Information processing device, information processing method, and program
Patent Information
- Authority / Receiving Office
- JP · JP
- Patent Type
- Patents
- Current Assignee / Owner
- SPECIAL MEDICO CO LTD
- Filing Date
- 2026-02-17
- Publication Date
- 2026-06-25
AI Technical Summary
【0012】 本発明の少なくとも幾つかの実施形態によれば、第1主体と第2主体との間で合意された条件に基づき形成された論理的接続チャネルにおいて生成された成果データを、各主体のテナント環境の管理下にある記憶領域に帰属させ、かつ、この帰属処理に連動して情報処理装置(プラットフォーム)内の当該チャネルに関連付けられた記憶領域において成果データの実体を非保持状態とする制御が行われる。 これにより、プラットフォーム上に成果データの実体が蓄積され続けることを防ぎ、各主体は自らの管理下にある環境でデータを保有·管理する「データ主権」を確立できる。したがって、プラットフォーム事業者によるデータの囲い込み(ロックイン)を回避できるとともに、プラットフォーム側からの情報漏洩リスクを根本的に低減させることができる。
Smart Images

Figure 0007880188000001_ABST
Abstract
Claims
1. An information processing device capable of controlling the ownership of data in multiple tenant environments managed by multiple legal entities, A connection control unit that forms a logical connection channel accessible to the first entity and the second entity, based on conditions agreed upon between the first entity managing the first tenant environment and the second entity managing the second tenant environment, A data control unit that performs a process to assign the result data generated by the activities performed in the logical connection channel to the storage area under the management of the first tenant environment and the second tenant environment, respectively. Equipped with, The data control unit, in conjunction with the attribute process, executes control to de-store the actual result data in the storage area within the information processing device associated with the logical connection channel. Information processing device.
2. The data control unit is configured to hold only the metadata of the result data in the storage area within the information processing device associated with the logical connection channel, in conjunction with the attribution process. The information processing apparatus according to claim 1.
3. The connection control unit is configured to prohibit the formation of the logical connection channel if any one of the predetermined generation conditions, including mutual approval, purpose setting, and termination condition definition, is not met in response to connection requests from the first and second entities. The information processing apparatus according to claim 1 or 2.
4. The system further includes a domain management unit that provides users belonging to the aforementioned multiple tenant environments with multiple types of activity domains that differ in combination of information depth, scope of disclosure, and disclosure period. The aforementioned domain management unit provides a preparatory area for accumulating information or testing hypotheses as a preliminary step to the formation of the logical connection channel. In the aforementioned preparation area, communication functions with other tenants are provided, while the function for generating the aforementioned result data is restricted. The information processing apparatus according to claim 1 or 2.
5. The connection control unit is configured not to grant permission to generate the result data in the preparation area. The information processing apparatus according to claim 4.
6. The aforementioned outcome data includes, in addition to the agreed conclusion data, transfer rule information defining the destination to which the outcome data can be transferred or whether it can be reused. When the data control unit receives a request to transfer the result data, it refers to the transfer rule information and determines whether the transfer is to a tenant environment with legitimate authority. The information processing apparatus according to claim 1 or 2.
7. The system further includes a domain management unit that provides users belonging to the aforementioned multiple tenant environments with multiple types of activity domains that differ in combination of information depth, scope of disclosure, and disclosure period. The aforementioned domain management unit provides a performance disclosure domain that publishes metadata of the aforementioned performance data generated in the past, and a recruitment guidelines presentation domain that presents collaboration needs. The connection control unit is configured such that, when a connection request is made starting from the selected result data in the performance disclosure area, it inherits the attribute information contained in the result data as the objective setting for the newly generated logical connection channel, or generates and presents a connection candidate that inherits the attribute information. The information processing apparatus according to claim 1 or 2.
8. An information processing method executed by an information processing device capable of controlling the ownership of data in multiple tenant environments managed by multiple legal entities, The steps include forming a logical connection channel accessible to the first entity and the second entity, based on conditions agreed upon between the first entity managing the first tenant environment and the second entity managing the second tenant environment, The steps include assigning the result data generated by the activities performed in the logical connection channel to the storage areas under the management of the first tenant environment and the second tenant environment, respectively. In conjunction with the aforementioned attribution process, the process includes the step of making the actual result data non-retainable in the storage area within the information processing device associated with the logical connection channel, including Information processing methods.
9. A program for causing a computer to function as an information processing device capable of controlling the ownership of data across multiple tenant environments managed by multiple legal entities, To the aforementioned computer, A function to form a logical connection channel accessible to the first entity and the second entity, based on conditions agreed upon between the first entity managing the first tenant environment and the second entity managing the second tenant environment, A function that performs a process to assign the result data generated by the activities performed in the logical connection channel to the storage area under the management of the first tenant environment and the second tenant environment, respectively. A function that, in conjunction with the process of assigning the data, executes control to set the actual data of the result to a non-retaining state in the storage area of the information processing device associated with the logical connection channel, A program to achieve this.