阅读说明：本技术 用于处理属性信息的装置及方法 (Apparatus and method for processing attribute information ) 是由 堀井基史 于 2020-03-30 设计创作，主要内容包括：用于处理属性信息的装置及方法。信息处理装置在其中多个代理分别管理对应实体的属性信息的通信系统中提供与第一实体相对应的第一代理的功能。信息处理装置包括：处理器；以及存储器,其被配置为存储指示第一实体的属性的属性信息。当信息处理装置从与第二实体相对应的第二代理接收到属性请求时,处理器判定属性信息是否包括与第三实体有关的信息。当属性信息包括与第三实体有关的信息时,处理器基于第三实体的关于与第三实体有关的信息的公开的策略来编辑属性信息。处理器向第二代理发送经编辑的属性信息。(An apparatus and method for processing attribute information. An information processing apparatus provides a function of a first agent corresponding to a first entity in a communication system in which a plurality of agents manage attribute information of corresponding entities, respectively. The information processing apparatus includes: a processor; and a memory configured to store attribute information indicating an attribute of the first entity. When the information processing apparatus receives an attribute request from a second agent corresponding to a second entity, the processor determines whether the attribute information includes information about a third entity. When the attribute information includes information related to the third entity, the processor edits the attribute information based on a policy of the third entity regarding disclosure of the information related to the third entity. The processor sends the edited attribute information to the second agent.)

1. A method for processing attribute information in a first agent corresponding to a first entity in a communication system in which a plurality of agents respectively manage corresponding entities, the method comprising the steps of:

determining, when the first agent receives an attribute request from a second agent corresponding to a second entity, whether first attribute information indicating an attribute of the first entity includes information related to a third entity;

when the first attribute information includes information related to a third entity, editing the first attribute information based on a policy of the third entity regarding disclosure of the information related to the third entity; and

and sending the edited first attribute information to the second agent.

2. The method of claim 1, wherein,

the first agent

Making an inquiry to a third agent corresponding to the third entity as to whether or not to allow the information relating to the third entity to be disclosed to the second entity, and

editing the first attribute information based on a response to the query from the third agent, and sending the edited first attribute information to the second agent.

3. The method of claim 2, wherein,

when the response to the query from the third agent does not allow disclosure of the information related to the third entity, the first agent deletes the information related to the third entity from the first attribute information and transmits the first attribute information to the second agent.

4. The method of claim 2, wherein,

the attribute request includes second attribute information indicating an attribute of the second entity and policy information indicating a disclosure range of the second attribute information, wherein,

the first agent

Editing the second attribute information based on the policy information, and

sending the edited second attribute information to the third agent upon the query.

5. An information processing apparatus that provides a function of a first agent corresponding to a first entity in a communication system in which a plurality of agents manage attribute information of corresponding entities, respectively, comprising:

a processor; and

a memory configured to store attribute information indicating an attribute of the first entity,

wherein the processor

When the information processing apparatus receives an attribute request from a second agent corresponding to a second entity, determining whether the attribute information includes information relating to a third entity,

when the attribute information includes information relating to a third entity, the attribute information is edited based on a policy of the third entity regarding disclosure of the information relating to the third entity, and

sending the edited attribute information to the second agent.

6. A communication system in which a plurality of agents respectively corresponding to a plurality of entities are connected to a network, wherein,

when a first agent corresponding to a first entity receives an attribute request from a second agent corresponding to a second entity, the first agent determines whether first attribute information indicating an attribute of the first entity includes information related to a third entity,

when the first attribute information includes information relating to a third entity, the first agent edits the first attribute information based on a policy of the third entity regarding disclosure of the information relating to the third entity, and

the first agent sends the edited first attribute information to the second agent.

7. The communication system of claim 6,

the first agent making an inquiry to a third agent corresponding to the third entity as to whether the information relating to the third entity is allowed to be disclosed to the second entity,

the third agent determines whether or not to allow the information on the third entity to be disclosed to the second entity based on a policy of the third entity, and transmits a response indicating a result of the determination to the first entity, and

the first agent edits the first attribute information based on the response, and transmits the edited first attribute information to the second agent.

8. The communication system of claim 7,

when the first attribute information received from the first agent includes the information related to the third entity, the second agent requests third attribute information indicating an attribute of the third entity from the third entity.

9. The communication system of claim 7,

when disclosing the information about the third entity to the second entity, the third entity creates a signature of the third entity based on the content of the challenge and sends the signature to the first agent, and

the first agent sends the first attribute information and the signature to the second agent.

10. The communication system of claim 6, wherein

The first agent making an inquiry to a third agent corresponding to the third entity as to whether the information relating to the third entity is allowed to be disclosed to the second entity,

the third agent determines whether to allow the information relating to the third entity to be disclosed to the second entity based on a policy of the third entity,

the third entity transmits third attribute information indicating an attribute of the third entity to the first entity when the information about the third entity is disclosed to the second entity, and

and the first agent sends the first attribute information and the third attribute information to the second agent.

11. The communication system of claim 6,

each of the agents manages attribute information indicating an attribute of a corresponding entity and policy information indicating a range in which the attribute information is disclosed, and

the policy information includes an allowable hop count indicating an allowable forwarding range of the attribute information.

Technical Field

Embodiments discussed herein relate to an apparatus and method for processing attribute information.

Background

When the reliability of an individual is judged using a computer, attribute information of a target person is referred to. The attribute information may include the name, age, resident address, phone number, email address, profession, etc. of the target person. In this case, the computer estimates the reliability of the target person and performs an action according to the estimation result. For example, when the degree of reliability of the target person is estimated to be high, the computer discloses the specified information to the target person.

As a related art, a method has been proposed in which, when there is an information disclosure request from a first user for personal information about a second user having a relationship with the first user (there are one or more persons between the first user and the second user), it is determined whether or not to permit disclosure of information to the first user with reference to an access control rule and a user relationship list (for example, japanese patent laid-open No. 2015-201073). Meanwhile, a printing apparatus that prints and outputs personal information according to a specified format is known (for example, japanese patent laid-open No. 2008-250916).

In the above estimation of the degree of reliability, the attribute information may include information of a third person. For example, a target person who receives a request for attribute information from a server computer transmits attribute information of the target person himself to the server computer. At this time, in the case where the attribute information includes information about the third person, the third person may be adversely affected. This problem is not limited to personal information, but may also arise in terms of information related to various entities (individuals, organizations, IoT devices, and services).

It is an object of the present invention to provide a method for protecting attribute information on a network.

Disclosure of Invention

According to an aspect of the embodiment, an information processing apparatus provides a function of a first agent corresponding to a first entity in a communication system in which a plurality of agents manage attribute information of corresponding entities, respectively. The information processing apparatus includes: a processor; and a memory configured to store attribute information indicating an attribute of the first entity. When the information processing apparatus receives an attribute request from a second agent corresponding to a second entity, the processor determines whether the attribute information includes information about a third entity. When the attribute information includes information related to the third entity, the processor edits the attribute information based on a policy of the third entity regarding disclosure of the information related to the third entity. The processor sends the edited attribute information to the second agent.

Drawings

Fig. 1 illustrates an example of transmitting attribute information;

fig. 2 illustrates another example of transmitting attribute information;

FIG. 3 illustrates an example of a method for processing attribute information;

FIG. 4 illustrates an example of a communication system;

fig. 5A to 5C illustrate examples of attribute information;

fig. 6A to 6C illustrate examples of policy information;

FIG. 7 illustrates an example of a request phase;

figures 8 and 9 illustrate examples of interrogation phases;

FIG. 10 illustrates an example of a response phase;

FIGS. 11 and 12 illustrate another example of an interrogation phase;

FIG. 13 illustrates another example of a response phase;

FIG. 14 illustrates an example of a display phase;

fig. 15A and 15B illustrate graphics displayed on the terminal apparatus;

fig. 16 illustrates an example of a sequence of a method for processing attribute information;

fig. 17 illustrates another example of a sequence of a method for processing attribute information;

FIG. 18 illustrates a flow chart showing an example of a processing agent;

FIGS. 19A and 19B illustrate an example of a method for limiting the scope of the disclosure;

fig. 20 illustrates an example of a method for detecting that attribute information is not allowed to be disclosed;

FIG. 21 illustrates an example of a method for attribute information disclosure; and

fig. 22 illustrates an example of a hardware configuration of an information processing apparatus.

Detailed Description

Fig. 1 illustrates an example of transmitting attribute information. In this example, a plurality of agents 1(1a to 1c) exist in the communication system. Each of the agents 1 is realized by executing a software program using a processor. The software program includes a program for processing attribute information. Therefore, each of the agents 1 can provide a function for processing attribute information by executing a program for processing an attribute program. In addition, each of the agents 1 is equipped with a function for connecting to the network 100.

Each of the agents 1 is provided to a corresponding entity. Here, the entity corresponds to a person, an organization, an IoT device, a service, and the like. In this example, the entities respectively correspond to individuals (Alice, Bob, Charlie, etc.). That is, the agents 1a, 1b, 1c perform information processing for Alice, Bob, Charlie, respectively.

The agent 1 manages attribute information and policy information of the corresponding entity. For example, the memory accessible by the agent 1a stores attribute information and policy information of Alice, and the memory accessible by the agent 1b stores attribute information and policy information of Bob. The attribute information corresponds to information indicating an attribute of the entity, and in this example, it indicates personal information of the user. Thus, the attribute information includes, for example, the user's name, age, resident address, phone number, email address, occupation, personal relationship, and the like. The policy information indicates a range in which the attribute information can be disclosed. That is, the policy information specifies the parties to whom the attribute information is allowed to be disclosed. In addition, in the case where the attribute information includes a plurality of attributes, the policy information may also specify the attributes that are allowed to be disclosed.

Here, assume that Bob requests a meeting with Alice. In this case, the agent 1b sends attribute information of Bob to the agent 1a according to the instruction from Bob. The agent 1a estimates the trustworthiness of Bob from Bob's attribute information. Then, the agent 1a performs an action according to the estimation result. For example, when it is estimated that the reliability of Bob is high, the agent 1a transmits a message indicating permission regarding the conference to the agent 1 b.

Further, in the case where the user of the terminal device corresponding to the agent 1 is "individual", the attribute information corresponds to individual information. In addition, although the user of the terminal device corresponding to the agent 1 is "individual" in this example, the present invention is not limited to this configuration. That is, the agent 1 may correspond to any entity (person, organization, IoT device, service, etc.).

Fig. 2 illustrates another example of transmitting attribute information. In this example, the attribute information of Bob transmitted from the agent 1b to the agent 1a includes information about the third party. Specifically, attribute information of Bob includes information indicating that Charlie is a colleague of Bob.

Agent 1a estimates Bob's trustworthiness based on the attribute information received from agent 1 b. At this time, the agent 1a estimates the trustworthiness of Bob in consideration that Charlie is a colleague of Bob. That is, the agent 1a can estimate the reliability of Bob in consideration of the personal relationship of Bob. Here, for example, in the case where Charlie is a trusted person of Alice, it can be estimated that Bob is also trusted.

However, in this method, Charlie's personal information will be disclosed to Alice without Charlie's permission. At least Alice is to be disclosed with the fact that Charlie belongs to the same organization as Bob. That is, in this method, protection of attribute information or personal information may not be achieved.