JP7458805B2 - Information processing device, information processing system, and program - Google Patents

Description

The present invention relates to an information processing device , an information processing system, and a program.

In recent years, storage services have been provided that manage users' personal data using storage on the Internet. Using their own terminals, users can write personal data to storage and read personal data written to storage. With storage services, users themselves can set the scope of disclosure of personal data written in the storage. Other users included in the disclosure range set for the personal data can use the personal data using their own terminals. In this way, a storage in which the user has authority to read and write data, set the disclosure range, etc. is also called a personal data store.

On the other hand, private set intersection (PSI) has conventionally been used. Secret intersection calculation is a protocol for obtaining information regarding common elements without disclosing the contents of each user's data set to each other. Various methods have been proposed for secret common set calculations depending on the number of data sets and their purpose, such as a method using blind signatures and a method using Bloom Filter to reduce the amount of calculation. Furthermore, there is a technique that uses a dedicated server to reduce the amount of calculation for secret common set calculation (for example, see Patent Document 1).

Japanese Patent Application Publication No. 2014-157264

Users who use a storage service may want to extract common elements from each other's personal data for the purpose of discovering common topics. However, if users give each other access rights to their personal data stores so that personal data can be checked between users in order to extract common elements, not only common elements but also personal data will be set. Other information on the site may also be cross-referenced, which may lead to privacy issues. Therefore, it is conceivable to extract common elements using secret common set calculation, but even common elements may contain information that is not desired to be disclosed to other users.

The present invention has been made in consideration of such circumstances, and makes it possible to extract common information that can be disclosed between users from the personal data while keeping the personal data of each user confidential. Provides information processing devices , information processing systems, and programs.

One aspect of the present invention provides information that specifies data conversion rules for generating matching data to be matched for extraction of common element information based on at least some element information included in a data set. and a set that converts a first data set including element information indicating information about the first user into a first matching data set that is a set of matching data generated according to the specified data conversion rule. a conversion unit; and a second matching data set that is a set of matching data that is converted from a second data set that includes element information indicating information about the second user and that is generated according to the specified data conversion rule; The information processing apparatus is characterized by comprising: a secret common set calculation unit that obtains the collation data included in common with the first collation data set by a secret common set calculation.

One aspect of the present invention is the information processing apparatus described above, wherein the data conversion rule includes a rule for converting the element information into verification data of a predetermined granularity.

One aspect of the present invention is the above-mentioned information processing device, characterized in that the receiving unit receives information on the secret intersection calculation method to be used, and the secret intersection calculation unit performs the secret intersection calculation of the secret intersection calculation method in cooperation with another information processing device corresponding to the second user.

One aspect of the present invention is the information processing device described above, wherein the receiving unit receives first storage location information indicating a storage location that is permitted to be referenced by another information processing device corresponding to the second user; Receiving second storage location information indicating a storage location that the information processing device is permitted to reference by a second user, the confidential common set calculation unit adds a confidential common set to the storage location information indicated by the first storage location information. writing the encrypted first collation data set used in the calculation, and reading the encrypted second collation data set used in the secret common set calculation from storage location information indicated by the second storage location information; It is characterized by

One aspect of the present invention is the information processing device described above, wherein the first data set includes element information regarding the history of the first user's actions, and the second data set includes element information regarding the history of the actions of the second user. It is characterized by including element information regarding the history of.

One aspect of the present invention is the information processing device described above, characterized in that the action is using content, performing a search, or geographical movement.

One aspect of the present invention is a program for causing a computer to function as any of the information processing devices described above.

According to the present invention, while keeping the personal data of each user confidential, it is possible to extract common information that may be disclosed between users from the personal data.

1 is a diagram illustrating a configuration example of an information processing system according to an embodiment of the present invention. FIG. 2 is a block diagram showing a configuration example of an information processing device and an input/output device according to the same embodiment. FIG. 3 is a diagram showing an example of personal data according to the same embodiment. FIG. 3 is a diagram illustrating an example of a collation data set according to the same embodiment. FIG. 3 is a diagram showing the flow of operations in the information processing system according to the embodiment. FIG. 3 is a sequence diagram of a secret common set calculation process in the information processing system according to the embodiment. 11 is a sequence diagram of a secret intersection calculation process in the information processing system according to the embodiment. FIG.

Embodiments of the present invention will be described in detail below with reference to the drawings.
FIG. 1 is a diagram showing a configuration example of an information processing system 1 according to an embodiment of the present invention. The information processing system 1 of this embodiment includes an information processing device 2 and an input/output device 3 corresponding to each user. The information processing device 2 and the input/output device 3 are connected to the network 5. The network 5 may be a public network such as the Internet, a private network such as a LAN (Local Area Network), or a combination of a public network and a private network. Note that the information processing device 2 and the input/output device 3 that correspond to the same user may be connected without going through the network 5. Further, the network between the information processing devices 2, the network between the information processing device 2 and the input/output device 3, and the network between the input/output devices 3 may be different networks. Furthermore, the information processing device 2 and the input/output device 3 that correspond to the same user may be realized by the same device.

The information processing device 2 stores personal data of the corresponding user. Examples of personal data include, but are not limited to, viewing history, visit history, and search history. The viewing history indicates a history of the user's viewing of content such as broadcast programs and videos distributed over the Internet. The viewing history includes, for example, time information indicating the time, information specifying the content the user viewed at the time indicated by the time information, and information related to the viewed content. The visit history indicates a history of places visited by the user through geographical movement. The visit history includes, for example, time information, visited place information indicating the places visited by the user at the time indicated by the time information, and information related to the visited places. Furthermore, the search history indicates a history of searches performed by the user on the network. The search information includes time information and information on keywords used when the user performed a search on the network at the time indicated by the time information.

For the purpose of finding common topics, users can share information on recently watched TV programs and content on the Internet, restaurants visited, tourist spots, countries and regions, and keywords used in Internet searches. There are cases where you want to extract common information from personal data. However, if parties grant each other permission to access personal data in order to extract common elements, information that is not the object of searching for common elements may also be disclosed. Further, in the case where the information set in the personal data is hierarchical information, the level of granularity at which level of matching is determined to be a common element may vary depending on the purpose. For example, information regarding television programs includes information in the hierarchy of "program episode" < "program series" < "genre." Note that the left side of "<" indicates a lower hierarchy, and the right side indicates an upper hierarchy. In this case, you can decide whether to judge it as a common element when the "program episode" matches, whether to judge it as a common element when the "program series" matches, or whether to judge it as a common element when the "genre" matches. You may want to change it. As another example, "Kuta x-chome, Setagaya-ku" < "Kuta, Setagaya-ku" < "Setagaya-ku" < "Within Tokyo's 23 wards" < "Inside Tokyo" < "Kanto region" indicated by the address information of the visited place ” < “Within Japan” You may want to change which hierarchy is determined to be a common element when a match occurs. Alternatively, prefectures such as "Tokyo" may be disclosed if they are a common element, but more detailed address information may not be desired to be disclosed even if they are a common element. Furthermore, as another example, which level of the hierarchy "XX Curry Restaurant (restaurant name)" < "Indian curry" < "Curry" < "Western food" < "Restaurant" indicated by the category information of the visited place You may want to change whether or not a common element is determined when the (granularity) information matches. Alternatively, the type of restaurant may be disclosed if it is a common element, but the specific restaurant name may not be desired to be disclosed even if it is a common element.

In addition, depending on the combination of users, it may be possible that common elements cannot be obtained when information on programs viewed or places visited is compared to a lower level. In this case, by converting the viewing history and visit history into information of various granularities and comparing them, it becomes easier to extract common viewing and visit experiences between users. For example, if the viewing history contains hierarchical information such as "Scarlet (Episode 10)" < "Scarlet Series" < "Drama Program on XX Channel" < "Drama Program" as information on programs viewed, common information may not be obtained between users for the program episodes or program series of the programs viewed. Therefore, by setting the granularity to a higher level such as genre, it becomes easier to obtain common elements. Similarly, when the location information indicated by the visit history is expressed in a hierarchical manner as described above, common information may not be obtained between users for "Setagaya Ward". Therefore, by setting the granularity to the above levels such as "Tokyo" and "Kanto region", it becomes easier to obtain common information.

The information processing system 1 of the present embodiment keeps each user's personal data confidential and extracts common elements included in the personal data only for information of the type and granularity specified by the user.

Figure 2 is a block diagram showing the configuration of the information processing device 2 and the input/output device 3. In Figure 2, only the functional blocks related to this embodiment are shown. In Figure 2, the network 5 connecting the information processing device 2 and the input/output device 3 is omitted.

The information processing device 2 is realized by a computer device such as a server computer or a personal computer. The information processing device 2 includes a storage unit 21, a control unit 22, set conversion units 23-1 to 23-N (N is an integer of 1 or more), and secret common set calculation units 24-1 to 24-M (M is an integer greater than or equal to 1). Hereinafter, the set conversion units 23-1 to 23-N will be collectively referred to as the set conversion unit 23, or if no one is designated, they will be referred to as the set conversion unit 23. Further, the secret common set calculation units 24-1 to 24-M are collectively referred to as the secret common set calculation unit 24, or if any one is not specified, the secret common set calculation unit 24 is used.

The storage unit 21 is realized by a hard disk device, a semiconductor memory, or the like. The storage unit 21 may be a personal data store provided to a user in a storage service. The personal data store is a storage in which the user has authority to read and write data, set the range of disclosure, and the like. The storage unit 21 has a private directory and a directory for secret intersection calculation. The private directory is a directory to which access from other users is not permitted. The private directory stores personal data and a matching data set. The personal data is a data set including one or more element information. The element information indicates information about a user. The matching data set is used to extract common elements between users. The matching data set is a data set including one or more matching data. Each matching data is generated based on one or more element information included in the personal data. The directory for secret intersection calculation is a directory to which access from other information processing devices 2 authorized by the user is permitted. The directory for secret intersection calculation stores calculation process information, which is information used in the process of secret intersection calculation. The storage unit 21 may be composed of a storage unit that stores personal data and a matching data set, and a storage unit that stores calculation process information.

The control unit 22 receives from the input/output device 3 information used in a process of extracting common element information that can be disclosed between users from the personal data while keeping each other's personal data secret. It has the function of a receiving section. This information received from the input/output device 3 is information specifying data conversion rules for generating verification data from personal data to be used for extracting common elements of type and granularity determined to be disclosed between users. It also includes information specifying the hidden common set calculation method to be used when extracting common matching data while keeping the matching data set secret. The control unit 22 instructs the set conversion unit 23 to convert the personal data into a matching data set based on the information received from the input/output device 3. Further, the control unit 22 controls the collation data set generated by the set conversion unit 23 based on the information received from the input/output device 3 and the collation data set of other users generated by the other information processing device 2 to be common to each other. The secret common set calculation unit 24 is instructed to extract the collation data included in the search data by secret common set calculation. The control unit 22 further has the function of a transmitting unit that transmits the verification data extracted by the secure common set calculation unit 24 through the secure common set calculation to the input/output device 3.

The set conversion units 23-1 to 23-N each acquire element information of a predetermined information type from personal data according to different data conversion rules, generate verification data, and generate a verification data set including the generated verification data. generate. The data conversion rule indicates a rule for generating verification data based on at least some element information included in personal data. This rule includes one or more element information that is the generation source of the verification data, and whether the settings of the element information of the generation source are set as is in the verification data, or how the settings of the element information of the generation source are changed. Contains settings conversion rules for converting and setting as verification data. For example, if personal data includes element information of each layer, such as element information of the first layer, element information of the second layer, etc., the data conversion rules include the element information of which layer to match when generating data. By specifying the source, the granularity when extracting common information can be changed. Alternatively, the granularity at which common information is extracted can be changed by defining a setting content conversion rule so as to convert the setting content of element information into setting content of a predetermined granularity to generate matching data. In the following, the data conversion rule used by the set conversion unit 23-n (n is an integer greater than or equal to 1 and less than or equal to N) will be referred to as a data conversion rule (n).

For example, personal data includes element information D(1), element information D(2), ..., element information D(i) is (i=1, 2, ...), element information D1(i) of attribute D1 , element information D2(i) of attribute D2, and element information D3(i) of attribute D3. Further, it is assumed that the element information D3(i) is composed of first layer element information D31(i) and second layer element information D32(i). In this case, data conversion rule (1) sets element information D1(i) to matching data X(i), and data conversion rule (2) converts the granularity of element information D2(i) to set matching data X(i), data conversion rule (3) sets element information D3(i) to collation data X(i), and data conversion rule (4) sets element information D2(i) and element information D31( i) as matching data X(i), and data conversion rule (5) sets element information D2(i) and element information D32(i) whose granularity has been converted as matching data X(i). It can be set as a rule. In these cases, the set conversion units 23-1 to 23-5 generate matching data sets S{X(1), X(2),...} according to the respective data conversion rules. In addition, if the data conversion rule (6) is a rule that sets element information D2(i) to matching data X1(i) and sets element information D31(i) to matching data X2(i), set conversion The unit 23-5 generates a collation data set S{X1(1), X1(2),..., X2(1), X2(2),...}.

An example of granularity will be further explained. For example, assume that personal data includes element information at each level of "program episode" < "program series" < "genre" as information on programs watched by the user. In this case, the data conversion rules may include rules as to which level of element information, "program episode," "program series," or "genre," should be used as the element information from which matching data is generated.

Further, for example, it is assumed that the personal data includes element information whose information type is date and time. The date and time information is "Time" < "Hourly time period (hourly)" < "Time of the day (morning, noon, evening, late night, etc.)" < "Day of the week" < "Month" < " It is possible to convert the information to "seasonal" layer information. The data conversion rules are based on element information whose information type is date and time, such as "time", "hourly time period (hourly)", "day time period (morning, noon, evening, late night, etc.)", It may include setting content conversion rules for generating matching data with granularity such as "day of the week," "month," "season," or any combination thereof.

Further, for example, assume that the personal data includes element information whose information type is address. Address information in Japan can be converted into hierarchical information such as "block" < "city" < "prefecture" < "region" < "country." The data conversion rule is based on the element information of the address "Kinuta x-chome, Setagaya-ku, Tokyo", "Kuta, Setagaya-ku, Tokyo", "Setagaya-ku, Tokyo", "Tokyo", "Kanto region", "Eastern Japan", or , may include rules for generating matching data with a granularity such as "Japan".

In addition, for example, as element information in the category of visited place information type in personal data, elements of each layer of "XX Curry Restaurant (restaurant name)" < "Indian curry" < "Curry" < "Western food" < "Restaurant" Suppose that information is included. In this case, the data conversion rules may include rules for determining which hierarchy of the hierarchical element information is to be used as verification data.

As described above, the data conversion rules may include rules for converting hierarchical information included in personal data into verification data indicating information of a predetermined hierarchy (granularity). Further, the data conversion rules may include rules for generating one piece of matching data based on two or more pieces of element information. The verification data may be a combination of information of two or more different information types. Further, the verification data may include information such as data attributes and types.

As a result of the above, for example, the set conversion unit 23-1 converts the viewing history including the time information and the genre, series, and episode of the TV program viewed by the user at the time indicated by the time information into the matching data indicating the episode of the viewed program. The set conversion unit 23-2 converts the data into a set of collation data indicating the genre of the program viewed, and the set conversion unit 23-3 converts it into a set of collation data indicating the time period in which the user viewed the program. The set converting unit 23-4 can be configured to convert the data into a set of matching data that combines viewing time slots and genres.

The private intersection calculation unit 24 cooperates with the private intersection calculation units 24 of the other information processing devices 2 to perform a private intersection calculation between the matching data set generated by the set conversion unit 23 and the matching data sets of the other users. The private intersection calculation units 24-1 to 24-M each perform a private intersection calculation using a different private intersection calculation method. The private intersection calculation method performed by the private intersection calculation unit 24-m (m is an integer between 1 and M) is referred to as the private intersection calculation method (m).

The input/output device 3 includes an input section 31 and an output section 32. The input/output device 3 is, for example, a computer device such as a personal computer or a smartphone. The input unit 31 is configured using existing input devices such as a keyboard, pointing device, and touch panel. The output unit 32 is an image display device such as a CRT (Cathode Ray Tube) display, a liquid crystal display, or an organic EL (Electro Luminescence) display, and displays data. The output unit 32 may print the data using a printer, or may write the data onto a recording medium. The input/output device 3 performs a process of transmitting data to another device based on an instruction input by the user through the input section 31, and transmits data input by the user through the input section 31, data received from another device, etc. to the output section 32. Perform the processing presented by.

Note that one information processing device 2 may be realized by a plurality of computer devices connected to a network. In this case, each functional unit of the information processing device 2 can be implemented by any one of the plurality of computer devices. For example, the storage section 21, the control section 22, the set conversion section 23, and the secret common set calculation section 24 may be realized by different computer devices, and the set conversion section 23 and the secret common set calculation section 24 may be realized by different computer devices. The set conversion units 23-1 to 23-N may be realized by multiple computer devices, and the secret common set calculation units 24-1 to 24-M may be realized by multiple computer devices. You may. Furthermore, the same functional unit may be realized by a plurality of computer devices. For example, the storage unit 21 may be realized by a plurality of computer devices. Further, the information processing device 2 and the input/output device 3 may be physically the same device, or the plurality of information processing devices 2 may be the physically same device. Further, some of the functional units of the plurality of information processing devices 2 may be realized by physically the same device.

FIG. 3 is a diagram showing an example of personal data. The personal data shown in FIG. 3 shows viewing history. The viewing history information shown in Figure 3 includes the program ID (identifier), program name, program summary (description), program length (timeRequired), performer (actor), and genre of each program viewed by the user. Contains element information such as (genre) and publication. The publication further includes element information such as viewing start time (startDate) and viewing end time (endDate).

FIG. 4 is a diagram showing an example of a matching data set. The collation data set shown in FIG. 4 is generated based on personal data indicating viewing history. The collation data set shown in the figure includes collation data of information types of program, genre, and broadcaster. The verification data shown in the figure includes the name of the information type (program, genre, etc.). For example, if all the verification data included in the verification data set are of the same information type, may not be included. Further, the name of the information type used for the verification data may be different from the name of the information type used for element information included in the personal data. Furthermore, information corresponding to the settings of the verification data may be added to the verification data. For example, in the same figure, the setting contents of the verification data for the information type "program" include a value representing the broadcasting station and a value representing the program start time, and the program represented by the setting contents. The information ``//morning drama'' is added.

Next, the operation of the information processing system 1 will be explained. In the following, the information processing device 2 corresponding to user A will be referred to as an information processing device 2a, and the information processing device 2a includes a storage unit 21, a control unit 22, set conversion units 23-1 to 23-N, and a secret common set calculation. The units 24-1 to 24-M are respectively described as a storage unit 21a, a control unit 22a, set conversion units 23a-1 to 23a-N, and secret common set calculation units 24a-1 to 24a-M. In addition, the information processing device 2 corresponding to user B will be referred to as an information processing device 2b, and the information processing device 2b includes a storage unit 21, a control unit 22, set conversion units 23-1 to 23-N, and a secret common set calculation unit. 24-1 to 24-M are respectively described as a storage unit 21b, a control unit 22b, set conversion units 23b-1 to 23b-N, and secret common set calculation units 24b-1 to 24b-M. Further, the input/output device 3 of user A will be referred to as an input/output device 3a, and the input unit 31 and output unit 32 included in the input/output device 3a will be referred to as an input unit 31a and an output unit 32a, respectively. Further, the input/output device 3 of user B will be referred to as an input/output device 3b, and the input unit 31 and output unit 32 included in the input/output device 3b will be referred to as an input unit 31b and an output unit 32b, respectively.

FIG. 5 is a diagram showing the flow of operations of the information processing system 1.
First, a conversion rule and a secret common set calculation method to be used are determined between user A and user B (step S0). For example, the information processing device 2 includes a set converting unit 23-1 that converts the viewing history of a broadcast program into a set of matching data indicating episodes of the viewed program, and a set converting unit 23-1 that converts the viewing history of a broadcast program into a set of matching data indicating the genre of the viewed program. A set conversion unit 23-2, a set conversion unit 23-3 that converts into a set of collation data indicating the time slot in which the user viewed the program, a set conversion unit 23-4 that converts into a set of collation data that combines the viewing time slot and genre. , has... Furthermore, the information processing device 2 has secret common set calculation units 24-1 to 24-M that are suitable for various uses. User A and user B decide to extract a common program episode, and use a data conversion rule (n) or set conversion unit 23-n (n is any integer from 1 to N, inclusive) suitable for that purpose. The secret common set calculation method (m) or the secret common set calculation unit 24-m (m is an integer greater than or equal to 1 and less than or equal to M) to be used is determined.

User A tells user B the URL of his own secret common set calculation directory in the storage unit 21a of the information processing device 2a (step S1). For example, user A transmits the URL of the secret common set calculation directory to the input/output device 3b using the input/output device 3a. Similarly, in step S2, user B tells user A the URL of his own secret common set calculation directory in the storage unit 21b of the information processing device 2b (step S2). For example, user B transmits the URL of the secret common set calculation directory to the input/output device 3a using the input/output device 3b.

The information processing device 2a and the information processing device 2b each operate as follows.
User A inputs parameters through the input unit 31a of the input/output device 3a. Each parameter includes the URL of the directory for the secret intersection calculation of user A, the URL of the directory for the secret intersection calculation of user B, the URL of the personal data of user A, the data conversion rule (n) to be used, the secret intersection calculation method (m) to be used, and the access permission information. The access permission information indicates the identification information of the information processing device 2b that is permitted to access. The input/output device 3a transmits these input parameters to the information processing device 2a (step S3a). Instead of the data conversion rule (n) to be used, the identification of the set conversion unit 23a-n to be used may be used as a parameter. Also, instead of the secret intersection calculation method (m) to be used, the identification of the secret intersection calculation unit 24a-m to be used may be used as a parameter. The input/output device 3a transmits these input parameters to the information processing device 2a.

The control unit 22a of the information processing device 2a receives the parameters from the input/output device 3a. The control unit 22a sets the storage unit 21a to permit access to the directory for secret intersection calculation from the information processing device 2b indicated by the access permission information (step S4a). The control unit 22a outputs the URL of the personal data of the user A to the set conversion unit 23a-n corresponding to the parameters of the data conversion rule (n) to be used (step S5a). The set conversion unit 23a-n refers to the personal data of the received URL and converts it into a matching data set. The personal data to be referred to is the raw personal data before data conversion, and the converted matching data set is a raw set of unencrypted matching data. The set conversion unit 23a-n writes the matching data set into a private directory of the storage unit 21a and notifies the control unit 22a of the URL of the storage location of the matching data set (step S6a).

The control unit 22a outputs the URL of the directory for the private intersection calculation of user A, the URL of the directory for the private intersection calculation of user B, and the URL of the matching data set of user A to the private intersection calculation unit 24a-m corresponding to the parameters of the private intersection calculation method (m) to be used (step S7a). The private intersection calculation unit 24a-m extracts matching data of the common element while sharing the calculation process element information stored in the directory for the private intersection calculation of user A in the storage unit 21a and the calculation process element information stored in the directory for the private intersection calculation of user B in the storage unit 21b with the private intersection calculation unit 24b-m of the information processing device 2b. The calculation process element information is encrypted information used when performing the private intersection calculation. The private intersection calculation unit 24a-m outputs the matching data of the extracted common element to the control unit 22a (step S8a).

The control unit 22a transmits the matching data of the extracted common elements to the input/output device 3a (step S9a). The output unit 32a of the input/output device 3a presents the received matching data, for example by displaying it on a display (step S10a).

On the other hand, user B inputs parameters through the input section 31b of the input/output device 3b. Each parameter is the URL of the directory for user B's secret common set calculation, the URL of the directory for user A's secret common set calculation, the URL of user B's personal data, the data conversion rule (n) to be used, and the secret common set to be used. Includes calculation method (m) and access permission information. The access permission information indicates identification information of the information processing device 2a to which access is permitted. The input/output device 3b transmits these input parameters to the information processing device 2b (step S3b). Instead of the data conversion rule (n) to be used, the identification of the set conversion unit 23b-n to be used may be used as a parameter. Further, instead of the secret common set calculation method (m) to be used, the identification of the secret common set calculation unit 24b-m to be used may be used as a parameter. The input/output device 3b transmits these input parameters to the information processing device 2b.

The control unit 22b of the information processing device 2b receives parameters from the input/output device 3b. The control unit 22b sets the storage unit 21b to permit access to the secret common set calculation directory from the information processing device 2a indicated by the access permission information (step S4b). The control unit 22b outputs the URL of user B's personal data to the set conversion unit 23b-n corresponding to the parameters of the data conversion rule (n) to be used (step S5b). The set conversion unit 23b-n refers to the personal data of the received URL and converts it into a matching data set. The personal data to be referred to is raw personal data before data conversion, and the converted verification data set is a raw collection of unencrypted verification data. The set conversion unit 23b-n writes the verification data set in the private directory of the storage unit 21b, and notifies the control unit 22b of the URL of the storage location of the verification data set (step S6b).

The control unit 22b sends the secret common set calculation unit 24b-m corresponding to the parameters of the secret common set calculation method (m) to be used, the URL of the directory for user B's secret common set calculation, and the URL for user A's secret common set calculation. The URL of the directory and the URL of the collation data set of user B are output (step S7b). The secret intersection calculation unit 24b-m calculates calculation process element information stored in the directory for user B's secret intersection calculation in the storage unit 21b, and the calculation process element information stored in the directory for user A's secret intersection calculation in the storage unit 21a. While sharing the calculation process element information with the secret common set calculation units 24a-m of the information processing device 2a, collation data of the common elements is extracted. The secret common set calculation unit 24b-m outputs the extracted common element matching data to the control unit 22b (step S8b).

The control unit 22b outputs the extracted common element matching data to the input/output device 3b (step S9b). The output unit 32b of the input/output device 3b presents the received verification data by displaying it on a display (step S10b).

As a result of the above, for example, if user A and user B decide to extract a common program episode, user A's viewing history and the user's Program episodes common to B's viewing history are presented. Subsequently, User A and User B decide to extract a common viewing time slot, and use the data conversion rule (n) or set conversion unit 23-n suitable for that, and the secret common set calculation method (m) or the secret common set calculation method (m). The intersection calculation unit 24-m is determined. Through the above processing, the viewing time period common to user A's viewing history and user B's viewing history is output to user A's input/output device 3a and user B's input/output device 3b.

Next, an example of a secret common set calculation that can be used in the secret common set calculation unit 24 will be explained.
FIG. 6 is a sequence diagram illustrating an example of the secret common set calculation process of the information processing system 1. Note that the set Sc={c ₁ ,...,c _NC } of all element information that can be used as a target to be compared for extracting common elements may be made public (NC is an integer of 1 or more).

First, a data conversion rule and a secret intersection calculation method to be used are determined between user A and user B (step S105). The set conversion unit 23a of the information processing device 2a converts the personal data of user A according to the determined data conversion rule to create a matching data set S _A = {a ₁ , ..., a _NA } (NA is an integer equal to or greater than 1), and writes the matching data set S _A of a raw set to a private directory of the storage unit 21a (step S110). The set conversion unit 23b of the information processing device 2b converts the personal data of user B according to the determined data conversion rule to create a matching data set S _B = {b ₁ , ..., b _NB } (NB is an integer equal to or greater than 1), and writes the matching data set S _B of a raw set to a private directory of the storage unit 21b (step S115).

The secret common set calculation unit 24a of the information processing device 2a creates a public key pk and a secret key sk using the key generation algorithm KeyGen (step S120), and uses the created public key pk as the secret common set of the information processing device 2b. It is passed to the calculation unit 24b (step S125). For example, the secret common set calculation unit 24a writes the public key pk into the secret common set calculation directory of the storage unit 21a, and the secret common set calculation unit 24b writes the public key pk from the secret common set calculation directory of the storage unit 21a. read out. Alternatively, the public key pk may be transmitted from the secret common set calculation unit 24a to the secret common set calculation unit 24b. The secret common set calculation unit 24b encrypts each verification data _bj (j is an integer from 1 to NB) using the public key pk, and generates encrypted verification data _b'j . Thereby, the secret common set calculation unit 24b obtains the encrypted verification data set S _B ′={b′ ₁ , . . . , b′ _NB } (step S130).

On the other hand, the secret common set calculation unit 24a encrypts the verification data a _i (i is an integer greater than or equal to 1 and less than or equal to NA) using the public key pk, and generates encrypted verification data a' _i . Thereby, the secret common set calculation unit 24a obtains the encrypted verification data set S _A ′={a′ ₁ , . . . , a′ _NA } (step S135). The secret common set calculation section 24a passes the encrypted collation data set S _A ' to the secret common set calculation section 24b (step S140). For example, the secret common set calculation unit 24a writes the encrypted collation data set S _A ′ in the secret common set calculation directory of the storage unit 21a, and the secret common set calculation unit 24b writes the encrypted common set calculation data set S A′ in the secret common set calculation directory of the storage unit 21a. The encrypted verification data set S _A ' is read from.

The secret common set calculation unit 24b searches for matching encrypted verification data a' _i and encrypted verification data b' _j by round robin (step S145). Specifically, the secret common set calculation unit 24b searches for a combination of i and j such that a' _i -b' _j is 0 for all i and all j combinations. The secret common set calculation unit 24b extracts the matching data b _j specified by j found by the search from the matching data set S _B (step S150).

Note that by switching the processes from step S120 onward in the information processing apparatus 2a and the information processing apparatus 2b, the secret common set calculation unit 24a calculates the common matching data a _i from the matching data set S _A to the matching data set S _B. get. Alternatively, the secret common set calculating section 24b may notify the secret common set calculating section 24a of i obtained by the search or the encrypted collation data a' _i . The secret common set calculation unit 24a obtains _the matching data a i common to the matching data set S _{B from the matching data set S A based} on the notified i or the encrypted matching data a' _i .

FIG. 7 is a sequence diagram showing another secret common set calculation process of the information processing system 1. As in the case of FIG. 6, the set Sc={c ₁ , . . . , c _NC } may be made public.

First, a data conversion rule and a secret intersection calculation method to be used are determined between user A and user B (step S205). The set conversion unit 23a of the information processing device 2a converts the personal data of user A according to the determined data conversion rule to create a matching data set S _A = {a ₁ , ..., a _NA }, and writes the matching data set S _A of a raw set to a private directory of the storage unit 21a (step S210). The set conversion unit 23b of the information processing device 2b converts the personal data of user B according to the determined data conversion rule to create a matching data set S _B = {b ₁ , ..., b _NB }, and writes the matching data set S _B of a raw set to a private directory of the storage unit 21b (step S215).

The secret common set calculation unit 24a of the information processing device 2a creates a public key pk and a private key sk using the key generation algorithm KeyGen (step S220), and calculates the created public key pk and the hash function H to be used. It is passed to the secret common set calculation unit 24b of the information processing device 2b (step S225). For example, the secret common set calculation unit 24a writes the public key pk and the hash function H into the secret common set calculation directory of the storage unit 21a, and the secret common set calculation unit 24b writes the public key pk and the hash function H from the secret common set calculation directory of the storage unit 21a. Read public key pk and hash function H. Alternatively, the public key pk and the hash function H may be transmitted from the secret common set calculation unit 24a to the secret common set calculation unit 24b.

When the private intersection calculation unit 24b generates a random number r, it blinds (encrypts) each match data _bj by a blind function using the public key pk and the random number r to generate encrypted match data b'j ( _j is an integer between 1 and NB). As a result, the private intersection calculation unit 24b generates the encrypted match data set S _B '={b' ₁ , ..., b' _NB } (step S230). The private intersection calculation unit 24b passes the encrypted match data set S _B ' to the private intersection calculation unit 24a (step S235). For example, the private intersection calculation unit 24b writes the encrypted match data set S _B ' to a directory for private intersection calculation in the storage unit 21b, and the private intersection calculation unit 24a reads the encrypted match data set S _B ' from the directory for private intersection calculation in the storage unit 21b.

The secret common set calculation unit 24a generates encrypted verification data _b''j with user A's signature by encrypting each encrypted verification data _b'j using the secret key sk. Thereby, the secret common set calculation unit 24a generates the encrypted verification data set S _B ''={b'' ₁ ,...,b'' _NB } (step S240), and passes it to the secret common set calculation unit 24b. (Step S245). For example, the secret common set calculation unit 24a writes the encrypted verification data set S _B '' in the secret common set calculation directory of the storage unit 21a, and the secret common set calculation unit 24b writes the encrypted matching data set S B '' to the secret common set calculation directory of the storage unit 21a. Read the encrypted verification data set S _B '' from the directory.

The secret common set calculation unit 24b decrypts each encrypted verification data _b''j using an unblind function corresponding to the blind function used in step S230, and obtains encrypted verification data _b''j (step S250). The secret common set calculation unit 24b generates a hash value b'''' _j of the encrypted verification data b'''' _j using the hash function obtained in step S225. Thereby, the secret common set calculation unit 24b generates the encrypted verification data set S _B ''''={b'''' ₁ ,..., b'''' _NB } (step S255).

On the other hand, the secret common set calculation unit 24a encrypts the verification data a _i using the secret key sk, and generates encrypted verification data a′ _i (i is an integer greater than or equal to 1 and less than or equal to NA). Thereby, the secret common set calculation unit 24a obtains the encrypted verification data set S _A ′={a′ ₁ , . . . , a′ _NA } (step S260). The encrypted verification data _a'i is verification data that has been encrypted in the same way as the encrypted verification data b''' _j .

Further, the secret common set calculation unit 24a generates a hash value _a''j of the encrypted verification data _a'i using the hash function notified in step S225. Thereby, the secret common set calculation unit 24a obtains the encrypted verification data set S _A ''={a'' ₁ , . . . , a'' _NA } (step S265). The hash value _a''j is collation data that has been subjected to the same calculation as the hash value b'''' _j . The secret common set calculation unit 24a passes the encrypted collation data set S _A '' to the secret common set calculation unit 24b (step S270). For example, the secure common set calculation unit 24a writes the encrypted collation data set S _A '' into the directory for secure common set calculation in the storage unit 21a, and the secure common set calculation unit 24b writes the encrypted matching data set S A '' in the secure common set calculation directory in the storage unit 21a. Read the encrypted verification data set S _A '' from the directory.

The secret common set calculation unit 24b searches for matching hash values _a''i and b'''' _j by brute force for all combinations of i and all j (step S275). The secret common set calculation section 24b passes the set of hash values a'' _i found by the search {a'' _α , a'' _β , . . . } to the secret common set calculation section 24 a (step S280). The secret common set calculation unit 24a extracts the matching data a _α , a _β , . . . from which the hash values a″ _α , a _{″ β} , . In addition, the secret common set calculation unit 24b extracts the matching data _bj specified by j found by the search from the matching data set _SB (step S290).

Note that the information processing device 2 may apply a secret common set calculation method other than the above-mentioned secret common set calculation method. Further, in the above embodiment, the information processing device 2 has a plurality of set conversion units 23 each having a different data conversion rule, but the set conversion unit 23 converts personal data into a matching data set according to input data conversion rules. may be provided. In this case, the control unit 22 reads the data conversion rule selected by the user from the storage unit 21 and outputs it to the set conversion unit, or the set conversion unit reads the selected data conversion rule from the storage unit 21 and executes it.

Note that the above-mentioned information processing device 2 has a computer system inside. The operation process of the information processing device 2 is stored in a computer-readable recording medium in the form of a program, and the above-mentioned processing is performed by reading and executing this program by the computer system. The computer system here includes hardware such as a CPU, various memories, an OS, and peripheral devices.

Furthermore, the term "computer system" includes the homepage providing environment (or display environment) if a WWW system is used.
Furthermore, the term "computer-readable recording medium" refers to portable media such as flexible disks, magneto-optical disks, ROMs, and CD-ROMs, and storage devices such as hard disks built into computer systems. Furthermore, a "computer-readable recording medium" refers to a storage medium that dynamically stores a program for a short period of time, such as a communication line when transmitting a program via a network such as the Internet or a communication line such as a telephone line. It also includes devices that retain programs for a certain period of time, such as volatile memory inside a computer system that serves as a server or client. Further, the above-mentioned program may be one for realizing a part of the above-mentioned functions, or may be one that can realize the above-mentioned functions in combination with a program already recorded in the computer system.

According to the embodiment described above, the information processing device includes a receiving section, a set converting section, and a secret common set calculating section. The receiving unit receives information specifying a data conversion rule for generating matching data to be matched for extraction of common element information based on at least some element information included in the data set. . The data conversion rules may include rules for converting element information into matching data of a predetermined granularity. The receiving section is, for example, the control section 22. The set conversion unit converts a first data set including element information indicating information about the first user into a first matching data set that is a set of matching data generated according to a specified data conversion rule. The secret common set calculation unit generates a second matching data set that is a set of matching data that is converted from a second data set that includes element information indicating information about the second user and generated according to specified data conversion rules. and the first collation data set converted by the set conversion unit, collation data included in common is obtained by secret common set calculation.

The receiving unit may receive information about the secret intersection calculation method to be used. The secret common set calculation unit performs secret common set calculation using the secret common set calculation method indicated by the information received by the receiving unit, in cooperation with another information processing device corresponding to the second user.

The receiving unit receives first storage location information indicating a storage location that is allowed to be referenced by another information processing device corresponding to the second user, and second storage location information that indicates a storage location that is allowed to be referenced by the information processing device corresponding to the second user. Two storage location information may be received. For example, the first storage location information is a secret common set calculation directory in the own device. The second storage location information is a secret common set calculation directory of another information processing device that performs secret common set calculation in cooperation with the own device. The confidential common set calculation unit writes the encrypted first collation data set used in the confidential common set calculation to the storage location information indicated by the first storage location information, and calculates the confidential common set from the storage location information indicated by the second storage location information. Read the encrypted second collation data set used in the set calculation.

The first data set includes element information regarding the behavior history of the first user, and the second data set includes element information regarding the behavior history of the second user. The action is, for example, using content, performing a search, or moving geographically.

Although the embodiments of the present invention have been described above in detail with reference to the drawings, the specific configuration is not limited to these embodiments, and includes designs that do not deviate from the gist of the present invention.

1... Information processing system, 2... Information processing device, 21... Storage unit, 22... Control unit, 23-1 to 23-N... Set conversion unit, 24-1 to 24-M... Secret intersection calculation unit, 3... Input/output device, 31... Input unit, 32... Output unit, 5... Network

Claims (8)

The information processing device in an information processing system including two or more information processing devices,
Among the element information included in the data set, the collation data to be collated for extraction of common element information is compared to the user of the information processing apparatus concerned and a specific information processing apparatus among the other information processing apparatuses. a receiving unit that receives information specifying data conversion rules to be generated based on at least some of the element information that has been decided with the user to be disclosed;
A data set that is stored in a storage location that does not allow access from anyone other than the information processing device and that includes element information indicating information about the user of the information processing device is collated data that is generated according to the specified data conversion rule. a set conversion unit that converts into a matching data set that is a set;
Performing a process of encrypting the verification data set to generate an encrypted verification data set, and writing the encrypted verification data set to a storage location that allows reference from the specific information processing device. a secret common set calculation unit;
Equipped with
The secret common set calculation unit performs a process of acquiring the encrypted collation data set generated by the specific information processing device from a storage location that is permitted to be referenced by a user of the specific information processing device. , a secret common set calculation using the acquired encrypted matching data set and the encrypted matching data set generated by the secret common set calculating unit is performed by the secret common set calculating unit of the specific information processing device. Obtaining the collation data that is commonly included in the collation data set and the collation data set generated by the specific information processing device by collaborating ;
An information processing device characterized by: The data conversion rules include rules for converting the element information into matching data of a predetermined granularity.
The information processing device according to claim 1, characterized in that: The receiving unit receives information on a secret common set calculation method determined to be used between a user of the information processing device and a user of the specific information processing device ,
The secret common set calculation unit performs secret common set calculation of the secret common set calculation method in cooperation with the secret common set calculation unit of the specific information processing device.
The information processing device according to claim 1 or claim 2, characterized in that: The receiving unit includes first storage location information indicating a storage location that the specific information processing device is allowed to reference, and a storage location that the information processing device is allowed to reference by a user of the specific information processing device. receiving second storage location information;
The secret common set calculation unit writes the encrypted collation data set used in the secret common set calculation generated by the secret common set calculation unit to the storage location indicated by the first storage location information , and reading the encrypted verification data set used in the secret common set calculation written by the specific information processing device from the storage location indicated by the storage location information;
The information processing device according to any one of claims 1 to 3, characterized in that: The data set converted by the set conversion unit includes element information regarding a history of actions of a user of the information processing device .
The information processing device according to any one of claims 1 to 4, characterized in that: The action is using content, performing a search, or moving geographically;
6. The information processing device according to claim 5. computer,
A program for causing the information processing device to function as the information processing device according to any one of claims 1 to 6. An information processing system including an information processing device corresponding to a first user and an information processing device corresponding to a second user,
The information processing device corresponding to the first user is:
At least one of the element information included in the data set that has been decided to be disclosed between the first user and the second user is the collation data to be collated to extract common element information. a first receiving unit that receives information specifying data conversion rules for generation based on some element information;
Verification data generated from a first data set that is stored in a storage location that does not allow access from other than the information processing device and that includes element information indicating information about the first user according to the specified data conversion rule. a first set conversion unit that converts into a first matching data set that is a set of;
A process of encrypting the first verification data set to generate an encrypted first verification data set, and a storage that allows reference of the encrypted first verification data set from an information processing device corresponding to the second user. a first secret common set calculation unit that performs a process of writing to a location and a process of obtaining an encrypted second collation data set from a storage location that is permitted to be referenced by the second user;
Equipped with
The information processing device corresponding to the second user is
a second receiving unit that receives information specifying the data conversion rule;
A second data set that is stored in a storage location that does not allow access from other than the information processing device and that includes element information indicating information about the second user is a set of collation data that is generated according to the specified data conversion rule. a second set conversion unit that converts into a second matching data set,
a process of encrypting the second collation data set to generate the encrypted second collation data set; and a storage for allowing reference of the encrypted second collation data set from an information processing device corresponding to the first user. a second hidden common set calculation unit that performs a process of writing to a location and a process of acquiring the encrypted first collation data set from a storage location that is permitted to be referenced by the first user;
Equipped with
A first secret common set calculation unit of the information processing device corresponding to the first user and a second secret common set calculation unit of the information processing device corresponding to the second user cooperate to perform the encrypted first verification. By performing a secret common set calculation using the data set and the encrypted second verification data set , the verification data that is commonly included in the first verification data set and the second verification data set is obtained. Ru,
An information processing system characterized by:

Images