WO2008056507A1 - Procédé de gestion d'informations et dispositif de traitement d'informations - Google Patents

Procédé de gestion d'informations et dispositif de traitement d'informations Download PDF

Info

Publication number
WO2008056507A1
WO2008056507A1 PCT/JP2007/069942 JP2007069942W WO2008056507A1 WO 2008056507 A1 WO2008056507 A1 WO 2008056507A1 JP 2007069942 W JP2007069942 W JP 2007069942W WO 2008056507 A1 WO2008056507 A1 WO 2008056507A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
reliability
node
data
nodes
Prior art date
Application number
PCT/JP2007/069942
Other languages
English (en)
Japanese (ja)
Inventor
Yumiko Nakatsuru
Original Assignee
Konica Minolta Holdings, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Konica Minolta Holdings, Inc. filed Critical Konica Minolta Holdings, Inc.
Priority to JP2008543017A priority Critical patent/JPWO2008056507A1/ja
Publication of WO2008056507A1 publication Critical patent/WO2008056507A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/182Distributed file systems
    • G06F16/1834Distributed file systems implemented based on peer-to-peer networks, e.g. gnutella
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Definitions

  • the present invention relates to a method for managing information in a network in which information is divided and distributed and held among a plurality of nodes, and an information processing apparatus as a node constituting the network
  • V a so-called distributed processing network has gradually appeared!
  • the communication function must also be distributed.
  • data communication must be freely performed between each node constituting the network.
  • a typical form is a form of communication network called P2P (Peer to Peer).
  • P2P is a network usage mode in which information is directly exchanged between an unspecified number of nodes.
  • the central server Even when a central server is required, the central server only provides a file search database and manages connection of nodes, and the exchange of data itself is performed by direct connection between nodes.
  • Patent Document 1 proposes a technique for calculating reliability based on physical information such as CPU usage rate and memory usage rate of each node, and managing connection based on the reliability level of each node. Has been.
  • the connection between nodes is formed in a self-organizing manner so that transmission and reception between the nodes can be performed most efficiently.
  • connection management that is, the topology of the network connection is only optimized according to the reliability of each node, and is not necessarily optimal for actual data distribution processing. Absent.
  • Patent Document 1 Japanese Patent Laid-Open No. 2005-252596
  • An object of the present invention is to solve the above-described problems, and to efficiently use the information that is divided and distributed and held in a plurality of nodes on the network, and a part of the distributed data. It is an object of the present invention to provide an information management method and an information processing apparatus as a node that are less likely to cause a failure such as being unable to acquire information and can suppress the concentration of a load on a specific node.
  • the present invention has the following features.
  • a method of managing information in a network system that divides information and distributes and holds the information to a plurality of nodes, the information being divided to distribute the information to a plurality of nodes and generating the divided information
  • a distribution destination node to which the division information generated by the division step and the information division step is distributed reliability calculated based on physical information of each node is set in advance according to the property of the information.
  • a distribution destination selection step for preferentially selecting nodes within the reliability tolerance range, and an information distribution step for distributing the division information to the distribution destination nodes selected by the distribution destination selection step.
  • a method for managing information characterized by comprising:
  • a node reliability list including information on distribution destination candidate nodes and reliability calculated based on physical information of the distribution destination candidate nodes. 2. The information management method according to 1, wherein the distribution destination node is selected.
  • the node reliability list collects a reliability table that includes information related to the reliability of the node to which the node is connected, held by a plurality of nodes, and is based on the plurality of collected reliability tables. 2. The information management method according to 2, wherein the information management method is created.
  • the reliability table acquires physical information published in a connection destination node of a node holding the reliability table, and each connection destination node calculated based on the physical information 3.
  • the reliability table includes a value calculated based on physical information by a connection destination node as reliability for each connection destination node. Information management method.
  • the plurality of nodes are selected with priority given to a connection destination with a small number of hops according to the number of divisions of the information, and the plurality of nodes held by the plurality of nodes are stored. 3.
  • the plurality of reliability tables include a plurality of different reliability values for the same node, the average value, the maximum value, the minimum value, or the weighted average value is used. 4. The information management method according to 3, wherein the reliability of the node is calculated using the method.
  • the physical information includes CPU specification information, CPU usage rate information, memory usage rate information, and connection time information in each node.
  • the reliability tolerance range is preset according to at least one of the importance of the information and the amount of calculation for the processing as the property of the information 1 Management method of information described in.
  • An information processing apparatus as a node in a network system that divides and distributes information to a plurality of nodes, and divides the information to distribute the information to a plurality of nodes. And the reliability calculated based on the physical information of each node as the distribution destination node to which the division information generated by the information division unit is distributed depends on the property of the information.
  • Distribution destination selection means for preferentially selecting nodes within a predetermined reliability tolerance range, and information distribution means for distributing the division information to the distribution destination nodes selected by the distribution destination selection means.
  • an information processing apparatus comprising:
  • the distribution destination selection unit includes: a distribution destination candidate node, and a distribution destination from a node reliability list that includes information related to reliability calculated based on physical information of the distribution destination candidate node. 14. The information processing apparatus according to 13, wherein a node is selected.
  • the distribution destination selection unit collects a reliability table, which is held by a plurality of nodes, and includes information on the reliability of the connection destination node of the node, and is based on the collected plurality of reliability tables. 15. The information processing apparatus according to 14, wherein the node reliability list is created.
  • the distribution destination selection unit acquires physical information published in the connection destination node, and holds the reliability table including the reliability of the connection destination node calculated based on the physical information. 16. The information processing device according to 15, wherein
  • the distribution destination selection means holds the reliability table including a value calculated by the connection destination node based on the physical information as the reliability of the connection destination node. 16.
  • the distribution destination selection unit preferentially selects the plurality of nodes according to the number of divisions of the information, giving priority to a connection destination with a small number of hops, and the plurality of nodes held by the plurality of nodes 16.
  • the node reliability list is created based on a reliability table, 15. Information processing device.
  • the distribution destination selection means includes an average value, a maximum value, a minimum value, or a weighted value. 16. The information processing apparatus according to 15, wherein any one of the average values is used to calculate the reliability of the node in the node reliability list.
  • the distribution destination selection unit re-creates the node reliability list every predetermined period or each time processing that affects the reliability of each node is performed.
  • the physical information includes at least one or more of CPU specification information, information on CPU usage, information on memory usage, and information on connection time in each node. 14.
  • the distribution destination selection unit presets the reliability tolerance range in accordance with at least one of the importance of the information and the amount of calculation for the processing as the property of the information. 14. The information processing apparatus according to 13, wherein
  • the information management method and the information processing apparatus as a node according to the present invention, when information is divided and distributed to a plurality of nodes on the network, the following processing is performed.
  • a node whose reliability calculated based on the physical information of each node is within the reliability tolerance range set in advance according to the nature of the information to be stored is preferentially selected as a distribution destination node. To distribute. As a result, it is difficult to obtain a part of the distributed information for the information distributed and held in multiple nodes on the network. It is possible to prevent the load from being concentrated on the network, and to use the distributed information efficiently for IJ.
  • FIG. 1 is a diagram showing an example of the overall configuration of a network 1.
  • FIG. 2 is a diagram illustrating a hardware configuration example of a node (terminal device) 2 configuring the network 1.
  • FIG. 4 is a diagram showing an example of a connection table TL of node 2 associated as shown in FIG.
  • FIG. 5 is a block diagram illustrating a functional configuration example of the node (terminal device) 2.
  • FIG. 6 is a sequence diagram for explaining an example of processing when establishing a connection for SSL communication.
  • FIG. 8 is a flowchart showing an example of a flow of data property determination processing.
  • FIG. 10 is a diagram showing a connection state of the network 1 in the information distribution arrangement processing example 1.
  • FIG. 11 is a diagram showing the description content of the reliability table held by each node in FIG.
  • FIG. 12 is a diagram showing a range of nodes that acquire a reliability table when the number of hops is 2 as a reliability table acquisition range.
  • FIG. 14 This is a diagram showing the contents of the created node reliability list in the information distribution arrangement processing example 1.
  • FIG. 14 This is a diagram showing the contents of the created node reliability list in the information distribution arrangement processing example 1.
  • FIG. 15 is a diagram showing a state in which divided data is distributed and distributed to a selected data distribution destination node in information distribution arrangement processing example 1;
  • FIG. 16 is a diagram showing a connection state of the network 1 in the information distribution arrangement processing example 2. 17] This is a diagram showing the range of nodes that acquire the reliability table when the number of hops is 3 as the reliability table acquisition range.
  • FIG. 19 This is a diagram showing the contents of the created node reliability list in the information distribution arrangement processing example 2.
  • FIG. 19 This is a diagram showing the contents of the created node reliability list in the information distribution arrangement processing example 2.
  • FIG. 20 is a diagram showing a state in which divided data is distributed and distributed to a selected data distribution destination node in the information distribution arrangement processing example 2. Explanation of symbols
  • FIG. 1 is a diagram illustrating an example of an overall configuration of a network 1 configured by an information management method and an information processing apparatus according to the present embodiment.
  • the overall configuration of the network 1 according to the embodiment of the present invention will be described with reference to FIG.
  • the network 1 includes a plurality of nodes such as terminal devices 2 (21, 22,..., 2n), a switch hub 3, a router 4, and an authentication server 5.
  • LAN Local Area Network
  • the terminal device 2 as a node constituting the network is an information processing device, and executes data input / output processing with another device such as a personal computer, a workstation, or a printer. It is a device to do.
  • a node simply refers to this terminal device, and a personal computer as an information processing device will be used.
  • P2P Peer to Peer
  • P2P is a network usage mode in which information is directly exchanged between an indefinite number of nodes.
  • the central server is not used, and the connection topology of FIG. 3 will be described later.
  • the nodes (terminal devices) 2 associated in advance are directly connected to communicate with each other.
  • Other nodes are indirectly connected through directly connected nodes.
  • the authentication server 5 is only responsible for management related to the certificate for authentication, and is not directly related to the connection for communication.
  • Router 4 is not directly involved in communication between nodes (terminal devices).
  • these nodes 2 perform data communication with each other while maintaining security, and efficiently.
  • the information is divided according to the reliability of each node so that it can be used, the distribution destination node is determined, and distribution is performed.
  • FIG. 2 is a diagram illustrating an example of a hardware configuration of the node (terminal device) 2.
  • the terminal device 2 includes a CPU 20a, a RAM 20b, a ROM 20c, a hard disk 20d, a communication interface 20e, an image interface 20f, an input / output interface 20g, and other various circuits or devices. .
  • the communication interface 20e is, for example, a NIC (Network Interface Card), and is connected to! /, Or one of the ports of the switching hub 3 via a twisted pair cable!
  • the image interface 20f is connected to a monitor and sends a video signal for displaying a screen to the monitor.
  • the input / output interface 20g is connected to an input device such as a keyboard or a mouse or an external storage device such as a CD-ROM drive. And the signal which shows the content of operation which the user performed with respect to the input device is input from an input device. Or, read the data recorded on a recording medium such as a CD—ROM into an external storage device and input it. Alternatively, data to be written to the recording medium is output to the external storage device.
  • an input device such as a keyboard or a mouse or an external storage device such as a CD-ROM drive.
  • the signal which shows the content of operation which the user performed with respect to the input device is input from an input device. Or, read the data recorded on a recording medium such as a CD—ROM into an external storage device and input it. Alternatively, data to be written to the recording medium is output to the external storage device.
  • the data disk 20d will be described later with reference to a functional block diagram (FIG. 5).
  • Programs and data are stored for! / These programs and data are read into the RAM 20b as necessary, and the programs are executed by the CPU 20a.
  • Each node 2 is given a host name (machine name), an IP address, and a MAC address for identification with other nodes 2.
  • the host name can be freely assigned by the network 1 administrator.
  • the IP address is given according to network 1 rules.
  • the MAC address is a fixed address given to the communication interface 10e of the node 2.
  • FIG. 3 is a diagram illustrating an example of a node topology, that is, a logical topology of the terminal device 2.
  • the connection form of the node (terminal device) will be described with reference to FIG.
  • the node 2 is assumed to be arranged in the virtual space. It is associated with at least one other neighboring node 2 in the virtual space, as indicated by the dotted line. And by these associations, all nodes 2 are directly or indirectly related to each other.
  • the number of hops the number of nodes via the shortest route to the partner node + 1. However, the number of hops that exceed the router can also be used.
  • FIG. 4 is a diagram showing an example of the connection table TL of the node 2 associated as shown in FIG.
  • a list of information for connection with other nodes 2 that can directly transmit data and have a hop number of 1, that is, “directly related” is stored in a table.
  • connection tables TL1, TL2, TL6, TL7, TL8, and TL9 as shown in FIG. 4 are stored in PC1, PC2, PC6, PC7, PC8, and PC9 in FIG. 3, respectively. .
  • FIG. 5 is a block diagram showing an example of the functional configuration of the node (terminal device) 2. The processing functions of each part of node 2 will be described with reference to FIG.
  • the other information holding unit 211 is used by attribute data indicating attributes of the node 2 or the user, a digital certificate of the node 2 itself, a revocation list (CRL), an operating system (OS), or application software. Data, data created by the user with application software, and other various data are stored as files.
  • the digital certificate is issued by the authentication server 5 at the request of the node 2, held by the node 2, and used to authenticate each other when the nodes 2 communicate with each other.
  • Revocation list CRU is a registration and description of digital certificate revocation due to node withdrawal, etc., which is managed by authentication server 5, but in this embodiment that performs P2P communication, each node 2 has its own revocation list (CRL). And manage updates.
  • connection table TL indicating a list of attributes such as the host name, IP address, and MAC address of the other node 2 directly associated with the node 2 itself. Saved.
  • connection tables TL1, TL2, TL6, TL7, TL8, and TL9 are stored in the connection table holding unit 201 of PC1, PC2, PC6, PC7, PC8, and PC9 in FIG. As described above using 4.
  • the contents of these connection tables TL are created in advance by the administrator based on the association of each node 2.
  • the other operation unit 212 manages the connection table TL held in the other information holding unit 211.
  • the other operation unit 212 performs processing such as storing data in the other information holding unit 211 or updating the stored data.
  • the attribute data is updated each time the environment or setting content of node 2 changes.
  • the other operation unit 212 performs authentication processing of the other node 2 based on a digital certificate transmitted from the other node 2 or the like. In addition, whether or not the digital certificate sent is revoked is checked with reference to the revocation list (CRL) stored in the other information holding unit 211 !. In addition, processing is performed when node 2 is about to newly join or leave the network.
  • CTL revocation list
  • Other operation unit 212 is connected via data reception unit 207 and data transmission unit 210 as necessary.
  • the data communication with other nodes 2 of the network 1 is performed, and the data in the other information holding unit 211 is referred to or updated as necessary.
  • the data receiving unit 207 performs a control process for performing data communication with other nodes 2.
  • the data receiving unit 207 receives a packet necessary for the node 2 among the packets flowing through the network 1.
  • the data analysis unit 208 extracts necessary information from the reception data received by the data reception unit 207 and analyzes the content thereof to determine the type of the reception data.
  • the data creation unit 209 creates transmission data to be transmitted to another node 2 based on an instruction from the other operation unit 212.
  • the data transmission unit 210 transmits the transmission data generated by the transmission data generation unit 209 and packetized to the other node 2.
  • the data operation unit 206 refers to data (information), and performs processing for dividing the data to be distributed.
  • the processing held in 201 is performed. That is, the data operation unit 206 functions as an information dividing unit and an information distributing unit.
  • the distribution destination nodes are accessed to collect and restore the divided data.
  • the data holding unit 201 holds data to be processed by the data operation unit 206 or divided data.
  • the reliability table operation unit 205 sets, for example, a range of distribution destination candidate nodes, collects a reliability table from the nodes in the range, and generates a reliability table held by itself. Do. To create the reliability table, the reliability calculation unit 204 collects the reliability calculation result of the connection destination node. Get and create. The reliability table will be described later.
  • the reliability calculation unit 204 acquires physical information from the connection destination node, calculates reliability, and acquires reliability tables of a plurality of distribution destination candidate nodes from the reliability table operation unit 205.
  • a process for creating a node reliability list, a process for obtaining a node reliability list from another node, and a process for selecting a distribution destination node from the node reliability list are performed. Details will be described later.
  • the reliability table holding unit 202 holds a reliability table of a plurality of distribution destination candidate nodes that are processing targets of the reliability table operation unit 205.
  • the reliability table includes information on the reliability of the connection destination node of the node.
  • the reliability holding unit 203 holds a node reliability list that is a processing target of the reliability calculation unit 204 and information necessary for the creation thereof. In some cases, it also holds the reliability and physical information obtained from the connected node.
  • the reliability table operation unit 205, the reliability calculation unit 204, the reliability holding unit 203, and the reliability table holding unit 202 function as a distribution destination selection unit.
  • the data operation unit 206, the reliability table operation unit 205, and the reliability calculation unit 204 communicate data with other nodes 2 of the network 1 via the data reception unit 207 and the data transmission unit 210 as necessary.
  • the data in the data holding unit 201, the reliability table holding unit 202, and the reliability holding unit 203 are referred to or updated as necessary.
  • the node 2 in the present embodiment can perform SSL (Secure Sockets Layer) communication with the node 2 directly or indirectly associated.
  • SSL is a protocol for securely transmitting and receiving data over a network by performing encryption using a digital certificate. The flow of processing for establishing a SSL communication connection in this embodiment will be described below.
  • FIG. 6 is a diagram for explaining an example of the flow of processing when establishing a connection for SSL communication. This will be described in more detail with reference to FIG. 6, taking as an example the case where the nodes in FIG.
  • connection itself is established.
  • the data creation unit 209 creates connection request data
  • the data transmission unit 210 transmits the connection request data to the other node PC2.
  • data receiving section 207 receives connection request data from PC1, and data analysis section 208 analyzes the type of the data. Naturally, it is analyzed as connection request data.
  • the data creation unit 209 generates connection permission data indicating that the connection is permitted, and transmits the connection permission data to the PC 1.
  • connection permission data is received by the data receiving unit 207 of PC1, and then a predetermined process is performed, PC1 and PC2 are connected. However, at this point, the connection for SSL communication has not been established yet, and then the flow for establishing a connection for SSL communication is entered.
  • the data creation unit 209 generates SSL version data indicating a compatible SSL version, and the data transmission unit 210 transmits this to the other (step Sl ).
  • the data transmission unit 210 transmits this to the other (step Sl ).
  • PC1 has sent SSL purge data to PC2.
  • the data reception unit 207 receives the SSL version data
  • the data analysis unit 208 analyzes the type of the data
  • the data creation unit 209 uses the PC2 of the versions indicated in the SSL version data. Select one compatible version with, and generate SSL version selection data indicating this.
  • the data transmission unit 210 transmits this to PC1 (step S2).
  • the X.509 digital certificate is transmitted to PC1.
  • This X.509 certificate If the certificate is not signed by a well-known authentication server 5, it also sends a chain of certificates to reach it.
  • PC1 holds in advance a root certificate that certifies authentication server 5 itself, and verifies whether any of them has signed an X.509 certificate received from PC2. Also, check if the certificate is not listed in the certificate revocation list (CRL) issued by the authentication server 5 that signed it, and if so, terminate communication at this point (step S3). .
  • CTL certificate revocation list
  • PC2 notifies PC1 of the end of response (step S4).
  • PC1 Upon receiving a response end notification from PC2, PC1 generates a pre-master key, which is a 384-bit random value, in order to generate a common key used in SSL communication.
  • the data creation unit 209 of the PC 1 encrypts the premaster key with the public key of the PC 2 included in the X.509 certificate received from the PC 2 and transmits it to the PC 2 (Step S5).
  • the PC 1 performs control to generate a common key that is actually used for data encryption based on the pre-master key and to switch the communication encryption key to the common key.
  • a cipher switch notification for switching the sign key is transmitted to the PC 2 (step S6).
  • PC2 When the notification of the sign change end from PC1 is received (step S7), PC2 also transmits the sign change notice to PC1 that performs the sign key change (step S8).
  • the data receiving unit 207 of PC2 decrypts the premaster key encrypted with its own public key received from PC1 with its corresponding private key.
  • the data analysis unit 208 analyzes this and confirms that the type of data is a premaster key
  • the data operation unit 204 generates a common key based on the received premaster key, and thereafter performs a communication with PC1. Then, control is performed so that encrypted communication using the common key is performed. In other words, the encryption key is switched.
  • the PC 2 transmits a notification of the completion of the number switching to the PC 1 (step S9).
  • connection establishment is performed when PC1 confirms the X.509 certificate of PC2.
  • PC2 may also check PC1's X.509 certificate. This is S
  • each node 2 of the network 1 can perform an operation of securely communicating as a mutually authenticated node.
  • the divided data is distributed to each node and held, and the distributed and held data is searched and collected, and distributed at any node. Data can be used.
  • the reliability here is the physical reliability, which relates to the processing performance and the degree of occurrence of a failure related to the connection.
  • the occurrence of such a failure is suppressed by selecting a distribution destination node based on the reliability of each node.
  • the reliability is calculated as the physical information power of each node.
  • Physical information includes, for example, CPU specification information, information on CPU usage, and memory usage. Information on connection time, information on connection time, and the like may be used.
  • Patent Document 1 Japanese Patent Laid-Open No. 2005-252596.
  • the physical information may further include geographical elements, dedicated hardware usage status, maintenance status, and the like.
  • a geographical element is an element such as a difference in the stability of power supply in, for example, a network overseas.
  • Dedicated hardware usage status refers to the factors such as whether encryption (decryption) processing is possible and whether it has dedicated processing functions for the data, such as whether it is for image processing.
  • the maintenance status is, for example, regular maintenance! /, Power, maintenance frequent occurrence! /, Na! /, Kato! /, And other factors.
  • the reliability is related to the processing performance and the degree of occurrence of a failure related to the connection.
  • the above-described physical information that affects the reliability is arbitrarily set, and it is freely trusted to reflect the effect most.
  • a degree calculation method may be set.
  • the reliability of each node obtained using the predetermined physical information and the calculation method as described above is stored in the reliability table by the connection destination node described in the reliability table. It is. In other words, the reliability table held by each node describes the reliability of the “directly associated” connection destination node of that node.
  • the distribution destination node is selected according to the reliability of each node obtained by creating the node reliability list as described above, but a node with a high reliability is simply selected. No way to choose!
  • the allowable reliability range of the distribution destination node that distributes the data is set, and the node having the reliability within the range is prioritized. As a distribution destination node.
  • the property of data is, for example, the importance of data or the amount of calculation for processing the data. For images and encrypted data that require a large amount of processing time, a node with high processing capacity should be selected. You should select a node with a low probability of connection failure.
  • an appropriate reliability tolerance range is set in advance according to the property of the data from the balance that prevents such reliability and load concentration, and the level may be too high or too low. Priority is given to the distribution-destination node with appropriate reliability.
  • distribution allocation processing that is, the nature of the data is determined, the data is divided based on it, a reliability tolerance range is set, a distribution destination node is selected based on the reliability of the node, and Explain the overall flow of distributed processing!
  • FIG. 7 is a flowchart showing a typical process flow from information division processing to distribution destination selection processing to information distribution processing.
  • FIG. 8 is a flowchart showing the flow of processing for determining the nature of data for information division processing and distribution destination selection processing.
  • the node holding the data first determines the nature of the data and sets the importance level of the data.
  • the nature of the data here is the degree of confidentiality of the data and the type of data indicating the amount of calculation for the processing of the data.
  • step S101 the node holding the data determines whether there is an instruction from the user for setting the importance of the data. That is, the data operation unit 206 It is determined whether or not the instruction input by the operation is stored in the data holding unit 201
  • step S101 If there is a user instruction input (step S101; YES), the importance level setting in step S103 is executed. If there is no user instruction input (step S101; NO), the next step S102 is executed.
  • step S102 the data operation unit 206 determines the nature of the data in order to set the importance level of the data.
  • the nature of data is the confidentiality of the data and the type of data.
  • Fig. 9 shows the correspondence table for data confidentiality and importance level settings based on data type.
  • the data operation unit 206 determines the nature of data classified into such a table from the data held in the data holding unit 201.
  • the confidentiality of data is classified as high confidentiality! /, In order, top secret, confidential, internal secret, disclosure to affiliated companies, disclosure possible or not specified, etc. A severity level of 5 is assigned. These can be determined by, for example, a method of reading information added to data or reading out embedded information.
  • the types of data are classified in such a way that those that require a large amount of computation, such as images and encrypted data, are less important than non-text data, which is more important, and text data.
  • importance levels 5 to 7 are assigned. These can be determined from the extension of the data file, for example.
  • step S103 the corresponding importance level is set based on the nature of the data. Or, if there is an instruction from the user, set the importance level according to it. That is, the data operation unit 206 refers to the data held in the data holding unit 201 and the table, and sets the importance level based on the property of the data.
  • the importance level based on the data properties also corresponds to the number of divisions for dividing the data and the reliability tolerance range of the nodes that distribute the data.
  • the number of divisions and the reliability depend on the data properties. Specified to change the degree tolerance.
  • step SI 1 the node holding the data divides the data in order to distribute the data to each node. That is, the data operation unit 206 refers to the data held in the data holding unit 201, and acquires the importance level set according to the nature of the data or according to a user instruction. Also, the number of divisions and the division method corresponding to the importance level are set, and the data is divided.
  • the number of divisions may be determined in advance so as to be appropriately set according to the data size, network scale, connection topology, and the like.
  • the data division method for example, a striping method for dividing a document or the like in units of lines may be used. Also, a public method such as a two-dimensional parity method, a multiple parity method, or a Reed-Solomon method may be used. Also, in order to avoid information damage and deterioration, redundancy may be provided at the time of division.
  • step S11 functions as an information dividing step.
  • a reliability tolerance range is set.
  • the reliability calculation unit 204 acquires the importance level set according to the data property from the data operation unit 206. Further, in order to collate the reliability of the data distribution destination node, a reliability tolerance range corresponding to the importance level is set and temporarily stored in the reliability holding unit 203.
  • the importance level according to the nature of the data refers to the importance of the data corresponding to the type of data (image data, encrypted data, etc.) as shown in Fig. 9, for example. is there.
  • data with high importance will have a higher reliability tolerance depending on the degree
  • data such as images that will take longer to process will have a higher reliability tolerance depending on the degree. I will make it correspond.
  • the reliability is represented by a value from 0 to 100. 0 is least reliable
  • the allowable range of reliability is expressed as “reliability 60-80”.
  • nodal force components whose reliability values are in the range of 60 to 80. It is preferentially selected as a distribution destination.
  • step S13 a range (hop count) for obtaining the reliability table is set.
  • the reliability table operation unit 205 sets a plurality of nodes that acquire the reliability table according to the number of divisions of data acquired from the data operation unit 206.
  • the setting method gives priority to the directly connected node (hop count 1) and adds nodes with a small hop count for connection. For example, if the range is up to 3 hops, the reliability table is obtained from a node that has 1, 2, or 3 hops.
  • the reliability table held by each node includes the reliability of the connection destination node (hop count 1) of the node. For example, if the node is PC1 in Fig. 3, a reliability table describing the reliability of PC2 and PC9 is created and maintained.
  • the range of nodes from which the reliability table is acquired needs to be set so that the number of nodes included in the plurality of reliability tables to be acquired is larger than the number of data divisions.
  • step S14 a reliability table is collected from the nodes in the acquisition range. That is, the reliability table operation unit 205 collects the reliability tables from the nodes within the acquisition range (hop count) set in step S13, and holds the acquired multiple reliability tables in the reliability table holding unit 202. To do.
  • the same node is acquired a plurality of times. For example, if the number of hops is 2, the force S will be connected via one node in the middle, and there will be two routes that connect to the same node via different nodes. .
  • a node reliability list is created from a plurality of reliability tables.
  • the reliability calculation unit 204 acquires the reliability table for the nodes in the acquisition range from the reliability table operation unit 205, creates a node reliability list by combining them, and stores it in the reliability holding unit 203.
  • the reliability table used for creation includes not only the reliability table acquired from other nodes but also the reliability table held by itself.
  • the node reliability list can be created by combining a plurality of reliability tables into one. For example, all nodes listed in multiple reliability tables should be listed in an appropriate order and listed with their reliability. These nodes are candidates for data distribution destinations.
  • node reliability in distinction from the reliability described in each reliability table.
  • c Select the node with the highest reliability from the multiple nodes each holding multiple reliability tables that describe the same node, and take the value of the reliability table held by that node.
  • the weight of the reliability table held by each node is weighted and averaged using the reliability of multiple nodes holding multiple reliability tables each containing the same node.
  • step S 16 nodes whose node reliability is within the set reliability tolerance range are extracted. That is, the reliability calculation unit 204 refers to the node reliability list of the reliability holding unit 203 and compares and compares it with the allowable reliability range acquired from the data operation unit 206, so that the node reliability is acceptable. Extract nodes that are within range.
  • step S17 it is determined whether there is a node extracted in step S16. When there are one or more extracted nodes (step S17: YES), the process proceeds to step S19, and a process of selecting a distribution destination node is performed. If there is no extracted node (step S17: NO), the process proceeds to step S18, and the reliability table acquisition range or the reliability range change processing is performed.
  • the power of one or more units, the force determined by whether or not This number may be set arbitrarily. Since this is the selection of the distribution destination node, the minimum required number of data divisions is set as the maximum value. Set the number. Of course, if the required number is not enough, it may be selected from outside the allowable range of reliability.
  • step S18 when there is no extracted node, the reliability calculation unit 204 links the data operation unit 206 with one or more nodes whose node reliability is within the allowable reliability range.
  • step S12 the reliability tolerance is widened from the previous time, and steps S13 to S15 are the same as the previous time!
  • step S12 is omitted because it is the same as the previous time, and the range (number of hops) for obtaining the reliability table in step S13 should be expanded from the previous time! /.
  • step S19 in the case where there is an extracted node the reliability calculation unit 204 preferentially selects the extracted node as a data distribution destination node. If the data distribution destination node is still insufficient, the node reliability may be selected by adding a near-resonance to the reliability tolerance range! /,
  • the selected data distribution destination node is held in the reliability holding unit 203.
  • step S12 to step S19 functions as a distribution destination selection process.
  • step S20 the divided data distribution process is performed. That is, the data operation part
  • the divided data allocated to each data distribution destination node is the data creation unit.
  • the data is sent to 209, formed into a network packet, and transmitted from the data transmission unit 210 to the designated distribution destination node.
  • step S20 functions as an information distribution process.
  • FIG. 10 to FIG. 15 will be used to describe information distribution arrangement processing example 1.
  • FIG. 10 is a diagram showing a connection state of the network 1 in the information distribution arrangement processing example 1.
  • FIG. 11 shows the contents of the reliability table held by each node.
  • the reliability tables in Tables 1 to 9 held by the PC1 to PC9 nodes are the PC1 reliability table to PC9 reliability table in Fig. 11, respectively.
  • the reliability of the node to which each node is connected is indicated by a numerical value from 0 to 100.
  • the node PC 9 holds data A to be distributed and held.
  • Data A is divided into 3 parts and distributed. Each divided data is data A-1, data A-2, and data A-3, and it is assumed that they are already held.
  • the number of candidate nodes for data distribution is sufficiently larger than 3! /.
  • the reliability table acquisition range is limited to 2 hops.
  • Figure 12 shows the range of nodes that acquire the reliability table when the number of hops is 2 as the reliability table acquisition range. From the perspective of PC9, nodes that can be reached via the arrow are nodes up to 2 hops, and the reliability table is obtained from 6 nodes including the local node.
  • the reliability table describes the reliability of the connection destination node of the node that holds it, nodes with up to 3 hops can be obtained as data distribution destination candidate nodes. Therefore, in this network, all nodes from PC1 to PC9 are data distribution destination candidates. [0183] In addition to the reliability table held by itself, PC9 obtains the reliability table held by PC1, PC2, PC7, and PC8 shown in FIG.
  • FIG. 13 shows the contents of the reliability table acquired by PC9.
  • these reliability tables include all node powers of PC1 to PC9 along with their reliability.
  • nodes underlined in each reliability table are nodes described in a plurality of reliability tables. To create a node confidence list, multiple confidence values for these same nodes must be combined.
  • FIG. 14 shows the contents of the created node reliability list. All nodes from PC1 to PC9 are listed along with node reliability as data distribution destination candidate nodes.
  • An underlined node is a node whose node reliability is within the reliability tolerance range set.
  • five nodes, PC1, PC3, PC6, PC7, and PC9, are extracted nodes.
  • FIG. 15 shows a state where the divided data of data A held by the PC 9 is distributed and distributed to the selected data distribution destination node.
  • the divided data, data A-1, data A-2, and data A-3, are distributed to the data distribution destination nodes PC9, PC1, and PC7, respectively.
  • FIG. 16 is a diagram showing a connection state of the network 1 in the information distribution arrangement processing example 2.
  • the connection topology is the same as in Fig. 3, but each node has its own reliability table (represented in Tables 1 to 9), as in the information distribution arrangement processing example 1 in Fig. 10.
  • the node PC 9 holds data B to be distributed and held.
  • Data B is divided and held in 5 parts. Each divided data is data B-1, data B-2, data B-3, data B-4, and data B-5, and they are already held.
  • the confidentiality of data B is designated as “confidential”, and its importance level is “2” according to FIG. Also, according to Fig. 9, the number of divisions is 5 and the allowable range of reliability is 61-80 reliability. This assumes the second from the top divided from 0 to 100.
  • the reliability table acquisition range is limited to 3 hops.
  • FIG. 17 shows the range of nodes that acquire the reliability table when the number of hops is 3 as the reliability table acquisition range.
  • the node that can be reached via the arrow is the node with up to 3 hops, and here the reliability table is obtained from all 9 nodes including the own node. Become. Therefore, in this network, all nodes from PC1 to PC9 are candidates for data distribution.
  • the PC 9 obtains a reliability table held by all the nodes shown in FIG.
  • FIG. 18 shows the contents of the reliability table acquired by PC9.
  • these reliability tables include all node powers of PC1 to PC9 along with their reliability.
  • the underlined nodes in each reliability table are nodes listed in a plurality of reliability tables, and here all the nodes correspond. To create a node reliability list, multiple reliability values for the same node must be combined.
  • FIG. 19 shows the contents of the created node reliability list. However, the fractional part was rounded down in the average value calculation. All node powers of PC1 to PC9 are listed along with node reliability as data distribution candidate nodes.
  • the nodes underlined in Fig. 19 are the nodes within the reliability tolerance range in which the node reliability has been changed. Here, PC6, PC7, and PC9 were extracted.
  • PC2, PC5, PC6, PC7, and PC9 are selected as the data distribution destination nodes.
  • FIG. 20 shows a state where the divided data of data B held by the PC 9 is distributed and distributed to the selected data distribution destination node.
  • Data B—1, Data B—2, Data B—3, Data B—4, and Data B—5, which are divided data, are distributed to the data distribution destination nodes PC9, PC2, PC5, PC6, and PC7, respectively. Has been.
  • the information management method and the information processing apparatus as a node, when dividing and distributing information to a plurality of nodes on the network, the following processing is performed. Will do.
  • a node whose reliability calculated based on the physical information of each node is within the reliability tolerance range set in advance according to the nature of the information to be stored is preferentially selected as a distribution destination node, and distributed. To do.

Abstract

L'invention concerne un procédé de gestion d'informations et un dispositif de traitement d'informations fonctionnant comme un nœud qui peuvent utiliser de façon efficace des informations distribuées à et détenues par une pluralité de nœuds sur un réseau, qui ont peu de chances de provoquer une obstruction aboutissant à un echec d'acquisition d'une partie des données distribuées, et qui peuvent supprimer une charge concentrée sur un nœud spécifique. Lorsque ce procédé de gestion d'informations divise les informations et distribue les informations divisées à une pluralité des nœuds sur le réseau, il sélectionne ces nœuds avec une priorité, comme des nœuds destinataires de distribution, de sorte que leur fiabilité calculée selon des informations physiques de chaque nœud est dans une plage tolérable définie par avance en réponse à la nature des informations détenues et distribue les informations aux nœuds.
PCT/JP2007/069942 2006-11-09 2007-10-12 Procédé de gestion d'informations et dispositif de traitement d'informations WO2008056507A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2008543017A JPWO2008056507A1 (ja) 2006-11-09 2007-10-12 情報の管理方法及び情報処理装置

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2006-303836 2006-11-09
JP2006303836 2006-11-09

Publications (1)

Publication Number Publication Date
WO2008056507A1 true WO2008056507A1 (fr) 2008-05-15

Family

ID=39364331

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2007/069942 WO2008056507A1 (fr) 2006-11-09 2007-10-12 Procédé de gestion d'informations et dispositif de traitement d'informations

Country Status (2)

Country Link
JP (1) JPWO2008056507A1 (fr)
WO (1) WO2008056507A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014513852A (ja) * 2011-05-16 2014-06-05 オラクル・インターナショナル・コーポレイション クラスタデータグリッドにおける拡張可能な中央集中型動的リソース分散

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003330787A (ja) * 2002-04-24 2003-11-21 Internatl Business Mach Corp <Ibm> 分散及び収集を使用する分散型ファイルシステム
JP2004126716A (ja) * 2002-09-30 2004-04-22 Fujitsu Ltd 広域分散ストレージシステムを利用したデータ格納方法、その方法をコンピュータに実現させるプログラム、記録媒体、及び広域分散ストレージシステムにおける制御装置
JP2005252596A (ja) * 2004-03-03 2005-09-15 Nippon Telegr & Teleph Corp <Ntt> 物理的信頼度を用いたp2pネットワーク構成方法及び接続状態管理装置
JP2005275937A (ja) * 2004-03-25 2005-10-06 Fujitsu Ltd P2pネットワークシステム

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003330787A (ja) * 2002-04-24 2003-11-21 Internatl Business Mach Corp <Ibm> 分散及び収集を使用する分散型ファイルシステム
JP2004126716A (ja) * 2002-09-30 2004-04-22 Fujitsu Ltd 広域分散ストレージシステムを利用したデータ格納方法、その方法をコンピュータに実現させるプログラム、記録媒体、及び広域分散ストレージシステムにおける制御装置
JP2005252596A (ja) * 2004-03-03 2005-09-15 Nippon Telegr & Teleph Corp <Ntt> 物理的信頼度を用いたp2pネットワーク構成方法及び接続状態管理装置
JP2005275937A (ja) * 2004-03-25 2005-10-06 Fujitsu Ltd P2pネットワークシステム

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014513852A (ja) * 2011-05-16 2014-06-05 オラクル・インターナショナル・コーポレイション クラスタデータグリッドにおける拡張可能な中央集中型動的リソース分散

Also Published As

Publication number Publication date
JPWO2008056507A1 (ja) 2010-02-25

Similar Documents

Publication Publication Date Title
EP2269361B1 (fr) Procédé et dispositif de déploiement dynamique de passerelles de confiance dans un réseau sans fil ad hoc
US6185612B1 (en) Secure distribution and use of weighted network topology information
US8577044B2 (en) Method and apparatus for automatic and secure distribution of an asymmetric key security credential in a utility computing environment
Tysowski et al. The engineering of a scalable multi-site communications system utilizing quantum key distribution (QKD)
WO2022193985A1 (fr) Procédé et appareil de traitement de données, et dispositif et support de stockage
EP1966929B1 (fr) Procédés et système pour gérer des clés de sécurité dans un réseau hertzien
CN1681238B (zh) 用于加密通信的密钥分配方法及系统
US20240146538A1 (en) Systems and methods for verifying a route taken by a communication
JP4993733B2 (ja) 暗号クライアント装置、暗号パッケージ配信システム、暗号コンテナ配信システム及び暗号管理サーバ装置
EP2965465B1 (fr) Traitement de certificats numériques
US20060285693A1 (en) Method and apparatus for automatic and secure distribution of a symmetric key security credential in a utility computing environment
JP2007507760A (ja) セキュアなクラスターコンフィギュレーションデータセットの転送プロトコル
JP2010520518A (ja) 分散式の委任および検証のための方法、装置、およびシステム
JP4155341B2 (ja) 情報の管理方法及び情報処理装置
EP2999172A1 (fr) Procédé et dispositifs pour certifier un chemin sécurisé dans un réseau défini par logiciel
JP5813872B2 (ja) 通信制御装置、通信装置およびプログラム
CN112351019B (zh) 一种身份认证系统及方法
WO2008030629A1 (fr) Procédé et appareil d&#39;établissement de routes basés sur les notes de confiance de routeurs dans un domaine de routage ip
US20200236032A1 (en) Blockchain Routing Protocols
JP2013020314A (ja) データ分散保管システム
US11895227B1 (en) Distributed key management system with a key lookup service
JP6453154B2 (ja) ネットワーク管理システム及びネットワーク管理方法
Li et al. Securing distributed adaptation
US20200236031A1 (en) Blockchain Routing Protocols
CN116166749A (zh) 数据共享方法、装置、电子设备及存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07829678

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2008543017

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07829678

Country of ref document: EP

Kind code of ref document: A1