JP2000138667A - Method and system for controlling circulation data reference order - Google Patents

Abstract

PROBLEM TO BE SOLVED: To reference circulation data in the order in response to the reference order of data users without making processing by a circulation data server complicated. SOLUTION: A circulation data server side device 101 generates cryptographic keys whose number is the same number as a reference right order number set to a circulation data set consisting of plurality of partial data, transfers the data to the device of a circulation data user, which adds an encrypted partial data set resulting from encrypting all partial data that are referenced by users with next and succeeding ranking reference right by cryptographic key corresponding to the reference right order to specific partial data corresponding to one reference right order, and conducts the processing encrypting a data set consisting of the specific partial data and the encrypted partial data set by using the cryptographic key corresponding to the reference right order for the same number of times as the reference right order number, a user side device 102 acquires the encrypted circulation data set in response to a request from the user, demodulates the corresponding partial data by using the cryptographic key corresponding to the reference right order of the user and provides an output of the decoded data in a form that can be referenced by the data users.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method and a system for controlling a reference order of circulation data in a system in which a circulation data user refers to a circulation data set provided by the circulation data provider. Control of the circulation data reference order that allows a specific partial data of the reference authority rank required by the user to be referenced on condition that all users having a higher reference authority rank than the user have referred to the partial data Methods and systems are provided.

[0002]

2. Description of the Related Art In a system in which data is provided from a provider to a data user and sequentially referred to, the data is divided into a plurality of partial data at the request of the data provider, and the data user refers to the data. Depending on the stage at which the process is performed, there may be a case where it is desired to limit what can be referred to among a plurality of partial data. For example, there is a case where a data user is allowed to refer to only a specific part of all data up to a certain point in the contract, and is allowed to refer to all data after that point. In addition, when a certain paid data is freely distributed, when the range of data to be referred to differs for each data user, or when it is desired to refer to a more detailed range of data after referring to a certain range, use it. There is a case where an additional charge is made in order to make the data to be made more detailed, but it is desired to prevent the use of the more detailed data with this additional charge. Alternatively, the first data user who is first provided with the data is allowed to refer to only a specific part of the entire data, and the entire data is relayed to the next second data user.
In some cases, the second data user is allowed to refer to all data.

Conventionally, there is the following technique for realizing such a thing. (1) Instead of providing all data to the data user in one procedure, partial data that can be referred to is sequentially provided according to the request of the data user. (2) Data is divided into a plurality of partial data, each of which is encrypted with a different encryption key and provided to a data user. Thereafter, in accordance with the request of the data user, the decryption key of the partial data which can be referred to is sequentially provided.

[0004]

However, these methods have the following problems. (1) At the stage of providing a partial data from a data provider to a data user, a condition that the data user has already referred to another partial data is required as a condition that the partial data can be referred to. In this case, it is necessary for the data provider to manage whether or not the data user satisfies this condition, and then determine whether to provide the target partial data. For this purpose, information such as whether or not each partial data has been provided to the data user in the past or whether or not the data user has performed the reference processing of each partial data is obtained or obtained for all the data users and all the partial data. Need to be retained and managed. As a result, processing on the data provider side becomes very complicated.

(2) In particular, when a plurality of data users are allowed to refer to different partial data, a certain data user (first data user) refers to the relevant partial data and then uses another data user. (Second data user)
In response to the request that it becomes possible to refer to the corresponding partial data, the data provider confirms that the first data user has referred to the corresponding partial data, Provision of partial data or provision of a corresponding decryption key must be performed for the data user, and the processing on the data provider side becomes very complicated.

SUMMARY OF THE INVENTION It is an object of the present invention to specify a specific partial data of the reference authority order requested by a user of the circulation data without complicating the processing on the data provider side, and to set the reference authority order higher than the user. It is an object of the present invention to provide a control method and a system of a circulation data reference order that enables a user to refer to the condition on the condition that all users have already referred to it.

[0007]

In order to achieve the above object, the present invention basically provides a specific partial data of a reference authority order requested by a user of circular data, which is higher than the user. Reference authority rank set for a circulation data set composed of a plurality of partial data in the circulation data provider side device so that all users having the reference authority rank can refer to it on condition that they have been referenced. Generating or setting the same number of encryption keys as the number and transferring the same to the circulation data user side device, and referring to a specific partial data corresponding to one reference authority order by a user with reference authority of the next order or higher Add an encrypted partial data set in which all the partial data to be encrypted with the encryption key corresponding to the reference authority order,
A process of encrypting a data set composed of the specific partial data and the encrypted partial data set with an encryption key corresponding to the reference authority rank is performed the same number of times as the number of reference authority ranks, and the entire data set is encrypted. Storing the encrypted circulation data set in the storage device; and obtaining the circulation data set stored in the storage device in response to a request from the circulation data user in the circulation data user side device. Decrypts the corresponding partial data with the encryption key corresponding to the user's reference authority order, outputs the data in a format that can be referred to by the data user, and, if the decrypted partial data contains encrypted partial data, Restoring the encrypted partial data in the storage device.

According to the above means, in a circulation system in which data is relayed between a plurality of data users and reference to partial data is sequentially permitted, the first data user having the highest reference authority rank Only after the decoding and reference processing of the corresponding reference partial data is executed, the decoding and reference processing of the corresponding reference partial data can be performed by the second user in the next order. In other words, among the circulation data provided by the circulation data provider, if the data user wants to refer to the circulation data to a certain user, all users having the reference authority rank higher than their own reference authority rank It is a condition that the user refers to the circulation data to be referred, and only when this condition is satisfied, can he / she refer to the circulation data for which he / she has the reference authority, and refer to the circulation data in the order of the reference authority. Can be guaranteed.

Accordingly, the provision of the corresponding decryption key from the circulation data provider to the second data user is performed by decrypting the reference partial data of the first data user having the highest reference authority. It is possible to perform the decryption / reference processing regardless of whether or not the decryption / reference processing has been performed, and the data provider can confirm the execution of the decryption / reference processing of the reference partial data of the first data user. Since it becomes unnecessary, the order of the reference processing by the first data user and the second data user can be easily confirmed.

[0010]

Embodiments of the present invention will be described below with reference to the drawings. (Embodiment 1) Data is distributed to an unspecified number of data users over a wide range by a data provider, and the range of data that can be referred to among the distributed data is narrow to wide according to the wishes of the data users. In this case, an embodiment of a data multi-stage reference system in which additional billing is performed in addition to billing contents for a narrow reference data range at this time will be described. This system, for example, as a game software distribution system, first asks the user to try only some of the functions and screen data of the game software, and if the user wants to enjoy the whole game subsequently, This is applied to the case where the use of the entire game is permitted by receiving an additional fee.

FIG. 1 is a system configuration diagram showing one embodiment of such a system. In FIG. 1, 101 is a computer system on the data provider side, 102 is a computer system on the data user side, and 103 is a computer system 101
Network for connecting and transferring data, and
Reference numeral 104 denotes a data input unit for inputting data provided from the data provider. The data input unit 104 includes a keyboard, a mouse, a microphone, a video camera, and the like. 105, an encryption key generation unit; 106, an encryption processing unit that encrypts data using the encryption key generated by the encryption key generation unit 105; 107, an encryption processing unit 1
A data delivery unit that performs a process of transferring the data encrypted at 06 to the computer system 102 on the user side via the network 103. An auxiliary storage device 108 stores the key group generated by the key generation unit 105. It is. 109
Is a data receiving unit that receives data transferred via the network 103, 110 is a decryption processing unit that decrypts encrypted data using an encryption key, and 111 is data that is decrypted by the decryption processing unit 110. The data output unit 11 includes, for example, a display, a speaker, and a printing device.

Reference numeral 112 denotes a key request transmission unit (encryption key acquisition means) for transmitting a key request for requesting the data provider to transfer an encryption key used for decryption of the encrypted data, via the network 103; An auxiliary storage device for storing data distributed from a provider, 1
Reference numeral 14 denotes a terminal device to which a data user inputs a command for transmitting a key request.

FIG. 2 is a configuration diagram of a table 200 for recording the range of all partial data when the entire data provided by the data provider is divided into a plurality of partial data. Storage areas 201, 20
2,203. Of these, storage area 20
1 is an area for storing an ID number assigned to each of the divided partial data, 202 is an area for storing an offset value from the leading data of all data to the leading data of the corresponding partial data, and 203 is an area for storing each partial data. Area for storing the size (data size).

FIG. 3 shows a table 300 for recording a classification when a plurality of partial data which can be referred to by different chargings are collected as a partial data group, in connection with the charging method in the present embodiment. And an area 302 for storing ID numbers of partial data included in the corresponding partial data group. In the example of FIG. 3, the relationship between the serial number and the partial data ID number when the partial data group 1 is composed of the partial data 1, 3, 6, 7 is shown.

FIG. 4 shows a table 400 for storing encryption keys used for encrypting and decrypting each partial data group, and an area 401 for storing serial numbers of the partial data groups.
And an area 402 for storing encryption key data corresponding to the serial number.

FIG. 5 shows a table 500 for storing an amount to be additionally charged to refer to each partial data group. For a partial data group indicated by a serial number 501, an additional charge is made to refer to it. Area 502 for storing amount
It has.

FIG. 6 shows a table 600 for storing the total amount of billing charged to each data user, and stores data user IDs such as bank account numbers and driver's license IDs of each data user. An area 601 is provided, and an area 602 is provided for storing, for each data user, the total amount of billing for data obtained and referenced from a data provider in the past.

FIG. 7 and FIG. 8 are flowcharts showing the flow of the processing of this embodiment. Hereinafter, the operation will be described with reference to this flowchart. First, the data provider inputs the provided data from the data input unit 104, divides the provided data into partial data according to the difference in the billing amount for reference, and indicates the range of the divided partial data in the table 20 in FIG.
It is stored in 0 (step 701). Next, the partial data that can be referred to by the same billing amount are collected into a partial data group and stored in the table 300 of FIG. 3 (step 702). The table 300 allows the data user to refer to all the corresponding partial data groups by paying a certain additional fee.

Here, the partial data are arranged in the order of serial numbers, such as partial data 1, 2, 3,..., In the order of reference. The partial data to be referred to next is grouped so as to belong to a different partial data group.

Next, the same number of encryption keys as the number of partial data groups created in this way are created by the key generation unit 105 (step 703). In this case, it is desirable that all keys are different. The encryption key group generated here is stored in the auxiliary storage device 108 (step 704). Next, a process of encrypting data to be provided to the user is performed.
First, a partial data group having the largest final billing amount and to be decrypted last is encrypted with one of the encryption keys, and the partial data group serial number storage area 401 of the table 400 in FIG.
The serial number of the encrypted partial data group is stored in the serial number storage area corresponding to the encryption key used this time (step 705).

Next, a set of data is created by linking the partial data group to be decrypted in the preceding decryption processing for decrypting the partial data group and the data encrypted in step 705. (Step 706). Step 705 encrypts the combination data created here with another encryption key,
In the serial number storage area 401 of the table 400 in FIG. 4, the serial number of the encrypted partial data group is stored in the serial number storage area corresponding to the encryption key used this time (step 707). Next, a set of data is created by concatenating the partial data group to be decrypted in the further previous decryption process and the data encrypted in step 707 (step 706). Thereafter, this is repeated until all the partial data groups of the provided data have been encrypted (step 70).
8).

For example, assuming that the provided data is divided into four partial data groups 901 to 904 as shown in FIG.
Is encrypted by the corresponding encryption key K4, and then the encrypted data 904S is added to the partial data group 903 which is referred to one step before, and these partial data group 903 and the encrypted data 904S correspond to the corresponding encryption key. It is encrypted by K3.

Next, similarly, the encrypted data 903S
Is added to the partial data group 902 referred to one step before, and these partial data group 902 and the encrypted data 903S
Are encrypted by the corresponding encryption key K2. Finally, the encrypted data 902S is added to the partial data group 901 referred to one step before, and these partial data groups 901S
And the encrypted data 902S are encrypted by the corresponding encryption key K2.

The provided data that has been encrypted in this manner is sent by the data delivery unit 107 to the network 103.
(Step 709). At this time, the contents of the tables 200 and 300 in FIGS. 2 and 3 are also transferred at the same time. As a transfer method, a method of storing the data in a sharable auxiliary storage device and arbitrarily transferring the data, or a method of receiving a transfer request in advance and individually transferring the data to each user can be considered. The encrypted provision data and the data in the tables 200 and 300 transferred to the computer system 102 on the user side are stored in the auxiliary storage device 112 on the data user side (step 710). After this point, the data user can obtain an encryption key for decrypting the partial data group in the range to be referred from the data provider in exchange for the price.

Here, after referring to the one with the small charge amount,
An example will be described in which the range of data that can be referred to the one with the larger billing amount is sequentially expanded. When it is desired to refer to a plurality of partial data groups in a certain range from the beginning, a method of acquiring a plurality of encryption keys in one process can be similarly realized.

First, in order to refer to the first partial data group, the data user inputs a key request transmission command from the terminal device 115, and the key request transmission unit 114 transmits the key request to the data provider via the network 103. Is transmitted (step 711). At this time, referring to the contents of the table 300 in FIG. 3, the ID numbers of the partial data groups desired to be referred to are transmitted at the same time. The data provider's computer system 101 that has received the key request searches the table 500 of FIG. 5 for the billing amount of the partial data group for which the key request has been received, and stores that amount in the total amount storage area of the table 600 of FIG. It is added to the current total amount of the cumulative total storage area corresponding to the data user who transmitted the key request (step 712).

Then, the data of the encryption key when the requested partial data group is encrypted is transmitted to the data user (step 713). Decryption processing unit 1 of computer system 102 on the data user side that has received the encryption key data
10 decrypts the entire encrypted data including the partial data group desired to be referenced using the transferred encryption key data (step 714). Next, since the partial data group is composed of a plurality of partial data, the data output unit 111 determines the order of the partial data belonging to different partial data groups based on the contents of the tables 200 and 300 in FIGS. Reconstruct (step 715).

Next, the data output unit 111 checks whether the reconstructed data is in a format that can be output (step 716). If the data cannot be output, the data output unit 111 attempts to execute this reference processing. The data user determines that reference to the relevant partial data is not permitted, that is, that the data user has not yet performed a formal reference process to the partial data that must be referred to before the relevant partial data, This is notified to the data user from the terminal device 114 (step 718). if,
If the data user wishes to refer to the corresponding partial data by continuing to refer to the partial data in a proper order, the corresponding valid key request is transmitted again (step 719). If the data user has no intention to redo the processing in the proper order, such as when trying to refer to the partial data that is illegal, the entire processing ends.

If it is determined in step 716 that the data is in a format that can be output, the reconstructed data is output in a form suitable for the method of using the data (step 716). Here, when an operation for referring to the next partial data group is performed on the terminal device 114, the process returns from step 720 to step 711, and the above processing is repeated. Thereby, it is possible to sequentially refer to the partial data group prepared in the data provided by the data provider in a stepwise manner to a desired range.

That is, according to the table 300 of FIG. 3, the partial data 1, 3, 6, and 7 are assigned as the partial data group to be referred first, and the partial data group to be referred to in the next stage is assigned. Since the partial data 2, 4,... Are allocated, an encryption key corresponding to the regular reference stage order is obtained, and when the provided data is decrypted with this encryption key, in the first reference stage 1, the first reference stage 1 As shown in the frame, only the partial data 1, 3, 6, and 7 are decoded and output in a format that can be referred to by the user. In the next reference step 2, the partial data 2 and 4 are further referenced in a format that can be referred to. Is output.
Then, in the next reference stage 3, the partial data 5 is output in a format that can be further referenced. By this repetition, the partial data group can be sequentially referred to in a desired range in a stepwise manner.

However, if an attempt is made to refer to the provided data with the encryption key corresponding to the next partial data group 2 without first referring to the partial data group 1, the partial data group 1 has not been decrypted yet. Data group 2 cannot be decoded. Therefore, it is necessary to illegally omit the reference process of the previous stage or to decrypt the partial data to be referenced at the current stage without receiving the encryption key corresponding to the reference process of the previous stage from the data provider. Prevention can be easily realized.

(Embodiment 2) Next, a description will be given of an embodiment of a system for operating the circulation order when circulating data among a plurality of users. For example, in such a system, in a document exchanged in a company, the section manager and the section manager precede the chief, that is, the section manager is forced to read the document in order from the person with the highest reference authority. Applies when there is a circular that needs to be done.

FIG. 11 shows a system configuration according to the present embodiment. Reference numeral 801 denotes a network for performing data transfer. 802 (A), 803 (B), 804 (C),
805 (X) and 816 (Y) are computers that perform the same processing as the computer systems 101 and 102 described in the first embodiment. Reference numeral 807 denotes an input device for inputting data to be circulated. An auxiliary storage device 808 stores a plurality of encryption keys, and is connected to the computer 806 (Y). 809
Is a shared auxiliary storage device that stores encrypted data and can be accessed by each user.

FIG. 12 shows the configuration of encrypted data circulated in the present embodiment. Reference numerals 901 to 903 denote circulation data referred to by different users, respectively.
1 is the first circulation target person, 902 is the second circulation target person, and 903 is the data referred to by the third circulation target person. 904 to 906 are data encrypted with one encryption key, 904 is data encrypted with the encryption key of the first circulation target person (for example, manager), and 905 is the second circulation target. 906 is data encrypted with the encryption key of the third person to be circulated (for example, chief). Here, the structure of the encrypted data for three persons is shown, but this can be recursively expanded for an arbitrary number of circulation target persons.

FIG. 13 is a flowchart showing the flow of the processing of this embodiment. Hereinafter, the operation will be described with reference to this flowchart. First, the provider of the circular data
A computer 806 generates encryption keys for the number of persons to be circulated,
It is stored in the auxiliary storage device 808 (step 100
1). Next, the encryption keys are transferred one by one to the computers 801 to 804 of the respective users (step 1002).

Next, the data provider creates data to be referred to each circulation target person, and inputs the data from the input device 807 to the computer 805.
(Step 1003). Here, each data may be different for each circulation target person, or may be the same. Further, data referred to by one circulation target person may be a partial data group including a plurality of partial data. A unique ID number is assigned to each data (partial data) created here, and a partial data group is registered in the same table as in FIG. 3 (step 1004).

Hereinafter, each partial data group is sequentially encrypted based on the information in this table. The encryption processing is executed by the computer 806. First, the last referenced data 9
03 is encrypted with the encryption key of the circulation target person who refers lastly (step 1005). The data encrypted by this is 906 in FIG. Next, the cipher data 906 is combined with the data referred to by the circulation target who refers to the circulation data immediately before the circulation target person (step 1006). This combination data is encrypted with the encryption key of the circulation target person who refers to the circulation data to one person (step 1007). The data encrypted by this is 905 in FIG.

The above operation is repeatedly executed until all the partial data groups are encrypted (step 1008). The order of each encryption process is performed in the reverse order of the circulation order of the circulation target person. The encrypted data after the encryption processing is stored in the auxiliary storage device 809 together with the contents of the partial data group table similar to that of FIG. 3 (step 1009).

Hereinafter, decryption and reference are executed in order by the circulation target person. First, the cipher data 904 is shared from the shared auxiliary storage device 809 via the network 801 by the circulation target person of the first reference authority order.
2 (A). The computer (A) 802 decrypts the encrypted data with the encryption key distributed to the first circulation target person (for example, manager) (step 1010). next,
According to the same partial data group table as in FIG. 3, the decrypted partial data 901 is reconstructed in the same manner as in the first embodiment (step 1011). Here, check whether the reconstructed data is in a format that can be output,
If the format cannot be output, it is determined that the circulation target person who executed the reference processing is not a circulation target person in the correct order, and the reference processing is interrupted (step 101).
2).

On the other hand, if the output format is available,
Output in a form appropriate for the data usage (Step 1
013). Here, if the decrypted data includes the encrypted data 905, that is, the data to be referenced by the next person to be circulated, only the encrypted data portion is extracted and stored in the shared auxiliary storage device 809. (Step 1015). Hereinafter, each circulation target decrypts the encrypted data with its own encryption key, thereby repeating the process of referring to the partial data group that can be referred to by itself. If the encrypted data is not included at the time of decryption, the processing is terminated.

Therefore, in a system in which the circulation data is referred to while maintaining the order system in the order of the general manager, the section manager, and the chief,
Even if the section manager tries to decrypt with the encryption key assigned to himself before the section manager, the section data cannot be decrypted because it is locked by the section manager's encryption key. This makes it possible to reliably maintain the order system for referring to the circulation data.

As described above, in the present embodiment, when data is relayed between a plurality of data users and reference to partial data is permitted in order, decoding of the corresponding reference partial data by the first data user is performed. Only after the reference processing is executed, the decoding and reference processing of the corresponding reference partial data can be performed by the second user.

Therefore, in order to provide the corresponding decryption key from the data provider to the second data user, the decryption / reference processing of the reference partial data of the first data user has been executed. Irrespective of whether or not the first data user performs decoding / reference processing of the reference partial data on the data provider side, it is not necessary to confirm the execution of the first data user. The order of the reference processing between the user and the second data user can be easily confirmed.

[0044]

As described above, according to the present invention, basically, in the circulation data set composed of a plurality of partial data provided by the circulation data provider side device, the utilization of the circulation data user side device. In order to make it possible to refer to the specified partial data of the reference authority rank requested by the user on condition that all users who have a higher reference authority rank than the relevant user have referred to it, the circulation data provider side The apparatus generates or sets the same number of encryption keys as the number of reference authority ranks set for the circulation data set composed of a plurality of partial data, transfers them to the circulation data user side apparatus, and sets them to one reference authority rank. To the corresponding specific partial data, add an encrypted partial data set in which all the partial data referenced by the user with the reference authority at the next rank and higher are encrypted with the encryption key corresponding to the reference authority rank A process of encrypting a data set composed of the specific partial data and the encrypted partial data set with an encryption key corresponding to the reference authority rank is performed the same number of times as the number of reference authority ranks, and the entire data set is encrypted. The encrypted circulation data set is stored in the storage device, and the circulation data user side device acquires the circulation data set stored in the storage device in response to a request from the circulation data user, and The corresponding partial data is decrypted by the encryption key corresponding to the reference authority order, and the decrypted partial data is output in a format that can be referred to by the data user. If the decrypted partial data includes encrypted partial data, the encrypted partial data is output. Since the data is re-stored in the storage device, when the circulation data is relayed between a plurality of circulation data users and the reference of the circulation data is permitted in order, The decryption / reference processing of the applicable circular data can be performed by the user of the reference authority of the next priority only under the condition that the decryption / reference processing of the relevant circular data is executed by the data user of the reference authority rank. . Therefore, the circulation data can be referred to in an order according to the reference authority of the circulation data user without complicating the processing on the circulation data provider side.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a first embodiment of the present invention.

FIG. 2 is a configuration diagram of a registration table of partial data.

FIG. 3 is a configuration diagram of a registration table of a partial data group.

FIG. 4 is a configuration diagram of an encryption key registration table.

FIG. 5 is a configuration diagram of a unit price table of a partial data group.

FIG. 6 is a configuration diagram of a billing amount registration table of a partial data group.

FIG. 7 is a flowchart illustrating a data reference processing procedure according to the first embodiment.

FIG. 8 is a flowchart showing a continuation of FIG. 7;

FIG. 9 is a configuration diagram illustrating an example of encrypted data used in the first embodiment.

FIG. 10 is a configuration diagram of decoded data for each reference stage according to the first embodiment.

FIG. 11 is a system configuration diagram showing a second embodiment of the present invention.

FIG. 12 is a configuration diagram of encrypted data used in the second embodiment.

FIG. 13 is a flowchart illustrating a data reference processing procedure according to the second embodiment.

[Explanation of symbols]

101, 102: Computer system, 103: Network, 104: Data input unit, 105: Key generation unit, 106
... Encryption processing unit, 107 ... Data delivery unit, 108, 11
3 ... Auxiliary storage device, 109 ... Data receiving unit, 110 ... Decryption processing unit, 111 ... Data output unit, 112 ... Key request transmitting unit, 114 ... Terminal device.

Claims (4)

[Claims] 1. A part of a circulation data set composed of a plurality of partial data provided by a circulation data provider side device, wherein a specific partial data of a reference authority order requested by a user of the circulation data user side device is used. A method of controlling a circulation data reference order in which all users having a higher reference authority rank than a user can refer to the data on condition that the user has already referred to the data. Generating or setting the same number of encryption keys as the number of reference authority ranks set for the circulation data set, and transferring the same to the circulation data user side device; On the other hand, an encrypted partial data set is created by encrypting all the partial data referenced by the user with the reference authority in the subsequent ranks with the encryption key corresponding to the reference authority rank. A process of encrypting a data set composed of specific partial data and an encrypted partial data set with an encryption key corresponding to the reference authority order is performed the same number of times as the number of reference authority orders, and the entire data set is encrypted. Storing the circulated circulation data set in the storage device, and in the circulation data user side device, acquiring the circulation data set stored in the storage device in response to a request from the circulation data user; Decrypts the corresponding partial data using the encryption key corresponding to the reference authority order of the data, outputs the data in a format that can be referred to by the data user, and, if the decrypted partial data includes the encrypted partial data, performs the encryption. Restoring the partial data in the storage device;
A method for controlling the order of circulation data reference, comprising: 2. A circulation data set comprising a plurality of partial data provided by a circulation data provider device and using a specific partial data of a reference authority order requested by a user of the circulation data user device. A circulation data reference order control system that enables reference on condition that all users having a higher reference authority rank than the reference data have been referred to, wherein the circulation data provider side device includes a plurality of partial data Encryption key generating means for generating or setting the same number of encryption keys as the number of reference authority ranks set for the circulation data set consisting of: and transmitting the same to the circulation data user side device, and specifying corresponding to one reference authority rank Adds an encrypted partial data set in which all the partial data referenced by the user with the reference authority following the next rank are encrypted with the encryption key corresponding to the reference authority rank for the partial data of A process of encrypting a data set composed of these specific partial data and an encrypted partial data set with an encryption key corresponding to the reference authority rank is performed the same number of times as the number of reference authority ranks, and the entire data set is encrypted; An encryption processing means for storing the encrypted circulation data set in a storage device, wherein the circulation data user side device requests the circulation data set stored in the storage device from the circulation data user. And decrypts the corresponding partial data with an encryption key corresponding to the reference authority of the user, outputs the data in a format that can be referred to by the data user, and includes the encrypted partial data in the decrypted partial data. Circulating data reference order control system, comprising: decryption processing means for restoring the encrypted partial data in the storage device when the data exists. 3. A specific partial data of a reference authority order requested by a user of a circulation data user side device among a circulation data set including a plurality of partial data provided by the circulation data provider side device. A method of controlling a circulation data reference order in which all users having a higher reference authority rank than a user can refer to the data on condition that the user has already referred to the data. Generating or setting the same number of encryption keys as the number of reference authority ranks set for the circulation data set, and transferring the same to the circulation data user side device; specific partial data corresponding to the lowest reference authority rank Is encrypted with an encryption key corresponding to the reference authority order, and partial data that can be referred to by a user having the next higher reference authority order is added to the encrypted partial data. The process of encrypting the encrypted partial data and the partial data of the next higher reference authority with the encryption key corresponding to the upper reference authority is performed by encrypting the partial data with the highest reference authority. Storing the circulated data set encrypted in the storage device repeatedly in the storage device, and storing the circulated data set stored in the storage device in response to a request from the circulated data user. And decrypts the corresponding partial data with an encryption key corresponding to the reference authority of the user, outputs the data in a format that can be referred to by the data user, and includes the encrypted partial data in the decrypted partial data. And re-storing the encrypted partial data in the storage device if necessary. 4. A specific partial data of a reference authority order requested by a user of a circulation data user side device among a circulation data set including a plurality of partial data provided by the circulation data provider side device. A circulation data reference order control system that enables reference on condition that all users having a higher reference authority rank than the reference data have been referred to, wherein the circulation data provider side device includes a plurality of partial data Encryption key generating means for generating or setting the same number of encryption keys as the number of reference authority ranks set for the circulation data set consisting of and transmitting the same to the circulation data user side device, and corresponding to the lowest reference authority rank The specific partial data is encrypted with the encryption key corresponding to the reference authority order, and the partial data that can be referred to by the user of the next higher reference authority order is added to the encrypted partial data. The process of encrypting the encrypted partial data and the partial data having the upper-level reference authority with the encryption key corresponding to the upper-level reference authority is performed by encrypting the partial data with the highest-level reference authority. Encryption processing means for storing the encrypted circulation data set in the storage device repeatedly until the encryption is completed, wherein the circulation data user side device circulates the circulation data set stored in the storage device. Obtained in response to a request from a data user, decrypts the corresponding partial data with an encryption key corresponding to the reference authority of the user, outputs the data in a format that can be referred to by the data user, and decrypts the partial data. A circulation data reference order control system, comprising: a decryption processing means for restoring the encrypted partial data in the storage device when the encrypted partial data exists therein. .