WO2013150872A1 - 情報処理装置、情報処理方法およびコンピュータプログラム - Google Patents
情報処理装置、情報処理方法およびコンピュータプログラム Download PDFInfo
- Publication number
- WO2013150872A1 WO2013150872A1 PCT/JP2013/057132 JP2013057132W WO2013150872A1 WO 2013150872 A1 WO2013150872 A1 WO 2013150872A1 JP 2013057132 W JP2013057132 W JP 2013057132W WO 2013150872 A1 WO2013150872 A1 WO 2013150872A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- information processing
- communication channel
- communication
- code
- processing apparatus
- Prior art date
Links
- 230000010365 information processing Effects 0.000 title claims abstract description 153
- 238000004590 computer program Methods 0.000 title claims abstract description 40
- 238000003672 processing method Methods 0.000 title claims description 7
- 238000012545 processing Methods 0.000 claims abstract description 205
- 238000004891 communication Methods 0.000 claims abstract description 196
- 230000004044 response Effects 0.000 claims abstract description 22
- 230000006870 function Effects 0.000 claims description 144
- 238000000034 method Methods 0.000 claims description 31
- 230000008569 process Effects 0.000 claims description 16
- 230000008859 change Effects 0.000 claims description 15
- 238000006243 chemical reaction Methods 0.000 claims description 3
- 108091006146 Channels Proteins 0.000 description 162
- 238000013515 script Methods 0.000 description 65
- 238000010586 diagram Methods 0.000 description 15
- 238000004458 analytical method Methods 0.000 description 9
- 230000006399 behavior Effects 0.000 description 5
- 230000007704 transition Effects 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 4
- 238000012790 confirmation Methods 0.000 description 4
- 238000010276 construction Methods 0.000 description 4
- 238000011161 development Methods 0.000 description 4
- 238000011156 evaluation Methods 0.000 description 4
- 230000004913 activation Effects 0.000 description 3
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000012937 correction Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 239000010979 ruby Substances 0.000 description 2
- 229910001750 ruby Inorganic materials 0.000 description 2
- 238000013519 translation Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45504—Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
- G06F9/45508—Runtime interpretation or emulation, e g. emulator loops, bytecode interpretation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Definitions
- the present disclosure relates to an information processing apparatus, an information processing method, and a computer program.
- variable and function definition information is read when the program is executed, and the program is executed based on the read function definition and variable values.
- Software that interprets and executes such a procedural programming language reads an application program written in a procedural programming language every time it starts, and then inputs it according to the loaded application program Process data and output processing results.
- the conventional sequential execution type data processing module operates through a keyboard communication channel and a file system read / write channel, reads and executes a script program while switching channels according to commands, and opens a new communication channel if necessary.
- the script program was used from the communication channel.
- the present disclosure provides a new and improved information processing that establishes a communication channel with the outside, executes a processing request from the outside, and implements a sequential execution type data processing module that returns a result for each communication channel.
- An apparatus, an information processing method, and a computer program are provided.
- a program execution unit that reads, interprets, and executes a code of a computer program created in a first procedural language, the program execution unit communicates in response to an external communication connection request
- An information processing apparatus is provided that opens a channel and returns a result of a processing request sent from the outside to the opened communication channel for each communication channel.
- it further comprises reading, interpreting and executing the code of the computer program created in the first procedural language, and the executing the communication channel in response to a communication connection request from the outside
- An information processing method is provided that returns a result for a processing request sent from the outside to the opened communication channel for each communication channel.
- the computer is caused to read, interpret, and execute the code of the computer program created in the first procedural language, and the execution corresponds to a communication connection request from the outside.
- a computer program is provided that opens a communication channel and returns a result for a processing request sent from the outside to the opened communication channel for each communication channel.
- a sequential execution data processing module that establishes a communication channel with the outside, executes a processing request from the outside, and returns a result for each communication channel is realized.
- a new and improved information processing apparatus, information processing method, and computer program can be provided.
- FIG. 2 is an explanatory diagram illustrating a functional configuration of an information processing system 10 according to an embodiment of the present disclosure.
- FIG. It is explanatory drawing which shows the structural example of the computer program performed with the information processing apparatus 100 concerning one Embodiment of this invention. It is explanatory drawing which shows the structural example of the computer program performed with the information processing apparatus 100 concerning one Embodiment of this invention. It is explanatory drawing which shows the structural example of the computer program performed with the information processing apparatus 100 concerning one Embodiment of this invention. It is explanatory drawing which shows the structural example of the computer program performed with the information processing apparatus 100 concerning one Embodiment of this invention. It is explanatory drawing which shows the structural example of the computer program performed with the information processing apparatus 100 concerning one Embodiment of this invention.
- FIG. 6 is an explanatory diagram illustrating a correspondence relationship between the symbol illustrated in FIG. 2, the cons cell illustrated in FIG.
- FIG. 3 is an explanatory diagram showing a concept of a computer program executed by the information processing apparatuses 100 and 200 according to an embodiment of the present disclosure.
- 5 is a flowchart illustrating operations of the information processing apparatuses 100 and 200 according to an embodiment of the present disclosure. It is explanatory drawing which shows the production
- security may be maintained by keeping the code secret.
- many developers involved in changing the execution module will need to There was a problem of getting information about the function.
- script reading is realized by reading from a file recorded on the hard disk etc. provided in the system using a keyboard.
- script processing module that has the function of safely reading a script over a network and safely linking it with multiple data processing modules.
- the function of the sequential execution type data processing module is expanded to perform authentication processing between the modules while distributing the processing unit to a plurality of modules.
- a sequential execution type data processing module that can be executed with distributed responsibilities is shown.
- a sequential execution data processing module including a plurality of command input communication channels is shown. This sequential execution type data processing module is configured to hold a communication connection for each communication channel, process requests from each channel sequentially, and use the resulting internal state changes in other channels as well. It is.
- FIG. 1 is an explanatory diagram illustrating a functional configuration of an information processing system 10 according to an embodiment of the present disclosure.
- the functional configuration of the information processing system 10 according to the embodiment of the present disclosure will be described using FIG. 1.
- an information processing system 10 includes an information processing apparatus 100 that executes a program, a non-volatile random access memory (NVRAM) 150, an input unit 160, and a display unit. 170, an external storage device 180, and an interface (I / F) 190.
- NVRAM non-volatile random access memory
- I / F interface
- the information processing apparatus 100 is configured to be able to interpret and execute a procedural programming language. Examples of such a programming language include LISP, Scheme, Ruby, and Python.
- the information processing apparatus 100 includes a CPU (Central Processing Unit) 110, an encryption / decryption unit 120, a ROM 130, and a RAM 140.
- the CPU 110 controls the operation of the information processing apparatus 100, and can execute the operating system by executing a read command of operating system software recorded in the ROM 130 in advance.
- the CPU 110 can use the RAM 140 as a work area when executing the operating system.
- the operating system software recorded in the ROM 130 for example, the procedural programming language as described above can be interpreted and executed.
- the procedural program may be read from the external storage device 180 and executed.
- the program read from the ROM 130 of the information processing apparatus 100 stores a program to which a security function is added in addition to the basic function of the procedural programming language processed as an interpreter. Accordingly, when an application program is incorporated into the information processing apparatus 100, it is not necessary to compile in advance, and a security function is added, so that the information processing apparatus 100 itself that uses the application can be debugged. Therefore, the development step can be shortened, and the application program can be developed in a short period of time.
- the encryption / decryption unit 120 performs encryption processing on the input data using the specified key and outputs it, or outputs the specified key to the input encrypted data.
- the data is decoded and output.
- the source code is encrypted when the source code is stored in the external storage device 180, or the source code stored in the external storage device 180 in an encrypted state is decrypted.
- the key used by the encryption / decryption unit 120 for encryption and decryption of the source code is stored in the NVRAM 150.
- the input unit 160 is connected to the information processing apparatus 100 and receives a user input operation on the information processing apparatus 100.
- the input unit 160 may be configured with, for example, a keyboard, a mouse, a touch panel, and the like.
- the display unit 170 is connected to the information processing apparatus 100 and displays the information processing result in the CPU 110 of the information processing apparatus 100 based on the processing of the CPU 110.
- the display unit 170 may be composed of, for example, a liquid crystal display, an organic EL display, or other flat panel display devices.
- the external storage device 180 is connected to the information processing apparatus 100 and stores various data used in the information processing apparatus 100.
- the display unit 170 may be configured with, for example, a hard disk.
- the external storage device 180 includes a sequential execution type data processing module (also referred to as “list processing module”) that can interpret and execute a procedural programming language, and the sequential execution type data processing module. Stores source code to be read and executed. This source code is stored in an encrypted state by the encryption / decryption unit 120. By storing the source code in the external storage device 180 in a state encrypted by the encryption / decryption unit 120, it is possible to increase the confidentiality of the source code.
- list processing module also referred to as “list processing module”
- the interface 190 is an interface for connecting the information processing apparatus 100 to other apparatuses and devices, and is configured by, for example, a serial interface or a parallel interface.
- FIG. 1 illustrates a state in which the information processing apparatus 100 is connected to the IC card reader / writer 20 and the information processing apparatus 200 connected to the network 30 via the interface 190.
- the information processing apparatus 200 has the same configuration as that of the information processing apparatus 100 shown in FIG. 1, and the list processing module can read the source code and execute the script.
- the NVRAM 150, the input unit 160, and the display unit 170 are illustrated as being provided outside the information processing apparatus 100, but the present disclosure is not limited to such an example. Absent. That is, at least one of the NVRAM 150, the input unit 160, and the display unit 170 may have a configuration provided inside the information processing apparatus 100.
- the hardware configuration of the information processing apparatus 100 according to the embodiment of the present invention has been described above with reference to FIG. Next, the structure of a computer program executed by the information processing apparatus 100 shown in FIG. 1 will be described.
- FIGS. 1 to 5 are explanatory diagrams showing examples of the structure of a computer program executed by the information processing apparatus 100 according to the embodiment of the present invention.
- FIGS. 1 to 5 an example of the structure of a computer program executed by the information processing apparatus 100 according to the embodiment of the present invention will be described with reference to FIGS.
- FIG. 2 is an explanatory diagram showing a data structure called a symbol that can be defined by the list processing module.
- the symbol 400 that can be defined by the list processing module includes a name area 401, a variable definition area 402, a function definition area 403, and a security attribute area 404.
- the name area 401 indicates a printable character table.
- the name area 401 stores the variable name if the symbol defines a variable, and stores the function name if the symbol defines a function.
- the name area 401 is indicated by “pname”.
- the variable definition area 402 stores a value if the symbol defines a simple variable, and stores a value indicating the list if the symbol defines a list variable. In FIG. 2, the variable definition area 402 is indicated by “value”.
- the function definition area 403 stores the actual function.
- the function definition area 403 is indicated by “function”.
- the security attribute area 404 stores information related to the security attribute for the symbol.
- Security attributes include, for example, a variable read attribute, a variable change attribute, and a function execution attribute.
- the security attribute area 404 stores an access flag indicating an access right to the symbol and a value indicating a table storing an authentication key for accessing the symbol.
- FIG. 3 is an explanatory diagram showing a configuration example of the cons cell 410 for configuring the list structure.
- the cons cell 410 is an object composed of two pointers called a CAR slot 411 and a CDR slot 412 as shown in FIG.
- car0 to car9 are shown as the CAR slot 411
- cdr0 to cdr9 are shown as the CDR slot 412.
- the number of each slot is not limited to this example.
- FIG. 4 is an explanatory diagram showing a structure example of the name storage table 420 for storing names stored in the name area 401 of the symbol 400.
- the name storage table 420 shown in FIG. 4 stores names such as “eval”, “setq”, “cons”, “defun”, “osaifu”, and has a one-to-one correspondence with the actual symbols. is doing.
- Reference numeral 421 denotes an area where the name “eval” is stored
- reference numeral 422 denotes an area where the name “setq” is stored
- reference numeral 423 denotes an area where the name “cons” is stored
- reference numeral 424 denotes the name “ "defun” is stored in the area
- reference numeral 425 is an area in which the name "osaifu” is stored.
- FIG. 5 is an explanatory diagram showing an example of the structure of an authentication key table 430 that stores authentication keys.
- FIG. 5 shows a state where authentication keys are managed by version numbers (kv1 to kv5) in the authentication key table 430.
- Reference numeral 431 is an area in which the key “key1” is stored
- reference numeral 432 is an area in which the key “key2” is stored
- reference numeral 433 is an area in which the key “key3” is stored
- reference numeral 434 is the key “key”.
- “key4” is an area where the key “key5” is stored.
- FIG. 6 is an explanatory diagram showing a correspondence relationship between the symbol shown in FIG. 2, the cons cell shown in FIG. 3, the name storage table shown in FIG. 4, and the authentication key table shown in FIG.
- the symbol has an area indicating a printable name table, an area indicating a value or a list of values, a function attribute, and a security attribute.
- the function attribute has a pointer indicating the type of the function and the actual state of the function
- the security attribute has a security flag, a key version, and a pointer indicating the key. 6 illustrates a state in which the key “key1” indicated by reference numeral 431 and the key “key2” indicated by reference numeral 432 are used in the authentication key table 430 illustrated in FIG. 5.
- a pointer to a list that holds a numerical value or a numerical value, a pointer to a function if a function is defined, and a table that stores printable character strings. And a pointer to point to
- a pointer to a table holding security attributes and two types of encryption key information is added to the symbol.
- the pointer to one key points to the master key, and the pointer to the other key points to the access key (authentication key) of the symbol.
- the master key refers to a key that should be authenticated in advance by the mutual authentication function when changing the security attribute or access key of the symbol. If the security flag set for the symbol is set in the content evaluation, content change, or function execution of the information held in the symbol, it is necessary to authenticate with one key added to the symbol. It becomes.
- the other key indicates an authority authentication key for confirming the authority when the key of the symbol is changed. The change of the access information must be authenticated with the authority authentication key.
- Each pointer has a structure indicating a cons cell indicating a symbol or another symbol.
- the built-in function is written in the ROM 130, and the built-in function written in the ROM 130 is defined as a symbol created in the RAM 140 when the information processing apparatus 100 is first turned on. When the power is turned on thereafter, the already registered symbols are not initialized.
- the above configuration has a structure that functions in the same manner even when a new function is registered by the user.
- the list processing module executed by the CPU 110 has a configuration in which symbols can be freely registered and numerical values, lists, and functions can be freely registered in the symbols. In order to utilize the security function for the registered symbol, an encryption key and an access flag are registered for the symbol.
- an encryption key called a system key is first set. Only in the state of mutual authentication with the system key, a newly registered symbol can have its own key and access flag set.
- the computer program executed by the list processing module executed by the CPU 110 has a configuration in which the definition of variables and functions to be used can be changed only when the computer program is in a mode that is mutually authenticated with the system key. .
- the list processing module executed by the CPU 110 is required to be authenticated with all keys of symbols used in the function. After that, the list processing module has a structure in which the registered function is simply authenticated by the function execution key when using the registered function.
- the information processing apparatuses 100 and 200 according to the present embodiment extend not only the functions of the sequential execution type data processing module but also read and execute commands input from a keyboard through a single channel and scripts recorded in a file.
- the network has a configuration in which a plurality of network channels are opened and requests are sequentially processed while maintaining the channels. By having such a configuration, the information processing apparatuses 100 and 200 according to the present embodiment can dynamically change a function for processing a request from a certain channel or an internal holding variable according to a processing request from another channel.
- FIG. 7 is an explanatory diagram showing a concept of a computer program executed by the information processing apparatuses 100 and 200 according to the embodiment of the present disclosure.
- the concept of a computer program executed by the information processing apparatuses 100 and 200 according to an embodiment of the present disclosure will be described with reference to FIG.
- the sequential interpretation language has the Read Eval Print Loop (REPL) called TOP LEVEL as an interactive mode.
- REPL Read Eval Print Loop
- the function input by the information processing apparatus 100 outputs a script to the information processing apparatus 200, receives an evaluation (Eval) result in the information processing apparatus 200, and outputs it as a result of the information processing apparatus 100 ( Print). If the external device connected to the information processing apparatus 200 has been input in the same sequential interpretation language, the REPL is repeated.
- a sequential interpretation language function or definition variable has a structure having an access control flag as described above.
- a variable or function defined in an external device is read or a variable or function definition is changed.
- authentication is required.
- the variable or function defined in the script B stored in the information processing apparatus 200 is to be executed by the sequential interpretation function module of the information processing apparatus 100, the information processing apparatus 100 and the information processing apparatus 200 are processed. Requires mutual authentication. The reverse is also true.
- the information processing apparatuses 100 and 200 have authentication lists 114 and 214, respectively.
- the authentication lists 114 and 214 are provided for managing access to functions / variables having security attributes. As will be described later, the authentication lists 114 and 214 are held for each communication channel.
- the information processing apparatus 100 and the information processing apparatus 200 are assumed to have the same structure, and the communication I / F 1 has a local port and network communication port switching and authentication mode.
- Each of the information processing apparatuses 100 and 200 includes an input / output selector.
- the information processing apparatus 100 shows a state of being connected to a local port or another apparatus via a network by an input / output selector, and the information processing apparatus 200 is connected to the information processing apparatus 100 or another apparatus by an input / output selector. And a state connected to the network communication port.
- variable “osaifu” described above is a variable in which the balance of electronic money is stored. If a script in which the variable is defined is stored in, for example, the information storage device 200, the variable of the information processing device 100.
- the sequential interpretation functional module it is necessary to perform mutual authentication between the information processing apparatus 100 and the information processing apparatus 200, and it is not possible to refer from the sequential interpretation functional module of the information processing apparatus 100. Like that.
- the “osaifu” variable can be referred to from an external apparatus, as will be described later.
- the information processing apparatus 100 can also refer to the “osaifu” variable after performing mutual authentication with the external apparatus.
- the mode of the communication I / F 1 transitions from mode 0 to mode 1 when the function auth1 described later succeeds, and transitions from mode 1 to mode 2 when the function auth2 described later succeeds.
- the communication I / F 2 transitions from mode 0 to mode 1 when a function ex-auth1 described later succeeds, and transitions from mode 1 to mode 2 when a function ex-auth2 described later succeeds.
- the function ex-auth1 generates the function auth1 by EVAL
- the function ex-auth2 generates the function auth2 in the same manner and sends it to the network communication port via the communication I / F2.
- an encryption communication session is established with the communication I / F1 of the information processing apparatus 200.
- an encrypted communication session is established between the communication I / F 2 of the information processing apparatus 100 and the communication I / F 1 of the information processing apparatus 200, the transmitted text sent from the EVAL is encrypted, and the received text is decrypted.
- an encryption communication session is established with the communication I / F2 of the information processing apparatus 100.
- a state in which the communication I / F 1 is connected to the network as in the information processing apparatus 200 is referred to as a minion mode.
- a script is sent from a device in a normal mode (referred to as a normal mode) using a procedure function request, and a device in the normal mode can obtain a result from a device in the minion mode.
- a device in the minion mode can be connected from any device via a network, not a keyboard connected to the device. Therefore, the minion mode restricts the behavior of the procedure function on the sequential interpretation function module.
- the communication I / Fs 1 and 2 communicate in plain text when in the authentication modes 0 and 1, and when in the authentication mode 2, the random numbers obtained by mutual authentication are exchanged, one is a session key, and the other is Used for encrypted communication as an initial value.
- the authentication method uses the above-described configuration, and uses a method of simultaneously authenticating a plurality of symbols.
- the data structure defines a structure having, for example, 16 bytes as a block.
- the data input is expressed as “#_nnnn...” For Hexa input, for example, and as “# to nnnn.
- a 3-bit security flag is added to the symbol, and the functions of the functions eval, mod, and exe are limited by the security flag.
- the 16-byte block data described above is used as an authentication key, and pointer data to the authentication key is added to the symbol.
- each symbol in use / evaluation of a security-locked variable / function, each symbol must be in mode 2 by internal mutual authentication (auth1, auth2) or mode 1 by external authentication (ex-auth1). .
- the function restriction of the standard command is that global variables and functions used in functions defined by the define function can only be executed if they are defined and necessary authentication has been performed. In addition, when using functions / variables for security-locked arguments, the variables cannot be used unless they have been authenticated. In the case of via network communication, it is assumed that the mode of the communication I / F 1 must be mode 2 in order to use the define function in Top Level. Functions / variables for which security flags are set cannot be used unless they are authenticated during execution / evaluation. In the present embodiment, function commands related to script execution between devices are defined as follows, for example. Of course, it goes without saying that the names and functions of the commands are not limited to those shown below.
- a security attribute is added to the symbol
- auth1 an authentication key attached to the symbol
- a message code using a random number Auth2 to authenticate using:
- Ex-auth1 auth1 function for exchanging data again based on the data exchanged by auth1 and generating mutual authentication, sending to minion mode device, receiving / analyzing the result and holding it internally
- Ex-auth2 Uses the contents received and analyzed with the ex-auth1 command, further generates m4, incorporates it into the auth2 command, and sends it to the minion mode device.
- Backup Reads defined variables, functions, and security attributes , Write to initialization file
- the function restriction of the function is that the use of the above functions ex-auth 1 and 2 requires authentication with the system key in the minion mode. In the normal mode, it is assumed that no authentication is required when the functions ex-auth 1 and 2 are used. By restricting the use of the functions ex-auth 1 and 2 in this way, it is possible to prevent authentication using a key set from outside via the network.
- the use of the function load requires authentication with the system key in the minion mode. In the normal mode, it is assumed that authentication is not required when the function load is used. By restricting the use of the function “load” in this way, it is possible to prevent it from being changed by another initialization file from the outside via the network.
- the use of the function backup requires authentication with a system key in the minion mode. By limiting the use of the function backup in this way, it is possible to prevent remote backup without permission.
- the file usage restriction is that the initialization file read by the function load is kept locked while the list processing module is running. As a result, it is possible to prevent contention from competing when the same initialization file is read from a plurality of modules and changed.
- One method in the case of using a function or variable incorporated in a sequential execution data processing module executed by the information processing apparatuses 100 and 200 according to an embodiment of the present disclosure as a processing request from another communication channel is as follows: This is a method of reconfiguring a communication channel after closing the channel once in advance. However, when this method is adopted, it is necessary to create a program for closing the channel and opening a new communication channel, and the procedure becomes complicated. In the following, the operation of a sequential execution type data processing module that opens a communication channel and processes sequential requests while maintaining the channel will be described.
- FIG. 8 is a flowchart showing operations of the information processing apparatuses 100 and 200 according to the embodiment of the present disclosure.
- the flowchart shown in FIG. 8 shows an operation when a communication connection request is received from another sequential execution type data processing module during execution of the sequential execution type data processing module.
- the operations of the information processing apparatuses 100 and 200 according to an embodiment of the present disclosure will be described with reference to FIG.
- the sequential execution type data processing module operation in the case where there is a communication connection request from the information processing apparatus 200 to the sequential execution type data processing module executed by the information processing apparatus 100 will be exemplified.
- the information processing apparatus 100 activates the sequential execution type data processing module, it opens a keyboard input communication request reception channel and waits until an input flag is set.
- the sequential execution type data processing module periodically checks whether there is a communication connection request from another device (information processing device 200) during execution (step S101).
- the sequential execution data processing module executed by the information processing apparatus 100 repeats the confirmation in step S101 until there is a communication connection request from another apparatus (information processing apparatus 200), and communicates from the other apparatus (information processing apparatus 200).
- the sequential execution type data processing module that is subsequently executed by the information processing apparatus 100 determines whether or not a communication channel has been opened in the sequential execution type data processing module (step S102).
- step S102 the sequential execution type data processing module executed by the information processing apparatus 100 is the communication channel with the information processing apparatus 200. Is set as the current use channel (step S103).
- the sequential execution type data processing module executed by the information processing apparatus 100 prepares an input / output port of a sequence register used for each communication channel.
- the sequential execution data processing module establishes a communication channel with the information processing apparatus 200, the sequential execution data processing module once returns to step S101.
- step S102 determines whether or not there is an input from the keyboard (step S104).
- step S104 If there is an input from the keyboard constituting the input unit 160 as a result of the determination in step S104, the sequential execution type data processing module executed by the information processing apparatus 100 sets the keyboard channel, the display channel, and the current usage channel. (Step S105).
- step S104 if there is no input from the keyboard constituting the input unit 160, the sequential execution type data processing module that is subsequently executed by the information processing apparatus 100 performs the following for all established communication channels. It is determined whether there is an input (step S106).
- the sequential execution type data processing module If there is no input from the established communication channel, the sequential execution type data processing module once returns to the processing of step S101 and enters a waiting state. On the other hand, if there is an input from the established communication channel, the sequential execution data processing module executed by the information processing apparatus 100 establishes a communication channel (request channel) established for the information processing apparatus 200 that has requested communication connection. Is set to the current use channel (step S107). When there is a communication request, the sequential execution data processing module executed by the information processing apparatus 100 sets information indicating that the communication request has been made in an appropriate register (communication channel register) of the corresponding channel, Set a flag that means there is input.
- step S105 When the current use channel is set in step S105 or step S107, the sequential execution data processing module executed by the information processing apparatus 100 reads and processes data from the set current use channel IO (step S108). ). If a flag indicating that there is an input is set, the sequential execution data processing module stores the current sequence register in the current communication channel register, and sets the corresponding communication channel register in the sequence register. To proceed. Then, the sequential execution data processing module transmits the processing result via the corresponding communication channel, and returns to the communication waiting state in step S101.
- sequence registers included in the sequential execution type data processing module will be described. Examples of what the sequence register holds include an input / output port, a script code, an internal expression format of the script, stack information, and a calculation result.
- the sequential execution type data processing module holds such information for each channel, confirms a processing request from another channel by waiting for input or an internal switching instruction, and switches to the other channel that transmitted the processing request. have.
- the processing of the input script expression by the sequential execution type data processing module will be described.
- the script expression is processed in the sequence of each communication channel, but the function / variable defined by the execution by the expression is set in a common storage area. Functions and variables set in the common storage area can be used from any communication channel script expression.
- the sequential execution type data processing module provides a function of analyzing and reconfiguring a plurality of different script languages.
- the sequential execution type data processing module according to this embodiment is switched by the first common language switching script expression, and after switching, the result output is also output according to the language after the switching.
- FIG. 9 is an explanatory diagram showing a communication channel generation process by a mutual cooperation declaration and an external connection request process by a sequential execution type data processing module.
- the sequential execution type data processing module executes REPoop that accepts keyboard input and returns a result. Then, as shown in the center of FIG. 9, the sequential execution type data processing module executes a command for accepting a socket connection request from another device based on a keyboard input.
- a command for accepting a socket connection request from another device and cooperating with each other is defined as “interactor”, and the command for cooperating with each other accepts a socket connection request from another device.
- a port number is specified. In the example shown in FIG. 9, the port number 9999 is set as a port that accepts socket connection requests from other devices.
- the sequential execution type data processing module executes a connection request process and an input confirmation loop. This corresponds to the processing from step S101 to step S106 in the flowchart shown in FIG. Even after executing an instruction for mutual cooperation with another device, the sequential execution data processing module can execute REPoop that accepts keyboard input from its own device and returns the result.
- the sequential execution type data processing module when a socket connection request is transmitted from another device, as shown on the right side of FIG. 9, the sequential execution type data processing module generates a new REPloop and uses it as an input / output for the connection from the other device.
- the port number of the allocated socket is notified, and communication is waited at that socket.
- a socket connection request command from another device is defined as “connect”, and the IP address and port number of the information processing device 100 are specified as arguments.
- the sequential execution type data processing module can generate a plurality of REP Loops, and if each module declares mutual cooperation, each module can generate a communication channel with each other. From the standpoint, it is possible to define variables and functions using scripts, and to manipulate variables and functions.
- the sequential execution type data processing module can generate a plurality of REPloops, a new internal processing channel can be generated and processing can be entrusted to that channel.
- the sequential execution type data processing module receives a script expression via the processing channel, and returns a response indicating that the script expression has been received to the transmission source without waiting for the processing result of the script expression.
- Script processing is executed in a new sequence, and the result is stored in the module. Then, when a result request is received from the transmission source of the script expression, the stored processing result is returned.
- FIG. 10 is an explanatory diagram showing an example of a change in the internal state of the sequential execution type data processing module due to a plurality of REPloops.
- the sequential execution type data processing module executes REPLoop that accepts keyboard input and returns a result.
- the sequential execution data processing module interprets a channel generation request from the inside and generates an internal input / output port and a new processing channel.
- an instruction for generating a new processing channel is defined as “say”. In the example illustrated in FIG. 10, a case is shown in which the addition processing of (1 + 2) is performed on a new processing channel.
- connection request processing and the input confirmation loop of the sequential execution data processing module request a new processing channel to evaluate the expression given by the instruction “say”. Further, the sequential execution type data processing module notifies the number of the generated new processing channel to the channel that issued the instruction “say”.
- the processing is performed from the processing channel of the request destination.
- the result can be obtained.
- the instruction for obtaining the processing result is defined as “check”, and the channel number that requested the processing is specified as an argument.
- the instruction “check” for acquiring the processing result is executed, “3” is returned as a result.
- the request source device performs processing from the request source device. It may be.
- FIG. 11 is an explanatory diagram showing a structure example of mutual cooperation in the sequential execution type data processing module executed by the information processing apparatus 100 according to the present embodiment.
- FIG. 11 shows a program memory 131 for storing a program, a cell object memory 141 for storing variables, and a work memory 142 for temporarily storing data.
- the communication connection request receiving unit 111 receives the communication connection request and returns the set input / output channel number.
- the information processing apparatus 100 has a sequence register 113, initializes a script language in the analysis / reconstruction unit 115, starts a program sequence linked to a channel number, and enters a reception waiting state.
- the analysis / reconstruction unit 115 has a plurality of syntax analysis functions and a syntax reconstruction function for interpreting and reconstructing a plurality of languages.
- the internal representation of the function / variable definition is one optimal method, and one channel can be read by a script language A and the other channels can be read and processed by another script language B. Can communicate with several different scripting languages.
- the information processing apparatus 100 includes the analysis / reconstruction unit 115, so that a translation act such as sending a script to another module in the script language B according to an instruction from the script language A is possible.
- the analysis / reconstruction unit 115 performs conversion between the symbol name in the device itself and the symbol name in the outside by interpreting the context of the script. For example, in the script language A, when a certain first instruction and another second instruction are used as a set, the analysis / reconstruction unit 115 performs the conversion from the script language A to the script language B. When the first instruction and the second instruction appear in the script, the context is interpreted and converted into an appropriate instruction in the script language B.
- the input / output selector 112 switches the input to the communication port.
- the sequence corresponding to the input channel is released from the waiting state, and processing based on the input data is executed.
- the analysis / reconstruction unit 115 of the corresponding input / output channel is switched to the corresponding language, but the internal format holding the function / variable is not changed.
- access to functions / variables having security attributes is managed based on the authentication list 114 held for each communication channel.
- the authentication list 114 stores that authentication keys used for accessing functions / variables are authenticated with a sequential execution data processing module executed by another device.
- the information processing apparatus 100 can establish a secure session for each channel and sequentially accept scripts while maintaining the secure session as it is.
- the communication port established by an external request stops waiting for input when one process is completed, but includes a code that communicates with an external device in the program sequence.
- a communication connection request is transmitted to a target device through a communication line, a communication channel number is acquired, and communication with the target device is established. If the other party communicating with this communication line has the same configuration as that of the information processing apparatus 100, the processing request can be achieved by sending a script expression from the information processing apparatus 100.
- the sequential execution data processing module newly incorporates “say”, “check”, and “break” as the definition of the script expression.
- “Say” is an expression that returns a reply without finishing the subsequent message processing. The message processing then continues on the communication channel established inside, and the communication channel holds the message processing result.
- “Check” is an expression that captures the processing result executed by “say”. “Break” is used for forced termination when the processing executed by “say” does not end.
- the name of the formula for realizing the above-described processing is not limited to such an example.
- FIG. 12 is an explanatory diagram showing the concept of distributed processing by the sequential execution type data processing module according to the present embodiment.
- “Master IA” shown in FIG. 12 is, for example, an apparatus that is a source of a system, and includes a sequential execution type data processing module according to the present embodiment, and is mutually linked with a predetermined communication address and port number. Start the declaration.
- IA-1” to “IA-7” are devices that are directly or indirectly connected to “Master IA”, and incorporate a sequential execution type data processing module according to the present embodiment.
- “IA-1” to “IA-7” register their own communication address and port number in “Master IA” when the sequential execution type data processing module is activated, and there are other devices already activated Confirm.
- FIG. 12 illustrates a state in which “IA-1” to “IA-7” perform activation registration and confirmation of the existence of a communication partner with respect to “Master IA”.
- IA-1” to “IA-7” confirm the activation of the sequential execution type data processing module of another activated device, and if that device is the intended partner, obtained from “Master IA”
- a communication connection request is sent using the address to establish a communication line.
- “IA-1” registers its own communication address and port number in “Master IA” and confirms the activation of the sequential execution type data processing module of “IA-4”.
- the communication connection request is sent to “-4”.
- IA-4” receives a communication connection request from “IA-1”, opens a port for communication from “IA-1”, and receives a command from “IA-1”. Wait for.
- a display and a keyboard are connected to “IA-1”, and a state in which the display and the keyboard are not connected is illustrated in “IA-4”.
- IA-4 In a state where communication between “IA-1” and “IA-4” is established, a command is input from a keyboard connected to “IA-1”, and “IA-4” sequential execution type data processing is performed. When the module is processed, the result is displayed on the display connected to “IA-1”. Therefore, here, “IA-4” is a server and “IA-1” is a client.
- the sequential execution type data processing module is incorporated in each device, and when a new device is connected, the presence of the device is communicated, and The network can be optimized by exchanging procedures to communicate with the device.
- the function of the device and the procedure for using the function can be transmitted to other devices, enabling seamless connection.
- the server functions can be changed by notification from that server. Can be used to build a mechanism for autonomous recovery by switching to another server or changing the network connection route.
- script module having a different language, characteristics, or function
- a language interpretation module analysis / reconstruction unit 115
- Script commands can be sent and used as a script translator.
- each module in a social backbone device that requires high reliability and continuity of operation, and the load status of each module is checked from the master module that collects the modules. It is possible to easily change the connection routing and make it operate optimally even during operation.
- an operation log collection module can be further set for each module to monitor internal changes in each module, detect faulty modules, notify the master module, and make corrections during operation. It is possible to perform load adjustment, fault detection, and defect correction without stopping the system.
- the sequential execution type data processing module main body issues further requests to other similar modules while answering different requests from a plurality of similar modules.
- a configuration that can build a network between each other could not be realized.
- a data processing module has been devised that accepts a script expression via a communication channel other than keyboard input and returns the processing result via the accepting communication channel.
- all modules are in a wait state until the last module finishes processing and returns a response, and processing cannot be performed independently. It was.
- the conventional sequential execution type data processing module is defined by a dedicated script language, and cannot directly communicate with other script languages using a script input communication channel. It was necessary to go through script translation software.
- a sequential execution data processing module with a security function must re-authenticate the required object every time the channel is switched, while maintaining one channel as a secure encrypted communication session from another module. Can not answer the new request. Due to such restrictions, for example, there is an inconvenience that it is not possible to simultaneously establish a session for executing payment through another channel while maintaining a session for charging electronic money with an electronic money server or the like.
- the sequential execution type data processing module extends the function of the conventional sequential execution type data processing module, and not only reads and executes a script of a keyboard or a file through a single channel, but also a plurality of A network channel is opened and requests can be processed sequentially while maintaining the channel.
- the information processing apparatus including the sequential execution type data processing module according to the present embodiment has such a configuration, so that a function for processing a request from a certain channel or an internal holding variable can be changed according to a processing request from another channel. Dynamic change is possible.
- a configuration for example, charging and payment of electronic money and writing and erasing log data, energy supply and consumption management of smart grid meters, car rental time and elapsed time, service ticket purchase and use, etc. , Work with different authority can be processed via another channel.
- the security function is incorporated in the sequential execution type data processing module according to the present embodiment, it is possible to establish a secure session for each channel and sequentially accept scripts while maintaining the secure session. Therefore, for example, a payment request and a charge request can be securely processed for the same electronic money holding variable from a large number of terminals such as an electronic money server.
- the processing request destination is kept waiting until the processing result of the input expression is obtained and the result is transmitted via the communication channel requested to be processed.
- the message transmission function of the sequential execution type data processing module according to the present embodiment can move to the next process when it can be confirmed that the message has been sent to the other side, it can immediately move to the next process. Become. Then, a new message can be received from the other party via another communication channel, and equal message communication that is not a command response system can be performed.
- the sequential execution type data processing module has a plurality of syntax analysis functions and a syntax reconfiguration function for interpreting and reconstructing a plurality of languages, and an internal representation of function / variable definitions is an optimal method. Since one channel can be read by a script language A and another channel can be read and processed by another script language B, communication with a plurality of different script languages is possible. In addition, a translation act such as sending a script to another module in the script language B according to an instruction from the script language A becomes possible.
- Authenticating action is always required when using security-set variables and functions defined in the sequential execution data processing module according to this embodiment.
- the authentication list is managed for each channel for authentication from multiple channels, so variables and functions authenticated on other channels are not used accidentally, and variables and functions are used safely. can do.
- a function or variable of the sequential execution type data processing module can use a processing request through one communication channel by external authentication through the external communication channel, the request is issued. Because it is linked to the communication channel, it is protected from requests through unauthorized communication channels, and variables and functions can be used safely.
- the application example of the sequential execution data processing module executed by the information processing apparatus 100 according to the embodiment of the present disclosure is not limited to the above-described example.
- the same operation can be realized by incorporating sequential execution type data processing modules in different areas (different directories, different folders, etc.) in the same device.
- a storage medium that stores a sequential execution type data processing module that is executed by the information processing apparatus 100 according to an embodiment of the present disclosure can also be realized.
- this technique can also take the following structures.
- the program execution unit is An information processing apparatus that opens a communication channel in response to a communication connection request from the outside, and returns a result for a processing request sent from the outside to the opened communication channel for each communication channel.
- the program execution unit can change sharable variables and functions according to processing requests sent from the outside to each of the communication channels, and change the results of the variables and the functions according to other communication channels.
- the information processing apparatus according to (1) which is also reflected in a processing request that uses the same variable and function.
- the said program execution part reads the code
- the program execution unit receives a code via the established communication channel, and returns a response indicating that the code has been received without waiting for a processing result from the communication channel, (1) to (4) The information processing apparatus according to any one of the above.
- the program execution unit generates a new sequence, processes the received code, holds the processing result of the code, and returns the processing result when a result request is received from the communication channel that has received the code.
- the information processing apparatus according to (5).
- the program execution unit restricts the reference of variables used in the code and the execution of functions after authentication, and is provided for each communication channel established in response to an external communication connection request.
- the information processing apparatus according to any one of (1) to (6), wherein authentication is performed with reference to FIG.
- the program execution unit includes a communication unit that communicates with other program execution units, The program execution unit has an authentication key for issuing a connection request from the communication unit to the other program execution unit to open a communication channel, and authenticating execution of the code variable or function, and the other program execution unit
- the information processing apparatus according to any one of (1) to (7), wherein authentication information stored between authentication keys for authenticating execution of the code variables and functions is stored.
- the program execution unit cooperates with the communication channel established in response to a communication connection request from the outside, and converts between a symbol name in its own device and an external symbol name by interpreting a code context.
- the information processing apparatus according to any one of (1) to (8), wherein: (10) A program execution step of reading, interpreting and executing the code of the computer program created in the first procedural language;
- the program execution step includes: An information processing method for establishing a communication channel in response to an external communication connection request and returning a result for a processing request sent from the outside to the established communication channel for each communication channel.
- the program execution step includes: A computer program that opens a communication channel in response to a communication connection request from the outside and returns a result for a processing request sent from the outside to the opened communication channel for each communication channel.
- the program execution step includes: A storage medium storing a computer program for establishing a communication channel in response to a communication connection request from the outside and returning a result for a processing request sent from the outside to the established communication channel for each communication channel.
- Information processing device 110 CPU 120 Encryption / decryption unit 130 ROM 140 RAM 150 NVRAM 160 Input unit 170 Display unit
Abstract
Description
<1.従来技術とその問題点>
<2.本開示の一実施形態>
[情報処理システムの機能構成]
<3.まとめ>
まず、本開示の好適な実施の形態について詳細に説明する前に、本開示の従来技術とその問題点について説明する。上述したように、従来のコンピュータシステムの構築においては、要求仕様から機能モジュールをその目的毎に分解し、そのモジュールの制御命令や通信手段も最初から定義しておき、コンパイラを用いてコンパイルすることで、システムの構築を実現している。機能モジュールの開発においては、その機能モジュールの振る舞いを最初から機能モジュールにプログラミングコードを用いて記述し、または、既に記述されたコードを利用して、コンパイルし、リンクし、デバッグするという手順を踏んでシステムに組み込んでいた。
[情報処理システムの機能構成]
まず、本開示の一実施形態にかかる情報処理システムの機能構成について説明する。図1は、本開示の一実施形態にかかる情報処理システム10の機能構成を示す説明図である。以下、図1を用いて本開示の一実施形態にかかる情報処理システム10の機能構成について説明する。
図2~図5は、本発明の一実施形態にかかる情報処理装置100で実行される、コンピュータプログラムの構造例を示す説明図である。以下、図2~図5を用いて、本発明の一実施形態にかかる情報処理装置100で実行される、コンピュータプログラムの構造例について説明する。
本実施形態では、装置間でのスクリプトの実行に関する機能コマンドは、例えば以下のように定義する。もちろん、コマンドの名称や機能は以下で示したものに限定されないことは言うまでもない。
undef:define関数で定義した関数・変数を削除する
start-minion:特定のネットアドレスのポートのソケットを、スクリプトのRead入力及びPrint出力として接続する
conn-minion:特定のネットアドレスのポートを、他の機器の通信ソケットに接続する
request:minionモードの機器にスクリプトを送信し、その結果を受信する
setsym:シンボルにセキュリティ属性を付加する
auth1:シンボルに付属する認証鍵と、乱数によるメッセージコードとを用いて認証する
auth2:auth1で交換したデータを基に再度データ交換し相互認証する
ex-auth1:auth1関数を生成し、minionモードの機器に送信し、その結果を受信・解析して内部で保持する
ex-auth2:ex-auth1コマンドで受信し解析した内容を利用し、更にm4を生成してauth2コマンドに組み込み、minionモードの機器に送信する
backup:読み込み定義された変数・関数・セキュリティ属性を、初期化ファイルとしてファイルに書き出す
逐次実行型データ処理モジュールに組み込まれた関数や変数を、他の通信チャネルから処理要求として利用する場合に、予めチャネルを一旦クローズし、新たに通信チャネルを再構成する方法がある。しかしこの方法では、他の通信チャネルから処理要求が来た場合に、開設中のチャネルのクローズとチャネルの再開設の必要があり、処理が煩雑なものとなる。またそのような構造では、ある通信チャネルからの処理要求に答え、関数及び変数定義や、関数の実行を行いながら、他の通信チャネルから、その処理プログラムが使用する変数の値を変える要求や、利用される関数の一部を変更するなどの要求を、動的に実現することは出来なかった。
(1)
第1の手続き型言語により作成されたコンピュータプログラムのコードを読み込み、解釈して実行するプログラム実行部を備え、
前記プログラム実行部は、
外部からの通信接続要求に応じて通信チャネルを開設し、開設した前記通信チャネルに対して外部から送られてくる処理要求に対する結果を前記通信チャネル毎に返す、情報処理装置。
(2)
前記プログラム実行部は、共有可能な変数及び関数を、各前記通信チャネルに対して外部から送られてくる処理要求によって変更可能とし、前記変数及び前記関数への変更結果を、他の通信チャネルによる同一の変数及び関数を利用する処理要求にも反映する、前記(1)に記載の情報処理装置。
(3)
前記プログラム実行部は、前記第1の手続き型言語とは異なる第2の手続き型言語により作成されたコンピュータプログラムのコードを読み込み、解釈して実行する、前記(1)または(2)に記載の情報処理装置。
(4)
前記プログラム実行部は、開設された前記通信チャネルで入力されたコードを解釈し、前記第2の手続き型言語に再構成して送信する、前記(3)に記載の情報処理装置。
(5)
前記プログラム実行部は、開設された前記通信チャネルを介してコードを受け付け、処理結果を待たずに該コードを受け付けたことを意味する返答を前記通信チャネルから返す、前記(1)~(4)のいずれかに記載の情報処理装置。
(6)
前記プログラム実行部は、新たなシーケンスを生成して受け付けた前記コードを処理して該コードの処理結果を保持し、コードを受け付けた前記通信チャネルから結果要求が来た時に前記処理結果を返す、前記(5)に記載の情報処理装置。
(7)
前記プログラム実行部は、前記コードで用いられる変数の参照及び関数の実行を、認証を経てから行うよう制限し、外部からの通信接続要求に応じて開設される前記通信チャネル毎に設けられる認証リストを参照して認証する、前記(1)~(6)のいずれかに記載の情報処理装置。
(8)
前記プログラム実行部は、他のプログラム実行部と通信する通信部を備え、
前記プログラム実行部は、前記通信部から前記他のプログラム実行部に接続要求を出して通信チャネルを開設させ、前記コードの変数や関数の実行を認証する認証鍵と前記他のプログラム実行部が持つ前記コードの変数や関数の実行を認証する認証鍵の間で認証したことを記憶する、前記(1)~(7)のいずれかに記載の情報処理装置。
(9)
前記プログラム実行部は、外部からの通信接続要求に応じて開設された前記通信チャネルに連携し、コードの文脈を解釈することによって自装置でのシンボル名と外部でのシンボル名との間の変換を行う、前記(1)~(8)のいずれかに記載の情報処理装置。
(10)
第1の手続き型言語により作成されたコンピュータプログラムのコードを読み込み、解釈して実行するプログラム実行ステップを備え、
前記プログラム実行ステップは、
外部からの通信接続要求に応じて通信チャネルを開設し、開設した前記通信チャネルに対して外部から送られてくる処理要求に対する結果を前記通信チャネル毎に返す、情報処理方法。
(11)
コンピュータに、
第1の手続き型言語により作成されたコンピュータプログラムのコードを読み込み、解釈して実行するプログラム実行ステップを実行させ、
前記プログラム実行ステップは、
外部からの通信接続要求に応じて通信チャネルを開設し、開設した前記通信チャネルに対して外部から送られてくる処理要求に対する結果を前記通信チャネル毎に返す、コンピュータプログラム。
(12)
コンピュータに、
第1の手続き型言語により作成されたコンピュータプログラムのコードを読み込み、解釈して実行するプログラム実行ステップを実行させ、
前記プログラム実行ステップは、
外部からの通信接続要求に応じて通信チャネルを開設し、開設した前記通信チャネルに対して外部から送られてくる処理要求に対する結果を前記通信チャネル毎に返す、コンピュータプログラムを格納した記憶媒体。
110 CPU
120 暗号化/復号部
130 ROM
140 RAM
150 NVRAM
160 入力部
170 表示部
Claims (12)
- 第1の手続き型言語により作成されたコンピュータプログラムのコードを読み込み、解釈して実行するプログラム実行部を備え、
前記プログラム実行部は、
外部からの通信接続要求に応じて通信チャネルを開設し、開設した前記通信チャネルに対して外部から送られてくる処理要求に対する結果を前記通信チャネル毎に返す、情報処理装置。 - 前記プログラム実行部は、共有可能な変数及び関数を、各前記通信チャネルに対して外部から送られてくる処理要求によって変更可能とし、前記変数及び前記関数への変更結果を、他の通信チャネルによる同一の変数及び関数を利用する処理要求にも反映する、請求項1に記載の情報処理装置。
- 前記プログラム実行部は、前記第1の手続き型言語とは異なる第2の手続き型言語により作成されたコンピュータプログラムのコードを読み込み、解釈して実行する、請求項1に記載の情報処理装置。
- 前記プログラム実行部は、開設された前記通信チャネルで入力されたコードを解釈し、前記第2の手続き型言語に再構成して送信する、請求項3に記載の情報処理装置。
- 前記プログラム実行部は、開設された前記通信チャネルを介してコードを受け付け、処理結果を待たずに該コードを受け付けたことを意味する返答を前記通信チャネルから返す、請求項1に記載の情報処理装置。
- 前記プログラム実行部は、新たなシーケンスを生成して受け付けた前記コードを処理して該コードの処理結果を保持し、コードを受け付けた前記通信チャネルから結果要求が来た時に前記処理結果を返す、請求項5に記載の情報処理装置。
- 前記プログラム実行部は、前記コードで用いられる変数の参照及び関数の実行を、認証を経てから行うよう制限し、外部からの通信接続要求に応じて開設される前記通信チャネル毎に設けられる認証リストを参照して認証する、請求項1に記載の情報処理装置。
- 前記プログラム実行部は、他のプログラム実行部と通信する通信部を備え、
前記プログラム実行部は、前記通信部から前記他のプログラム実行部に接続要求を出して通信チャネルを開設させ、前記コードの変数や関数の実行を認証する認証鍵と前記他のプログラム実行部が持つ前記コードの変数や関数の実行を認証する認証鍵との間で認証したことを記憶する、請求項1に記載の情報処理装置。 - 前記プログラム実行部は、外部からの通信接続要求に応じて開設された前記通信チャネルに連携し、コードの文脈を解釈することによって、自装置でのシンボル名と外部でのシンボル名との間の変換を行う、請求項1に記載の情報処理装置。
- 第1の手続き型言語により作成されたコンピュータプログラムのコードを読み込み、解釈して実行することを備え、
前記実行することは、
外部からの通信接続要求に応じて通信チャネルを開設し、開設した前記通信チャネルに対して外部から送られてくる処理要求に対する結果を前記通信チャネル毎に返す、情報処理方法。 - コンピュータに、
第1の手続き型言語により作成されたコンピュータプログラムのコードを読み込み、解釈して実行することを実行させ、
前記実行することは、
外部からの通信接続要求に応じて通信チャネルを開設し、開設した前記通信チャネルに対して外部から送られてくる処理要求に対する結果を前記通信チャネル毎に返す、コンピュータプログラム。 - コンピュータに、
第1の手続き型言語により作成されたコンピュータプログラムのコードを読み込み、解釈して実行することを実行させ、
前記実行することは、
外部からの通信接続要求に応じて通信チャネルを開設し、開設した前記通信チャネルに対して外部から送られてくる処理要求に対する結果を前記通信チャネル毎に返す、コンピュータプログラムを格納した記憶媒体。
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201380018131.6A CN104220984B (zh) | 2012-04-06 | 2013-03-14 | 信息处理装置、信息处理方法、以及计算机程序 |
US14/382,582 US9600248B2 (en) | 2012-04-06 | 2013-03-14 | Information processing device, information processing method, and computer program |
EP13771781.5A EP2835735A4 (en) | 2012-04-06 | 2013-03-14 | INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, AND COMPUTER PROGRAM |
JP2014509094A JP6024743B2 (ja) | 2012-04-06 | 2013-03-14 | 情報処理装置、情報処理方法およびコンピュータプログラム |
IN8172DEN2014 IN2014DN08172A (ja) | 2012-04-06 | 2014-09-30 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2012087219 | 2012-04-06 | ||
JP2012-087219 | 2012-04-06 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2013150872A1 true WO2013150872A1 (ja) | 2013-10-10 |
Family
ID=49300367
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2013/057132 WO2013150872A1 (ja) | 2012-04-06 | 2013-03-14 | 情報処理装置、情報処理方法およびコンピュータプログラム |
Country Status (6)
Country | Link |
---|---|
US (1) | US9600248B2 (ja) |
EP (1) | EP2835735A4 (ja) |
JP (1) | JP6024743B2 (ja) |
CN (1) | CN104220984B (ja) |
IN (1) | IN2014DN08172A (ja) |
WO (1) | WO2013150872A1 (ja) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107479985B (zh) * | 2017-06-30 | 2020-01-03 | 武汉斗鱼网络科技有限公司 | 一种远程过程调用的方法、装置及计算机设备 |
US11256479B2 (en) * | 2019-04-29 | 2022-02-22 | Apple Inc. | Dynamic updates in an interactive programming environment |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH1063511A (ja) * | 1996-08-14 | 1998-03-06 | Fuji Xerox Co Ltd | ジョブスクリプト実行装置 |
JP2004005441A (ja) * | 2002-03-22 | 2004-01-08 | Toshiba Corp | スクリプト処理装置、インタプリタ、スクリプト処理方法、スクリプト処理プログラム、およびスクリプトプログラム |
JP2004133630A (ja) * | 2002-10-09 | 2004-04-30 | Ricoh Co Ltd | プログラム作成方法、プログラム変換装置、プログラム及び記憶媒体 |
WO2005121976A1 (ja) | 2004-06-14 | 2005-12-22 | Sony Corporation | 情報管理装置及び情報管理方法 |
JP2011513824A (ja) | 2008-02-29 | 2011-04-28 | アイティーアイ スコットランド リミテッド | システム表現およびハンドリング技術 |
JP2012168645A (ja) * | 2011-02-10 | 2012-09-06 | Sony Corp | 情報処理装置、プログラム実行方法及びコンピュータプログラム |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7076551B2 (en) | 2000-04-03 | 2006-07-11 | Texas Instruments Incorporated | Using remote procedure calls to manage co-processor resources |
US7353248B1 (en) * | 2001-07-30 | 2008-04-01 | At&T Delaware Intellectual Property, Inc. | Application server and method to perform hierarchical configurable data validation |
US20040045007A1 (en) * | 2002-08-30 | 2004-03-04 | Bae Systems Information Electronic Systems Integration, Inc. | Object oriented component and framework architecture for signal processing |
JPWO2006009287A1 (ja) * | 2004-07-20 | 2008-05-01 | スター・ゲームズ株式会社 | 自動変換用プログラムおよびプログラム変換サーバ |
US20090070744A1 (en) * | 2007-08-28 | 2009-03-12 | Sugarcrm Inc. | CRM SYSTEM AND METHOD HAVING DRILLDOWNS, ACLs, SHARED FOLDERS, A TRACKER AND A MODULE BUILDER |
US8239832B2 (en) * | 2007-05-25 | 2012-08-07 | Microsoft Corporation | In-process debugging using external debugging infrastructure |
US8863111B2 (en) * | 2009-06-26 | 2014-10-14 | Oracle International Corporation | System and method for providing a production upgrade of components within a multiprotocol gateway |
JP2011028559A (ja) * | 2009-07-27 | 2011-02-10 | Denso Corp | 中継プログラムおよび電子制御装置 |
US8707161B2 (en) * | 2009-09-30 | 2014-04-22 | Facebook, Inc. | Executing server side script code specified using PHP on a server to generate dynamic web pages |
US9372985B2 (en) | 2012-01-25 | 2016-06-21 | Sony Corporation | Information processing device, information processing method, and computer program |
-
2013
- 2013-03-14 EP EP13771781.5A patent/EP2835735A4/en not_active Withdrawn
- 2013-03-14 WO PCT/JP2013/057132 patent/WO2013150872A1/ja active Application Filing
- 2013-03-14 JP JP2014509094A patent/JP6024743B2/ja not_active Expired - Fee Related
- 2013-03-14 CN CN201380018131.6A patent/CN104220984B/zh not_active Expired - Fee Related
- 2013-03-14 US US14/382,582 patent/US9600248B2/en not_active Expired - Fee Related
-
2014
- 2014-09-30 IN IN8172DEN2014 patent/IN2014DN08172A/en unknown
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH1063511A (ja) * | 1996-08-14 | 1998-03-06 | Fuji Xerox Co Ltd | ジョブスクリプト実行装置 |
JP2004005441A (ja) * | 2002-03-22 | 2004-01-08 | Toshiba Corp | スクリプト処理装置、インタプリタ、スクリプト処理方法、スクリプト処理プログラム、およびスクリプトプログラム |
JP2004133630A (ja) * | 2002-10-09 | 2004-04-30 | Ricoh Co Ltd | プログラム作成方法、プログラム変換装置、プログラム及び記憶媒体 |
WO2005121976A1 (ja) | 2004-06-14 | 2005-12-22 | Sony Corporation | 情報管理装置及び情報管理方法 |
JP2011513824A (ja) | 2008-02-29 | 2011-04-28 | アイティーアイ スコットランド リミテッド | システム表現およびハンドリング技術 |
JP2012168645A (ja) * | 2011-02-10 | 2012-09-06 | Sony Corp | 情報処理装置、プログラム実行方法及びコンピュータプログラム |
Non-Patent Citations (4)
Title |
---|
LINCOLN STEIN: "Kabushiki Kaisha Pearson Education", PERL NETWORK PROGRAMMING, FIRST EDITION, 20 December 2002 (2002-12-20), pages 305 - 316, XP008174578 * |
MITSUISHI TAKASHI ET AL.: "Multi-Paradigm Programming Language: DeLis for Decentralized Network Applications", PROCEEDINGS OF THE 12TH INTERNATIONAL CONFERENCE ON INFORMATION NETWORKING (ICOIN-12), 1998, pages 322 - 327, XP010265326 * |
See also references of EP2835735A4 |
TAKASHI MITSUISHI ET AL.: "Design and Implementation of a Programming Language DeLis for Decentralized Application on Networks", TRANSACTIONS OF INFORMATION PROCESSING SOCIETY OF JAPAN, vol. 39, no. 2, February 1998 (1998-02-01), pages 403 - 413, XP008174496 * |
Also Published As
Publication number | Publication date |
---|---|
JPWO2013150872A1 (ja) | 2015-12-17 |
JP6024743B2 (ja) | 2016-11-16 |
IN2014DN08172A (ja) | 2015-05-01 |
EP2835735A1 (en) | 2015-02-11 |
EP2835735A4 (en) | 2016-04-06 |
CN104220984A (zh) | 2014-12-17 |
CN104220984B (zh) | 2018-04-24 |
US9600248B2 (en) | 2017-03-21 |
US20150058943A1 (en) | 2015-02-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111433797B (zh) | 基于复合密钥的区块链设备控制系统和方法 | |
CN109002297B (zh) | 共识机制的部署方法、装置、设备和存储介质 | |
KR102232966B1 (ko) | 비대면 디지털 키 서비스 시스템 및 그 방법 | |
CN109587142A (zh) | 一种面向业务流的数据安全接入模块和设备 | |
CN110516417A (zh) | 一种智能合约的权限验证方法及装置 | |
JP5704951B2 (ja) | 情報処理装置、情報処理方法及びコンピュータプログラム | |
CN105068910A (zh) | 一种智能卡的测试方法和装置 | |
JP6024743B2 (ja) | 情報処理装置、情報処理方法およびコンピュータプログラム | |
CN110113164A (zh) | 一种基于区块链的iot设备管理方法及装置 | |
KR102116373B1 (ko) | 가상기계를 이용한 스마트 컨트랙트 시스템 및 그 처리 방법 | |
JP5962671B2 (ja) | 情報処理装置、情報処理方法およびコンピュータプログラム | |
CN109977702A (zh) | 一种基于ds2432芯片的fpga设备加密认证系统和方法 | |
CN103227804B (zh) | 使用帐户代理模块连接超级用户帐户命令解译器的方法 | |
JP2009134722A (ja) | 電波識別応用インターフェース提供方法及びシステム | |
CN111028398B (zh) | 智能锁的配置方法及控制方法、智能锁、设备和存储介质 | |
CN111104363B (zh) | 一种fpga云平台使用方法、装置、设备、介质 | |
Burruss et al. | Remote computing using the national fusion grid | |
Du et al. | A rigorous model of contract-based service component architecture | |
CN103544037B (zh) | 一种支持OpenSC的软硬件驱动的实现方法 | |
Mylrea et al. | Keyless Infrastructure Security Solution (KISS): VOLTTRON™ KSI® Blockchain Design and Specification | |
CN106982232B (zh) | 分立安全管理交换机 | |
Put et al. | Priman: Facilitating the development of secure and privacy-preserving applications | |
Giallorenzo et al. | Programming Languages and Systems | |
CN114266034A (zh) | 一种基于云链融合的访问控制方法、装置及系统 | |
KR100916543B1 (ko) | 스마트 카드 발급 시스템 및 방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13771781 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2013771781 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14382582 Country of ref document: US |
|
ENP | Entry into the national phase |
Ref document number: 2014509094 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |