JP5278495B2 - Device information transmission method, device information transmission device, device information transmission program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To secure safety of service, and to allow a user to confirm easily and efficiently whether equipment can be provided with service from the provider of the service or not. <P>SOLUTION: An environment management bureau generates an electronic signature for each piece of equipment based on information concerning environment of the equipment provided from equipment vendors. A service user generates a request of information output of information concerning the equipment, based on the electronic signature generated by the environment management bureau, and transmits the request of information output to the environment management bureau. When the environment management bureau receives the request of information outputting, the bureau retrieves information concerning the equipment corresponding to identification information from database memorizing information concerning the equipment, and transmits to the service user the information concerning the retrieval result as the information showing whether the equipment can be provided with the service. <P>COPYRIGHT: (C)2011,JPO&amp;INPIT

Description

  The present invention relates to information indicating whether or not the device is a device that can receive the service when the device can receive the service or not based on the information related to the environment of the device. In particular, the present invention relates to a device information transmission program, device information transmission device and device information transmission method, a service control program for controlling a service provided to the device based on information related to the environment of the device, and a service control device. A device information transmission program and device information transmission that can ensure the safety of the service and allow the user to easily and efficiently confirm whether or not the device can receive service from the service provider. The present invention relates to a device and a device information transmission method.

  Conventionally, when providing services such as distributing content such as movies and music from the service provider's terminal to the user's terminal via the network, the user's terminal is used to ensure the safety of the service. Services are provided after confirming such an environment.

  For example, in Patent Document 1, in a service provider's terminal, environmental information (such as software (OS, BIOS, browser, plug-in software, etc.) and hardware (CPU incorporated in the user's terminal) related to the user's terminal. (Such as hardware, memory, PCI board, etc.) and hardware information connected to the user's terminal) from the user's terminal, and software that compromises the safety of the user's terminal (for example, security holes Use that cannot be secured due to the risk of unauthorized copying, etc. by checking whether the hardware is not installed) or hardware that compromises safety is connected to the user's terminal. Has disclosed a technique of refusing to provide a service to a user's terminal.

JP 2004-157790 A

  However, the above-described prior art has a problem that it is difficult for the user to confirm in advance whether or not his / her terminal can reliably receive the service, which is inconvenient for the user.

  Specifically, it is not easy for a user to check what kind of software or hardware is incorporated in a terminal, and whether or not a service can be provided depending on the software and hardware incorporated in the terminal. When determined, it is important for users to be able to easily confirm that they can receive the service and to purchase and use the device with peace of mind. come.

  Increasing user convenience is also preferable for vendors selling terminals. That is, if the user can easily confirm that the terminal sold by the vendor is a terminal that can receive the service, the user can purchase and use the terminal with peace of mind.

  In addition, there is a problem that a device may not operate normally depending on a combination of vendor products (software or hardware) incorporated in a user terminal. In such a case, there is a risk that unauthorized copying of contents such as movies and music may occur, and the safety of the service cannot be ensured.

  Therefore, provide a mechanism that allows users to easily and efficiently confirm how to ensure the safety of services and whether devices such as user terminals can receive services. The ability to do so has become an important issue.

  The present invention has been made to solve the above-described problems caused by the prior art, can ensure the safety of the service, and whether or not the device can receive the service from the service provider. An object of the present invention is to provide a device information transmission program, a service control program, a device information transmission device, a service control device, and a device information transmission method that can be easily and efficiently confirmed by a user.

In order to solve the above-described problems and achieve the object, the present invention provides a network that relays communication performed between a user device operated by a user and a service provider terminal that provides a service to the user device. A device information transmission method executed by a computer communicable with an operator terminal, wherein the computer receives information about the environment of the user device from the user device via a network operator terminal From the evaluation database that stores information relating to the environment of the user device, information for evaluating the safety of the user device, and information for evaluating the performance of the user device, the received user Information for evaluating the safety of the user device stored in association with information on the environment of the device, and information for evaluating the performance of the user device Obtaining and evaluating the environment of the user device indicated by the received information according to the acquired information, information indicating a combination of devices that are incompatible, information for correcting the safety evaluation of the user device, The evaluation value correction amount database that stores the information for correcting the performance evaluation of the user device in association with the information is stored, and the received information regarding the environment of the user device includes information indicating an incompatible device combination. The information for correcting the safety evaluation of the user device stored in association with the information indicating the combination of devices that are not compatible included in the information related to the environment of the user device, and the user The information for correcting the evaluation of the performance of the device is acquired, the evaluation of the environment of the user device is corrected according to the acquired information, and the corrected evaluation is performed via the network operator terminal. And transmits to the-bis provider terminal.

The present invention also relates to a device information transmitting apparatus capable of communicating with a network operator terminal that relays communication performed between a user device operated by a user and a service provider terminal that provides a service to the user device. When the information about the environment of the user device is received from the user device via the network operator terminal, the information about the environment of the user device and the safety of the user device are evaluated. The safety of the user device stored in association with the received information on the environment of the user device from the evaluation database storing the information to be evaluated and the information for evaluating the performance of the user device. Evaluation for evaluating information to be evaluated and information for evaluating the performance of the user device, and evaluating the environment of the user device indicated by the received information according to the acquired information And an evaluation value correction for storing information indicating a combination of devices having a poor compatibility, information for correcting the safety evaluation of the user device, and information for correcting the performance evaluation of the user device in association with each other If the received information regarding the environment of the user device includes information indicating an incompatible device combination, the combination of the incompatible device included in the information regarding the environment of the user device The information for correcting the safety evaluation of the user device stored in association with the information indicating the information and the information for correcting the performance evaluation of the user device are acquired, and the evaluation unit according to the acquired information this has a correcting unit for correcting the evaluation of the user device environment, the evaluation of the correction unit is corrected via the network operator's terminal, and a transmission unit for transmitting to the service provider terminal by The features.

  Further, the present invention is characterized in that, in the above-mentioned invention, the information generation means generates identification information for each device based on information related to the environment of the device read by a TPM (Trusted Platform Module).

  Also, in the present invention according to the above invention, the search result transmission unit generates the identification information generated by the information generation unit based on the identification information input by a user of the device, wherein the identification information is displayed on the device. When the information output request for the information related to the device received is received, the information related to the device corresponding to the identification information is searched from the database storing the information related to the device.

  Further, the present invention causes the computer to further function as an electronic certificate transmission unit that transmits an electronic certificate that proves whether or not the identification information generated by the information generation unit has been issued by a legitimate institution. And

  Further, the present invention is characterized in that, in the above-mentioned invention, the information generating means generates an electronic signature based on information relating to the environment of the device, and uses the generated electronic signature as the identification information.

  Also, in the present invention according to the above-mentioned invention, the search result transmitting means uses the decryption key corresponding to the encryption key used when generating the electronic signature to obtain information obtained by decrypting the electronic signature. When an included information output request is received, information related to a device corresponding to the electronic signature is searched using information obtained by decrypting the electronic signature as a search key.

  The present invention also provides a service control program for causing a computer to function as a means for controlling a service provided to a device based on information related to the device environment, wherein the computer is combined with a plurality of device environments. When such information is received, the information processing apparatus functions as a service control unit that controls a service provided to the device based on the information related to the combination of the environments.

  Further, the present invention is a service control device that controls a service provided to a device based on information related to the environment of the device, and when receiving information related to a combination of environments of a plurality of devices, Service control means for controlling a service provided to a device based on information relating to a combination of environments is provided.

Further, the present invention is executed by a computer that can communicate with a network operator terminal that relays communication performed between a user device operated by a user and a service provider terminal that provides a service to the user device. Device information transmission program, when information about the environment of the user device is received from the user device via a network operator terminal, information about the environment of the user device, and the user device The user stored in association with the received information on the environment of the user device from the evaluation database that stores information for evaluating the safety of the user and information for evaluating the performance of the user device Information for evaluating the safety of the device and information for evaluating the performance of the user device are acquired, and the received information is displayed according to the acquired information. Information that evaluates the environment of the user device, indicates a combination of devices that are incompatible, information that corrects the safety evaluation of the user device, and information that corrects the performance evaluation of the user device When the received information regarding the environment of the user device includes information indicating a combination of devices that are not compatible with each other, with reference to the evaluation value correction amount database stored in association, the information regarding the environment of the user device includes Acquiring information for correcting the safety evaluation of the user device stored in association with information indicating a combination of devices having a poor compatibility, and information for correcting the performance evaluation of the user device; The computer executes a process of correcting the evaluation of the environment of the user device according to the acquired information and transmitting the corrected evaluation to the service provider terminal via the network provider terminal. Characterized in that it makes.

  According to the present invention, identification information for each device is generated based on information related to the environment of the device, an information output request for information related to the device is generated based on the generated identification information, and based on the generated identification information When the information output request for the information related to the generated device is received, the information related to the device corresponding to the identification information is searched from the database storing the information related to the device, and the information related to the search result is retrieved by the device. Since it is transmitted as information indicating whether or not the device can be provided, the user can easily and efficiently confirm whether or not the device can receive the service from the service provider. There is an effect that can be done.

  Further, according to the present invention, the identification information for each device is generated based on the information related to the device environment read by the TPM (Trusted Platform Module). There is an effect that the information related to can be efficiently collected with high reliability.

  Further, according to the present invention, when the identification information is displayed on the device and the information output request for the information related to the device generated based on the identification information input by the user of the device is received, the device Since the information related to the device corresponding to the identification information is searched from the database storing the information related to the identification information, the identification information displayed on the device is displayed on the device by printing the identification information on a sticker and pasting it on the device. When the user inputs, there is an effect that the user can easily and efficiently confirm whether or not the device can receive the service from the service provider.

  Further, according to the present invention, since the electronic certificate that proves whether or not the generated identification information has been issued by a legitimate institution is used, the fact that the identification information has been issued by a legitimate institution is used. There is an effect that the person can be surely verified.

  In addition, according to the present invention, an electronic signature is generated based on information related to the environment of the device, and the generated electronic signature is used as the identification information. Therefore, different identification information is generated efficiently for each device. There is an effect that can be.

  Further, according to the present invention, when an information output request including information obtained by decrypting the electronic signature using the decryption key corresponding to the encryption key used when the electronic signature is generated is received In addition, since the information related to the device corresponding to the electronic signature is searched using the information obtained by decrypting the electronic signature as a search key, it corresponds to the electronic signature if the electronic signature is forged. Since the information related to the device to be used cannot be searched, there is an effect that the user can easily and efficiently confirm whether or not the electronic signature is valid.

  Further, according to the present invention, when information related to a combination of environments of a plurality of devices is received, the service provided to the device is controlled based on the information related to the combination of the environments, so that compatibility is poor When there is a combination of devices, the service provided to the devices can be controlled in consideration of the combination.

It is a figure explaining the concept of the apparatus information transmission process which concerns on Example 1. FIG. It is a figure explaining the service control system which concerns on Example 1. FIG. 1 is a diagram illustrating a configuration of a service control system according to a first embodiment. It is a figure which shows the example of the information memorize | stored in signature DB15a. It is a figure which shows the example of the information memorize | stored in environmental information DB15b. It is a figure which shows the example of the information memorize | stored in apparatus information DB25b. It is a figure which shows the example of the information memorize | stored in evaluation DB25c. It is a figure which shows the example of the information memorize | stored in environmental information acquisition command DB35a. It is a figure which shows the example of the information memorize | stored in the service request table 35b. It is a figure which shows the example of the information memorize | stored in service DB35c. It is a figure which shows the example of the information memorize | stored in service policy DB35d. It is a figure which shows the example of the information memorize | stored in user DB35e. It is a figure which shows the example of the information memorize | stored in the environment information table 45a. 2 is a diagram illustrating a functional configuration of a device vendor terminal 10. FIG. 3 is a diagram illustrating a functional configuration of an environment management station terminal 20. 3 is a diagram showing a functional configuration of a service provider terminal 30. FIG. 3 is a diagram illustrating a functional configuration of a service user device 40. FIG. It is a flowchart which shows the process at the time of electronic signature production | generation / confirmation. It is a flowchart which shows the process at the time of service control. It is a figure explaining the concept of the compatibility verification process which concerns on Example 2. FIG. It is a figure which shows the structure of the service control system which concerns on Example 2. FIG. It is a figure which shows the example of the information memorize | stored in compatibility information DB65a. It is a figure which shows the example of the information memorize | stored in evaluation value correction amount DB75d. It is a figure which shows the function structure of the combination verification organization terminal. 3 is a diagram showing a functional configuration of an environment management station terminal 70. FIG. It is a figure which shows the hardware constitutions of the computer which comprises each apparatus.

  Exemplary embodiments of a device information transmission program, a device information transmission system, and a device information transmission method according to the present invention will be described below in detail with reference to the accompanying drawings.

  First, the concept of device information transmission processing according to the first embodiment will be described. FIG. 1 is a diagram illustrating a concept of device information transmission processing according to the first embodiment, and FIG. 2 is a diagram illustrating a service control system according to the first embodiment.

  This device information transmission processing is performed in a service control system that evaluates the environment of a device possessed by a service user from a plurality of viewpoints such as safety, and controls a service provided to the device based on the evaluation result. This is done in order to confirm whether or not the device can be provided with a service before purchasing or using the device.

  Here, the device environment refers to software (OS, BIOS, browser, plug-in software, etc.) and hardware (CPU, memory, PCI board, etc.) incorporated in the device, hardware connected to the device, and the like. is there.

  Specifically, in the device information transmission process, as shown in FIG. 1, the device vendor terminal transmits the environment information of the device sold by the device vendor itself to the terminal of the environmental management station ((1 in FIG. 1). )reference). This device has been confirmed in advance to receive service provision.

  Then, the terminal of the environment management station hashes the environment information transmitted by the terminal of the device vendor, further generates an electronic signature for each device by encrypting it using a secret key, and hashes the environment information. The obtained hash value is stored in the database in association with device information (for example, the product name of the device). Then, the terminal of the environmental management station transmits the electronic signature to the terminal of the device vendor (see (2) in FIG. 1).

  The device vendor creates a seal on which the electronic signature received by the device vendor's terminal is printed, affixes it to the device, and sells the device (see (3) in FIG. 1). Thereby, the service user can easily confirm that the device is a device that can receive the service, and can purchase the device with peace of mind.

  Furthermore, the service user can check whether the electronic signature printed on the sticker attached to the device is valid. Specifically, the device of the service user generates a hash value by decrypting the encrypted electronic signature using the public key acquired from the environment management station, and the hash value is generated at the terminal of the environment management station (See (4) in FIG. 1).

  Upon receiving the hash value, the terminal of the environmental management station searches whether the device information (for example, the product name of the device) corresponding to the hash value is stored in the database, and the device information is searched. In this case, the information on the device is transmitted to the service user's terminal (see (5) in FIG. 1). As a result, the service user can confirm that the electronic signature is not a forged one but a legitimate electronic signature, and the device information that has been sent and the device that the user intends to use. Can be confirmed that the electronic signature is not issued for another device.

  In this case, the hash value information is transmitted to the terminal of the environmental management station using a device with a sticker on which an electronic signature is printed. However, a device other than the device with a sticker is used. Send the hash value information of the device with the sticker attached, receive the search result of the device information from the terminal of the Environmental Management Bureau, and check whether the electronic signature of the device with the sticker is valid It may be confirmed.

  Thereafter, the service user's device receives service from the service provider by the service control system as shown in FIG. This service control system controls a service provided from a service provider terminal to a service user terminal via a network.

  That is, the service control system provides contents such as movies and music from the service provider terminal to the service user device via the network, but software that impairs safety (for example, security holes are not taken care of) Relevant to service user equipment, such as refusing to provide content to service user equipment with hardware installed or service user equipment with hardware that compromises safety Control services according to the environment.

  Specifically, in the service control system, an environment management station, which is a third party other than the service provider, controls the service in cooperation with the service provider. When the environment management bureau terminal obtains software or hardware information (environmental information) embedded in the service user's device from a device vendor, etc., the safety management station terminal An evaluation value is assigned from the viewpoint of performance, and this evaluation value and environmental information are associated and managed.

  In other words, for example, the terminal of the environmental management bureau is: “Company A OS-A (version 2002) = 90 safety evaluation value & 70 performance evaluation value, A company OS-A (version 2000) = safety evaluation value” An evaluation DB in which environmental information and evaluation values are associated with each other such as “90 points & performance evaluation value 70 points,...” Is managed.

  On the other hand, the service provider manages an evaluation value necessary for providing each content as a service providing condition in association with the service (content). In other words, for example, the service provider's terminal reads: “Content A provision condition = safety evaluation value 90 points or more & performance evaluation value 90 points or more, content B provision condition = safety evaluation value 70 points or more & performance evaluation A service policy DB in which each service is associated with a service provision condition such as “value of 90 points or more,...” Is managed.

  When the service user receives service from the service provider, the environment information of the service user device is transmitted to the terminal of the environmental management station via the network operator ((1) in FIG. 2). reference). The terminal of the environmental management station calculates an evaluation value corresponding to the received environmental information based on the evaluation DB, and transmits the evaluation value calculated via the network operator to the terminal of the service provider ((2 in FIG. 2). )reference).

  The service provider terminal determines whether or not the received evaluation value satisfies the service provision condition based on the service policy DB, and performs service control such as content provision or service refusal (see (3) in FIG. 2). ).

  As described above, in a service control system that checks whether or not the environment of the device is safe and provides a service to the device when the environment is safe, whether or not the service user can receive the service provided by the service user. There is a request to check the device before purchasing or using the device, but by using the system as shown in FIG. 1, the service user can check it easily and efficiently. .

  In addition, since the service user can easily confirm whether or not the device can receive the service and can give the user a sense of security, the device vendor can promote the sale of the device. Furthermore, if the environment management station receives the price for issuing the electronic signature from the equipment vendor, the environment management station can be provided with a benefit.

  Next, the configuration of the service control system according to the first embodiment will be described. FIG. 3 is a diagram illustrating the configuration of the service control system according to the first embodiment. As illustrated in FIG. 3, the service control system according to the first embodiment includes a device vendor terminal 10, an environment management station terminal 20, a service provider terminal 30, a service user device 40, and a network operator terminal 50. Are configured so that they can communicate with each other via a network (Internet, LAN, public telephone network, etc.). And each apparatus 10-40 produces | generates various memory | storage means (database and table) as a process before service control so that it may demonstrate below.

  The device vendor terminal 10 is a computer owned by the device vendor, and includes a signature DB 15a and an environment information DB 15b as shown in FIG. Here, the signature DB 15a is a storage means for storing the electronic signature received from the environment management station terminal 20, and specifically, as shown in FIG. 4, a device ID for uniquely identifying each device, and an electronic signature Are stored in association with each other. Here, the “electronic signature” is registered in the signature DB 15 a every time an electronic signature is received from the environment management station terminal 20.

  The environment information DB 15b is storage means for storing the environment information of each device. Specifically, as shown in FIG. 5, the device ID and software (OS, BIOS, browser, Plug-in software or the like) and hardware (CPU, memory, PCI board, etc.) information (environmental information related to the device) are stored in association with each other. Here, the “environmental information related to the device” is software or hardware information collected by each device using a security chip called a TPM (Trusted Platform Module).

  The environment management station terminal 20 is a server computer possessed by the environment management station, and includes a secret key / public key data 25a, a device information DB 25b, and an evaluation DB 25c, as shown in FIG.

  Here, the secret key / public key data 25a stores the secret key used when generating the electronic signature by hashing the device environment information and further encrypting it, and the public key for decrypting the digital signature It is.

  The device information DB 25b is storage means for storing information related to the device that generated the electronic signature. Specifically, as shown in FIG. 6, the device ID, the product name of the device, and the environment information related to the device. And the hash value obtained by hashing the environment information and the electronic signature obtained by encrypting the hash value with the secret key are stored in association with each other. These pieces of information are registered in the device information DB 25b every time an electronic signature is generated.

  The evaluation DB 25c is a storage means for storing the evaluation value of the vendor product incorporated in the service user device 40. Specifically, as shown in FIG. The environmental information and the evaluation value are stored in association with each other.

  Among these, “environment information” and “hashed environment information” are registered in the evaluation DB 25a every time software or hardware information (environment information) incorporated in the service user device 40 is obtained from the device vendor. .

  The “evaluation value” is determined from the viewpoint of safety and performance based on the vulnerabilities and capabilities of the vendor product when such vendor product is obtained, and the “environmental information” and the “hashed environment” are determined. It is registered in association with “information”.

  Furthermore, the “evaluation value” registered in this way is reviewed when a new vulnerability (security hole) is discovered later or when a higher-performance generic product is produced. It is registered for update.

  The “evaluation value” includes a “safety evaluation value” determined from a security viewpoint based on the vulnerability of the vendor product, and a “performance evaluation value” determined from the performance viewpoint based on the capability of the vendor product. There is.

  The service provider terminal 30 is a server computer possessed by the service provider. As shown in FIG. 3, the service provider terminal 30 includes an environment information acquisition command DB 35a, a service request table 35b, a service DB 35c, a service policy DB 35d, and a user DB 35e. Prepare.

  Here, the environment information acquisition command DB 35a is a storage unit that stores information related to an environment information acquisition command (an instruction that defines the type of environment information used for evaluation). Specifically, as shown in FIG. For each service (content) provided by the service provider, a service ID and an environment information acquisition command ID are stored in association with each other. The service ID and the environment information acquisition command ID are registered online or offline from the service provider.

  The service request table 35b is storage means for storing information related to service requests received from the service user equipment 40. Specifically, as shown in FIG. 9, each service request is stored for each service request. Service request ID for uniquely identifying, service ID included in the service request, user ID included in the service request, hashed environment information received from the service user device 40, and acquired from the environment management station terminal 20 The evaluation value thus obtained is stored in association with each other.

  The service DB 35c is storage means for storing information (for example, content) of services provided by the service provider. Specifically, as shown in FIG. 10, each content (service content) is stored for each service (content). A service ID for uniquely identifying, a service name (moving content name), and content data are stored in association with each other.

  As the content data, as shown in FIG. 10, even if the content is the same, high-quality data suitable for provision to the high-performance service user equipment 40 and low-performance service user equipment Some of them store low-quality data suitable for provision to 40.

  In addition, the service policy DB 35d is a storage unit that stores a policy related to service provision. Specifically, as illustrated in FIG. 11, the service ID of each content (service) and the service provision condition (for each content) An evaluation value necessary for provision) and an environment information acquisition instruction ID (an instruction specifying the type of environment information used for evaluation) are stored in association with each other.

  Here, depending on how the “evaluation value” is set as the service provision condition, service control that provides content only to devices with low evaluation points (for example, devices that are not vulnerable, devices that are not low performance, etc.) is realized. be able to.

  That is, for example, for the service user terminal 40 that satisfies the evaluation value of the service provision condition, the requested content is read from the service DB 35a and provided, but the service that does not satisfy the evaluation value of the service provision condition Service policy such as denying content provision to the user terminal 40 or providing low-quality content data read from the service DB 35a to the user terminal 40 having only a low performance evaluation value Service control according to the service policy defined in the DB 25b is executed.

  In addition, the requested service cannot be provided as it is, but the service user can be shown how it can be provided. In other words, it is possible to prompt the use rather than reject the use by indicating that “I will provide it if the OS version is increased”.

  The reason that the “environment information acquisition command ID” is specified for each service is that the evaluation target (for example, only OS safety, only CPU performance, OS and CPU safety and performance, etc.) is different for each service. Because you get.

  The user DB 35e is storage means for storing information on service users. Specifically, as shown in FIG. 12, a user ID for uniquely identifying a service user for each service user, The user name and service history (service control date and time, service ID, evaluation value used for service control, service control execution result) are stored in association with each other.

  The service user device 40 is a DVD player, personal computer, workstation, home game machine, Internet TV, PDA, mobile phone, PHS, or the like that the service user has installed with at least communication software such as a web browser. This is a mobile communication terminal or the like, and includes an environment information table 45a as shown in FIG.

  Here, the environment information table 45a is a storage means for storing information related to the environment of the service user device 40, and specifically, software installed in the service user device 40 as shown in FIG. Environment information such as (OS, BIOS, browser, plug-in software, etc.), hardware (CPU, memory, PCI board, etc.), and hardware connected to the service user device 40 is stored.

  Such environment information is collected and registered in the environment information table 45a by the service user device 40 itself when the service user device 40 is activated, and when the software is newly installed after activation or when the hardware is newly installed. Even when connected, the service user equipment 40 itself collects the environment information and registers it in the environment information table 45a. Such collection of environmental information is realized by using a security chip called TPM.

  Next, the functional configuration of the device vendor terminal 10 will be described. FIG. 14 is a diagram illustrating a functional configuration of the device vendor terminal 10. As illustrated in FIG. 14, the device vendor terminal 10 includes an input unit 11, an output unit 12, an input / output control IF unit 13, a communication control IF unit 14, a storage unit 15, and a control unit 16.

  The input unit 11 is input means for inputting various information such as a keyboard, a mouse, and a microphone. The output unit 12 is an output unit that outputs various types of information such as a monitor (or display, touch panel), a speaker, and a printer.

  The input / output control IF unit 13 is a unit that controls input / output of data by the input unit 11 and the output unit 12, and the communication control IF unit 14 is a unit that mainly controls communication with the environment management station terminal 20. It is.

  The storage unit 15 is a storage unit (storage unit) that stores data and programs necessary for various processes performed by the control unit 16, and includes a signature DB 15a and an environment information DB 15b. As described above, the signature DB 15a is a storage unit that stores an electronic signature received from the environment management station terminal 20 (see FIG. 4), and the environment information DB 15b is a storage unit that stores environment information of each device (see FIG. 4). (See FIG. 5).

  The control unit 16 has an internal memory for storing programs and control data that define various processing procedures, and is a control unit that executes various processes using these. The environment information management unit 16a and the signature management It has a part 16b.

  The environment information management unit 16a is a processing unit that manages the environment information of the device. Specifically, the environment information management unit 16a acquires the environment information and stores the environment information in the environment information DB 15b. The environment information may be acquired by receiving input of environment information by the input unit 11 or may be acquired from another device via the network via the communication control IF unit 14.

  Further, the environment information management unit 16a reads out the environment information of the device that requests the environment management station terminal 20 to generate an electronic signature from the environment information DB 15b, and transmits the environment information to the environment management station terminal 20.

  The signature management unit 16 b is a processing unit that manages the electronic signature received from the environment management station terminal 20. Specifically, the signature management unit 16b stores the electronic signature received from the environment management station terminal 20 in the signature DB 15a in association with the device in which the electronic signature is generated. In addition, when the signature management unit 16b receives an electronic signature output request, the signature management unit 16b reads the electronic signature from the signature DB 15a and outputs it to the output unit 12.

  Next, the functional configuration of the environment management station terminal 20 will be described. FIG. 15 is a diagram illustrating a functional configuration of the environment management station terminal 20. As shown in FIG. 15, the environment management station terminal 20 includes an input unit 21, an output unit 22, an input / output control IF unit 23, a communication control IF unit 24, a storage unit 25, and a control unit 26.

  The input unit 21 is input means for inputting various information such as a keyboard, a mouse, and a microphone. The output unit 22 is an output unit that outputs various types of information such as a monitor (or display, touch panel), speaker, and printer.

  The input / output control IF unit 23 is means for controlling input / output of data by the input unit 21 and the output unit 22, and the communication control IF unit 24 includes the device vendor terminal 10, the service provider terminal 30, and the service user device 40. It is a means to control communication between and the like.

  The storage unit 25 is a storage unit (storage unit) that stores data and programs necessary for various processes by the control unit 26, and includes a secret key / public key data 25a, a device information DB 25b, and an evaluation DB 25c.

  The private key / public key data 25a stores a secret key used to generate an electronic signature by encrypting hashed device environment information, and a public key used to decrypt the electronic signature. Is.

  The device information DB 25b is a storage unit that stores information about the device that generated the electronic signature (see FIG. 6), and the evaluation DB 25c is a storage unit that stores an evaluation value of a vendor product incorporated in the service user device 40. (See FIG. 7).

  The control unit 26 has an internal memory for storing programs defining various processing procedures and control data, and is a control unit that executes various processes using these, and includes a key management unit 26a and a device information search unit 26b. , A signature generation unit 26c, and an evaluation value calculation unit 26d.

  The key management unit 26a stores and manages a secret key used for encrypting a hash value when generating an electronic signature and a public key used for decrypting the electronic signature in the storage unit 25. Do it. Further, when the public key transmission request is received from the service user device 40, the key management unit 26 a reads the public key from the storage unit 25 and transmits it to the service user device 40.

  When the information on the hash value obtained by decrypting the electronic signature printed on the sticker attached to the device is received from the service user device 40, the device information search unit 26b obtains the hash value from the device information DB 25b. A process for searching for information related to the device (in this case, product name information) is performed as a search key.

  When the information related to the device is searched, the device information search unit 26b transmits the information and a message indicating that the search is successful to the service user device 40. Thereby, the service user can confirm that the electronic signature printed on the sticker affixed to the device is valid.

  On the other hand, if the information related to the device cannot be searched, the device information search unit 26b transmits a message indicating that the information is not available to the service user device 40. As a result, the service user can confirm that the electronic signature printed on the sticker attached to the device is not valid.

  When the signature generation unit 26c receives device environment information from the device vendor terminal 10, the signature generation unit 26c performs processing for generating an electronic signature based on the environment information. Specifically, when receiving the environment information of the device from the device vendor terminal 10, the signature generation unit 26c hashes the environment information and generates an electronic signature by encrypting the obtained hash value with a secret key. To do.

  Then, the signature generation unit 26c stores the device ID, product information, and environment information received from the device vendor terminal 10 in association with the hash value and the electronic signature. In addition, the signature generation unit 26 c transmits the generated electronic signature to the device vendor terminal 10.

  The evaluation value calculation unit 26d is a processing unit that evaluates the environment related to the service user device 40 and calculates an evaluation value. Specifically, when an evaluation request including the hashed environment information and the service request ID is received from the service provider terminal 30, the evaluation value corresponding to the hashed environment information included in the request is read out from the evaluation DB 25c. Calculate the value.

  Next, the functional configuration of the service provider terminal 30 will be described. FIG. 16 is a diagram illustrating a functional configuration of the service provider terminal 30. As illustrated in FIG. 16, the service provider terminal 30 includes an input unit 31, an output unit 32, an input / output control IF unit 33, a communication control IF unit 34, a storage unit 35, and a control unit 36.

  The input unit 31 is input means for inputting various information such as a keyboard, a mouse, and a microphone. The output unit 32 is an output unit that outputs various types of information such as a monitor (or display, touch panel), speaker, and printer.

  The input / output control IF unit 33 is means for controlling input / output of data by the input unit 31 and the output unit 32, and the communication control IF unit 34 is connected to the environment management station terminal 20, the service user device 40, and the like. It is a means for controlling communication.

  The storage unit 35 is a storage unit (storage unit) that stores data and programs necessary for various processes performed by the control unit 36, and includes an environment information acquisition command DB 35a, a service request table 35b, a service DB 35c, a service policy DB 35d, and a user DB 35e. Prepare.

  As described above, the environment information acquisition command DB 35a is storage means for storing information related to the environment information acquisition command (see FIG. 8), and the service request table 35b relates to the service request received from the service user device 40. Storage means for storing information (see FIG. 9), the service DB 35c is storage means for storing information on services provided by the service provider (see FIG. 10), and the service policy DB 35d relates to provision of services. The storage unit stores a policy (see FIG. 11), and the user DB 35e is a storage unit that stores service user information (see FIG. 12).

  The control unit 36 has an internal memory for storing programs and control data defining various processing procedures, and is a control means for executing various processes by using these, and includes a service request receiving unit 36a and an evaluation requesting unit 36b. A service control unit 36c and a history processing unit 36d.

  The service request receiving unit 36 a is a processing unit that receives a service request from the service user device 40. Specifically, a service request message (for example, an HTTP message) including the service ID of the requested service and the user ID of the service user is received from the service user device 40.

  In addition, after receiving the service request message, the service request receiving unit 36a issues a service request ID, and registers the service request ID, the service ID, and the user ID in association with each other in the service request table 35b.

  The evaluation requesting unit 36b is a processing unit that receives environmental information of the service user device 40 from the service user device 40, transmits the environmental information to the environment management station terminal 20, and requests calculation of an evaluation value.

  Specifically, the evaluation requesting unit 36b reads the environment information acquisition command ID corresponding to the service ID included in the service request from the environment information acquisition command DB 35a and transmits it to the service user device 40.

  In response to this, when hashed environment information is received from the service user device 40, it is registered in the service request table 35b, and the hashed environment information and the corresponding service request ID are transmitted to the environment management station terminal 20. And request the calculation of the evaluation value.

  The service control unit 36 c is a processing unit that controls a service provided to the service user device 40 based on the evaluation value calculated by the environment management station terminal 20. Specifically, when the service control unit 36c receives an evaluation value corresponding to the service ID and the user ID from the environment management station terminal 20, the service control unit 36c refers to the service policy DB 35d and the evaluation value included in the service request is the same. After determining whether or not the service provision condition of the service ID included in the service request is satisfied, the service provided to the service user device 40 is controlled.

  The history processing unit 36d is a processing unit that processes a service history for a service user. Specifically, the history processing unit 36d performs service control date / time, service ID, and service control in association with the user ID and user name of the service user who made the service request after the service control by the service control unit 36c. The service history including the evaluation value used and the execution result of the service control is registered in the user DB 35e.

  Here, the service provider terminal 30 receives a service request from the service user device 40 and requests the environment management station terminal 20 to evaluate the environment of the service user device 40. The terminal 50 may perform the processing as a proxy.

  Specifically, the network operator terminal 50 receives a service request from the service user device 40 and transmits an environment information acquisition command ID to the service user device 40. Then, upon receiving the hashed environment information from the service user device 40, the network operator terminal 50 transmits the hashed environment information and the corresponding service request ID to the environment management station terminal 20 and requests the evaluation value to be calculated. To do. Thereafter, the network operator terminal 50 may transmit the evaluation value information received from the environment management station terminal 20 to the service provider terminal 30.

  Next, a functional configuration of the service user device 40 will be described. FIG. 17 is a diagram illustrating a functional configuration of the service user device 40. As illustrated in FIG. 17, the service user device 40 includes an input unit 41, an output unit 42, an input / output control IF unit 43, a communication control IF unit 44, a storage unit 45, and a control unit 46.

  The input unit 41 is input means for inputting various information such as a keyboard, a mouse, and a microphone. The output unit 42 is an output unit that outputs various types of information such as a monitor (or display or touch panel), a speaker, and a printer.

  The input / output control IF unit 43 is means for controlling input / output of data by the input unit 41 and the output unit 42, and the communication control IF unit 44 is connected to the environment management station terminal 20, the service provider terminal 30, and the like. It is a means for controlling communication.

  The storage unit 45 is a storage unit (storage unit) that stores data and programs necessary for various processes performed by the control unit 46, and includes an environment information table 45a. The environment information table 45a is storage means for storing information relating to the environment of the service user device 40 (see FIG. 13).

  The control unit 46 is a control unit that has an internal memory for storing programs and control data that define various processing procedures, and executes various processes using these programs. As shown in FIG. 46a, an environment information collection unit 46b, and an environment information transmission unit 46c.

  The signature verification unit 46a is a processing unit that verifies whether the electronic signature printed on the sticker attached to the device is valid. Specifically, the signature verification unit 46a accepts the information of the electronic signature input via the input unit 41 while confirming the seal on which the service user has printed the electronic signature.

  The signature verification unit 46a obtains a public key for decrypting the electronic signature from the environment management station terminal 20, and decrypts the electronic signature using the public key to obtain a hash value. Thereafter, the signature verification unit 46a transmits the hash value information to the environment management station terminal 20, and whether the device information corresponding to the hash value is registered in the device information DB 25b for the environment management station terminal 20 or not. Request to search for.

  The signature verification unit 46a receives the search result information from the environment management station terminal 20 and outputs it to the output unit 42. If the device information is registered in the device information DB 25b, it can be confirmed that the electronic signature is valid. If the device information is not registered in the device information DB 25b, it can be confirmed that the electronic signature is not valid.

  The environment information collection unit 46 b is a processing unit that collects environment information of the service user device 40. Specifically, the environment information collection unit 46b collects its own environment information and registers it in the environment information table 45a when the service user device 40 is activated, and the software is newly installed after activation. Even when new hardware is connected, the environmental information is collected and registered in the environmental information table 45a. Such collection of environmental information is realized by using a security chip called TPM.

  The environment information transmitting unit 46c is a processing unit that transmits environment information to the service provider terminal 30 when a service request is made. Specifically, when the environment information transmission unit 46c receives the environment information acquisition command ID from the service provider terminal 30 in response to transmission of the service request including the service ID and the user ID, the environment information acquisition command ID is defined. The environment information is read from the environment information table 45a, and the hashed environment information obtained by hashing the environment information is transmitted to the service provider terminal 30.

  Next, a processing procedure at the time of electronic signature generation / confirmation by the service control system according to the first embodiment will be described. FIG. 18 is a flowchart showing processing at the time of electronic signature generation / confirmation.

  As shown in FIG. 18, when device information and environment information are transmitted from the device vendor terminal 10 to the environment management station terminal 20 (step S101), the environment management station terminal 20 hashes the environment information (step S102). A hash value obtained by hashing is encrypted with a secret key to generate an electronic signature (step S103).

  Then, the environment management station terminal 20 creates device information DB 25b by making device information, environment information, hash value, and electronic signature into a database (step S104), and transmits the electronic signature to the device vendor terminal 10 (step S105).

  Thereafter, the device vendor prints the electronic signature received by the device vendor terminal 10 on a sticker, affixes it to the device, and sells it. Then, the service user confirms that the sticker on which the electronic signature is printed is attached to the device before purchasing / using the device.

  As a result, the service user can confirm that this device is a device that can receive the service, and can purchase and use the device with peace of mind. Further, in order to confirm that the electronic signature is not a forged one but a valid one, the following processing is performed.

  First, when the service user device 40 receives a request from the service user to confirm that the electronic signature is valid, the service user device 40 requests the environment management station terminal 20 to transmit the public key (step). S106).

  The environment management station terminal 20 that has received this request transmits a public key to the service user device 40 (step S107). The service user device 40 decrypts the electronic signature input by the service user using the public key (step S108), and transmits the hash value information obtained as a result of the decryption to the environment management station terminal 20. (Step S109).

  Then, the environment management station terminal 20 receives the hash value, and searches for device information from the device information DB 25b using the hash value as a search key (step S110). Thereafter, the environment management station terminal 20 transmits the search result to the service user device 40 (step S111). This search result includes the device information when the device information is searched, and includes information indicating that the device information is not searched when the device information is not searched.

  Then, the service user device 40 receives the search result information and performs a process of outputting it (step S112). The service user can check that the electronic signature is valid when the device information is output by looking at the output search result, and the device information sent to the user can be used by himself / herself. By confirming that the device to be matched matches, it can be confirmed that the electronic signature has not been issued for another device. If the device information is not retrieved, it can be confirmed that the electronic signature is not valid.

  Next, a processing procedure at the time of service control by the service control system according to the first embodiment will be described. FIG. 19 is a flowchart showing processing during service control.

  As shown in FIG. 19, when a service request message including a service ID and a user ID is transmitted from the service user device 40 to the service provider terminal 30 (step S201), the service provider terminal 30 An ID is issued, the service request ID, the service ID, and the user ID are associated with each other and registered in the service request table 35b, and the environment information acquisition command ID corresponding to the service ID is read from the environment information acquisition command DB 35a to be service users. It transmits to the apparatus 40 (step S202).

  On the other hand, the service user device 40 that has received the environment information acquisition command ID reads the environment information defined in the environment information acquisition command ID from the environment information table 45a, and provides hashed environment information obtained by hashing the environment information. To the user terminal 30 (step S203).

  Following this, the service provider terminal 30 registers the hashed environment information in the service request table 35b and transmits the hashed environment information and the corresponding service request ID to the environment management station terminal 20 to evaluate the value. Is requested (step S204).

  Thereafter, the environment management station terminal 20 that has received the evaluation request calculates an evaluation value by reading out an evaluation value corresponding to the hashed environment information included in the request from the evaluation DB 25a (step S205). Furthermore, the environment management station terminal 20 transmits an evaluation result including the evaluation value and the service request ID to the service provider terminal 30 (step S206).

  Following this, the service provider terminal 30 registers the evaluation value received from the environmental management station terminal 20 in the service request table 35b, and refers to the service policy DB 35d, and the evaluation value included in the service request is the same as the service. After determining whether or not the service provision condition of the service ID included in the request is satisfied, the service provided to the service user device 40 is controlled (step S207).

  That is, for example, the service provider terminal 30 defines in the service policy DB 35d such that the requested content is read from the service DB 35c and provided only to the service user device 40 that satisfies the evaluation value of the service provision condition. Executes service control according to the service policy.

  Further, after executing the service control, the service provider terminal 30 associates the user ID and the user name of the service user who has made the service request with the service control date and time, the service ID, the evaluation value used for the service control, and the service control. The service history consisting of the execution result is registered in the user DB 35e (step S208).

  In the first embodiment, it is assumed that the environment management station is a reliable organization, but it is also conceivable that the device vendor and the environment management station collaborate to generate a fake electronic signature. In order to prevent this, a higher-level certificate authority that authenticates that the environment management station is a legitimate environment management station may be installed.

  In this case, after the higher certificate authority confirms the validity of the environment management station that generates the electronic signature, the terminal of the higher certificate authority transmits an electronic certificate to the environment management station terminal 20. The environment management station terminal 20 that has received the electronic certificate transmits the electronic certificate received from the higher-level certificate authority to the service user device 40. The service user can determine whether or not the environment management station is a legitimate environment management station authenticated by the higher-level certificate authority by examining the information of the issuer of the electronic certificate.

  In the first embodiment, the environment management station terminal 20 acquires the device environment information from the device vendor terminal 10 and generates an electronic signature. However, information such as a software program developed by a service user or the like is used. May be received from the service user device 40 or the like, and an electronic signature displayed on a window of a software program for displaying version information or the like may be generated. The developer of the software program distributes the software program so that the electronic signature is displayed in the window.

  By confirming the electronic signature, the service user can confirm that the software program is a software program corresponding to an environment in which service can be provided from the service provider.

  Further, when it is desired to confirm the validity of the electronic signature, the hash value information obtained by decrypting the electronic signature displayed in the window is transmitted to the environment management station terminal 20, and the method as described above is followed. Check validity.

  In the first embodiment, the hash value or the electronic signature obtained by encrypting the hash value is used as identification information for identifying the device. However, the information is not limited to this as long as the information can uniquely identify the device. Various information can be used.

  As described above, in the first embodiment, the environment management station terminal 20 generates an electronic signature for each device based on information related to the environment of the device, and the service user device 40 is transmitted by the environment management station terminal 20. An information output request for information related to the device is generated based on the generated electronic signature and the information output request is transmitted. When the environment management station terminal 20 receives the information output request, the information related to the device is Information related to the device corresponding to the identification information is searched from the stored device information DB 25b, and the information related to the search result is stored in the service user device 40 as information indicating whether the device is a device that can receive the service. Since the transmission is made, the service user can easily and efficiently confirm whether or not the device can receive the service from the service provider.

  In the first embodiment, the environment management station terminal 20 generates an electronic signature for each device based on information related to the device environment read by the TPM. It is possible to efficiently collect information related to the environment with high reliability.

  Further, in the first embodiment, when the service user device 40 is displayed on a sticker attached to the device, the information on the device based on the electronic signature input by the service user is displayed. Since the information output request is generated and the generated information output request is transmitted to the environmental management station terminal 20, the service user inputs the electronic signature printed on the sticker attached to the device, so that the device The service user can easily and efficiently confirm whether or not the service provider can receive service from the service provider.

  In the first embodiment, the environment management station terminal 20 transmits to the service user device 40 an electronic certificate issued by a higher-level certificate authority that proves whether or not the electronic signature has been issued by a valid environment management station. Therefore, the user can surely verify that the electronic signature is issued by a legitimate environmental management station.

  In the first embodiment, since the environment management station terminal 20 generates an electronic signature for each device based on information related to the environment of the device, device identification information that differs for each device using the electronic signature. Can be generated efficiently.

  In the first embodiment, the service user device 40 decrypts the electronic signature using the public key corresponding to the private key used when the electronic signature is generated, and is obtained by decrypting the electronic signature. The environment management station terminal 20 searches for information related to the device corresponding to the electronic signature using the information related to the hash value included in the information output request as a search key. Therefore, if the electronic signature is forged, the information related to the device corresponding to the electronic signature cannot be retrieved, so that the user can easily and efficiently determine whether the electronic signature is valid. Can be confirmed.

  In the first embodiment, the case where the device vendor transmits the environment information of the device to the environmental management station has been described. However, when the devices are used in combination, the vendor product (software) Depending on the combination of hardware), the device may not operate normally. Therefore, the combination verification organization that verifies the compatibility of the vendor product combination verifies the compatibility between the vendor products, and sends the result to the Environmental Management Bureau. Further, it may be transmitted.

  The environmental management station can correct the evaluation value of the device based on the verification result, and can more appropriately control whether or not to provide a service to the device. Therefore, in the second embodiment, a case will be described in which the combination verification organization verifies compatibility between vendor products incorporated in devices.

  First, the concept of the compatibility verification process according to the second embodiment will be described. FIG. 20 is a diagram for explaining the concept of the compatibility verification process according to the second embodiment. In the inter-device compatibility verification process, the combination verification organization receives device environment information (environment information A and environment information B) from a plurality of device vendors (see (1) in FIG. 20), and the combination verification organization receives the vendor product. The compatibility between them is verified (see (2) in FIG. 20).

  Then, the combination verification organization transmits the environmental information of each device received from the device vendor to the environmental management station, and transmits the compatibility information as a result of verifying the compatibility to the environmental management station (see (3) in FIG. 20). ).

  Thereafter, the environmental management station manages the compatibility information received from the combination verification organization for calculating the evaluation value (see (4) in FIG. 20). Specifically, when the environmental management station registers compatibility information in a database and calculates an evaluation value of a service user device as described in the first embodiment, a vendor product that is not compatible with the service user device. If is embedded, processing such as lowering the evaluation value is performed.

  On the other hand, as described in the first embodiment, the environment management station generates electronic signatures (electronic signature A and electronic signature B) based on the environmental information of the device received from the combination verification organization, and generates the generated electronic signature. Is transmitted to the combination verification organization (see (5) in FIG. 20).

  The combination verification organization transmits the electronic signature received from the environmental management station to each device vendor (see (6) in FIG. 20). The subsequent processing is omitted in FIG. 20, but the same processing as described in FIG. 1 is performed. That is, each device vendor creates a sticker on which an electronic signature received from a combination verification organization is printed, and affixes it to the device to sell the device.

  The service user generates a hash value by decrypting the encrypted electronic signature when confirming whether the electronic signature printed on the sticker attached to the device is valid, The hash value is transmitted to the terminal of the environmental management station.

  Then, the terminal of the environmental management station that has received the hash value searches whether there is device information (for example, the product name of the device) corresponding to the hash value, and when the device information is retrieved. Transmits information on the device to the terminal of the service user. As a result, the service user can confirm that the electronic signature is a valid electronic signature, and confirm that the device information sent and the device that he / she intends to use match. By doing so, it can be confirmed that the electronic signature is not issued for another device.

  In addition, since the service user can easily confirm whether or not the device can receive the service and can give the user a sense of security, the device vendor can promote the sale of the device. Moreover, if the environment management bureau receives a fee for issuing an electronic signature from the equipment vendor, the environment management bureau can also provide a profit. Furthermore, if the combination verification organization receives a price for verifying the compatibility from the equipment vendor, the combination verification organization can also provide benefits.

  Next, the configuration of the service control system according to the second embodiment will be described. FIG. 21 is a diagram illustrating the configuration of the service control system according to the second embodiment. In addition, the same code | symbol shall be attached | subjected about the component similar to Example 1. FIG.

  The service control system according to the second embodiment includes a plurality of device vendor terminals 10, a combination verification organization terminal 60, an environment management station terminal 70, a service provider terminal (not shown), and a service user device (not shown). Are connected so that the network operator terminal 50 can communicate with each other via the network.

  Here, the service provider terminal, the service user device, and the network operator terminal 50 are the same as the service provider terminal 30 and the service user device 40 described in FIG. Omitted.

  The device vendor terminal 10 is a computer owned by a device vendor similar to the device vendor terminal 10 described in FIG. 3, and includes a signature DB 15a as shown in FIG. 4 and an environment information DB 15b as shown in FIG. .

  The combination verification organization terminal 60 is a computer that the combination verification organization has, and includes a compatibility information DB 65a as shown in FIG. Here, the compatibility information DB 65a is storage means for storing information related to compatibility between vendor products. Specifically, as shown in FIG. 22, a combination ID for uniquely identifying a combination of vendor products, and compatibility Are stored in association with information on combinations of vendor products that are found to be bad.

  The environment management station terminal 70 is a server computer possessed by the environment management station, and includes a secret key / public key data 75a, a device information DB 75b, an evaluation DB 75c, and an evaluation value correction amount DB 75d, as shown in FIG. This environment management station terminal 70 is different from the environment management station terminal 20 shown in FIG. 3 in that it includes an evaluation value correction amount DB 75d.

  Here, the secret key / public key data 75a, device information DB 75b, and evaluation DB 75c are the same as the secret key / public key data 25a, device information DB 25b, and evaluation DB 25c of the environment management station terminal 20 described in FIG. .

  The evaluation value correction amount DB 75d stores information related to the correction amount when the vendor information that is incompatible with each other is included in the environment information received from the service user device and the evaluation value of the service user device is corrected to be low. Specifically, as shown in FIG. 23, a combination ID for uniquely identifying a combination of vendor products, a combination of vendor products with a poor compatibility, and information on correction amounts of evaluation values are stored in association with each other. To do.

  Here, “combination ID” and “bender product combination” are registered in the evaluation value correction amount DB 75d every time compatibility information is received from the device vendor, and “evaluation value correction amount” is evaluated by the service provider or the like. Registered upon notification of value correction amount information.

  Next, the functional configuration of the combination verification authority terminal 60 will be described. FIG. 24 is a diagram illustrating a functional configuration of the combination verification authority terminal 60. As shown in FIG. 24, the combination verification authority terminal 60 includes an input unit 61, an output unit 62, an input / output control IF unit 63, a communication control IF unit 64, a storage unit 65, and a control unit 66.

  The input unit 61 is input means for inputting various information such as a keyboard, a mouse, and a microphone. The output unit 62 is an output unit that outputs various types of information such as a monitor (or display, touch panel), speaker, and printer.

  The input / output control IF unit 63 is means for controlling input / output of data by the input unit 61 and the output unit 62, and the communication control IF unit 64 is mainly connected to the device vendor terminal 10 and the environment management station terminal 70. It is a means for controlling communication.

  The storage unit 65 is a storage unit (storage unit) that stores data and programs necessary for various processes by the control unit 66, and is a storage unit that stores the compatibility information DB 65a (see FIG. 22).

  The control unit 66 has an internal memory for storing programs defining various processing procedures and control data, and is a control means for executing various processes by using these. The information transmission / reception unit 66a and compatibility information management It has a portion 66b.

  The information transmission / reception unit 66a receives the environment information from the device vendor terminal 10, transmits the received environment information together with the compatibility information of the device to the environment management station terminal 70, and receives an electronic signature from the environment management station terminal 70. The processing unit transmits the received electronic signature to each device vendor terminal 10.

  The compatibility information management unit 66b is a processing unit that manages compatibility information between devices. Specifically, the compatibility information management unit 66b acquires the compatibility information that is a result of verifying the compatibility between the devices that have received the environment information from the device vendor terminal 10, and stores the compatibility information in the compatibility information DB 65a. The compatibility information may be acquired by receiving the input of environment information by the input unit 61, or may be acquired from another device via the network via the communication control IF unit 64.

  Next, a functional configuration of the environment management station terminal 70 will be described. FIG. 25 is a diagram illustrating a functional configuration of the environment management station terminal 70. As shown in FIG. 25, the environment management station terminal 70 includes an input unit 71, an output unit 72, an input / output control IF unit 73, a communication control IF unit 74, a storage unit 75, and a control unit 76.

  The input unit 71 is input means for inputting various information such as a keyboard, a mouse, and a microphone. The output unit 72 is an output unit that outputs various types of information such as a monitor (or display, touch panel), speaker, and printer.

  The input / output control IF unit 73 is means for controlling input / output of data by the input unit 71 and the output unit 72, and the communication control IF unit 74 is a combination verification engine terminal 60, a service provider terminal, a service user device, and the like. It is a means to control communication between.

  The storage unit 75 is a storage unit (storage unit) that stores data and programs necessary for various processes performed by the control unit 76, and includes secret key / public key data 75a, device information DB 75b, evaluation DB 75c, and evaluation value correction amount DB 75d. Prepare.

  Here, the secret key / public key data 75a, device information DB 75b, and evaluation DB 75c are the same as the secret key / public key data 25a, device information DB 25b, and evaluation DB 25c of the environment management station terminal 20 described in FIG. .

  The evaluation value correction amount DB 75d is a storage unit that stores information related to a correction amount when a vendor product that is incompatible with each other is incorporated in the service user device and the evaluation value of the service user device is corrected to be low (FIG. 23).

  The control unit 66 has an internal memory for storing programs and control data defining various processing procedures, and is a control means for executing various processes using these, and includes a key management unit 76a and a device information search unit 76b. A signature generation unit 76c and an evaluation value calculation unit 76d.

  The key management unit 76a, device information search unit 76b, and signature generation unit 76c are the same as the key management unit 26a, device information search unit 26b, and signature generation unit 26c of the environment management station terminal 20 shown in FIG.

  The evaluation value calculation unit 76d is a processing unit that evaluates the environment related to the service user device and calculates an evaluation value. Specifically, as described in the first embodiment, when an evaluation request including hashed environment information and a service request ID is received from a service provider terminal, an evaluation value corresponding to the hashed environment information included in the request Is read from the evaluation DB 75c.

  Further, the evaluation value calculation unit 76d checks whether or not the combination of vendor products incorporated in the service user device corresponds to a combination of vendor products with poor compatibility stored in the evaluation value correction amount DB 75d.

  If the combination of vendor products corresponds to a combination of vendor products with incompatible compatibility, the evaluation value read from the evaluation DB 75c is corrected using the correction amount stored in the evaluation value correction amount DB 75d to calculate the evaluation value. To do. Thereafter, the evaluation value calculated by the evaluation value calculation unit 76d is transmitted to the service provider terminal, and the service provided to the service user device is controlled as described in the first embodiment.

  As described above, in the second embodiment, the combination verification authority terminal 60 receives information related to the environment of a plurality of devices from the device vendor terminal 10 and generates the information based on the received information related to the environment of the plurality of devices. The compatibility information related to the environment combination is transmitted together with the information related to the environment of each device, and the service provider terminal provides the device with the compatibility information related to the environment combination transmitted by the combination verification authority terminal 60. The service is controlled, and the environment management station terminal 70 generates the electronic signature for each device based on the information related to the device environment. Therefore, when there is a combination of devices having poor compatibility, the device is considered. You can control the services you provide.

  Incidentally, the various processes described in the above embodiments can be realized by executing a program prepared in advance by a computer. Therefore, in the following, an example of a computer that executes a program that realizes the various processes will be described with reference to FIG.

  26 shows the equipment vendor terminal 10, the environment management station terminal 20, the service provider terminal 30, the service user equipment 40, the combination verification authority terminal 60 shown in FIG. 21, or the environment management station terminal 70 shown in FIG. It is a figure which shows the hardware constitutions of the computer which comprises each apparatus, such as.

  The computer includes an input device 100 that receives input of data from a user, a monitor 101, a RAM (Random Access Memory) 102, a ROM (Read Only Memory) 103, and a medium reading device 104 that reads a program from a recording medium on which various programs are recorded. A network interface 105 that exchanges data with other computers via a network, a CPU (Central Processing Unit) 106, and an HDD (Hard Disk Drive) 107 are connected by a bus 108.

  The HDD 107 stores various programs 107b that exhibit the same functions as the functions of each device described above. The CPU 106 reads out various programs 107b from the HDD 107 and executes them, thereby starting various processes 106a that realize the functions of the functional units of the above-described devices.

  Also, the HDD 107 stores various data 107a corresponding to the data stored in the storage means (storage means) of each device described above. The CPU 106 stores various data 107 a in the HDD 107, reads the various data 107 a from the HDD 107, stores it in the RAM 102, and executes data processing based on the various data 102 a stored in the RAM 102.

  By the way, the various programs 107b are not necessarily stored in the HDD 107 from the beginning. For example, a “portable physical medium” such as a flexible disk (FD), a CD-ROM, a DVD disk, a magneto-optical disk, or an IC card inserted into a computer, or a hard disk drive (HDD) provided inside or outside the computer. The various programs 107b are stored in the “fixed physical medium”, and “another computer (or server)” connected to the computer via a public line, the Internet, a LAN, a WAN, etc. However, the various programs 107b may be read from these and executed.

  Although the embodiments of the present invention have been described so far, the present invention may be implemented in various different embodiments in addition to the above-described embodiments within the scope of the technical idea described in the claims. It ’s good.

  In addition, among the processes described in this embodiment, all or part of the processes described as being performed automatically can be performed manually, or the processes described as being performed manually can be performed. All or a part can be automatically performed by a known method.

  In addition, the processing procedure, control procedure, specific name, and information including various data and parameters shown in the above-described document and drawings can be arbitrarily changed unless otherwise specified.

  Each component of each illustrated device is functionally conceptual and does not necessarily need to be physically configured as illustrated. In other words, the specific form of distribution / integration of each device is not limited to that shown in the figure, and all or a part thereof may be functionally or physically distributed or arbitrarily distributed in arbitrary units according to various loads or usage conditions. Can be integrated and configured.

  Further, all or any part of each processing function performed in each device may be realized by a CPU and a program analyzed and executed by the CPU, or may be realized as hardware by wired logic.

  As described above, the device information transmission program, the service control program, the device information transmission device, the service control device, and the device information transmission method according to the present invention ensure the safety of the service, and the device receives the service information from the service provider. This is useful for a device information transmission system that requires a user to easily and efficiently confirm whether or not the provision can be received.

DESCRIPTION OF SYMBOLS 10 Equipment vendor terminal 20, 70 Environmental management station terminal 30 Service provider terminal 40 Service user equipment 50 Network provider terminal 60 Combination verification organization terminal 11, 21, 31, 41, 51, 61, 71 Input unit 12, 22, 32, 42, 52, 62, 72 Output unit 13, 23, 33, 43, 53, 63, 73 Input / output control IF unit 14, 24, 34, 44, 54, 64, 74 Communication control IF unit 15, 25, 35, 45, 55, 65, 75 Storage unit 16, 26, 36, 46, 56, 66, 76 Control unit 15a Signature DB (database)
15b Environmental information DB
25a Private key / public key data 25b Device information DB
25c Evaluation DB
35a Environmental information acquisition command DB
35b Service request table 35c Service DB
35d Service Policy DB
35e User DB
45a Environmental information table 65a Compatibility information DB
75d Evaluation value correction amount DB
16a Environment information management unit 16b Signature management unit 26a, 76a Key management unit 26b, 76b Device information search unit 26c, 76c Signature generation unit 26d, 76d Evaluation value calculation unit 36a Service request reception unit 36b Evaluation request unit 36c Service control unit 36d History Processing unit 46a Signature verification unit 46b Environmental information collection unit 46c Environmental information transmission unit 66a Information transmission / reception unit 66b Compatibility information management unit

Claims (6)

A device information transmission method executed by a computer that can communicate with a network operator terminal that relays communication performed between a user device operated by a user and a service provider terminal that provides a service to the user device. There,
The computer is
When receiving information about the environment of the user device from the user device via a network operator terminal, information about the environment of the user device, information for evaluating the safety of the user device, Information for evaluating the safety of the user device stored in association with the received information on the environment of the user device from an evaluation database that stores information for evaluating the performance of the user device , Acquiring information for evaluating the performance of the user device, and according to the acquired information, evaluating the environment of the user device indicated by the received information,
Evaluation value correction amount database that stores information indicating a combination of devices that are not compatible, information for correcting the safety evaluation of the user device, and information for correcting the performance evaluation of the user device in association with each other. If the received information regarding the environment of the user device includes information indicating an incompatible device combination, the combination of the incompatible device included in the information regarding the environment of the user device is indicated. The information for correcting the safety evaluation of the user device stored in association with the information and the information for correcting the performance evaluation of the user device are acquired, and according to the acquired information , the user device Correct the environmental assessment,
The apparatus information transmitting method, wherein the corrected evaluation is transmitted to the service provider terminal via the network operator terminal.   2. The device information transmission according to claim 1, wherein the information on the environment of the user device is information on the environment of the device read by a TPM (Trusted Platform Module) mounted on the user device. Method. A device information transmitting apparatus capable of communicating with a network operator terminal that relays communication performed between a user device operated by a user and a service provider terminal that provides a service to the user device,
When receiving information about the environment of the user device from the user device via a network operator terminal, information about the environment of the user device, information for evaluating the safety of the user device, Information for evaluating the safety of the user device stored in association with the received information on the environment of the user device from an evaluation database that stores information for evaluating the performance of the user device Obtaining information for evaluating the performance of the user device, and according to the acquired information, an evaluation unit for evaluating the environment of the user device indicated by the received information;
Evaluation value correction amount database that stores information indicating a combination of devices that are not compatible, information for correcting the safety evaluation of the user device, and information for correcting the performance evaluation of the user device in association with each other. If the received information regarding the environment of the user device includes information indicating an incompatible device combination, the combination of the incompatible device included in the information regarding the environment of the user device is indicated. It gets information for correcting the evaluation of the safety of the user equipment stored in association with the information, and information for correcting the evaluation of the performance of the user device, use by the evaluation unit in accordance with the acquired information A correction unit that corrects the evaluation of the environment of the user equipment;
A device information transmitting apparatus comprising: a transmitting unit that transmits the evaluation corrected by the correcting unit to the service provider terminal via the network provider terminal.   4. The device information transmission according to claim 3, wherein the information on the environment of the user device is information on the environment of the device read by a TPM (Trusted Platform Module) mounted on the user device. apparatus. A device information transmission program executed by a computer that can communicate with a network operator terminal that relays communication performed between a user device operated by a user and a service provider terminal that provides a service to the user device. There,
When receiving information about the environment of the user device from the user device via a network operator terminal, information about the environment of the user device, information for evaluating the safety of the user device, Information for evaluating the safety of the user device stored in association with the received information on the environment of the user device from an evaluation database that stores information for evaluating the performance of the user device , Acquiring information for evaluating the performance of the user device, and according to the acquired information, evaluating the environment of the user device indicated by the received information,
Evaluation value correction amount database that stores information indicating a combination of devices that are not compatible, information for correcting the safety evaluation of the user device, and information for correcting the performance evaluation of the user device in association with each other. If the received information regarding the environment of the user device includes information indicating an incompatible device combination, the combination of the incompatible device included in the information regarding the environment of the user device is indicated. The information for correcting the safety evaluation of the user device stored in association with the information and the information for correcting the performance evaluation of the user device are acquired, and according to the acquired information , the user device Correct the environmental assessment,
A device information transmission program causing a computer to execute a process of transmitting the corrected evaluation to the service provider terminal via the network provider terminal.   6. The device information transmission according to claim 5, wherein the information about the environment of the user device is information about the environment of the device read by a TPM (Trusted Platform Module) mounted on the user device. program.

Images