WO2019031343A1 - Data transfer system, and data transmission device and data reception device therefor - Google Patents

Data transfer system, and data transmission device and data reception device therefor Download PDF

Info

Publication number
WO2019031343A1
WO2019031343A1 PCT/JP2018/028826 JP2018028826W WO2019031343A1 WO 2019031343 A1 WO2019031343 A1 WO 2019031343A1 JP 2018028826 W JP2018028826 W JP 2018028826W WO 2019031343 A1 WO2019031343 A1 WO 2019031343A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
encryption key
detection result
data transmission
packet
Prior art date
Application number
PCT/JP2018/028826
Other languages
French (fr)
Japanese (ja)
Inventor
久保 誠雄
出野 徹
秀規 近藤
Original Assignee
オムロンヘルスケア株式会社
オムロン株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by オムロンヘルスケア株式会社, オムロン株式会社 filed Critical オムロンヘルスケア株式会社
Publication of WO2019031343A1 publication Critical patent/WO2019031343A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • the present invention relates to data transmission / reception technology by one-way communication.
  • a blood pressure monitor having a function of transferring blood pressure data to a user's portable information terminal has been put on the market.
  • the portable information terminal for example, a smartphone, a tablet type terminal, or a notebook personal computer is used. By using this function, the user can list the measurement results of his / her blood pressure under various conditions on the portable information terminal.
  • near field communication technology in particular Bluetooth (registered trademark) technology is typically used.
  • Bluetooth communication connection
  • WLAN wireless local area network
  • connection bi-directional communication called connection can be performed.
  • the operation imposed on the user for pairing is complicated, the communication procedure after pairing is complicated, the portable information terminal side needs to support BLE, only the portable information terminal
  • the blood pressure monitor requires high-performance hardware (processor, memory), high development / evaluation cost, large communication overhead, and is not suitable for small-capacity data transmission.
  • BLE can also perform one-way communication called advertising.
  • Japanese Patent No. 5852620 discloses a technique for transmitting data including optional data in the margin of the data field of an advertisement packet.
  • blood pressure data is transmitted using advertising, pairing and subsequent complicated communication procedures become unnecessary, so the above problem is eliminated or alleviated.
  • blood pressure data transmission using advertising if blood pressure data is encrypted, leakage of blood pressure data to a third party can be prevented.
  • An object of the present invention is to provide a data transmission system capable of enhancing security of data in one-way communication, and a data transmission apparatus and a data reception apparatus therefor.
  • a data transmission system comprising a data transmission apparatus and a data reception apparatus used in a state of being attached to or held by a specific part of a user, wherein the data transmission apparatus is the data transmission apparatus.
  • a detection unit for detecting a mechanical motion applied to the data transmission device, a generation unit for generating a first encryption key based on the detection result of the mechanical motion applied to the data transmission apparatus, and the first encryption An encryption processing unit that encrypts transmission data using a key; a packet transmission processing unit that stores the encrypted transmission data in a packet for one-way communication; and transmits the packet; A detection unit for detecting a dynamic movement applied to the data receiving apparatus, and a generation unit for generating a second encryption key based on a detection result of the dynamic movement applied to the data receiving apparatus
  • a packet reception processing unit for receiving a packet for one-way communication in which the encrypted transmission data is stored, which is transmitted from the data transmission apparatus, and the transmission data stored in the received packet A data transmission system comprising: a decryption processing unit that decrypts using the second encryption key.
  • the data transmission apparatus creates the same encryption key as the encryption key generated by the data reception apparatus based on the detection result of the dynamic motion added to the data transmission apparatus. can do.
  • the data transmission apparatus can encrypt transmission data using the same encryption key as the encryption key used to decrypt the transmission data by the data reception apparatus.
  • the data receiving apparatus can create the same encryption key as the encryption key generated by the data transmitting apparatus based on the detection result of the dynamic motion added to the data receiving apparatus.
  • the data reception apparatus can decrypt the transmission data encrypted by the data transmission apparatus.
  • a second aspect of the present invention is a data transmission apparatus used in a state of being attached to or gripped by a specific part of a user together with a data reception apparatus, which detects mechanical motion applied to the data transmission apparatus.
  • a detection unit a creation unit that creates an encryption key based on the detection result of the dynamic motion applied to the data transmission apparatus; an encryption processing unit that encrypts transmission data using the encryption key;
  • a packet transmission processing unit that stores encrypted transmission data in a packet for one-way communication and transmits the packet.
  • the data transmission apparatus creates the same encryption key as the encryption key generated by the data reception apparatus based on the detection result of the dynamic motion applied to the data transmission apparatus. can do.
  • the data transmission apparatus can encrypt transmission data using the same encryption key as the encryption key used to decrypt the transmission data by the data reception apparatus.
  • the creation unit uses a detection result regarding a predetermined one direction based on a mechanical motion applied to the data transmission device.
  • the encryption key is created.
  • the data transmission apparatus uses the detection result on one direction determined in advance to obtain the encryption key. Can be created.
  • the data transmission apparatus receives the data of the encryption key generated by the data transmission apparatus. It is possible to reduce the possibility of being different from the encryption key generated by the device.
  • the generation unit compares the data amount of the detection result with a reference value, and the data amount of the detection result is less than the reference value
  • the encryption key is created using the detection result based on the comparison result indicating that.
  • the data transmission device creates the encryption key based on the dynamic motion applied to the uncomplicated data transmission device such that the amount of data is less than the reference value. it can.
  • the data transmission apparatus receives the data of the encryption key generated by the data transmission apparatus. It is possible to reduce the possibility of being different from the encryption key generated by the device.
  • the creating unit creates the encryption key based on an operation instructing the user to create the encryption key. It is.
  • the data transmitting apparatus can create an encryption key triggered by an operation instructing the user to create an encryption key. Therefore, the data transmitting apparatus can prevent the user from creating the encryption key at a timing when the creation of the encryption key is not desired.
  • the data transmitting device is the same as the encryption key generated by the data receiving device. You can create a key.
  • a sixth aspect of the present invention is a data receiving apparatus used in a state of being attached to or gripped by a specific part of a user together with a data transmitting apparatus, which detects mechanical motion applied to the data receiving apparatus.
  • a data reception apparatus comprising: a packet reception processing unit for receiving a packet for one-way communication; and a decryption processing unit for decrypting transmission data stored in the received packet using the encryption key.
  • the data receiving apparatus creates the same encryption key as the encryption key generated by the data transmitting apparatus based on the detection result of the dynamic motion added to the data receiving apparatus. can do. As a result, even if the encryption key can not be passed between the data transmission apparatus and the data reception apparatus, the data reception apparatus can decrypt the transmission data encrypted by the data transmission apparatus.
  • the creating unit uses a detection result regarding a predetermined one direction based on a mechanical motion applied to the data receiving apparatus.
  • the encryption key is created.
  • the data receiving apparatus uses the detection result on one direction determined in advance, even if the mechanical motion applied to the data receiving apparatus is complex. Can be created. As a result, for example, when the user gives the data transmission apparatus and the data reception apparatus the same mechanical motion, the data reception apparatus transmits data of the encryption key generated by the data reception apparatus. It is possible to reduce the possibility of being different from the encryption key generated by the device.
  • the generation unit compares the data amount of the detection result with a reference value, and the data amount of the detection result is less than the reference value
  • the encryption key is created using the detection result based on the comparison result indicating that.
  • the data receiving apparatus creates the encryption key based on the mechanical motion applied to the uncomplicated data receiving apparatus such that the amount of data is less than the reference value. it can.
  • the data reception apparatus transmits data of the encryption key generated by the data reception apparatus. It is possible to reduce the possibility of being different from the encryption key generated by the device.
  • the creation unit creates the encryption key based on an operation instructing the user to create the encryption key. It is.
  • the data receiving apparatus can create an encryption key triggered by an operation of instructing creation of an encryption key by the user. Therefore, the data receiving apparatus can prevent the user from creating the encryption key at a timing when the creation of the encryption key is not desired.
  • the data receiving device may use the same encryption key as the encryption key created by the data transmitting device. You can create a key.
  • FIG. 1 is a block diagram showing an application example of the data transmission apparatus and the data reception apparatus according to the embodiment.
  • FIG. 2 is a block diagram illustrating a data transmission system including the data transmission apparatus and the data reception apparatus according to the embodiment.
  • FIG. 3 is a block diagram illustrating the hardware configuration of the data transmission apparatus according to the embodiment.
  • FIG. 4 is a block diagram illustrating the software configuration of the data transmission apparatus according to the embodiment.
  • FIG. 5 is a block diagram illustrating the hardware configuration of the data receiving apparatus according to the embodiment.
  • FIG. 6 is a block diagram illustrating the software configuration of the data receiving apparatus according to the embodiment.
  • FIG. 7 is an explanatory diagram of advertising performed in BLE.
  • FIG. 8 is a diagram illustrating the data structure of packets transmitted and received in BLE.
  • FIG. 8 is a diagram illustrating the data structure of packets transmitted and received in BLE.
  • FIG. 9 is a diagram illustrating the data structure of the PDU field of the advertisement packet.
  • FIG. 10 is a flowchart illustrating the operation of the data transmission apparatus according to the embodiment.
  • FIG. 11 is a flowchart illustrating the operation of the data receiving apparatus according to the embodiment.
  • FIG. 1 schematically shows an application example of the data transmitting apparatus 100 and the data receiving apparatus 200 according to the present embodiment.
  • the data transmitting apparatus 100 and the data receiving apparatus 200 are used in a state of being mounted or gripped at a specific site of the user. Thereby, the data transmission device 100 and the data reception device 200 add the same dynamic motion according to the motion of the specific part of the user.
  • the data transmission device 100 is a sensor device that measures the amount of biological information or activity information of the user on a daily basis.
  • the data transmission apparatus 100 is an apparatus capable of one-way communication such as BLE.
  • the data transmission apparatus 100 includes a creation unit 1111, an encryption processing unit 1112 and a packet transmission processing unit 1113.
  • the creation unit 1111 creates an encryption key based on the detection result of the dynamic motion added to the data transmission apparatus 100.
  • the encryption processing unit 1112 encrypts measurement data indicating biological information or activity information of the user using the encryption key generated by the generation unit 1111.
  • the packet transmission processing unit 1113 stores the encrypted transmission data in the advertisement packet in BLE, and transmits the advertisement packet.
  • the data transmitting apparatus 100 can transmit an advertisement packet using one-way communication of BLE.
  • the data reception device 200 is a portable information terminal such as a smartphone or a tablet.
  • the data receiving apparatus 200 is an apparatus capable of BLE wireless communication.
  • the data receiving apparatus 200 receives, from the data transmitting apparatus 100, an advertisement packet in which encrypted measurement data is stored.
  • the creation unit 2111 creates an encryption key based on the detection result of the dynamic motion added to the data receiving apparatus 200.
  • the decryption processing unit 2112 decrypts the encrypted measurement data stored in the advertisement packet, using the encryption key generated by the generation unit 2111.
  • the data processing unit 2113 transmits the decoded measurement data to another device.
  • the data transmitting apparatus 100 and the data receiving apparatus 200 can enhance the security of data in one-way communication.
  • FIG. 2 is a block diagram illustrating a data transmission system including the data transmission apparatus 100 and the data reception apparatus 200 according to the present embodiment.
  • the data transmitting apparatus 100 and the data receiving apparatus 200 are used in a state of being mounted or gripped at a specific site of the user. Thereby, the data transmission device 100 and the data reception device 200 add the same dynamic motion according to the motion of the specific part of the user.
  • the data transmission device 100 is a sensor device that routinely measures an amount related to biological information or activity information of the user, such as a blood pressure monitor, a thermometer, an activity meter, a pedometer, a body composition meter, and a weight scale.
  • the data transmission apparatus 100 is an apparatus capable of one-way communication such as BLE.
  • BLE the appearance of a wristwatch type wearable sphygmomanometer is shown as the data transmission device 100, but the data transmission device 100 is not limited to this, and may be a stationary sphygmomanometer. It may be a sensor device that measures quantities related to other biometric information or activity information.
  • the data transmitting apparatus 100 transmits measurement data indicating biological information or activity information to the data receiving apparatus 200 by one-way communication. Measurement data may be referred to as transmission data.
  • the data transmission device 100 is used with the data reception device 200 in a state of being attached to or gripped by a specific part of the user. As a result, the data transmitting apparatus 100 applies the same mechanical motion as the mechanical motion applied to the data receiving device 200 according to the motion of the specific part of the user.
  • the data reception device 200 is a portable information terminal such as a smartphone or a tablet.
  • the data receiving apparatus 200 is mainly an apparatus capable of wireless communication such as BLE, mobile communication (3G, 4G, etc.) and WLAN.
  • the data receiving apparatus 200 is used with the data transmitting apparatus 100 in a state of being attached to or gripped by a specific part of the user.
  • the data receiving apparatus 200 has the same mechanical movement as the mechanical movement applied to the data transmitting apparatus 100 according to the movement of the specific part of the user.
  • the data receiving apparatus 200 receives the measurement data from the data transmitting apparatus 100 by BLE.
  • the data receiving apparatus 200 transmits measurement data to the server 300 via the network.
  • the data receiving apparatus 200 uses, for example, mobile communication or WLAN.
  • the server 300 corresponds to a database that manages biometric information or activity information of a large number of users based on measurement data.
  • FIG. 3 schematically shows an example of the hardware configuration of the data transmission apparatus 100. As shown in FIG.
  • the data transmission apparatus 100 includes a control unit 111, a storage unit 112, a communication interface 113, an input device 114, an output device 115, an external interface 116, a battery 117, and a living body sensor 118. And the motion sensor 119 are electrically connected.
  • the communication interface and the external interface are described as “communication I / F” and “external I / F”, respectively.
  • the control unit 111 includes a central processing unit (CPU), a random access memory (RAM), a read only memory (ROM), and the like.
  • the CPU is an example of a processor.
  • the CPU develops the program stored in the storage unit 112 in the RAM. Then, the CPU interprets and executes this program, whereby the control unit 111 can execute various information processing, for example, processing of functional blocks described in the item of software configuration.
  • the storage unit 112 is a so-called auxiliary storage device, and may be, for example, a semiconductor memory such as a built-in or external flash memory, a hard disk drive (HDD), or a solid state drive (SSD).
  • the storage unit 112 stores a program executed by the control unit 111, data used by the control unit 111, and the like.
  • the program can also be referred to as an instruction to operate the control unit 111.
  • the communication interface 113 includes at least a wireless module for transmitting (advertising) a packet of one-way communication such as BLE. Advertising of BLE will be described later.
  • the wireless module receives, from the control unit 111, an advertisement packet in BLE in which encrypted measurement data is stored. The encryption of measurement data will be described later.
  • the wireless module sends an advertisement packet.
  • the wireless module may be referred to as a transmitter. Note that BLE may be replaced by another low power consumption, one-way communication standard that can be used in the future. In that case, the following description may be read appropriately.
  • the input device 114 is a device for receiving user input such as a touch screen, a button, and a switch.
  • the output device 115 is, for example, a device for performing output such as a display and a speaker.
  • the external interface 116 is a universal serial bus (USB) port, a memory card slot, or the like, and is an interface for connecting to an external device.
  • USB universal serial bus
  • the battery 117 supplies the power supply voltage of the data transmission apparatus 100.
  • the battery 117 may be replaceable.
  • Data transmission apparatus 100 may be connectable to a commercial power supply via an AC (Alternating Current) adapter. In this case, the battery 117 can be omitted.
  • AC Alternating Current
  • the biometric sensor 118 obtains measurement data by measuring the amount of biometric information of the user.
  • the operation of the biological sensor 118 is controlled by, for example, a sensor control unit (not shown).
  • the measurement data is stored in the storage unit 112 in association with date and time data.
  • Biosensor 118 typically includes a blood pressure sensor that obtains blood pressure data by measuring an amount related to the user's blood pressure.
  • the measurement data includes blood pressure data.
  • Blood pressure data may include, but is not limited to, for example, systolic blood pressure SBP (systolic blood pressure) and diastolic blood pressure DBP (diastolic blood pressure) values and pulse rate.
  • measurement data can include electrocardiogram data, pulse wave data, body temperature data, and the like.
  • the blood pressure sensor may include a blood pressure sensor (hereinafter also referred to as a continuous blood pressure sensor) capable of continuously measuring an amount related to the user's blood pressure every one beat.
  • the continuous blood pressure sensor may continuously measure an amount related to the user's blood pressure from pulse wave transit time (PTT), or may realize continuous measurement by tonometry or other techniques.
  • PTT pulse wave transit time
  • the blood pressure sensor is a blood pressure sensor that performs a measurement operation in response to a user operation or at a preset measurement time instead of or in addition to a continuous blood pressure sensor (hereinafter referred to as discontinuous blood pressure Can also be included).
  • a non-continuous blood pressure sensor for example, uses a cuff as a pressure sensor to measure an amount related to the user's blood pressure (oscillometric method).
  • Non-continuous blood pressure sensors tend to have higher measurement accuracy than continuous blood pressure sensors. Therefore, the blood pressure sensor is replaced with the continuous blood pressure sensor, for example, triggered by that a certain condition is satisfied (for example, the amount related to the user's blood pressure measured by the continuous blood pressure sensor suggested a predetermined state) By operating the non-continuous blood pressure sensor, the amount related to blood pressure may be measured with higher accuracy.
  • the motion sensor 119 may be, for example, an acceleration sensor or a gyro sensor.
  • the motion sensor 119 detects acceleration / angular velocity received by the motion sensor 119 to obtain a detection result indicating acceleration / angular velocity data (hereinafter also referred to as motion data) of three axes.
  • the motion sensor 119 detects the mechanical motion applied to the data transmission device 100.
  • the motion sensor 119 may be referred to as a detection unit.
  • the operation of the motion sensor 119 is controlled by, for example, a sensor control unit (not shown).
  • the detection result is used to create an encryption key for encrypting measurement data as described later.
  • control unit 111 may include a plurality of processors.
  • the data transmission device 100 may be configured by a plurality of sensor devices.
  • FIG. 4 schematically illustrates an example of the software configuration of the data transmission apparatus 100.
  • the control unit 111 implements a creation unit 1111, an encryption processing unit 1112 and a packet transmission processing unit 1113.
  • the creation unit 1111 will be described.
  • the creation unit 1111 creates the encryption key based on the detection result of the dynamic motion added to the data transmission apparatus 100 as exemplified below.
  • the creation unit 1111 creates the encryption key based on an operation instructing the user to create the encryption key.
  • the data transmission apparatus 100 is worn on the wrist of the user and moves in response to the movement of the user.
  • the creation unit 1111 receives the detection result of the dynamic motion applied to the data transmission apparatus 100 from the motion sensor 119 in time series.
  • the creation unit 1111 receives, from the motion sensor 119, the detection result of the dynamic motion added to the data transmission apparatus 100 during a predetermined time after detecting an instruction regarding the creation start of the encryption key by the user.
  • the creating unit 1111 is added to the data transmitting apparatus 100 after detecting an instruction regarding the start of creation of the encryption key by the user until detecting an instruction regarding the end of creation of the encryption key by the user.
  • the detection result of the dynamic motion may be received from the motion sensor 119.
  • the creation unit 1111 creates an encryption key using detection results along a time series according to a predetermined algorithm.
  • the creation unit 1111 outputs the encryption key to the encryption processing unit 1112.
  • the encryption processing unit 1112 will be described.
  • the encryption processing unit 1112 encrypts measurement data using an encryption key as exemplified below.
  • the encryption processing unit 1112 receives the encryption key from the creation unit 1111.
  • the encryption processing unit 1112 acquires measurement data from the storage unit 112.
  • the encryption processing unit 1112 encrypts measurement data using the encryption key generated by the data transmission apparatus 100 according to a predetermined algorithm.
  • the encryption method for example, the transmitting side and the receiving side have a common key, and the transmitting side substitutes the plaintext into a ciphertext using the common key and transmits it, and the receiving side receives the ciphertext using the common key
  • a common key scheme to decrypt is used.
  • any method may be used as long as the transmitting side and the receiving side use the common key.
  • the encryption processing unit 1112 outputs the encrypted measurement data to the packet transmission processing unit 1113.
  • the packet transmission processing unit 1113 will be described.
  • the packet transmission processing unit 1113 stores the encrypted measurement data in the advertisement packet in BLE, and transmits the advertisement packet.
  • the packet transmission processing unit 1113 transmits an advertisement packet via the communication interface 113.
  • FIG. 5 schematically illustrates an example of the hardware configuration of the data receiving apparatus 200.
  • the control unit 211, the storage unit 212, the communication interface 213, the input device 214, the output device 215, the external interface 216, and the motion sensor 217 are electrically connected.
  • the control unit 211 includes a CPU, a RAM, a ROM, and the like.
  • the CPU is an example of a processor.
  • the CPU develops the program stored in the storage unit 212 in the RAM. Then, the CPU interprets and executes this program, whereby the control unit 211 can execute various information processing, for example, processing of the functional blocks described in the item of the software configuration.
  • the storage unit 212 is a so-called auxiliary storage device, and may be, for example, a semiconductor memory such as a built-in or external flash memory.
  • the storage unit 212 stores a program executed by the control unit 211, data used by the control unit 211, and the like.
  • the program can also be referred to as an instruction to operate the control unit 211.
  • the communication interface 213 mainly includes various wireless communication modules for BLE, mobile communication (3G, 4G, etc.) and WLAN.
  • the communication interface 213 may further include a wired communication module such as a wired LAN (Local Area Network) module.
  • the communication module for BLE receives the advertisement packet, which is transmitted from the data transmitting apparatus 100, in which the encrypted measurement data is stored.
  • the communication module for BLE may be referred to as a packet reception processor.
  • the input device 214 is a device for receiving user input such as a touch screen, for example.
  • the output device 215 is, for example, a device for performing an output such as a display or a speaker.
  • the external interface 216 is a USB port, a memory card slot, or the like, and is an interface for connecting to an external device.
  • the motion sensor 217 may be, for example, an acceleration sensor or a gyro sensor, similar to the motion sensor 119 described above.
  • the motion sensor 217 detects an acceleration / angular velocity received by the motion sensor 217 to obtain a detection result indicating acceleration / angular velocity data of three axes.
  • the motion sensor 217 detects the mechanical motion applied to the data receiving device 200.
  • the motion sensor 217 may be referred to as a detection unit.
  • the operation of the motion sensor 217 is controlled by, for example, a sensor control unit (not shown).
  • the detection result is used to create an encryption key for decrypting the encrypted measurement data as described later.
  • control unit 211 may include a plurality of processors.
  • FIG. 6 schematically illustrates an example of the software configuration of the data receiving apparatus 200.
  • the control unit 211 mounts the creation unit 2111, the decoding processing unit 2112, and the data processing unit 2113.
  • the creation unit 2111 creates the encryption key based on the detection result of the dynamic motion added to the data receiving apparatus 200 as illustrated below. For example, the creation unit 2111 creates an encryption key based on an operation instructing the user to create an encryption key. For example, the data receiving apparatus 200 moves with the data transmitting apparatus 100 according to the movement of the user by being held by the hand of the user to which the data transmitting apparatus 100 is attached.
  • the creation unit 2111 receives the detection result of the dynamic motion added to the data reception device 200 from the motion sensor 217 in time series. In one example, the creation unit 2111 receives, from the motion sensor 217, the detection result of the dynamic motion added to the data reception device 200 during a predetermined time after detecting an instruction regarding the creation start of the encryption key by the user.
  • the creating unit 2111 is added to the data receiving apparatus 200 after detecting an instruction regarding the start of creation of the encryption key by the user until detecting an instruction regarding the end of creation of the encryption key by the user.
  • the detection result of the mechanical motion may be received from the motion sensor 217.
  • the creation unit 2111 creates an encryption key using detection results along a time series according to a predetermined algorithm.
  • the creation unit 2111 outputs the encryption key to the decryption processing unit 2112.
  • the decryption processing unit 2112 decrypts the measurement data using the encryption key generated by the data receiving apparatus 200 as exemplified below.
  • the decryption processing unit 2112 receives the encryption key from the creation unit 2111. Also, the decryption processing unit 2112 receives, from the communication interface 213, an advertisement packet in which the encrypted measurement data is stored.
  • the decryption processing unit 2112 decrypts the encrypted measurement data stored in the advertisement packet using the encryption key generated by the data receiving apparatus 200 according to a predetermined algorithm.
  • the decoding processing unit 2112 outputs the decoded measurement data to the data processing unit 2113.
  • the data processing unit 2113 will be described.
  • the data processing unit 2113 stores the measurement data in the storage unit 212. Furthermore, the data processing unit 2113 transmits measurement data to the server 300 via the network in accordance with a predetermined communication protocol.
  • FIG. 8 shows the basic structure of the BLE wireless communication packet.
  • the BLE wireless communication packet has a 1-byte preamble, a 4-byte access address, a 2-39-byte (variable) protocol data unit (PDU), and a 3-byte cyclic redundancy check (CRC: Cyclic). And Redundancy Checksum).
  • the length of the BLE wireless communication packet is 10 to 47 bytes, depending on the length of the PDU.
  • a 10-byte BLE wireless communication packet (PDU is 2 bytes) is Empty Also called a PDU packet, it is periodically exchanged between the master and the slave.
  • the preamble field is prepared for synchronization of BLE wireless communication, and stores "01" or "10" repetitions.
  • the access address is a fixed numerical value in the advertising channel and a random access address in the data channel.
  • an advertisement packet which is a BLE wireless communication packet transmitted on an advertising channel, is targeted.
  • the CRC field is used to detect a reception error.
  • the calculation range of CRC is only the PDU field.
  • the PDU field of the advertisement packet will be described using FIG.
  • the PDU field of the data communication packet which is a BLE wireless communication packet transmitted on the data channel has a data structure different from that of FIG. 9, the data communication packet is not targeted in the present embodiment, and therefore, the description is omitted.
  • the PDU field of the advertisement packet includes a 2-byte header and a payload of 0 to 37 bytes (variable).
  • the header further includes a 4-bit PDU Type field, a 2-bit unused field, a 1-bit TxAdd field, a 1-bit RxAdd field, a 6-bit Length field, and a 2-bit unused field. Including.
  • the PDU Type field stores a value indicating the type of this PDU.
  • TxAdd field a flag indicating whether or not there is a transmission address in the payload is stored.
  • RxAdd field a flag indicating whether or not there is a reception address in the payload is stored.
  • Length field a value indicating the byte size of the payload is stored.
  • the payload can store any data. Therefore, the data transmission apparatus 100 stores measurement data and date and time data in the payload using a predetermined data structure.
  • This data structure is, for example, an identifier representing a user, an identifier representing the data transmission apparatus 100 as a transmission source apparatus, an identifier representing a data reception apparatus 200 as a destination apparatus, date and time data, systolic blood pressure SBP associated with date and time data, It may include one or more measurement data such as diastolic blood pressure DBP, pulse rate, activity, and the like.
  • FIG. 10 is a flowchart illustrating an example of the operation of the data transmission apparatus 100.
  • the data transmitting apparatus 100 is used with the data receiving apparatus 200 in a state of being attached to or gripped by a specific part of the user.
  • the data transmitting apparatus 100 adds the same mechanical motion as the mechanical motion applied to the data receiving device 200 according to the motion of the specific part of the user.
  • the data transmission apparatus 100 is worn on the wrist of the user.
  • the process sequence demonstrated below is only an example, and each process may be changed as much as possible.
  • omission, substitution, and addition of steps can be made as appropriate.
  • the creation unit 1111 creates the encryption key based on the detection result of the dynamic motion added to the data transmission apparatus 100 (step S101).
  • the encryption processing unit 1112 acquires measurement data from the storage unit 112 (step S102).
  • the encryption processing unit 1112 encrypts the measurement data using the encryption key generated by the data transmission apparatus 100 (step S103).
  • the packet transmission processing unit 1113 stores the encrypted measurement data in the advertisement packet, and transmits the advertisement packet (step S104).
  • the data transmitting apparatus 100 can transmit the advertisement packet storing the encrypted measurement data to the data receiving apparatus 200.
  • step S101 the creating unit 1111 creates an encryption key using a detection result on one direction determined in advance based on the dynamic movement applied to the data transmitting apparatus 100 as illustrated below. You may
  • the creation unit 1111 extracts a detection result along a time series of predetermined unidirectional components from the detection results along the time series.
  • the predetermined one direction is, for example, the vertical direction, but may be another direction.
  • the creation unit 1111 creates an encryption key using a predetermined one-way component detection result.
  • the creation unit 1111 can create the encryption key using the detection result of the predetermined one-way component as it is according to the predetermined algorithm.
  • the creating unit 1111 detects the number of vibrations in one direction determined in advance from the detection result of the component in one direction determined in advance, and creates an encryption key based on the number of vibrations. be able to.
  • the creation unit 1111 can create the encryption key using the simplified detection result.
  • step S101 the generation unit 1111 compares the data amount of the detection result of the dynamic motion added to the data transmission apparatus 100 with the reference value as exemplified below, and the data amount of the detection result is the reference
  • the detection result may be used to create the encryption key based on the comparison result indicating that the value is less than the value.
  • the creation unit 1111 compares the detection result along the time series with the reference value.
  • the reference value is appropriately set so that the data amount of the detection result does not become too large. The reason is that, as the amount of data of the detection result increases, the possibility that the encryption key generated by the data transmission apparatus 100 will not match the encryption key generated by the data reception apparatus 200 increases.
  • the creation unit 1111 creates an encryption key using the detection result based on the comparison result indicating that the data amount of the detection result is less than the reference value.
  • the creation unit 1111 discards the detection result based on the comparison result indicating that the data amount of the detection result is equal to or greater than the reference value.
  • the creation unit 1111 controls the output device 115 to output a message prompting the user to create the encryption key again.
  • the creation unit 1111 receives the detection result of the dynamic motion newly added to the data transmission apparatus 100 from the motion sensor 119.
  • the creating unit 1111 compares the data amount of the new detection result with the reference value, and processes the same as the above according to the comparison result.
  • the creation unit 1111 can create the encryption key using the detection result that the amount of data does not become too large.
  • FIG. 11 is a flowchart illustrating an example of the operation of the data receiving apparatus 200.
  • the data receiving apparatus 200 is used together with the data transmitting apparatus 100 in a state of being attached to or gripped by a specific part of the user.
  • the data receiving apparatus 200 adds the same mechanical movement as the mechanical movement applied to the data transmitting apparatus 100 according to the movement of the specific part of the user.
  • the data receiving apparatus 200 is held by the user's hand on which the data transmitting apparatus 100 is attached.
  • the mechanical motion applied to the data receiving apparatus 200 according to the motion of the user's hand is the same as the mechanical motion applied to the data transmitting apparatus 100.
  • the process sequence demonstrated below is only an example, and each process may be changed as much as possible.
  • the processing procedure described below depending on the embodiment, omission, substitution, and addition of steps can be made as appropriate.
  • the creating unit 2111 creates the encryption key based on the detection result of the dynamic motion added to the data receiving apparatus 200 (step S201).
  • the decryption processing unit 2112 receives, from the communication interface 213, the advertisement packet in which the encrypted measurement data is stored (step S202).
  • the decryption processing unit 2112 decrypts the encrypted measurement data stored in the advertisement packet using the encryption key generated by the data receiving apparatus 200 (step S203).
  • the data receiving apparatus 200 can use the decoded measurement data.
  • step S201 the creating unit 2111 creates the encryption key using the detection result on one direction determined in advance based on the mechanical movement applied to the data receiving apparatus 200 as illustrated below. You may
  • the creating unit 2111 extracts a detection result along a time series of predetermined unidirectional components from the detection results along the time series.
  • the predetermined one direction is, for example, the vertical direction, but may be another direction.
  • the creation unit 2111 creates an encryption key using a predetermined one-way component detection result.
  • the creation unit 2111 can create the encryption key using the detection result of the predetermined one-way component as it is according to the predetermined algorithm.
  • the creating unit 2111 detects the number of vibrations in one direction determined in advance from the detection result of the component in one direction determined in advance, and creates an encryption key based on the number of vibrations. be able to.
  • the creation unit 2111 can create the encryption key using the simplified detection result.
  • step S201 the generation unit 2111 compares the data amount of the detection result of the dynamic motion added to the data receiving apparatus 200 with the reference value as exemplified below, and the data amount of the detection result is a reference
  • the detection result may be used to create the encryption key based on the comparison result indicating that the value is less than the value.
  • the creation unit 2111 compares the detection result along the time series with a reference value.
  • the reference value is appropriately set so that the data amount of the detection result does not become too large. The reason is that as the amount of data of the detection result increases, the possibility that the encryption key generated by the data receiving apparatus 200 will not match the encryption key generated by the data transmitting apparatus 100 increases.
  • the creation unit 2111 creates an encryption key using the detection result based on the comparison result indicating that the data amount of the detection result is less than the reference value.
  • the creating unit 2111 discards the detection result based on the comparison result indicating that the data amount of the detection result is equal to or more than the reference value.
  • the creation unit 2111 controls the output device 215 to output a message prompting the user to create the encryption key again.
  • the creation unit 2111 receives from the motion sensor 217 the detection result of the dynamic motion newly added to the data receiving apparatus 200.
  • the creating unit 2111 compares the data amount of the new detection result with the reference value, and processes the same as the above according to the comparison result.
  • the creating unit 2111 can create the encryption key using the detection result that the amount of data does not become too large.
  • the data transmission system includes the data transmitting apparatus 100 and the data receiving apparatus 200 which are used in a state of being attached to or gripped by a specific part of the user.
  • the data transmission apparatus 100 creates an encryption key based on the detection result of the dynamic motion applied to the data transmission apparatus 100, encrypts transmission data using the encryption key, and advertises encrypted transmission data. Store in a packet and send an advertisement packet.
  • the data receiving apparatus 200 creates an encryption key based on the detection result of the dynamic motion applied to the data receiving apparatus 200, and uses the encryption key for the encrypted transmission data stored in the advertisement packet. To decrypt.
  • the data transmitting apparatus 100 can create the same encryption key as the encryption key generated by the data receiving apparatus 200 based on the detection result of the dynamic motion added to the data transmitting apparatus 100.
  • the data transmitting apparatus 100 can encrypt the transmission data using the same encryption key as the encryption key used to decrypt the transmission data by the data receiving apparatus 200.
  • the data receiving apparatus 200 can create the same encryption key as the encryption key generated by the data transmitting apparatus 100 based on the detection result of the dynamic motion added to the data receiving apparatus 200.
  • the data receiving apparatus 200 can decrypt the transmission data encrypted by the data transmitting apparatus 100. it can.
  • the data transmission apparatus 100 creates an encryption key using the detection result regarding one predetermined direction based on the dynamic motion added to the data transmission apparatus 100.
  • the data transmission apparatus 100 can create an encryption key using the detection result on one direction determined in advance.
  • the data transmitting apparatus 100 when the user holds the data transmitting apparatus 100 and the data receiving apparatus 200 and applies the same mechanical motion to them, the data transmitting apparatus 100 generates the code generated by the data transmitting apparatus 100. It is possible to reduce the possibility that the key will be different from the encryption key generated by the data receiving apparatus 200.
  • the data transmitting apparatus 100 compares the data amount of the detection result of the dynamic motion added to the data transmitting device 100 with the reference value, and the data amount of the detection result is less than the reference value.
  • the encryption key is created using the detection result based on the comparison result indicating.
  • the data transmitting apparatus 100 can create the encryption key based on the dynamic motion applied to the data transmitting apparatus 100 which is not complicated such that the amount of data is less than the reference value.
  • the data transmitting apparatus 100 generates the code generated by the data transmitting apparatus 100. It is possible to reduce the possibility that the key will be different from the encryption key generated by the data receiving apparatus 200.
  • the data transmitting apparatus 100 creates the encryption key based on the operation of instructing the creation of the encryption key by the user.
  • the data transmitting apparatus 100 can create an encryption key, triggered by an operation of instructing creation of an encryption key by the user. Therefore, the data transmitting apparatus 100 can prevent the creation of the encryption key at the timing when the user does not want to create the encryption key.
  • the data transmitting apparatus 100 when the user gives the data transmitting apparatus 100 and the data receiving apparatus 200 an operation of simultaneously instructing creation of an encryption key, the data transmitting apparatus 100 generates the encryption key generated by the data receiving apparatus 200. The same encryption key can be created. 0 can decrypt the measurement data encrypted by the data transmission apparatus 100.
  • the data receiving apparatus 200 creates an encryption key using the detection result regarding one predetermined direction based on the mechanical motion applied to the data receiving apparatus 200.
  • the data receiving apparatus 200 can create an encryption key using the detection result on one direction determined in advance.
  • the data receiving apparatus 200 when the user holds the data transmitting apparatus 100 and the data receiving apparatus 200 and applies the same dynamic motion to them, the data receiving apparatus 200 generates the code generated by the data receiving apparatus 200. It is possible to reduce the possibility that the key will be different from the encryption key generated by the data transmission device 100.
  • the data receiving apparatus 200 compares the data amount of the detection result of the dynamic motion added to the data receiving device 200 with the reference value, and the data amount of the detection result is less than the reference value.
  • the encryption key is created using the detection result based on the comparison result indicating.
  • the data receiving apparatus 200 can create the encryption key based on the dynamic motion applied to the data receiving apparatus 200 which is not complicated such that the amount of data is less than the reference value.
  • the data receiving apparatus 200 generates the code generated by the data receiving apparatus 200. It is possible to reduce the possibility that the key will be different from the encryption key generated by the data transmission device 100.
  • the data receiving apparatus 200 creates an encryption key based on an operation of instructing creation of an encryption key by the user.
  • the data receiving apparatus 200 can create an encryption key using an operation instructing the creation of an encryption key by the user as a trigger. Therefore, the data receiving apparatus 200 can prevent the creation of the encryption key at the timing when the user does not want to create the encryption key.
  • the data receiving apparatus 200 when the user simultaneously gives the data transmitting apparatus 100 and the data receiving apparatus 200 an operation of instructing creation of an encryption key, the data receiving apparatus 200 generates the encryption key generated by the data transmitting apparatus 100. The same encryption key can be created.
  • the encrypted data transmitted and received between the devices may be data other than the measurement data.
  • a data transmission device used in a state of being mounted or held on a specific part of a user together with a data reception device, A detection unit for detecting a mechanical movement applied to the data transmission device; Generating an encryption key based on the detection result of the dynamic motion added to the data transmission device; Encrypt transmission data using the encryption key, A processor configured to store the encrypted transmission data in a packet for one-way communication and transmit the packet; A memory storing instructions for operating the processor;
  • a data transmission apparatus comprising: (Supplementary Note 2) A data receiving apparatus used in a state of being mounted or held on a specific part of a user together with a data transmitting apparatus, A detection unit for detecting a mechanical movement applied to the data receiving apparatus; A packet reception processing unit that receives, from the data transmission apparatus, a packet for one-way communication in which encrypted transmission data is stored; Creating an

Abstract

The present invention can enhance the security of data in unidirectional communication. A data transmission device is used while being mounted to or gripped by a specific site of a user together with a data reception device, and comprises: a detection unit for detecting mechanical motion applied to the data transmission device; a creation unit for creating an encryption key on the basis of the detection result of the mechanical motion applied to the data transmission device; an encryption processing unit for encrypting transmission data by using the encryption key; and a packet transmission processing unit for storing the encrypted transmission data in a packet for unidirectional communication and transmitting the packet.

Description

データ伝送システムとそのデータ送信装置及びデータ受信装置Data transmission system and data transmission apparatus and data reception apparatus
 本発明は、片方向通信によるデータの送受信技術に関する。 The present invention relates to data transmission / reception technology by one-way communication.
 血圧データをユーザの携帯情報端末に転送する機能を備えた血圧計が市場投入されている。携帯情報端末としては、例えばスマートフォンやタブレット型端末、ノート型パーソナルコンピュータが用いられる。かかる機能を利用すれば、ユーザは様々な状況下での自己の血圧の測定結果を携帯情報端末で一覧することができる。また、血圧データの転送には、近距離無線通信技術、特にBluetooth(登録商標)技術が典型的には使用される。一般に、Bluetoothの通信(コネクション)は、WLAN(Wireless Local Area Network)通信に比べると、小規模かつ省電力に実現可能である。Bluetoothの仕様のバージョン4.0は、BLE(Bluetooth Low Energy)とも呼ばれ、従前の仕様に比べて消費電力をさらに少なくすることが可能である。 A blood pressure monitor having a function of transferring blood pressure data to a user's portable information terminal has been put on the market. As the portable information terminal, for example, a smartphone, a tablet type terminal, or a notebook personal computer is used. By using this function, the user can list the measurement results of his / her blood pressure under various conditions on the portable information terminal. Also, for the transfer of blood pressure data, near field communication technology, in particular Bluetooth (registered trademark) technology is typically used. Generally, Bluetooth communication (connection) can be realized on a smaller scale and with less power consumption than wireless local area network (WLAN) communication. Version 4.0 of the Bluetooth specification, also called BLE (Bluetooth Low Energy), can further reduce power consumption compared to previous specifications.
 BLEでは、コネクションと呼ばれる双方向通信を行うことができる。しかしながら、コネクションは、ペアリングのためにユーザに課される操作が煩雑である、ペアリング後の通信手順が煩雑である、携帯情報端末側がBLEをサポートしている必要がある、携帯情報端末ばかりでなく血圧計にも高性能なハードウェア(プロセッサ、メモリ)が必要となる、開発/評価コストが高い、通信のオーバーヘッド量が大きく小容量のデータ送信に向かない、などの問題がある。 In BLE, bi-directional communication called connection can be performed. However, in the connection, the operation imposed on the user for pairing is complicated, the communication procedure after pairing is complicated, the portable information terminal side needs to support BLE, only the portable information terminal In addition, the blood pressure monitor requires high-performance hardware (processor, memory), high development / evaluation cost, large communication overhead, and is not suitable for small-capacity data transmission.
 他方、BLEでは、アドバタイジングと呼ばれる片方向通信を行うこともできる。日本国特許第5852620号公報には、アドバタイズメントパケットのデータフィールドの余白部分に任意のデータを含めて送信する技術が開示されている。 On the other hand, BLE can also perform one-way communication called advertising. Japanese Patent No. 5852620 discloses a technique for transmitting data including optional data in the margin of the data field of an advertisement packet.
 アドバタイジングを利用して血圧データを送信すれば、ペアリングやその後の煩雑な通信手順が不要となるので、先の問題は解消または軽減される。また、アドバタイジングを利用した血圧データの送信において、血圧データが暗号化されていれば、第3者への血圧データの漏洩を防ぐことができる。 If blood pressure data is transmitted using advertising, pairing and subsequent complicated communication procedures become unnecessary, so the above problem is eliminated or alleviated. In addition, in blood pressure data transmission using advertising, if blood pressure data is encrypted, leakage of blood pressure data to a third party can be prevented.
 しかしながら、上述のアドバタイジングでは、送信側の機器と受信側の機器との間で双方向通信を行わないので、送信側の機器と受信側の機器との間で暗号鍵を受け渡すことができない。このため、受信側の機器では、暗号化された血圧データを適切に復号することは難しい。 However, in the above-mentioned advertising, since bi-directional communication is not performed between the transmitting device and the receiving device, the encryption key can not be passed between the transmitting device and the receiving device. Therefore, it is difficult for the receiving device to properly decrypt the encrypted blood pressure data.
 この発明は、片方向通信におけるデータのセキュリティを高めることができるデータ伝送システムとそのデータ送信装置及びデータ受信装置を提供しようとするものである。 An object of the present invention is to provide a data transmission system capable of enhancing security of data in one-way communication, and a data transmission apparatus and a data reception apparatus therefor.
 この発明の第1の態様は、ユーザの特定部位に装着または把持された状態で使用されるデータ送信装置及びデータ受信装置を備えるデータ伝送システムであって、前記データ送信装置は、前記データ送信装置に加えられた力学的な動きを検出する検出部と、前記データ送信装置に加えられた力学的な動きの検出結果に基づいて第1の暗号鍵を作成する作成部と、前記第1の暗号鍵を用いて送信データを暗号化する暗号化処理部と、前記暗号化された送信データを片方向通信用のパケットに格納し、当該パケットを送信するパケット送信処理部と、前記データ受信装置は、前記データ受信装置に加えられた力学的な動きを検出する検出部と、前記データ受信装置に加えられた力学的な動きの検出結果に基づいて第2の暗号鍵を作成する作成部と、前記データ送信装置から送信される、前記暗号化された送信データが格納されている片方向通信用のパケットを受信するパケット受信処理部と、前記受信されたパケットに格納されている送信データを、前記第2の暗号鍵を用いて復号する復号処理部とを備えるデータ伝送システムである。 According to a first aspect of the present invention, there is provided a data transmission system comprising a data transmission apparatus and a data reception apparatus used in a state of being attached to or held by a specific part of a user, wherein the data transmission apparatus is the data transmission apparatus. A detection unit for detecting a mechanical motion applied to the data transmission device, a generation unit for generating a first encryption key based on the detection result of the mechanical motion applied to the data transmission apparatus, and the first encryption An encryption processing unit that encrypts transmission data using a key; a packet transmission processing unit that stores the encrypted transmission data in a packet for one-way communication; and transmits the packet; A detection unit for detecting a dynamic movement applied to the data receiving apparatus, and a generation unit for generating a second encryption key based on a detection result of the dynamic movement applied to the data receiving apparatus A packet reception processing unit for receiving a packet for one-way communication in which the encrypted transmission data is stored, which is transmitted from the data transmission apparatus, and the transmission data stored in the received packet A data transmission system comprising: a decryption processing unit that decrypts using the second encryption key.
 この発明の第1の態様によれば、データ送信装置は、データ送信装置に加えられた力学的な動きの検出結果に基づいて、データ受信装置で作成される暗号鍵と同一の暗号鍵を作成することができる。その結果、データ送信装置は、データ受信装置で送信データの復号に用いられる暗号鍵と同一の暗号鍵を用いて送信データを暗号化することができる。データ受信装置は、データ受信装置に加えられた力学的な動きの検出結果に基づいて、データ送信装置で作成される暗号鍵と同一の暗号鍵を作成することができる。その結果、データ送信装置とデータ受信装置との間で暗号鍵を受け渡すことができなくても、データ受信装置は、データ送信装置で暗号化された送信データを復号することができる。 According to the first aspect of the present invention, the data transmission apparatus creates the same encryption key as the encryption key generated by the data reception apparatus based on the detection result of the dynamic motion added to the data transmission apparatus. can do. As a result, the data transmission apparatus can encrypt transmission data using the same encryption key as the encryption key used to decrypt the transmission data by the data reception apparatus. The data receiving apparatus can create the same encryption key as the encryption key generated by the data transmitting apparatus based on the detection result of the dynamic motion added to the data receiving apparatus. As a result, even if the encryption key can not be passed between the data transmission apparatus and the data reception apparatus, the data reception apparatus can decrypt the transmission data encrypted by the data transmission apparatus.
 この発明の第2の態様は、データ受信装置と共にユーザの特定部位に装着または把持された状態で使用されるデータ送信装置であって、前記データ送信装置に加えられた力学的な動きを検出する検出部と、前記データ送信装置に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成する作成部と、前記暗号鍵を用いて送信データを暗号化する暗号化処理部と、前記暗号化された送信データを片方向通信用のパケットに格納し、当該パケットを送信するパケット送信処理部とを備えるデータ送信装置である。 A second aspect of the present invention is a data transmission apparatus used in a state of being attached to or gripped by a specific part of a user together with a data reception apparatus, which detects mechanical motion applied to the data transmission apparatus. A detection unit; a creation unit that creates an encryption key based on the detection result of the dynamic motion applied to the data transmission apparatus; an encryption processing unit that encrypts transmission data using the encryption key; And a packet transmission processing unit that stores encrypted transmission data in a packet for one-way communication and transmits the packet.
 この発明の第2の態様によれば、データ送信装置は、データ送信装置に加えられた力学的な動きの検出結果に基づいて、データ受信装置で作成される暗号鍵と同一の暗号鍵を作成することができる。その結果、データ送信装置は、データ受信装置で送信データの復号に用いられる暗号鍵と同一の暗号鍵を用いて送信データを暗号化することができる。 According to the second aspect of the present invention, the data transmission apparatus creates the same encryption key as the encryption key generated by the data reception apparatus based on the detection result of the dynamic motion applied to the data transmission apparatus. can do. As a result, the data transmission apparatus can encrypt transmission data using the same encryption key as the encryption key used to decrypt the transmission data by the data reception apparatus.
 この発明の第3の態様は、第2の態様のデータ送信装置において、前記作成部が、前記データ送信装置に加えられた力学的な動きに基づく予め定められた一方向に関する検出結果を用いて前記暗号鍵を作成するようにしたものである。 According to a third aspect of the present invention, in the data transmission device according to the second aspect, the creation unit uses a detection result regarding a predetermined one direction based on a mechanical motion applied to the data transmission device. The encryption key is created.
 この発明の第3の態様によれば、データ送信装置は、データ送信装置に加えられた力学的な動きが複雑であったとしても、予め定められた一方向に関する検出結果を用いて暗号鍵を作成することができる。その結果、例えば、ユーザがデータ送信装置及びデータ受信装置を持った状態でこれらに同一の力学的な動きを与えた場合に、データ送信装置は、データ送信装置で作成される暗号鍵がデータ受信装置で作成される暗号鍵と異なるものになる可能性を低減することができる。 According to the third aspect of the present invention, even if the mechanical motion applied to the data transmission apparatus is complex, the data transmission apparatus uses the detection result on one direction determined in advance to obtain the encryption key. Can be created. As a result, when, for example, the user gives the data transmission apparatus and the data reception apparatus the same mechanical motion, the data transmission apparatus receives the data of the encryption key generated by the data transmission apparatus. It is possible to reduce the possibility of being different from the encryption key generated by the device.
 この発明の第4の態様は、第2の態様のデータ送信装置において、前記作成部が、前記検出結果のデータ量を基準値と比較し、前記検出結果のデータ量が前記基準値未満であることを示す比較結果に基づいて、前記検出結果を用いて前記暗号鍵を作成するようにしたものである。 According to a fourth aspect of the present invention, in the data transmitting apparatus according to the second aspect, the generation unit compares the data amount of the detection result with a reference value, and the data amount of the detection result is less than the reference value The encryption key is created using the detection result based on the comparison result indicating that.
 この発明の第4の態様によれば、データ送信装置は、データ量が基準値未満となるような複雑ではないデータ送信装置に加えられた力学的な動きに基づいて暗号鍵を作成することができる。その結果、例えば、ユーザがデータ送信装置及びデータ受信装置を持った状態でこれらに同一の力学的な動きを与えた場合に、データ送信装置は、データ送信装置で作成される暗号鍵がデータ受信装置で作成される暗号鍵と異なるものになる可能性を低減することができる。 According to the fourth aspect of the present invention, the data transmission device creates the encryption key based on the dynamic motion applied to the uncomplicated data transmission device such that the amount of data is less than the reference value. it can. As a result, when, for example, the user gives the data transmission apparatus and the data reception apparatus the same mechanical motion, the data transmission apparatus receives the data of the encryption key generated by the data transmission apparatus. It is possible to reduce the possibility of being different from the encryption key generated by the device.
 この発明の第5の態様は、第2の態様のデータ送信装置において、前記作成部が、前記ユーザによる前記暗号鍵の作成を指示する操作に基づいて、前記暗号鍵を作成するようにしたものである。 According to a fifth aspect of the present invention, in the data transmitting apparatus according to the second aspect, the creating unit creates the encryption key based on an operation instructing the user to create the encryption key. It is.
 この発明の第5の態様によれば、データ送信装置は、ユーザによる暗号鍵の作成を指示する操作をトリガとして、暗号鍵を作成することができる。このため、データ送信装置は、ユーザが暗号鍵の作成を望まないタイミングで暗号鍵を作成してしまうことを防止することができる。その結果、例えば、ユーザがデータ送信装置及びデータ受信装置に対して同時に暗号鍵の作成を指示する操作を与えた場合に、データ送信装置は、データ受信装置で作成される暗号鍵と同一の暗号鍵を作成することができる。 According to the fifth aspect of the present invention, the data transmitting apparatus can create an encryption key triggered by an operation instructing the user to create an encryption key. Therefore, the data transmitting apparatus can prevent the user from creating the encryption key at a timing when the creation of the encryption key is not desired. As a result, for example, when the user simultaneously gives the data transmitting device and the data receiving device an operation of instructing creation of the encryption key, the data transmitting device is the same as the encryption key generated by the data receiving device. You can create a key.
 この発明の第6の態様は、データ送信装置と共にユーザの特定部位に装着または把持された状態で使用されるデータ受信装置であって、前記データ受信装置に加えられた力学的な動きを検出する検出部と、前記データ受信装置に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成する作成部と、前記データ送信装置から送信される、暗号化された送信データが格納されている片方向通信用のパケットを受信するパケット受信処理部と、前記受信されたパケットに格納されている送信データを、前記暗号鍵を用いて復号する復号処理部とを備えるデータ受信装置である。 A sixth aspect of the present invention is a data receiving apparatus used in a state of being attached to or gripped by a specific part of a user together with a data transmitting apparatus, which detects mechanical motion applied to the data receiving apparatus. A detection unit, a generation unit for generating an encryption key based on the detection result of the dynamic motion applied to the data reception apparatus, and encrypted transmission data to be transmitted from the data transmission apparatus; A data reception apparatus comprising: a packet reception processing unit for receiving a packet for one-way communication; and a decryption processing unit for decrypting transmission data stored in the received packet using the encryption key.
 この発明の第6の態様によれば、データ受信装置は、データ受信装置に加えられた力学的な動きの検出結果に基づいて、データ送信装置で作成される暗号鍵と同一の暗号鍵を作成することができる。その結果、データ送信装置とデータ受信装置との間で暗号鍵を受け渡すことができなくても、データ受信装置は、データ送信装置で暗号化された送信データを復号することができる。 According to the sixth aspect of the present invention, the data receiving apparatus creates the same encryption key as the encryption key generated by the data transmitting apparatus based on the detection result of the dynamic motion added to the data receiving apparatus. can do. As a result, even if the encryption key can not be passed between the data transmission apparatus and the data reception apparatus, the data reception apparatus can decrypt the transmission data encrypted by the data transmission apparatus.
 この発明の第7の態様は、第6の態様のデータ受信装置において、前記作成部が、前記データ受信装置に加えられた力学的な動きに基づく予め定められた一方向に関する検出結果を用いて前記暗号鍵を作成するようにしたものである。 According to a seventh aspect of the present invention, in the data receiving apparatus according to the sixth aspect, the creating unit uses a detection result regarding a predetermined one direction based on a mechanical motion applied to the data receiving apparatus. The encryption key is created.
 この発明の第7の態様によれば、データ受信装置は、データ受信装置に加えられた力学的な動きが複雑であったとしても、予め定められた一方向に関する検出結果を用いて暗号鍵を作成することができる。その結果、例えば、ユーザがデータ送信装置及びデータ受信装置を持った状態でこれらに同一の力学的な動きを与えた場合に、データ受信装置は、データ受信装置で作成される暗号鍵がデータ送信装置で作成される暗号鍵と異なるものになる可能性を低減することができる。 According to the seventh aspect of the present invention, the data receiving apparatus uses the detection result on one direction determined in advance, even if the mechanical motion applied to the data receiving apparatus is complex. Can be created. As a result, for example, when the user gives the data transmission apparatus and the data reception apparatus the same mechanical motion, the data reception apparatus transmits data of the encryption key generated by the data reception apparatus. It is possible to reduce the possibility of being different from the encryption key generated by the device.
 この発明の第8の態様は、第6の態様のデータ受信装置において、前記作成部が、前記検出結果のデータ量を基準値と比較し、前記検出結果のデータ量が前記基準値未満であることを示す比較結果に基づいて、前記検出結果を用いて前記暗号鍵を作成するようにしたものである。 According to an eighth aspect of the present invention, in the data receiving device according to the sixth aspect, the generation unit compares the data amount of the detection result with a reference value, and the data amount of the detection result is less than the reference value The encryption key is created using the detection result based on the comparison result indicating that.
 この発明の第8の態様によれば、データ受信装置は、データ量が基準値未満となるような複雑ではないデータ受信装置に加えられた力学的な動きに基づいて暗号鍵を作成することができる。その結果、例えば、ユーザがデータ送信装置及びデータ受信装置を持った状態でこれらに同一の力学的な動きを与えた場合に、データ受信装置は、データ受信装置で作成される暗号鍵がデータ送信装置で作成される暗号鍵と異なるものになる可能性を低減することができる。 According to the eighth aspect of the present invention, the data receiving apparatus creates the encryption key based on the mechanical motion applied to the uncomplicated data receiving apparatus such that the amount of data is less than the reference value. it can. As a result, for example, when the user gives the data transmission apparatus and the data reception apparatus the same mechanical motion, the data reception apparatus transmits data of the encryption key generated by the data reception apparatus. It is possible to reduce the possibility of being different from the encryption key generated by the device.
 この発明の第9の態様は、第6の態様のデータ受信装置において、前記作成部が、前記ユーザによる前記暗号鍵の作成を指示する操作に基づいて、前記暗号鍵を作成するようにしたものである。 According to a ninth aspect of the present invention, in the data receiving apparatus according to the sixth aspect, the creation unit creates the encryption key based on an operation instructing the user to create the encryption key. It is.
 この発明の第9の態様によれば、データ受信装置は、ユーザによる暗号鍵の作成を指示する操作をトリガとして、暗号鍵を作成することができる。このため、データ受信装置は、ユーザが暗号鍵の作成を望まないタイミングで暗号鍵を作成してしまうことを防止することができる。その結果、例えば、ユーザがデータ送信装置及びデータ受信装置に対して同時に暗号鍵の作成を指示する操作を与えた場合に、データ受信装置は、データ送信装置で作成される暗号鍵と同一の暗号鍵を作成することができる。 According to the ninth aspect of the present invention, the data receiving apparatus can create an encryption key triggered by an operation of instructing creation of an encryption key by the user. Therefore, the data receiving apparatus can prevent the user from creating the encryption key at a timing when the creation of the encryption key is not desired. As a result, for example, when the user simultaneously gives the data transmitting device and the data receiving device an operation of instructing creation of an encryption key, the data receiving device may use the same encryption key as the encryption key created by the data transmitting device. You can create a key.
 本発明によれば、片方向通信におけるデータのセキュリティを高める技術を提供することができる。 According to the present invention, it is possible to provide a technique for enhancing the security of data in one-way communication.
図1は、実施形態に係るデータ送信装置及びデータ受信装置の適用例を示すブロック図である。FIG. 1 is a block diagram showing an application example of the data transmission apparatus and the data reception apparatus according to the embodiment. 図2は、実施形態に係るデータ送信装置及びデータ受信装置を含むデータ伝送システムを例示するブロック図である。FIG. 2 is a block diagram illustrating a data transmission system including the data transmission apparatus and the data reception apparatus according to the embodiment. 図3は、実施形態に係るデータ送信装置のハードウェア構成を例示するブロック図である。FIG. 3 is a block diagram illustrating the hardware configuration of the data transmission apparatus according to the embodiment. 図4は、実施形態に係るデータ送信装置のソフトウェア構成を例示するブロック図である。FIG. 4 is a block diagram illustrating the software configuration of the data transmission apparatus according to the embodiment. 図5は、実施形態に係るデータ受信装置のハードウェア構成を例示するブロック図である。FIG. 5 is a block diagram illustrating the hardware configuration of the data receiving apparatus according to the embodiment. 図6は、実施形態に係るデータ受信装置のソフトウェア構成を例示するブロック図である。FIG. 6 is a block diagram illustrating the software configuration of the data receiving apparatus according to the embodiment. 図7は、BLEにおいて行われるアドバタイジングの説明図である。FIG. 7 is an explanatory diagram of advertising performed in BLE. 図8は、BLEにおいて送受信されるパケットのデータ構造を例示する図である。FIG. 8 is a diagram illustrating the data structure of packets transmitted and received in BLE. 図9は、アドバタイズメントパケットのPDUフィールドのデータ構造を例示する図である。FIG. 9 is a diagram illustrating the data structure of the PDU field of the advertisement packet. 図10は、実施形態に係るデータ送信装置の動作を例示するフローチャートである。FIG. 10 is a flowchart illustrating the operation of the data transmission apparatus according to the embodiment. 図11は、実施形態に係るデータ受信装置の動作を例示するフローチャートである。FIG. 11 is a flowchart illustrating the operation of the data receiving apparatus according to the embodiment.
 以下、本発明の一側面に係る実施の形態(以降、「本実施形態」とも表記する)を、図面に基づいて説明する。 Hereinafter, an embodiment according to one aspect of the present invention (hereinafter, also referred to as “the present embodiment”) will be described based on the drawings.
 なお、以降、説明済みの要素と同一または類似の要素には同一または類似の符号を付し、重複する説明については基本的に省略する。 
 §1 適用例 
 まず、図1を用いて、本発明の一適用例について説明する。図1は、本実施形態に係るデータ送信装置100及びデータ受信装置200の適用例を模式的に示す。データ送信装置100及びデータ受信装置200は、ユーザの特定部位に装着または把持された状態で使用される。これにより、データ送信装置100及びデータ受信装置200は、ユーザの特定部位の動きに応じて同一の力学的な動きが加えられる。 Hereinafter, elements which are the same as or similar to the already described elements are denoted by the same or similar reference numerals, and redundant descriptions will be basically omitted.
11 Application example
First, one application example of the present invention will be described using FIG. FIG. 1 schematically shows an application example of the data transmitting apparatus 100 and the data receiving apparatus 200 according to the present embodiment. The data transmitting apparatus 100 and the data receiving apparatus 200 are used in a state of being mounted or gripped at a specific site of the user. Thereby, the data transmission device 100 and the data reception device 200 add the same dynamic motion according to the motion of the specific part of the user.
 データ送信装置100は、ユーザの生体情報または活動情報に関する量を日常的に測定するセンサ装置である。データ送信装置100は、BLEなどの片方向通信の可能な装置である。 
 データ送信装置100は、作成部1111と、暗号化処理部1112と、パケット送信処理部1113とを備えている。 The data transmission device 100 is a sensor device that measures the amount of biological information or activity information of the user on a daily basis. The data transmission apparatus 100 is an apparatus capable of one-way communication such as BLE.
The data transmission apparatus 100 includes a creation unit 1111, an encryption processing unit 1112 and a packet transmission processing unit 1113.
 作成部1111は、データ送信装置100に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成する。 
 暗号化処理部1112は、作成部1111で作成された暗号鍵を用いて、ユーザの生体情報または活動情報を示す測定データを暗号化する。 
 パケット送信処理部1113は、暗号化された送信データをBLEにおけるアドバタイズメントパケットに格納し、アドバタイズメントパケットを送信する。
 これにより、データ送信装置100は、BLEの片方向通信を用いて、アドバタイズメントパケットを送信することができる。 The creation unit 1111 creates an encryption key based on the detection result of the dynamic motion added to the data transmission apparatus 100.
The encryption processing unit 1112 encrypts measurement data indicating biological information or activity information of the user using the encryption key generated by the generation unit 1111.
The packet transmission processing unit 1113 stores the encrypted transmission data in the advertisement packet in BLE, and transmits the advertisement packet.
Thus, the data transmitting apparatus 100 can transmit an advertisement packet using one-way communication of BLE.
 データ受信装置200は、スマートフォン、タブレットなどの携帯情報端末である。データ受信装置200は、BLEの無線通信の可能な装置である。データ受信装置200は、暗号化された測定データが格納されているアドバタイズメントパケットをデータ送信装置100から受信する。 The data reception device 200 is a portable information terminal such as a smartphone or a tablet. The data receiving apparatus 200 is an apparatus capable of BLE wireless communication. The data receiving apparatus 200 receives, from the data transmitting apparatus 100, an advertisement packet in which encrypted measurement data is stored.
 作成部2111は、データ受信装置200に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成する。 
 復号処理部2112は、アドバタイズメントパケットに格納されている暗号化された測定データを、作成部2111で作成された暗号鍵を用いて復号する。 
 データ処理部2113は、復号された測定データを他の機器へ送信する。 The creation unit 2111 creates an encryption key based on the detection result of the dynamic motion added to the data receiving apparatus 200.
The decryption processing unit 2112 decrypts the encrypted measurement data stored in the advertisement packet, using the encryption key generated by the generation unit 2111.
The data processing unit 2113 transmits the decoded measurement data to another device.
 以上のとおり、本実施形態によれば、データ送信装置100及びデータ受信装置200は、片方向通信におけるデータのセキュリティを高めることができる。 As described above, according to the present embodiment, the data transmitting apparatus 100 and the data receiving apparatus 200 can enhance the security of data in one-way communication.
 §2 構成例 
 <データ伝送システム>
 図2を用いて、本実施形態に係るデータ伝送システムの一例について説明する。図2は、本実施形態に係るデータ送信装置100及びデータ受信装置200を含むデータ伝送システムを例示するブロック図である。データ送信装置100及びデータ受信装置200は、ユーザの特定部位に装着または把持された状態で使用される。これにより、データ送信装置100及びデータ受信装置200は、ユーザの特定部位の動きに応じて同一の力学的な動きが加えられる。 22 Configuration example
<Data transmission system>
An example of the data transmission system according to the present embodiment will be described with reference to FIG. FIG. 2 is a block diagram illustrating a data transmission system including the data transmission apparatus 100 and the data reception apparatus 200 according to the present embodiment. The data transmitting apparatus 100 and the data receiving apparatus 200 are used in a state of being mounted or gripped at a specific site of the user. Thereby, the data transmission device 100 and the data reception device 200 add the same dynamic motion according to the motion of the specific part of the user.
 データ送信装置100は、血圧計、体温計、活動量計、歩数計、体組成計、体重計などのユーザの生体情報または活動情報に関する量を日常的に測定するセンサ装置である。データ送信装置100は、BLEなどの片方向通信の可能な装置である。なお、図2の例では、データ送信装置100として腕時計型のウェアラブル血圧計の外観が示されているが、データ送信装置100はこれに限られず、据え置き型の血圧計であってもよいし、他の生体情報または活動情報に関する量を測定するセンサ装置であり得る。データ送信装置100は、生体情報または活動情報を示す測定データを片方向通信でデータ受信装置200へ送信する。測定データは、送信データということもある。データ送信装置100は、データ受信装置200と共にユーザの特定部位に装着または把持された状態で使用される。これにより、データ送信装置100は、ユーザの特定部位の動きに応じてデータ受信装置200に加えられる力学的な動きと同一の力学的な動きが加えられる。 The data transmission device 100 is a sensor device that routinely measures an amount related to biological information or activity information of the user, such as a blood pressure monitor, a thermometer, an activity meter, a pedometer, a body composition meter, and a weight scale. The data transmission apparatus 100 is an apparatus capable of one-way communication such as BLE. In the example of FIG. 2, the appearance of a wristwatch type wearable sphygmomanometer is shown as the data transmission device 100, but the data transmission device 100 is not limited to this, and may be a stationary sphygmomanometer. It may be a sensor device that measures quantities related to other biometric information or activity information. The data transmitting apparatus 100 transmits measurement data indicating biological information or activity information to the data receiving apparatus 200 by one-way communication. Measurement data may be referred to as transmission data. The data transmission device 100 is used with the data reception device 200 in a state of being attached to or gripped by a specific part of the user. As a result, the data transmitting apparatus 100 applies the same mechanical motion as the mechanical motion applied to the data receiving device 200 according to the motion of the specific part of the user.
 データ受信装置200は、スマートフォン、タブレットなどの携帯情報端末である。データ受信装置200は、主に、BLE、移動通信(3G、4Gなど)及びWLANなどの無線通信の可能な装置である。データ受信装置200は、データ送信装置100と共にユーザの特定部位に装着または把持された状態で使用される。データ受信装置200は、ユーザの特定部位の動きに応じてデータ送信装置100に加えられる力学的な動きと同一の力学的な動きが加えられる。 The data reception device 200 is a portable information terminal such as a smartphone or a tablet. The data receiving apparatus 200 is mainly an apparatus capable of wireless communication such as BLE, mobile communication (3G, 4G, etc.) and WLAN. The data receiving apparatus 200 is used with the data transmitting apparatus 100 in a state of being attached to or gripped by a specific part of the user. The data receiving apparatus 200 has the same mechanical movement as the mechanical movement applied to the data transmitting apparatus 100 according to the movement of the specific part of the user.
 データ受信装置200は、データ送信装置100からの測定データをBLEにより受信する。データ受信装置200は、測定データをネットワーク経由でサーバ300へ送信する。データ受信装置200は、例えば移動通信またはWLANを利用する。 The data receiving apparatus 200 receives the measurement data from the data transmitting apparatus 100 by BLE. The data receiving apparatus 200 transmits measurement data to the server 300 via the network. The data receiving apparatus 200 uses, for example, mobile communication or WLAN.
 サーバ300は、測定データに基づいて多数のユーザの生体情報または活動情報などを管理するデータベースに相当する。 The server 300 corresponds to a database that manages biometric information or activity information of a large number of users based on measurement data.
 <データ送信装置> 
 [ハードウェア構成] 
 次に、図3を用いて、本実施形態に係るデータ送信装置100のハードウェア構成の一例について説明する。図3は、データ送信装置100のハードウェア構成の一例を模式的に示す。 <Data transmission device>
[Hardware configuration]
Next, an example of the hardware configuration of the data transmission apparatus 100 according to the present embodiment will be described with reference to FIG. FIG. 3 schematically shows an example of the hardware configuration of the data transmission apparatus 100. As shown in FIG.
 図3に示されるとおり、データ送信装置100は、制御部111と、記憶部112と、通信インタフェース113と、入力装置114と、出力装置115と、外部インタフェース116と、バッテリ117と、生体センサ118と、動きセンサ119とが電気的に接続されたコンピュータである。なお、図3では、通信インタフェース及び外部インタフェースをそれぞれ、「通信I/F」及び「外部I/F」と記載している。 As shown in FIG. 3, the data transmission apparatus 100 includes a control unit 111, a storage unit 112, a communication interface 113, an input device 114, an output device 115, an external interface 116, a battery 117, and a living body sensor 118. And the motion sensor 119 are electrically connected. In FIG. 3, the communication interface and the external interface are described as “communication I / F” and “external I / F”, respectively.
 制御部111は、CPU(Central Processing Unit)、RAM(Random Access Memory)、ROM(Read Only Memory)などを含む。CPUは、プロセッサの一例である。CPUは、記憶部112に格納されたプログラムをRAMに展開する。そして、CPUがこのプログラムを解釈及び実行することで、制御部111は、様々な情報処理、例えば、ソフトウェア構成の項目において説明される機能ブロックの処理を実行可能となる。 The control unit 111 includes a central processing unit (CPU), a random access memory (RAM), a read only memory (ROM), and the like. The CPU is an example of a processor. The CPU develops the program stored in the storage unit 112 in the RAM. Then, the CPU interprets and executes this program, whereby the control unit 111 can execute various information processing, for example, processing of functional blocks described in the item of software configuration.
 記憶部112は、いわゆる補助記憶装置であり、例えば、内蔵または外付けのフラッシュメモリなどの半導体メモリ、HDD(Hard Disk Drive)、SSD(Solid State Drive)であり得る。記憶部112は、制御部111で実行されるプログラム、制御部111によって使用されるデータなどを記憶する。プログラムは、制御部111を動作させる命令ということもできる。 The storage unit 112 is a so-called auxiliary storage device, and may be, for example, a semiconductor memory such as a built-in or external flash memory, a hard disk drive (HDD), or a solid state drive (SSD). The storage unit 112 stores a program executed by the control unit 111, data used by the control unit 111, and the like. The program can also be referred to as an instruction to operate the control unit 111.
 通信インタフェース113は、少なくとも、BLEなどの片方向通信のパケットを送信(アドバタイジング)する無線モジュールを含む。BLEのアドバタイジングについては後述する。無線モジュールは、暗号化された測定データが格納されたBLEにおけるアドバタイズメントパケットを制御部111から受け取る。測定データの暗号化については後述する。無線モジュールは、アドバタイズメントパケットを送信する。無線モジュールは、送信部ということもある。なお、BLEは、将来的に他の低消費電力・片方向通信可能な通信規格に置き換わる可能性がある。その場合には、以降の説明を適宜読み替えればよい。 The communication interface 113 includes at least a wireless module for transmitting (advertising) a packet of one-way communication such as BLE. Advertising of BLE will be described later. The wireless module receives, from the control unit 111, an advertisement packet in BLE in which encrypted measurement data is stored. The encryption of measurement data will be described later. The wireless module sends an advertisement packet. The wireless module may be referred to as a transmitter. Note that BLE may be replaced by another low power consumption, one-way communication standard that can be used in the future. In that case, the following description may be read appropriately.
 入力装置114は、例えばタッチスクリーン、ボタン、スイッチなどのユーザ入力を受け付けるための装置である。 The input device 114 is a device for receiving user input such as a touch screen, a button, and a switch.
 出力装置115は、例えば、ディスプレイ、スピーカなどの出力を行うための装置である。 The output device 115 is, for example, a device for performing output such as a display and a speaker.
 外部インタフェース116は、USB(Universal Serial Bus)ポート、メモリカードスロットなどであり、外部装置と接続するためのインタフェースである。 The external interface 116 is a universal serial bus (USB) port, a memory card slot, or the like, and is an interface for connecting to an external device.
 バッテリ117は、データ送信装置100の電源電圧を供給する。バッテリ117は、交換可能であってもよい。なお、データ送信装置100は、AC(Alternating Current)アダプタを介して商用電源に接続可能であってもよい。この場合には、バッテリ117は省略され得る。 The battery 117 supplies the power supply voltage of the data transmission apparatus 100. The battery 117 may be replaceable. Data transmission apparatus 100 may be connectable to a commercial power supply via an AC (Alternating Current) adapter. In this case, the battery 117 can be omitted.
 生体センサ118は、ユーザの生体情報に関する量を測定することで測定データを得る。生体センサ118の動作は、例えば図示されないセンサ制御部によって制御される。測定データは、日時データに関連付けられて記憶部112に記憶される。生体センサ118は、典型的には、ユーザの血圧に関する量を測定することで血圧データを得る血圧センサを含む。この場合に、測定データは血圧データを含む。血圧データは、例えば、収縮期血圧SBP(Systolic Blood Pressure)及び拡張期血圧DBP(Diastolic Blood Pressure)の値と脈拍数とを含み得るが、これらに限られない。このほか、測定データは、心電データ、脈波データ、体温データなどを含むことができる。 The biometric sensor 118 obtains measurement data by measuring the amount of biometric information of the user. The operation of the biological sensor 118 is controlled by, for example, a sensor control unit (not shown). The measurement data is stored in the storage unit 112 in association with date and time data. Biosensor 118 typically includes a blood pressure sensor that obtains blood pressure data by measuring an amount related to the user's blood pressure. In this case, the measurement data includes blood pressure data. Blood pressure data may include, but is not limited to, for example, systolic blood pressure SBP (systolic blood pressure) and diastolic blood pressure DBP (diastolic blood pressure) values and pulse rate. In addition, measurement data can include electrocardiogram data, pulse wave data, body temperature data, and the like.
 血圧センサは、ユーザの血圧に関する量を1拍毎に連続的に測定可能な血圧センサ(以降、連続型の血圧センサとも称する)を含むことができる。連続型の血圧センサは、脈波伝播時間(PTT;Pulse Transit Time)からユーザの血圧に関する量を連続測定してもよいし、トノメトリ法または他の技法により連続測定を実現してもよい。 The blood pressure sensor may include a blood pressure sensor (hereinafter also referred to as a continuous blood pressure sensor) capable of continuously measuring an amount related to the user's blood pressure every one beat. The continuous blood pressure sensor may continuously measure an amount related to the user's blood pressure from pulse wave transit time (PTT), or may realize continuous measurement by tonometry or other techniques.
 血圧センサは、連続型の血圧センサに代えて、または、加えて、ユーザ操作に応じて、或いは予め設定された測定時刻になったときに測定動作を行う血圧センサ(以降、非連続型の血圧センサとも称する)を含むこともできる。非連続型の血圧センサは、例えば、カフを圧力センサとして用いてユーザの血圧に関する量を測定する(オシロメトリック法)。 The blood pressure sensor is a blood pressure sensor that performs a measurement operation in response to a user operation or at a preset measurement time instead of or in addition to a continuous blood pressure sensor (hereinafter referred to as discontinuous blood pressure Can also be included). A non-continuous blood pressure sensor, for example, uses a cuff as a pressure sensor to measure an amount related to the user's blood pressure (oscillometric method).
 非連続型の血圧センサ(特に、オシロメトリック法を用いた血圧センサ)は、連続型の血圧センサに比べて、測定精度が高い傾向にある。故に、血圧センサは、例えば、何らかの条件が満足する(例えば、連続型の血圧センサによって測定されたユーザの血圧に関する量が所定の状態を示唆した)ことをトリガとして、連続型の血圧センサに代えて非連続型の血圧センサを作動させることにより、血圧に関する量をより高い精度で測定してもよい。 Non-continuous blood pressure sensors (especially, blood pressure sensors using oscillometric method) tend to have higher measurement accuracy than continuous blood pressure sensors. Therefore, the blood pressure sensor is replaced with the continuous blood pressure sensor, for example, triggered by that a certain condition is satisfied (for example, the amount related to the user's blood pressure measured by the continuous blood pressure sensor suggested a predetermined state) By operating the non-continuous blood pressure sensor, the amount related to blood pressure may be measured with higher accuracy.
 動きセンサ119は、例えば、加速度センサまたはジャイロセンサであり得る。動きセンサ119は、当該動きセンサ119の受ける加速度/角速度を検出することで3軸の加速度/角速度データ(以降、動きデータとも称する)を示す検出結果を得る。このように、動きセンサ119は、データ送信装置100に加えられた力学的な動きを検出する。動きセンサ119は、検出部ということもある。動きセンサ119の動作は、例えば図示されないセンサ制御部によって制御される。検出結果は、後述するように、測定データを暗号化するための暗号鍵の作成に用いられる。 The motion sensor 119 may be, for example, an acceleration sensor or a gyro sensor. The motion sensor 119 detects acceleration / angular velocity received by the motion sensor 119 to obtain a detection result indicating acceleration / angular velocity data (hereinafter also referred to as motion data) of three axes. Thus, the motion sensor 119 detects the mechanical motion applied to the data transmission device 100. The motion sensor 119 may be referred to as a detection unit. The operation of the motion sensor 119 is controlled by, for example, a sensor control unit (not shown). The detection result is used to create an encryption key for encrypting measurement data as described later.
 なお、データ送信装置100の具体的なハードウェア構成に関して、実施形態に応じて、適宜、構成要素の省略、置換及び追加が可能である。例えば、制御部111は、複数のプロセッサを含んでもよい。データ送信装置100は、複数台のセンサ装置で構成されてもよい。 In addition, regarding the specific hardware configuration of the data transmission apparatus 100, omission, substitution, and addition of components can be appropriately made according to the embodiment. For example, the control unit 111 may include a plurality of processors. The data transmission device 100 may be configured by a plurality of sensor devices.
 <データ送信装置> 
 [ソフトウェア構成] 
 次に、図4を用いて、本実施形態に係るデータ送信装置100のソフトウェア構成の一例を説明する。図4は、データ送信装置100のソフトウェア構成の一例を模式的に示す。 
 制御部111は、作成部1111と、暗号化処理部1112と、パケット送信処理部1113とを実装する。 <Data transmission device>
Software Configuration
Next, an example of the software configuration of the data transmitting apparatus 100 according to the present embodiment will be described with reference to FIG. FIG. 4 schematically illustrates an example of the software configuration of the data transmission apparatus 100.
The control unit 111 implements a creation unit 1111, an encryption processing unit 1112 and a packet transmission processing unit 1113.
 作成部1111について説明する。 
 作成部1111は、以下に例示するように、データ送信装置100に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成する。例えば、作成部1111は、ユーザによる暗号鍵の作成を指示する操作に基づいて、暗号鍵を作成する。例えば、データ送信装置100は、ユーザの手首に装着されており、ユーザの動きに応じて動く。作成部1111は、データ送信装置100に加えられた力学的な動きの検出結果を時系列に沿って動きセンサ119から受け取る。一例では、作成部1111は、ユーザによる暗号鍵の作成開始に関する指示を検出した後からの所定時間中に、データ送信装置100に加えられた力学的な動きの検出結果を動きセンサ119から受け取る。これに代えて、別の例では、作成部1111は、ユーザによる暗号鍵の作成開始に関する指示を検出した後からユーザによる暗号鍵の作成終了に関する指示を検出するまで、データ送信装置100に加えられた力学的な動きの検出結果を動きセンサ119から受け取るようにしてもよい。作成部1111は、予め定められたアルゴリズムに従って、時系列に沿った検出結果を用いて暗号鍵を作成する。 
 作成部1111は、暗号鍵を暗号化処理部1112へ出力する。 The creation unit 1111 will be described.
The creation unit 1111 creates the encryption key based on the detection result of the dynamic motion added to the data transmission apparatus 100 as exemplified below. For example, the creation unit 1111 creates the encryption key based on an operation instructing the user to create the encryption key. For example, the data transmission apparatus 100 is worn on the wrist of the user and moves in response to the movement of the user. The creation unit 1111 receives the detection result of the dynamic motion applied to the data transmission apparatus 100 from the motion sensor 119 in time series. In one example, the creation unit 1111 receives, from the motion sensor 119, the detection result of the dynamic motion added to the data transmission apparatus 100 during a predetermined time after detecting an instruction regarding the creation start of the encryption key by the user. Alternatively, in another example, the creating unit 1111 is added to the data transmitting apparatus 100 after detecting an instruction regarding the start of creation of the encryption key by the user until detecting an instruction regarding the end of creation of the encryption key by the user. The detection result of the dynamic motion may be received from the motion sensor 119. The creation unit 1111 creates an encryption key using detection results along a time series according to a predetermined algorithm.
The creation unit 1111 outputs the encryption key to the encryption processing unit 1112.
 暗号化処理部1112について説明する。 
 暗号化処理部1112は、以下に例示するように、暗号鍵を用いて測定データを暗号化する。暗号化処理部1112は、作成部1111から暗号鍵を受け取る。また、暗号化処理部1112は、記憶部112から測定データを取得する。暗号化処理部1112は、予め定められたアルゴリズムに従って、データ送信装置100で作成された暗号鍵を用いて測定データを暗号化する。暗号化方式としては、例えば、送信側および受信側が共通鍵を持ち、送信側で平文を共通鍵を用いて暗号文に置換して送信し、受信側が受信した暗号文を上記共通鍵を用いて復号する共通鍵方式が使用される。なお、暗号化方式としては送信側および受信側が共通鍵を使用するものであれば、どのような方式を用いてもよい。 
 暗号化処理部1112は、暗号化された測定データをパケット送信処理部1113へ出力する。 The encryption processing unit 1112 will be described.
The encryption processing unit 1112 encrypts measurement data using an encryption key as exemplified below. The encryption processing unit 1112 receives the encryption key from the creation unit 1111. In addition, the encryption processing unit 1112 acquires measurement data from the storage unit 112. The encryption processing unit 1112 encrypts measurement data using the encryption key generated by the data transmission apparatus 100 according to a predetermined algorithm. As the encryption method, for example, the transmitting side and the receiving side have a common key, and the transmitting side substitutes the plaintext into a ciphertext using the common key and transmits it, and the receiving side receives the ciphertext using the common key A common key scheme to decrypt is used. As the encryption method, any method may be used as long as the transmitting side and the receiving side use the common key.
The encryption processing unit 1112 outputs the encrypted measurement data to the packet transmission processing unit 1113.
 パケット送信処理部1113について説明する。 
 パケット送信処理部1113は、暗号化された測定データをBLEにおけるアドバタイズメントパケットに格納し、アドバタイズメントパケットを送信する。パケット送信処理部1113は、通信インタフェース113を介して、アドバタイズメントパケットを送信する。 The packet transmission processing unit 1113 will be described.
The packet transmission processing unit 1113 stores the encrypted measurement data in the advertisement packet in BLE, and transmits the advertisement packet. The packet transmission processing unit 1113 transmits an advertisement packet via the communication interface 113.
 <データ受信装置> 
 [ハードウェア構成] 
 次に、図5を用いて、本実施形態に係るデータ受信装置200のハードウェア構成の一例について説明する。図5は、データ受信装置200のハードウェア構成の一例を模式的に示す。 <Data receiving device>
[Hardware configuration]
Next, an example of the hardware configuration of the data receiving apparatus 200 according to the present embodiment will be described using FIG. FIG. 5 schematically illustrates an example of the hardware configuration of the data receiving apparatus 200.
 図5に示されるとおり、データ受信装置200は、制御部211と、記憶部212と、通信インタフェース213と、入力装置214と、出力装置215と、外部インタフェース216と、動きセンサ217とが電気的に接続されたコンピュータである。なお、図5では、通信インタフェース及び外部インタフェースをそれぞれ、「通信I/F」及び「外部I/F」と記載している。 As shown in FIG. 5, in the data receiving apparatus 200, the control unit 211, the storage unit 212, the communication interface 213, the input device 214, the output device 215, the external interface 216, and the motion sensor 217 are electrically connected. Is a computer connected to In FIG. 5, the communication interface and the external interface are described as “communication I / F” and “external I / F”, respectively.
 制御部211は、CPU、RAM、ROMなどを含む。CPUは、プロセッサの一例である。CPUは、記憶部212に格納されたプログラムをRAMに展開する。そして、CPUがこのプログラムを解釈及び実行することで、制御部211は、様々な情報処理、例えば、ソフトウェア構成の項目において説明される機能ブロックの処理を実行可能となる。 The control unit 211 includes a CPU, a RAM, a ROM, and the like. The CPU is an example of a processor. The CPU develops the program stored in the storage unit 212 in the RAM. Then, the CPU interprets and executes this program, whereby the control unit 211 can execute various information processing, for example, processing of the functional blocks described in the item of the software configuration.
 記憶部212は、いわゆる補助記憶装置であり、例えば、内蔵または外付けのフラッシュメモリなどの半導体メモリであり得る。記憶部212は、制御部211で実行されるプログラム、制御部211によって使用されるデータなどを記憶する。プログラムは、制御部211を動作させる命令ということもできる。 The storage unit 212 is a so-called auxiliary storage device, and may be, for example, a semiconductor memory such as a built-in or external flash memory. The storage unit 212 stores a program executed by the control unit 211, data used by the control unit 211, and the like. The program can also be referred to as an instruction to operate the control unit 211.
 通信インタフェース213は、主に、BLE、移動通信(3G、4Gなど)及びWLANなどのための各種無線通信モジュールを含む。なお、通信インタフェース213は、有線LAN(Local Area Network)モジュールなどの有線通信モジュールをさらに備えていてもよい。BLEのための通信モジュールは、データ送信装置100から送信される、暗号化された測定データが格納されているアドバタイズメントパケットを受信する。BLEのための通信モジュールは、パケット受信処理部ということもある。 The communication interface 213 mainly includes various wireless communication modules for BLE, mobile communication (3G, 4G, etc.) and WLAN. The communication interface 213 may further include a wired communication module such as a wired LAN (Local Area Network) module. The communication module for BLE receives the advertisement packet, which is transmitted from the data transmitting apparatus 100, in which the encrypted measurement data is stored. The communication module for BLE may be referred to as a packet reception processor.
 入力装置214は、例えばタッチスクリーンなどのユーザ入力を受け付けるための装置である。 The input device 214 is a device for receiving user input such as a touch screen, for example.
 出力装置215は、例えば、ディスプレイ、スピーカなどの出力を行うための装置である。 The output device 215 is, for example, a device for performing an output such as a display or a speaker.
 外部インタフェース216は、USBポート、メモリカードスロットなどであり、外部装置と接続するためのインタフェースである。 The external interface 216 is a USB port, a memory card slot, or the like, and is an interface for connecting to an external device.
 動きセンサ217は、上述の動きセンサ119と同様に、例えば、加速度センサまたはジャイロセンサであり得る。動きセンサ217は、当該動きセンサ217の受ける加速度/角速度を検出することで、3軸の加速度/角速度データを示す検出結果を得る。このように、動きセンサ217は、データ受信装置200に加えられた力学的な動きを検出する。動きセンサ217は、検出部ということもある。動きセンサ217の動作は、例えば図示されないセンサ制御部によって制御される。検出結果は、後述するように、暗号化された測定データを復号するための暗号鍵の作成に用いられる。 The motion sensor 217 may be, for example, an acceleration sensor or a gyro sensor, similar to the motion sensor 119 described above. The motion sensor 217 detects an acceleration / angular velocity received by the motion sensor 217 to obtain a detection result indicating acceleration / angular velocity data of three axes. Thus, the motion sensor 217 detects the mechanical motion applied to the data receiving device 200. The motion sensor 217 may be referred to as a detection unit. The operation of the motion sensor 217 is controlled by, for example, a sensor control unit (not shown). The detection result is used to create an encryption key for decrypting the encrypted measurement data as described later.
 なお、データ受信装置200の具体的なハードウェア構成に関して、実施形態に応じて、適宜、構成要素の省略、置換及び追加が可能である。例えば、制御部211は、複数のプロセッサを含んでもよい。 In addition, regarding the specific hardware configuration of the data receiving apparatus 200, omission, replacement, and addition of components can be appropriately made according to the embodiment. For example, the control unit 211 may include a plurality of processors.
 <データ受信装置> 
 [ソフトウェア構成] 
 次に、図6を用いて、本実施形態に係るデータ受信装置200のソフトウェア構成の一例を説明する。図6は、データ受信装置200のソフトウェア構成の一例を模式的に示す。 
 制御部211は、作成部2111と、復号処理部2112と、データ処理部2113を実装する。 <Data receiving device>
Software Configuration
Next, an example of the software configuration of the data receiving apparatus 200 according to the present embodiment will be described with reference to FIG. FIG. 6 schematically illustrates an example of the software configuration of the data receiving apparatus 200.
The control unit 211 mounts the creation unit 2111, the decoding processing unit 2112, and the data processing unit 2113.
 作成部2111は、以下に例示するように、データ受信装置200に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成する。例えば、作成部2111は、ユーザによる暗号鍵の作成を指示する操作に基づいて、暗号鍵を作成する。例えば、データ受信装置200は、データ送信装置100が装着されたユーザの手で持たれることで、ユーザの動きに応じてデータ送信装置100と共に動く。作成部2111は、データ受信装置200に加えられた力学的な動きの検出結果を時系列に沿って動きセンサ217から受け取る。一例では、作成部2111は、ユーザによる暗号鍵の作成開始に関する指示を検出した後からの所定時間中に、データ受信装置200に加えられた力学的な動きの検出結果を動きセンサ217から受け取る。これに代えて、別の例では、作成部2111は、ユーザによる暗号鍵の作成開始に関する指示を検出した後からユーザによる暗号鍵の作成終了に関する指示を検出するまで、データ受信装置200に加えられた力学的な動きの検出結果を動きセンサ217から受け取るようにしてもよい。作成部2111は、予め定められたアルゴリズムに従って、時系列に沿った検出結果を用いて暗号鍵を作成する。 
 作成部2111は、暗号鍵を復号処理部2112へ出力する。 The creation unit 2111 creates the encryption key based on the detection result of the dynamic motion added to the data receiving apparatus 200 as illustrated below. For example, the creation unit 2111 creates an encryption key based on an operation instructing the user to create an encryption key. For example, the data receiving apparatus 200 moves with the data transmitting apparatus 100 according to the movement of the user by being held by the hand of the user to which the data transmitting apparatus 100 is attached. The creation unit 2111 receives the detection result of the dynamic motion added to the data reception device 200 from the motion sensor 217 in time series. In one example, the creation unit 2111 receives, from the motion sensor 217, the detection result of the dynamic motion added to the data reception device 200 during a predetermined time after detecting an instruction regarding the creation start of the encryption key by the user. Alternatively, in another example, the creating unit 2111 is added to the data receiving apparatus 200 after detecting an instruction regarding the start of creation of the encryption key by the user until detecting an instruction regarding the end of creation of the encryption key by the user. The detection result of the mechanical motion may be received from the motion sensor 217. The creation unit 2111 creates an encryption key using detection results along a time series according to a predetermined algorithm.
The creation unit 2111 outputs the encryption key to the decryption processing unit 2112.
 復号処理部2112について説明する。 
 復号処理部2112は、以下に例示するように、データ受信装置200で作成された暗号鍵を用いて測定データを復号する。復号処理部2112は、作成部2111から暗号鍵を受け取る。また、復号処理部2112は、暗号化された測定データが格納されているアドバタイズメントパケットを、通信インタフェース213から受け取る。復号処理部2112は、予め定められたアルゴリズムに従って、アドバタイズメントパケットに格納されている暗号化された測定データを、データ受信装置200で作成された暗号鍵を用いて復号する。 
 復号処理部2112は、復号された測定データをデータ処理部2113へ出力する。 The decryption processing unit 2112 will be described.
The decryption processing unit 2112 decrypts the measurement data using the encryption key generated by the data receiving apparatus 200 as exemplified below. The decryption processing unit 2112 receives the encryption key from the creation unit 2111. Also, the decryption processing unit 2112 receives, from the communication interface 213, an advertisement packet in which the encrypted measurement data is stored. The decryption processing unit 2112 decrypts the encrypted measurement data stored in the advertisement packet using the encryption key generated by the data receiving apparatus 200 according to a predetermined algorithm.
The decoding processing unit 2112 outputs the decoded measurement data to the data processing unit 2113.
 データ処理部2113について説明する。 
 データ処理部2113は、測定データを記憶部212へ記憶させる。さらに、データ処理部2113は、予め定められた通信プロトコルに従って、測定データをネットワーク経由でサーバ300へ送信する。 The data processing unit 2113 will be described.
The data processing unit 2113 stores the measurement data in the storage unit 212. Furthermore, the data processing unit 2113 transmits measurement data to the server 300 via the network in accordance with a predetermined communication protocol.
 [BLEのアドバタイズメント] 
 BLEのアドバタイズメントについて概略的に説明する。 
 BLEにおいて採用されるパッシブスキャン方式では、図7に例示するように、新規ノードは自己の存在を周知するアドバタイズメントパケットを定期的に送信する。この新規ノードは、アドバタイズメントパケットを一度送信してから次に送信するまでの間に、低消費電力のスリープ状態に入ることで消費電力を節約できる。また、アドバタイズメントパケットの受信側も間欠的に動作するので、アドバタイズメントパケットの送受信に伴う消費電力は僅かである。 [Advertisement of BLE]
An outline of the advertisement of BLE will be described.
In the passive scanning scheme employed in BLE, as illustrated in FIG. 7, a new node periodically transmits an advertisement packet that announces its own presence. The new node can save power consumption by entering a low power consumption sleep state after transmitting an advertisement packet once and before transmitting it. In addition, since the receiving side of the advertisement packet also operates intermittently, the power consumption for transmitting and receiving the advertisement packet is small.
 図8にBLE無線通信パケットの基本構造を示す。BLE無線通信パケットは、1バイトのプリアンブルと、4バイトのアクセスアドレスと、2~39バイト(可変)のプロトコルデータユニット(PDU:Protocol Data Unit)と、3バイトの巡回冗長チェックサム(CRC:Cyclic Redundancy Checksum)とを含む。BLE無線通信パケットの長さは、PDUの長さに依存し、10~47バイトである。10バイトのBLE無線通信パケット(PDUは2バイト)は、Empty
 PDUパケットとも呼ばれ、マスタとスレイブ間で定期的に交換される。 FIG. 8 shows the basic structure of the BLE wireless communication packet. The BLE wireless communication packet has a 1-byte preamble, a 4-byte access address, a 2-39-byte (variable) protocol data unit (PDU), and a 3-byte cyclic redundancy check (CRC: Cyclic). And Redundancy Checksum). The length of the BLE wireless communication packet is 10 to 47 bytes, depending on the length of the PDU. A 10-byte BLE wireless communication packet (PDU is 2 bytes) is Empty
Also called a PDU packet, it is periodically exchanged between the master and the slave.
 プリアンブルフィールドは、BLE無線通信の同期のために用意されており、「01」または「10」の繰り返しが格納される。アクセスアドレスは、アドバタイジングチャネルでは固定数値、データチャネルでは乱数のアクセスアドレスが格納される。本実施形態では、アドバタイジングチャネル上で伝送されるBLE無線通信パケットであるアドバタイズメントパケットを対象とする。CRCフィールドは、受信誤りの検出に用いられる。CRCの計算範囲は、PDUフィールドのみである。 The preamble field is prepared for synchronization of BLE wireless communication, and stores "01" or "10" repetitions. The access address is a fixed numerical value in the advertising channel and a random access address in the data channel. In the present embodiment, an advertisement packet, which is a BLE wireless communication packet transmitted on an advertising channel, is targeted. The CRC field is used to detect a reception error. The calculation range of CRC is only the PDU field.
 次に、図9を用いて、アドバタイズメントパケットのPDUフィールドについて説明する。なお、データチャネル上で伝送されるBLE無線通信パケットであるデータ通信パケットのPDUフィールドは図9とは異なるデータ構造を有するが、本実施形態ではデータ通信パケットを対象としていないので説明を省略する。 Next, the PDU field of the advertisement packet will be described using FIG. Although the PDU field of the data communication packet which is a BLE wireless communication packet transmitted on the data channel has a data structure different from that of FIG. 9, the data communication packet is not targeted in the present embodiment, and therefore, the description is omitted.
 アドバタイズメントパケットのPDUフィールドは、2バイトのヘッダと、0~37バイト(可変)のペイロードとを含む。ヘッダは、さらに、4ビットのPDU Typeフィールドと、2ビットの未使用フィールドと、1ビットのTxAddフィールドと、1ビットのRxAddフィールドと、6ビットのLengthフィールドと、2ビットの未使用フィールドとを含む。 The PDU field of the advertisement packet includes a 2-byte header and a payload of 0 to 37 bytes (variable). The header further includes a 4-bit PDU Type field, a 2-bit unused field, a 1-bit TxAdd field, a 1-bit RxAdd field, a 6-bit Length field, and a 2-bit unused field. Including.
 PDU Typeフィールドには、このPDUのタイプを示す値が格納される。「接続可能アドバタイジング」、「非接続アドバタイジング」などのいくつかの値が定義済みである。TxAddフィールドには、ペイロード中に送信アドレスがあるか否かを示すフラグが格納される。同様に、RxAddフィールドには、ペイロード中に受信アドレスがあるか否かを示すフラグが格納される。Lengthフィールドには、ペイロードのバイトサイズを示す値が格納される。 The PDU Type field stores a value indicating the type of this PDU. Several values, such as "connectable advertising" and "not connected advertising", have been defined. In the TxAdd field, a flag indicating whether or not there is a transmission address in the payload is stored. Similarly, in the RxAdd field, a flag indicating whether or not there is a reception address in the payload is stored. In the Length field, a value indicating the byte size of the payload is stored.
 ペイロードには、任意のデータを格納することができる。そこで、データ送信装置100は、予め定められたデータ構造を用いて、測定データ及び日時データをペイロードに格納する。このデータ構造は、例えば、ユーザを表す識別子、送信元装置であるデータ送信装置100を表す識別子、宛先装置であるデータ受信装置200を表す識別子、日時データ、日時データに関連付けられる収縮期血圧SBP、拡張期血圧DBP、脈拍数、活動量などの1種または複数種の測定データを含み得る。 The payload can store any data. Therefore, the data transmission apparatus 100 stores measurement data and date and time data in the payload using a predetermined data structure. This data structure is, for example, an identifier representing a user, an identifier representing the data transmission apparatus 100 as a transmission source apparatus, an identifier representing a data reception apparatus 200 as a destination apparatus, date and time data, systolic blood pressure SBP associated with date and time data, It may include one or more measurement data such as diastolic blood pressure DBP, pulse rate, activity, and the like.
 §3 動作例 
 <データ送信装置> 
 次に、図10を用いて、データ送信装置100の動作例を説明する。図10は、データ送信装置100の動作の一例を例示するフローチャートである。ここでは、データ送信装置100は、データ受信装置200と共にユーザの特定部位に装着または把持された状態で使用される。これにより、データ送信装置100は、ユーザの特定部位の動きに応じてデータ受信装置200に加えられる力学的な動きと同一の力学的な動きが加えられるものとする。例えば、データ送信装置100は、ユーザの手首に装着されているものとする。なお、以下で説明する処理手順は一例に過ぎず、各処理は可能な限り変更されてよい。また、以下で説明する処理手順について、実施形態に応じて、適宜、ステップの省略、置換、及び追加が可能である。 3 3 Operation example
<Data transmission device>
Next, an operation example of the data transmission apparatus 100 will be described using FIG. FIG. 10 is a flowchart illustrating an example of the operation of the data transmission apparatus 100. Here, the data transmitting apparatus 100 is used with the data receiving apparatus 200 in a state of being attached to or gripped by a specific part of the user. As a result, it is assumed that the data transmitting apparatus 100 adds the same mechanical motion as the mechanical motion applied to the data receiving device 200 according to the motion of the specific part of the user. For example, it is assumed that the data transmission apparatus 100 is worn on the wrist of the user. In addition, the process sequence demonstrated below is only an example, and each process may be changed as much as possible. In addition, with regard to the processing procedure described below, depending on the embodiment, omission, substitution, and addition of steps can be made as appropriate.
 作成部1111は、上述のように、データ送信装置100に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成する(ステップS101)。 As described above, the creation unit 1111 creates the encryption key based on the detection result of the dynamic motion added to the data transmission apparatus 100 (step S101).
 暗号化処理部1112は、記憶部112から測定データを取得する(ステップS102)。 The encryption processing unit 1112 acquires measurement data from the storage unit 112 (step S102).
 暗号化処理部1112は、上述のように、データ送信装置100で作成された暗号鍵を用いて測定データを暗号化する(ステップS103)。 As described above, the encryption processing unit 1112 encrypts the measurement data using the encryption key generated by the data transmission apparatus 100 (step S103).
 パケット送信処理部1113は、上述のように、暗号化された測定データをアドバタイズメントパケットに格納し、アドバタイズメントパケットを送信する(ステップS104)。 As described above, the packet transmission processing unit 1113 stores the encrypted measurement data in the advertisement packet, and transmits the advertisement packet (step S104).
 上記の処理により、データ送信装置100は、暗号化された測定データを格納したアドバタイズメントパケットをデータ受信装置200へ送信することができる。 By the above process, the data transmitting apparatus 100 can transmit the advertisement packet storing the encrypted measurement data to the data receiving apparatus 200.
 なお、ステップS101において、作成部1111は、以下に例示するように、データ送信装置100に加えられた力学的な動きに基づく予め定められた一方向に関する検出結果を用いて暗号鍵を作成するようにしてもよい。 In step S101, the creating unit 1111 creates an encryption key using a detection result on one direction determined in advance based on the dynamic movement applied to the data transmitting apparatus 100 as illustrated below. You may
 この例では、作成部1111は、時系列に沿った検出結果から、予め定められた一方向の成分の時系列に沿った検出結果を抽出する。予め定められた一方向は、例えば鉛直方向であるが、これ以外の方向であってもよい。作成部1111は、予め定められた一方向の成分の検出結果を用いて暗号鍵を作成する。一例では、作成部1111は、予め定められたアルゴリズムに従って、予め定められた一方向の成分の検出結果をそのまま用いて暗号鍵を作成することができる。これに代えて、別の例では、作成部1111は、予め定められた一方向の成分の検出結果から予め定められた一方向の振動回数を検出し、振動回数に基づいて暗号鍵を作成することができる。 In this example, the creation unit 1111 extracts a detection result along a time series of predetermined unidirectional components from the detection results along the time series. The predetermined one direction is, for example, the vertical direction, but may be another direction. The creation unit 1111 creates an encryption key using a predetermined one-way component detection result. In one example, the creation unit 1111 can create the encryption key using the detection result of the predetermined one-way component as it is according to the predetermined algorithm. Instead of this, in another example, the creating unit 1111 detects the number of vibrations in one direction determined in advance from the detection result of the component in one direction determined in advance, and creates an encryption key based on the number of vibrations. be able to.
 この例により、作成部1111は、簡略化した検出結果を用いて暗号鍵を作成することができる。 According to this example, the creation unit 1111 can create the encryption key using the simplified detection result.
 なお、ステップS101において、作成部1111は、以下に例示するように、データ送信装置100に加えられた力学的な動きの検出結果のデータ量を基準値と比較し、検出結果のデータ量が基準値未満であることを示す比較結果に基づいて、検出結果を用いて暗号鍵を作成するようにしてもよい。 In step S101, the generation unit 1111 compares the data amount of the detection result of the dynamic motion added to the data transmission apparatus 100 with the reference value as exemplified below, and the data amount of the detection result is the reference The detection result may be used to create the encryption key based on the comparison result indicating that the value is less than the value.
 この例では、作成部1111は、時系列に沿った検出結果を基準値と比較する。基準値は、検出結果のデータ量が大きくなり過ぎないように適宜設定される。その理由は、検出結果のデータ量が大きくなるにつれ、データ送信装置100で作成される暗号鍵がデータ受信装置200で作成される暗号鍵と一致しなくなる可能性が高くなるからである。作成部1111は、検出結果のデータ量が基準値未満であることを示す比較結果に基づいて、この検出結果を用いて暗号鍵を作成する。他方、作成部1111は、検出結果のデータ量が基準値以上であることを示す比較結果に基づいて、この検出結果を破棄する。作成部1111は、ユーザへ暗号鍵の再度の作成を促すメッセージを出力装置115から出力するように制御する。これにより、作成部1111は、新たにデータ送信装置100に加えられた力学的な動きの検出結果を動きセンサ119から受け取る。作成部1111は、新たな検出結果のデータ量を基準値と比較し、比較結果に応じて、上記同様に処理する。 In this example, the creation unit 1111 compares the detection result along the time series with the reference value. The reference value is appropriately set so that the data amount of the detection result does not become too large. The reason is that, as the amount of data of the detection result increases, the possibility that the encryption key generated by the data transmission apparatus 100 will not match the encryption key generated by the data reception apparatus 200 increases. The creation unit 1111 creates an encryption key using the detection result based on the comparison result indicating that the data amount of the detection result is less than the reference value. On the other hand, the creation unit 1111 discards the detection result based on the comparison result indicating that the data amount of the detection result is equal to or greater than the reference value. The creation unit 1111 controls the output device 115 to output a message prompting the user to create the encryption key again. Thus, the creation unit 1111 receives the detection result of the dynamic motion newly added to the data transmission apparatus 100 from the motion sensor 119. The creating unit 1111 compares the data amount of the new detection result with the reference value, and processes the same as the above according to the comparison result.
 この例により、作成部1111は、データ量が大きくなり過ぎない検出結果を用いて暗号鍵を作成することができる。 According to this example, the creation unit 1111 can create the encryption key using the detection result that the amount of data does not become too large.
 <データ受信装置> 
 次に、図11を用いて、データ受信装置200の動作例を説明する。図11は、データ受信装置200の動作の一例を例示するフローチャートである。ここでは、データ受信装置200は、データ送信装置100と共にユーザの特定部位に装着または把持された状態で使用される。これにより、データ受信装置200は、ユーザの特定部位の動きに応じてデータ送信装置100に加えられる力学的な動きと同一の力学的な動きが加えられるものとする。例えば、データ受信装置200は、データ送信装置100が装着されたユーザの手で持たれているものとする。これにより、ユーザの手の動きに応じてデータ受信装置200に加えられる力学的な動きは、データ送信装置100に加えられる力学的な動きと同一となる。なお、以下で説明する処理手順は一例に過ぎず、各処理は可能な限り変更されてよい。また、以下で説明する処理手順について、実施形態に応じて、適宜、ステップの省略、置換、及び追加が可能である。 <Data receiving device>
Next, an operation example of the data receiving apparatus 200 will be described using FIG. FIG. 11 is a flowchart illustrating an example of the operation of the data receiving apparatus 200. Here, the data receiving apparatus 200 is used together with the data transmitting apparatus 100 in a state of being attached to or gripped by a specific part of the user. As a result, it is assumed that the data receiving apparatus 200 adds the same mechanical movement as the mechanical movement applied to the data transmitting apparatus 100 according to the movement of the specific part of the user. For example, it is assumed that the data receiving apparatus 200 is held by the user's hand on which the data transmitting apparatus 100 is attached. Thus, the mechanical motion applied to the data receiving apparatus 200 according to the motion of the user's hand is the same as the mechanical motion applied to the data transmitting apparatus 100. In addition, the process sequence demonstrated below is only an example, and each process may be changed as much as possible. In addition, with regard to the processing procedure described below, depending on the embodiment, omission, substitution, and addition of steps can be made as appropriate.
 作成部2111は、上述のように、データ受信装置200に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成する(ステップS201)。 As described above, the creating unit 2111 creates the encryption key based on the detection result of the dynamic motion added to the data receiving apparatus 200 (step S201).
 復号処理部2112は、上述のように、暗号化された測定データが格納されているアドバタイズメントパケットを通信インタフェース213から受け取る(ステップS202)。 As described above, the decryption processing unit 2112 receives, from the communication interface 213, the advertisement packet in which the encrypted measurement data is stored (step S202).
 復号処理部2112は、上述のように、アドバタイズメントパケットに格納されている暗号化された測定データを、データ受信装置200で作成された暗号鍵を用いて復号する(ステップS203)。 As described above, the decryption processing unit 2112 decrypts the encrypted measurement data stored in the advertisement packet using the encryption key generated by the data receiving apparatus 200 (step S203).
 上記の処理により、データ受信装置200は、復号された測定データを利用することができる。 By the above process, the data receiving apparatus 200 can use the decoded measurement data.
 なお、ステップS201において、作成部2111は、以下に例示するように、データ受信装置200に加えられた力学的な動きに基づく予め定められた一方向に関する検出結果を用いて暗号鍵を作成するようにしてもよい。 In step S201, the creating unit 2111 creates the encryption key using the detection result on one direction determined in advance based on the mechanical movement applied to the data receiving apparatus 200 as illustrated below. You may
 この例では、作成部2111は、時系列に沿った検出結果から、予め定められた一方向の成分の時系列に沿った検出結果を抽出する。予め定められた一方向は、例えば鉛直方向であるが、これ以外の方向であってもよい。作成部2111は、予め定められた一方向の成分の検出結果を用いて暗号鍵を作成する。一例では、作成部2111は、予め定められたアルゴリズムに従って、予め定められた一方向の成分の検出結果をそのまま用いて暗号鍵を作成することができる。これに代えて、別の例では、作成部2111は、予め定められた一方向の成分の検出結果から予め定められた一方向の振動回数を検出し、振動回数に基づいて暗号鍵を作成することができる。 In this example, the creating unit 2111 extracts a detection result along a time series of predetermined unidirectional components from the detection results along the time series. The predetermined one direction is, for example, the vertical direction, but may be another direction. The creation unit 2111 creates an encryption key using a predetermined one-way component detection result. In one example, the creation unit 2111 can create the encryption key using the detection result of the predetermined one-way component as it is according to the predetermined algorithm. Instead of this, in another example, the creating unit 2111 detects the number of vibrations in one direction determined in advance from the detection result of the component in one direction determined in advance, and creates an encryption key based on the number of vibrations. be able to.
 この例により、作成部2111は、簡略化した検出結果を用いて暗号鍵を作成することができる。 According to this example, the creation unit 2111 can create the encryption key using the simplified detection result.
 なお、ステップS201において、作成部2111は、以下に例示するように、データ受信装置200に加えられた力学的な動きの検出結果のデータ量を基準値と比較し、検出結果のデータ量が基準値未満であることを示す比較結果に基づいて、検出結果を用いて暗号鍵を作成するようにしてもよい。 In step S201, the generation unit 2111 compares the data amount of the detection result of the dynamic motion added to the data receiving apparatus 200 with the reference value as exemplified below, and the data amount of the detection result is a reference The detection result may be used to create the encryption key based on the comparison result indicating that the value is less than the value.
 この例では、作成部2111は、時系列に沿った検出結果を基準値と比較する。基準値は、検出結果のデータ量が大きくなり過ぎないように適宜設定される。その理由は、検出結果のデータ量が大きくなるにつれ、データ受信装置200で作成される暗号鍵がデータ送信装置100で作成される暗号鍵と一致しなくなる可能性が高くなるからである。作成部2111は、検出結果のデータ量が基準値未満であることを示す比較結果に基づいて、この検出結果を用いて暗号鍵を作成する。他方、作成部2111は、検出結果のデータ量が基準値以上であることを示す比較結果に基づいて、この検出結果を破棄する。作成部2111は、ユーザへ暗号鍵の再度の作成を促すメッセージを出力装置215から出力するように制御する。これにより、作成部2111は、新たにデータ受信装置200に加えられた力学的な動きの検出結果を動きセンサ217から受け取る。作成部2111は、新たな検出結果のデータ量を基準値と比較し、比較結果に応じて、上記同様に処理する。 In this example, the creation unit 2111 compares the detection result along the time series with a reference value. The reference value is appropriately set so that the data amount of the detection result does not become too large. The reason is that as the amount of data of the detection result increases, the possibility that the encryption key generated by the data receiving apparatus 200 will not match the encryption key generated by the data transmitting apparatus 100 increases. The creation unit 2111 creates an encryption key using the detection result based on the comparison result indicating that the data amount of the detection result is less than the reference value. On the other hand, the creating unit 2111 discards the detection result based on the comparison result indicating that the data amount of the detection result is equal to or more than the reference value. The creation unit 2111 controls the output device 215 to output a message prompting the user to create the encryption key again. Thus, the creation unit 2111 receives from the motion sensor 217 the detection result of the dynamic motion newly added to the data receiving apparatus 200. The creating unit 2111 compares the data amount of the new detection result with the reference value, and processes the same as the above according to the comparison result.
 この例により、作成部2111は、データ量が大きくなり過ぎない検出結果を用いて暗号鍵を作成することができる。 According to this example, the creating unit 2111 can create the encryption key using the detection result that the amount of data does not become too large.
 [作用・効果]
 以上説明したように、本実施形態では、データ伝送システムは、ユーザの特定部位に装着または把持された状態で使用されるデータ送信装置100及びデータ受信装置200を備える。データ送信装置100は、データ送信装置100に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成し、暗号鍵を用いて送信データを暗号化し、暗号化された送信データをアドバタイズメントパケットに格納し、アドバタイズメントパケットを送信する。データ受信装置200は、データ受信装置200に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成し、アドバタイズメントパケットに格納されている暗号化された送信データを、暗号鍵を用いて復号する。 [Operation and Effect]
As described above, in the present embodiment, the data transmission system includes the data transmitting apparatus 100 and the data receiving apparatus 200 which are used in a state of being attached to or gripped by a specific part of the user. The data transmission apparatus 100 creates an encryption key based on the detection result of the dynamic motion applied to the data transmission apparatus 100, encrypts transmission data using the encryption key, and advertises encrypted transmission data. Store in a packet and send an advertisement packet. The data receiving apparatus 200 creates an encryption key based on the detection result of the dynamic motion applied to the data receiving apparatus 200, and uses the encryption key for the encrypted transmission data stored in the advertisement packet. To decrypt.
 これにより、データ送信装置100は、データ送信装置100に加えられた力学的な動きの検出結果に基づいて、データ受信装置200で作成される暗号鍵と同一の暗号鍵を作成することができる。その結果、データ送信装置100は、データ受信装置200で送信データの復号に用いられる暗号鍵と同一の暗号鍵を用いて送信データを暗号化することができる。データ受信装置200は、データ受信装置200に加えられた力学的な動きの検出結果に基づいて、データ送信装置100で作成される暗号鍵と同一の暗号鍵を作成することができる。その結果、データ送信装置100とデータ受信装置200との間で暗号鍵を受け渡すことができなくても、データ受信装置200は、データ送信装置100で暗号化された送信データを復号することができる。 Accordingly, the data transmitting apparatus 100 can create the same encryption key as the encryption key generated by the data receiving apparatus 200 based on the detection result of the dynamic motion added to the data transmitting apparatus 100. As a result, the data transmitting apparatus 100 can encrypt the transmission data using the same encryption key as the encryption key used to decrypt the transmission data by the data receiving apparatus 200. The data receiving apparatus 200 can create the same encryption key as the encryption key generated by the data transmitting apparatus 100 based on the detection result of the dynamic motion added to the data receiving apparatus 200. As a result, even if the encryption key can not be passed between the data transmitting apparatus 100 and the data receiving apparatus 200, the data receiving apparatus 200 can decrypt the transmission data encrypted by the data transmitting apparatus 100. it can.
 さらに、本実施形態では、データ送信装置100は、データ送信装置100に加えられた力学的な動きに基づく予め定められた一方向に関する検出結果を用いて暗号鍵を作成する。 Furthermore, in the present embodiment, the data transmission apparatus 100 creates an encryption key using the detection result regarding one predetermined direction based on the dynamic motion added to the data transmission apparatus 100.
 これにより、データ送信装置100は、データ送信装置100に加えられた力学的な動きが複雑であったとしても、予め定められた一方向に関する検出結果を用いて暗号鍵を作成することができる。その結果、例えば、ユーザがデータ送信装置100及びデータ受信装置200を持った状態でこれらに同一の力学的な動きを与えた場合に、データ送信装置100は、データ送信装置100で作成される暗号鍵がデータ受信装置200で作成される暗号鍵と異なるものになる可能性を低減することができる。 Thereby, even if the dynamic motion applied to the data transmission apparatus 100 is complex, the data transmission apparatus 100 can create an encryption key using the detection result on one direction determined in advance. As a result, for example, when the user holds the data transmitting apparatus 100 and the data receiving apparatus 200 and applies the same mechanical motion to them, the data transmitting apparatus 100 generates the code generated by the data transmitting apparatus 100. It is possible to reduce the possibility that the key will be different from the encryption key generated by the data receiving apparatus 200.
 さらに、本実施形態では、データ送信装置100は、データ送信装置100に加えられた力学的な動きの検出結果のデータ量を基準値と比較し、検出結果のデータ量が基準値未満であることを示す比較結果に基づいて、検出結果を用いて暗号鍵を作成する。 Furthermore, in the present embodiment, the data transmitting apparatus 100 compares the data amount of the detection result of the dynamic motion added to the data transmitting device 100 with the reference value, and the data amount of the detection result is less than the reference value. The encryption key is created using the detection result based on the comparison result indicating.
 これにより、データ送信装置100は、データ量が基準値未満となるような複雑ではないデータ送信装置100に加えられた力学的な動きに基づいて暗号鍵を作成することができる。その結果、例えば、ユーザがデータ送信装置100及びデータ受信装置200を持った状態でこれらに同一の力学的な動きを与えた場合に、データ送信装置100は、データ送信装置100で作成される暗号鍵がデータ受信装置200で作成される暗号鍵と異なるものになる可能性を低減することができる。 As a result, the data transmitting apparatus 100 can create the encryption key based on the dynamic motion applied to the data transmitting apparatus 100 which is not complicated such that the amount of data is less than the reference value. As a result, for example, when the user holds the data transmitting apparatus 100 and the data receiving apparatus 200 and applies the same mechanical motion to them, the data transmitting apparatus 100 generates the code generated by the data transmitting apparatus 100. It is possible to reduce the possibility that the key will be different from the encryption key generated by the data receiving apparatus 200.
 さらに、本実施形態では、データ送信装置100は、ユーザによる暗号鍵の作成を指示する操作に基づいて、暗号鍵を作成する。 Furthermore, in the present embodiment, the data transmitting apparatus 100 creates the encryption key based on the operation of instructing the creation of the encryption key by the user.
 これにより、データ送信装置100は、ユーザによる暗号鍵の作成を指示する操作をトリガとして、暗号鍵を作成することができる。このため、データ送信装置100は、ユーザが暗号鍵の作成を望まないタイミングで暗号鍵を作成してしまうことを防止することができる。その結果、例えば、ユーザがデータ送信装置100及びデータ受信装置200に対して同時に暗号鍵の作成を指示する操作を与えた場合に、データ送信装置100は、データ受信装置200で作成される暗号鍵と同一の暗号鍵を作成することができる。0は、データ送信装置100で暗号化された測定データを復号することができる。 As a result, the data transmitting apparatus 100 can create an encryption key, triggered by an operation of instructing creation of an encryption key by the user. Therefore, the data transmitting apparatus 100 can prevent the creation of the encryption key at the timing when the user does not want to create the encryption key. As a result, for example, when the user gives the data transmitting apparatus 100 and the data receiving apparatus 200 an operation of simultaneously instructing creation of an encryption key, the data transmitting apparatus 100 generates the encryption key generated by the data receiving apparatus 200. The same encryption key can be created. 0 can decrypt the measurement data encrypted by the data transmission apparatus 100.
 さらに、本実施形態では、データ受信装置200は、データ受信装置200に加えられた力学的な動きに基づく予め定められた一方向に関する検出結果を用いて暗号鍵を作成する。 Furthermore, in the present embodiment, the data receiving apparatus 200 creates an encryption key using the detection result regarding one predetermined direction based on the mechanical motion applied to the data receiving apparatus 200.
 これにより、データ受信装置200は、データ受信装置200に加えられた力学的な動きが複雑であったとしても、予め定められた一方向に関する検出結果を用いて暗号鍵を作成することができる。その結果、例えば、ユーザがデータ送信装置100及びデータ受信装置200を持った状態でこれらに同一の力学的な動きを与えた場合に、データ受信装置200は、データ受信装置200で作成される暗号鍵がデータ送信装置100で作成される暗号鍵と異なるものになる可能性を低減することができる。 As a result, even if the dynamic motion applied to the data receiving apparatus 200 is complex, the data receiving apparatus 200 can create an encryption key using the detection result on one direction determined in advance. As a result, for example, when the user holds the data transmitting apparatus 100 and the data receiving apparatus 200 and applies the same dynamic motion to them, the data receiving apparatus 200 generates the code generated by the data receiving apparatus 200. It is possible to reduce the possibility that the key will be different from the encryption key generated by the data transmission device 100.
 さらに、本実施形態では、データ受信装置200は、データ受信装置200に加えられた力学的な動きの検出結果のデータ量を基準値と比較し、検出結果のデータ量が基準値未満であることを示す比較結果に基づいて、検出結果を用いて暗号鍵を作成する。 Furthermore, in the present embodiment, the data receiving apparatus 200 compares the data amount of the detection result of the dynamic motion added to the data receiving device 200 with the reference value, and the data amount of the detection result is less than the reference value. The encryption key is created using the detection result based on the comparison result indicating.
 これにより、データ受信装置200は、データ量が基準値未満となるような複雑ではないデータ受信装置200に加えられた力学的な動きに基づいて暗号鍵を作成することができる。その結果、例えば、ユーザがデータ送信装置100及びデータ受信装置200を持った状態でこれらに同一の力学的な動きを与えた場合に、データ受信装置200は、データ受信装置200で作成される暗号鍵がデータ送信装置100で作成される暗号鍵と異なるものになる可能性を低減することができる。 Thereby, the data receiving apparatus 200 can create the encryption key based on the dynamic motion applied to the data receiving apparatus 200 which is not complicated such that the amount of data is less than the reference value. As a result, for example, when the user holds the data transmitting apparatus 100 and the data receiving apparatus 200 and applies the same dynamic motion to them, the data receiving apparatus 200 generates the code generated by the data receiving apparatus 200. It is possible to reduce the possibility that the key will be different from the encryption key generated by the data transmission device 100.
 さらに、本実施形態では、データ受信装置200は、ユーザによる暗号鍵の作成を指示する操作に基づいて、暗号鍵を作成する。 Furthermore, in the present embodiment, the data receiving apparatus 200 creates an encryption key based on an operation of instructing creation of an encryption key by the user.
 これにより、データ受信装置200は、ユーザによる暗号鍵の作成を指示する操作をトリガとして、暗号鍵を作成することができる。このため、データ受信装置200は、ユーザが暗号鍵の作成を望まないタイミングで暗号鍵を作成してしまうことを防止することができる。その結果、例えば、ユーザがデータ送信装置100及びデータ受信装置200に対して同時に暗号鍵の作成を指示する操作を与えた場合に、データ受信装置200は、データ送信装置100で作成される暗号鍵と同一の暗号鍵を作成することができる。 As a result, the data receiving apparatus 200 can create an encryption key using an operation instructing the creation of an encryption key by the user as a trigger. Therefore, the data receiving apparatus 200 can prevent the creation of the encryption key at the timing when the user does not want to create the encryption key. As a result, for example, when the user simultaneously gives the data transmitting apparatus 100 and the data receiving apparatus 200 an operation of instructing creation of an encryption key, the data receiving apparatus 200 generates the encryption key generated by the data transmitting apparatus 100. The same encryption key can be created.
 §4 変形例
 以上、本発明の実施形態を詳細に説明してきたが、前述までの説明はあらゆる点において本発明の例示に過ぎない。本発明の範囲を逸脱することなく種々の改良や変形を行うことができることは言うまでもない。つまり、本発明の実施にあたって、実施形態に応じた具体的構成が適宜採用されてもよい。なお、上述の実施形態において登場するデータを自然言語により説明しているが、より具体的には、コンピュータが認識可能な疑似言語、コマンド、パラメータ、マシン語等で指定される。 4 4 Modifications While the embodiments of the present invention have been described in detail, the above description is merely illustrative of the present invention in all respects. It goes without saying that various improvements and modifications can be made without departing from the scope of the present invention. That is, in the implementation of the present invention, a specific configuration according to the embodiment may be appropriately adopted. Although data appearing in the above-described embodiment is described in natural language, more specifically, it is specified by a pseudo language, a command, a parameter, a machine language or the like that can be recognized by a computer.
 上記の実施形態では、暗号化された測定データの送受信に関して説明したがこれに限られない。機器間で送受信される暗号化されたデータは、測定データ以外のデータであってもよい。 Although the above embodiment has been described with regard to transmission and reception of encrypted measurement data, the present invention is not limited to this. The encrypted data transmitted and received between the devices may be data other than the measurement data.
 §5 付記 
 上記各実施形態の一部または全部は、特許請求の範囲のほか以下の付記に示すように記載することも可能であるが、これに限られない。 
 (付記1) 
 データ受信装置と共にユーザの特定部位に装着または把持された状態で使用されるデータ送信装置であって、
 前記データ送信装置に加えられた力学的な動きを検出する検出部と、
  前記データ送信装置に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成し、
  前記暗号鍵を用いて送信データを暗号化し、
  前記暗号化された送信データを片方向通信用のパケットに格納し、当該パケットを送信するように構成されているプロセッサと、
 前記プロセッサを動作させる命令を記憶するメモリと、
 を備えるデータ送信装置。 
 (付記2) 
 データ送信装置と共にユーザの特定部位に装着または把持された状態で使用されるデータ受信装置であって、
 前記データ受信装置に加えられた力学的な動きを検出する検出部と、
 前記データ送信装置から送信される、暗号化された送信データが格納されている片方向通信用のパケットを受信するパケット受信処理部と、
  前記データ受信装置に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成し、
  前記受信されたパケットに格納されている送信データを、前記暗号鍵を用いて復号するように構成されているプロセッサと、
 前記プロセッサを動作させる命令を記憶するメモリと、
 を備えるデータ受信装置。 5 5
A part or all of each embodiment described above can be described as shown in the following appendices in addition to the claims, but is not limited thereto.
(Supplementary Note 1)
A data transmission device used in a state of being mounted or held on a specific part of a user together with a data reception device,
A detection unit for detecting a mechanical movement applied to the data transmission device;
Generating an encryption key based on the detection result of the dynamic motion added to the data transmission device;
Encrypt transmission data using the encryption key,
A processor configured to store the encrypted transmission data in a packet for one-way communication and transmit the packet;
A memory storing instructions for operating the processor;
A data transmission apparatus comprising:
(Supplementary Note 2)
A data receiving apparatus used in a state of being mounted or held on a specific part of a user together with a data transmitting apparatus,
A detection unit for detecting a mechanical movement applied to the data receiving apparatus;
A packet reception processing unit that receives, from the data transmission apparatus, a packet for one-way communication in which encrypted transmission data is stored;
Creating an encryption key based on the detection result of the dynamic motion added to the data receiving device;
A processor configured to decrypt transmission data stored in the received packet using the encryption key;
A memory storing instructions for operating the processor;
A data receiver comprising:
100…データ送信装置 
111…制御部 
112…記憶部 
113…通信インタフェース 
114…入力装置 
115…出力装置 
116…外部インタフェース 
117…バッテリ 
118…生体センサ 
119…動きセンサ 
200…データ受信装置 
211…制御部 
212…記憶部 
213…通信インタフェース 
214…入力装置 
215…出力装置 
216…外部インタフェース 
217…動きセンサ 
300…サーバ 
1111…作成部 
1112…暗号化処理部 
1113…パケット送信処理部 
2111…作成部 
2112…復号処理部 
2113…データ処理部  100 ... data transmission device
111 ... control unit
112 ... storage unit
113 ... Communication interface
114 ... input device
115: Output device
116: External interface
117 ... Battery
118 ... living body sensor
119 ... motion sensor
200 ... data receiver
211 ... control unit
212 ... storage unit
213 ... Communication interface
214 ... input device
215: Output device
216: External interface
217 ... motion sensor
300 ... server
1111 ... making department
1112 ... encryption processing unit
1113 ... packet transmission processing unit
2111 ... creation unit
2112 ... Decoding processing unit
2113 ... data processing unit

Claims (9)

  1.  ユーザの特定部位に装着または把持された状態で使用されるデータ送信装置及びデータ受信装置を備えるデータ伝送システムであって、
     前記データ送信装置は、
      前記データ送信装置に加えられた力学的な動きを検出する検出部と、
      前記データ送信装置に加えられた力学的な動きの検出結果に基づいて第1の暗号鍵を作成する作成部と、
      前記第1の暗号鍵を用いて送信データを暗号化する暗号化処理部と、
      前記暗号化された送信データを片方向通信用のパケットに格納し、当該パケットを送信するパケット送信処理部と、
     前記データ受信装置は、
      前記データ受信装置に加えられた力学的な動きを検出する検出部と、
      前記データ受信装置に加えられた力学的な動きの検出結果に基づいて第2の暗号鍵を作成する作成部と、
      前記データ送信装置から送信される、前記暗号化された送信データが格納されている片方向通信用のパケットを受信するパケット受信処理部と、
      前記受信されたパケットに格納されている送信データを、前記第2の暗号鍵を用いて復号する復号処理部と、
     を備えるデータ伝送システム。     What is claimed is: 1. A data transmission system comprising a data transmission device and a data reception device which are used in a state of being mounted or held at a specific part of a user,
    The data transmission apparatus
    A detection unit for detecting a mechanical movement applied to the data transmission device;
    A creation unit that creates a first encryption key based on the detection result of the dynamic motion added to the data transmission apparatus;
    An encryption processing unit that encrypts transmission data using the first encryption key;
    A packet transmission processing unit that stores the encrypted transmission data in a packet for one-way communication and transmits the packet;
    The data receiving apparatus
    A detection unit for detecting a mechanical movement applied to the data receiving apparatus;
    A creation unit that creates a second encryption key based on the detection result of the dynamic motion added to the data receiving apparatus;
    A packet reception processing unit that receives, from the data transmission apparatus, a packet for one-way communication in which the encrypted transmission data is stored;
    A decryption processing unit that decrypts transmission data stored in the received packet using the second encryption key;
    Data transmission system comprising:
  2.  データ受信装置と共にユーザの特定部位に装着または把持された状態で使用されるデータ送信装置であって、
     前記データ送信装置に加えられた力学的な動きを検出する検出部と、
     前記データ送信装置に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成する作成部と、
     前記暗号鍵を用いて送信データを暗号化する暗号化処理部と、
     前記暗号化された送信データを片方向通信用のパケットに格納し、当該パケットを送信するパケット送信処理部と、
     を備えるデータ送信装置。     A data transmission device used in a state of being mounted or held on a specific part of a user together with a data reception device,
    A detection unit for detecting a mechanical movement applied to the data transmission device;
    A creation unit that creates an encryption key based on the detection result of the dynamic motion added to the data transmission device;
    An encryption processing unit that encrypts transmission data using the encryption key;
    A packet transmission processing unit that stores the encrypted transmission data in a packet for one-way communication and transmits the packet;
    A data transmission apparatus comprising:
  3.  前記作成部は、前記データ送信装置に加えられた力学的な動きに基づく予め定められた一方向に関する前記検出結果を用いて前記暗号鍵を作成する、請求項2に記載のデータ送信装置。 The data transmission device according to claim 2, wherein the generation unit generates the encryption key using the detection result regarding a predetermined one direction based on a mechanical movement applied to the data transmission device.
  4.  前記作成部は、前記検出結果のデータ量を基準値と比較し、前記検出結果のデータ量が前記基準値未満であることを示す比較結果に基づいて、前記検出結果を用いて前記暗号鍵を作成する、
     請求項2に記載のデータ送信装置。     The creation unit compares the amount of data of the detection result with a reference value, and uses the detection result based on a comparison result indicating that the amount of data of the detection result is less than the reference value. create,
    The data transmission device according to claim 2.
  5.  前記作成部は、前記ユーザによる前記暗号鍵の作成を指示する操作に基づいて、前記暗号鍵を作成する、請求項2に記載のデータ送信装置。 The data transmission device according to claim 2, wherein the generation unit generates the encryption key based on an operation instructing the generation of the encryption key by the user.
  6.  データ送信装置と共にユーザの特定部位に装着または把持された状態で使用されるデータ受信装置であって、
     前記データ受信装置に加えられた力学的な動きを検出する検出部と、
     前記データ受信装置に加えられた力学的な動きの検出結果に基づいて暗号鍵を作成する作成部と、
     前記データ送信装置から送信される、暗号化された送信データが格納されている片方向通信用のパケットを受信するパケット受信処理部と、
     前記受信されたパケットに格納されている送信データを、前記暗号鍵を用いて復号する復号処理部と、
     を備えるデータ受信装置。     A data receiving apparatus used in a state of being mounted or held on a specific part of a user together with a data transmitting apparatus,
    A detection unit for detecting a mechanical movement applied to the data receiving apparatus;
    A creation unit that creates an encryption key based on the detection result of the dynamic motion added to the data receiving apparatus;
    A packet reception processing unit that receives, from the data transmission apparatus, a packet for one-way communication in which encrypted transmission data is stored;
    A decryption processing unit that decrypts transmission data stored in the received packet using the encryption key;
    A data receiver comprising:
  7.  前記作成部は、前記データ受信装置に加えられた力学的な動きに基づく予め定められた一方向に関する前記検出結果を用いて前記暗号鍵を作成する、請求項6に記載のデータ受信装置。 The data receiving device according to claim 6, wherein the creating unit creates the encryption key using the detection result regarding a predetermined one direction based on a mechanical motion applied to the data receiving device.
  8.  前記作成部は、前記検出結果のデータ量を基準値と比較し、前記検出結果のデータ量が前記基準値未満であることを示す比較結果に基づいて、前記検出結果を用いて前記暗号鍵を作成する、
     請求項6に記載のデータ受信装置。     The creation unit compares the amount of data of the detection result with a reference value, and uses the detection result based on a comparison result indicating that the amount of data of the detection result is less than the reference value. create,
    The data receiving device according to claim 6.
  9.  前記作成部は、前記ユーザによる前記暗号鍵の作成を指示する操作に基づいて、前記暗号鍵を作成する、請求項6に記載のデータ受信装置。 The data receiving apparatus according to claim 6, wherein the creation unit creates the encryption key based on an operation instructing the user to create the encryption key.
PCT/JP2018/028826 2017-08-09 2018-08-01 Data transfer system, and data transmission device and data reception device therefor WO2019031343A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2017154764A JP2019033454A (en) 2017-08-09 2017-08-09 Data transmission system and data transmission device therefor, and data reception device
JP2017-154764 2017-08-09

Publications (1)

Publication Number Publication Date
WO2019031343A1 true WO2019031343A1 (en) 2019-02-14

Family

ID=65270983

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2018/028826 WO2019031343A1 (en) 2017-08-09 2018-08-01 Data transfer system, and data transmission device and data reception device therefor

Country Status (2)

Country Link
JP (1) JP2019033454A (en)
WO (1) WO2019031343A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2011130224A (en) * 2009-12-18 2011-06-30 Lenovo Singapore Pte Ltd Method of creating shared information in communication terminal device
US20150117645A1 (en) * 2013-10-24 2015-04-30 Medtronic, Inc. Medical device communication using encryption based on correlated motion
US20160036965A1 (en) * 2014-07-31 2016-02-04 Samsung Electronics Co., Ltd. Mobile terminal and method of operating the same
US20160066212A1 (en) * 2014-08-31 2016-03-03 Ashoka Sathanur Visweswara System and method for broadcasting encoded beacon signals
JP2016519861A (en) * 2013-03-08 2016-07-07 トムトム ソフトウェア リミテッドTomtom Software Limited How to communicate sensor data between devices
JP2017067735A (en) * 2015-10-02 2017-04-06 株式会社電通国際情報サービス Positioning system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2011130224A (en) * 2009-12-18 2011-06-30 Lenovo Singapore Pte Ltd Method of creating shared information in communication terminal device
JP2016519861A (en) * 2013-03-08 2016-07-07 トムトム ソフトウェア リミテッドTomtom Software Limited How to communicate sensor data between devices
US20150117645A1 (en) * 2013-10-24 2015-04-30 Medtronic, Inc. Medical device communication using encryption based on correlated motion
US20160036965A1 (en) * 2014-07-31 2016-02-04 Samsung Electronics Co., Ltd. Mobile terminal and method of operating the same
US20160066212A1 (en) * 2014-08-31 2016-03-03 Ashoka Sathanur Visweswara System and method for broadcasting encoded beacon signals
JP2017067735A (en) * 2015-10-02 2017-04-06 株式会社電通国際情報サービス Positioning system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
XU, W. ET AL.: "Walkie-Talkie: Motion-Assisted Automatic Key Generation for Secure On-Body Device Communication", 2016 15TH ACM/ IEEE INTERNATIONAL CONFERENCE ON INFORMATION PROCESSING IN SENSOR NETWORKS, April 2016 (2016-04-01), pages 1 - 12, XP032896122, DOI: doi:10.1109/IPSN.2016.7460726 *

Also Published As

Publication number Publication date
JP2019033454A (en) 2019-02-28

Similar Documents

Publication Publication Date Title
US11171932B2 (en) Data transmitting apparatus, data receiving apparatus, method and program
US11122015B2 (en) Data transmitting apparatus
WO2019031338A1 (en) Information processing system, data transmission device, data reception device, information processing method, and program
US11223974B2 (en) Data transmission apparatus and data reception apparatus
WO2019031343A1 (en) Data transfer system, and data transmission device and data reception device therefor
US11271667B2 (en) Data receiving apparatus, data transmission apparatus and data transmission system
JP6918626B2 (en) Information processing equipment, servers and data transmission systems
WO2019031330A1 (en) Measuring device, transmission method, and program
JP6896555B2 (en) Data communication system and data communication equipment
JP6967911B2 (en) Data receiver and data transmitter
JP6837942B2 (en) Measuring device, transmission method and program
JP6891072B2 (en) Information processing device, receiving method, and program
JP2019033449A (en) Data transmitting apparatus, data receiving apparatus, method, and program
JP2022123667A (en) Wireless communication system, wireless communication method, wireless communication device, and program

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18844039

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18844039

Country of ref document: EP

Kind code of ref document: A1