The present invention relates to a service executing method and a service providing system wherein devices in a group carry out services in coordination with one another, and in particular to a secure service executing method and service providing system in a ubiquitous information system wherein devices coordinate directly with one another.
In information services employing Internet technology, users can enjoy services using standard software. A plurality of devices can be made to coordinate with one another with comparative ease even if the devices belong to different systems. With recent development of radio communication technology and small computer technology, the realization of ubiquitous networks has become more likely. In these networks, an IC chip with radio communication or information processing functions is embedded in every device, including home electric appliances, and many of the devices coordinate with one another. Meanwhile, further developments in security technology are expected wherein access to information is controlled instead of allowing uncontrolled access to everything.
Various service providing systems wherein information to be sent or received is dynamically sorted out according to the users' authority and to prevent multiple reception of the same data due to erroneous operation have been proposed. One such systems is disclosed in Japanese Laid Open Patent Publication No. 2002-157223. This system has a request data creating portion which creates requests with user attributes and authenticators added thereto; a basic authenticating portion which authenticates users based on user attributes and authenticators; a policy-managing portion which specifies attributes of data allowed to be accessed; a data storing portion which takes out required data according to requests; and a data-converting portion which reconstructs data according to the data attributes specified by the policy-managing portion and provides users with the data.
In this related art, an intermediate server is placed between the user's terminal and the devices to be used. Access to the devices to be used is permitted only through the intermediate server, and security is ensured by processing within the intermediate server. However, there is a possibility that the user terminal could directly access the devices to be used in a ubiquitous information system wherein all the devices communicate directly with one another. Thus, there is a limit to the application of an access control mechanism to such a system.