WO2024142165A1 - Serveur en nuage, système de traitement d'informations, procédé de gestion et programme - Google Patents

Serveur en nuage, système de traitement d'informations, procédé de gestion et programme Download PDF

Info

Publication number
WO2024142165A1
WO2024142165A1 PCT/JP2022/047984 JP2022047984W WO2024142165A1 WO 2024142165 A1 WO2024142165 A1 WO 2024142165A1 JP 2022047984 W JP2022047984 W JP 2022047984W WO 2024142165 A1 WO2024142165 A1 WO 2024142165A1
Authority
WO
WIPO (PCT)
Prior art keywords
consent
cloud server
iot device
privacy data
security level
Prior art date
Application number
PCT/JP2022/047984
Other languages
English (en)
Japanese (ja)
Inventor
香 佐藤
弘明 遠藤
弘晃 小竹
Original Assignee
三菱電機株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 三菱電機株式会社 filed Critical 三菱電機株式会社
Priority to PCT/JP2022/047984 priority Critical patent/WO2024142165A1/fr
Publication of WO2024142165A1 publication Critical patent/WO2024142165A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Definitions

  • This disclosure relates to a cloud server, an information processing system, a management method, and a program.
  • the cloud server includes: A cloud server that manages an IoT device that collects and accumulates privacy data related to a user's privacy, consent details acquisition means for acquiring consent details regarding the use of the privacy data from a terminal operated by a user; A setting means for setting a security level corresponding to the consent content acquired by the consent content acquisition means in the IoT device; Equipped with.
  • FIG. 1 is a diagram illustrating an example of an overall configuration of an information processing system 1 according to embodiment 1 of the present disclosure. As illustrated in Fig. 1, in the information processing system 1, an IoT device 10, a device connection cloud server 20, a service operation cloud server 30, and a terminal 40 are communicatively connected via the Internet N.
  • the device connection cloud server 20 is, for example, a server computer, and works in conjunction with the service operation cloud server 30 to manage the IoT devices 10.
  • FIG. 2 is a schematic diagram showing an example of the configuration of an IoT device 10.
  • the IoT device 10 includes a sensor camera 11, a privacy data storage unit 12, a software service 13, a network service 14, a device authentication unit 15, and a network I/F (interface) 16.
  • the network service 14 provides a network function that is an additional function of the IoT device 10.
  • the network service 14 causes the IoT device 10 to perform air conditioning control in accordance with instructions from the device connection cloud server 20.
  • the device authentication unit 15 performs device authentication when providing the network service 14 or when displaying a consent screen, which will be described later.
  • the device authentication unit 15 stores account information such as a user name and password, and performs device authentication together with the user who uses the terminal 40 via the service operation cloud server 30.
  • the network I/F 16 is, for example, a communication unit for communicating with the device connection cloud server 20 via the Internet N.
  • the user may be able to configure the security functions by operating a switch installed on the IoT device 10 or by operating an operation screen on the terminal 40.
  • FIG. 3 is a schematic diagram showing an example of the configuration of the device connection cloud server 20.
  • the device connection cloud server 20 includes a storage unit 21, a network I/F 22, and a control unit 23.
  • the storage unit 21 is, for example, a solid state drive (SSD) or a hard disk, and stores various information.
  • the storage unit 21 stores a service management table 211 and a level management table 212.
  • the service management table 211 stores items 211a for which user consent is required and a required security level 211b in association with each other. Note that the larger the value of the security level 211b, the higher the security level.
  • the level management table 212 stores a security level 212a and a required setting 212b in association with each other, as shown in FIG. 5, for example.
  • the memory unit 21 can store privacy data collected from the IoT device 10.
  • the network I/F 22 is, for example, a communication unit for communicating with the IoT device 10 via the Internet N. Note that the network I/F 22 also communicates with the service operation cloud server 30 via the Internet N.
  • the confirmation means 233 confirms the security level set in the IoT device 10.
  • the confirmation means 233 reads out the security options set in the IoT device 10.
  • the confirmation means 233 then compares the security level required for the consent content with the security level set in the IoT device 10.
  • the device connection cloud server 20 starts providing the service (SQ7). That is, the service processing means 234 uses the IoT device 10 for which the security level has been set to provide a service according to the security level. For example, the service processing means 234 uses the IoT device 10 for which the security level has been set to "3" to provide an automatic control service using privacy data. Specifically, the service processing means 234 collects privacy data such as heart rate, body temperature, and temperature from the IoT device 10, and performs air conditioning control appropriate for the user.
  • privacy data such as heart rate, body temperature, and temperature
  • the security of the IoT device 10 is ensured before a service that uses privacy data is provided.
  • the privacy data stored in the IoT device 10 can be appropriately protected.
  • FIG. 8 is a sequence diagram explaining the flow of the process of checking the security level. Note that, even in FIG. 8, communication regarding user authentication, device authentication, etc. is omitted, but in reality, the process of checking the security level is executed after user authentication, device authentication, etc. are performed, as described below. Furthermore, the same process content as that already explained will be explained in a simplified manner.
  • the consent details may be sent each time a check is entered in any of the items requiring consent on the consent screen CG1 as shown in FIG. 6 described above.
  • items with insufficient security levels may be sent in SQ16 and SQ17, and the items with insufficient security levels may be highlighted in red, for example, on the consent screen CG1.
  • the device connection cloud server 20 requests the security level from the IoT device 10 (SQ23). In response to the request, the IoT device 10 replies with the set security level (SQ24).
  • the device connection cloud server 20 identifies configurable items from the security level that has already been set (SQ25). That is, the confirmation means 233 identifies configurable items by referring to the service management table 211 in FIG. 4 described above based on the security level set in the IoT device 10. For example, if the security level set in the IoT device 10 is "2", the device connection cloud server 20 identifies "upload of private data” and "remote viewing of private data" as configurable items.
  • the configurable items can be appropriately displayed on the consent screen according to the security level set in the IoT device 10.
  • the device connection cloud server 20 stores a management table as shown in FIG. 11 in the storage unit 21 instead of the service management table 211 of FIG. 4 described above.
  • the management table shown in FIG. 11 associates items requiring user consent with firmware versions.
  • the device connection cloud server 20 determines the F/W version according to the consent content, instead of determining the security level in SQ3. Then, when making a setting request in SQ4, the device connection cloud server 20 requests the IoT device 10 to set the determined F/W version. In response to this request, the IoT device 10 appropriately updates the F/W version, instead of setting the security level in SQ5. In other words, if the F/W version requested to be set is newer than the current F/W version, the IoT device 10 updates to the requested F/W version. Note that if the F/W version requested to be set is older than the current F/W version, the IoT device 10 does not perform anything in particular.
  • the device connection cloud server 20 requests the F/W version instead of requesting the security level from the IoT device 10 in SQ13 and SQ23.
  • the IoT device 10 replies with the current F/W version instead of replying with the set security level in SQ14 and SQ24.
  • the device connection cloud server 20 checks the F/W version required for consent.
  • the device connection cloud server 20 identifies configurable items from the current F/W version.
  • the firmware of the IoT device 10 can be used as is with an older version as necessary. For example, this can accommodate users who are reluctant to update the firmware due to limitations in the specifications of the IoT device 10 or because the user is accustomed to the UI (user interface) of the older version.
  • FIG. 12 is a sequence diagram explaining the flow of the process of deleting privacy data. Note that, even in FIG. 12, communication regarding user authentication, device authentication, etc. is omitted, but in reality, after user authentication, device authentication, etc. are performed, the process of checking the security level is executed as described below. Also, it is assumed that a service using privacy data is already being provided, and that privacy data as shown in FIG. 13 has been accumulated in the device connection cloud server 20 and the IoT device 10.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

Un serveur en nuage de connexion d'appareil (20) qui gère un appareil IoT pour collecter et stocker des données de vie privée relatives à la vie privée d'un utilisateur comprend, dans une unité de commande (23), un moyen d'acquisition de contenu de consentement (231) et un moyen de réglage (232). Le moyen d'acquisition de contenu de consentement (231) acquiert, auprès d'un terminal actionné par l'utilisateur, du contenu de consentement concernant l'utilisation des données de vie privée. Le moyen de réglage (232) règle, pour l'appareil IoT, un niveau de sécurité qui correspond au contenu de consentement acquis par le moyen d'acquisition de contenu de consentement (231).
PCT/JP2022/047984 2022-12-26 2022-12-26 Serveur en nuage, système de traitement d'informations, procédé de gestion et programme WO2024142165A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/047984 WO2024142165A1 (fr) 2022-12-26 2022-12-26 Serveur en nuage, système de traitement d'informations, procédé de gestion et programme

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/047984 WO2024142165A1 (fr) 2022-12-26 2022-12-26 Serveur en nuage, système de traitement d'informations, procédé de gestion et programme

Publications (1)

Publication Number Publication Date
WO2024142165A1 true WO2024142165A1 (fr) 2024-07-04

Family

ID=91716969

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/047984 WO2024142165A1 (fr) 2022-12-26 2022-12-26 Serveur en nuage, système de traitement d'informations, procédé de gestion et programme

Country Status (1)

Country Link
WO (1) WO2024142165A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014119255A1 (fr) * 2013-01-29 2014-08-07 パナソニック株式会社 Procédé de gestion de l'information, système de commande et procédé de commande de dispositif d'affichage
JP2015531122A (ja) * 2013-03-14 2015-10-29 ザ ニールセン カンパニー (ユーエス) エルエルシー メディア提示を監視するための方法及び装置
JP2018151881A (ja) * 2017-03-13 2018-09-27 Kddi株式会社 監視装置、監視方法、及びプログラム

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014119255A1 (fr) * 2013-01-29 2014-08-07 パナソニック株式会社 Procédé de gestion de l'information, système de commande et procédé de commande de dispositif d'affichage
JP2015531122A (ja) * 2013-03-14 2015-10-29 ザ ニールセン カンパニー (ユーエス) エルエルシー メディア提示を監視するための方法及び装置
JP2018151881A (ja) * 2017-03-13 2018-09-27 Kddi株式会社 監視装置、監視方法、及びプログラム

Similar Documents

Publication Publication Date Title
EP2779010B1 (fr) Système de traitement d'informations et procédé de traitement d'informations
JP5294951B2 (ja) プルプリントシステムにおける画像処理装置、書誌情報サーバ及びその制御方法
USRE44364E1 (en) Method of encrypting information for remote access while maintaining access control
WO2001082086A1 (fr) Dispositif de definition de droit d'acces et terminal gestionnaire
KR20140037476A (ko) 파일의 외부 유출 방지를 위한 시스템 및 그 방법
JP2007026412A (ja) 保守仲介装置、保守対象機器の保守方法、保守プログラム、保守プログラムが記録された記録媒体及び保守システム
JP4339234B2 (ja) Vpn接続構築システム
JP2016095631A (ja) 情報診断システム、情報診断装置、情報診断方法およびプログラム
AU2019222893A1 (en) Document management system and processing apparatus
AU2020217317B2 (en) Tunneled monitoring service and methods
AU2017232229A1 (en) Document management system and management apparatus
JP2016063417A (ja) Vpnアクセス制御システム、その作動方法及びプログラム、並びにvpnルータ及びサーバ
AU2019261686B2 (en) Management apparatus and document management system
US20210383029A1 (en) Information processing program, information processing device, and information processing method
TWI621064B (zh) 輸出方法與輸出裝置
KR101315482B1 (ko) 작성자 인증을 통한 기밀정보 열람 서비스 시스템 및 그 제어방법
WO2024142165A1 (fr) Serveur en nuage, système de traitement d'informations, procédé de gestion et programme
JP6708239B2 (ja) ドキュメント管理システム
JP4285987B2 (ja) ワークフローサーバおよびワークフローサーバの制御方法およびプログラム
JP6777213B2 (ja) 情報処理装置及びプログラム
JP6849018B2 (ja) ドキュメント管理システム
JP6079367B2 (ja) サーバ装置、出力管理方法、プログラム、およびシステム
JP2016062257A (ja) 情報処理装置、情報処理方法及び情報処理プログラム
JP6221803B2 (ja) 情報処理装置、接続制御方法、及びプログラム
JP6819734B2 (ja) 情報処理装置及び利用端末

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22969959

Country of ref document: EP

Kind code of ref document: A1