminal and the real name of the information provider terminal obtained may be transmitted to the point server.

  Specifically, in the information transaction method of the present invention, the information collector terminal and the information provider terminal obtain a pseudonym from the transaction support server, and the information collector terminal that obtained the pseudonym provides the pseudonym as a distribution source. An information provision request distribution procedure for distributing a request, an information provider terminal that has acquired the pseudonym transmits a reply to the information provision request with the pseudonym as a reply source, and a reply procedure in which the information collector terminal collects the reply; , In order.

  In the information transaction method of the present invention, in the information provision request distribution procedure, the question distribution server can receive the information provision request from the information collector terminal and acquire the received information provision request from the information provider terminal. Distributing the information provision request by publishing it to the information provider terminal in a state, and in the reply procedure, the answer collection server receives the reply from the information provider terminal, and the received reply is the information collector terminal The information collector terminal may collect the answer by publishing it to the information collector terminal in a state where it can be acquired from the information collector terminal.

  In the information transaction method of the present invention, in the reply procedure, the information provider terminal transmits the identification mark of the information provision request and the pseudonym of the information provider terminal to the answer collection server at the time of the reply, The information provider terminal that has received the reply and the identification indicator of the information provision request are transmitted to the transaction support server to inquire whether the information provider terminal has already responded to the information provision request. The information provider terminal determines whether or not the information provider request has been answered. If it has been answered, the fact is sent to the answer collection server, and if not answered, the answer collection is sent to that effect. It may be transmitted to the server and registered as having been answered, and the answer collection server may disclose the answer to the information collector terminal in a state where it can be acquired from the information collector terminal.

In the information transaction method of the present invention, in the reply procedure, when the transaction support server registers that the reply has been completed, the pseudonym of the information provider terminal that has been answered and the identification mark of the information provision request Deriving the real name of the information provider terminal and the real name of the information collector terminal, and transmitting the obtained real name of the information collector terminal and the real name of the information provider terminal to the point server,
The point server may further include a point clearing procedure for establishing a commercial transaction between the information collector terminal and the information provider terminal received from the transaction support server after the answering procedure.

  Specifically, the information transaction system of the present invention acquires a pseudonym from the pseudonym management server that generates and returns a pseudonym upon receiving a pseudonym issue request from the information collector terminal and the information provider terminal. The information collector terminal that distributes the information provision request using the acquired pseudonym as the distribution source and collects the response to the information provision request, acquires the pseudonym from the kana management server, and uses the acquired pseudonym as the response source An information provider terminal that makes an answer to the information provision request.

  In the information transaction system according to the present invention, when the information provision request is received from the information collector terminal, the received information provision request is disclosed to the information provider terminal in a state where it can be acquired from the information provider terminal. A distribution server; and an answer collection server that, when receiving the answer from the information provider terminal, publishes the received answer to the information collector terminal in a state where the answer can be acquired from the information collector server. Good.

  In the information transaction system of the present invention, the pseudonym of the information provider terminal and the identification mark of the information provision request are acquired from the pseudonym management server and stored, and an inquiry as to whether or not the answer has been made is sent from the answer collection server. Upon receipt, it is determined whether or not the information provider terminal has answered the information provision request, and if it has been answered, the fact is transmitted to the answer collection server, and if not answered, the fact is indicated. It further includes a transaction management server that transmits to the answer collection server and registers that it has been answered, and the answer collection server includes a pseudonym of the information provider terminal that has received the answer and an identification mark of the information provision request. It is transmitted to the transaction management server and inquires whether or not the information provider terminal has answered the information provision request. The not transmitted to the information collection terminal, if not Answer may transmit the reply to the information collection terminal.

  In the information transaction system of the present invention, a set of the real name of the information collector terminal and the real name of the information provider terminal is acquired from the transaction management server, and between the information collector terminal and the information provider terminal. The transaction management server further includes a point server that establishes a commercial transaction, and the transaction management server registers a real name corresponding to the pseudonym of the information provider terminal and the information collector terminal that has been answered when registering that the response has been completed. A set of the real name of the information collector terminal obtained and the real name of the information provider terminal obtained from the pseudonym management server may be transmitted to the point server.

  Specifically, in the information transaction method of the present invention, the information collector terminal and the information provider terminal acquire a pseudonym from the kana management server, and the information collector terminal that acquired the pseudonym provides the kana as the distribution source. An information provision request distribution procedure for distributing a request, an information provider terminal that has acquired the pseudonym transmits a reply to the information provision request with the pseudonym as a reply source, and a reply procedure in which the information collector terminal collects the reply; , In order.

  In the information transaction method of the present invention, in the information provision request distribution procedure, the question distribution server can receive the information provision request from the information collector terminal and acquire the received information provision request from the information provider terminal. Distributing the information provision request by publishing it to the information provider terminal in a state, and in the reply procedure, the answer collection server receives the reply from the information provider terminal, and the received reply is the information collector terminal The information collector terminal may collect the answer by publishing it to the information collector terminal in a state where it can be acquired from the information collector terminal.

  In the information transaction method of the present invention, in the reply procedure, the information provider terminal transmits the identification mark of the information provision request and the pseudonym of the information provider terminal to the answer collection server at the time of the reply, , The pseudonym of the information provider terminal that received the response and the identification indicator of the information provision request are transmitted to the transaction management server to inquire whether the information provider terminal has already answered the information provision request, The information provider terminal determines whether or not the information provider request has been answered. If it has been answered, the fact is sent to the answer collection server, and if not answered, the answer collection is sent to that effect. It may be transmitted to the server and registered as having been answered, and the answer collection server may disclose the answer to the information collector terminal in a state where it can be acquired from the information collector terminal.

  In the information transaction method of the present invention, in the reply procedure, the transaction management server corresponds to the pseudonym of the information provider terminal and the information collector terminal that have been answered when registering that the reply has been completed. Information obtained by inquiring the pseudonym management server and obtaining the real name, transmitting the obtained real name of the information collector terminal and the real name of the information provider terminal to the point server, and the point server receiving from the transaction management server You may further have the point liquidation procedure which establishes the commercial transaction between a collector terminal and an information provider terminal after the said reply procedure.

  The above inventions can be combined as much as possible.

  According to the present invention, the present invention can provide privacy protection from the viewpoint of an individual who is an information provider, and can provide a system that does not disclose information collectors' trends.

The schematic diagram of the information transaction system concerning this embodiment is shown. An example of a transaction sequence is shown. Another example of the sequence from the questionnaire performer pseudonym issuance step S201 to the response collection step S206 is shown. An example of the real name record in the transaction support server 30 is shown. An example of the query record in the transaction support server 30 is shown. An example of the transaction record in the transaction support server 30 is shown. The flow of processing from query acquisition to answer creation and reply in the respondent terminal 20 is shown. The functional block diagram of the data access management part 22 and the data storage part 21 which perform a query / answer process is shown. An example of the contents of a query is shown. An example of a condition C template is shown. An example of the template of the process F is shown. An example of the function J determined by the combination of the condition C and the process F is shown. An example of the function J is shown. The schematic of the information transaction system concerning Embodiment 2 is shown. An example of a transaction sequence is shown. Another example of the sequence from the questionnaire issuer kana issue step S401 to the response collection step S407 is shown. An example of the database which a kana management server stores is shown.

  Embodiments of the present invention will be described with reference to the accompanying drawings. The embodiments described below are examples of the present invention, and the present invention is not limited to the following embodiments. In the present specification and drawings, the same reference numerals denote the same components.

  The system configuration of the information transaction system according to the present invention includes (1) restricting external access to personal management data, thereby preventing “outflow of raw data” and “specific restricted data retrieval, "Statistics and analysis processing" can be performed safely to extract only valuable information from raw personal management data. (2) Questions (below) , Query) and returning an answer (answer) to the query to realize indirect access to personal management data. (3) At that time, unspecified majority, living in specific target area, specified A mechanism for passing a query anonymously or with a real name to a management entity (individuals, corporations) of a large number of specific personal management data such as the target age group, and (4) providing valuable information It is disclosed from the administrator's point of view and the resistance to use of personal management data that is referred to in order to be released (corresponding to the degree of privacy infringement), as well as objective information value (information amount, transaction examples, etc.) Value of the subject personal management data itself, and the creditworthiness of the transaction partner (the entity that accesses the personal management data and retrieves the information = the sender of the query) and the transaction (5) The exchange of information value (buying and selling) is executed while ensuring anonymity, and duplicate transactions (identical Consists of a mechanism that prevents anonymous answers from being returned multiple times to the same query issued by the same query issuer for personal management data, and multiple transactions are thereby made. Is shall.

  More specifically, the information collected by an individual electronically is collected and collected for individuals via an anonymous questionnaire, and the compensation is paid to the individual based on the contents of the questionnaire. A system for displaying appropriate advertisements will be described as an example.

(Embodiment 1)
FIG. 1 shows a schematic diagram of an information transaction system according to the present embodiment. The information transaction system according to the present embodiment includes a questionnaire performer server 10 that is an information collector terminal, an answerer terminal 20 that is an information provider terminal, a transaction support server 30, a credit information server 40, and a question distribution server. A query distribution server 50, an answer collection server 60, and a point server 70.

  The questionnaire executor server 10, the respondent terminal 20, the query distribution server 50, and the answer collection server 60 exchange questionnaires and responses, and the transaction support server 30, the credit information server 40, and the point server 70 have credit functions for information transactions and Responsible for the mechanism to solve financial transactions. In addition, the function of the respondent terminal 20 (method of determining the content of the answer and the method of restricting information to be answered), the function of the query distribution server 50 and the answer collection server 60 (maintaining anonymity, distributing a query to a specific number of users, (Recovery function) will be described separately.

  Each element in FIG. 1 will be described. The personal (and corporate) terminal that owns / manages personal management data is the respondent terminal 20 (owned by user A) and sends a query as an information provision request to the personal management data to obtain some information. The terminal that is owned and managed by the main subject is assumed to be the questionnaire executor server 10 (owned by user B). If it explains with a model of a questionnaire, it will be fundamental that a questionnaire implementer gives a reply (answer) to a respondent by giving a questionnaire (query). Since this exchange is assumed to be performed via the network, when the respondent terminal 20 and the survey performer server 10 directly communicate, the respondent terminal 20 and the survey performer server 10 are anonymous from the IP address or the like. It becomes difficult to guarantee the sex. Therefore, in the present invention, the query distribution server 50 that distributes queries and the answer collection server 60 that collects results (answers) are relayed, and the respondent terminal 20 and the surveyor server 10 asynchronously send and receive queries and answers. By exchanging queries and answers, the guarantee of anonymity is strengthened.

  A simple query and answer can be exchanged only by the system including the questionnaire server 10, the respondent terminal 20, the query distribution server 50, and the answer collection server 60. The respondent terminal 20, the query distribution server 50, and the answer collection The server 60 enables a large-scale, high-speed, and anonymous internet questionnaire that is different from the conventional internet questionnaire. In addition to this, the feature of the system configuration according to the present embodiment is that a transaction support server 30, a credit information server 40, and a point server 70 are provided.

<Transaction of information that ensures anonymity>
(1) With the combination of the transaction support server 30 and the credit information server 40, even if the user A and the user B are both anonymous, the trustworthiness of B viewed from A can be confirmed.
(2) With the combination of the transaction support server 30 and the point server 70, the compensation payment (money, points, etc.) from B to A for the information provision by the answer (answer) of the user A to the questionnaire (query) of the user B This is possible while maintaining anonymity.

  FIG. 2 shows an example of a transaction sequence. Before starting the procedure, the real name information of the user A and the real name information of the user B are registered in the transaction support server 30 in advance in different procedures. The information transaction method according to the present embodiment includes an information provision request distribution procedure, an answer procedure, and a point clearing procedure in order. In the information provision request distribution procedure, a questionnaire practitioner pseudonym issue step S201, a questionnaire (query) distribution step S202, a questionnaire (query) acquisition step S203, and a questionnaire response pseudonym acquisition step S204 are executed. To do. In the reply procedure, a reply transmission (answer placement) step S205 and a reply collection (answer collection) step S206 are executed. In the point clearing procedure, the point clearing step S207 is executed.

Questioner issuer pseudonym issuing step (S201)
The questionnaire executor server 10 creates a questionnaire (query) as an information provision request, assigns a query ID (QID) as an identification mark of the information provision request, and together with real name information including the real name of the user B, the transaction support server 30 is requested to issue a pseudonym in this query. The transaction support server 30 confirms the real name registration of B in its own database, generates a temporary name (Ba) of the user B for the query ID (while the query ID is valid), and stores it in the own database. After recording, the pseudonym is returned to the questionnaire executor server 10.

Questionnaire (query) distribution step (S202)
The questionnaire implementer server 10 describes the query ID and the pseudonym of the user B acquired in step S201 in the questionnaire (query), and arranges them in the query distribution server 50 in a state that can be acquired from the respondent terminal 20.

Questionnaire (query) acquisition step (S203)
The respondent terminal of the user A acquires the questionnaire (query) arranged in the query distribution server 50 in step S202, and obtains the query ID and the pseudonym Ba of the user B.

Step for obtaining a pseudonym for answering a questionnaire (S204)
The respondent terminal 20 requests the transaction support server 30 to issue a pseudonym in this query together with the query ID acquired in step S203, the pseudonym Ba of B, and the real name of the user A. The transaction support server 30 confirms the real name registration of A in its own database, generates a temporary name (Aa) of the user A (only while the query ID is valid) for the query ID, and stores it in the own database. After recording, the answer status of the record is set as unanswered, and the same pseudonym Aa is returned to the respondent terminal 20.

Response sending (answer arrangement) step (S205)
The respondent terminal 20 creates an answer to the questionnaire by performing a query process, writes the query ID, the pseudonym of B, and the pseudonym of A, and arranges them in the answer collection server 60. At this time, the contents of the questionnaire (answer), the query ID, the pseudonym of B, and the pseudonym of A can be divided and handled when the electronic signature is given by the user A + (query ID) , B pseudonym, A pseudonym) and (query ID, B pseudonym, A pseudonym) are respectively digitally signed.

Response collection (answer collection) step (S206)
The questionnaire server 10 makes an inquiry to the answer collection server 60 asynchronously, and if a questionnaire (query) corresponding to a combination of (query ID, pseudonym Ba of user B) is arranged (stored), the contents Request acquisition. At that time, the answer collection server 60 extracts (query ID, user B's pseudonym Ba, user A's pseudonym Aa) from the corresponding answer, and requests the transaction support server 30 to check double answers and fraudulent answers. The transaction support server 30 confirms from the (query ID, the pseudonym of the user B, the pseudonym of A) that there is a respondent to the query (exists in the record), and if it does not exist, it is an illegal answer immediately. (NG) is returned to the answer collection server 60. If it exists and the answer status is unanswered, OK is returned to the answer collection server 60, and NG is returned otherwise. When the answer collection server 60 receives NG, it does nothing. As a result, multiple responses due to anonymity (injustice transactions in which an individual impersonates a plurality of people and responds to the same questionnaire multiple times) can be prevented. When the answer collection server 60 receives OK, the answer collection server 60 sends the contents of the questionnaire response to the questionnaire executor server 10, and sends an answer to the transaction support server 30 (query ID, user B pseudonym Ba, user A pseudonym Aa). Tell the content has been delivered. When the transaction support server 30 receives the delivered response, the transaction support server 30 sets the corresponding response count record as answered. At the same time, the transaction support server 30 transmits (query ID, the real name of the user B, the real name of the user A) to the point server 70 and informs that it has been answered.

Point clearing step (S207)
The point server 70 acquires the real name of the user B and the real name of the user A regarding the answered query, and transfers the price designated by the transaction support server 30 from the user B to the user A (such as remittance).

  As described above, the information transaction system according to the present embodiment includes the questionnaire operator server 10, the respondent terminal 20, and the transaction support server 30, and in order to perform step S 201 to step S 205 in order, the anonymity of the questionnaire respondent and the questionnaire operator A questionnaire can be conducted while maintaining Moreover, since the information transaction system which concerns on this embodiment is further provided with the query distribution server 50 and the answer collection | recovery server 60, it can strengthen anonymity maintenance of a questionnaire respondent and a questionnaire implementer. Furthermore, since the information transaction system according to the present embodiment further includes the point server 70, the information transaction (money transaction) is enabled while maintaining the anonymity of the questionnaire respondent.

(Option 1)
The combination of the query ID and the pseudonym Ba of the user B can be substituted by a query hash value H (Ba, QID) that is a hash value calculated by the transaction support server 30 from the two types of information. In this case, the transaction support server 30 stores the hash function obtained by calculating the query hash value together with the query ID and the user B's pseudonym Ba.
Further, the combination of the query ID, the pseudonym Ba of the user B and the pseudonym Aa of the user A can be substituted by a transaction hash value H (Ba, QID, Aa) which is a hash value calculated by the transaction support server from the same three types of information. It is. In this case, the transaction support server 30 stores the hash function obtained by calculating the transaction hash value together with the query ID, the pseudonym Ba of the user B, and the pseudonym Aa of the user A.
In this way, the use of the hash value has an effect that the kana of B and the kana of A are not specified.

(Option 2)
Regarding the transaction conditions for presenting the price of the answer such as the price, the transaction condition recorded in the transaction support server 30 in step S204 is recorded by the user B transmitting to the transaction support server 30 when creating the query in step S201. May be transmitted to the user A and used as a material for answer determination in the respondent terminal 20. Further, at the time of settlement by the point server 70 in step S207, the price can be used according to transaction conditions.

  Instead of recording the transaction conditions in the transaction support server 30, the transaction conditions may be transmitted to the user A by being described in a query as shown in FIG. Further, instead of presenting the transaction conditions from the user B, or in addition to presenting the transaction conditions, the transaction conditions for the user A to provide information to the user B may be described in the answer.

(Option 3)
The surveyor server 10 and the respondent terminal 20 may transmit authentication information such as an electronic signature when accessing each server. Thereby, alteration of the data in each server, such as transaction support server 30, and impersonation to others can be prevented.

(Option 4)
In the sequence shown in FIG. 2, the procedure for acquiring the pseudonyms of the user A and the user B is performed in connection with the query such as the generation of a query. However, the user A and the user B can also acquire the pseudonym independently. It is. FIG. 3 shows an example of the sequence from the questionnaire issuer kana issuance step S201 to the response collection step S206 in this case. In this sequence, steps S301 to S305 are sequentially provided instead of steps S201 to S205 described in FIG. Steps S301 to S304 are executed in the information provision request distribution procedure. In the reply procedure, step S305 is executed.

  In step S301, the questionnaire executor server 10 transmits the real name of the user B to the transaction support server 30, and makes a request for issuing a pseudonym. Transaction support server 30 issues pseudonym Ba of user B and registers it in the database, and returns pseudonym Ba to surveyor server 10. In this sequence, the pseudonym Ba is valid regardless of whether the query ID is valid.

  In step S <b> 302, the respondent terminal 20 transmits the real name of the user B to the transaction support server 30 and makes a request for issuing a pseudonym. Transaction support server 30 issues pseudonym Aa of user A and registers it in the database, and returns pseudonym Aa to respondent terminal 20. In this sequence, the pseudonym Aa is valid regardless of whether the query ID is valid.

  In step S303, a questionnaire (query) distribution procedure is performed. That is, the questionnaire implementer server 10 describes the query in a state where the query ID and the pseudonym Ba of the user B acquired in step S301 can be acquired from the respondent terminal 20 in the questionnaire (query). To place. Then, the query distribution server 50 transmits the query ID, the pseudonym Ba of the user B, and the transaction conditions to the transaction support server 30. The transaction support server 30 registers the query ID, the pseudonym Ba of the user B, and the transaction conditions in the database.

  In step S304, a questionnaire (query) acquisition procedure is performed. Specifically, the respondent terminal 20 acquires a questionnaire (query) arranged in the query distribution server 50 in step S303, and obtains a query ID, a user B pseudonym Ba, and a transaction condition.

  In step S305, a reply transmission (answer arrangement) procedure is performed. Specifically, the respondent terminal 20 creates an answer to the questionnaire by performing a query process, and arranges it in the answer collection server 60.

  In addition, when the user B acquires the kana independently from the query, that is, when the user B conducts the questionnaire a plurality of times using the kana Ba, the query ID and the kana are not specified so that the user B's kana Ba is not specified. It is preferable to use the query hash value H (Ba, QID) instead of the combination of Ba. In addition, when the user A acquires the kana independently of the query, that is, when the user A answers the questionnaire a plurality of times using the kana Aa, the query ID is set so that the kana Aa of the user A is not specified. It is preferable to use the transaction hash value H (Ba, QID, Aa) instead of the combination of the pseudonym Ba and the pseudonym Aa.

  4, 5, and 6 show the configuration of a database related to transactions in the transaction support server 30. In the transaction support server 30, authentication information such as real names and certificates of users (users A and B) participating in the transaction is registered in advance (FIG. 4). In step S201 shown in FIG. 2 and step S303 shown in FIG. 3, the transaction support server 30 creates and manages a query record that can be uniquely identified by the query ID and the pseudonym of the user B (FIG. 5). Furthermore, when a transaction from the respondent terminal 20 occurs in step S204 shown in FIG. 2 and step S305 shown in FIG. 3 for a specific query described in the record, the query ID, the pseudonym Ba of the user B, the user A transaction unit that can be uniquely identified by A's pseudonym Aa is managed as a transaction record (FIG. 6). The query record and the transaction record related thereto disappear when the query (in the example, a questionnaire) ends.

<Acquisition of credit information>
In step S205 shown in FIG. 2 and step S305 shown in FIG. 3, when the user A creates an answer to the query from the user B, the respondent terminal 20 evaluates the trustworthiness of the user B, and By all means, it is determined what question items (specifically, access to user A's personal management data) are permitted. In the transaction procedure shown above, since the respondent terminal 20 of the user A is not informed of the real name of the user B, the reliability cannot be evaluated based on the real name of the user B.

  Therefore, in this embodiment, the respondent terminal 20 of the user A sends the pseudonym Aa of the user A and the pseudonym Ba of the user B to the credit information server 40, and the credit information server 40 inquires the transaction support server 30 about both pseudonyms. Then, the credit information server 40 obtains the real names of the user A and the user B. The credit information server 40 acquires the credit rating of the user B viewed from the user A from the real name of the user B from a database registered in advance. Then, the credit information server 40 transmits the credit rating of the pseudonym Ba to the respondent terminal 20 of the user A. Thereby, the respondent terminal 20 of the user A can acquire the reliability of the pseudonym Ba.

<Answer generation from queries, means of answering>
FIG. 7 shows the flow of processing from query acquisition to answer creation and answering at the respondent terminal 20. As shown in FIG. 9, the query includes an identification number unique to the query composed of the query ID and the pseudonym Ba of the user B, transaction conditions as the price of the answer, execution conditions indicating the timing of creating the answer, and a question content list. Is described. In the respondent terminal 20, the query can be acquired (received) by a specific service application, but is transferred to the data access management unit 22 in the protected area as it is. In this case, if the query content is not encrypted, the service application can refer to the content. The protected area refers to an area that is separated by software by a system management function such as an OS, can communicate only with a specific API from a service application outside the protected area, and guarantees the independence of internal data. . It can be realized by mutually protected processes and independent virtual machine mechanisms. The data access management unit 22 analyzes the contents of the query and determines whether or not the entire query and each question included in the query can be answered according to the answer policy generated by the policy management unit 23. When it is determined that a reply is possible, the personal management data in the data storage unit 21 is accessed and a query is processed to obtain a reply.

  Here, although the respondent terminal 20 is a mobile communication terminal such as a mobile phone or a smartphone, the data storage unit 21, the data access management unit 22, and the policy management unit 23 are stored in the same housing as the respondent terminal 20. There is no need to be. For example, when the data used by the respondent terminal 20 is distributed and stored in a plurality of terminals, the plurality of terminals serve as the data storage unit 21. Further, when the data used by the respondent terminal 20 is managed by a predetermined management server, the management server serves as the data storage unit 21. Similarly to the data storage unit 21, the data access management unit 22 and the policy management unit 23 may be configured by a plurality of terminals, or may be a predetermined server.

FIG. 8 is a functional block diagram of the data access management unit 22 and the data storage unit 21 that perform query / answer processing.
The query analysis unit 224 performs the following processing on the query acquired from the service management unit 24.

・ If encrypted, remove the encryption.
-If the electronic signature is described in the query, verify the electronic signature.
-Check the format of the entire query.
The query content is matched with a query template 226 prepared in advance, the query score for each item of the query template 226 is acquired, and then converted into a query dedicated to the data storage unit (DB) 21. FIG. 9 shows an example of the contents of the query. The query includes, for example, items of query ID, executor pseudonym, transaction condition, execution condition, question content list, and answer collection server. The query ID describes information for identifying the query. In the performer kana, the pseudonym Ba of the user B is described. In the transaction conditions, the value of the query answer paid from the user B is indicated by a numerical value or the like (Y). The execution condition describes the timing of creating an answer such as a question content calculation and answer generation / answer condition. In the question content list, the question number, its condition C, and processing F are described. The answer collection server describes the answer sending destination.
Transfer the entire converted query to the data processing unit 223.

The data processing unit 223 executes the following processing for the converted query.
The query ID, the user B's pseudonym Ba, and the transaction conditions are extracted and output to the policy management unit 23. As a result, the policy management unit 23 can acquire the query executable score table from the credit information server 40 and determine whether or not the answer is possible.
・ If you want to respond by monitoring the time based on the execution conditions, set a timer. If you respond to specific personal management data conditions, register in the real-time monitoring unit 222. The DB read unit 221 is instructed to convert the list query, and the data storage unit 21 is accessed.
After all the answers to the query are completed, an answer is given to the entire query and sent to the answer generation unit 225. As a result, the answer generation unit 225 places the answer (answer) in the answer collection server 60.

The real-time monitoring unit 222 executes the following processing.
The registered conditions are monitored, and if the conditions are satisfied, the data processing unit 223 is instructed to execute the corresponding query.

The answer generation unit 225 executes the following processing.
-Format the answer format.
When signing or encrypting or signing and encrypting, signing or encrypting or signing and encrypting is executed.
Return the answer to a specific answer collection server 60 according to the answer collection server information.

  The above is the flow of the query / answer process.

  In this embodiment, based on the policy of the individual who should be the manager of the personal information, whether or not to use the personal information calculated from the creditworthiness of the business partner, the data processing method, and the value exchanged with the personal information, Whether or not to use fine-grained data that reflects the individual's intention without providing raw data by managing the raw data only on a personal management computer such as a terminal and arranging the data processing function on the computer Control.

  In addition, the data processing is performed on the respondent terminal 20 without leaking the raw data from the respondent terminal 20, and only the information required by the user B as the trading partner is provided. By having a procedure for determining whether or not to use fine personal data in consideration of the creditworthiness and transaction conditions of a certain user B, information transaction in a form that protects privacy and raw data is realized. In addition, by using real-time monitoring of events that occur sequentially, such as action history, and determining whether the data can be used, it is possible to use data that is predicted to be stored in the future.

  Further, the transaction support server 30 having a procedure for converting the user B on the service provider side into a pseudonym, and managing and converting the pseudonym / real name, and data exchange of a system different from this (meaning that the network and the administrator are different) An intermediate server (corresponding to the query distribution server 50 or the answer collection server 60) is used, and a query ID for identifying only the pseudonym and transaction on the service provider side (here, user B corresponding to the questionnaire executor) is used. Thus, real-time / kana conversion and data transmission / reception are realized asynchronously. This makes it possible to send and receive data and perform transactions (including settlement) without specifying both of them while anonymizing both data senders and receivers.

The effects produced by the invention are as follows.
-Since answers are automatically derived from digital data stored by individuals, there is no interaction with humans, and the accuracy of answers and the speed of questions (amount of questions) are improved.
・ Although it is an automatic answer, the accumulated raw data is not leaked by masking the access means that directly outputs the raw data. In addition, by making it possible to set an operation policy for data in advance, it is possible to prevent provision of information not intended by the owner (individual) of personal management data.
-The right or wrong answer for each question and the contents of the answer can be controlled by the creditworthiness of the subject (such as a company that wants to collect information) and the price of information acquisition.
・ Allows information transactions (money transactions) while maintaining the anonymity of respondents.
・ Prevent multiple responses due to anonymity (illegal transactions by impersonating multiple people and responding to the same questionnaire multiple times).
・ Control the timing of answers and answer questions about future behavior.

<About the mechanism that does not leak raw data>
(1) Data storage (overall configuration)
It is assumed that personal management data is stored in some database. This corresponds to the data storage unit 21 in FIGS. Here, the type of database is not specified. The DB reading unit 221 directly accesses this database and reads data. The DB reading unit 221 generalizes the procedure for retrieving data from the database in the following manner.

・ Read all data corresponding to condition C from the database. A read timeout with a specified time is assumed. The condition C refers to all methods capable of classifying a specific data group in the database and does not depend on the database recording method.

(2) Acquisition of reliability from a pseudonym Restriction of reference by the owner (manager) of the corresponding data is imposed on reading and processing of personal management data in the data storage unit 21. The determination is made based on the trustworthiness (corresponding to a level value indicating the trustworthiness) of the user B who is the source of the query. Therefore, the policy management unit 23 transmits the pseudonym Ba of the query issuer to the credit information server 40, and acquires the level value of the credit recorded in advance in the credit information server 40. At this time, the conversion from the pseudonym to the real name is executed between the credit information server 40 and the transaction support server 30 by resolving the pseudonym and the real name.

(3) How to read and process the stored data (processing flow)
The query is received by the query analysis unit 224, and the content is analyzed. The query analysis unit 224 extracts the following information described in the query.
-Query executor (a pseudonym)
・ Transaction conditions (offer price)
・ Execution conditions / Question list (question items)
-Answer collection server information

Among these pieces of information, in accordance with the question content list, in accordance with the query template, the DB read unit 221 is instructed to read data, the specified processing is executed on the obtained result data, and the result for the question content Get. At this time, the process is generalized as follows.
The DB reading unit 221 reads all data corresponding to the condition C from the database. FIG. 10 shows an example of the condition C template. The template of the condition C is a database command, for example, a command string such as SQL. By referring to the template of condition C, a code predetermined as a search condition can be converted into a database command. As a result, it is possible to prevent a search condition keyword from leaking on the network.
The data processing unit 223 performs the process F on the data read by the DB reading unit 221 and obtains the result R. FIG. 11 shows an example of the template for the process F. The template of the processing F is a processing method. For example, the data group corresponding to the condition C is subjected to statistical processing such as average, variance, maximum value, minimum value, etc. Refers to ambiguity processing such as conversion to the address of a prefecture (such as a prefecture unit or East or West Japan). By referring to the template of the process F, it is possible to convert a code predetermined as the calculation process into a processing method. As a result, it is possible to prevent a situation where calculation processing leaks on the network.

At this time, the following two methods are used together as a method for limiting the content of the answer to the query.
Limit the condition C of data read from the database. Specifically, the read for a specific attribute is rejected.
Limit the processing F to be performed on the read data.
Hereinafter, the restriction method will be described.

(4) Data reading restriction method and data processing restriction method Each item in the question content list is designated by a combination of processing F to be performed on a data group that meets the condition C. The determination as to whether or not to execute the question content is performed by reading a function J for a determination registered in advance determined by a combination of the condition C and the process F as shown in FIG. For example, the condition J that matches the condition C is selected from the conditions C1 to Cp, the process that matches the process F is selected from the processes F1 to Fq, and the function J defined by the combination of the selected condition and the process is selected. Are extracted from the functions J11 to Jpq. FIG. 13 shows an example of the function J. Function J is a function of transaction conditions and query issuer's creditworthiness, and presents the result of processing F1 to Fq on the data group corresponding to conditions C1 to Cp to the query sender of credit rating X It returns whether or not it is possible to reply with transaction conditions Y such as price.

Data read by the DB read unit 221 restricts the designation of the condition C for selecting data to be accessed using a preset template.
A list corresponding to the condition C that can be used by the query executor is set in the template for the condition C, and the question content that uses the condition C that is not in the list is not executed.
At the same time, for the combination of processing F with respect to the condition C, a function J for determining whether processing is possible and the level that can be executed is read out using a template as shown in FIG.
In response to questions that can be answered, the DB reading unit 221 reads from the database and the data processing unit 223 executes processing according to the condition C and processing F to which each question answer corresponds. Result R (s) is created.

(5) Data output When the answer generation unit 225 obtains answers to all questions that can be answered from the data processing unit 223, the answer R is transferred as an answer (file) to the answer collection server 60 specified in the query. .

(6) Method of controlling execution of data access and output based on condition matching The processing for preventing the raw data from the above (1) to (5) from being leaked is performed with respect to the query received by the respondent terminal 20 This is a series of processes for determining whether or not to answer and returning an answer. In this case, the process from the reception of the query to the answering of the answer is continuously executed, but the calculation of the answer to the question and the answering answer can be controlled by the execution condition described in the query.

The personal management data stored in the data storage unit 21 is recorded in a time series like a life log, or is recorded for each event, and additional data is sequentially updated. ing. This data update is monitored by the real-time monitoring unit 222, and when the updated content matches a specific condition, an answer to the question content and a reply for creating an answer are executed. For question items to be evaluated in real time, whether or not execution is possible is evaluated by the method of (4), and if possible, condition matching and processing are performed on data updated by the real time monitoring unit. For real-time monitoring, “is real-time monitoring” is added to the conditions.
This real-time monitoring is executed when an execution condition item is specified in the query.

As described above, taking the questionnaire system as an example, the system and method according to the present embodiment have the following effects.
-Since answers are automatically derived from digital data stored by individuals, there is no interaction with humans, and the accuracy and speed of answers (question amount) are improved.
-Since the process F is performed, the raw data accumulated in the data storage unit 21 does not flow out.
Since the function J is read and it is determined whether or not the question can be answered, it is possible to prevent provision of unintended information by the individual management data holder (individual).
-The right or wrong answer for each question can be controlled by the creditworthiness of the entity that conducts the questionnaire (such as a company that wants to collect information) and the suggested price for information acquisition.
・ Allows information transactions (money transactions) while maintaining the anonymity of respondents.
・ Prevent multiple responses due to anonymity (illegal transactions by impersonating multiple people and responding to the same questionnaire multiple times). You can answer questions about future behavior by controlling the timing of the answers.

(Embodiment 2)
FIG. 14 shows an example of an information transaction system according to the second embodiment. In the information transaction system according to this embodiment, the transaction support server 30 includes a transaction management server 31 and a pseudonym management server 32.

  FIG. 15 is a sequence diagram showing a first example of the information transaction method according to the present embodiment. As in the first embodiment, the information transaction method according to the present embodiment includes an information provision request distribution procedure, an answer procedure, and a point clearing procedure in order. In the information provision request distribution procedure, steps S401 to S404 are executed. In the reply procedure, steps S405 to S406 are executed. In the point clearing procedure, step S407 is executed.

  In step S <b> 401, when the real name B query is generated, the questionnaire operator server 10 transmits a kana issue request to the kana management server 32 to request a kana for the real name B. Then, the kana management server 32 generates the kana Ba of the user B and sends it back to the questionnaire executor server 10. At this time, in this embodiment, the kana management server 32 does not register the query ID and the kana Ba in the transaction management server 31.

Steps S402 and S403 are the same as steps S202 and S203 of the first embodiment.
In step S404, instead of the transaction support server 30 in step S204 of the first embodiment, the pseudonym management server 32 confirms the real name registration of A in its own database and temporarily (only while the query ID is valid). A pseudonym (Aa) of the user A is generated, and the pseudonym Aa is returned to the respondent terminal 20.

In step S405, as in step S205 of the first embodiment, the respondent terminal 20 answers the questionnaire.
At this time, as in the first embodiment, the respondent terminal 20 of the user A obtains the credit rating of the pseudonym Ba. In the present embodiment, the inquiry destination of the credit information server 40 is the pseudonym management server 32. The credit information server 40 uses the acquired real names of the user A and the user B to determine the degree of trust seen from the user A, and transmits the determination result to the respondent terminal 20 together with the pseudonyms of the user A and the user B. Thereby, the respondent terminal 20 can determine whether or not an answer is possible using the reliability. The respondent terminal 20 performs the query process if the obtained credit rating is worth the answer, and does not perform the query process if the obtained credit worth the answer. And when a query process is performed, an answer is arrange | positioned at the answer collection | recovery server 60. FIG.

  In step S406, as in step S206 of the first embodiment, the questionnaire operator server 10 collects the answers. In the present embodiment, the transaction management server 31 is the request destination for checking the double answer and the illegal answer of the answer collection server 60.

  In step S407, point settlement is performed as in step S207 of the first embodiment. In this embodiment, when the transaction management server 31 registers that it has been answered, the transaction management server 31 acquires the real name corresponding to the pseudonym of the information provider terminal and the information collector terminal that have been answered from the pseudonym management server 32. Then, the set of the real name of the obtained information collector terminal and the real name of the information provider terminal is transmitted to the point server 70.

  The above is the first example of the information transaction method according to the present embodiment. As described in the option 4 of the sequence shown in FIG. 2 of the first embodiment, it is also possible for the user A and the user B to independently acquire only the pseudonym. FIG. 16 shows an example of a sequence from the questionnaire issuer kana issue step S401 to the answer collection step S407 in this case.

  Steps S501 and S502 are the same as steps S301 and S302 described in the first embodiment. However, the kana management server 32 issues a kana. At this time, the pseudonym is registered in the database in the pseudonym management server as shown in FIG. Here, the pseudonym to be generated may be one per user or two or more. This makes it possible to use different pseudonyms for each query, making it difficult to specify the real name of each user.

Step S503 is the same as step S303 described in the first embodiment. However, in this embodiment, the query distribution server 50 does not register the query ID, the pseudonym Ba of the user B, and the transaction conditions in the database of the transaction management server 31. For this reason, the query record as shown in FIG. 5 described in the first embodiment does not occur.
Step S504 is the same as step S304 described in the first embodiment.
Step S505 is the same as step S305 described in the first embodiment. However, in this embodiment, the real name inquiry destination of the credit information server 40 is the pseudonym management server 32.

  As described above, the transaction support server 30 can be separated into the transaction management server 31 and the kana management server 32. One of the servers may be shared. For example, the pseudonym management server 32 and the credit information server 40 may be shared, or the pseudonym management server 32, the credit information server 40, and the transaction management server 31 are shared. Also good.

  In the first and second embodiments, the user B who is the information collector specifies the transaction conditions, and the user A who is the information provider presents an example in which the transaction execution determination is made with reference to the transaction conditions. In the present embodiment, the transaction conditions are specified in the form of text or the like on both the respondent terminal 20 and the surveyor server 10, and all or part of the transaction conditions are also referred to in the transaction management server 31 and the point server 70 in the transaction procedure. It is information. For this reason, the respondent terminal 20 used by the user A may present new transaction conditions or change the transaction conditions from the user B.

Specific examples are shown below.
In step S405 and step S505, the respondent terminal 20 provides a field for describing the transaction conditions for the answer. When the user A who is the information provider designates a consideration (point) for the information, the respondent terminal 20 adds the designated transaction condition to the field. Thereby, the transaction conditions from the user A can be presented to the user B.
In step S <b> 406, when the surveyor server 10 collects answers, the answer collection server 60 presents the transaction conditions added by the respondent terminal 20 to the surveyor server 10. When the user B who is an information collector inputs to the questionnaire operator server 10 whether or not to agree with the presented conditions, the questionnaire operator server 10 notifies the answer collection server 60 whether or not to agree to the transaction conditions. .

When the user B agrees with the presented conditions, in step S406, the answer collection server 60 checks the double answer and the fraudulent answer as in step S206 of the first embodiment, and answers to the questionnaire operator server 10. I will provide a. Then, the answer collection server 60 notifies the transaction management server 31 of the transaction conditions agreed by the user B, the pseudonym Ba and the pseudonym Aa, and proceeds to step S407. The registration of the transaction conditions to the transaction management server 31 may be performed at any time point up to step S407 where the transaction management server 31 is requested to perform point processing.
In step S407, the point server 70 performs point settlement based on the transaction conditions agreed upon by the user B.

  If the user B does not agree with the presented conditions, in step S406, the answer collection server 60 does not provide an answer to the questionnaire executor server 10 and discards the answer from the user A. Then, the answer collection server 60 notifies the transaction management server 31 that the transaction of the query ID between the pseudonym Aa and the pseudonym Ba has ended.

  As described above, only when the user B who is an information collector agrees to the transaction conditions, the questionnaire executor server 10 can obtain an answer. In this way, in addition to or instead of specifying transaction conditions on the user B side who is the information collector, it is possible to specify transaction conditions on the user A side which is the information provider. The transaction conditions for both can be established.

  The present invention can be applied to the information communication industry.

10: Questionnaire server 20: Respondent terminal 21: Data storage unit 22: Data access management unit 23: Policy management unit 24: Service management unit 221: DB reading unit 222: Real-time monitoring unit 223: Data processing unit 224: Query Analysis unit 225: answer generation unit 226: query template 30: transaction support server 31: transaction management server 32: pseudonym management server 40: credit information server 50: query distribution server 60: answer collection server 70: point server

Claims (12)

When sending the information request it receives information provider terminal or found temporary name issue request to send a reply to the information collecting terminal and the information providing request receiving an answer to the information providing request, the information gatherer A transaction support server that generates and returns a pseudonym for each of the terminal and the information provider terminal; and
When receiving the information request to distribution source the pseudonym sent from the information collecting terminal which has acquired the pseudonym from the transaction support server, capable of acquiring the information request received from the information provider terminal A question distribution server to be disclosed to the information provider terminal in a state;
When receiving the reply to the transaction support server answers the pseudonym sent from the information provider terminal that has acquired the pseudonym from a source, the information received the answer ready acquired from the information collection terminal An answer collection server to be disclosed to the collector terminal;
An information transaction system comprising: When sending the information request it receives information provider terminal or found temporary name issue request to send a reply to the information collecting terminal and the information providing request receiving an answer to the information providing request, the information gatherer A transaction support server that generates and returns a pseudonym for each of the terminal and the information provider terminal; and
When receiving the information request to distribution source the pseudonym sent from the information collecting terminal which has acquired the pseudonym from the transaction support server, capable of acquiring the information request received from the information provider terminal A question distribution server to be disclosed to the information provider terminal in a state;
When receiving the reply to the transaction support server answers the pseudonym sent from the information provider terminal that has acquired the pseudonym from a source, the information received the answer ready acquired from the information collection terminal An answer collection server to be disclosed to the collector terminal;
Equipped with a,
The answer collection server has transmitted the pseudonym of the information provider terminal that transmitted the reply and the identification mark of the information provision request to the transaction support server, and the information provider terminal has already answered the information provision request. Inquiry whether or not, if the answer has been answered, do not publish the answer to the information collector terminal, if not answered, publish the answer to the information collector terminal,
When the transaction support server receives an inquiry as to whether or not it has been answered from the answer collection server, the transaction support server determines whether or not the information provider terminal has answered the information provision request, and has already been answered. If so, send that fact to the answer collection server, and if not answered, send that fact to the answer collection server and register that it has been answered,
An information trading system characterized by this . A point server that obtains a set of a real name of the information collector terminal and a real name of the information provider terminal from the transaction support server, and further establishes a commercial transaction between the information collector terminal and the information provider terminal Prepared,
When the transaction support server registers that it has been answered, the real name of the information provider terminal and the information collector from the pseudonym of the information provider terminal that has been answered and the identification mark of the information provision request Deriving the real name of the terminal, and transmitting the obtained real name of the information collector terminal and the real name of the information provider terminal to the point server ,
The information transaction system according to claim 2 . Information collection's end the end is, to get the pseudonym from transaction support server, an equivalent provisional name sends the information provision request to the distribution source, question distribution server receives the information provision request from the information collection terminal, An information provision request distribution procedure for distributing the information provision request by publishing the received information provision request to the information provider terminal in a state where it can be acquired from the information provider terminal that transmits a response to the information provision request. ,
The information provider terminal, the acquired the pseudonym from the transaction support server, the pseudonym sends Machinery answer before the respondent, answer collection server receives the reply from the information provider terminal, receiving wherein by publishing the information collecting terminal in the reply that the possibility obtained from the information collecting terminal state, and reply procedure Ru is receiving the reply to the information collection terminal that,
In order,
An information transaction method characterized by that . Information collection's end the end is, to get the pseudonym from transaction support server, an equivalent provisional name sends the information provision request to the distribution source, question distribution server receives the information provision request from the information collection terminal, An information provision request distribution procedure for distributing the information provision request by publishing the received information provision request to the information provider terminal in a state where it can be acquired from the information provider terminal that transmits a response to the information provision request. ,
The information provider terminal, the acquired the pseudonym from the transaction support server, the pseudonym sends Machinery answer before the respondent, answer collection server receives the reply from the information provider terminal, receiving wherein by publishing the information collecting terminal in the reply that the possibility obtained from the information collecting terminal state, and reply procedure Ru is receiving the reply to the information collection terminal that,
In order,
In the answer procedure,
When the information provider terminal transmits the answer, it transmits an identification mark of the information provision request to the answer collection server,
The answer collection server has transmitted the pseudonym of the information provider terminal that transmitted the reply and the identification mark of the information provision request to the transaction support server, and the information provider terminal has already answered the information provision request. Inquire whether or not
The transaction support server determines whether or not the information provider terminal has answered the information provision request. If the information has been answered, the transaction support server transmits that fact to the answer collection server. Send that fact to the answer collection server and register that it has been answered,
The answer collection server does not publish the answer to the information collector terminal when the information provider terminal has answered the information provision request, and sends the answer to the information collector terminal when the answer has not been answered. Publish,
An information transaction method characterized by that . The answering procedure further includes:
The transaction support server, when registering the effect that Answer, Answer and since the information provider terminal kana and real name and the information gatherer of the information provider terminal from the identification label of the information request To the point server that establishes a commercial transaction between the information collector terminal and the information provider terminal by deriving the real name of the terminal and combining the obtained real name of the information collector terminal and the real name of the information provider terminal Send ,
The information transaction method according to claim 5 . When sending the information request it receives information provider terminal or found temporary name issue request to send a reply to the information collecting terminal and the information providing request receiving an answer to the information providing request, the information gatherer A pseudonym management server that generates and returns a pseudonym for each of the terminal and the information provider terminal; and
When receiving the information request to distribution source the pseudonym sent from the information collecting terminal which has acquired the pseudonym from said pseudonym management server, capable of acquiring the information request received from the information provider terminal A question distribution server to be disclosed to the information provider terminal in a state;
Wherein upon receiving the reply, the information received the answer obtainable state from the information collecting terminal to the respondent the pseudonym sent from the information provider terminal that has acquired the pseudonym from said pseudonym management server An answer collection server to be disclosed to the collector terminal;
An information transaction system comprising: When sending the information request it receives information provider terminal or found temporary name issue request to send a reply to the information collecting terminal and the information providing request receiving an answer to the information providing request, the information gatherer A pseudonym management server that generates and returns a pseudonym for each of the terminal and the information provider terminal; and
When receiving the information request to distribution source the pseudonym sent from the information collecting terminal which has acquired the pseudonym from said pseudonym management server, capable of acquiring the information request received from the information provider terminal A question distribution server to be disclosed to the information provider terminal in a state;
Wherein upon receiving the reply, the information received the answer obtainable state from the information collecting terminal to the respondent the pseudonym sent from the information provider terminal that has acquired the pseudonym from said pseudonym management server An answer collection server to be disclosed to the collector terminal;
When the kana of the information provider terminal and the identification mark of the information provision request are acquired from the kana management server and stored, and an inquiry as to whether or not the answer has been received is received from the answer collection server, the information provision request It is determined whether or not the information provider terminal has answered, if it has been answered, the fact is transmitted to the answer collection server, and if not answered, that fact is sent to the answer collection server. A transaction management server that registers that it has been answered;
With
The answer collection server transmits the pseudonym of the information provider terminal that transmitted the reply and the identification mark of the information provision request to the transaction management server, and the information provider terminal has answered the information provision request. Inquiry whether or not, if the answer has been answered, do not publish the answer to the information collector terminal, if not answered, publish the answer to the information collector terminal,
An information trading system characterized by this . A point server that acquires a set of the real name of the information collector terminal and the real name of the information provider terminal from the transaction management server, and further establishes a commercial transaction between the information collector terminal and the information provider terminal Prepared,
When the transaction management server registers that it has been answered , the pseudonym of the information provider terminal that has been answered and the real name of the information provider terminal corresponding to the identification mark of the information provision request and the information The real name of the collector terminal is obtained by inquiring the pseudonym management server , and the obtained real name of the information collector terminal and the real name of the information provider terminal are transmitted to the point server.
The information transaction system according to claim 8 . Information gatherer end end acquires the pseudonym Kana management server, a person tentative name sends information request to distribution source, question distribution server receives the information request from the information collection terminal, An information provision request distribution procedure for distributing the information provision request by publishing the received information provision request to the information provider terminal in a state where it can be acquired from the information provider terminal that transmits a response to the information provision request. ,
The information provider terminal acquires the pseudonym from said pseudonym management server, the pseudonym sends Machinery answer before the respondent, answer collection server receives the reply from the information provider terminal, receiving wherein by publishing the information collecting terminal in the reply that the possibility obtained from the information collecting terminal state, and reply procedure Ru is receiving the reply to the information collection terminal that,
In order,
An information transaction method characterized by that . Information gatherer end end acquires the pseudonym Kana management server, a person tentative name sends information request to distribution source, question distribution server receives the information request from the information collection terminal, An information provision request distribution procedure for distributing the information provision request by publishing the received information provision request to the information provider terminal in a state where it can be acquired from the information provider terminal that transmits a response to the information provision request. ,
The information provider terminal acquires the pseudonym from said pseudonym management server, the pseudonym sends Machinery answer before the respondent, answer collection server receives the reply from the information provider terminal, receiving wherein by publishing the information collecting terminal in the reply that the possibility obtained from the information collecting terminal state, and reply procedure Ru is receiving the reply to the information collection terminal that,
In order,
In the answer procedure,
When the information provider terminal transmits the answer, it transmits an identification mark of the information provision request to the answer collection server,
Whether the answer collection server has transmitted the pseudonym of the information provider terminal that transmitted the reply and the identification mark of the information provision request to a transaction management server, and the information provider terminal has already answered the information provision request Inquire whether or not
The transaction management server determines whether or not the information provider terminal has answered the information provision request, and if it has been answered, transmits that fact to the answer collection server, and if not answered Send that fact to the answer collection server and register that it has been answered,
The answer collection server does not publish the answer to the information collector terminal when the information provider terminal has answered the information provision request, and sends the answer to the information collector terminal when the answer has not been answered. Publish,
An information transaction method characterized by that . The answering procedure further includes:
When the transaction management server registers that it has been answered , the pseudonym of the information provider terminal that has been answered and the real name of the information provider terminal corresponding to the identification mark of the information provision request and the information the real name of the collection terminal inquiry to get to the pseudonym management server, resulting the information collecting terminal's real name and the information provider terminal real name set to the information provider terminal and the information collecting terminal of Send to the point server that establishes the business transaction between
The information transaction method according to claim 11 .

Images