KR20190107334A - Method and system for contrilling access to shared resource using trust index - Google Patents

Abstract

Disclosed are a sharing resource access right control method based on a cyber physical social system (CPSS) using a trust index, which enables users to use an application service of various sharing economy networks; and a system thereof. According to the present invention, a sharing resource access right control method based on a trust index implemented by a computer comprises the steps of: receiving a registration request of a new entity wanting to join in a sharing economy network to register the entity in a database; calculating a trust index for each entity based on correlation between the new entity and other entities previously registered in the database; setting an access right between entities based on the calculated trust index; and determining whether to allow an access to sharing resources based on the set access right when receiving an access request of a predetermined entity to the sharing resources.

Description

Method and system for controlling access rights to CPSS-based shared resources using trust index {METHOD AND SYSTEM FOR CONTRILLING ACCESS TO SHARED RESOURCE USING TRUST INDEX}

Embodiments of the present invention relate to a technique for numerically quantifying the reliability of resource providers, resources, and resource consumers in a shared economic environment, and controlling access to shared resources based on the quantified confidence index.

With the development of the economy, the formation of extra resources has led to the existence of those who own the extra resources and those who want to use them. For example, the utilization rate of cars is about 4%, and when the seat of a car is full, 20%, there is a huge surplus of car capacity around the world. The economic benefits of providing these extra resources shareable through the platform is called the sharing economy. In other words, the sharing economy is an economic activity in which resources are not borrowed but borrowed and borrowed from each other. Resource providers and resource consumers are connected through a platform to form a shared economy network. This sharing economy is appearing in various forms in various fields.

As the IoT environment develops, the concept of a Cyber Physical Social System (CPSS) including all things, information communication technology (ICT), and people is expanding. With the development of devices that can be connected to the ICT environment such as sensors, the physical thing becomes increasingly recognized and controlled in the virtual world. The CPSS environment is combined with a shared economy network, and various resources are increasingly monitored in the cyber environment, and a shared economy market based on monitoring is emerging. In other words, ICT interfaces are increasing for objects and resources that are used in common, and the number of objects that can be controlled remotely is increasing with the development of technology. For example, a smart door lock combined with a lodging sharing service, an unintel, a LoRA-based public bicycle tracker, and the like may correspond to the sharing economy market based on the monitoring.

As such, the sharing economy market exists in various fields, such as DVD rental, car rental, P2P accommodation sharing, equipment rental, and clothing rental. There are various problems that cause damage to resource consumers or damage to the quality of products compared to the originally introduced products. For example, after renting a hanbok, there is a problem in that damage such as tearing of the returned hanbok or staining of dark stains occurs. In addition, when renting a car, there is a case where the state of the product before the rental contract is different from the state of the actual rental product (for example, when the vehicle maintenance state such as a tire scratch, tail light / wiper failure, etc. is poor), In case of renting, the photo of the resource provider introducing the house and the status of the house where the resource consumer actually stays are different, or the resource provider must use the water / electricity bill indiscriminately to settle the excessive water / electricity fee. There is a case.

In the case of Airbnb, various authentication procedures, such as identification, are required for the authentication of providers and consumers who wish to provide their own homes as shared resources, and certificate-based device authentication and ID / password-based authentication are required in real time. Application to IoT devices has limitations due to server delays, errors, and so on. Inconvenience in authentication is an obstacle to the spread of the sharing economy.

Korean Patent Laid-Open Publication No. 10-2017-0097497 relates to a system and method for replacing a curated tire using a sharing economy. The Korean Patent Application Publication No. 10-2017-0097497 relates to tire information extracted from tire information used by a user and parameter information input and selected by a user with reference to a database. Recommend a predetermined number of tires, schedule a replacement of the recommended tires, request delivery of the reserved tires to a service partner close to the user, and visit a serviceman near the user where the user's vehicle is located. By sending a message so that people, such as disabled people, foreigners, such as those who are difficult to replace the store is disclosed a configuration that can be replaced.

One embodiment of the present invention is to control access to shared resources based on a confidence index that quantifies and quantifies mutual evaluation between resource providers, resource consumers, and resources in a sharing economy network formed through a platform.

A method of controlling access rights to a shared resource based on a computer-based trust index, the method comprising: receiving a registration of a new entity to participate in a shared economy network and registering it in a database; Calculating a trust index for each entity based on the association between another entity and the new entity, establishing access rights between entities based on the calculated trust index, and receiving a request for access to a shared resource of a particular entity As a result, the method may include determining whether to allow access to the shared resource based on the set access authority.

According to one aspect, determining whether to allow the access, receiving an access request to the shared resource, as the event related to the use of the shared resource registered by another entity in the new entity, and the access As the request is received, the method may include checking whether the new entity is an entity authorized to access a shared resource of another entity based on the access authority set between the entities.

According to another aspect, the step of confirming whether the access right is an authorized entity, the access key (access key) registered in association with the shared resources of the object from the other entity and input from the new entity and the sharing On the basis of the key information received through the resource, it is possible to check whether the new entity is an entity authorized to access.

According to another aspect, the step of checking whether the access right is an authorized object, as the new object is identified as an unauthorized entity to access the shared resources of the other object, the access of the new object Rejecting the request, and providing a warning notification to the other entity to which the new entity has attempted to access.

According to another aspect, in response to the request of the new entity, further comprising the step of controlling a new resource is provided with a shared resource, the information of at least one other entity associated with the shared resource provided with the other entity; can do.

According to another aspect, the method may further include controlling to provide the new entity by associating the information of the other entity that has granted access to its shared resource and the information of the authorized shared resource.

According to another aspect, the information of the other entity includes the confidence index of the other entity, and the confidence index of the other entity may be displayed at least one of color and thickness differently according to the level to which the corresponding confidence index belongs. have.

According to another aspect, the confidence index may be updated based on usage history information in which a result after use of the shared resource is recorded with respect to a specific entity to which access is granted.

According to another aspect, the calculating of the trust index may be calculated based on information indicating the reputation of the other entity obtained from at least one online service server registered with the other entity.

A computer-implemented trust index-based shared resource access control system, comprising: a register configured to register a database with a request for registration of a new entity to participate in a shared economy network, and is already registered in the database. A confidence index calculator that calculates an individual confidence index based on an association between another entity and the new entity, an authority setting unit that sets access rights between entities based on the calculated confidence index, and a shared resource of a specific entity. In response to receiving an access request of, the access determining unit may determine whether to allow access to the shared resource based on the set access authority.

According to one aspect, the access determining unit, when an event related to the use of shared resources registered by another entity in the new entity occurs, receives a request for access to the shared resource, and as the access request is received, Based on the access rights set between the objects, it is possible to check whether the new object is an object to which the access rights to other resources of the other object are permitted.

According to another aspect, the access determining unit is based on an access key registered in advance in association with a shared resource of the corresponding entity from the other entity and key information input from the new entity and received through the shared resource. It may be determined whether the new entity is an entity for which access authority is granted.

According to another aspect, the access determining unit, as the new entity is identified as an entity that is not authorized to access the shared resources of the other entity, deny the access of the new entity, the new entity is denied access; Alert notification may be provided to the other entity that attempted.

According to another aspect, in response to the request of the new entity, a control unit for controlling the new resource is provided with a shared resource, the information of at least one other entity associated with the shared resource is provided together with another object; can do.

According to another aspect, the controller may control to provide the new entity by associating the information of the other entity that has granted access to its shared resource and the information of the permitted shared resource.

According to another aspect, the information of the other entity includes the confidence index of the other entity, and the confidence index of the other entity may be displayed at least one of color and thickness differently according to the level to which the corresponding confidence index belongs. have.

According to another aspect, the confidence index may be updated based on usage history information in which a result after use of the shared resource is recorded with respect to a specific entity to which access is granted.

According to another aspect, the trust index calculation unit may be calculated based on information indicating the reputation of the other entity obtained from at least one online service server registered to the other entity.

By controlling access to shared resources based on confidence indices that quantify and quantify mutual assessments between resource providers, resource consumers, and resources, ICT infrastructures can provide an environment in which users can trust each other. It can be provided to use the application services of the network.

1 is a diagram illustrating a shared economy network environment according to an embodiment of the present invention.
2 is a flowchart illustrating a method of controlling access rights of shared resources between entities based on a confidence index according to an embodiment of the present invention.
3 is a block diagram illustrating an internal configuration of a system for controlling access to shared resources according to an embodiment of the present invention.
4 is a diagram illustrating an association relationship between entities in an embodiment of the present invention.
5 is a diagram provided for calculating a confidence index in an embodiment of the present invention.
6 is a block diagram illustrating a sharing economic network according to an embodiment of the present invention.
FIG. 7 illustrates visualization of shared resources from a resource provider position according to an embodiment of the present invention.
8 is a diagram illustrating visualization of shared resources from the perspective of a resource consumer.
9 is a diagram illustrating an operation of controlling an access right to a smart door lock according to one embodiment of the present invention.

The embodiments of the present invention relate to a technology for controlling access to shared resources based on a trust index quantified by evaluating resource providers, resource consumers, and resources that share resources such as goods and goods through a platform in a sharing economy network. In particular, resources in the real world, and in the cyber world, that resource providers seek to share, based on the index of trust between resource providers, resource consumers, resources in the real world, and resources in the cyber world. It's about technology that controls resource consumers' access to resources.

In the present embodiments, "entity" may refer to a resource consumer and a resource provider.

In the present embodiments, "resource provider" and "resource consumer" may indicate a user terminal possessed by the resource provider and the resource consumer. For example, the resource provider may include a smartphone, a tablet, a notebook, a desktop PC, etc. possessed by the resource consumer.

In the present embodiments, "Thing" may be represented as a shared resource as an object to be shared or rented, and may be a company, organization, or agent on the real world and in cyberspace. , Products, services, data, and the like.

In the present embodiments, "trust" refers to the value of the past as well as the present, and the willingness to believe that the other party will act as intended in the future, where "trust index" refers to a resource. It can represent the value of the mutual evaluation data between the provider, the resource consumer, and the resource. That is, the reliability index may represent a resinated value indicating that the reliability and the reliability vary depending on the situation and time.

The sharing economy is a multi-user partnership that benefits economically, allowing trust to work with others you don't know, so trust in dealing with people you don't know, or with people who don't want to use your resources. May be an indispensable element for

In the present embodiments, a trust index is provided for calculating a trust index, and the trust index may be preset in various ways according to the type of resources to be shared / lented. For example, the confidence index may be set differently according to whether the resource to be shared / lented is a vehicle, a house, a costume, a door lock, a wireless communication module such as Wi-Fi.

1 is a diagram illustrating a shared economy network environment according to an embodiment of the present invention.

According to FIG. 1, the sharing economic network includes a resource provider (eg, a user) that shares and rents resources provided by the resource provider 110 and resources provided by the resource provider 110. 120). As resources are divided into things 130 and various services 140 on the cyber, and people are divided into users and providers, trust relationships between entities may be modeled as four-way relationships. Here, the entity may represent the thing 130, the service 120 on the cyber, the resource provider 110, and the resource consumer 120 that is a user. The resource provider 110 and the consumer 120 may be represented by a resource provider and It may represent an electronic device owned by a consumer or an application implemented in the electronic device. For example, an electronic device such as a PC, a smart phone, a notebook, a tablet, or an application installed in the electronic device may be represented. In one example, resource provider 110 and resource consumer 120 load memory, basic arithmetic, logic to load program code to execute a program (such as the application described above) that is installed by a file provided from a server over a network. And a processor for processing an instruction of a program by performing an input / output operation.

In FIG. 1, a valid trust relationship between a resource provider 110, a resource consumer 120, a thing 130, and a service 140 may be predefined, and the thing 130 may be an electronic device that may be connected to an ICT environment such as a sensor. Can be represented. For example, the trust relationship between the resource provider 110 and the resource consumer 120, the resource provider 110 and the thing 130, the resource consumer 120 and the thing 130, the resource provider 110 and the service 140, A total of eight trust relationships may be defined between the resource consumer 120 and the service 140.

For example, the trust relationship between the resource provider 110 and the resource consumer 120 may represent a numerical trust index based on a mutual evaluation between the resource consumers 120 using things, services, etc. provided by the resource provider 110. The confidence index may be determined based on information collected with respect to the resource provider 110 and the resource consumer 130, and may be periodically updated. In addition, there may be a trust relationship generated when the resource provider 110 or the resource consumer 120 receives a friend's recommendation, and the trust index at this time may be determined based on the trusted index of the recommended friend. For example, if the recommended friend's confidence index is high, the trust index of the thing / service provided for sharing by the friend may be determined to be high, and if it is low, the trust index of the thing / service provided for sharing by the friend is low Can be determined. As such, the trusted friend's confidence index may influence the determination of the confidence index of things and services, and not only the recommended friend based on the information of the recommended friend collected on the Internet or social network (SNS), but also in the actual environment. The confidence index of things and services provided by the recommended friend may be determined.

2 is a flowchart illustrating a method for controlling access rights of shared resources between entities based on a trust index in accordance with an embodiment of the present invention, and FIG. 3 is a diagram illustrating a shared resource access rights control system according to an embodiment of the present invention. Is a block diagram showing the internal configuration of the apparatus.

According to FIG. 3, the shared resource access authority control system 300 may include a register 310, a trust index calculator 320, an authority setter 330, an access determiner 340, and a controller 350. Can be. The registration unit 310, the confidence index calculation unit 320, the authority setting unit 330, the access determination unit 340, and the control unit 350 are included in a processor of the shared resource access authority control system 300. It may be implemented in the form. The shared resource access right control system 300 may be implemented in a platform form and include the processor.

Each step (210 to 260) for performing the access right control method of FIG. 2 includes a register 310, a trust index calculator 320, a permission setter 330, an access determiner 340, and a controller ( 350).

In operation 210, the registration unit 310 may receive a request for registration of a new entity to participate in the sharing economy network and register it in the database.

For example, in response to a request for registration of a new entity, the registration unit 310 associates personal information of the new entity received through the new entity with identifier information (eg, ID, etc.) and password of the new entity. You can register in the database. In addition, the register 310 may collect information related to the new entity to be used in calculating the confidence index of the new entity. For example, SNS information of a new entity, company group SNS information related to the new entity, and reputation information on which the other entity has evaluated the new entity on the Internet (eg, blogs, cafe activities) can be collected, and the collected information can be used as a confidence index. Can be stored in association with a new object for calculation. In addition to new objects, the database may store and maintain other objects, their personal information, and collected information in association.

In operation 220, the confidence index calculator 320 may calculate a confidence index for each entity based on an association relationship between a new entity and another entity already registered in the database.

For example, the confidence index calculation unit 320 when a new entity has a history of using a thing or service provided by a new entity by a new entity, and there are reviews, the confidence index of the new entity based on the review. Can be calculated. In addition, the confidence index of the new entity may be calculated based on the evaluation information of the new entity evaluated by the thing or service. In the case of an IoT device having a sensor function mounted on an object such as a house, a room, or a clothing that is shared by the thing, the information collected through sensing may correspond to the evaluation information. For example, the information indicating the state of the house before providing the house to another entity (ie, cleanliness, provision items, water pressure, etc.) may correspond to the evaluation information of the new entity evaluated by the thing or service.

Similarly, after using the object or service provided by the new entity, the confidence index calculator 320 may calculate a confidence index of another entity related to the new entity based on evaluation information of the other entity in association with the new entity. In this case, in the case of an IoT device having a sensor function mounted on an object such as a house, a room, or a clothing that is shared by the object, another object-related other object is based on information evaluated by the object (ie, information collected through sensing). The individual's confidence index can be calculated. For example, the confidence index of the other individual based on information indicating the state of the house after the other individual uses the house provided by the new individual (electricity usage fee, post-treatment level of waste disposal after use, presence of damaged products, etc.). Can be calculated. As such, the confidence index calculation unit 320 may calculate a confidence index between individuals through collection of information based on mutual evaluation.

In operation 230, the authority setting unit 330 may set an access authority between entities based on the calculated confidence index.

In operation 240, the access determining unit 340 determines whether to allow access to the shared resource based on the access authority set for the specific object with respect to the shared object as the request for access to the shared resource of the specific entity is received. Can be.

In operation 241, the access determination unit 340 may receive a request for access to a shared resource registered by another entity from the new entity.

In operation 242, the access determiner 340 may determine whether the new entity is an entity authorized to access a shared resource of another entity based on the access rights set between the entities. For example, the access decision unit 340 may be configured to associate a new resource with a shared resource of another entity so that the new entity can share the shared resource of the other entity with an access key previously registered from the other entity, from the new entity. Based on the input key information received through the shared resource, it is possible to check whether or not the new entity is an authorized entity.

In operation 250, in response to the request for access of the new object, the controller 350 may control to provide the shared resource for which the new object allows access to another object and information of at least one other object associated with the shared resource. have. That is, when the new entity is a resource provider, the control unit 350 grants access to another entity among resources owned by the new entity (eg, electronic devices corresponding to objects and services such as home and WiFi). The information of one device and other objects authorized to access the device can be associated and controlled to be provided to the new object. For example, the controller 350 may control the display of the new object and the information of the other object authorized to access the device to be displayed on the screen of the new object through an application installed on the new object. have.

As another example, the controller 350 may control to provide the new entity by associating the information of the shared resource and other substitute information that allows the new entity to access its shared resource. That is, when the new entity is a resource consumer, the control unit 350 may control an application of the new entity to associate and provide resources of resources that other entities grant access to the new entity and information of another entity that is the owner of the resource. Can be. For example, objects 1 and 2 that another object A grants access to a new object are displayed on the screen of the new object in association with each other, and services 1 and 3 that another object B grants access to the new object are related to the new object. The screen may be displayed on the screen of the new object, and the service 2 to which another object C grants access to the new object, the object 4 to which another object D grants access to the new object, and the like may be displayed on the screen of the new object. In this case, a confidence index based on an association relationship between a new entity and another entity may be displayed together, and a detailed description of the confidence index displayed together will be described later with reference to FIG. 7.

4 is a diagram illustrating an association relationship between entities in an embodiment of the present invention.

Referring to 410 of FIG. 4, the trust relationship between entities has a unidirectional relationship between a resource consumer (ie, a user), a resource provider, and a resource, but may have bidirectionality as shown in 420 when a specific condition is established. That is, a trust domain that is a house having the same trust index between entities may be formed as shown in 420.

Referring to 420, even if user A, a resource consumer, believes in resource provider B, and resource provider B believes in resource C, the relationship that user A always believes in resource C may not be established. In this case, an additional condition should be set so that the user A can determine whether the resource C is a reliable resource, and the additional condition may be provided as a confidence index. For example, if a predetermined predetermined condition is satisfied, a relationship may be formed in which user A trusts resource C in the same situation.

For example, when the user A, the resource provider B, and the object C (that is, the resource) of the resource provider B exist, the user A may trust and borrow the object C of the resource provider B based on the trust index of the resource provider B. have. That is, the confidence index of resource provider B may be inherited to affect the confidence index of at least one resource provided by the resource provider.

5 is a diagram provided for calculating a confidence index in an embodiment of the present invention.

 Referring to FIG. 5, the use of the confidence index may be divided into three stages. For example, the method may be divided into a step before using the shared resource, a step during using the shared resource, and a step after finishing using the shared resource. In this case, the trust index between the resource provider and the resource consumer based on the shared resource analyzed in the pre-use step may be fed back and updated according to the usage record information that is the result of the use of the shared resource.

Referring to 510, the registration unit 310 may collect various data information and context information related to a new entity registered in the DB and other entities. For example, various reputation information for evaluating the individual may be collected from the SNS server of the individual on the Internet through individual SNS information of the individual, company group SNS information, blogs, and cafes. In addition, the association between the entities can be identified by distinguishing the entities, and the confidence index can be calculated based on the mutually evaluated information between the entities. The mutually evaluated information may be included in the collected information.

Referring to 520, when a request for access to a resource of another entity (eg, home, WiFi, bicycle, etc.) is received from a new entity, the access decision unit 340 may determine the criteria and other criteria of the other entity that is the resource provider. Based on the entity's confidence index, it is possible to determine whether to allow sharing of resources (ie, granting access).

Referring to 530, the controller 350 may notify the other entity, the resource provider, of the determination result. In addition, the usage history information in which the user's reviews after the use of the resource is recorded may be fed back, the confidence index of the other entity may be updated based on the fed back information, and the controller 350 may update updated trust. The index can be provided to other entities that are resource providers. In this case, the information indicating the status of the resource after the use of the resource may also be fed back, and the confidence index of the new entity may be calculated in association with the resource based on the status information of the fed back resource. Then, the confidence index of the resource provided by the new entity may be calculated based on the calculated confidence index.

6 is a block diagram illustrating a sharing economic network according to an embodiment of the present invention.

Referring to FIG. 6, the sharing economic network may include a shared resource access right control system 600, a client terminal 601, resources 602, 603, 604, and 3rd party service providers 605. Although FIG. 6 illustrates one client terminal 601, a plurality of client terminals 601 may be present. The client terminal 601 may be a resource provider, a resource consumer, or both. That is, it may be a resource provider and a resource consumer. The shared resource access right control system 600 of FIG. 6 may represent the shared resource access right control system 300 of FIG. 3. The block diagram of FIG. 3 illustrates a configuration included in a processor of the shared resource access right control system 300 or 600, and FIG. 6 may also show other configurations other than the processor.

In FIG. 6, a visualization module may be included in the controller 350 of FIG. 3 as controlling the visualization. The entity management module determines whether to grant access based on an access right, and may be included in the access determiner 340 of FIG. 3. The trust index manager calculates a trust index and sets an access authority of the individual entity based on the trust index, and may include a trust index calculator 320 and an authority setter 330. . The trust data aggregator is a module that collects information for calculating a trust index and may be included in the register 310 of FIG. 3.

Referring to FIG. 6, a visualization module is a module for representing an information visualization method. For example, in providing a confidence index calculated according to an association relationship between objects on a screen of an object, a level to which the confidence index belongs According to the present invention, at least one of color and thickness may be classified and displayed to be controlled. For example, if the confidence index is divided into three levels of high, medium, and low, and if the confidence index of the object is high, the information of the object is distinguished from other objects by the color and thickness specified in the corresponding level. You can visualize and control the display.

The entity management module may represent a module that manages entities registered in the system (ie, a user who is a resource consumer, a resource provider, a service, a resource, etc.). For example, the entity information manager may manage information of each entity registered in the DB, and the entity relationship manager may associate relations between registered entities (eg, ownership relations, friends, etc.). Manage and verify relationships, etc.). A resource access manager may manage access control of shared resources.

The trust index manager may calculate a trust index between entities through the association of each entity. For example, an entity relationship analyzer may analyze an association relationship (ie, a trust relationship) between registered entities, and a confidence relationship calculator may analyze each entity based on the analyzed association relationship. The confidence index can be calculated.

The Trust Data Aggregator can collect various data to calculate the confidence index of entities registered in the system. For example, the Trust Data Collector may collect and manage data related to trust index calculation. The trust data verifier may correspond to a data verification module that checks and verifies the suitability and abnormality of data collected by the trust data collector and maintains the quality of the collected data. The Open API connector may correspond to an API connection point that connects to an external data provider.

The third party service providers 605 represent external services, platforms, and systems that provide various object-related data external to the system, and may provide related information through the Open API. For example, the trust data aggregator may collect information for calculating a trust index for each entity registered in the DB from the third party service providers 605.

FIG. 7 illustrates visualization of shared resources from a resource provider position according to an embodiment of the present invention.

According to FIG. 7, when the new entity 701 is a resource provider, information of another entity that is granted access to devices owned by the resource provider (ie, shared resources) may be displayed on the screen of the new entity. Can be. In this case, information of another entity may be displayed by being divided by shared resources.

For example, information about other entities permitted to access the WiFi 702 possessed by the new entity 701 may be displayed in association with the WiFi 702. The information of other entities may include pictures, IDs, nicknames, etc., to identify other entities, and may further include a confidence index. At this time, the confidence index may be displayed by distinguishing the color and thickness / size according to the level to which the confidence index belongs. For example, as the confidence index belongs to a higher level, a color assigned to the level may be displayed in a thicker form than a lower level. In this case, a color corresponding to a level to which the corresponding confidence index belongs to an edge of another object, that is, an edge may be displayed as a specified thickness. The confidence index can be lowered in the order of green, yellow, and red. That is, the green confidence index may be the highest, yellow is the middle, and red may be the lowest. In addition to the three levels of color, the level of the confidence index may be subdivided into four levels, five levels, or more, and the color may also be predefined in various ways for each level.

In the case of a bike 703, information of another entity that the new entity has allowed to share his bike 703 may be displayed on the screen of the new entity in association with the bike 703. In addition, if the resource to be shared by the new entity includes the door lock 704, the TV 705, etc., the door lock 704 and the TV 750 may also be displayed on the screen, and there are still objects that are permitted to be shared. If not, only representative images representing the door lock 704 and the TV 750 may be displayed independently. In this case, when there is a share of the door lock 704 or the TV 750, that is, another object to which access is granted, the object may be displayed in association with the representative image of the door lock 704 or the TV 750. have. And although access is granted, there may be other entities to which access is to be excluded.

For example, the confidence index of another entity may be periodically updated, and in the previous cycle, the confidence index may be high, but access may be allowed, but after a predetermined time, the confidence index of the updated entity may be lowered. Then, the access was previously allowed, but afterwards, the access may be released to deny access. To this end, if information (eg, an image) of another entity displayed in association with the representative image of the resource is selected in the new entity, a function (eg, a check box, a message, a popup window, etc.) may be provided. In this case, after the access release function is selected and the access deconfirmation confirmation is selected by the new entity once again, the corresponding entity may be excluded from the area displayed in association with the representative image of the corresponding resource.

8 is a diagram illustrating visualization of shared resources from the perspective of a resource consumer.

Referring to FIG. 8, when the new entity 801 is a resource consumer (ie, a user of a shared resource), the screen may display which shared resources that other entities provide to the resource consumer. That is, information on the shared resource that is granted access to itself (a new entity) and the resource provider who owns the resource may be displayed on the screen. It is divided by other objects that allow access to the shared resource, and the object and the shared resource of the object may be related together and displayed on the screen.

For example, when another entity A 802 is a family of a new entity, the new entity may be granted access to a door lock, a wireless communication module such as WiFi, a TV, and the like. Then, the controller 350 may control to display on the screen of the new object by associating the door lock, WiFi, TV, which are shared resources granted to the new object, based on the other entity A 802. In addition to the other entity A (802), if there are more other entities that allow new objects to access their shared resources, the shared resources authorized by the other entity B (803) and the other entity B (803) are associated with the screen. The shared resources allowed by the other entity C 804 and the other entity C 804 may be displayed in association with each other. The confidence index of another entity may be displayed together with a representative image of another entity, and the confidence index may be displayed in different thicknesses and colors according to the level to which the confidence index belongs.

9 is a diagram illustrating an operation of controlling an access right to a smart door lock according to one embodiment of the present invention.

FIG. 9 illustrates a case in which an access right of the smart door lock is controlled to use the accommodation as a shared resource, such as an Airbnb or an unmanned hotel, but this is an embodiment. The access right of the smart door lock may be controlled.

Referring to FIG. 9, the resource provider 901 may access the shared resource access authority control system 900. For example, the user may access a website / mobile website for using a service provided by the shared resource access right control system 900 or access an application. At this time, if the resource provider 901 is authenticated through input of a registered ID and password, a service for access authority control may be provided.

For example, the resource provider 901 may set access rights to the resource consumer A 902 and the resource consumer B 903 to allow access to the smart door lock. In this case, when the access right is set, an access key registered in advance in association with the smart door lock which is the shared resource may be provided to the resource consumer A 902 and the resource consumer B 903. The access key may be set and registered by the resource provider 901 or may correspond to a security code randomly generated by the system.

Subsequently, when access to the smart door lock is requested from a specific resource provider, the access determination unit 340 may check the access right to the smart door lock in association with the resource provider requesting access. For example, when access is granted, it may be determined whether a specific resource provider is a user authorized to access based on the access key provided to the resource provider and the key information input to the smart door lock by the specific resource provider requesting access. When the resource consumer requested for access through the validation of the access key is a user who is granted access (that is, a user who has successfully validated the key), the access determination unit 340 determines that the resource consumer A 902 accesses the smart door lock. The resource provider 901 may be informed that the request has been made. At this time, the information (eg, name, phone number) of the resource consumer A 902 requesting access so that the resource provider 901 can confirm who the resource consumer A 902 is to be provided to the resource provider 901 together. Can be. After the validity of the access key is confirmed, the control unit 350 may provide the password of the smart door lock to the resource consumer A 902. Then, the resource consumer A 902 inputs the password of the smart door lock, Shared resources of the provider 901 may be shared.

Meanwhile, the resource consumer B 903 may transfer an access key for accessing the shared resource of the resource provider 901 to another user (eg, the resource consumer C 904). At this time, when the resource consumer C 904 requests the smart door lock to access the smart door lock of the lodging which is a shared resource of the resource provider 901 based on the access key provided from the resource consumer B 903, it is valid when the key is validated. It can be determined as a user who does not. For example, a token scheme used in Oauth or the like may be used for validating the access key. That is, whether the user is a valid user or an invalid user may be determined through an access key and a token check. In addition, if the application is based on, the access key may be processed to be invalidated internally when it is delivered to another user, and when validating, the access key is the same but the user information using the key is checked together. The validity of the user may be determined.

As such, when the key validation fails, that is, when resource consumer C 904 is identified as an entity that is not authorized to access the shared resource of the resource provider 901, the access decision unit 340 determines that the resource consumer C ( 904 may be denied access and may provide the resource provider 901 with a warning notification indicating that resource consumer C 904 attempted to access the smart door lock.

Smart door lock related access in the common entrance of the resource provider's accommodation may be set to allow the courier. For example, if you are out, or if it is difficult to go straight home due to driving, meetings, etc., the courier may be set access to the resource provider's shared resources (ie, to the apartment common entrance).

In this case, it may be necessary to check a confidence index for the corresponding parcel delivery driver before setting the access right of the parcel delivery engineer. Then, based on the company group SNS information of the parcel delivery article, information representing the reputation of the parcel delivery parcel in the group may be collected to calculate the reliability index of the parcel delivery article. For example, a trust index may be calculated based on evaluation information of other users of the parcel delivery article, information of other parcel delivery articles evaluating the parcel delivery article, and a trust index is provided along with the phone number and name of the parcel delivery article. It may be displayed on the screen of the provider. If the confidence index is high, access to the apartment common entrance can be established. The telephone number, name, etc. of the parcel delivery article may be obtained based on information previously notified to the resource provider before the parcel delivery article visit. For example, it may be obtained based on information related to a courier driver provided through instant messaging such as a text, KakaoTalk, and Line including information on a visit time, phone number, name, courier information, courier company name, etc., which are notified in advance. In addition, the reliability index of the parcel delivery engineer may be calculated by collecting SNS information related to the parcel delivery company and SNS information of the company group based on the obtained information. In this case, the access right of the courier driver may be temporarily set to one-time, and may be automatically released after access is granted once. For security reasons, in order to grant access again later, it may be possible to set access permission again. Accordingly, the access key may be changed to a different value every time the access right is set, and different values may be provided for each user.

The risk analysis method and system using the confidence index described above may be implemented as a hardware component, a software component, and / or a combination of hardware components and software components. For example, the system and components of the system described in the embodiments are, for example, a processor, a controller, an arithmetic logic unit (ALU), a digital signal processor, a microcomputer, a field programmable array ), A programmable logic unit (PLU), a microprocessor, or any other device capable of executing and responding to instructions, may be implemented using one or more general purpose or special purpose computers. The processing device may execute an operating system (OS) and one or more software applications running on the operating system. The processing device may also access, store, manipulate, process, and generate data in response to the execution of the software. For convenience of explanation, one processing device may be described as being used, but one of ordinary skill in the art will appreciate that the processing device includes a plurality of processing elements and / or a plurality of types of processing elements. It can be seen that it may include. For example, the processing device may include a plurality of processors or one processor and one controller. In addition, other processing configurations are possible, such as parallel processors.

The software may include a computer program, code, instructions, or a combination of one or more of the above, and configure the processing device to operate as desired, or process it independently or collectively. You can command the device. The software may be distributed over networked computer systems so that they may be stored or executed in a distributed manner. Software and data may be stored on one or more computer readable recording media.

The method according to the embodiment may be embodied in the form of program instructions that can be executed by various computer means and recorded in a computer readable medium. The computer readable medium may include program instructions, data files, data structures, etc. alone or in combination. The program instructions recorded on the media may be those specially designed and constructed for the purposes of the embodiments, or they may be of the kind well-known and available to those having skill in the computer software arts. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tape, optical media such as CD-ROMs, DVDs, and magnetic disks, such as floppy disks. Magneto-optical media, and hardware devices specifically configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like. Examples of program instructions include not only machine code generated by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like.

Although the embodiments have been described by the limited embodiments and the drawings as described above, various modifications and variations are possible to those skilled in the art from the above description. For example, the described techniques may be performed in a different order than the described method, and / or components of the described systems, structures, devices, circuits, etc. may be combined or combined in a different form than the described method, or other components. Or even if replaced or substituted by equivalents, an appropriate result can be achieved.

Therefore, other implementations, other embodiments, and equivalents to the claims are within the scope of the claims that follow.

Claims (18)

In the computer-implemented trust index based shared resource access control method,
Requesting registration of a new entity to participate in the sharing economy network and registering in a database;
Calculating a confidence index for each entity based on an association relationship between the new entity and another entity already registered in the database;
Setting access rights between individuals based on the calculated confidence index; And
Determining whether to allow access to the shared resource based on the set access authority when a request for access to a shared resource of a specific entity is received;
Shared resource access authority control method comprising a. The method of claim 1,
Determining whether to allow the access,
Receiving an access request for the shared resource as an event related to the use of the shared resource registered by another entity in the new entity; And
As the access request is received, checking whether the new entity is an entity authorized to access a shared resource of another entity based on the access authority set between the entities;
Shared resource access authority control method comprising a. The method of claim 2,
The step of checking whether the access right is an authorized entity,
An entity to which the new entity is authorized to access based on an access key previously registered in association with the shared resource of the entity from the other entity and key information input from the new entity and transmitted through the shared resource Checking whether or not
Shared resource access rights control method characterized in that. The method of claim 2,
The step of checking whether the access right is an authorized entity,
Denying access to the new entity as the new entity is identified as an entity not authorized to access the shared resource of the other entity; And
Providing an alert notification to the other entity to which the new entity has attempted to access;
Shared resource access authority control method further comprising. The method of claim 1,
In response to the request of the new entity, controlling a new entity to be provided with information of a shared resource to which another entity is granted, and information of at least one other entity associated with the shared entity;
Shared resource access authority control method further comprising. The method of claim 1,
Controlling the new entity to associate information of another entity that has granted access to its shared resource with information of the authorized shared resource.
Shared resource access authority control method further comprising. The method according to any one of claims 5 to 6,
The information of the other individual includes the confidence index of the other individual,
The confidence index of the other entity is that at least one of color and thickness are displayed differently according to the level to which the confidence index belongs.
Shared resource access rights control method characterized in that. The method of claim 1,
Wherein the confidence index is updated based on usage history information in which the result after use of the shared resource is recorded with respect to the particular entity to which access is granted;
Shared resource access rights control method characterized in that. The method of claim 1,
The step of calculating the confidence index,
Calculated based on information representing the reputation of the other entity obtained from at least one online service server registered with the other entity
Shared resource access rights control method characterized in that. In the computer-implemented trust index based shared resource access control system,
A register configured to receive a registration of a new entity intending to participate in a shared economy network and register it in a database;
A confidence index calculator configured to calculate a confidence index for each entity based on an association relationship between another entity already registered in the database and the new entity;
A permission setting unit that sets an access authority between entities based on the calculated confidence index; And
As a request for access to a shared resource of a specific entity is received, an access determination unit that determines whether to allow access to the shared resource based on the set access authority.
Shared resource access control system including a. The method of claim 10,
The access determining unit,
In response to an event related to the use of a shared resource registered by another entity in the new entity, a request for access to the shared resource is received, and when the access request is received, the new entity is based on the access rights set between the entities. To determine whether an object is an object that is authorized to access other objects' shared resources
Shared resource access control system, characterized in that. The method of claim 11,
The access determining unit,
An entity to which the new entity is authorized to access based on an access key previously registered in association with the shared resource of the entity from the other entity and key information input from the new entity and transmitted through the shared resource Checking whether or not
Shared resource access control system, characterized in that. The method of claim 11,
The access determining unit,
As the new entity is identified as an entity not authorized to access the other entity's shared resources, denying access to the new entity and providing an alert notification to the other entity to which the new entity has attempted access;
Shared resource access control system, characterized in that. The method of claim 11,
In response to the request of the new entity, a control unit for controlling the new resource is provided with a shared resource, the information of at least one other entity associated with the shared resource is provided together
Shared resource access control system further comprising. The method of claim 14,
The control unit,
Controlling the new entity to associate information of another entity that has granted access to its shared resource with information of the authorized shared resource.
Shared resource access control system, characterized in that. The method according to any one of claims 14 to 15,
The information of the other individual includes the confidence index of the other individual,
The confidence index of the other entity is that at least one of color and thickness are displayed differently according to the level to which the confidence index belongs.
Shared resource access control system, characterized in that. The method of claim 10,
Wherein the confidence index is updated based on usage history information in which the result after use of the shared resource is recorded with respect to the particular entity to which access is granted;
Shared resource access control system, characterized in that. The method of claim 10,
The confidence index calculation unit,
Calculated based on information representing the reputation of the other entity obtained from at least one online service server registered with the other entity
Shared resource access control system, characterized in that.

Images