In recent years, it has become common to store personal data such as telephone directories, schedules, and history information on exchanged mail in mobile terminals including cellular phones and personal digital assistants (PDA).
Further, it has become widespread to store and use business-related data, high-priced information and contents such as music and moving images.
In addition, as mobile terminals have recently become more sophisticated in functionality, it has become possible to share data with other mobile terminals, personal computers, and digital appliances through the use of a large-capacity portable memory device such as an SD card, a wired/wireless closed network (LAN), a communication function such as wireless proximity communication (Bluetooth (registered trademark)) and infrared communication.
In such a usage scene, it is required that the use of shared personal data, business data, contents, and the like is limited only to a specific user group or device group having the use authority, based on the protection of privacy, compliance with copyright laws, non-disclosure agreements, or information management rules. Examples of such a use management system are disclosed in PTL 1 to PTL 5.
PTL 1 discloses a system for sharing data in a certain user group in response to an access request from one member for data such as a schedule of another member stored in a mobile terminal.
In PTL 1, there is disclosed a method in which, if the mobile terminal of the member that has received the access request does not respond to the request due to power-off or the like, another mobile terminal which already shares the data responds to the access request as a proxy of the mobile terminal that has received the access request.
PTL 2 discloses a method of disclosing secret data when one user (requesting user) makes an access request for data of another user (requested user).
In PTL 2, there is disclosed a use management method for sending the data of the requested user only if the requesting user and the requested user belong to the same group described in attribute certificates which are given beforehand to them and referred to in response to the access request.
In PTL 3, one mobile terminal or other portable device possessed by one user is once authenticated by a digital device connected to a home network by wired or wireless connection, and the authentication time and the ID of the digital device are collected and stored by a home server.
PTL 3 discloses a system in which only the digital device having the ID registered within a specified time can share and reproduce the same entertainment contents stored in the home server.
PTL 4 discloses a network access method such that, in a wired or wireless network, a physical position of an access switch (base station) used for network connection is registered beforehand in a central server, and when the mobile terminal is connected to the access switch, authentication is performed on the basis of the two factors which are the ID of a mobile terminal and the physical position of the access switch.
PTL 5 discloses a method of sharing personal data such as a schedule and a telephone directory stored in a central server with another user through a mobile terminal.
In this invention, a sharable part (e.g., only a telephone number and a name in a telephone directory) in personal data is defined as a rule beforehand between a user (requesting user) who makes a share access request and another user (requested user) who receives the request. Further, a mail address one-to-one corresponding to the rule is defined.
At the time of making an access request for the personal data of the requested user through a mobile terminal, the requesting user transmits the access request along with a requesting user ID to a mail address corresponding to a desired disclosure scope. The central server which has received the access request refers to the rule. Only if the requested personal data falls within the scope of the defined sharable personal data, the central server sends the personal data of the scope to the requesting user.