[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2022269862A1 - Customer extraction system, information management system, analysis request device, customer extraction method, and program - Google Patents

Customer extraction system, information management system, analysis request device, customer extraction method, and program Download PDF

Info

Publication number
WO2022269862A1
WO2022269862A1 PCT/JP2021/023956 JP2021023956W WO2022269862A1 WO 2022269862 A1 WO2022269862 A1 WO 2022269862A1 JP 2021023956 W JP2021023956 W JP 2021023956W WO 2022269862 A1 WO2022269862 A1 WO 2022269862A1
Authority
WO
WIPO (PCT)
Prior art keywords
encrypted
information
customer
extraction rule
attribute information
Prior art date
Application number
PCT/JP2021/023956
Other languages
French (fr)
Japanese (ja)
Inventor
賢治 太田
修 瀧野
敏行 森山
慧 高橋
Original Assignee
日本電信電話株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電信電話株式会社 filed Critical 日本電信電話株式会社
Priority to PCT/JP2021/023956 priority Critical patent/WO2022269862A1/en
Publication of WO2022269862A1 publication Critical patent/WO2022269862A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services

Definitions

  • the present invention relates to a customer extraction system, an information management system, an analysis request device, a customer extraction method, and a program for extracting customers based on customer information.
  • Non-Patent Literature 1 describes a service that distributes products, services, and advertisements tailored to individuals by using personal attribute information (personal information) collected by personal information holding organizations such as information banks. ing.
  • the customer may be not only an individual but also a company, so an organization holding customer attribute information will be referred to as an information holding organization.
  • Non-Patent Document 2 As a technique for processing information while keeping information confidential, a secure computation technique disclosed in Non-Patent Document 2 is known.
  • An object of the present invention is to provide a technique for extracting customers while keeping the rules for extracting customers confidential.
  • the customer extraction system of the present invention comprises an information management system and an analysis request device.
  • the information management system includes an information management recording section, an attribute information encryption section, encrypted attribute information recording means, encrypted extraction rule recording means, extraction rule execution means, and a process execution section.
  • the information management recording unit records plaintext attribute information, which is plaintext information of predetermined attributes for customers.
  • the attribute information encryption unit outputs encrypted attribute information obtained by encrypting the plaintext attribute information.
  • the encrypted attribute information recording means records encrypted attribute information.
  • the encrypted extraction rule recording means records an encrypted extraction rule, which is an encrypted rule for extracting customers.
  • the extraction rule executing means executes the encrypted extraction rule on the encrypted attribute information.
  • the processing execution unit executes processing related to the customers extracted by the extraction rule execution means.
  • the analysis requesting device includes an analysis recording section, an extraction rule encryption section, and an extraction rule requesting section.
  • the analysis recording unit records rules for extracting customers.
  • the extraction rule encryption unit encrypts a rule for extracting customers and generates an encrypted extraction rule.
  • the extraction rule requesting unit requests the information management system to apply the encryption extraction rule.
  • secure computing technology is applied to the recording and execution of rules for extracting customers, so customers can be extracted while keeping the rules confidential.
  • FIG. 2 is a diagram showing an example of the functional configuration of the customer extraction system according to the first embodiment
  • FIG. FIG. 4 is a diagram showing an example of predetermined attribute information
  • the figure which shows the processing flow after attribute information is provided.
  • FIG. 4 is a diagram showing a processing flow for recording a customer extraction rule in an information management system and a processing flow for executing the customer extraction rule
  • FIG. 8 is a diagram showing a processing flow for recording attribute information including additional information according to the first embodiment
  • FIG. 10 is a diagram showing a functional configuration example of a customer extraction system of modification 1
  • FIG. 11 is a diagram showing a processing flow for recording attribute information including additional information according to Modification 1;
  • FIG. 1 shows a functional configuration example of the customer extraction system of the first embodiment.
  • the customer extraction system 10 includes an information management system 50 and an analysis requesting device 300 .
  • the information management system 50 is composed of an information management device 100 and a secure computing system 200 .
  • the secure computing system 200 is composed of N secure computing devices 200 1 , . . . , 200 N .
  • M information providing devices 400 1 is primarily assumed to be a mobile terminal owned by an individual, but may be a database owned by a company.
  • FIG. 2 shows an example of predetermined attribute information.
  • attribute information personal name, gender, age, address, telephone number, email address, and annual income are recorded in plain text (unencrypted) in the information management recording unit 190 of the information management device 100.
  • FIG. 3 shows an example of rules for extracting customers.
  • the analysis recording unit 390 records rules for extracting customers as shown in FIG. There is no need to limit the number of rules to one, and a plurality of rules may be recorded.
  • the information management system 50 is composed of an information management device 100 and a secure computing system 200 .
  • the secure computing system 200 is composed of N secure computing devices 200 1 , . . . , 200 N .
  • the information management apparatus 100 includes an information management recording section 190 , an attribute information encryption section 110 and a process execution section 120 .
  • the information management device 100 may also include an additional information requesting unit 130 .
  • the secure computing device 200n includes an extraction rule execution unit 210n and a recording unit 290n .
  • the extraction rule execution units 210 1 , . . . , 210 N constitute an extraction rule execution means 210 .
  • the recording unit 290n records the n -th share of the encrypted attribute information and the n-th share of the encrypted extraction rule.
  • Encrypted attribute information recording means 291 is a portion that records the share of the encrypted attribute information of the recording units 290 1 , . . . , 290 N .
  • Encrypted extraction rule recording means 292 is the part that records shares of the encrypted extraction rules of the recording units 290 1 , . . . , 290 N .
  • the analysis requesting device 300 includes an extraction rule encryption unit 310 , an extraction rule requesting unit 320 and an analysis recording unit 390 .
  • the analysis requesting device 300 may also include an additional information requesting section 330 .
  • the analysis recording unit 390 records rules for extracting customers. For example, the rule shown in FIG. 3 is recorded.
  • the extraction rule encryption unit 310 encrypts rules for extracting customers and generates encrypted extraction rules.
  • the extraction rule requesting unit 320 requests the information management system to apply the encryption extraction rule.
  • the additional information requesting unit 330 requests the information management system 50 to add additional information, which is attribute information that is lacking in order to apply the encryption extraction rule.
  • the information providing device 400m includes an attribute information providing section 410m , an input/output section 430m , and a recording section 490m . Information on various attributes held by individuals is recorded in the recording unit 490m .
  • FIG. 4 is a diagram showing a processing flow after attribute information is provided.
  • FIG. 5 is a diagram showing a processing flow for recording a customer extraction rule in the information management system and a processing flow for executing the customer extraction rule.
  • FIG. 6 is a diagram illustrating a processing flow for recording attribute information including additional information according to the first embodiment.
  • the attribute information providing unit 410m sends plaintext attribute information, which is plaintext information of predetermined attributes for the customer, to the information management device 100 ( S411m ).
  • the information management device 100 records the plaintext attribute information in the information management recording unit 190 (S191).
  • the types of predetermined attributes are personal name, gender, age, address, telephone number, e-mail address, and annual income in the example of FIG.
  • the attribute information encryption unit 110 outputs encrypted attribute information (N shares of the plaintext attribute information) obtained by encrypting the plaintext attribute information, and transmits the encrypted attribute information (nth share) to the secure computing device 200 n .
  • Send (S110).
  • the recording unit 290n of the secure computing device 200n records the encrypted attribute information (the n -th share of the plaintext attribute information) ( S291n ). Summarizing steps S291 1 , . . . , S291 N , the encrypted attribute information recording means 291 records the encrypted attribute information (S291).
  • the analysis recording unit 390 records rules for extracting customers in advance. Then, the extraction rule encryption unit 310 encrypts the rule for extracting the customer, generates the encrypted extraction rule (N shares of the extraction rule), and sends the encrypted extraction rule ( n second share) is transmitted (S310).
  • the recording unit 290n of the secure computing device 200n records the encrypted extraction rule (the n -th share of the extraction rule) ( S292n ). Summarizing steps S292 1 , . . . , S292 N , the encryption extraction rule recording means 292 records the encryption extraction rule (S292).
  • the extraction rule requesting unit 320 requests the information management system 50 to apply the encryption extraction rule (S320).
  • the extraction rule executing means 210 of the secure calculation system 200 of the information management system 50 executes the requested customer extraction rule using secure calculation (S250), and the information management device 100 acquires the extraction result (S342).
  • the analysis using secure calculation may be executed by cooperative processing of the extraction rule execution units 210 1 , . . . , 210 N .
  • the processing execution unit 120 executes processing related to the customers extracted by the extraction rule execution means 210 (S120). "Customer-related processing" may be transmission of predetermined information to the customer (such as transmission of an advertisement), or transmission of customer information to the analysis requesting device 300 (in other words, a business operator that intends to provide products, services, etc.). may be sent.
  • the analysis requesting device 300 also includes the additional information requesting unit 330 and the information management device 100 also includes the additional information requesting unit 130 will be described. If the attribute information recorded by the information management recording unit 190 alone is insufficient for applying a rule for extracting customers, the additional information requesting unit 330 requests additional attribute information. Information is requested from the information management system 50 (S330). Based on the request from the analysis requesting device 300, the additional information requesting unit 130 of the information management system 50 requests additional information from the information providing devices 400 1 , . ).
  • the attribute information providing unit 410m of the information providing device 400m adds all or part of already provided attribute information.
  • the plaintext attribute information associated with the information is transmitted to the information management device 100 (S412 m ).
  • the information management device 100 records the plaintext attribute information combined with the already held attribute information in the information management recording unit 190 (S192).
  • the attribute information encryption unit 110 outputs encrypted attribute information (N shares of the plaintext attribute information) obtained by encrypting the plaintext attribute information, and transmits the encrypted attribute information (nth share) to the secure computing device 200 n .
  • Send (S110).
  • the recording unit 290n of the secure computing device 200n records the encrypted attribute information (the n -th share of the plaintext attribute information) ( S291n ). Summarizing steps S291 1 , . . . , S291 N , the encrypted attribute information recording means 291 records the encrypted attribute information (S291).
  • the secure computing technology is applied to the recording and execution of rules for extracting customers, so customers can be extracted while keeping the rules confidential.
  • step S330 of the first embodiment the analysis requesting device 300 transmits to the information management system 50 in plain text what information is required as additional attributes.
  • the information holding organization determines which analysis requesting device 300 (which business operator) adds the additional attribute information. I know what caused it.
  • the information holding organization does not easily know which company has added the additional attribute information.
  • FIG. 7 shows a functional configuration example of the customer extraction system of Modification 1.
  • FIG. 8 shows a processing flow for recording attribute information including additional information in Modification 1.
  • secure computing system 201 comprises additional attribute request means 230 .
  • the additional attribute request means 230 is composed of additional attribute request units 230 1 , . . . , 230 N of the secure computing devices 201 1 , .
  • the analysis requesting device 301 includes an encrypted additional information requesting section 335 instead of the additional information requesting section 330 .
  • the information providing device 401m also includes an additional attribute decoding unit 420m . Other configurations are the same as those of the first embodiment.
  • the processing flow after the attribute information is provided is the same as in FIG. 4, and the processing flow for recording the customer extraction rule in the information management system and the processing flow for executing the customer extraction rule are the same as in FIG. is.
  • the encrypted additional information requesting unit 335 of the analysis requesting device 301 determines the type of additional attribute. is encrypted to generate encrypted additional attributes indicating the types of additional attributes (N shares indicating the types of additional attributes), and the information management system 51 is requested to obtain information on the additional attributes (S335).
  • the secure computing system 201 of the information management system 51 receives the request, and the additional attribute requesting means 230 provides information on the additional attribute based on the request from the analysis requesting device 301.
  • a request is made to the devices 401 1 , . . . , 401 M (S230).
  • the secure computing device 201 n receives one of N shares (n-th share) indicating the type of additional attribute, and the additional attribute requesting unit 230 n responds to the request from the analysis requesting device 301. Based on this, information on additional attributes is requested from the information providing devices 401 1 to 401 M (S230 n ).
  • the information providing device 401 m receives K or more shares among the shares indicating the types of additional attributes, and the additional attribute decoding unit 420 m decodes the types of additional information (S420 m ).
  • the attribute information providing unit 410m of the information providing device 400m adds all or part of already provided attribute information.
  • the plaintext attribute information associated with the information is transmitted to the information management device 100 (S412 m ).
  • the information management device 100 records the plaintext attribute information combined with the already held attribute information in the information management recording unit 190 (S192).
  • the attribute information encryption unit 110 outputs encrypted attribute information (N shares of the plaintext attribute information) obtained by encrypting the plaintext attribute information, and transmits the encrypted attribute information (nth share) to the secure computing device 200 n .
  • Send (S110).
  • the recording unit 290n of the secure computing device 200n records the encrypted attribute information (the n -th share of the plaintext attribute information) ( S291n ). Summarizing steps S291 1 , . . . , S291 N , the encrypted attribute information recording means 291 records the encrypted attribute information (S291).
  • a program that describes this process can be recorded on a computer-readable recording medium.
  • Any computer-readable recording medium may be used, for example, a magnetic recording device, an optical disk, a magneto-optical recording medium, a semiconductor memory, or the like.
  • this program is carried out, for example, by selling, assigning, lending, etc. portable recording media such as DVDs and CD-ROMs on which the program is recorded.
  • the program may be distributed by storing the program in the storage device of the server computer and transferring the program from the server computer to other computers via the network.
  • a computer that executes such a program for example, first stores the program recorded on a portable recording medium or the program transferred from the server computer once in its own storage device. Then, when executing the process, this computer reads the program stored in its own recording medium and executes the process according to the read program. Also, as another execution form of this program, the computer may read the program directly from a portable recording medium and execute processing according to the program, and the program is transferred from the server computer to this computer. Each time, the processing according to the received program may be executed sequentially. In addition, the above-mentioned processing is executed by a so-called ASP (Application Service Provider) type service, which does not transfer the program from the server computer to this computer, and realizes the processing function only by its execution instruction and result acquisition. may be It should be noted that the program in this embodiment includes information that is used for processing by a computer and that conforms to the program (data that is not a direct instruction to the computer but has the property of prescribing the processing of the computer, etc.).
  • ASP
  • the device is configured by executing a predetermined program on a computer, but at least part of these processing contents may be implemented by hardware.
  • Information management system 100 101 Information management device 101 Information management device 110 Attribute information encryption unit 120 Processing execution unit 130 Additional information request unit 190 Information management recording unit 200, 201 Secure computing system 200 n , 201 n secret computing device 210 extraction rule execution unit 210 n extraction rule execution unit 230 additional attribute request unit 230 n additional attribute request unit 290 n recording unit 291 encrypted attribute information recording unit 292 encrypted extraction rule recording unit 300, 301 analysis Request device 310 Extraction rule encryption unit 320 Extraction rule request unit 330 Additional information request unit 335 Encrypted additional information request unit 390 Analysis recording unit 400 m , 401 m Information providing device 410 m Attribute information providing unit 420 m Additional attribute decoding unit 430 m input/output unit 490 m recording unit

Landscapes

  • Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Engineering & Computer Science (AREA)
  • Development Economics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Marketing (AREA)
  • Tourism & Hospitality (AREA)
  • Economics (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Primary Health Care (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Human Resources & Organizations (AREA)
  • Game Theory and Decision Science (AREA)
  • Storage Device Security (AREA)

Abstract

This information management system comprises an information management recording unit, an attribute information encryption unit, an encrypted attribute information recording means, an encrypted extraction rule recording means, an extraction rule execution means, and a processing execution unit. The attribute information encryption unit outputs encrypted attribute information obtained by encrypting plain text attribute information. The encrypted attribute information recording means records encrypted attribute information. The encrypted extraction rule recording means records an encrypted extraction rule obtained by encrypting a rule for extracting a customer. The extraction rule execution means executes the encrypted extraction rule for the encrypted attribute information. The processing execution unit executes processing relating to a customer extracted by the extraction rule execution means. This analysis request device comprises an analysis recording unit, an extraction rule encryption unit, and an extraction rule request unit. The extraction rule encryption unit encrypts the rule for extracting a customer and generates the encrypted extraction rule.

Description

顧客抽出システム、情報管理システム、分析依頼装置、顧客抽出方法、プログラムCustomer Extraction System, Information Management System, Analysis Request Device, Customer Extraction Method, Program
 本発明は、顧客の情報に基づいて顧客を抽出する顧客抽出システム、情報管理システム、分析依頼装置、顧客抽出方法、プログラムに関する。 The present invention relates to a customer extraction system, an information management system, an analysis request device, a customer extraction method, and a program for extracting customers based on customer information.
 顧客サービスを提供する事業者は顧客情報(個人情報、企業情報など)を保有しており、その保管システム(例えば、顧客管理データベースなど)が存在する。また、個人情報のデータ利活用を促進する目的で情報信託機能(情報銀行等)も存在する。このような個人情報を保有する組織を個人情報保有組織と呼ぶ(非特許文献1参照)。非特許文献1には、情報銀行などの個人情報保有組織が収集した個人の属性情報(個人情報)を事業者が活用して、個人に合わせた商品やサービス、広告を配信するサービスについて記載されている。以下では、顧客としては個人だけでなく企業の場合もあり得るので、顧客の属性情報を保有する組織を情報保有組織と呼ぶことにする。また、事業者は、顧客情報を基に商品ごとに購入顧客の傾向情報を、自らのノウハウとして保有している。この購入顧客の傾向情報は、購入顧客を抽出するためのルール(以降、顧客抽出ルールと呼ぶ)になる。なお、情報を秘匿化しながら情報処理する技術として、非特許文献2に示された秘密計算技術などが知られている。  Businesses that provide customer services possess customer information (personal information, corporate information, etc.), and have a storage system (for example, a customer management database, etc.). There is also an information trust function (information bank, etc.) for the purpose of promoting data utilization of personal information. An organization that holds such personal information is called a personal information holding organization (see Non-Patent Document 1). Non-Patent Literature 1 describes a service that distributes products, services, and advertisements tailored to individuals by using personal attribute information (personal information) collected by personal information holding organizations such as information banks. ing. In the following, the customer may be not only an individual but also a company, so an organization holding customer attribute information will be referred to as an information holding organization. In addition, the business owns, as its own know-how, purchase customer tendency information for each product based on the customer information. This purchasing customer tendency information becomes a rule for extracting purchasing customers (hereinafter referred to as a customer extraction rule). As a technique for processing information while keeping information confidential, a secure computation technique disclosed in Non-Patent Document 2 is known.
 しかしながら、顧客抽出ルールは事業者のノウハウであるにもかかわらず、情報保有組織が保有する顧客の属性情報に適用するためには顧客抽出ルールを情報保有組織に開示する必要があった。本発明は、顧客を抽出するためのルールを秘匿化しながら顧客を抽出するための技術を提供することを目的とする。 However, even though the customer extraction rules are the know-how of the business, it was necessary to disclose the customer extraction rules to the information holding organizations in order to apply them to the customer attribute information held by the information holding organizations. SUMMARY OF THE INVENTION An object of the present invention is to provide a technique for extracting customers while keeping the rules for extracting customers confidential.
 本発明の顧客抽出システムは、情報管理システムと分析依頼装置を備える。情報管理システムは、情報管理記録部、属性情報暗号化部、暗号化属性情報記録手段、暗号化抽出ルール記録手段、抽出ルール実行手段、処理実行部を備える。情報管理記録部は、顧客に対するあらかじめ定めた属性の平文の情報である平文属性情報を記録する。属性情報暗号化部は、平文属性情報を暗号化した暗号化属性情報を出力する。暗号化属性情報記録手段は、暗号化属性情報を記録する。暗号化抽出ルール記録手段は、顧客を抽出するためのルールを暗号化した暗号化抽出ルールを記録する。抽出ルール実行手段は、暗号化属性情報に対して前記暗号化抽出ルールを実行する。処理実行部は、抽出ルール実行手段によって抽出された顧客に関する処理を実行する。分析依頼装置は、分析記録部、抽出ルール暗号化部、抽出ルール依頼部を備える。分析記録部は、顧客を抽出するためのルールを記録する。抽出ルール暗号化部は、顧客を抽出するためのルールを暗号化し、暗号化抽出ルールを生成する。抽出ルール依頼部は、情報管理システムに、暗号化抽出ルールの適用を依頼する。 The customer extraction system of the present invention comprises an information management system and an analysis request device. The information management system includes an information management recording section, an attribute information encryption section, encrypted attribute information recording means, encrypted extraction rule recording means, extraction rule execution means, and a process execution section. The information management recording unit records plaintext attribute information, which is plaintext information of predetermined attributes for customers. The attribute information encryption unit outputs encrypted attribute information obtained by encrypting the plaintext attribute information. The encrypted attribute information recording means records encrypted attribute information. The encrypted extraction rule recording means records an encrypted extraction rule, which is an encrypted rule for extracting customers. The extraction rule executing means executes the encrypted extraction rule on the encrypted attribute information. The processing execution unit executes processing related to the customers extracted by the extraction rule execution means. The analysis requesting device includes an analysis recording section, an extraction rule encryption section, and an extraction rule requesting section. The analysis recording unit records rules for extracting customers. The extraction rule encryption unit encrypts a rule for extracting customers and generates an encrypted extraction rule. The extraction rule requesting unit requests the information management system to apply the encryption extraction rule.
 本発明の顧客抽出システム、情報管理システムによれば、秘密計算技術を、顧客を抽出するためのルールの記録と実行に適用するので、ルールを秘匿化しながら顧客を抽出できる。 According to the customer extraction system and information management system of the present invention, secure computing technology is applied to the recording and execution of rules for extracting customers, so customers can be extracted while keeping the rules confidential.
実施例1の顧客抽出システムの機能構成例を示す図。FIG. 2 is a diagram showing an example of the functional configuration of the customer extraction system according to the first embodiment; FIG. あらかじめ定めた属性の情報の例を示す図。FIG. 4 is a diagram showing an example of predetermined attribute information; 顧客を抽出するためのルールの例を示す図。The figure which shows the example of the rule for extracting a customer. 属性情報が提供された後の処理フローを示す図。The figure which shows the processing flow after attribute information is provided. 顧客を抽出するルールを情報管理システムに記録する処理フローと顧客を抽出するルールを実行する処理フローを示す図。FIG. 4 is a diagram showing a processing flow for recording a customer extraction rule in an information management system and a processing flow for executing the customer extraction rule; 実施例1の追加情報を含めた属性情報を記録する処理フローを示す図。FIG. 8 is a diagram showing a processing flow for recording attribute information including additional information according to the first embodiment; 変形例1の顧客抽出システムの機能構成例を示す図。FIG. 10 is a diagram showing a functional configuration example of a customer extraction system of modification 1; 変形例1の追加情報を含めた属性情報を記録する処理フローを示す図。FIG. 11 is a diagram showing a processing flow for recording attribute information including additional information according to Modification 1; コンピュータの機能構成例を示す図。The figure which shows the functional structural example of a computer.
 以下、本発明の実施の形態について、詳細に説明する。なお、同じ機能を有する構成部には同じ番号を付し、重複説明を省略する。 Hereinafter, embodiments of the present invention will be described in detail. Components having the same function are given the same number, and redundant description is omitted.
 以下の説明では、Nはあらかじめ定めた3以上の整数、nは1以上N以下の整数、Kはあらかじめ定めた2以上N以下の整数、Mは1以上の整数、mは1以上M以下の整数とする。図1に実施例1の顧客抽出システムの機能構成例を示す。顧客抽出システム10は、情報管理システム50と分析依頼装置300を備える。情報管理システム50は、情報管理装置100と秘密計算システム200で構成される。また、秘密計算システム200は、N個の秘密計算装置200,…,200で構成される。情報管理装置100、秘密計算装置200,…,200、分析依頼装置300は、ネットワーク900を介して接続されている。同様に、情報を保有し、提供するM個の情報提供装置400,…,400もネットワーク900を介して接続される。本発明では、情報提供装置400は、第1には個人が保有する携帯端末などを想定しているが、企業が保有するデータベースでも構わない。 In the following description, N is a predetermined integer of 3 or more, n is an integer of 1 or more and N or less, K is a predetermined integer of 2 or more and N or less, M is an integer of 1 or more, and m is 1 or more of M or less. be an integer. FIG. 1 shows a functional configuration example of the customer extraction system of the first embodiment. The customer extraction system 10 includes an information management system 50 and an analysis requesting device 300 . The information management system 50 is composed of an information management device 100 and a secure computing system 200 . The secure computing system 200 is composed of N secure computing devices 200 1 , . . . , 200 N . The information management device 100, the secure computing devices 200 1 , . Similarly, M information providing devices 400 1 , . In the present invention, the information providing device 400m is primarily assumed to be a mobile terminal owned by an individual, but may be a database owned by a company.
 非特許文献2などに示されている秘密計算技術では、データは「シェア」と呼ばれるN個の断片に分割され、K個以上のシェアを取得するとデータを復元できるが、K個未満のシェアからではデータは復元できない(秘密は漏れない)という特徴を有する。したがって、秘匿化した状態を保ちたい情報をN個のシェアに分割し、それぞれの秘密計算装置200に1つずつのシェアを分散すれば、情報を秘匿化できる。なお、例えば、N=3、K=2とすればよいし、それ以外の値でもよい。 In the secure computing technology shown in Non-Patent Document 2, etc., data is divided into N pieces called "shares". , the data cannot be restored (the secret is not leaked). Therefore, by dividing the information to be kept anonymized into N shares and distributing one share to each of the secure computing devices 200 n , the information can be anonymized. For example, N=3 and K=2, or other values may be used.
 図2に、あらかじめ定めた属性の情報の例を示す。例えば、属性の情報として、個人名、性別、年齢、住所、電話番号、メールアドレス、年収が、平文の状態(暗号化していない状態)で情報管理装置100の情報管理記録部190に記録される。図3は顧客を抽出するためのルールの例である。図3は、
 商品Aの購入顧客抽出ルール
=年齢が40才以上 AND 性別は男性 AND 住所が東京都内
の場合のルールを表形式で示している。分析記録部390は、図3に示したような顧客を抽出するためのルールを記録する。ルールは1つに限る必要はなく、複数のルールを記録しておけばよい。
FIG. 2 shows an example of predetermined attribute information. For example, as attribute information, personal name, gender, age, address, telephone number, email address, and annual income are recorded in plain text (unencrypted) in the information management recording unit 190 of the information management device 100. . FIG. 3 shows an example of rules for extracting customers. Figure 3 shows
Purchase customer extraction rules for product A = Age 40 or older AND Gender is male AND Address is in Tokyo. The analysis recording unit 390 records rules for extracting customers as shown in FIG. There is no need to limit the number of rules to one, and a plurality of rules may be recorded.
 図1に示したように、情報管理システム50は、情報管理装置100と秘密計算システム200で構成される。秘密計算システム200は、N個の秘密計算装置200,…,200で構成される。情報管理装置100は、情報管理記録部190、属性情報暗号化部110、処理実行部120を備える。情報管理装置100は、追加情報要求部130も備えてもよい。秘密計算装置200は、抽出ルール実行部210、記録部290を備える。抽出ルール実行部210,…,210で抽出ルール実行手段210を構成する。記録部290は、暗号化属性情報のn番目のシェア、暗号化抽出ルールのn番目のシェアを記録する。記録部290,…,290の暗号化属性情報のシェアを記録している部分が、暗号化属性情報記録手段291である。記録部290,…,290の暗号化抽出ルールのシェアを記録している部分が、暗号化抽出ルール記録手段292である。 As shown in FIG. 1, the information management system 50 is composed of an information management device 100 and a secure computing system 200 . The secure computing system 200 is composed of N secure computing devices 200 1 , . . . , 200 N . The information management apparatus 100 includes an information management recording section 190 , an attribute information encryption section 110 and a process execution section 120 . The information management device 100 may also include an additional information requesting unit 130 . The secure computing device 200n includes an extraction rule execution unit 210n and a recording unit 290n . The extraction rule execution units 210 1 , . . . , 210 N constitute an extraction rule execution means 210 . The recording unit 290n records the n -th share of the encrypted attribute information and the n-th share of the encrypted extraction rule. Encrypted attribute information recording means 291 is a portion that records the share of the encrypted attribute information of the recording units 290 1 , . . . , 290 N . Encrypted extraction rule recording means 292 is the part that records shares of the encrypted extraction rules of the recording units 290 1 , . . . , 290 N .
 分析依頼装置300は、抽出ルール暗号化部310、抽出ルール依頼部320、分析記録部390を備える。また、分析依頼装置300は、追加情報依頼部330も備えてもよい。分析記録部390は、顧客を抽出するためのルールを記録する。例えば、図3に示したルールを記録する。抽出ルール暗号化部310は、顧客を抽出するためのルールを暗号化し、暗号化抽出ルールを生成する。抽出ルール依頼部320は、情報管理システムに、暗号化抽出ルールの適用を依頼する。追加情報依頼部330は、暗号化抽出ルールを適用するために不足する属性の情報である追加情報の追加を情報管理システム50に依頼する。情報提供装置400は、属性情報提供部410、入出力部430、記録部490を備える。個人が保有する様々な属性の情報などは、記録部490に記録されている。 The analysis requesting device 300 includes an extraction rule encryption unit 310 , an extraction rule requesting unit 320 and an analysis recording unit 390 . The analysis requesting device 300 may also include an additional information requesting section 330 . The analysis recording unit 390 records rules for extracting customers. For example, the rule shown in FIG. 3 is recorded. The extraction rule encryption unit 310 encrypts rules for extracting customers and generates encrypted extraction rules. The extraction rule requesting unit 320 requests the information management system to apply the encryption extraction rule. The additional information requesting unit 330 requests the information management system 50 to add additional information, which is attribute information that is lacking in order to apply the encryption extraction rule. The information providing device 400m includes an attribute information providing section 410m , an input/output section 430m , and a recording section 490m . Information on various attributes held by individuals is recorded in the recording unit 490m .
 図4は、属性情報が提供された後の処理フローを示す図である。図5は、顧客を抽出するルールを情報管理システムに記録する処理フローと顧客を抽出するルールを実行する処理フローを示す図である。図6は、実施例1の追加情報を含めた属性情報を記録する処理フローを示す図である。属性情報提供部410は、顧客に対するあらかじめ定めた属性の平文の情報である平文属性情報を、情報管理装置100に送る(S411)。情報管理装置100は、情報管理記録部190に、平文属性情報を記録する(S191)。あらかじめ定めた属性の種類は、図2の例では、個人名、性別、年齢、住所、電話番号、メールアドレス、年収である。 FIG. 4 is a diagram showing a processing flow after attribute information is provided. FIG. 5 is a diagram showing a processing flow for recording a customer extraction rule in the information management system and a processing flow for executing the customer extraction rule. FIG. 6 is a diagram illustrating a processing flow for recording attribute information including additional information according to the first embodiment. The attribute information providing unit 410m sends plaintext attribute information, which is plaintext information of predetermined attributes for the customer, to the information management device 100 ( S411m ). The information management device 100 records the plaintext attribute information in the information management recording unit 190 (S191). The types of predetermined attributes are personal name, gender, age, address, telephone number, e-mail address, and annual income in the example of FIG.
 属性情報暗号化部110は、平文属性情報を暗号化した暗号化属性情報(平文属性情報のN個のシェア)を出力し、秘密計算装置200に暗号化属性情報(n番目のシェア)を送信する(S110)。秘密計算装置200の記録部290は暗号化属性情報(平文属性情報のn番目のシェア)を記録する(S291)。ステップS291,…,S291をまとめると、暗号化属性情報記録手段291が、暗号化属性情報を記録する(S291)。 The attribute information encryption unit 110 outputs encrypted attribute information (N shares of the plaintext attribute information) obtained by encrypting the plaintext attribute information, and transmits the encrypted attribute information (nth share) to the secure computing device 200 n . Send (S110). The recording unit 290n of the secure computing device 200n records the encrypted attribute information (the n -th share of the plaintext attribute information) ( S291n ). Summarizing steps S291 1 , . . . , S291 N , the encrypted attribute information recording means 291 records the encrypted attribute information (S291).
 分析記録部390は、あらかじめ顧客を抽出するためのルールを記録している。そして、抽出ルール暗号化部310は、顧客を抽出するためのルールを暗号化し、暗号化抽出ルール(抽出ルールのN個のシェア)を生成し、秘密計算装置200に暗号化抽出ルール(n番目のシェア)を送信する(S310)。秘密計算装置200の記録部290は暗号化抽出ルール(抽出ルールのn番目のシェア)を記録する(S292)。ステップS292,…,S292をまとめると、暗号化抽出ルール記録手段292が、暗号化抽出ルールを記録する(S292)。 The analysis recording unit 390 records rules for extracting customers in advance. Then, the extraction rule encryption unit 310 encrypts the rule for extracting the customer, generates the encrypted extraction rule (N shares of the extraction rule), and sends the encrypted extraction rule ( n second share) is transmitted (S310). The recording unit 290n of the secure computing device 200n records the encrypted extraction rule (the n -th share of the extraction rule) ( S292n ). Summarizing steps S292 1 , . . . , S292 N , the encryption extraction rule recording means 292 records the encryption extraction rule (S292).
 抽出ルール依頼部320は、情報管理システム50に、暗号化抽出ルールの適用を依頼する(S320)。情報管理システム50の秘密計算システム200の抽出ルール実行手段210は、依頼された顧客抽出ルールを、秘密計算を用いて実行し(S250)、情報管理装置100が抽出結果を取得する(S342)。秘密計算を用いた分析は、抽出ルール実行部210,…,210が協調した処理により実行すればよい。処理実行部120は、抽出ルール実行手段210によって抽出された顧客に関する処理を実行する(S120)。「顧客に関する処理」は、当該顧客に対するあらかじめ定めた情報の発信(広告の送信など)でもよいし、分析依頼装置300(言い換えると商品,サービスなどを提供しようとしている事業者)への顧客の情報の発信でもよい。 The extraction rule requesting unit 320 requests the information management system 50 to apply the encryption extraction rule (S320). The extraction rule executing means 210 of the secure calculation system 200 of the information management system 50 executes the requested customer extraction rule using secure calculation (S250), and the information management device 100 acquires the extraction result (S342). The analysis using secure calculation may be executed by cooperative processing of the extraction rule execution units 210 1 , . . . , 210 N . The processing execution unit 120 executes processing related to the customers extracted by the extraction rule execution means 210 (S120). "Customer-related processing" may be transmission of predetermined information to the customer (such as transmission of an advertisement), or transmission of customer information to the analysis requesting device 300 (in other words, a business operator that intends to provide products, services, etc.). may be sent.
 次に、分析依頼装置300が追加情報依頼部330も備え、情報管理装置100が追加情報要求部130も備える場合について説明する。追加情報依頼部330は、情報管理記録部190が記録する属性情報だけでは顧客を抽出するルールを適用いるために不足する属性の情報がある場合は、追加で必要となる属性の情報である追加情報を情報管理システム50に依頼する(S330)。情報管理システム50の追加情報要求部130は、分析依頼装置300からの依頼に基づき、追加情報を、顧客抽出システム10の外部に存在する情報提供装置400,…,400に要求する(S130)。 Next, a case where the analysis requesting device 300 also includes the additional information requesting unit 330 and the information management device 100 also includes the additional information requesting unit 130 will be described. If the attribute information recorded by the information management recording unit 190 alone is insufficient for applying a rule for extracting customers, the additional information requesting unit 330 requests additional attribute information. Information is requested from the information management system 50 (S330). Based on the request from the analysis requesting device 300, the additional information requesting unit 130 of the information management system 50 requests additional information from the information providing devices 400 1 , . ).
 個人などの情報の保有者が追加属性の情報を提供することを許可する場合は、情報提供装置400の属性情報提供部410は、既に提供している属性情報の全部または一部と追加情報を関連付けた平文属性情報を情報管理装置100に送信する(S412)。情報管理装置100は、既に保有している属性情報と結合した平文属性情報を情報管理記録部190に記録する(S192)。 When the owner of information such as an individual permits the provision of additional attribute information, the attribute information providing unit 410m of the information providing device 400m adds all or part of already provided attribute information. The plaintext attribute information associated with the information is transmitted to the information management device 100 (S412 m ). The information management device 100 records the plaintext attribute information combined with the already held attribute information in the information management recording unit 190 (S192).
 その後は図4と同じである。属性情報暗号化部110は、平文属性情報を暗号化した暗号化属性情報(平文属性情報のN個のシェア)を出力し、秘密計算装置200に暗号化属性情報(n番目のシェア)を送信する(S110)。秘密計算装置200の記録部290は暗号化属性情報(平文属性情報のn番目のシェア)を記録する(S291)。ステップS291,…,S291をまとめると、暗号化属性情報記録手段291が、暗号化属性情報を記録する(S291)。 After that, the process is the same as in FIG. The attribute information encryption unit 110 outputs encrypted attribute information (N shares of the plaintext attribute information) obtained by encrypting the plaintext attribute information, and transmits the encrypted attribute information (nth share) to the secure computing device 200 n . Send (S110). The recording unit 290n of the secure computing device 200n records the encrypted attribute information (the n -th share of the plaintext attribute information) ( S291n ). Summarizing steps S291 1 , . . . , S291 N , the encrypted attribute information recording means 291 records the encrypted attribute information (S291).
 顧客抽出システム10、情報管理システム50によれば、秘密計算技術を、顧客を抽出するためのルールの記録と実行に適用するので、ルールを秘匿化しながら顧客を抽出できる。
[変形例1]
According to the customer extracting system 10 and the information management system 50, the secure computing technology is applied to the recording and execution of rules for extracting customers, so customers can be extracted while keeping the rules confidential.
[Modification 1]
 実施例1のステップS330では、追加属性としてどのような情報が必要かを分析依頼装置300は情報管理システム50に平文で送信している。つまり、分析依頼装置300が複数台存在する場合(顧客抽出を依頼する事業者が複数存在する場合)でも、情報保有組織は、どの分析依頼装置300(どの事業者)が追加属性の情報を追加させたかが分かる。変形例1では、情報保有組織が、どの事業者が追加属性の情報を追加させたか、容易には分からないようにする。図7に変形例1の顧客抽出システムの機能構成例を示す。図8に変形例1の追加情報を含めた属性情報を記録する処理フローを示す。 In step S330 of the first embodiment, the analysis requesting device 300 transmits to the information management system 50 in plain text what information is required as additional attributes. In other words, even when there are multiple analysis requesting devices 300 (when there are multiple business operators requesting customer extraction), the information holding organization determines which analysis requesting device 300 (which business operator) adds the additional attribute information. I know what caused it. In Modified Example 1, the information holding organization does not easily know which company has added the additional attribute information. FIG. 7 shows a functional configuration example of the customer extraction system of Modification 1. As shown in FIG. FIG. 8 shows a processing flow for recording attribute information including additional information in Modification 1. In FIG.
 顧客抽出システム11の情報管理システム51においては、情報管理装置101は追加情報要求部130を備えない。その代わりに、秘密計算システム201が追加属性要求手段230を備える。追加属性要求手段230は、秘密計算装置201,…,201の追加属性要求部230,…,230で構成される。分析依頼装置301は、追加情報依頼部330の代わりに、暗号化追加情報依頼部335を備える。情報提供装置401は、追加属性復号部420も備える。その他の構成は、実施例1と同じである。また、属性情報が提供された後の処理フローは図4と同じであり、顧客を抽出するルールを情報管理システムに記録する処理フローと顧客を抽出するルールを実行する処理フローは図5と同じである。 In the information management system 51 of the customer extraction system 11 , the information management device 101 does not have the additional information requesting section 130 . Instead, secure computing system 201 comprises additional attribute request means 230 . The additional attribute request means 230 is composed of additional attribute request units 230 1 , . . . , 230 N of the secure computing devices 201 1 , . The analysis requesting device 301 includes an encrypted additional information requesting section 335 instead of the additional information requesting section 330 . The information providing device 401m also includes an additional attribute decoding unit 420m . Other configurations are the same as those of the first embodiment. The processing flow after the attribute information is provided is the same as in FIG. 4, and the processing flow for recording the customer extraction rule in the information management system and the processing flow for executing the customer extraction rule are the same as in FIG. is.
 図8にしたがって変形例を説明する。情報管理記録部190が記録する属性情報だけでは顧客を抽出するルールを適用いるために不足する属性の情報がある場合は、分析依頼装置301の暗号化追加情報依頼部335は、追加属性の種類を暗号化して追加属性の種類を示す暗号化追加属性(追加属性の種類を示すN個のシェア)を生成し、追加属性の情報の取得を、情報管理システム51に依頼する(S335)。情報管理システム51の秘密計算システム201が依頼を受信し、追加属性要求手段230が、分析依頼装置301からの依頼に基づいて、追加属性の情報を当該顧客抽出システム11の外部に存在する情報提供装置401,…,401に要求する(S230)。言い換えると、秘密計算装置201は、追加属性の種類を示すN個のシェアの中の1つ(n番目のシェア)を受信し、追加属性要求部230が分析依頼装置301からの依頼に基づいて、追加属性の情報を、情報提供装置401,…,401に要求する(S230)。 A modification will be described according to FIG. If the attribute information recorded by the information management recording unit 190 alone is insufficient to apply the rule for extracting customers, the encrypted additional information requesting unit 335 of the analysis requesting device 301 determines the type of additional attribute. is encrypted to generate encrypted additional attributes indicating the types of additional attributes (N shares indicating the types of additional attributes), and the information management system 51 is requested to obtain information on the additional attributes (S335). The secure computing system 201 of the information management system 51 receives the request, and the additional attribute requesting means 230 provides information on the additional attribute based on the request from the analysis requesting device 301. A request is made to the devices 401 1 , . . . , 401 M (S230). In other words, the secure computing device 201 n receives one of N shares (n-th share) indicating the type of additional attribute, and the additional attribute requesting unit 230 n responds to the request from the analysis requesting device 301. Based on this, information on additional attributes is requested from the information providing devices 401 1 to 401 M (S230 n ).
 情報提供装置401は、追加属性の種類を示すシェアの中のK個以上のシェアを受信し、追加属性復号部420が追加情報の種類を復号する(S420)。個人などの情報の保有者が追加属性の情報を提供することを許可する場合は、情報提供装置400の属性情報提供部410は、既に提供している属性情報の全部または一部と追加情報を関連付けた平文属性情報を情報管理装置100に送信する(S412)。情報管理装置100は、既に保有している属性情報と結合した平文属性情報を情報管理記録部190に記録する(S192)。 The information providing device 401 m receives K or more shares among the shares indicating the types of additional attributes, and the additional attribute decoding unit 420 m decodes the types of additional information (S420 m ). When the owner of information such as an individual permits the provision of additional attribute information, the attribute information providing unit 410m of the information providing device 400m adds all or part of already provided attribute information. The plaintext attribute information associated with the information is transmitted to the information management device 100 (S412 m ). The information management device 100 records the plaintext attribute information combined with the already held attribute information in the information management recording unit 190 (S192).
 その後は図4と同じである。属性情報暗号化部110は、平文属性情報を暗号化した暗号化属性情報(平文属性情報のN個のシェア)を出力し、秘密計算装置200に暗号化属性情報(n番目のシェア)を送信する(S110)。秘密計算装置200の記録部290は暗号化属性情報(平文属性情報のn番目のシェア)を記録する(S291)。ステップS291,…,S291をまとめると、暗号化属性情報記録手段291が、暗号化属性情報を記録する(S291)。 After that, the process is the same as in FIG. The attribute information encryption unit 110 outputs encrypted attribute information (N shares of the plaintext attribute information) obtained by encrypting the plaintext attribute information, and transmits the encrypted attribute information (nth share) to the secure computing device 200 n . Send (S110). The recording unit 290n of the secure computing device 200n records the encrypted attribute information (the n -th share of the plaintext attribute information) ( S291n ). Summarizing steps S291 1 , . . . , S291 N , the encrypted attribute information recording means 291 records the encrypted attribute information (S291).
 顧客抽出システム11、情報管理システム51によれば、秘密計算技術を、顧客を抽出するためのルールの記録と実行に適用するので、実施例1と同様にルールを秘匿化しながら顧客を抽出できる。さらに、情報保有組織にどの事業者が追加属性の情報を求めたかが容易には分からないようにできる。 According to the customer extraction system 11 and the information management system 51, secure computing technology is applied to the recording and execution of rules for extracting customers, so customers can be extracted while keeping the rules confidential, as in the first embodiment. Furthermore, it is possible to prevent the information holding organization from easily recognizing which business operator requested the additional attribute information.
[プログラム、記録媒体]
 上述の各種の処理は、図9に示すコンピュータ2000の記録部2020に、上記方法の各ステップを実行させるプログラムを読み込ませ、制御部2010、入力部2030、出力部2040、表示部2050などに動作させることで実施できる。
[Program, recording medium]
In the above-described various processes, the recording unit 2020 of the computer 2000 shown in FIG. It can be implemented by
 この処理内容を記述したプログラムは、コンピュータで読み取り可能な記録媒体に記録しておくことができる。コンピュータで読み取り可能な記録媒体としては、例えば、磁気記録装置、光ディスク、光磁気記録媒体、半導体メモリ等どのようなものでもよい。 A program that describes this process can be recorded on a computer-readable recording medium. Any computer-readable recording medium may be used, for example, a magnetic recording device, an optical disk, a magneto-optical recording medium, a semiconductor memory, or the like.
 また、このプログラムの流通は、例えば、そのプログラムを記録したDVD、CD-ROM等の可搬型記録媒体を販売、譲渡、貸与等することによって行う。さらに、このプログラムをサーバコンピュータの記憶装置に格納しておき、ネットワークを介して、サーバコンピュータから他のコンピュータにそのプログラムを転送することにより、このプログラムを流通させる構成としてもよい。 In addition, the distribution of this program is carried out, for example, by selling, assigning, lending, etc. portable recording media such as DVDs and CD-ROMs on which the program is recorded. Further, the program may be distributed by storing the program in the storage device of the server computer and transferring the program from the server computer to other computers via the network.
 このようなプログラムを実行するコンピュータは、例えば、まず、可搬型記録媒体に記録されたプログラムもしくはサーバコンピュータから転送されたプログラムを、一旦、自己の記憶装置に格納する。そして、処理の実行時、このコンピュータは、自己の記録媒体に格納されたプログラムを読み取り、読み取ったプログラムに従った処理を実行する。また、このプログラムの別の実行形態として、コンピュータが可搬型記録媒体から直接プログラムを読み取り、そのプログラムに従った処理を実行することとしてもよく、さらに、このコンピュータにサーバコンピュータからプログラムが転送されるたびに、逐次、受け取ったプログラムに従った処理を実行することとしてもよい。また、サーバコンピュータから、このコンピュータへのプログラムの転送は行わず、その実行指示と結果取得のみによって処理機能を実現する、いわゆるASP(Application Service Provider)型のサービスによって、上述の処理を実行する構成としてもよい。なお、本形態におけるプログラムには、電子計算機による処理の用に供する情報であってプログラムに準ずるもの(コンピュータに対する直接の指令ではないがコンピュータの処理を規定する性質を有するデータ等)を含むものとする。 A computer that executes such a program, for example, first stores the program recorded on a portable recording medium or the program transferred from the server computer once in its own storage device. Then, when executing the process, this computer reads the program stored in its own recording medium and executes the process according to the read program. Also, as another execution form of this program, the computer may read the program directly from a portable recording medium and execute processing according to the program, and the program is transferred from the server computer to this computer. Each time, the processing according to the received program may be executed sequentially. In addition, the above-mentioned processing is executed by a so-called ASP (Application Service Provider) type service, which does not transfer the program from the server computer to this computer, and realizes the processing function only by its execution instruction and result acquisition. may be It should be noted that the program in this embodiment includes information that is used for processing by a computer and that conforms to the program (data that is not a direct instruction to the computer but has the property of prescribing the processing of the computer, etc.).
 また、この形態では、コンピュータ上で所定のプログラムを実行させることにより、本装置を構成することとしたが、これらの処理内容の少なくとも一部をハードウェア的に実現することとしてもよい。 In addition, in this embodiment, the device is configured by executing a predetermined program on a computer, but at least part of these processing contents may be implemented by hardware.
10,11 顧客抽出システム     50,51 情報管理システム
100,101 情報管理装置     101 情報管理装置
110 属性情報暗号化部       120 処理実行部
130 追加情報要求部        190 情報管理記録部
200,201 秘密計算システム   200,201 秘密計算装置
210 抽出ルール実行手段      210 抽出ルール実行部
230 追加属性要求手段       230 追加属性要求部
290 記録部           291 暗号化属性情報記録手段
292 暗号化抽出ルール記録手段
300,301 分析依頼装置     310 抽出ルール暗号化部
320 抽出ルール依頼部       330 追加情報依頼部
335 暗号化追加情報依頼部      390 分析記録部
400,401 情報提供装置    410 属性情報提供部
420 追加属性復号部        430 入出力部
490 記録部
 
 
10, 11 Customer extraction system 50, 51 Information management system 100, 101 Information management device 101 Information management device 110 Attribute information encryption unit 120 Processing execution unit 130 Additional information request unit 190 Information management recording unit 200, 201 Secure computing system 200 n , 201 n secret computing device 210 extraction rule execution unit 210 n extraction rule execution unit 230 additional attribute request unit 230 n additional attribute request unit 290 n recording unit 291 encrypted attribute information recording unit 292 encrypted extraction rule recording unit 300, 301 analysis Request device 310 Extraction rule encryption unit 320 Extraction rule request unit 330 Additional information request unit 335 Encrypted additional information request unit 390 Analysis recording unit 400 m , 401 m Information providing device 410 m Attribute information providing unit 420 m Additional attribute decoding unit 430 m input/output unit 490 m recording unit

Claims (8)

  1.  情報管理システムと分析依頼装置を備える顧客抽出システムであって、
     前記情報管理システムは、
     顧客に対するあらかじめ定めた属性の平文の情報である平文属性情報を記録する情報管理記録部と、
     前記平文属性情報を暗号化した暗号化属性情報を出力する属性情報暗号化部と、
     前記暗号化属性情報を記録する暗号化属性情報記録手段と、
     顧客を抽出するためのルールを暗号化した暗号化抽出ルールを記録する暗号化抽出ルール記録手段と、
     前記暗号化属性情報に対して前記暗号化抽出ルールを実行する抽出ルール実行手段と、
     前記抽出ルール実行手段によって抽出された顧客に関する処理を実行する処理実行部と
     を備え、
     前記分析依頼装置は、
     顧客を抽出するためのルールを記録した分析記録部と、
     顧客を抽出するためのルールを暗号化し、暗号化抽出ルールを生成する抽出ルール暗号化部と、
     前記情報管理システムに、前記暗号化抽出ルールの適用を依頼する抽出ルール依頼部と
     を備える
     ことを特徴とする顧客抽出システム。
    A customer extraction system comprising an information management system and an analysis requesting device,
    The information management system is
    an information management and recording unit for recording plaintext attribute information, which is plaintext information of a predetermined attribute for a customer;
    an attribute information encryption unit that outputs encrypted attribute information obtained by encrypting the plaintext attribute information;
    encrypted attribute information recording means for recording the encrypted attribute information;
    Encrypted extraction rule recording means for recording an encrypted extraction rule, which is an encrypted rule for extracting a customer;
    extraction rule execution means for executing the encrypted extraction rule on the encrypted attribute information;
    a processing execution unit that executes processing related to customers extracted by the extraction rule execution means;
    The analysis requesting device
    an analysis recording unit that records rules for extracting customers;
    an extraction rule encryption unit for encrypting rules for extracting customers and generating encrypted extraction rules;
    A customer extraction system, comprising: an extraction rule requesting unit that requests application of the encrypted extraction rule to the information management system.
  2.  請求項1記載の顧客抽出システムであって、
     前記処理実行部が行う前記の抽出された顧客に関する処理は、当該顧客に対するあらかじめ定めた情報の発信、または、前記分析依頼装置への顧客の情報の発信である
     ことを特徴とする顧客抽出システム。
    The customer extraction system according to claim 1,
    A customer extracting system, wherein the process related to the extracted customer performed by the process execution unit is transmission of predetermined information to the customer or transmission of customer information to the analysis requesting device.
  3.  請求項1または2記載の顧客抽出システムであって、
     前記分析依頼装置は、
     前記暗号化抽出ルールを適用するために不足する属性の情報である追加情報の追加を前記情報管理システムに依頼する追加情報依頼部も備え、
     前記情報管理システムは、
     前記分析依頼装置からの依頼に基づき、前記追加情報を、当該顧客抽出システムの外部に要求する追加情報要求部を備える
     ことを特徴とする顧客抽出システム。
    The customer extraction system according to claim 1 or 2,
    The analysis requesting device
    an additional information requesting unit for requesting the information management system to add additional information, which is attribute information lacking in order to apply the encrypted extraction rule;
    The information management system is
    A customer extraction system, comprising: an additional information requesting unit that requests the additional information from outside the customer extraction system based on a request from the analysis requesting device.
  4.  請求項1または2記載の顧客抽出システムであって、
     前記分析依頼装置は、
     前記暗号化抽出ルールを適用するために不足する属性の種類を暗号化し、前記情報管理システムに送信する暗号化追加情報依頼部も備え、
     前記情報管理システムは、
     前記分析依頼装置から受信した暗号化された属性の種類を当該顧客抽出システムの外部に送信し、情報の追加を要求する追加属性要求手段を備える
     ことを特徴とする顧客抽出システム。
    The customer extraction system according to claim 1 or 2,
    The analysis requesting device
    An encrypted additional information request unit that encrypts the types of attributes that are lacking in order to apply the encrypted extraction rule and transmits the information to the information management system;
    The information management system is
    A customer extracting system, comprising additional attribute requesting means for transmitting the encrypted attribute type received from the analysis requesting device to the outside of the customer extracting system and requesting addition of information.
  5.  顧客に対するあらかじめ定めた属性の平文の情報である平文属性情報を記録する情報管理記録部と、
     前記平文属性情報を暗号化した暗号化属性情報を出力する属性情報暗号化部と、
     前記暗号化属性情報を記録する暗号化属性情報記録手段と、
     顧客を抽出するためのルールを暗号化した暗号化抽出ルールを記録する暗号化抽出ルール記録手段と、
     前記暗号化属性情報に対して前記暗号化抽出ルールを適用する抽出ルール実行手段と、
     前記抽出ルール実行手段によって抽出された顧客に関する処理を実行する処理実行部と
     を備える情報管理システム。
    an information management and recording unit for recording plaintext attribute information, which is plaintext information of a predetermined attribute for a customer;
    an attribute information encryption unit that outputs encrypted attribute information obtained by encrypting the plaintext attribute information;
    encrypted attribute information recording means for recording the encrypted attribute information;
    Encrypted extraction rule recording means for recording an encrypted extraction rule, which is an encrypted rule for extracting a customer;
    extraction rule execution means for applying the encrypted extraction rule to the encrypted attribute information;
    an information management system comprising: a processing execution unit that executes processing related to customers extracted by the extraction rule execution means.
  6.  顧客を抽出するためのルールを記録した分析記録部と、
     顧客を抽出するためのルールを暗号化し、暗号化抽出ルールを生成する抽出ルール暗号化部と、
     前記情報管理システムに、前記暗号化抽出ルールの適用を依頼する抽出ルール依頼部と
     を備える分析依頼装置。
    an analysis recording unit that records rules for extracting customers;
    an extraction rule encryption unit for encrypting rules for extracting customers and generating encrypted extraction rules;
    and an extraction rule requesting unit that requests the information management system to apply the encrypted extraction rule.
  7.  情報管理システムと分析依頼装置とを用いた顧客抽出方法であって、
     前記情報管理システムは、あらかじめ定めた属性の平文の情報である平文属性情報を記録しておき、
     前記分析依頼装置は、あらかじめ顧客を抽出するためのルールを記録しておき、
     前記情報管理システムが、前記平文属性情報を暗号化した暗号化属性情報を出力して記録し、
     前記分析依頼装置が、顧客を抽出するためのルールを暗号化し、暗号化抽出ルールを生成し、
     前記情報管理システムが、暗号化抽出ルールを記録し、
     前記分析依頼装置が、前記情報管理システムに、前記暗号化抽出ルールの適用を依頼し、
     前記情報管理システムが、前記暗号化属性情報に対して前記暗号化抽出ルールを実行して顧客を抽出し、
     前記情報管理システムが、抽出された顧客に関する処理を実行する
     顧客抽出方法。
    A customer extraction method using an information management system and an analysis requesting device,
    The information management system records plaintext attribute information, which is plaintext information of a predetermined attribute,
    The analysis requesting device records rules for extracting customers in advance,
    The information management system outputs and records encrypted attribute information obtained by encrypting the plaintext attribute information,
    the analysis requesting device encrypts a rule for extracting a customer and generates an encrypted extraction rule;
    the information management system records encrypted extraction rules;
    The analysis requesting device requests the information management system to apply the encrypted extraction rule,
    the information management system extracting customers by executing the encrypted extraction rule on the encrypted attribute information;
    A customer extraction method, wherein the information management system executes a process related to the extracted customer.
  8.  請求項1または2記載の前記情報管理システムを構成する情報管理装置、秘密計算装置、もしくは分析依頼装置のいずれかの装置としてコンピュータを機能させるためのプログラム。 A program for causing a computer to function as one of an information management device, a secure computing device, or an analysis request device that constitutes the information management system according to claim 1 or 2.
PCT/JP2021/023956 2021-06-24 2021-06-24 Customer extraction system, information management system, analysis request device, customer extraction method, and program WO2022269862A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2021/023956 WO2022269862A1 (en) 2021-06-24 2021-06-24 Customer extraction system, information management system, analysis request device, customer extraction method, and program

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2021/023956 WO2022269862A1 (en) 2021-06-24 2021-06-24 Customer extraction system, information management system, analysis request device, customer extraction method, and program

Publications (1)

Publication Number Publication Date
WO2022269862A1 true WO2022269862A1 (en) 2022-12-29

Family

ID=84544262

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2021/023956 WO2022269862A1 (en) 2021-06-24 2021-06-24 Customer extraction system, information management system, analysis request device, customer extraction method, and program

Country Status (1)

Country Link
WO (1) WO2022269862A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006350139A (en) * 2005-06-17 2006-12-28 Fuji Xerox Co Ltd Information providing device, information acquiring device, concealing system, information providing method, information acquiring method, information providing program, and information acquiring program
WO2015063905A1 (en) * 2013-10-31 2015-05-07 株式会社日立製作所 Data analysis system
JP2021039143A (en) * 2019-08-30 2021-03-11 株式会社日立製作所 Confidential information processing system and confidential information processing method
WO2021075337A1 (en) * 2019-10-17 2021-04-22 ソニー株式会社 Information processing device, information processing method, and information processing program

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006350139A (en) * 2005-06-17 2006-12-28 Fuji Xerox Co Ltd Information providing device, information acquiring device, concealing system, information providing method, information acquiring method, information providing program, and information acquiring program
WO2015063905A1 (en) * 2013-10-31 2015-05-07 株式会社日立製作所 Data analysis system
JP2021039143A (en) * 2019-08-30 2021-03-11 株式会社日立製作所 Confidential information processing system and confidential information processing method
WO2021075337A1 (en) * 2019-10-17 2021-04-22 ソニー株式会社 Information processing device, information processing method, and information processing program

Similar Documents

Publication Publication Date Title
CN112567366A (en) System and method for securing an electronic trading platform
WO2019190839A1 (en) Distributed key management and encryption for blockchains
Mubarakali et al. Design a secure and efficient health record transaction utilizing block chain (SEHRTB) algorithm for health record transaction in block chain
EP4068130A1 (en) Data sharing system, data sharing method, and data sharing program
EP3393081B1 (en) Selective data security within data storage layers
US20210049299A1 (en) System and methods for providing data analytics for secure cloud compute data
US10979410B1 (en) Systems and methods for utilizing cryptology with virtual ledgers in support of transactions and agreements
US11449352B2 (en) Systems and methods for converting record formats
JP2001265771A (en) Device and method for managing personal information and recording medium recording program for executing the device or method
JP2022526696A (en) Privacy data uplink methods, devices and storage media
US20210334408A1 (en) Private Computation of Multi-Touch Attribution
US20230131640A1 (en) A data migration framework
US20210149862A1 (en) One-way hashing methodology for database records
WO2022269862A1 (en) Customer extraction system, information management system, analysis request device, customer extraction method, and program
US11087027B2 (en) Privacy-safe attribution data hub
US12137166B2 (en) Cryptographic systems and methods for providing services to authenticated users
WO2022269861A1 (en) Information collection system, information management system, information collection method, and program
Kumar et al. Design of retrievable data perturbation approach and TPA for public cloud data security
JP7500771B2 (en) Service provision system
CN116975125A (en) Data statistics method, device, system, storage medium and program product
JP2019153060A (en) System, method and apparatus for information management
US11201857B2 (en) Domain transcendent file cryptology network
Aslam et al. A framework for privacy-aware and secure decentralized data storage
Nguyen-Vu et al. Privacy enhancement using selective encryption scheme in data outsourcing
US20230102111A1 (en) Securing customer sensitive information on private cloud platforms

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21947147

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21947147

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP