WO2020246016A1 - Data management system, data processing system, and program - Google Patents

Data management system, data processing system, and program Download PDF

Info

Publication number
WO2020246016A1
WO2020246016A1 PCT/JP2019/022675 JP2019022675W WO2020246016A1 WO 2020246016 A1 WO2020246016 A1 WO 2020246016A1 JP 2019022675 W JP2019022675 W JP 2019022675W WO 2020246016 A1 WO2020246016 A1 WO 2020246016A1
Authority
WO
WIPO (PCT)
Prior art keywords
access
user
data
information
access request
Prior art date
Application number
PCT/JP2019/022675
Other languages
French (fr)
Japanese (ja)
Inventor
剛久 三輪
光貴 岩村
保之 冨高
康次 長谷川
篤 岡里
仁 川▲崎▼
晋一郎 大谷
Original Assignee
三菱電機ビルテクノサービス株式会社
三菱電機株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 三菱電機ビルテクノサービス株式会社, 三菱電機株式会社 filed Critical 三菱電機ビルテクノサービス株式会社
Priority to PCT/JP2019/022675 priority Critical patent/WO2020246016A1/en
Priority to JP2019563114A priority patent/JPWO2020246016A1/en
Publication of WO2020246016A1 publication Critical patent/WO2020246016A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Definitions

  • the present invention relates to a data management system, a data processing system and a program, particularly to the setting of access rights to users.
  • An object of the present invention is to make it possible to automatically set an access right suitable for a user who gives an access key.
  • the data management system is given to a data storage means for storing a plurality of data and a user who grants an access right for selectively accessing the data stored in the data storage means.
  • the access key information storage means for storing the access key information related to the access key and the data that can be accessed by granting the access right among the data stored in the data storage means are associated with the access right.
  • the access right information storage means for storing the access right information, the receiving means for receiving the access request sent from the user, and the access key registered in the access key information storage means are included in the access request. It has a verification means for verifying whether or not the access request is provided, and a setting means for setting an access right to the user who has sent the access request according to the analysis result of the information included in the access request verified by the verification means. It is a thing.
  • the access right information is set with an access right corresponding to the type of user or the transmission location of the access request by the user, and the setting means transmits the access request by analyzing the access request.
  • the access right given to the user is determined by specifying the type of the user or the transmission location of the access request of the user.
  • the access key information is set by associating the access key with location information that specifies a location that permits access to the data stored in the data storage means, and the verification means is set. By referring to the access key information, it is verified whether or not the location of the user identified by analyzing the access request is in the location indicated by the location information set corresponding to the access key given to the user. Is what you do.
  • the data processing system includes the above-mentioned data management system and a user terminal device used by a user and processing data managed by the data management system, and the user terminal device is the user. It has an acquisition means for acquiring location information capable of specifying the location where the terminal device is used, and a transmission means for transmitting the access request including the location information acquired by the acquisition means.
  • the acquisition means is a relay device installed in the facility where the user is located, and address information of a gateway that relays the access request transmitted by the user, and an entry / exit management system installed in the facility.
  • the information for specifying the location position of the user acquired from the above, or the position information acquired by positioning by the positioning means mounted on the user terminal device is acquired as the location information.
  • the program according to the present invention has a data storage means for storing a plurality of data and an access key given to a user who grants an access right for selectively accessing the data stored in the data storage means.
  • FIG. 1 is a diagram showing an overall configuration showing an embodiment of a data processing system according to the present invention and a block configuration of each device.
  • FIG. 1 shows a configuration in which a maintenance management system 1 owned by a company that provides maintenance services to customers and a user terminal 2 used by a user are connected via a network 3.
  • the network 3 may be the Internet or an intranet. The components not used in the description of the present embodiment are omitted from FIG.
  • the "user" in this embodiment is assumed to be an external vendor, a customer who is a contractor, and an employee.
  • Employees include inside and outside workers.
  • Outside workers include maintenance workers and maintenance service sales staff.
  • the user terminal 2 is a user terminal device used by the user.
  • the user terminal 2 is realized not only by a portable terminal such as a portable smartphone, a tablet terminal, or a mobile PC, but also by a desktop PC or the like used in a business establishment.
  • the user terminal 2 will access the data via the intranet or the Internet depending on the location of the user to be used.
  • the user terminal 2 maintains and manages a location information acquisition unit 21 that acquires location information that can specify the location where the user terminal 2 is used, and an access request including an access key and location information acquired by the location information acquisition unit 21. It suffices to have at least a request transmission unit 22 for transmitting to the server 10. Since each user terminal 2 is used by each user, a plurality of user terminals 2 may exist on the data processing system, but each user terminal 2 also has a location information acquisition unit 21 and a request transmission unit 22. Therefore, in FIG. 1, only one user terminal 2 is shown.
  • the location information acquisition unit 21 and the request transmission unit 22 are realized by the cooperative operation of the computer forming the user terminal 2 and the application program operated by the CPU mounted on the computer.
  • the maintenance management system 1 has a configuration in which the maintenance management server 10 and the database (DB) server 30 are connected to the LAN 4.
  • the maintenance management server 10 and the database server 30 can be realized by the hardware configuration of a general-purpose server computer that has existed in the past. That is, each of the servers 10 and 30 is configured by connecting a CPU, a ROM, a RAM, a hard disk drive (HDD) as a storage means, and a network interface as a communication means to an internal bus. Further, a user interface may be provided if necessary. Specifically, it may be provided with display means such as a display for displaying various information stored in the storage means, and input means such as a mouse and a keyboard used for creating and updating various information.
  • display means such as a display for displaying various information stored in the storage means
  • input means such as a mouse and a keyboard used for creating and updating various information.
  • the database server 30 has a database 31 that stores data used for maintenance management.
  • the database 31 stores data that is a request target for access from the user.
  • the data to be accessed by the user is the data stored in the database 31.
  • data when the term "data” is simply referred to, it refers to the data stored in the database 31 unless otherwise specified.
  • the maintenance management server 10 is positioned as an API (Application Programming Interface) server published in the Internet public area.
  • An API server equipped with only software that functions as an API and a server that performs maintenance management may be constructed on different computers, but in the present embodiment, one server computer is used for convenience. Is illustrated.
  • an access key (API key) is given to the user who is permitted to access the data in advance. Note that the user to whom the access key is assigned cannot access all the data stored in the database 31, and the data specified by the access key is selectively accessed as described in detail later. Is possible.
  • the maintenance management server 10 includes a request response unit 11, a verification unit 12, an access right setting unit 13, a request processing unit 14, an access key information storage unit 15, an access right information storage unit 16, an access right setting information storage unit 17, and schedule information. It has a storage unit 18.
  • the request response unit 11 functions as a receiving means for receiving the access request transmitted from the user terminal 2 used by the user. Further, the request response unit 11 transmits the type of the access right acquired by the user, the result of the processing executed in response to the access request, and the like to the user terminal 2 of the access request source.
  • the verification unit 12 verifies the validity of the access request. Specifically, the verification unit 12 verifies whether or not the access request includes the access key registered in the access key information storage unit 15. Further, the verification unit 12 sets the location of the user specified by analyzing the access request received by the request response unit 11 with reference to the access key information, corresponding to the access key given to the user. Verify whether the location information corresponds to the location indicated.
  • the access right setting unit 13 sets the access right to the user who has sent the access request according to the analysis result of the information included in the access request verified by the verification unit 12.
  • the request processing unit 14 executes data processing in response to the access request received by the request response unit 11. At this time, the request processing unit 14 selects only the data specified from the access key given to the user among the data stored in the database 31, that is, the data to which access is permitted to the user. Access.
  • FIG. 2 is a diagram showing a data configuration example of access key information stored in the access key information storage unit 15 in the present embodiment.
  • Information about the access key is set in the access key information.
  • the access key information in the present embodiment is generated by associating the access key with the grant destination and the place of use.
  • the access key information is generated when the maintenance administrator or the like issues an access key given to the user.
  • the access key is uniquely generated according to a predetermined format.
  • the grant destination is information that identifies the user to whom the access key has been granted. As described above, since the access key is given to the employee, the external vendor, and the customer, the identification information that can identify these users is set as the grant destination. Information that can identify the place where the access key is allowed to be used is set in the place of use.
  • the user sends an access request including an access key when using the data.
  • the place where the data is used is specified in its own office, and if it is a maintenance person, the place where the equipment to be maintained is installed. Even if the user is allowed to access the data by being given an access key, the place where the data is legitimately used should be narrowed down to some extent. In this way, the place where the access key is used, in other words, the location where the user to which the access key is assigned may access the data is set in the place of use. Therefore, information that can specify a place where the user may originally access the data is set in the place of use.
  • a customer who uses the facility may be set as a place of use, or a facility (facility ID) on which the facility is installed may be set. Alternatively, it may be set in a limited place where the equipment is installed. It should be noted that the place of use may be set to a place where it can be used, and it is not always necessary to limit the place to one place.
  • FIG. 3 is a diagram showing a data configuration example of access right information stored in the access right information storage unit 16 in the present embodiment.
  • Access right information is generated by associating accessible data with access rights.
  • the access right prepared in advance in the present embodiment is set as the access right.
  • the accessible data is set as the accessible data by granting the access right.
  • FIG. 3 shows an example in which "customer inquiry response”, "sales activity (indoor)”, “sales activity (outdoor)”, and “maintenance work response” are set as access rights.
  • Customer inquiry response is an access right that should be granted to employees who correspond to customers such as operators. It is preferable to allow the operator to respond to inquiries from customers, etc., and since the operator accesses data from within the office via the intranet, security problems are unlikely to occur. It is preferable to set the accessible data of "” so that all the data necessary for customer service can be accessed.
  • Sales activities (indoors)” and “sales activities (outdoors)” are access rights that should be granted to employees in sales positions such as sales staff.
  • sales activity (indoor) is an access right that is suitable for being granted by a salesperson or the like when he / she is in a customer's or business's facility, that is, indoors.
  • sales activity (indoor) is an access right that is suitable for being granted when a salesperson or the like is outdoors, such as when moving. In either case, there is a high possibility that the data will be accessed via the Internet, so it is preferable to set access rights in a limited manner from the viewpoint of security. Therefore, it is preferable to set the accessible data of "sales activity (indoor)" so that information about the company cannot be referred to and data necessary for sales activity can be referred to.
  • "Maintenance work support” is an access right given to maintenance workers among employees. Considering that the maintenance management system 1 and the customer's network as a contractor are connected by an intranet and connected to the customer's network during maintenance work, maintenance personnel are less likely to have security problems. I'm in the environment. Therefore, it is preferable to set an access right to the accessible data of "Customer Inquiry Response" so that the information related to the customer and the data that may be referred to for maintenance work can be accessed.
  • the maintenance administrator associates appropriate accessible data with each access right according to the user who accesses the data (specifically, the job type or business content of the user) and the network environment.
  • access right information will be set.
  • the access right information shown in FIG. 3 is an example, and the access right may be set from another viewpoint, or the access right may be set for other occupations or non-employees (customers or external vendors). .. Further, it is not necessary to set the access right for each group as in the job type, and the access right may be set for each individual by setting the maintenance worker ID or the like as the name of the access right. Further, even the same maintenance staff may be able to set different access rights depending on the place and time when the maintenance work is performed.
  • FIG. 4 is a diagram showing a data configuration example of schedule information stored in the schedule information storage unit 18 in the present embodiment.
  • Schedule information includes employee schedules, at least schedules for maintenance work by maintenance personnel.
  • the identification number (ID) for identifying the maintenance work schedule, the execution date and time of the maintenance work, the identification information of the maintenance worker who performs the maintenance work (maintenance worker ID), and the maintenance work are carried out.
  • Location (work location), maintenance content (maintenance content) of the maintenance work, etc. are set in association with each other.
  • FIG. 5 is a diagram showing a data configuration example of customer information stored in the database 31 according to the present embodiment.
  • Customer information includes information about the customer with whom the contract is made.
  • the customer information includes the identification information (customer ID) for identifying the customer, the name of the customer, the identification information (facility ID) of the building where the equipment to be maintained by the contract is installed, the location of the building, and the location of the building.
  • the latitude and longitude information indicating the location of the building, the information that identifies the equipment installed and used in the building (equipment used), the identification information of the equipment subject to the maintenance contract (contract equipment), the installation location of the contract equipment, etc. It is set in association with each other.
  • the devices used include a gateway, a router, a wireless LAN, and the like.
  • a gateway a MAC address is set
  • an SSID Service Set Identity
  • the identification information of the device used in the access request the building where the user who sends the access request is located can be identified. If the customer has a contract for multiple buildings, information is set for each building. When a plurality of contract devices are installed, the device ID of each device and the installation location of the device are set.
  • FIG. 6 is a diagram showing a data configuration example of installed equipment data stored in the database 31 according to the present embodiment.
  • Installed equipment data includes information about equipment to be maintained.
  • equipment and equipment are synonymous.
  • the equipment includes, for example, air conditioning, lighting, elevators, escalators, and the like.
  • the installed device data includes identification information (device ID) for identifying the device to be installed, the type of the device (air conditioning, lighting, etc.), the name of the device (device name), and information on the use of the device (device name). Specification information) etc. are set in association with each other.
  • Each component 11 to 14 in the maintenance management server 10 is realized by a cooperative operation between the computer forming the maintenance management server 10 and the program running on the CPU mounted on the computer. Further, each of the storage units 15 to 18 is realized by the HDD mounted on the maintenance management server 10. Alternatively, a RAM, a database server 30, or an external storage means may be used via the network.
  • the program used in the present embodiment can be provided not only by communication means but also by storing it in a computer-readable recording medium such as a CD-ROM or a USB memory.
  • Programs provided from communication means and recording media are installed in a computer, and various processes are realized by sequentially executing the programs by the CPU of the computer.
  • An access key is given to the user who is allowed to access the data in advance. For example, when a maintenance worker performs maintenance work or a salesperson goes out for business purposes, a maintenance manager or the like assigns an access key in advance. It may be granted at the request of customers or external vendors.
  • the information regarding the given access key is set and registered in the access key information storage unit 15.
  • the access request is sent from the user terminal 2 to the maintenance management server 10, but the access key is used to prove that the request source is a person who has been properly granted the access right. Send an access request including. Further, in order to verify the place where the user accesses and uses the data, the place information acquired by the place information acquisition unit 21 is included in the access request.
  • the access request to be transmitted to the API server is described in a format conforming to the HTTP (HyperText Transfer Protocol) request, and the access key and location information are included in the header information of the HTTP request. Of course, it may be included in the body (in the text).
  • HTTP HyperText Transfer Protocol
  • the location information acquisition unit 21 in the user terminal 2 acquires the current location, that is, the location where the access request is transmitted, in other words, the location where the access key is used. In the present embodiment, the following information is obtained. Get one of them as location information.
  • the position information acquired by the positioning by the positioning means is used as the location information.
  • GPS Global Positioning System
  • the latitude and longitude information measured by GPS is used as location information.
  • the user terminal 2 is connected to the customer's system to acquire the MAC address of the relay device used in the customer's system, for example, the gateway, and the MAC address thereof Use the MAC address as location information.
  • the gateway When there are multiple gateways, it is desirable to acquire the MAC address of the gateway that relays the access request.
  • the application that realizes the location information acquisition unit 21 acquires the MAC address from the gateway, but when the gateway relays the access request, the access request is made for its own MAC address. It may be added to.
  • the device used as a relay device is a router or a wireless LAN.
  • the current location information that identifies the location of the user is acquired from the entrance / exit system. This acquired current location information is used as location information.
  • the current location information includes the facility ID, floor, room number, and the like.
  • the location information acquisition unit 21 acquires location information by effectively using the equipment in the facility where the user is located, the function installed in the user terminal 2, and the like.
  • the request response unit 11 is waiting in a state of waiting for receiving an access request. Then, when the access request is transmitted from the user terminal 2, the access request is received (step 101).
  • the verification unit 12 verifies whether the received access request is a legitimate request. First, it is verified whether or not the access request includes the access key registered in the access key information storage unit 15. If it is included (Y in step 102), the verification unit 12 shifts the process to the next verification, but if it is not included (N in step 102), the request response unit 11 is verified by the verification unit 12. As a result, it returns to the user terminal 2 of the access request source that the access to the data is not permitted (step 113).
  • the case where the access key registered in the access key information storage unit 15 is not included in the access request is the case where the access key itself is not included and the case where the access key is included in the access request. Since the access key has expired or is forged, it may not be registered in the access key information storage unit 15.
  • the verification unit 12 verifies the location where the access request is sent. Therefore, the verification unit 12 specifies the transmission location of the access request by reading the location information from the access request (step 103). Then, the verification unit 12 reads the usage location corresponding to the access key included in the access request from the access key information storage unit 15, and collates the transmission location of the specified access request with the read usage location. At the time of this collation, customer information and the like may be referred to as appropriate. As a result of the collation, if it can be determined that the access request is transmitted from a legitimate place (Y in step 104), the process proceeds to the access right setting by the access right setting unit 13, but if not (N in step 104).
  • the request response unit 11 returns to the user terminal 2 of the access request source that the access to the data is requested from an unjustified location (step 113).
  • the place indicated by the place information included in the access request is read from the access key information storage unit 15 as a result of the above collation. It is possible that the location of the access key is not set, or that the location information is not included in the access request in the first place.
  • the identification information of the user who sends the access request is included in the access request and transmitted, and the verification unit 12 stores the user identification information included in the access request in the access key information storage unit 15.
  • the user may be verified by collating with the grantee corresponding to the access key.
  • the access right setting unit 13 sets the access right for the user who sent the access request. Therefore, first, the access right setting unit 13 determines whether the access request has been transmitted via the Internet or the intranet. For example, the access request includes the IP address of the user terminal 2 that is the access request source, and it is determined whether or not this IP address is included in the IP address range of the intranet.
  • the access right setting unit 13 subsequently determines that the access request is from indoors. Determine if it was sent or if it was sent from outside. A plurality of methods can be considered for this determination.
  • the user terminal 2 when the user terminal 2 is equipped with GPS, if the user is outdoors, the GPS can be positioned normally. On the other hand, when the user is indoors, GPS is usually considered to be unable to position normally. Therefore, the user terminal 2 transmits the result of GPS positioning, that is, whether or not GPS reception is possible, is included in the access request.
  • the access right setting unit 13 determines whether the user is indoors or outdoors by referring to the GPS reception enable / disable result included in the received access request.
  • the location information included in the access request For example, if the location information is the current location information acquired from the entrance / exit system, or if it is the MAC address of the gateway, it can be determined that the user is indoors. It should be noted that the verification unit 12 has verified that the location information is legitimate information. On the other hand, when the location information is latitude and longitude information, it can be determined that the user is outdoors because the reception by GPS was possible.
  • the access right setting unit 13 sets the access right of "sales activity (outdoor)" to the user (step 107).
  • the access right setting unit 13 sets the access right of "sales activity (indoor)” to the user (step 108).
  • IP address is included in the IP address range of the intranet, that is, when the access request is transmitted via the intranet (N in step 105), then, from whom the access right setting unit 13 accesses. Determine if the request has been sent. This judgment is made as follows.
  • the maintenance management system has an employee master (not shown) in which at least the identification information (employee ID) of each employee and the job type are associated with each other. Then, when the user who is the source of the access request is an employee, the employee ID is included in the access request and transmitted. Then, the access right setting unit 13 refers to the employee master and specifies the job type of the access request source. Alternatively, the employee ID (maintenance worker ID) may be included in the access request and transmitted only when the source of the access request is a maintenance worker.
  • the access right setting unit 13 sets the access right of "maintenance work correspondence" to the user (step 110).
  • the access right setting unit 13 sets the access right of "customer inquiry response" to the user (step 109). 111).
  • the access right setting unit 13 stores the set contents in the access right setting information storage unit.
  • Register in 17 step 112
  • FIG. 8 shows a data configuration example of the access right setting information registered and stored in the access right setting information storage unit 17.
  • the access key given to the user is set in association with the type of the access right given to the user.
  • the request response unit 11 returns the access right set by the access right setting unit 13 or the accessible data to the user terminal 2 of the access request source (step 113).
  • the request processing unit 14 may execute the process, and the request response unit 11 may return the process result to the access request source.
  • the process executed by the request processing unit 14 refers to the access right setting information and accesses only the data for which the user is permitted to access.
  • the access right is automatically given to the user (access key included in the access request). Can be set.
  • the access right suitable for the user is automatically set according to the type of the user who made the access request and the location of the user when the access request is transmitted. be able to.
  • the access request source may be an employee's other occupation, a customer other than the employee, or an external vendor.
  • the place is not roughly divided into an outdoor place and an indoor place, and even if it is outdoors, the access right may be set by subdividing the place into a safe place and an unsafe place in terms of security.
  • only one access right is set for the user (access key), but a plurality of access rights may be set.
  • 1 Maintenance management system 2 user terminals, 3 networks, 4 LANs, 10 maintenance management servers, 11 request response units, 12 verification units, 13 access right setting units, 14 request processing units, 15 access key information storage units, 16 access rights Information storage unit, 17 access right setting information storage unit, 18 schedule information storage unit, 21 location information acquisition unit, 22 request transmission unit, 30 database (DB) server, 31 database.
  • DB database

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present invention can automatically set an access right suitable to a user to whom an access key is given. A maintenance server 10 includes: a request response unit 11 which receives an access request including an access key given to a user; a verification unit 12 which verifies whether the received access request is a reasonable request; and an access right setting unit 13 which sets the access right in correspondence to the access key given to the user with reference to a path of a network through which the access request is received, the location of the user when the access request has been transmitted, or the occupation type of the user who has transmitted the access request, wherein the user who has transmitted the access request is permitted to access data that is access-permitted through the given access right among data stored in a database 31.

Description

データ管理システム、データ処理システム及びプログラムData management system, data processing system and program
 本発明は、データ管理システム、データ処理システム及びプログラム、特にユーザへのアクセス権の設定に関する。 The present invention relates to a data management system, a data processing system and a program, particularly to the setting of access rights to users.
 保守管理会社において、契約対象となるビル等の施設に設置されている設備の保守管理や営業等に利用される各種データは、セキュリティの関係上、基本的にはインターネットとは隔離されたイントラネット内のみからアクセスできるようにしている。ただ、近年では、外部ベンダーと連携して、上記各種データを活用したサービスを提供する場合がある。また、顧客から各種データを参照したいという要望もある。 In the maintenance management company, various data used for maintenance management and sales of equipment installed in facilities such as buildings subject to contracts are basically in the intranet isolated from the Internet for security reasons. It is accessible only from. However, in recent years, there are cases where services utilizing the above-mentioned various data are provided in cooperation with external vendors. There is also a request from customers to refer to various data.
 このように、イントラネット以外からデータをアクセスできるようにするために、例えば、インターネット公開領域にAPIサーバを公開して、アクセスキー(APIキー)にアクセス権を設定し、そのアクセスキーを外部ベンダーに付与する。このようにして、意図した相手のみにデータアクセスを許可する構成が知られている。 In this way, in order to make data accessible from other than the intranet, for example, an API server is published in the Internet public area, access rights are set for the access key (API key), and the access key is given to an external vendor. Give. In this way, there is known a configuration in which data access is permitted only to an intended party.
特開平7-319820号公報Japanese Unexamined Patent Publication No. 7-31982 特開2005-235056号公報Japanese Unexamined Patent Publication No. 2005-235506 特開2009-301189号公報Japanese Unexamined Patent Publication No. 2009-301189 特開平5-100939号公報Japanese Unexamined Patent Publication No. 5-100939 特開2008-009735号公報Japanese Unexamined Patent Publication No. 2008-09735
 従来のようにアクセスキーを利用した運用を実現するためには、ユーザに付与するアクセスキー毎に、当該ユーザのデータ利用に適合したアクセス権を設定する必要がある。そのため、各アクセスキーに対するアクセス権の設定作業に多大な負荷がかかってくる。また、ユーザに対してどういうアクセス権を設定すべきかをユーザ毎に判断しなければならなかった。 In order to realize the operation using the access key as in the past, it is necessary to set the access right suitable for the data usage of the user for each access key given to the user. Therefore, a great load is applied to the work of setting the access right for each access key. In addition, it was necessary to determine for each user what kind of access right should be set for the user.
 本発明は、アクセスキーを付与するユーザに適合したアクセス権を自動的に設定できるようにすることを目的とする。 An object of the present invention is to make it possible to automatically set an access right suitable for a user who gives an access key.
 本発明に係るデータ管理システムは、複数のデータを記憶するデータ記憶手段と、前記データ記憶手段に記憶されているデータを選択的にアクセスさせるためのアクセス権を付与するユーザに対して付与されたアクセスキーに関するアクセスキー情報を記憶するアクセスキー情報記憶手段と、アクセス権に、前記データ記憶手段に記憶されているデータのうち当該アクセス権が付与されることでアクセスが可能なデータが対応付けされたアクセス権情報を記憶するアクセス権情報記憶手段と、ユーザから送信されてきたアクセス要求を受信する受信手段と、前記アクセス要求に前記アクセスキー情報記憶手段に登録されているアクセスキーが含まれているかどうかを検証する検証手段と、前記検証手段により検証された前記アクセス要求に含まれている情報の解析結果に応じて当該アクセス要求を送信したユーザにアクセス権を設定する設定手段と、を有するものである。 The data management system according to the present invention is given to a data storage means for storing a plurality of data and a user who grants an access right for selectively accessing the data stored in the data storage means. The access key information storage means for storing the access key information related to the access key and the data that can be accessed by granting the access right among the data stored in the data storage means are associated with the access right. The access right information storage means for storing the access right information, the receiving means for receiving the access request sent from the user, and the access key registered in the access key information storage means are included in the access request. It has a verification means for verifying whether or not the access request is provided, and a setting means for setting an access right to the user who has sent the access request according to the analysis result of the information included in the access request verified by the verification means. It is a thing.
 また、前記アクセス権情報には、ユーザの種別又はユーザによる前記アクセス要求の送信場所に対応したアクセス権が設定されており、前記設定手段は、前記アクセス要求を解析することによって前記アクセス要求を送信したユーザの種別又は当該ユーザの前記アクセス要求の送信場所を特定することによって当該ユーザに付与するアクセス権を決定するものである。 Further, the access right information is set with an access right corresponding to the type of user or the transmission location of the access request by the user, and the setting means transmits the access request by analyzing the access request. The access right given to the user is determined by specifying the type of the user or the transmission location of the access request of the user.
 また、前記アクセスキー情報には、アクセスキーに、前記データ記憶手段に記憶されているデータへのアクセスを許可する場所を特定する場所情報が対応付けして設定されており、前記検証手段は、前記アクセスキー情報を参照して、前記アクセス要求を解析することによって特定したユーザの所在場所が、当該ユーザに付与したアクセスキーに対応して設定されている場所情報が示す場所にいるかどうかを検証するものである。 Further, the access key information is set by associating the access key with location information that specifies a location that permits access to the data stored in the data storage means, and the verification means is set. By referring to the access key information, it is verified whether or not the location of the user identified by analyzing the access request is in the location indicated by the location information set corresponding to the access key given to the user. Is what you do.
 本発明に係るデータ処理システムは、上記記載のデータ管理システムと、ユーザが使用し、前記データ管理システムが管理するデータを処理するユーザ端末装置と、を有し、前記ユーザ端末装置は、当該ユーザ端末装置が使用されている場所を特定しうる場所情報を取得する取得手段と、アクセス要求に、前記取得手段により取得された場所情報を含めて送信する送信手段と、を有するものである。 The data processing system according to the present invention includes the above-mentioned data management system and a user terminal device used by a user and processing data managed by the data management system, and the user terminal device is the user. It has an acquisition means for acquiring location information capable of specifying the location where the terminal device is used, and a transmission means for transmitting the access request including the location information acquired by the acquisition means.
 また、前記取得手段は、前記ユーザが所在する施設に設置されている中継装置であって当該ユーザが送信する前記アクセス要求を中継するゲートウェイのアドレス情報、前記施設に設置されている入退管理システムから取得した当該ユーザの所在位置を特定する情報、又は前記ユーザ端末装置に搭載された測位手段による測位により取得された位置情報を、場所情報として取得するものである。 Further, the acquisition means is a relay device installed in the facility where the user is located, and address information of a gateway that relays the access request transmitted by the user, and an entry / exit management system installed in the facility. The information for specifying the location position of the user acquired from the above, or the position information acquired by positioning by the positioning means mounted on the user terminal device is acquired as the location information.
 本発明に係るプログラムは、複数のデータを記憶するデータ記憶手段と、前記データ記憶手段に記憶されているデータを選択的にアクセスさせるためのアクセス権を付与するユーザに対して付与されたアクセスキーに関するアクセスキー情報を記憶するアクセスキー情報記憶手段と、アクセス権に、前記データ記憶手段に記憶されているデータのうち当該アクセス権が付与されることでアクセスが可能なデータが対応付けされたアクセス権情報を記憶するアクセス権情報記憶手段と、をアクセス可能なコンピュータを、ユーザから送信されてきたアクセス要求を受信する受信手段、前記アクセス要求に前記アクセスキー情報記憶手段に登録されているアクセスキーが含まれているかどうかを検証する検証手段、前記検証手段により検証された前記アクセス要求に含まれている情報の解析結果に応じて当該アクセス要求を送信したユーザにアクセス権を設定する設定手段、として機能させるためのものである。 The program according to the present invention has a data storage means for storing a plurality of data and an access key given to a user who grants an access right for selectively accessing the data stored in the data storage means. An access in which an access key information storage means for storing access key information related to the data and an access right are associated with data that can be accessed by granting the access right among the data stored in the data storage means. An access right information storage means for storing right information, a receiving means for receiving an access request transmitted from a user, and an access key registered in the access key information storage means for the access request. A verification means for verifying whether or not the access request is included, a setting means for setting an access right to the user who sent the access request according to the analysis result of the information contained in the access request verified by the verification means, It is intended to function as.
 本発明によれば、アクセスキーを付与するユーザに適合したアクセス権を自動的に設定することができる。 According to the present invention, it is possible to automatically set an access right suitable for a user who gives an access key.
本発明に係るデータ処理システムの一実施の形態を示した全体構成及び各装置のブロック構成を示す図である。It is a figure which shows the whole structure which showed one Embodiment of the data processing system which concerns on this invention, and the block structure of each apparatus. 本実施の形態におけるアクセスキー情報記憶部に記憶されるアクセスキー情報のデータ構成例を示す図である。It is a figure which shows the data structure example of the access key information stored in the access key information storage part in this embodiment. 本実施の形態におけるアクセス権情報記憶部に記憶されるアクセス権情報のデータ構成例を示す図である。It is a figure which shows the data structure example of the access right information stored in the access right information storage part in this embodiment. 本実施の形態におけるスケジュール情報記憶部に記憶されるスケジュール情報のデータ構成例を示す図である。It is a figure which shows the data structure example of the schedule information stored in the schedule information storage part in this embodiment. 本実施の形態におけるデータベースに記憶される顧客情報のデータ構成例を示す図である。It is a figure which shows the data structure example of the customer information stored in the database in this embodiment. 本実施の形態におけるデータベースに記憶される設置機器データのデータ構成例を示す図である。It is a figure which shows the data structure example of the installation equipment data stored in the database in this embodiment. 本実施の形態におけるアクセス権設定処理を示すフローチャートである。It is a flowchart which shows the access right setting process in this embodiment. 本実施の形態におけるアクセス権設定情報記憶部に記憶されるアクセス権設定情報のデータ構成例を示す図である。It is a figure which shows the data structure example of the access right setting information stored in the access right setting information storage part in this embodiment.
 以下、図面に基づいて、本発明の好適な実施の形態について説明する。 Hereinafter, preferred embodiments of the present invention will be described with reference to the drawings.
 図1は、本発明に係るデータ処理システムの一実施の形態を示した全体構成及び各装置のブロック構成を示す図である。図1には、顧客に保守サービスを提供する会社が保有する保守管理システム1と、ユーザが使用するユーザ端末2と、がネットワーク3を介して接続された構成が示されている。ネットワーク3は、インターネットの場合もあるし、イントラネットの場合もある。なお、本実施の形態の説明に用いない構成要素については、図1から省略している。 FIG. 1 is a diagram showing an overall configuration showing an embodiment of a data processing system according to the present invention and a block configuration of each device. FIG. 1 shows a configuration in which a maintenance management system 1 owned by a company that provides maintenance services to customers and a user terminal 2 used by a user are connected via a network 3. The network 3 may be the Internet or an intranet. The components not used in the description of the present embodiment are omitted from FIG.
 本実施の形態における「ユーザ」というのは、外部ベンダーや契約先となる顧客、そして従業員を想定している。従業員としては、内勤者及び外勤者がいる。内勤者としては、顧客等からの問合せに応じるオペレータがいる。外勤者としては、保守作業員や保守サービスの営業員がいる。もちろん、ユーザとなり得る者を上記者に限定する必要はなく、データへのアクセスが正当に必要となる者は、ユーザとなり得る。 The "user" in this embodiment is assumed to be an external vendor, a customer who is a contractor, and an employee. Employees include inside and outside workers. As an in-house worker, there is an operator who responds to inquiries from customers and the like. Outside workers include maintenance workers and maintenance service sales staff. Of course, it is not necessary to limit the person who can be a user to the above-mentioned person, and a person who legitimately needs access to data can be a user.
 ユーザ端末2は、ユーザにより使用されるユーザ端末装置である。ユーザ端末2は、携帯性のあるスマートフォン、タブレット端末、モバイルPC等の携帯端末だけでなく、事業所内で使用されるデスクトップPC等で実現される。ユーザ端末2は、使用するユーザの所在位置により、イントラネット若しくはインターネット経由でデータにアクセスすることになる。 The user terminal 2 is a user terminal device used by the user. The user terminal 2 is realized not only by a portable terminal such as a portable smartphone, a tablet terminal, or a mobile PC, but also by a desktop PC or the like used in a business establishment. The user terminal 2 will access the data via the intranet or the Internet depending on the location of the user to be used.
 ユーザ端末2は、ユーザ端末2が使用されている場所を特定しうる場所情報を取得する場所情報取得部21と、アクセスキー及び場所情報取得部21が取得した場所情報を含むアクセス要求を保守管理サーバ10へ送信する要求送信部22と、を少なくとも有していればよい。ユーザ端末2は、ユーザがそれぞれ使用するため、データ処理システム上には、複数のユーザ端末2が存在しうるが、各ユーザ端末2とも同様に場所情報取得部21及び要求送信部22を有しているので、図1には、1台のユーザ端末2のみ図示した。場所情報取得部21及び要求送信部22は、ユーザ端末2を形成するコンピュータと、コンピュータに搭載されたCPUで動作するアプリケーションプログラムとの協調動作により実現される。 The user terminal 2 maintains and manages a location information acquisition unit 21 that acquires location information that can specify the location where the user terminal 2 is used, and an access request including an access key and location information acquired by the location information acquisition unit 21. It suffices to have at least a request transmission unit 22 for transmitting to the server 10. Since each user terminal 2 is used by each user, a plurality of user terminals 2 may exist on the data processing system, but each user terminal 2 also has a location information acquisition unit 21 and a request transmission unit 22. Therefore, in FIG. 1, only one user terminal 2 is shown. The location information acquisition unit 21 and the request transmission unit 22 are realized by the cooperative operation of the computer forming the user terminal 2 and the application program operated by the CPU mounted on the computer.
 保守管理システム1は、保守管理サーバ10と、データベース(DB)サーバ30とが、LAN4に接続された構成を有している。保守管理サーバ10及びデータベースサーバ30は、従前から存在する汎用的なサーバコンピュータのハードウェア構成で実現できる。すなわち、各サーバ10,30は、CPU、ROM、RAM、記憶手段としてハードディスクドライブ(HDD)、通信手段としてネットワークインタフェースを内部バスに接続して構成される。また、必要によりユーザインタフェースを備えるようにしてもよい。具体的には、記憶手段に記憶されている各種情報を表示するディスプレイ等の表示手段、各種情報の作成、更新等に用いるマウスやとキーボード等の入力手段を備えてもよい。 The maintenance management system 1 has a configuration in which the maintenance management server 10 and the database (DB) server 30 are connected to the LAN 4. The maintenance management server 10 and the database server 30 can be realized by the hardware configuration of a general-purpose server computer that has existed in the past. That is, each of the servers 10 and 30 is configured by connecting a CPU, a ROM, a RAM, a hard disk drive (HDD) as a storage means, and a network interface as a communication means to an internal bus. Further, a user interface may be provided if necessary. Specifically, it may be provided with display means such as a display for displaying various information stored in the storage means, and input means such as a mouse and a keyboard used for creating and updating various information.
 データベースサーバ30は、保守管理に用いるデータを記憶するデータベース31を有している。データベース31には、ユーザからのアクセスの要求対象となるデータが記憶されている。ユーザがアクセスの対象とするデータというのは、データベース31に記憶されているデータである。本実施の形態において、単に「データ」と称する場合、特に断らない限りデータベース31に記憶されているデータのことを指すことにする。 The database server 30 has a database 31 that stores data used for maintenance management. The database 31 stores data that is a request target for access from the user. The data to be accessed by the user is the data stored in the database 31. In the present embodiment, when the term "data" is simply referred to, it refers to the data stored in the database 31 unless otherwise specified.
 保守管理サーバ10は、インターネット公開領域に公開されたAPI(Application Programming Interface)サーバという位置付けにある。なお、APIとして機能させるソフトウェアのみを搭載するAPIサーバと、保守管理を行うサーバと、を別のコンピュータにて構築してもよいが、本実施の形態では、便宜的に1台のサーバコンピュータにて図示している。本実施の形態では、データを外部からのアクセスを可能とするために、アクセスを許可するユーザに対してアクセスキー(APIキー)を事前に付与している。なお、アクセスキーが付与されたユーザは、データベース31に記憶されている全てのデータをアクセスできるわけではなく、詳細は後述するようにアクセスキーから特定されるデータに対して選択的にアクセスすることが可能となる。 The maintenance management server 10 is positioned as an API (Application Programming Interface) server published in the Internet public area. An API server equipped with only software that functions as an API and a server that performs maintenance management may be constructed on different computers, but in the present embodiment, one server computer is used for convenience. Is illustrated. In the present embodiment, in order to enable the data to be accessed from the outside, an access key (API key) is given to the user who is permitted to access the data in advance. Note that the user to whom the access key is assigned cannot access all the data stored in the database 31, and the data specified by the access key is selectively accessed as described in detail later. Is possible.
 保守管理サーバ10は、要求応答部11、検証部12、アクセス権設定部13、要求処理部14、アクセスキー情報記憶部15、アクセス権情報記憶部16、アクセス権設定情報記憶部17及びスケジュール情報記憶部18を有している。 The maintenance management server 10 includes a request response unit 11, a verification unit 12, an access right setting unit 13, a request processing unit 14, an access key information storage unit 15, an access right information storage unit 16, an access right setting information storage unit 17, and schedule information. It has a storage unit 18.
 要求応答部11は、ユーザが使用するユーザ端末2から送信されてきたアクセス要求を受信する受信手段として機能する。また、要求応答部11は、ユーザが取得できたアクセス権の種類やアクセス要求に応じて実行した処理の結果等をアクセス要求元のユーザ端末2へ送信する。検証部12は、アクセス要求の正当性を検証する。具体的には、検証部12は、アクセス要求にアクセスキー情報記憶部15に登録されているアクセスキーが含まれているかどうかを検証する。また、検証部12は、アクセスキー情報を参照して、要求応答部11が受信したアクセス要求を解析することによって特定したユーザの所在場所が、当該ユーザに付与したアクセスキーに対応して設定されている場所情報が示す場所に対応するかどうかを検証する。 The request response unit 11 functions as a receiving means for receiving the access request transmitted from the user terminal 2 used by the user. Further, the request response unit 11 transmits the type of the access right acquired by the user, the result of the processing executed in response to the access request, and the like to the user terminal 2 of the access request source. The verification unit 12 verifies the validity of the access request. Specifically, the verification unit 12 verifies whether or not the access request includes the access key registered in the access key information storage unit 15. Further, the verification unit 12 sets the location of the user specified by analyzing the access request received by the request response unit 11 with reference to the access key information, corresponding to the access key given to the user. Verify whether the location information corresponds to the location indicated.
 アクセス権設定部13は、検証部12により検証されたアクセス要求に含まれている情報の解析結果に応じて当該アクセス要求を送信したユーザにアクセス権を設定する。要求処理部14は、要求応答部11が受信したアクセス要求に応じてデータ処理を実行する。この際、要求処理部14は、データベース31に記憶されているデータのうち当該ユーザに付与されたアクセスキーから特定されるデータ、すなわち当該ユーザに対してアクセスが許可されたデータに対してのみ選択的にアクセスを行う。 The access right setting unit 13 sets the access right to the user who has sent the access request according to the analysis result of the information included in the access request verified by the verification unit 12. The request processing unit 14 executes data processing in response to the access request received by the request response unit 11. At this time, the request processing unit 14 selects only the data specified from the access key given to the user among the data stored in the database 31, that is, the data to which access is permitted to the user. Access.
 図2は、本実施の形態におけるアクセスキー情報記憶部15に記憶されるアクセスキー情報のデータ構成例を示す図である。アクセスキー情報には、アクセスキーに関する情報が設定される。本実施の形態におけるアクセスキー情報は、アクセスキーに、付与先及び使用場所が対応付けして生成される。アクセスキー情報は、保守管理者等がユーザに付与するアクセスキーを発行する際に生成される。アクセスキーは、予め決められた形式に従って一意に生成される。付与先は、当該アクセスキーが付与されたユーザを特定する情報である。前述したように、従業員や外部ベンダーや顧客にアクセスキーが付与されることになるので、これらのユーザを識別可能な識別情報が付与先に設定される。使用場所には、アクセスキーの使用を許容する場所を識別可能な情報が設定される。ユーザは、データを利用する際にアクセスキーを含めてアクセス要求を送信する。例えば、外部ベンダーなら自己の事務所内で、保守員なら保守対象となる設備が設置されている場所等、データを利用する場所は特定される。ユーザは、アクセスキーが付与されることでデータへのアクセスが許可されているとしても、データを正当に利用する場所は、ある程度絞られるはずである。このように、使用場所には、アクセスキーを使用する場所、換言すると当該アクセスキーが付与されたユーザがデータをアクセスしてもよい当該ユーザの所在位置が設定される。従って、使用場所には、当該ユーザが本来、データのアクセスをしてもよい場所を特定しうる情報が設定される。例えば、保守員が設備の保守作業を行う場合、使用場所には、当該設備を使用する顧客(顧客ID)を設定してもよいし、当該設備が設置されている施設(施設ID)を設定してもよいし、当該設備の設置場所に限定的に設定してもよい。なお、使用場所には、使用可能な場所を設定すればよく、必ずしも1箇所に限定する必要はない。 FIG. 2 is a diagram showing a data configuration example of access key information stored in the access key information storage unit 15 in the present embodiment. Information about the access key is set in the access key information. The access key information in the present embodiment is generated by associating the access key with the grant destination and the place of use. The access key information is generated when the maintenance administrator or the like issues an access key given to the user. The access key is uniquely generated according to a predetermined format. The grant destination is information that identifies the user to whom the access key has been granted. As described above, since the access key is given to the employee, the external vendor, and the customer, the identification information that can identify these users is set as the grant destination. Information that can identify the place where the access key is allowed to be used is set in the place of use. The user sends an access request including an access key when using the data. For example, if it is an external vendor, the place where the data is used is specified in its own office, and if it is a maintenance person, the place where the equipment to be maintained is installed. Even if the user is allowed to access the data by being given an access key, the place where the data is legitimately used should be narrowed down to some extent. In this way, the place where the access key is used, in other words, the location where the user to which the access key is assigned may access the data is set in the place of use. Therefore, information that can specify a place where the user may originally access the data is set in the place of use. For example, when a maintenance person performs maintenance work on a facility, a customer (customer ID) who uses the facility may be set as a place of use, or a facility (facility ID) on which the facility is installed may be set. Alternatively, it may be set in a limited place where the equipment is installed. It should be noted that the place of use may be set to a place where it can be used, and it is not always necessary to limit the place to one place.
 図3は、本実施の形態におけるアクセス権情報記憶部16に記憶されるアクセス権情報のデータ構成例を示す図である。アクセス権情報は、アクセス権に、アクセス可能データが対応付けして生成される。アクセス権には、本実施の形態において予め用意しておくアクセス権が設定される。アクセス可能データには、データベース31に記憶されているデータのうち当該アクセス権が付与されることでアクセスが可能なデータが設定される。 FIG. 3 is a diagram showing a data configuration example of access right information stored in the access right information storage unit 16 in the present embodiment. Access right information is generated by associating accessible data with access rights. The access right prepared in advance in the present embodiment is set as the access right. Of the data stored in the database 31, the accessible data is set as the accessible data by granting the access right.
 図3には、アクセス権として、「お客様問合せ対応」、「営業活動(屋内)」、「営業活動(屋外)」、「保守作業対応」が設定されている例が示されている。「お客様問合せ対応」は、オペレータ等顧客に対応する従業員に付与されるべきアクセス権である。オペレータが顧客等からの問合せにそつなく対応できるようにするのが好ましいことと、オペレータは事業所内からイントラネット経由でデータアクセスするためセキュリティ上の問題も発生しにくい環境にいるので、「お客様問合せ対応」のアクセス可能データには、顧客対応に必要な全てのデータにアクセスできるように設定するのが好ましい。「営業活動(屋内)」及び「営業活動(屋外)」は、営業員等、営業業務に関わる職種の従業員に付与されるべきアクセス権である。このうち、「営業活動(屋内)」は、営業員等が顧客先や営業先の施設内、すなわち、屋内にいるときに付与するのに好適なアクセス権である。「営業活動(屋内)」は、営業員等が移動中など屋外にいるときに付与するのに好適なアクセス権である。いずれの場合もインターネットを経由してデータにアクセスする可能性が高いためセキュリティの観点から限定的にアクセス権を設定するのが好ましい。そのため、「営業活動(屋内)」のアクセス可能データには、自社に関する情報は参照できないように、かつ営業活動に必要なデータは参照できるように設定するのが好ましい。一方、「営業活動(屋外)」のアクセス可能データには、例えば、電車の中で第三者に見られたとしたとしてもセキュリティ上、問題と何らないようにアクセス権を設定するのが好ましい。「保守作業対応」は、従業員のうち保守作業員に付与するアクセス権である。保守管理システム1と契約先となる顧客のネットワークとがイントラネットで接続されており、保守作業の際には顧客のネットワークに接続することを考慮すると、保守員は、セキュリティ上の問題も発生しにくい環境にいる。そのため、「お客様問合せ対応」のアクセス可能データには、当該顧客に関連する情報や保守作業に参照する可能性のあるデータにアクセスできるようにアクセス権を設定するのが好ましい。 FIG. 3 shows an example in which "customer inquiry response", "sales activity (indoor)", "sales activity (outdoor)", and "maintenance work response" are set as access rights. "Customer inquiry response" is an access right that should be granted to employees who correspond to customers such as operators. It is preferable to allow the operator to respond to inquiries from customers, etc., and since the operator accesses data from within the office via the intranet, security problems are unlikely to occur. It is preferable to set the accessible data of "" so that all the data necessary for customer service can be accessed. "Sales activities (indoors)" and "sales activities (outdoors)" are access rights that should be granted to employees in sales positions such as sales staff. Of these, "sales activity (indoor)" is an access right that is suitable for being granted by a salesperson or the like when he / she is in a customer's or business's facility, that is, indoors. "Sales activity (indoor)" is an access right that is suitable for being granted when a salesperson or the like is outdoors, such as when moving. In either case, there is a high possibility that the data will be accessed via the Internet, so it is preferable to set access rights in a limited manner from the viewpoint of security. Therefore, it is preferable to set the accessible data of "sales activity (indoor)" so that information about the company cannot be referred to and data necessary for sales activity can be referred to. On the other hand, it is preferable to set the access right to the accessible data of "sales activity (outdoor)" so that it does not cause any problem in terms of security even if it is seen by a third party on the train. "Maintenance work support" is an access right given to maintenance workers among employees. Considering that the maintenance management system 1 and the customer's network as a contractor are connected by an intranet and connected to the customer's network during maintenance work, maintenance personnel are less likely to have security problems. I'm in the environment. Therefore, it is preferable to set an access right to the accessible data of "Customer Inquiry Response" so that the information related to the customer and the data that may be referred to for maintenance work can be accessed.
 このように、保守管理者は、データにアクセスするユーザの別(具体的には、ユーザの職種あるいは業務内容)、またネットワーク環境の別によって、各アクセス権に適切なアクセス可能なデータを対応づけることでアクセス権情報を設定することになる。図3に示すアクセス権情報は、一例であって他の観点からアクセス権を設定してもよいし、他の職種や従業員外(顧客や外部ベンダー)に対してアクセス権を設定してもよい。また、職種等のようにグループ単位にアクセス権を設定する必要はなく、保守員ID等をアクセス権の名称に設定するなどして個人毎にアクセス権を設定してもよい。更に、同じ保守員であっても保守作業を実施する場所や時間帯等によって異なるアクセス権が設定できるようにしてもよい。 In this way, the maintenance administrator associates appropriate accessible data with each access right according to the user who accesses the data (specifically, the job type or business content of the user) and the network environment. By doing so, access right information will be set. The access right information shown in FIG. 3 is an example, and the access right may be set from another viewpoint, or the access right may be set for other occupations or non-employees (customers or external vendors). .. Further, it is not necessary to set the access right for each group as in the job type, and the access right may be set for each individual by setting the maintenance worker ID or the like as the name of the access right. Further, even the same maintenance staff may be able to set different access rights depending on the place and time when the maintenance work is performed.
 図4は、本実施の形態におけるスケジュール情報記憶部18に記憶されるスケジュール情報のデータ構成例を示す図である。スケジュール情報は、従業員のスケジュール、少なくとも保守員による保守作業に関するスケジュールを含む。スケジュール情報には、保守作業のスケジュールを識別するための識別番号(ID)に、当該保守作業の実行日時、当該保守作業を行う保守員の識別情報(保守員ID)、当該保守作業が実施される場所(作業場所)、当該保守作業の保守の内容(保守内容)等が対応付けして設定される。 FIG. 4 is a diagram showing a data configuration example of schedule information stored in the schedule information storage unit 18 in the present embodiment. Schedule information includes employee schedules, at least schedules for maintenance work by maintenance personnel. In the schedule information, the identification number (ID) for identifying the maintenance work schedule, the execution date and time of the maintenance work, the identification information of the maintenance worker who performs the maintenance work (maintenance worker ID), and the maintenance work are carried out. Location (work location), maintenance content (maintenance content) of the maintenance work, etc. are set in association with each other.
 図5は、本実施の形態におけるデータベース31に記憶される顧客情報のデータ構成例を示す図である。顧客情報は、契約先となる顧客に関する情報を含む。顧客情報には、顧客を識別するための識別情報(顧客ID)に、当該顧客の名称、契約により保守対象となる設備が設置されているビルの識別情報(施設ID)、当該ビルの所在地、当該ビルの所在地を表す経緯度情報、当該ビルに設置して使用している機器を識別する情報(使用機器)、保守契約対象の機器(契約機器)の識別情報、契約機器の設置場所等が対応付けして設定される。使用機器としては、ゲートウェイやルータ、無線LAN等があり、ゲートウェイの場合はMACアドレスが、ルータや無線LANの場合はSSID(Service Set Identifier)が、それぞれ設定される。使用機器の識別情報をアクセス要求に含めることで、アクセス要求を送信するユーザのいるビルが特定できる。なお、顧客が複数のビルを契約対象としている場合、ビル毎に情報を設定する。また、複数の契約機器が設置されている場合、各機器の機器ID及び当該機器の設置場所を設定する。 FIG. 5 is a diagram showing a data configuration example of customer information stored in the database 31 according to the present embodiment. Customer information includes information about the customer with whom the contract is made. The customer information includes the identification information (customer ID) for identifying the customer, the name of the customer, the identification information (facility ID) of the building where the equipment to be maintained by the contract is installed, the location of the building, and the location of the building. The latitude and longitude information indicating the location of the building, the information that identifies the equipment installed and used in the building (equipment used), the identification information of the equipment subject to the maintenance contract (contract equipment), the installation location of the contract equipment, etc. It is set in association with each other. The devices used include a gateway, a router, a wireless LAN, and the like. In the case of a gateway, a MAC address is set, and in the case of a router or a wireless LAN, an SSID (Service Set Identity) is set. By including the identification information of the device used in the access request, the building where the user who sends the access request is located can be identified. If the customer has a contract for multiple buildings, information is set for each building. When a plurality of contract devices are installed, the device ID of each device and the installation location of the device are set.
 図6は、本実施の形態におけるデータベース31に記憶される設置機器データのデータ構成例を示す図である。設置機器データは、保守対象となる設備に関する情報を含む。なお、本実施の形態において、設備と機器とは同義である。機器としては、例えば、空調、照明、エレベーター、エスカレーター等である。設置機器データには、設置される機器を識別するための識別情報(機器ID)に、当該機器の種類(空調、照明等)、当該機器の名称(機器名)、当該機器の使用に関する情報(仕様情報)等が対応付けして設定される。 FIG. 6 is a diagram showing a data configuration example of installed equipment data stored in the database 31 according to the present embodiment. Installed equipment data includes information about equipment to be maintained. In this embodiment, equipment and equipment are synonymous. The equipment includes, for example, air conditioning, lighting, elevators, escalators, and the like. The installed device data includes identification information (device ID) for identifying the device to be installed, the type of the device (air conditioning, lighting, etc.), the name of the device (device name), and information on the use of the device (device name). Specification information) etc. are set in association with each other.
 なお、アクセス権設定情報記憶部17は、後述する処理が実行されることで生成されるので、処理の説明と合わせて説明する。 Since the access right setting information storage unit 17 is generated by executing the process described later, it will be described together with the description of the process.
 保守管理サーバ10における各構成要素11~14は、保守管理サーバ10を形成するコンピュータと、コンピュータに搭載されたCPUで動作するプログラムとの協調動作により実現される。また、各記憶部15~18は、保守管理サーバ10に搭載されたHDDにて実現される。あるいは、RAM又はデータベースサーバ30や外部にある記憶手段をネットワーク経由で利用してもよい。 Each component 11 to 14 in the maintenance management server 10 is realized by a cooperative operation between the computer forming the maintenance management server 10 and the program running on the CPU mounted on the computer. Further, each of the storage units 15 to 18 is realized by the HDD mounted on the maintenance management server 10. Alternatively, a RAM, a database server 30, or an external storage means may be used via the network.
 また、本実施の形態で用いるプログラムは、通信手段により提供することはもちろん、CD-ROMやUSBメモリ等のコンピュータ読み取り可能な記録媒体に格納して提供することも可能である。通信手段や記録媒体から提供されたプログラムはコンピュータにインストールされ、コンピュータのCPUがプログラムを順次実行することで各種処理が実現される。 Further, the program used in the present embodiment can be provided not only by communication means but also by storing it in a computer-readable recording medium such as a CD-ROM or a USB memory. Programs provided from communication means and recording media are installed in a computer, and various processes are realized by sequentially executing the programs by the CPU of the computer.
 次に、本実施の形態における動作について説明する。 Next, the operation in this embodiment will be described.
 データへのアクセスを許可するユーザには、アクセスキーが予め付与される。例えば、保守員が保守作業を実施するときや営業員が営業目的で外出するときに、保守管理者等がアクセスキーを事前に付与する。顧客や外部ベンダーからの要求に応じて付与する場合もある。付与されたアクセスキーに関する情報は、アクセスキー情報記憶部15に設定登録される。 An access key is given to the user who is allowed to access the data in advance. For example, when a maintenance worker performs maintenance work or a salesperson goes out for business purposes, a maintenance manager or the like assigns an access key in advance. It may be granted at the request of customers or external vendors. The information regarding the given access key is set and registered in the access key information storage unit 15.
 ユーザがデータにアクセスする場合、ユーザ端末2からアクセス要求を保守管理サーバ10へ送信することになるが、要求送信元がアクセス権を正当に付与された者であることを証明するためにアクセスキーを含めてアクセス要求を送信する。更に、ユーザがデータをアクセスして使用する場所を検証するために、場所情報取得部21が取得した場所情報をアクセス要求に含める。 When the user accesses the data, the access request is sent from the user terminal 2 to the maintenance management server 10, but the access key is used to prove that the request source is a person who has been properly granted the access right. Send an access request including. Further, in order to verify the place where the user accesses and uses the data, the place information acquired by the place information acquisition unit 21 is included in the access request.
 本実施の形態では、APIサーバへ送信するアクセス要求は、HTTP(HyperText Transfer Protocol)のリクエストに準拠した形式にて記述され、アクセスキー及び場所情報は、HTTPのリクエストのヘッダ情報に含められ。もちろん、ボディ(本文中)に含めるようにしてもよい。 In the present embodiment, the access request to be transmitted to the API server is described in a format conforming to the HTTP (HyperText Transfer Protocol) request, and the access key and location information are included in the header information of the HTTP request. Of course, it may be included in the body (in the text).
 ユーザ端末2における場所情報取得部21は、現在位置、すなわちアクセス要求を送信するときに所在する場所、換言するとアクセスキーが使用された場所を取得するが、本実施の形態では、以下の情報のうちいずれかを場所情報として取得する。 The location information acquisition unit 21 in the user terminal 2 acquires the current location, that is, the location where the access request is transmitted, in other words, the location where the access key is used. In the present embodiment, the following information is obtained. Get one of them as location information.
 例えば、ユーザ端末2がモバイル端末であり、測位手段が搭載されている場合、測位手段による測位により取得された位置情報を場所情報として利用する。測位手段としてGPS(Global Positioning System)がユーザ端末2に搭載されている場合、GPSで測位された経緯度情報を場所情報として利用する。 For example, when the user terminal 2 is a mobile terminal and is equipped with a positioning means, the position information acquired by the positioning by the positioning means is used as the location information. When GPS (Global Positioning System) is mounted on the user terminal 2 as a positioning means, the latitude and longitude information measured by GPS is used as location information.
 また、ユーザが外出先となる顧客のビル等に訪問している場合、ユーザ端末2を顧客のシステムに接続し、顧客システムで使用している中継装置、例えばゲートウェイのMACアドレスを取得し、そのMACアドレスを場所情報として利用する。ゲートウェイが複数存在する場合には、アクセス要求を中継するゲートウェイのMACアドレスを取得するのが望ましい。なお、本実施の形態では、場所情報取得部21を実現するアプリケーションがゲートウェイからMACアドレスを取得する場合を想定しているが、ゲートウェイがアクセス要求を中継する際に、自己のMACアドレスをアクセス要求に付加するようにしてもよい。中継機器として使用する機器がルータや無線LANの場合も同様である。 Further, when the user is visiting the customer's building or the like where he / she is out, the user terminal 2 is connected to the customer's system to acquire the MAC address of the relay device used in the customer's system, for example, the gateway, and the MAC address thereof Use the MAC address as location information. When there are multiple gateways, it is desirable to acquire the MAC address of the gateway that relays the access request. In the present embodiment, it is assumed that the application that realizes the location information acquisition unit 21 acquires the MAC address from the gateway, but when the gateway relays the access request, the access request is made for its own MAC address. It may be added to. The same applies when the device used as a relay device is a router or a wireless LAN.
 また、ユーザの訪問先に入退館システムが導入されている場合、自己の所在位置を特定する現在位置情報を入退館システムから取得する。この取得した現在位置情報を場所情報として利用する。なお、現在位置情報には、施設ID、階、部屋番号等が含まれている。 Also, if the entrance / exit system is installed at the user's visit, the current location information that identifies the location of the user is acquired from the entrance / exit system. This acquired current location information is used as location information. The current location information includes the facility ID, floor, room number, and the like.
 このように、場所情報取得部21は、ユーザが所在する施設にある設備、あるいはユーザ端末2に搭載されている機能等を有効に利用して場所情報を取得する。 In this way, the location information acquisition unit 21 acquires location information by effectively using the equipment in the facility where the user is located, the function installed in the user terminal 2, and the like.
 続いて、ユーザ端末2からアクセス要求が送信されてきたときに保守管理サーバ10が実施するアクセス権設定処理について図7に示すフローチャートを用いて説明する。 Subsequently, the access right setting process executed by the maintenance management server 10 when the access request is transmitted from the user terminal 2 will be described with reference to the flowchart shown in FIG.
 保守管理サーバ10において、要求応答部11は、アクセス要求の受信待ちの状態で待機している。そして、ユーザ端末2からアクセス要求が送信されてくると、そのアクセス要求を受信する(ステップ101)。 In the maintenance management server 10, the request response unit 11 is waiting in a state of waiting for receiving an access request. Then, when the access request is transmitted from the user terminal 2, the access request is received (step 101).
 続いて、検証部12は、受信したアクセス要求が正当な要求であるかを検証する。まず、アクセス要求に、アクセスキー情報記憶部15に登録されているアクセスキーが含まれているかどうかを検証する。含まれている場合(ステップ102でY)、検証部12は、次の検証に処理を移行するが、含まれていない場合(ステップ102でN)、要求応答部11は、検証部12による検証結果として、データへのアクセスが認められていない旨をアクセス要求元のユーザ端末2に返信する(ステップ113)。なお、アクセスキー情報記憶部15に登録されているアクセスキーがアクセス要求に含まれていない場合というのは、アクセスキーそのものが含まれていない場合と、アクセスキーはアクセス要求に含まれているものの、そのアクセスキーが期限切れであったり偽造されたものであることからアクセスキー情報記憶部15に登録されていない場合とがある。 Subsequently, the verification unit 12 verifies whether the received access request is a legitimate request. First, it is verified whether or not the access request includes the access key registered in the access key information storage unit 15. If it is included (Y in step 102), the verification unit 12 shifts the process to the next verification, but if it is not included (N in step 102), the request response unit 11 is verified by the verification unit 12. As a result, it returns to the user terminal 2 of the access request source that the access to the data is not permitted (step 113). The case where the access key registered in the access key information storage unit 15 is not included in the access request is the case where the access key itself is not included and the case where the access key is included in the access request. Since the access key has expired or is forged, it may not be registered in the access key information storage unit 15.
 続いて、検証部12は、アクセス要求が送信された場所について検証する。そのために、検証部12は、アクセス要求から場所情報を読み出すことで、アクセス要求の送信場所を特定する(ステップ103)。そして、検証部12は、アクセス要求に含まれているアクセスキーに対応する使用場所をアクセスキー情報記憶部15から読み出し、特定したアクセス要求の送信場所を、読み出した使用場所と照合する。なお、この照合の際には、顧客情報等を適宜参照すればよい。照合の結果、アクセス要求が正当な場所から送信されていると判断できる場合(ステップ104でY)、アクセス権設定部13によるアクセス権の設定に移行するが、そうでない場合(ステップ104でN)、要求応答部11は、検証部12による検証結果として、正当でない場所からデータへのアクセスが要求された旨をアクセス要求元のユーザ端末2に返信する(ステップ113)。なお、アクセス要求が正当な場所から送信されていないと判断できる場合というのは、上記照合の結果、アクセス要求に含まれている場所情報が示す場所が、アクセスキー情報記憶部15から読み出した当該アクセスキーの使用場所に設定されていない場合と、アクセス要求に場所情報がそもそも含まれていない場合とが考えられる。 Subsequently, the verification unit 12 verifies the location where the access request is sent. Therefore, the verification unit 12 specifies the transmission location of the access request by reading the location information from the access request (step 103). Then, the verification unit 12 reads the usage location corresponding to the access key included in the access request from the access key information storage unit 15, and collates the transmission location of the specified access request with the read usage location. At the time of this collation, customer information and the like may be referred to as appropriate. As a result of the collation, if it can be determined that the access request is transmitted from a legitimate place (Y in step 104), the process proceeds to the access right setting by the access right setting unit 13, but if not (N in step 104). As a result of verification by the verification unit 12, the request response unit 11 returns to the user terminal 2 of the access request source that the access to the data is requested from an unjustified location (step 113). In addition, when it can be determined that the access request is not transmitted from a legitimate place, the place indicated by the place information included in the access request is read from the access key information storage unit 15 as a result of the above collation. It is possible that the location of the access key is not set, or that the location information is not included in the access request in the first place.
 また、アクセス要求を送信するユーザの識別情報をアクセス要求に含めて送信させるようにし、検証部12は、そのアクセス要求に含まれているユーザの識別情報を、アクセスキー情報記憶部15に記憶されている当該アクセスキーに対応する付与先と照合することでユーザの検証を行うようにしてもよい。 Further, the identification information of the user who sends the access request is included in the access request and transmitted, and the verification unit 12 stores the user identification information included in the access request in the access key information storage unit 15. The user may be verified by collating with the grantee corresponding to the access key.
 続いて、アクセス権設定部13は、アクセス要求を送信したユーザに対してアクセス権を設定する。そのために、まず、アクセス権設定部13は、アクセス要求がインターネットを介して送信されてきたか、あるいはイントラネットを介して送信されてきたかどうかを判定する。例えば、アクセス要求には、アクセス要求元のユーザ端末2のIPアドレスが含まれているが、このIPアドレスがイントラネットのIPアドレス範囲に含まれるかどうかで判断する。 Subsequently, the access right setting unit 13 sets the access right for the user who sent the access request. Therefore, first, the access right setting unit 13 determines whether the access request has been transmitted via the Internet or the intranet. For example, the access request includes the IP address of the user terminal 2 that is the access request source, and it is determined whether or not this IP address is included in the IP address range of the intranet.
 IPアドレスがイントラネットのIPアドレス範囲に含まれていない場合、すなわち、インターネット経由でアクセス要求が送信されてきた場合(ステップ105でY)、続いて、アクセス権設定部13は、アクセス要求が屋内から送信されたのか、あるいは屋外から送信されたのかどうかを判定する。この判定には、複数の方法が考えられる。 When the IP address is not included in the IP address range of the intranet, that is, when the access request is transmitted via the Internet (Y in step 105), the access right setting unit 13 subsequently determines that the access request is from indoors. Determine if it was sent or if it was sent from outside. A plurality of methods can be considered for this determination.
 例えば、ユーザ端末2にGPSが搭載されている場合、ユーザが屋外にいれば、GPSは正常に測位できる。その一方、ユーザが屋内にいると、GPSは、通常、正常に測位できないと考えられる。従って、ユーザ端末2は、GPSが測位した結果、すなわちGPS受信の可/不可をアクセス要求に含めて送信する。アクセス権設定部13は、受信されたアクセス要求に含まれているGPS受信の可/不可の結果を参照して、ユーザが屋内にいるか屋外にいるかを判定する。 For example, when the user terminal 2 is equipped with GPS, if the user is outdoors, the GPS can be positioned normally. On the other hand, when the user is indoors, GPS is usually considered to be unable to position normally. Therefore, the user terminal 2 transmits the result of GPS positioning, that is, whether or not GPS reception is possible, is included in the access request. The access right setting unit 13 determines whether the user is indoors or outdoors by referring to the GPS reception enable / disable result included in the received access request.
 あるいは、アクセス要求に含まれている場所情報を参照してもよい。例えば、場所情報が入退館システムから取得した現在位置情報の場合、あるいはゲートウェイのMACアドレスの場合、ユーザは屋内にいると判断できる。なお、場所情報が正当な情報であることは、検証部12により検証済みである。一方、場所情報が経緯度情報の場合、GPSによる受信が可能であったことから、ユーザは屋外にいると判断できる。 Alternatively, you may refer to the location information included in the access request. For example, if the location information is the current location information acquired from the entrance / exit system, or if it is the MAC address of the gateway, it can be determined that the user is indoors. It should be noted that the verification unit 12 has verified that the location information is legitimate information. On the other hand, when the location information is latitude and longitude information, it can be determined that the user is outdoors because the reception by GPS was possible.
 ユーザが屋外にいると判断した場合(ステップ106でN)、アクセス権設定部13は、「営業活動(屋外)」というアクセス権をユーザに設定する(ステップ107)。ユーザが屋内にいると判断した場合(ステップ106でY)、アクセス権設定部13は、「営業活動(屋内)」というアクセス権をユーザに設定する(ステップ108)。 When it is determined that the user is outdoors (N in step 106), the access right setting unit 13 sets the access right of "sales activity (outdoor)" to the user (step 107). When it is determined that the user is indoors (Y in step 106), the access right setting unit 13 sets the access right of "sales activity (indoor)" to the user (step 108).
 また、IPアドレスがイントラネットのIPアドレス範囲に含まれている場合、すなわち、イントラネット経由でアクセス要求が送信されてきた場合(ステップ105でN)、続いて、アクセス権設定部13は、誰からアクセス要求が送信されてきたのかを判定する。この判定は、次のようにする。 Further, when the IP address is included in the IP address range of the intranet, that is, when the access request is transmitted via the intranet (N in step 105), then, from whom the access right setting unit 13 accesses. Determine if the request has been sent. This judgment is made as follows.
 保守管理システムは、各従業員の識別情報(従業員ID)と職種とを少なくとも対応付けした従業員マスタ(図示せず)を有している。そして、アクセス要求の送信元となるユーザが従業員の場合、従業員IDをアクセス要求に含めて送信するようにする。そして、アクセス権設定部13は、従業員マスタを参照して、アクセス要求元の職種を特定する。あるいは、アクセス要求の送信元が保守員の場合のみ、従業員ID(保守員ID)をアクセス要求に含めて送信するようにしてもよい。 The maintenance management system has an employee master (not shown) in which at least the identification information (employee ID) of each employee and the job type are associated with each other. Then, when the user who is the source of the access request is an employee, the employee ID is included in the access request and transmitted. Then, the access right setting unit 13 refers to the employee master and specifies the job type of the access request source. Alternatively, the employee ID (maintenance worker ID) may be included in the access request and transmitted only when the source of the access request is a maintenance worker.
 アクセス要求が保守員から送信されたと判断した場合(ステップ109でY)、アクセス権設定部13は、「保守作業対応」というアクセス権をユーザに設定する(ステップ110)。アクセス要求が保守員以外、本実施の形態においてはオペレータから送信されたと判断した場合(ステップ109でN)、アクセス権設定部13は、「お客様問合せ対応」というアクセス権をユーザに設定する(ステップ111)。 When it is determined that the access request has been sent from the maintenance staff (Y in step 109), the access right setting unit 13 sets the access right of "maintenance work correspondence" to the user (step 110). When it is determined that the access request is sent from an operator other than the maintenance staff in this embodiment (N in step 109), the access right setting unit 13 sets the access right of "customer inquiry response" to the user (step 109). 111).
 以上のようにしてアクセス要求を送信したユーザ、すなわちアクセス要求に含まれているアクセスキーに対応させてアクセス権を設定すると、アクセス権設定部13は、その設定した内容をアクセス権設定情報記憶部17に登録する(ステップ112)。このアクセス権設定情報記憶部17に登録され記憶されるアクセス権設定情報のデータ構成例を図8に示す。アクセス権設定情報には、ユーザに付与したアクセスキーに、当該ユーザに付与したアクセス権の種類が対応付けして設定される。 When the access right is set corresponding to the user who sent the access request, that is, the access key included in the access request as described above, the access right setting unit 13 stores the set contents in the access right setting information storage unit. Register in 17 (step 112). FIG. 8 shows a data configuration example of the access right setting information registered and stored in the access right setting information storage unit 17. In the access right setting information, the access key given to the user is set in association with the type of the access right given to the user.
 要求応答部11は、アクセス権設定部13が設定したアクセス権、あるいはアクセス可能となったデータをアクセス要求元のユーザ端末2に返信する(ステップ113)。 The request response unit 11 returns the access right set by the access right setting unit 13 or the accessible data to the user terminal 2 of the access request source (step 113).
 アクセス要求に実行すべき処理が指定されている場合、要求処理部14は、その処理を実行し、要求応答部11は、その処理結果をアクセス要求元へ返信するようにしてもよい。なお、要求処理部14が実行する処理は、アクセス権設定情報を参照して、当該ユーザにアクセスを許可したデータのみをアクセスすることになる。 When a process to be executed is specified in the access request, the request processing unit 14 may execute the process, and the request response unit 11 may return the process result to the access request source. The process executed by the request processing unit 14 refers to the access right setting information and accesses only the data for which the user is permitted to access.
 本実施の形態によれば、付与したアクセスキーを含めてアクセス要求をユーザに送信させるようにすることで、当該ユーザ(アクセス要求に含まれているアクセスキー)に対してアクセス権を自動的に設定することができる。特に、本実施の形態においては、アクセス要求をしたユーザの種類に応じて、またアクセス要求が送信されたときのユーザの所在位置に応じて、当該ユーザに適合したアクセス権を自動的に設定することができる。 According to the present embodiment, by causing the user to send an access request including the assigned access key, the access right is automatically given to the user (access key included in the access request). Can be set. In particular, in the present embodiment, the access right suitable for the user is automatically set according to the type of the user who made the access request and the location of the user when the access request is transmitted. be able to.
 なお、図7に示すフローチャートでは、説明の便宜上、場所による判別として屋外か屋内か、人による判別として従業員である保守員かオペレータか、というケースによって異なる種別のアクセス権を設定できることについて説明したが、これに限る必要はない。例えば、アクセス要求元が従業員の他の職種であったり、従業員以外の顧客や外部ベンダーであってもよい。また、場所も屋外と屋内と大別するのでなく、屋外であってもセキュリティ上、安全な場所とそうでない場所など細分化してアクセス権の設定を行うようにしてもよい。また、本実施の形態においては、ユーザ(アクセスキー)に対してただ1つのアクセス権を設定するようにしたが、複数のアクセス権を設定するようにしてもよい。 In the flowchart shown in FIG. 7, for convenience of explanation, it has been described that different types of access rights can be set depending on the case of outdoor or indoor discrimination by location and maintenance worker or operator who is an employee as discrimination by person. However, it does not have to be limited to this. For example, the access request source may be an employee's other occupation, a customer other than the employee, or an external vendor. Further, the place is not roughly divided into an outdoor place and an indoor place, and even if it is outdoors, the access right may be set by subdividing the place into a safe place and an unsafe place in terms of security. Further, in the present embodiment, only one access right is set for the user (access key), but a plurality of access rights may be set.
 1 保守管理システム、2 ユーザ端末、3 ネットワーク、4 LAN、10 保守管理サーバ、11 要求応答部、12 検証部、13 アクセス権設定部、14 要求処理部、15 アクセスキー情報記憶部、16 アクセス権情報記憶部、17 アクセス権設定情報記憶部、18 スケジュール情報記憶部、21 場所情報取得部、22 要求送信部、30 データベース(DB)サーバ、31 データベース。
  1 Maintenance management system, 2 user terminals, 3 networks, 4 LANs, 10 maintenance management servers, 11 request response units, 12 verification units, 13 access right setting units, 14 request processing units, 15 access key information storage units, 16 access rights Information storage unit, 17 access right setting information storage unit, 18 schedule information storage unit, 21 location information acquisition unit, 22 request transmission unit, 30 database (DB) server, 31 database.

Claims (6)

  1.  複数のデータを記憶するデータ記憶手段と、
     前記データ記憶手段に記憶されているデータを選択的にアクセスさせるためのアクセス権を付与するユーザに対して付与されたアクセスキーに関するアクセスキー情報を記憶するアクセスキー情報記憶手段と、
     アクセス権に、前記データ記憶手段に記憶されているデータのうち当該アクセス権が付与されることでアクセスが可能なデータが対応付けされたアクセス権情報を記憶するアクセス権情報記憶手段と、
     ユーザから送信されてきたアクセス要求を受信する受信手段と、
     前記アクセス要求に前記アクセスキー情報記憶手段に登録されているアクセスキーが含まれているかどうかを検証する検証手段と、
     前記検証手段により検証された前記アクセス要求に含まれている情報の解析結果に応じて当該アクセス要求を送信したユーザにアクセス権を設定する設定手段と、
     を有することを特徴とするデータ管理システム。     A data storage means for storing multiple data and
    An access key information storage means for storing access key information related to an access key given to a user who grants an access right for selectively accessing data stored in the data storage means, and an access key information storage means.
    An access right information storage means for storing access right information associated with data that can be accessed by granting the access right among the data stored in the data storage means to the access right.
    A receiving means for receiving the access request sent from the user, and
    A verification means for verifying whether or not the access request includes an access key registered in the access key information storage means, and
    A setting means for setting an access right to a user who has transmitted the access request according to the analysis result of the information included in the access request verified by the verification means, and
    A data management system characterized by having.
  2.  前記アクセス権情報には、ユーザの種別又はユーザによる前記アクセス要求の送信場所に対応したアクセス権が設定されており、
     前記設定手段は、前記アクセス要求を解析することによって前記アクセス要求を送信したユーザの種別又は当該ユーザの前記アクセス要求の送信場所を特定することによって当該ユーザに付与するアクセス権を決定することを特徴とする請求項1に記載のデータ管理システム。     In the access right information, an access right corresponding to the type of user or the transmission location of the access request by the user is set.
    The setting means is characterized in that the access right granted to the user is determined by specifying the type of the user who transmitted the access request or the transmission location of the access request of the user by analyzing the access request. The data management system according to claim 1.
  3.  前記アクセスキー情報には、アクセスキーに、前記データ記憶手段に記憶されているデータへのアクセスを許可する場所を特定する場所情報が対応付けして設定されており、
     前記検証手段は、前記アクセスキー情報を参照して、前記アクセス要求を解析することによって特定したユーザの所在場所が、当該ユーザに付与したアクセスキーに対応して設定されている場所情報が示す場所にいるかどうかを検証することを特徴とする請求項1に記載のデータ管理システム。     The access key information is set by associating the access key with location information that specifies a location that permits access to data stored in the data storage means.
    The verification means refers to the access key information, and the location of the user specified by analyzing the access request is the location indicated by the location information set corresponding to the access key given to the user. The data management system according to claim 1, further comprising verifying whether or not the user is in the data.
  4.  請求項1乃至3のいずれか1項に記載のデータ管理システムと、
     ユーザが使用し、前記データ管理システムが管理するデータを処理するユーザ端末装置と、
     を有し、
     前記ユーザ端末装置は、
     当該ユーザ端末装置が使用されている場所を特定しうる場所情報を取得する取得手段と、
     アクセス要求に、前記取得手段により取得された場所情報を含めて送信する送信手段と、
     を有することを特徴とするデータ処理システム。     The data management system according to any one of claims 1 to 3.
    A user terminal device that is used by the user and processes data managed by the data management system, and
    Have,
    The user terminal device is
    An acquisition means for acquiring location information that can identify the location where the user terminal device is used, and
    A transmission means for transmitting the access request including the location information acquired by the acquisition means, and
    A data processing system characterized by having.
  5.  前記取得手段は、前記ユーザが所在する施設に設置されている中継装置であって当該ユーザが送信する前記アクセス要求を中継するゲートウェイのアドレス情報、前記施設に設置されている入退管理システムから取得した当該ユーザの所在位置を特定する情報、又は前記ユーザ端末装置に搭載された測位手段による測位により取得された位置情報を、場所情報として取得することを特徴とする請求項4に記載のデータ処理システム。 The acquisition means is the relay device installed in the facility where the user is located, and the address information of the gateway that relays the access request transmitted by the user is acquired from the entry / exit management system installed in the facility. The data processing according to claim 4, wherein the information for identifying the location of the user or the position information acquired by positioning by the positioning means mounted on the user terminal device is acquired as location information. system.
  6.  複数のデータを記憶するデータ記憶手段と、前記データ記憶手段に記憶されているデータを選択的にアクセスさせるためのアクセス権を付与するユーザに対して付与されたアクセスキーに関するアクセスキー情報を記憶するアクセスキー情報記憶手段と、アクセス権に、前記データ記憶手段に記憶されているデータのうち当該アクセス権が付与されることでアクセスが可能なデータが対応付けされたアクセス権情報を記憶するアクセス権情報記憶手段と、をアクセス可能なコンピュータを、
     ユーザから送信されてきたアクセス要求を受信する受信手段、
     前記アクセス要求に前記アクセスキー情報記憶手段に登録されているアクセスキーが含まれているかどうかを検証する検証手段、
     前記検証手段により検証された前記アクセス要求に含まれている情報の解析結果に応じて当該アクセス要求を送信したユーザにアクセス権を設定する設定手段、
     として機能させるためのプログラム。
          The data storage means for storing a plurality of data and the access key information regarding the access key given to the user who grants the access right for selectively accessing the data stored in the data storage means are stored. An access right that stores access right information associated with an access key information storage means and data that can be accessed by granting the access right among the data stored in the data storage means to the access right. Information storage means and computers that can access
    Receiving means for receiving access requests sent by users,
    A verification means for verifying whether or not the access request includes an access key registered in the access key information storage means,
    A setting means for setting an access right to a user who has transmitted the access request according to the analysis result of the information contained in the access request verified by the verification means.
    A program to function as.
PCT/JP2019/022675 2019-06-07 2019-06-07 Data management system, data processing system, and program WO2020246016A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2019/022675 WO2020246016A1 (en) 2019-06-07 2019-06-07 Data management system, data processing system, and program
JP2019563114A JPWO2020246016A1 (en) 2019-06-07 2019-06-07 Data management system, data processing system and program

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2019/022675 WO2020246016A1 (en) 2019-06-07 2019-06-07 Data management system, data processing system, and program

Publications (1)

Publication Number Publication Date
WO2020246016A1 true WO2020246016A1 (en) 2020-12-10

Family

ID=73653068

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2019/022675 WO2020246016A1 (en) 2019-06-07 2019-06-07 Data management system, data processing system, and program

Country Status (2)

Country Link
JP (1) JPWO2020246016A1 (en)
WO (1) WO2020246016A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005309890A (en) * 2004-04-23 2005-11-04 Fuji Xerox Co Ltd Authentication system
JP2010097510A (en) * 2008-10-17 2010-04-30 Dainippon Printing Co Ltd Remote access management system and method
JP2018013875A (en) * 2016-07-19 2018-01-25 株式会社リコー Access management system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016224843A (en) * 2015-06-03 2016-12-28 富士ゼロックス株式会社 Document management program and information processing apparatus

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005309890A (en) * 2004-04-23 2005-11-04 Fuji Xerox Co Ltd Authentication system
JP2010097510A (en) * 2008-10-17 2010-04-30 Dainippon Printing Co Ltd Remote access management system and method
JP2018013875A (en) * 2016-07-19 2018-01-25 株式会社リコー Access management system

Also Published As

Publication number Publication date
JPWO2020246016A1 (en) 2021-09-13

Similar Documents

Publication Publication Date Title
US11451553B2 (en) Sensor-based human authorization evaluation
JP6920703B2 (en) Access device
EP3497951B1 (en) Secure private location based services
AU2012234407A1 (en) Distribution of premises access information
CN104717223A (en) Data access method and device
KR101127794B1 (en) Judgement system for location of network idendifier and method thereof
JP4252063B2 (en) User location system
JP6108344B2 (en) Access management apparatus, access management method and program
US20100058466A1 (en) Systems and methods for providing security for software applications
WO2020246016A1 (en) Data management system, data processing system, and program
CN101048998A (en) Method of and system for connecting to a network via a wireless local area network
JP6755274B2 (en) Elevator inspection support system and elevator work information management method
Bajaj et al. Sensing human activity for assessing participation in evacuation drills
KR101506384B1 (en) Cloud type Building Management Method
KR101888013B1 (en) A estimated working allowance calculating application and management system therefore by securing cross-evidence of an individual location information based on big data
KR102498136B1 (en) Method and system for automatic computer network environment setup
US20240144754A1 (en) Systems and techniques for managing access control
US20230294959A1 (en) Elevator interaction in public spaces
KR20170106890A (en) Transaction guiding method, transaction guiding server and transaction guiding system using beacon
JP7124420B2 (en) Change method, change program, and information processing device
JP2007122233A (en) Identifier authentication system
JP2006092039A (en) Service utilization system
US20020038355A1 (en) System and method for managing infrastructure and eviroment in a bulding
JP2014232457A (en) Information management device and program
JP2023183941A (en) Network device management system and control method

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 2019563114

Country of ref document: JP

Kind code of ref document: A

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19931670

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19931670

Country of ref document: EP

Kind code of ref document: A1