WO2021001950A1 - Confidential information reference system, confidential information reference device, confidential information reference method, and program - Google Patents

Confidential information reference system, confidential information reference device, confidential information reference method, and program Download PDF

Info

Publication number
WO2021001950A1
WO2021001950A1 PCT/JP2019/026408 JP2019026408W WO2021001950A1 WO 2021001950 A1 WO2021001950 A1 WO 2021001950A1 JP 2019026408 W JP2019026408 W JP 2019026408W WO 2021001950 A1 WO2021001950 A1 WO 2021001950A1
Authority
WO
WIPO (PCT)
Prior art keywords
confidential information
collected
reference key
user
storage device
Prior art date
Application number
PCT/JP2019/026408
Other languages
French (fr)
Japanese (ja)
Inventor
文彦 澤崎
Original Assignee
日本電信電話株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電信電話株式会社 filed Critical 日本電信電話株式会社
Priority to PCT/JP2019/026408 priority Critical patent/WO2021001950A1/en
Publication of WO2021001950A1 publication Critical patent/WO2021001950A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Definitions

  • the present invention relates to a confidential information reference system, a confidential information reference device, a confidential information reference method, and a program.
  • Non-Patent Document 1 information with access restrictions, including information that cannot be accessed even by the owner or related parties, is referred to as confidential information.
  • Examples of confidential information include communication records held by communication service providers, server access log information, transaction information at financial institutions, and resident information at government agencies, in addition to images taken by security cameras. There are restrictions on viewing information, even if it is an employee or employee of a business or institution.
  • log information held by a communication service provider Another example of using confidential information is log information held by a communication service provider.
  • investigative agencies may ask businesses for information on sites and services accessed by the suspect, as well as information on users who have contacted the suspect via social media, email, or telephone.
  • customer information subscriber information
  • financial institutions and government agencies direct access of customer transaction information and resident information by employees and staff is not desirable.
  • the present invention has been made in view of such a background, and even if the user's terminal cannot access the confidential information, the confidential information is collected, and the confidential information collected by the accessible user's terminal is collected.
  • the challenge is to make it available.
  • the confidential information reference system is a confidential information reference system including a confidential information reference device, a confidential information storage device, and a collection confidential information storage device, and the confidential information storage device is , Confidential information with access restrictions and incidental attributes that are information given to the confidential information are stored in association with each other, and the collected confidential information storage device collects and collects confidential information acquired from the confidential information storage device.
  • the information is stored in association with the reference key, which is a key for referring to the collected confidential information
  • the confidential information reference device is a non-authorized user who is a user who does not have the authority to refer to the confidential information.
  • the terminal When the terminal receives a request to generate the reference key including the collection condition which is the condition of the incidental attribute of the confidential information for the confidential information presented to the authorized user who is the user who has the authority to refer to the confidential information. , Generates a confidential information collecting unit that collects confidential information associated with the incidental attribute that matches the collecting condition from the confidential information storage device as the collected confidential information, and a reference key for referring to the collected confidential information.
  • a reference key generation unit a reference key registration unit that associates the collected confidential information with the reference key, stores the reference key in the collected confidential information storage device, and sends the reference key to the terminal of the non-authorized user.
  • the user Upon receiving a request for acquisition of the collected confidential information including the reference key from the user's terminal, it is confirmed that the user is the authorized user, and the collected confidential information associated with the reference key is collected and confidential. It is equipped with a confidential information acquisition unit that acquires information from the information storage device and sends it to the user's terminal.
  • the confidential information reference system in the embodiment (first embodiment) for carrying out the present invention will be described below.
  • the confidential information reference system generates a reference key for confidential information requested by a terminal of a non-authorized person (non-authorized user) who does not have access authority to the confidential information, and returns it.
  • the reference key is not the confidential information itself, but a reference (reference information) for acquiring (viewing) the confidential information.
  • the non-authorized person passes the reference key to the authorized person (authorized user) who has the authority to access the confidential information.
  • the confidential information corresponding to the reference key and the confidential information itself requested by the non-authorized person can be accessed. Even if the terminal of the non-authorized person sends the acquisition request including the reference key to the confidential information reference system, the confidential information cannot be accessed.
  • FIG. 1 is a diagram showing an overall configuration of the confidential information reference system 10 according to the first embodiment.
  • the confidential information reference system 10 includes a confidential information reference device 100, a confidential information storage device 200, and a collection confidential information storage device 300 that can communicate with each other on the network 490.
  • the user terminal 400 is a terminal used by an authorized person and a non-authorized person, and accesses the confidential information reference device 100 to request registration of a reference key, acquisition of confidential information, and deletion of the reference key.
  • the confidential information storage device 200 stores and stores confidential information.
  • the confidential information storage device 200 includes a control unit 210 and a confidential information database 220.
  • the confidential information database 220 is, for example, tabular data and stores confidential information.
  • the record (row) of the confidential information database 220 indicates one confidential information, and is configured to include identification information 221 (described as an ID (identifier) in FIG. 1), ancillary attribute 222, and an attribute (column) of data 223. To.
  • the identification information 221 is the identification information of the confidential information.
  • the incidental attribute 222 is information given to the confidential information or related information, and is information that is a search condition for the confidential information.
  • Data 223 is confidential information itself. Taking the image of the surveillance camera as an example, the incidental attribute 222 includes the identification information of the surveillance camera, the shooting location, the shooting period, and the like.
  • the data 223 is video data.
  • the control unit 210 causes the confidential information storage device 200, which is a computer, to function as a database server. Specifically, when a request for acquisition of confidential information including a collection condition (search condition) is received from the confidential information reference device 100 described later, a record of the confidential information database 220 having an incidental attribute 222 that matches the collection condition is searched, and the search result is obtained. Data 223 (confidential information) is returned as a response.
  • the collection confidential information storage device 300 stores and stores confidential information (also referred to as collection confidential information) acquired from the confidential information storage device 200 by the confidential information reference device 100 in association with a reference key.
  • the reference key is identification information generated when the confidential information reference device 100 registers the collected confidential information in the collected confidential information storage device 300.
  • the collection confidential information storage device 300 includes a control unit 310 and a collection confidential information database 320.
  • the collection confidential information database 320 is, for example, tabular data and stores the collection confidential information.
  • the record (row) of the collected confidential information database 320 indicates one collected confidential information, and is configured to include a reference key 321 and an attribute (column) of the collected data 322.
  • the reference key 321 is a reference key that serves as identification information for the collected confidential information.
  • the collected data 322 is data of collected confidential information.
  • the control unit 310 causes the collection confidential information storage device 300, which is a computer, to function as a database server. Specifically, when receiving a registration request including the reference key and the collected confidential information from the confidential information reference device 100, the control unit 310 adds a record to the collected confidential information database 320 to obtain the reference key and the collected confidential information, respectively. It is stored in the reference key 321 and the collected data 322 of the added record. Further, when the acquisition request including the reference key is received from the confidential information reference device 100, the control unit 310 searches for a record in which the reference key 321 matches the reference key included in the acquisition request, and collects data 322 of the search result. Reply as a response. Further, when the deletion request including the reference key is received from the confidential information reference device 100, the control unit 310 searches for a record in which the reference key 321 matches the reference key included in the deletion request and deletes the record.
  • FIG. 2 is a hardware configuration diagram of the computer 100Z that realizes the function of the confidential information reference device 100 according to the first embodiment.
  • the computer 100Z includes a CPU 101, a RAM (Random Access Memory) 102, a ROM (Read Only Memory) 103, an SSD (Solid State Drive) 104, a NIC (Network Interface Card) 105, and an input / output interface 106 (input / output I / in FIG. 2).
  • F (described as interface)) and a media drive 107 are included.
  • NIC105 is connected to network 490.
  • a user interface device 198 (described as a UI (User Interface) device in FIG. 2) such as a display, a keyboard, and a mouse is connected to the input / output interface 106.
  • the media drive 107 reads the program on the recording medium 199.
  • the CPU 101 executes the read program (see the program 121 in FIG. 3 described later)
  • the computer 100Z functions as the confidential information reference device 100, searches for and collects the confidential information, and collects it in association with the reference key.
  • the reference key registration process (see FIG. 5 described later) for accumulating the collected confidential information (collected confidential information) is executed.
  • the computer 100Z functions as the confidential information reference device 100, and the confidential information acquisition process (see FIG. 6 described later) for acquiring the collected confidential information by using the reference key, and the reference.
  • the reference key deletion process for deleting the key is executed.
  • FIG. 3 is a functional configuration diagram of the confidential information reference device 100 according to the first embodiment.
  • the confidential information reference device 100 includes a control unit 110, a storage unit 120, and an input / output unit 140.
  • the input / output unit 140 is composed of the NIC 105 and the input / output interface 106, and transmits / receives communication data to / from the confidential information storage device 200, the collection confidential information storage device 300, and the user terminal 400.
  • the storage unit 120 is composed of a RAM 102, a ROM 103, and an SSD 104, and stores data necessary for processing such as a program 121, a user information database 130 (see FIG. 4 described later), and a reference key registration process.
  • FIG. 4 is a data structure diagram of the user information database 130 according to the first embodiment.
  • the user information database 130 is, for example, tabular data that stores information related to the user of the confidential information reference system 10.
  • the record (row) of the user information database 130 indicates the information of one user, and the identification information 131 (described as ID in FIG. 4), the authentication information 132, the generation right 133, the acquisition right 134, the deletion right 135, And the attribute (column) of the reference key 136 is included.
  • the identification information 131 is user identification information.
  • the authentication information 132 is information referred to when authenticating a user, and is, for example, a password, biometric information, or a public key.
  • the generation right 133 indicates whether or not there is an authority to generate a reference key.
  • the acquisition right 134 indicates whether or not there is an authority to acquire (view) the collected confidential information by using the reference key.
  • the deletion right 135 indicates whether or not there is a right to delete the reference key.
  • the reference key 136 is a reference key that has been requested and generated from the user's terminal.
  • the reference key 136 may include a plurality of reference keys.
  • Record 138 shows the information of the user whose identification information 131 is "4938". This user is a non-authorized person who has the right to generate and delete the reference key, but does not have the right to acquire (view) confidential information. This user has already registered a reference key called "5AQ3R45M”. Record 139 shows the information of the user whose identification information 131 is "7364". This user is an authorized person who has the right to acquire the collected confidential information using the reference key, and also has the right to delete the reference key, but does not have the right to generate the reference key.
  • the control unit 110 is composed of a CPU 101, and includes a message processing unit 111, a confidential information collection unit 112, a reference key generation unit 113, a reference key registration unit 114, a confidential information acquisition unit 115, and a reference key deletion unit 116.
  • the message processing unit 111 receives a request message from the terminal of the user (authorized person or non-authorized person), and in response to the request message, the confidential information collection unit 112, the confidential information acquisition unit 115, and the reference key deletion unit 116. Or call.
  • the confidential information collecting unit 112 accesses the confidential information storage device 200 and collects confidential information.
  • the reference key generation unit 113 generates a reference key corresponding to the collected confidential information (collected confidential information).
  • the reference key registration unit 114 stores the collected confidential information in the collected confidential information storage device 300 in association with the reference key, and transmits the reference key to the user's terminal.
  • the confidential information acquisition unit 115 acquires the collected confidential information corresponding to the reference key from the collected confidential information storage device 300 in response to the request from the terminal of the user (authorized person), and collects the confidential information on the user's terminal. To send.
  • the reference key deletion unit 116 deletes the record of the reference key stored in the collected confidential information storage device 300 and the reference key in the user information database 130.
  • FIG. 5 is a sequence diagram of the reference key registration process according to the first embodiment.
  • a process of acquiring a reference key for confidential information that matches the collection conditions will be described with reference to FIG.
  • the user terminal 400A transmits an authentication request including the user's identification information (described as ID in FIG. 5) and the authentication information to the confidential information reference device 100.
  • the message processing unit 111 of the confidential information reference device 100 authenticates the user. Specifically, the message processing unit 111 acquires the identification information 131 and the authentication information 132 from the user information database 130 to authenticate the user.
  • step S103 the message processing unit 111 returns an authentication success (OK) or an authentication failure (NG) depending on the success or failure of the user authentication in step S102. If the authentication fails, the message processing unit 111 ends the process of FIG. In the following, the explanation will be continued assuming that the authentication was successful.
  • step S104 the user terminal 400A requests the registration of the reference key. Specifically, the user terminal 400A requests the confidential information to be collected including the conditions (collection conditions). Upon receiving the request, the message processing unit 111 outputs the request to the confidential information collecting unit 112.
  • step S105 the confidential information collecting unit 112 confirms the generation right. Specifically, the confidential information collecting unit 112 acquires the generation right 133 included in the record of the user authenticated in step S102 in the user information database 130, and determines whether or not the user has the generation right. Check. If the user has the generation right (step S105 ⁇ YES), the confidential information collecting unit 112 proceeds to step S107, and if the user does not have the generation right (step S105 ⁇ NO), proceeds to step S106. In step S106, the confidential information collecting unit 112 returns a request refusal (NG) to the user terminal 400A, and ends the process of FIG.
  • NG request refusal
  • the confidential information collecting unit 112 requests the confidential information storage device 200 for confidential information including the collecting conditions.
  • the confidential information storage device 200 searches for confidential information that matches the collection conditions, and returns the collected confidential information of the search results to the confidential information reference device 100.
  • the control unit 210 of the confidential information storage device 200 searches for a record in which the incidental attribute 222 matches the collection condition among the records of the confidential information database 220 (see FIG. 1), and the data 223 of the search result record. Reply (confidential information).
  • the number of records of the search result is not limited to one, and may be 0 or 2 or more.
  • step S109 the confidential information collecting unit 112 proceeds to step S110 if there are 0 records of the search result (step S109 ⁇ YES), and proceeds to step S111 if there is one or more records (step S109 ⁇ NO).
  • step S110 the confidential information collecting unit 112 returns to the user terminal 400A that there is no confidential information (collected confidential information) that matches the collecting conditions (NG), and ends the process of FIG.
  • step S111 the reference key generation unit 113 of the confidential information reference device 100 generates a random number as a reference key.
  • the reference key registration unit 114 of the confidential information reference device 100 requests the collection confidential information storage device 300 to register the collection confidential information including the reference key and the collection confidential information.
  • the collection confidential information storage device 300 associates and stores the reference key and the collection confidential information, and responds. Specifically, the control unit 310 of the collection confidential information storage device 300 adds a record to the collection confidential information database 320 (see FIG. 1), and the received reference key and the collection confidential information are combined with the reference key 321 of the added record. It is stored in the collected data 322. Subsequently, the control unit 310 returns the registration completion to the confidential information reference device 100. In step S114, the reference key registration unit 114 returns the reference key to the user terminal 400A.
  • step S105 If the user has the generation right (see step S105) and the confidential information to be referred to exists (see step S109), the confidential information and the reference key are stored in the collection confidential information storage device 300 (see step S113). The user's terminal acquires the reference key (see step S114). Subsequently, a confidential information acquisition process for acquiring the collected confidential information stored in the collected confidential information storage device 300 using this reference key will be described.
  • FIG. 6 is a sequence diagram of confidential information acquisition processing according to the first embodiment.
  • the user terminal 400B is assumed to be a terminal of a user who has obtained a reference key from a user (non-authorized person, a user who has registered a reference key) in FIG.
  • the confidential information is an image taken by a surveillance camera
  • the user in FIG. 5 is a victim of a stalker
  • the user in FIG. 6 is a police officer. Police officers obtain a reference key from the victim when asked to investigate the stalker.
  • Steps S121 to S123 are the same as steps S101 to S103 of FIG. 5, respectively.
  • the user terminal 400B requests the acquisition of confidential information. Specifically, the user terminal 400B requests the reference key registrant's identification information (described as the reference key registrant ID in FIG. 6) and the reference key.
  • the message processing unit 111 that has received the request outputs the request to the confidential information acquisition unit 115.
  • Steps S125 to S126 are the same as steps S105 to S106 of FIG. 6 except that the confidential information collecting unit 112 is replaced by the confidential information acquisition unit 115 and the generation right is replaced by the acquisition right.
  • step S127 the confidential information acquisition unit 115 confirms whether or not the reference key received in step S124 and the identification information of the reference key registrant (described as ID in FIG. 6) correspond to each other. Specifically, the confidential information acquisition unit 115 receives in step S124 the reference key 136 of the record whose identification information 131 matches the identification information of the reference key registrant in the record in the user information database 130 (see FIG. 3). Check if the referenced key is included. If the confidential information acquisition unit 115 is included (step S127 ⁇ YES), the process proceeds to step S129, and if it is not included (step S127 ⁇ NO), the process proceeds to step S128. In step S128, the confidential information acquisition unit 115 returns to the user terminal 400B that the reference key and the reference key registrant do not correspond (NG), and ends the process of FIG.
  • the confidential information acquisition unit 115 returns to the user terminal 400B that the reference key and the reference key registrant do not correspond (NG), and ends the process of FIG.
  • step S129 the confidential information acquisition unit 115 requests the collection confidential information storage device 300 to acquire the collection confidential information including the reference key.
  • the collection confidential information storage device 300 returns the collection confidential information corresponding to the reference key.
  • the control unit 310 of the collection confidential information storage device 300 is a record in the collection confidential information database 320 (see FIG. 1), and the collection data 322 (collection confidential information) of the record corresponding to the reference key received by the reference key 321. ) Is returned to the confidential information reference device 100.
  • step S131 the confidential information acquisition unit 115 returns the collected confidential information to the user terminal 400B.
  • step S125 the terminal of the user (authorized person) acquires the collected confidential information corresponding to the reference key. (See step S131). Next, the process of deleting this reference key will be described.
  • FIG. 7 is a sequence diagram of the reference key deletion process according to the first embodiment. Steps S141 to S143 are the same as steps S101 to S103 of FIG. 5, respectively.
  • step S144 the user terminal 400 requests the deletion of the reference key. Specifically, the user terminal 400 requests the reference key registrant's identification information (described as the reference key registrant ID in FIG. 7) and the reference key. The message processing unit 111 that has received the request outputs the request to the reference key deletion unit 116. Steps S145 to S146 are the same as steps S105 to S106 of FIG. 5, except that the confidential information collection unit 112 is replaced by the reference key deletion unit 116 and the generation right is replaced by the deletion right.
  • Steps S147 to S148 are the same as steps S127 to S128 of FIG. 6, except that the confidential information collecting unit 112 has been replaced by the reference key deleting unit 116.
  • the reference key deletion unit 116 deletes the reference key of the user information database 130.
  • the reference key deletion unit 116 is a record in the user information database 130 (see FIG. 3), and the reference information 131 is included in the reference key 136 of the record whose identification information matches the identification information of the reference key registrant.
  • the reference key that matches the reference key received in step S144 is deleted.
  • step S150 the reference key deletion unit 116 requests the collection confidential information storage device 300 to delete the collection confidential information including the reference key.
  • the collection confidential information storage device 300 deletes the collection confidential information corresponding to the reference key.
  • the control unit 310 of the collection confidential information storage device 300 deletes a record in the collection confidential information database 320 (see FIG. 1) that matches the reference key received by the reference key 321. Subsequently, the control unit 310 returns the deletion completion to the confidential information reference device 100.
  • step S152 the reference key deletion unit 116 returns the deletion completion to the user terminal 400.
  • step S145 If the user has the right to delete (see step S145) and the reference key and the reference key registrant correspond (see step S147), the confidential information reference device 100 deletes the reference key and the corresponding collected confidential information. (See steps S149 and S151).
  • a non-authorized person's terminal that cannot access the confidential information can collect the confidential information by specifying conditions and obtain a reference key corresponding to the collected confidential information.
  • the terminal of the authorized person who can access the confidential information and who obtained the reference key from the non-authorized person acquires the collected confidential information by using this reference key. be able to.
  • Even the terminal of the authorized person cannot acquire the collected confidential information without the reference key.
  • the non-authorized person can indirectly present the confidential information that he / she cannot access to the authorized person (the terminal of the authorized person acquires the confidential information) by passing the reference key.
  • Reference key registrant >> The confidential information acquisition request and the reference key deletion request include identification information of the reference key registrant (see step S124 of FIG. 6 and step S144 of FIG. 7). The identification information of the reference key registrant may be eliminated and only the reference key may be transmitted. In this case, in step S127, the confidential information acquisition unit 115 confirms whether or not the reference key is included in the reference key 136 (see FIG. 4) of any record in the user information database 130. The same applies to step S147.
  • FIG. 8 is a diagram showing the overall configuration of the video reference system 10A according to the second embodiment.
  • the video reference system 10A includes a video reference device 100A, a video storage device 200A, and a collected video storage device 300A that can communicate with each other on the network 490.
  • the user terminal 400 is a mobile terminal (for example, a smartphone) that can acquire location information.
  • the user instructs the user terminal 400 to request the registration of the reference key.
  • the user instructs the end of registration. From the registration request to the end of registration, the user terminal 400 transmits the position (for example, latitude and longitude) and time to the video reference device 100A at a predetermined cycle.
  • the video storage device 200A stores and stores the video captured by the surveillance camera 500 in the video database 220A.
  • the record of the video database 220A shows one video, and is configured to include the attributes of the identification information 221 (denoted as ID in FIG. 8), the shooting location 222A1, the shooting period 222A2, and the video 223A.
  • the shooting location 222A1 and the shooting period 222A2 are incidental attributes of the image, and indicate the installation position (for example, latitude and longitude) of the surveillance camera and the shooting period.
  • the shooting location 222A1 may be an area monitored by a surveillance camera shown in an image (for example, the latitude and longitude of the center point of the area).
  • the video 223A is the video data itself.
  • the control unit 210A collects images from the surveillance camera 500, divides the images by a predetermined time length, assigns identification information 221 and a shooting location 222A1 and a shooting period 222A2, and stores the images in the video database 220A. Further, when the control unit 210A receives a video request including the position information and the time from the video reference device 100A, the distance between the shooting location 222A1 and the position of the position information is equal to or less than a predetermined value, and the shooting period 222A2 includes the time. The record in the database 220A is searched, and the video 223A as the search result is returned as a response.
  • the collected video storage device 300A stores and stores the collected video acquired by the video reference device 100A from the video storage device 200A in association with the reference key.
  • the record of the collected video database 320A shows one video and is configured to include the reference key 321 and the attributes of the collected video 322A.
  • the operation of the control unit 310A related to registration, acquisition, and deletion is the same as that of the control unit 310 of the first embodiment, except that the collected data 322 (see FIG. 1) is replaced with the collected video 322A.
  • FIG. 9 is a functional configuration diagram of the video reference device 100A according to the second embodiment.
  • the processing of the image collecting unit 112A and the reference key registration unit 114A is different.
  • the video acquisition unit 115A is the same as the confidential information acquisition unit 115, except that the confidential information is replaced with a video.
  • the reference key registration process will be described below, and the operations of the video collection unit 112A and the reference key registration unit 114A will be described.
  • the video acquisition process and the reference key deletion process using the reference key are the same as those in the first embodiment.
  • FIG. 10 is a sequence diagram of the reference key registration process according to the second embodiment. Steps S201 to S203 are the same as steps S101 to S103 (see FIG. 5) of the first embodiment.
  • step S204 the user terminal 400A requests the registration of the reference key.
  • the message processing unit 111 Upon receiving the request, the message processing unit 111 outputs the request to the video collecting unit 112A.
  • Step S205 is the same as step S105.
  • step S206 the image collecting unit 112A returns a request rejection (NG) to the user terminal 400A, and ends the process of FIG.
  • step S207 the image collecting unit 112A returns the request acceptance (OK) to the user terminal 400A.
  • step S208 the user terminal 400A repeatedly transmits the position and the time at a predetermined cycle.
  • the image collecting unit 112A stores the received position and time.
  • step S209 the user terminal 400A transmits the completion of registration of the reference key.
  • step S210 the video collecting unit 112A requests the video storage device 200A to include the position and time received in step S208.
  • step S211 the video storage device 200A searches for a video that matches the position and time, and returns the search result video to the video reference device 100A.
  • control unit 210A of the video storage device 200A searches for a record in the video database 220A in which the distance between the shooting location 222A1 and the position is equal to or less than a predetermined value and the shooting period 222A2 includes the time, and responds with the video 223A as the search result. Reply as.
  • Steps S212 to S214 are the same as steps S109 to S111 (see FIG. 5) of the first embodiment.
  • the reference key registration unit 114A processes the image. Specifically, the reference key registration unit 114A generates the collected video by connecting the videos acquired in step S211 in the order of shooting time and adding position and time information. Alternatively, the reference key registration unit 114A may generate the collected video so as not to include a portion in which the moving object is not shown (passerby is not shown) in the video. Steps S216 to S218 are the same as steps S112 to S114 (see FIG. 5) of the first embodiment. ⁇ Characteristics of reference key registration process ⁇ The user terminal 400A repeatedly transmits the position and time while the user is being followed.
  • the video reference device 100A collects the video corresponding to this position and time from the video storage device 200A, processes it, associates it with the reference key, and stores it in the collected video storage device 300A.
  • the images are connected in the order of shooting time, and position and time information is added. For this reason, the viewer (police) of the video can easily understand the flow and location of the video, and the value as the video is high.
  • the collection condition in the second embodiment is the position and time of the user terminal, and the video reference device 100A collects the video of the shooting location and shooting period corresponding to this position and time.
  • the traffic route and time transmitted by the user terminal 400 may be specified by the user as a collection condition.
  • the image reference device 100A collects from the image using the person (object) recognition technology, subject to the user's clothes (color and type of upper and lower clothes) and portable items (bag, hat, glasses, etc.). You may want to collect footage of passers-by who meet the conditions.
  • the image storage device 200A may collect images by this person (object) recognition technology.
  • the video reference device 100A narrows down the video acquired by the person (object) recognition technology. , May be processed as a collected image.
  • FIG. 11 is a diagram showing an overall configuration of the log reference system 10B according to the third embodiment.
  • the log reference system 10B includes a log reference device 100B, a log storage device 200B, and a collection log storage device 300B that can communicate with each other on the network 490.
  • the log storage device 200B stores and stores the communication log handled by the telecommunications carrier in the log database 230 (see FIG. 12 described later).
  • FIG. 12 is a data structure diagram of the log database 230 according to the third embodiment.
  • the log database 230 is, for example, tabular data, one record indicates one communication log, identification information 231 (denoted as ID in FIG. 12), time 232, access source 233, access destination 234, And the attributes of the incidental information 235 are included.
  • the identification information 231 is communication identification information.
  • Time 232 is the communication occurrence time (start time).
  • the access source 233 and the access destination 234 are a communication source and a communication destination.
  • the incidental information 235 is, for example, communication time.
  • the identification information is "847347”, the communication start time is 20:38:45 on March 3, 2019, the communication source address is "3-1111-1111”, and the communication destination address. Is "44-222-2222", indicating communication with a communication time of 14 minutes and 39 seconds.
  • the collection log storage device 300B is the same as the collection confidential information storage device 300, except that the collection data 322 (collection confidential information) (see FIG. 1) is replaced with the collection log 322B.
  • One communication log included in the collection log 322B corresponds to one record in the log database 230.
  • the log acquisition process and the reference key deletion process are the same as the confidential information acquisition process and the reference key deletion process of the first embodiment.
  • the reference key registration process is the same as that of the first embodiment except for the collection conditions.
  • the collection conditions in the third embodiment are the conditions relating to the time 232, the access source 233, and the access destination 234.
  • the condition is that the subscriber being investigated is the communication source or communication destination for the past three months.
  • the confidential information collecting unit 112 collects a communication log in which the time 232 is included in the communication period of the collection condition and the communication source or communication destination of the collection condition matches the access source 233 or the access destination 234. If the collection condition is only one of the communication source and the communication destination, the other is considered to be arbitrary, and the communication log that matches the communication source or the communication destination included in the collection condition is collected.
  • FIG. 13 is a diagram showing the overall configuration of the confidential information reference system 10C according to the fourth embodiment.
  • the confidential information reference system 10C includes a confidential information reference device 100C, a confidential information storage device 200, and a collection condition storage device 300C.
  • a confidential information reference device 100C a confidential information reference device 100C
  • a confidential information storage device 200 a confidential information storage device 200
  • a collection condition storage device 300C a collection condition storage device
  • the collection condition storage device 300C stores and stores the collection conditions at the time of registering the reference key in association with the reference key.
  • the collection condition database 320C of the collection condition storage device 300C has a configuration in which the collection data 322 (collection confidential information, see FIG. 1) in the first embodiment is replaced with the collection condition 322C.
  • FIG. 14 is a functional configuration diagram of the confidential information reference device 100C according to the fourth embodiment.
  • the difference from the confidential information reference device 100 (see FIG. 3) of the first embodiment is that the confidential information collection unit 112 is eliminated, and the reference key generation unit 113C, the reference key registration unit 114C, and the confidential information acquisition unit 115C operate. This is different from the first embodiment.
  • the reference key generation unit 113C confirms the user's generation right in addition to generating the reference key.
  • the reference key registration unit 114C stores the collection condition in the collection condition storage device 300C in association with the reference key, and transmits the reference key to the terminal of the user (non-authorized person).
  • the confidential information acquisition unit 115C acquires the collection condition corresponding to the reference key from the collection condition storage device 300C in response to the request from the terminal of the user (authorized person), and keeps the confidential information matching the collection condition confidential. It is acquired from the information storage device 200 and transmitted to the user's terminal.
  • the reference key registration process and the confidential information acquisition process using the reference key will be described below.
  • FIG. 15 is a sequence diagram of the reference key registration process according to the fourth embodiment.
  • Steps S401 to S406 are the same as steps S101 to S106 of the first embodiment (see FIG. 5). However, steps S405 to S406 are executed by the reference key generation unit 113C instead of the confidential information collection unit 112.
  • Step S407 is the same as step S111 of the first embodiment.
  • step S408 the reference key registration unit 114C requests the collection condition storage device 300C to register the reference key and the collection condition received in step S404.
  • step S409 the collection condition storage device 300C stores the reference key and the collection condition in association with each other, and responds.
  • step S410 the reference key registration unit 114C returns the reference key to the user terminal 400A.
  • FIG. 16 is a sequence diagram of confidential information acquisition processing according to the fourth embodiment.
  • the user terminal 400B will be described on the assumption that it is a terminal of an authorized person who has obtained a reference key from the user (non-authorized person, user who has registered the reference key) of FIG.
  • Steps S421 to S428 are the same as steps S121 to S128 of FIG. 5, respectively.
  • the confidential information acquisition unit 115C requests the collection condition storage device 300C to acquire the collection condition including the reference key.
  • the collection condition storage device 300C returns the collection condition corresponding to the reference key.
  • Steps S431 to S434 are the same as steps S107 to S110 of the first embodiment.
  • the confidential information acquisition unit 115C executes the operation.
  • the collection condition included in the confidential information request in step S431 is the collection condition acquired from the collection condition storage device 300C in step S430.
  • the confidential information acquisition unit 115C returns the collected confidential information to the user terminal 400B.
  • the user terminal 400B acquires confidential information at the time of reference key registration.
  • the user terminal 400B can acquire the latest confidential information at the time of acquiring the confidential information.
  • the confidential information storage device 200 and the collected confidential information storage device 300 are different devices from the confidential information reference device 100.
  • the confidential information storage device 200 and the collected confidential information storage device 300 may be the same device as the confidential information reference device 100, and the confidential information reference device 100 is the confidential information database 220 and the collected confidential information database. 320 may be stored.
  • the confidential information reference device 100 executes the reference key registration process, the confidential information acquisition process, and the reference key deletion process, different devices may execute each of them.
  • the confidential information database 220 is one database, but is not limited to this.
  • an access source to a network service is indicated by an IP (Internet protocol) address, but the user cannot always be identified directly from the IP address.
  • IP Internet protocol
  • a local and global IP address conversion database or subscriber information database owned by the IP service provider to which the user subscribes is required.
  • the confidential information reference device 100 may collect confidential information by searching in combination of a plurality of confidential information storage devices (databases) so as to meet the collection conditions.
  • the confidential information reference device 100 checks the acquisition right of the user (see step S125 in FIG. 6).
  • the collection confidential information storage device 300 may check. Specifically, in step S129, the confidential information reference device 100 transmits the identification information of the user who requested the confidential information to the collection confidential information storage device 300.
  • the collection confidential information storage device 300 may check the acquisition right of the user and determine in step S130 whether or not to transmit the collection confidential information.
  • step S431 the confidential information reference device 100 transmits the identification information of the user who requested the confidential information to the confidential information storage device 200.
  • the confidential information storage device 200 may check the acquisition right of the user and determine whether or not to transmit the confidential information in step S432.
  • the program of the confidential information reference device 100 is read from the recording medium 199, but may be acquired via the network. As yet another embodiment, it may be a server that distributes the program of the confidential information reference device 100.
  • the confidential information reference system 10 is a confidential information reference system 10 including a confidential information reference device 100, a confidential information storage device 200, and a collection confidential information storage device 300.
  • the 200 stores the confidential information (data 223) with access restrictions in association with the incidental attribute 222 which is the information given to the confidential information, and the collected confidential information storage device 300 is acquired from the confidential information storage device 200.
  • the collected confidential information (collected data 322) collected and stored in association with the reference key 321 which is a key for referring to the collected confidential information, and the confidential information reference device 100 has the authority to refer to the confidential information.
  • the incidental attribute of the confidential information Upon receiving the request to generate the reference key including the collection condition which is the condition, the confidential information collection unit 112 which collects the confidential information associated with the incidental attribute matching the collection condition from the confidential information storage device 200 as the confidential information is collected.
  • the reference key generation unit 113 that generates a reference key for referencing the collected confidential information, the collected confidential information and the reference key are stored in the collected confidential information storage device 300 in association with each other, and the reference key is stored in the collection confidential information storage device 300.
  • the reference key registration unit 114 to be sent to the terminal and the user's terminal receive a request to acquire the collected confidential information including the reference key, it is confirmed that the user is an authorized user. It is provided with a confidential information acquisition unit 115 that acquires the collected confidential information associated with the reference key from the collected confidential information storage device 300 and sends it to the terminal of the user.
  • Such a confidential information reference system 10 collects confidential information that matches the collection conditions in response to a request from a terminal of an unauthorized person who cannot access the confidential information, and obtains a reference key corresponding to the collected confidential information. Can be sent.
  • the confidential information reference system 10 returns the collected confidential information by receiving the reference key from the terminal of the authorized person who can access the confidential information and has obtained the reference key from the non-authorized person. You will be able to. As a result, even a non-authorized person can collect confidential information that he / she cannot access and present it to the authorized person.
  • the confidential information reference device 100 is a confidential information reference device of the confidential information reference system 10 including the confidential information reference device 100, the confidential information storage device 200, and the collection confidential information storage device 300. , About the confidential information presented from the terminal of the non-authorized user who is the user who does not have the authority to refer to the confidential information (user terminal 400A) to the authorized user who is the user who has the authority to refer to the confidential information.
  • the confidential information storage device 200 Upon receiving a request to generate a reference key, which is a key for referring to the collected confidential information, which is confidential information that matches the collected condition, including the collection condition which is a condition of the incidental attribute of the confidential information, the confidential information storage device 200 Confidential information collection unit 112 that collects confidential information collected from, reference key generation unit 113 that generates a reference key for referring to the collected confidential information, and a collection confidential information storage device that associates the collected confidential information with the reference key.
  • the reference key registration unit 114 Upon receiving the reference key registration unit 114 that stores the reference key in the 300 and sends the reference key to the terminal of the non-authorized user and the acquisition request of the collected confidential information including the reference key from the user's terminal (user terminal 400B), With the confidential information acquisition unit 115 that confirms that the user is an authorized user, acquires the collected confidential information associated with the reference key from the collected confidential information storage device 300, and sends it to the terminal of the user. To be equipped with.
  • Such a confidential information reference device 100 collects confidential information that matches the collection conditions in response to a request from a terminal of an unauthorized person who cannot access the confidential information, and obtains a reference key corresponding to the collected confidential information. Can be sent.
  • the confidential information reference device 100 returns the collected confidential information by receiving the reference key from the terminal of the authorized person who can access the confidential information and has obtained the reference key from the non-authorized person. can do. As a result, even a non-authorized person can collect confidential information that he / she cannot access and present it to the authorized person.
  • the confidential information is the video 223A of the surveillance camera 500
  • the incidental attributes include the shooting period 222A2 of the video 223A and the shooting location 222A1
  • the collection conditions Includes the position of the mobile terminal (user terminal 400) held by the non-authorized user and the time when the mobile terminal existed at the position
  • the confidential information collecting unit (video collecting unit 112A) is set to the shooting location 222A1.
  • the shooting period 222A2 collects images including the time when the mobile terminal was present when the distance from the position of the mobile terminal is equal to or less than a predetermined value.
  • Such a confidential information reference device receives a collection condition including the position and time from the terminal of an unauthorized person, and is a surveillance camera that is photographing the shooting location 222A1 including the position of the collection condition. It is possible to return a reference key that refers to the captured video of the shooting period 222A2 including the time of the collection condition. As a result, even a non-authorized person can collect the video of himself / herself and present it to the authorized person.
  • the confidential information is the log information of the communication
  • the incidental attributes are the communication time 232, the communication source (access source 233), and the communication destination (access destination). 234)
  • the collection conditions include any one of a specific communication source and an arbitrary communication destination, a specific communication destination and an arbitrary communication source, a specific communication source and a specific communication destination, and a communication period.
  • the confidential information collecting unit 112 includes a communication period including the communication time 232, and the communication source (access source 233) and the communication destination (access destination 234) of the communication match the communication source and the communication destination under the collection conditions. Collect log information.
  • Such a confidential information reference device receives a collection condition including a communication period, a communication source, and a communication destination from a terminal of an unauthorized person, and is a communication generated during the communication period of the collection condition.
  • a non-authorized person can collect communication logs that meet the collection conditions and present them to the authorized person.
  • the confidential information reference system 10C is a confidential information reference system 10C including a confidential information reference device 100C, a confidential information storage device 200, and a collection condition storage device 300C, and is a confidential information storage device 200.
  • the collection condition storage device 300C is a condition of the incidental attribute of the confidential information.
  • the collection condition 322C and the reference key 321 which is a key for referring to the collection condition are stored in association with each other
  • the confidential information reference device 100C is a non-authorized user who is a user who does not have the authority to refer to the confidential information.
  • a reference key including a collection condition which is a condition of ancillary attributes of the confidential information is generated.
  • the reference key generation unit 113C that generates the reference key for referencing the collection condition, the collection condition, and the reference key are stored in the collection condition storage device 300C in association with each other, and the reference key is unauthorized.
  • the reference key registration unit 114C Upon receiving a request for acquisition of confidential information including the reference key from the reference key registration unit 114C to be sent to the user's terminal and the user's terminal (user terminal 400), it is confirmed that the user is an authorized user.
  • the collection condition associated with the reference key is acquired from the collection condition storage device 300C, the confidential information associated with the incidental attribute matching the collection condition is collected from the confidential information storage device 200, and the user is concerned. It is provided with a confidential information acquisition unit 115C to be sent to the terminal of.
  • Such a confidential information reference system 10C can transmit a reference key corresponding to the collection condition in response to a request from a terminal of an unauthorized person who cannot access the confidential information.
  • the confidential information reference system 10C is an authorized person who can access the confidential information, and by receiving this reference key from the terminal of the authorized person who obtained the reference key from the non-authorized person, the confidential information matching the collection conditions is satisfied. Will be able to reply. Further, as compared with the confidential information reference system 10, the confidential information reference system 10C can return newer confidential information. As a result, even a non-authorized person can collect confidential information that he / she cannot access and present it to the authorized person. Further, as compared with the confidential information reference system 10, the authorized person can acquire newer confidential information.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

This confidential information reference system (10) is formed including this confidential information reference device (100), this confidential information reference device (200), and a collected confidential information accumulation device (300). When a reference key registration request including a collection condition is received, the confidential information reference device (100) collects data (223) (confidential information) having collateral attributes (222) suitable for the collection condition from the confidential information reference device (200), and stores as collection data (322) in association with the generated reference key in the collected confidential information accumulation device (300). When a confidential information request including the reference key is received, the confidential information reference device (100) acquires the collection data (322) corresponding to the reference key from the collected confidential information accumulation device (300), and transmits same to a request source.

Description

守秘情報参照システム、守秘情報参照装置、守秘情報参照方法およびプログラムConfidential information reference system, confidential information reference device, confidential information reference method and program
 本発明は、守秘情報参照システム、守秘情報参照装置、守秘情報参照方法およびプログラムに関する。 The present invention relates to a confidential information reference system, a confidential information reference device, a confidential information reference method, and a program.
 情報の所有者または直接の関係者であっても、当該情報を閲覧(取得)できない情報がある。例えば、監視カメラが撮影した映像について、個人情報保護ないしはプライバシの観点から、監視カメラの設置者であっても、撮影映像(映像)の閲覧が制限される取決めがある(非特許文献1)。また、通行人など、映像に映っている当人であっても、当人と確認され、さらに正当な理由がない限り、映像を閲覧することはできない。以下では、所有者または関係者であってもアクセスできない情報を含め、アクセス制限のある情報を守秘情報と記す。 There is information that cannot be viewed (acquired) even by the owner of the information or a person directly related to it. For example, from the viewpoint of personal information protection or privacy of images taken by surveillance cameras, there is an agreement that even the installer of the surveillance camera is restricted from viewing the captured images (videos) (Non-Patent Document 1). In addition, even a person in the video, such as a passerby, cannot view the video unless he / she is confirmed as the person and there is a valid reason. In the following, information with access restrictions, including information that cannot be accessed even by the owner or related parties, is referred to as confidential information.
 守秘情報の例としては、防犯カメラの映像の他に、通信サービス事業者が保有する通信記録やサーバへのアクセスログ情報、金融機関での取引情報、行政機関での住民情報などがある。事業者または機関の従業員または職員であっても、情報の閲覧には制限がある。 Examples of confidential information include communication records held by communication service providers, server access log information, transaction information at financial institutions, and resident information at government agencies, in addition to images taken by security cameras. There are restrictions on viewing information, even if it is an employee or employee of a business or institution.
 守秘情報であっても、情報の当事者である場合には、当該情報の利用が必要な場合がある。例えば、ストーカー犯罪の被害者が警察に捜査を依頼するときには、被害者当人やストーカーが映っている監視カメラの映像が犯罪の証拠となるので有用である。しかしながら、被害者が、自身が映っている監視カメラを見つけ、設置者を探し出して映像の提供を依頼するには、手間や時間を要する。さらに、被害者が依頼したとしても、監視カメラの映像は守秘情報であるために、設置者が映像を提供するとは限らない。 Even if it is confidential information, it may be necessary to use the information if it is a party to the information. For example, when a victim of a stalker crime asks the police to investigate, it is useful because the image of the victim or the surveillance camera showing the stalker is evidence of the crime. However, it takes time and effort for the victim to find the surveillance camera in which he / she is reflected, find the installer, and request the provision of the image. Furthermore, even if the victim requests it, the installer does not always provide the image because the image of the surveillance camera is confidential information.
 守秘情報を利用する他の例として、通信サービス事業者が保有するログ情報がある。犯罪捜査のために、容疑者がアクセスしたサイトやサービスの情報、およびソーシャルメディアやメール、電話などで容疑者に接触した利用者の情報などを、捜査機関が事業者に求める場合がある。顧客情報(加入者情報)を保護するためには、事業者における情報提供の担当者であっても、顧客情報を含むログ情報に直接アクセスすることは望ましくない。金融機関や行政機関においても同様であって、行員や職員による顧客の取引情報や住民情報の直接アクセスは望ましくない。 Another example of using confidential information is log information held by a communication service provider. For criminal investigations, investigative agencies may ask businesses for information on sites and services accessed by the suspect, as well as information on users who have contacted the suspect via social media, email, or telephone. In order to protect customer information (subscriber information), it is not desirable for even the person in charge of providing information in the business operator to directly access the log information including the customer information. The same applies to financial institutions and government agencies, and direct access of customer transaction information and resident information by employees and staff is not desirable.
 本発明は、このような背景を鑑みてなされたのであり、守秘情報にアクセスできない利用者の端末であっても守秘情報を収集して、アクセス可能な利用者の端末が収集された守秘情報を取得可能にすることを課題とする。 The present invention has been made in view of such a background, and even if the user's terminal cannot access the confidential information, the confidential information is collected, and the confidential information collected by the accessible user's terminal is collected. The challenge is to make it available.
 前記した課題を解決するため、守秘情報参照システムは、守秘情報参照装置、守秘情報蓄積装置、および収集守秘情報蓄積装置を含んで構成される守秘情報参照システムであって、前記守秘情報蓄積装置は、アクセス制限のある守秘情報と、当該守秘情報に付与された情報である付帯属性とを関連付けて記憶し、前記収集守秘情報蓄積装置は、前記守秘情報蓄積装置から取得されて収集された収集守秘情報と、当該収集守秘情報を参照するためのキーである参照キーとを関連付けて記憶し、前記守秘情報参照装置は、前記守秘情報を参照する権限を有しない利用者である非権限利用者の端末から、前記守秘情報を参照する権限を有する利用者である権限利用者に提示する前記守秘情報について、当該守秘情報の付帯属性の条件である収集条件を含む前記参照キーの生成要求を受け取ると、当該収集条件に合致する前記付帯属性に関連付けられた守秘情報を前記守秘情報蓄積装置から前記収集守秘情報として収集する守秘情報収集部と、前記収集守秘情報を参照するための参照キーを生成する参照キー生成部と、前記収集守秘情報と、前記参照キーとを関連付けて前記収集守秘情報蓄積装置に格納して、前記参照キーを前記非権限利用者の端末に送付する参照キー登録部と、利用者の端末から前記参照キーを含む前記収集守秘情報の取得要求を受け取ると、当該利用者が前記権限利用者であることを確認し、当該参照キーに関連付けられた収集守秘情報を前記収集守秘情報蓄積装置から取得して、当該利用者の端末に送付する守秘情報取得部とを備える。 In order to solve the above-mentioned problems, the confidential information reference system is a confidential information reference system including a confidential information reference device, a confidential information storage device, and a collection confidential information storage device, and the confidential information storage device is , Confidential information with access restrictions and incidental attributes that are information given to the confidential information are stored in association with each other, and the collected confidential information storage device collects and collects confidential information acquired from the confidential information storage device. The information is stored in association with the reference key, which is a key for referring to the collected confidential information, and the confidential information reference device is a non-authorized user who is a user who does not have the authority to refer to the confidential information. When the terminal receives a request to generate the reference key including the collection condition which is the condition of the incidental attribute of the confidential information for the confidential information presented to the authorized user who is the user who has the authority to refer to the confidential information. , Generates a confidential information collecting unit that collects confidential information associated with the incidental attribute that matches the collecting condition from the confidential information storage device as the collected confidential information, and a reference key for referring to the collected confidential information. A reference key generation unit, a reference key registration unit that associates the collected confidential information with the reference key, stores the reference key in the collected confidential information storage device, and sends the reference key to the terminal of the non-authorized user. Upon receiving a request for acquisition of the collected confidential information including the reference key from the user's terminal, it is confirmed that the user is the authorized user, and the collected confidential information associated with the reference key is collected and confidential. It is equipped with a confidential information acquisition unit that acquires information from the information storage device and sends it to the user's terminal.
 本発明によれば、守秘情報にアクセスできない利用者の端末であっても守秘情報を収集して、アクセス可能な利用者の端末が収集された守秘情報を取得可能にすることができる。 According to the present invention, even a user's terminal that cannot access the confidential information can collect the confidential information, and the accessible user's terminal can acquire the collected confidential information.
第1の実施形態に係る守秘情報参照システムの全体構成を示す図である。It is a figure which shows the whole structure of the confidential information reference system which concerns on 1st Embodiment. 第1の実施形態に係る守秘情報参照装置の機能を実現するコンピュータのハードウェア構成図である。It is a hardware block diagram of the computer which realizes the function of the confidential information reference apparatus which concerns on 1st Embodiment. 第1の実施形態に係る守秘情報参照装置の機能構成図である。It is a functional block diagram of the confidential information reference apparatus which concerns on 1st Embodiment. 第1の実施形態に係る利用者情報データベースのデータ構成図である。It is a data structure diagram of the user information database which concerns on 1st Embodiment. 第1の実施形態に係る参照キー登録処理のシーケンス図である。It is a sequence diagram of the reference key registration process which concerns on 1st Embodiment. 第1の実施形態に係る守秘情報取得処理のシーケンス図である。It is a sequence diagram of the confidential information acquisition process which concerns on 1st Embodiment. 第1の実施形態に係る参照キー削除処理のシーケンス図である。It is a sequence diagram of the reference key deletion process which concerns on 1st Embodiment. 第2の実施形態に係る映像参照システムの全体構成を示す図である。It is a figure which shows the whole structure of the video reference system which concerns on 2nd Embodiment. 第2の実施形態に係る映像参照装置の機能構成図である。It is a functional block diagram of the video reference apparatus which concerns on 2nd Embodiment. 第2の実施形態に係る参照キー登録処理のシーケンス図である。It is a sequence diagram of the reference key registration process which concerns on 2nd Embodiment. 第3の実施形態に係るログ参照システムの全体構成を示す図である。It is a figure which shows the whole structure of the log reference system which concerns on 3rd Embodiment. 第3の実施形態に係るログデータベースのデータ構成図である。It is a data structure diagram of the log database which concerns on 3rd Embodiment. 第4の実施形態に係る守秘情報参照システムの全体構成を示す図である。It is a figure which shows the whole structure of the confidential information reference system which concerns on 4th Embodiment. 第4の実施形態に係る守秘情報参照装置の機能構成図である。It is a functional block diagram of the confidential information reference apparatus which concerns on 4th Embodiment. 第4の実施形態に係る参照キー登録処理のシーケンス図である。It is a sequence diagram of the reference key registration process which concerns on 4th Embodiment. 第4の実施形態に係る守秘情報取得処理のシーケンス図である。It is a sequence diagram of the confidential information acquisition process which concerns on 4th Embodiment.
≪第1の実施形態:守秘情報参照システムの概要≫
 以下に、本発明を実施するための形態(第1の実施形態)における守秘情報参照システムを説明する。守秘情報参照システムは、守秘情報へのアクセス権限を有しない非権限者(非権限利用者)の端末が要求した守秘情報の参照キーを生成して、返送する。参照キーとは、守秘情報そのものではなく、守秘情報を取得(閲覧)するためのリファレンス(参照情報)である。非権限者は、守秘情報へのアクセス権限を有する権限者(権限利用者)に参照キーを渡す。権限者の端末が、参照キーを含む閲覧要求を守秘情報参照システムに送信すると、参照キーに対応する守秘情報であって、非権限者が要求した守秘情報そのものにアクセスできる。なお、非権限者の端末が、参照キーを含む取得要求を守秘情報参照システムに送信しても、守秘情報にアクセスできない。 << First Embodiment: Outline of Confidential Information Reference System >>
The confidential information reference system in the embodiment (first embodiment) for carrying out the present invention will be described below. The confidential information reference system generates a reference key for confidential information requested by a terminal of a non-authorized person (non-authorized user) who does not have access authority to the confidential information, and returns it. The reference key is not the confidential information itself, but a reference (reference information) for acquiring (viewing) the confidential information. The non-authorized person passes the reference key to the authorized person (authorized user) who has the authority to access the confidential information. When the terminal of the authorized person sends a browsing request including the reference key to the confidential information reference system, the confidential information corresponding to the reference key and the confidential information itself requested by the non-authorized person can be accessed. Even if the terminal of the non-authorized person sends the acquisition request including the reference key to the confidential information reference system, the confidential information cannot be accessed.
≪守秘情報参照システムの全体構成≫
 図1は、第1の実施形態に係る守秘情報参照システム10の全体構成を示す図である。守秘情報参照システム10は、ネットワーク490で相互に通信可能な守秘情報参照装置100、守秘情報蓄積装置200、および収集守秘情報蓄積装置300を含んで構成される。利用者端末400は、権限者および非権限者が利用する端末であって、守秘情報参照装置100にアクセスして、参照キーの登録、守秘情報の取得、参照キーの削除を要求する。 ≪Overall configuration of confidential information reference system≫
FIG. 1 is a diagram showing an overall configuration of the confidential information reference system 10 according to the first embodiment. The confidential information reference system 10 includes a confidential information reference device 100, a confidential information storage device 200, and a collection confidential information storage device 300 that can communicate with each other on the network 490. The user terminal 400 is a terminal used by an authorized person and a non-authorized person, and accesses the confidential information reference device 100 to request registration of a reference key, acquisition of confidential information, and deletion of the reference key.
≪守秘情報蓄積装置の構成≫
 守秘情報蓄積装置200は、守秘情報を蓄積し、記憶している。守秘情報蓄積装置200は、制御部210と守秘情報データベース220を含んで構成される。守秘情報データベース220は、例えば表形式のデータであって、守秘情報を記憶する。守秘情報データベース220のレコード(行)は、1つの守秘情報を示し、識別情報221(図1ではID(identifier)と記載)、付帯属性222、およびデータ223の属性(列)を含んで構成される。 ≪Configuration of confidential information storage device≫
The confidential information storage device 200 stores and stores confidential information. The confidential information storage device 200 includes a control unit 210 and a confidential information database 220. The confidential information database 220 is, for example, tabular data and stores confidential information. The record (row) of the confidential information database 220 indicates one confidential information, and is configured to include identification information 221 (described as an ID (identifier) in FIG. 1), ancillary attribute 222, and an attribute (column) of data 223. To.
 識別情報221は、守秘情報の識別情報である。付帯属性222は、守秘情報に付与された情報、または関係する情報であって、守秘情報の検索条件となる情報である。データ223は、守秘情報そのものである。監視カメラの映像を例とすると、付帯属性222は、監視カメラの識別情報や撮影場所、撮影期間などである。データ223は、映像データである。
 制御部210は、コンピュータである守秘情報蓄積装置200をデータベースサーバとして機能させる。詳しくは、後記する守秘情報参照装置100から収集条件(検索条件)を含む守秘情報の取得要求を受信すると、収集条件に合致する付帯属性222を有する守秘情報データベース220のレコードを検索し、検索結果となるデータ223(守秘情報)を応答として返信する。 The identification information 221 is the identification information of the confidential information. The incidental attribute 222 is information given to the confidential information or related information, and is information that is a search condition for the confidential information. Data 223 is confidential information itself. Taking the image of the surveillance camera as an example, the incidental attribute 222 includes the identification information of the surveillance camera, the shooting location, the shooting period, and the like. The data 223 is video data.
The control unit 210 causes the confidential information storage device 200, which is a computer, to function as a database server. Specifically, when a request for acquisition of confidential information including a collection condition (search condition) is received from the confidential information reference device 100 described later, a record of the confidential information database 220 having an incidental attribute 222 that matches the collection condition is searched, and the search result is obtained. Data 223 (confidential information) is returned as a response.
≪収集守秘情報蓄積装置の構成≫
 収集守秘情報蓄積装置300は、守秘情報参照装置100が守秘情報蓄積装置200から取得して収集した守秘情報(収集守秘情報とも記す)を、参照キーと関連付けて蓄積し、記憶している。参照キーは、守秘情報参照装置100が収集守秘情報を収集守秘情報蓄積装置300に登録する際に生成した識別情報である。
 収集守秘情報蓄積装置300は、制御部310と収集守秘情報データベース320を含んで構成される。収集守秘情報データベース320は、例えば表形式のデータであって、収集守秘情報を記憶する。収集守秘情報データベース320のレコード(行)は、1つの収集守秘情報を示し、参照キー321、および収集データ322の属性(列)を含んで構成される。参照キー321は、収集守秘情報の識別情報となる参照キーである。収集データ322は、収集守秘情報のデータである。 ≪Configuration of confidential information storage device≫
The collection confidential information storage device 300 stores and stores confidential information (also referred to as collection confidential information) acquired from the confidential information storage device 200 by the confidential information reference device 100 in association with a reference key. The reference key is identification information generated when the confidential information reference device 100 registers the collected confidential information in the collected confidential information storage device 300.
The collection confidential information storage device 300 includes a control unit 310 and a collection confidential information database 320. The collection confidential information database 320 is, for example, tabular data and stores the collection confidential information. The record (row) of the collected confidential information database 320 indicates one collected confidential information, and is configured to include a reference key 321 and an attribute (column) of the collected data 322. The reference key 321 is a reference key that serves as identification information for the collected confidential information. The collected data 322 is data of collected confidential information.
 制御部310は、コンピュータである収集守秘情報蓄積装置300をデータベースサーバとして機能させる。詳しくは、守秘情報参照装置100から参照キーと収集守秘情報を含む登録要求を受信すると、制御部310は、収集守秘情報データベース320にレコードを追加して、参照キーと収集守秘情報とを、それぞれ追加したレコードの参照キー321と収集データ322に格納する。また、守秘情報参照装置100から参照キーを含む取得要求を受信すると、制御部310は、参照キー321が取得要求に含まれる参照キーに一致するレコードを検索して、検索結果の収集データ322を応答として返信する。さらに、守秘情報参照装置100から参照キーを含む削除要求を受信すると、制御部310は、参照キー321が削除要求に含まれる参照キーに一致するレコードを検索して、削除する。 The control unit 310 causes the collection confidential information storage device 300, which is a computer, to function as a database server. Specifically, when receiving a registration request including the reference key and the collected confidential information from the confidential information reference device 100, the control unit 310 adds a record to the collected confidential information database 320 to obtain the reference key and the collected confidential information, respectively. It is stored in the reference key 321 and the collected data 322 of the added record. Further, when the acquisition request including the reference key is received from the confidential information reference device 100, the control unit 310 searches for a record in which the reference key 321 matches the reference key included in the acquisition request, and collects data 322 of the search result. Reply as a response. Further, when the deletion request including the reference key is received from the confidential information reference device 100, the control unit 310 searches for a record in which the reference key 321 matches the reference key included in the deletion request and deletes the record.
≪守秘情報参照装置のハードウェア構成≫
 図2は、第1の実施形態に係る守秘情報参照装置100の機能を実現するコンピュータ100Zのハードウェア構成図である。コンピュータ100Zは、CPU101、RAM(Random Access Memory)102、ROM(Read Only Memory)103、SSD(Solid State Drive)104、NIC(Network Interface Card)105、入出力インタフェース106(図2では入出力I/F(interface)と記載)、およびメディアドライブ107を含んで構成される。 ≪Hardware configuration of confidential information reference device≫
FIG. 2 is a hardware configuration diagram of the computer 100Z that realizes the function of the confidential information reference device 100 according to the first embodiment. The computer 100Z includes a CPU 101, a RAM (Random Access Memory) 102, a ROM (Read Only Memory) 103, an SSD (Solid State Drive) 104, a NIC (Network Interface Card) 105, and an input / output interface 106 (input / output I / in FIG. 2). F (described as interface)) and a media drive 107 are included.
 NIC105は、ネットワーク490に接続される。入出力インタフェース106には、ディスプレイやキーボード、マウスなどのユーザインターフェイス装置198(図2ではUI(User Interface)装置と記載)が接続される。メディアドライブ107は、記録媒体199上のプログラムを読み取る。読み取られたプログラム(後記する図3のプログラム121参照)をCPU101が実行することで、コンピュータ100Zは、守秘情報参照装置100として機能し、守秘情報を検索して収集し、参照キーと関連付けて収集した守秘情報(収集守秘情報)を蓄積する参照キー登録処理(後記する図5参照)を実行する。また、プログラム121をCPU101が実行することで、コンピュータ100Zは、守秘情報参照装置100として機能し、参照キーを用いて収集守秘情報を取得する守秘情報取得処理(後記する図6参照)、および参照キーを削除する参照キー削除処理(後記する図7参照)を実行する。 NIC105 is connected to network 490. A user interface device 198 (described as a UI (User Interface) device in FIG. 2) such as a display, a keyboard, and a mouse is connected to the input / output interface 106. The media drive 107 reads the program on the recording medium 199. When the CPU 101 executes the read program (see the program 121 in FIG. 3 described later), the computer 100Z functions as the confidential information reference device 100, searches for and collects the confidential information, and collects it in association with the reference key. The reference key registration process (see FIG. 5 described later) for accumulating the collected confidential information (collected confidential information) is executed. Further, when the CPU 101 executes the program 121, the computer 100Z functions as the confidential information reference device 100, and the confidential information acquisition process (see FIG. 6 described later) for acquiring the collected confidential information by using the reference key, and the reference. The reference key deletion process for deleting the key (see FIG. 7 described later) is executed.
≪守秘情報参照装置の機能構成≫
 図3は、第1の実施形態に係る守秘情報参照装置100の機能構成図である。守秘情報参照装置100は、制御部110、記憶部120、および入出力部140を含んで構成される。入出力部140は、NIC105や入出力インタフェース106から構成され、守秘情報蓄積装置200や収集守秘情報蓄積装置300、利用者端末400との通信データの送受信を行う。
 記憶部120は、RAM102やROM103、SSD104から構成され、プログラム121や利用者情報データベース130(後記する図4参照)、参照キー登録処理などの処理に必要なデータを記憶する。 ≪Functional configuration of confidential information reference device≫
FIG. 3 is a functional configuration diagram of the confidential information reference device 100 according to the first embodiment. The confidential information reference device 100 includes a control unit 110, a storage unit 120, and an input / output unit 140. The input / output unit 140 is composed of the NIC 105 and the input / output interface 106, and transmits / receives communication data to / from the confidential information storage device 200, the collection confidential information storage device 300, and the user terminal 400.
The storage unit 120 is composed of a RAM 102, a ROM 103, and an SSD 104, and stores data necessary for processing such as a program 121, a user information database 130 (see FIG. 4 described later), and a reference key registration process.
 図4は、第1の実施形態に係る利用者情報データベース130のデータ構成図である。利用者情報データベース130は、守秘情報参照システム10の利用者に係る情報を記憶する例えば表形式のデータである。利用者情報データベース130のレコード(行)は、1人の利用者の情報を示し、識別情報131(図4ではIDと記載)、認証情報132、生成権133、取得権134、削除権135、および参照キー136の属性(列)を含んで構成される。 FIG. 4 is a data structure diagram of the user information database 130 according to the first embodiment. The user information database 130 is, for example, tabular data that stores information related to the user of the confidential information reference system 10. The record (row) of the user information database 130 indicates the information of one user, and the identification information 131 (described as ID in FIG. 4), the authentication information 132, the generation right 133, the acquisition right 134, the deletion right 135, And the attribute (column) of the reference key 136 is included.
 識別情報131は、利用者の識別情報である。認証情報132は、利用者を認証するときに参照される情報であって、例えば、パスワードや生体情報、公開鍵である。
 生成権133は、参照キーを生成する権限の有無を示す。取得権134は、参照キーを利用して収集守秘情報を取得(閲覧)する権限の有無を示す。削除権135は、参照キーを削除する権限の有無を示す。
 参照キー136は、利用者の端末から要求があり、生成済みの参照キーである。参照キー136が複数の参照キーを含む場合もある。 The identification information 131 is user identification information. The authentication information 132 is information referred to when authenticating a user, and is, for example, a password, biometric information, or a public key.
The generation right 133 indicates whether or not there is an authority to generate a reference key. The acquisition right 134 indicates whether or not there is an authority to acquire (view) the collected confidential information by using the reference key. The deletion right 135 indicates whether or not there is a right to delete the reference key.
The reference key 136 is a reference key that has been requested and generated from the user's terminal. The reference key 136 may include a plurality of reference keys.
 レコード138は、識別情報131が「4938」である利用者の情報を示す。この利用者は、参照キーの生成権と削除権とを有するが、守秘情報の取得権(閲覧権)がない非権限者である。この利用者は、「5AQ3R45M」という参照キーを登録済みである。
 レコード139は、識別情報131が「7364」である利用者の情報を示す。この利用者は、参照キーを用いた収集守秘情報の取得権を有する権限者であり、参照キーの削除権も有するが、参照キーの生成権はない。 Record 138 shows the information of the user whose identification information 131 is "4938". This user is a non-authorized person who has the right to generate and delete the reference key, but does not have the right to acquire (view) confidential information. This user has already registered a reference key called "5AQ3R45M".
Record 139 shows the information of the user whose identification information 131 is "7364". This user is an authorized person who has the right to acquire the collected confidential information using the reference key, and also has the right to delete the reference key, but does not have the right to generate the reference key.
 図3に戻って、制御部110を説明する。制御部110は、CPU101から構成され、メッセージ処理部111、守秘情報収集部112、参照キー生成部113、参照キー登録部114、守秘情報取得部115、および参照キー削除部116を含んで構成される。
 メッセージ処理部111は、利用者(権限者や非権限者)の端末から要求メッセージを受信したり、要求メッセージに応じて、守秘情報収集部112、守秘情報取得部115、および参照キー削除部116を呼び出したりする。
 守秘情報収集部112は、守秘情報蓄積装置200にアクセスして、守秘情報を収集する。 Returning to FIG. 3, the control unit 110 will be described. The control unit 110 is composed of a CPU 101, and includes a message processing unit 111, a confidential information collection unit 112, a reference key generation unit 113, a reference key registration unit 114, a confidential information acquisition unit 115, and a reference key deletion unit 116. To.
The message processing unit 111 receives a request message from the terminal of the user (authorized person or non-authorized person), and in response to the request message, the confidential information collection unit 112, the confidential information acquisition unit 115, and the reference key deletion unit 116. Or call.
The confidential information collecting unit 112 accesses the confidential information storage device 200 and collects confidential information.
 参照キー生成部113は、収集した守秘情報(収集守秘情報)に対応する参照キーを生成する。
 参照キー登録部114は、参照キーに関連付けて、収集守秘情報を収集守秘情報蓄積装置300に格納して、利用者の端末に参照キーを送信する。
 守秘情報取得部115は、利用者(権限者)の端末からの要求に応じて、参照キーに対応する収集守秘情報を収集守秘情報蓄積装置300から取得して、利用者の端末に収集守秘情報を送信する。
 参照キー削除部116は、収集守秘情報蓄積装置300が蓄積する参照キーのレコード、および利用者情報データベース130にある参照キーを削除する。
 以下に、参照キー登録処理、参照キーを利用した守秘情報取得処理、参照キー削除処理を説明する。 The reference key generation unit 113 generates a reference key corresponding to the collected confidential information (collected confidential information).
The reference key registration unit 114 stores the collected confidential information in the collected confidential information storage device 300 in association with the reference key, and transmits the reference key to the user's terminal.
The confidential information acquisition unit 115 acquires the collected confidential information corresponding to the reference key from the collected confidential information storage device 300 in response to the request from the terminal of the user (authorized person), and collects the confidential information on the user's terminal. To send.
The reference key deletion unit 116 deletes the record of the reference key stored in the collected confidential information storage device 300 and the reference key in the user information database 130.
The reference key registration process, the confidential information acquisition process using the reference key, and the reference key deletion process will be described below.
≪参照キー登録処理≫
 図5は、第1の実施形態に係る参照キー登録処理のシーケンス図である。図5を参照して、収集条件に合致する守秘情報の参照キーを取得する処理を説明する。
 ステップS101において利用者端末400Aは、守秘情報参照装置100に、利用者の識別情報(図5ではIDと記載)と認証情報とを含む認証要求を送信する。
 ステップS102において守秘情報参照装置100のメッセージ処理部111は、利用者認証を行う。詳しくは、メッセージ処理部111は、利用者情報データベース130から識別情報131と認証情報132とを取得して、利用者を認証する。 ≪Reference key registration process≫
FIG. 5 is a sequence diagram of the reference key registration process according to the first embodiment. A process of acquiring a reference key for confidential information that matches the collection conditions will be described with reference to FIG.
In step S101, the user terminal 400A transmits an authentication request including the user's identification information (described as ID in FIG. 5) and the authentication information to the confidential information reference device 100.
In step S102, the message processing unit 111 of the confidential information reference device 100 authenticates the user. Specifically, the message processing unit 111 acquires the identification information 131 and the authentication information 132 from the user information database 130 to authenticate the user.
 ステップS103においてメッセージ処理部111は、ステップS102の利用者認証の成否に応じて、認証成功(OK)または認証失敗(NG)を返信する。認証失敗ならば、メッセージ処理部111は、図5の処理を終える。以下では、認証に成功したとして、説明を続ける。
 ステップS104において利用者端末400Aは、参照キーの登録を要求する。詳しくは、利用者端末400Aは、収集する守秘情報の条件(収集条件)を含めて要求する。要求を受信したメッセージ処理部111は、要求を守秘情報収集部112に出力する。 In step S103, the message processing unit 111 returns an authentication success (OK) or an authentication failure (NG) depending on the success or failure of the user authentication in step S102. If the authentication fails, the message processing unit 111 ends the process of FIG. In the following, the explanation will be continued assuming that the authentication was successful.
In step S104, the user terminal 400A requests the registration of the reference key. Specifically, the user terminal 400A requests the confidential information to be collected including the conditions (collection conditions). Upon receiving the request, the message processing unit 111 outputs the request to the confidential information collecting unit 112.
 ステップS105において守秘情報収集部112は、生成権を確認する。詳しくは、守秘情報収集部112は、利用者情報データベース130にある、ステップS102で認証済みの利用者のレコードに含まれる生成権133を取得して、利用者が生成権を有するか否かを確認する。守秘情報収集部112は、利用者に生成権があれば(ステップS105→YES)ステップS107に進み、利用者に生成権がなければ(ステップS105→NO)ステップS106に進む。
 ステップS106において守秘情報収集部112は、要求拒否(NG)を利用者端末400Aに返信して、図5の処理を終える。 In step S105, the confidential information collecting unit 112 confirms the generation right. Specifically, the confidential information collecting unit 112 acquires the generation right 133 included in the record of the user authenticated in step S102 in the user information database 130, and determines whether or not the user has the generation right. Check. If the user has the generation right (step S105 → YES), the confidential information collecting unit 112 proceeds to step S107, and if the user does not have the generation right (step S105 → NO), proceeds to step S106.
In step S106, the confidential information collecting unit 112 returns a request refusal (NG) to the user terminal 400A, and ends the process of FIG.
 ステップS107において守秘情報収集部112は、守秘情報蓄積装置200に、収集条件を含めて守秘情報を要求する。
 ステップS108において守秘情報蓄積装置200は、収集条件に合致する守秘情報を検索して検索結果の収集守秘情報を守秘情報参照装置100に返信する。詳しくは、守秘情報蓄積装置200の制御部210は、守秘情報データベース220(図1参照)のレコードのなかで、付帯属性222が収集条件に合致するレコードを検索し、検索結果のレコードのデータ223(守秘情報)を返信する。検索結果のレコードは、1件とは限らず、0件または2件以上である場合もある。 In step S107, the confidential information collecting unit 112 requests the confidential information storage device 200 for confidential information including the collecting conditions.
In step S108, the confidential information storage device 200 searches for confidential information that matches the collection conditions, and returns the collected confidential information of the search results to the confidential information reference device 100. Specifically, the control unit 210 of the confidential information storage device 200 searches for a record in which the incidental attribute 222 matches the collection condition among the records of the confidential information database 220 (see FIG. 1), and the data 223 of the search result record. Reply (confidential information). The number of records of the search result is not limited to one, and may be 0 or 2 or more.
 ステップS109において守秘情報収集部112は、検索結果のレコードが0件ならば(ステップS109→YES)ステップS110に進み、1件以上ならば(ステップS109→NO)ステップS111に進む。
 ステップS110において守秘情報収集部112は、収集条件に合致する守秘情報(収集守秘情報)が存在しないこと(NG)を利用者端末400Aに返信して、図5の処理を終える。
 ステップS111において守秘情報参照装置100の参照キー生成部113は、参照キーとして乱数を生成する。 In step S109, the confidential information collecting unit 112 proceeds to step S110 if there are 0 records of the search result (step S109 → YES), and proceeds to step S111 if there is one or more records (step S109 → NO).
In step S110, the confidential information collecting unit 112 returns to the user terminal 400A that there is no confidential information (collected confidential information) that matches the collecting conditions (NG), and ends the process of FIG.
In step S111, the reference key generation unit 113 of the confidential information reference device 100 generates a random number as a reference key.
 ステップS112において守秘情報参照装置100の参照キー登録部114は、収集守秘情報蓄積装置300に、参照キーと収集守秘情報とを含めて登録を要求する。
 ステップS113において収集守秘情報蓄積装置300は、参照キーと収集守秘情報とを関連付けて蓄積して、応答する。詳しくは、収集守秘情報蓄積装置300の制御部310は、収集守秘情報データベース320(図1参照)にレコードを追加し、受信した参照キーと収集守秘情報とを、追加したレコードの参照キー321と収集データ322とに格納する。続いて、制御部310は、登録完を守秘情報参照装置100に返信する。
 ステップS114において参照キー登録部114は、参照キーを利用者端末400Aに返信する。 In step S112, the reference key registration unit 114 of the confidential information reference device 100 requests the collection confidential information storage device 300 to register the collection confidential information including the reference key and the collection confidential information.
In step S113, the collection confidential information storage device 300 associates and stores the reference key and the collection confidential information, and responds. Specifically, the control unit 310 of the collection confidential information storage device 300 adds a record to the collection confidential information database 320 (see FIG. 1), and the received reference key and the collection confidential information are combined with the reference key 321 of the added record. It is stored in the collected data 322. Subsequently, the control unit 310 returns the registration completion to the confidential information reference device 100.
In step S114, the reference key registration unit 114 returns the reference key to the user terminal 400A.
 以上で、参照キー登録処理が終了する。利用者に生成権があり(ステップS105参照)、参照する守秘情報が存在すれば(ステップS109参照)、当該守秘情報と参照キーとが収集守秘情報蓄積装置300に蓄積され(ステップS113参照)、利用者の端末は参照キーを取得する(ステップS114参照)。
 続いて、この参照キーを用いて収集守秘情報蓄積装置300に蓄積された収集守秘情報を取得する守秘情報取得処理を説明する。 This completes the reference key registration process. If the user has the generation right (see step S105) and the confidential information to be referred to exists (see step S109), the confidential information and the reference key are stored in the collection confidential information storage device 300 (see step S113). The user's terminal acquires the reference key (see step S114).
Subsequently, a confidential information acquisition process for acquiring the collected confidential information stored in the collected confidential information storage device 300 using this reference key will be described.
≪守秘情報取得処理≫
 図6は、第1の実施形態に係る守秘情報取得処理のシーケンス図である。図6において、利用者端末400Bは、図5の利用者(非権限者、参照キーを登録した利用者)から参照キーを入手した利用者の端末であるとする。例えば、守秘情報は監視カメラが撮影した映像であり、図5の利用者はストーカーの被害者であって、図6の利用者は警察官である。警察官はストーカーの捜査を依頼されたときに、被害者から参照キーを入手する。 ≪Confidential information acquisition process≫
FIG. 6 is a sequence diagram of confidential information acquisition processing according to the first embodiment. In FIG. 6, the user terminal 400B is assumed to be a terminal of a user who has obtained a reference key from a user (non-authorized person, a user who has registered a reference key) in FIG. For example, the confidential information is an image taken by a surveillance camera, the user in FIG. 5 is a victim of a stalker, and the user in FIG. 6 is a police officer. Police officers obtain a reference key from the victim when asked to investigate the stalker.
 ステップS121~S123は、図5のステップS101~S103とそれぞれ同様である。
 ステップS124において利用者端末400Bは、守秘情報の取得を要求する。詳しくは、利用者端末400Bは、参照キー登録者の識別情報(図6では参照キー登録者IDと記載)と参照キーとを含めて要求する。要求を受信したメッセージ処理部111は、要求を守秘情報取得部115に出力する。
 ステップS125~S126は、守秘情報収集部112が守秘情報取得部115に替わり、生成権が取得権に替わったことを除いて、図6のステップS105~S106と同様である。 Steps S121 to S123 are the same as steps S101 to S103 of FIG. 5, respectively.
In step S124, the user terminal 400B requests the acquisition of confidential information. Specifically, the user terminal 400B requests the reference key registrant's identification information (described as the reference key registrant ID in FIG. 6) and the reference key. The message processing unit 111 that has received the request outputs the request to the confidential information acquisition unit 115.
Steps S125 to S126 are the same as steps S105 to S106 of FIG. 6 except that the confidential information collecting unit 112 is replaced by the confidential information acquisition unit 115 and the generation right is replaced by the acquisition right.
 ステップS127において守秘情報取得部115は、ステップS124で受信した参照キーと参照キー登録者の識別情報(図6ではIDと記載)とが対応するか否かを確認する。詳しくは、守秘情報取得部115は、利用者情報データベース130(図3参照)にあるレコードで、識別情報131が参照キー登録者の識別情報に一致するレコードの参照キー136に、ステップS124で受信した参照キーが含まれるか否かを確認する。守秘情報取得部115は、含まれれば(ステップS127→YES)ステップS129に進み、含まれなければ(ステップS127→NO)ステップS128に進む。
 ステップS128において守秘情報取得部115は、参照キーと参照キー登録者が対応しないこと(NG)を利用者端末400Bに返信して、図6の処理を終える。 In step S127, the confidential information acquisition unit 115 confirms whether or not the reference key received in step S124 and the identification information of the reference key registrant (described as ID in FIG. 6) correspond to each other. Specifically, the confidential information acquisition unit 115 receives in step S124 the reference key 136 of the record whose identification information 131 matches the identification information of the reference key registrant in the record in the user information database 130 (see FIG. 3). Check if the referenced key is included. If the confidential information acquisition unit 115 is included (step S127 → YES), the process proceeds to step S129, and if it is not included (step S127 → NO), the process proceeds to step S128.
In step S128, the confidential information acquisition unit 115 returns to the user terminal 400B that the reference key and the reference key registrant do not correspond (NG), and ends the process of FIG.
 ステップS129において守秘情報取得部115は、収集守秘情報蓄積装置300に、参照キーを含めて収集守秘情報の取得を要求する。
 ステップS130において収集守秘情報蓄積装置300は、参照キーに対応する収集守秘情報を返信する。詳しくは、収集守秘情報蓄積装置300の制御部310は、収集守秘情報データベース320(図1参照)にあるレコードで、参照キー321が受信した参照キーに一致するレコードの収集データ322(収集守秘情報)を守秘情報参照装置100に返信する。
 ステップS131において守秘情報取得部115は、収集守秘情報を利用者端末400Bに返信する。 In step S129, the confidential information acquisition unit 115 requests the collection confidential information storage device 300 to acquire the collection confidential information including the reference key.
In step S130, the collection confidential information storage device 300 returns the collection confidential information corresponding to the reference key. Specifically, the control unit 310 of the collection confidential information storage device 300 is a record in the collection confidential information database 320 (see FIG. 1), and the collection data 322 (collection confidential information) of the record corresponding to the reference key received by the reference key 321. ) Is returned to the confidential information reference device 100.
In step S131, the confidential information acquisition unit 115 returns the collected confidential information to the user terminal 400B.
 以上で、守秘情報取得処理が終了する。利用者に取得権があり(ステップS125参照)、参照キーと参照キー登録者が対応すれば(ステップS127参照)、利用者(権限者)の端末は、参照キーに対応する収集守秘情報を取得する(ステップS131参照)。
 続いて、この参照キーを削除する処理を説明する。 This completes the confidential information acquisition process. If the user has the acquisition right (see step S125) and the reference key and the reference key registrant correspond (see step S127), the terminal of the user (authorized person) acquires the collected confidential information corresponding to the reference key. (See step S131).
Next, the process of deleting this reference key will be described.
≪参照キー削除処理≫
 図7は、第1の実施形態に係る参照キー削除処理のシーケンス図である。
 ステップS141~S143は、図5のステップS101~S103とそれぞれ同様である。 ≪Reference key deletion process≫
FIG. 7 is a sequence diagram of the reference key deletion process according to the first embodiment.
Steps S141 to S143 are the same as steps S101 to S103 of FIG. 5, respectively.
 ステップS144において利用者端末400は、参照キーの削除を要求する。詳しくは、利用者端末400は、参照キー登録者の識別情報(図7では参照キー登録者IDと記載)と参照キーとを含めて要求する。要求を受信したメッセージ処理部111は、要求を参照キー削除部116に出力する。
 ステップS145~S146は、守秘情報収集部112が参照キー削除部116に替わり、生成権が削除権に替わったことを除いて、図5のステップS105~S106と同様である。 In step S144, the user terminal 400 requests the deletion of the reference key. Specifically, the user terminal 400 requests the reference key registrant's identification information (described as the reference key registrant ID in FIG. 7) and the reference key. The message processing unit 111 that has received the request outputs the request to the reference key deletion unit 116.
Steps S145 to S146 are the same as steps S105 to S106 of FIG. 5, except that the confidential information collection unit 112 is replaced by the reference key deletion unit 116 and the generation right is replaced by the deletion right.
 ステップS147~S148は、守秘情報収集部112が参照キー削除部116に替わったことを除いて、図6のステップS127~S128と同様である。
 ステップS149において参照キー削除部116は、利用者情報データベース130の参照キーを削除する。詳しくは、参照キー削除部116は、利用者情報データベース130にある(図3参照)にあるレコードで、識別情報131が参照キー登録者の識別情報に一致するレコードの参照キー136に含まれる参照キーであって、ステップS144で受信した参照キーに一致する参照キーを削除する。 Steps S147 to S148 are the same as steps S127 to S128 of FIG. 6, except that the confidential information collecting unit 112 has been replaced by the reference key deleting unit 116.
In step S149, the reference key deletion unit 116 deletes the reference key of the user information database 130. Specifically, the reference key deletion unit 116 is a record in the user information database 130 (see FIG. 3), and the reference information 131 is included in the reference key 136 of the record whose identification information matches the identification information of the reference key registrant. The reference key that matches the reference key received in step S144 is deleted.
 ステップS150において参照キー削除部116は、収集守秘情報蓄積装置300に、参照キーを含めて収集守秘情報の削除を要求する。
 ステップS151において収集守秘情報蓄積装置300は、参照キーに対応する収集守秘情報を削除する。詳しくは、収集守秘情報蓄積装置300の制御部310は、収集守秘情報データベース320(図1参照)にあるレコードで、参照キー321が受信した参照キーに一致するレコードを削除する。続いて、制御部310は、削除完を守秘情報参照装置100に返信する。
 ステップS152において参照キー削除部116は、削除完を利用者端末400に返信する。 In step S150, the reference key deletion unit 116 requests the collection confidential information storage device 300 to delete the collection confidential information including the reference key.
In step S151, the collection confidential information storage device 300 deletes the collection confidential information corresponding to the reference key. Specifically, the control unit 310 of the collection confidential information storage device 300 deletes a record in the collection confidential information database 320 (see FIG. 1) that matches the reference key received by the reference key 321. Subsequently, the control unit 310 returns the deletion completion to the confidential information reference device 100.
In step S152, the reference key deletion unit 116 returns the deletion completion to the user terminal 400.
 以上で、参照キー削除処理が終了する。利用者に削除権があり(ステップS145参照)、参照キーと参照キー登録者が対応すれば(ステップS147参照)、守秘情報参照装置100は、参照キーと、これに対応する収集守秘情報を削除する(ステップS149,S151参照)。 This completes the reference key deletion process. If the user has the right to delete (see step S145) and the reference key and the reference key registrant correspond (see step S147), the confidential information reference device 100 deletes the reference key and the corresponding collected confidential information. (See steps S149 and S151).
≪守秘情報参照システムの特徴≫
 守秘情報にアクセスできない非権限者の端末であっても、条件を指定して守秘情報を収集して、収集された守秘情報に対応する参照キーを取得することができる。守秘情報にアクセス可能な権限者であって、非権限者(参照キー登録者)から参照キーを入手した権限者の端末は、この参照キーを利用することで、収集された守秘情報を取得することができる。権限者の端末であっても、参照キーがなければ、収集された守秘情報を取得することはできない。また、非権限者にとって、参照キーを渡すことによって、自身がアクセスできない守秘情報を権限者に間接的に提示する(権限者の端末が守秘情報を取得する)ことができる。 ≪Features of confidential information reference system≫
Even a non-authorized person's terminal that cannot access the confidential information can collect the confidential information by specifying conditions and obtain a reference key corresponding to the collected confidential information. The terminal of the authorized person who can access the confidential information and who obtained the reference key from the non-authorized person (reference key registrant) acquires the collected confidential information by using this reference key. be able to. Even the terminal of the authorized person cannot acquire the collected confidential information without the reference key. In addition, the non-authorized person can indirectly present the confidential information that he / she cannot access to the authorized person (the terminal of the authorized person acquires the confidential information) by passing the reference key.
≪第1の実施形態の変形例:参照キー登録者≫
 守秘情報取得要求や参照キー削除要求には、参照キー登録者の識別情報が含まれている(図6のステップS124および図7のステップS144参照)。参照キー登録者の識別情報をなくして、参照キーのみを送信するようにしてもよい。この場合、ステップS127において守秘情報取得部115は、参照キーが利用者情報データベース130にある何れかのレコードの参照キー136(図4参照)に含まれるか否かを確認する。ステップS147についても同様である。 << Modification example of the first embodiment: Reference key registrant >>
The confidential information acquisition request and the reference key deletion request include identification information of the reference key registrant (see step S124 of FIG. 6 and step S144 of FIG. 7). The identification information of the reference key registrant may be eliminated and only the reference key may be transmitted. In this case, in step S127, the confidential information acquisition unit 115 confirms whether or not the reference key is included in the reference key 136 (see FIG. 4) of any record in the user information database 130. The same applies to step S147.
≪第2の実施形態:映像参照システムの全体構成≫
 続いて、第2の実施形態として、第1の実施形態において守秘情報として監視カメラの映像を扱う映像参照システムについて、第1の実施形態との相違点を中心に説明する。非権限者である利用者は、例えば、ストーカー犯罪の被害者であり、警察に被害を訴えるために、利用者がストーカーに尾行されている映像を収集する。
 図8は、第2の実施形態に係る映像参照システム10Aの全体構成を示す図である。映像参照システム10Aは、ネットワーク490で相互に通信可能な映像参照装置100A、映像蓄積装置200A、および収集映像蓄積装置300Aを含んで構成される。 << Second Embodiment: Overall configuration of video reference system >>
Subsequently, as the second embodiment, the video reference system that handles the video of the surveillance camera as confidential information in the first embodiment will be described focusing on the differences from the first embodiment. A non-authorized user is, for example, a victim of a stalking crime and collects footage of the user being followed by a stalker in order to file a complaint with the police.
FIG. 8 is a diagram showing the overall configuration of the video reference system 10A according to the second embodiment. The video reference system 10A includes a video reference device 100A, a video storage device 200A, and a collected video storage device 300A that can communicate with each other on the network 490.
 利用者端末400は、位置情報が取得可能な携帯端末(例えばスマートフォン)である。利用者は、ストーカーによる尾行が始まると、利用者端末400に参照キーの登録要求を指示する。尾行が終わると、利用者は、登録終了を指示する。登録要求から登録終了までの間、利用者端末400は、位置(例えば緯度と経度)と時刻を、映像参照装置100Aに、所定の周期で送信する。 The user terminal 400 is a mobile terminal (for example, a smartphone) that can acquire location information. When the trailing by the stalker starts, the user instructs the user terminal 400 to request the registration of the reference key. When the trail is over, the user instructs the end of registration. From the registration request to the end of registration, the user terminal 400 transmits the position (for example, latitude and longitude) and time to the video reference device 100A at a predetermined cycle.
≪映像蓄積装置の構成≫
 映像蓄積装置200Aは、監視カメラ500が撮影した映像を映像データベース220Aに蓄積し、記憶している。映像データベース220Aのレコードは、1つの映像を示し、識別情報221(図8ではIDと記載)、撮影場所222A1、撮影期間222A2、および映像223Aの属性を含んで構成される。 ≪Configuration of video storage device≫
The video storage device 200A stores and stores the video captured by the surveillance camera 500 in the video database 220A. The record of the video database 220A shows one video, and is configured to include the attributes of the identification information 221 (denoted as ID in FIG. 8), the shooting location 222A1, the shooting period 222A2, and the video 223A.
 撮影場所222A1と撮影期間222A2とは、映像の付帯属性であって、監視カメラの設置位置(例えば緯度と経度)と撮影期間とを示す。撮影場所222A1は、映像に映っている監視カメラが監視している領域(例えば領域の中心点の緯度と経度)であってもよい。
 映像223Aは、映像データそのものである。 The shooting location 222A1 and the shooting period 222A2 are incidental attributes of the image, and indicate the installation position (for example, latitude and longitude) of the surveillance camera and the shooting period. The shooting location 222A1 may be an area monitored by a surveillance camera shown in an image (for example, the latitude and longitude of the center point of the area).
The video 223A is the video data itself.
 制御部210Aは、監視カメラ500から映像を収集して所定の時間長で映像を区切り、識別情報221と撮影場所222A1と撮影期間222A2とを付与して、映像データベース220Aに格納する。また、制御部210Aは、映像参照装置100Aから位置情報と時刻とを含む映像要求を受信すると、撮影場所222A1と位置情報の位置との距離が所定値以下で、撮影期間222A2が時刻を含む映像データベース220Aのレコードを検索し、検索結果となる映像223Aを応答として返信する。 The control unit 210A collects images from the surveillance camera 500, divides the images by a predetermined time length, assigns identification information 221 and a shooting location 222A1 and a shooting period 222A2, and stores the images in the video database 220A. Further, when the control unit 210A receives a video request including the position information and the time from the video reference device 100A, the distance between the shooting location 222A1 and the position of the position information is equal to or less than a predetermined value, and the shooting period 222A2 includes the time. The record in the database 220A is searched, and the video 223A as the search result is returned as a response.
≪収集映像蓄積装置の構成≫
 収集映像蓄積装置300Aは、映像参照装置100Aが映像蓄積装置200Aから取得して収集した収集映像を、参照キーと関連付けて蓄積し、記憶している。収集映像データベース320Aのレコードは、1つの映像を示し、参照キー321、および収集映像322Aの属性を含んで構成される。
 登録、取得、削除に係る制御部310Aの動作は、収集データ322(図1参照)が収集映像322Aに替わったことを除いて、第1の実施形態の制御部310と同様である。 ≪Configuration of collected video storage device≫
The collected video storage device 300A stores and stores the collected video acquired by the video reference device 100A from the video storage device 200A in association with the reference key. The record of the collected video database 320A shows one video and is configured to include the reference key 321 and the attributes of the collected video 322A.
The operation of the control unit 310A related to registration, acquisition, and deletion is the same as that of the control unit 310 of the first embodiment, except that the collected data 322 (see FIG. 1) is replaced with the collected video 322A.
≪守秘情報参照装置の機能構成≫
 図9は、第2の実施形態に係る映像参照装置100Aの機能構成図である。第1の実施形態の守秘情報参照装置100と比較して、映像収集部112A、および参照キー登録部114Aの処理が異なる。映像取得部115Aは、守秘情報が映像に替わったことを除いて、守秘情報取得部115と同様である。
 以下に、参照キー登録処理を説明して、映像収集部112A、および参照キー登録部114Aの動作を説明する。参照キーを利用した映像取得処理、参照キー削除処理は、第1の実施形態と同様である。 ≪Functional configuration of confidential information reference device≫
FIG. 9 is a functional configuration diagram of the video reference device 100A according to the second embodiment. Compared with the confidential information reference device 100 of the first embodiment, the processing of the image collecting unit 112A and the reference key registration unit 114A is different. The video acquisition unit 115A is the same as the confidential information acquisition unit 115, except that the confidential information is replaced with a video.
The reference key registration process will be described below, and the operations of the video collection unit 112A and the reference key registration unit 114A will be described. The video acquisition process and the reference key deletion process using the reference key are the same as those in the first embodiment.
≪参照キー登録処理≫
 図10は、第2の実施形態に係る参照キー登録処理のシーケンス図である。
 ステップS201~S203は、第1の実施形態のステップS101~S103(図5参照)と同様である。 ≪Reference key registration process≫
FIG. 10 is a sequence diagram of the reference key registration process according to the second embodiment.
Steps S201 to S203 are the same as steps S101 to S103 (see FIG. 5) of the first embodiment.
 ステップS204において利用者端末400Aは、参照キーの登録を要求する。要求を受信したメッセージ処理部111は、要求を映像収集部112Aに出力する。
 ステップS205は、ステップS105と同様である。
 ステップS206において映像収集部112Aは、要求拒否(NG)を利用者端末400Aに返信して、図10の処理を終える。
 ステップS207において映像収集部112Aは、要求受理(OK)を利用者端末400Aに返信する。 In step S204, the user terminal 400A requests the registration of the reference key. Upon receiving the request, the message processing unit 111 outputs the request to the video collecting unit 112A.
Step S205 is the same as step S105.
In step S206, the image collecting unit 112A returns a request rejection (NG) to the user terminal 400A, and ends the process of FIG.
In step S207, the image collecting unit 112A returns the request acceptance (OK) to the user terminal 400A.
 ステップS208において利用者端末400Aは、位置と時刻とを、所定の周期で繰り返し送信する。映像収集部112Aは、受信した位置と時刻とを記憶する。
 ステップS209において利用者端末400Aは、参照キーの登録終了を送信する。
 ステップS210において映像収集部112Aは、映像蓄積装置200Aに、ステップS208で受信した位置と時刻とを含めて映像を要求する。
 ステップS211において映像蓄積装置200Aは、位置と時刻に合致する映像を検索して検索結果の映像を映像参照装置100Aに返信する。詳しくは、映像蓄積装置200Aの制御部210Aは、撮影場所222A1と位置の距離が所定値以下で、撮影期間222A2が時刻を含む映像データベース220Aのレコードを検索し、検索結果となる映像223Aを応答として返信する。 In step S208, the user terminal 400A repeatedly transmits the position and the time at a predetermined cycle. The image collecting unit 112A stores the received position and time.
In step S209, the user terminal 400A transmits the completion of registration of the reference key.
In step S210, the video collecting unit 112A requests the video storage device 200A to include the position and time received in step S208.
In step S211 the video storage device 200A searches for a video that matches the position and time, and returns the search result video to the video reference device 100A. Specifically, the control unit 210A of the video storage device 200A searches for a record in the video database 220A in which the distance between the shooting location 222A1 and the position is equal to or less than a predetermined value and the shooting period 222A2 includes the time, and responds with the video 223A as the search result. Reply as.
 ステップS212~S214は、第1の実施形態のステップS109~S111(図5参照)と同様である。 Steps S212 to S214 are the same as steps S109 to S111 (see FIG. 5) of the first embodiment.
 ステップS215において参照キー登録部114Aは、映像を加工する。詳しくは、参照キー登録部114Aは、ステップS211で取得した映像を撮影時刻順につないだり、位置や時刻の情報を加えたりして、収集映像を生成する。または、参照キー登録部114Aは、映像に動体が映っていない(通行人が映っていない)部分を含めないようにして収集映像を生成してもよい。
 ステップS216~S218は、第1の実施形態のステップS112~S114(図5参照)と同様である。
≪参照キー登録処理の特徴≫
 利用者端末400Aは、利用者が尾行されている間、位置と時刻を繰り返し送信する。映像参照装置100Aは、この位置と時刻に対応した映像を映像蓄積装置200Aから収集し、加工して、参照キーと関連付けて収集映像蓄積装置300Aに格納する。加工するときには、映像を撮影時刻順につないだり、位置や時刻の情報を加えたりしている。このため、映像の視聴者(警察)にとって、映像の流れや場所が理解しやすくなっており、映像としての価値が高くなっている。 In step S215, the reference key registration unit 114A processes the image. Specifically, the reference key registration unit 114A generates the collected video by connecting the videos acquired in step S211 in the order of shooting time and adding position and time information. Alternatively, the reference key registration unit 114A may generate the collected video so as not to include a portion in which the moving object is not shown (passerby is not shown) in the video.
Steps S216 to S218 are the same as steps S112 to S114 (see FIG. 5) of the first embodiment.
≪Characteristics of reference key registration process≫
The user terminal 400A repeatedly transmits the position and time while the user is being followed. The video reference device 100A collects the video corresponding to this position and time from the video storage device 200A, processes it, associates it with the reference key, and stores it in the collected video storage device 300A. When processing, the images are connected in the order of shooting time, and position and time information is added. For this reason, the viewer (police) of the video can easily understand the flow and location of the video, and the value as the video is high.
≪第2の実施形態の変形例≫
 第2の実施形態における収集条件は、利用者端末の位置と時刻であって、映像参照装置100Aは、この位置と時刻に対応する撮影場所と撮影期間の映像を収集している。利用者端末の位置と時刻に替わり、利用者が指定して、利用者端末400が送信した通行経路や時間を収集条件にしてもよい。さらに、利用者の服装(上下の服の色や種別)や携帯物(バッグや帽子、メガネなど)を収集条件にして、映像参照装置100Aは、人物(物体)認識技術を用いて映像から収集条件に合致する通行人が映っている映像を収集するようにしてもよい。 << Modified example of the second embodiment >>
The collection condition in the second embodiment is the position and time of the user terminal, and the video reference device 100A collects the video of the shooting location and shooting period corresponding to this position and time. Instead of the position and time of the user terminal, the traffic route and time transmitted by the user terminal 400 may be specified by the user as a collection condition. Further, the image reference device 100A collects from the image using the person (object) recognition technology, subject to the user's clothes (color and type of upper and lower clothes) and portable items (bag, hat, glasses, etc.). You may want to collect footage of passers-by who meet the conditions.
 この人物(物体)認識技術による映像の収集は、映像蓄積装置200Aが行ってもよい。または、通行経路や時間を収集条件にして映像蓄積装置200Aから映像を取得した後に、ステップS215(図10参照)において、映像参照装置100Aが、人物(物体)認識技術によって取得した映像を絞り込んで、収集映像として加工してもよい。 The image storage device 200A may collect images by this person (object) recognition technology. Alternatively, after acquiring the video from the video storage device 200A with the passage route and time as the collection conditions, in step S215 (see FIG. 10), the video reference device 100A narrows down the video acquired by the person (object) recognition technology. , May be processed as a collected image.
≪第3の実施形態:ログ参照システムの全体構成≫
 次に、第3の実施形態として、第1の実施形態において守秘情報としてログを扱うログ参照システムについて、第1の実施形態との相違点を中心に説明する。非権限者である利用者は、例えば、通信事業者のオペレータであり、警察からの通信記録照会に対応するために、照会にあった利用者(加入者)のログを収集する。 << Third Embodiment: Overall configuration of log reference system >>
Next, as the third embodiment, the log reference system that handles the log as confidential information in the first embodiment will be described focusing on the differences from the first embodiment. A user who is an unauthorized person is, for example, an operator of a telecommunications carrier, and collects logs of users (subscribers) who have made inquiries in order to respond to a communication record inquiry from the police.
 図11は、第3の実施形態に係るログ参照システム10Bの全体構成を示す図である。ログ参照システム10Bは、ネットワーク490で相互に通信可能なログ参照装置100B、ログ蓄積装置200B、および収集ログ蓄積装置300Bを含んで構成される。
 ログ蓄積装置200Bは、通信事業者が扱っている通信のログをログデータベース230(後記する図12参照)に蓄積し、記憶している。 FIG. 11 is a diagram showing an overall configuration of the log reference system 10B according to the third embodiment. The log reference system 10B includes a log reference device 100B, a log storage device 200B, and a collection log storage device 300B that can communicate with each other on the network 490.
The log storage device 200B stores and stores the communication log handled by the telecommunications carrier in the log database 230 (see FIG. 12 described later).
 図12は、第3の実施形態に係るログデータベース230のデータ構成図である。ログデータベース230は、例えば表形式のデータであって、1つのレコードは、1件の通信ログを示し、識別情報231(図12ではIDと記載)、時刻232、アクセス元233、アクセス先234、および付帯情報235の属性を含んで構成される。
 識別情報231は、通信の識別情報である。時刻232は、通信の発生時刻(開始時刻)である。アクセス元233、およびアクセス先234は、通信元、および通信先である。付帯情報235は、例えば通信時間である。 FIG. 12 is a data structure diagram of the log database 230 according to the third embodiment. The log database 230 is, for example, tabular data, one record indicates one communication log, identification information 231 (denoted as ID in FIG. 12), time 232, access source 233, access destination 234, And the attributes of the incidental information 235 are included.
The identification information 231 is communication identification information. Time 232 is the communication occurrence time (start time). The access source 233 and the access destination 234 are a communication source and a communication destination. The incidental information 235 is, for example, communication time.
 レコード239は、識別情報が「847347」であって、通信開始時刻が2019年3月3日20時38分45秒であり、通信元のアドレスが「3-1111-1111」、通信先のアドレスが「44-222-2222」であって、通信時間が14分39秒の通信を示す。
 収集ログ蓄積装置300Bは、収集データ322(収集守秘情報)(図1参照)が収集ログ322Bに替わったことを除いて、収集守秘情報蓄積装置300と同様である。収集ログ322Bに含まれる1件の通信ログは、ログデータベース230の1レコードに相当する。 In record 239, the identification information is "847347", the communication start time is 20:38:45 on March 3, 2019, the communication source address is "3-1111-1111", and the communication destination address. Is "44-222-2222", indicating communication with a communication time of 14 minutes and 39 seconds.
The collection log storage device 300B is the same as the collection confidential information storage device 300, except that the collection data 322 (collection confidential information) (see FIG. 1) is replaced with the collection log 322B. One communication log included in the collection log 322B corresponds to one record in the log database 230.
 ログ取得処理、参照キー削除処理は、第1の実施形態の守秘情報取得処理、参照キー削除処理と同様である。参照キー登録処理は、収集条件を除いて、第1の実施形態と同様である。第3の実施形態における収集条件は、時刻232、アクセス元233、およびアクセス先234に関する条件である。例えば、捜査対象となっている加入者が通信元または通信先となっている過去3か月という条件である。守秘情報収集部112は、収集条件の通信期間に時刻232が含まれ、収集条件の通信元や通信先が、アクセス元233やアクセス先234に合致する通信ログを収集する。なお、収集条件が通信元および通信先の何れか一方のみである場合には、他方は任意と見なし、収集条件に含まれる通信元または通信先が合致する通信ログを収集する。 The log acquisition process and the reference key deletion process are the same as the confidential information acquisition process and the reference key deletion process of the first embodiment. The reference key registration process is the same as that of the first embodiment except for the collection conditions. The collection conditions in the third embodiment are the conditions relating to the time 232, the access source 233, and the access destination 234. For example, the condition is that the subscriber being investigated is the communication source or communication destination for the past three months. The confidential information collecting unit 112 collects a communication log in which the time 232 is included in the communication period of the collection condition and the communication source or communication destination of the collection condition matches the access source 233 or the access destination 234. If the collection condition is only one of the communication source and the communication destination, the other is considered to be arbitrary, and the communication log that matches the communication source or the communication destination included in the collection condition is collected.
≪第4の実施形態:守秘情報参照システムの概要≫
 第1の実施形態では、参照キー登録処理で守秘情報を収集している(図5のステップS107~S108参照)。これに対して、第4の実施形態では、参照キー登録処理ではなく、守秘情報取得処理において守秘情報を収集する。こうすることで、権限者の端末は、参照キーを用いて、最新の守秘情報にアクセスできるようになる。 << Fourth Embodiment: Outline of Confidential Information Reference System >>
In the first embodiment, confidential information is collected by the reference key registration process (see steps S107 to S108 in FIG. 5). On the other hand, in the fourth embodiment, the confidential information is collected not in the reference key registration process but in the confidential information acquisition process. By doing so, the terminal of the authorized person can access the latest confidential information by using the reference key.
 図13は、第4の実施形態に係る守秘情報参照システム10Cの全体構成を示す図である。守秘情報参照システム10Cは、守秘情報参照装置100C、守秘情報蓄積装置200、および収集条件蓄積装置300Cを含んで構成される。以下では、第1の実施形態との違いを中心に説明する。 FIG. 13 is a diagram showing the overall configuration of the confidential information reference system 10C according to the fourth embodiment. The confidential information reference system 10C includes a confidential information reference device 100C, a confidential information storage device 200, and a collection condition storage device 300C. Hereinafter, the differences from the first embodiment will be mainly described.
≪収集条件蓄積装置の構成≫
 収集条件蓄積装置300Cは、参照キー登録時の収集条件を、参照キーと関連付けて蓄積し、記憶している。収集条件蓄積装置300Cの収集条件データベース320Cは、第1の実施形態における収集データ322(収集守秘情報、図1参照)が収集条件322Cに置き換わった構成をしている。 ≪Configuration of collection condition storage device≫
The collection condition storage device 300C stores and stores the collection conditions at the time of registering the reference key in association with the reference key. The collection condition database 320C of the collection condition storage device 300C has a configuration in which the collection data 322 (collection confidential information, see FIG. 1) in the first embodiment is replaced with the collection condition 322C.
≪守秘情報参照装置の機能構成≫
 図14は、第4の実施形態に係る守秘情報参照装置100Cの機能構成図である。第1の実施形態の守秘情報参照装置100(図3参照)との相違点は、守秘情報収集部112がなくなり、参照キー生成部113C、参照キー登録部114Cおよび守秘情報取得部115Cの動作が第1の実施形態と異なることである。 ≪Functional configuration of confidential information reference device≫
FIG. 14 is a functional configuration diagram of the confidential information reference device 100C according to the fourth embodiment. The difference from the confidential information reference device 100 (see FIG. 3) of the first embodiment is that the confidential information collection unit 112 is eliminated, and the reference key generation unit 113C, the reference key registration unit 114C, and the confidential information acquisition unit 115C operate. This is different from the first embodiment.
 参照キー生成部113Cは、参照キーの生成に加え、利用者の生成権を確認する。
 参照キー登録部114Cは、参照キーに関連付けて、収集条件を収集条件蓄積装置300Cに格納して、利用者(非権限者)の端末に参照キーを送信する。
 守秘情報取得部115Cは、利用者(権限者)の端末からの要求に応じて、参照キーに対応する収集条件を収集条件蓄積装置300Cから取得して、当該収集条件に合致する守秘情報を守秘情報蓄積装置200から取得して、利用者の端末に送信する。
 以下に、参照キー登録処理と参照キーを利用した守秘情報取得処理とを説明する。 The reference key generation unit 113C confirms the user's generation right in addition to generating the reference key.
The reference key registration unit 114C stores the collection condition in the collection condition storage device 300C in association with the reference key, and transmits the reference key to the terminal of the user (non-authorized person).
The confidential information acquisition unit 115C acquires the collection condition corresponding to the reference key from the collection condition storage device 300C in response to the request from the terminal of the user (authorized person), and keeps the confidential information matching the collection condition confidential. It is acquired from the information storage device 200 and transmitted to the user's terminal.
The reference key registration process and the confidential information acquisition process using the reference key will be described below.
≪参照キー登録処理≫
 図15は、第4の実施形態に係る参照キー登録処理のシーケンス図である。
 ステップS401~S406は、第1の実施形態のステップS101~S106と同様である(図5参照)。ただし、ステップS405~S406は、守秘情報収集部112に替えて、参照キー生成部113Cが実行する。
 ステップS407は、第1の実施形態のステップS111と同様である。 ≪Reference key registration process≫
FIG. 15 is a sequence diagram of the reference key registration process according to the fourth embodiment.
Steps S401 to S406 are the same as steps S101 to S106 of the first embodiment (see FIG. 5). However, steps S405 to S406 are executed by the reference key generation unit 113C instead of the confidential information collection unit 112.
Step S407 is the same as step S111 of the first embodiment.
 ステップS408において参照キー登録部114Cは、収集条件蓄積装置300Cに、参照キーとステップS404で受信した収集条件とを含めて登録を要求する。
 ステップS409において収集条件蓄積装置300Cは、参照キーと収集条件とを関連付けて蓄積して、応答する。
 ステップS410において参照キー登録部114Cは、参照キーを利用者端末400Aに返信する。 In step S408, the reference key registration unit 114C requests the collection condition storage device 300C to register the reference key and the collection condition received in step S404.
In step S409, the collection condition storage device 300C stores the reference key and the collection condition in association with each other, and responds.
In step S410, the reference key registration unit 114C returns the reference key to the user terminal 400A.
≪守秘情報取得処理≫
 図16は、第4の実施形態に係る守秘情報取得処理のシーケンス図である。図16において、利用者端末400Bは、図15の利用者(非権限者、参照キーを登録した利用者)から参照キーを入手した権限者の端末であると仮定して説明する。
 ステップS421~S428は、図5のステップS121~S128とそれぞれ同様である。
 ステップS429において守秘情報取得部115Cは、収集条件蓄積装置300Cに、参照キーを含めて収集条件の取得を要求する。
 ステップS430において収集条件蓄積装置300Cは、参照キーに対応する収集条件を返信する。 ≪Confidential information acquisition process≫
FIG. 16 is a sequence diagram of confidential information acquisition processing according to the fourth embodiment. In FIG. 16, the user terminal 400B will be described on the assumption that it is a terminal of an authorized person who has obtained a reference key from the user (non-authorized person, user who has registered the reference key) of FIG.
Steps S421 to S428 are the same as steps S121 to S128 of FIG. 5, respectively.
In step S429, the confidential information acquisition unit 115C requests the collection condition storage device 300C to acquire the collection condition including the reference key.
In step S430, the collection condition storage device 300C returns the collection condition corresponding to the reference key.
 ステップS431~S434は、第1の実施形態のステップS107~S110と同様である。ただし、守秘情報収集部112に替えて、守秘情報取得部115Cが実行する。また、ステップS431における守秘情報要求に含まれる収集条件は、ステップS430において収集条件蓄積装置300Cから取得した収集条件である。
 ステップS435において守秘情報取得部115Cは、収集守秘情報を利用者端末400Bに返信する。 Steps S431 to S434 are the same as steps S107 to S110 of the first embodiment. However, instead of the confidential information collecting unit 112, the confidential information acquisition unit 115C executes the operation. Further, the collection condition included in the confidential information request in step S431 is the collection condition acquired from the collection condition storage device 300C in step S430.
In step S435, the confidential information acquisition unit 115C returns the collected confidential information to the user terminal 400B.
≪第4の実施形態の特徴≫
 第1の実施形態において、利用者端末400Bは、参照キー登録時における守秘情報を取得している。これに対して、第4の実施形態において、利用者端末400Bは、守秘情報取得時における最新の守秘情報を取得することができる。 << Features of the Fourth Embodiment >>
In the first embodiment, the user terminal 400B acquires confidential information at the time of reference key registration. On the other hand, in the fourth embodiment, the user terminal 400B can acquire the latest confidential information at the time of acquiring the confidential information.
≪変形例≫
 なお、本発明は、上記した実施形態に限定されることなく、その趣旨を逸脱しない範囲で変更することができる。例えば、第1の実施形態において、守秘情報蓄積装置200や収集守秘情報蓄積装置300は、守秘情報参照装置100とは別の装置であった。これに対して、守秘情報蓄積装置200や収集守秘情報蓄積装置300は、守秘情報参照装置100と同一の装置であってもよく、守秘情報参照装置100が、守秘情報データベース220や収集守秘情報データベース320を記憶するようにしてもよい。また、守秘情報参照装置100は、参照キー登録処理、守秘情報取得処理、および参照キー削除処理を実行しているが、それぞれを別の装置が実行するようにしてもよい。 ≪Modification example≫
The present invention is not limited to the above-described embodiment, and can be modified without departing from the spirit of the present invention. For example, in the first embodiment, the confidential information storage device 200 and the collected confidential information storage device 300 are different devices from the confidential information reference device 100. On the other hand, the confidential information storage device 200 and the collected confidential information storage device 300 may be the same device as the confidential information reference device 100, and the confidential information reference device 100 is the confidential information database 220 and the collected confidential information database. 320 may be stored. Further, although the confidential information reference device 100 executes the reference key registration process, the confidential information acquisition process, and the reference key deletion process, different devices may execute each of them.
 上記した実施形態では、守秘情報データベース220は、1つのデータベースであるが、これに限定されない。例えば、ネットワークサービスへのアクセス元はIP(Internet protocol)アドレスで示されるが、IPアドレスから直接に利用者が特定できるとは限らない。利用者が加入しているIPサービスプロバイダが保有する、ローカルとグローバルのIPアドレスの変換データベースや加入者情報データベースが必要な場合もある。守秘情報参照装置100は、収集条件に合致するように、複数の守秘情報蓄積装置(データベース)を組み合わせて検索して、守秘情報を収集するようにしてもよい。 In the above embodiment, the confidential information database 220 is one database, but is not limited to this. For example, an access source to a network service is indicated by an IP (Internet protocol) address, but the user cannot always be identified directly from the IP address. In some cases, a local and global IP address conversion database or subscriber information database owned by the IP service provider to which the user subscribes is required. The confidential information reference device 100 may collect confidential information by searching in combination of a plurality of confidential information storage devices (databases) so as to meet the collection conditions.
 第1の実施形態では、守秘情報参照装置100が利用者の取得権をチェックしている(図6のステップS125参照)。守秘情報参照装置100に替わり、収集守秘情報蓄積装置300がチェックするようにしてもよい。詳しくは、守秘情報参照装置100は、ステップS129において、守秘情報を要求した利用者の識別情報を収集守秘情報蓄積装置300に送信する。収集守秘情報蓄積装置300が利用者の取得権をチェックして、ステップS130において収集守秘情報を送信するか否かを判断するようにしてもよい。 In the first embodiment, the confidential information reference device 100 checks the acquisition right of the user (see step S125 in FIG. 6). Instead of the confidential information reference device 100, the collection confidential information storage device 300 may check. Specifically, in step S129, the confidential information reference device 100 transmits the identification information of the user who requested the confidential information to the collection confidential information storage device 300. The collection confidential information storage device 300 may check the acquisition right of the user and determine in step S130 whether or not to transmit the collection confidential information.
 第4の実施形態においても同様である。守秘情報参照装置100は、ステップS431(図16参照)において、守秘情報を要求した利用者の識別情報を守秘情報蓄積装置200に送信する。守秘情報蓄積装置200が利用者の取得権をチェックして、ステップS432において守秘情報を送信するか否かを判断するようにしてもよい。 The same applies to the fourth embodiment. In step S431 (see FIG. 16), the confidential information reference device 100 transmits the identification information of the user who requested the confidential information to the confidential information storage device 200. The confidential information storage device 200 may check the acquisition right of the user and determine whether or not to transmit the confidential information in step S432.
 プログラムに関する変形例として、守秘情報参照装置100のプログラムは、記録媒体199から読み取られたが、ネットワーク経由で取得するようにしてもよい。さらに別の実施形態として、守秘情報参照装置100のプログラムを配信するサーバであってもよい。 As a modification of the program, the program of the confidential information reference device 100 is read from the recording medium 199, but may be acquired via the network. As yet another embodiment, it may be a server that distributes the program of the confidential information reference device 100.
 以上、本発明のいくつかの実施形態について説明したが、これらの実施形態は、例示に過ぎず、本発明の技術的範囲を限定するものではない。本発明はその他の様々な実施形態を取ることが可能であり、さらに、本発明の要旨を逸脱しない範囲で、省略や置換等種々の変更を行うことができる。これら実施形態やその変形は、本明細書等に記載された発明の範囲や要旨に含まれるとともに、特許請求の範囲に記載された発明とその均等の範囲に含まれる。 Although some embodiments of the present invention have been described above, these embodiments are merely examples and do not limit the technical scope of the present invention. The present invention can take various other embodiments, and various modifications such as omission and substitution can be made without departing from the gist of the present invention. These embodiments and modifications thereof are included in the scope and gist of the invention described in the present specification and the like, and are also included in the scope of the invention described in the claims and the equivalent scope thereof.
≪効果≫
 以下に、守秘情報参照システムや守秘情報参照装置の効果を説明する。 ≪Effect≫
The effects of the confidential information reference system and the confidential information reference device will be described below.
 本実施形態に係る守秘情報参照システム10は、守秘情報参照装置100、守秘情報蓄積装置200、および収集守秘情報蓄積装置300を含んで構成される守秘情報参照システム10であって、守秘情報蓄積装置200は、アクセス制限のある守秘情報(データ223)と、当該守秘情報に付与された情報である付帯属性222とを関連付けて記憶し、収集守秘情報蓄積装置300は、守秘情報蓄積装置200から取得されて収集された収集守秘情報(収集データ322)と、当該収集守秘情報を参照するためのキーである参照キー321とを関連付けて記憶し、守秘情報参照装置100は、守秘情報を参照する権限を有しない利用者である非権限利用者の端末(利用者端末400A)から、守秘情報を参照する権限を有する利用者である権限利用者に提示する守秘情報について、当該守秘情報の付帯属性の条件である収集条件を含む参照キーの生成要求を受け取ると、当該収集条件に合致する付帯属性に関連付けられた守秘情報を守秘情報蓄積装置200から収集守秘情報として収集する守秘情報収集部112と、収集守秘情報を参照するための参照キーを生成する参照キー生成部113と、収集守秘情報と、参照キーとを関連付けて収集守秘情報蓄積装置300に格納して、参照キーを非権限利用者の端末に送付する参照キー登録部114と、利用者の端末(利用者端末400B)から参照キーを含む収集守秘情報の取得要求を受け取ると、当該利用者が権限利用者であることを確認し、当該参照キーに関連付けられた収集守秘情報を収集守秘情報蓄積装置300から取得して、当該利用者の端末に送付する守秘情報取得部115とを備える。 The confidential information reference system 10 according to the present embodiment is a confidential information reference system 10 including a confidential information reference device 100, a confidential information storage device 200, and a collection confidential information storage device 300. The 200 stores the confidential information (data 223) with access restrictions in association with the incidental attribute 222 which is the information given to the confidential information, and the collected confidential information storage device 300 is acquired from the confidential information storage device 200. The collected confidential information (collected data 322) collected and stored in association with the reference key 321 which is a key for referring to the collected confidential information, and the confidential information reference device 100 has the authority to refer to the confidential information. Regarding the confidential information presented to the authorized user who is the user who has the authority to refer to the confidential information from the terminal of the non-authorized user who is not the user (user terminal 400A), the incidental attribute of the confidential information Upon receiving the request to generate the reference key including the collection condition which is the condition, the confidential information collection unit 112 which collects the confidential information associated with the incidental attribute matching the collection condition from the confidential information storage device 200 as the confidential information is collected. The reference key generation unit 113 that generates a reference key for referencing the collected confidential information, the collected confidential information and the reference key are stored in the collected confidential information storage device 300 in association with each other, and the reference key is stored in the collection confidential information storage device 300. When the reference key registration unit 114 to be sent to the terminal and the user's terminal (user terminal 400B) receive a request to acquire the collected confidential information including the reference key, it is confirmed that the user is an authorized user. It is provided with a confidential information acquisition unit 115 that acquires the collected confidential information associated with the reference key from the collected confidential information storage device 300 and sends it to the terminal of the user.
 このような守秘情報参照システム10は、守秘情報にアクセスできない非権限者の端末からの要求に応じて、収集条件に合致する守秘情報を収集して、収集された守秘情報に対応する参照キーを送信することができる。守秘情報参照システム10は、守秘情報にアクセス可能な権限者であって、非権限者から参照キーを入手した権限者の端末から、この参照キーを受信することで、収集された守秘情報を返信することができるようになる。
 これにより、非権限者であっても、自身がアクセスできない守秘情報を収集して、権限者に提示することができるようになる。 Such a confidential information reference system 10 collects confidential information that matches the collection conditions in response to a request from a terminal of an unauthorized person who cannot access the confidential information, and obtains a reference key corresponding to the collected confidential information. Can be sent. The confidential information reference system 10 returns the collected confidential information by receiving the reference key from the terminal of the authorized person who can access the confidential information and has obtained the reference key from the non-authorized person. You will be able to.
As a result, even a non-authorized person can collect confidential information that he / she cannot access and present it to the authorized person.
 本実施形態に係る守秘情報参照装置100は、守秘情報参照装置100、守秘情報蓄積装置200、および収集守秘情報蓄積装置300を含んで構成される守秘情報参照システム10の守秘情報参照装置であって、守秘情報を参照する権限を有しない利用者である非権限利用者の端末(利用者端末400A)から、守秘情報を参照する権限を有する利用者である権限利用者に提示する守秘情報について、当該守秘情報の付帯属性の条件である収集条件を含み、当該収集条件に合致する守秘情報である収集守秘情報を参照するためのキーである参照キーの生成要求を受け取ると、守秘情報蓄積装置200から収集守秘情報を収集する守秘情報収集部112と、収集守秘情報を参照するための参照キーを生成する参照キー生成部113と、収集守秘情報と、参照キーとを関連付けて収集守秘情報蓄積装置300に格納して、参照キーを非権限利用者の端末に送付する参照キー登録部114と、利用者の端末(利用者端末400B)から参照キーを含む収集守秘情報の取得要求を受け取ると、当該利用者が権限利用者であることを確認し、当該参照キーに関連付けられた収集守秘情報を収集守秘情報蓄積装置300から取得して、当該利用者の端末に送付する守秘情報取得部115とを備える。 The confidential information reference device 100 according to the present embodiment is a confidential information reference device of the confidential information reference system 10 including the confidential information reference device 100, the confidential information storage device 200, and the collection confidential information storage device 300. , About the confidential information presented from the terminal of the non-authorized user who is the user who does not have the authority to refer to the confidential information (user terminal 400A) to the authorized user who is the user who has the authority to refer to the confidential information. Upon receiving a request to generate a reference key, which is a key for referring to the collected confidential information, which is confidential information that matches the collected condition, including the collection condition which is a condition of the incidental attribute of the confidential information, the confidential information storage device 200 Confidential information collection unit 112 that collects confidential information collected from, reference key generation unit 113 that generates a reference key for referring to the collected confidential information, and a collection confidential information storage device that associates the collected confidential information with the reference key. Upon receiving the reference key registration unit 114 that stores the reference key in the 300 and sends the reference key to the terminal of the non-authorized user and the acquisition request of the collected confidential information including the reference key from the user's terminal (user terminal 400B), With the confidential information acquisition unit 115 that confirms that the user is an authorized user, acquires the collected confidential information associated with the reference key from the collected confidential information storage device 300, and sends it to the terminal of the user. To be equipped with.
 このような守秘情報参照装置100は、守秘情報にアクセスできない非権限者の端末からの要求に応じて、収集条件に合致する守秘情報を収集して、収集された守秘情報に対応する参照キーを送信することができる。守秘情報参照装置100は、守秘情報にアクセス可能な権限者であって、非権限者から参照キーを入手した権限者の端末から、この参照キーを受信することで、収集された守秘情報を返信することができる。
 これにより、非権限者であっても、自身がアクセスできない守秘情報を収集して、権限者に提示することができるようになる。 Such a confidential information reference device 100 collects confidential information that matches the collection conditions in response to a request from a terminal of an unauthorized person who cannot access the confidential information, and obtains a reference key corresponding to the collected confidential information. Can be sent. The confidential information reference device 100 returns the collected confidential information by receiving the reference key from the terminal of the authorized person who can access the confidential information and has obtained the reference key from the non-authorized person. can do.
As a result, even a non-authorized person can collect confidential information that he / she cannot access and present it to the authorized person.
 本実施形態に係る守秘情報参照装置(映像参照装置100A)において、守秘情報は、監視カメラ500の映像223Aであり、付帯属性は、映像223Aの撮影期間222A2と撮影場所222A1とを含み、収集条件は、非権限利用者が保持する携帯端末(利用者端末400)の位置と、当該位置に携帯端末が存在した時刻とを含み、守秘情報収集部(映像収集部112A)は、撮影場所222A1と携帯端末の位置との距離が所定値以下で、撮影期間222A2が、携帯端末が存在した時刻を含む映像を収集する。 In the confidential information reference device (video reference device 100A) according to the present embodiment, the confidential information is the video 223A of the surveillance camera 500, and the incidental attributes include the shooting period 222A2 of the video 223A and the shooting location 222A1, and the collection conditions Includes the position of the mobile terminal (user terminal 400) held by the non-authorized user and the time when the mobile terminal existed at the position, and the confidential information collecting unit (video collecting unit 112A) is set to the shooting location 222A1. The shooting period 222A2 collects images including the time when the mobile terminal was present when the distance from the position of the mobile terminal is equal to or less than a predetermined value.
 このような守秘情報参照装置(映像参照装置100A)は、非権限者の端末から位置と時刻とを含む収集条件を受信し、収集条件の位置を含む撮影場所222A1を撮影している監視カメラの撮影映像であって、収集条件の時刻を含む撮影期間222A2の撮影映像を参照する参照キーを返信できる。
 これにより、非権限者であっても、自身が撮影されている映像を収集して、権限者に提示することができるようになる。 Such a confidential information reference device (video reference device 100A) receives a collection condition including the position and time from the terminal of an unauthorized person, and is a surveillance camera that is photographing the shooting location 222A1 including the position of the collection condition. It is possible to return a reference key that refers to the captured video of the shooting period 222A2 including the time of the collection condition.
As a result, even a non-authorized person can collect the video of himself / herself and present it to the authorized person.
 本実施形態に係る守秘情報参照装置(ログ参照装置100B)において、守秘情報は、通信のログ情報であり、付帯属性は、通信の時刻232と通信元(アクセス元233)と通信先(アクセス先234)とを含み、収集条件は、特定の通信元および任意の通信先、特定の通信先および任意の通信元、特定の通信元および特定の通信先の何れか1つと、通信期間とを含み、守秘情報収集部112は、通信期間が通信の時刻232を含み、通信の通信元(アクセス元233)および通信先(アクセス先234)が収集条件にある通信元および通信先に合致する通信のログ情報を収集する。 In the confidential information reference device (log reference device 100B) according to the present embodiment, the confidential information is the log information of the communication, and the incidental attributes are the communication time 232, the communication source (access source 233), and the communication destination (access destination). 234), and the collection conditions include any one of a specific communication source and an arbitrary communication destination, a specific communication destination and an arbitrary communication source, a specific communication source and a specific communication destination, and a communication period. , The confidential information collecting unit 112 includes a communication period including the communication time 232, and the communication source (access source 233) and the communication destination (access destination 234) of the communication match the communication source and the communication destination under the collection conditions. Collect log information.
 このような守秘情報参照装置(ログ参照装置100B)は、非権限者の端末から通信期間と通信元と通信先とを含む収集条件を受信し、収集条件の通信期間に発生した通信であって、収集条件の通信元または通信先の通信に関するログを参照する参照キーを返信できる。
 これにより、非権限者であっても、収集条件に合致する通信ログを収集して、権限者に提示することができるようになる。 Such a confidential information reference device (log reference device 100B) receives a collection condition including a communication period, a communication source, and a communication destination from a terminal of an unauthorized person, and is a communication generated during the communication period of the collection condition. , You can return a reference key that refers to the log related to the communication source or communication destination of the collection condition.
As a result, even a non-authorized person can collect communication logs that meet the collection conditions and present them to the authorized person.
 本実施形態に係る守秘情報参照システム10Cは、守秘情報参照装置100C、守秘情報蓄積装置200、および収集条件蓄積装置300Cを含んで構成される守秘情報参照システム10Cであって、守秘情報蓄積装置200は、アクセス制限のある守秘情報(データ223)と、当該守秘情報に付与された情報である付帯属性222とを関連付けて記憶し、収集条件蓄積装置300Cは、守秘情報の付帯属性の条件である収集条件322Cと、当該収集条件を参照するためのキーである参照キー321とを関連付けて記憶し、守秘情報参照装置100Cは、守秘情報を参照する権限を有しない利用者である非権限利用者の端末(利用者端末400)から、守秘情報を参照する権限を有する利用者である権限利用者に提示する守秘情報について、当該守秘情報の付帯属性の条件である収集条件を含む参照キーの生成要求を受け取ると、当該収集条件を参照するための参照キーを生成する参照キー生成部113Cと、収集条件と、参照キーとを関連付けて収集条件蓄積装置300Cに格納して、参照キーを非権限利用者の端末に送付する参照キー登録部114Cと、利用者の端末(利用者端末400)から参照キーを含む守秘情報の取得要求を受け取ると、当該利用者が権限利用者であることを確認し、当該参照キーに関連付けられた収集条件を収集条件蓄積装置300Cから取得して、当該収集条件に合致する付帯属性に関連付けられた守秘情報を守秘情報蓄積装置200から収集して、当該利用者の端末に送付する守秘情報取得部115Cとを備える。 The confidential information reference system 10C according to the present embodiment is a confidential information reference system 10C including a confidential information reference device 100C, a confidential information storage device 200, and a collection condition storage device 300C, and is a confidential information storage device 200. Stores the confidential information (data 223) with access restrictions in association with the incidental attribute 222 which is the information given to the confidential information, and the collection condition storage device 300C is a condition of the incidental attribute of the confidential information. The collection condition 322C and the reference key 321 which is a key for referring to the collection condition are stored in association with each other, and the confidential information reference device 100C is a non-authorized user who is a user who does not have the authority to refer to the confidential information. For confidential information presented to an authorized user who is a user who has the authority to refer to confidential information from the terminal (user terminal 400), a reference key including a collection condition which is a condition of ancillary attributes of the confidential information is generated. When the request is received, the reference key generation unit 113C that generates the reference key for referencing the collection condition, the collection condition, and the reference key are stored in the collection condition storage device 300C in association with each other, and the reference key is unauthorized. Upon receiving a request for acquisition of confidential information including the reference key from the reference key registration unit 114C to be sent to the user's terminal and the user's terminal (user terminal 400), it is confirmed that the user is an authorized user. Then, the collection condition associated with the reference key is acquired from the collection condition storage device 300C, the confidential information associated with the incidental attribute matching the collection condition is collected from the confidential information storage device 200, and the user is concerned. It is provided with a confidential information acquisition unit 115C to be sent to the terminal of.
 このような守秘情報参照システム10Cは、守秘情報にアクセスできない非権限者の端末からの要求に応じて、収集条件に対応する参照キーを送信することができる。守秘情報参照システム10Cは、守秘情報にアクセス可能な権限者であって、非権限者から参照キーを入手した権限者の端末から、この参照キーを受信することで、収集条件に合致する守秘情報を返信することができるようになる。また、守秘情報参照システム10と比較して、守秘情報参照システム10Cは、より新しい守秘情報を返信できる。
 これにより、非権限者であっても、自身がアクセスできない守秘情報を収集して、権限者に提示することができるようになる。また、守秘情報参照システム10と比較して、権限者は、より新しい守秘情報を取得できる。 Such a confidential information reference system 10C can transmit a reference key corresponding to the collection condition in response to a request from a terminal of an unauthorized person who cannot access the confidential information. The confidential information reference system 10C is an authorized person who can access the confidential information, and by receiving this reference key from the terminal of the authorized person who obtained the reference key from the non-authorized person, the confidential information matching the collection conditions is satisfied. Will be able to reply. Further, as compared with the confidential information reference system 10, the confidential information reference system 10C can return newer confidential information.
As a result, even a non-authorized person can collect confidential information that he / she cannot access and present it to the authorized person. Further, as compared with the confidential information reference system 10, the authorized person can acquire newer confidential information.
10,10C 守秘情報参照システム
10A 映像参照システム(守秘情報参照システム)
10B ログ参照システム(守秘情報参照システム)
100,100C 守秘情報参照装置
100A 映像参照装置(守秘情報参照装置)
100B ログ参照装置(守秘情報参照装置)
110 制御部
111 メッセージ処理部
112 守秘情報収集部
112A 映像収集部(守秘情報収集部)
113,113C 参照キー生成部
114,114A,114C 参照キー登録部
115,115C 守秘情報取得部
115A 映像取得部(守秘情報取得部)
116 参照キー削除部
130 利用者情報データベース
199 記録媒体
200 守秘情報蓄積装置
200A 映像蓄積装置
200B ログ蓄積装置
300 収集守秘情報蓄積装置
300A 収集映像蓄積装置
300B 収集ログ蓄積装置
300C 収集条件蓄積装置
500 監視カメラ 10,10C Confidential information reference system 10A Video reference system (Confidential information reference system)
10B log reference system (confidential information reference system)
100,100C Confidential information reference device 100A Video reference device (Confidential information reference device)
100B log reference device (confidential information reference device)
110 Control unit 111 Message processing unit 112 Confidential information collection unit 112A Video collection unit (Confidential information collection unit)
113, 113C Reference key generation unit 114, 114A, 114C Reference key registration unit 115, 115C Confidential information acquisition unit 115A Video acquisition unit (confidential information acquisition unit)
116 Reference key deletion unit 130 User information database 199 Recording medium 200 Confidential information storage device 200A Video storage device 200B Log storage device 300 Collection confidential information storage device 300A Collected video storage device 300B Collection log storage device 300C Collection condition storage device 500 Surveillance camera

Claims (7)

  1.  守秘情報参照装置、守秘情報蓄積装置、および収集守秘情報蓄積装置を含んで構成される守秘情報参照システムであって、
     前記守秘情報蓄積装置は、アクセス制限のある守秘情報と、当該守秘情報に付与された情報である付帯属性とを関連付けて記憶し、
     前記収集守秘情報蓄積装置は、前記守秘情報蓄積装置から取得されて収集された収集守秘情報と、当該収集守秘情報を参照するためのキーである参照キーとを関連付けて記憶し、
     前記守秘情報参照装置は、
     前記守秘情報を参照する権限を有しない利用者である非権限利用者の端末から、前記守秘情報を参照する権限を有する利用者である権限利用者に提示する前記守秘情報について、当該守秘情報の付帯属性の条件である収集条件を含む前記参照キーの生成要求を受け取ると、当該収集条件に合致する前記付帯属性に関連付けられた守秘情報を前記守秘情報蓄積装置から前記収集守秘情報として収集する守秘情報収集部と、
     前記収集守秘情報を参照するための参照キーを生成する参照キー生成部と、
     前記収集守秘情報と、前記参照キーとを関連付けて前記収集守秘情報蓄積装置に格納して、前記参照キーを前記非権限利用者の端末に送付する参照キー登録部と、
     利用者の端末から前記参照キーを含む前記収集守秘情報の取得要求を受け取ると、当該利用者が前記権限利用者であることを確認し、当該参照キーに関連付けられた収集守秘情報を前記収集守秘情報蓄積装置から取得して、当該利用者の端末に送付する守秘情報取得部とを備える
     ことを特徴とする守秘情報参照システム。     A confidential information reference system including a confidential information reference device, a confidential information storage device, and a collection confidential information storage device.
    The confidential information storage device stores confidential information with access restrictions in association with ancillary attributes that are information given to the confidential information.
    The collected confidential information storage device stores the collected confidential information acquired and collected from the confidential information storage device in association with a reference key which is a key for referring to the collected confidential information.
    The confidential information reference device is
    Regarding the confidential information presented to the authorized user who is the user who has the authority to refer to the confidential information from the terminal of the non-authorized user who is the user who does not have the authority to refer to the confidential information, the confidential information When the generation request of the reference key including the collection condition which is the condition of the incidental attribute is received, the confidential information associated with the incidental attribute that matches the collection condition is collected as the collected confidential information from the confidential information storage device. Information gathering department and
    A reference key generator that generates a reference key for referencing the collected confidential information,
    A reference key registration unit that associates the collected confidential information with the reference key, stores the collected confidential information in the collected confidential information storage device, and sends the reference key to the terminal of the non-authorized user.
    Upon receiving a request for acquisition of the collected confidential information including the reference key from the user's terminal, it is confirmed that the user is the authorized user, and the collected confidential information associated with the reference key is collected and confidential. A confidential information reference system characterized by having a confidential information acquisition unit that acquires from an information storage device and sends it to the user's terminal.
  2.  守秘情報参照装置、守秘情報蓄積装置、および収集守秘情報蓄積装置を含んで構成される守秘情報参照システムの前記守秘情報参照装置であって、
     守秘情報を参照する権限を有しない利用者である非権限利用者の端末から、前記守秘情報を参照する権限を有する利用者である権限利用者に提示する前記守秘情報について、当該守秘情報の付帯属性の条件である収集条件を含み、当該収集条件に合致する守秘情報である収集守秘情報を参照するためのキーである参照キーの生成要求を受け取ると、前記守秘情報蓄積装置から前記収集守秘情報を収集する守秘情報収集部と、
     前記収集守秘情報を参照するための参照キーを生成する参照キー生成部と、
     前記収集守秘情報と、前記参照キーとを関連付けて前記収集守秘情報蓄積装置に格納して、前記参照キーを前記非権限利用者の端末に送付する参照キー登録部と、
     利用者の端末から前記参照キーを含む前記収集守秘情報の取得要求を受け取ると、当該利用者が前記権限利用者であることを確認し、当該参照キーに関連付けられた収集守秘情報を前記収集守秘情報蓄積装置から取得して、当該利用者の端末に送付する守秘情報取得部とを備える
     ことを特徴とする守秘情報参照装置。     The confidential information reference device of the confidential information reference system including a confidential information reference device, a confidential information storage device, and a collection confidential information storage device.
    Regarding the confidential information presented to the authorized user who is the user who has the authority to refer to the confidential information from the terminal of the non-authorized user who is the user who does not have the authority to refer to the confidential information, the confidential information is attached. When a request for generating a reference key, which is a key for referring to the collected confidential information which is confidential information matching the collected condition, is received, the collected confidential information is received from the confidential information storage device. Confidential information gathering department to collect
    A reference key generator that generates a reference key for referencing the collected confidential information,
    A reference key registration unit that associates the collected confidential information with the reference key, stores the collected confidential information in the collected confidential information storage device, and sends the reference key to the terminal of the non-authorized user.
    Upon receiving a request for acquisition of the collected confidential information including the reference key from the user's terminal, it is confirmed that the user is the authorized user, and the collected confidential information associated with the reference key is collected and confidential. A confidential information reference device including a confidential information acquisition unit that acquires from an information storage device and sends it to the user's terminal.
  3.  前記守秘情報は、監視カメラの映像であり、
     前記付帯属性は、前記映像の撮影期間と撮影場所とを含み、
     前記収集条件は、前記非権限利用者が保持する携帯端末の位置と、当該位置に携帯端末が存在した時刻とを含み、
     前記守秘情報収集部は、前記撮影場所と前記携帯端末の位置との距離が所定値以下で、前記撮影期間が、前記携帯端末が存在した時刻を含む映像を収集する
     ことを特徴とする請求項2に記載の守秘情報参照装置。     The confidential information is an image of a surveillance camera.
    The incidental attribute includes a shooting period and a shooting location of the video.
    The collection condition includes the position of the mobile terminal held by the non-authorized user and the time when the mobile terminal was present at the position.
    The confidential information collecting unit is characterized in that the distance between the shooting location and the position of the mobile terminal is a predetermined value or less, and the shooting period includes a video including the time when the mobile terminal was present. Confidential information reference device according to 2.
  4.  前記守秘情報は、通信のログ情報であり、
     前記付帯属性は、前記通信の時刻と通信元と通信先とを含み、
     前記収集条件は、特定の通信元および任意の通信先、特定の通信先および任意の通信元、特定の通信元および特定の通信先の何れか1つと、通信期間とを含み、
     前記守秘情報収集部は、前記通信期間が前記通信の時刻を含み、前記通信の通信元および通信先が前記収集条件にある通信元および通信先に合致する通信のログ情報を収集する
     ことを特徴とする請求項2に記載の守秘情報参照装置。     The confidential information is communication log information, and is
    The incidental attribute includes the time of the communication, the communication source, and the communication destination.
    The collection condition includes any one of a specific communication source and an arbitrary communication destination, a specific communication destination and an arbitrary communication source, a specific communication source and a specific communication destination, and a communication period.
    The confidential information collecting unit is characterized in that the communication period includes the time of the communication, and the communication source and the communication destination of the communication collect the log information of the communication matching the communication source and the communication destination under the collection condition. The confidential information reference device according to claim 2.
  5.  守秘情報参照装置、守秘情報蓄積装置、および収集条件蓄積装置を含んで構成される守秘情報参照システムであって、
     前記守秘情報蓄積装置は、アクセス制限のある守秘情報と、当該守秘情報に付与された情報である付帯属性とを関連付けて記憶し、
     前記収集条件蓄積装置は、前記守秘情報の付帯属性の条件である収集条件と、当該収集条件を参照するためのキーである参照キーとを関連付けて記憶し、
     前記守秘情報参照装置は、
     前記守秘情報を参照する権限を有しない利用者である非権限利用者の端末から、前記守秘情報を参照する権限を有する利用者である権限利用者に提示する前記守秘情報について、当該守秘情報の付帯属性の条件である収集条件を含む前記参照キーの生成要求を受け取ると、当該収集条件を参照するための参照キーを生成する参照キー生成部と、
     前記収集条件と、前記参照キーとを関連付けて前記収集条件蓄積装置に格納して、前記参照キーを前記非権限利用者の端末に送付する参照キー登録部と、
     利用者の端末から前記参照キーを含む前記守秘情報の取得要求を受け取ると、当該利用者が前記権限利用者であることを確認し、当該参照キーに関連付けられた収集条件を前記収集条件蓄積装置から取得して、当該収集条件に合致する前記付帯属性に関連付けられた守秘情報を前記守秘情報蓄積装置から収集して、当該利用者の端末に送付する守秘情報取得部とを備える
     ことを特徴とする守秘情報参照システム。     A confidential information reference system including a confidential information reference device, a confidential information storage device, and a collection condition storage device.
    The confidential information storage device stores confidential information with access restrictions in association with ancillary attributes that are information given to the confidential information.
    The collection condition storage device stores the collection condition, which is a condition of the incidental attribute of the confidential information, and the reference key, which is a key for referring to the collection condition, in association with each other.
    The confidential information reference device is
    Regarding the confidential information presented to the authorized user who is the user who has the authority to refer to the confidential information from the terminal of the non-authorized user who is the user who does not have the authority to refer to the confidential information, the confidential information Upon receiving the request to generate the reference key including the collection condition that is the condition of the incidental attribute, the reference key generation unit that generates the reference key for referencing the collection condition, and the reference key generation unit.
    A reference key registration unit that associates the collection condition with the reference key, stores the reference key in the collection condition storage device, and sends the reference key to the terminal of the non-authorized user.
    Upon receiving a request for acquisition of the confidential information including the reference key from the user's terminal, it is confirmed that the user is the authorized user, and the collection condition associated with the reference key is stored in the collection condition storage device. It is characterized by having a confidential information acquisition unit that collects confidential information associated with the incidental attribute that matches the collection conditions from the confidential information storage device and sends it to the user's terminal. Confidential information reference system.
  6.  守秘情報参照装置、守秘情報蓄積装置、および収集守秘情報蓄積装置を含んで構成される守秘情報参照システムの前記守秘情報参照装置が実行する守秘情報参照方法であって、
     前記守秘情報参照装置は、
     守秘情報を参照する権限を有しない利用者である非権限利用者の端末から、前記守秘情報を参照する権限を有する利用者である権限利用者に提示する前記守秘情報について、当該守秘情報の付帯属性の条件である収集条件を含み、当該収集条件に合致する守秘情報である収集守秘情報を参照するためのキーである参照キーの生成要求を受け取ると、前記守秘情報蓄積装置から前記収集守秘情報を収集するステップと、
     前記収集守秘情報を参照するための参照キーを生成するステップと、
     前記収集守秘情報と、前記参照キーとを関連付けて前記収集守秘情報蓄積装置に格納して、前記参照キーを前記非権限利用者の端末に送付するステップと、
     利用者の端末から前記参照キーを含む前記収集守秘情報の取得要求を受け取ると、当該利用者が前記権限利用者であることを確認し、当該参照キーに関連付けられた収集守秘情報を前記収集守秘情報蓄積装置から取得して、当該利用者の端末に送付するステップとを含む
     ことを特徴とする守秘情報参照方法。     A confidential information reference method executed by the confidential information reference device of a confidential information reference system including a confidential information reference device, a confidential information storage device, and a collection confidential information storage device.
    The confidential information reference device is
    Regarding the confidential information presented to the authorized user who is the user who has the authority to refer to the confidential information from the terminal of the non-authorized user who is the user who does not have the authority to refer to the confidential information, the confidential information is attached. When a request for generating a reference key, which is a key for referring to the collected confidential information which is confidential information matching the collected condition, is received, the collected confidential information is received from the confidential information storage device. And the steps to collect
    A step of generating a reference key for referencing the collected confidential information, and
    A step of associating the collected confidential information with the reference key, storing the collected confidential information in the collected confidential information storage device, and sending the reference key to the terminal of the non-authorized user.
    Upon receiving a request for acquisition of the collected confidential information including the reference key from the user's terminal, it is confirmed that the user is the authorized user, and the collected confidential information associated with the reference key is collected and confidential. A confidential information reference method including a step of acquiring from an information storage device and sending it to the user's terminal.
  7.  コンピュータを、請求項2~4の何れか1項に記載の守秘情報参照装置として機能させるためのプログラム。 A program for making a computer function as a confidential information reference device according to any one of claims 2 to 4.
PCT/JP2019/026408 2019-07-03 2019-07-03 Confidential information reference system, confidential information reference device, confidential information reference method, and program WO2021001950A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2019/026408 WO2021001950A1 (en) 2019-07-03 2019-07-03 Confidential information reference system, confidential information reference device, confidential information reference method, and program

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2019/026408 WO2021001950A1 (en) 2019-07-03 2019-07-03 Confidential information reference system, confidential information reference device, confidential information reference method, and program

Publications (1)

Publication Number Publication Date
WO2021001950A1 true WO2021001950A1 (en) 2021-01-07

Family

ID=74100793

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2019/026408 WO2021001950A1 (en) 2019-07-03 2019-07-03 Confidential information reference system, confidential information reference device, confidential information reference method, and program

Country Status (1)

Country Link
WO (1) WO2021001950A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009044311A (en) * 2007-08-07 2009-02-26 Gunma Univ Imaging apparatus, imaging system, and image browsing system
JP2012114556A (en) * 2010-11-22 2012-06-14 Npo E-Jikei Network Promotion Institute Camera system comprising multiple encryption function and managing method for the camera system
JP2013145442A (en) * 2012-01-13 2013-07-25 Nippon Atm Kk Crime information retrieval system
JP2019096997A (en) * 2017-11-21 2019-06-20 京セラドキュメントソリューションズ株式会社 Image formation system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009044311A (en) * 2007-08-07 2009-02-26 Gunma Univ Imaging apparatus, imaging system, and image browsing system
JP2012114556A (en) * 2010-11-22 2012-06-14 Npo E-Jikei Network Promotion Institute Camera system comprising multiple encryption function and managing method for the camera system
JP2013145442A (en) * 2012-01-13 2013-07-25 Nippon Atm Kk Crime information retrieval system
JP2019096997A (en) * 2017-11-21 2019-06-20 京セラドキュメントソリューションズ株式会社 Image formation system

Similar Documents

Publication Publication Date Title
Farnden et al. Privacy risks in mobile dating apps
US8589372B2 (en) Method and system for automated document registration with cloud computing
US8341141B2 (en) Method and system for automated document registration
CN104660562B (en) A kind of information inspection method, relevant apparatus and system
US8458779B2 (en) System and method for handling personal identification information
US8041743B2 (en) Systems and methods for providing semantically enhanced identity management
US20070036395A1 (en) Reverse identity profiling system with alert function
US20140081932A1 (en) Method and system for secure automated document registration from social media networks
KR102065993B1 (en) Systems and methods to verify ownership of a telephone number and to track ownership reassignments
US20010007975A1 (en) Data access system
CN101005503A (en) Method and data processing system for intercepting communication between a client and a service
JP5574554B2 (en) System and method for global directory service
CN104580121A (en) People search/people information matching and pushing method, system, client and server
WO2009049170A2 (en) System and method for securely storing wirelessly transmitted text, images, and video
JP6256624B2 (en) Information processing apparatus and cooperative distributed storage system
US20090205051A1 (en) Systems and methods for securing data in electronic communications
JP2020144446A (en) Face recognition management server and face recognition management method
KR20090001477A (en) Method and system for real-time sharing of situational information
US8145184B2 (en) Protected data capture
CN111885085A (en) Electronic data comprehensive certificate storing method and certificate storing system
JP7236042B2 (en) Face Recognition Application Using Homomorphic Encryption
WO2021001950A1 (en) Confidential information reference system, confidential information reference device, confidential information reference method, and program
US20230116631A1 (en) System and method for secure collection and display of sensitive data
WO2022198996A1 (en) Data updating method, apparatus, and system, device, storage medium and program
KR100468119B1 (en) Administrative control and administrative control information management method using personal portable communication device and computer network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19936110

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19936110

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP