WO2015037175A1 - Confidential-information display control system, server, confidential-information display control method, and recording medium - Google Patents

Confidential-information display control system, server, confidential-information display control method, and recording medium Download PDF

Info

Publication number
WO2015037175A1
WO2015037175A1 PCT/JP2014/003852 JP2014003852W WO2015037175A1 WO 2015037175 A1 WO2015037175 A1 WO 2015037175A1 JP 2014003852 W JP2014003852 W JP 2014003852W WO 2015037175 A1 WO2015037175 A1 WO 2015037175A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
terminal
guest
display
user
Prior art date
Application number
PCT/JP2014/003852
Other languages
French (fr)
Japanese (ja)
Inventor
祐樹 神谷
琢 小西
理恵 田仲
弘洋 植村
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Publication of WO2015037175A1 publication Critical patent/WO2015037175A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/84Protecting input, output or interconnection devices output devices, e.g. displays or monitors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Definitions

  • the present invention relates to a technique for controlling display of secret information representing a secret whose handling should be limited.
  • Patent Document 1 discloses a secret information protection system.
  • the confidential information protection system such as “confidential” or “confidential” included in the file displayed on the client terminal located near the outsider when an outsider enters the office
  • the risk is calculated based on the character string.
  • the secret information protection system performs display control of the screen of the client terminal in order to ensure security when the obtained degree of risk exceeds the security level allowed for the resident.
  • the display control performed by the secret information protection system includes display of alert information on the screen, display (activation) of a screen saver, deletion or minimization of a specific window, or filling with a predetermined color.
  • Patent Document 2 discloses a data processing apparatus.
  • the data processing device manages the visit of the guest in the office, detects the presence position of the person who should accept the guest in the office where the free address is adopted, and detects the guest Presented seating position.
  • the technology described in Patent Document 2 restricts the display of user portable terminals existing in the vicinity of the guest in response to detecting that the guest has approached an employee in an office where a free address or the like is employed. By doing so, leakage of confidential information is prevented.
  • Patent Document 3 discloses a display system that simultaneously displays a plurality of images from which different images can be viewed from different viewing areas. This display system determines display conditions according to the security level set for the visual recognition area, and restricts images to be output according to the determined display conditions.
  • Patent Document 4 discloses an information management apparatus that performs entrance / exit management and display control on a projector.
  • the information management apparatus performs information protection in a plurality of facility areas
  • the information management apparatus is adjacent to a person's protection attribute existing in a certain facility area based on the position information and protection attribute of the person and the protection attribute of the protection target information. Refers to the protection attributes of people present in the facility area.
  • the information management apparatus determines the protection level of the facility area based on the reference result, and performs control (entrance / exit management and display control to the projector) for information protection.
  • Patent Document 5 discloses an action monitoring system that identifies an individual by a face image and issues a warning when an action prohibited by each individual is detected.
  • Patent Document 6 discloses an apparatus for managing entry / exit of a target (person) to / from a specific area. This apparatus detects an orientation and a moving speed of the face with respect to the target using an image input from a photographing unit such as a camera, and sets an influence area by the target based on the detection result. And this apparatus outputs the warning of the warning level according to the movement state of the said object with respect to the said specific area based on the set influence area and the overlapping (superimposition) degree with the said specific area.
  • Patent Document 1 and Patent Document 2 change or limit the display of all terminals existing near the guest who has entered the room. For this reason, there is an adverse effect that operations are excessively limited for a user of a terminal that is not viewed by the guest.
  • Patent Documents 3 to 6 there are a coping method assuming an area where a guest is present, a method of coping by restricting entry to the guest, and a method of coping by issuing a warning to the guest. It's not an open environment.
  • the present invention has been made in view of the above circumstances.
  • the display control is performed so that the confidential information is not leaked to the guest and the work of the user of the terminal is prevented as much as possible.
  • the secret information display control system includes: A secret information display control system including a terminal that displays secret information set to be handled secretly, a sensor that detects the position of a guest, and a server that is communicably connected to the terminal and the sensor via a network Because The terminal transmits user information indicating whether or not a user is using the terminal and whether or not the secret information is displayed to the server, The sensor transmits guest information indicating the detected position of the guest to the server, The server User information receiving means for receiving the user information from the terminal; Guest information receiving means for receiving the guest information from the sensor; Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information; When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area; A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information,
  • the server is: A server that is communicably connected via a network to a terminal that displays secret information set to be handled secretly and a sensor that detects the location of the guest, User information receiving means for receiving user information indicating whether or not the user using the terminal is present from the terminal and whether or not the secret information is displayed; Guest information receiving means for receiving guest information indicating the position of the guest detected from the sensor; Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information; When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area; A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk; Control information transmitting means for transmitting the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal; Is provided
  • the secret information display control method includes: A terminal that displays secret information set to be handled secretly transmits user information indicating whether or not the user using the terminal is present and whether or not the secret information is displayed to the server, A sensor that detects the position of a guest that is a secret target of the secret information transmits guest information indicating the detected position of the guest to the server, The server is Receiving the user information from the terminal; Receiving the guest information from the sensor; When receiving the guest information, based on the guest information, calculate the recognition area of the guest, generate recognition area information indicating the calculated recognition area, Based on the recognition area information, the user information, and terminal information indicating the position of the terminal, the risk level of the terminal is determined, and risk level information indicating the determined risk level is generated, Control information indicating a control method for controlling display of the secret information corresponding to the risk level of the terminal indicated by the risk level information is transmitted to the terminal; The terminal controls display of the secret information based on the control information received from the server.
  • a program according to the fourth aspect of the present invention or a computer-readable recording medium storing the program,
  • a computer that is communicably connected via a network to a terminal that displays secret information that is set to be handled secretly and a sensor that detects the location of the guest,
  • User information receiving means for receiving from the terminal user information indicating whether or not the user is using the terminal and whether or not the secret information is displayed;
  • Guest information receiving means for receiving guest information indicating the detected position of the guest from the sensor;
  • Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information;
  • the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area;
  • a risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk; and
  • Control information transmitting means for transmitting the control information corresponding to the risk level of the
  • the present invention when restricting display of secret information by a terminal in an open environment, display control is performed so that secret information is not leaked to a guest and work by the user of the terminal is prevented as much as possible. it can.
  • FIG. 1 is a diagram showing a configuration example of a secret information display control system according to the first embodiment of the present invention.
  • FIG. 2 is a block diagram illustrating a functional configuration example of the server according to the first embodiment.
  • FIG. 3 is a diagram illustrating an example of control information according to the first embodiment.
  • FIG. 4 is a diagram for explaining the operation accompanying the movement of the guest in the secret information display control system according to the first embodiment.
  • FIG. 5 is a flowchart illustrating an example of the secret information display control process according to the first embodiment.
  • FIG. 6 is a diagram illustrating a configuration example of a secret information display control system according to the second embodiment of the present invention.
  • FIG. 7 is a block diagram illustrating a functional configuration example of the server according to the second embodiment.
  • FIG. 8 is a flowchart illustrating an example of the secret information display control process according to the second embodiment.
  • FIG. 9 is a block diagram showing a hardware configuration example of the server according to each embodiment of the present invention.
  • secret information is information that should be handled as “secret”, the scope of disclosure being limited to specific parties (members), and in each embodiment described below, It is information set so as to be discriminated as “secret information” in the apparatus.
  • Public information is information other than the confidential information.
  • a “user” is an insider (Insider) who performs work (business) using at least one of confidential information and public information displayed on a terminal (client terminal).
  • “Guest” is an outsider who must not know confidential information.
  • FIG. 1 is a diagram showing a configuration example of a secret information display control system according to the first embodiment of the present invention.
  • the secret information display control system 100 includes a server 1, a sensor 3 (3A to 3D), and a terminal 10. It is assumed that the sensor 3 and the terminal 10 and the server 1 are communicably connected via a communication network (not shown).
  • the sensor 3 has functions such as an IC (Integrated Circuit) tag reader and a camera.
  • the sensor 3 detects the position of the guest based on the detection result of the IC tag 51 possessed by the guest by the IC tag reader function.
  • the sensor 3 can detect the time-series movement (movement, movement locus) of the guest by repeating this position detection. Further, the sensor 3 captures the guest by the camera function, and detects the direction of the guest's line of sight based on the captured image.
  • the sensor 3 generates information indicating the detected movement or line of sight of the guest (hereinafter referred to as “guest information GI”), and transmits the generated guest information GI to the server 1.
  • guest information GI information indicating the detected movement or line of sight of the guest
  • Sensor 3 may transmit guest information GI periodically, or may transmit new guest information GI only when guest information GI changes.
  • terminals 10 terminals 10A to 10I
  • terminals 10A to 10I nine terminals 10 are provided, and whether or not there is a user who operates the terminal and whether or not secret information is displayed on the display screen of the terminal. And the like.
  • the terminal 10 determines whether or not the information handled by the terminal 10 is handled as confidential information according to the relationship with the guest as described below.
  • the sensor 3 acquires guest attribute information GA indicating an attribute of the guest from the IC tag 51 possessed by the guest.
  • the guest attribute information GA includes at least information indicating a field that can be disclosed and information indicating a level that can be disclosed as attributes relating to the target guest. It is assumed that a field and a level are set in the information displayed on the terminal 10. In such a case, it is assumed that the terminal 10 receives the guest attribute information GA from the sensor 3. In this case, if the information displayed on the terminal 10 is within the range of information included in the guest attribute information GA (that is, within the range of guest attributes), the terminal 10 displays the displayed information. It is determined that the information is public information.
  • the terminal 10 determines that the information displayed on the terminal 10 is confidential information.
  • the terminal 10 determines whether or not the terminal itself displays secret information based on the guest attribute information GA regarding each guest.
  • the terminal 10 generates user information indicating whether the user exists or whether secret information is displayed, and transmits the generated user information to the server 1.
  • the terminal 10 may transmit this user information periodically or only when the user information changes. Whether the user exists or not may be determined by, for example, the terminal 10 having an IC tag reader (not shown) and detecting the IC tag 51 possessed by the user by the IC tag reader.
  • the terminal 10 includes a camera
  • the presence / absence of the user may be determined by a recognition process related to an image captured by the camera.
  • the sensor 3 transmits guest attribute information GA to the server 1, and the terminal 10 displays the information displayed by the terminal 10.
  • Setting information (for example, information indicating the field and level) is transmitted to the server 1.
  • the server 1 may determine whether the terminal 10 is displaying the secret information based on these information received from the sensor 3 and the terminal 10.
  • the server 1 calculates an area where the guest can be recognized (hereinafter referred to as “recognition area”) based on the guest information GI received from the sensor 3. Further, the server 1 determines the risk level of each terminal 10 based on the calculated recognition area, user information received from the terminal 10, and the like. The server 1 controls the display state of the secret information on each terminal 10 according to each risk level.
  • FIG. 1 represents a situation where the user uses the terminals 10A, 10B, 10E, 10F, and 10G in an environment where nine terminals 10 (terminal 10A to terminal 10I) are arranged.
  • the four sensors 3 detect the movement of the guest who entered the room, the line of sight, and the like.
  • the guest recognition area is represented by a broken line.
  • the terminal 10A and the terminal 10B exist in the guest recognition area, and secret information is displayed on these terminals.
  • the server 1 performs display control of secret information displayed on the terminal 10A and the terminal 10B.
  • FIG. 2 is a block diagram illustrating a functional configuration of the server according to the first embodiment.
  • the server 1 includes a guest information reception unit 11, a storage unit 12, a user information reception unit 13, a recognition area calculation unit 14, a risk determination unit 15, and a control information transmission unit 16.
  • the guest information receiving unit 11 receives guest information GI from the sensors 3A to 3D.
  • the guest information receiving unit 11 stores the received guest information GI in the storage unit 12.
  • User information receiving unit 13 receives user information from terminals 10A to 10I. The user information receiving unit 13 stores the received user information in the storage unit 12.
  • the storage unit 12 stores in advance terminal information indicating the position of each terminal 10 and control information indicating a control method for controlling display of secret information.
  • the recognition region calculation unit 14 calculates the recognition region of the guest based on the guest information GI stored in the storage unit 12.
  • the recognition region calculation unit 14 generates recognition region information indicating the calculated recognition region, and sends the generated recognition region information to the risk determination unit 15.
  • the recognition area calculation unit 14 calculates a fan-shaped recognition area centered on the guest's position and having a radius of a certain distance in the direction the guest is facing. At this time, the recognition area calculation unit 14 may set the level to a recognizable level according to the distance from the guest.
  • the recognition area calculation unit 14 may change the recognition area according to the level of security. For example, the recognition area calculation unit 14 uses a calculation formula that widens the recognition area in an environment with a high security level, and uses a calculation formula that narrows the recognition area in an environment with a low security level.
  • the risk determination unit 15 Based on the recognition area information received from the recognition area calculation unit 14, the user information stored in the storage unit 12, and the terminal information stored in advance in the storage unit 12, the risk determination unit 15 The risk level of the terminal 10 is determined. The risk determination unit 15 determines the risk according to whether secret information is displayed, whether a user exists, and whether the terminal 10 is included in the guest's recognition area. To do. The risk determination unit 15 generates risk information indicating the determined risk of each terminal 10, and sends the generated risk information to the control information transmission unit 16.
  • the recognition area calculation unit 14 calculates the recognition area by setting the level to the recognizable level according to the distance from the guest
  • the risk level determination unit 15 determines the risk level in consideration of the set recognizable level. judge.
  • control information transmission unit 16 When the control information transmission unit 16 receives the risk level information from the risk level determination unit 15, the control information transmission unit 16 calls the control information stored in advance in the storage unit 12 and performs control corresponding to the risk level of each terminal 10 indicated by the risk level information. Information is transmitted to the corresponding terminal 10.
  • Each terminal 10 controls the display of the secret information by the control method indicated by the control information received from the control information transmitting unit 16.
  • FIG. 1 how to control the display of confidential information will be specifically described with reference to FIGS. 1, 3, and 4.
  • FIG. 1
  • FIG. 3 is a diagram illustrating an example of control information according to the first embodiment. As illustrated in FIG. 3, the storage unit 12 stores control information associated with the degree of risk.
  • control information “cancel confidential information display control” is associated with the risk level 0.
  • Control information “move the position of the secret information in the opposite direction of the guest” is associated with the risk level 1.
  • Control information “reducing the display of secret information to a predetermined size” is associated with risk level 2.
  • the risk level 3 is associated with control information “forcibly terminate display of secret information”.
  • the control method for controlling the display of the secret information is not limited to the example described above. For example, a technique for displaying a message for calling attention, a technique for displaying a screen saver, or a technique for minimizing a window displaying secret information may be used.
  • the control information transmitted to each terminal 10 is not limited to one, and a plurality of control information may be transmitted as control candidates, and the user may select from among the control information.
  • the risk determination unit 15 determines the risk considering the recognizable level
  • the terminal 10 sets the character size of the secret information to a size that the guest cannot recognize, for example, according to the recognizable level. It is good to perform control such as changing.
  • the position of the guest and the direction of the line of sight are detected by the sensors 3A to 3D.
  • the sensors 3A to 3D transmit guest information GI indicating the position of the guest and the direction of the line of sight to the server 1.
  • the guest information receiving unit 11 of the server 1 stores the guest information GI received from the sensors 3A to 3D in the storage unit 12.
  • the terminals 10A to 10I transmit user information to the server 1.
  • the user information receiving unit 13 of the server 1 stores the user information received from the terminals 10A to 10I in the storage unit 12.
  • the user information stored in the storage unit 12 includes, for example, the following items. That is, The terminal 10A displays secret information in the absence of a user, -Secret information is displayed on the terminal 10B, the terminal 10F, and the terminal 10G in a state where the user exists, -Terminal 10C, terminal 10D, terminal 10H and terminal 10I are powered off, -Public information is displayed on the terminal 10E in a state where the user exists.
  • the recognition region calculation unit 14 calculates the recognition region of the guest based on the guest information GI stored in the storage unit 12. As described above, in the example shown in FIG. 1, the area indicated by the broken line is the guest recognition area.
  • the recognition region calculation unit 14 generates recognition region information indicating the calculated recognition region, and sends the generated recognition region information to the risk determination unit 15.
  • the risk determination unit 15 determines each terminal based on the recognition area information received from the recognition area calculation unit 14, the user information stored in the storage unit 12, and the terminal information stored in the storage unit 12 in advance. A risk rating of 10 is determined. For example, as illustrated in FIG. 3, the risk determination unit 15 determines the risk of each terminal 10 in four levels (levels 0 to 3).
  • the terminal 10A and the terminal 10B exist in the guest recognition area. Since the secret information is displayed on the terminal 10A in the absence of the user, the risk determination unit 15 determines the risk of the terminal 10A to be level 3. Since the secret information is displayed on the terminal 10B in a state where the user exists, the risk determination unit 15 determines the risk of the terminal 10B as level 2. Other terminals 10 do not exist within the guest's recognition area. Therefore, the risk determination unit 15 determines the risk of the other terminal 10 as level 0. The risk determination unit 15 generates risk information that associates information for identifying each terminal 10 with the risk determined for each terminal, and sends the generated risk information to the control information transmission unit 16.
  • the control information transmission unit 16 transmits control information that can be instructed to forcibly end the display of the secret information to the terminal Send to 10A.
  • the control information transmission unit 16 can instruct control information to be reduced to a predetermined size. Is transmitted to the terminal 10B.
  • the control information transmitting unit 16 transmits control information that can be instructed to cancel the display control of the secret information to the other terminals 10 because the risk level is level 0.
  • FIG. 4 is a diagram for explaining the operation accompanying the movement of the guest in the secret information display control system according to the first embodiment.
  • the terminal 10 moves to the position shown in FIG. 4 from the situation described above with reference to FIG. 1, the position of the guest and the direction of the line of sight are detected by the sensors 3A to 3D.
  • the sensors 3A to 3D transmit guest information GI indicating the detected position of the guest and the direction of the line of sight to the server 1.
  • the guest information receiving unit 11 of the server 1 stores the guest information GI received from the sensors 3A to 3D in the storage unit 12.
  • the terminals 10A to 10I determine whether or not the user exists and whether or not secret information is displayed, and transmit the user information to the server 1.
  • the user information receiving unit 13 of the server 1 stores the user information received from the terminals 10A to 10I in the storage unit 12.
  • at least the following items are stored in the storage unit 12 as user information. That is, -Secret information is displayed on the terminal 10B, the terminal 10F, and the terminal 10G in a state where the user exists, -Terminal 10A, terminal 10C, terminal 10D, terminal 10H and terminal 10I are powered off, -Public information is displayed on the terminal 10E in a state where the user exists.
  • the recognition region calculation unit 14 calculates the recognition region of the guest based on the guest information GI stored in the storage unit 12. Also in FIG. 4, the area indicated by a broken line represents a guest recognition area. The recognition region calculation unit 14 generates recognition region information indicating the calculated recognition region, and sends the generated recognition region information to the risk determination unit 15.
  • the terminal 10E and the terminal 10F exist in the guest recognition area. Since the public information is displayed on the terminal 10E in the presence of the user, the risk determination unit 15 sets the risk of the terminal 10E to level 0. Since the confidential information is displayed on the terminal 10F in the presence of the user, the risk determination unit 15 sets the risk of the terminal 10F to level 2. Since the other terminals 10 do not exist within the guest's recognition area, the risk level of these terminals is set to level 0. The risk level determination unit 15 generates risk level information that associates the information for identifying each terminal 10 with the determined risk level, and sends the generated risk level information to the control information transmission unit 16.
  • the control information transmission unit 16 transmits control information that can be instructed to cancel the display control of the secret information to the terminal To 10E.
  • the control information transmission unit 16 can instruct to reduce the display of the secret information to a predetermined size. Is transmitted to the terminal 10F.
  • the control information transmission unit 16 transmits control information that can be instructed to cancel the display control of the secret information to the other terminals 10 because the risk level is level 0.
  • the terminal 10E Even if the terminal 10E receives the control information from the control information transmission unit 16, the terminal 10E does not perform the display control of the secret information, and therefore does not perform the control to change the display mode.
  • the terminal 10F reduces the display of the secret information to a predetermined size according to the control information.
  • the terminal 10B performs display control of secret information in the situation shown in FIG. For this reason, when the guest 10 moves to the situation shown in FIG. 4, the terminal 10 ⁇ / b> B releases the secret information display control in response to receiving the control information from the control information transmitting unit 16, thereby Return to the original display state.
  • the other terminal 10 also receives the control information from the control information transmission unit 16, if the display control of the secret information has been performed before that, the display control of the secret information is released.
  • FIG. 5 is a flowchart illustrating a processing procedure in the confidential information display control processing according to the first embodiment. A series of processing described in the flowchart illustrated in FIG. 5 is started in response to, for example, powering on the server 1.
  • the guest information receiving unit 11 waits for reception of the guest information GI by repeating step S11.
  • the guest information receiving unit 11 receives the guest information GI from the sensor 3 (YES in step S11)
  • the guest information receiving unit 11 stores the received guest information GI in the storage unit 12.
  • the recognition region calculation unit 14 calculates the recognition region of the guest based on the guest information GI stored in the storage unit 12. (Step S12).
  • the recognition region calculation unit 14 generates recognition region information indicating the calculated recognition region, and sends the generated recognition region information to the risk determination unit 15.
  • the risk determination unit 15 Based on the recognition area information received from the recognition area calculation unit 14, the user information stored in the storage unit 12, and the terminal information stored in advance in the storage unit 12, the risk determination unit 15 A risk level of 10 is determined (step S13). The risk determination unit 15 generates risk level information indicating the determined risk level, and sends the generated risk level information to the control information transmission unit 16.
  • control information transmission unit 16 When the control information transmission unit 16 receives the risk information from the risk determination unit 15, the control information transmission unit 16 refers to the control information stored in advance in the storage unit 12. Thereby, the control information transmitting unit 16 controls the control information corresponding to the risk (level) of each terminal 10 indicated by the risk information (that is, the control information associated with the risk in the table illustrated in FIG. 3). Content) is transmitted to the terminal 10 (step S14).
  • step S15 server 1 returns the process to step S11 and repeats steps S11 to S15. If server 1 is powered off (YES in step S15), the process ends.
  • the secret information display control system 100 considers the range that can be recognized by the guest with respect to the terminal being used by the user when restricting the display of the secret information of the terminal in the open environment. It is possible to perform display control in which confidential information is not leaked and the work of the user of the terminal is prevented as much as possible.
  • the secret information display control system 100 can also be configured to transmit a plurality of control information as control candidates and to be selected by the user.
  • the user of each terminal 10 can select the minimum countermeasure with his / her own intention from the options provided by the system when the guest visits. Therefore, compared with a configuration in which the system automatically and forcibly changes the display mode, it is excellent in convenience because it is not subject to excessive restrictions.
  • the secret information display control system 200 described in the present embodiment can change the recognition area of the guest by presenting information that can attract the guest's attention.
  • FIG. 6 is a diagram showing a configuration example of a secret information display control system according to the second embodiment of the present invention.
  • the secret information display control system 200 of the second embodiment includes a display 8 that displays an image in addition to the secret information display control system 100 of the first embodiment.
  • the display 8 may output not only images but also sounds.
  • the server 1 is communicably connected to the display 8 via a network, and can control the display 8 to display information that can attract the guest's attention.
  • the information that can attract the guest's attention is, for example, information indicating the name of the guest, information regarding the purpose of the guest visiting, and the like.
  • the other configuration of the secret information display control system 200 is the same as that of the secret information display control system 100 described above in the first embodiment.
  • FIG. 7 is a block diagram illustrating a functional configuration example of the server according to the second embodiment.
  • the server 1 of the second embodiment is similar to the server 1 of the first embodiment in that the guest information receiving unit 11, the storage unit 12, the user information receiving unit 13, the recognition area calculating unit 14, and the risk determining unit 15 and a control information transmission unit 16.
  • the storage unit 12 stores in advance display information to be displayed on the display 8 in order to draw the guest's attention in addition to the guest information GI, user information, terminal information, and control information.
  • Display information may be acquired from the outside. For example, by using the sensor 3, it may be acquired from the IC tag 51 possessed by the guest and transmitted to the server 1 together with the guest information GI.
  • control information transmission unit 16 determines whether the display information has been transmitted to the display 8. When display information is not transmitted to the display 8, the control information transmission unit 16 determines whether there is a terminal 10 having a degree of risk exceeding a predetermined threshold. When there is a terminal 10 whose degree of risk exceeds a predetermined threshold, the control information transmission unit 16 transmits display information stored in advance in the storage unit 12 to the display 8 and controls the display 8 to display the display information. To do. For example, the control information transmission unit 16 calls (reads) display information corresponding to the guest attribute indicated by the guest attribute information GA from the storage unit 12.
  • the recognition area may change as the guest turns to the display 8 by noticing the display information. If the recognition area changes, the risk determined by the risk determination unit 15 may be reduced. Therefore, in the present embodiment, when the guest information receiving unit 11 receives the guest information GI after transmitting the display information to the display 8, the recognition area calculating unit 14 is based on the guest information GI stored in the storage unit 12. Again, the recognition area of the guest is calculated. The recognition area calculation unit 14 generates recognition area information indicating the calculated recognition area, and sends the generated recognition area information to the risk determination unit 15. Other processing configurations of the server 1 are the same as those in the first embodiment described above.
  • FIG. 8 is a flowchart illustrating a processing procedure in the secret information display control processing according to the second embodiment. A series of processes described in the flowchart illustrated in FIG. 8 is started, for example, when the server 1 is powered on.
  • the guest information receiving unit 11 waits for reception of the guest information GI by repeating step S21.
  • the guest information receiving unit 11 receives the guest information GI from the sensor 3 (YES in step S21)
  • the guest information receiving unit 11 stores the received guest information GI in the storage unit 12.
  • the recognition region calculation unit 14 calculates the recognition region of the guest based on the guest information GI stored in the storage unit 12 (Ste S22).
  • the recognition region calculation unit 14 generates recognition region information indicating the calculated recognition region, and sends the generated recognition region information to the risk determination unit 15.
  • the risk determination unit 15 Based on the recognition area information received from the recognition area calculation unit 14, the user information stored in the storage unit 12, and the terminal information stored in advance in the storage unit 12, the risk determination unit 15 A risk level of 10 is determined (step S23). The risk determination unit 15 generates risk level information indicating the determined risk level, and sends the generated risk level information to the control information transmission unit 16.
  • control information transmission unit 16 determines whether or not display information has been transmitted to the display 8 (step S24). If display information has not yet been transmitted to display 8 (NO in step S24), control information transmitting unit 16 determines whether or not there is a terminal 10 having a risk level greater than threshold value ⁇ (step S25).
  • the threshold ⁇ may be, for example, a degree of risk of 0 or can be arbitrarily set.
  • control information transmission unit 16 calls the control information stored in advance in the storage unit 12 and receives it from the risk determination unit 15 The specific control information corresponding to the risk level of each terminal 10 indicated by the risk level information is transmitted to the terminal 10 (step S27).
  • control information transmission unit 16 calls display information stored in advance in storage unit 12 and transmits it to display 8 (step S26). . Thereafter, the process returns to step S21, and steps S21 to S25 are repeated.
  • control information transmission unit 16 calls the control information stored in advance in storage unit 12, and receives the risk received from risk determination unit 15 Specific control information corresponding to the risk level of each terminal 10 indicated by the degree information is transmitted to the terminal 10 (step S27).
  • step S28 If the server 1 is not powered off (NO in step S28), the process returns to step S21, and steps S21 to S28 are repeated. If server 1 is turned off (YES in step S28), the process ends.
  • display information that can attract the attention of the guest can be displayed on the display 8. Thereby, it can be expected that the danger level of the terminal 10 is lowered by changing the recognition area of the guest.
  • the display 8 is provided.
  • the display 8 is not limited thereto, and instead of the display 8, information that can attract the attention of the guest is displayed on the monitor of the terminal 10 where the user does not exist. There may be.
  • the senor 3 is a device that includes an IC tag reader, a camera, and the like, detects the position of the guest from the IC tag 51 possessed by the guest, and determines the direction of the line of sight from the captured guest image.
  • the detection configuration has been described as an example.
  • the present invention described by taking the above-described embodiment as an example is not limited to such a configuration, and the sensor 3 may detect at least the position of the guest.
  • the recognition area calculation unit 14 calculates the recognition area of the guest based on the guest position indicated by the guest information GI received by the guest information reception unit 11.
  • FIG. 9 is a block diagram showing a hardware configuration example of the server according to each embodiment of the present invention.
  • the server 1 includes a control unit 41, a main storage unit 42, an external storage unit 43, an operation unit 44, a display unit 45, and a transmission / reception unit 46.
  • the main storage unit 42, the external storage unit 43, the operation unit 44, the display unit 45, and the transmission / reception unit 46 are all connected to the control unit 41 via the internal bus 40.
  • the control unit 41 is configured by a CPU (Central Processing Unit) 41A and the like, and executes each process according to a control program 49 stored in the external storage unit 43.
  • the control unit 41 executes the processes described above with respect to the recognition area calculation unit 14, the risk determination unit 15, and the control information transmission unit 16 of the server 1.
  • the main storage unit 42 is configured by a RAM (Random-Access Memory) or the like, and a control program 49 stored in the external storage unit 43 is loaded and used as a work area of the control unit 41.
  • a RAM Random-Access Memory
  • the external storage unit 43 includes a nonvolatile memory such as a flash memory, a hard disk, a DVD-RAM (Digital Versatile Disc Random-Access Memory), a DVD-RW (Digital Versatile Disc ReWritable).
  • the external storage unit 43 stores in advance a computer program (hereinafter referred to as “program”) for causing the control unit 41 to perform processing of the server 1. Further, the external storage unit 43 supplies the data stored by the program to the control unit 41 in accordance with the instruction from the control unit 41 and stores the data supplied from the control unit 41.
  • the storage unit 12 of the server 1 is configured in the external storage unit 43, for example.
  • the operation unit 44 includes a pointing device such as a keyboard and a mouse, and an interface device that connects the keyboard and the pointing device to the internal bus 40.
  • a pointing device such as a keyboard and a mouse
  • an interface device that connects the keyboard and the pointing device to the internal bus 40.
  • the display unit 45 is configured by a CRT (Cathode Ray Tube) or an LCD (Liquid Crystal Display) or the like, and displays information supplied from the control unit 41.
  • the display unit 45 displays, for example, an operation screen.
  • the transmission / reception unit 46 includes, for example, a network termination device or a wireless communication device connected to a communication network, and a serial interface or a LAN (Local Area Network) interface connected to them.
  • the transmission / reception unit 46 functions as the guest information reception unit, the user information reception unit 13 and the control information transmission unit 16 of the server 1.
  • the server 1, the sensor 3, the terminal 10, and the display 8 may be connected by wire.
  • the guest information receiving unit 11, the storage unit 12, the user information receiving unit 13, the recognition area calculating unit 14, the risk determining unit 15, and the control information transmitting unit 16 of the server 1 illustrated in FIGS. 2 and 7 are, for example, a control program 49. However, it can be realized by executing the control unit 41, the main storage unit 42, the external storage unit 43, the operation unit 44, the display unit 45, the transmission / reception unit 46, and the like as resources.
  • the central part that performs the secret information display control process constituted by the control unit 41, the main storage unit 42, the external storage unit 43, the operation unit 44, the internal bus 40, etc. is not a dedicated system, but a normal computer system
  • the server 1 that executes the above-described processing may be configured by storing a program for executing the above operation on a computer-readable recording medium and distributing the program, and installing the program in the computer. Good.
  • the storage medium is, for example, a flexible disk, a CD-ROM (Compact Disc Read Only Memory), a DVD-ROM (Digital Versatile Disc Disc Read Only Memory), or the like.
  • the server 1 may be configured by storing the program in a storage device included in a computer communicably connected to a communication network such as the Internet and downloading the program by a normal computer system.
  • the function of the secret information display control device is realized by sharing of an OS (operating system) and an application program, or by cooperation between the OS and the application program, only the application program portion is stored in a recording medium or a storage device. It may be stored.
  • the program may be posted on a bulletin board (BBS, Bulletin Board System) on the communication network, and the program may be distributed via the communication network.
  • BSS bulletin Board System
  • the program may be started and executed in the same manner as other application programs in the OS control environment so that the above-described processing can be executed.
  • a secret information display control system including a terminal that displays secret information set to be handled secretly, a sensor that detects the position of a guest, and a server that is communicably connected to the terminal and the sensor via a network Because The terminal transmits user information indicating whether or not a user is using the terminal and whether or not the secret information is displayed to the server, The sensor transmits guest information indicating the detected guest position to the server, The server User information receiving means for receiving the user information from the terminal; Guest information receiving means for receiving the guest information from the sensor; Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information; When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area; A risk determination means for determining the risk of the terminal based on the
  • the control information transmitting means transmits a plurality of the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal,
  • the terminal displays the plurality of control information received from the server, and controls display of the secret information based on specific control information selected from the plurality of control information.
  • the server It further comprises display information acquisition means for acquiring display information capable of drawing the guest's attention,
  • the control information transmitting means transmits the display information to the display,
  • the secret information display control system according to any one of supplementary notes 1 to 3, wherein the display displays the display information received from the server.
  • the server It further comprises display information acquisition means for acquiring display information capable of drawing the guest's attention,
  • the control information transmitting means transmits the display information to the terminal determined that the user does not exist based on the user information,
  • the secret information display control system according to any one of supplementary notes 1 to 3, wherein the terminal determined that the user does not exist displays the display information received from the server.
  • a server that is communicably connected via a network to a terminal that displays secret information set to be handled secretly and a sensor that detects the location of the guest, User information receiving means for receiving user information indicating whether or not the user using the terminal is present from the terminal and whether or not the secret information is displayed; Guest information receiving means for receiving guest information indicating the position of the guest detected from the sensor; Storage means for preliminarily storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information; When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area; A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk; Control information transmitting means for transmitting the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal;
  • a server comprising
  • a sensor that detects the position of the guest transmits guest information indicating the detected position of the guest to the server,
  • the server is Receiving the user information from the terminal; Receiving the guest information from the sensor;
  • Control information indicating a control method for controlling display of the secret information corresponding to the risk level of the terminal indicated by the risk level information is transmitted to the terminal;
  • the terminal controls display of the secret information based on the control information received from the server.
  • Secret information display control method
  • a computer that is communicably connected via a network to a terminal that displays secret information that is set to be handled secretly and a sensor that detects the location of the guest, User information receiving means for receiving from the terminal user information indicating whether or not the user is using the terminal and whether or not the secret information is displayed; Guest information receiving means for receiving guest information indicating the detected position of the guest from the sensor; Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information; When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area; A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk; and Control information transmitting means for transmitting the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal; A computer-readable recording medium in which

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Information Transfer Between Computers (AREA)
  • Controls And Circuits For Display Device (AREA)

Abstract

This invention discloses a server and the like for controlling display such that, when implementing display restrictions for confidential information on a terminal in a public space, said confidential information is not leaked to guests, and to the extent possible, the terminal's user is not impeded from working on the terminal. A user-information reception unit (13) in this server (1) receives, from a terminal (10), user information that indicates whether or not a user is currently using said terminal and whether or not confidential information that is set to be treated confidentially is being displayed. A guest-information reception unit (11) receives, from a sensor (3), guest information that indicates the position of a guest. On the basis of said guest information, a perception-region computation unit (14) computes a perception region for the guest. On the basis of perception-region information indicating said perception region, the user information, and terminal information indicating the position of the terminal, a risk-level determination unit (15) determines a risk level for the terminal (10). A control-information transmission unit (16) transmits, to the terminal (10), control information indicating a control technique, corresponding to the aforementioned risk level, for controlling the display of the abovementioned confidential information.

Description

秘密情報表示制御システム、サーバ、秘密情報表示制御方法および記録媒体Secret information display control system, server, secret information display control method, and recording medium
 本発明は、取扱いが限定されるべき秘密を表す秘密情報の表示を制御する技術に関する。 The present invention relates to a technique for controlling display of secret information representing a secret whose handling should be limited.
 分野にとらわれない新しいアイデアを創出するために、部門(組織)間の連携を促進するオープンな会議エリアが設置されたオフィスが増えている。一方、オープンコラボレーションが重要になってきているので、社外のゲストがオフィスに来訪する機会も増えている。そのため、秘密保持契約を直接的に結んでいない人同士が同じ場所にいることが多くなってきており、秘密情報の取り扱いが問題になる。 In order to create new ideas that are not confined to the field, an increasing number of offices have open conference areas that promote collaboration between departments (organizations). On the other hand, open collaboration is becoming more important, so there are more opportunities for outside guests to visit the office. For this reason, people who have not directly signed a confidentiality agreement are often in the same place, and handling of confidential information becomes a problem.
 特許文献1は、秘密情報保護システムを開示する。当該秘密情報保護システムは、オフィスに部外者などが入室している場合に、その部外者の付近に位置するクライアント端末に表示されているファイルに含まれる「極秘」、「社外秘」などの文字列を基に危険度を求める。そして、当該秘密情報保護システムは、求めた危険度が入室者に許容されたセキュリティレベルを超える場合に、セキュリティを確保すべく、当該クライアント端末が有する画面の表示制御を行う。当該秘密情報保護システムが行う表示制御とは、当該画面への注意喚起情報の表示、スクリーンセーバーの表示(起動)、特定ウィンドウの消去や最小化、または、所定の色による塗りつぶし、などである。 Patent Document 1 discloses a secret information protection system. The confidential information protection system, such as “confidential” or “confidential” included in the file displayed on the client terminal located near the outsider when an outsider enters the office The risk is calculated based on the character string. Then, the secret information protection system performs display control of the screen of the client terminal in order to ensure security when the obtained degree of risk exceeds the security level allowed for the resident. The display control performed by the secret information protection system includes display of alert information on the screen, display (activation) of a screen saver, deletion or minimization of a specific window, or filling with a predetermined color.
 特許文献2は、データ処理装置を開示する。当該データ処理装置は、オフィス内へのゲストの訪問を管理し、フリーアドレス等が採用されているオフィスにおいて、当該ゲストを受け入れるべき応対者の在席位置を検出し、当該ゲストに対して、検出した在席位置を提示する。特許文献2に記載された技術は、フリーアドレス等が採用されているオフィスにおいて、当該ゲストが社員に接近したことを検知するのに応じて、当該ゲスト近辺に存在するユーザ携帯端末の表示を制限することにより、秘密情報の漏えいを防ぐ。 Patent Document 2 discloses a data processing apparatus. The data processing device manages the visit of the guest in the office, detects the presence position of the person who should accept the guest in the office where the free address is adopted, and detects the guest Presented seating position. The technology described in Patent Document 2 restricts the display of user portable terminals existing in the vicinity of the guest in response to detecting that the guest has approached an employee in an office where a free address or the like is employed. By doing so, leakage of confidential information is prevented.
 特許文献3は、異なる視認領域から異なる画像を見ることができる複数画像を同時に表示する表示システムを開示する。この表示システムは、視認領域に対して設定されているセキュリティレベルに応じて表示条件を決定し、決定された表示条件に応じて、出力する画像を制限する。 Patent Document 3 discloses a display system that simultaneously displays a plurality of images from which different images can be viewed from different viewing areas. This display system determines display conditions according to the security level set for the visual recognition area, and restricts images to be output according to the determined display conditions.
 特許文献4は、入退室管理やプロジェクタへの表示制御を行う情報管理装置を開示する。当該情報管理装置は、複数の施設領域における情報保護を行うに際して、人の位置情報と保護属性、および保護対象情報の保護属性に基づいて、ある施設領域に存在する人の保護属性と、隣接する施設領域に存在する人の保護属性とを参照する。そして、当該情報管理装置は、参照結果に基づいて当該施設領域の保護レベルを決定し、情報保護を行うための制御(入退室管理やプロジェクタへの表示制御)を行う。 Patent Document 4 discloses an information management apparatus that performs entrance / exit management and display control on a projector. When the information management apparatus performs information protection in a plurality of facility areas, the information management apparatus is adjacent to a person's protection attribute existing in a certain facility area based on the position information and protection attribute of the person and the protection attribute of the protection target information. Refers to the protection attributes of people present in the facility area. Then, the information management apparatus determines the protection level of the facility area based on the reference result, and performs control (entrance / exit management and display control to the projector) for information protection.
 特許文献5は、顔画像によって個人を識別し、各個人に禁止されている行動を検知した場合に警告を発する行動監視システムを開示する。
 特許文献6は、特定エリアへの対象(人)の入退場を管理する装置を開示する。この装置は、カメラなどの撮影部から入力された画像を用いて、当該対象に関して、顔の向きと移動速度とを検出し、検出結果に基づいて当該対象による影響エリアを設定する。そしてこの装置は、設定した影響エリアと、当該特定エリアとの重複(重畳)の度合いに基づいて、当該特定エリアに対する当該対象の移動状態に応じた警報レベルの警報を出力する。 Patent Document 5 discloses an action monitoring system that identifies an individual by a face image and issues a warning when an action prohibited by each individual is detected.
Patent Document 6 discloses an apparatus for managing entry / exit of a target (person) to / from a specific area. This apparatus detects an orientation and a moving speed of the face with respect to the target using an image input from a photographing unit such as a camera, and sets an influence area by the target based on the detection result. And this apparatus outputs the warning of the warning level according to the movement state of the said object with respect to the said specific area based on the set influence area and the overlapping (superimposition) degree with the said specific area.
特開2009-116512号公報JP 2009-116512 A 特開2009-086897号公報JP 2009-086897 A 特許第4382837号公報Japanese Patent No. 4382837 特許第4788636号公報Japanese Patent No. 4788636 国際公開第2009/025140号International Publication No. 2009/025140 特開2010-122978号公報JP 2010-122978 A
 社外のゲストが来訪した際に、そのゲストの付近に存在する端末を使用する社内のユーザは、秘密情報を当該ゲストに知られることは避けなければならない。しかしながら、当該ゲストに秘密情報を知られないことを重要視しすぎると、当該ユーザの作業の妨げとなる。従って、秘密情報を守りつつ、ユーザの作業を極力妨げない表示制御を行うことが望まれる。 When a guest from outside the company visits, an internal user who uses a terminal in the vicinity of the guest must avoid sharing the confidential information with the guest. However, if too much importance is given to the guest not knowing the secret information, the user's work will be hindered. Therefore, it is desired to perform display control that protects confidential information and prevents the user's work as much as possible.
 特許文献1および特許文献2に開示されている技術は、入室したゲスト付近に存在する全ての端末の表示を変更、或いは制限する。このため、当該ゲストが見ていない端末のユーザにとって、業務が過剰に制限されるという弊害がある。 The technologies disclosed in Patent Document 1 and Patent Document 2 change or limit the display of all terminals existing near the guest who has entered the room. For this reason, there is an adverse effect that operations are excessively limited for a user of a terminal that is not viewed by the guest.
 特許文献3乃至特許文献6のように、ゲストが存在するエリアを仮定した対処方法や、ゲストに対して入室を制限することによって対処する方法、ゲストに対して警告を発することによって対処する方法は、オープンな環境とは言えない。 As described in Patent Documents 3 to 6, there are a coping method assuming an area where a guest is present, a method of coping by restricting entry to the guest, and a method of coping by issuing a warning to the guest. It's not an open environment.
 本発明は上述の事情に鑑みてなされた。本発明は、オープンな環境にある端末による秘密情報の表示制限を実施する場合に、ゲストに秘密情報を漏らさず、かつ、当該端末のユーザによる作業を極力妨げない表示制御を行うことを1つの目的とする。 The present invention has been made in view of the above circumstances. In the present invention, when restricting the display of confidential information by a terminal in an open environment, the display control is performed so that the confidential information is not leaked to the guest and the work of the user of the terminal is prevented as much as possible. Objective.
 本発明の第1の観点に係る秘密情報表示制御システムは、
 秘密に扱われるよう設定された秘密情報を表示する端末と、ゲストの位置を検知するセンサと、前記端末および前記センサとネットワークを介して通信可能に接続されるサーバとを含む秘密情報表示制御システムであって、
 前記端末は、前記端末を使用中のユーザの存否と、前記秘密情報を表示しているか否かとを示すユーザ情報を前記サーバに送信し、
 前記センサは、検知した前記ゲストの位置を示すゲスト情報を、前記サーバに送信し、
 前記サーバは、
  前記端末から前記ユーザ情報を受信するユーザ情報受信手段と、
  前記センサから前記ゲスト情報を受信するゲスト情報受信手段と、
  前記端末の位置を示す端末情報と、前記秘密情報の表示を制御する制御手法を示す制御情報とを記憶する記憶手段と、
  前記ゲスト情報受信手段が前記ゲスト情報を受信すると、前記ゲスト情報に基づいて、前記ゲストの認知領域を算出し、算出した認知領域を示す認知領域情報を生成する認知領域算出手段と、
  前記認知領域情報と、前記ユーザ情報と、前記端末情報と、に基づいて、前記端末の危険度を判定し、判定した危険度を示す危険度情報を生成する危険度判定手段と、
  前記危険度情報が示す前記端末の危険度に対応する前記制御情報を前記端末に送信する制御情報送信手段と、
 を備え、
 前記端末は、前記サーバから受信した前記制御情報に基づいて、前記秘密情報の表示を制御する。 The secret information display control system according to the first aspect of the present invention includes:
A secret information display control system including a terminal that displays secret information set to be handled secretly, a sensor that detects the position of a guest, and a server that is communicably connected to the terminal and the sensor via a network Because
The terminal transmits user information indicating whether or not a user is using the terminal and whether or not the secret information is displayed to the server,
The sensor transmits guest information indicating the detected position of the guest to the server,
The server
User information receiving means for receiving the user information from the terminal;
Guest information receiving means for receiving the guest information from the sensor;
Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information;
When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area;
A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk;
Control information transmitting means for transmitting the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal;
With
The terminal controls display of the secret information based on the control information received from the server.
 本発明の第2の観点に係るサーバは、
 秘密に扱われるよう設定された秘密情報を表示する端末と、ゲストの位置を検知するセンサとにネットワークを介して通信可能に接続されるサーバであって、
 前記端末から前記端末を使用中のユーザの存否と、前記秘密情報を表示しているか否かとを示すユーザ情報を受信するユーザ情報受信手段と、
 前記センサから検知した前記ゲストの位置を示すゲスト情報を受信するゲスト情報受信手段と、
 前記端末の位置を示す端末情報と、前記秘密情報の表示を制御する制御方法を示す制御情報とを記憶する記憶手段と、
 前記ゲスト情報受信手段が前記ゲスト情報を受信すると、前記ゲスト情報に基づいて、前記ゲストの認知領域を算出し、算出した認知領域を示す認知領域情報を生成する認知領域算出手段と、
 前記認知領域情報と、前記ユーザ情報と、前記端末情報と、に基づいて、前記端末の危険度を判定し、判定した危険度を示す危険度情報を生成する危険度判定手段と、
 前記危険度情報が示す前記端末の危険度に対応する前記制御情報を前記端末に送信する制御情報送信手段と、
 を備える。 The server according to the second aspect of the present invention is:
A server that is communicably connected via a network to a terminal that displays secret information set to be handled secretly and a sensor that detects the location of the guest,
User information receiving means for receiving user information indicating whether or not the user using the terminal is present from the terminal and whether or not the secret information is displayed;
Guest information receiving means for receiving guest information indicating the position of the guest detected from the sensor;
Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information;
When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area;
A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk;
Control information transmitting means for transmitting the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal;
Is provided.
 本発明の第3の観点に係る秘密情報表示制御方法は、
 秘密に扱われるよう設定された秘密情報を表示する端末が、前記端末を使用中のユーザの存否と、前記秘密情報を表示しているか否かとを示すユーザ情報をサーバに送信し、
  前記秘密情報の秘密の対象であるゲストの位置を検知するセンサが、検知した前記ゲストの位置を示すゲスト情報を前記サーバに送信し、
 前記サーバが、
  前記端末から前記ユーザ情報を受信し、
  前記センサから前記ゲスト情報を受信し、
  前記ゲスト情報を受信すると、前記ゲスト情報に基づいて、前記ゲストの認知領域を算出し、算出した認知領域を示す認知領域情報を生成し、
  前記認知領域情報と、前記ユーザ情報と、前記端末の位置を示す端末情報と、に基づいて、前記端末の危険度を判定し、判定した危険度を示す危険度情報を生成し、
  前記危険度情報が示す前記端末の危険度に対応する、前記秘密情報の表示を制御する制御手法を示す制御情報を前記端末に送信し、
 前記端末が、前記サーバから受信した前記制御情報に基づいて、前記秘密情報の表示を制御する。 The secret information display control method according to the third aspect of the present invention includes:
A terminal that displays secret information set to be handled secretly transmits user information indicating whether or not the user using the terminal is present and whether or not the secret information is displayed to the server,
A sensor that detects the position of a guest that is a secret target of the secret information transmits guest information indicating the detected position of the guest to the server,
The server is
Receiving the user information from the terminal;
Receiving the guest information from the sensor;
When receiving the guest information, based on the guest information, calculate the recognition area of the guest, generate recognition area information indicating the calculated recognition area,
Based on the recognition area information, the user information, and terminal information indicating the position of the terminal, the risk level of the terminal is determined, and risk level information indicating the determined risk level is generated,
Control information indicating a control method for controlling display of the secret information corresponding to the risk level of the terminal indicated by the risk level information is transmitted to the terminal;
The terminal controls display of the secret information based on the control information received from the server.
 本発明の第4の観点に係るプログラム、或いは、そのプログラムが格納された、コンピュータ読み取り可能な記録媒体は、
 秘密に扱われるよう設定された秘密情報を表示する端末と、ゲストの位置を検知するセンサとにネットワークを介して通信可能に接続されるコンピュータを、
 前記端末を使用中のユーザの存否と、前記秘密情報を表示しているか否かとを示すユーザ情報を、前記端末から受信するユーザ情報受信手段と、
 検知した前記ゲストの位置を示すゲスト情報を、前記センサから受信するゲスト情報受信手段と、
 前記端末の位置を示す端末情報と、前記秘密情報の表示を制御する制御手法を示す制御情報とを記憶する記憶手段と、
 前記ゲスト情報受信手段が前記ゲスト情報を受信すると、前記ゲスト情報に基づいて、前記ゲストの認知領域を算出し、算出した認知領域を示す認知領域情報を生成する認知領域算出手段と、
 前記認知領域情報と、前記ユーザ情報と、前記端末情報と、に基づいて、前記端末の危険度を判定し、判定した危険度を示す危険度情報を生成する危険度判定手段、および、
 前記危険度情報が示す前記端末の危険度に対応する前記制御情報を前記端末に送信する制御情報送信手段、
 として機能させる。 A program according to the fourth aspect of the present invention, or a computer-readable recording medium storing the program,
A computer that is communicably connected via a network to a terminal that displays secret information that is set to be handled secretly and a sensor that detects the location of the guest,
User information receiving means for receiving from the terminal user information indicating whether or not the user is using the terminal and whether or not the secret information is displayed;
Guest information receiving means for receiving guest information indicating the detected position of the guest from the sensor;
Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information;
When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area;
A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk; and
Control information transmitting means for transmitting the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal;
To function as.
 本発明によれば、オープンな環境にある端末による秘密情報の表示制限を実施する場合に、ゲストに秘密情報を漏らさず、かつ、当該端末のユーザによる作業を極力妨げない表示制御を行うことができる。 According to the present invention, when restricting display of secret information by a terminal in an open environment, display control is performed so that secret information is not leaked to a guest and work by the user of the terminal is prevented as much as possible. it can.
図1は、本発明の第1の実施の形態に係る秘密情報表示制御システムの構成例を示す図である。FIG. 1 is a diagram showing a configuration example of a secret information display control system according to the first embodiment of the present invention. 図2は、第1の実施の形態に係るサーバの機能構成例を示すブロック図である。FIG. 2 is a block diagram illustrating a functional configuration example of the server according to the first embodiment. 図3は、第1の実施の形態に係る制御情報の一例を示す図である。FIG. 3 is a diagram illustrating an example of control information according to the first embodiment. 図4は、第1の実施の形態に係る秘密情報表示制御システムの、ゲストの移動に伴う動作を説明する図である。FIG. 4 is a diagram for explaining the operation accompanying the movement of the guest in the secret information display control system according to the first embodiment. 図5は、第1の実施の形態に係る秘密情報表示制御処理の一例を示すフローチャートである。FIG. 5 is a flowchart illustrating an example of the secret information display control process according to the first embodiment. 図6は、本発明の第2の実施の形態に係る秘密情報表示制御システムの構成例を示す図である。FIG. 6 is a diagram illustrating a configuration example of a secret information display control system according to the second embodiment of the present invention. 図7は、第2の実施の形態に係るサーバの機能構成例を示すブロック図である。FIG. 7 is a block diagram illustrating a functional configuration example of the server according to the second embodiment. 図8は、第2の実施の形態に係る秘密情報表示制御処理の一例を示すフローチャートである。FIG. 8 is a flowchart illustrating an example of the secret information display control process according to the second embodiment. 図9は、本発明の各実施の形態に係るサーバのハードウェア構成例を示すブロック図である。FIG. 9 is a block diagram showing a hardware configuration example of the server according to each embodiment of the present invention.
 本発明の実施の形態について、図面を参照して詳細に説明する。以下の説明において、同一の構成については、図面中に同一の参照符号をして、重複する説明は省略することとする。 Embodiments of the present invention will be described in detail with reference to the drawings. In the following description, the same components are denoted by the same reference numerals in the drawings, and redundant descriptions are omitted.
 本実施の形態において、「秘密情報」とは、開示される範囲が特定の関係者(メンバー)に限定され、“秘密”として取り扱われるべき情報であって、以下に説明する各実施形態において、装置内にて「秘密情報」として判別可能に設定された情報である。「公開情報」とは、係る秘密情報以外の情報である。「ユーザ」とは、端末(クライアント端末)に表示された、秘密情報および公開情報の少なくとも何れかを利用して作業(業務)を行う部内者(Insider)である。「ゲスト」とは、秘密情報を知得してはいけない部外者(Outsider)である。 In the present embodiment, “secret information” is information that should be handled as “secret”, the scope of disclosure being limited to specific parties (members), and in each embodiment described below, It is information set so as to be discriminated as “secret information” in the apparatus. “Public information” is information other than the confidential information. A “user” is an insider (Insider) who performs work (business) using at least one of confidential information and public information displayed on a terminal (client terminal). “Guest” is an outsider who must not know confidential information.
 (第1の実施の形態)
 図1は、本発明の第1の実施の形態に係る秘密情報表示制御システムの構成例を示す図である。秘密情報表示制御システム100は、サーバ1とセンサ3(3A乃至3D)と端末10とを含む。センサ3および端末10とサーバ1とは、通信ネットワーク(図示せず)を介して通信可能に接続されていることとする。 (First embodiment)
FIG. 1 is a diagram showing a configuration example of a secret information display control system according to the first embodiment of the present invention. The secret information display control system 100 includes a server 1, a sensor 3 (3A to 3D), and a terminal 10. It is assumed that the sensor 3 and the terminal 10 and the server 1 are communicably connected via a communication network (not shown).
 センサ3は、図1に示す構成例では4つ(センサ3A乃至センサ3D)設けられており、IC(Integrated Circuit)タグリーダやカメラなどの機能を有する。センサ3(センサ3A乃至センサ3D)は、係るICタグリーダ機能によって、当該ゲストが所持するICタグ51の検出結果に基づいて、そのゲストの位置を検知する。センサ3は、この位置検知を繰り返すことにより、当該ゲストの時系列な動き(移動、移動軌跡)を検出することができる。更に、センサ3は、係るカメラ機能によって当該ゲストを撮影し、撮影した画像に基づいて、当該ゲストの視線の方向などを検知する。センサ3は、検知した当該ゲストの動きや視線などを示す情報(以下、「ゲスト情報GI」と称する)を生成し、生成したゲスト情報GIをサーバ1に送信する。 In the configuration example shown in FIG. 1, four sensors (sensor 3A to sensor 3D) are provided, and the sensor 3 has functions such as an IC (Integrated Circuit) tag reader and a camera. The sensor 3 (sensor 3A to sensor 3D) detects the position of the guest based on the detection result of the IC tag 51 possessed by the guest by the IC tag reader function. The sensor 3 can detect the time-series movement (movement, movement locus) of the guest by repeating this position detection. Further, the sensor 3 captures the guest by the camera function, and detects the direction of the guest's line of sight based on the captured image. The sensor 3 generates information indicating the detected movement or line of sight of the guest (hereinafter referred to as “guest information GI”), and transmits the generated guest information GI to the server 1.
 センサ3は、定期的にゲスト情報GIを送信してもよいし、ゲスト情報GIが変化した場合にのみ、新たなゲスト情報GIを送信してもよい。 Sensor 3 may transmit guest information GI periodically, or may transmit new guest information GI only when guest information GI changes.
 端末10は、図1に示す構成例では9つ(端末10A乃至端末10I)設けられており、自端末を操作するユーザの存否や、自端末の表示画面に秘密情報を表示しているか否かを判定する機能等を有する。 In the configuration example shown in FIG. 1, nine terminals 10 (terminals 10A to 10I) are provided, and whether or not there is a user who operates the terminal and whether or not secret information is displayed on the display screen of the terminal. And the like.
 端末10は、自端末が扱う情報を秘密情報として扱うか否かを、以下に説明する如く、ゲストとの関係に従って判断する。 The terminal 10 determines whether or not the information handled by the terminal 10 is handled as confidential information according to the relationship with the guest as described below.
 例えば、センサ3は、ゲストが所持するICタグ51から、そのゲストの属性を示すゲスト属性情報GAを取得する。このゲスト属性情報GAには、対象となるゲストに関する属性として、少なくとも、開示できる分野を表す情報と、開示できるレベルを示す情報とが含まれる。端末10が表示している情報には、分野とレベルとが設定されているとする。そして、このような場合に、端末10は、センサ3からゲスト属性情報GAを受信したとする。この場合、端末10は、自端末において表示している情報が、当該ゲスト属性情報GAに含まれる情報の範囲である(即ち、ゲストの属性の範囲内)ならば、当該表示している情報を公開情報であると判定する。一方、当該ゲスト属性情報GAに含まれる情報の範囲ではない(即ち、ゲストの属性の範囲外)ならば、端末10は、自端末において表示している情報を、秘密情報であると判定する。端末10は、複数のゲストが同時に存在する場合、各ゲストに関するゲスト属性情報GAを元に、自端末が秘密情報を表示しているか否かを判定する。 For example, the sensor 3 acquires guest attribute information GA indicating an attribute of the guest from the IC tag 51 possessed by the guest. The guest attribute information GA includes at least information indicating a field that can be disclosed and information indicating a level that can be disclosed as attributes relating to the target guest. It is assumed that a field and a level are set in the information displayed on the terminal 10. In such a case, it is assumed that the terminal 10 receives the guest attribute information GA from the sensor 3. In this case, if the information displayed on the terminal 10 is within the range of information included in the guest attribute information GA (that is, within the range of guest attributes), the terminal 10 displays the displayed information. It is determined that the information is public information. On the other hand, if it is not in the range of the information included in the guest attribute information GA (that is, outside the range of the guest attribute), the terminal 10 determines that the information displayed on the terminal 10 is confidential information. When there are a plurality of guests at the same time, the terminal 10 determines whether or not the terminal itself displays secret information based on the guest attribute information GA regarding each guest.
 端末10は、ユーザの存否や秘密情報を表示しているか否かを示すユーザ情報を生成し、生成したユーザ情報をサーバ1に送信する。端末10は、このユーザ情報を定期的に送信してもよいし、ユーザ情報が変化した場合にのみ送信してもよい。ユーザの存否は、例えば、端末10がICタグリーダ(不図示)を備え、そのICタグリーダによってユーザが所持するICタグ51を検出することによって判定してもよい。また、ユーザの存否は、例えば、端末10がカメラを備える場合、そのカメラによって撮影された画像に関する認識処理によって判定してもよい。 The terminal 10 generates user information indicating whether the user exists or whether secret information is displayed, and transmits the generated user information to the server 1. The terminal 10 may transmit this user information periodically or only when the user information changes. Whether the user exists or not may be determined by, for example, the terminal 10 having an IC tag reader (not shown) and detecting the IC tag 51 possessed by the user by the IC tag reader. In addition, for example, when the terminal 10 includes a camera, the presence / absence of the user may be determined by a recognition process related to an image captured by the camera.
 端末10が秘密情報を表示しているか否かを判断する他の手段として、例えば、センサ3は、ゲスト属性情報GAをサーバ1に送信し、端末10は、自端末が表示している情報の設定情報(たとえば、分野とレベルを示す情報)をサーバ1に送信する。そして、サーバ1は、センサ3及び端末10から受信したこれらの情報を元に、端末10が秘密情報を表示しているか否かを判定してもよい。 As another means for determining whether or not the terminal 10 displays confidential information, for example, the sensor 3 transmits guest attribute information GA to the server 1, and the terminal 10 displays the information displayed by the terminal 10. Setting information (for example, information indicating the field and level) is transmitted to the server 1. And the server 1 may determine whether the terminal 10 is displaying the secret information based on these information received from the sensor 3 and the terminal 10.
 サーバ1は、センサ3から受信したゲスト情報GIに基づいて、ゲストを認知可能な領域(以下、「認知領域」と称する)を算出する。また、サーバ1は、算出した認知領域や端末10から受信したユーザ情報などに基づいて、各端末10の危険度を判定する。サーバ1は、それぞれの危険度に応じて、各端末10における秘密情報の表示状態を制御する。 The server 1 calculates an area where the guest can be recognized (hereinafter referred to as “recognition area”) based on the guest information GI received from the sensor 3. Further, the server 1 determines the risk level of each terminal 10 based on the calculated recognition area, user information received from the terminal 10, and the like. The server 1 controls the display state of the secret information on each terminal 10 according to each risk level.
 図1の例は、9つの端末10(端末10A~端末10I)が配置された環境において、端末10A、10B、10E、10F、10Gをユーザが利用している状況を表している。そして、図1に示す状況において、4つのセンサ3(センサ3A~センサ3D)は、入室したゲストの動きや視線などを検知する。 The example of FIG. 1 represents a situation where the user uses the terminals 10A, 10B, 10E, 10F, and 10G in an environment where nine terminals 10 (terminal 10A to terminal 10I) are arranged. In the situation shown in FIG. 1, the four sensors 3 (sensors 3A to 3D) detect the movement of the guest who entered the room, the line of sight, and the like.
 図1に示す例において、ゲストの認知領域は、破線で表されている。この例では、ゲストの認知領域内に端末10Aと端末10Bが存在し、これらの端末は秘密情報が表示されている。このため、サーバ1は、端末10Aおよび端末10Bに表示される秘密情報の表示制御を行う。 In the example shown in FIG. 1, the guest recognition area is represented by a broken line. In this example, the terminal 10A and the terminal 10B exist in the guest recognition area, and secret information is displayed on these terminals. For this reason, the server 1 performs display control of secret information displayed on the terminal 10A and the terminal 10B.
 図2は、第1の実施の形態に係るサーバの機能構成を例示するブロック図である。サーバ1は、ゲスト情報受信部11、記憶部12、ユーザ情報受信部13、認知領域算出部14、危険度判定部15および制御情報送信部16を含む。 FIG. 2 is a block diagram illustrating a functional configuration of the server according to the first embodiment. The server 1 includes a guest information reception unit 11, a storage unit 12, a user information reception unit 13, a recognition area calculation unit 14, a risk determination unit 15, and a control information transmission unit 16.
 ゲスト情報受信部11は、センサ3A~センサ3Dから、ゲスト情報GIを受信する。ゲスト情報受信部11は、受信したゲスト情報GIを、記憶部12に記憶する。 The guest information receiving unit 11 receives guest information GI from the sensors 3A to 3D. The guest information receiving unit 11 stores the received guest information GI in the storage unit 12.
 ユーザ情報受信部13は、端末10A~端末10Iから、ユーザ情報を受信する。ユーザ情報受信部13は、受信したユーザ情報を、記憶部12に記憶する。 User information receiving unit 13 receives user information from terminals 10A to 10I. The user information receiving unit 13 stores the received user information in the storage unit 12.
 本実施形態において、記憶部12は、各端末10の位置を示す端末情報と、秘密情報の表示を制御する制御手法を示す制御情報とをあらかじめ記憶していることとする。 In the present embodiment, it is assumed that the storage unit 12 stores in advance terminal information indicating the position of each terminal 10 and control information indicating a control method for controlling display of secret information.
 認知領域算出部14は、ゲスト情報受信部11がゲスト情報GIを受信すると、記憶部12に記憶されたゲスト情報GIに基づいて、当該ゲストの認知領域を算出する。認知領域算出部14は、算出した認知領域を示す認知領域情報を生成し、生成した認知領域情報を、危険度判定部15に送る。例えば、認知領域算出部14は、ゲストの位置を中心として、そのゲストの向いている方向の一定の距離を半径とする扇形の認知領域を算出する。このとき、認知領域算出部14は、当該ゲストからの距離に応じて、認知可能レベルに段階を設定してもよい。 When the guest information reception unit 11 receives the guest information GI, the recognition region calculation unit 14 calculates the recognition region of the guest based on the guest information GI stored in the storage unit 12. The recognition region calculation unit 14 generates recognition region information indicating the calculated recognition region, and sends the generated recognition region information to the risk determination unit 15. For example, the recognition area calculation unit 14 calculates a fan-shaped recognition area centered on the guest's position and having a radius of a certain distance in the direction the guest is facing. At this time, the recognition area calculation unit 14 may set the level to a recognizable level according to the distance from the guest.
 また、認知領域算出部14は、セキュリティのレベルに応じて、認知領域を変更してもよい。例えば、認知領域算出部14は、セキュリティレベルが高い環境では、認知領域が広くなる計算式を用い、セキュリティレベルが低い環境では、認知領域が狭くなる計算式を用いて算出する。 Also, the recognition area calculation unit 14 may change the recognition area according to the level of security. For example, the recognition area calculation unit 14 uses a calculation formula that widens the recognition area in an environment with a high security level, and uses a calculation formula that narrows the recognition area in an environment with a low security level.
 危険度判定部15は、認知領域算出部14から受け取った認知領域情報と、記憶部12に記憶されているユーザ情報と、記憶部12にあらかじめ記憶されている端末情報と、に基づいて、各端末10の危険度を判定する。危険度判定部15は、秘密情報が表示されているか否か、ユーザが存在するか否か、および、該端末10がゲストの認知領域内に含まれるか否かに応じて、危険度を判定する。危険度判定部15は、判定した各端末10の危険度を示す危険度情報を生成し、生成した危険度情報を、制御情報送信部16に送る。 Based on the recognition area information received from the recognition area calculation unit 14, the user information stored in the storage unit 12, and the terminal information stored in advance in the storage unit 12, the risk determination unit 15 The risk level of the terminal 10 is determined. The risk determination unit 15 determines the risk according to whether secret information is displayed, whether a user exists, and whether the terminal 10 is included in the guest's recognition area. To do. The risk determination unit 15 generates risk information indicating the determined risk of each terminal 10, and sends the generated risk information to the control information transmission unit 16.
 認知領域算出部14が、ゲストからの距離に従って、認知可能レベルに段階を設定して認知領域を算出する場合に、危険度判定部15は、設定された認知可能レベルを考慮して危険度を判定する。 When the recognition area calculation unit 14 calculates the recognition area by setting the level to the recognizable level according to the distance from the guest, the risk level determination unit 15 determines the risk level in consideration of the set recognizable level. judge.
 制御情報送信部16は、危険度判定部15から危険度情報を受け取ると、記憶部12にあらかじめ記憶している制御情報を呼び出し、当該危険度情報が示す各端末10の危険度に対応する制御情報を、対応する端末10に送信する。 When the control information transmission unit 16 receives the risk level information from the risk level determination unit 15, the control information transmission unit 16 calls the control information stored in advance in the storage unit 12 and performs control corresponding to the risk level of each terminal 10 indicated by the risk level information. Information is transmitted to the corresponding terminal 10.
 各端末10は、制御情報送信部16から受けとった制御情報が示す制御手法により、秘密情報の表示を制御する。 Each terminal 10 controls the display of the secret information by the control method indicated by the control information received from the control information transmitting unit 16.
 ここで、具体的に、どのように秘密情報の表示制御を行うかについて図1、図3および図4を用いて説明する。 Here, how to control the display of confidential information will be specifically described with reference to FIGS. 1, 3, and 4. FIG.
 図3は、第1の実施の形態に係る制御情報の一例を示す図である。図3に示すように、記憶部12は、危険度に関連付けされた制御情報を記憶している。 FIG. 3 is a diagram illustrating an example of control information according to the first embodiment. As illustrated in FIG. 3, the storage unit 12 stores control information associated with the degree of risk.
 図3に示す例では、危険度0には、「秘密情報の表示制御を解除する」という制御情報が関連付けられている。危険度1には、「秘密情報の位置をゲストの反対方向に移動する」という制御情報が関連付けられている。危険度2には、「秘密情報の表示を所定の大きさまで小さくする」という制御情報が関連付けられている。危険度3には、「秘密情報の表示を強制終了する」という制御情報が関連付けられている。 In the example shown in FIG. 3, control information “cancel confidential information display control” is associated with the risk level 0. Control information “move the position of the secret information in the opposite direction of the guest” is associated with the risk level 1. Control information “reducing the display of secret information to a predetermined size” is associated with risk level 2. The risk level 3 is associated with control information “forcibly terminate display of secret information”.
 秘密情報の表示を制御する制御手法は、上述した例には限定されない。例えば、注意を喚起するメッセージを表示する手法や、スクリーンセーバーを表示する手法、秘密情報を表示しているウィンドウを最小化する手法などでもよい。また、各端末10に送信される制御情報は1つに限らず、制御候補として複数の制御情報が送信され、それらの制御情報の中からユーザが選択する構成でもよい。また、危険度判定部15が認知可能レベルを考慮して危険度を判定する場合に、端末10は、例えば、その認知可能レベルに応じて、秘密情報の文字サイズをゲストが認知できない大きさに変更するなどの制御を行うとよい。 The control method for controlling the display of the secret information is not limited to the example described above. For example, a technique for displaying a message for calling attention, a technique for displaying a screen saver, or a technique for minimizing a window displaying secret information may be used. Moreover, the control information transmitted to each terminal 10 is not limited to one, and a plurality of control information may be transmitted as control candidates, and the user may select from among the control information. Further, when the risk determination unit 15 determines the risk considering the recognizable level, the terminal 10 sets the character size of the secret information to a size that the guest cannot recognize, for example, according to the recognizable level. It is good to perform control such as changing.
 図1に示す位置にゲストがいる場合、センサ3A~センサ3Dによって、そのゲストの位置および視線の方向が検知される。センサ3A~センサ3Dは、当該ゲストの位置および視線の方向を示すゲスト情報GIを、サーバ1に送信する。 When there is a guest at the position shown in FIG. 1, the position of the guest and the direction of the line of sight are detected by the sensors 3A to 3D. The sensors 3A to 3D transmit guest information GI indicating the position of the guest and the direction of the line of sight to the server 1.
 サーバ1のゲスト情報受信部11は、センサ3A~センサ3Dから受信したゲスト情報GIを、記憶部12に記憶する。 The guest information receiving unit 11 of the server 1 stores the guest information GI received from the sensors 3A to 3D in the storage unit 12.
 端末10A~端末10Iは、ユーザ情報をサーバ1に送信する。サーバ1のユーザ情報受信部13は、端末10A~端末10Iから受信したユーザ情報を、記憶部12に記憶する。 The terminals 10A to 10I transmit user information to the server 1. The user information receiving unit 13 of the server 1 stores the user information received from the terminals 10A to 10I in the storage unit 12.
 図1に示す例において、記憶部12に記憶されているユーザ情報には、例えば、以下の項目が含まれる。即ち、
  ・端末10Aには、ユーザが存在しない状態において秘密情報が表示されていること、
  ・端末10B、端末10Fおよび端末10Gには、ユーザが存在する状態で秘密情報が表示されていること、
  ・端末10C、端末10D、端末10Hおよび端末10Iは、電源がOFFになっていること、
  ・端末10Eには、ユーザが存在する状態で公開情報が表示されていること。 In the example illustrated in FIG. 1, the user information stored in the storage unit 12 includes, for example, the following items. That is,
The terminal 10A displays secret information in the absence of a user,
-Secret information is displayed on the terminal 10B, the terminal 10F, and the terminal 10G in a state where the user exists,
-Terminal 10C, terminal 10D, terminal 10H and terminal 10I are powered off,
-Public information is displayed on the terminal 10E in a state where the user exists.
 認知領域算出部14は、ゲスト情報受信部11がゲスト情報GIを受信すると、記憶部12に記憶されているゲスト情報GIに基づいて、当該ゲストの認知領域を算出する。上述したように、図1に示す例では、破線で示す領域がゲストの認知領域である。認知領域算出部14は、算出した認知領域を示す認知領域情報を生成し、生成した認知領域情報を、危険度判定部15に送る。 When the guest information reception unit 11 receives the guest information GI, the recognition region calculation unit 14 calculates the recognition region of the guest based on the guest information GI stored in the storage unit 12. As described above, in the example shown in FIG. 1, the area indicated by the broken line is the guest recognition area. The recognition region calculation unit 14 generates recognition region information indicating the calculated recognition region, and sends the generated recognition region information to the risk determination unit 15.
 危険度判定部15は、認知領域算出部14から受け取った認知領域情報と、記憶部12に記憶されたユーザ情報と、記憶部12があらかじめ記憶されている端末情報と、に基づいて、各端末10の危険度を判定する。例えば、危険度判定部15は、図3に例示したように、各端末10の危険度を、4段階(レベル0~3)に判定する。 The risk determination unit 15 determines each terminal based on the recognition area information received from the recognition area calculation unit 14, the user information stored in the storage unit 12, and the terminal information stored in the storage unit 12 in advance. A risk rating of 10 is determined. For example, as illustrated in FIG. 3, the risk determination unit 15 determines the risk of each terminal 10 in four levels (levels 0 to 3).
 図1に示す例において、ゲストの認知領域内には、端末10Aと端末10Bとが存在する。端末10Aには、ユーザが存在しない状態で秘密情報が表示されているので、危険度判定部15は、端末10Aの危険度をレベル3と判定する。端末10Bには、ユーザが存在する状態で秘密情報が表示されているので、危険度判定部15は、端末10Bの危険度をレベル2と判定する。その他の端末10は、ゲストの認知領域内に存在しない。そこで、危険度判定部15は、当該その他の端末10の危険度をレベル0と判定する。危険度判定部15は、各端末10を識別する情報と、それぞれの端末に関して判定した危険度とを関連付けた危険度情報を生成し、生成した危険度情報を、制御情報送信部16に送る。 In the example shown in FIG. 1, the terminal 10A and the terminal 10B exist in the guest recognition area. Since the secret information is displayed on the terminal 10A in the absence of the user, the risk determination unit 15 determines the risk of the terminal 10A to be level 3. Since the secret information is displayed on the terminal 10B in a state where the user exists, the risk determination unit 15 determines the risk of the terminal 10B as level 2. Other terminals 10 do not exist within the guest's recognition area. Therefore, the risk determination unit 15 determines the risk of the other terminal 10 as level 0. The risk determination unit 15 generates risk information that associates information for identifying each terminal 10 with the risk determined for each terminal, and sends the generated risk information to the control information transmission unit 16.
 制御情報送信部16は、危険度判定部15から受け取った危険度情報が示す端末10Aの危険度がレベル3であるので、秘密情報の表示を強制終了することを指示可能な制御情報を、端末10Aに送信する。 Since the risk level of the terminal 10A indicated by the risk level information received from the risk level determination unit 15 is level 3, the control information transmission unit 16 transmits control information that can be instructed to forcibly end the display of the secret information to the terminal Send to 10A.
 制御情報送信部16は、危険度判定部15から受け取った危険度情報が示す端末10Bの危険度がレベル2であるので、秘密情報の表示を所定の大きさまで小さくすることを指示可能な制御情報を端末10Bに送信する。 Since the risk level of the terminal 10B indicated by the risk level information received from the risk level determination unit 15 is level 2, the control information transmission unit 16 can instruct control information to be reduced to a predetermined size. Is transmitted to the terminal 10B.
 制御情報送信部16は、その他の端末10に対しては、危険度がレベル0であるので、秘密情報の表示制御を解除することを指示可能な制御情報を送信する。 The control information transmitting unit 16 transmits control information that can be instructed to cancel the display control of the secret information to the other terminals 10 because the risk level is level 0.
 端末10Aは、制御情報送信部16から制御情報を受け取ると、これに従って秘密情報の表示を強制終了する。端末10Bは、制御情報送信部16から制御情報を受け取ると、これに従って秘密情報の表示を所定の大きさまで小さくする。その他の端末10は、制御情報送信部16から制御情報を受け取ると、秘密情報の表示制御を行っている場合には、その秘密情報の表示制御を解除する。
 図4は、第1の実施の形態に係る秘密情報表示制御システムの、ゲストの移動に伴う動作を説明する図である。図1を参照して上述した状況から、図4に示す位置に当該ゲストが移動した場合、センサ3A~センサ3Dによって、当該ゲストの位置および視線の方向が検知される。センサ3A~センサ3Dは、検出した当該ゲストの位置および視線の方向を示すゲスト情報GIを、サーバ1に送信する。 When receiving the control information from the control information transmitting unit 16, the terminal 10A forcibly terminates the display of the secret information accordingly. When receiving the control information from the control information transmitting unit 16, the terminal 10B reduces the display of the secret information to a predetermined size according to the control information. When receiving the control information from the control information transmitting unit 16, the other terminal 10 cancels the display control of the secret information when the display control of the secret information is being performed.
FIG. 4 is a diagram for explaining the operation accompanying the movement of the guest in the secret information display control system according to the first embodiment. When the guest moves to the position shown in FIG. 4 from the situation described above with reference to FIG. 1, the position of the guest and the direction of the line of sight are detected by the sensors 3A to 3D. The sensors 3A to 3D transmit guest information GI indicating the detected position of the guest and the direction of the line of sight to the server 1.
 サーバ1のゲスト情報受信部11は、センサ3A~センサ3Dから受信したゲスト情報GIを、記憶部12に記憶する。 The guest information receiving unit 11 of the server 1 stores the guest information GI received from the sensors 3A to 3D in the storage unit 12.
 端末10A~端末10Iは、ユーザの存否や秘密情報を表示しているか否かを判定し、そのユーザ情報をサーバ1に送信する。 The terminals 10A to 10I determine whether or not the user exists and whether or not secret information is displayed, and transmit the user information to the server 1.
 サーバ1のユーザ情報受信部13は、端末10A~端末10Iから受信したユーザ情報を、記憶部12に記憶する。図4に示す例では、ユーザ情報として、少なくとも、以下の各項目が記憶部12に記憶される。即ち、
  ・端末10B、端末10Fおよび端末10Gには、ユーザが存在する状態で秘密情報が表示されていること、
  ・端末10A、端末10C、端末10D、端末10Hおよび端末10Iは、電源がOFFになっていること、
  ・端末10Eには、ユーザが存在する状態で公開情報が表示されていること。 The user information receiving unit 13 of the server 1 stores the user information received from the terminals 10A to 10I in the storage unit 12. In the example illustrated in FIG. 4, at least the following items are stored in the storage unit 12 as user information. That is,
-Secret information is displayed on the terminal 10B, the terminal 10F, and the terminal 10G in a state where the user exists,
-Terminal 10A, terminal 10C, terminal 10D, terminal 10H and terminal 10I are powered off,
-Public information is displayed on the terminal 10E in a state where the user exists.
 認知領域算出部14は、ゲスト情報受信部11がゲスト情報GIを受信すると、記憶部12に記憶されたゲスト情報GIに基づいて、当該ゲストの認知領域を算出する。図4においても、破線で示す領域はゲストの認知領域を表す。認知領域算出部14は、算出した認知領域を示す認知領域情報を生成し、生成した認知領域情報を、危険度判定部15に送る。 When the guest information reception unit 11 receives the guest information GI, the recognition region calculation unit 14 calculates the recognition region of the guest based on the guest information GI stored in the storage unit 12. Also in FIG. 4, the area indicated by a broken line represents a guest recognition area. The recognition region calculation unit 14 generates recognition region information indicating the calculated recognition region, and sends the generated recognition region information to the risk determination unit 15.
 図4に示す例では、ゲストの認知領域内に端末10Eと端末10Fが存在する。端末10Eには、ユーザが存在する状態で公開情報が表示されているので、危険度判定部15は、端末10Eの危険度をレベル0とする。端末10Fには、ユーザが存在する状態で秘密情報が表示されているので、危険度判定部15は、端末10Fの危険度をレベル2とする。その他の端末10は、ゲストの認知領域内に存在しないので、これらの端末の危険度をレベル0とする。危険度判定部15は、各端末10を識別する情報と、それぞれ判定した危険度とを関連付けた危険度情報を生成し、生成した危険度情報を、制御情報送信部16に送る。 In the example shown in FIG. 4, the terminal 10E and the terminal 10F exist in the guest recognition area. Since the public information is displayed on the terminal 10E in the presence of the user, the risk determination unit 15 sets the risk of the terminal 10E to level 0. Since the confidential information is displayed on the terminal 10F in the presence of the user, the risk determination unit 15 sets the risk of the terminal 10F to level 2. Since the other terminals 10 do not exist within the guest's recognition area, the risk level of these terminals is set to level 0. The risk level determination unit 15 generates risk level information that associates the information for identifying each terminal 10 with the determined risk level, and sends the generated risk level information to the control information transmission unit 16.
 制御情報送信部16は、危険度判定部15から受け取った危険度情報が示す端末10Eの危険度がレベル0であるので、秘密情報の表示制御を解除することを指示可能な制御情報を、端末10Eに送信する。 Since the risk level of the terminal 10E indicated by the risk level information received from the risk level determination unit 15 is level 0, the control information transmission unit 16 transmits control information that can be instructed to cancel the display control of the secret information to the terminal To 10E.
 制御情報送信部16は、危険度判定部15から受け取った危険度情報が示す端末10Fの危険度がレベル2であるので、秘密情報の表示を所定の大きさまで小さくすることを指示可能な制御情報を、端末10Fに送信する。 Since the risk level of the terminal 10F indicated by the risk level information received from the risk level determination unit 15 is level 2, the control information transmission unit 16 can instruct to reduce the display of the secret information to a predetermined size. Is transmitted to the terminal 10F.
 制御情報送信部16は、その他の端末10に対しては、危険度がレベル0であるので、秘密情報の表示制御を解除することを指示可能な制御情報を、それらの端末に送信する。 The control information transmission unit 16 transmits control information that can be instructed to cancel the display control of the secret information to the other terminals 10 because the risk level is level 0.
 端末10Eは、制御情報送信部16から制御情報を受け取っても、秘密情報の表示制御を行っていないので、表示態様を変更する制御は行わない。端末10Fは、制御情報送信部16から制御情報を受け取ると、その制御情報に従って、秘密情報の表示を所定の大きさまで小さくする。 Even if the terminal 10E receives the control information from the control information transmission unit 16, the terminal 10E does not perform the display control of the secret information, and therefore does not perform the control to change the display mode. When receiving the control information from the control information transmitting unit 16, the terminal 10F reduces the display of the secret information to a predetermined size according to the control information.
 端末10Bは、上述した図1に示す状況において、秘密情報の表示制御を行っていた。このため、当該ゲストの移動によって図4に示す状況に遷移すると、端末10Bは、制御情報送信部16から制御情報を受け取るのに応じて、秘密情報の表示制御を解除することにより、秘密情報を表示する元の表示状態に戻す。その他の端末10も、制御情報送信部16から制御情報を受け取ると、それ以前に秘密情報の表示制御を行っていた場合には、その秘密情報の表示制御を解除する。 The terminal 10B performs display control of secret information in the situation shown in FIG. For this reason, when the guest 10 moves to the situation shown in FIG. 4, the terminal 10 </ b> B releases the secret information display control in response to receiving the control information from the control information transmitting unit 16, thereby Return to the original display state. When the other terminal 10 also receives the control information from the control information transmission unit 16, if the display control of the secret information has been performed before that, the display control of the secret information is released.
 図5は、第1の実施の形態に係る秘密情報表示制御処理における処理手順を例示するフローチャートである。図5に示すフローチャートに記載されている一連の処理は、例えば、サーバ1に電源が投入されるのに応じて開始される。 FIG. 5 is a flowchart illustrating a processing procedure in the confidential information display control processing according to the first embodiment. A series of processing described in the flowchart illustrated in FIG. 5 is started in response to, for example, powering on the server 1.
 ゲスト情報受信部11は、センサ3からゲスト情報GIを受信しない場合(ステップS11にてNO)、ステップS11を繰り返すことにより、ゲスト情報GIの受信を待機する。ゲスト情報受信部11は、センサ3からゲスト情報GIを受信すると(ステップS11にてYES)、受信したゲスト情報GIを、記憶部12に記憶する。 If the guest information GI is not received from the sensor 3 (NO in step S11), the guest information receiving unit 11 waits for reception of the guest information GI by repeating step S11. When the guest information receiving unit 11 receives the guest information GI from the sensor 3 (YES in step S11), the guest information receiving unit 11 stores the received guest information GI in the storage unit 12.
 認知領域算出部14は、ゲスト情報受信部11がゲスト情報GIを受信すると(ステップS11にてYES)、記憶部12に記憶されているゲスト情報GIに基づいて、当該ゲストの認知領域を算出する(ステップS12)。認知領域算出部14は、算出した認知領域を示す認知領域情報を生成し、生成した認知領域情報を、危険度判定部15に送る。 When the guest information reception unit 11 receives the guest information GI (YES in step S11), the recognition region calculation unit 14 calculates the recognition region of the guest based on the guest information GI stored in the storage unit 12. (Step S12). The recognition region calculation unit 14 generates recognition region information indicating the calculated recognition region, and sends the generated recognition region information to the risk determination unit 15.
 危険度判定部15は、認知領域算出部14から受け取った認知領域情報と、記憶部12に記憶されたユーザ情報と、記憶部12にあらかじめ記憶されている端末情報と、に基づいて、各端末10の危険度を判定する(ステップS13)。危険度判定部15は、判定した危険度を示す危険度情報を生成し、生成した危険度情報を、制御情報送信部16に送る。 Based on the recognition area information received from the recognition area calculation unit 14, the user information stored in the storage unit 12, and the terminal information stored in advance in the storage unit 12, the risk determination unit 15 A risk level of 10 is determined (step S13). The risk determination unit 15 generates risk level information indicating the determined risk level, and sends the generated risk level information to the control information transmission unit 16.
 制御情報送信部16は、危険度判定部15から危険度情報を受け取ると、記憶部12にあらかじめ記憶されている制御情報を参照する。これにより、制御情報送信部16は、その危険度情報が示す各端末10の危険度(レベル)に対応する制御情報(即ち、図3に例示するテーブルにおいて危険度に関連付けされている制御情報の内容)を、該端末10に送信する(ステップS14)。 When the control information transmission unit 16 receives the risk information from the risk determination unit 15, the control information transmission unit 16 refers to the control information stored in advance in the storage unit 12. Thereby, the control information transmitting unit 16 controls the control information corresponding to the risk (level) of each terminal 10 indicated by the risk information (that is, the control information associated with the risk in the table illustrated in FIG. 3). Content) is transmitted to the terminal 10 (step S14).
 サーバ1の電源がOFFでない場合(ステップS15にてNO)、サーバ1は、処理をステップS11に戻し、ステップS11~ステップS15を繰り返す。サーバ1の電源がOFFになった場合(ステップS15にてYES)、処理は終了する。 If server 1 is not powered off (NO in step S15), server 1 returns the process to step S11 and repeats steps S11 to S15. If server 1 is powered off (YES in step S15), the process ends.
 以上説明したように、第1の実施の形態に係る秘密情報表示制御システム100によれば、以下の効果を享受することができる。 As described above, according to the secret information display control system 100 according to the first embodiment, the following effects can be enjoyed.
 即ち、秘密情報表示制御システム100は、オープンな環境にある端末の秘密情報の表示制限を実施する場合に、ユーザが使用中の端末に対して、ゲストが認知できる範囲を考慮して、ゲストに秘密情報が漏れず、かつ、端末のユーザの作業を極力妨げない表示制御を行うことができる。 That is, the secret information display control system 100 considers the range that can be recognized by the guest with respect to the terminal being used by the user when restricting the display of the secret information of the terminal in the open environment. It is possible to perform display control in which confidential information is not leaked and the work of the user of the terminal is prevented as much as possible.
 また、秘密情報表示制御システム100は、制御候補として複数の制御情報を送信し、ユーザが選択する構成とすることも可能である。この構成の場合、秘密情報表示制御システム100において、各端末10のユーザは、ゲストが来訪した際にシステムが提供する選択肢の中から、自らの意思で最小限の対処を選択することができる。そのため、当該システムが自動的に表示態様を強制的に変更する構成と比較して、過度な制約を受けることが無いので利便性に優れる。 Moreover, the secret information display control system 100 can also be configured to transmit a plurality of control information as control candidates and to be selected by the user. In the case of this configuration, in the secret information display control system 100, the user of each terminal 10 can select the minimum countermeasure with his / her own intention from the options provided by the system when the guest visits. Therefore, compared with a configuration in which the system automatically and forcibly changes the display mode, it is excellent in convenience because it is not subject to excessive restrictions.
 (第2の実施の形態)
 次に、上述した第1の実施の形態を基本とする第2の実施の形態について説明する。以下の説明においては、本実施形態に係る特徴的な部分を中心に説明する。その際、上述した第1の実施形態と同様な構成については、同一の参照番号を付すことにより、重複する説明は省略する。本実施形態において説明する秘密情報表示制御システム200は、ゲストの注意を引くことが可能な情報を提示することで、そのゲストの認知領域を変化させることができる。 (Second Embodiment)
Next, a second embodiment based on the above-described first embodiment will be described. In the following description, the characteristic part according to the present embodiment will be mainly described. At this time, the same reference numerals are assigned to the same configurations as those in the first embodiment described above, and the duplicate description is omitted. The secret information display control system 200 described in the present embodiment can change the recognition area of the guest by presenting information that can attract the guest's attention.
 図6は、本発明の第2の実施の形態に係る秘密情報表示制御システムの構成例を示す図である。第2の実施の形態の秘密情報表示制御システム200は、第1の実施の形態の秘密情報表示制御システム100に加え、画像を表示するディスプレイ8を含む。ディスプレイ8は、画像だけでなく、音声を出力してもよい。 FIG. 6 is a diagram showing a configuration example of a secret information display control system according to the second embodiment of the present invention. The secret information display control system 200 of the second embodiment includes a display 8 that displays an image in addition to the secret information display control system 100 of the first embodiment. The display 8 may output not only images but also sounds.
 サーバ1は、ディスプレイ8とネットワークを介して通信可能に接続されており、ゲストの注意を引くことが可能な情報をディスプレイ8が表示するよう制御することができる。ゲストの注意を引くことが可能な情報とは、例えば、ゲストの名前を示す情報や、ゲストが訪問した目的に関する情報などである。秘密情報表示制御システム200のその他の構成は、第1の実施の形態において上述した秘密情報表示制御システム100と同様である。 The server 1 is communicably connected to the display 8 via a network, and can control the display 8 to display information that can attract the guest's attention. The information that can attract the guest's attention is, for example, information indicating the name of the guest, information regarding the purpose of the guest visiting, and the like. The other configuration of the secret information display control system 200 is the same as that of the secret information display control system 100 described above in the first embodiment.
 図7は、第2の実施の形態に係るサーバの機能構成例を示すブロック図である。第2の実施の形態のサーバ1は、第1の実施の形態のサーバ1と同様に、ゲスト情報受信部11、記憶部12、ユーザ情報受信部13、認知領域算出部14、危険度判定部15および制御情報送信部16を含む。 FIG. 7 is a block diagram illustrating a functional configuration example of the server according to the second embodiment. The server 1 of the second embodiment is similar to the server 1 of the first embodiment in that the guest information receiving unit 11, the storage unit 12, the user information receiving unit 13, the recognition area calculating unit 14, and the risk determining unit 15 and a control information transmission unit 16.
 記憶部12は、ゲスト情報GIと、ユーザ情報と、端末情報と、制御情報とに加え、ゲストの注意を引くためにディスプレイ8に表示する表示情報をあらかじめ記憶していることとする。表示情報は、外部から取得してもよい。例えば、センサ3を利用することによって、ゲストの所持するICタグ51から取得し、ゲスト情報GIと共にサーバ1に送信してもよい。 It is assumed that the storage unit 12 stores in advance display information to be displayed on the display 8 in order to draw the guest's attention in addition to the guest information GI, user information, terminal information, and control information. Display information may be acquired from the outside. For example, by using the sensor 3, it may be acquired from the IC tag 51 possessed by the guest and transmitted to the server 1 together with the guest information GI.
 制御情報送信部16は、危険度判定部15から危険度情報を受け取ると、表示情報をディスプレイ8に送信済みか否かを判定する。ディスプレイ8に表示情報を送信していない場合、制御情報送信部16は、危険度が所定の閾値を超える端末10があるか否かを判定する。危険度が所定の閾値を超える端末10がある場合、制御情報送信部16は、記憶部12にあらかじめ記憶されている表示情報をディスプレイ8に送信し、その表示情報をディスプレイ8が表示するよう制御する。例えば、制御情報送信部16は、ゲスト属性情報GAが示すゲストの属性などに対応する表示情報を、記憶部12から呼び出す(読み出す)。 When the control information transmission unit 16 receives the risk level information from the risk level determination unit 15, the control information transmission unit 16 determines whether the display information has been transmitted to the display 8. When display information is not transmitted to the display 8, the control information transmission unit 16 determines whether there is a terminal 10 having a degree of risk exceeding a predetermined threshold. When there is a terminal 10 whose degree of risk exceeds a predetermined threshold, the control information transmission unit 16 transmits display information stored in advance in the storage unit 12 to the display 8 and controls the display 8 to display the display information. To do. For example, the control information transmission unit 16 calls (reads) display information corresponding to the guest attribute indicated by the guest attribute information GA from the storage unit 12.
 このとき、ディスプレイ8に表示情報が表示されると、表示に気が付いたことにより、ゲストがディスプレイ8の方向を向くのに応じて、認知領域が変化する可能性がある。認知領域が変化すれば、危険度判定部15が判定する危険度も低減する可能性がある。そこで、本実施形態において、認知領域算出部14は、ディスプレイ8に表示情報を送信した後にゲスト情報受信部11がゲスト情報GIを受信すると、記憶部12に記憶されたゲスト情報GIに基づいて、再度、当該ゲストの認知領域を算出する。認知領域算出部14は、算出した認知領域を示す認知領域情報を生成し、生成した認知領域情報を危険度判定部15に送る。サーバ1のその他の処理構成は、上述した第1の実施の形態と同様である。 At this time, when the display information is displayed on the display 8, the recognition area may change as the guest turns to the display 8 by noticing the display information. If the recognition area changes, the risk determined by the risk determination unit 15 may be reduced. Therefore, in the present embodiment, when the guest information receiving unit 11 receives the guest information GI after transmitting the display information to the display 8, the recognition area calculating unit 14 is based on the guest information GI stored in the storage unit 12. Again, the recognition area of the guest is calculated. The recognition area calculation unit 14 generates recognition area information indicating the calculated recognition area, and sends the generated recognition area information to the risk determination unit 15. Other processing configurations of the server 1 are the same as those in the first embodiment described above.
 図8は、第2の実施の形態に係る秘密情報表示制御処理における処理手順を例示するフローチャートである。図8に示すフローチャートに記載されている一連の処理は、例えば、サーバ1に電源が投入されるのに応じて開始される。 FIG. 8 is a flowchart illustrating a processing procedure in the secret information display control processing according to the second embodiment. A series of processes described in the flowchart illustrated in FIG. 8 is started, for example, when the server 1 is powered on.
 ゲスト情報受信部11は、センサ3からゲスト情報GIを受信しない場合(ステップS21にてNO)、ステップS21を繰り返すことによってゲスト情報GIの受信を待機する。ゲスト情報受信部11は、センサ3からゲスト情報GIを受信すると(ステップS21にてYES)、受信したゲスト情報GIを、記憶部12に記憶する。 If the guest information receiving unit 11 does not receive the guest information GI from the sensor 3 (NO in step S21), the guest information receiving unit 11 waits for reception of the guest information GI by repeating step S21. When the guest information receiving unit 11 receives the guest information GI from the sensor 3 (YES in step S21), the guest information receiving unit 11 stores the received guest information GI in the storage unit 12.
 認知領域算出部14は、ゲスト情報受信部11がゲスト情報GIを受信すると(ステップS21にてYES)、記憶部12に記憶されたゲスト情報GIに基づいて、当該ゲストの認知領域を算出する(ステップS22)。認知領域算出部14は、算出した認知領域を示す認知領域情報を生成し、生成した認知領域情報を、危険度判定部15に送る。 When the guest information reception unit 11 receives the guest information GI (YES in step S21), the recognition region calculation unit 14 calculates the recognition region of the guest based on the guest information GI stored in the storage unit 12 ( Step S22). The recognition region calculation unit 14 generates recognition region information indicating the calculated recognition region, and sends the generated recognition region information to the risk determination unit 15.
 危険度判定部15は、認知領域算出部14から受け取った認知領域情報と、記憶部12に記憶されたユーザ情報と、記憶部12にあらかじめ記憶されている端末情報と、に基づいて、各端末10の危険度を判定する(ステップS23)。危険度判定部15は、判定した危険度を示す危険度情報を生成し、生成した危険度情報を、制御情報送信部16に送る。 Based on the recognition area information received from the recognition area calculation unit 14, the user information stored in the storage unit 12, and the terminal information stored in advance in the storage unit 12, the risk determination unit 15 A risk level of 10 is determined (step S23). The risk determination unit 15 generates risk level information indicating the determined risk level, and sends the generated risk level information to the control information transmission unit 16.
 制御情報送信部16は、危険度判定部15から危険度情報を受け取ると、ディスプレイ8に表示情報を送信済みであるか否かを判定する(ステップS24)。ディスプレイ8に表示情報をまだ送信していない場合(ステップS24にてNO)、制御情報送信部16は、危険度が閾値αより大きい端末10が存在するか否かを判定する(ステップS25)。閾値αは、例えば、危険度0でもよいし、任意に設定可能である。 When the risk information is received from the risk determination unit 15, the control information transmission unit 16 determines whether or not display information has been transmitted to the display 8 (step S24). If display information has not yet been transmitted to display 8 (NO in step S24), control information transmitting unit 16 determines whether or not there is a terminal 10 having a risk level greater than threshold value α (step S25). The threshold α may be, for example, a degree of risk of 0 or can be arbitrarily set.
 危険度が閾値αより大きい端末10が存在しない場合(ステップS25にてNO)、制御情報送信部16は、記憶部12にあらかじめ記憶されている制御情報を呼び出し、危険度判定部15からから受け取った危険度情報が示す各端末10の危険度に対応する特定の制御情報を、該端末10に送信する(ステップS27)。 When there is no terminal 10 having a risk level greater than the threshold value α (NO in step S25), the control information transmission unit 16 calls the control information stored in advance in the storage unit 12 and receives it from the risk determination unit 15 The specific control information corresponding to the risk level of each terminal 10 indicated by the risk level information is transmitted to the terminal 10 (step S27).
 危険度が閾値αより大きい端末10がある場合(ステップS25にてYES)、制御情報送信部16は、記憶部12にあらかじめ記憶されている表示情報を呼び出し、ディスプレイ8に送信する(ステップS26)。その後、処理はステップS21に戻り、ステップS21~ステップS25が繰り返される。 If there is a terminal 10 having a degree of risk greater than threshold α (YES in step S25), control information transmission unit 16 calls display information stored in advance in storage unit 12 and transmits it to display 8 (step S26). . Thereafter, the process returns to step S21, and steps S21 to S25 are repeated.
 ディスプレイ8に表示情報を送信済みである場合(ステップS24にてYES)、制御情報送信部16は、記憶部12にあらかじめ記憶されている制御情報を呼び出し、危険度判定部15からから受け取った危険度情報が示す各端末10の危険度に対応する特定の制御情報を、該端末10に送信する(ステップS27)。 When the display information has been transmitted to display 8 (YES in step S24), control information transmission unit 16 calls the control information stored in advance in storage unit 12, and receives the risk received from risk determination unit 15 Specific control information corresponding to the risk level of each terminal 10 indicated by the degree information is transmitted to the terminal 10 (step S27).
 サーバ1の電源がOFFでない場合(ステップS28にてNO)、処理はステップS21に戻り、ステップS21~ステップS28が繰り返される。サーバ1の電源がOFFになった場合(ステップS28にてYES)、処理は終了する。 If the server 1 is not powered off (NO in step S28), the process returns to step S21, and steps S21 to S28 are repeated. If server 1 is turned off (YES in step S28), the process ends.
 以上説明したように、第2の実施の形態の秘密情報表示制御システム200によれば、ゲストの注意を引くことが可能な表示情報をディスプレイ8に表示することができる。これにより、そのゲストの認知領域を変化させることによって、端末10の危険度を下げることが期待できる。 As described above, according to the secret information display control system 200 of the second embodiment, display information that can attract the attention of the guest can be displayed on the display 8. Thereby, it can be expected that the danger level of the terminal 10 is lowered by changing the recognition area of the guest.
 上述の第2の実施の形態では、ディスプレイ8を備えるが、これに限らず、ディスプレイ8の代わりにユーザが存在しない端末10のモニターにゲストの注意を引くことが可能な情報を表示する構成であってもよい。 In the second embodiment described above, the display 8 is provided. However, the display 8 is not limited thereto, and instead of the display 8, information that can attract the attention of the guest is displayed on the monitor of the terminal 10 where the user does not exist. There may be.
 上述の実施の形態では、センサ3は、ICタグリーダやカメラなどを備える装置であって、ゲストが所持するICタグ51からゲストの位置を検知し、撮影されたゲストの画像から視線の方向などを検知する構成を例として説明した。しかしながら、上述した実施形態を例に説明した本発明は、係る構成には限定されず、センサ3は、少なくとも、ゲストの位置を検知すればよい。この場合、認知領域算出部14は、ゲスト情報受信部11が受信したゲスト情報GIが示すゲストの位置に基づいて、当該ゲストの認知領域を算出する。 In the above-described embodiment, the sensor 3 is a device that includes an IC tag reader, a camera, and the like, detects the position of the guest from the IC tag 51 possessed by the guest, and determines the direction of the line of sight from the captured guest image. The detection configuration has been described as an example. However, the present invention described by taking the above-described embodiment as an example is not limited to such a configuration, and the sensor 3 may detect at least the position of the guest. In this case, the recognition area calculation unit 14 calculates the recognition area of the guest based on the guest position indicated by the guest information GI received by the guest information reception unit 11.
 図9は、本発明の各実施の形態に係るサーバのハードウェア構成例を示すブロック図である。サーバ1は、図9に示すように、制御部41、主記憶部42、外部記憶部43、操作部44、表示部45および送受信部46を含む。主記憶部42、外部記憶部43、操作部44、表示部45および送受信部46は、いずれも内部バス40を介して制御部41に接続されている。 FIG. 9 is a block diagram showing a hardware configuration example of the server according to each embodiment of the present invention. As shown in FIG. 9, the server 1 includes a control unit 41, a main storage unit 42, an external storage unit 43, an operation unit 44, a display unit 45, and a transmission / reception unit 46. The main storage unit 42, the external storage unit 43, the operation unit 44, the display unit 45, and the transmission / reception unit 46 are all connected to the control unit 41 via the internal bus 40.
 制御部41は、CPU(Central Processing Unit)41A等によって構成され、外部記憶部43に記憶されている制御プログラム49に従って、各処理を実行する。制御部41は、サーバ1の認知領域算出部14、危険度判定部15および制御情報送信部16に関して上述した処理を実行する。 The control unit 41 is configured by a CPU (Central Processing Unit) 41A and the like, and executes each process according to a control program 49 stored in the external storage unit 43. The control unit 41 executes the processes described above with respect to the recognition area calculation unit 14, the risk determination unit 15, and the control information transmission unit 16 of the server 1.
 主記憶部42は、RAM(Random-Access Memory)等によって構成され、外部記憶部43に記憶されている制御プログラム49がロードされ、制御部41の作業領域として用いられる。 The main storage unit 42 is configured by a RAM (Random-Access Memory) or the like, and a control program 49 stored in the external storage unit 43 is loaded and used as a work area of the control unit 41.
 外部記憶部43は、フラッシュメモリ、ハードディスク、DVD-RAM(Digital Versatile Disc Random-Access Memory)、DVD-RW(Digital Versatile Disc ReWritable)等の不揮発性メモリによって構成される。外部記憶部43は、サーバ1の処理を制御部41に行わせるためのコンピュータプログラム(以下、「プログラム」と称する)をあらかじめ記憶する。また、外部記憶部43は、制御部41の指示に従って、このプログラムが記憶するデータを制御部41に供給し、制御部41から供給されたデータを記憶する。サーバ1の記憶部12は、例えば、外部記憶部43に構成される。 The external storage unit 43 includes a nonvolatile memory such as a flash memory, a hard disk, a DVD-RAM (Digital Versatile Disc Random-Access Memory), a DVD-RW (Digital Versatile Disc ReWritable). The external storage unit 43 stores in advance a computer program (hereinafter referred to as “program”) for causing the control unit 41 to perform processing of the server 1. Further, the external storage unit 43 supplies the data stored by the program to the control unit 41 in accordance with the instruction from the control unit 41 and stores the data supplied from the control unit 41. The storage unit 12 of the server 1 is configured in the external storage unit 43, for example.
 操作部44は、キーボードおよびマウスなどのポインティングデバイス等と、キーボードおよびポインティングデバイス等を内部バス40に接続するインタフェース装置によって構成されている。ユーザがサーバ1に情報を入力する場合は、操作部44を介して、入力操作に応じた指示が制御部41に供給される。 The operation unit 44 includes a pointing device such as a keyboard and a mouse, and an interface device that connects the keyboard and the pointing device to the internal bus 40. When the user inputs information to the server 1, an instruction corresponding to the input operation is supplied to the control unit 41 via the operation unit 44.
 表示部45は、CRT(Cathode Ray Tube)またはLCD(Liquid Crystal Display)などによって構成され、制御部41から供給された情報を表示する。ユーザがサーバ1に情報を入力する場合は、表示部45は、例えば、操作画面を表示する。 The display unit 45 is configured by a CRT (Cathode Ray Tube) or an LCD (Liquid Crystal Display) or the like, and displays information supplied from the control unit 41. When the user inputs information to the server 1, the display unit 45 displays, for example, an operation screen.
 送受信部46は、例えば、通信ネットワークに接続する網終端装置または無線通信装置、およびそれらと接続するシリアルインタフェースまたはLAN(Local Area Network)インタフェースによって構成されている。送受信部46は、サーバ1のゲスト情報受信部、ユーザ情報受信部13および制御情報送信部16などとして機能する。サーバ1と、センサ3、端末10およびディスプレイ8は、有線接続されてもよい。 The transmission / reception unit 46 includes, for example, a network termination device or a wireless communication device connected to a communication network, and a serial interface or a LAN (Local Area Network) interface connected to them. The transmission / reception unit 46 functions as the guest information reception unit, the user information reception unit 13 and the control information transmission unit 16 of the server 1. The server 1, the sensor 3, the terminal 10, and the display 8 may be connected by wire.
 図2及び図7に示すサーバ1のゲスト情報受信部11、記憶部12、ユーザ情報受信部13、認知領域算出部14、危険度判定部15および制御情報送信部16は、例えば、制御プログラム49が、制御部41、主記憶部42、外部記憶部43、操作部44、表示部45および送受信部46などを資源として実行されることによって実現することができる。 The guest information receiving unit 11, the storage unit 12, the user information receiving unit 13, the recognition area calculating unit 14, the risk determining unit 15, and the control information transmitting unit 16 of the server 1 illustrated in FIGS. 2 and 7 are, for example, a control program 49. However, it can be realized by executing the control unit 41, the main storage unit 42, the external storage unit 43, the operation unit 44, the display unit 45, the transmission / reception unit 46, and the like as resources.
 その他、前記のハードウェア構成やフローチャートは一例であり、任意に変更および修正が可能である。 In addition, the hardware configuration and flowchart described above are merely examples, and can be arbitrarily changed and modified.
 制御部41、主記憶部42、外部記憶部43、操作部44、内部バス40などによって構成される秘密情報表示制御処理を行う中心となる部分は、専用のシステムによらず、通常のコンピュータシステムを用いて実現可能である。例えば、前記の動作を実行するためのプログラムを、コンピュータが読み取り可能な記録媒体に格納して配布し、当該プログラムをコンピュータにインストールすることにより、前記の処理を実行するサーバ1を構成してもよい。記憶媒体は、例えば、フレキシブルディスク、CD-ROM(Compact Disc Read Only Memory)、DVD-ROM(Digital Versatile Disc Read Only Memory)等である。また、インターネット等の通信ネットワークに通信可能に接続されたコンピュータが有する記憶装置に、当該プログラムを格納しておき、通常のコンピュータシステムがダウンロード等することでサーバ1を構成してもよい。 The central part that performs the secret information display control process constituted by the control unit 41, the main storage unit 42, the external storage unit 43, the operation unit 44, the internal bus 40, etc. is not a dedicated system, but a normal computer system It can be realized using For example, the server 1 that executes the above-described processing may be configured by storing a program for executing the above operation on a computer-readable recording medium and distributing the program, and installing the program in the computer. Good. The storage medium is, for example, a flexible disk, a CD-ROM (Compact Disc Read Only Memory), a DVD-ROM (Digital Versatile Disc Disc Read Only Memory), or the like. Further, the server 1 may be configured by storing the program in a storage device included in a computer communicably connected to a communication network such as the Internet and downloading the program by a normal computer system.
 また、秘密情報表示制御装置の機能を、OS(オペレーティングシステム)とアプリケーションプログラムの分担、またはOSとアプリケーションプログラムとの協働により実現する場合などには、アプリケーションプログラム部分のみを記録媒体や記憶装置に格納してもよい。 Further, when the function of the secret information display control device is realized by sharing of an OS (operating system) and an application program, or by cooperation between the OS and the application program, only the application program portion is stored in a recording medium or a storage device. It may be stored.
 また、搬送波にプログラムを重畳し、通信ネットワークを介して配信することも可能である。例えば、通信ネットワーク上の掲示板(BBS, Bulletin Board System)に前記プログラムを掲示し、通信ネットワークを介して前記プログラムを配信してもよい。そして、このプログラムを起動し、OSの制御環境において、他のアプリケーションプログラムと同様に実行することにより、前記の処理を実行できるように構成してもよい。 It is also possible to superimpose a program on a carrier wave and distribute it via a communication network. For example, the program may be posted on a bulletin board (BBS, Bulletin Board System) on the communication network, and the program may be distributed via the communication network. The program may be started and executed in the same manner as other application programs in the OS control environment so that the above-described processing can be executed.
 上記の実施形態の一部又は全部は、以下の付記のようにも記載され得るが、以下には限られない。
(付記1)
 秘密に扱われるよう設定された秘密情報を表示する端末と、ゲストの位置を検知するセンサと、前記端末および前記センサとネットワークを介して通信可能に接続されるサーバとを含む秘密情報表示制御システムであって、
 前記端末は、前記端末を使用中のユーザの存否と、前記秘密情報を表示しているか否かとを示すユーザ情報を前記サーバに送信し、
 前記センサは、検知した前記ゲストの位置を示すゲスト情報、前記サーバに送信し、
 前記サーバは、
  前記端末から前記ユーザ情報を受信するユーザ情報受信手段と、
  前記センサから前記ゲスト情報を受信するゲスト情報受信手段と、
  前記端末の位置を示す端末情報と、前記秘密情報の表示を制御する制御手法を示す制御情報とを記憶する記憶手段と、
  前記ゲスト情報受信手段が前記ゲスト情報を受信すると、前記ゲスト情報に基づいて、前記ゲストの認知領域を算出し、算出した認知領域を示す認知領域情報を生成する認知領域算出手段と、
  前記認知領域情報と、前記ユーザ情報と、前記端末情報と、に基づいて、前記端末の危険度を判定し、判定した危険度を示す危険度情報を生成する危険度判定手段と、
  前記危険度情報が示す前記端末の危険度に対応する前記制御情報を前記端末に送信する制御情報送信手段と、
 を備え、
 前記端末は、前記サーバから受信した前記制御情報に基づいて、前記秘密情報の表示を制御する
秘密情報表示制御システム。 A part or all of the above embodiments can be described as in the following supplementary notes, but is not limited thereto.
(Appendix 1)
A secret information display control system including a terminal that displays secret information set to be handled secretly, a sensor that detects the position of a guest, and a server that is communicably connected to the terminal and the sensor via a network Because
The terminal transmits user information indicating whether or not a user is using the terminal and whether or not the secret information is displayed to the server,
The sensor transmits guest information indicating the detected guest position to the server,
The server
User information receiving means for receiving the user information from the terminal;
Guest information receiving means for receiving the guest information from the sensor;
Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information;
When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area;
A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk;
Control information transmitting means for transmitting the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal;
With
The terminal is a secret information display control system for controlling display of the secret information based on the control information received from the server.
 (付記2)
 前記センサは、前記ゲストの視線の向きをさらに検知し、前記ゲスト情報は、前記ゲストの視線の向きを示す情報を含む付記1に記載の秘密情報表示制御システム。 (Appendix 2)
The secret information display control system according to supplementary note 1, wherein the sensor further detects the direction of the line of sight of the guest, and the guest information includes information indicating the direction of the line of sight of the guest.
 (付記3)
 前記制御情報送信手段は、前記危険度情報が示す前記端末の危険度に対応する複数の前記制御情報を前記端末に送信し、
 前記端末は、前記サーバから受信した前記複数の制御情報を表示し、前記複数の制御情報の中から選択された特定の制御情報に基づいて、前記秘密情報の表示を制御する付記1または2に記載の秘密情報表示制御システム。 (Appendix 3)
The control information transmitting means transmits a plurality of the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal,
In the supplementary note 1 or 2, the terminal displays the plurality of control information received from the server, and controls display of the secret information based on specific control information selected from the plurality of control information. The secret information display control system described.
 (付記4)
 画像および音声の少なくとも何れかを出力するディスプレイをさらに備え、
 前記サーバは、
 前記ゲストの注意を引くことが可能な表示情報を取得する表示情報取得手段をさらに備え、
 前記制御情報送信手段は、前記表示情報を前記ディスプレイに送信し、
 前記ディスプレイは、前記サーバから受信した前記表示情報を表示する付記1ないし3のいずれかに記載の秘密情報表示制御システム。 (Appendix 4)
A display for outputting at least one of image and sound;
The server
It further comprises display information acquisition means for acquiring display information capable of drawing the guest's attention,
The control information transmitting means transmits the display information to the display,
The secret information display control system according to any one of supplementary notes 1 to 3, wherein the display displays the display information received from the server.
 (付記5)
 前記サーバは、
 前記ゲストの注意を引くことが可能な表示情報を取得する表示情報取得手段をさらに備え、
 前記制御情報送信手段は、前記ユーザ情報に基づいて前記ユーザが存在しないと判定した前記端末に、前記表示情報を送信し、
 前記ユーザが存在しないと判定された前記端末は、前記サーバから受信した前記表示情報を表示する付記1ないし3のいずれかに記載の秘密情報表示制御システム。 (Appendix 5)
The server
It further comprises display information acquisition means for acquiring display information capable of drawing the guest's attention,
The control information transmitting means transmits the display information to the terminal determined that the user does not exist based on the user information,
The secret information display control system according to any one of supplementary notes 1 to 3, wherein the terminal determined that the user does not exist displays the display information received from the server.
 (付記6)
 秘密に扱われるよう設定された秘密情報を表示する端末と、ゲストの位置を検知するセンサとにネットワークを介して通信可能に接続されるサーバであって、
 前記端末から前記端末を使用中のユーザの存否と、前記秘密情報を表示しているか否かとを示すユーザ情報を受信するユーザ情報受信手段と、
 前記センサから検知した前記ゲストの位置を示すゲスト情報を受信するゲスト情報受信手段と、
 前記端末の位置を示す端末情報と、前記秘密情報の表示を制御する制御手法を示す制御情報とをあらかじめ記憶する記憶手段と、
 前記ゲスト情報受信手段が前記ゲスト情報を受信すると、前記ゲスト情報に基づいて、前記ゲストの認知領域を算出し、算出した認知領域を示す認知領域情報を生成する認知領域算出手段と、
 前記認知領域情報と、前記ユーザ情報と、前記端末情報と、に基づいて、前記端末の危険度を判定し、判定した危険度を示す危険度情報を生成する危険度判定手段と、
 前記危険度情報が示す前記端末の危険度に対応する前記制御情報を前記端末に送信する制御情報送信手段と、
 を備えるサーバ。 (Appendix 6)
A server that is communicably connected via a network to a terminal that displays secret information set to be handled secretly and a sensor that detects the location of the guest,
User information receiving means for receiving user information indicating whether or not the user using the terminal is present from the terminal and whether or not the secret information is displayed;
Guest information receiving means for receiving guest information indicating the position of the guest detected from the sensor;
Storage means for preliminarily storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information;
When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area;
A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk;
Control information transmitting means for transmitting the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal;
A server comprising
 (付記7)
 秘密に扱われるよう設定された秘密情報を表示する端末が、前記端末を使用中のユーザの存否と、前記秘密情報を表示しているか否かとを示すユーザ情報をサーバに送信し、
 ゲストの位置を検知するセンサが、検知した前記ゲストの位置を示すゲスト情報を前記サーバに送信し、
 前記サーバが、
  前記端末から前記ユーザ情報を受信し、
  前記センサから前記ゲスト情報を受信し、
  前記ゲスト情報を受信すると、前記ゲスト情報に基づいて、前記ゲストの認知領域を算出し、算出した認知領域を示す認知領域情報を生成し、
  前記認知領域情報と、前記ユーザ情報と、前記端末の位置を示す端末情報と、に基づいて、前記端末の危険度を判定し、判定した危険度を示す危険度情報を生成し、
  前記危険度情報が示す前記端末の危険度に対応する、前記秘密情報の表示を制御する制御手法を示す制御情報を、前記端末に送信し、
 前記端末が、前記サーバから受信した前記制御情報に基づいて、前記秘密情報の表示を制御する、
 秘密情報表示制御方法。 (Appendix 7)
A terminal that displays secret information set to be handled secretly transmits user information indicating whether or not the user using the terminal is present and whether or not the secret information is displayed to the server,
A sensor that detects the position of the guest transmits guest information indicating the detected position of the guest to the server,
The server is
Receiving the user information from the terminal;
Receiving the guest information from the sensor;
When receiving the guest information, based on the guest information, calculate the recognition area of the guest, generate recognition area information indicating the calculated recognition area,
Based on the recognition area information, the user information, and terminal information indicating the position of the terminal, the risk level of the terminal is determined, and risk level information indicating the determined risk level is generated,
Control information indicating a control method for controlling display of the secret information corresponding to the risk level of the terminal indicated by the risk level information is transmitted to the terminal;
The terminal controls display of the secret information based on the control information received from the server.
Secret information display control method.
 (付記8)
 秘密に扱われるよう設定された秘密情報を表示する端末と、ゲストの位置を検知するセンサとにネットワークを介して通信可能に接続されるコンピュータを、
 前記端末を使用中のユーザの存否と、前記秘密情報を表示しているか否かとを示すユーザ情報を、前記端末から受信するユーザ情報受信手段と、
 検知した前記ゲストの位置を示すゲスト情報を、前記センサから受信するゲスト情報受信手段と、
 前記端末の位置を示す端末情報と、前記秘密情報の表示を制御する制御方法を示す制御情報とを記憶する記憶手段と、
 前記ゲスト情報受信手段が前記ゲスト情報を受信すると、前記ゲスト情報に基づいて、前記ゲストの認知領域を算出し、算出した認知領域を示す認知領域情報を生成する認知領域算出手段と、
 前記認知領域情報と、前記ユーザ情報と、前記端末情報と、に基づいて、前記端末の危険度を判定し、判定した危険度を示す危険度情報を生成する危険度判定手段、および、
 前記危険度情報が示す前記端末の危険度に対応する前記制御情報を、前記端末に送信する制御情報送信手段、
 として機能させるコンピュータプログラムが格納された、コンピュータ読み取り可能な記録媒体。 (Appendix 8)
A computer that is communicably connected via a network to a terminal that displays secret information that is set to be handled secretly and a sensor that detects the location of the guest,
User information receiving means for receiving from the terminal user information indicating whether or not the user is using the terminal and whether or not the secret information is displayed;
Guest information receiving means for receiving guest information indicating the detected position of the guest from the sensor;
Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information;
When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area;
A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk; and
Control information transmitting means for transmitting the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal;
A computer-readable recording medium in which a computer program that functions as a computer is stored.
 以上、上述した実施形態を模範的な例として本発明を説明した。しかしながら、本発明は、上述した実施形態には限定されない。即ち、本発明は、本発明のスコープ内において、当業者が理解し得る様々な態様を適用することができる。 The present invention has been described above using the above-described embodiment as an exemplary example. However, the present invention is not limited to the above-described embodiment. That is, the present invention can apply various modes that can be understood by those skilled in the art within the scope of the present invention.
 この出願は、2013年9月11日に出願された日本出願特願2013-187997を基礎とする優先権を主張し、その開示の全てをここに取り込む。 This application claims priority based on Japanese Patent Application No. 2013-187997 filed on September 11, 2013, the entire disclosure of which is incorporated herein.
 1 サーバ
 3、3A~3D センサ
 8 ディスプレイ
 10、10A~10I 端末
 11 ゲスト情報受信部
 12 記憶部
 13 ユーザ情報受信部
 14 認知領域算出部
 15 危険度判定部
 16 制御情報送信部
 40 内部バス
 41 制御部
 41A CPU
 42 主記憶部
 43 外部記憶部
 44 操作部
 45 表示部
 46 送受信部
 49 制御プログラム
 51 ICタグ
 100、200 秘密情報表示制御システム DESCRIPTION OF SYMBOLS 1 Server 3, 3A-3D Sensor 8 Display 10, 10A-10I Terminal 11 Guest information receiving part 12 Storage part 13 User information receiving part 14 Recognition area | region calculation part 15 Risk degree determination part 16 Control information transmission part 40 Internal bus 41 Control part 41A CPU
42 main storage unit 43 external storage unit 44 operation unit 45 display unit 46 transmission / reception unit 49 control program 51 IC tag 100, 200 secret information display control system

Claims (8)

  1.  秘密に扱われるよう設定された秘密情報を表示する端末と、ゲストの位置を検知するセンサと、前記端末および前記センサとネットワークを介して通信可能に接続されるサーバとを含む秘密情報表示制御システムであって、
     前記端末は、前記端末を使用中のユーザの存否と、前記秘密情報を表示しているか否かとを示すユーザ情報を前記サーバに送信し、
     前記センサは、検知した前記ゲストの位置を示すゲスト情報を、前記サーバに送信し、
     前記サーバは、
      前記端末から前記ユーザ情報を受信するユーザ情報受信手段と、
      前記センサから前記ゲスト情報を受信するゲスト情報受信手段と、
      前記端末の位置を示す端末情報と、前記秘密情報の表示を制御する制御手法を示す制御情報とを記憶する記憶手段と、
      前記ゲスト情報受信手段が前記ゲスト情報を受信すると、前記ゲスト情報に基づいて、前記ゲストの認知領域を算出し、算出した認知領域を示す認知領域情報を生成する認知領域算出手段と、
      前記認知領域情報と、前記ユーザ情報と、前記端末情報と、に基づいて、前記端末の危険度を判定し、判定した危険度を示す危険度情報を生成する危険度判定手段と、
      前記危険度情報が示す前記端末の危険度に対応する前記制御情報を前記端末に送信する制御情報送信手段と、
     を備え、
     前記端末は、前記サーバから受信した前記制御情報に基づいて、前記秘密情報の表示を制御する
    秘密情報表示制御システム。     A secret information display control system including a terminal that displays secret information set to be handled secretly, a sensor that detects the position of a guest, and a server that is communicably connected to the terminal and the sensor via a network Because
    The terminal transmits user information indicating whether or not a user is using the terminal and whether or not the secret information is displayed to the server,
    The sensor transmits guest information indicating the detected position of the guest to the server,
    The server
    User information receiving means for receiving the user information from the terminal;
    Guest information receiving means for receiving the guest information from the sensor;
    Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information;
    When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area;
    A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk;
    Control information transmitting means for transmitting the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal;
    With
    The terminal is a secret information display control system for controlling display of the secret information based on the control information received from the server.
  2.  前記センサは、前記ゲストの視線の向きをさらに検知し、前記ゲスト情報は、前記ゲストの視線の向きを示す情報を含む
    請求項1に記載の秘密情報表示制御システム。     The secret information display control system according to claim 1, wherein the sensor further detects a direction of the line of sight of the guest, and the guest information includes information indicating a direction of the line of sight of the guest.
  3.  前記制御情報送信手段は、前記危険度情報が示す前記端末の危険度に対応する複数の前記制御情報を前記端末に送信し、
     前記端末は、前記サーバから受信した前記複数の制御情報を表示し、前記複数の制御情報の中から選択された特定の制御情報に基づいて、前記秘密情報の表示を制御する
    請求項1または2に記載の秘密情報表示制御システム。     The control information transmitting means transmits a plurality of the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal,
    3. The terminal displays the plurality of control information received from the server, and controls display of the secret information based on specific control information selected from the plurality of control information. The secret information display control system described in 1.
  4.  画像および音声の少なくとも何れかを出力するディスプレイをさらに備え、
     前記サーバは、
      前記ゲストの注意を引くことが可能な表示情報を取得する表示情報取得手段をさらに備え、
      前記制御情報送信手段は、前記表示情報を前記ディスプレイに送信し、
     前記ディスプレイは、前記サーバから受信した前記表示情報を表示する
    請求項1ないし3のいずれか1項に記載の秘密情報表示制御システム。     A display for outputting at least one of image and sound;
    The server
    It further comprises display information acquisition means for acquiring display information capable of drawing the guest's attention,
    The control information transmitting means transmits the display information to the display,
    The secret information display control system according to claim 1, wherein the display displays the display information received from the server.
  5.  前記サーバは、
      前記ゲストの注意を引くことが可能な表示情報を取得する表示情報取得手段をさらに備え、
      前記制御情報送信手段は、前記ユーザ情報に基づいて前記ユーザが存在しないと判定した前記端末に、前記表示情報を送信し、
     前記ユーザが存在しないと判定された前記端末は、前記サーバから受信した前記表示情報を表示する
    請求項1ないし3のいずれか1項に記載の秘密情報表示制御システム。     The server
    It further comprises display information acquisition means for acquiring display information capable of drawing the guest's attention,
    The control information transmitting means transmits the display information to the terminal determined that the user does not exist based on the user information,
    The secret information display control system according to any one of claims 1 to 3, wherein the terminal determined that the user does not exist displays the display information received from the server.
  6.  秘密に扱われるよう設定された秘密情報を表示する端末と、ゲストの位置を検知するセンサとにネットワークを介して通信可能に接続されるサーバであって、
     前記端末から前記端末を使用中のユーザの存否と、前記秘密情報を表示しているか否かとを示すユーザ情報を受信するユーザ情報受信手段と、
     前記センサから検知した前記ゲストの位置を示すゲスト情報を受信するゲスト情報受信手段と、
     前記端末の位置を示す端末情報と、前記秘密情報の表示を制御する制御手法を示す制御情報とを記憶する記憶手段と、
     前記ゲスト情報受信手段が前記ゲスト情報を受信すると、前記ゲスト情報に基づいて、前記ゲストの認知領域を算出し、算出した認知領域を示す認知領域情報を生成する認知領域算出手段と、
     前記認知領域情報と、前記ユーザ情報と、前記端末情報と、に基づいて、前記端末の危険度を判定し、判定した危険度を示す危険度情報を生成する危険度判定手段と、
     前記危険度情報が示す前記端末の危険度に対応する前記制御情報を前記端末に送信する制御情報送信手段と、
     を備えるサーバ。     A server that is communicably connected via a network to a terminal that displays secret information set to be handled secretly and a sensor that detects the location of the guest,
    User information receiving means for receiving user information indicating whether or not the user using the terminal is present from the terminal and whether or not the secret information is displayed;
    Guest information receiving means for receiving guest information indicating the position of the guest detected from the sensor;
    Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information;
    When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area;
    A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk;
    Control information transmitting means for transmitting the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal;
    A server comprising
  7.  秘密に扱われるよう設定された秘密情報を表示する端末が、前記端末を使用中のユーザの存否と、前記秘密情報を表示しているか否かとを示すユーザ情報をサーバに送信し、
      ゲストの位置を検知するセンサが、検知した前記ゲストの位置を示すゲスト情報を前記サーバに送信し、
     前記サーバが、
      前記端末から前記ユーザ情報を受信し、
      前記センサから前記ゲスト情報を受信し、
      前記ゲスト情報を受信すると、前記ゲスト情報に基づいて、前記ゲストの認知領域を算出し、算出した認知領域を示す認知領域情報を生成し、
      前記認知領域情報と、前記ユーザ情報と、前記端末の位置を示す端末情報と、に基づいて、前記端末の危険度を判定し、判定した危険度を示す危険度情報を生成し、
      前記危険度情報が示す前記端末の危険度に対応する、前記秘密情報の表示を制御する制御手法を示す制御情報を、前記端末に送信し、
     前記端末が、前記サーバから受信した前記制御情報に基づいて、前記秘密情報の表示を制御する
    秘密情報表示制御方法。     A terminal that displays secret information set to be handled secretly transmits user information indicating whether or not the user using the terminal is present and whether or not the secret information is displayed to the server,
    A sensor that detects the position of the guest transmits guest information indicating the detected position of the guest to the server,
    The server is
    Receiving the user information from the terminal;
    Receiving the guest information from the sensor;
    When receiving the guest information, based on the guest information, calculate the recognition area of the guest, generate recognition area information indicating the calculated recognition area,
    Based on the recognition area information, the user information, and terminal information indicating the position of the terminal, the risk level of the terminal is determined, and risk level information indicating the determined risk level is generated,
    Control information indicating a control method for controlling display of the secret information corresponding to the risk level of the terminal indicated by the risk level information is transmitted to the terminal;
    A secret information display control method in which the terminal controls display of the secret information based on the control information received from the server.
  8.  秘密に扱われるよう設定された秘密情報を表示する端末と、ゲストの位置を検知するセンサとにネットワークを介して通信可能に接続されるコンピュータを、
     前記端末を使用中のユーザの存否と、前記秘密情報を表示しているか否かとを示すユーザ情報を、前記端末から受信するユーザ情報受信手段と、
     検知した前記ゲストの位置を示すゲスト情報を、前記センサから受信するゲスト情報受信手段と、
     前記端末の位置を示す端末情報と、前記秘密情報の表示を制御する制御手法を示す制御情報とを記憶する記憶手段と、
     前記ゲスト情報受信手段が前記ゲスト情報を受信すると、前記ゲスト情報に基づいて、前記ゲストの認知領域を算出し、算出した認知領域を示す認知領域情報を生成する認知領域算出手段と、
     前記認知領域情報と、前記ユーザ情報と、前記端末情報と、に基づいて、前記端末の危険度を判定し、判定した危険度を示す危険度情報を生成する危険度判定手段、および、
     前記危険度情報が示す前記端末の危険度に対応する前記制御情報を、前記端末に送信する制御情報送信手段、
     として機能させるコンピュータプログラムが格納された、コンピュータ読み取り可能な記録媒体。     A computer that is communicably connected via a network to a terminal that displays secret information that is set to be handled secretly and a sensor that detects the location of the guest,
    User information receiving means for receiving from the terminal user information indicating whether or not the user is using the terminal and whether or not the secret information is displayed;
    Guest information receiving means for receiving guest information indicating the detected position of the guest from the sensor;
    Storage means for storing terminal information indicating the position of the terminal and control information indicating a control method for controlling display of the secret information;
    When the guest information receiving means receives the guest information, based on the guest information, the recognition area calculation means for calculating the recognition area of the guest and generating recognition area information indicating the calculated recognition area;
    A risk determination means for determining the risk of the terminal based on the recognition area information, the user information, and the terminal information, and generating risk information indicating the determined risk; and
    Control information transmitting means for transmitting the control information corresponding to the risk level of the terminal indicated by the risk level information to the terminal;
    A computer-readable recording medium in which a computer program that functions as a computer is stored.
PCT/JP2014/003852 2013-09-11 2014-07-22 Confidential-information display control system, server, confidential-information display control method, and recording medium WO2015037175A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2013187997A JP2016212451A (en) 2013-09-11 2013-09-11 Secret information display control system, server, method for controlling secret information display, and program
JP2013-187997 2013-09-11

Publications (1)

Publication Number Publication Date
WO2015037175A1 true WO2015037175A1 (en) 2015-03-19

Family

ID=52665311

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2014/003852 WO2015037175A1 (en) 2013-09-11 2014-07-22 Confidential-information display control system, server, confidential-information display control method, and recording medium

Country Status (2)

Country Link
JP (1) JP2016212451A (en)
WO (1) WO2015037175A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7119692B2 (en) * 2018-07-20 2022-08-17 富士フイルムビジネスイノベーション株式会社 Display controller and program

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008126185A1 (en) * 2007-03-16 2008-10-23 Fujitsu Limited Information processing apparatus, information processing program, and information processing method
JP2009116512A (en) * 2007-11-05 2009-05-28 Sky Kk Confidential information protection system
JP2010102511A (en) * 2008-10-23 2010-05-06 Panasonic Corp Dynamic area-monitoring device, dynamic area-monitoring system, display device for dynamic area-monitoring, and method thereof
US20110321143A1 (en) * 2010-06-24 2011-12-29 International Business Machines Corporation Content protection using automatically selectable display surfaces

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008126185A1 (en) * 2007-03-16 2008-10-23 Fujitsu Limited Information processing apparatus, information processing program, and information processing method
JP2009116512A (en) * 2007-11-05 2009-05-28 Sky Kk Confidential information protection system
JP2010102511A (en) * 2008-10-23 2010-05-06 Panasonic Corp Dynamic area-monitoring device, dynamic area-monitoring system, display device for dynamic area-monitoring, and method thereof
US20110321143A1 (en) * 2010-06-24 2011-12-29 International Business Machines Corporation Content protection using automatically selectable display surfaces

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
MASATO SUETSUGU ET AL.: "A study on method to control security level dynamically from distance of intruder", IPSJ SIG NOTES, 15 April 2013 (2013-04-15), pages 1 - 6 *

Also Published As

Publication number Publication date
JP2016212451A (en) 2016-12-15

Similar Documents

Publication Publication Date Title
EP3905671B1 (en) Method and device for processing request
JP6281601B2 (en) Information processing apparatus, information processing system, control method, and program
US20140181678A1 (en) Interactive augmented reality system, devices and methods using the same
KR102482361B1 (en) Direct input from remote device
JP2013084248A (en) Information sharing device and program
JP2019046507A (en) Information processing device, information processing system, control method, and program
JP2017078969A (en) Suspicious person detection system and suspicious person detection method
US9959425B2 (en) Method and system of privacy protection in antagonistic social milieu/dark privacy spots
US20140075341A1 (en) Providing Feedback for Screen Sharing
JP6481208B2 (en) Information processing apparatus, information processing method, and program
WO2020072724A1 (en) Non-spoofable privacy indicator showing disabling of sensors on a network-connected client device
US20180288093A1 (en) Sensor management system, sensor management method, recording medium storing sensor management program, and sensor management device
JP2015064646A (en) Document management server and program; and document browsing system and program
CN110362288A (en) One kind is the same as screen control method, device, equipment and storage medium
KR20150092480A (en) Display device and method for controlling the same
KR20230046184A (en) Method for operating safety management system of suffocation fire accident prevention devcie
US20130332531A1 (en) Information processing device and meeting system
WO2015037175A1 (en) Confidential-information display control system, server, confidential-information display control method, and recording medium
JP2019117483A (en) Information processing device, control method, and program
US20190223011A1 (en) Method for detecting the possible taking of screenshots
JP6691311B2 (en) Information processing device, information processing method, and program
US11250388B2 (en) Information processing system, information terminal, and display apparatus
US11481507B2 (en) Augmented reality document redaction
KR101039096B1 (en) Home sensor network system managed by web page
JP4572906B2 (en) Terminal monitoring system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14843331

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14843331

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP