[go: up one dir, main page]

WO2025191796A1 - Secure computation method, secure computation system, data management server, computation execution server, and program - Google Patents

Secure computation method, secure computation system, data management server, computation execution server, and program

Info

Publication number
WO2025191796A1
WO2025191796A1 PCT/JP2024/010029 JP2024010029W WO2025191796A1 WO 2025191796 A1 WO2025191796 A1 WO 2025191796A1 JP 2024010029 W JP2024010029 W JP 2024010029W WO 2025191796 A1 WO2025191796 A1 WO 2025191796A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
calculation
computation
secure
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/JP2024/010029
Other languages
French (fr)
Japanese (ja)
Inventor
寿春 岸
一凡 張
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NTT Inc
NTT Inc USA
Original Assignee
Nippon Telegraph and Telephone Corp
NTT Inc USA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegraph and Telephone Corp, NTT Inc USA filed Critical Nippon Telegraph and Telephone Corp
Priority to PCT/JP2024/010029 priority Critical patent/WO2025191796A1/en
Publication of WO2025191796A1 publication Critical patent/WO2025191796A1/en
Pending legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C1/00Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system

Definitions

  • the present invention relates to secure computation technology under secure data distribution that maintains data confidentiality.
  • the present invention aims to provide a secure computation technology that allows users to obtain computation results using their desired computation method using data provided by a data provider, while ensuring the confidentiality of that data.
  • One aspect of the present invention is a secure computation method in a secure computation system including a data management server and a computation execution server, in which data provided by a data provider is secretly computed using a computation method desired by the user while keeping the data confidential from the user.
  • the method includes a data acquisition step in which, if the data management server determines that the data can be provided, the data acquisition result includes encrypted data obtained by encrypting data that satisfies data conditions that represent conditions related to the data the user wants to use, and a computation execution step in which the computation execution server generates a first computation result including a computation result obtained by performing a secure computation corresponding to the type of computation content and type of secure computation specified in the computation conditions that represent conditions related to the secure computation that the user wants to use, on the encrypted data included in the data acquisition result.
  • users can obtain calculation results using their desired calculation method using data provided by data providers while ensuring the confidentiality of that data.
  • FIG. 1 is a block diagram showing the configuration of a secure computing system 10.
  • FIG. 2 is a block diagram showing the configuration of a terminal 100.
  • FIG. 2 is a block diagram showing the configuration of a gateway server 200.
  • FIG. 3 is a block diagram showing the configuration of a dispatch server 300.
  • FIG. 2 is a block diagram showing the configuration of a data management server 400.
  • FIG. 2 is a block diagram showing the configuration of a calculation execution server 500.
  • 1 is a sequence diagram showing the operation of the secure computing system 10.
  • FIG. 1 is a sequence diagram showing the operation of the secure computing system 10.
  • FIG. FIG. 2 is a block diagram showing the configuration of a data management server 400.
  • FIG. 2 is a block diagram showing the configuration of a calculation execution server 500.
  • 1 is a sequence diagram showing the operation of the secure computing system 10.
  • FIG. FIG. 2 is a diagram illustrating an example of the functional configuration of a computer that realizes each device according to an embodiment of the present invention.
  • the secure computation system 10 is a system that enables a data provider to perform secure computation on data provided by the data provider using a computation method desired by the user while keeping the data confidential from the user.
  • homomorphic encryption or secret sharing can be used for the secure computation.
  • Fig. 1 is a block diagram showing the configuration of the secure computation system 10.
  • Fig. 2 is a block diagram showing the configuration of the terminal 100.
  • Fig. 3 is a block diagram showing the configuration of the gateway server 200.
  • Fig. 4 is a block diagram showing the configuration of the dispatch server 300.
  • Fig. 5 is a block diagram showing the configuration of the data management server 400.
  • Fig. 6 is a block diagram showing the configuration of the computation execution server 500.
  • the secure computing system 10 includes a terminal 100, a gateway server 200, a dispatch server 300, a data management server 400, and a computation execution server 500.
  • the terminal 100, gateway server 200, dispatch server 300, data management server 400, and computation execution server 500 are each connected to a network 900.
  • the network 900 may be any network configured to enable the terminal 100, gateway server 200, dispatch server 300, data management server 400, and computation execution server 500 to communicate with each other, and may be the Internet, for example.
  • FIG. 1 is a diagram showing the logical configuration of the secure computing system 10; physically, the secure computing system 10 may include one or more terminals 100, one or more gateway servers 200, one or more dispatch servers 300, one or more data management servers 400, and one or more computation execution servers 500.
  • the terminal 100 includes a calculation request unit 110, a calculation result acquisition unit 120, a transmission/reception unit 180, and a recording unit 190.
  • the transmission/reception unit 180 is a component for transmitting and receiving information necessary for processing by the terminal 100 via the network 900.
  • the recording unit 190 is a component for appropriately recording information necessary for processing by the terminal 100.
  • the terminal 100 is a terminal used by a user who wishes to perform secure computation on data managed by the secure computation system 10.
  • the data managed by the secure computation system 10 refers to data provided by a data provider.
  • the gateway server 200 includes a management unit selection request unit 210, a computing environment selection request unit 220, a data acquisition request unit 230, a computing environment setup request unit 240, a computation completion confirmation unit 250, a transmission/reception unit 280, and a recording unit 290.
  • the transmission/reception unit 280 is a component for transmitting and receiving information necessary for processing by the gateway server 200 via the network 900.
  • the recording unit 290 is a component for appropriately recording information necessary for processing by the gateway server 200.
  • the gateway server 200 is a server that accepts requests to perform secure computation from users.
  • the dispatch server 300 includes a management unit selection unit 310, a data acquisition request unit 320, a transmission/reception unit 380, and a recording unit 390.
  • the transmission/reception unit 380 is a component for transmitting and receiving information necessary for processing by the dispatch server 300 via the network 900.
  • the recording unit 390 is a component for appropriately recording information necessary for processing by the dispatch server 300.
  • the dispatch server 300 is a server that selects the data management server 400 that manages the data that the user wishes to use.
  • the data management server 400 includes a data acquisition unit 410, a transmission/reception unit 480, and a recording unit 490.
  • the transmission/reception unit 480 is a component for transmitting and receiving information necessary for processing by the data management server 400 via the network 900.
  • the recording unit 490 is a component for appropriately recording information necessary for processing by the data management server 400.
  • the data management server 400 is a server that manages data provided by data providers.
  • the computation execution server 500 includes a computation environment selection unit 510, a computation execution unit 520, a transmission/reception unit 580, and a recording unit 590.
  • the transmission/reception unit 580 is a component for transmitting and receiving information necessary for the processing of the computation execution server 500 via the network 900.
  • the recording unit 590 is a component for appropriately recording information necessary for the processing of the computation execution server 500.
  • the computation execution server 500 is a server that executes secure computations desired by the user.
  • FIGS. 7 and 8 are sequence diagrams showing the operation of the secure computing system 10, and the two figures, Figures 7 and 8, show a series of operations in the secure computing system 10.
  • the calculation request unit 110 of the terminal 100 receives the data the user wishes to use and information related to secure calculation, generates a calculation request from that information, and the transmission/reception unit 180 of the terminal 100 transmits the calculation request to the gateway server 200.
  • the transmission/reception unit 280 of the gateway server 200 receives the calculation request.
  • the computation request includes first and second data conditions that represent conditions related to the data the user wishes to use, and computation conditions that represent conditions related to the secure computation the user wishes to use.
  • the first data condition includes, for example, information related to the type of data (text, image, audio, etc.).
  • the second data condition includes, for example, information related to the start date and size of the data. Note that the first and second data conditions are sometimes collectively referred to as data conditions.
  • the computation condition includes, for example, information related to the type of computation content (statistical processing method, machine learning method, etc.) and the type of secure computation (homomorphic encryption, secret sharing, etc.).
  • the computation request may also include management unit conditions that represent conditions regarding the management unit of data that the user wishes to use.
  • the data management unit refers to the management unit of the data management server 400, and more specifically, refers to a collection of information for identifying the data management server 400 (hereinafter referred to as the data management server identifier).
  • the data management server identifier may be any information that can uniquely identify the data management server 400 in the secure computing system 10, and may be, for example, the IP address of the data management server 400.
  • the management unit conditions include, for example, information for identifying the management unit (hereinafter referred to as the management unit identifier) and information regarding the number of management units that the user wishes to use for secure computation.
  • the management unit identifier may be any information that can uniquely identify the management unit in the secure computing system 10, and may be, for example, a combination of the IP address of the dispatch server 300 and a local number for management unit management in the dispatch server 300.
  • the computation request may include computation environment conditions that represent conditions regarding the computation environment that the user wishes to use.
  • the computation environment refers to the computation environment provided by the computation execution server 500.
  • the computation environment conditions also include, for example, information for identifying the computation environment (hereinafter referred to as a computation environment identifier) and information regarding the number of computation environments that the user wishes to use for secure computation.
  • the computation environment identifier may be any information that can uniquely identify the computation environment in the secure computation system 10, and may, for example, be a combination of the IP address of the computation execution server 500 and a local number for computing environment management on that computation execution server 500.
  • the computation request may include information about the user.
  • information about the user may be, for example, the user name or the user's digital signature.
  • the management unit selection request unit 210 of the gateway server 200 receives the calculation request received in S110 as input and generates a management unit selection request from the calculation request, and the transmission/reception unit 280 of the gateway server 200 transmits the management unit selection request to the dispatch server 300.
  • the transmission/reception unit 380 of the dispatch server 300 receives the management unit selection request.
  • the management unit selection request includes the first data condition included in the calculation request. Furthermore, if the calculation request includes a management unit condition, the management unit selection request includes the management unit condition.
  • the computing environment selection request unit 220 of the gateway server 200 receives the computing request received in S110 as input and generates a computing environment selection request from the computing request, and the transmission/reception unit 280 of the gateway server 200 transmits the computing environment selection request to the computing execution server 500.
  • the transmission/reception unit 580 of the computing execution server 500 receives the computing environment selection request.
  • the computing environment selection request includes the computing conditions included in the computing request. Furthermore, if the computing request includes computing environment conditions, the computing environment selection request also includes the computing environment conditions.
  • the management unit selection unit 310 of the dispatch server 300 receives the management unit selection request received at S210 as input, selects one or more management units based on the management unit selection request, and generates a management unit selection result including a management unit identifier corresponding to the selected management unit.
  • the transmission/reception unit 380 of the dispatch server 300 transmits the management unit selection result to the gateway server 200.
  • the transmission/reception unit 280 of the gateway server 200 receives the management unit selection result.
  • the management unit selection result also includes the data management server identifier included in the selected management unit. In other words, the management unit selection result includes one or more management unit identifiers and one or more data management server identifiers.
  • the management unit selection unit 310 uses the first data condition included in the management unit selection request to select a management unit that includes the data management server identifier of the data management server 400 that manages data of the data type specified in the first data condition. Furthermore, if the management unit selection request includes a management unit condition, and the management unit condition is information related to a management unit identifier, the management unit selection unit 310 selects the management unit corresponding to the management unit identifier, and if the management unit condition is information related to the number of management units, the management unit selection unit 310 selects that number of management units according to a predetermined criterion.
  • the predetermined criterion is, for example, descending order of the number of data management server identifiers included in the management units.
  • the computing environment selection unit 510 of the computing execution server 500 receives the computing environment selection request received in S220 as input, selects one or more computing environments based on the computing environment selection request, and generates a computing environment selection result including a computing environment identifier corresponding to the selected computing environment.
  • the transmission/reception unit 580 of the computing execution server 500 transmits the computing environment selection result to the gateway server 200.
  • the transmission/reception unit 280 of the gateway server 200 receives the computing environment selection result.
  • the computing environment selection unit 510 uses the computation conditions included in the computation environment selection request to select a computation environment that can execute the type of computation content or type of secure computation specified in the computation conditions. Furthermore, if the computation environment selection request includes computation environment conditions, and the computation environment conditions are information related to a computation environment identifier, the computing environment selection unit 510 selects the computation environment corresponding to the computation environment identifier, and if the computation environment conditions are information related to the number of computation environments, the computing environment selection unit 510 selects that number of computation environments according to a predetermined criterion.
  • the predetermined criterion is, for example, the order of the most available computing environment resources (for example, CPUs and memory allocated to the computation environments).
  • the data acquisition request unit 230 of the gateway server 200 receives as input the calculation request received at S110, the management unit selection result received at S310, and the calculation environment selection result received at S510, and generates a first data acquisition request from the calculation result, the management unit selection result, and the calculation environment selection result.
  • the transmission/reception unit 280 of the gateway server 200 transmits the first data acquisition request to the dispatch server 300.
  • the transmission/reception unit 380 of the dispatch server 300 receives the first data acquisition request.
  • the first data acquisition request includes the first data condition, second data condition, and calculation condition included in the calculation request, the management unit identifier included in the management unit selection result, and the calculation environment identifier included in the calculation environment selection result.
  • the first data acquisition request may also include information about the user included in the calculation request.
  • the computing environment setup request unit 240 of the gateway server 200 receives as input the computing request received at S110, the management unit selection result received at S310, and the computing environment selection result received at S510, and generates a computing environment setup request from the computing result, the management unit selection result, and the computing environment selection result.
  • the transmission/reception unit 280 of the gateway server 200 then transmits the computing environment setup request to the computing execution server 500.
  • the transmission/reception unit 580 of the computing execution server 500 receives the computing environment setup request.
  • the computing environment setup request includes the computing conditions included in the computing request, the data management server identifier included in the management unit selection result, and the computing environment identifier included in the computing environment selection result.
  • the data acquisition request unit 320 of the dispatch server 300 receives the first data acquisition request received at S230 as input, generates a second data acquisition request from the first data acquisition request, and the transmission/reception unit 380 of the dispatch server 300 transmits the second data acquisition request to the data management server 400.
  • the data acquisition request unit 320 identifies the data management server 400 that will transmit the second data acquisition request using the data management server identifier included in the management unit corresponding to the management unit identifier included in the first data acquisition request.
  • the transmission/reception unit 480 of the data management server 400 receives the second data acquisition request.
  • the second data acquisition request includes the first data condition, second data condition, calculation condition, and calculation environment identifier included in the first data acquisition request.
  • the second data acquisition request may also include information about the user included in the first data acquisition request.
  • the data acquisition unit 410 of the data management server 400 receives the second data acquisition request received at S320 as input and generates a data acquisition result based on the second data acquisition request.
  • the transmission/reception unit 480 of the data management server 400 then transmits the data acquisition result to the calculation execution server 500.
  • the data acquisition unit 410 determines whether to provide data based on the first data condition, second data condition, and calculation condition included in the second data acquisition request, as well as information about the user if the second data acquisition request includes such information.
  • the data acquisition unit 410 If it determines that data can be provided, the data acquisition unit 410 generates a data acquisition result that includes information indicating that data can be provided, encrypted data obtained by encrypting data that satisfies the first and second data conditions, and the calculation environment identifier included in the second data acquisition request. Otherwise, the data acquisition result includes information indicating that data cannot be provided.
  • the encrypted data is generated according to the type of secure computation specified in the calculation conditions.
  • the transmission/reception unit 580 of the calculation execution server 500 receives the data acquisition result.
  • the computation execution unit 520 places the encrypted data included in the data acquisition result in the computation environment corresponding to the computation environment identifier, performs secure computation corresponding to the type of computation content and type of secure computation specified in the computation conditions included in the computation environment setup request, and generates a first computation result including the obtained computation result; otherwise, the computation execution unit 520 generates a first computation result including information indicating that the computation cannot be performed. It is preferable that the computation execution unit 520 use the data management server identifier included in the computation environment setup request to determine whether the encrypted data required for secure computation is available.
  • the transmitter/receiver 280 of the gateway server 200 receives the first calculation result.
  • the calculation completion confirmation unit 250 of the gateway server 200 receives the first calculation result received in S520 as input and generates a second calculation result from the first calculation result, and the transmission/reception unit 280 of the gateway server 200 transmits the second calculation result to the terminal 100.
  • the transmission/reception unit 180 of the terminal 100 receives the second calculation result.
  • the second calculation result includes either the calculation result included in the first calculation result or information indicating that the calculation cannot be performed.
  • the calculation result acquisition unit 120 of the terminal 100 receives as input the second calculation result received in S250, and if the second calculation result contains a calculation result, it decrypts the calculation result to obtain the plaintext calculation result; otherwise, it generates information to indicate to the user that the secure calculation could not be performed.
  • users can obtain calculation results using their desired calculation method using data provided by data providers while ensuring the confidentiality of that data.
  • the first data condition and the second data condition corresponding to all conditions related to the data that the user wants to use are disclosed to the dispatch server 300.
  • the second data condition is not disclosed to the dispatch server 300.
  • FIG. 10 is a block diagram showing the configuration of the secure computation system 10.
  • Figure 2 is a block diagram showing the configuration of the terminal 100.
  • Figure 3 is a block diagram showing the configuration of the gateway server 200.
  • Figure 4 is a block diagram showing the configuration of the dispatch server 300.
  • Figure 9 is a block diagram showing the configuration of the data management server 400.
  • Figure 10 is a block diagram showing the configuration of the computation execution server 500.
  • the secure computation system 10 of this embodiment differs from the secure computation system 10 of the first embodiment in terms of the configurations of the data management server 400 and the computation execution server 500.
  • the data management server 400 includes a data acquisition unit 410, a data acquisition condition request unit 420, a transmission/reception unit 480, and a recording unit 490.
  • the data management server 400 of this embodiment differs from the data management server 400 of the first embodiment in that it includes the data acquisition condition request unit 420.
  • the calculation execution server 500 includes a calculation environment selection unit 510, a calculation execution unit 520, a data acquisition condition specification unit 530, a transmission/reception unit 580, and a recording unit 590.
  • the calculation execution server 500 of this embodiment differs from the calculation execution server 500 of the first embodiment in that it includes the data acquisition condition specification unit 530.
  • Fig. 7 and Fig. 11 are sequence diagrams showing the operation of the secure computing system 10, and the two diagrams of Fig. 7 and Fig. 11 show a series of operations in the secure computing system 10.
  • the processing in S110, S210, S220, S310, and S510 is the same as that described in the first embodiment.
  • the second data conditions, calculation conditions, and user-related information included in the calculation request may be encrypted using a specified method before being included in the calculation request.
  • each server that receives the encrypted conditions and information should be configured to be able to decrypt them as necessary.
  • the processing at S230 is the same as that described in the first embodiment.
  • the first data acquisition request includes the first data condition included in the calculation request, the management unit identifier included in the management unit selection result, and the calculation environment identifier included in the calculation environment selection result.
  • the processing in S240 is the same as that described in the first embodiment.
  • the computing environment setup request includes the second data conditions and computation conditions included in the computation request, the data management server identifier included in the management unit selection result, and the computation environment identifier included in the computation environment selection result.
  • the computing environment setup request may also include information about the user included in the computation request.
  • the processing at S320 is the same as that described in the first embodiment.
  • the second data acquisition request includes the first data condition and computing environment identifier included in the first data acquisition request.
  • the data acquisition condition request unit 420 of the data management server 400 receives the second data acquisition request received at S320 as input and generates a data acquisition condition request based on the second data acquisition request.
  • the transmission/reception unit 480 of the data management server 400 then transmits the data acquisition condition request to the calculation execution server 500.
  • the data acquisition condition request unit 420 determines whether the data provision conditions can be provided using the first data conditions and calculation environment identifier included in the second data acquisition request. If it determines that the data provision conditions can be provided, it generates a data acquisition condition request including the data provision conditions and information indicating that the data provision conditions can be provided; otherwise, it generates a data acquisition condition request including information indicating that the data provision conditions cannot be provided.
  • the transmission/reception unit 580 of the calculation execution server 500 receives the data acquisition condition request.
  • the data acquisition condition specification unit 530 of the calculation execution server 500 receives as input the calculation environment setup request received at S240 and the data acquisition condition request received at S420, generates a data acquisition condition specification result based on the calculation environment setup request and the data acquisition condition request, and the transmission/reception unit 580 of the calculation execution server 500 transmits the data acquisition condition specification result to the data management server 400.
  • the data acquisition condition specification unit 530 determines that the data provision conditions are met, the data acquisition condition specification unit 530 generates a data acquisition condition specification result that includes the second data condition and calculation condition included in the calculation environment setup request; otherwise, it generates a data acquisition condition specification result that includes information indicating that calculation cannot be executed.
  • the data acquisition condition specification result may also include information about the user included in the calculation environment setup request.
  • the transmission/reception unit 480 of the data management server 400 receives the data acquisition condition specification result.
  • the data acquisition unit 410 of the data management server 400 receives as input the second data acquisition request received at S320 and the data acquisition condition specification result received at S530, generates a data acquisition result based on the second data acquisition request and the data acquisition condition specification result, and the transceiver unit 480 of the data management server 400 transmits the data acquisition result to the calculation execution server 500.
  • the data acquisition unit 410 determines whether to provide data using the first data condition included in the second data acquisition request, the second data condition included in the data acquisition condition specification result, and the calculation conditions, as well as information about the user if such information is included in the data acquisition condition specification result.
  • the transmission/reception unit 580 of the calculation execution server 500 receives the data acquisition results.
  • users can obtain calculation results using their desired calculation method using data provided by data providers while ensuring the confidentiality of that data.
  • a processor includes transistors and other circuits and is considered to be circuitry or processing circuitry.
  • a processor may also be a programmed processor that executes programs stored in memory.
  • a circuit, unit, or means refers to hardware that is programmed to realize or executes the described functions.
  • the hardware may be any hardware disclosed in this specification or any hardware known to be programmed to realize or execute the described functions.
  • the hardware is a processor, which is considered to be a type of circuitry
  • the circuitry, means, or unit is the combination of the hardware and the software used to configure the hardware and/or processor.
  • the program describing this processing can be recorded on a computer-readable recording medium.
  • Examples of computer-readable recording media include magnetic recording devices, optical disks, magneto-optical recording media, and semiconductor memory.
  • this program may be distributed, for example, by selling, transferring, or lending portable recording media such as DVDs or CD-ROMs on which the program is recorded.
  • the program may be stored in a storage device on a server computer, and then transferred from the server computer to other computers via a network, thereby distributing the program.
  • a computer that executes such a program for example, first stores the program recorded on a portable recording medium or transferred from a server computer in its own storage device. Then, when executing processing, the computer reads the program stored in its storage device and executes processing in accordance with the read program.
  • the computer may read the program directly from the portable recording medium and execute processing in accordance with that program, or it may execute processing in accordance with the received program each time a program is transferred to this computer from the server computer.
  • the server computer may not transfer the program to this computer, but rather executes processing using a so-called ASP (Application Service Provider) type service, which realizes processing functions simply by issuing execution instructions and obtaining results.
  • ASP Application Service Provider
  • the computer may be configured to execute terminal processing using a so-called SaaS (Software as a Service) type service, which allows users to use part of a server computer along with the program.
  • the program includes information used for processing by an electronic computer that is equivalent to a program (such as data that is not a direct command to a computer but has properties that dictate computer processing).
  • the device is configured by executing a specific program on a computer, but at least part of the processing may also be implemented in hardware.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

Provided is a secure computation method for performing secure computation on data, which is provided to a user by a data provider, by using a computation method desired by the user while keeping the data hidden in a secure computation system that includes a data management server and a calculation execution server. The secure computation method comprises: a data acquisition step in which the data management server generates a data acquisition result including encrypted data obtained by encrypting data that satisfies a data condition representing a condition pertaining to data desired to be used by the user when determining that the data can be provided; and a computation execution step in which the computation execution server generates a first computation result including a computation result obtained by executing secure computation corresponding to the type of computation content and the type of secure computation, the types being specified by a computation condition representing a condition pertaining to secure computation desired to be used by the user for the encrypted data included in the data acquisition result.

Description

秘密計算方法、秘密計算システム、データ管理サーバ、計算実行サーバ、プログラムSecure computation method, secure computation system, data management server, computation execution server, and program

 本発明は、データの機密性を維持したセキュアなデータ流通下での秘密計算技術に関する。 The present invention relates to secure computation technology under secure data distribution that maintains data confidentiality.

 組織、業界、業種を超えてデータを活用する時代と言われ久しい。ユーザは、機密性が高い/低いにかかわらず利用できるデータをデータ提供者が定めたポリシーに従った形で安全に利用できる計算環境の下活用し、新たな価値を生み出すことを望んでいる。そのためのデータ流通の基盤となる技術として、次世代データハブ技術が提案されている(非特許文献1参照)。 It has long been said that we are in an era where data will be utilized across organizations, industries, and business sectors. Users want to create new value by utilizing data, regardless of its confidentiality, in a computing environment where it can be used safely in accordance with policies set by the data provider. Next-generation data hub technology has been proposed as the technology that will form the foundation for data distribution to achieve this (see non-patent document 1).

持田誠一郎,長田孝彦,三原淳慎,”高品質・高信頼なデータ流通でデータ中心社会を実現する次世代データハブ技術”,NTT技術ジャーナル2020年12月号,pp.23-28,2020.Seiichiro Mochida, Takahiko Nagata, and Junshin Mihara, "Next-generation data hub technology for realizing a data-centric society through high-quality, highly reliable data distribution," NTT Technical Journal, December 2020, pp. 23-28, 2020.

 しかし、機密性が高いデータをデータ提供者が提供する場合、データが不特定多数のユーザに利用されることやデータの利用方法に起因するデータ漏洩のセキュリティリスクは依然として存在している。一方、ユーザとしても、必要なデータを保有するデータ提供者を効率的に検索するすべはなく、必要なデータを保有するデータ提供者が見つかったとしても場合によってはデータ利用に関する個別交渉が必要になることもある。また、必要なデータを利用できるとしても、ユーザはデータ提供者ごとに定められたポリシーに従った厳しいデータ管理の下という煩雑さを伴う形でデータを利用することになる。この問題を解決するために、機密性が高いデータを提供するデータ提供者と自らの目的にあったデータを利用したい利用者との間で双方が求める条件を一致させ、データ提供者が提供するデータの秘匿性を担保したまま、ユーザが当該データから所望の計算結果を得ることができる仕組みが求められている。 However, when highly confidential data is provided by a data provider, there is still a security risk that the data will be used by an unspecified number of users, or that data leaks may occur due to the way the data is used. Meanwhile, users have no efficient way to search for data providers that hold the data they need, and even if they do find one, they may be required to negotiate individual terms regarding data usage. Even if the necessary data is available, users must use the data in a cumbersome manner, subject to strict data management in accordance with policies established by each data provider. To solve this problem, there is a need for a system that matches the requirements of both data providers offering highly confidential data and users who wish to use data for their own purposes, allowing users to obtain the desired computational results from the data provided by the data provider while maintaining the confidentiality of that data.

 そこで本発明では、データ提供者が提供するデータの秘匿性を担保したまま、ユーザが当該データを用いて所望の計算方法により計算結果を得ることができる秘密計算技術を提供することを目的とする。 The present invention aims to provide a secure computation technology that allows users to obtain computation results using their desired computation method using data provided by a data provider, while ensuring the confidentiality of that data.

 本発明の一態様は、データ管理サーバと計算実行サーバとを含む秘密計算システムにおいて、ユーザに対してデータ提供者が提供するデータを秘匿したまま、当該データを当該ユーザが所望する計算方法にて秘密計算する秘密計算方法であって、前記データ管理サーバは、データ提供可と判断する場合にはユーザが利用したいデータに関する条件を表すデータ条件を満たすデータを暗号化して得られる暗号化データを含むデータ取得結果を生成するデータ取得ステップと、前記計算実行サーバは、前記データ取得結果に含まれる暗号化データを対象としてユーザが利用したい秘密計算に関する条件を表す計算条件で指定された計算内容の種別及び秘密計算の種別に対応する秘密計算を実行して得られる計算結果を含む第1計算結果を生成する計算実行ステップと、を含む。 One aspect of the present invention is a secure computation method in a secure computation system including a data management server and a computation execution server, in which data provided by a data provider is secretly computed using a computation method desired by the user while keeping the data confidential from the user. The method includes a data acquisition step in which, if the data management server determines that the data can be provided, the data acquisition result includes encrypted data obtained by encrypting data that satisfies data conditions that represent conditions related to the data the user wants to use, and a computation execution step in which the computation execution server generates a first computation result including a computation result obtained by performing a secure computation corresponding to the type of computation content and type of secure computation specified in the computation conditions that represent conditions related to the secure computation that the user wants to use, on the encrypted data included in the data acquisition result.

 本発明によれば、データ提供者が提供するデータの秘匿性を担保したまま、ユーザが当該データを用いて所望の計算方法により計算結果を得ることが可能となる。 According to the present invention, users can obtain calculation results using their desired calculation method using data provided by data providers while ensuring the confidentiality of that data.

秘密計算システム10の構成を示すブロック図である。1 is a block diagram showing the configuration of a secure computing system 10. [0023]FIG. 端末100の構成を示すブロック図である。FIG. 2 is a block diagram showing the configuration of a terminal 100. ゲートウェイサーバ200の構成を示すブロック図である。FIG. 2 is a block diagram showing the configuration of a gateway server 200. ディスパッチサーバ300の構成を示すブロック図である。FIG. 3 is a block diagram showing the configuration of a dispatch server 300. データ管理サーバ400の構成を示すブロック図である。FIG. 2 is a block diagram showing the configuration of a data management server 400. 計算実行サーバ500の構成を示すブロック図である。FIG. 2 is a block diagram showing the configuration of a calculation execution server 500. 秘密計算システム10の動作を示すシークエンス図である。1 is a sequence diagram showing the operation of the secure computing system 10. FIG. 秘密計算システム10の動作を示すシークエンス図である。1 is a sequence diagram showing the operation of the secure computing system 10. FIG. データ管理サーバ400の構成を示すブロック図である。FIG. 2 is a block diagram showing the configuration of a data management server 400. 計算実行サーバ500の構成を示すブロック図である。FIG. 2 is a block diagram showing the configuration of a calculation execution server 500. 秘密計算システム10の動作を示すシークエンス図である。1 is a sequence diagram showing the operation of the secure computing system 10. FIG. 本発明の実施形態における各装置を実現するコンピュータの機能構成の一例を示す図である。FIG. 2 is a diagram illustrating an example of the functional configuration of a computer that realizes each device according to an embodiment of the present invention.

 以下、本発明の実施形態について、詳細に説明する。なお、同じ機能を有する構成部には同じ番号を付し、重複説明を省略する。 Embodiments of the present invention will be described in detail below. Components with the same functions will be assigned the same numbers, and duplicate explanations will be omitted.

<第1実施形態>
 秘密計算システム10は、ユーザに対してデータ提供者が提供するデータを秘匿したまま、当該データを当該ユーザが所望する計算方法にて秘密計算することを可能とするシステムである。ここで、秘密計算には、例えば、準同型暗号や秘密分散を用いることができる。 First Embodiment
The secure computation system 10 is a system that enables a data provider to perform secure computation on data provided by the data provider using a computation method desired by the user while keeping the data confidential from the user. Here, for example, homomorphic encryption or secret sharing can be used for the secure computation.

[秘密計算システム10の構成]
 以下、図1~図6を参照して秘密計算システム10の構成について説明する。図1は、秘密計算システム10の構成を示すブロック図である。図2は、端末100の構成を示すブロック図である。図3は、ゲートウェイサーバ200の構成を示すブロック図である。図4は、ディスパッチサーバ300の構成を示すブロック図である。図5は、データ管理サーバ400の構成を示すブロック図である。図6は、計算実行サーバ500の構成を示すブロック図である。 [Configuration of the secure computing system 10]
The configuration of the secure computation system 10 will be described below with reference to Figs. 1 to 6. Fig. 1 is a block diagram showing the configuration of the secure computation system 10. Fig. 2 is a block diagram showing the configuration of the terminal 100. Fig. 3 is a block diagram showing the configuration of the gateway server 200. Fig. 4 is a block diagram showing the configuration of the dispatch server 300. Fig. 5 is a block diagram showing the configuration of the data management server 400. Fig. 6 is a block diagram showing the configuration of the computation execution server 500.

 秘密計算システム10は、図1に例示するように、端末100と、ゲートウェイサーバ200と、ディスパッチサーバ300と、データ管理サーバ400と、計算実行サーバ500を含む。端末100、ゲートウェイサーバ200、ディスパッチサーバ300、データ管理サーバ400、計算実行サーバ500はそれぞれネットワーク900に接続される。ネットワーク900は、端末100、ゲートウェイサーバ200、ディスパッチサーバ300、データ管理サーバ400、計算実行サーバ500がそれぞれ相互に通信可能なように構成されたネットワークであればよく、例えばインターネットを用いることができる。図1は、秘密計算システム10の論理的な構成を示すための図であり、秘密計算システム10は物理的には1以上の端末100、1以上のゲートウェイサーバ200、1以上のディスパッチサーバ300、1以上のデータ管理サーバ400、1以上の計算実行サーバ500を含むものであってよい。 As illustrated in FIG. 1, the secure computing system 10 includes a terminal 100, a gateway server 200, a dispatch server 300, a data management server 400, and a computation execution server 500. The terminal 100, gateway server 200, dispatch server 300, data management server 400, and computation execution server 500 are each connected to a network 900. The network 900 may be any network configured to enable the terminal 100, gateway server 200, dispatch server 300, data management server 400, and computation execution server 500 to communicate with each other, and may be the Internet, for example. FIG. 1 is a diagram showing the logical configuration of the secure computing system 10; physically, the secure computing system 10 may include one or more terminals 100, one or more gateway servers 200, one or more dispatch servers 300, one or more data management servers 400, and one or more computation execution servers 500.

 端末100は、図2に例示するように、計算要求部110と、計算結果取得部120と、送受信部180と、記録部190を含む。送受信部180は、ネットワーク900を介して端末100の処理に必要な情報を送受信するための構成部である。記録部190は、端末100の処理に必要な情報を適宜記録する構成部である。端末100は、秘密計算システム10が管理するデータを対象とする秘密計算を実行したいユーザが使用する端末である。ここで、秘密計算システム10が管理するデータとは、データ提供者が提供するデータのことである。 As shown in FIG. 2, the terminal 100 includes a calculation request unit 110, a calculation result acquisition unit 120, a transmission/reception unit 180, and a recording unit 190. The transmission/reception unit 180 is a component for transmitting and receiving information necessary for processing by the terminal 100 via the network 900. The recording unit 190 is a component for appropriately recording information necessary for processing by the terminal 100. The terminal 100 is a terminal used by a user who wishes to perform secure computation on data managed by the secure computation system 10. Here, the data managed by the secure computation system 10 refers to data provided by a data provider.

 ゲートウェイサーバ200は、図3に例示するように、管理単位選択要求部210と、計算環境選択要求部220と、データ取得要求部230と、計算環境セットアップ要求部240と、計算終了確認部250と、送受信部280と、記録部290を含む。送受信部280は、ネットワーク900を介してゲートウェイサーバ200の処理に必要な情報を送受信するための構成部である。記録部290は、ゲートウェイサーバ200の処理に必要な情報を適宜記録する構成部である。ゲートウェイサーバ200は、ユーザからの秘密計算の実行要求を受け付けるサーバである。 As shown in FIG. 3, the gateway server 200 includes a management unit selection request unit 210, a computing environment selection request unit 220, a data acquisition request unit 230, a computing environment setup request unit 240, a computation completion confirmation unit 250, a transmission/reception unit 280, and a recording unit 290. The transmission/reception unit 280 is a component for transmitting and receiving information necessary for processing by the gateway server 200 via the network 900. The recording unit 290 is a component for appropriately recording information necessary for processing by the gateway server 200. The gateway server 200 is a server that accepts requests to perform secure computation from users.

 ディスパッチサーバ300は、図4に例示するように、管理単位選択部310と、データ取得要求部320と、送受信部380と、記録部390を含む。送受信部380は、ネットワーク900を介してディスパッチサーバ300の処理に必要な情報を送受信するための構成部である。記録部390は、ディスパッチサーバ300の処理に必要な情報を適宜記録する構成部である。ディスパッチサーバ300は、ユーザが利用したいデータを管理しているデータ管理サーバ400を選択するサーバである。 As shown in FIG. 4, the dispatch server 300 includes a management unit selection unit 310, a data acquisition request unit 320, a transmission/reception unit 380, and a recording unit 390. The transmission/reception unit 380 is a component for transmitting and receiving information necessary for processing by the dispatch server 300 via the network 900. The recording unit 390 is a component for appropriately recording information necessary for processing by the dispatch server 300. The dispatch server 300 is a server that selects the data management server 400 that manages the data that the user wishes to use.

 データ管理サーバ400は、図5に例示するように、データ取得部410と、送受信部480と、記録部490を含む。送受信部480は、ネットワーク900を介してデータ管理サーバ400の処理に必要な情報を送受信するための構成部である。記録部490は、データ管理サーバ400の処理に必要な情報を適宜記録する構成部である。データ管理サーバ400は、データ提供者が提供するデータを管理するサーバである。 As shown in FIG. 5, the data management server 400 includes a data acquisition unit 410, a transmission/reception unit 480, and a recording unit 490. The transmission/reception unit 480 is a component for transmitting and receiving information necessary for processing by the data management server 400 via the network 900. The recording unit 490 is a component for appropriately recording information necessary for processing by the data management server 400. The data management server 400 is a server that manages data provided by data providers.

 計算実行サーバ500は、図6に例示するように、計算環境選択部510と、計算実行部520と、送受信部580と、記録部590を含む。送受信部580は、ネットワーク900を介して計算実行サーバ500の処理に必要な情報を送受信するための構成部である。記録部590は、計算実行サーバ500の処理に必要な情報を適宜記録する構成部である。計算実行サーバ500は、ユーザが所望する秘密計算を実行するサーバである。 As shown in FIG. 6, the computation execution server 500 includes a computation environment selection unit 510, a computation execution unit 520, a transmission/reception unit 580, and a recording unit 590. The transmission/reception unit 580 is a component for transmitting and receiving information necessary for the processing of the computation execution server 500 via the network 900. The recording unit 590 is a component for appropriately recording information necessary for the processing of the computation execution server 500. The computation execution server 500 is a server that executes secure computations desired by the user.

[秘密計算システム10の動作]
 以下、図7~図8を参照して秘密計算システム10の動作について説明する。図7、図8は、秘密計算システム10の動作を示すシーケンス図であり、図7と図8の2つの図で秘密計算システム10における一連の動作を示すものである。 [Operation of the secure computing system 10]
The operation of the secure computing system 10 will be described below with reference to Figures 7 and 8. Figures 7 and 8 are sequence diagrams showing the operation of the secure computing system 10, and the two figures, Figures 7 and 8, show a series of operations in the secure computing system 10.

 S110において、端末100の計算要求部110は、ユーザが入力した、利用したいデータや秘密計算に関する情報を入力とし、当該情報から計算要求を生成し、端末100の送受信部180は、当該計算要求をゲートウェイサーバ200に送信する。ゲートウェイサーバ200の送受信部280は、計算要求を受信する。 In S110, the calculation request unit 110 of the terminal 100 receives the data the user wishes to use and information related to secure calculation, generates a calculation request from that information, and the transmission/reception unit 180 of the terminal 100 transmits the calculation request to the gateway server 200. The transmission/reception unit 280 of the gateway server 200 receives the calculation request.

 計算要求は、ユーザが利用したいデータに関する条件を表す第1データ条件や第2データ条件、ユーザが利用したい秘密計算に関する条件を表す計算条件を含む。ここで、第1データ条件は、例えばデータの種別(テキスト、画像、音声など)に関する情報を含む。第2データ条件は、例えばデータの提供開始時期やサイズに関する情報を含む。なお、第1データ条件と第2データ条件をまとめてデータ条件ということもある。計算条件は、例えば計算内容の種別(統計処理方法や機械学習方法など)や秘密計算の種別(準同型暗号や秘密分散など)に関する情報を含む。 The computation request includes first and second data conditions that represent conditions related to the data the user wishes to use, and computation conditions that represent conditions related to the secure computation the user wishes to use. Here, the first data condition includes, for example, information related to the type of data (text, image, audio, etc.). The second data condition includes, for example, information related to the start date and size of the data. Note that the first and second data conditions are sometimes collectively referred to as data conditions. The computation condition includes, for example, information related to the type of computation content (statistical processing method, machine learning method, etc.) and the type of secure computation (homomorphic encryption, secret sharing, etc.).

 また、計算要求は、ユーザが利用したいデータの管理単位に関する条件を表す管理単位条件を含むものであってもよい。ここで、データの管理単位とは、データ管理サーバ400の管理単位のことであり、具体的にはデータ管理サーバ400を特定するための情報(以下、データ管理サーバ識別子という)の集合のことである。ここで、データ管理サーバ識別子は秘密計算システム10においてデータ管理サーバ400を一意に識別できる情報であればどのようなものでもよく、例えばデータ管理サーバ400のIPアドレスとすることができる。また、管理単位条件は、例えば、管理単位を特定するための情報(以下、管理単位識別子という)、秘密計算に利用したい管理単位の数に関する情報を含む。ここで、管理単位識別子は秘密計算システム10において管理単位を一意に識別できる情報であればどのようなものでもよく、例えばディスパッチサーバ300のIPアドレスと当該ディスパッチサーバ300における管理単位管理のためのローカルな番号の組合せとすることができる。 The computation request may also include management unit conditions that represent conditions regarding the management unit of data that the user wishes to use. Here, the data management unit refers to the management unit of the data management server 400, and more specifically, refers to a collection of information for identifying the data management server 400 (hereinafter referred to as the data management server identifier). Here, the data management server identifier may be any information that can uniquely identify the data management server 400 in the secure computing system 10, and may be, for example, the IP address of the data management server 400. Furthermore, the management unit conditions include, for example, information for identifying the management unit (hereinafter referred to as the management unit identifier) and information regarding the number of management units that the user wishes to use for secure computation. Here, the management unit identifier may be any information that can uniquely identify the management unit in the secure computing system 10, and may be, for example, a combination of the IP address of the dispatch server 300 and a local number for management unit management in the dispatch server 300.

 計算要求は、ユーザが利用したい計算環境に関する条件を表す計算環境条件を含むものであってもよい。ここで、計算環境とは、計算実行サーバ500が提供する計算環境のことである。また、計算環境条件は、例えば、計算環境を特定するための情報(以下、計算環境識別子という)、秘密計算に利用したい計算環境の数に関する情報を含む。ここで、計算環境識別子は秘密計算システム10において計算環境を一意に識別できる情報であればどのようなものでもよく、例えば計算実行サーバ500のIPアドレスと当該計算実行サーバ500における計算環境管理のためのローカルな番号の組合せとすることができる。 The computation request may include computation environment conditions that represent conditions regarding the computation environment that the user wishes to use. Here, the computation environment refers to the computation environment provided by the computation execution server 500. The computation environment conditions also include, for example, information for identifying the computation environment (hereinafter referred to as a computation environment identifier) and information regarding the number of computation environments that the user wishes to use for secure computation. Here, the computation environment identifier may be any information that can uniquely identify the computation environment in the secure computation system 10, and may, for example, be a combination of the IP address of the computation execution server 500 and a local number for computing environment management on that computation execution server 500.

 さらに、計算要求は、ユーザに関する情報を含むものであってもよい。ここで、ユーザに関する情報とは、例えば、ユーザ名やユーザの電子署名のことである。 Furthermore, the computation request may include information about the user. Here, information about the user may be, for example, the user name or the user's digital signature.

 S210において、ゲートウェイサーバ200の管理単位選択要求部210は、S110で受信した計算要求を入力とし、当該計算要求から管理単位選択要求を生成し、ゲートウェイサーバ200の送受信部280は、当該管理単位選択要求をディスパッチサーバ300に送信する。ディスパッチサーバ300の送受信部380は、管理単位選択要求を受信する。管理単位選択要求は、計算要求に含まれる第1データ条件を含む。また、計算要求に管理単位条件が含まれる場合は、管理単位選択要求は管理単位条件を含む。 In S210, the management unit selection request unit 210 of the gateway server 200 receives the calculation request received in S110 as input and generates a management unit selection request from the calculation request, and the transmission/reception unit 280 of the gateway server 200 transmits the management unit selection request to the dispatch server 300. The transmission/reception unit 380 of the dispatch server 300 receives the management unit selection request. The management unit selection request includes the first data condition included in the calculation request. Furthermore, if the calculation request includes a management unit condition, the management unit selection request includes the management unit condition.

 S220において、ゲートウェイサーバ200の計算環境選択要求部220は、S110で受信した計算要求を入力とし、当該計算要求から計算環境選択要求を生成し、ゲートウェイサーバ200の送受信部280は、当該計算環境選択要求を計算実行サーバ500に送信する。計算実行サーバ500の送受信部580は、計算環境選択要求を受信する。計算環境選択要求は、計算要求に含まれる計算条件を含む。また、計算要求に計算環境条件が含まれる場合は、計算環境選択要求は計算環境条件を含む。 In S220, the computing environment selection request unit 220 of the gateway server 200 receives the computing request received in S110 as input and generates a computing environment selection request from the computing request, and the transmission/reception unit 280 of the gateway server 200 transmits the computing environment selection request to the computing execution server 500. The transmission/reception unit 580 of the computing execution server 500 receives the computing environment selection request. The computing environment selection request includes the computing conditions included in the computing request. Furthermore, if the computing request includes computing environment conditions, the computing environment selection request also includes the computing environment conditions.

 S310において、ディスパッチサーバ300の管理単位選択部310は、S210で受信した管理単位選択要求を入力とし、当該管理単位選択要求に基づいて1以上の管理単位を選択し、選択された管理単位に対応する管理単位識別子を含む管理単位選択結果を生成し、ディスパッチサーバ300の送受信部380は、当該管理単位選択結果をゲートウェイサーバ200に送信する。ゲートウェイサーバ200の送受信部280は、管理単位選択結果を受信する。管理単位選択結果は、選択された管理単位に含まれるデータ管理サーバ識別子も含む。つまり、管理単位選択結果は、1以上の管理単位識別子と1以上のデータ管理サーバ識別子を含む。 At S310, the management unit selection unit 310 of the dispatch server 300 receives the management unit selection request received at S210 as input, selects one or more management units based on the management unit selection request, and generates a management unit selection result including a management unit identifier corresponding to the selected management unit. The transmission/reception unit 380 of the dispatch server 300 transmits the management unit selection result to the gateway server 200. The transmission/reception unit 280 of the gateway server 200 receives the management unit selection result. The management unit selection result also includes the data management server identifier included in the selected management unit. In other words, the management unit selection result includes one or more management unit identifiers and one or more data management server identifiers.

 管理単位選択部310は、管理単位選択要求に含まれる第1データ条件を用いて、当該第1データ条件で指定されているデータ種別のデータを管理しているデータ管理サーバ400のデータ管理サーバ識別子を含む管理単位を選択する。また、管理単位選択要求が管理単位条件を含む場合において、管理単位条件が管理単位識別子に関する情報であるときは、管理単位選択部310は、当該管理単位識別子に対応する管理単位を選択し、管理単位条件が管理単位の数に関する情報であるときは、管理単位選択部310は、所定の基準に従い当該数の管理単位を選択する。ここで、所定の基準とは、例えば管理単位に含まれるデータ管理サーバ識別子の数が大きい順である。 The management unit selection unit 310 uses the first data condition included in the management unit selection request to select a management unit that includes the data management server identifier of the data management server 400 that manages data of the data type specified in the first data condition. Furthermore, if the management unit selection request includes a management unit condition, and the management unit condition is information related to a management unit identifier, the management unit selection unit 310 selects the management unit corresponding to the management unit identifier, and if the management unit condition is information related to the number of management units, the management unit selection unit 310 selects that number of management units according to a predetermined criterion. Here, the predetermined criterion is, for example, descending order of the number of data management server identifiers included in the management units.

 S510において、計算実行サーバ500の計算環境選択部510は、S220で受信した計算環境選択要求を入力とし、当該計算環境選択要求に基づいて1以上の計算環境を選択し、選択された計算環境に対応する計算環境識別子を含む計算環境選択結果を生成し、計算実行サーバ500の送受信部580は、当該計算環境選択結果をゲートウェイサーバ200に送信する。ゲートウェイサーバ200の送受信部280は、計算環境選択結果を受信する。 In S510, the computing environment selection unit 510 of the computing execution server 500 receives the computing environment selection request received in S220 as input, selects one or more computing environments based on the computing environment selection request, and generates a computing environment selection result including a computing environment identifier corresponding to the selected computing environment. The transmission/reception unit 580 of the computing execution server 500 transmits the computing environment selection result to the gateway server 200. The transmission/reception unit 280 of the gateway server 200 receives the computing environment selection result.

 計算環境選択部510は、計算環境選択要求に含まれる計算条件を用いて、当該計算条件で指定されている計算内容の種別や秘密計算の種別を実行できる計算環境を選択する。また、計算環境選択要求が計算環境条件を含む場合において、計算環境条件が計算環境識別子に関する情報であるときは、計算環境選択部510は、当該計算環境識別子に対応する計算環境を選択し、計算環境条件が計算環境の数に関する情報であるときは、計算環境選択部510は、所定の基準に従い当該数の計算環境を選択する。ここで、所定の基準とは、例えば計算環境のリソース(例えば計算環境に割り当てられているCPUやメモリ)の空きが大きい順である。 The computing environment selection unit 510 uses the computation conditions included in the computation environment selection request to select a computation environment that can execute the type of computation content or type of secure computation specified in the computation conditions. Furthermore, if the computation environment selection request includes computation environment conditions, and the computation environment conditions are information related to a computation environment identifier, the computing environment selection unit 510 selects the computation environment corresponding to the computation environment identifier, and if the computation environment conditions are information related to the number of computation environments, the computing environment selection unit 510 selects that number of computation environments according to a predetermined criterion. Here, the predetermined criterion is, for example, the order of the most available computing environment resources (for example, CPUs and memory allocated to the computation environments).

 S230において、ゲートウェイサーバ200のデータ取得要求部230は、S110で受信した計算要求とS310で受信した管理単位選択結果とS510で受信した計算環境選択結果を入力とし、当該計算結果と当該管理単位選択結果と当該計算環境選択結果とから第1データ取得要求を生成し、ゲートウェイサーバ200の送受信部280は、当該第1データ取得要求をディスパッチサーバ300に送信する。ディスパッチサーバ300の送受信部380は、第1データ取得要求を受信する。第1データ取得要求は、計算要求に含まれる第1データ条件や第2データ条件や計算条件、管理単位選択結果に含まれる管理単位識別子、計算環境選択結果に含まれる計算環境識別子を含む。また、第1データ取得要求は、計算要求に含まれるユーザに関する情報を含むものであってもよい。 At S230, the data acquisition request unit 230 of the gateway server 200 receives as input the calculation request received at S110, the management unit selection result received at S310, and the calculation environment selection result received at S510, and generates a first data acquisition request from the calculation result, the management unit selection result, and the calculation environment selection result. The transmission/reception unit 280 of the gateway server 200 transmits the first data acquisition request to the dispatch server 300. The transmission/reception unit 380 of the dispatch server 300 receives the first data acquisition request. The first data acquisition request includes the first data condition, second data condition, and calculation condition included in the calculation request, the management unit identifier included in the management unit selection result, and the calculation environment identifier included in the calculation environment selection result. The first data acquisition request may also include information about the user included in the calculation request.

 S240において、ゲートウェイサーバ200の計算環境セットアップ要求部240は、S110で受信した計算要求とS310で受信した管理単位選択結果とS510で受信した計算環境選択結果を入力とし、当該計算結果と当該管理単位選択結果と当該計算環境選択結果とから計算環境セットアップ要求を生成し、ゲートウェイサーバ200の送受信部280は、当該計算環境セットアップ要求を計算実行サーバ500に送信する。計算実行サーバ500の送受信部580は、計算環境セットアップ要求を受信する。計算環境セットアップ要求は、計算要求に含まれる計算条件、管理単位選択結果に含まれるデータ管理サーバ識別子、計算環境選択結果に含まれる計算環境識別子を含む。 At S240, the computing environment setup request unit 240 of the gateway server 200 receives as input the computing request received at S110, the management unit selection result received at S310, and the computing environment selection result received at S510, and generates a computing environment setup request from the computing result, the management unit selection result, and the computing environment selection result. The transmission/reception unit 280 of the gateway server 200 then transmits the computing environment setup request to the computing execution server 500. The transmission/reception unit 580 of the computing execution server 500 receives the computing environment setup request. The computing environment setup request includes the computing conditions included in the computing request, the data management server identifier included in the management unit selection result, and the computing environment identifier included in the computing environment selection result.

 S320において、ディスパッチサーバ300のデータ取得要求部320は、S230で受信した第1データ取得要求を入力とし、当該第1データ取得要求から第2データ取得要求を生成し、ディスパッチサーバ300の送受信部380は、当該第2データ取得要求をデータ管理サーバ400に送信する。その際、データ取得要求部320は、第1データ取得要求に含まれる管理単位識別子に対応する管理単位に含まれるデータ管理サーバ識別子を用いて第2データ取得要求を送信するデータ管理サーバ400を特定する。データ管理サーバ400の送受信部480は、第2データ取得要求を受信する。第2データ取得要求は、第1データ取得要求に含まれる第1データ条件、第2データ条件、計算条件、計算環境識別子を含む。また、第2データ取得要求は、第1データ取得要求に含まれるユーザに関する情報を含むものであってもよい。 At S320, the data acquisition request unit 320 of the dispatch server 300 receives the first data acquisition request received at S230 as input, generates a second data acquisition request from the first data acquisition request, and the transmission/reception unit 380 of the dispatch server 300 transmits the second data acquisition request to the data management server 400. At that time, the data acquisition request unit 320 identifies the data management server 400 that will transmit the second data acquisition request using the data management server identifier included in the management unit corresponding to the management unit identifier included in the first data acquisition request. The transmission/reception unit 480 of the data management server 400 receives the second data acquisition request. The second data acquisition request includes the first data condition, second data condition, calculation condition, and calculation environment identifier included in the first data acquisition request. The second data acquisition request may also include information about the user included in the first data acquisition request.

 S410において、データ管理サーバ400のデータ取得部410は、S320で受信した第2データ取得要求を入力とし、当該第2データ取得要求に基づいてデータ取得結果を生成し、データ管理サーバ400の送受信部480は、当該データ取得結果を計算実行サーバ500に送信する。その際、データ取得部410は、第2データ取得要求に含まれる第1データ条件、第2データ条件、計算条件の他、ユーザに関する情報が第2データ取得要求に含まれる場合はユーザに関する情報も用いてデータ提供の可否を判断し、データ提供可と判断した場合は、データ提供可を示す情報と第1データ条件および第2データ条件を満たすデータを暗号化して得られる暗号化データと第2データ取得要求に含まれる計算環境識別子とを含むデータ取得結果を生成する一方で、それ以外の場合は、データ提供不可を示す情報を含むデータ取得結果を生成する。ここで、暗号化データは計算条件で指定される秘密計算の種別に従い生成される。計算実行サーバ500の送受信部580は、データ取得結果を受信する。 At S410, the data acquisition unit 410 of the data management server 400 receives the second data acquisition request received at S320 as input and generates a data acquisition result based on the second data acquisition request. The transmission/reception unit 480 of the data management server 400 then transmits the data acquisition result to the calculation execution server 500. At this time, the data acquisition unit 410 determines whether to provide data based on the first data condition, second data condition, and calculation condition included in the second data acquisition request, as well as information about the user if the second data acquisition request includes such information. If it determines that data can be provided, the data acquisition unit 410 generates a data acquisition result that includes information indicating that data can be provided, encrypted data obtained by encrypting data that satisfies the first and second data conditions, and the calculation environment identifier included in the second data acquisition request. Otherwise, the data acquisition result includes information indicating that data cannot be provided. Here, the encrypted data is generated according to the type of secure computation specified in the calculation conditions. The transmission/reception unit 580 of the calculation execution server 500 receives the data acquisition result.

 S520において、計算実行サーバ500の計算実行部520は、S240で受信した計算環境セットアップ要求とS410で受信したデータ取得結果を入力とし、当該計算環境セットアップ要求と当該データ取得結果とに基づいて第1計算結果を生成し、計算実行サーバ500の送受信部580は、当該第1計算結果をゲートウェイサーバ200に送信する。その際、計算実行部520は、データ取得結果がデータ提供可を示す情報を含むものである場合において、計算環境セットアップ要求に含まれる計算環境識別子とデータ取得結果に含まれる計算環境識別子とが一致するときは、当該計算環境識別子に対応する計算環境にデータ取得結果に含まれる暗号化データを配置したうえで、計算環境セットアップ要求に含まれる計算条件で指定された計算内容の種別及び秘密計算の種別に対応する秘密計算を実行し、得られた計算結果を含む第1計算結果を生成する一方で、それ以外の場合は、計算実行不可を示す情報を含む第1計算結果を生成する。なお、計算実行部520は、計算環境セットアップ要求に含まれるデータ管理サーバ識別子を用いて、秘密計算に必要な暗号化データがそろっているか否かを判断するようにするとよい。ゲートウェイサーバ200の送受信部280は、第1計算結果を受信する。 At S520, the computation execution unit 520 of the computation execution server 500 receives as input the computation environment setup request received at S240 and the data acquisition result received at S410, generates a first computation result based on the computation environment setup request and the data acquisition result, and the transceiver unit 580 of the computation execution server 500 transmits the first computation result to the gateway server 200. At this time, if the data acquisition result includes information indicating that data is available, and if the computation environment identifier included in the computation environment setup request matches the computation environment identifier included in the data acquisition result, the computation execution unit 520 places the encrypted data included in the data acquisition result in the computation environment corresponding to the computation environment identifier, performs secure computation corresponding to the type of computation content and type of secure computation specified in the computation conditions included in the computation environment setup request, and generates a first computation result including the obtained computation result; otherwise, the computation execution unit 520 generates a first computation result including information indicating that the computation cannot be performed. It is preferable that the computation execution unit 520 use the data management server identifier included in the computation environment setup request to determine whether the encrypted data required for secure computation is available. The transmitter/receiver 280 of the gateway server 200 receives the first calculation result.

 S250において、ゲートウェイサーバ200の計算終了確認部250は、S520で受信した第1計算結果を入力とし、当該第1計算結果から第2計算結果を生成し、ゲートウェイサーバ200の送受信部280は、当該第2計算結果を端末100に送信する。端末100の送受信部180は、第2計算結果を受信する。第2計算結果は、第1計算結果に含まれる計算結果、計算実行不可を示す情報のいずれかを含む。 In S250, the calculation completion confirmation unit 250 of the gateway server 200 receives the first calculation result received in S520 as input and generates a second calculation result from the first calculation result, and the transmission/reception unit 280 of the gateway server 200 transmits the second calculation result to the terminal 100. The transmission/reception unit 180 of the terminal 100 receives the second calculation result. The second calculation result includes either the calculation result included in the first calculation result or information indicating that the calculation cannot be performed.

 S120において、端末100の計算結果取得部120は、S250で受信した第2計算結果を入力とし、第2計算結果が計算結果を含む場合は、当該計算結果を復号し、平文の計算結果を得る一方で、それ以外の場合は、秘密計算が実行できなかったことをユーザに示すための情報を生成する。 In S120, the calculation result acquisition unit 120 of the terminal 100 receives as input the second calculation result received in S250, and if the second calculation result contains a calculation result, it decrypts the calculation result to obtain the plaintext calculation result; otherwise, it generates information to indicate to the user that the secure calculation could not be performed.

 本発明の実施形態によれば、データ提供者が提供するデータの秘匿性を担保したまま、ユーザが当該データを用いて所望の計算方法により計算結果を得ることが可能となる。 According to an embodiment of the present invention, users can obtain calculation results using their desired calculation method using data provided by data providers while ensuring the confidentiality of that data.

<第2実施形態>
 第1実施形態では、ディスパッチサーバ300にユーザが利用したいデータに関するすべての条件に相当する第1データ条件と第2データ条件が開示されていた。本実施形態では、ディスパッチサーバ300に第2データ条件を開示しない形態について説明する。 Second Embodiment
In the first embodiment, the first data condition and the second data condition corresponding to all conditions related to the data that the user wants to use are disclosed to the dispatch server 300. In this embodiment, a form in which the second data condition is not disclosed to the dispatch server 300 will be described.

[秘密計算システム10の構成]
 以下、図1~図4、図9~図10を参照して秘密計算システム10の構成について説明する。図1は、秘密計算システム10の構成を示すブロック図である。図2は、端末100の構成を示すブロック図である。図3は、ゲートウェイサーバ200の構成を示すブロック図である。図4は、ディスパッチサーバ300の構成を示すブロック図である。図9は、データ管理サーバ400の構成を示すブロック図である。図10は、計算実行サーバ500の構成を示すブロック図である。つまり、本実施形態の秘密計算システム10はデータ管理サーバ400、計算実行サーバ500の構成の点において第1実施形態の秘密計算システム10と異なる。 [Configuration of the secure computing system 10]
The configuration of the secure computation system 10 will be described below with reference to Figures 1 to 4 and Figures 9 to 10. Figure 1 is a block diagram showing the configuration of the secure computation system 10. Figure 2 is a block diagram showing the configuration of the terminal 100. Figure 3 is a block diagram showing the configuration of the gateway server 200. Figure 4 is a block diagram showing the configuration of the dispatch server 300. Figure 9 is a block diagram showing the configuration of the data management server 400. Figure 10 is a block diagram showing the configuration of the computation execution server 500. In other words, the secure computation system 10 of this embodiment differs from the secure computation system 10 of the first embodiment in terms of the configurations of the data management server 400 and the computation execution server 500.

 データ管理サーバ400は、図9に例示するように、データ取得部410と、データ取得条件要求部420と、送受信部480と、記録部490を含む。本実施形態のデータ管理サーバ400は、データ取得条件要求部420を含む点において、第1実施形態のデータ管理サーバ400と異なる。 As shown in FIG. 9, the data management server 400 includes a data acquisition unit 410, a data acquisition condition request unit 420, a transmission/reception unit 480, and a recording unit 490. The data management server 400 of this embodiment differs from the data management server 400 of the first embodiment in that it includes the data acquisition condition request unit 420.

 計算実行サーバ500は、図10に例示するように、計算環境選択部510と、計算実行部520と、データ取得条件指定部530と、送受信部580と、記録部590を含む。本実施形態の計算実行サーバ500は、データ取得条件指定部530を含む点において、第1実施形態の計算実行サーバ500と異なる。 As shown in FIG. 10, the calculation execution server 500 includes a calculation environment selection unit 510, a calculation execution unit 520, a data acquisition condition specification unit 530, a transmission/reception unit 580, and a recording unit 590. The calculation execution server 500 of this embodiment differs from the calculation execution server 500 of the first embodiment in that it includes the data acquisition condition specification unit 530.

[秘密計算システム10の動作]
 以下、図7、図11を参照して秘密計算システム10の動作について説明する。図7、図11は、秘密計算システム10の動作を示すシーケンス図であり、図7と図11の2つの図で秘密計算システム10における一連の動作を示すものである。 [Operation of the secure computing system 10]
The operation of the secure computing system 10 will be described below with reference to Fig. 7 and Fig. 11. Fig. 7 and Fig. 11 are sequence diagrams showing the operation of the secure computing system 10, and the two diagrams of Fig. 7 and Fig. 11 show a series of operations in the secure computing system 10.

 S110、S210、S220、S310、S510における処理は、第1実施形態で説明したものと同じである。なお、計算要求に含まれる第2データ条件、計算条件、ユーザに関する情報については、所定の方法を用いて暗号化したうえで計算要求に含まれるようにしてもよい。この場合、暗号化された条件や情報を受信した各サーバは、必要に応じて復号できるように構成しておくものとする。 The processing in S110, S210, S220, S310, and S510 is the same as that described in the first embodiment. Note that the second data conditions, calculation conditions, and user-related information included in the calculation request may be encrypted using a specified method before being included in the calculation request. In this case, each server that receives the encrypted conditions and information should be configured to be able to decrypt them as necessary.

 S230における処理は、第1実施形態で説明したものと同じである。ただし、第1データ取得要求は、計算要求に含まれる第1データ条件、管理単位選択結果に含まれる管理単位識別子、計算環境選択結果に含まれる計算環境識別子を含む。 The processing at S230 is the same as that described in the first embodiment. However, the first data acquisition request includes the first data condition included in the calculation request, the management unit identifier included in the management unit selection result, and the calculation environment identifier included in the calculation environment selection result.

 S240における処理は、第1実施形態で説明したものと同じである。ただし、計算環境セットアップ要求は、計算要求に含まれる第2データ条件や計算条件、管理単位選択結果に含まれるデータ管理サーバ識別子、計算環境選択結果に含まれる計算環境識別子を含む。また、計算環境セットアップ要求は、計算要求に含まれるユーザに関する情報を含むものであってもよい。 The processing in S240 is the same as that described in the first embodiment. However, the computing environment setup request includes the second data conditions and computation conditions included in the computation request, the data management server identifier included in the management unit selection result, and the computation environment identifier included in the computation environment selection result. The computing environment setup request may also include information about the user included in the computation request.

 S320における処理は、第1実施形態で説明したものと同じである。ただし、第2データ取得要求は、第1データ取得要求に含まれる第1データ条件、計算環境識別子を含む。 The processing at S320 is the same as that described in the first embodiment. However, the second data acquisition request includes the first data condition and computing environment identifier included in the first data acquisition request.

 S420において、データ管理サーバ400のデータ取得条件要求部420は、S320で受信した第2データ取得要求を入力とし、当該第2データ取得要求に基づいてデータ取得条件要求を生成し、データ管理サーバ400の送受信部480は、当該データ取得条件要求を計算実行サーバ500に送信する。その際、データ取得条件要求部420は、第2データ取得要求に含まれる第1データ条件、計算環境識別子を用いてデータ提供条件の提供の可否を判断し、データ提供条件提供可と判断した場合は、データ提供条件提供可を示す情報とデータ提供条件を含むデータ取得条件要求を生成する一方で、それ以外の場合は、データ提供条件提供不可を示す情報を含むデータ取得条件要求を生成する。計算実行サーバ500の送受信部580は、データ取得条件要求を受信する。 At S420, the data acquisition condition request unit 420 of the data management server 400 receives the second data acquisition request received at S320 as input and generates a data acquisition condition request based on the second data acquisition request. The transmission/reception unit 480 of the data management server 400 then transmits the data acquisition condition request to the calculation execution server 500. At that time, the data acquisition condition request unit 420 determines whether the data provision conditions can be provided using the first data conditions and calculation environment identifier included in the second data acquisition request. If it determines that the data provision conditions can be provided, it generates a data acquisition condition request including the data provision conditions and information indicating that the data provision conditions can be provided; otherwise, it generates a data acquisition condition request including information indicating that the data provision conditions cannot be provided. The transmission/reception unit 580 of the calculation execution server 500 receives the data acquisition condition request.

 S530において、計算実行サーバ500のデータ取得条件指定部530は、S240で受信した計算環境セットアップ要求とS420で受信したデータ取得条件要求を入力とし、当該計算環境セットアップ要求と当該データ取得条件要求とに基づいてデータ取得条件指定結果を生成し、計算実行サーバ500の送受信部580は、当該データ取得条件指定結果をデータ管理サーバ400に送信する。その際、データ取得条件要求がデータ提供条件提供可を示す情報を含む場合において、データ取得条件指定部530がデータ提供条件を満たすと判断したときは、データ取得条件指定部530は計算環境セットアップ要求に含まれる第2データ条件、計算条件を含むデータ取得条件指定結果を生成し、それ以外の場合は計算実行不可を示す情報を含むデータ取得条件指定結果を生成する。また、データ取得条件指定結果は、計算環境セットアップ要求に含まれるユーザに関する情報を含むものであってもよい。データ管理サーバ400の送受信部480は、データ取得条件指定結果を受信する。 At S530, the data acquisition condition specification unit 530 of the calculation execution server 500 receives as input the calculation environment setup request received at S240 and the data acquisition condition request received at S420, generates a data acquisition condition specification result based on the calculation environment setup request and the data acquisition condition request, and the transmission/reception unit 580 of the calculation execution server 500 transmits the data acquisition condition specification result to the data management server 400. At that time, if the data acquisition condition request includes information indicating that the data provision conditions can be provided, and the data acquisition condition specification unit 530 determines that the data provision conditions are met, the data acquisition condition specification unit 530 generates a data acquisition condition specification result that includes the second data condition and calculation condition included in the calculation environment setup request; otherwise, it generates a data acquisition condition specification result that includes information indicating that calculation cannot be executed. The data acquisition condition specification result may also include information about the user included in the calculation environment setup request. The transmission/reception unit 480 of the data management server 400 receives the data acquisition condition specification result.

 S410において、データ管理サーバ400のデータ取得部410は、S320で受信した第2データ取得要求とS530で受信したデータ取得条件指定結果を入力とし、当該第2データ取得要求と当該データ取得条件指定結果に基づいてデータ取得結果を生成し、データ管理サーバ400の送受信部480は、当該データ取得結果を計算実行サーバ500に送信する。その際、データ取得部410は、第2データ取得要求に含まれる第1データ条件、データ取得条件指定結果に含まれる第2データ条件、計算条件の他、ユーザに関する情報がデータ取得条件指定結果に含まれる場合はユーザに関する情報も用いてデータ提供の可否を判断し、データ提供可と判断した場合は、データ提供可を示す情報と第1データ条件および第2データ条件を満たすデータを暗号化して得られる暗号化データと第2データ取得要求に含まれる計算環境識別子とを含むデータ取得結果を生成する一方で、それ以外の場合は、データ提供不可を示す情報を含むデータ取得結果を生成する。ここで、暗号化データは計算条件で指定される秘密計算の種別に従い生成される。計算実行サーバ500の送受信部580は、データ取得結果を受信する。 At S410, the data acquisition unit 410 of the data management server 400 receives as input the second data acquisition request received at S320 and the data acquisition condition specification result received at S530, generates a data acquisition result based on the second data acquisition request and the data acquisition condition specification result, and the transceiver unit 480 of the data management server 400 transmits the data acquisition result to the calculation execution server 500. At this time, the data acquisition unit 410 determines whether to provide data using the first data condition included in the second data acquisition request, the second data condition included in the data acquisition condition specification result, and the calculation conditions, as well as information about the user if such information is included in the data acquisition condition specification result. If it determines that data can be provided, it generates a data acquisition result that includes information indicating that data can be provided, encrypted data obtained by encrypting data that satisfies the first and second data conditions, and the calculation environment identifier included in the second data acquisition request. Otherwise, it generates a data acquisition result that includes information indicating that data cannot be provided. Here, the encrypted data is generated according to the type of secure calculation specified in the calculation conditions. The transmission/reception unit 580 of the calculation execution server 500 receives the data acquisition results.

 S520、S250、S120における処理は、第1実施形態で説明したものと同じである。 The processing in S520, S250, and S120 is the same as that described in the first embodiment.

 本発明の実施形態によれば、データ提供者が提供するデータの秘匿性を担保したまま、ユーザが当該データを用いて所望の計算方法により計算結果を得ることが可能となる。 According to an embodiment of the present invention, users can obtain calculation results using their desired calculation method using data provided by data providers while ensuring the confidentiality of that data.

<補記>
 本明細書中に記載されている構成要素により実現される機能は、当該記載された機能を実現するようにプログラムされた、汎用プロセッサ、特定用途プロセッサ、集積回路、ASICs(Application Specific Integrated Circuits)、CPU(Central Processing Unit)、従来型の回路、および/又はそれらの組合せを含む、circuitry又はprocessing circuitryにおいて実装されてもよい。プロセッサは、トランジスタやその他の回路を含み、circuitry又はprocessing circuitryとみなされる。プロセッサは、メモリに格納されたプログラムを実行する、programmed processorであってもよい。 <Additional Notes>
The functions performed by the components described herein may be implemented in circuitry or processing circuitry, including general-purpose processors, application-specific processors, integrated circuits, ASICs (Application Specific Integrated Circuits), CPUs (Central Processing Units), conventional circuits, and/or combinations thereof, programmed to perform the described functions. A processor includes transistors and other circuits and is considered to be circuitry or processing circuitry. A processor may also be a programmed processor that executes programs stored in memory.

 本明細書において、circuitry、ユニット、手段は、記載された機能を実現するようにプログラムされたハードウェア、又は実行するハードウェアである。当該ハードウェアは、本明細書に開示されているあらゆるハードウェア、又は、当該記載された機能を実現するようにプログラムされた、又は、実行するものとして知られているあらゆるハードウェアであってもよい。 In this specification, a circuit, unit, or means refers to hardware that is programmed to realize or executes the described functions. The hardware may be any hardware disclosed in this specification or any hardware known to be programmed to realize or execute the described functions.

 当該ハードウェアがcircuitryのタイプであるとみなされるプロセッサである場合、当該circuitry、手段、又はユニットは、ハードウェアと、当該ハードウェア及び又はプロセッサを構成する為に用いられるソフトウェアの組合せである。 If the hardware is a processor, which is considered to be a type of circuitry, the circuitry, means, or unit is the combination of the hardware and the software used to configure the hardware and/or processor.

 上述の各種の処理は、図12に示すコンピュータ2000の記録部2020に、上記方法の各ステップを実行させるプログラムを読み込ませ、制御部2010、入力部2030、出力部2040、表示部2050などに動作させることで実施できる。 The various processes described above can be implemented by loading a program that executes each step of the above method into the recording unit 2020 of the computer 2000 shown in FIG. 12 and operating the control unit 2010, input unit 2030, output unit 2040, display unit 2050, etc.

 この処理内容を記述したプログラムは、コンピュータで読み取り可能な記録媒体に記録しておくことができる。コンピュータで読み取り可能な記録媒体としては、例えば、磁気記録装置、光ディスク、光磁気記録媒体、半導体メモリ等どのようなものでもよい。 The program describing this processing can be recorded on a computer-readable recording medium. Examples of computer-readable recording media include magnetic recording devices, optical disks, magneto-optical recording media, and semiconductor memory.

 また、このプログラムの流通は、例えば、そのプログラムを記録したDVD、CD-ROM等の可搬型記録媒体を販売、譲渡、貸与等することによって行う。さらに、このプログラムをサーバコンピュータの記憶装置に格納しておき、ネットワークを介して、サーバコンピュータから他のコンピュータにそのプログラムを転送することにより、このプログラムを流通させる構成としてもよい。 In addition, this program may be distributed, for example, by selling, transferring, or lending portable recording media such as DVDs or CD-ROMs on which the program is recorded. Furthermore, the program may be stored in a storage device on a server computer, and then transferred from the server computer to other computers via a network, thereby distributing the program.

 このようなプログラムを実行するコンピュータは、例えば、まず、可搬型記録媒体に記録されたプログラムもしくはサーバコンピュータから転送されたプログラムを、一旦、自己の記憶装置に格納する。そして、処理の実行時、このコンピュータは、自己の記憶装置に格納されたプログラムを読み取り、読み取ったプログラムに従った処理を実行する。また、このプログラムの別の実行形態として、コンピュータが可搬型記録媒体から直接プログラムを読み取り、そのプログラムに従った処理を実行することとしてもよく、さらに、このコンピュータにサーバコンピュータからプログラムが転送されるたびに、逐次、受け取ったプログラムに従った処理を実行することとしてもよい。また、サーバコンピュータから、このコンピュータへのプログラムの転送は行わず、その実行指示と結果取得のみによって処理機能を実現する、いわゆるASP(Application Service Provider)型のサービスによって処理を実行する構成としてもよい。さらには、サーバコンピュータの一部をプログラムと共にユーザに使用させる、いわゆるSaaS(Software as a Service)型のサービスを利用して、端末の処理を実行する構成としてもよい。なお、本形態におけるプログラムには、電子計算機による処理の用に供する情報であってプログラムに準ずるもの(コンピュータに対する直接の指令ではないがコンピュータの処理を規定する性質を有するデータ等)を含むものとする。 A computer that executes such a program, for example, first stores the program recorded on a portable recording medium or transferred from a server computer in its own storage device. Then, when executing processing, the computer reads the program stored in its storage device and executes processing in accordance with the read program. As another form of execution of this program, the computer may read the program directly from the portable recording medium and execute processing in accordance with that program, or it may execute processing in accordance with the received program each time a program is transferred to this computer from the server computer. Alternatively, the server computer may not transfer the program to this computer, but rather executes processing using a so-called ASP (Application Service Provider) type service, which realizes processing functions simply by issuing execution instructions and obtaining results. Furthermore, the computer may be configured to execute terminal processing using a so-called SaaS (Software as a Service) type service, which allows users to use part of a server computer along with the program. In this embodiment, the program includes information used for processing by an electronic computer that is equivalent to a program (such as data that is not a direct command to a computer but has properties that dictate computer processing).

 また、この形態では、コンピュータ上で所定のプログラムを実行させることにより、本装置を構成することとしたが、これらの処理内容の少なくとも一部をハードウェア的に実現することとしてもよい。 In addition, in this embodiment, the device is configured by executing a specific program on a computer, but at least part of the processing may also be implemented in hardware.

 本発明は上述の実施形態に限定されるものではなく、本発明の趣旨を逸脱しない範囲で適宜変更が可能である。また、上記実施形態において説明した処理は、記載の順に従って時系列に実行されるのみならず、処理を実行する装置の処理能力あるいは必要に応じて並列的にあるいは個別に実行されるとしてもよい。 The present invention is not limited to the above-described embodiments, and modifications can be made as appropriate without departing from the spirit of the present invention. Furthermore, the processes described in the above embodiments are not limited to being executed chronologically in the order described, but may also be executed in parallel or individually depending on the processing capacity of the device executing the processes or as needed.

Claims (5)

 データ管理サーバと計算実行サーバとを含む秘密計算システムにおいて、ユーザに対してデータ提供者が提供するデータを秘匿したまま、当該データを当該ユーザが所望する計算方法にて秘密計算する秘密計算方法であって、
 前記データ管理サーバは、データ提供可と判断する場合にはユーザが利用したいデータに関する条件を表すデータ条件を満たすデータを暗号化して得られる暗号化データを含むデータ取得結果を生成するデータ取得ステップと、
 前記計算実行サーバは、前記データ取得結果に含まれる暗号化データを対象としてユーザが利用したい秘密計算に関する条件を表す計算条件で指定された計算内容の種別及び秘密計算の種別に対応する秘密計算を実行して得られる計算結果を含む第1計算結果を生成する計算実行ステップと、
 を含む秘密計算方法。 A secure computation method for a secure computation system including a data management server and a computation execution server, in which data provided by a data provider is computed secretly from a user using a computation method desired by the user, while keeping the data confidential, comprising:
a data acquisition step in which the data management server generates a data acquisition result including encrypted data obtained by encrypting data that satisfies a data condition that indicates a condition related to data that the user wants to use, when the data management server determines that the data can be provided;
a calculation execution step in which the calculation execution server generates a first calculation result including a calculation result obtained by executing a secure calculation corresponding to a type of calculation content and a type of secure calculation specified in a calculation condition that represents a condition related to secure calculation that the user wants to use, using the encrypted data included in the data acquisition result as the target;
A secret computation method including:  データ管理サーバと計算実行サーバとを含み、ユーザに対してデータ提供者が提供するデータを秘匿したまま、当該データを当該ユーザが所望する計算方法にて秘密計算する秘密計算システムであって、
 前記データ管理サーバは、
 データ提供可と判断する場合にはユーザが利用したいデータに関する条件を表すデータ条件を満たすデータを暗号化して得られる暗号化データを含むデータ取得結果を生成するデータ取得部と、
 を含み、
 前記計算実行サーバは、
 前記データ取得結果に含まれる暗号化データを対象としてユーザが利用したい秘密計算に関する条件を表す計算条件で指定された計算内容の種別及び秘密計算の種別に対応する秘密計算を実行して得られる計算結果を含む第1計算結果を生成する計算実行部と、
 を含む秘密計算システム。 A secure computation system including a data management server and a computation execution server, which performs secure computation on data provided by a data provider using a computation method desired by the user while keeping the data confidential from the user,
The data management server
a data acquisition unit that generates a data acquisition result including encrypted data obtained by encrypting data that satisfies a data condition that indicates a condition related to data that the user wants to use when it is determined that the data can be provided;
Including,
The calculation execution server
a calculation execution unit that generates a first calculation result including a calculation result obtained by executing a secure calculation corresponding to a type of calculation content and a type of secure calculation specified in a calculation condition that indicates a condition related to secure calculation that a user wants to use, on encrypted data included in the data acquisition result; and
A secure computing system including:  ユーザに対してデータ提供者が提供するデータを秘匿したまま、当該データを当該ユーザが所望する計算方法にて秘密計算する秘密計算システムに含まれるデータ管理サーバであって、
 データ提供可と判断する場合にはユーザが利用したいデータに関する条件を表すデータ条件を満たすデータを暗号化して得られる暗号化データを含むデータ取得結果を生成するデータ取得部と、
 を含むデータ管理サーバ。 A data management server included in a secure computation system that performs secure computation on data provided by a data provider using a computation method desired by the user while keeping the data confidential from the user,
a data acquisition unit that generates a data acquisition result including encrypted data obtained by encrypting data that satisfies a data condition that indicates a condition related to data that the user wants to use when it is determined that the data can be provided;
a data management server including:  ユーザに対してデータ提供者が提供するデータを秘匿したまま、当該データを当該ユーザが所望する計算方法にて秘密計算する秘密計算システムに含まれる計算実行サーバであって、
 ユーザが利用したいデータに関する条件を表すデータ条件を満たすデータを暗号化して得られる暗号化データを対象としてユーザが利用したい秘密計算に関する条件を表す計算条件で指定された計算内容の種別及び秘密計算の種別に対応する秘密計算を実行して得られる計算結果を含む第1計算結果を生成する計算実行部と、
 を含む計算実行サーバ。 A calculation execution server included in a secure calculation system that performs secure calculation on data provided by a data provider using a calculation method desired by the user while keeping the data confidential from the user,
a calculation execution unit that generates a first calculation result including a calculation result obtained by executing a secure calculation corresponding to a type of calculation content and a type of secure calculation specified in a calculation condition that represents a condition related to secure calculation that the user wants to use, on encrypted data obtained by encrypting data that satisfies a data condition that represents a condition related to data that the user wants to use;
A calculation execution server including:  請求項3に記載のデータ管理サーバ、請求項4に記載の計算実行サーバのいずれかとしてコンピュータを機能させるためのプログラム。 A program for causing a computer to function as either the data management server described in claim 3 or the calculation execution server described in claim 4.
PCT/JP2024/010029 2024-03-14 2024-03-14 Secure computation method, secure computation system, data management server, computation execution server, and program Pending WO2025191796A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2024/010029 WO2025191796A1 (en) 2024-03-14 2024-03-14 Secure computation method, secure computation system, data management server, computation execution server, and program

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2024/010029 WO2025191796A1 (en) 2024-03-14 2024-03-14 Secure computation method, secure computation system, data management server, computation execution server, and program

Publications (1)

Publication Number Publication Date
WO2025191796A1 true WO2025191796A1 (en) 2025-09-18

Family

ID=97063267

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2024/010029 Pending WO2025191796A1 (en) 2024-03-14 2024-03-14 Secure computation method, secure computation system, data management server, computation execution server, and program

Country Status (1)

Country Link
WO (1) WO2025191796A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022259516A1 (en) * 2021-06-11 2022-12-15 日本電信電話株式会社 Prohibited operation prevention system, prohibited operation prevention device, prohibited operation prevention method, and program
WO2023047926A1 (en) * 2021-09-23 2023-03-30 Eaglys株式会社 Data sharing system, data sharing method, and data sharing program

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022259516A1 (en) * 2021-06-11 2022-12-15 日本電信電話株式会社 Prohibited operation prevention system, prohibited operation prevention device, prohibited operation prevention method, and program
WO2023047926A1 (en) * 2021-09-23 2023-03-30 Eaglys株式会社 Data sharing system, data sharing method, and data sharing program

Similar Documents

Publication Publication Date Title
US11531732B2 (en) Systems and methods for providing identity assurance for decentralized applications
US20200396217A1 (en) Key Attestation Statement Generation Providing Device Anonymity
US6839437B1 (en) Method and apparatus for managing keys for cryptographic operations
JP4847701B2 (en) Obtaining digital content signed rights labels (SRLs) using flexible rights templates in a rights management system
EP2172868B1 (en) Information security device and information security system
US11509709B1 (en) Providing access to encrypted insights using anonymous insight records
US10944560B2 (en) Privacy-preserving identity asset exchange
WO2019214211A1 (en) Block chain-based user data authorization method and apparatus, and medium and computing device
US9430278B2 (en) System having operation queues corresponding to operation execution time
US12158979B2 (en) Security broker with post-provisioned states of the tee-protected services
US12169553B2 (en) Security broker for consumers of tee-protected services
CN113806777A (en) File access realization method and device, storage medium and electronic equipment
US11947492B2 (en) Information processing device, terminal device, and search method
US11856002B2 (en) Security broker with consumer proxying for tee-protected services
JP2022523770A (en) Secure execution guest owner control for secure interface control
JP2021530009A (en) Secure behavior for encrypted data
US10673827B1 (en) Secure access to user data
US11647020B2 (en) Satellite service for machine authentication in hybrid environments
JP6542401B2 (en) Key chain management method and system for end-to-message encryption
JP6919484B2 (en) Cryptographic communication method, cryptographic communication system, key issuing device, program
JP2024501401A (en) Decentralized broadcast encryption and key generation facility
WO2025191796A1 (en) Secure computation method, secure computation system, data management server, computation execution server, and program
US20200151303A1 (en) Digital rights management
CN118713844A (en) A controllable data processing method, device and computing device cluster based on data space
US20230195653A1 (en) Secure communication of virtual machine encrypted memory

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 24929584

Country of ref document: EP

Kind code of ref document: A1