JP5894860B2 - ID management method and data management apparatus - Google Patents

Description

  The present invention relates to an ID management method and a data management apparatus that implements the ID management method.

  In an information system, when managing a person or a thing, or information related thereto, the system uniquely identifies a management target such as a person or a thing. Therefore, in a specific area (hereinafter referred to as a domain) as a management target. It is common to assign a unique identifier (hereinafter referred to as ID). For example, in order to manage the information of the driver license holder, each driver license holder is assigned a driver license number, and can be uniquely specified by the driver license number.

  Usually, since IDs can take different values for each domain, management objects cannot be regarded as the same across domains, but it may be desirable to be able to mutually convert IDs between domains. For example, when the hospital B grasps the treatment history of the patient at the hospital A, if the patient's ID at the hospital B can be converted into the ID at the hospital A, the database of the hospital A can be easily referred to. It is.

  Also, for example, if a user using the A system wants to convert Mr. A's ID managed by the A system into Mr. A's ID managed by the B system, the user using the A system can convert it. It may be desirable to control the convertible ID for each user, such that another user of the system cannot convert.

  As a technique related to such ID conversion, for example, in Patent Document 1, when the access source domain and the access destination domain are different due to the access request, the user ID in the access source domain is extracted from the access request, and between the user management domains. With reference to the ID conversion information, the extracted user ID in the access source domain is converted into the user ID in the access destination domain, the user ID included in the access request is replaced with the converted user ID, and the user ID is A system that executes processing in accordance with the replaced access request is disclosed (for example, see Patent Document 1).

JP 2009-70342 A

  In the prior art described above, it is necessary to register the ID correspondence between different user management domains in a table in advance. However, since the number of domains and the number of IDs change with time, it is necessary to rebuild the system as the number of domains and the number of IDs increase.

  Moreover, in the said prior art, it becomes possible to convert the user ID of arbitrary domains into the user ID of arbitrary arbitrary domains, and it cannot control ID which can be converted for every user.

  The present invention has been made in view of such circumstances, and even if the number of domains and the number of IDs increase, there is no need to reconstruct the system, and IDs that can be converted are controlled for each user. An object of the present invention is to provide an ID management method that can perform the above and a data management device that implements the method.

  A typical example of the present invention is as follows.

  That is, the present invention is an ID management method in a data management apparatus connected to a network, wherein the data management apparatus includes a storage unit that stores session information and a user identifier in association with each other, and the data management apparatus When the apparatus receives a registration request for the first domain, the first domain ID, the second domain, and the second domain ID from the network, the storage unit is configured based on the session information included in the registration request. A user identifier is obtained from the first domain, the first domain ID, the second domain, a search key composed of the second domain and the user identifier, and a process of transmitting the second domain ID to the network And a process of registering the set of the search key and the second domain ID in the storage unit. To.

  According to the present invention, it is not necessary to reconstruct the system even if the number of domains and the number of IDs increase, and the IDs that can be converted can be controlled for each user. As a result, it is possible to reduce the man-hours and costs required for system reconstruction, and it is possible to convert only IDs for which the user has authority.

It is an example of the block diagram of the ID management system in a present Example. It is an example of a functional block diagram of the client apparatus 101 in a present Example. It is an example of a functional block diagram of the authentication apparatus 104 in a present Example. It is an example of a functional block diagram of the gateway apparatus 105 in a present Example. It is an example of a functional block diagram of the data management apparatus 106 in a present Example. It is an example of the hardware block diagram of each apparatus in a present Example. It is an example of the sequence diagram of the user registration process which the authentication apparatus 104 and the gateway apparatus 105 in a present Example perform. It is an example of the message transmitted / received in the user registration process which the authentication apparatus 104 and the gateway apparatus 105 in a present Example perform. It is an example of the data stored in the user information storage area 311 in the authentication apparatus 104 in a present Example. It is an example of the sequence diagram of the user update process which the authentication apparatus 104 and the gateway apparatus 105 in a present Example perform. It is an example of the message transmitted / received in the user update process which the authentication apparatus 104 and the gateway apparatus 105 in a present Example perform. It is an example of the sequence diagram of the user revocation process which the authentication apparatus 104 and the gateway apparatus 105 in a present Example perform. It is an example of the message transmitted / received in the user revocation process which the authentication apparatus 104 and the gateway apparatus 105 in a present Example perform. It is an example of the sequence diagram of the user authentication process which the authentication apparatus 104, the gateway apparatus 105, and the data management apparatus 106 in a present Example perform. It is an example of the message transmitted / received in the user authentication process which the authentication apparatus 104, the gateway apparatus 105, and the data management apparatus 106 in a present Example perform. It is an example of the data stored in the session information storage area 408 in the gateway apparatus 105 and the session information storage area 513 in the data management apparatus 106 in the present embodiment. It is an example of the sequence diagram of the ID registration process which the gateway apparatus 105 and the data management apparatus 106 in a present Example perform. It is an example of the message transmitted / received in the ID registration process which the gateway apparatus 105 and the data management apparatus 106 in a present Example perform. It is an example of the data stored in the node information storage area 407 in the gateway apparatus 105 and the node information storage area 512 in the data management apparatus 106 in the present embodiment. This is the data holding node determination unit 503 in the present embodiment. It is an example of the data stored in the data storage area 514 in the data management apparatus 106 at the time of the ID registration process in a present Example. It is an example of the sequence diagram of the ID conversion process which the gateway apparatus 105 and the data management apparatus 106 in a present Example perform. It is an example of the message transmitted / received in the ID conversion process which the gateway apparatus 105 and the data management apparatus 106 in a present Example perform. It is an example of the sequence diagram of the ID update process which the gateway apparatus 105 and the data management apparatus 106 in a present Example perform. It is an example of the message transmitted / received in the ID update process which the gateway apparatus 105 and the data management apparatus 106 in a present Example perform. It is an example of the data stored in the data storage area 514 in the data management apparatus 106 at the time of the ID update process in a present Example. It is an example of the sequence diagram of the ID revocation process which the gateway apparatus 105 and the data management apparatus 106 in a present Example perform. It is an example of the message transmitted / received in the ID revocation process which the gateway apparatus 105 and the data management apparatus 106 in a present Example perform. It is an example of the data stored in the data storage area 514 in the data management apparatus 106 at the time of the ID revocation process in a present Example.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. Note that the present invention is not limited thereby.

  In this embodiment, an ID management system that can be shared by a plurality of organizations will be described as an example.

  FIG. 1 is an example of a configuration diagram of an ID management system in the present embodiment.

  In this figure, the ID management system includes client devices 101_1 to 106_ (hereinafter collectively referred to as device 101 if not specified), network 102, network 103, authentication device 104, gateway management device 105, and data management devices 106_1 to 106_m. (Hereinafter, collectively referred to as the data management device 106 if not specified). Reference numeral 101 denotes a client device, and the user uses the function of the ID management system via the client device 101. An embodiment in which the client device 101 is managed by a user is possible, and an embodiment in which an organization that manages and operates the system or another business owner manages the client device 101 and provides the function of the client device 101 to the user is also possible. The number of client apparatuses 101 is not limited to n, and may be smaller or larger depending on the embodiment. Reference numeral 102 denotes a network, which is an outer network that is generally open to the public or that can be shared among users. A client device 101, an authentication device 104, and a gateway device 105 are connected to the network 102. Reference numeral 103 denotes a network, which is a closed intra network that cannot be used by a user. An authentication device 104, a gateway device 105, and a data management device 106 are connected to the network 103. Reference numeral 104 denotes an authentication device. Reference numeral 105 denotes a gateway device. Reference numeral 106 denotes a data management device, which is not limited to m, and may be smaller or larger depending on the embodiment.

  FIG. 2 is an example of a functional configuration diagram of the client apparatus 101 in this embodiment.

  In the figure, reference numeral 201 denotes a control unit, which is a user registration request unit 202, a user update request unit 203, a user revocation request unit 204, a user authentication request unit 205, an ID registration request unit 206, an ID conversion request unit 207, an ID update. The request unit 208 and the ID revocation request unit 209 are configured. A user registration request unit 202 receives a user registration request from the user via the input / output unit 213, transmits a user registration request message to the authentication device 104 via the transmission / reception unit 214, and authenticates via the transmission / reception unit 214. It is a processing unit that receives a user registration response message from the device 104 and notifies the user of the user registration result via the input / output unit 213. A user update request unit 203 receives a user update request from a user via the input / output unit 213, transmits a user update request message to the authentication device 104 via the transmission / reception unit 214, and authenticates via the transmission / reception unit 214. It is a processing unit that receives a user update response message from the device 104 and notifies the user of the user update result via the input / output unit 213. A user revocation request unit 204 receives a user revocation request from the user via the input / output unit 213, transmits a user revocation request message to the authentication device 104 via the transmission / reception unit 214, and authenticates via the transmission / reception unit 214. This is a processing unit that receives a user revocation response message from the device 104 and notifies the user of a user revocation result via the input / output unit 213. A user authentication request unit 205 receives a user authentication request from the user via the input / output unit 213, transmits a user authentication request message to the authentication device 104 via the transmission / reception unit 214, and authenticates via the transmission / reception unit 214. A processing unit that receives a session ID from the device 104 and stores the session ID in the session information storage area 212. Reference numeral 206 denotes an ID registration request unit which receives an ID registration request from a user via the input / output unit 213, transmits an ID registration request message to the gateway device 105 via the transmission / reception unit 214, and receives a gateway via the transmission / reception unit 214. A processing unit that receives an ID registration response message from the device 105 and notifies the user of an ID registration result via the input / output unit 213. Reference numeral 207 denotes an ID conversion request unit that receives an ID conversion request from the user via the input / output unit 213, transmits an ID conversion request message to the gateway device 105 via the transmission / reception unit 214, and receives a gateway via the transmission / reception unit 214. A processing unit that receives an ID conversion response message from the device 105 and notifies the user of an ID conversion result via the input / output unit 213. Reference numeral 208 denotes an ID update request unit that receives an ID update request from a user via the input / output unit 213, transmits an ID update request message to the gateway device 105 via the transmission / reception unit 214, and receives a gateway via the transmission / reception unit 214. A processing unit that receives an ID update response message from the device 105 and notifies the user of the ID update result via the input / output unit 213. Reference numeral 209 denotes an ID revocation request unit that receives an ID revocation request from a user via the input / output unit 213, transmits an ID revocation request message to the gateway device 105 via the transmission / reception unit 214, and receives a gateway via the transmission / reception unit 214. It is a processing unit that receives an ID revocation response message from the device 105 and notifies the user of the ID revocation result via the input / output unit 213.

  Next, reference numeral 210 denotes a storage unit, which includes a gateway information storage area 211 and a session information storage area 212. Reference numeral 211 denotes a gateway information storage area which stores connection information (IP address, port number, etc.) of the gateway device 105. The connection information is statically stored in advance, or the information received from the user via the input / output unit 213 is dynamically stored, or from the gateway device 105 or another device via the transmission / reception unit 214. The received information can be stored dynamically. Reference numeral 212 denotes a session information storage area that stores a session ID. The session ID is dynamically manipulated by processing of the user authentication request unit 205.

  Reference numeral 213 denotes an input / output unit, which is a processing unit that controls input from the user via an interface such as a keyboard and controls output to the user via an interface such as a monitor. Reference numeral 214 denotes a transmission / reception unit, which is a processing unit that transmits / receives information via the network 102.

  FIG. 3 is an example of a functional configuration diagram of the authentication device 104 in the present embodiment.

  In the figure, reference numeral 301 denotes a control unit, which is a user registration processing unit 302, a user update processing unit 303, a user revocation processing unit 304, a user authentication processing unit 305, a user identifier generation unit 306, a session ID generation unit 307, data management. Part 308. Reference numeral 302 denotes a user registration processing unit, which receives a user registration request message from the client apparatus 101 via the transmission / reception unit 313, and receives authentication information (user ID, password, IC card information, biometric information, etc.) from the data management unit 308. This is a processing unit that performs registration processing of a set of user identifiers generated by the user identifier generation unit 306 and transmits a user registration response message to the client apparatus 101 via the transmission / reception unit 313. Reference numeral 303 denotes a user update processing unit which receives a user update request message from the client device 101 via the transmission / reception unit 313, performs authentication information update processing by the data management unit 308, and receives the client information 101 via the transmission / reception unit 313. Is a processing unit that transmits a user update response message. Reference numeral 304 denotes a user revocation processing unit, which receives a user revocation request message from the client device 101 via the transmission / reception unit 313, performs authentication information revocation processing by the data management unit 308, and receives the client device 101 via the transmission / reception unit 313. Is a processing unit that transmits a user revocation response message to the user. Reference numeral 305 denotes a user authentication processing unit that receives a user authentication request message from the client device 101 via the transmission / reception unit 313 and corresponds to the authentication information acquired by the data management unit 308 in the gateway device 105 via the transmission / reception unit 313. This is a processing unit that transmits a set of a user ID and a session ID generated by the session ID generation unit 307 and transmits a session ID to the client apparatus 101 via the transmission / reception unit 313. Reference numeral 306 denotes a user identifier generation unit that receives a request from another processing unit in the control unit 301, performs a user identifier generation process, and returns a user identifier. Reference numeral 307 denotes a session ID generation unit that receives a request from another processing unit in the control unit 301, performs a session ID generation process, and returns a session ID. A data management unit 308 receives a request from another processing unit in the control unit 301, and creates, searches, updates, and deletes user information (a combination of authentication information and a user identifier) in the user information storage area 311. Is a processing unit.

  Reference numeral 309 denotes a storage unit, which includes a gateway information storage area 310 and a user information storage area 311. Reference numeral 310 denotes a gateway information storage area, which is an area for storing connection information of the gateway device 105. The connection information is statically stored in advance, the information received from the user via the input / output unit 312 is dynamically stored, and the gateway device 105 or another device is received via the transmission / reception unit 313. Information can be stored dynamically. Reference numeral 311 denotes a user information storage area which stores user information. The user information is dynamically manipulated by the data management unit 308.

  Next, reference numeral 312 denotes an input / output unit, which is a processing unit that controls input from the user via an interface such as a keyboard and controls output to the user via an interface such as a monitor. Reference numeral 313 denotes a transmission / reception unit, which is a processing unit that transmits and receives information via the network 102 and the network 102.

  FIG. 4 is an example of a functional configuration diagram of the gateway device 105 in the present embodiment.

  In the figure, reference numeral 401 denotes a control unit, which includes a node management unit 402, a responsible node determination unit 403, a session management unit 404, and a request transfer unit 405. Reference numeral 402 denotes a node management unit which communicates with the node management unit 502 of the data management apparatus 106 via the transmission / reception unit 410, and node connection information (node ID, IP address, port number, etc.) in the node information storage area 407. Is a processing unit that synchronizes. The node ID is a unique numerical value assigned to each node (data management apparatus 106) and may be any value as long as the same value cannot be taken between the nodes (data management apparatus 106). Reference numeral 403 denotes a responsible node determination unit, which receives a request from another processing unit in the control unit 401, determines a responsible node (data management device 106) based on the node connection information in the node information storage area 407, and It is a processing unit that returns connection information of the (data management apparatus 106). The responsible node can be determined randomly, determined in order of node ID each time a request is received, load information is received from the data management device 106 via the transmission / reception unit 410, and can be determined as a node with low load. Is possible. Reference numeral 404 denotes a session management unit that receives session information (a set of a session ID and a user identifier) from the authentication apparatus 104 via the transmission / reception unit 410, stores the session information in the session information storage area 408, and transmits / receives the transmission / reception unit 410. The processing unit transmits session information to the data management apparatus 106 via the network. Reference numeral 405 denotes a request transfer unit which receives a request message from the client apparatus 101 via the transmission / reception unit 410 and sends a request message to the node in charge (data management apparatus 106) determined by the node determination unit 403 via the transmission / reception unit 410. Is a processing unit that receives a response message from the responsible node (data management apparatus 106) via the transmission / reception unit 410 and transmits the response message to the client device 101 via the transmission / reception unit 410.

  Reference numeral 406 denotes a storage unit, which includes a node information storage area 407 and a session information storage area 408. Reference numeral 407 denotes a node information storage area which stores node connection information. The node connection information is synchronized by the node management unit 402 so that the same value as that of the data management apparatus 106 is shared. Reference numeral 408 denotes a session information storage area that stores session information. The session information is shared by the session management unit 404 so that the same value as the data management device 106 is shared.

  Reference numeral 409 denotes an input / output unit, which is a processing unit that controls input from a user via an interface such as a keyboard and controls output to the user via an interface such as a monitor. Reference numeral 410 denotes a transmission / reception unit, which is a processing unit that transmits and receives information via the network 102 and the network 103.

  FIG. 5 is an example of a functional configuration diagram of the data management apparatus 106 in the present embodiment.

  In the figure, reference numeral 501 denotes a control unit, which includes a node management unit 502, a data holding node determination unit 503, a session management unit 504, a user identifier processing unit 505, an ID registration processing unit 506, an ID conversion processing unit 507, and an ID update processing. 508, an ID revocation processing unit 509, and a data management unit 510. Reference numeral 502 denotes a node management unit, which is a processing unit that communicates with the node management unit 402 of the gateway device 105 via the transmission / reception unit 516 and synchronizes the node connection information in the node information storage area 512. Reference numeral 503 denotes a data holding node determination unit which accepts a search key from another processing unit in the control unit 501 and based on the search key and node connection information in the node information storage area 512, the data holding node (data management device 106). Is a processing unit that returns connection information of the data holding node (data management apparatus 106). A session management unit 504 is a processing unit that receives session information from the gateway device 105 via the transmission / reception unit 516 and stores the session information in the session information storage area 513. Reference numeral 505 denotes a user identifier processing unit, which receives a request message and a session ID from another processing unit in the control unit 501, acquires a user identifier corresponding to the session ID based on the session information in the session information storage area 513, This is a processing unit that returns this as a search key. Reference numeral 506 denotes an ID registration processing unit which receives an ID registration request message from the gateway device 105 via the transmission / reception unit 516 and determines the data holding node (data management device) determined by the data holding node determination unit 503 via the transmission / reception unit 516. 106) requesting the ID registration processing to 106), and transmitting the ID registration response message to the gateway device 105 via the transmission / reception unit 516. Reference numeral 507 denotes an ID conversion processing unit which receives an ID conversion request message from the gateway device 105 via the transmission / reception unit 516 and determines the data holding node (data management device) determined from the data holding node determination unit 503 via the transmission / reception unit 516. 106) requesting the ID conversion processing to 106) and transmitting the ID conversion response message to the gateway device 105 via the transmission / reception unit 516. Reference numeral 508 denotes an ID update processing unit which receives an ID update request message from the gateway device 105 via the transmission / reception unit 516 and determines the data holding node (data management device) determined by the data holding node determination unit 503 via the transmission / reception unit 516. 106) requesting the ID update processing to 106) and transmitting the ID update response message to the gateway device 105 via the transmission / reception unit 516. Reference numeral 509 denotes an ID revocation processing unit which receives an ID revocation request message from the gateway device 105 via the transmission / reception unit 516 and receives the data possession node (data management device) determined by the data possession node determination unit 503 via the transmission / reception unit 516. 106) requesting the ID revocation processing to 106) and transmitting an ID revocation response message to the gateway device 105 via the transmission / reception unit 516. Reference numeral 510 denotes a data management unit, which is a processing unit that accepts a request from another data management apparatus 106 via the transmission / reception unit 516 and creates, references, updates, and deletes ID data in the data storage area 514.

  Reference numeral 511 denotes a storage unit, which includes a node information storage area 512, a session information storage area 513, and a data storage area 514. Reference numeral 512 denotes a node information storage area, which is an area for storing node connection information. The node connection information is synchronized by the node management unit 502 so that the same value as the gateway device 105 is shared. Reference numeral 513 denotes a session information storage area that stores session information. The session information is synchronized by the session management unit 504 so that the same value as the gateway device 105 is shared. Reference numeral 514 denotes a data storage area, which is an area for storing ID data. The ID data is dynamically manipulated by the data management unit 510.

  Reference numeral 515 denotes an input / output unit, which is a processing unit that controls input from the user via an interface such as a keyboard and controls output to the user via an interface such as a monitor. Reference numeral 516 denotes a transmission / reception unit, which is a processing unit that transmits / receives information via the network 103.

  FIG. 6 is an example of a hardware configuration diagram of the apparatus according to the present embodiment.

  In the figure, reference numeral 601 denotes a computer, which includes a CPU 602, a memory 603, an external storage device 604, a transmission / reception device 605, an output device 606, and an input device 607. Reference numeral 602 denotes a CPU, reference numeral 603 denotes a memory, and reference numeral 604 denotes an external storage device. A processing unit (program) of each device is stored in the external storage device 604, loaded into the memory 603, and executed by the CPU 602. A memory 603 or an external storage device 604 is used as a storage area in the storage unit. Reference numeral 605 denotes a transmission / reception device, and the transmission / reception unit of each device is realized by the transmission / reception device 605. Reference numeral 606 denotes an output device, and reference numeral 607 denotes an input device. The input / output unit of each device is realized by the output device 606 and the input device 607.

  An example of a series of processing executed by the authentication device 104 and the gateway device 105 when the client device 101 requests user registration processing will be described with reference to FIGS.

  FIG. 7 is an example of a sequence diagram of user registration processing executed by the authentication device 104 and the gateway device 105 in this embodiment. First, the client apparatus 101 transmits a user registration request message 701 to the authentication apparatus 104. An example of the user registration request message 701 is shown in FIG. FIG. 8 is an example of messages transmitted and received during the user registration process executed by the authentication device 104 and the gateway device 105 in this embodiment. The user registration request message 701 is composed of parameters of authentication information 801. In this embodiment, the character string password “abc” is stored as the authentication information 801. However, the authentication information 801 is not limited to the character string password. The IC card information can be acquired and stored as the unit 213, or the biometric information can be acquired and stored as the input / output unit 213 of the client device 101 using a fingerprint authentication device or the like.

  Returning to FIG. 7, the authentication apparatus 104 next performs user identifier generation 702. In this embodiment, the random number “R0” generated using the pseudo-random number generator is used as the user identifier. However, a value obtained by converting the authentication information 801 with a hash function or the like can also be used.

  Next, the authentication apparatus 104 performs user information storage 703. An example of data stored in the user information storage area 311 is shown in FIG. FIG. 9 is an example of data stored in the user information storage area 311 in the authentication device 104 in the present embodiment. The authentication information “abc” and the user identifiers “R0”, “def” and “R1”, and “Ghi” are illustrated. "And" R2 "are stored. The user information is stored as a set of authentication information 901 and a user identifier 902.

  Returning to FIG. 7, the authentication apparatus 104 then transmits a user registration response message 704 to the client apparatus 101. An example of the user registration response message 704 is shown in FIG. The user registration response message 704 includes parameters of the user registration result 802. A user registration result 802 indicates the success or failure of the user registration process.

  The above is an example of a series of processing executed by the authentication device 104 and the gateway device 105 when the client device 101 requests user registration processing.

  An example of a series of processing executed by the authentication device 104 and the gateway device 105 when the client device 101 requests user update processing will be described with reference to FIGS. 10 and 11.

  FIG. 10 is an example of a sequence diagram of user update processing executed by the authentication device 104 and the gateway device 105 in the present embodiment. First, the client apparatus 101 transmits a user update request message 1001 to the authentication apparatus 104. An example of the user update request message 1001 is shown in FIG. FIG. 11 is an example of messages transmitted and received during the user update process executed by the authentication device 104 and the gateway device 105 in this embodiment. The user update request message 1001 includes parameters of old authentication information 1101 and new authentication information 1102.

  Returning to FIG. 10, the authentication apparatus 104 next performs user information update 1002. In the user information update 1002, user information corresponding to the old authentication information 1101 is searched from the user information stored in the user information storage area 311 using the old authentication information 1101 as a search key and updated to the new authentication information 1102.

  Next, the authentication device 104 transmits a user update response message 1003 to the client device 101. An example of the user update response message 1003 is shown in FIG. The user update response message 1003 is composed of parameters of the user update result 1102. A user update result 1103 indicates success or failure of the user update process.

  The above is an example of a series of processing executed by the authentication device 104 and the gateway device 105 when the client device 101 requests user update processing.

  An example of a series of processes executed by the authentication apparatus 104 and the gateway apparatus 105 when the client apparatus 101 requests a user revocation process will be described with reference to FIGS.

  FIG. 12 is an example of a sequence diagram of user revocation processing executed by the authentication device 104 and the gateway device 105 in the present embodiment. First, the client apparatus 101 transmits a user revocation request message 1201 to the authentication apparatus 104. An example of the user revocation request message 1301 is shown in FIG. FIG. 13 is an example of messages transmitted and received during the user revocation process executed by the authentication device 104 and the gateway device 105 in the present embodiment. The user revocation request message 1201 is composed of parameters of authentication information 1301.

  Returning to FIG. 12, the authentication apparatus 104 next performs user information revocation 1202. In the user information revocation 1202, the user information corresponding to the authentication information 1301 is searched from the user information stored in the user information storage area 311 using the authentication information 1301 as a search key, and the corresponding record is deleted.

  Next, the authentication device 104 transmits a user revocation response message 1203 to the client device 101. An example of the user revocation response message 1203 is shown in FIG. The user revocation response message 1203 is composed of parameters of the user revocation result 1302. The user revocation result 1303 indicates the success or failure of the user revocation process.

  The above is an example of a series of processing executed by the authentication device 104 and the gateway device 105 when the client device 101 requests user revocation processing.

  An example of a series of processing executed by the authentication device 104, the gateway device 105, and the data management device 106 when the client device 101 requests user authentication processing will be described with reference to FIGS.

  FIG. 14 is an example of a sequence diagram of user authentication processing executed by the authentication device 104, the gateway device 105, and the data management device 106 in the present embodiment. First, the client apparatus 101 transmits a user authentication request message 1401 to the authentication apparatus 104. An example of the user authentication request message 1401 is shown in FIG. FIG. 15 is an example of messages transmitted and received during the user authentication process executed by the authentication device 104, the gateway device 105, and the data management device 106 in this embodiment. The user authentication request message 1401 is composed of parameters of authentication information 1501.

  Returning to FIG. 14, the authentication apparatus 104 performs user information reference 1402 next. In the user information reference 1402, the user identifier “R0” corresponding to the authentication information 1501 is acquired from the user information stored in the user information storage area 311 using the authentication information 1501 as a search key.

  Next, the authentication device 104 performs session ID generation 1403. In this embodiment, a random number “S0” generated using a pseudo random number generator is used as a session ID.

  Next, the authentication device 104 transmits a session establishment request message 1404 to the gateway device 105. An example of the session establishment request message 1404 is shown in FIG. The session establishment request message 1404 includes parameters of a session ID 1502, a user identifier 1503, and an establishment date 1504.

  Returning to FIG. 14, the gateway device 105 next performs session information storage 1405. An example of data stored in the session information storage area 408 is shown in FIG. FIG. 16 shows an example of data stored in the session information storage area 408 in the gateway apparatus 105 and the session information storage area 513 in the data management apparatus 106 in this embodiment, and the session ID “S0” and the user identifier “R0”. "," S1 "and" R1 ", and" S2 "and" R2 "are stored. The session information is stored as a set of a session ID 1601 and a user identifier 1602.

  Returning to FIG. 14, the gateway device 105 then transmits a session establishment request message 1406 to the data management device 106. The session establishment request message 1406 is the same as the session establishment request message 1404.

  Next, the data management apparatus 106 performs session information storage 1407. The data stored in the session information storage area 513 is the same as the data stored in the session information storage area 408.

  Next, the data management device 106 transmits a session establishment response message 1408 to the gateway device 105. An example of the session establishment response message 1408 is shown in FIG. The session establishment response message 1408 is composed of parameters of the session establishment result 1506. The session establishment result 1506 indicates the success or failure of the session establishment process.

  In this embodiment, the session establishment request message 1406 to the session establishment response message 1408 are processed in order from the data management apparatus 106_1 to the data management apparatus 106_m. However, the sequence is not limited to the permutation process, and is processed in parallel. It is also possible.

  Next, the gateway device 105 transmits a session establishment response message 1409 to the authentication device 104. The session establishment response message 1409 is the same as the session establishment request message 1408.

  Next, the authentication device 104 transmits a user authentication response message 1410. An example of the user authentication response message 1410 is shown in FIG. The user authentication response message 1410 is composed of a parameter of session ID 1505.

  The above is an example of a series of processing executed by the authentication device 104, the gateway device 105, and the data management device 106 when the client device 101 requests user authentication processing. In this way, only the session ID is transmitted to the client apparatus 101 during the user authentication process in the authentication apparatus 104. Thereby, since the user identifier is not used between the client apparatus 101 and the gateway apparatus 105, it is possible to prevent spoofing by a third party and data access by an unauthorized method.

  An example of a series of processing executed by the gateway device 105 and the data management device 106 when the client device 101 requests ID registration processing will be described with reference to FIGS. Here, an example is shown in which a bidirectional conversion relationship regarding the ID “111” of the domain “d0” and the ID “987” of the domain “d1” is registered in the ID management system.

  FIG. 17 is an example of a sequence diagram of ID registration processing executed by the gateway device 105 and the data management device 106 in this embodiment. First, the client apparatus 101 transmits an ID registration request message 1701 to the gateway apparatus 105. An example of the ID registration request message 1701 is shown in FIG. FIG. 18 is an example of messages transmitted and received during the ID registration process executed by the gateway device 105 and the data management device 106 in this embodiment. An ID registration request message 1701 includes parameters of ID 1801, domain 1802, and session ID 1803.

  Returning to FIG. 17, the gateway device 105 next performs a responsible node determination 1702. In the present embodiment, the responsible node is randomly determined based on the node information stored in the node information storage area 407 in the gateway device 105, and here the responsible node is the data management device 106_1. An example of data stored in the node information storage area 407 in the gateway device 105 is shown in FIG. FIG. 19 is an example of data stored in the node information storage area 407 in the gateway apparatus 105 and the node information storage area 512 in the data management apparatus 106 in this embodiment. The data management apparatus 106_1, the data management apparatus 106_2, The node ID and connection information of the data management device 106_m are stored. Node information is stored as a set of node ID and connection information. Reference numeral 1901 and reference numeral 1904 are data management apparatuses 106_1, reference numeral 1902 is a data management apparatus 106_2, and reference numeral 1903 is a node ID representing the data management apparatus 106_m. The effect that the data management apparatus 106 has a plurality of node IDs will be described later.

  Returning to FIG. 17, next, the gateway apparatus 105 transmits an ID registration request message 1703 to the data management apparatus 106_1. The ID registration request message 1703 is the same as the ID registration request message 1701.

  Next, the data management apparatus 106_1 performs user identifier processing 1704. In the user identifier processing 1704, the user identifier “R0” corresponding to the session ID 1803 is searched from the session information stored in the session information storage area 513 using the session ID 1803 as a search key.

  Next, the data management apparatus 106_1 registers the conversion relationship from the ID “111” of the domain “d0” to the ID “987” of the domain “d1”. Hereinafter, in the conversion relationship, the domain “d0” is referred to as a conversion source domain, the ID “111” is referred to as a conversion source ID, the domain “d1” is referred to as a conversion destination domain, and the ID “987” is referred to as a conversion destination ID.

  The data management device 106_1 performs data holding node determination 1705_1. An example of the data holding node determination method is shown in FIG. In FIG. 20, as an example, the node that holds the conversion relation information from the ID “111” of the domain “d0” to the ID “987” of the domain “d1” is determined. First, the conversion source ID, the conversion source domain, the conversion destination domain, and the user identifier are used as a search key 2001. Next, the hash value 2003 is obtained by applying the search key to the hash function 2002. Next, the hash value 2003 is compared with the node ID of the node (data management device 106), and a node (data management device 106) having a node ID that is equal to or greater than the hash value and closest to the hash value is set as a data holding node. . If the hash value exceeds the maximum value of the node ID, the minimum node ID is selected. Further, it is possible to make redundant by selecting the node having the node ID closest to the hash value (data management apparatus 106) in order from the closest node instead of one. In the example of FIG. 20, the hash value “1584” is obtained from the search key “111 @ d0 (to) d1 @ R0”, and the data management device has “2084” that is the closest value of “1584” or more as the node ID. 106_2 is a data holding node.

  Next, the data management device 106_1 transmits an ID registration request message 1706_1 to the data holding node (data management device 106_2). An example of the ID registration request message 1706 is shown in FIG. The ID registration request message 1706 is composed of two parameters with the search key 2001 as the key 1804 and the conversion destination ID “987” as the value 1805.

  Returning to FIG. 17, the data holding node (data management apparatus 106_2) performs ID registration 1707_1. An example of data stored in the data storage area 514 in the data management device 106 is shown in FIG. FIG. 21 shows an example of data stored in the data storage area 514 in the data management apparatus 106 in the present embodiment. The search key “111 @ d0 (to) d1 is stored in the data storage area 514 in the data management apparatus 106_2. @ R0 ”is stored as Key, and conversion destination ID“ 987 ”is stored as Value. Thus, since the number of IDs and the number of domains often change with time, a key-value data structure that does not require prior scheme design is suitable. In the ID registration 1707_1, a key-value type record 2101 is stored.

  Returning to FIG. 17, the data holding node (data management apparatus 106_2) transmits an ID registration response message 1708_1 to the data management apparatus 106_1. An example of the ID registration response message 1708 is shown in FIG. An ID registration response message 1708 includes an ID registration result 1806. An ID registration result 1806 indicates success or failure of the ID registration process.

  As described above, reference numeral 1706_1 to reference numeral 1708_1 indicate processing for registering the conversion relationship from the ID “111” of the domain “d0” to the ID “987” of the domain “d1”, which is performed by the data management apparatus 106.

  Next, the data management apparatus 106 registers the conversion relationship from the ID “987” of the domain “d1” to the ID “111” of the domain “d0”. In the processing from reference numerals 1706_2 to 1708_2, the conversion source ID and the conversion destination ID, the conversion source domain and the conversion destination domain are interchanged, and the same processing as reference numerals 1706_1 to 1708_1 is performed. Reference numeral 1707_2 designates the data management device 106_m as a data holding node. As shown in FIG. 21, the search key “987 @ d1 (to) d0 @ R0” is stored in the data storage area 514 in the data management device 106_m as the key. A key-value type record 2102 having ID “111” as Value is stored.

  Next, the data management apparatus 106 transmits an ID registration response message 1709 to the gateway apparatus 105. The ID registration response message 1709 is the same as the ID registration response message 1708.

  Next, the gateway device 105 transmits an ID registration response message 1710 to the client device 101. The ID registration response message 1710 is the same as the ID registration response message 1708.

  The above is an example of a series of processing executed by the gateway device 105 and the data management device 106 when the client device 101 requests ID registration processing. In this embodiment, as shown in FIG. 21, a key-value structure is used in which a conversion source ID, a conversion source domain, a conversion destination domain, and a user identifier are stored in Key, and a conversion destination ID is stored in Value. Absent. Any structure may be used as long as the conversion source ID and the user identifier are stored in the key and the conversion destination domain is stored in the value.

  Further, the present embodiment is merely an example in which the number of domains is two, and the number of domains is not limited. For example, when the number of domains is three or more, a bidirectional conversion relationship may be registered between each ID, and the number of domains is not limited.

  Furthermore, the conversion relationship from the conversion source ID to the conversion destination ID may be expressed by a plurality of records. A plurality of user identifiers may be assigned to the user, a plurality of search keys may be generated from each user identifier, and the conversion destination ID may be divided into values corresponding to each search key, and a part thereof may be stored. By dividing the conversion relationship into a plurality of records, it is possible to prevent a user who does not have access right from directly referring to data by a method such as analyzing the data storage area 514.

An example of a series of processes executed by the gateway apparatus 105 and the data management apparatus 106 when the client apparatus 101 requests an ID conversion process will be described with reference to FIGS.
Here, an example in which the ID “111” of the domain “d0” is converted to the ID of the domain “d1” is shown.

FIG. 22 is an example of a sequence diagram of ID conversion processing executed by the gateway device 105 and the data management device 106 in this embodiment. First, the client apparatus 101 transmits an ID conversion request message 2201 to the gateway apparatus 105.
An example of the ID conversion request message 2201 is shown in FIG. FIG. 23 is an example of messages transmitted and received during the ID conversion processing executed by the gateway device 105 and the data management device 106 in the present embodiment. The ID conversion request message 2201 includes parameters of ID 2301, domains 2302_1 and 2302_2, and session ID 2303.

  Returning to FIG. 22, the gateway device 105 next performs a responsible node determination 2202. The assigned node determination 2202 is the same as the assigned node determination 1702 in the ID registration process of FIG.

  Returning to FIG. 22, next, the gateway device 105 transmits an ID conversion request message 2203 to the data management device 106_1. The ID conversion request message 2203 is the same as the ID conversion request message 2201.

  Next, the data management apparatus 106_1 performs user identifier processing 2204. The user identifier process 2204 is the same as the user identifier process 1704 in the ID registration process of FIG.

  Returning to FIG. 22, the data management device 106_1 next performs data holding node determination 2205. The data holding node determination 2205 is the same as the data holding node determination 1705_1 in the ID registration process of FIG.

  Returning to FIG. 22, the data management apparatus 106_1 next transmits an ID conversion request message 2206 to the data holding node (data management apparatus 106_2). An example of the ID conversion request message 2206 is shown in FIG. The ID conversion request message 2206 is composed of one parameter with the search key “111 @ d0 (to) d1 @ R0” as the key 2304.

  Returning to FIG. 22, the data holding node (data management device 106_2) performs ID conversion 2207. In the ID conversion 2207, the corresponding conversion destination ID “987” is acquired from the data stored in the data storage area 514 using “111 @ d0 (to) d1 @ R0” as a search key.

  Returning to FIG. 22, the data holding node (data management apparatus 106_2) transmits an ID conversion response message 2208 to the data management apparatus 106_1. An example of the ID conversion response message 2208 is shown in FIG. The ID conversion response message 2208 includes an ID 2306, and stores a conversion destination ID “987” in this embodiment.

  Next, the data management apparatus 106_1 transmits an ID conversion response message 2209 to the gateway apparatus 105. The ID conversion response message 2209 is the same as the ID conversion response message 2208.

  Next, the gateway device 105 transmits an ID conversion response message 2210 to the client device 101. The ID conversion response message 2210 is the same as the ID conversion response message 2208.

  The above is an example of a series of processing executed by the gateway device 105 and the data management device 106 when the client device 101 requests ID conversion processing.

  An example of a series of processes executed by the gateway apparatus 105 and the data management apparatus 106 when the client apparatus 101 requests an ID update process will be described with reference to FIGS. In this example, the ID “111” of the domain “d0” is updated to the ID “222”. Hereinafter, ID “111” is referred to as an old ID, and ID “222” is referred to as a new ID.

  FIG. 24 is an example of a sequence diagram of ID update processing executed by the gateway device 105 and the data management device 106 in this embodiment. First, the client apparatus 101 transmits an ID update request message 2401 to the gateway apparatus 105. An example of the ID update request message 2401 is shown in FIG. FIG. 25 is an example of messages transmitted and received during the ID update process executed by the gateway device 105 and the data management device 106 in the present embodiment. The ID update request message 2401 includes parameters of ID 2501, domain 2502, and session ID 2503.

  Returning to FIG. 24, the gateway device 105 next performs a responsible node determination 2402. The assigned node determination 2402 is the same as the assigned node determination 1702 in the ID registration process of FIG.

  Returning to FIG. 24, the gateway apparatus 105 transmits an ID update request message 2403 to the data management apparatus 106_1 that is the determined responsible node. The ID update request message 2403 is the same as the ID update request message 2401.

  Next, the data management apparatus 106_1 performs user identifier processing 2404. The user identifier process 2404 is the same as the user identifier process 1704 in the ID registration process of FIG.

Returning to FIG. 24, the data management apparatus 106 next invalidates the conversion relationship from the ID “111” of the domain “d0” to the ID “987” of the domain “d1”. The data management device 106_1 performs the data holding node determination 2405.
The data holding node determination 2405 is the same as the data holding node determination processing 1705_1 and 1705_2 in the ID registration processing of FIG. 17, and the data holding node (data management device 106_2) corresponding to the search key “111 @ d0 (to) d1 @ R0”. )

  Returning to FIG. 24, the data management apparatus 106_1 next transmits an ID update request message 2406 to the data holding node (data management apparatus 106_2). An example of the ID revocation request message 2406 is shown in FIG. The ID update request message 2406 is composed of one parameter with the search key “111 @ d0 (to) d1 @ R0” as the Key 2506.

  Returning to FIG. 24, the data holding node (data management apparatus 106_2) performs ID revocation 2407. An example of data stored in the data storage area 514 in the data management device 106 is shown in FIG. FIG. 26 shows an example of data stored in the data storage area 514 in the data management apparatus 106 at the time of ID update processing. In the ID update 2407, data stored in the data storage area 514 in the data management apparatus 106_2. The corresponding Value 2601 is updated to “null” using “111 @ d0 (to) d1 @ R0” as a search key. In the present embodiment, setting the value 2601 to “null” is the ID revocation processing, but instead of “null”, another value indicating a revocation state may be used, or the record situation may be deleted.

  Returning to FIG. 24, the data holding node (data management apparatus 106_2) transmits an ID update response message 2408 to the data management apparatus 106_1. An example of the ID update response message 2408 is shown in FIG. The ID update response message 2408 is composed of an ID 2508, and ID “987” is stored in this embodiment.

  As described above, reference numerals 2405 to 2408 denote processing for updating the conversion relationship from the ID “111” of the domain “d0” to the ID “987” of the domain “d1”, which is performed by the data management apparatus 106.

  Returning to FIG. 24, the data management apparatus 106 next updates the conversion relationship from the ID “987” of the domain “d1” to the ID “111” of the domain “d0” from the old ID to the new ID.

  The data management device 106_1 performs data holding node determination 2409. The data holding node determination 2409 is the same as the data holding node determination 1705 in the ID registration process of FIG. 17, and the data holding node (data management device 106_m) corresponding to the search key “987 @ d1 (to) d0 @ R0” is obtained. .

  Returning to FIG. 24, the data management apparatus 106_1 next transmits an ID update request message 2410 to the data holding node (data management apparatus 106_m). An example of the ID update request message 2410 is shown in FIG. The ID update request message 2410 is composed of two parameters, with “987 @ d1 (to) d0 @ R0” as Key 2504 and new ID “222” as Value 2505.

  Returning to FIG. 24, the data holding node (data management apparatus 106 — m) performs ID update 2411. As shown in the data management device 106_m in FIG. 26, in the ID update 2411, “Value 2602” corresponding to “987 @ d1 (to) d0 @ R0” from among the data stored in the data storage area 514 is set to “222”. Update to "".

  Returning to FIG. 24, the data holding node (data management apparatus 106_m) transmits an ID update response message 2412 to the data management apparatus 106_1. An example of the ID update response message 2412 is shown in FIG. The ID update response message 2412 includes an ID update result 2507. An ID update result 2507 indicates success or failure of the ID update process.

  As described above, reference numeral 2409 to reference numeral 2412 are processes performed by the data management apparatus 106 to update the conversion relationship from the ID “987” of the domain “d1” to the ID “111” of the domain “d0” from the old ID to the new ID. is there.

  Returning to FIG. 24, the data management apparatus 106 registers the conversion relationship from the ID “222” of the domain “d0” to the ID “987” of the domain “d1”. The original ID is changed from the old ID “111” to the new ID “222”, and the same processing as the reference numerals 1706_1 to 1708_1 in FIG. Reference numeral 2413 designates the data management device 106_m as a data holding node. As shown in FIG. 26, the search key “222 @ d0 (to) d1 @ R0” is stored in the data storage area 514 in the data management device 106_m as the key. A key-value type record 2603 with ID “987” as Value is stored.

  Next, the data management apparatus 106_1 transmits an ID update response message 2417 to the gateway apparatus 105. The ID update response message 2417 is the same as the ID update response message 2412.

  Next, the gateway device 105 transmits an ID update response message 2418 to the client device 101. The ID update response message 2418 is the same as the ID update response message 2412.

  The above is an example of a series of processing executed by the gateway device 105 and the data management device 106 when the client device 101 requests ID update processing.

  An example of a series of processes executed by the gateway apparatus 105 and the data management apparatus 106 when the client apparatus 101 requests an ID revocation process will be described with reference to FIGS. Here, an example in which the ID “111” of the domain “d0” is revoked is shown.

  FIG. 27 is an example of a sequence diagram of ID revocation processing executed by the gateway device 105 and the data management device 106 in this embodiment. First, the client apparatus 101 transmits an ID revocation request message 2701 to the gateway apparatus 105. An example of the ID revocation request message 2701 is shown in FIG. FIG. 28 is an example of messages transmitted and received during the ID revocation process executed by the gateway device 105 and the data management device 106 in this embodiment. The ID revocation request message 2701 includes parameters of ID 2801, domain 2802, and session ID 2803.

  Returning to FIG. 27, the gateway device 105 next determines the responsible node 2702. The assigned node determination 2702 is the same as the assigned node determination 1702 in the ID registration process of FIG.

  Returning to FIG. 27, next, the gateway device 105 transmits an ID revocation request message 2703 to the data management device 106_1. The ID revocation request message 2703 is the same as the ID revocation request message 2701.

  Next, the data management apparatus 106_1 performs user identifier processing 2704. The user identifier process 2704 is the same as the user identifier process 1704 in the ID registration process of FIG.

  Returning to FIG. 27, next, the data management apparatus 106 invalidates the conversion relationship from the ID “111” of the domain “d0” to the ID “987” of the domain “d1”. The processes from 2705 to 2708 are the same as the processes from 2405 to 2408 in FIG. An example of data stored in the data storage area 514 in the data management apparatus 106 is shown in FIG. FIG. 29 shows an example of data stored in the data storage area 514 in the data management apparatus 106 at the time of the ID update processing. The data is stored in the data storage area 514 in the data management apparatus 106_2 due to the ID revocation 2707. The Value 2901 corresponding to “111 @ d0 (to) d1 @ R0” is updated to “null”.

  Returning to FIG. 27, the data management apparatus 106 next invalidates the conversion relationship from the ID “987” of the domain “d1” to the ID “111” of the domain “d0”. In the processing from reference numeral 2709 to reference numeral 2712, the conversion source ID and the conversion destination ID, the conversion source domain and the conversion destination domain are interchanged, and the same processing as reference numerals 2405 to 2408 in FIG. 24 is performed. As shown in FIG. 29, the Value 2902 corresponding to “987 @ d1 (to) d0 @ R0” stored in the data storage area 514 in the data management device 106_m is updated to “null” by the ID revocation 2711.

  Next, the data management apparatus 106_1 transmits an ID revocation response message 2713 to the gateway apparatus 105. An example of the ID revocation response message 2713 is shown in FIG. The ID revocation response message 2713 includes an ID revocation result 2806. The ID revocation result 2806 indicates the success or failure of the ID registration process.

  Next, the gateway device 105 transmits an ID revocation response message 2714 to the client device 101. The ID revocation response message 2714 is the same as the ID revocation response message 2713.

  The above is an example of a series of processing executed by the gateway device 105 and the data management device 106 when the client device 101 requests the ID revocation processing.

  Although one embodiment of the present invention has been described above, according to the above embodiment, since it is not necessary to register the correspondence relationship of IDs between domains in the table in advance, even if the number of domains and the number of IDs increase. There is no need to rebuild the system. Thereby, the man-hour and cost which a system reconstruction requires can be reduced. Moreover, ID which can be converted can be controlled for every user. Further, only the session ID is transmitted to the client apparatus 101 during the user authentication process in the authentication apparatus 104. Thereby, since the user identifier is not disclosed to the user, it is possible to prevent spoofing by a third party and data access by an unauthorized method.

  In addition, this invention is not limited to an above-described Example, Various modifications are included. For example, the above-described embodiments have been described in detail for easy understanding of the present invention, and are not necessarily limited to those having all the configurations described. Further, a part of the configuration of one embodiment can be replaced with the configuration of another embodiment, and the configuration of another embodiment can be added to the configuration of one embodiment. Further, it is possible to add, delete, and replace other configurations for a part of the configuration of each embodiment.

  Each of the above-described configurations, functions, processing units, processing means, and the like may be realized by hardware by designing a part or all of them with, for example, an integrated circuit. Each of the above-described configurations, functions, and the like may be realized by software by interpreting and executing a program that realizes each function by the processor. Information such as programs, tables, and files for realizing each function can be stored in a memory, a hard disk, a recording device such as an SSD (Solid State Drive), or a recording medium such as an IC card, an SD card, or a DVD.

  Further, the control lines and information lines indicate what is considered necessary for the explanation, and not all the control lines and information lines on the product are necessarily shown. Actually, it may be considered that almost all the components are connected to each other.

101_1, 101_n: Client device, 102, 103 ... Network, 104 ... Authentication device, 105 ... Gateway management device, 106_1, 106_2, 106_3, 106_m ... Data management device, 201, 301, 401, 501 ... control unit, 210, 309, 406, 511 ... storage unit, 213, 312, 409, 515 ... input / output unit, 214, 313, 410, 516 ... transmission / reception unit, 601 ... Computer, 602 ... CPU, 603 ... Memory, 604 ... External storage device, 605 ... Transmission / reception device, 606 ... Output device, 607 ... Input device.

Claims (5)

An ID management method in a data management apparatus connected to a client terminal via a network,
The data management apparatus includes a first information Installing corresponding to the session information and the user identifier, a storage unit for storing the second information associating the search key and the second domain ID, and ,
A step wherein the data management device, for receiving a conversion request from the client terminal via the network, to the second domain ID from the first domain ID,
Obtaining a user identifier from the session information included in the conversion request and the first information ;
The data management device is based on the first information, the search key that combines the first domain ID, the second domain, and the user identifier included in the conversion request, and the second information. Obtaining the second domain ID corresponding to the first domain ID, and transmitting the second domain ID to the client terminal;
An ID management method characterized by comprising: The data management device includes a plurality of data management devices, wherein the data management device that receives the conversion request from the client terminal is the first data management device, and the data management device converts the first domain ID to the second domain ID. The device is the second data management device,
The first data management device selects a second data management device based on a search key composed of the first domain, the first domain ID, the second domain, and the user identifier, The ID management method according to claim 1 , further comprising: transmitting the search key to the second data management device . Selecting the second data management device comprises:
  3. The ID management method according to claim 2, wherein the second data management device is selected by comparing a value obtained by multiplying the search key by a hash function and an ID of the data management device. Selecting the second data management device comprises:
4. The ID management method according to claim 3, wherein a data management device having an ID of the data management device close to a value obtained by multiplying the search key by a hash function is selected as the second data management device. A data management device to connect the client terminal via a network,
The session information and the first information user identifier and the respectively Installing corresponding, a storage unit for storing the second information associating the search key and the second domain ID, and,
A receiving unit for receiving a conversion request from the first domain ID to the second domain ID from the client terminal via the network;
A user identifier is acquired from the session information included in the conversion request and the first information, and the acquired user identifier and the first domain, the first domain ID, the first information included in the conversion request A control unit that obtains the second domain ID corresponding to the first domain ID based on a search key that combines two domains;
A transmission unit for transmitting the second domain ID to the client terminal;
A data management apparatus comprising:

Images