JP2017151859A - Information processing apparatus and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To improve the stability of data transmission to an external system. SOLUTION: A storage unit for storing a plurality of tokens together with their valid states, a communication unit for transmitting and receiving the token or data to and from an external system, a request for updating the token to the external system, and the token are used. A control unit that controls transmission / reception of the data is provided, and the control unit stores a plurality of valid tokens in advance in the storage unit, and when the update of the token based on the request fails, the update is performed. Provided is an information processing apparatus characterized by controlling a communication unit so as to transmit the data to the external system by using a valid token different from the token performed. [Selection diagram] Fig. 3

Description

  The present invention relates to an information processing apparatus and a program.

  In recent years, with the spread of smartphones and the like, interactive communication services that allow easy communication between users have permeated people's lives. On the interactive communication service, it is possible to take various communications using not only text messages but also stamps, voice calls, images, videos, and the like. Since such various contents may include personal information and the like, the interactive communication service needs to be provided using a highly secure environment.

  Here, as one of techniques for improving the security of server access, there is an authentication technique using a token. Unauthorized access to the server can be prevented by authenticating access to the server using key information called a token.

  However, authentication using tokens is not completely secure. If the token leaks for some reason and is illegally acquired by a third party, there is a possibility that the third party may illegally access the server using the token. It is recommended to set an expiration date on the token so that the server is not illegally accessed by a third party if the token is leaked. In that case, it is necessary to renew the token before the expiration date.

  As prior arts related to tokens and token updating, Non-Patent Document 1 discloses a technique for automatically updating a token, Patent Document 1 discloses a technique for changing a token when accessing a memory, and Patent Document 2 discloses a token. A technique for reissuing a token when the password is illegal is disclosed in Patent Document 3, and a technique for updating the token is disclosed.

“Login and access token”, [online], Kii Corporation, [February 1, 2016 search], Internet <URL: http://documentation.kii.com/en/starts/cloudsdk/managing-users/ accesstoken /〉

JP 2013-140446 A JP 2013-8106 A JP 2013-246655 A

  If the token update fails, the access-target external system cannot authenticate the token, so access to the external system fails and data transmission also fails.

  Therefore, the present invention has been made in view of the above problems, and an object of the present invention is to provide a new and improved information processing capable of improving the stability of data transmission to an external system. It is to provide a device and a program.

  In order to solve the above problems, according to an aspect of the present invention, a storage unit that stores a plurality of tokens together with their valid states, a communication unit that transmits and receives the token or data to and from an external system, and the external system And a control unit that controls transmission / reception of the data using the token, and the control unit stores a plurality of valid tokens in advance in the storage unit, and based on the request When the update of the token fails, the information processing apparatus controls the communication unit to transmit the data to the external system by using the valid token different from the updated token. Is provided.

  The control unit may make the request so that the update times of the tokens are different.

  The control unit may make a request for updating the token based on an elapsed time after each token becomes valid or a time until each token expires.

  The control unit may control a token update request at regular intervals.

  The control unit may retry the token update request or the data transmission when the token update or the data transmission fails.

  The display unit may further include a display control unit that displays a status of updating the token stored in the storage unit and controls a request for updating the token, a new addition of the token, or a deletion of the token.

  In order to solve the above problems, according to another aspect of the present invention, a function of storing a plurality of tokens, a function of transmitting / receiving the token or data to / from an external system, and the token to the external system And a function for controlling transmission / reception of the data and a function for transmitting the data to the external system using a valid token when the update of the token based on the request fails. A program for realizing this is provided.

  As described above, according to the present invention, it is possible to improve the stability of data transmission to an external system.

It is explanatory drawing which shows the structure of the information processing system by embodiment of this invention. It is explanatory drawing which shows the specific example of the dialogue screen with the user who operates a portable terminal, and the financial institution which has a bank server. It is explanatory drawing which shows the structure of the relay server by this embodiment. It is explanatory drawing which shows the data of the token which the token memory | storage part of the relay server by this embodiment memorize | stores. It is explanatory drawing which shows the aspect of the update of the token by this embodiment. It is explanatory drawing which shows the structure of the interactive communication service server by this embodiment. It is explanatory drawing which shows the structure of the bank server by this embodiment. It is explanatory drawing which shows the structure of the portable terminal by this embodiment. It is explanatory drawing which shows the 1st operation | movement of an information processing system. It is explanatory drawing which shows the 1st operation | movement of an information processing system. It is explanatory drawing which shows the 2nd operation | movement of information processing system. It is explanatory drawing of operation | movement when the update of a token fails when the token memory | storage part of the relay server of a comparative example has memorize | stored one token. It is explanatory drawing which shows the operation | movement at the time of the token update by this embodiment. In this embodiment, it is a screen transition diagram at the time of making a token update request on the token management screen. In this embodiment, it is a screen transition diagram at the time of newly registering a token on the token management screen. In this embodiment, it is a screen transition figure at the time of deleting a token on a token management screen. It is the block diagram which showed the hardware constitutions of the information processing apparatus which can implement | achieve a relay server.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the present specification and drawings, components having substantially the same functional configuration are denoted by the same reference numerals, and redundant description is omitted.

  In the present specification and drawings, a plurality of constituent elements having substantially the same functional configuration may be distinguished by attaching different alphabets after the same reference numeral. However, when it is not necessary to particularly distinguish each of a plurality of constituent elements having substantially the same functional configuration, only the same reference numerals are given.

<1. Overview of Information Processing System>
The interactive communication service enables various communication not only between users but also between companies and between users and companies. In this specification, an account information inquiry service provided by a financial institution to a user will be described as an embodiment of the present invention. This service allows users to check account information such as account balances and deposit / withdrawal details of financial institutions by sending a predetermined stamp or message, etc. to the financial institution. It is a service that can confirm information.

  First, an overview of an information processing system according to an embodiment of the present invention will be described with reference to FIG. FIG. 1 is an explanatory diagram showing a configuration of an information processing system according to an embodiment of the present invention. As shown in FIG. 1, the information processing system according to the embodiment of the present invention includes a relay server 100, an interactive communication service server 200, a bank server 300, and a mobile terminal 400. The relay server 100, the interactive communication service server 200, the bank server 300, and the mobile terminal 400 are connected by networks 510, 520, and 530.

  Networks 510, 520, and 530 (hereinafter may be simply referred to as network 500) are wired or wireless transmission paths for information transmitted from devices connected to network 500. For example, the network 500 may include a public line network such as the Internet, a telephone line network, a satellite communication network, various local area networks (LANs) including the Ethernet (registered trademark), a wide area network (WAN), and the like. The network 500 may also include a dedicated line network such as an IP-VPN (Internet Protocol-Virtual Private Network).

  The portable terminal 400 is an example of user equipment used by a user who is a customer of a financial institution. The mobile terminal 400 can acquire information about the user of the mobile terminal 400 via the interactive communication service server 200.

  In the present embodiment, account information such as an account balance and deposit / withdrawal details is mainly described as an example of information about the user of the mobile terminal 400, but information about the user is not limited to account information. For example, when the present invention is applied to a securities trading service, the information about the user may be a status of holding securities. When the present invention is applied to a reservation inquiry service for hotels, movies, etc., the information about the user may be information indicating the reservation status of hotels, movies, etc. In FIG. 1, the portable terminal 400 is shown as an example of the portable terminal 400, but the user device may be an information processing device such as a PC (Personal Computer), a PDA (Personal Digital Assistant), and a wearable device. Good. The user can use the service only by installing a dedicated application on the user device.

  The interactive communication service server 200 is a server that provides an interactive communication service. The interactive communication service server 200 provides an interactive screen with the communication partner to the mobile terminal 400, and sequentially adds information transmitted from the mobile terminal 400 and information transmitted from the communication partner to the interactive screen. Hereinafter, with reference to FIG. 2, a specific example of a dialogue screen with a communication partner provided by the interactive communication service server 200 according to the present embodiment will be described.

  FIG. 2 is an explanatory diagram showing a specific example of a dialogue screen between the user who operates the mobile terminal 400 and the financial institution having the bank server 300. As shown in FIG. 2, when the mobile terminal 400 transmits an image 423 (so-called stamp) indicating an account information request on the dialog screen, the interactive communication service server 200 receives information from the bank server 300 via the relay server 100. Account information of the user of the portable terminal 400 is acquired, and an account information message 424 indicating the account information is added to the dialog screen. As a result, the user of the portable terminal 400 can easily grasp his / her account information without directly accessing the bank server 300.

  The relay server 100 is an information processing device for relay for performing data linkage between the interactive communication service server 200 and the bank server 300. Specifically, the relay server 100 stores the login information of the user of the mobile terminal 400, logs into the bank server 300 using the login information, and acquires the account information of the user of the mobile terminal 400 from the bank server 300. The account information is transmitted to the interactive communication service server 200. When the relay server 100 accesses the interactive communication service server 200, the relay server 100 transmits a token to the interactive communication service server 200, and the interactive communication service server 200 authenticates the token, thereby allowing access between the servers. Is established. The relay server 100 is installed in a data center of a financial institution or a system vendor, for example.

  The bank server 300 is a financial institution server capable of providing Internet banking services such as account information inquiry and deposit / withdrawal statement inquiry via the network 500. It is possible to log in to the bank server 300 using the user's login information. The user login information is, for example, a store number of a financial institution, an account subject, an account number, and a login password. In this embodiment, login information is stored in the relay server 100, and the relay server 100 accesses the bank server 300 by using the login information.

<2. Configuration of each information processing apparatus>
(Relay server configuration)
FIG. 3 is an explanatory diagram illustrating the configuration of the relay server 100 according to the present embodiment. As illustrated in FIG. 3, the relay server 100 includes a communication unit 110, a control unit 120, a storage unit 130, and a display control unit 140.

  The communication unit 110 is an interface for the interactive communication service server 200 and the bank server 300, and exchanges token and account information data with the interactive communication service server 200 and the bank server 300. For example, the communication unit 110 receives an account information request from the interactive communication service server 200 and transmits the account information request to the bank server 300. Further, the communication unit 110 receives user account information from the bank server 300 and transmits the user account information and token to the interactive communication service server 200. When updating the token, the communication unit 110 transmits a token update request to the interactive communication service server 200, and receives the updated token from the interactive communication service server 200 as a response.

  The control unit 120 includes a token control unit 121 and a data control unit 122.

  The token control unit 121 causes the communication unit 110 to request the interactive communication service server 200 to update the token. Further, when the communication unit 110 receives the updated token, the token control unit 121 causes the token storage unit 131 to store the updated token.

  The data control unit 122 causes the communication unit 110 to transmit / receive account information data to / from the interactive communication service server 200 and the bank server 300. When the data control unit 122 causes the communication unit 110 to transmit data to the interactive communication service server 200, the data control unit 122 causes the communication unit 110 to transmit a token to the interactive communication service server 200 for access authentication. The timing at which the data control unit 122 causes the communication unit 110 to transmit a token is before data transmission or at the time of data transmission, and the timing can be changed according to the setting of the access destination server.

  The storage unit 130 includes a token storage unit 131 and a user information storage unit 132.

  The token storage unit 131 stores a token used when the relay server 100 accesses the interactive communication service server 200. As shown in FIG. 4, the token storage unit 131 according to the present embodiment stores a plurality of tokens. In the present embodiment, four tokens (tokens A to D) are stored as an example. At this time, the token storage unit 131 stores a plurality of valid tokens.

  FIG. 5 is an explanatory diagram illustrating a token update mode according to the present embodiment. As shown in FIG. 5, the update times of the plurality of tokens stored in the token storage unit 131 are set to be different. The update time of at least one token may be set to be different from the update time of other tokens. In other words, it is good if all tokens are not updated at the same time. As a result, it is possible to prevent the token update from failing and the effective tokens being exhausted.

  In addition, the token storage unit 131 stores various types of token information. The various pieces of token information are, for example, a token ID, a token state, and an expiration date. The token status is information related to whether or not the token can be used for data transmission, such as valid, invalid, and updating. If the token status is valid, the token can be used for data transmission. If the token status is invalid, the token has expired and the token cannot be used for data transmission. . When the token state is being updated, a token update request is transmitted to the interactive communication service server 200, and since the response including the updated token has not arrived at the relay server 100, the token is transmitted as data. Is not available.

  The user information storage unit 132 stores login information for accessing the bank server 300 and acquiring account information. Further, the user information storage unit 132 stores user information related to the user, which is transmitted to the relay server 100 when the interactive communication service server 200 makes an account information request, and the above-described login information. Thereby, when the account information request and the user information are transmitted from the interactive communication service server 200, the relay server 100 acquires the login information to the bank server 300 from the user information storage unit 132 based on the user information, By transmitting the login information and the account information request to the bank server 300, the bank server 300 is accessed and the account information is acquired.

  The display control unit 140 enables various management operations in the present embodiment to be performed using a GUI (Graphical User Interface). Specifically, the display control unit 140 makes it possible to perform token management, stamp management, user data management, service stoppage, and the like on the GUI. Details thereof will be described in “7. Third processing example”.

(Configuration of interactive communication service server)
FIG. 6 is an explanatory diagram showing the configuration of the interactive communication service server 200 according to the present embodiment. As shown in FIG. 6, the interactive communication service server 200 includes a communication unit 210, a control unit 220, and a storage unit 230.

  The communication unit 210 is an interface for the relay server 100 and the mobile terminal 400, and transmits and receives token, account information, and user information data to and from the relay server 100 and the mobile terminal 400. For example, the communication unit 210 receives an account information request from the mobile terminal 400 and transmits the account information request and user information to the relay server 100. Further, the communication unit 210 receives the token and the user account information from the relay server 100, and transmits the user account information to the portable terminal 400 when the token authentication is successful. Further, the communication unit 210 receives a token update request from the relay server 100, and transmits the updated token to the relay server 100 as a response.

  The control unit 220 includes a token control unit 221 and a data control unit 222.

  The token control unit 221 updates the token after the communication unit 210 receives a token update request from the relay server 100. Further, the token control unit 221 stores the updated token in the token storage unit 231, and causes the communication unit 210 to transmit a response including the updated token to the relay server 100.

  The data control unit 222 causes the communication unit 210 to transmit the account information request and the user information to the relay server 100 after the communication unit 210 receives the account information request from the mobile terminal 400. Further, when the communication unit 210 receives the token and account information from the relay server 100, the data control unit 222 authenticates the token based on the token stored in the token storage unit 231. If the token authentication is successful, the data control unit 222 causes the communication unit 210 to transmit account information to the portable terminal 400. If the token authentication fails, the data control unit 222 causes the communication unit 210 to transmit an authentication failure notification to the relay server 100.

  The storage unit 230 includes a token storage unit 231 and a user information storage unit 232.

  The token storage unit 231 stores a token for performing authentication when the relay server 100 accesses the interactive communication service server 200. When there is an information processing apparatus that accesses the interactive communication service server 200 other than the relay server 100 in the present embodiment, the token storage unit 231 also stores a token for authenticating the information processing apparatus.

  The user information storage unit 232 stores user information for designating a target user for acquiring account information. The communication unit 210 transmits the user information together with the account information request to the relay server 100, thereby specifying the user who needs the account information.

(Bank server configuration)
FIG. 7 is an explanatory diagram showing the configuration of the bank server 300 according to the present embodiment. As illustrated in FIG. 7, the bank server 300 includes a communication unit 310, a control unit 320, a user information storage unit 330, and an input unit 340.

  The communication unit 310 is an interface for the relay server 100 and transmits / receives login information, account information, and the like to / from the relay server 100. Specifically, the communication unit 310 receives login information and an account information request from the relay server 100, and when login authentication is successful, the communication unit 310 sends the account information acquired by the control unit 320 to the relay server 100. Send.

  The control unit 320 performs login authentication based on the login information received from the relay server 100 by the communication unit 310. Specifically, when the communication unit 310 receives login information such as a store number of a financial institution, an account item, an account number, and a login password from the relay server 100, the control unit 320 stores the user information storage unit 330. Authentication is performed by comparing the information with the login information. The control unit 320 causes the communication unit 310 to transmit an authentication failure notification to the relay server 100 when the authentication fails. On the other hand, when the authentication is successful, the control unit 320 causes the communication unit 310 to transmit the account information acquired from the user information storage unit 330 to the relay server 100. In addition, when the message information for the user is input from the input unit 340, the control unit 320 causes the communication unit 310 to transmit the message to the relay server 100.

  The input unit 340 is an interface for inputting a message that the financial institution of the bank server 300 wants to transmit to the user of the mobile terminal 400 or the like. Specifically, the financial institution can specify the content and destination of a message using a GUI (Graphical User Interface). In addition to the message, the financial institution can designate an object that can be handled on the interactive communication service such as an image, a moving image, or a stamp.

(Configuration of mobile device)
FIG. 8 is an explanatory diagram showing the configuration of the mobile terminal 400 according to the present embodiment. As illustrated in FIG. 8, the mobile terminal 400 includes a communication unit 410, an interactive communication service application 420, an operation unit 430, and a display unit 440.

  The operation unit 430 detects an operation by the user of the mobile terminal 400. For example, the user can input a stamp or the like for requesting account information by operating the operation unit 430. Specific examples of the operation unit 430 include a touch panel, a touch pad, a keyboard, a mouse, or a button.

  The display unit 440 displays various screens when the interactive communication service application 420 controls the display unit 440. For example, the display unit 440 according to the present embodiment displays an interactive screen for the interactive communication service. The display unit 440 may be any device that can display an object, such as a liquid crystal display or an OLED (Organic Light Emitting Diode).

  The communication unit 410 is an interface for the interactive communication service server 200, and exchanges data such as account information with the interactive communication service server 200. For example, the communication unit 410 transmits an account information request to the interactive communication service server 200 when a stamp or the like for requesting account information is input by operating the operation unit 430. Further, the communication unit 410 receives account information from the interactive communication service server 200.

  The interactive application 420 causes the communication unit 410 to transmit an account information request to the interactive communication service server 200 when a stamp or the like for requesting account information is input by operating the operation unit 430. Further, the interactive application 420 displays the account information on the display unit 440 when the communication unit 410 receives the account information from the interactive communication service server 200.

<3. Operation of information processing system>
The configuration of the information processing system according to this embodiment has been described above. Next, the operation of the information processing system when using the service will be described with reference to FIGS.

(First operation of information processing system)
9 and 10 are explanatory diagrams illustrating a first operation of the information processing system. Specifically, FIGS. 9 and 10 show the operation of the aforementioned account information inquiry service. As shown in FIGS. 9 and 10, when the interactive communication service application 420 of the mobile terminal 400 is activated (S 101) and an operation for requesting account information is performed by the user on the interactive screen, the communication unit 410 of the mobile terminal 400. Transmits an account information request to the interactive communication service server 200 (S102).

  When the communication unit 210 receives an account information request from the mobile terminal 400, the data control unit 222 of the interactive communication service server 200 acquires user information for identifying the user of the mobile terminal 400 from the user information storage unit 232, The communication unit 210 transmits the user information and account information request to the relay server 100 (S103).

  Subsequently, when the communication unit 110 receives the user information and account information request, the data control unit 122 of the relay server 100 provides login information for logging in to the bank server 300 from the user information storage unit 132 based on the user information. get. Then, the data control unit 122 causes the communication unit 110 to transmit the login information and the account information request to the bank server 300 (S104).

  When the communication unit 310 receives the login information and the account information request, the control unit 320 of the bank server 300 determines the user based on the user information stored in the user information storage unit 330 and the login information received by the communication unit 310. Authentication is performed (S105). When the user authentication fails (S105 / NO), the control unit 320 causes the communication unit 310 to transmit an authentication failure notification to the relay server 100 (S106).

  When the communication unit 110 of the relay server 100 receives the authentication failure notification from the bank server 300, the data control unit 122 of the relay server 100 generates an authentication failure message (S107). Further, the data control unit 122 acquires a valid token from the token storage unit 131, and causes the communication unit 110 to transmit a token and an authentication failure message to the interactive communication service server 200 (S108).

  Subsequently, when the communication unit 210 of the interactive communication service server 200 receives the token and the authentication failure message from the relay server 100, the data control unit 222 uses the communication unit 210 based on the token stored in the token storage unit 231. Authenticate the token received by. When the authentication fails (S109 / NO), the communication unit 210 transmits an authentication failure notification to the relay server 100 (S110). When the authentication is successful (S109 / YES), the communication unit 210 relays the authentication failure message received from the relay server 100 to the mobile terminal 400 (S111).

  When the communication unit 410 of the portable terminal 400 receives the authentication failure message, the display unit 440 displays the authentication failure message (S112).

  On the other hand, when the authentication by the bank server 300 is successful in S105 (S105 / YES), the control unit 320 of the bank server 300 acquires the user's account information from the user information storage unit 330, and stores the account information in the communication unit 310. It is transmitted to the relay server 100 (S113). Thereafter, the control unit 320 performs logout processing (S114).

  Thereafter, when the communication unit 110 receives account information from the bank server 300, the data control unit 122 of the relay server 100 generates an account information message (S115). Further, the data control unit 122 acquires a valid token from the token storage unit 131, and causes the communication unit 110 to transmit the token and the account information message to the interactive communication service server 200 (S116).

  When the communication unit 210 receives the token and the account information message from the relay server 100, the data control unit 222 of the interactive communication service server 200 authenticates the token based on the token stored in the token storage unit 231. When the authentication fails (S117 / NO), the communication unit 210 transmits an authentication failure notification to the relay server 100 (S118). When the authentication is successful (S117 / YES), the communication unit 210 relays the account information message received from the relay server 100 to the portable terminal 400 (S119).

  When the communication unit 410 of the portable terminal 400 receives the account information message, the display unit 440 displays the account information message (S120).

(Second operation of information processing system)
FIG. 11 is an explanatory diagram illustrating a second operation of the information processing system. Specifically, FIG. 11 is a diagram illustrating an operation in which the financial institution of the bank server 300 transmits a message to the user of the mobile terminal 400. As described above, the object to be transmitted may be other than a message. Specifically, the object to be transmitted may be an object that can be handled on an interactive communication service such as an image, a moving image, or a stamp. Here, a case where a message is transmitted will be described as an example.

  The financial institution of the bank server 300 inputs a message to be transmitted to the user of the mobile terminal 400 from the input unit 340 of the bank server 300 (S201). At this time, the financial institution may be able to input destination information for designating the user to whom the message is to be sent, together with the message, to the input unit 340. Thereafter, the control unit 320 of the bank server 300 causes the communication unit 310 to transmit a message to the relay server 100 (S202).

  When the communication unit 110 receives a message from the bank server 300 (S203), the data control unit 122 of the relay server 100 acquires a valid token from the token storage unit 131, and sends the token and message to the communication unit 110 as an interactive communication service. It is transmitted to the server 200 (S204).

  When the communication unit 210 of the interactive communication service server 200 receives a token and a message from the relay server 100 (S205), the data control unit 222 relays the communication unit 210 based on the token stored in the token storage unit 231. The token received from the server 100 is authenticated. When the authentication fails (S206 / NO), the communication unit 210 transmits an authentication failure notification to the relay server 100 (S207). When the authentication is successful (S206 / YES), the communication unit 210 relays the message received from the relay server 100 to the portable terminal 400 (S208).

  When the communication unit 410 of the portable terminal 400 receives the message (S209), the display unit 440 displays the message (S210).

<4. First Processing Example>
Here, with reference to FIG. 12, the operation when the token update fails in the relay server of the comparative example will be described. FIG. 12 is an explanatory diagram of the operation when the token update fails when the token storage unit of the relay server of the comparative example stores one token. As shown in FIG. 12, it is assumed that the token storage unit of the relay server of the comparative example stores only one token (token A), and the validity period of the token A is 4 weeks. In this case, a token A update request is made by four weeks after the last update date. Specifically, the communication unit of the relay server of the comparative example transmits a request for updating the token A to the interactive communication service server 200.

  If the token A renewal request does not reach the interactive communication service server 200 due to a network failure or the like, the token renewal is not completed, and the interactive communication from the relay server of the comparative example is performed until recovery is performed. Data transmission to the service server 200 becomes impossible. A similar event also occurs when a response including the token A updated by the interactive communication service server 200 does not reach the relay server of the comparative example due to a network failure or the like.

  On the other hand, in the present embodiment, as shown in FIG. 4 described above, the token storage unit 131 according to the present embodiment stores a plurality of tokens. The token storage unit 131 stores a plurality of valid tokens. Thus, when the token update fails, the relay server 100 uses another valid token for data transmission to the interactive communication service server 200, so that the above problem is solved.

  Next, the operation at the time of token update according to the present embodiment will be described with reference to FIG. As shown in FIG. 13, the token control unit 121 of the relay server 100 makes a token update request (S301). Specifically, the token control unit 121 searches for tokens to be updated from the tokens stored in the token storage unit 131, and when the token to be updated exists, the token control unit 121 The communication unit 110 transmits a request for token update request to the interactive communication service server 200.

  As a method of searching for a token to be updated, for example, a method of searching for a token having the longest elapsed time since the token became valid, a method of searching for a token having the shortest time until the token expires, A method for searching for tokens whose elapsed time since activation exceeded a predetermined threshold, a method for searching for tokens whose time until the token expires below the predetermined threshold, and a token whose status is invalid A search method or a search method based on an operation of a token administrator may be used. Alternatively, the method of searching for the token to be updated may be a method of searching simply according to the order of tokens stored in the token storage unit 131. By appropriately selecting or combining the above search methods, it is possible to update a token suitable for the information processing system.

  Also, as a method for performing a token update request, for example, based on a method performed by batch processing for periodically executing an update request application constructed using a predetermined API or the like, or an operation of a token administrator And the like. When a token update request is made by batch processing, the token control unit 121 makes a token update request at regular intervals. For example, the token control unit 121 executes the application for update request at intervals such as once a day, once a week, or once a month. Thereby, the burden of the token update work can be reduced. Further, by appropriately selecting the above interval according to the number of tokens stored in the token storage unit 131 and the intention of the token administrator, it is possible to update the tokens suitable for the information processing system.

  When the token update request is made based on the operation of the token administrator, the token administrator directly executes the execution file of the application for update request. As a result, the token manager can make a token update request as necessary. Alternatively, as described in “7. Third processing example”, the administrator of the token may execute an update request using a management screen provided by the display control unit 140. As a result, the token manager does not need to directly execute the execution file of the application for update request, and therefore can easily request the token update without any erroneous operation.

  When the communication unit 210 receives a token update request, the token control unit 221 of the interactive communication service server 200 performs a token update process (S302). Specifically, the token control unit 221 uses a token update function to change the token character string to a new one. The token control unit 221 stores the updated token in the token storage unit 231 and causes the communication unit 220 to transmit a response including the updated token to the relay server 100 (S303).

  When the communication unit 110 of the relay server 100 receives a response including the updated token (S304), the token control unit 121 stores the updated token in the token storage unit 131.

  After the communication unit 110 of the relay server 100 transmits a request for token update, even if the unit time elapses, the communication unit 110 does not receive a response including the updated token, or the communication unit 110 updates the token. If the failure notification is received (S305 / YES), the data control unit 122 of the relay server 100 transmits data to the interactive communication service server 200 using a valid token other than the token for which the update request has been made. (S306). As a result, even if the token update fails, the data control unit 122 can transmit data to the interactive communication service server 200.

  For example, as shown in FIG. 5, even if the update of the token A fails in the fifth week, since the other tokens B to D are valid, the data control unit 122 of the relay server 100 causes the token B to Data transmission to the interactive communication service server 200 can be performed by using any one of D.

  Further, after the communication unit 110 of the relay server 100 transmits a request for updating the token, the data control unit 122 of the relay server 100 does not use the token for which the update request has been made for a predetermined period of time. Data may be transmitted to the interactive communication service server 200 using a valid token other than the token that has been used. Thereby, the data control unit 122 can perform data transmission to the interactive communication service server 200 regardless of the success or failure of the token update.

  As a method of selecting a token to be used for data transmission from a plurality of tokens stored in the storage unit 131, for example, a method of selecting a token having the shortest elapsed time after the token becomes valid, or For example, a method of selecting a token having the longest time until the token expires. These methods can reduce the possibility that the data transmission is affected by the success or failure of the token update. Alternatively, a method may be used in which the token storage unit 131 searches for a token having a valid state and selects a hit token.

<5. Summary>
As described above, according to the embodiment of the present invention, the relay server 100 can continuously transmit data to the interactive communication service server 200 even when the token update fails. Therefore, according to the present invention, it is possible to improve the stability of data transmission to an external system.

<6. Second processing example>
So far, the operation when the token update has failed has been described. In the following, with reference to FIGS. 9 and 10, an operation when the token authentication fails when the relay server 100 transmits data to the interactive communication service server 200 will be described.

  When token authentication fails when the relay server 100 transmits data to the interactive communication service server 200 (S109 / NO or S117 / NO), the communication unit 210 of the interactive communication service server 200 relays the authentication failure notification. It transmits to the server 100 (S110 or S118). In this case, when the data control unit 122 of the relay server 100 transmits data to the interactive communication service server 200 after the communication unit 110 receives the authentication failure notification, the data control unit 122 receives a valid token other than the authentication failed token. Use. This makes it possible to avoid the problem that the token authentication fails again by using the same token for the data transmission in the data transmission after the token authentication failure for the data transmission.

  In addition, when the token authentication fails, the data control unit 122 may change the state of the token stored in the token storage unit 131 to invalid. For example, the data control unit 122 stores the token storage unit 131 when the total number of token authentication failures exceeds a predetermined threshold or when the token authentication fails a plurality of times within a predetermined time. The token state may be changed to invalid. Thereby, it is possible to reduce the possibility that data transmission after the communication unit 110 receives the authentication failure notification will fail.

  Further, when the communication unit 110 receives the authentication failure notification, the data control unit 122 of the relay server 100 may retry the failed data transmission using a valid token other than the token that has failed in the authentication. Specifically, the data control unit 122 uses a valid token other than the failed token immediately after the communication unit 110 receives the authentication failure notification or after a predetermined time has elapsed, The same data transmission as the failed data transmission may be performed a predetermined number of times. As a result, if the token authentication fails due to a network failure, the data transmission may be retried after the network failure is improved, so that the data transmission may be successful. Further, when retrying data transmission, a special token having an expiration date set to indefinite may be used. Thus, if the token authentication fails due to the expiration of the token, the data transmission is retried and the data transmission succeeds.

  The retry process as described above can also be applied when the token update fails. Specifically, in FIG. 13, after the communication unit 110 of the relay server 100 transmits a token update request request, the communication unit 110 does not receive a response including an updated token even after a unit time has elapsed. Alternatively, when the communication unit 110 receives a token update failure notification (S305 / YES), the token control unit 121 retries a token update request (S301) immediately or after a predetermined time has elapsed. As a result, if the token update fails due to a network failure, the token update request (S301) may be retried after the network failure is improved, so that the token update may be successful.

<7. Third processing example>
In the following, an operation for performing a token update request, new registration, and deletion using the management screen provided by the display control unit 140 of the relay server 100 will be described with reference to FIGS. The token administrator appearing below refers to a user who operates the management screen.

  As shown in FIG. 14, the display control unit 140 of the relay server 100 displays a management menu screen (D101). The management menu screen (D101) includes a token management button (B101). Furthermore, the management menu screen (D101) may include a stamp ID addition / deletion button (B102), a user data extraction button (B103), a service individual stop button (B104), and the like. When the stamp ID addition / deletion button (B102) is pressed, the display screen changes to a screen for registering and deleting a stamp used on the interactive communication service. When the user data extraction button (B103) is pressed, the display screen is changed to a screen where user data of the account information inquiry service can be searched and output as a CSV file or the like. When the individual service stop button (B104) is pressed, the display screen changes to a screen that can stop the account information inquiry service in units of users.

  When the token management button (B101) is pressed on the management menu screen (D101), the display screen is changed to the token management screen (D102). On the token management screen (D102), various types of token information stored in the token storage unit 131 are displayed as a list. The various types of token information include, for example, a token ID, a token state, an expiration date, and the like. The token manager can easily confirm the contents of the token stored in the token storage unit 131 without directly checking the token storage unit 131 on the token management screen (D102). As a result, the risk that the token administrator makes an erroneous operation on the token storage unit is reduced.

  FIG. 14 is a screen transition diagram when a token update request is made on the token management screen in the present embodiment. The token administrator can make a token update request from the token management screen (D102). Specifically, the token administrator presses an update button (B201) displayed for a valid token, thereby moving to a confirmation screen (D201) and pressing an update button (B202). This allows the token control unit 121 to perform token update request processing. On the other hand, since it is not possible to access the interactive communication service server 200 using an invalid token, the invalid token cannot be updated. Therefore, the invalid token update button (B201) is hidden or inactive. In addition, the token update button (B201) in the updating state is also hidden or deactivated so that the token update request is not duplicated. Since the content of the token update request process is the same as that described in “4. First processing example”, the description of the token update request process is omitted. When the token update is completed, the display screen changes to an update completion screen (D202). Thereby, the token manager can easily update the token without directly operating the token storage unit 131. Therefore, the risk that the token administrator performs an erroneous operation on the token storage unit is reduced.

  FIG. 15 is a screen transition diagram when a new token is registered on the token management screen in the present embodiment. The token administrator can newly register a token from the token management screen (D102). Specifically, when the token administrator presses a new registration button (B301) displayed on the token management screen (D102), the display screen changes to the input screen (D301). Next, when the token administrator inputs a token to be newly registered in the text box on the input screen (D301) and presses the registration button (B302), the display screen changes to a confirmation screen (D302). Furthermore, when the token administrator presses the registration button (B303) on the confirmation screen (D302), the display screen finally changes to a new registration completion screen (D303), and the new registration is completed. As a result, the token administrator can easily register a new token without directly operating the token storage unit 131. Therefore, the risk that the token administrator performs an erroneous operation on the token storage unit is reduced.

  If the token update fails, the token status becomes invalid, and the token cannot be used during data transmission. That is, every time a token update fails, the number of tokens that can be used during data transmission decreases. Here, as described above, the token administrator can newly supply a valid token by newly registering a token from the token management screen (D102). For example, as shown in FIG. 5, because the token D failed to be updated in the second week, the token D can no longer be used during data transmission. However, in the fourth week, the token administrator uses the token management screen (D102). By newly registering the token, the token D is returned to the usable state.

  FIG. 16 is a screen transition diagram when deleting a token on the token management screen in the present embodiment. The token administrator can delete the token from the token management screen (D102). Specifically, when the token administrator presses the delete button (B401) displayed on the token management screen (D102), the display screen changes to the token deletion screen (D401). Further, when the token administrator presses the delete button (B402), the display screen is changed to the delete completion screen (D402), and the deletion is completed. Thereby, the token administrator can easily delete the token without directly operating the token storage unit 131. Therefore, the risk that the token administrator performs an erroneous operation on the token storage unit is reduced.

<8. Hardware configuration>
The information processing system according to the embodiment of the present invention has been described above. Information processing such as provision of an account information inquiry service in the information processing system described above is realized by cooperation of software and hardware of the relay server 100 described below.

  FIG. 17 is a block diagram illustrating a hardware configuration of an information processing apparatus 900 that can implement the relay server 100. The information processing apparatus 900 includes a CPU (Central Processing Unit) 901, a ROM (Read Only Memory) 902, a RAM (Random Access Memory) 903, and a host bus 904. The information processing apparatus 900 includes a bridge 905, an external bus 906, an interface 907, an input device 908, a display device 909, an audio output device 910, a storage device 911, a drive 912, and a network interface 915. Is provided.

  The CPU 901 functions as an arithmetic processing device and a control device, and controls the overall operation in the information processing device 900 according to various programs. Further, the CPU 901 may be a microprocessor. The ROM 902 stores programs used by the CPU 901, calculation parameters, and the like. The RAM 903 temporarily stores programs used in the execution of the CPU 901, parameters that change as appropriate during the execution, and the like. These are connected to each other by a host bus 904 including a CPU bus.

  The host bus 904 is connected to an external bus 906 such as a PCI (Peripheral Component Interconnect / Interface) bus via a bridge 905. Note that the host bus 904, the bridge 905, and the external bus 906 are not necessarily configured separately, and these functions may be mounted on one bus.

  The input device 908 includes input means for inputting information such as a mouse, keyboard, touch panel, button, microphone, switch, and lever, and an input control circuit that generates an input signal based on the input by the user and outputs the input signal to the CPU 901. Etc. A user who operates the information processing apparatus 900 can input various data and instruct a processing operation to the information processing apparatus 900 by operating the input device 908.

  The display device 909 includes display devices such as a CRT (Cathode Ray Tube) display device, a liquid crystal display (LCD) device, an OLED (Organic Light Emitting Diode) device, and a lamp. Audio output device 910 includes audio output devices such as speakers and headphones.

  The storage device 911 is a data storage device configured as an example of a storage unit of the relay server 100 according to the present embodiment. The storage device 911 may include a storage medium, a recording device that records data on the storage medium, a reading device that reads data from the storage medium, a deletion device that deletes data recorded on the storage medium, and the like. The storage device 911 is configured by, for example, an HDD (Hard Disk Drive). The storage device 911 drives a hard disk and stores programs executed by the CPU 901 and various data.

  The drive 912 is a storage medium reader / writer, and is built in or externally attached to the information processing apparatus 900. The drive 912 reads information recorded on a removable storage medium 916 such as a mounted magnetic disk, optical disk, magneto-optical disk, or semiconductor memory, and outputs the information to the RAM 903. The drive 912 can also write information into the removable storage medium 916.

  The network interface 915 is a communication interface configured with, for example, a communication device for connecting to the network 500. The network interface 915 may be a wireless LAN (Local Area Network) compatible communication device or a wire communication device that performs wired communication.

  Note that the hardware configuration of the information processing apparatus 900 that can implement the relay server 100 has been described above with reference to FIG. 17, but the hardware of the mobile terminal 400, the bank server 300, and the interactive communication service server 200 is also a relay server. Since it can be configured substantially the same as 100, description thereof will be omitted.

<9. Conclusion>
As described above, according to the embodiment of the present invention, the relay server 100 can continuously transmit data to the interactive communication service server 200 even when the token update fails. Therefore, according to the present invention, it is possible to improve the stability of data transmission to an external system.

  Although the preferred embodiments of the present invention have been described in detail with reference to the accompanying drawings, the present invention is not limited to such examples. It is obvious that a person having ordinary knowledge in the technical field to which the present invention belongs can come up with various changes or modifications within the scope of the technical idea described in the claims. Of course, it is understood that these also belong to the technical scope of the present invention.

  For example, each step in the processing of the information processing system of the present specification does not necessarily have to be processed in time series in the order described as a sequence diagram. For example, each step in the processing of the information processing system may be processed in an order different from the order described as the sequence diagram or may be processed in parallel.

  Further, it is possible to create a computer program for causing hardware such as the CPU 901, ROM 902, and RAM 903 built in the information processing apparatus 900 to perform the same functions as the components of the relay server 100 described above.

DESCRIPTION OF SYMBOLS 100 Relay server 110 Communication part 120 Control part 121 Token control part 122 Data control part 130 Storage part 131 Token storage part 132 User information storage part 140 Display control part 200 Interactive communication service server 300 Bank server 400 Portable terminal

Claims (7)

A storage unit for storing a plurality of tokens together with their valid states;
A communication unit for transmitting / receiving the token or data to / from an external system;
A request to update the token to the external system and a control unit that controls transmission / reception of the data using the token,
The control unit stores a plurality of valid tokens in advance in the storage unit, and when the token update based on the request fails, the control unit uses the valid token different from the updated token. An information processing apparatus that controls a communication unit to transmit the data to an external system.   The information processing apparatus according to claim 1, wherein the control unit performs the request so that each update time of the token is different.   The information processing apparatus according to claim 1, wherein the control unit requests to update the token based on an elapsed time after each token becomes valid or a time until each token expires.   The information processing apparatus according to claim 1, wherein the control unit controls a request for updating a token at regular intervals.   5. The information processing according to claim 1, wherein when the token update or the data transmission fails, the control unit retries the token update request or the data transmission. 6. apparatus.   6. The display control unit according to claim 1, further comprising: a display control unit that displays a status of update of the token stored in the storage unit and controls a request for update of the token, a new addition of the token, or a deletion of the token. The information processing apparatus according to any one of claims. The ability to store multiple tokens;
A function of transmitting / receiving the token or data to / from an external system;
A function to control the token update request to the external system and the transmission and reception of the data;
A function of transmitting the data to the external system using a valid token when the update of the token based on the request fails;
A program to make a computer realize.

Images