WO2010116780A1 - 情報処理装置、および実行制御方法 - Google Patents
情報処理装置、および実行制御方法 Download PDFInfo
- Publication number
- WO2010116780A1 WO2010116780A1 PCT/JP2010/051484 JP2010051484W WO2010116780A1 WO 2010116780 A1 WO2010116780 A1 WO 2010116780A1 JP 2010051484 W JP2010051484 W JP 2010051484W WO 2010116780 A1 WO2010116780 A1 WO 2010116780A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- information
- processing apparatus
- information processing
- application
- registered
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/30—Arrangements for executing machine instructions, e.g. instruction decode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/30—Arrangements for executing machine instructions, e.g. instruction decode
- G06F9/32—Address formation of the next instruction, e.g. by incrementing the instruction counter
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2115—Third party
Definitions
- the present invention relates to an information processing apparatus and an execution control method.
- An information processing apparatus such as a PC (Personal Computer) or a mobile phone can execute application software other than the application software installed at the time of manufacture, for example, by installing the application software.
- PC Personal Computer
- a mobile phone can execute application software other than the application software installed at the time of manufacture, for example, by installing the application software.
- Patent Literature 1 can be cited.
- an information processing apparatus acquires and executes application software (hereinafter sometimes referred to as “application”) from an external device via the network. Is possible.
- the information processing apparatus can execute, for example, an application other than the application stored at the time of manufacture stored in the external apparatus, so that the multifunctionality of the information processing apparatus can be realized more easily.
- the safety when the application is executed means that no problem occurs when the application is executed, for example, and the safety can be improved by further reducing the possibility of the problem.
- problems that may occur when an application is executed include, for example, that an information processing apparatus has some trouble caused by executing the application, that unauthorized access is performed by a malicious third party, personal information Leakage etc. are mentioned.
- an application when an application is distributed via a network, for example, an application that has been confirmed in advance to have no problem when the application is executed by an information processing apparatus manufacturer or an organization authorized by the manufacturer. Has been delivered.
- an application that the information processing apparatus can acquire from an external apparatus via a network is not limited to an application whose safety has been confirmed in advance, such as an application published by an individual.
- the information processing apparatus when acquiring an application that has not been confirmed in advance to cause no problem, notifies the user that the safety has not been confirmed, and executes the application based on a user operation, for example. .
- a user operation for example.
- the notified user does not know whether the safety of the application is ensured before performing the user operation to permit the execution, there is a problem related to the safety after permitting the execution of the application. May occur.
- the execution of the application There is a risk that safety issues may arise after permitting.
- an information processing apparatus (hereinafter referred to as “conventional information processing apparatus”) to which a conventional technique related to control of execution of application software (hereinafter referred to as “conventional technology”) is applied is an application installation. Detect the start of Further, the conventional information processing apparatus confirms with an external server whether or not installation of the application is permitted in the information processing apparatus, and performs installation if permitted. The conventional information processing apparatus appropriately executes the installed application based on a user operation or automatically. In other words, in the conventional technology, execution of the application is controlled by the external server when the application is installed. Therefore, since installation of an application having a safety problem is prevented by using the conventional technique, the conventional information processing apparatus may be able to improve the safety related to the execution of the application to some extent. .
- the execution of the application is controlled only when the application is installed. Therefore, for example, even if a certain security problem is found in the application after the application installation is permitted, the conventional information processing apparatus arbitrarily executes the application having the safety problem. It will be.
- the application that the information processing apparatus acquires from an external device via the network is not limited to an application that is installed after acquisition and is executed after installation.
- the information processing apparatus may acquire and execute an application that is acquired and executed from an external apparatus as appropriate every time execution is started, such as an application called a widget. it can.
- the present invention has been made in view of the above problems, and an object of the present invention is to ensure the safety of execution of application software acquired and executed from an external device every time execution of application software is started. It is an object of the present invention to provide a new and improved information processing apparatus and execution control method that can be improved.
- a communication unit capable of communicating with an external device and an external storage device that stores application software each time processing relating to execution of the application software is started
- An acquisition unit that acquires the application software from the communication unit, and a registration determination unit that determines whether or not the acquired external storage device of the application software is a pre-registered external storage device
- a first execution determination unit that determines whether or not to execute the application software acquired based on a user operation when the registration determination unit determines that the acquisition-source external storage device is not registered. And the first execution determination unit determines that the authentication is to be executed via the communication unit.
- a communication processing unit that performs communication related to authentication for executing the application software and a second execution determination unit that determines whether to execute the application software based on an authentication result transmitted from the authentication server And an execution processing unit that selectively executes the acquired application software when it is determined that the registration determination unit determines that it is registered, or when it is determined that the second execution determination unit executes.
- An information processing apparatus is provided.
- the registration determination unit determines whether the acquisition source external storage device is not registered, the registration determination unit further determines whether the acquired application software is registered application software, and the registration When the determination unit determines that the application software is registered, the first execution determination unit does not determine whether to execute the application software, and the communication processing unit and the authentication server You may perform the communication regarding the said authentication.
- the information processing apparatus further includes a storage unit that stores registered external storage device information in which information specifying the external storage device is recorded, and the registration determination unit is included in the registered external storage device information and the acquired application software. It may be determined whether or not the acquisition source external storage device is registered based on the information specifying the original external storage device.
- the communication processing unit communicates with the external storage device recorded in the registered external storage device information via the communication unit based on the registered external storage device information stored in the storage unit, and performs the registration. You may communicate with the said authentication server based on the authentication server information with which the information which specifies the said authentication server acquired from the external storage device recorded on the external storage device information was recorded.
- the communication processing unit may communicate with the authentication server based on the authentication server information stored in the storage unit.
- a storage unit that stores registered application information indicating registered application software is further included, and the registration determination unit registers the acquired application software based on the registered application information stored in the storage unit. It may be determined whether or not.
- the execution processing unit may not execute the acquired application software when it is not determined to be executed by the first execution determination unit or the second execution determination unit.
- a report information transmission processing unit that performs processing for transmitting report information indicating a safety-related problem in the executed application software to the authentication server may be further provided.
- every time processing related to execution of application software is started, obtaining the application software from an external storage device that stores the application software; A registration determination step for determining whether or not the external storage device from which the application software acquired in the acquisition step is a pre-registered external storage device; and the external storage from which the acquisition is performed in the registration determination step
- the first execution determination step for determining whether or not to execute the application software acquired based on the user operation and the first execution determination step are executed.
- a second execution determining step for determining whether or not to execute the application software based on an authentication result transmitted from the authentication server, and the registration
- An execution control method including a step of selectively executing the acquired application software when it is determined that the application software is registered in the determination step or when it is determined to be executed in the second execution determination step.
- FIG. 1 is an explanatory diagram showing an example of an information processing system 1000 according to an embodiment of the present invention.
- an information processing system 1000 includes an information processing apparatus 100, an authentication server 200, external servers 300A, 300B,... (External storage devices. Hereinafter, they may be collectively referred to as “external server 300”. And each device is connected via the network 500 (or directly).
- a wired network such as a LAN (Local Area Network) or a WAN (Wide Area Network), a wireless WAN (WWAN; Wireless Wide Area Network) via a base station, or a wireless MAN (WMAN; Wireless).
- a wireless network such as Metropolitan Area Network, or the Internet using a communication protocol such as TCP / IP (Transmission Control Protocol / Internet Protocol).
- connection refers to, for example, a state where communication is possible between devices (or a state where communication is possible between devices). That is, for example, by connecting the information processing apparatus 100 and the external server 300A, the information processing apparatus 100 can acquire (for example, download) an application stored in the external server 300A. For example, when the information processing apparatus 100 and the authentication server 200 are connected, the information processing apparatus 100 can perform communication (described later) related to authentication for executing an application with the authentication server 200. it can.
- the information processing system 1000 may include a plurality of information processing apparatuses 100 and / or a plurality of authentication servers 200.
- a display device is illustrated as the information processing device 100, but the information processing device 100 is not limited to the display device illustrated in FIG. 1. That is, FIG. 1 is a diagram illustrating an example of the information processing system 1000 according to the embodiment of the present invention, and the application example and appearance of the information processing apparatus 100 according to the embodiment of the present invention are not limited to FIG. Similarly, application examples and appearances of the authentication server 200 and the external servers 300A and 300B are not limited to FIG.
- the information processing apparatus 100 acquires an application stored in an external device such as the external servers 300A, 300B,... Each time the application is executed. Then, the information processing apparatus 100 selectively executes an application acquired from an external apparatus by performing processing related to a safety improvement approach according to an embodiment of the present invention described later. More specifically, the information processing apparatus 100 performs the following processing, for example.
- the authentication server 200 performs communication related to authentication for executing an application with the information processing apparatus 100.
- the communication related to authentication for executing the application is a series of information processing apparatus 100 transmitting a safety information transmission request and authentication server 200 transmitting safety information to information processing apparatus 100.
- Communication (and communication processing) The safety information is, for example, information indicating whether or not application execution is permitted in the authentication server 200 and corresponds to the authentication result in the authentication server 200.
- the authentication server 200 stores a database in which information related to application safety is recorded in a server-side storage unit (not shown).
- the authentication server 200 uses the database as, for example, a black list in which applications having safety problems are registered (or a white list in which applications whose safety has been confirmed are registered).
- the authentication server 200 can determine whether or not the authentication target application is a safe application in communication (described later) related to authentication for executing the application.
- the authentication server 200 generates safety information having contents corresponding to the determination result based on the reception of the safety information transmission request, and transmits the generated safety information to the information processing apparatus 100. That is, it can be said that the safety information (authentication result) indicates whether or not a problem occurs when the application is executed.
- information on applications that have been confirmed to have safety problems is recorded in the database in advance, but information recorded in the database Is not limited to the above.
- the database can add new application information, and can update and delete recorded application information.
- examples of the information on the application include an ID for uniquely identifying the application, and registered external storage device information in which information specifying an external server (external storage device) that stores the application is recorded.
- Examples of registered external storage device information include a URI (Uniform Resource Identifier) and an IP (Internet Protocol) address.
- URI Uniform Resource Identifier
- IP Internet Protocol
- the authentication server 200 receives report information (described later) transmitted from each of the information processing apparatuses 100 (not shown in FIG. 1) constituting the information processing system 1000, and stores database information based on the received report information. Information can be added, updated, and deleted.
- the authentication server 200 records, in the database, an application in which a predetermined number or more of report information indicating that the application has a safety problem is collected in the database as an application having a safety problem. Add information.
- the authentication server 200 can also perform update and deletion of information in the database based on collected report information, for example, as described above.
- the authentication server 200 can have a hardware configuration similar to the hardware configuration (described later) of the information processing apparatus 100.
- the external server 300 stores applications that can be executed by the information processing apparatus 100. Then, the external server 300 transmits the application to be stored to the information processing apparatus 100 in response to an acquisition request from each information processing apparatus 100 configuring the information processing system 1000.
- the external server 300 configuring the information processing system 1000 is limited to storing, for example, an application whose safety has been confirmed in advance by a manufacturer (manufacturer) of the information processing apparatus 100 or an organization authorized by the manufacturer. I can't.
- the external server 300 can also store applications that have not been confirmed by the manufacturer of the information processing apparatus 100, such as applications created by individuals.
- the external server 300A shown in FIG. 1 is an external server that stores an application that the manufacturer or the like has confirmed safety
- the external server 300B is an application that the manufacturer or the like has not confirmed safety.
- the case of an external server to be stored will be described as an example.
- the external servers 300A, 300B,... can have the same hardware configuration as that of the information processing apparatus 100 (described later).
- the information processing system 1000 includes, for example, an information processing apparatus 100, an authentication server 200, and an external apparatus 300 as illustrated in FIG. Needless to say, the configuration of the information processing system 1000 according to the embodiment of the present invention is not limited to FIG. 1.
- the information processing apparatus 100 Each time the information processing apparatus 100 starts executing an application stored in the external server 300 (processing related to execution), the information processing apparatus 100 appropriately acquires the application from the external server 300. When the application is acquired, the information processing apparatus 100 performs registration determination processing based on the acquisition source of the application, first execution determination processing based on a user operation, and second execution based on a communication result with the authentication server 200. Judgment processing is performed. The information processing apparatus 100 selectively executes the acquired application when a determination result that confirms the safety of the application is obtained.
- the information processing apparatus 100 can improve the safety in the execution of the application software acquired and executed from the external device every time the execution of the application software is started. For example, when the acquired application is an application registered in advance, the information processing apparatus 100 can selectively execute the acquired application without performing the first execution determination process.
- the information processing apparatus 100 improves the safety in executing the application software acquired and executed from the external apparatus by performing the following processes (1) to (5), for example. Plan. Further, the information processing apparatus 100 further performs the process (6) and selectively transmits report information (described later) to the authentication server 200 to further improve safety.
- the information processing apparatus 100 acquires (for example, downloads) an application stored in the external server 300 that is desired to be executed every time execution of the application is started.
- the information processing apparatus 100 acquires an application by transmitting an application acquisition request to the corresponding external server 300 based on, for example, a user operation on a browser or a predetermined application acquisition screen.
- the application acquisition method is not limited to the above.
- the user of the information processing apparatus 100 performs a desired user operation using, for example, an operation unit (described later) included in the information processing apparatus 100, but the target of the user operation by the user is limited to the above. Absent.
- the user operates an external operation device such as a remote controller, and the information processing apparatus 100 is based on an external operation signal corresponding to the user operation on the external operation device transmitted from the received external operation device. The processing based on the user operation can also be performed.
- the information processing apparatus 100 includes an external server (external storage device) in which the external server 300 from which the application is acquired is registered in advance. ).
- the information processing apparatus 100 is, for example, registered external storage device information in which information specifying an external server (external storage device) such as a URI is recorded in a storage unit (described later) included in the information processing device 100.
- the registered external storage device information is recorded in advance in a storage unit (described later) at the time of manufacture or at the time of factory shipment, for example.
- the information processing apparatus 100 registers the acquisition source external server based on the registered external storage device information and information specifying the acquisition source external server (external storage device) included in the acquired application. It is determined whether or not there is.
- the registered external storage device information is not limited to being stored in a storage unit (described later) included in the information processing device 100.
- the registered external storage device information is stored in a predetermined storage location such as a removable external recording medium or a storage unit (not shown) of an external device connected via a network (or directly). It may be.
- the information processing apparatus 100 appropriately acquires the registered external storage device information from a predetermined storage location (for example, downloads and reads the registered external storage device information), thereby registering the acquisition source external server. It can be determined whether or not.
- the determination result when it is determined that it is registered in the above determination is that the acquired application is an application with no safety problem acquired from the external server 300 storing the application whose safety has been confirmed. It shows that there is. Therefore, when the determination result is obtained in the registration determination process, the information processing apparatus 100 executes the application acquired in the process (4) (execution process) described later.
- the information processing apparatus 100 appropriately acquires and executes an application from the external server 300 every time execution is started.
- the application is appropriately corrected or replaced in the external server 300. Is updated. That is, when the information processing apparatus 100 acquires an application from the external server 300 recorded in the registered external storage device information, the information processing apparatus 100 can execute an application that is updated as appropriate. Therefore, the information processing apparatus 100 can improve the safety in executing the application by executing the application based on the determination result indicating that the information is acquired from the external server 300 recorded in the registered external storage device information. it can.
- the determination result when it is not determined that the application is registered in the determination indicates that the acquired application is not an application acquired from the external server 300 that stores an application whose safety has been confirmed. Therefore, when the above determination result is obtained, the information processing apparatus 100 performs a process (3) (first execution determination process) described later.
- the process of the information processing apparatus 100 when the determination result when it is not determined that it is registered in the determination is obtained is not limited to the above.
- the information processing apparatus 100 determines whether or not the acquired application is registered, and the process (3) described below (first execution) is performed according to the determination result. Determination processing) can be selectively performed.
- the information processing apparatus 100 stores, for example, registered application information indicating registered applications in a storage unit (described later).
- registered application information for example, an ID (for example, a program ID or the like) that identifies an application can be cited.
- the information processing apparatus 100 registers (generates / updates) an application in registered application information based on, for example, a user operation.
- the information processing apparatus 100 registers an application in which application execution has been performed in registration application information based on history information indicating that the application has been stored in a storage unit (described later).
- the registration method for the registered application information is not limited to the above.
- the information processing apparatus 100 determines that the acquired application is registered when the acquired application is an application registered in the registered application information. Then, the information processing apparatus 100 performs the process (3) (first execution determination process) described later when it is not determined that the acquired application is registered. In addition, when it is determined that the acquired application is registered, the information processing apparatus 100 performs a process (4) (second execution determination process) described later.
- the information processing apparatus 100 can selectively perform the process (3) (first execution determination process) to be described later based on the determination based on the registered application information. Even in the above case, the information processing apparatus 100 does not execute the acquired application unless the safety is confirmed by the process (4) (second execution determination process) described later. Therefore, even when the process (3) (first execution determination process) described later is selectively performed, the information processing apparatus 100 can improve the safety of application execution.
- the registered application information is not limited to being stored in a storage unit (described later) included in the information processing apparatus 100.
- the registered application information is stored in a predetermined storage location such as a removable external recording medium or a storage unit (not shown) of an external device connected via the network 500 (or directly). May be.
- the information processing apparatus 100 appropriately acquires the registered application information from a predetermined storage location (for example, downloads or reads out the registered application information), thereby determining whether or not the acquired application is registered. Judgment can be made.
- First Execution Determination Process when it is not determined in the process (1) that the acquisition-source external server 300 is registered, the information processing apparatus 100 displays an application acquired based on a user operation. A first execution determination process for determining whether or not to execute is performed.
- FIG. 2 is an explanatory diagram for explaining an example of the first execution determination process in the information processing apparatus 100 according to the embodiment of the present invention.
- FIG. 2 shows an example of a display screen (execution confirmation screen) for user operation related to the execution of the application, which the information processing apparatus 100 presents to the user in the first execution determination process.
- the information processing apparatus 100 displays an image on which a message M1 and buttons B1 and B2 for allowing the user to select are displayed on the display screen.
- the execution confirmation screen which the information processing apparatus 100 displays in the 1st execution determination process which concerns on embodiment of this invention is not restricted to the example of FIG.
- the information processing apparatus 100 performs the first execution determination process based on, for example, a user operation (pressing operation of the button B1 or the button B2) on the execution confirmation screen as illustrated in FIG. More specifically, the information processing apparatus 100 determines that execution of the acquired application is permitted, for example, when the user selects the button B1 shown in FIG. 2 execution determination process). Further, for example, when the user selects the button B2 shown in FIG. 2, the information processing apparatus 100 determines that execution of the acquired application is not permitted, and in the process (execution process) (5) described later. Do not execute the acquired application.
- the information processing apparatus 100 confirms safety by the process (second execution determination process) (4) described later. If not, the acquired application is not executed. Therefore, even if the user of the information processing apparatus 100 does not know that the safety of the acquired application is ensured, the information processing apparatus 100 can improve the safety in executing the application. it can.
- the information processing apparatus 100 performs communication related to authentication for executing an application with the authentication server 200. More specifically, the information processing apparatus 100 transmits a safety information acquisition request to the authentication server 200. By transmitting the safety information acquisition request, the information processing apparatus 100 can acquire the safety information from the authentication server 200.
- the information processing apparatus 100 transmits a safety information acquisition request including, for example, ID information for identifying the acquired application and URI information indicating the acquisition source of the application to the authentication server 200.
- the safety information acquisition request transmitted by the processing device 100 is not limited to the above.
- the information processing apparatus 100 stores authentication server information stored in the storage unit (described later). Based on the above, communication with the authentication server 200 is performed.
- the authentication server information according to the embodiment of the present invention include a URI representing the authentication server 200 and an IP address.
- the information processing apparatus 100 communicates with the external server 300 (external storage device) recorded in the registered external storage device information.
- the authentication server information is acquired from the external server 300.
- the information processing apparatus 100 communicates with the authentication server 200 based on the authentication server information acquired from the external server 300 recorded in the registered external storage device information.
- the registered external storage device information is stored in advance when the information processing device 100 is manufactured, for example.
- the external server 300 registered in the registered external storage device information is an external server 300 that stores an application whose safety has been confirmed by the manufacturer of the information processing apparatus 100 or the like. Therefore, storing the authentication server information in the server-side storage unit (not shown) of the external server 300 registered in the registered external storage device information is stored in the external server 300 that is not registered in the registered external storage device information. It can be realized more easily than the case.
- the above is because the external server 300 registered in the registered external storage device information is more likely to be managed by, for example, the manufacturer of the information processing apparatus 100 or a person related to the manufacturer.
- the information processing apparatus 100 obtains the authentication server information from the external server 300 recorded in the registered external storage device information even when the authentication server information is not stored in the storage unit (described later). Communication with the authentication server 200 can be performed.
- the information processing apparatus 100 determines that the execution of the acquired application is not permitted. Then, the information processing apparatus 100 does not execute the application acquired in the process (execution process) (5) described later based on the determination result in the second execution determination process.
- the information processing apparatus 100 determines that the execution of the acquired application is permitted. Then, the information processing apparatus 100 executes the application acquired in the process (execution process) (5) described later based on the determination result in the second execution determination process.
- Execution processing The information processing apparatus 100 acquires the application obtained based on the determination results of the processes (2) (registration determination process) to (4) (second execution determination process). Is selectively executed.
- the information processing apparatus 100 executes when it is determined that it is registered in the process (2) (registration determination process) or in the process (4) (second execution determination process). If it is determined, the acquired application is executed. Then, when the execution of the application ends, the information processing apparatus 100 discards the application.
- discarding an application means, for example, erasing data related to execution.
- the information processing apparatus 100 can also record history information indicating that the application has been executed, for example, on a recording medium such as a storage unit (not shown).
- the information processing apparatus 100 acquires the acquired application if it is not determined to be executed in the process (3) (first execution determination process) or the process (4) (second execution determination process). Do not execute. Then, the information processing apparatus 100 discards the acquired application.
- the information processing apparatus 100 uses the acquired application based on the determination results of the processes (2) (registration determination process) to (4) (second execution determination process). Is selectively executed.
- the information processing apparatus 100 executes the acquired application when it is determined that it is registered in the process (2) (registration determination process).
- registration determination process the acquired application is highly likely to be an application with no safety problem. Therefore, the information processing apparatus 100 can improve the safety in execution of the application by executing the application acquired when it is determined that it is registered in the process (2) (registration determination process). it can.
- the information processing apparatus 100 executes the acquired application when it is determined to be executed in the process (4) (second execution determination process).
- the authentication server 200 uses, for example, a database that functions as a black list in which applications with safety problems are registered (or a white list in which applications with confirmed safety are registered) as applications. Perform such authentication.
- the information processing apparatus 100 improves the safety in execution of the application by executing the application acquired when it is determined that it is registered in the process (4) (second execution determination process). Can be made.
- the information processing apparatus 100 executes the acquired application. Do not execute.
- the acquired application is, for example, an application whose safety has not been confirmed, and an application that the user does not desire to start the application. is there.
- the acquired application is an application which execution is not permitted in the authentication server 200, for example. That is, in the process (3) or the process (4), if it is not determined to be executed, there is a high possibility that the acquired application has a safety problem.
- the information processing apparatus 100 does not execute the acquired application if it is not determined to be executed in the process (3) (first execution determination process) or the process (4) (second execution determination process). Therefore, the safety in the execution of the application can be improved.
- the information processing apparatus 100 performs processing (1) (acquisition processing) to processing (execution processing) (5) so that it is acquired and executed from an external device each time application software execution is started. Safety in the execution of application software can be improved.
- the information processing apparatus 100 executes the application stored in the external server 300 (external storage device). Can be executed more safely.
- the information processing apparatus 100 can more safely execute an application whose safety has not been confirmed, which is stored in the external server 300.
- the possibility that the information processing apparatus 100 has a problem due to the execution of the application due to some factor cannot be said to be 0 (zero). .
- the information processing apparatus 100 transmits, to the authentication server 200, report information indicating a problem relating to safety in the executed application, in addition to the processing (acquisition processing) to (5) processing (execution processing). It is possible to further have a function of selectively performing the processing.
- examples of the report information include an ID for identifying an application and a number for identifying a problem that has occurred (for example, a number set in association with a problem type).
- the number information for identifying the problem that has occurred in the report information is stored in, for example, a storage unit (described later) of the information processing apparatus 100 when the information processing apparatus 100 is manufactured.
- the time when the information on the number to be stored in the storage unit (described later) is not limited to the above.
- the information processing apparatus 100 can acquire information on a number for identifying the problem that has occurred from the authentication server 200 and store the information in a storage unit (described later).
- the information processing apparatus 100 when the user selects an icon indicating an application that has been executed, the information processing apparatus 100 is configured such that the external server 300 from which the selected application is acquired is registered in the registered external storage device information. It is determined whether or not. For example, when the external server 300 from which the selected application is acquired is not registered in the registered external storage device information, the information processing apparatus 100 selectively selects the report information based on, for example, a user operation. Send to.
- the information processing apparatus 100 can communicate with the authentication server 200 by using, for example, a method similar to the above-described process (4-1) (communication process related to authentication for executing an application). .
- the information processing apparatus 100 can transmit report information by a user operation.
- the report screen to be displayed is displayed on the display screen.
- FIG. 3 is an explanatory diagram for explaining an example of a report process in the information processing apparatus 100 according to the embodiment of the present invention.
- FIG. 3 illustrates an example of a display screen (report screen) on which a selection image that enables transmission of report information by a user operation presented to the user by the information processing apparatus 100 is displayed.
- the information processing apparatus 100 selectively displays a report screen as shown in FIG. 3 on the display screen when the external server 300 from which the selected application is acquired is not registered in the registered external storage device information.
- the case where the information processing apparatus 100 displays the report screen is not limited to the above.
- the information processing apparatus 100 automatically displays a report screen as shown in FIG. 3 automatically when a malfunction is detected when the application is executed (for example, when the application terminates abnormally). Can also be displayed.
- the information processing apparatus 100 includes a message M2, a selection unit SEL for causing the user to select the type of problem that has occurred (report content), and a button that triggers transmission of report information.
- the image on which B3 is displayed is displayed on the display screen.
- the type of problem displayed on the selection means SEL and the information of the number for identifying the problem that has occurred are associated one-to-one.
- the report screen displayed by the information processing apparatus 100 in the report processing according to the embodiment of the present invention is not limited to the example of FIG. 3.
- the information processing apparatus 100 selectively transmits report information based on, for example, a user operation (selection operation of the selection unit SEL and a press operation of the button B3) on the report screen as illustrated in FIG. More specifically, the information processing apparatus 100 corresponds to the type of problem selected in the selection unit SEL (displayed on the report screen) when, for example, the user selects the button B3 shown in FIG. Report information is transmitted to the authentication server 200. Although not shown in FIG. 3, the information processing apparatus 100 can also cause the report to transition from the screen to another display screen based on a user operation (that is, report information is not transmitted).
- the information processing apparatus 100 displays an inquiry screen, for example.
- FIG. 4 is an explanatory diagram for explaining an example of a report process in the information processing apparatus 100 according to the embodiment of the present invention.
- FIG. 4 shows an example of an inquiry screen that serves to present the information of the external server 300 registered in the registered external storage device information to the user in the information processing apparatus 100 in the reporting process.
- a widget name (corresponding to an application name), an application provider name, and inquiry destination information are displayed.
- the user can make an inquiry by an arbitrary method based on various information displayed on the inquiry screen.
- the inquiry screen according to the embodiment of the present invention is not limited to the example shown in FIG.
- the information processing apparatus 100 can display an inquiry screen having the same layout as that in FIG. 3 and transmit report information to the corresponding external server 300 based on a user operation.
- the information processing apparatus 100 selectively transmits report information to the authentication server 200 as described above, for example. Further, the information processing apparatus 100 does not transmit, for example, information indicating that there is no problem with safety as report information. That is, the authentication server 200 receives the report information indicating the application having a problem with safety and the type of the problem transmitted from each of the information processing apparatuses 100 constituting the information processing system 1000, and based on the report information, the database Can be updated. Therefore, in the authentication server 200 (and / or an organization that operates the authentication server 200, etc.), for example, the load required for the verification processing of the report information is reduced. Further, the authentication server 200 (and / or an organization that operates the authentication server 200) can set (append, update, delete, etc.) more appropriate information in the database by reducing useless verification processing. It becomes.
- the authentication server 200 can further improve the accuracy of the authentication result of the application related to the process (4) (second execution determination process) in the information processing apparatus 100.
- increasing the accuracy of the authentication result of the application means, for example, further reducing the possibility of an erroneous determination that determines that an unsafe application is safe.
- the information processing apparatus 100 can more safely execute the application acquired from the external server 300. Therefore, the information processing apparatus 100 further improves the safety in the execution of the application software acquired and executed from the external device every time the execution of the application software is started by performing the process (report process) of (6). Can be made.
- processing related to the safety improvement approach in the information processing apparatus 100 will be described more specifically.
- the processes related to the processes (1) (1) (acquisition process) to (5) (execution process) and the processes [2] and (6) (report process) will be described respectively. .
- a widget is taken as an example of an application that the information processing apparatus 100 acquires from an external apparatus and selectively executes.
- the application according to the embodiment of the present invention is not limited to a widget.
- the information processing apparatus 100 executes arbitrary software that is appropriately acquired and executed from an external apparatus, such as a Java applet, for example, the information processing apparatus 100 performs the process related to the safety improvement approach according to the embodiment of the present invention described above. Can be applied.
- FIG. 5 is a flowchart showing an example of processing related to a safety improvement approach in the information processing apparatus 100 according to the embodiment of the present invention.
- FIG. 5 shows an example of processing related to the processing (acquisition processing) (1) to (5) (execution processing) in the information processing apparatus 100.
- the information processing apparatus 100 determines whether the widget has been downloaded (S100). Here, the information processing apparatus 100 performs the process of step S100 based on, for example, reception of a signal from an external apparatus in a communication unit (described later).
- step S100 If it is not determined in step S100 that the widget has been downloaded, the information processing apparatus 100 does not proceed with the process.
- the information processing apparatus 100 determines whether or not the widget download source is registered (S102).
- the information processing apparatus 100 for example, based on a comparison result between URI information (an example of registered external storage device information) stored in a storage unit (described later) and URI information included in the downloaded widget.
- the process of step S102 is performed. More specifically, the information processing apparatus 100 determines that the widget download source is registered when, for example, the stored URI information includes a URI that matches the URI included in the widget. .
- the process of step S102 corresponds to the process (2) (registration determination process).
- step S102 If it is determined in step S102 that the widget download source is registered, the information processing apparatus 100 executes the downloaded widget (S114).
- the process of step S114 corresponds to the process (execution process) of (5) above.
- the information processing apparatus 100 determines whether the widget is registered (S104).
- the information processing apparatus 100 for example, based on a comparison result between widget ID information (an example of registered application information) stored in a storage unit (described later) and ID information included in the downloaded widget.
- the process of step S104 is performed. More specifically, for example, the information processing apparatus 100 determines that the widget is registered when there is an ID that matches the ID included in the widget in the stored ID information.
- the process of step S104 corresponds to the process (2) (registration determination process).
- step S104 If it is determined in step S104 that the widget is registered, the information processing apparatus 100 performs a process of step S110 described later.
- step S104 If it is not determined in step S104 that the widget is registered, the information processing apparatus 100 presents an execution confirmation screen (S106).
- An example of the execution confirmation screen presented in step S104 is the display screen shown in FIG.
- step S106 the information processing apparatus 100 determines whether or not the execution of the widget is permitted based on the user operation (S108; first execution determination process).
- steps S106 and S108 correspond to the process (3) (first execution determination process).
- step S116 If it is not determined in step S108 that the execution of the widget is permitted, the information processing apparatus 100 does not execute the downloaded widget (S116).
- the process of step S116 corresponds to the process (execution process) of (5) above.
- step S108 If it is determined in step S108 that the execution of the widget is permitted, the information processing apparatus 100 performs an authentication communication process (S110).
- FIG. 6 is a flowchart showing an example of authentication communication processing in the information processing apparatus 100 according to the embodiment of the present invention.
- the information processing apparatus 100 determines whether or not the URI (an example of authentication server information) of the authentication server 200 is stored (S200).
- the information processing apparatus 100 performs the process of step S200 by referring to a predetermined storage location such as a storage unit (described later) or an external recording medium, for example.
- step S200 If it is not determined in step S200 that the URI of the authentication server 200 is stored, the information processing apparatus 100 performs a URI acquisition process of the authentication server (S202).
- FIG. 7 is an explanatory diagram showing an example of URI acquisition processing of the authentication server in the information processing apparatus 100 according to the embodiment of the present invention.
- the information processing apparatus 100 transmits a URI transmission request for requesting transmission of the URI of the authentication server 200 to the external server 300 (for example, the external server 300A in FIG. 1) registered in the registered external storage device information. (S300).
- the external server 300 that has received the URI transmission request transmitted from the information processing apparatus 100 in step S300 transmits the URI information of the authentication server 200 to the information processing apparatus 100 (S302).
- the information processing apparatus 100 can obtain the URI of the authentication server 200 from the external server 300 by performing the process shown in FIG. Note that the URI acquisition processing of the authentication server in the information processing apparatus 100 according to the embodiment of the present invention is not limited to the processing illustrated in FIG.
- the information processing apparatus 100 performs safety information acquisition processing related to the downloaded widget based on the stored (or acquired) URI of the authentication server 200 (S204).
- FIG. 8 is an explanatory diagram showing an example of the safety information acquisition process in the information processing apparatus 100 according to the embodiment of the present invention.
- the information processing apparatus 100 transmits a safety information transmission request related to the downloaded widget to the authentication server 200 (S400).
- FIG. 9 is an explanatory diagram showing an example of a safety information transmission request transmitted by the information processing apparatus 100 according to the embodiment of the present invention.
- FIG. 9 shows an example of a safety information transmission request in the case of being transmitted by HTTP (Hypertext Transfer Protocol) in conformity with REST (Representational State Transfer).
- FIG. 9 illustrates an example in which the information processing apparatus 100 includes the widget download source URI as a parameter in the safety information transmission request.
- the safety information transmission request transmitted by the information processing apparatus 100 according to the embodiment of the present invention is not limited to the example illustrated in FIG. 9.
- the authentication server 200 Upon receiving the safety information transmission request transmitted from the information processing apparatus 100 in step S400, the authentication server 200 stores the database based on information included in the safety information transmission request (for example, the widget ID and the URI of the download source). Search (S402; database search process).
- the process of step S402 in the authentication server 200 corresponds to an authentication process for determining whether or not the widget is a safe application.
- the authentication server 200 transmits safety information based on the processing result of step S402 to the information processing apparatus 100 (S404).
- FIG. 10 is an explanatory diagram showing an example of safety information transmitted by the authentication server 200 according to the embodiment of the present invention.
- FIG. 10 shows an example of safety information when the authentication server 200 transmits safety information in XML (Extended Markup Language) format.
- the authentication server 200 for example, information indicating whether it is a normal response to the safety information transmission request (response element shown in FIG. 10) or information indicating whether the widget can be executed (FIG. 10). (Widget element shown in FIG. 10) is transmitted as safety information.
- the safety information transmitted by the authentication server 200 is not limited to the example shown in FIG.
- the authentication server 200 transmits safety information in an arbitrary format that can be recognized by the information processing apparatus 100 (for example, a recognition method or the like is recorded when the information processing apparatus 100 is manufactured) without being limited to the XML format. You can also.
- the information processing apparatus 100 can obtain the safety information (authentication result) from the authentication server 200 by performing, for example, the processing shown in FIG.
- the safety information acquisition process in the information processing apparatus 100 according to the embodiment of the present invention is not limited to the process illustrated in FIG.
- the information processing apparatus 100 can obtain the safety information (authentication result) from the authentication server 200 by performing the process illustrated in FIG. 6, and can realize the authentication communication process with the authentication server 200.
- the authentication communication process in the information processing apparatus 100 according to the embodiment of the present invention is not limited to the process illustrated in FIG.
- the information processing apparatus 100 determines whether or not the execution of the widget is permitted in the authentication server 200 (S112).
- the information processing apparatus 100 performs the determination in step S112 based on safety information (authentication result) as shown in FIG. 10, for example. More specifically, for example, when the status attribute included in the safety information has a value of 0 (zero), the information processing apparatus 100 determines that execution of the widget is permitted, and the value is other than 0 (zero). In this case, it is not determined that the execution of the widget is permitted.
- steps S110 and S112 correspond to the process (4) (second execution determination process).
- step S112 If it is determined in step S112 that the execution of the widget is permitted, the information processing apparatus 100 executes the downloaded widget (S114). If it is not determined in step S112 that the execution of the widget is permitted, the information processing apparatus 100 does not execute the downloaded widget (S116).
- the information processing apparatus 100 realizes the processes (1) (acquisition process) to (5) (execution process) by performing, for example, the process shown in FIG. Therefore, the information processing apparatus 100 can improve the safety in executing the application software acquired and executed from the external device every time the execution of the application software is started.
- the process which concerns on the safety improvement approach in the information processing apparatus 100 which concerns on embodiment of this invention is not restricted to the process shown in FIG.
- FIG. 11 is a flowchart showing an example of processing related to a safety improvement approach in the information processing apparatus 100 according to the embodiment of the present invention.
- FIG. 11 illustrates an example of a process related to the process (6) (report process) in the information processing apparatus 100.
- the information processing apparatus 100 determines whether to make a report / inquiry (S500). For example, the information processing apparatus 100 performs the process of step S500 based on an operation signal according to a user operation transmitted from an operation unit (described later).
- step S500 If it is not determined in step S500 that the report / inquiry is to be performed, the information processing apparatus 100 does not proceed with the process.
- step S500 determines whether a report / inquiry is to be performed.
- the information processing apparatus 100 determines whether the download source of the widget to be reported / inquired is registered (S502). For example, the information processing apparatus 100 compares the URI information (an example of registered external storage device information) stored in the storage unit (described later) with the URI information corresponding to the widget to be reported / inquired. Based on the above, the process of step S502 is performed.
- URI information an example of registered external storage device information
- step S502 If it is determined in step S502 that the widget download source is registered, the information processing apparatus 100 presents an inquiry screen as shown in FIG. 4, for example (S504).
- step S502 If it is not determined in step S502 that the widget download source is registered, the information processing apparatus 100 presents a report screen as shown in FIG. 3, for example (S506).
- step S506 the information processing apparatus 100 determines whether or not to report (S508). If it is not determined in step S508 to report, the information processing apparatus 100 ends the process.
- step S508 If it is determined in step S508 that reporting is to be performed, the information processing apparatus 100 performs report information transmission processing (S510).
- FIG. 12 is an explanatory diagram showing an example of report information transmission processing in the information processing apparatus 100 according to the embodiment of the present invention.
- the information processing apparatus 100 transmits, for example, report information based on a user operation on the report screen illustrated in FIG. 3 to the authentication server 200 (S600).
- the information processing apparatus 100 transmits report information to the authentication server 200 by using, for example, URI information of the authentication server 200 stored in a predetermined storage location such as a storage unit (described later) or an external recording medium.
- a predetermined storage location such as a storage unit (described later) or an external recording medium.
- the method of transmitting report information to the authentication server 200 is not limited to the above.
- the information processing apparatus 100 performs the URI acquisition process of the authentication server as in step S202 of FIG. Then, the information processing apparatus 100 transmits report information to the authentication server 200 by using the acquired URI information of the authentication server 200.
- FIG. 13 is an explanatory diagram illustrating an example of report information transmitted by the information processing apparatus 100 according to the embodiment of the present invention.
- FIG. 13 shows an example of report information in conformity with REST and transmitted by HTTP.
- FIG. 13 shows report information in which the report contents are described in the body part in a text format, and the URI from which the widget is downloaded is described as an HTTP POST parameter. Note that it goes without saying that the report information transmitted by the information processing apparatus 100 according to the embodiment of the present invention is not limited to the example shown in FIG.
- step S600 the authentication server 200 that has received the report information transmitted from the information processing apparatus 100 updates the database based on the information included in the received report information (S602).
- the update of the database in step S602 refers to, for example, registration of information in the database, deletion of information from the database, or update of information recorded in the database.
- FIG. 12 shows an example in which the database is updated every time the authentication server 200 receives report information
- the database update method in the authentication server 200 is not limited to the above.
- the authentication server 200 accumulates report information appropriately transmitted from each information processing apparatus 100 constituting the information processing system 1000 for a predetermined period, and selectively updates the database based on the accumulated report information. You can also.
- examples of the predetermined period include several hours, one day, one week, and one month.
- the authentication server 200 counts the number received for each widget (an example of an application) and for each report content, and selectively updates the database related to the widget when the count result exceeds a predetermined threshold.
- the method for updating the database related to the widget is not limited to the above.
- the authentication server 200 transmits the reception result of the report information transmitted from the information processing apparatus 100 in step 600 (S604).
- the process of step S604 in the authentication server 200 corresponds to a response to the information processing apparatus 100 that has transmitted the report information.
- FIG. 14 is an explanatory diagram illustrating an example of a reception result transmitted by the authentication server 200 according to the embodiment of the present invention.
- FIG. 14 shows an example of the reception result when the authentication server 200 transmits the reception result in XML format.
- the authentication server 200 for example, includes information indicating whether or not report information has been normally received (response element illustrated in FIG. 14), and information included in the received report information (in FIG. 14). (Widget element shown) is transmitted as a reception result.
- the reception result transmitted by the authentication server 200 is not limited to the example shown in FIG.
- the authentication server 200 transmits a reception result in an arbitrary format that can be recognized by the information processing apparatus 100 (for example, a recognition method or the like is recorded when the information processing apparatus 100 is manufactured) without being limited to the XML format. You can also.
- the information processing apparatus 100 that has received the reception result transmitted from the authentication server 200 in step S604 determines the transmission result of the report information based on the reception result (S606).
- the information processing apparatus 100 determines that the transmission of the report information is successful, and when the value is other than 0 (zero). Does not determine that transmission of report information has been successful.
- the information processing apparatus 100 can transmit report information and grasp the result of the transmission by performing the processing shown in FIG. 12, for example.
- the report information transmission process in the information processing apparatus 100 according to the embodiment of the present invention is not limited to the process illustrated in FIG.
- the information processing apparatus 100 transmits report information in which information is described in a text format as shown in FIG.
- the authentication server 200 that has received the report information transmits an XML format reception result to the information processing apparatus 100 that has transmitted the report information. That is, the data size of each of the report information and the reception result is smaller than the data size of data indicating, for example, an image, audio, video, or the like. Therefore, even if each of the information processing apparatuses 100 configuring the information processing system 1000 transmits / receives report information and reception results to / from the authentication server 200, the possibility that a communication failure or the like occurs in the network 500 is very high. Low.
- step S510 When the report information transmission process in step S510 is completed, the information processing apparatus 100 presents a transmission result screen based on the reception result received in step S510 (S512).
- FIG. 15 and 16 are explanatory diagrams illustrating an example of a transmission result screen presented by the information processing apparatus 100 according to the embodiment of the present invention.
- FIG. 15 illustrates an example of a transmission result screen presented when the information processing apparatus 100 determines that the transmission of the report information has been successful in step S606 illustrated in FIG. 12, for example.
- FIG. 16 illustrates an example of a transmission result screen presented when the information processing apparatus 100 does not determine that the transmission of report information has been successful in step S606 illustrated in FIG.
- the information processing apparatus 100 displays a message corresponding to the determination result, for example, as illustrated in message M3 in FIG. 15 and message M4 in FIG. Present the transmission result screen.
- the transmission result screen presented by the information processing apparatus 100 according to the embodiment of the present invention is not limited to the examples shown in FIGS. 15 and 16.
- the information processing apparatus 100 implements the above process (6) (report process) by performing, for example, the process shown in FIG. Therefore, the information processing apparatus 100 can further improve the safety in the execution of the application software acquired and executed from the external device every time the execution of the application software is started.
- FIG. 17 is an explanatory diagram showing an example of the configuration of the information processing apparatus 100 according to the embodiment of the present invention.
- the information processing apparatus 100 includes a communication unit 102, a storage unit 104, a control unit 106, an operation unit 108, and a display unit 110.
- the information processing apparatus 100 may include, for example, a ROM (Read Only Memory; not shown), a RAM (Random Access Memory; not shown), and the like.
- the information processing apparatus 100 connects each component by a bus as a data transmission path.
- the ROM (not shown) stores control data such as programs and calculation parameters used by the control unit 106.
- a RAM (not shown) primarily stores programs executed by the control unit 106.
- FIG. 18 is an explanatory diagram illustrating an example of a hardware configuration of the information processing apparatus 100 according to the embodiment of the present invention.
- the information processing apparatus 100 includes, for example, an MPU 150, a ROM 152, a RAM 154, a recording medium 156, an input / output interface 158, an operation input device 160, a display device 162, and a communication interface 164.
- the information processing apparatus 100 connects each component with a bus 166 as a data transmission path, for example.
- the MPU 150 includes an MPU (Micro Processing Unit) and an integrated circuit in which a plurality of circuits for realizing a control function are integrated, and functions as the control unit 106 that controls the entire information processing apparatus 100.
- the MPU 150 also includes an acquisition unit 120, a registration determination unit 122, a first execution determination unit 124, a communication processing unit 126, a second execution determination unit 128, an execution processing unit 130, and report information transmission, which will be described later, in the information processing apparatus 100. It can also serve as the processing unit 132.
- the ROM 152 stores control data such as programs and calculation parameters used by the MPU 150, and the RAM 154 temporarily stores, for example, programs executed by the MPU 150.
- the recording medium 156 functions as the storage unit 104 and stores various data such as registered external storage device information (data), registered application information (data), authentication server information (data), and applications.
- a magnetic recording medium such as a hard disk, EEPROM (Electrically Erasable and Programmable Read Only Memory), flash memory, MRAM (Magnetoresistive Random Access Memory), FeRAM Non-volatile memory such as (Ferroelectric Random Access Memory) and PRAM (Phase change Random Access Memory).
- the input / output interface 158 connects, for example, the operation input device 160 and the display device 162.
- the operation input device 160 functions as the operation unit 108
- the display device 162 functions as the display unit 110.
- examples of the input / output interface 158 include a USB (Universal Serial Bus) terminal, a DVI (Digital Visual Interface) terminal, an HDMI (High-Definition Multimedia Interface) terminal, and various processing circuits.
- the operation input device 160 is provided on the information processing apparatus 100 and is connected to the input / output interface 158 inside the information processing apparatus 100.
- Examples of the operation input device 160 include a rotary selector such as a button, a direction key, and a jog dial, or a combination thereof.
- the display device 162 is provided on the information processing apparatus 100 and is connected to the input / output interface 158 inside the information processing apparatus 100.
- the display device 162 include an LCD and an organic EL display (organic ElectroLuminescence display or OLED display (Organic Light Emitting Diode display)).
- the input / output interface 158 can be connected to an operation input device (for example, a keyboard or a mouse) as an external device of the information processing apparatus 100 or a display device (for example, an external display).
- the communication interface 164 is a communication unit included in the information processing apparatus 100 and functions as a communication unit (not shown) for performing wireless / wired communication with an external device via the network 500 (or directly).
- examples of the communication interface 164 include a communication antenna and an RF circuit (wireless communication), an IEEE 802.15.1 port and a transmission / reception circuit (wireless communication), an IEEE 802.11b port and a transmission / reception circuit (wireless communication), or a LAN. Examples include terminals and transmission / reception circuits (wired communication).
- the communication interface 164 may have a function of receiving an external operation signal transmitted from an external operation device such as a remote controller.
- the communication interface 164 serves as an indirect operation unit that transmits an operation signal based on an external operation signal according to a user operation to the MPU 150 or the like.
- the information processing apparatus 100 performs the processes (1) (acquisition process) to (5) (execution process) and (6) (report process) with the configuration shown in FIG. 18, for example.
- the safety improvement approach according to the embodiment of the present invention is realized.
- the hardware configuration of the information processing apparatus 100 according to the embodiment of the present invention is not limited to the configuration shown in FIG.
- the information processing apparatus 100 according to the embodiment of the present invention may further include a slot for detachably storing an external recording medium.
- the communication unit 102 is a communication unit included in the information processing apparatus 100 and communicates with an external apparatus wirelessly / wired via the network 500 (or directly). By providing the communication unit 102, the information processing apparatus 100 can acquire an application from the external server 300, for example, and can perform authentication-related communication with the authentication server 200 for executing the application. it can.
- the communication unit 102 may have a function of receiving an external operation signal transmitted from an external operation device such as a remote controller.
- the communication unit 102 serves as an indirect operation unit that transmits an operation signal based on an external operation signal in accordance with a user operation to the control unit 106.
- examples of the communication unit 102 include a communication antenna and an RF circuit (wireless communication), a LAN terminal and a transmission / reception circuit (wired communication), and the like.
- the storage unit 104 is a storage unit included in the information processing apparatus 100.
- examples of the storage unit 104 include a magnetic recording medium such as a hard disk, and a nonvolatile memory such as a flash memory.
- the storage unit 104 stores various data such as registered external storage device information (data), registered application information (data), authentication server information (data), and applications.
- FIG. 17 shows an example in which the registered external storage device information 140 and the registered application information 142 are stored in the storage unit 104.
- the control unit 106 includes, for example, an MPU or an integrated circuit in which various processing circuits are integrated, and serves to control the entire information processing apparatus 100.
- the control unit 106 also includes an acquisition unit 120, a registration determination unit 122, a first execution determination unit 124, a communication processing unit 126, a second execution determination unit 128, an execution processing unit 130, and a report information transmission process. Part 132.
- the control unit 106 plays a leading role in performing the processes (1) (acquisition process) to (5) (execution process) and (6) (report process).
- the acquisition unit 120 plays a role of performing the process (1) (acquisition process). More specifically, the acquisition unit 120 stores an application every time processing related to application execution is started based on an acquisition request from other software such as a user operation or an OS (Operating System). An application is acquired from the server 300.
- the registration determination unit 122 serves to perform the process (2) (registration determination process). More specifically, the registration determination unit 122 determines whether or not the external server 300 from which the application acquired by the acquisition unit 120 is acquired is a pre-registered external server (external storage device).
- the registration determination unit 122 can also determine whether the application acquired by the acquisition unit 120 is a registered application.
- the registration determination unit 122 transmits the determination result to the first execution determination unit 124, the communication processing unit 126, and the execution processing unit 130.
- the registration determination unit 122 can transmit the determination result to each unit each time a determination is made, but the method of transmitting the determination result in the registration determination unit 122 is not limited to the above.
- the registration determination unit 122 can select a transmission destination according to the determination result and transmit the determination result.
- the first execution determination unit 124 plays a role of performing the process (3) (first execution determination process). More specifically, the first execution determination unit 124 determines the application acquired by the acquisition unit 120 based on a user operation when the registration determination unit 122 determines that the acquisition-source external storage device is not registered. It is determined whether or not to execute. When the registration determination unit 122 determines that the application is registered, the first execution determination unit 124 can also perform determination based on a user operation when it is determined that the application is not registered. .
- the first execution determination unit 124 transmits the determination result to the communication processing unit 126 and the execution processing unit 130.
- the first execution determination unit 124 can transmit the determination result to each unit every time a determination is made, but the method of transmitting the determination result in the first execution determination unit 124 is not limited to the above.
- the first execution determination unit 124 can transmit a determination result by selecting a transmission destination according to the determination result.
- the communication processing unit 126 serves to perform the process (4-1) (communication process related to authentication for executing an application) of the process (4) (second execution determination process). More specifically, the communication processing unit 126 communicates with the authentication server 200 when the registration determination unit 122 determines that the application is registered or when the first execution determination unit 124 determines to execute the application. Communicates about authentication for executing applications.
- the communication processing unit 126 transmits the safety information acquired from the authentication server 200 via the communication unit 102 as a result of the processing (the authentication result transmitted from the authentication server 200) to the second execution determination unit 128.
- the second execution determination unit 128 plays a role of performing the process (4-2) (second execution determination process) of the process (4) (second execution determination process). More specifically, whether the second execution determination unit 128 executes the application acquired by the acquisition unit 120 based on the safety information (the authentication result transmitted from the authentication server 200) transmitted from the communication processing unit 126. Determine whether or not.
- the second execution determination unit 128 transmits the determination result to the execution processing unit 130.
- the execution processing unit 130 plays a role of performing the process (5) (execution process). More specifically, the execution processing unit 130 is acquired by the acquisition unit 120 when it is determined by the registration determination unit 122 to be registered or when it is determined to be executed by the second execution determination unit 128. Run applications selectively. The execution processing unit 130 does not execute the application acquired by the acquisition unit 120 when it is not determined to be executed by the first execution determination unit 124 or the second execution determination unit 128.
- the report information transmission processing unit 132 serves to perform the process (6) (report process). More specifically, the report information transmission processing unit 132 transmits report information to the authentication server 200 based on, for example, a user operation.
- the control unit 106 has the functions as described above, the acquisition unit 120, the registration determination unit 122, the first execution determination unit 124, the communication processing unit 126, the second execution determination unit 128, the execution processing unit 130, and the report.
- An information transmission processing unit 132 is provided. Therefore, the control unit 106 can play a leading role in performing the processes (1) (acquisition process) to (5) (execution process) and (6) (report process).
- the operation unit 108 is an operation means provided in the information processing apparatus 100 that enables an operation by a user.
- the information processing apparatus 100 includes the operation unit 108, so that, for example, download of an application desired to be executed, permission to selectively execute an application (first execution determination process), selective transmission of report information, and the like
- the processing desired by the user can be performed.
- examples of the operation unit 108 include a rotary selector such as a button, a direction key, and a jog dial, or a combination thereof.
- the display unit 110 is a display unit included in the information processing apparatus 100 and displays various information on the display screen. Examples of the screen displayed on the display screen of the display unit 110 include an execution confirmation screen as shown in FIG. 2, a report screen as shown in FIG. 3, and an operation for causing the information processing apparatus 100 to perform a desired operation. Screen.
- examples of the display unit 110 include an LCD and an organic EL display.
- the information processing apparatus 100 can also configure the display unit 110 with a touch screen. In the above case, the display unit 110 functions as an operation display unit capable of both user operation and display.
- the information processing apparatus 100 realizes the above-described processing (1) (acquisition processing) to processing (5) (execution processing) and processing (6) (report processing), for example, with the configuration shown in FIG. Therefore, the information processing apparatus 100 can improve the safety in executing the application software acquired and executed from the external device every time the execution of the application software is started.
- the information processing apparatus 100 performs the processing (acquisition processing) to (5) (execution processing) of the above (1), so An application is acquired from the apparatus, and the acquired application is selectively executed.
- the information processing apparatus 100 executes the application acquired when it is determined that the information is registered in the process (2) (registration determination process).
- registration determination process When the above determination result is obtained in the process (2), the acquired application is highly likely to be an application with no safety problem. Further, the information processing apparatus 100 executes the application acquired when it is determined to be executed in the process (4) (second execution determination process).
- the acquired application is an application that is permitted to execute the application in the authentication server 200, and therefore may be an application that does not have a safety problem. High nature.
- the information processing apparatus 100 executes the acquired application. Do not execute.
- the process (3) or the process (4) if it is not determined to be executed, there is a high possibility that the acquired application has a safety problem.
- the information processing apparatus 100 selectively executes the acquired application based on the determination results of the processes (2) (registration determination process) to (4) (second execution determination process). As a result, it is possible to selectively execute an application with no safety problem. Therefore, the information processing apparatus 100 can improve the safety in executing the application software acquired and executed from the external device every time the execution of the application software is started.
- the information processing apparatus 100 selectively transmits report information to the authentication server 200 by performing the process (report process) of (6) above.
- the authentication server 200 performs the process (4-1) (communication process related to authentication for executing an application) based on the report information transmitted from each of the information processing apparatuses 100 constituting the information processing system 1000.
- the database related to is updated. That is, when the information processing apparatus 100 transmits the report information, the authentication server 200 can improve the accuracy of the application authentication result. Further, by improving the accuracy of the application authentication result in the authentication server 200, the information processing apparatus 100 can more safely execute the application acquired from the external server 300. Therefore, the information processing apparatus 100 further improves the safety in the execution of the application software acquired and executed from the external device every time the execution of the application software is started by performing the process (report process) of (6). Can be made.
- the configuration of the information processing apparatus according to the embodiment of the present invention is not limited to the configuration shown in FIG.
- the information processing apparatus according to the embodiment of the present invention may be configured not to include the report information transmission processing unit 132 illustrated in FIG.
- the information processing apparatus according to the embodiment of the present invention can realize the above-described processing (1) (acquisition processing) to processing (execution processing) (5). Therefore, even in the above configuration, the information processing apparatus according to the embodiment of the present invention improves the safety in executing the application software acquired and executed from the external device every time the execution of the application software is started. be able to.
- the information processing apparatus 100 has been described as an element constituting the information processing system 1000 according to the embodiment of the present invention, but the embodiment of the present invention is not limited to such a form.
- Embodiments of the present invention include, for example, computers such as PCs and notebook PCs, portable communication devices such as mobile phones and PHS (Personal Handyphone System), video / music playback devices, game machines, LCDs, organic EL displays, etc.
- the present invention can be applied to various devices such as a display device and a television receiver capable of receiving digital broadcast / analog broadcast.
- the authentication server 200 has been described as an element constituting the information processing system 1000 according to the embodiment of the present invention, the embodiment of the present invention is not limited to such a form.
- the embodiment of the present invention can be applied to various devices such as a computer such as a PC or a server.
- the external server 300 has been described as an element constituting the information processing system 1000 according to the embodiment of the present invention, the embodiment of the present invention is not limited to such a form. Embodiments of the present invention can be applied to various devices such as computers such as PCs and servers.
- Program related to the information processing apparatus of the embodiment of the present invention Improving safety in execution of application software acquired and executed from an external device each time execution of application software is started by a program for causing a computer to function as an information processing apparatus according to an embodiment of the present invention Can do.
- the control unit 106 includes an acquisition unit 120, a registration determination unit 122, a first execution determination unit 124, a communication processing unit 126, a second execution determination unit 128, an execution processing unit 130, and
- the configuration including the report information transmission processing unit 132 has been shown, the configuration of the information processing apparatus according to the embodiment of the present invention is not limited to the above.
- the information processing apparatus according to the embodiment of the present invention includes an acquisition unit 120, a registration determination unit 122, a first execution determination unit 124, a communication processing unit 126, a second execution determination unit 128, and an execution processing unit 130 illustrated in FIG.
- the report information transmission processing unit 132 can be individually provided (for example, each can be realized by an individual processing circuit).
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Stored Programmes (AREA)
- Telephonic Communication Services (AREA)
- Storage Device Security (AREA)
Abstract
Description
1.本発明の実施形態に係るアプローチ
2.本発明の実施形態に係る情報処理装置
3.本発明の実施形態に係るプログラム
本発明の実施形態に係る情報処理装置の構成について説明する前に、本発明の実施形態に係る安全性向上アプローチについて説明する。
図1は、本発明の実施形態に係る情報処理システム1000の一例を示す説明図である。図1を参照すると、情報処理システム1000は、情報処理装置100と、認証サーバ200と、外部サーバ300A、300B、…(外部記憶装置。以下、総称して「外部サーバ300」とよぶ場合がある。)とを有し、各装置はネットワーク500を介して(あるいは、直接的に)接続される。
情報処理装置100は、外部サーバ300A、300B、…などの外部装置に記憶されたアプリケーションを、当該アプリケーションを実行するごとに取得する。そして、情報処理装置100は、後述する本発明の実施形態に係る安全性向上アプローチに係る処理を行うことによって、外部装置から取得したアプリケーションを選択的に実行する。より具体的には、情報処理装置100は、例えば、以下のような処理を行う。
・外部サーバ300A、300B、…などの外部装置からアプリケーションを取得する
・取得したアプリケーションを選択的に実行する(安全性向上アプローチに係る処理)
・必要に応じてサービスに関するデータを外部装置から取得する
・アプリケーションの実行が終了した後、当該アプリケーションを破棄する
認証サーバ200は、アプリケーションを実行するための認証に関する通信を情報処理装置100との間で行う。ここで、本発明の実施形態に係るアプリケーションを実行するための認証に関する通信とは、情報処理装置100が安全情報送信要求を送信し、認証サーバ200が安全情報を情報処理装置100へ送信する一連の通信(および通信処理)をいう。また、安全情報とは、例えば認証サーバ200においてアプリケーションの実行が許可されたか否かを示す情報であり、認証サーバ200における認証結果に相当する。
外部サーバ300は、情報処理装置100が実行可能なアプリケーションを記憶する。そして、外部サーバ300は、情報処理システム1000を構成する各情報処理装置100からの取得要求に応じて、記憶するアプリケーションを情報処理装置100へ送信する。
次に、本発明の実施形態に係る情報処理装置100における安全性向上アプローチに係る処理について説明する。
情報処理装置100は、実行を所望する外部サーバ300に記憶されたアプリケーションを、アプリケーションの実行を開始するごとに取得(例えば、ダウンロード)する。ここで、情報処理装置100は、例えば、ブラウザ(browser)や所定のアプリケーション取得画面におけるユーザ操作に基づいて、アプリケーションの取得要求を対応する外部サーバ300へ送信することによって、アプリケーションを取得するが、アプリケーションの取得方法は、上記に限られない。
上記(1)の処理によって実行対象のアプリケーションが取得されると、情報処理装置100は、当該アプリケーションの取得元の外部サーバ300が、予め登録された外部サーバ(外部記憶装置)であるか否かを判定する。
上記判定において登録されていると判定された場合の判定結果は、取得されたアプリケーションが、安全性が確認済みのアプリケーションを記憶している外部サーバ300から取得された安全性に問題がないアプリケーションであることを示している。よって、情報処理装置100は、登録判定処理において上記判定結果が得られた場合には、後述する(4)の処理(実行処理)において取得されたアプリケーションを実行する。
上記判定において登録されていると判定されない場合の判定結果は、取得されたアプリケーションが安全性が確認済みのアプリケーションを記憶している外部サーバ300から取得されたアプリケーションではないことを示している。よって、上記の判定結果が得られた場合には、情報処理装置100は、後述する(3)の処理(第1の実行判定処理)を行う。
例えば(1)の処理において取得元の外部サーバ300が登録されていると判定されない場合には、情報処理装置100は、ユーザ操作に基づいて取得されたアプリケーションを実行するか否かを判定する第1の実行判定処理を行う。
上記(3)の処理(第1の実行判定処理)において実行が許可されたと判定された場合、情報処理装置100は、例えば、以下の(4-1)の処理、(4-2)の処理を行う。
情報処理装置100は、認証サーバ200との間でアプリケーションを実行するための認証に関する通信を行う。より具体的には、情報処理装置100は、認証サーバ200へ安全情報取得要求を送信する。安全情報取得要求を送信することによって、情報処理装置100は、認証サーバ200から安全情報を取得することができる。ここで、情報処理装置100は、例えば、取得されたアプリケーションを特定するIDの情報や、当該アプリケーションの取得元を示すURIの情報などを含む安全情報取得要求を認証サーバ200へ送信するが、情報処理装置100が送信する安全情報取得要求は、上記に限られない。
情報処理装置100は、上記(4-1)の処理により認証サーバ200から取得された安全情報(認証結果)に基づいて、アプリケーションを実行するか否かを判定する。
情報処理装置100は、上記(2)の処理(登録判定処理)~(4)の処理(第2の実行判定処理)の各処理の判定結果に基づいて、取得されたアプリケーションを選択的に実行する。
上記(1)の処理(取得処理)~(5)の処理(実行処理)を行うことによって、情報処理装置100は、外部サーバ300(外部記憶装置)に記憶されたアプリケーションを、より安全に実行することができる。ここで、情報処理装置100は、外部サーバ300に記憶された安全性が確認されていないアプリケーションを、より安全に実行することができる。しかしながら、情報処理装置100が安全性が確認されていないアプリケーションを実行した場合、情報処理装置100において何らかの要因によってアプリケーションの実行に起因する不具合が生じる可能性は、0(ゼロ)とは言い切れない。
次に、情報処理装置100における安全性向上アプローチに係る処理について、より具体的に説明する。以下では、〔1〕(1)の処理(取得処理)~(5)の処理(実行処理)に係る処理と、〔2〕(6)の処理(報告処理)に係る処理とについてそれぞれ説明する。
図5は、本発明の実施形態に係る情報処理装置100における安全性向上アプローチに係る処理の一例を示す流れ図である。ここで、図5は、情報処理装置100における上記(1)の処理(取得処理)~(5)の処理(実行処理)に係る処理の一例を示している
図6は、本発明の実施形態に係る情報処理装置100における認証通信処理の一例を示す流れ図である。
図7は、本発明の実施形態に係る情報処理装置100における認証サーバのURI取得処理の一例を示す説明図である。
図8は、本発明の実施形態に係る情報処理装置100における安全情報取得処理の一例を示す説明図である。
図11は、本発明の実施形態に係る情報処理装置100における安全性向上アプローチに係る処理の一例を示す流れ図である。ここで、図11は、情報処理装置100における上記(6)の処理(報告処理)に係る処理の一例を示している
図12は、本発明の実施形態に係る情報処理装置100における報告情報の送信処理の一例を示す説明図である。
次に、上述した本発明の実施形態に係る安全性向上アプローチを実現することが可能な、本発明の実施形態に係る情報処理装置100の構成例について説明する。
図18は、本発明の実施形態に係る情報処理装置100のハードウェア構成の一例を示す説明図である。図18を参照すると、情報処理装置100は、例えば、MPU150と、ROM152と、RAM154と、記録媒体156と、入出力インタフェース158と、操作入力デバイス160と、表示デバイス162と、通信インタフェース164とを備える。また、情報処理装置100は、例えば、データの伝送路としてのバス166で各構成要素間を接続する。
なお、本発明の実施形態に係る情報処理装置の構成は、図17に示す構成に限られない。例えば、本発明の実施形態に係る情報処理装置は、図17に示す報告情報送信処理部132を備えない構成とすることもできる。上記の構成であっても、本発明の実施形態に係る情報処理装置は、上記(1)の処理(取得処理)~(5)の処理(実行処理)を実現することが可能である。したがって、上記の構成であっても、本発明の実施形態に係る情報処理装置は、アプリケーションソフトウェアの実行を開始するごとに外部装置から取得して実行されるアプリケーションソフトウェアの実行における安全性を向上させることができる。
コンピュータを、本発明の実施形態に係る情報処理装置として機能させるためのプログラムによって、アプリケーションソフトウェアの実行を開始するごとに外部装置から取得して実行されるアプリケーションソフトウェアの実行における安全性を向上させることができる。
102 通信部
104 記憶部
106 制御部
120 取得部
122 登録判定部
124 第1実行判定部
126 通信処理部
128 第2実行判定部
130 実行処理部
132 報告情報送信処理部
200 認証サーバ
300、300A、300B 外部サーバ
1000 情報処理システム
Claims (9)
- 外部装置と通信可能な通信部と;
アプリケーションソフトウェアの実行に係る処理を開始するごとに、アプリケーションソフトウェアを記憶する外部記憶装置から前記通信部を介して前記アプリケーションソフトウェアを取得する取得部と;
取得された前記アプリケーションソフトウェアの取得元の外部記憶装置が、予め登録された外部記憶装置であるか否かを判定する登録判定部と;
前記登録判定部において取得元の外部記憶装置が登録されていないと判定された場合に、ユーザ操作に基づいて取得された前記アプリケーションソフトウェアを実行するか否かを判定する第1実行判定部と;
前記第1実行判定部において実行すると判定された場合に、前記通信部を介して認証サーバと前記アプリケーションソフトウェアを実行するための認証に関する通信を行う通信処理部と;
前記認証サーバから送信された認証結果に基づいて、前記アプリケーションソフトウェアを実行するか否かを判定する第2実行判定部と;
前記登録判定部において登録されていると判定された場合、または、前記第2実行判定部において実行すると判定された場合に、取得された前記アプリケーションソフトウェアを選択的に実行する実行処理部と;
を備える、情報処理装置。 - 前記登録判定部は、取得元の外部記憶装置が登録されていないと判定した場合には、取得された前記アプリケーションソフトウェアが登録されたアプリケーションソフトウェアであるか否かをさらに判定し、
前記登録判定部においてアプリケーションソフトウェアが登録されていると判定された場合には、
前記第1実行判定部は、前記アプリケーションソフトウェアを実行するか否かを判定せず、
前記通信処理部は、前記認証サーバと前記認証に関する通信を行う、請求項1に記載の情報処理装置。 - 外部記憶装置を特定する情報が記録された登録外部記憶装置情報を記憶する記憶部をさらに備え、
前記登録判定部は、前記登録外部記憶装置情報と、取得されたアプリケーションソフトウェアに含まれる取得元の外部記憶装置を特定する情報とに基づいて、取得元の外部記憶装置が登録されているか否かの判定を行う、請求項1に記載の情報処理装置。 - 前記通信処理部は、
前記記憶部に記憶された登録外部記憶装置情報に基づいて、前記登録外部記憶装置情報に記録された外部記憶装置と前記通信部を介して通信を行い、
前記登録外部記憶装置情報に記録された外部記憶装置から取得された前記認証サーバを特定する情報が記録された認証サーバ情報に基づいて、前記認証サーバと通信を行う、請求項3に記載の情報処理装置。 - 前記通信処理部は、前記記憶部に前記認証サーバ情報が記憶されている場合には、前記記憶部に記憶された前記認証サーバ情報に基づいて、前記認証サーバと通信を行う、請求項4に記載の情報処理装置。
- 登録済みのアプリケーションソフトウェアを示す登録アプリケーション情報を記憶する記憶部をさらに備え、
前記登録判定部は、前記記憶部に記憶された登録アプリケーション情報に基づいて、取得された前記アプリケーションソフトウェアが登録されているかを判定する、請求項2に記載の情報処理装置。 - 前記実行処理部は、前記第1実行判定部または前記第2実行判定部において実行すると判定されない場合には、取得された前記アプリケーションソフトウェアを実行しない、請求項1に記載の情報処理装置。
- 実行された前記アプリケーションソフトウェアにおける安全性に係る問題を示す報告情報を前記認証サーバへ送信させる処理を行う報告情報送信処理部をさらに備える、請求項1に記載の情報処理装置。
- アプリケーションソフトウェアの実行に係る処理を開始するごとに、アプリケーションソフトウェアを記憶する外部記憶装置から前記アプリケーションソフトウェアを取得するステップと;
前記取得するステップにおいて取得された前記アプリケーションソフトウェアの取得元の外部記憶装置が、予め登録された外部記憶装置であるか否かを判定する登録判定ステップと;
前記登録判定ステップにおいて取得元の外部記憶装置が登録されていないと判定された場合に、ユーザ操作に基づいて取得された前記アプリケーションソフトウェアを実行するか否かを判定する第1の実行判定ステップと;
前記第1の実行判定ステップにおいて実行すると判定された場合に、認証サーバと前記アプリケーションソフトウェアを実行するための認証に関する通信を行うステップと;
前記認証サーバから送信された認証結果に基づいて、前記アプリケーションソフトウェアを実行するか否かを判定する第2の実行判定ステップと;
前記登録判定ステップにおいて登録されていると判定された場合、または、前記第2の実行判定ステップにおいて実行すると判定された場合に、取得された前記アプリケーションソフトウェアを選択的に実行するステップと;
を有する、実行制御方法。
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201080001086XA CN101952834B (zh) | 2009-04-07 | 2010-02-03 | 信息处理装置和执行控制方法 |
BRPI1001273-7A BRPI1001273A2 (pt) | 2009-04-07 | 2010-02-03 | aparelho de processamento de informação e método de controle de execução |
EP10761482.8A EP2287774B1 (en) | 2009-04-07 | 2010-02-03 | Information processing device and method of execution control |
US12/990,949 US8880590B2 (en) | 2009-04-07 | 2010-02-03 | Information processing apparatus and execution control method |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2009093411A JP5332838B2 (ja) | 2009-04-07 | 2009-04-07 | 情報処理装置、および実行制御方法 |
JP2009-093411 | 2009-04-07 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2010116780A1 true WO2010116780A1 (ja) | 2010-10-14 |
Family
ID=42936069
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2010/051484 WO2010116780A1 (ja) | 2009-04-07 | 2010-02-03 | 情報処理装置、および実行制御方法 |
Country Status (9)
Country | Link |
---|---|
US (1) | US8880590B2 (ja) |
EP (1) | EP2287774B1 (ja) |
JP (1) | JP5332838B2 (ja) |
KR (1) | KR101651694B1 (ja) |
CN (1) | CN101952834B (ja) |
BR (1) | BRPI1001273A2 (ja) |
RU (1) | RU2450351C1 (ja) |
TW (1) | TWI526933B (ja) |
WO (1) | WO2010116780A1 (ja) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP5622668B2 (ja) * | 2011-06-16 | 2014-11-12 | 株式会社エヌ・ティ・ティ・データ | アプリケーション認証システム、アプリケーション認証方法 |
KR101407069B1 (ko) * | 2012-10-09 | 2014-06-12 | 한국전자통신연구원 | Xml 문서 저작 방법 및 이를 수행하는 장치 |
US9727351B2 (en) | 2013-04-08 | 2017-08-08 | Xiaomi Inc. | Method and device for setting status of application |
JP6747290B2 (ja) * | 2014-07-15 | 2020-08-26 | ソニー株式会社 | 情報処理装置、状態制御装置、情報処理方法、状態制御方法、およびプログラム |
KR102431266B1 (ko) * | 2015-09-24 | 2022-08-11 | 삼성전자주식회사 | 통신 시스템에서 정보 보호 장치 및 방법 |
US20220131864A1 (en) * | 2020-10-28 | 2022-04-28 | Industrial Technology Research Institute | Method and system for establishing application whitelisting |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001117763A (ja) * | 1999-10-19 | 2001-04-27 | Nippon Steel Corp | ソフトウェア規模演算装置、ソフトウェア規模演算方法、及びコンピュータ読み取り可能な記録媒体 |
JP2002514326A (ja) * | 1996-11-08 | 2002-05-14 | フィンジャン ソフトウェア,リミテッド | 悪意のあるダウンローダブルからコンピュータおよびネットワークを保護するためのシステムおよび方法 |
JP2006092382A (ja) | 2004-09-27 | 2006-04-06 | Dainippon Printing Co Ltd | ソフトウェアのライセンス管理方法、システムおよびプログラム |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7117493B2 (en) * | 2001-03-28 | 2006-10-03 | Ricoh Company, Ltd. | Image formation system, software acquisition method, and computer product |
US7099663B2 (en) * | 2001-05-31 | 2006-08-29 | Qualcomm Inc. | Safe application distribution and execution in a wireless environment |
JP3975156B2 (ja) * | 2001-11-22 | 2007-09-12 | 株式会社エヌ・ティ・ティ・ドコモ | 認証システム及び認証方法 |
CA2412148C (en) * | 2001-11-22 | 2008-04-22 | Ntt Docomo, Inc. | Authentication system, mobile terminal, and authentication method |
US8549166B2 (en) * | 2004-03-01 | 2013-10-01 | Qualcomm Incorporated | Execution of unverified programs in a wireless, device operating environment |
JP4603807B2 (ja) * | 2004-03-10 | 2010-12-22 | 富士通株式会社 | 文字認識装置,文字認識方法,媒体処理方法,文字認識プログラムおよび文字認識プログラムを記録したコンピュータ読取可能な記録媒体 |
US20060130144A1 (en) * | 2004-12-14 | 2006-06-15 | Delta Insights, Llc | Protecting computing systems from unauthorized programs |
US7424745B2 (en) * | 2005-02-14 | 2008-09-09 | Lenovo (Singapore) Pte. Ltd. | Anti-virus fix for intermittently connected client computers |
ATE451657T1 (de) * | 2005-09-29 | 2009-12-15 | Research In Motion Ltd | System und verfahren zur registrierung von dateneinheiten für codesignierungs-diensten |
JP4391532B2 (ja) * | 2007-01-16 | 2009-12-24 | シャープ株式会社 | 制御装置、プログラム、コンピュータ読み取り可能な記録媒体、通信システム、および制御方法 |
-
2009
- 2009-04-07 JP JP2009093411A patent/JP5332838B2/ja active Active
-
2010
- 2010-02-03 RU RU2010145149/08A patent/RU2450351C1/ru active
- 2010-02-03 CN CN201080001086XA patent/CN101952834B/zh not_active Expired - Fee Related
- 2010-02-03 BR BRPI1001273-7A patent/BRPI1001273A2/pt not_active IP Right Cessation
- 2010-02-03 EP EP10761482.8A patent/EP2287774B1/en active Active
- 2010-02-03 KR KR1020107024887A patent/KR101651694B1/ko active IP Right Grant
- 2010-02-03 US US12/990,949 patent/US8880590B2/en active Active
- 2010-02-03 WO PCT/JP2010/051484 patent/WO2010116780A1/ja active Application Filing
- 2010-03-17 TW TW099107798A patent/TWI526933B/zh not_active IP Right Cessation
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2002514326A (ja) * | 1996-11-08 | 2002-05-14 | フィンジャン ソフトウェア,リミテッド | 悪意のあるダウンローダブルからコンピュータおよびネットワークを保護するためのシステムおよび方法 |
JP2001117763A (ja) * | 1999-10-19 | 2001-04-27 | Nippon Steel Corp | ソフトウェア規模演算装置、ソフトウェア規模演算方法、及びコンピュータ読み取り可能な記録媒体 |
JP2006092382A (ja) | 2004-09-27 | 2006-04-06 | Dainippon Printing Co Ltd | ソフトウェアのライセンス管理方法、システムおよびプログラム |
Non-Patent Citations (1)
Title |
---|
See also references of EP2287774A4 |
Also Published As
Publication number | Publication date |
---|---|
RU2450351C1 (ru) | 2012-05-10 |
EP2287774A1 (en) | 2011-02-23 |
BRPI1001273A2 (pt) | 2021-06-01 |
CN101952834A (zh) | 2011-01-19 |
TWI526933B (zh) | 2016-03-21 |
CN101952834B (zh) | 2013-03-13 |
EP2287774B1 (en) | 2021-09-08 |
TW201102927A (en) | 2011-01-16 |
KR20120003795A (ko) | 2012-01-11 |
US8880590B2 (en) | 2014-11-04 |
JP5332838B2 (ja) | 2013-11-06 |
US20110066680A1 (en) | 2011-03-17 |
KR101651694B1 (ko) | 2016-08-26 |
EP2287774A4 (en) | 2014-06-11 |
JP2010244366A (ja) | 2010-10-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5332838B2 (ja) | 情報処理装置、および実行制御方法 | |
EP4037343B1 (en) | Apparatus and method for promoting apps to smart devices | |
JP5680153B2 (ja) | 無線通信システム、ペアリング装置、複数の機器をペアリングするための方法および当該方法をコンピュータに実現させるためのプログラム | |
US10516774B2 (en) | Method for configuring a wireless device | |
JP4650547B2 (ja) | 情報処理装置、プログラム、および情報処理システム | |
JP5815924B2 (ja) | 情報処理システム、情報処理装置、および管理サーバ | |
US20100219976A1 (en) | Remote user interface system and method | |
US8943217B2 (en) | Systems and methods for operating an appliance control device for an appliance | |
CN102334344A (zh) | 处理应用程序的网络设备的架构及该网络设备的控制方法 | |
JP4605273B2 (ja) | 情報処理装置及び機能拡張方法 | |
JP2006318329A (ja) | 通信システム、通信方法、通信プログラムおよび記録媒体、遠隔制御装置、コマンドセット格納装置、ならびに、電子または電気機器 | |
JP2008040858A (ja) | 情報処理機器及び情報処理システム | |
KR20160014038A (ko) | 컴퓨팅 디바이스 사이에서의 디바이스 연관 데이터의 동기화 | |
JP6396663B2 (ja) | 中継装置、中継方法、および情報処理システム | |
US20130208109A1 (en) | Wireless security camera system | |
JP2014197361A (ja) | 画像処理装置、情報端末、プログラム及び連携表示システム | |
US20150019978A1 (en) | Information processing apparatus, information processing method, and program | |
US20170171198A1 (en) | Communication system and information processing method | |
JP2011130104A (ja) | 情報処理装置、表示制御方法、およびプログラム | |
JP2005032230A (ja) | 電子装置及びWebページ生成方法 | |
JP4990987B2 (ja) | 携帯機器を使った電子機器の設定管理システム、管理方法、サーバ、および携帯機器 | |
JP2015530038A (ja) | 物理オブジェクトと通信デバイスとの間の許可された通信を確立するための方法 | |
JP2014230064A (ja) | 通信システム、サーバ装置、通信方法、およびプログラム | |
WO2015125952A1 (ja) | 電子機器制御システム、電子機器制御システムの動作方法、サーバ、サーバの動作方法、コントローラ、コントローラの動作方法及びプログラム | |
JP2005229279A (ja) | 携帯端末装置、携帯端末装置の使用方法およびプログラム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 201080001086.X Country of ref document: CN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2010145149 Country of ref document: RU |
|
WWE | Wipo information: entry into national phase |
Ref document number: 12990949 Country of ref document: US Ref document number: 7165/CHENP/2010 Country of ref document: IN |
|
ENP | Entry into the national phase |
Ref document number: 20107024887 Country of ref document: KR Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2010761482 Country of ref document: EP |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 10761482 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: PI1001273 Country of ref document: BR Kind code of ref document: A2 Effective date: 20101104 |