JP2011028643A - Forgery processor of data file - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To improve security by forging a data file. <P>SOLUTION: A forgery processing unit 100 creates a forged data file Fd by adding position setting data Ps showing the specific position of an image and the data column of an original data file Fo being the object of forgery to the tail of a content data file Fc of the image. The forged data file Fd looks like a normal image file at a glance, and when it is opened by an image browsing program, the image is browsable. A reproduction part 230 of a restoration processing unit 200 presents the image to a user by using a portion of the fie Fc in the file Fd. When the user designates the specific position of the presented image, a designated position Pd is compared with the position setting data Ps in the file content Fd by a position determination part 250, and when both of them are matched, the portion of the file Fo in the file Fd is output as a restoration data file Fr by a file restoration part 220. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a data file impersonation processing apparatus, and more particularly to a technique for improving the security of an original data file by impersonating an original data file into another file.

  Today, with the spread of computers, there are increasing opportunities to handle various data files not only in industry but also at home. There are various types of target files, such as document data files, spreadsheet data files, image data files, moving image data files, and audio data files. Therefore, it is expected that the amount of data files to be stored will become enormous even at the individual level in the home.

  The created data file is generally stored on a hard disk for a personal computer, etc. However, in view of the increase in the amount of data files, recently, data files have been deposited from companies and individuals over the network and stored. Businesses that provide services are also popular. For example, in Patent Document 1 below, in order to securely store a data file deposited from a customer via the Internet, the data file to be stored is divided and stored in a plurality of different server devices. A distributed data archive device is disclosed.

  As described above, when a data file is stored, security is a serious problem regardless of the storage location. Of course, the data files to be stored include files with various contents ranging from confidential corporate documents to pet photos, but in any case, the contents will be known by a third party without permission. That is not preferable.

  A typical method taken to ensure the security of data files is file encryption. Usually, an encrypted file corresponding to the original data file is created by an encryption process using a predetermined encryption key. In order to restore the original data file, the encryption key used for the encryption process is required, so even if the encrypted file is delivered to a third party, sufficient security can be ensured.

  On the other hand, a method for improving security by disguising the original data file as another file has also been proposed. For example, in Patent Document 2 below, a camouflaged file containing fake data is prepared in advance with respect to a legitimate file, and if a user who is not logged in illegally accesses the legitimate file, A technique for providing a camouflaged file instead of a file is disclosed. Also, in Patent Document 3 below, in order to improve security for data files with meaningful file names such as “April Sales Book”, they are automatically converted to meaningless file names when logging out. A technique for automatically converting an original file name when a legitimate user logs in again is disclosed.

Japanese Patent No. 4107370 JP 2006-301798 A JP 2005-234728 A

  As described above, impersonation of a data file is a technique for improving security by an approach different from data file encryption, and is particularly effective when used in combination. In other words, while data file encryption is a technique that ensures security by making the file contents physically undecipherable, data file impersonation is different from the original. It is a technique to ensure security by pretending to be a simple data file.

  For example, in the technique disclosed in the above-mentioned Patent Document 2, an unauthorized person can be deceived by providing a camouflaged file containing fake data to an unauthorized person. In the technique disclosed in the above-mentioned Patent Document 3, a meaningful file name such as “April sales book” is presented to a regular user, whereas other users are presented with a meaningful name. Since another file name is presented, it can be avoided that it becomes a target for unauthorized access.

  As described above, the disguise of the data file is an effective method for ensuring security that has an effect different from the encryption of the data file. However, it is difficult to ensure sufficient security for any data file to be stored by the conventionally proposed camouflage technology. For example, the technique disclosed in Patent Document 2 described above is a technique for providing a camouflaged file instead of an original file against unauthorized access, and the original data file itself is not protected by impersonation. Further, the technique disclosed in Patent Document 3 described above only disguises the file name, and the original data file itself is not protected by the disguise.

  Accordingly, an object of the present invention is to provide a data file disguise processing apparatus that can perform disguise of any data file itself to be stored and can improve security.

(1) In the first aspect of the present invention, an impersonation processing unit that performs an impersonation process on an original data file to be impersonated to create an impersonation data file, and an original process by performing a restoration process on the impersonation data file In a data file camouflage processing device comprising a restoration processing unit for restoring a data file,
In the camouflage processing unit,
An original data file input unit for inputting an original data file to be camouflaged based on a user's file designation operation;
A content data file input unit for inputting a content data file used for impersonation based on a user's file designation operation;
A disguise stage content reproduction unit that reproduces content based on the content data file input by the content data file input unit and presents the content to the user;
A position setting unit that sets a predetermined position in time or space and creates position setting data for specifying a setting position for content being played back by the camouflaged stage content playback unit based on a user position setting operation;
A file impersonation unit that creates a fake data file by incorporating management data including information indicating position setting data or its location and an original data file into the content data file, and outputs the fake data file,
Provided,
In the restoration processing unit,
A camouflaged data file input unit for inputting a camouflaged data file to be restored based on a user file designation operation;
A reproduction stage content reproduction unit that reproduces content based on the content data file included in the camouflaged data file and presents the content to the user;
A position designating unit for designating a predetermined position in time or space for the content being played by the restoration stage content playing unit based on the user's position designating operation;
A position determination unit that determines whether or not the specified position by the position specifying unit matches the setting position specified by the position setting data obtained based on the camouflaged data file;
A file restoration unit that extracts an original data file from a camouflaged data file and outputs it as a restoration data file on condition that a match judgment is made by the position judgment unit;
Is provided.

(2) According to a second aspect of the present invention, in the camouflage processing device according to the first aspect described above,
The camouflage processing unit further includes a camouflage stage password input unit that inputs a password based on a user input operation,
The file disguise part creates a disguise data file including information indicating the password or its location by incorporating management data including information indicating the password or its location in the content data file,
In the restoration processing unit,
A restoration stage password input unit for inputting a password based on a user input operation;
A password determination unit that determines whether or not the password input by the restoration stage password input unit and the password obtained based on the impersonation data file match.
Further provided,
The file restoration unit extracts the original data file from the camouflaged data file and outputs it as a restoration data file on condition that the match judgment is made in both the position judgment unit and the password judgment unit. is there.

(3) According to a third aspect of the present invention, in the camouflage processing device according to the first aspect described above,
The content data file input unit has a function of inputting a total of m content data files (m ≧ 2) based on a user file designation operation,
The impersonation stage content reproduction unit has a function of reproducing and presenting m content data files to the user,
The position setting unit creates position setting data for each content being played based on the user's position setting operation,
By incorporating the management data including the position setting data or information indicating the location thereof, the original data file, and the second to m-th content data files into the first content data file by the file camouflaging unit, Create a fake data file,
The restoration stage content playback unit has a function of sequentially playing back the content of m content data files and presenting it to the user,
The position designation unit has a function of performing position designation for each content being played based on the user's position designation operation,
The position determination unit has a function of determining whether or not each specified position matches the set position for each content,
A condition is that the position determination unit makes a match determination on the content of the i-th (1 ≦ i <m) content data file after the restoration stage content playback unit plays back the first content data file. As a result, the content of the (i + 1) th content data file is reproduced,
The file restoration unit outputs the restored data file on condition that the match determination is made by the position determination unit for the content of the mth content data file.

(4) According to a fourth aspect of the present invention, in the camouflage processing device according to the first aspect described above,
The content data file input unit has a function of inputting a total of m content data files (m ≧ 2) based on a user file designation operation,
The impersonation stage content reproduction unit has a function of reproducing and presenting m content data files to the user,
The position setting unit sets a predetermined position in time or space during playback for a part or all of the m content data files based on a user position setting operation, and specifies the set position Create each data,
The camouflage processing unit further includes a camouflage stage password input unit that inputs and sets individual passwords for some or all of the m content data files based on user input operations,
The file camouflaging unit includes, in the first content data file, management data including position setting data or information indicating the location and password or information indicating the location, the original data file, and the second to m-th content data. Create a fake data file by incorporating
The restoration processing unit
Based on the user's input operation, for the password-set content for which password setting has been performed by the impersonation stage password input unit, a restoration stage password input unit that inputs a password during playback,
The password for each password-set content input by the restoration stage password input unit is compared with the password for each password-set content included in the fake data file to determine whether or not they match A password determination unit;
Further comprising
The restoration stage content playback unit has a function of sequentially playing back the content of m content data files and presenting it to the user,
The position designation unit has a function of performing position designation during reproduction for each position-set content for which position setting has been performed by the position setting unit based on a user's position designation operation,
The position determination unit has a function of determining whether or not each specified position matches the set position for each position-set content,
After the restoration stage content reproduction unit reproduces the first content data file, the content of the i-th (1 ≦ i <m) content data file has been set among the position setting and password setting. The content of the (i + 1) -th content data file is played back on condition that all items are matched.
The file restoration unit outputs the restored data file on condition that the match determination is made for all the set contents of the position setting and the password setting for the contents of the mth content data file. Is.

(5) According to a fifth aspect of the present invention, an impersonation processing unit that creates an impersonation data file by performing an impersonation process on an original data file to be camouflaged; and an original by performing a restoration process on the impersonation data file In a data file camouflage processing device comprising a restoration processing unit for restoring a data file,
In the camouflage processing unit,
An original data file input unit for inputting an original data file to be camouflaged based on a user's file designation operation;
A content data file input unit for inputting a content data file used for impersonation based on a user's file designation operation;
A disguise stage content reproduction unit that reproduces content based on the content data file input by the content data file input unit and presents the content to the user;
A position setting unit that sets a predetermined position in time or space and creates position setting data for specifying a setting position for content being played back by the camouflaged stage content playback unit based on a user position setting operation;
An impersonation stage password input unit that inputs a password based on a user input operation;
Applying a predetermined encryption algorithm using the password input by the impersonation stage password input unit, applying an encryption process to the original data file, and creating an encrypted original data file;
A file impersonation unit that creates a fake data file by incorporating management data including position setting data or information indicating the location thereof and an encrypted original data file into the content data file, and outputs the file,
Provided,
In the restoration processing unit,
A camouflaged data file input unit for inputting a camouflaged data file to be restored based on a user file designation operation;
A reproduction stage content reproduction unit that reproduces content based on the content data file included in the camouflaged data file and presents the content to the user;
A position designating unit for designating a predetermined position in time or space for the content being played by the restoration stage content playing unit based on the user's position designating operation;
A position determination unit that determines whether or not the specified position by the position specifying unit matches the setting position specified by the position setting data obtained based on the camouflaged data file;
A restoration stage password input unit for inputting a password based on a user input operation;
Decryption is performed on the encrypted original data file extracted from the camouflaged data file by executing a decryption algorithm corresponding to a predetermined encryption algorithm using the password input by the restoration stage password input unit. The processing unit,
A file restoration unit that outputs the data file decrypted by the decryption processing unit as a restored data file;
Provided,
Both the decoding process by the decoding processing unit and the output process of the restored data file by the file restoring unit are performed under the condition that the match judgment is made by the position judging unit.

(6) According to a sixth aspect of the present invention, in the camouflage processing device according to the fifth aspect described above,
The file disguise part incorporates the encrypted password obtained by encrypting the password input by the disguise stage password input part into the content data file or management data including the information indicating the location thereof, thereby obtaining the encrypted password. Create an impersonation data file containing
The restoration processing unit
A password determination unit for determining whether or not the password input by the restoration stage password input unit and the password obtained by decrypting the encrypted password obtained based on the fake data file match. Prepared,
Both the decryption processing on the encrypted original data file by the decryption processing unit and the output processing of the restored data file by the file restoration unit on condition that the match determination is made in both the position determination unit and the password determination unit Processing is performed together.

(7) A seventh aspect of the present invention provides the camouflage processing device according to the fifth aspect described above,
The content data file input unit has a function of inputting a total of m content data files (m ≧ 2) based on a user file designation operation,
The impersonation stage content reproduction unit has a function of reproducing and presenting m content data files to the user,
The position setting unit creates position setting data for each content being played based on the user's position setting operation,
The file camouflaging unit incorporates the management data including the position setting data or information indicating the location thereof, the encrypted original data file, and the second to m-th content data files into the first content data file. Creates a fake data file,
The restoration stage content playback unit has a function of sequentially playing back the content of m content data files and presenting it to the user,
The position designation unit has a function of performing position designation for each content being played based on the user's position designation operation,
The position determination unit has a function of determining whether or not each specified position matches the set position for each content,
A condition is that the position determination unit makes a match determination on the content of the i-th (1 ≦ i <m) content data file after the restoration stage content playback unit plays back the first content data file. As a result, the content of the (i + 1) th content data file is reproduced,
The file restoration unit outputs the restored data file on condition that the match determination is made by the position determination unit for the content of the mth content data file.

(8) An eighth aspect of the present invention is the camouflage processing device according to the fifth aspect described above,
The content data file input unit has a function of inputting a total of m content data files (m ≧ 2) based on a user file designation operation,
The impersonation stage content reproduction unit has a function of reproducing and presenting m content data files to the user,
The position setting unit sets a predetermined position in time or space during playback for a part or all of the m content data files based on a user position setting operation, and specifies the set position Create each data,
The camouflage processing unit further includes a camouflage stage password input unit that inputs and sets individual passwords for some or all of the m content data files based on user input operations,
The encryption processing unit executes encryption processing using part or all of the password input by the impersonation stage password input unit,
The file disguise section contains the management data including the encrypted password obtained by encrypting the position setting data or the information indicating the location and the password in the first content data file and the information indicating the location, and the encryption Create an impersonation data file by incorporating the original data file and the second to m-th content data files,
The restoration processing unit
Based on the user's input operation, for the password-set content for which password setting has been performed by the impersonation stage password input unit, a restoration stage password input unit that inputs a password during playback,
The password for each password-set content input by the restoration stage password input unit is compared with the password for each password-set content included in the fake data file to determine whether or not they match A password determination unit;
Further comprising
The decryption processing unit executes the decryption process using a part or all of the password input by the restoration stage password input unit,
The restoration stage content playback unit has a function of sequentially playing back the content of m content data files and presenting it to the user,
The position designation unit has a function of performing position designation during reproduction for each position-set content for which position setting has been performed by the position setting unit based on a user's position designation operation,
The position determination unit has a function of determining whether or not each specified position matches the set position for each position-set content,
After the restoration stage content reproduction unit reproduces the first content data file, the content of the i-th (1 ≦ i <m) content data file has been set among the position setting and password setting. The content of the (i + 1) -th content data file is played back on condition that all items are matched.
Decryption processing for the encrypted original data file by the decryption processing unit on condition that the match determination is made for all the set contents of the position setting and password setting for the contents of the mth content data file In addition, both processes of the output process of the restored data file by the file restoring unit are performed.

(9) A ninth aspect of the present invention is the camouflage processing device according to the fifth to eighth aspects described above,
The encryption processing unit and the decryption processing unit execute encryption or decryption processing using the password or a part thereof as an encryption key or a part thereof.

(10) According to a tenth aspect of the present invention, in the camouflage processing device according to the fifth to eighth aspects described above,
The encryption processing unit and the decryption processing unit execute encryption or decryption processing using a part of the data in the content data file specified by the password as an encryption key or a part thereof. .

(11) An eleventh aspect of the present invention is the camouflage processing device according to the tenth aspect described above,
The encryption processing unit and the decryption processing unit have a calculation function for obtaining a predetermined unique value unique to the character string by applying a predetermined numerical algorithm to the character string constituting the password, and constitute a content data file An encryption or decryption process is executed using a predetermined length of data starting from the predetermined reference position of the data string at the subsequent position corresponding to the eigenvalue as an encryption key or a part thereof. It is a thing.

(12) According to a twelfth aspect of the present invention, in the camouflage processing device according to the seventh or eighth aspect described above,
The encryption processing unit applies a predetermined encryption algorithm using the password input by the impersonation stage password input unit, performs encryption processing on a part or all of the second to m-th content data files, It has a function to create an encrypted content data file,
The file impersonation unit creates an impersonation data file by incorporating the encrypted content data file for the encrypted files among the second to m-th content data files,
The decryption processing unit executes a decryption algorithm corresponding to a predetermined encryption algorithm on the encrypted content data file extracted from the camouflaged data file, using the password input by the restoration stage password input unit. It has a function to perform decryption processing,
The content data file that has been subjected to the encryption process by the restoration stage content reproduction unit is reproduced based on the content data file that has been decrypted by the decryption processing unit.

(13) The thirteenth aspect of the present invention is the camouflage processing apparatus according to the second, fourth, fifth to eighth aspects described above,
Restoration stage The password input unit has a function to display a password input window to the user when a position designation operation is performed by the user and, as a result, a match determination is performed by the position determination unit. A password is input by a user input operation to the window.

(14) According to a fourteenth aspect of the present invention, in the camouflage processing device according to the thirteenth aspect described above,
The restoration stage password input unit has a function of displaying a fake password input window to the user when a position specifying operation is performed by the user and as a result, a match determination is not performed by the position determination unit. Information input by a user input operation to a fake password input window is not handled as a password.

(15) According to a fifteenth aspect of the present invention, in the camouflage processing device according to the thirteenth or fourteenth aspect described above,
If the content data file is an image data file or a video data file,
Based on the position specifying operation by the user, the position specifying unit specifies a predetermined position on the image or the frame for displaying the moving image,
The restoration stage password input unit displays a password input window or a fake password input window in the vicinity of a designated position on a frame for displaying an image or a moving image.

(16) According to a sixteenth aspect of the present invention, in the camouflage processing device according to the second, fourth, fifth to eighth aspects described above,
Impersonation stage password input part or restoration stage password input part was made by the user,
(a) Input operation via the keyboard of the character string constituting the password,
(b) Drag-and-drop operation of “file containing data that constitutes password” or “file that derives data that constitutes password” to the password input window,
(c) Read instruction operation of “data composing password” or “data deriving data composing password” from external storage device,
(d) a collection instruction operation for collecting a password composed of biodata indicating the biological characteristics of the user body from the user body;
The password is entered by either of the above.

(17) According to a seventeenth aspect of the present invention, in the camouflage processing device according to the first, second, fifth, and sixth aspects described above,
The file disguise section creates an additional data string that includes the management data and the data that constitutes the original data file or the encrypted original data file, and adds the additional data string to the end of the data string that constitutes the content data file. Thus, a camouflaged data file is created.

(18) According to an eighteenth aspect of the present invention, in the camouflage processing device according to the seventeenth aspect described above,
The restoration processing unit recognizes the end of the data string constituting the content data file based on the information in the header part of the content data file included in the head part of the camouflaged data file, and the management data subsequent to this end The original data file or the encrypted original data file following the management data is recognized.

(19) According to a nineteenth aspect of the present invention, in the camouflage processing device according to the eighteenth aspect described above,
The restoration processing unit recognizes the end of the data string that makes up the content data file based on the data indicating the file length included in the header of the content data file included in the beginning of the fake data file It is what you do.

(20) According to a twentieth aspect of the present invention, in the camouflage processing device according to the eighteenth aspect described above,
The restoration processing unit recognizes the identifier code indicating the end of the file based on the data indicating the type of file included in the header information of the content data file included in the head portion of the camouflaged data file. By searching for the identifier code, the end of the data string constituting the content data file is recognized.

(21) A twenty-first aspect of the present invention provides the camouflage processing apparatus according to the third, fourth, seventh, and eighth aspects described above,
The file disguise section creates an additional data string including management data, data that forms the original data file or encrypted original data file that follows this, and data that forms the second to m-th content data files. In this case, the configuration information indicating the configuration of the additional data string is included in the management data, and the additional data string is added to the end of the data string that constitutes the first content data file. Is to create.

(22) According to a twenty-second aspect of the present invention, in the camouflage processing device according to the twenty-first aspect described above,
The restoration processing unit recognizes the end of the data string constituting the first content data file based on the information of the header portion of the first content data file included in the head portion of the camouflaged data file, The management data following the end is recognized, and the configuration data included in the management data is used to make the original data file or encrypted original data file and the second to mth content data files following the management data. Is to recognize.

(23) According to a twenty-third aspect of the present invention, in the camouflage processing device according to the twenty-second aspect described above,
The restoration processing unit converts the first content data file based on the data indicating the file length included in the header part information of the first content data file included in the head portion of the camouflaged data file. This is designed to recognize the end of the data string to be configured.

(24) According to a twenty-fourth aspect of the present invention, in the camouflage processing device according to the twenty-second aspect described above,
Based on the data indicating the file type included in the header part information of the first content data file included in the head part of the fake data file, the restoration processing unit generates an identifier code indicating the end of the file. By recognizing and searching for this identifier code, the end of the data string constituting the first content data file is recognized.

(25) According to a twenty-fifth aspect of the present invention, in the camouflage processing device according to the third, fourth, seventh, and eighth aspects described above,
A content server unit that provides content data files to the impersonation processing unit and the restoration processing unit via a network;
The content data file input unit has a function of inputting a desired content data file by downloading the file from the content server unit,
The file disguise part selects part or all of the second to m-th content data files as externally introduced files, and for the content data file selected as the externally introduced file, the file itself becomes the disguised data file. Instead of incorporating, it has a function to incorporate external introduction information necessary for downloading the file from the content server unit into the fake data file
The restoration stage content reproduction unit has a function of reproducing the externally introduced file after downloading it from the content server unit based on the externally introduced information.

(26) According to a twenty-sixth aspect of the present invention, in the camouflage processing device according to the twenty-fifth aspect,
The content server unit has a function of performing a process of permitting or prohibiting only a specific content data file to be downloaded to a predetermined specific network address.

(27) According to a twenty-seventh aspect of the present invention, in the camouflage processing device according to the twenty-fifth aspect,
The content server unit has a function of performing a process of permitting or prohibiting download of a specific content data file only in a predetermined specific time zone.

(28) According to a twenty-eighth aspect of the present invention, in the camouflage processing device according to the twenty-fifth aspect,
When the content server unit receives a download request based on the same external introduction information, the content data file to be downloaded is changed according to the network address of the request source or the requested time zone. is there.

(29) According to a twenty-ninth aspect of the present invention, in the camouflage processing device according to the first to eighth aspects described above,
The original data file input unit has a function of inputting a plurality of n original data files based on a user's file designation operation,
The file camouflaging unit creates a camouflaged data file including a plurality of n original data files or encrypted original data files.

(30) A thirty aspect of the present invention is the camouflage processing apparatus according to the first to eighth aspects described above,
The position setting unit has a function of setting a plurality of different positions for one content,
The position determination unit performs the match determination when the position specified by the position specifying unit matches any of a plurality of set positions.

(31) According to a thirty-first aspect of the present invention, in the camouflage processing device according to the first to eighth aspects described above,
The file camouflaging unit creates a camouflaged data file having an extension indicating the same file format as the content data file (the first content data file if there are a plurality of content data files).

(32) According to a thirty-second aspect of the present invention, in the camouflage processing device according to the first to eighth aspects described above,
If the match determination is not performed by the position determination unit, or if the match determination is not performed by the password determination unit, the file restoration unit may cause the user to restore failure instead of outputting the restored data file. The message to show is shown.

(33) According to a thirty-third aspect of the present invention, in the camouflage processing device according to the first to eighth aspects described above,
The file disguise part embeds the file name of the original data file in part of the management data,
The file restoration unit outputs a restoration data file having a file name embedded in the management data.

(34) According to a thirty-fourth aspect of the present invention, in the camouflage processing device according to the first to eighth aspects described above,
The camouflaged stage content playback unit and the restoration stage content playback unit are configured by a common combined content playback unit.

(35) According to a thirty-fifth aspect of the present invention, in the camouflage processing device according to the first to eighth aspects described above,
The content data file input unit has a function of inputting an image data file as a content data file,
The impersonation stage content playback unit and the restoration stage content playback unit have a function of presenting an image to the user based on the image data file,
The position setting unit has a function of creating position setting data having a point or region on the image as a setting position,
The position designation part has a function to designate the position of a point on the image,
The position determination unit performs a match determination when the point designated by the position designation unit is “within a predetermined vicinity range of a point specified by the position setting data” or “within an area specified by the position setting data” It is a thing.

(36) The thirty-sixth aspect of the present invention is the camouflage processing device according to the thirty-fifth aspect,
The position setting unit has a function of creating hint information for displaying a hint at a predetermined position on the image based on a user operation,
The file disguise part has a function to create a disguise data file by incorporating management data including hint information,
The restoration stage content reproduction unit has a function of displaying a hint on an image based on the hint information.

(37) According to a thirty-seventh aspect of the present invention, in the camouflage processing device according to the thirty-sixth aspect,
The restoration stage content reproduction unit has a function of displaying a hint related to the designated position when the user performs a position designation operation.

(38) According to a thirty-eighth aspect of the present invention, in the camouflage processing device according to the first to eighth aspects described above,
The content data file input unit has a function of inputting an audio data file as a content data file,
The impersonation stage content reproduction unit and the restoration stage content reproduction unit have a function of presenting audio to the user based on the audio data file,
The position setting unit has a function of creating position setting data for specifying a point or region on the time axis for reproducing sound as a setting position,
The position designation unit has a function of designating the position of a point on the time axis for reproducing sound,
The position determination unit performs a match determination when the point designated by the position designation unit is “within a predetermined vicinity range of a point specified by the position setting data” or “within an area specified by the position setting data” It is a thing.

(39) According to a 39th aspect of the present invention, in the camouflage processing apparatus according to the above first to eighth aspects,
The content data file input unit has a function of inputting a video data file as a content data file,
The impersonation stage content playback unit and the restoration stage content playback unit have a function of presenting a video to the user based on the video data file,
The position setting unit has a function of creating position setting data for specifying a point or region on a frame for displaying a moving image as a setting position;
The position designation part has a function to designate the position of a point on the frame for displaying the moving image,
The position determination unit performs a match determination when the point designated by the position designation unit is “within a predetermined vicinity range of a point specified by the position setting data” or “within an area specified by the position setting data” It is a thing.

(40) A fortieth aspect of the present invention provides the camouflage processing apparatus according to the above first to eighth aspects,
The content data file input unit has a function of inputting a video data file as a content data file,
The impersonation stage content playback unit and the restoration stage content playback unit have a function of presenting a video to the user based on the video data file,
The position setting unit has a function of creating position setting data for specifying a point or region on the time axis for reproducing a moving image as a setting position,
The position specification unit has a function to specify the position of a point on the time axis for playing back a movie,
The position determination unit performs a match determination when the point designated by the position designation unit is “within a predetermined vicinity range of a point specified by the position setting data” or “within an area specified by the position setting data” It is a thing.

(41) According to a forty-first aspect of the present invention, in the camouflage processing device according to the first to eighth aspects described above,
The content data file input unit has a function of inputting a video data file as a content data file,
The impersonation stage content playback unit and the restoration stage content playback unit have a function of presenting a video to the user based on the video data file,
Spatial position setting in which the position setting unit specifies the point or area on the time axis on which the moving image is played back as the setting position, and the position or position on the frame on which the moving image is displayed as the setting position And a function for creating position setting data including both data and
The position designation unit has a function of designating both the position of the point on the time axis for reproducing the moving image and the position of the point on the frame for displaying the moving image,
The point on the time axis specified by the position specifying unit is “within a predetermined vicinity of the point specified by the temporal position setting data” or “in the region specified by the temporal position setting data” And the point on the frame specified by the position specifying unit is “within a predetermined neighborhood range of the point specified by the spatial position setting data” or “in the region specified by the spatial position setting data” In this case, a match determination is performed.

  (42) In a forty-second aspect of the present invention, the camouflage processing unit or the restoration processing unit in the camouflage processing apparatus according to the first to forty-first aspects is configured alone.

  (43) According to a forty-third aspect of the present invention, there is provided a program for causing a computer to function as the camouflage processing unit and / or the restoration processing unit in the camouflage processing apparatus according to the first to forty-first aspects described above. Is.

(44) The forty-fourth aspect of the present invention is the impersonation processing method for creating an impersonation data file by performing an impersonation process on an original data file to be impersonated;
The computer inputs the original data file to be impersonated,
A computer inputting a content data file used for impersonation;
The computer appends additional data including management data including information necessary for restoration processing and data string configuring the original data file to the end of the data string configuring the content data file. To create a camouflaged data file;
The computer outputs a camouflaged data file;
Is to do.

  According to the data file camouflage processing apparatus according to the present invention, the camouflaging process for incorporating the original data file to be camouflaged into the content data file used for camouflaging is performed, and the camouflaged data file is created. Although this camouflaged data file is a file including the contents of the original data file, since it looks like a content data file, the possibility of being a target for unauthorized use is reduced. In addition, when performing impersonation processing, a predetermined position in time or space is set for the content being played based on the position setting operation of the user, and position setting data for specifying the set position is incorporated in the impersonation data file. It is. When the original data file is restored, the restored data file is output on condition that the position specified during the restoration process matches the predetermined position set during the impersonation process. The restored original data file cannot be obtained unless the user is able to perform the operation. Therefore, according to the present invention, an arbitrary data file to be stored can be camouflaged, and security can be improved.

It is a block diagram which shows the structure of the camouflage processing apparatus which concerns on basic embodiment of this invention. It is a top view which shows an example of the operation window shown by the camouflage processing unit 100 in embodiment shown in FIG. FIG. 3 is a plan view showing an operation for designating an original data file Fo by a user in the operation window shown in FIG. 2. FIG. 4 is a plan view showing an operation for designating a content data file Fc by a user in the operation window shown in FIG. 3. FIG. 5 is a plan view showing one form of a position setting operation by a user in the operation window shown in FIG. 4. It is a figure which shows the structural example of the camouflaged data file Fd produced by the file camouflaging part 130 in embodiment shown in FIG. It is a top view which shows an example of the operation window shown by the decompression | restoration processing unit 200 in embodiment shown in FIG. It is a top view which shows operation which designates the camouflaged data file Fd by the user in the operation window shown in FIG. It is a top view which shows one form of the position designation operation by the user in the operation window shown in FIG. It is a figure which shows the variation of the spatial position setting data in this invention. It is a figure which shows the variation of the time position setting data in this invention. It is a conceptual diagram which shows the setting area | region defined by both a spatial position and a temporal position. It is a block diagram which shows the structure of the camouflage processing apparatus which concerns on embodiment which performs password collation. It is a block diagram which shows the structure of the camouflage processing apparatus which concerns on embodiment which performs encryption. It is a figure which shows the procedure of the general encryption and decoding using an encryption key. It is a figure which shows some examples of the method of producing | generating an encryption key using a password. It is a block diagram which shows the structure of the camouflage processing apparatus which concerns on embodiment which performs both password verification and encryption. FIG. 18 is a diagram showing encryption and decryption procedures in the embodiment shown in FIG. 17. It is a figure which shows the structural example of the camouflaged data file Fd in embodiment using a some file. It is a figure which shows the position setting procedure in embodiment using a some content data file. It is a figure which shows the procedure of the match determination in embodiment using a some content data file. It is a figure which shows the procedure of the position setting and password setting in embodiment using a some content data file and password collation. It is a figure which shows the procedure of a coincidence determination in embodiment using a some content data file and password collation. 6 is a plan view showing an example of a “balloon-type password input window” presented by a restoration processing unit 200. FIG. 6 is a plan view showing an example of a “fake balloon-type password input window” presented by a restoration processing unit 200. FIG. 6 is a plan view showing an example of a “separate type password input window” presented by a restoration processing unit 200. FIG. FIG. 25 is a plan view showing a drag-and-drop operation of “file including data constituting password” by the user in the operation window shown in FIG. 24. It is a block diagram which shows an example of the practical use form of the camouflage processing apparatus which concerns on this invention. It is a top view which shows position setting operation about the several location by the user in the operation window shown in FIG. FIG. 10 is a plan view showing a state in which a content image is displayed in an independent window by a restoration stage content reproduction unit 230. FIG. 31 is a plan view showing a state where a “balloon-type password input window” is displayed by clicking one point P on the image shown in FIG. 30. FIG. 32 is a plan view showing a state in which a second content image is displayed in another window by inputting a correct password on the image shown in FIG. 31. FIG. 33 is a plan view showing a state where a “password input window” is displayed superimposed on the second content image shown in FIG. 32. It is a top view which shows the state by which the hint mark for associating a password was displayed on the 2nd content image shown in FIG.

  Hereinafter, the present invention will be described based on the illustrated embodiments.

<<< §1. Basic concept of the present invention >>
FIG. 1 is a block diagram showing a configuration of a camouflage processing apparatus according to a basic embodiment of the present invention. As indicated by a large block surrounded by a one-dot chain line in the figure, the camouflage processing apparatus includes a camouflage processing unit 100 and a restoration processing unit 200. Each element indicated by a cylindrical block in the figure is a data file handled by a computer.

  The camouflage processing unit 100 has a function of creating a camouflaged data file Fd by performing a camouflage process on the original data file Fo to be camouflaged, and the restoration processing unit 200 restores the camouflaged data file Fd. To restore the original data file Fo. In FIG. 1, the file restored by the restoration processing unit 200 is shown as a restored data file Fr. However, when the restoration is correctly performed, the restored data file Fr is the same file as the original data file Fo. Become.

  A feature of the camouflage processing apparatus according to the present invention is that a camouflage process using an arbitrary content data file Fc is performed on an original data file Fo to be camouflaged. Here, the original data file Fo may be any file that can be handled by a computer, such as a document data file, a spreadsheet data file, an image data file, a moving image data file, and an audio data file. . In addition, the “data file” in the present application broadly means an electronic file composed of a collection of digital data, and is a concept that generally includes what are called programs, routines, and tables. Therefore, files such as various application programs and plug-in programs are also included in the “data file” referred to in the present application.

  On the other hand, the content data file Fc is an image data file, a moving image data file, an audio data file, or the like as long as it can present some content by opening the file with a specific application program. But it doesn't matter. Accordingly, the document data file created by the document creation program, the spreadsheet data file created by the spreadsheet program, and the like are also included in the “content data file Fc” in the present application.

  Further, in the present application, the process of opening such a “content data file Fc” with a specific application program and presenting the content to the user is called “content reproduction”. That is, “reproduction of content” in the present application, in the case of a moving image data file or an audio data file, literally means a process of reproducing a moving image or audio, such as an image data file, a document data file, a spreadsheet data file, etc. In this case, it means a process of displaying an image, a document, a spreadsheet, etc. on the display screen.

  Now, suppose that the user wants to perform a disguise process on some original data file Fo. The reason why the user desires such a camouflage process is to increase security when storing the original data file Fo to be camouflaged. The original data file Fo may be stored in a hard disk built in the user's own personal computer, may be stored in an external hard disk device, or recorded on a CD-R or DVD-R. In some cases, it may be stored. Alternatively, it may be stored in a NAS device connected via a LAN, or stored in a server device of a service provider via the Internet using a data archive service as disclosed in the above-mentioned Patent Document 1. It may be done.

  In general, a typical technique for improving security when storing data files is file encryption. If the file is encrypted, even if it is in the hands of an unauthorized person, the possibility of the contents being stolen is very low. As already mentioned, the impersonation of the data file according to the present invention is a technique for improving security by an approach different from the encryption of the data file, and it seems that the data file is a data file different from the original. It is a technique to ensure security by pretending to be.

  Therefore, the user prepares an arbitrary content data file Fc together with the original data file Fo to be camouflaged. The camouflage processing unit 100 performs the camouflage process for creating the camouflaged data file Fd by incorporating the original data file Fo into the content data file Fc. The camouflaged data file Fd created in this way is a file including data constituting the original data file Fo, but behaves like a content data file Fc.

  For example, no matter what kind of data file the original data file Fo is, the file extension of the fake data file Fd has the same extension as that added to the file name of the content data file Fc. It is preferable to add. In general, the extension portion of the file name has a function indicating the type and format of the data file. For example, an extension “.jpg” indicates an image data file described in a “JPEG format” format. Therefore, if the camouflaged data file Fd is a file having an extension “.jpg” in the file name, at least as long as the file name is seen, it appears as an image data file.

  In many computer OS programs, the extension portion of the file name of a data file is also used as a code indicating a program that is activated when an operation for opening the file is performed. For example, if you double-click an icon of a data file with the extension “.jpg” in the file name to open it, you can view / edit the image corresponding to the image data file described in the “JPEG format” format. The application program is automatically activated and image content is displayed. Of course, the same applies when the data file is opened by the “Open” command of the program.

  Recently, an image storage service for depositing image data files such as digital camera photos or browsing images on a Web page from the general user via the Internet has become widespread. By using the present invention, the user can deposit the camouflaged data file Fd created using the camouflage processing unit 100 to such an image storage service site as if it were one image data file.

  For example, if a “JPEG format” image data file is used as the content data file Fc, a fake data file Fd having an extension of “.jpg” can be created, and this can be sent to the image storage service site as “JPEG format”. It can be deposited as an image data file. In this case, the camouflaged data file Fd appears to be a “JPEG format” image data file at first glance, so that the possibility of being a target for unauthorized use by a third party is reduced. Of course, the storage location of the camouflaged data file Fd is a target for unauthorized use, whether it is in the user's own personal computer, a CD-R or a DVD-R, or a NAS device connected to a LAN. The effect of reducing the possibility is the same.

  For practical purposes, security can be further improved by storing the fake data file Fd in a genuine “JPEG format” image data file. Particularly, in the case of an image data file, it is convenient because a list of image contents can be displayed by thumbnails or the like. If the user uses an image data file as the content data file Fc used for impersonation and remembers the contents of the image, thumbnails and the like are displayed in a list when the original data file Fo needs to be restored. By doing so, the camouflaged data file Fd can be selected from among many image data files.

  In order to restore the original data file Fo, the user only needs to give the fake data file Fd to the restoration processing unit 200. The restoration processing unit 200 performs a function of outputting the original data file Fo incorporated in the camouflaged data file Fd as the restoration data file Fr.

  Since a general application program does not have such a restoration processing function, a third party who does not have the restoration processing unit 200 performs an operation of restoring the original data file Fo from the camouflaged data file Fd. Can't do it. Of course, an engineer familiar with the computer can extract the original data file Fo by analyzing the configuration data of the camouflaged data file Fd with an analysis tool. Therefore, in order to further increase security, it is preferable to combine encryption methods as described later.

  When the present invention is used commercially, the camouflage processing apparatus shown in FIG. 1 will be used by many users. In this case, another user may perform a restoration process on the camouflaged data file Fd created by a certain user. For example, if the users A and B are both users of the camouflage processing apparatus shown in FIG. 1, when the camouflaged data file Fd created by the user A reaches the user B, the user B Can be used to restore the original data file Fo from the camouflaged data file Fd. As described above, it is not preferable that another user B performs a restoration process without permission on the camouflaged data file Fd created by the user A.

  Therefore, in the present invention, by introducing the concept of “location information” that only the original user knows, measures are taken to prevent unauthorized restoration by another user. For example, in the case of the above example, consider a case where the user A uses the “JPEG format” digital camera image data file photographed by himself / herself as the content data file Fc and performs the disguise process on the original data file Fo. In this case, the user A sets a specific position on the digital camera image. The setting position may be an arbitrary position, but in general, it is preferable to set the position of some object in the digital camera image so that it can be remembered until restoration. As will be described in detail later, this “position information” is incorporated into the camouflaged data file Fd created by the camouflage processing unit 100.

  On the other hand, when the user A performs restoration processing for the camouflaged data file Fd using the restoration processing unit 200, the digital camera image is displayed using the content data file Fc included in the camouflaged data file Fd, and the camouflaged data file Fd is displayed. An operation for designating the same position as the position set at the time of processing is performed. Then, the restoration processing unit 200 refers to the “position information” incorporated in the camouflaged data file Fd, and outputs the restoration data file Fr on condition that the position designated by the user is the correct position. To.

  If such measures are taken, only the user who knows the “correct setting position” can restore the original data file Fo. For example, in the case of the above example, since the user A remembers the “correct setting position”, the user A can specify the position at the time of restoration, so the restoration processing unit 200 is used to perform restoration processing on the camouflaged data file Fd. be able to. However, since the user B does not know the “correct setting position”, the restoration process cannot be performed. Of course, the user A can notify the user B of the “correct setting position” if necessary, so that the user B can be allowed to restore in the form of “transmission of position information”. Become.

  The “position” in the present invention is a concept including not only “spatial position” but also “temporal position”. For example, when an image data file is used as the content data file Fc, a “spatial position” can be set on a still image presented as content. On the other hand, when an audio data file is used as the content data file Fc, the “temporal position” can be set on the performance time axis of the audio presented as the content. When a moving image data file is used as the content data file Fc, both “spatial position” and “temporal position” can be set.

<<< §2. Configuration and operation of camouflage processing unit >>>
Next, the configuration and operation of the camouflage processing unit 100 in the basic embodiment shown in FIG. 1 will be described. Here, the black arrows in the figure indicate the flow of digital data between the components, and the white arrows indicate the exchange of information with the user.

  The camouflage processing unit 100 is a unit that creates a camouflaged data file Fd by performing a camouflage process on an original data file Fo that is to be camouflaged. As shown in the figure, an original data file input unit 110, a content data file input unit 120, a file disguise unit 130, a disguise stage content playback unit 140, and a position setting unit 150. However, in practice, the camouflage processing unit 100 can be configured by incorporating a dedicated application program into a general-purpose computer such as a personal computer, and each of the above-described constituent elements is a combination of computer hardware and software. Realized.

  The original data file input unit 110 performs a function of inputting an original data file Fo to be camouflaged based on a user's file designation operation, and the content data file input unit 120 is used for camouflage based on a user's file designation operation. It fulfills the function of inputting the content data file Fc. When the camouflage processing unit 100 is configured using a general-purpose computer, each of the input units 110 and 120 can be realized by a data file reading routine by a dedicated application program and stored in a storage device such as a hard disk device. The data file is read into a working memory such as a RAM.

  On the other hand, the camouflaged stage content playback unit 140 plays the content based on the content data file Fc input by the content data file input unit 120 and performs the function of presenting it to the user. In accordance with the principle of the present invention, as the content data file Fc, various types of data files of various formats such as an image data file, a moving image data file, an audio data file, a document data file, and a spreadsheet data file are used. However, in practice, it is sufficient to provide a playback function corresponding to content data files in main format formats that are frequently used by general users.

  For example, if an embodiment in which only an image data file can be used as the content data file Fc is adopted, playback functions (such as “JPEG format”, “GIF format”, “PNG format”) corresponding to major image formats ( It is sufficient to configure the camouflaged stage content playback unit 140 with a program that realizes the image browsing function. A general-purpose personal computer already has an image browsing program and library corresponding to image formats such as “JPEG format”, “GIF format”, and “PNG format”. The impersonation stage content reproduction unit 140 can be configured using a library.

  The position setting unit 150 sets a predetermined position in time or space for the content being played back by the camouflaged stage content playback unit 140 based on the user's position setting operation, and creates position setting data Ps for specifying the set position It is a component with the function to do. Specifically, in cooperation with the content reproduction function by the camouflaged stage content reproduction unit 140, a function for inputting the user's position setting instruction and generating the position setting data Ps may be performed.

  The file camouflaging unit 130 is a component that forms the center of the camouflage processing unit 100, and the content data file Fc input by the content data file input unit 120 includes the position setting data Ps created by the position setting unit 150. By incorporating the management data M (Ps) and the original data file Fo input by the original data file input unit 110, a process of creating a fake data file Fd and outputting it is performed. The fake data file Fd created in this way eventually includes the content data file Fc, the management data M (Ps), and the original data file Fo. The specific data structure of the camouflaged data file Fd will be described in detail in §3.

  As described above, the camouflage processing unit 100 is configured by incorporating a dedicated application program into a general-purpose computer such as a personal computer. Hereinafter, the operation of the camouflage processing unit 100 will be described with reference to an example of an operation window prepared as a man-machine interface of the camouflage processing unit 100.

  FIG. 2 is a plan view showing an example of the operation window 300 presented by the camouflage processing unit 100 in the embodiment shown in FIG. When the dedicated application program constituting the camouflage processing unit 100 is activated, an operation window 300 as shown in the figure is presented on the display screen. In FIG. 1, the exchange of information between the camouflage processing unit 100 and the user indicated by the white arrow is performed via the operation window 300.

  The original data file input field 310 is an input field displayed by the function of the original data file input unit 110, and is used for an operation for designating the original data file Fo to be input. Similarly, the content data file input field 320 is an input field displayed by the function of the content data file input unit 120, and is used for an operation for designating the content data file Fc to be input. The camouflaged data file input column 330 is an input column displayed by the function of the file camouflaging unit 130, and is used for an operation for designating the file name of the camouflaged data file Fd to be created.

  On the other hand, the file list display field 340 is stored in a storage device (for example, a built-in hard disk device) connected to a personal computer constituting the camouflage processing unit 100, or a storage device such as a server or NAS connected via a network. This is a column for displaying a list of data files that are stored. In the illustrated example, a state is shown in which files such as “FILE01.txt”, “FILE02.mp3”,..., “FILE07.xls” are stored in a specific folder.

  The user can input a desired file name in each column by selecting each input column 310, 320, 330 by clicking and inputting a predetermined character string from the keyboard. However, in the embodiment shown here, it is possible to input a desired file name in each field also by a drag and drop operation with respect to a specific file name displayed in the file list display field 340.

  For example, FIG. 3 shows that the file name “FILE04.pdf” (PDF format document data file) displayed in the file list display field 340 is displayed on the operation window 300 by the user in the original data file input field 310. It is a top view which shows the state which performed operation to drag and drop to. By the function of the original data file input unit 110, the file name “FILE04.pdf” is automatically input to the original data file input field 310, and the file is designated as the original data file Fo. That is, in the case of this example, the document data file “FILE04.pdf” is designated as an impersonation target. Of course, if necessary, the automatically input file name can be corrected by keyboard input.

  On the other hand, in FIG. 4, following the state shown in FIG. 3, the user inputs the file name “FILE03.jpg” (image data file in JPEG format) displayed in the file list display field 340 to the content data file input. 6 is a plan view showing a state where an operation of dragging and dropping to a column 320 is performed. FIG. By the function of the content data file input unit 120, the file name “FILE03.jpg” is automatically input to the content data file input field 320, and the file is designated as the content data file Fc. That is, in this example, the image data file “FILE03.jpg” is designated as a file to be used for the camouflage process. Of course, if necessary, the automatically input file name can be corrected by keyboard input.

  In the case of the embodiment shown in FIG. 4, when an operation of dragging and dropping the file name “FILE03.jpg” to the content data file input field 320 is performed, “ The file name “FILE04.jpg” is automatically entered. This is because when the file “FILE04.pdf” is specified as the original data file Fo and the file “FILE03.jpg” is specified as the content data file Fc, the fake data file created by the function of the file disguise unit 130 is created. This is because the file name “FILE04.jpg” is automatically given as the default file name of Fd.

  That is, the file disguise unit 130 expands the file name of the file “FILE03.jpg” specified as the content data file Fc to the file name body “FILE04” of the file “FILE04.pdf” specified as the original data file Fo. The file name “FILE04.jpg” obtained by adding the child “.jpg” is automatically displayed as the default file name of the fake data file Fd in the fake data file input field 330.

  Of course, if necessary, the file name automatically input in the fake data file input field 330 can be corrected by keyboard input. However, in practice, the default file name “FILE04.jpg” automatically input by the above-described method is extremely suitable as the file name of the fake data file Fd. First of all, since the main part “FILE04” of the file name “FILE04.jpg” is common to the file name main part of the original data file Fo, the user becomes the source of the fake data file Fd. This is because it is possible to easily recognize which file the original data file Fo was. Second, since the extension “.jpg” of the file name “FILE04.jpg” is in common with the extension of the content data file Fc, the computer OS program impersonates based on the extension “.jpg”. When an application program (a program capable of viewing / editing a JPEG image data file) that is activated to open the data file Fd is automatically selected, the content data file Fc incorporated in the fake data file Fd is correctly opened ( Because it can be played back).

  In particular, the second reason is important. Of course, different file formats with different extensions may be compatible with each other. In such a case, even if an application program different from the original is started by changing the extension, it can be opened (reproduced) correctly. Therefore, in implementing the present invention, the extension given to the file name of the camouflaged data file Fd is not necessarily the same as the extension of the content data file Fc. However, in practice, the file camouflaging unit 130 creates a camouflaged data file Fd having an extension indicating the same file format as that of the content data file Fc. It is preferable that the content portion in the camouflaged data file Fd is correctly reproduced by the application program started in this manner.

  Further, in the embodiment shown in FIG. 4, when an operation of dragging and dropping the file name “FILE03.jpg” to the content data file input field 320 is performed, the file “FILE03.jpg” is displayed in the content display field 350. The contents are automatically displayed. This is due to the playback function of the camouflaged stage content playback unit 140. In FIG. 4, the photograph including five persons is displayed in the content display column 350 because the file “FILE03.jpg” is an image data file composed of such a photograph image. As described above, the disguise stage content playback unit 140 plays back the content in the content display field 350 based on the content data file Fc input by the content data file input unit 120 and performs processing for presenting the content to the user. When the content data file Fc is an audio data file, image display in the content display field 350 is basically not performed, but as will be described later, image display such as an audio spectrum is performed as necessary. It may be.

  Therefore, the user can perform a position information setting operation on the image displayed in the content display field 350. That is, in this embodiment, the position setting unit 150 recognizes the user's position setting operation on the image displayed in the content display field 350 and creates position setting data Ps for specifying the set position. I do.

  The position setting operation by the user can be performed in various forms. FIG. 5 is a plan view showing one form of such a position setting operation. Here, the user performs an operation of setting the positions of the two points Q1 and Q2 on the image, so that a rectangle having the two points Q1 and Q2 as a diagonal is set as the setting area A (hatched portion in the figure). It is shown. The two points Q1 and Q2 may be specified by a mouse click operation. For example, two points Q1 and Q2 can be obtained by pressing the mouse button at the point Q1, dragging it diagonally, and releasing the mouse button at the point Q2, as in a rectangular drawing operation in general graphic drawing software. Can be specified. At this time, as shown in the figure, a rectangular setting area A may be displayed on the screen so that the user can confirm the setting area A.

  The position setting unit 150 creates position setting data Ps for specifying the set position based on the position setting operation by the user. For example, in the case of the above example, if the coordinate values Q1 (x1, y1) and Q2 (x2, y2) of the two points Q1 and Q2 on the image displayed in the content display field 350 are used as the position setting data Ps. Good. If it is decided that the rectangular area having the two points Q1 and Q2 as diagonals is set as the setting area A, the setting area A can be uniquely defined based on the position setting data Ps. In the case of the example shown in the figure, the position of the face of the woman on the wheelchair is set as the setting area A. The user can conceptually store the set position, for example, “grandma's face part”.

  The example in which the predetermined position in the space is set on the image displayed in the content display field 350 has been described above. When the content data file Fc is an image data file or a document data file, it is possible to set a predetermined position in the space using the content display field 350 in this way. However, when the content data file Fc is an audio data file, a predetermined position in the space cannot be set. In this way, in the case of content for which a position in space cannot be set, a position in time may be set.

  In the case of the operation window 300 shown in FIGS. 2 to 5, a playback position display field 355 and a playback position index 356 are provided below the content display field 350. Below that, a reverse playback button 361, a pause button 362, a playback button 363, and a fast-forward button 364 are provided. When the content data file Fc specified in the content data file input field 320 is an audio data file (for example, when a file “FILE02.mp3” is specified by drag and drop operation from the file list display field 340), Although the image display in the content display column 350 is not performed, instead of clicking the play button 363, the sound starts to be played, and the sound flows from the speaker built in the personal computer.

  If necessary, the user can click the pause button 362 to pause the audio playback, click the reverse playback button 361 to play in the reverse direction, or click the fast forward button 364. You can also fast forward. The horizontal bar constituting the playback position display field 355 indicates the time axis of music performance, and the playback position index 356 indicates the current playback position on the time axis. The user can also change the playback position by dragging the playback position index 356. Since such a user interface is a well-known technique used in various audio content reproduction software, a detailed description of its implementation method is omitted here.

  When the content data file Fc specified in the content data file input field 320 is an audio data file such as “FILE02.mp3”, the position setting unit 150 determines whether the reproduction position index 356 is on the time axis. The position setting data Ps for recognizing the set position in time and specifying the set position can be created. Specifically, for example, the elapsed time from the head position can be used as the position setting data Ps. If the user clicks the play button 363 to perform a predetermined position setting operation at a predetermined location (for example, a specific phrase portion of the lyrics) while playing the audio data file, the position of the playback position index 356 at that time Can be set as a predetermined position in time. Also in this case, the user can conceptually store the set position, such as “part of a specific lyrics”. In practice, in the case of an audio data file, an image of an audio spectrum may be automatically created using a spectrum analyzer program and displayed as a visual effect in the content display column 350. Alternatively, a voice waveform image with the horizontal axis as a time axis may be displayed. In this case, the user can set an arbitrary position on the time axis of the speech waveform.

  Further, when the content data file Fc specified in the content data file input field 320 is a moving image data file (for example, when a file “FILE05.avi” is specified by drag and drop operation from the file list display field 340) ), Moving image display and audio reproduction in the content display field 350 are performed simultaneously. Also in this case, since the user can control the playback position on the time axis of the moving image by clicking each button 361 to 364, a predetermined position on the time can be set. If a pause button 362 is clicked, a still image is obtained in the content display field 350, so that a predetermined position in the space can be set as in the example shown in FIG.

  As described above, in the case of a moving image data file, the position setting unit 150 can set both a predetermined position in time and a predetermined position in space, and create position setting data Ps for specifying these set positions. it can. Also in this case, the user can conceptually store the set position, such as “a part of grandma's face in a specific scene of a moving image”.

  Thus, when the specification of the original data file Fo and the content data file Fc is completed and the position setting operation is completed, the file camouflaging unit 130 can execute the process of creating the camouflaged data file Fd. For example, in the operation window 300 shown in FIG. 5, when the user clicks the process start button 370, the camouflaging process by the file camouflaging unit 130 starts. That is, the file camouflaging unit 130 creates the camouflaged data file Fd by incorporating the management data M (Ps) including the position setting data Ps and the original data file Fo into the content data file Fc, and outputs this To do. Specifically, in the case of the above example, the created camouflaged data file Fd has the file name “FILE04.jpg” (the file name input in the camouflaged data file input field 330) on the hard disk device for a personal computer. Will be saved.

  That is, the camouflaged data file “FILE04.jpg” is newly stored in the hard disk device. If the user deletes the original data file “FILE04.pdf”, the “PDF format” document data file “FILE04.pdf” becomes the “JPEG format” image data file “FILE04.jpg”. Will be replaced. As described above, the camouflaged data file “FILE04.jpg” looks like an image data file in “JPEG format” at first glance. In fact, when the icon is double-clicked, the image data file in “JPEG format” is handled. The image viewing / editing application software that can be displayed is started, and the image as displayed in the content display column 350 of FIG. 4 is displayed by the software. Of course, the camouflaged data file “FILE04.jpg” can be deposited as a normal image data file in a NAS device or a data storage site.

<<< §3. Specific data structure of camouflaged data file >>>
As already described in §2, the file disguise unit 130 shown in FIG. 1 impersonates the content data file Fc by incorporating the management data M (Ps) including the position setting data Ps and the original data file Fo. It has a function of creating a data file Fd. Here, specific processing contents performed by the file camouflaging unit 130 will be described by showing an example of a specific data structure of the camouflaged data file Fd.

  In general, the structure of a data file should be determined by a specific file format determined by a designer, and it is left up to each designer to determine what file format is determined. For example, in some file formats, a data structure having a three-part structure of a header part, a main body part, and a footer part is adopted. The “PDF format” document data file exemplified in §2 and the “JPEG format” Since the image data file can also have a data structure having a three-part structure of a header part, a main body part, and a footer part, a case where each file has such a data structure will be exemplified below.

  FIG. 6 is a diagram illustrating a configuration example of the camouflaged data file Fd created by the file camouflaging unit 130. Here, as in the example described in §2, the original data file Fo is a “PDF format” document data file having a file name “FILE04.pdf”, and the content data file Fc is “FILE03.jpg”. Consider a case where the image data file is “JPEG format” having the file name “”. As shown in the upper left of the figure, the original data file Fo has a three-part configuration of a header part Fo1, a body part Fo2, and a footer part Fo3. As shown in the upper right part of the figure, the content data file Fc is also a header part Fc1 and a body part. It consists of three parts, Fc2 and footer part Fc3.

  Here, for example, the header portion contains auxiliary information such as the file format version of the data file and the data size of the main body portion, and the original data of the data file is accommodated in the main body portion. In the footer portion, other auxiliary information is accommodated. Note that the file name and its extension can be accommodated in the header part, but are managed as separate files in many OSs.

  Also, depending on the file format, it is determined that a digital code serving as a specific marker is arranged at the boundary position of the header part or footer part. For example, in the case of an image data file, an SOI marker (Start of Image marker) consisting of 2 bytes “FF D8” is always placed at the beginning of the header part, and “FF D9” is always placed at the end of the footer part. An EOI marker (End of Image marker) consisting of 2 bytes is arranged. In general, an identification code indicating the end of the footer portion of a data file is called an EOF (End of File) code, and the end of the data file can be recognized by recognizing the position of the code. In the case of the image data file in the above example, “FF D9” (EOI marker) described above corresponds to the identification code EOF indicating the end of the file.

  Therefore, even when the process of adding the second data file to the end of the first data file and combining the two data files into one data file, the identification code EOF indicating the end of the file is recognized. Both data files can be separated as before. Even in the case of a data file adopting a file format that does not use an identification code EOF indicating the end of the file, if the data length (data capacity) of the header part, the body part, and the footer part is known, it is based on the data length. Since the boundary of the data file can be recognized, the synthesized data file can be separated into the original data file.

  In the example shown in the lower part of FIG. 6, the data string constituting the management data M is added to the end of the data string D1 constituting the content data file Fc, and the data string constituting the original data Fo is further added to the end. In this example, a camouflaged data file Fd is created. The front part of the camouflaged data file Fd is a header part Fc1 ′, a main part Fc2, and a footer part Fc3 that constitute the content data file Fc shown in the upper right of the figure, and the middle part (shown with hatching for convenience of explanation). The management data M created by the file disguise unit 130, and the latter part is a header part Fo1, a main body part Fo2, and a footer part Fo3 that constitute the original data file Fo shown in the upper left of the figure.

  In FIG. 6, the header part in the camouflaged data file Fd is indicated by the symbol “Fc1 ′” and is distinguished from the header part “Fc1” in the content data file Fc shown in the upper right of the figure. This is to show that it has been done. That is, the file name of the content data file Fc shown in the upper right of the figure is “FILE03.jpg”, whereas the file name of the fake data file Fd is changed to “FILE04.jpg” (the main body of the file name) Is changed to be the same as the main body “FILE04” of the file name of the original data file Fo). Therefore, when the configuration is such that the file name and extension are accommodated in the header part, or when the management information in the header part needs to be changed when the file name and extension are changed, “Fc1 ′” “Fc1” is changed.

  A data string constituting the management data M is added to the end of the data string D1 constituting the content data file Fc. As described above, the identification code EOF indicating the file end E is added to the end of the footer part Fc3. (Specifically, an EOI marker consisting of 2 bytes of “FF D9”) is arranged, so that the boundary between them can be recognized. Alternatively, the boundary between the two can be recognized by recognizing the full length (total data capacity) of the data string D1 based on the file length information recorded in the header part Fc1 ′.

  Here, the management data M is data created by the file camouflaging unit 130 and has meaning as information to be transmitted from the camouflage processing unit 100 to the restoration processing unit 200. The management data M includes at least position setting data Ps created by the position setting unit 150. In FIG. 1, the management data M described as “M (Ps)” is a convenience for clearly indicating that the position setting data Ps is included. In the case of the example shown in FIG. 5, the position setting data Ps is constituted by the coordinate values Q1 (x1, y1) and Q2 (x2, y2) of the two points Q1 and Q2.

  In the embodiment shown here, the file disguise unit 130 has a function of embedding the file name of the original data file Fo in a part of the management data M. In the figure, “FILE04.pdf” indicated by a balloon in the management data M is the file name of the original data file Fo embedded in this way. The main part “FILE04” of the file name of the original data file Fo is left as information of the main part “FILE04” of the file name of the fake data file Fd, but the extension “.pdf” is lost. End up. Therefore, in the embodiment shown here, the file name “FILE04.pdf” of the original data file Fo is embedded in the management data M portion as it is, so that the file name is transmitted from the camouflage processing unit 100 to the restoration processing unit 200. I am doing so. As will be described later, the file restoration unit 200 gives the file name “FILE04.pdf” embedded in the management data M as the file name of the restoration data file Fr.

  At the end of the management data M, the data string constituting the original data file Fo is added as it is. If the data length of the management data M is determined in advance, or if the data length of the management data M is recorded in a specific location in the management data M, the end of the management data M is determined based on the data length. It is possible to recognize the boundary between the head of the data strings constituting the original data file Fo. Alternatively, if it is determined that a unique identification code is arranged at the end of the management data M, it is possible to recognize the boundary between the two using the identification code.

  Eventually, the forged data file Fd can be separated into three components, that is, the original data file Fo, the content data file Fc, and the management data M on the restoration processing unit 200 side. However, the fake data file Fd synthesized as shown in the drawing constitutes a data file that is at least in appearance and is handled as one data file by the OS program of the computer. Moreover, the extension “.jpg” of the file name “FILE04.jpg” at first glance looks like a normal image data file of “JPEG format”.

  This is an effect peculiar to the camouflage process that cannot be obtained by the encryption process. In general, the file name of an encrypted data file is given an extension indicating that it is a file encrypted by specific encryption application software, such as “.crpt”. For this reason, from the viewpoint that the file is in a state where it cannot be physically browsed by a method called encryption, an effect of improving security is obtained. From the perspective of “knowing that it is a file and easily becoming a target for fraudulent activity”, on the contrary, the security is lowered. At first glance, the camouflaged data file Fd created according to the present invention looks like a normal content data file, so that the possibility of being a target of fraud is reduced. In other words, if the encryption method is "a method for storing important things in a safe", the method of impersonation used in the present invention is "a method for making important things look like stones and rolling them in the garden". I can do it.

  As described above, when the icon of the camouflaged data file Fd is double-clicked, a general OS program opens an “JPEG format” image data file based on the extension “.jpg”. Therefore, processing for starting image viewing / editing application software set in advance is performed. Such application software normally interprets information recorded in the header part Fc1 ′ located at the head of the camouflaged data file Fd, and treats the data file as an ordinary image data file in “JPEG format”. It will be.

  Therefore, the camouflaged data file Fd with the file name “FILE04.jpg” shows not only the file name but also the behavior as a normal image data file of “JPEG format”. Become. Of course, actually, as shown in FIG. 6, the camouflaged data file Fd is an extra data string called a management data M and a data string constituting the original data file Fo at the end of the data string D1 constituting the content data file Fc. It is comprised by adding. Here, this extra data string is referred to as “additional data string D2”.

  After all, in the case of the example shown in FIG. 6, the file disguise unit 130 creates the additional data string D2 including the management data M and the data constituting the original data file Fo, and the data constituting the content data file Fc. By adding the additional data column D2 to the end of the column D1, the camouflaged data file Fd is created. In the illustrated example, the data constituting the original data file Fo is arranged behind the management data M, but conversely, the management data M is arranged behind the data constituting the original data file Fo. May be. In the case of adopting the latter configuration, for example, if the data length of the management data M is set to 1 Kbyte, the 1 Kbyte portion at the end of the fake data file Fd can be recognized as the management data M portion. At the time of restoration, the management data M and the original data file Fo can be separated.

  Now, as in the example shown in the lower part of FIG. 6, even if the additional data string D2 is added at the end, if the fake data file Fd is analyzed in order from the top, at least the data string D1 is Since the correct data arrangement as the content data file Fc of the header portion Fc1 ′, the main body portion Fc2, and the footer portion Fc3 has been obtained, a general application software uses a normal image in “JPEG format” for the data file. It is handled as a data file, and the contents of the main unit Fc2 are displayed on the display screen. In short, for general image viewing / editing application software, the portion of the additional data string D2 is a so-called “cecum” and does not function as substantial data.

  Of course, the data structure in which the extra additional data string D2 is arranged at the end of the footer part Fc3 is out of the specification of the original file format, which violates the format rules. Therefore, some application software recognizes violations of this rule, presents an error message such as "This file is written in a format that is not supported by this program," and aborts the process of opening the file. might exist. However, even if such a case occurs, there will be no trouble in implementing the present invention.

  In the first place, the present invention is based on the premise that the forgery data file Fd created by the forgery processing unit 100 is restored by the restoration processing unit 200. Therefore, even if a third party tries to open the fake data file Fd with the file name “FILE04.jpg” using general image viewing / editing application software, Virtually no trouble occurs.

  The example using the “JPEG format” image data file as the content data file Fc has been described above, but the same applies to the case where an image data file of another format format is used. In the present invention, a moving image data file, an audio data file, a document data file, a spreadsheet data file, and the like can be used as the content data file Fc. Also in this case, if the file camouflaging unit 130 creates a camouflaged data file Fd having an extension indicating the same file format as that of the content data file Fc, at least as long as the file name is seen, the camouflaged data file Fd Looks like a normal content data file. If the icon is double-clicked, application software corresponding to each format is activated, and in many cases, content reproduction is normally performed.

<<< §4. Configuration and operation of restoration processing unit >>
Next, the configuration and operation of the restoration processing unit 200 in the basic embodiment shown in FIG. 1 will be described. Again, the black line arrows shown in the figure indicate the flow of digital data between the components, and the white arrows indicate the exchange of information with the user.

  The restoration processing unit 200 is a unit for performing restoration processing on the camouflaged data file Fd created by the camouflaging processing unit 100 and restoring the original data file Fo. The file restoration unit 220, the restoration stage content reproduction unit 230, the position designation unit 240, and the position determination unit 250 are configured. In practice, the restoration processing unit 200 can also be configured by incorporating a dedicated application program into a general-purpose computer such as a personal computer in the same manner as the camouflage processing unit 100. This is realized by a combination of software and software.

  The camouflaged data file input unit 210 has a function of inputting a camouflaged data file Fd to be restored based on a user file designation operation. When the restoration processing unit 200 is configured using a general-purpose computer, the camouflaged data file input unit 210 can be realized by a data file reading routine by a dedicated application program, and is stored in a storage device such as a hard disk device. The data file is read into a working memory such as a RAM.

  On the other hand, the restoration stage content playback unit 230 plays a function of playing back content based on the content data file Fc included in the camouflaged data file Fd input by the camouflaged data file input unit 210 and presenting it to the user. The restoration stage content playback unit 230 is a component that performs substantially the same function as the camouflaged stage content playback unit 140 in the camouflage processing unit 100. Therefore, in practice, the camouflaged stage content playback unit 140 and the restoration stage content playback unit 230 shown in FIG. 1 can be configured by a common dual-purpose content playback unit, and can be configured by sharing the same program. Is possible.

  The position designation unit 240 designates a predetermined position in time or space for the content being reproduced by the restoration stage content reproduction unit 230 based on the user's position designation operation, and uses position designation data Pd for specifying the designated position. It is a component with a function to create. Specifically, in cooperation with the content reproduction function by the restoration stage content reproduction unit 230, a function for inputting the position designation instruction of the user and creating the position designation data Pd may be performed.

  The position determination unit 250 has a function of determining whether or not the position specified by the position specifying unit 240 matches the setting position specified by the position setting data Ps included in the camouflaged data file Fd. A specific determination method will be described later. If the determination result that both match is obtained, the match determination signal J is given from the position determination unit 250 to the file restoration unit 220 (if the determination result that both match is not obtained, A match determination signal is given).

  In the file restoration unit 220, the match determination by the position determination unit 250 (determination that the specified position by the position specifying unit 240 matches the set position specified by the position setting data Ps included in the camouflaged data file Fd). On the condition that it is done, the original data file Fo is extracted from the camouflaged data file Fd, and this is output as a restored data file Fr.

  As described above, the restoration processing unit 200 is configured by incorporating a dedicated application program in a general-purpose computer such as a personal computer. Hereinafter, the operation of the restoration processing unit 200 will be described with an example of an operation window prepared as a man-machine interface of the restoration processing unit 200.

  FIG. 7 is a plan view showing an example of the operation window 400 presented by the restoration processing unit 200 in the embodiment shown in FIG. When the dedicated application program constituting the restoration processing unit 200 is activated, an operation window 400 as shown in the figure is presented on the display screen. In FIG. 1, the exchange of information between the restoration processing unit 200 and the user indicated by the white arrow is performed via the operation window 400.

  Of course, the dedicated application program that constitutes the camouflage processing unit 100 and the dedicated application program that constitutes the restoration processing unit 200 can be provided as a common integrated application program as needed. In this case, after starting the integrated application program, the user is made to select “impersonation processing” or “restoration processing” by using a command menu or the like. Such an impersonation processing operation window 300 is presented so that an operation input for impersonation processing can be performed. When the latter is selected, an operation window 400 for restoration processing as shown in FIG. 7 is presented. What is necessary is just to be in a state where operation input for restoration processing can be performed.

  In FIG. 7, a camouflaged data file input column 430 is an input column displayed by the function of the camouflaged data file input unit 210, and is used for an operation of designating a camouflaged data file Fd to be restored. On the other hand, the file list display column 440 is a column for displaying a list of data files stored in a storage device (for example, a built-in hard disk device) connected to a personal computer constituting the restoration processing unit 200. In the illustrated example, a state is shown in which files such as “FILE01.txt”, “FILE02.mp3”,..., “FILE07.xls” are stored in a specific folder.

  Here, the following description will be given on the assumption that the file “FILE04.jpg” displayed in the file list display field 440 is the forged data file Fd to be restored. As described in §3, this file “FILE04.jpg” appears to be an image data file in “JPEG format” at first glance, but actually, it is a fake data file Fd created by the fake processing unit 100. The file has a data structure as shown in the lower part of FIG.

  The user can input a desired file name by selecting by clicking the forged data file input field 430 and inputting a predetermined character string from the keyboard. However, in the embodiment shown here, a desired file name can be input to the forged data file input field 430 by a drag and drop operation on a specific file name displayed in the file list display field 440. ing.

  For example, in FIG. 8, the user performs an operation of dragging and dropping the file name “FILE04.jpg” displayed in the file list display field 440 to the fake data file input field 430 on the operation window 400. It is a top view which shows the state. By the function of the camouflaged data file input unit 210, the file name “FILE04.jpg” is automatically input to the camouflaged data file input field 430, and the file is designated as the camouflaged data file Fd. That is, in this example, the data file “FILE04.jpg” is designated as the restoration target. Of course, if necessary, the automatically input file name can be corrected by keyboard input.

  In the case of the embodiment shown in FIG. 8, when an operation of dragging and dropping the file name “FILE04.jpg” to the forged data file input field 430 and specifying an impersonated data file Fd is performed, the forged data file The content corresponding to the content data file Fc included in Fd is automatically displayed in the content display field 450. This is due to the playback function of the restoration stage content playback unit 230.

  In FIG. 8, a picture including five persons is displayed in the content display field 450 because the disguised data file Fd “FILE04.jpg” has a data structure as shown in the lower part of FIG. This is because the portion of the data string D1 is the content data file Fc composed of such a photographic image. As described above, the restoration stage content reproduction unit 230 reproduces the content in the content display field 450 based on the content data file Fc included in the camouflaged data file Fd, and performs a process of presenting this to the user (note that When the content data file Fc is an audio data file, as will be described later, image display in the content display field 450 is not performed, or an audio spectrum and an audio waveform are displayed.

  As described in §1, in the present invention, “location information” is collated when the restoration processing unit 200 executes the restoration process. That is, with respect to the content being played back, the restored original data file Fo is provided only when the location information set by the legitimate user during the impersonation process matches the location information specified by the user during the restoration process. become. Therefore, the user performs a position information designation operation on the image displayed in the content display field 450. That is, in this embodiment, the position specifying unit 240 recognizes the user's position specifying operation on the image displayed in the content display field 450 and creates position specifying data Pd for specifying the specified position. I do.

  The position designation operation by the user can be performed by various methods, but the most practical method is a method by mouse click. FIG. 9 is a plan view showing an example in which position designation is performed by a mouse click operation on the operation window 400 shown in FIG. Specifically, the mouse cursor may be moved to a predetermined position on the image displayed in the content display field 450 and the mouse clicked. Here, it is assumed that the mouse click is performed at the designated point P indicated by “X” in the drawing. In this case, the position specifying unit 240 performs processing for taking in the position coordinates P (x, y) of the specified point P and outputting it as position specifying data Pd.

  In the embodiment shown here, when the user performs a mouse click at the position of the designated point P in order to make the user confirm the position of the designated point P, an “X” as shown in the figure is displayed at the designated point P. It is displayed. If it is desired to correct the position of the designated point P, if the mouse is clicked on another position, the position coordinate P (x, y) of the designated point P is also corrected to a new coordinate value, and “X” is displayed. The display position is also corrected to a new position. In this way, when the position of the designated point P is correctly designated, the user clicks the process start button 470.

  The position determination unit 250 receives the click of the process start button 470 and starts the determination process. That is, the specified position specified by the position specifying data Pd given from the position specifying unit 240 matches the set position specified by the position setting data Ps included as the management data M in the camouflaged data file Fd. It is determined whether or not.

  In the example described in §2, as shown in FIG. 5, the coordinate values Q1 (x1, y1) and Q2 (x2, y2) of two points Q1 and Q2 on the image are set as the position setting data Ps. . This is a setting in which a rectangular area having the two points Q1 and Q2 as diagonals is set as the setting area A. Therefore, in this case, the position determination unit 250 uses the position coordinates P (x, y) of the designated point P shown in FIG. 9 and the coordinate values Q1 (x1, y1), Q2 (2) of the two points Q1, Q2 shown in FIG. x2, y2) and if the designated point P is a point in the setting area A, it is determined that the two match. When a determination result that the two match is obtained, the match determination signal J is given from the position determination unit 250 to the file restoration unit 220.

  In the description of §2, an example in which the user remembers the location of the setting area A in FIG. 5 based on the concept of “grandma's face part” has been described. Therefore, when the user who has performed the camouflage process performs the restoration process, it would be easy to click “grandma's face part” as the designated point P based on such a memory. In fact, even if the user forgets the contents of the position setting operation performed during the camouflage process, if the image display as shown in FIG. It will be easy to recall that is the set position.

  If a user other than the user who performed the disguise process performs the restoration process, a message such as “click on the face of the grandma's face” may be transmitted by telephone or e-mail. If information indicating the location of the setting area A is communicated only to specific members, these members can perform restoration processing as regular users.

  When the match determination is made by the position determination unit 250 and the match determination signal J is given to the file restoration unit 220, the file restoration unit 220 selects the fake data file Fd input by the fake data file input unit 210. Then, the original data file Fo is extracted and processed as a restored data file Fr.

  After all, when viewed from the user, when the mouse is clicked at the position of the designated point P on the image displayed in the content display field 450 shown in FIG. 9, an “X” is displayed at that position. When the processing start button 470 is clicked after confirmation, the restored data file Fr (that is, the original data file Fo) is created in a predetermined location (for example, in the folder displayed in the file list display field 440). It will be.

  Of course, when the match determination by the position determination unit 250 is not made, the output processing of the restored data file Fr is not performed. In this case, since a non-matching determination signal is given from the position determination unit 250 to the file restoration unit 220, an error message such as “This file cannot be restored” is displayed by the file restoration unit 220. In this case, the user can recognize that the restoration process has failed.

  The extraction process of the original data file Fo by the file restoration unit 220 can be performed by an algorithm reverse to the process of creating the forged data file Fd by the file forging unit 130. For example, when the camouflaged data file Fd is created by the algorithm shown in FIG. 6, the file restoration unit 220 uses the header part Fc1 of the content data file Fc included in the head part of the camouflaged data file Fd. Based on the information ', the end E of the data string D1 constituting the content data file Fc is recognized, the management data M following the end E is recognized, and the original data file Fo following the management data M is recognized. Then, the portion of the original data file Fo may be extracted and output as the restored data file Fr.

  One method of recognizing the end E of the data string D1 is a method of using data indicating the file length included in the information of the header part Fc1 ′ of the content data file Fc. If the information indicating the file length (data capacity) of the content data file Fc itself is included in the header part Fc1 ′, the length of the data string D1 can be recognized based on the information. The position can be recognized.

  Another method for recognizing the end E of the data string D1 is to recognize the identifier code EOF indicating the file end E based on the data indicating the file type included in the information of the header part Fc1 ′ of the content data file Fc. In this method, the end E of the data string D1 constituting the content data file Fc is recognized by searching for the identifier code EOF. For example, if the header portion Fc1 ′ includes data indicating that the content data file Fc is a “specific image data format” file, the “specific image data format” file includes By referring to the file format rule that a 2-byte code “FF D9” is used as the identifier code EOF indicating E, the position of the 2-byte code “FF D9” is recognized as the position of the end E. be able to. Therefore, if the 2-byte code “FF D9” is searched from the beginning of the data string, the position of the end E can be grasped.

  On the other hand, for the management data M, a predetermined data length can be determined in advance based on a predetermined format. Therefore, if the end E of the data string D1 can be recognized, the end of the management data M can also be recognized. It is easy to separate and extract only the portion of the original data file Fo.

  In the case of the example shown in FIG. 6, the file camouflaging unit 130 performs a process of embedding the file name of the original data file Fo (“FILE04.pdf” in the illustrated example) in a part of the management data M. The file restoration unit 220 can directly assign the file name “FILE04.pdf” embedded in the management data M to the restored data file Fr to be output. Some OS programs use the file name stored in the header of the file as it is as the file name of the file, but the file name of the original data file Fo is embedded in a part of the management data M. In this case, the file restoration unit 220 uses the file name embedded in the management data M in any case, and uses the correct file name (the same file name as the original data file Fo) for the restoration data file Fr. ) Can be granted.

  Finally, variations of position setting by the position setting unit 150 and position determination by the position determination unit 250 will be described. An example of the position setting and position determination described above is an example where an image data file is used as the content data file Fc. In this case, as shown in FIG. 9, the restoration stage content reproduction unit 230 presents an image in the content display field 450, and the user performs a position designation operation on the image. In the case of the above example, it is determined whether or not the designated point P designated by the user by the click operation is a point in the setting area A. However, the spatial position setting data created during the camouflage process does not necessarily need to be data indicating a region having an area such as the setting region A.

  FIG. 10 is a diagram showing variations of the spatial position setting data. FIG. 10 (a) shows an example in which position setting data Ps having the area A having an area as a setting position is created. First, in the camouflage processing stage, as shown in the upper part of FIG. 10A, data indicating a rectangular setting area A having two points Q1 and Q2 as diagonals is created as position setting data Ps. On the other hand, at the restoration processing stage, as shown in the lower part of FIG. 10A, whether or not the designated point P designated by the user by mouse click or the like is within the setting area A specified by the position setting data Ps. If it is within the setting area A, it is determined that it matches. The position setting operation shown in FIG. 5 and the position specifying operation shown in FIG. 9 correspond to the example shown in FIG. If the setting area A is set so as to match the entire image, the match determination is made virtually no matter where the user clicks.

  On the other hand, FIG. 10B shows an example in which position setting data Ps having one Q as a setting position is created. First, in the camouflage processing stage, as shown in the upper part of FIG. 10B, data indicating the position of one point Q (for example, the coordinate value Q (x, y) of the point Q) is created as the position setting data Ps. Is done. In this case, for example, the user may perform an operation of setting the “center position of the grandma's face” as the point Q. In this case, at the restoration processing stage, as shown in the lower part of FIG. 10 (b), it is determined whether or not the designated point P designated by the user with a mouse click or the like is within a predetermined neighborhood range of the point Q. Judgment is made to match if it is within the vicinity range. Here, as the “predetermined neighborhood range”, an arbitrary neighborhood range including the point Q can be determined. For example, the lower part of FIG. 10B shows an example in which the inside of a circle C having a predetermined radius r centered on the point Q is defined as a “predetermined neighborhood range”. Therefore, in this case, if the designated point P is a point inside the circle C, it is determined that they match.

  As described above, when an image data file is used as the content data file Fc, at the camouflage processing stage, the position setting unit 150 causes the point Q on the image (the upper example in FIG. 10B) or the region A (see FIG. The position setting data Ps having the setting position 10 (a) in the upper example) may be created. On the other hand, in the restoration processing stage, the position specifying unit 240 specifies the position of the specified point P on the image, and the position determining unit 250 determines that the specified point P is “a predetermined neighborhood range of the point Q specified by the position setting data Ps”. Within the setting area A specified by the position setting data Ps (FIG. 10 (a) lower example) ”or the match determination may be performed. .

  On the other hand, when an audio data file is used as the content data file Fc, it is necessary to create the temporal position setting data Ps, which requires slightly different handling. As already described in section 2, in the operation window 300 shown in FIGS. 2 to 5, a reverse playback button 361, a pause button 362, a playback button 363, a fast forward button 364, and a playback position display are displayed below the content display field 350. When the content data file Fc designated in the content data file input field 320 is an audio data file, an audio reproduction is performed instead of the image display in the content display field 350. And a point or region on the time axis can be set in the reproduction position display field 355.

  Similarly, in the operation window 400 shown in FIGS. 7 to 9, a reverse playback button 461, a pause button 462, a playback button 463, a fast forward button 464, a playback position display field 455, a playback position are displayed below the content display field 450. When the index 456 is provided and the content data file Fc included in the camouflaged data file Fd specified in the camouflaged data file input field 430 is an audio data file, instead of displaying an image in the content display field 450 Voice can be reproduced, and a point on the time axis can be designated in the reproduction position display field 455. Of course, if necessary, an image of an audio spectrum may be displayed as a visual effect in the content display field 450, or an audio waveform may be displayed so that points or areas are designated on the time axis.

  FIG. 11 is a diagram showing variations of the temporal position setting data. FIG. 11A shows an example in which position setting data Ps having an area T (time interval) having a width on the time axis as a setting position is created. In this example, a state where the region T is set as a section between the time point t1 and the time point t2 is illustrated. For example, in the disguise process stage, such an area T is set by pressing the “S” key at the time point t1 and the “E” key at the time point t2 while reproducing the audio data file. This is possible by performing an operation input such as The user can conceptually store the set position, such as “a specific lyrics section”. As the position setting data Ps, for example, data of elapsed time from the head position to the time points t1 and t2 may be used.

  On the other hand, at the restoration processing stage, the user may perform an input operation for designating a predetermined point on the time axis while reproducing the audio data file. For example, it is possible to designate one point on the time axis by stopping the reproduction by clicking the pause button 462 or the like. In the lower part of FIG. 11 (a), an example is shown in which the position tp on the time axis indicated by the reproduction position display field 455 is designated. By clicking the pause button 462, the reproduction position index 456 is in a stationary state at the specified position tp. In this state, when the user clicks the process start button 470, the position determination unit 250 determines whether or not the designated position tp is within the region T. If it is within the region T, the match determination signal J Will be output.

  On the other hand, FIG. 11B shows an example in which position setting data Ps having a setting position at one point t on the time axis is created. First, in the camouflage processing stage, the user performs a pause operation during playback, and stops the playback position index 356 at the position of 1 point t on the time axis as shown in the upper part of FIG. Click the start button 370. By this operation, data indicating the time t (for example, elapsed time from the head position) is created as the position setting data Ps.

  On the other hand, at the restoration processing stage, the user may perform an input operation for designating a predetermined point on the time axis while reproducing the audio data file. For example, it is possible to designate one point on the time axis by stopping the reproduction by clicking the pause button 462 or the like. In the lower part of FIG. 11B, an example is shown in which the position tp on the time axis indicated by the reproduction position display field 455 is designated. By clicking the pause button 462, the reproduction position index 456 is in a stationary state at the specified position tp. When the user clicks the process start button 470 in this state, the position determination unit 250 determines whether or not the designated position tp is within a predetermined vicinity range of the point t. A determination to match is made. Here, as the “predetermined neighborhood range”, an arbitrary neighborhood range including the point t can be determined. For example, the lower part of FIG. 11B shows an example in which a predetermined region width Δt is set in advance, and the range of (t−Δt) to (t + Δt) on the time axis is set as a “predetermined vicinity range”. Has been. Accordingly, in this case, if the designated position tp is a point within the range of (t−Δt) to (t + Δt), it is determined that the designated position is matched.

  As described above, when an audio data file is used as the content data file Fc, in the disguise processing stage, the point t on the time axis on which the audio is reproduced by the position setting unit 150 (FIG. 11B, upper example) ) Or region setting data Ps that specifies the region T (the upper example in FIG. 11A) as the setting position. On the other hand, in the restoration processing stage, the position specifying unit 240 specifies the position of the point tp on the time axis, and the position determining unit 250 determines that the point tp is “within a predetermined vicinity range of the point t specified by the position setting data Ps”. (FIG. 11 (b) Lower example) ”or“ In the region T specified by the position setting data Ps (FIG. 11 (a) lower example) ”, the match determination may be performed.

  Further, when a moving image data file is used as the content data file Fc, the user can set a spatial position, a temporal position, or both in the camouflage processing stage. Can also be set. FIG. 12 is a conceptual diagram showing a setting area defined by both a spatial position and a temporal position. In the figure, an XYt three-dimensional coordinate system is shown. Here, the XY two-dimensional coordinate system is a coordinate system indicating a position on a two-dimensional plane of an image constituting a moving image, and the t-axis is a coordinate axis indicating time. In the case of a still image, a spatial position is set as a region (or a point) on the XY two-dimensional coordinate system as shown as region A in the figure, but in the case of a moving image, the time axis t is further set. In addition, spatial and temporal positions are set as points, lines, and solids on the XYt three-dimensional coordinate system. The illustrated solid AA shows an example of a setting area on the space-time. The space-time setting area AA has the same spatial position as the plane area A, but occupies the section T on the time axis.

  When the moving image data file is reproduced by the content reproducing units 140 and 230, moving image images are displayed in the content display fields 350 and 450, and sound is simultaneously presented. The point that the playback position can be controlled in time is similar to the playback of the audio data file. In the camouflage process stage, whether to set only the spatial position, only the temporal position, or both of the moving image data file being played is determined by the user performing the camouflage process. . In the restoration processing stage, the position where the setting has been made is designated, and the matching is determined.

  For example, when only the spatial position is set in the camouflage processing stage, the position setting unit 150 displays a point Q on the frame for displaying the moving image on the content display column 350 (an example in the upper part of FIG. 10B) or the area A. The position setting data Ps for specifying (FIG. 10 (a) upper example) as the setting position is created. In this case, at the restoration processing stage, the position designation unit 240 designates the position of the designated point P on the frame for displaying the moving image, and the position determination unit 250 designates the designated point P by “position setting data Ps”. When the point Q is within a predetermined vicinity range (FIG. 10 (b) lower example) or “in the area A specified by the position setting data (FIG. 10 (a) lower example)”, a match determination is performed. become.

  On the other hand, when only the temporal position is set at the camouflage processing stage, the position setting unit 150 causes the point t (the upper example in FIG. 11B) or the region T (FIG. 11A in FIG. ) Position setting data Ps for specifying the upper example) as the setting position is created. In this case, at the restoration processing stage, the position specifying unit 240 specifies the position of the point tp on the time axis for reproducing the moving image, and the position determining unit 250 specifies the specified point tp as “position setting data Ps. When the point t is within a predetermined vicinity range (FIG. 11 (b), lower example) ”or“ in the region T specified by the position setting data Ps (FIG. 11 (a), lower example) ”, a match determination is performed. It will be.

  Further, when both the spatial position and the temporal position are set in the camouflage process stage, the position setting unit 150 includes position setting data Ps including both the temporal position setting data and the spatial position setting data. Should be created. In this case, at the restoration processing stage, the position specifying unit 240 specifies both the point tp on the time axis for reproducing the moving image and the point P on the frame for displaying the moving image, and the position determining unit 250 sets the time The designated point tp on the axis is “within a predetermined vicinity range of the point t specified by the temporal position setting data” or “in the region T specified by the temporal position setting data”, and is spatially designated. If the point P is “within a predetermined range of the point Q specified by the spatial position setting data” or “in the region A specified by the spatial position setting data”, the match determination is performed.

<<< §5. Embodiment for performing password verification >>>
As described above, according to the present invention, “positional information related to the content” known only to the original user is incorporated into the camouflaged data file Fd at the camouflage processing stage, and “correct” for the content being played back at the restoration processing stage. Only when the “position information” is input, the restored data file Fr is output.

  Of course, such measures can ensure a certain level of security for the camouflaged data file Fd. However, in order to further increase the security, it is preferable to combine the verification of the “password” with the verification of the “location information”. For example, in the case of the example shown in FIG. 5, since the position setting of the region A is performed as “grandma's face part” in the camouflage processing stage, if the designated point P shown in FIG. 9 can be designated in the restoration processing stage, The match determination by the position determination unit 250 was performed, and the restored data file Fr was output.

  However, even a third party who does not know the position information “grandma's face part” specifies an arbitrary position in the image displayed in the content display field 450 and clicks the process start button 470. If this operation is repeated by trial and error, there is a possibility that the coincidence determination is made by chance and the restored data file Fr is output. In particular, the wider the setting area A, the higher the possibility that such a coincidence will occur. In the embodiment described in §5, it is possible to prevent the coincidence determination by chance as described above by combining the verification of “password”.

  FIG. 13 is a block diagram illustrating a configuration of a camouflage processing apparatus according to an embodiment that performs password verification. The difference between the embodiment shown in FIG. 13 and the embodiment shown in FIG. 1 is that new components such as a fake stage password input unit 160, a restoration stage password input unit 260, and a password determination unit 270 are added. In addition, the file camouflaging unit 130 creates a camouflaged data file Fd including a password, and the file restoration unit 220 adds a match determination regarding a password as a condition for outputting the restored data file Fr. Since the functions of the remaining components are not changed, description thereof is omitted here. Note that the newly added components are also actually realized by a computer program, and the impersonation stage password input unit 160 and the restoration stage password input unit 260 use the same shared program. Can be configured.

  As shown in the figure, the camouflage stage password input unit 160 is a component on the camouflage processing unit 100 side and has a function of inputting a password based on a user input operation. Specifically, for example, a password input field is displayed on the operation window 300 as shown in FIG. 2, and a function of taking a character string input by the user using a keyboard or the like as the password Pw may be performed. . Here, for convenience of explanation, the password input from the impersonation stage password input unit 160 is denoted by the symbol “(A)” and represented by the symbol Pw (A). The password Pw (A) input by the camouflage stage password input unit 160 is given to the file camouflaging unit 130.

  In the impersonation process stage, the user sets the position regarding the content, inputs the password, and clicks the process start button 370. Although the user can set an arbitrary password, in practice, it is preferable to set a password related to the content. This is a consideration for making the password easy to remember in the restoration processing stage. Here, the following description will be made on the assumption that the area A as shown in FIG. 5 is set and the password “Golden Wedding” is input. In this case, the user can store the area A as “a part of the face of the grandma” and can associately store the password “Golden Wedding” associated therewith.

  In the case of the embodiment shown here, the file camouflaging unit 130 creates the camouflaged data file Fd including the password Pw (A) by incorporating the management data M including the password Pw (A) into the content data file Fc. As already described in §2, the file camouflaging unit 130 incorporates the management data M (Ps) including the position setting data Ps and the original data file Fo into the content data file Fc, thereby creating the camouflaged data file Fd. In the embodiment shown here, the management data M includes the password Pw (A) together with the position setting data Ps. In FIG. 13, (Fc + M (Ps + Pw (A)) + Fo) is written beside the camouflaged data file Fd output from the file camouflaging unit 130. The content data file Fc, It shows that management data M (Ps + Pw (A)) in which position setting data and a password are incorporated, and an original data file Fo are included.

  On the other hand, the restoration stage password input unit 260 is a component on the restoration processing unit 200 side as shown in the figure, and also has a function of inputting a password based on a user input operation. Specifically, for example, a password input field is displayed on the operation window 400 as shown in FIG. 7, and a function of taking a character string input by the user using a keyboard or the like as the password Pw may be performed. . Here, for convenience of explanation, the password input from the restoration stage password input unit 260 is denoted by the symbol “(B)” and represented by the symbol Pw (B). The password Pw (B) input by the restoration stage password input unit 260 is given to the password determination unit 270.

  The password determination unit 270 includes the password Pw (B) input by the restoration stage password input unit 260 and the password Pw (included in the management data M in the forged data file Fd input by the forged data file input unit 210. A) is collated to determine whether or not they match. If the two match, a match determination signal J2 is given to the file restoration unit 220 (if they do not match, a non-match determination signal is given). In the case of the above example, if the password Pw (B) input by the restoration stage password input unit 260 is “golden wedding ceremony”, it is determined that the password matches and a match determination signal J2 is given.

  In the embodiment shown in FIG. 13, the coincidence determination signal given from the position determination unit 250 to the file restoration unit 220 is marked with “J1” to distinguish it from the coincidence determination signal J2. The match determination signal J1 is a “position determination match signal” indicating that the specified position Pd matches the set position Ps as a result of the determination by the position determination unit 250, whereas the match determination signal J2 is a password determination. This is a “password match determination signal” indicating that the password Pw (B) matches the password Pw (A) as a result of the determination by the unit 270.

  The file restoration unit 220 extracts the original data file Fo from the camouflaged data file Fd on the condition that both the position determination unit 250 and the password determination unit 270 make a match determination, and outputs this as the restored data file Fr. Perform the process. That is, in the illustrated example, the restored data file Fr is output only when both the match determination signal J1 and the match determination signal J2 are given.

  In practice, when the match determination by the position determination unit 250 is not performed, or when the match determination by the password determination unit 270 is not performed, the file restoration unit 220 outputs the restored data file Fr. Instead, it is preferable to provide a function of presenting a message indicating restoration failure to the user.

  Specifically, when the match determination by the position determination unit 250 is not made, a “non-match determination signal regarding position” is given to the file restoration unit 220, and the match determination by the password determination unit 270 is made. If not, a “non-coincidence determination signal regarding password” is given to the file restoration unit 220, and when the file restoration unit 220 is given any non-coincidence judgment signal, the restored data file An error message such as “This file cannot be restored” may be displayed without outputting Fr.

  Alternatively, a dummy restoration data file having random contents is prepared in advance or created each time, and when any non-matching determination signal is given, this dummy restoration data file is output. You may do it. In this case, it appears to the user as if the restoration process has been performed without any trouble, but the obtained file is not the original data file Fo but a file with random contents.

<<< §6. Embodiment for performing encryption >>>
In the above §5, the embodiment for improving the security by password verification is described. In this embodiment, the password Pw (A) is incorporated in the forged data file Fd as a part of the management data M. Therefore, if a person with specialized knowledge about the computer analyzes the contents of the fake data file Fd, the contents of the password Pw (A) can be known. In the first place, such an expert would be able to directly extract the original data file Fo by analyzing the fake data file Fd. Therefore, in the case of use for applications that require higher security, it is preferable to adopt the embodiment that performs encryption described here.

  FIG. 14 is a block diagram illustrating a configuration of a camouflage processing apparatus according to an embodiment that performs encryption. The embodiment shown in FIG. 14 is different from the embodiment shown in FIG. 1 in that a forged stage password input unit 160, an encryption processing unit 170, a restoration stage password input unit 260, and a decryption processing unit 280 are newly added. And a disguise data file Fd including an original data file encrypted (hereinafter referred to as an encrypted original data file FFO) is created by the file disguise unit 130. Since the functions of the remaining components are not changed, description thereof is omitted here. Note that the newly added components are also actually realized by a computer program, and the impersonation stage password input unit 160 and the restoration stage password input unit 260 use the same shared program. Can be configured.

  In spite of the embodiment in which the encryption is performed, the password input unit 160, 260 inputs the password by using the encryption key used for the encryption or the password input by the user or a part thereof. It is for creating. FIG. 15 is a diagram showing a general encryption and decryption procedure using an encryption key. As illustrated, the original data file Fo is encrypted by an encryption process using a predetermined encryption algorithm 10, and an encrypted original data file FFO is created. The encrypted original data file FFO is decrypted by a decryption process using a decryption algorithm 20 corresponding to the encryption algorithm 10, and a restored data file Fr is created.

  As the encryption algorithm 10 and the decryption algorithm 20, algorithms based on various theories are known, but a general algorithm used in the industry is an algorithm using an encryption key. The encryption key is some digital data designated by the user or the like. If the encryption key is different, different encrypted files can be obtained even if encryption is performed with the same algorithm. Therefore, in order to perform correct decryption, the same encryption key as the encryption key specified at the time of encryption is required, and the encryption security can be further increased.

  As shown in FIG. 15, the encryption / decryption processing method most widely used at present is a method for allowing the user to specify a password Pw (A) when performing encryption. When the user designates the password Pw (A), the encryption key K (A) is created using the password Pw (A) or a part thereof using a predetermined key creation algorithm 15. Then, the encryption process is executed by the encryption algorithm 10 using the encryption key K (A). On the other hand, when performing decryption, the user is allowed to specify the password Pw (B). When the user designates the password Pw (B), the encryption key K (B) is created using the password Pw (B) or a part thereof using the same key creation algorithm 15 as that used for encryption. Decryption processing is executed by the decryption algorithm 20 using the encryption key K (B).

  If the password Pw (B) input by the user at the time of decryption is the same as the password Pw (A) input at the time of encryption, the encryption key K (A) and the decryption algorithm used by the encryption algorithm 10 Since the encryption keys K (B) used by 20 are equal, correct decryption is performed, and the resulting restored data file Fr is the same file as the original data file Fo. When the password Pw (B) is different from the password Pw (A), correct decryption is not performed, and the restored data file Fr obtained is a file different from the original data file Fo. Thus, correct decryption cannot be performed unless the password Pw (A) input at the time of encryption is known. The camouflage processing apparatus shown in FIG. 14 incorporates encryption and decryption based on the principle shown in FIG.

  In FIG. 14, a camouflage stage password input unit 160 is a component on the camouflage processing unit 100 side as shown in the figure, and has a function of inputting a password based on a user input operation. The function of the forged stage password input unit 160 is exactly the same as the function of the forged stage password input unit 160 shown in FIG. Here, as in the example of §5, it is assumed that the user sets the area A as “grandma's face part” and inputs the password “Golden Wedding” related thereto.

  The password Pw (A) input by the impersonation stage password input unit 160 is given to the encryption processing unit 170. The encryption processing unit 170 applies a predetermined encryption algorithm 10 using the password Pw (A) input by the impersonation stage password input unit 160, performs encryption processing on the original data file Fo, and performs encryption. The original data file FFO is created.

  More specifically, as shown in the process in FIG. 15, first, the encryption processing unit 170 uses the password Pw (A) or a part thereof based on the predetermined key creation algorithm 15, Processing for creating the encryption key K (A) is executed. Of course, the password Pw (A) may be used as it is as the encryption key K (A). Subsequently, an encryption process for the original data file Fo is executed by a predetermined encryption algorithm 10 using the encryption key K (A). Since the encryption process using such an encryption key is a known technique, detailed description thereof is omitted here.

  In the embodiment shown here, the file camouflaging unit 130 creates the camouflaged data file Fd by incorporating the encrypted original data file FFO instead of the original data file Fo. In FIG. 14, (Fc + M (Ps) + FFo) is written beside the camouflaged data file Fd output from the file camouflaging unit 130. The content data file Fc and the position setting data are included in the camouflaged data file Fd. Are included in the management data M (Ps) and the encrypted original data file FFO.

  Therefore, the data configuration of the camouflaged data file Fd created in the embodiment shown here is obtained by replacing the original data file Fo with the encrypted original data file FFO in the configuration example of the camouflaged data file Fd shown in the lower part of FIG. become. For this reason, even if the camouflaged data file Fd is analyzed in the hands of an unauthorized person and the portion of the encrypted original data file FFO is separated and extracted, the original data file Fo can be used as long as it cannot be decrypted. Cannot be restored. Since the forged data file Fd does not contain any information about the password Pw (A) or the encryption key K (A), the encryption key necessary for decryption is obtained even if the forged data file Fd is analyzed. I can't.

  On the other hand, the restoration stage password input unit 260 is a component on the restoration processing unit 200 side as shown in the figure, and also has a function of inputting a password based on a user input operation. The function of the forged stage password input unit 260 is exactly the same as the function of the forged stage password input unit 260 shown in FIG. The password Pw (B) input by the restoration stage password input unit 260 is given to the decryption processing unit 280.

  The decryption processing unit 280 uses the password Pw (B) input by the restoration stage password input unit 260 for the encrypted original data file FFO extracted from the camouflaged data file Fd. The decryption algorithm 20 corresponding to the encrypted algorithm 10 is executed to perform the decryption process, and the restored data file Fr is created.

  More specifically, as shown in FIG. 15, first, in the decryption processing unit 280, based on the same key creation algorithm 15 used by the encryption processing unit 170, the password Pw (B) Alternatively, a process for creating the encryption key K (B) is executed using a part thereof. Subsequently, a decryption process is performed on the encrypted original data file FFo by the decryption algorithm 20 using the encryption key K (B). If the password Pw (B) is the same as the password Pw (A) (in the above example, if the password “golden wedding” is input to the recovery stage password input unit 260), the recovery data obtained by decryption The file Fr is the same file as the original data file Fo.

  The file restoration unit 220 outputs the data file decrypted by the decryption processing unit 280 as a restoration data file Fr. However, in this embodiment as well, as in the embodiment shown in FIG. 1, the position determination by the position determination unit 250 is performed, and the file restoration unit 220 is conditional on the match determination by the position determination unit 250 being made. (In other words, on condition that the match determination signal J is given from the position determination unit 250), the restored data file Fr is output. Therefore, in the case of the example shown here, the correct restored data file Fr that is the same as the original data file Fo only when the user designates the position of “Grandma's face” and enters the password “Golden Wedding”. Will be output.

  In the case of the embodiment shown here, it is not determined whether or not the password Pw (B) input in the restoration process is a correct password (that is, whether or not it matches the password Pw (A)). However, if the password is incorrect, the content of the obtained restored data file Fr is also wrong, and the user fails to restore the original data file Fo.

  In the block diagram of FIG. 14, the match determination signal J from the position determination unit 250 is used for control of the file restoration unit 220, but the match determination signal J may be used for control of the decoding processing unit 280. Good.

  As shown in the example, when the match determination signal J is used for the control of the file restoring unit 220, the decoding processing unit 280 executes the decoding process regardless of the determination result of the position determining unit 250, and restores the restored data. Processing to create the file Fr is executed. However, if the position determination unit 250 does not make a match, a non-match determination signal is given to the file restoration unit 220, so that the restoration data file Fr is not output. .

  On the other hand, the match determination signal J can also be used for control of the decoding processing unit 280. That is, the match determination signal J is given to the decoding processing unit 280, and the decoding processing unit 280 executes the decoding process only when the match determination signal J is given, and creates the restored data file Fr. To do. In this case, if the position determination unit 250 does not make a match, the decoding processing unit 280 is given a non-matching determination signal, so that the decoding process is not executed and the restored data file Fr Is never created.

  In short, on condition that the match determination is performed by the position determination unit 250 (only when a match determination is made), the decryption processing by the decryption processing unit 280 and the output processing of the restored data file by the file restoration unit 220 are performed. Both processes may be performed together. In other words, when the match determination by the position determination unit 250 is not made, at least one of the two processes may be prevented. In order to output the restored data file Fr from the restoration processing unit 200, both the decryption process by the decryption processing unit 280 and the output process of the restored data file by the file restoration unit 220 need to be performed together. is there. Therefore, if the match determination by the position determination unit 250 is not made, the output of the restored data file Fr can be prevented by preventing at least one of the processes.

  Of course, a dummy restoration data file having random contents is prepared in advance or is created each time, and if the match determination by the position determination unit 250 is not made, the file restoration unit 220 causes the dummy restoration data file to be created. A restored data file may be output.

  Finally, some specific examples of the key creation algorithm 15 shown in FIG. 15 will be described. As described above, the key creation algorithm is an algorithm for creating the encryption key K based on some rule using some password Pw. FIG. 16 is a diagram showing several examples of a method for generating such an encryption key.

  Here, a case where an English word “APPLEPIE” is given as the password Pw will be described as an example. The simplest key generation algorithm uses all the character strings constituting the password Pw as encryption keys as they are. In this case, as shown in the figure, the English word “APPLEPIE” is used as it is as the encryption key K1 (in practice, individual characters are often converted into numerical values to be used as encryption keys).

  On the other hand, the illustrated encryption key K2 “APPLE” is a key obtained by the rule of extracting a part of the password “APPLEPIE” (first five characters in this example). The encryption key K3 “APPLEPIE-MAY” is a key obtained by adding a character string based on a certain rule (in this example, a hyphen and the current month name) after the password “APPLEPIE”. The encryption key K4 is obtained by a rule of adding a specific character string (in this case, the character string & MELON) to a part of the password “APPLEPIE” (in this case, the first 5 characters). Key.

  Eventually, the encryption processing unit 170 and the decryption processing unit 280 execute encryption or decryption processing using the password Pw or part thereof as the encryption key K or part thereof.

  On the other hand, the encryption keys K5 and K6 shown in FIG. 16 are keys created by a slightly different method. In order to create these encryption keys K5 and K6, it is necessary to prepare an arbitrary data string 30 separately. The arbitrary data string 30 may be any data string, but needs to be the same data string that can be obtained in some form when performing the impersonation process and the restoration process. Therefore, in practice, it is most preferable to use the content data file Fc as the arbitrary data string 30. The content data file Fc is a file that is captured by the content data file input unit 120 during the camouflage process, and is a file that is included in the camouflaged data file Fd captured by the camouflaged data file input unit 210 during the restoration process. These are incorporated into the unit at any stage of the camouflage process and the restoration process.

  Therefore, the encryption processing unit 170 and the decryption processing unit 280 use the “partial data in the content data file Fc” specified by the password Pw as the encryption key K or a part thereof to perform encryption or decryption processing. To execute.

  Specifically, the process for creating the encryption key K5 based on the password “APPLEPIE” is as follows. First, as shown in the figure, a predetermined numerical algorithm 35 is applied to a character string constituting the password “APPLEPIE”, and an operation for obtaining a predetermined unique value unique to the character string is executed. Here, it is assumed that “APPLEPIE” is converted into a unique value of “80”. As the numerical algorithm 35 used here, any algorithm may be used as long as it can uniquely determine a specific value based on a given password Pw. For example, a hash function is widely used as such a numerical algorithm (the eigenvalue “80” is not a correct hash value but merely an example).

  When the eigenvalue is obtained in this way, based on a predetermined extraction algorithm 36, it is determined according to the eigenvalue from a predetermined reference position of an arbitrary prepared data string 30 (in this example, the data string constituting the content data file Fc). Data of a predetermined length starting from the data arranged at the subsequent position is extracted. For example, as the extraction algorithm 36, “the data string 30 is extracted with data having a length of 8 bytes starting from the reference position and the data arranged at the subsequent position corresponding to the eigenvalue from the reference position as the reference position” When the algorithm is adopted, as shown in the drawing, a total of 8 bytes of data (the portion shown by hatching in the figure) from the 80th byte to the 87th byte from the top of the data string 30 are extracted.

  The illustrated encryption key K5 uses the 8-byte data extracted in this way as an encryption key as it is. On the other hand, the encryption key K6 shown in the figure is a key using the extracted 8-byte data as a part, and a certain character string (in this example, a character string & MELON) is added to the extracted data. It is a key obtained by the rule of adding.

  In the above-described method for creating the encryption keys K5 and K6, even if the numerical algorithm 35 and the extraction algorithm 36 are constant, the password Pw and the data string 30 can be arbitrarily changed each time according to the user's selection. is there. Therefore, it is possible to construct an encryption processing system with extremely high security.

<<< §7. Embodiment for performing both password verification and encryption >>>
As described above, in the embodiment that performs the encryption of §6, a password is used. However, in the embodiment of §6, password verification is not performed during the restoration process, and the password is only used as a material for creating an encryption key. Here, an embodiment will be described in which the embodiment described in §6 is combined with the embodiment described in §5 for performing password verification.

  FIG. 17 is a block diagram illustrating a configuration of a camouflage processing apparatus according to an embodiment that performs both password verification and encryption. The embodiment shown in FIG. 17 is different from the embodiment shown in FIG. 14 described in section 6 in that the encryption processing unit 170 encrypts the password Pw (A) together with the encryption of the original data file Fo. Are also performed, the encrypted password PPw is created, the file camouflaging unit 130 creates the camouflaged data file Fd including the encrypted password PPw, and the decryption processing unit 280 is the encrypted original data file Ffo A function of decrypting the encrypted password PPw and a function of decrypting the encrypted password PPw, adding a new component of the password determination unit 270 to the restoration processing unit 200, and a correct restoration data file The point that the match judgment regarding the password is made as a condition for obtaining Fr A. Since the remaining components are the same as the functions of the components in the embodiment shown in FIG. 14, the description thereof is omitted here. The newly added components are actually realized by a computer program.

  The encryption processing unit 170 is a component having a function of performing encryption processing on the data to be encrypted by using the password Pw (A), and therefore encrypts any given digital data. Processing can be performed. Therefore, if the original data file Fo is given, the encrypted original data FFo can be created by encrypting the original data file Fo, and if the password Pw (A) is given, the encrypted password PPw is encrypted by encrypting it. Can be created. The encrypted original data file FFO and the encrypted password PPw created in this way are given to the file disguise unit 130.

  In the case of the embodiment of FIG. 17, the file camouflaging unit 130 creates a camouflaged data file Fd including the encrypted password PPw by incorporating the management data M including the encrypted password PPw into the content data file Fc. In the case of the embodiment shown in FIG. 14, the file camouflaging unit 130 incorporates management data M (Ps) including the position setting data Ps and the encrypted original data file FFO into the content data file Fc, thereby impersonating data. Although it has a function of creating the file Fd, in the case of the embodiment of FIG. 17 described here, the management data M includes the encryption password PPw together with the position setting data Ps. In FIG. 17, (Fc + M (Ps + PPw) + FFo) is written beside the forged data file Fd output from the file forging unit 130 because the forged data file Fd contains the content data file Fc and the position setting data. And management data M (Ps + PPw) in which an encrypted password is incorporated, and an encrypted original data file FFO.

  Therefore, the data configuration of the camouflaged data file Fd created in the embodiment shown here is the same as the configuration example of the camouflaged data file Fd shown in the lower part of FIG. The encrypted password PPw is added to the data M. Here, even if the camouflaged data file Fd is analyzed in the hands of an unauthorized person and the encrypted original data file FFO part and the encrypted password PPw part are separated and extracted, decryption can be performed. Unless you can, you cannot restore the original data file or password.

  On the other hand, the decryption processing unit 280 is a component having a function of performing decryption processing on the data to be decrypted using the password Pw (B) input by the restoration stage password input unit 260. The decryption processing can be performed on given digital data. Therefore, if the encrypted original data file FFO is given, it can be decrypted to create a restored data file Fr (if the correct decryption is performed, this is the same as the original data Fo). If the encrypted password PPw is given, the password Pw (C) (which is the same as the password Pw (A) if correct decryption is performed) can be created by decrypting the encrypted password PPw. it can. The restoration data file Fr created in this way is given to the file restoration unit 220, and the password Pw (C) is given to the password determination unit 270.

  The password determination unit 270 includes the password Pw (B) given from the restoration stage password input unit 260 and the password Pw (C) given from the decryption processing unit 280 (the encrypted password included in the forged data file Fd). The password obtained by decrypting PPw) is checked to determine whether or not they match. If the two match, a match determination signal J2 is given to the file restoration unit 220 (if they do not match, a non-match determination signal is given).

  In the embodiment shown in FIG. 17, the coincidence determination signal given from the position determination unit 250 to the file restoration unit 220 is marked with “J1” to distinguish it from the coincidence determination signal J2. The match determination signal J1 is a “position determination match signal” indicating that the specified position Pd matches the set position Ps as a result of the determination by the position determination unit 250, whereas the match determination signal J2 is a password determination. This is a “password match determination signal” indicating that the password Pw (B) matches the password Pw (C) as a result of the determination by the unit 270.

  The file restoration unit 220 performs a process of outputting the restored data file Fr created by the decryption processing unit 280 on the condition that both the position determination unit 250 and the password determination unit 270 make a match determination. That is, in the illustrated example, the restored data file Fr is output only when both the match determination signal J1 and the match determination signal J2 are given.

  As in the embodiment described in §5, in practice, when the match determination by the position determination unit 250 is not performed, or when the match determination by the password determination unit 270 is not performed, the file restoration unit 220 Instead of outputting the restored data file Fr, it is preferable to present an error message such as “This file cannot be restored” to the user.

  Specifically, when the match determination by the position determination unit 250 is not made, a “non-match determination signal regarding position” is given to the file restoration unit 220, and the match determination by the password determination unit 270 is made. If not, a “non-coincidence determination signal regarding password” is given to the file restoration unit 220, and when the file restoration unit 220 is given any non-coincidence judgment signal, the restored data file An error message may be presented without outputting Fr.

  Alternatively, a dummy restoration data file having random contents is prepared in advance or created each time, and when any non-matching determination signal is given, this dummy restoration data file is output. You may do it.

  FIG. 18 is a diagram showing encryption and decryption procedures in the embodiment shown in FIG. Similarly to the procedure shown in FIG. 15, when the user designates the password Pw (A), the encryption key K (A) is used by using the password Pw (A) or a part thereof using the predetermined key creation algorithm 15. ). Then, the encryption algorithm 10 using the encryption key K (A) is used to encrypt the original data file Fo to create an encrypted original data file FFO, and to encrypt the password Pw (A). An encrypted password PPw is created.

  On the other hand, when performing decryption, the user is allowed to specify the password Pw (B), and the encryption is performed using the password Pw (B) or a part thereof using the same key creation algorithm 15 as that used for encryption. Create a key K (B). Then, by using the decryption algorithm 20 using the encryption key K (B), the encrypted original data file FFO is decrypted to create a restored data file Fr, and the encrypted password PPw is decrypted to obtain the password. Pw (C) is created.

  If the password Pw (B) input by the user at the time of decryption is the same as the password Pw (A) input at the time of encryption, the encryption key K (A) and the decryption algorithm used by the encryption algorithm 10 Since the encryption key K (B) used by 20 is equal, correct decryption is performed, and the obtained restored data file Fr is the same file as the original data file Fo, and the obtained password Pw (C) is the original one. It becomes the same as the password Pw (A). That is, assuming that Pw (A) = Pw (B) on the premise that the user inputs a correct password at the time of restoration processing, since K (A) = K (B), Fo = Fr, Pw (A) = Pw (B) = Pw (C). Therefore, the password determination unit 270 determines that Pw (B) = Pw (C), and if it matches, the restoration data file Fr may be output from the restoration processing unit 200.

  If the password Pw (B) is different from the password Pw (A), correct decryption is not performed, and the obtained restored data file Fr becomes a file different from the original data file Fo, and the obtained password Pw (C) is different from the original password Pw (A). Therefore, the password determination unit 270 determines that it does not match, and gives a non-matching determination signal to the file restoration unit 220, so that the correct restoration data file Fr (that is, the original data file Fo) is output. Absent.

  In the block diagram of FIG. 17, the match determination signal J1 from the position determination unit 250 and the match determination signal J2 from the password determination unit 270 are used for control of the file restoration unit 220, but the match determination signal J1, J2 may be used for control of the decryption processing unit 280.

  As shown in the example, when the match determination signals J1 and J2 are used for control of the file restoration unit 220, the decryption processing unit 280 performs the decryption regardless of the determination results of the position determination unit 250 and the password determination unit 270. The process is executed, and the process of creating the restored data file Fr and the password Pw (C) is executed. However, in the event that a non-match is determined in one or both of the position determination unit 250 and the password determination unit 270, the file restoration unit 220 determines a non-match determination for at least one. Since the signal is given, the output processing of the restored data file Fr is not performed.

  On the other hand, the match determination signals J1 and J2 can be used for control of the decoding processing unit 280. That is, the match determination signals J1 and J2 are given to the decryption processing unit 280, and the decryption processing unit 280 only applies the match determination signals J1 and J2 to the encrypted original data file FFO. The decryption process is executed. In this case, unless both the position determination unit 250 and the password determination unit 270 determine matching, the decryption process for the file FFo is not executed and the restored data file Fr is not created.

  This imposes a condition that “a match determination is made by both the position determination unit 250 and the password determination unit 270” as a condition for performing the process of creating the recovery data file Fr within the recovery processing unit 200. There is nothing else. By imposing such conditions, it is possible to reduce the possibility that the restoration data file Fr will be created inside the restoration processing unit 200 by an unauthorized method, and to improve security.

  Note that the decryption process for the encrypted password PPw can be imposed on the condition that “the match determination is performed by the position determination unit 250 (that is, the match determination signal J1 is obtained)” as necessary. However, it is not possible to impose a condition that “the password determination unit 270 performs a match determination (that is, the match determination signal J2 is obtained)”. This is because the password determination unit 270 requires a password Pw (C) obtained by executing a decryption process on the encrypted password PPw for the match determination.

  In short, in the embodiment shown in FIG. 17, the decryption process is performed on the condition that both the position determination unit 250 and the password determination unit 270 make a match determination (only when the match determination is made on both sides). Both the decryption process for the encrypted original data file FFo by the unit 280 and the output process for the restored data file Fr by the file restoration unit 220 may be performed. In other words, when the match determination by the position determination unit 250 is not made, or when the match determination by the password determination unit 270 is not made, at least one of the two processes is prevented. Just keep it. In order to output the restored data file Fr from the restoration processing unit 200, both the decryption process for the encrypted original data file Ffo by the decryption processing unit 280 and the output process for the restored data file Fr by the file restoration unit 220 are performed. These processes need to be performed together. Therefore, if the match determination by the position determination unit 250 is not performed, or if the match determination by the password determination unit 270 is not performed, the output of the restored data file Fr is blocked if at least one of the processes is blocked. be able to.

<<< §8. Embodiment using a plurality of files >>
In the embodiments described so far, the example in which the fake data file Fd is created by combining one original data file Fo to be camouflaged and one content data file Fc has been shown. However, in implementing the present invention, there may be a plurality of original data files Fo and content data files Fc incorporated in the camouflaged data file Fd.

  FIG. 19 is a diagram illustrating a configuration example of the camouflaged data file Fd in the embodiment using a plurality of files. In the illustrated example, a plurality of n original data files Fo (1), Fo (2),..., Fo (n) and a plurality of m content data files Fc (1), Fc (2),. .., Fc (m) are combined to create one fake data file Fd. The embodiments described so far correspond to an example in which n = 1 and m = 1. Of course, an embodiment in which only m is set with n = 1, and an embodiment in which only n is set with m = 1 are possible.

  As described above, in the case of an embodiment applicable to a plurality of files, in the apparatus according to each of the embodiments described so far, the original data file input unit 110 receives n originals based on the user's file designation operation. A function for inputting a data file may be provided, and the content data file input unit 120 may be provided with a function for inputting m content data files based on a user's file designation operation. In this case, the file camouflaging unit 130 creates a camouflaged data file Fd that includes n original data files or encrypted original data files and m content data files.

  The lower part of FIG. 19 shows a configuration example of such a camouflaged data file Fd. In order to create a camouflaged data file Fd having such a data structure, the file camouflaging unit 130 manages the management data M and the first to nth original data files Fo (1) and Fo (2) that follow it. ),..., Fo (n) (encrypted original data file if encryption is performed) and the second to m-th content data files Fc (2),. The additional data string D2 including the data constituting m) may be created.

  At this time, configuration information (for example, information indicating the file name, data length, arrangement order, original data file or content data file of each file) indicating the configuration of the additional data string D2 is the management data M. To be included. Then, the forged data file Fd may be created by adding the additional data string D2 to the end of the data string D1 constituting the first content data file Fc (1).

  The extension of the camouflaged data file Fd is preferably an extension indicating the same file format as that of the first content data file Fc (1). For example, when the first content data file Fc (1) is a “JPEG format” file, an extension “.jpg” is added to the file name of the fake data file Fd. As a result, at first glance, the camouflaged data file Fd appears to be a single “JPEG format” file. Of course, the n original data files and the m content data files do not necessarily have to be in the same format, and there is no problem even if image files, audio files, moving image files, and the like are mixed.

  On the other hand, when the forged data file Fd having the data structure shown in the lower part of FIG. 19 is input on the restoration processing unit 200 side, the first content data included in the head portion of the forged data file Fd. Based on the information in the header part of the file Fc (1), the end of the data string D1 constituting the first content data file Fc (1) can be recognized.

  Specifically, as already described in §3, for example, based on the data indicating the file length included in the information of the header portion of the first content data file Fc (1), the data string D1 The end can be recognized. Alternatively, based on the data indicating the file type included in the header information of the first content data file Fc (1), an identifier code indicating the end of the file (for example, the file type is “JPEG format”). In this case, the end of the data string D1 can be recognized by recognizing this identifier code and recognizing the identifier code (FF D9).

  If the end of the data string D1 can be recognized in this way, the management data M subsequent to the data string D1 can be recognized, and the original information subsequent to the management data M can be recognized using the configuration information included in the management data M. Data files Fo (1), Fo (2),..., Fo (n) (encrypted original data file if encryption is performed) and the second to mth content data files Fc (2) ,..., Fc (m) can be recognized. In other words, each file included in the camouflaged data file Fd shown in the lower part of FIG. 19 can be recognized as a separate and independent file as shown in the upper part of FIG.

  Next, a specific process performed on the impersonation processing unit 100 side and the restoration processing unit 200 side when a plurality of m content data files are used will be described. Here, first, the case of the embodiment (embodiment of FIG. 1) described in §2 to §4 where password verification and encryption are not performed will be described.

  When a plurality of m content data files are used, the position setting operation can be performed for each individual file on the camouflage processing unit 100 side. Accordingly, the camouflaged stage content playback unit 140 has a function of playing back each of the m content data files and presenting them to the user, and the position setting unit 150 is configured to display individual content being played back based on the user's position setting operation. Each has a function of creating position setting data. The file camouflaging unit 130 creates the camouflaged data file Fd by incorporating the management data M including the position setting data created for each file.

  FIG. 20 is a diagram illustrating a position setting procedure performed on the impersonation processing unit 100 side in an embodiment using a plurality of m content data files. For example, during the reproduction of the first content data file Fc (1) by the camouflaged stage content reproduction unit 140, the position setting unit 150 performs a user position setting operation for setting a predetermined position on the first content C1. Based on the above, position setting data Ps1 is created. Similarly, position setting data Ps2 is created for the second content C2, and position setting data Psm is created for the mth content Cm. The file camouflaging unit 130 creates the camouflaged data file Fd by incorporating the management data M including these m pieces of position setting data Ps1, Ps2,..., Psm.

  On the other hand, on the restoration processing unit 200 side, the restoration stage content reproducing unit 230 has a function of sequentially reproducing the contents of the m content data files and presenting them to the user, and the position specifying unit 240 specifies the position of the user. Based on the operation, each content being played back has a function of designating the position. The position determination unit 250 has a function of determining whether or not each designated position matches the set position for each content.

  Then, after the restoration stage content reproduction unit 230 reproduces the first content data file Fc (1), the content of the i-th (1 ≦ i <m) content data file Fc (i) The content of the (i + 1) th content data file is played back on condition that the match determination by the position determination unit 250 is made, and the file restoration unit 220 performs a position determination unit for the content of the mth content data file. The restoration data file Fr is output on condition that the match determination is performed.

  FIG. 21 is a diagram showing a procedure of match determination performed on the restoration processing unit 200 side in an embodiment using a plurality of content data files. First, the restoration stage content reproduction unit 230 reproduces the first content data file Fc (1) and presents the first content C1 to the user. When the user performs a position specifying operation for the first content C1, the position determination unit 250 includes the position specifying data Pd1 obtained by the operation and the first position setting data included in the management data M. A position match determination with Ps1 is performed.

  Here, if Pd1 and Ps1 match, the restoration stage content reproduction unit 230 reproduces the second content data file Fc (2) and presents the second content C2 to the user. When the user performs a position specifying operation for the second content C2, the position determination unit 250 uses the position specifying data Pd2 obtained by the operation and the second position setting data included in the management data M. A position match determination with Ps2 is performed.

  Similarly, the (i + 1) th content is presented on the condition that the position match determination is made for the i-th content Ci. Finally, the restoration stage content playback unit 230 plays back the mth content data file Fc (m) and presents the mth content Cm to the user. When the user performs a position specifying operation for the m-th content Cm, the position determination unit 250 includes the position specifying data Pdm obtained by the operation and the m-th position setting data included in the management data M. A position match determination with Psm is performed.

  Here, if Pdm and Psm match, the position determination unit 250 gives a match determination signal J to the file restoration unit 220 so that the restoration data file Fr is output. When a plurality of n original data files Fo (1), Fo (2),..., Fo (n) are incorporated in the camouflaged data file Fd, these files are restored data independently of each other. It will be output as a file Fr.

  If the position match determination is not made for the i-th content Ci, the (i + 1) -th content is not presented, and the decoding process is interrupted there. In this case, if necessary, some error message may be presented to the user.

  Alternatively, when the position match determination is not made for the i-th content Ci, dummy content that is completely different from the original (i + 1) -th content may be presented.

  Next, in the case of the embodiment (embodiment of FIG. 13) described in §5 in which password verification is performed, unique processing performed on the camouflage processing unit 100 side and the restoration processing unit 200 side will be described.

  In this case, on the camouflage processing unit 100 side, it is possible to perform a position setting operation and a password input operation for each of the m content data files as necessary. Therefore, the camouflaged stage content playback unit 140 has a function of playing back each of the m content data files and presenting them to the user.

  Further, the position setting unit 150 sets a predetermined position in time or space during reproduction for a part or all of the m content data files based on the position setting operation of the user, and sets the set position. A function for creating each position setting data to be specified is provided, and an impersonation stage password input unit 160 stores individual passwords for some or all of the m content data files based on a user input operation. Have a function to input and set.

  It is sufficient that at least one of position setting data and password is set in the m content data files. Therefore, the position setting data setting process by the position setting unit 150 does not necessarily have to be performed for all of the m content data files, and may be performed for a part thereof. Further, the password setting process by the camouflaged stage password input unit 160 does not necessarily have to be performed for all of the m content data files, but may be performed for a part thereof.

  The file disguise unit 130 includes, in the first content data file Pc (1), management data M including position setting data and a password, one or a plurality of n original data files, and second to m-th content. By incorporating the data file, a forged data file Fd is created.

  FIG. 22 is a diagram illustrating a procedure of position setting and password setting performed on the camouflage processing unit 100 side. For example, during the reproduction of the first content data file Fc (1) by the camouflaged stage content reproduction unit 140, “the position of the user who sets the predetermined position on the first content C1 by the position setting unit 150” “Process for creating position setting data Ps1 based on setting operation” and “Process for impersonation stage password input unit 160 to set password Pw1 based on user password input operation for first content C1” Either one or both are performed. In the figure, “Ps1” AND / OR “Pw1” means “one or both of Ps1 and Pw1”. Whether to perform only one or both is a matter that the user can freely select.

  A similar process is executed for the second content C2 to the mth content Cm. Therefore, position setting data and / or a password are set for each of the m content data files. The file camouflaging unit 130 creates the camouflaged data file Fd by incorporating the management data M including the position setting data and password set here.

  On the other hand, on the restoration processing unit 200 side, the restoration stage content reproduction unit 230 has a function of sequentially reproducing the contents of the m content data files and presenting them to the user, and the position designation unit 240 performs the user's position designation operation. Based on this, a function for specifying the position of each individual content being played back is provided. The position determination unit 250 has a function of determining whether or not each designated position matches the set position for each content.

  Further, the restoration stage password input unit 260 has a function of inputting a password during reproduction of the password-set content that has been set by the impersonation stage password input unit 160 based on the user's input operation. The password determination unit 270 includes a “password for each password-set content input by the restoration stage password input unit 260” and a “password for each password-set content included in the forged data file Fd”. ”And a function for determining whether or not they match.

  Then, after the restoration stage content reproduction unit 230 reproduces the first content data file Fc (1), the content of the i-th (1 ≦ i <m) content data file Fc (i) The content of the (i + 1) th content data file is played back on condition that a match determination is made for all of the position settings and password settings that have been set, and the file restoration unit 220 performs the mth operation. With respect to the content of the content data file, the restored data file Fr is output on condition that a match determination is made for all of the set position and password settings.

  FIG. 23 is a diagram showing a procedure of match determination performed on the restoration processing unit 200 side in the case of the embodiment (embodiment of FIG. 13) described in §5 in which password verification is performed. First, the restoration stage content reproduction unit 230 reproduces the first content data file Fc (1) and presents the first content C1 to the user. The user performs a position specifying operation when the position is set for the content C1, and performs a password input operation when the password is set. Of course, if both settings are made, both the position designation operation and the password input operation are performed.

  When the position specifying operation is performed, the position determining unit 250 performs position matching determination between the position specifying data Pd1 obtained by the operation and the first position setting data Ps1 included in the management data M. When the password input operation is performed, the password determination unit 270 determines whether the password Pw1 obtained by the operation matches the first password Pw1 included in the management data M.

  Here, in the case where a determination indicating a match is made for all the items for which the match determination has been performed, the restoration stage content playback unit 230 plays back the second content data file Fc (2) to the user for the second time. The second content C2 is presented. The user performs a position specifying operation when the position is set for the content C2, and performs a password input operation when the password is set. Of course, if both settings are made, both the position designation operation and the password input operation are performed.

  Again, when a position specifying operation is performed, the position determining unit 250 determines whether or not the position match between the position specifying data Pd2 obtained by the operation and the second position setting data Ps2 included in the management data M is reached. I do. When the password input operation is performed, the password determination unit 270 determines whether the password Pw2 obtained by the operation matches the second password Pw2 included in the management data M. Then, when a determination indicating a match is made for all the items for which the match determination has been performed, the restoration stage content playback unit 230 plays back the third content data file Fc (3) to the user for the third time Present content C3.

  Similarly, for the i-th content Ci, the reproduction of the content of the (i + 1) -th content data file is performed on the condition that the matching determination is made for all of the set position and password settings. Is done. Finally, when the match determination is made for all of the position setting and password setting for the m-th content data file Fc (m), the match determination signal J1 or J2 or both are The restored data file Fr is output. When a plurality of n original data files Fo (1), Fo (2),..., Fo (n) are incorporated in the camouflaged data file Fd, these files are restored data independently of each other. It will be output as a file Fr.

  Here, for the i-th content Ci, if the necessary match determination (match determination for all set positions and password settings) has not been made, the (i + 1) -th content Is not presented, and the decoding process is interrupted there. In this case, if necessary, some error message may be presented to the user.

  Alternatively, when a necessary match determination is not made for the i-th content Ci, dummy content that is completely different from the original (i + 1) -th content may be presented.

  The same applies to the embodiment described in §6 that performs encryption (the embodiment of FIG. 14) and the embodiment described in §7 that performs both password verification and encryption (the embodiment of FIG. 17). In addition, it is possible to use a plurality of m content data files.

  At this time, when a password is input for each of a plurality of contents by the camouflage stage password input unit 160 in the camouflage process stage, the encryption processor 170 determines whether the input password is based on a predetermined rule. What is necessary is just to perform an encryption process using a part or all. In the embodiment in which password verification is performed, the file camouflaging unit 130 includes management data including an encrypted password obtained by encrypting the position setting data and the password in the first content data file Pc (1). The forged data file Fd may be created by incorporating M, the encrypted original data file, and the second to m-th content data files.

  On the other hand, in the restoration processing stage, the decryption processing unit 280 executes the decryption process using a part or all of the password input by the restoration stage password input unit 260 based on the above-described rules. That's fine.

  Further, in the case of the embodiment with encryption described in §6 and §7, the file to be encrypted is the original data file Fo, but in the embodiment using a plurality of m content data files, The second and subsequent content data files can be encrypted as necessary.

  That is, by applying a predetermined encryption algorithm using the password input by the fake stage password input unit 160 to the encryption processing unit 170, a part or all of the second to m-th content data files are encrypted. If the processing is performed and the function of creating the encrypted content data file is provided, the file camouflaging unit 130 selects the encrypted content for the encrypted files among the second to m-th content data files. A forged data file Fd can be created by incorporating the data file.

  Meanwhile, the decryption processing unit 280 decrypts the encrypted content data file extracted from the camouflaged data file Fd using the password input by the restoration stage password input unit 260 and corresponding to the predetermined encryption algorithm. If the function of executing the decryption algorithm and performing the decryption process is provided, the restoration stage content reproduction unit 230 decrypts the content data file that has been subjected to the decryption process by the decryption processing unit 280. The content can be reproduced based on the received content data file.

  Generally, if the password set by the user is a word that is easily associated with the content, the password can be easily remembered by reproducing the content during the restoration process. Therefore, in the embodiment using a password, the user will set a word that can be easily associated based on the content as the password. From such a point of view, it is preferable that content analysis is not performed as much as possible even if the forged data file Fd reaches the unauthorized person. Accordingly, when a plurality of m content data files are used as in the above-described embodiment, if the second and subsequent content data files are encrypted, the contents of the content are analyzed by an unauthorized person. The possibility of being known can be reduced, and the risk that a password is guessed can be reduced.

  As shown in the lower part of FIG. 19, the first content data file Fc (1) is a file located at the head of the camouflaged data file Fd, and the camouflaged data file Fd is as if the first content data file Fd. It plays the role of disguising as it is composed of only the data file Fc (1). Therefore, it is preferable not to encrypt the first content data file Fc (1).

<<< §9. Other variations >>
Finally, some more practical variations will be described in practicing the present invention.

<§9-1: Display of password input window>
In some of the embodiments described so far, there are cases where both position setting and password setting are performed for one content in the camouflage processing stage. In such a case, both position designation and password input must be performed for one content in the restoration processing stage. For example, in FIG. 23, when both position setting and password setting are performed for the first content C1, the user does not perform both position designation and password input for the content C1. The second content C2 is presented only when the results of both the position match determination and the password match determination indicate a match.

  In such a case, when the position designation operation by the user is performed on the content C1 in the restoration stage password input unit 260 and, as a result, the match determination is performed by the position determination unit 250, the password is input to the user. A function for displaying a window may be provided, and a password for the content C1 may be input by a user input operation to the password input window.

  For example, as in the example shown in FIG. 8, when the image content as illustrated (assuming that it is the content C1 here) is displayed in the content display field 450 of the operation window 400 in the restoration processing stage, As shown in FIG. 9, the user performs an input for designating a designated point P on the image content C1. Then, the position determination unit 250 performs position matching determination regarding the designated point P. Here, in the case where a password has also been set for the image content C1, when the match determination result is obtained by the position determination unit 250, the restoration stage password input unit 260 as shown in FIG. The password input window 451 is displayed.

  The example shown in FIG. 24 is an example in which a “balloon-type password input window 451” that starts at the designated point P is displayed. From the viewpoint of the user, when “grandma's face part” is clicked in the state shown in FIG. 8, as shown in FIG. A window 451 "appears to have appeared. The “speech-type password input window 451” serves to prompt the user to input a password for the content as well as indicating that a correct position has been designated. In the example shown in FIG. 24, a cursor for character input is displayed in the password input window 451, and the user uses a keyboard or the like to select a character string (for example, a character string “golden wedding”) that constitutes a predetermined password. ) Will be displayed in the password input window 451.

  After the user completes the password input operation, for example, when the processing start button 470 is clicked, the password match determination is performed by the password determination unit 270 (or the password match determination is performed by pressing a line feed key or the like. You do n’t mind. If it is determined that the password also matches, it is determined that both the position match determination and the password match determination are matched for the content C1, and thus the restored data file by the file restoring unit 220 is obtained. When Fr is output or there is content to be presented subsequently (when a plurality of contents are presented sequentially as in the example shown in FIG. 23), subsequent content is presented.

  For example, in the example shown in FIG. 23, when the contents C1 to Cm are all image contents, and both the position setting and the password setting have been performed for all the contents, presentation of the image contents → position specifying click → The process of displaying a password input window → inputting a password for the content → presenting the next image content → clicking a position designation → ... is repeated. The user can sequentially perform position designation and password input for each content, and can intuitively understand that the position designation operation and the password input operation are operations for specific content.

  If the password input window is displayed only when the match determination is performed by the position determination unit 250, trial and error is performed until a person who is not a regular user displays the password input window. There is a possibility to specify a random position. In fact, in the state shown in FIG. 8, if the image displayed in the content display field 450 is randomly clicked, when the “grandma's face part” is accidentally clicked, as shown in FIG. A password entry window 451 will be displayed. For this reason, there is a possibility that the user who does not know the correct setting position may know the correct setting position.

  In order to avoid such an adverse effect, if a position designation operation is performed by the user on the restoration stage password input unit 260 and, as a result, a match determination is not performed by the position determination unit 250, A function for displaying a fake password entry window may be provided. That is, in the state shown in FIG. 8, the restoration stage password input unit 260 displays the input window wherever the user clicks on the image displayed in the content display field 450. However, if the clicked position is the correct position where a determination result indicating a match is obtained, the original password input window is displayed, and an incorrect position where a determination result indicating a match cannot be obtained. If so, a fake password entry window is displayed.

  FIG. 25 is a plan view showing an example in which a fake password input window 452 is displayed by clicking the designated point P ′. The fake password input window 452 is a “speech-type password input window” that is blown out from the clicked cat. As far as the user sees, the fake password input window 452 is similar to the password input window 451 shown in FIG. Looks like. That is, when viewed from the user, the difference between the input window 451 and the input window 452 is only the position of the tip of the balloon (designated points P and P ′), which is a true password input window. Cannot be distinguished.

  However, the restoration stage password input unit 260 can distinguish between the two based on the result of the match determination by the position determination unit 250. Accordingly, the restoration stage password input unit 260 performs an operation in which information input by a user input operation to the fake password input window 452 is not handled as a password. Therefore, when the user inputs a character string “Golden Wedding” in the password input window 451 shown in FIG. 24, the restoration stage password input unit 260 uses the password Pw (B) entered by the user. In the case where the user inputs a character string “Golden Wedding” in the fake password input window 452 shown in FIG. 25, the character string is sent to the password determination unit 270. The processing to give is not performed. Specifically, the same processing as when no password is entered may be performed, or an arbitrary random password may be given.

  In this way, if a method for displaying a fake password input window is adopted, it is possible to specify whether the position match determination has failed or the password match determination has failed even if the match determination for a certain content has failed. Therefore, the risk of attack by unauthorized persons can be reduced.

  As described above, when an input for designating the designated point P is performed on the image content, the “speech-type password entry window” or “speech-type fake password entry window” originates from the designated point P. However, in the case of moving image content, a password input window may be displayed on the frame for displaying the moving image. Of course, the input window does not necessarily have to be a balloon type, and may be an arbitrarily shaped window arranged in the vicinity of the designated point.

  In short, when the content data file is an image data file or a moving image data file, when the position specifying unit 240 specifies a predetermined position on the image or the frame for displaying the moving image based on the position specifying operation by the user. In addition, the restoration stage password input unit 260 may display a password input window or a fake password input window in the vicinity of a designated position on the image or the frame for displaying the moving image. The same applies when the content data file is an audio data file and an image such as an audio waveform is displayed in the content display field 450.

  On the other hand, when the content data file is an audio data file and no image is displayed in the content display field 450, any shape of password input window may be displayed at any position. FIG. 26 shows that when the user performs an operation of clicking the designated point P on the playback position display field 455 and stops playback during playback of the music content by the audio data file, the restoration stage password input unit 260 It is a top view which shows the example which displayed the window 480 for password input by the function. The password input window 480 is a separate window separate from the operation window 400. If the designated point P is the correct position, the character string input to the password input window 480 is treated as a password. However, if the designated point P is not the correct position, the password input window 480 is a fake window. This character string is not treated as a password.

<§9-2: Variation of password input method>
In the embodiment using the password described so far, the example in which the character string keyed from the keyboard is used as the password has been described. However, the password input method by the camouflaged stage password input unit 160 or the restoration stage password input unit 260 is not necessarily limited to the input operation through the keyboard of the character string constituting the password performed by the user.

  For example, as in the example shown in FIG. 27, it is possible to input a password by a drag-and-drop operation of a “file containing data constituting a password” or a “file deriving data constituting a password” by the user. It is. FIG. 27 shows an example in which a text file “FILE01.txt” in the file list display field 440 is dragged and dropped to a balloon-type password input window 451. In this case, the text string stored in the text data file “FILE01.txt” is entered as the password.

  The file to be dragged and dropped to the password input window 451 is not necessarily a text data file, and may be any data file as long as it is a “file including data constituting a password”. For example, a music data file “FILE02.mp3” or an image data file “FILE06.bmp” in the file list display field 440 in FIG. 27 is dragged and dropped to the input window 451 to input a password. It doesn't matter. In this case, the digital data string constituting each file is used as a password.

  However, since a digital data string that is too long is difficult to handle as a password, in practice, a predetermined portion (for example, 100 bytes from the beginning) of the data string constituting each file may be used as a password. Or you may make it use the hash value obtained by making a hash function etc. act on the data sequence which comprises each file as a password. In this case, the password is input by a drag-and-drop operation of “file deriving data constituting password”.

  Also, instead of performing the file name drag-and-drop operation as described above, the password is input by an instruction to read “data constituting the password” or “data derived from the data constituting the password” from the external storage device. It is also possible to perform. For example, “data composing a password” or “data deriving data composing a password” is stored in an external storage device such as an IC card or a USB memory chip, and the data file disguise processing device according to the present invention is stored. By connecting these external storage devices to the computer that configures the computer, and allowing the user to perform an instruction operation to read necessary data, the password can be input.

  When a method for storing a password in such an external storage device is adopted, a part of the original data file Fo is cut out as partial data as necessary in the camouflage processing stage, and the cut out partial data is combined with the password. It is possible to store the data in an external storage device, and it is possible to incorporate an incomplete original data file Fo or its encrypted file after the partial data is cut out in the camouflaged data file Fd. At the time of restoration, the complete original data file Fo can be restored for the first time by using the partial data stored in the external storage device.

  Alternatively, it is also possible to input a password by a collection instruction operation for collecting a password composed of biodata indicating the biological characteristics of the user body from the user body. For example, if biodata such as fingerprints and palm vein patterns are used as passwords, an operation to collect these biodata via a predetermined tool is performed and the collected biodata is used as a password. Can do.

<§9-3: Embodiment using the Internet>
As described above, the camouflage processing unit 100 or the restoration processing unit 200 constituting the camouflage processing apparatus according to the present invention can be configured by incorporating a dedicated application program into a general-purpose computer such as a personal computer. The individual elements constituting 100 and 200 are realized by a combination of computer hardware and software.

  Here, for a computer used only for impersonation processing, it is sufficient to incorporate only a program that functions as the camouflage processing unit 100, and for a computer used only for restoration processing, only a program that functions as the restoration processing unit 200 can be incorporated. It's enough.

  The purpose of the camouflage processing unit 100 is to create a camouflaged data file by performing a camouflage process on the original data file to be camouflaged. Therefore, in order for the computer to achieve such an object, a step of inputting an original data file to be camouflaged, a step of inputting a content data file to be used for camouflaging, and the end of a data string constituting the content data file A forged data file is created by adding management data including information necessary for the restoration process, the format being determined in advance, and a data string constituting the original data file at the end of the management data. A step and a step of outputting the camouflaged data file may be performed.

  Currently, many personal computers are connected to the Internet. Therefore, when the camouflage processing apparatus according to the present invention is configured using such a personal computer, the camouflage processing apparatus is placed in an environment connectable to the Internet. FIG. 28 is a block diagram showing an example in which a camouflage processing apparatus according to the present invention is constructed by four personal computers 510, 520, 530, and 540 connected to the Internet 500. Each of the personal computers 510, 520, 530, and 540 incorporates programs necessary for functioning as the camouflage processing unit 100 and the restoration processing unit 200, and each functions as an independent camouflage processing device.

  In the illustrated example, a state in which a content server unit 550 and a general-purpose file server unit 560 are connected to the Internet 500 is shown. Here, the general-purpose file server unit 560 has a function of storing an arbitrary data file. Therefore, the camouflage processing unit 100 in each camouflage processing device can deposit the camouflaged data file Fd created by the camouflage process into the general-purpose file server unit 560, and the restoration processing unit 200 can A desired camouflaged data file Fd can be taken out from the unit 560, and a restoration process can be performed on it. Since the camouflaged data file Fd is camouflaged as if it were some content data file, the general-purpose file server unit 560 is stored even if it is a unit in a widely open file storage site. The camouflaged data file Fd is inconspicuous and there is little risk of being attacked by unauthorized persons. As described above, the impersonation data file created in the present invention improves the security at the time of file storage. Therefore, even when the file storage site published on the Internet is used as an intermediary, relatively safe file transfer is possible. It becomes possible. In recent years, there have been many cases in which companies and schools have imposed restrictions on the capacity of files attached to e-mails or automatically deleted files that are not permitted by anti-virus software. In such a case, if the present invention is used, a file can be delivered via a file storage site instead of an e-mail, so that convenience can be improved.

  On the other hand, the content server unit 550 has a function of providing various content data files to individual personal computers via a network. Therefore, the camouflage processing unit 100 and the restoration processing unit 200 in each camouflage processing device can receive the content data file from the content server unit 550 as necessary. Here, a useful modification of the embodiment using a plurality of content data files described in §8 by using the content data file providing function of the content server unit 550 will be described.

  In the camouflage processing apparatus according to this modification, the content data file input unit 120 is provided with a function of inputting a desired content data file by downloading a file from the content server unit 550. Then, the file camouflaging unit 130 selects part or all of the second to m-th content data files as the external introduction file, and the content data file selected as the external introduction file is the file itself. Is incorporated in the camouflaged data file Fd, the external installation information necessary for downloading the file from the content server unit 550 is incorporated in the camouflaged data file Fd.

  For example, when all of the second to m-th content data files are selected as externally introduced files, in the fake data file Fd shown in the lower part of FIG. 19, the additional file portion includes the second to m-th content data files themselves. In this case, external introduction information (for example, URL information) necessary for downloading these files from the content server unit 550 is incorporated. By doing so, the data capacity of the additional file part can be greatly reduced, and the merit of reducing the total data capacity of the camouflaged data file Fd can be obtained. Further, if the content data file prepared in the content server unit 550 is downloaded as a common file from a plurality of camouflaged data files Fd, it is sufficient to perform position setting and password setting for the common file. Therefore, there is also an advantage that it is not necessary to make individual settings for each fake data file Fd.

  On the other hand, when the externally introduced file is reproduced, the restoration stage content reproducing unit 230 downloads the externally introduced file from the content server unit 550 based on the externally introduced information, and reproduces it. Leave it on. Specifically, when URL information is incorporated in the additional file portion, the corresponding externally introduced file is downloaded and reproduced based on the URL information. Then, even if the actual content data file is not incorporated in the camouflaged data file Fd, the restoration stage content reproduction unit 230 can reproduce the content selected as the externally introduced file without any trouble.

  In this way, a part of the content data file is selected as the externally introduced file, and the restoration stage content playback unit 230 obtains the externally installed file by downloading from the content server unit 550 and plays it. By adopting, it becomes possible to take various additional security measures according to the user's intention of performing the impersonation process.

  For example, if the content server unit 550 is provided with a function of performing a process of permitting or prohibiting only a specific content data file to be downloaded to a predetermined specific network address, the specific content data is Downloading to a specific personal computer can be prevented, and a specific disguised data file can be prevented from being restored in the specific personal computer.

  Specifically, as shown in FIG. 28, IP (510), IP (520), IP (530), and IP (540) are assigned as IP addresses to the personal computers 510, 520, 530, and 540, respectively. Let's say it was attached. Consider a case where a user operating the personal computer 510 creates a fake data file Fd as shown in the lower part of FIG. 19 and stores it in the general-purpose file server unit 560. At this time, it is assumed that the second to m-th content data files have all been selected as externally introduced files.

  Here, the personal computer 510 operated by the user and the personal computer 520 operated by a friend restore the camouflaged data file Fd, and the other personal computers 530 and 540 restore the camouflaged data file Fd. Suppose you want to be done. In that case, the user sets the content server unit 550 to allow only the download to the network addresses IP (510) and IP (520) for the second to m-th content data files. (Alternatively, settings may be made to prohibit downloading to network addresses IP (530) and IP (540)).

  Then, when the forged data file Fd is downloaded from the general-purpose file server unit 560 by the personal computer 510 or 520 and the restoration process is started, the content server unit is responded to the download request from the restoration stage content reproduction unit 230. Since 550 provides the second to m-th content data files, the restoration process is executed without any trouble. However, when the restoration process is started by the personal computer 530 or 540, the content server unit 550 refuses to provide the second to m-th content data files in response to a download request from the restoration stage content reproduction unit 230. The restoration process will be interrupted there. After all, as the original user thinks, the forged data file Fd can be restored only by the personal computers 510 and 520.

  In addition, the content server unit 550 may be provided with a function of performing a process of permitting or prohibiting download of a specific content data file only in a predetermined specific time zone. By using such a function, the user can set a time zone in which the specific camouflaged data file Fd can be restored.

  Specifically, for a specific content data file that needs to be downloaded at the time of restoration processing, for example, the content server unit 550 is set to permit downloading only during a time zone of 10: 00 am to noon. By doing so, it becomes possible to limit the time zone during which restoration processing is possible to 10:00 am to noon.

  Further, when the content server unit 550 receives a download request based on the same external introduction information, the content data file to be downloaded is changed according to the network address of the request source or the requested time zone. It is also possible to have functions.

  If such a function is used, even when the same fake data file Fd is given to the friend A and the friend B, the contents presented at the time of the restoration process can be changed. For example, assume that a content data file is selected as an external introduction file, and a fake data file Fd incorporating predetermined URL information as external introduction information is passed to friends A and B. In this case, when the friends A and B start the restoration process, a download request designating the URL information is issued to the content server unit 550 from each personal computer. At this time, even if the download request specifies the same URL information, the content server unit 550 is configured to change the content data file to be downloaded based on the request source network address. Different content data files are downloaded to the personal computers of friends A and B.

  Alternatively, if it is known that friend A is a morning person and friend B is a night person, the content data file to be downloaded should be changed according to the time period when the download request is made. Thus, different content data files can be downloaded to the personal computers of friends A and B.

  In this way, even if the same disguise data file Fd is used, if different contents are presented for each user during the restoration process, a more flexible operation can be performed when other users execute the restoration process. It becomes possible. For example, if friend A is acquainted with “grandma”, but friend B is not acquainted, when friend A performs the restoration process, the photo showing “grandma” is presented as content, "Face part" is clicked, and when friend B performs the restoration process, it is possible to use different contents such as presenting another photo as the content that can be clicked at the same position Become.

<§9-4: Other modifications related to position setting>
In the embodiments described so far, the position setting unit 150 performs one position setting for one content, but it is also possible to set a plurality of different positions for one content. When a plurality of different positions are set for one content, the position determination unit 250 performs a match determination when the position specified by the position specification unit 240 matches any of the plurality of setting positions. You can do it. Alternatively, each of a plurality of setting positions may be designated, and the match determination may be performed when all match.

  For example, FIG. 29 is a plan view showing the position setting operation for a plurality of locations by the user in the operation window shown in FIG. In this example, the first setting area A (grandma's face part) is set by designating two points Q1 and Q2, and the second setting area B (cat's nose) is designated by designating two points Q3 and Q4. Part) is set. In the disguise processing stage, when two positions are set as described above, either one point in the first setting area A or one point in the second setting area B is selected in the restoration processing stage. If any or all of them are designated as designated points, a match for position is determined.

  In addition, the operation window 300 in the impersonation process stage and the operation window 400 in the restoration process stage illustrated in the embodiments described so far show examples of the operation windows. An operation window may be used. FIG. 30 is a plan view showing a state in which the display of the operation window 400 is omitted in the restoration processing stage, and the content image is displayed on the independent window 610 by the restoration stage content reproduction unit 230.

  For example, an operation of starting the restoration application software constituting the restoration processing unit 200 and executing the “open file” command from the restoration application software menu to open the forged data file Fd to be restored. If a content reproduction window 610 as shown in FIG. 30 is displayed by performing the above, restoration processing can be performed by an operation on this window 610. Specifically, when the user performs an operation of clicking on the designated point P in the “grandmother's face portion” on the window 610, a match determination regarding the position is performed, and as shown in FIG. Type password input window 611 appears, and when a password such as “Golden Wedding” is entered in this input window 611 and a line feed key is pressed, a password match determination is performed. Just keep it.

  In the case of using a plurality of image contents, after the first content image is determined to be coincident with respect to the position and password, the second content image is reproduced as another content as shown in FIG. What is necessary is just to make it display on the window 620. FIG. Of course, instead of displaying another window 620, the second content image may be displayed on the window 610 on which the first content image was displayed. In addition, in order to clearly show the user that the content image has been switched, the first window 610 displays a 3D video that is turned upside down. If the window shown in FIG. It is also possible to perform a visual effect such as “the second content image as shown in FIG. 32 was displayed”.

  As already described, depending on the content, only position setting or password setting can be performed. Therefore, for example, if only the position setting has been performed for the first content image shown in FIG. 30, it is not necessary to enter a password. Therefore, in the state shown in FIG. "" Is clicked, the second content image is immediately displayed as shown in FIG. Further, in the case where only the password setting has been performed for the second content image shown in FIG. 32, it is not necessary to perform the position designation operation, so that the display shown in FIG. 33 is used instead of the display shown in FIG. In this manner, the display in which the password input window 621 is superimposed may be performed. Alternatively, after the image display shown in FIG. 32 is performed for a few seconds, the password input window 621 may be displayed in an overlapping manner as shown in FIG. Since the position of the second content image is not set, the password input window 621 is not a balloon type but a simple rectangular window.

  In practice, it is preferable to use at least two contents (that is, set m ≧ 2 in the example shown in FIG. 19) and present them sequentially, as in the example shown here. This is because any user who has obtained the fake data file Fd can easily know the content of the first content (for example, the first content is image data in “JPEG format”). In this case, the first content image is displayed if it is opened with general image browsing software), whereas the second and subsequent content is compared to the content presented prior to this. This is because the contents can be known only after a correct input operation for determining whether the position or password is matched is performed.

  Therefore, in practice, it is preferable that the content for associating a password is the second and subsequent content, and the first content is not used for password association.

  If two or more contents are used, it can be used for hierarchical classification of the fake data file Fd. For example, if any one of a family photo, a food photo, and a workplace photo is used as the first content, the camouflaged data file Fd in which the family photo is used as the first content is The camouflaged data file Fd, which is a personal data file used at home and uses food photos as the first content, is a data file related to gourmet information, and a photo of the workplace is used as the first content. The camouflaged data file Fd is a data file related to work and can be classified as follows.

  A general image data file can be displayed in a thumbnail format in many application software. Therefore, if a number of camouflaged data files Fd classified according to the above-mentioned policy are created, they can be displayed in a list in thumbnail format, and it is possible to confirm at a glance which category the files belong to. be able to.

  Further, the position setting unit 150 has a function of creating hint information for displaying a hint at a predetermined position on the image based on a user operation, and the file disguise unit 130 includes management data including the hint information. The function of creating the fake data file Fd by incorporating M is provided, and the restoration stage content playback unit 230 is provided with a function of displaying a hint on the image based on the hint information incorporated in the management data M. This will give the user a hint to remember the password.

  For example, suppose that the user sets the password for the brand name of the bag held in the right hand for the image content as shown in FIG. In this case, at the restoration processing stage, as shown in the figure, the image content is displayed in the window 620, and it is necessary to perform an operation of inputting a password for the content (for example, the password input shown in FIG. 33). The password is input to the window 621).

  In this case, you may be in a situation where you cannot remember which product brand name is set as the password. In particular, this same image content is used for a large number of camouflaged data files, and passwords such as bag brand names, clothing brand names, shoe brand names are used for each camouflaged data file. In such a case, the password may be confused only by presenting the image content as shown in FIG.

  In order to avoid such a situation, the user performs an operation for displaying a hint at a predetermined position on the image when setting a password in the camouflage processing stage. For example, on the image shown in FIG. 32, if an operation for performing the hint display by specifying the position of the eyelid is performed, the position setting unit 150 provides hint information for performing the hint display at the position. Created. The hint information set here is completely different from the position setting data Ps in the embodiments described so far, and is not a target of position determination at the time of restoration processing. The hint information is simply information for “performing a hint display at a predetermined position” when reproducing the image content.

  If the user performs an operation for performing such hint display at the camouflage processing stage, the hint information is incorporated into the management data M and transmitted to the restoration processing unit 200. Therefore, the restoration stage content reproducing unit 230 can display a hint on the image based on the hint information incorporated in the management data M when reproducing the image content. FIG. 34 shows an example in which a “!” Mark 622 is displayed as a hint display. In this example, since the user has performed an operation for displaying a hint at the position of the bag, the “!” Mark 622 is displayed at the position of the bag. The user can see that the hint is displayed and can remember that the password was the brand name of 鞄.

  Of course, any hint display may be used. For example, if a character string such as “What is this brand?” Is used as a hint display, a character string “What is this brand?” Is displayed instead of the “!” Mark 622 shown in FIG. become.

  In addition, the example shown in FIG. 34 shows a state in which a hint display is always presented, but when the restoration stage content reproduction unit 230 performs a position specifying operation by the user, a hint display related to the specified position is displayed. May be performed. For example, normally, as shown in FIG. 32, only when the image content is presented without any hint display and the user moves the mouse cursor to the position of the eyelid, “What is this brand?” May be displayed. Or, if you move the mouse cursor to the correct position where the hint information is set, the correct hint display will be presented, but if you move the mouse cursor to a position where the hint information is not set, A random dummy hint display may be presented.

<§9-5: Modified example of incorporating location information into management data>
In the embodiments described so far, the position setting data Ps is incorporated into the management data M, and the forged data file Fd is transferred, so that the position setting data Ps is also transferred. For example, in the case of the camouflaged data file Fd shown in FIG. 6, the position setting data Ps “Q1 (x1, y1), Q2 (x2, y2)” is incorporated in the management data M, and the restoration processing unit 200 The position setting data Ps in the management data M is used to determine whether or not the designated position matches the set position.

  However, the position setting data Ps to be transferred from the camouflage processing unit 100 to the restoration processing unit 200 is not necessarily included in the management data M in implementing the present invention. That is, it is not always necessary to incorporate the position setting data Ps itself in the management data M, and instead, information indicating the location of the position setting data Ps may be incorporated. Specifically, in the case of the example illustrated in FIG. 6, instead of the camouflage processing unit 100 incorporating the position setting data Ps “Q1 (x1, y1), Q2 (x2, y2)” in the management data M, If it is stored in an external server device (which may be a remote server connected via the Internet) or the like, information indicating the location of the storage location (for example, URL information) is incorporated in the management data M. Good.

  If such location information is incorporated in the management data M, the position setting data Ps itself is not directly transferred to the restoration processing unit 200, but the restoration processing unit 200 Since the position setting data Ps “Q1 (x1, y1), Q2 (x2, y2)” can be obtained by using information indicating the location (for example, URL information), the embodiment described above Similarly, it can be determined whether or not the designated position matches the set position.

  The same applies to the password Pw and the encrypted password PPw. That is, in the embodiment using the password described so far, the method of passing the password Pw or the encrypted password PPw to the restoration processing unit 200 by incorporating it in the management data M is used. The unit 100 stores these passwords in an external server device connected via the Internet, and incorporates information indicating the location of the storage location (for example, URL information) into the management data M. That's fine.

  Then, the passwords Pw and PPw themselves are not directly passed to the restoration processing unit 200, but the restoration processing unit 200 uses information indicating the location (for example, URL information), Since the passwords Pw and PPw can be obtained, password verification can be performed as in the embodiments described so far.

  In short, the position setting data Ps and password Pw that are incorporated in the management data M (that is, in the camouflaged data file Fd) and passed from the camouflage processing unit 100 to the restoration processing unit 200 in the above embodiments. , The encrypted password PPw is stored in another storage location outside the camouflaged data file Fd, and in the management data M, the information indicating the “link” with the storage location (URL information, etc., the location is stored). Stored information) may be stored. Then, the restoration processing unit 200 can obtain the position setting data Ps, the password Pw, and the encrypted password PPw based on the “information indicating the location” incorporated in the camouflaged data file Fd. As in the previous embodiments, position match determination and password verification can be performed.

<§9-6: Modified example regarding configuration of camouflaged data file>
The camouflage data file Fd created by the camouflage processing unit 100 according to the present invention is a file configured by adding additional data including management data and an original data file to a content data file used for camouflage. A specific configuration is illustrated in the lower part of FIG. 6, for example. That is, the camouflaged data file Fd illustrated in the lower part of FIG. 6 is obtained by adding the additional data string D2 to the end of the data string D1 constituting the content data file Fc. The management data M and the original data file Fo are included.

  Further, the camouflaged data file Fd illustrated in the lower part of FIG. 19 is obtained by adding an additional data string D2 to the end of the data string D1 constituting the first content data file Fc (1). D2 includes management data M and an additional file part as shown in the figure. This additional file part includes first to nth original data files Fo (1), Fo (2),..., Fo (n), and second to mth content data files Fc (2),. ., Fc (m).

  However, the configuration of the camouflaged data file is not limited to the examples shown in FIGS. That is, in the embodiments described so far, as the basic form of the camouflaged data file, first, the content data file is arranged at the head, and then the management data M and various files are added as additional data strings added to the tail. The configuration in which (one or a plurality of original data files or second and subsequent content data files) is arranged is illustrated, but the restoration processing unit 200 determines the arrangement of each data and each file in the additional data string. Any arrangement can be used as long as it can be recognized individually.

  For example, in the example shown in the lower part of FIG. 19, the original data files Fo (1), Fo (2),..., Fo (n) and the content data files Fc (2),. The arrangement order is arbitrary, and the content data files Fc (2),..., Fc (m) are arranged first, followed by the original data files Fo (1), Fo (2),. (N) may be arranged. Also, the management data M does not necessarily have to be a single data string, but is divided into a plurality of management data M (1), M (2),. It doesn't matter. Specifically, for example, m = n is set, and the fake data file Fd is converted into Fc (1), M (1), Fo (1), Fc (2), M (2), Fo (2), Fc (3), M (3), Fo (3),..., Fc (n), M (n), Fo (n) may be used. In this case, an additional data string equal to or less than M (1) is added to the end of the first Fc (1).

  Of course, as described in “§9-5” above, information indicating the location can be incorporated in the management data instead of the position setting data Ps, the password Pw, and the encryption password PPw. In the case of the above example, each management data M (1), M (2),..., M (n) has information indicating its location in place of the position setting data Ps, password Pw, and encryption password PPw. (For example, URL information) can be incorporated.

10: Encryption algorithm 15: Key creation algorithm 20: Decryption algorithm 30: Arbitrary data string 35: Numerical algorithm 36: Extraction algorithm 100: Impersonation processing unit 110: Original data file input unit 120: Content data file input unit 130 : File impersonation section 140: Impersonation stage content playback section 150: Position setting section 160: Impersonation stage password input section 170: Encryption processing section 200: Restoration processing unit 210: Impersonation data file input section 220: File restoration section 230: Restoration stage Content playback unit 240: position specifying unit 250: position determination unit 260: restoration stage password input unit 270: password determination unit 280: decryption processing unit 300: operation window 310 presented by the camouflage processing unit 100: original Data file input field 320: content data file input field 330: camouflaged data file input field 340: file list display field 350: content display field 355: playback position display field 356: playback position index 361: reverse playback button 362: pause button 363 : Play button 364: Fast forward button 370: Process start button 400: Operation window 430 presented by the restoration processing unit 200: Impersonation data file input field 440: File list display field 450: Content display field 451: Callout type password input Window 452: Fake balloon-type password input window 455: Playback position display field 456: Playback position index 461: Reverse playback button 462: Pause button 463: Playback button 464: Fast forward button 470: Process start button 480: Minute Type password input window 500: Internet 510 to 540: Impersonation processing device 550 configured by a personal computer 550: Content server unit 560: General-purpose file server unit 610: Content reproduction window 611: Balloon type password input window 620: Content reproduction Window 621: Password input window 622: Hint display mark A: Setting area on image AA: Setting area on spacetime B: Setting area on image C: Circles C1 to Cm: Content D1: Content data file Fc Data string D2 to be added: Additional data string E: End of data string D1 Fc: Content data file Fc1, Fc1 ′: Content data file header Fc2: Content data file body Fc3: Content data file footer F c (1) to Fc (m): content data file Fd: camouflaged data file Fo: original data file Fo1: original data file header part Fo2: original data file body part Fo3: original data file footer part Fo (1 ) To Fo (n): Original data file FFO: Encrypted original data file Fr: Restored data file J, J1, J2: Match determination signals K1 to K6: Encryption key K (A), K (B): Encryption key M : Management data P, P ′: designated point Pd: position designation data Pd1 to Pdm: position designation data Ps: position setting data Ps1 to Psm: position setting data Pw: password Pw1 to Pwm: password Pw (A): password (impersonation) Entered at the stage)
Pw (B): Password (entered at the restoration stage)
Pw (C): Password (obtained by decryption)
PPw: encryption password Q, Q1 to Q4: point on image r: predetermined radius T: area T on time axis
t: time axis / time axis position (point)
t1, t2: position on the time axis (point)
tp: specified position (point) on the time axis
X, Y: coordinate axes x1, x2, y1, y2: position coordinates Δt: area width

Claims (44)

A camouflage processing unit that creates a camouflaged data file by performing camouflage processing on the original data file to be camouflaged; and a restoration processing unit that restores the original data file by performing restoration processing on the camouflaged data file. A data file impersonation processing device comprising:
The camouflage processing unit is
An original data file input unit for inputting an original data file to be camouflaged based on a user's file designation operation;
A content data file input unit for inputting a content data file used for impersonation based on a user's file designation operation;
A disguise stage content reproduction unit that reproduces content based on the content data file input by the content data file input unit and presents the content to the user;
A position setting unit that sets a predetermined position in time or space and creates position setting data for specifying a setting position for the content being played by the camouflaged stage content playback unit based on a user position setting operation;
The content data file includes the management data including the position setting data or information indicating the location thereof, and the original data file, thereby creating a camouflaged data file and outputting the file camouflaging unit;
With
The restoration processing unit is
A camouflaged data file input unit for inputting a camouflaged data file to be restored based on a user file designation operation;
A restoration stage content reproduction unit that reproduces content based on the content data file included in the impersonation data file and presents the content to the user;
A position designating unit for designating a predetermined position in time or space for the content being played back by the restoration stage content playback unit based on the user's position designating operation;
A position determination unit that determines whether or not a specified position by the position specifying unit matches a setting position specified by position setting data obtained based on the camouflaged data file;
On condition that a match determination is made by the position determination unit, an original data file is extracted from the camouflaged data file, and this is output as a restored data file;
A data file camouflage processing apparatus comprising: The camouflage processing device according to claim 1,
The camouflage processing unit further includes a camouflage stage password input unit that inputs a password based on a user input operation,
The file disguise part creates a disguise data file including the password or information indicating the location by incorporating management data including the password or information indicating the location into the content data file,
The restoration processing unit
A restoration stage password input unit for inputting a password based on a user input operation;
A password determination unit that determines whether the password input by the restoration stage password input unit and the password obtained based on the impersonation data file are matched, and
Further comprising
The file restoration unit extracts an original data file from the camouflaged data file on the condition that a match determination is made in both the position determination unit and the password determination unit, and outputs this as a restored data file Data file disguise processing device. The camouflage processing device according to claim 1,
The content data file input unit has a function of inputting a total of m content data files (m ≧ 2) based on a user file designation operation,
The camouflaged stage content playback unit has a function of playing back the m content data files and presenting them to the user,
The position setting unit creates position setting data for each content being played based on the user's position setting operation,
The file camouflaging unit incorporates the management data including the position setting data or information indicating the location thereof, the original data file, and the second to m-th content data files into the first content data file. Create a fake data file,
A restoration stage content reproduction unit has a function of sequentially reproducing the contents of the m content data files and presenting them to the user;
The position designation unit has a function of performing position designation for each content being played based on the user's position designation operation,
The position determination unit has a function of determining whether or not each specified position matches the set position for each content,
After the restoration stage content playback unit plays back the first content data file, the position determination unit makes a match determination on the content of the i-th (1 ≦ i <m) content data file. The content of the (i + 1) th content data file is reproduced on the condition that
A data file impersonation processing apparatus, wherein a file restoration unit outputs a restoration data file on condition that a match determination is made by the position determination unit for the content of the m-th content data file. The camouflage processing device according to claim 1,
The content data file input unit has a function of inputting a total of m content data files (m ≧ 2) based on a user file designation operation,
The camouflaged stage content playback unit has a function of playing back the m content data files and presenting them to the user,
The position setting unit sets a predetermined position in time or space during playback for a part or all of the m content data files based on a user position setting operation, and specifies the set position Create each data,
The camouflage processing unit further includes a camouflage stage password input unit that inputs and sets individual passwords for some or all of the m content data files based on user input operations,
The file camouflaging unit includes, in the first content data file, management data including the position setting data or information indicating the location and the password or information indicating the location, the original data file, the second to mth Create a fake data file by incorporating the content data file,
The restoration processing unit
Based on the user's input operation, for the password-set content for which password setting has been performed by the impersonation step password input unit, a restoration step password input unit that inputs a password during playback,
Whether the password for each password-set content input by the restoration stage password input unit matches with the password for each password-set content included in the fake data file to determine whether or not they match A password determination unit for determining;
Further comprising
A restoration stage content reproduction unit has a function of sequentially reproducing the contents of the m content data files and presenting them to the user;
The position designation unit has a function of performing position designation during reproduction of each position-set content for which position setting has been performed by the position setting unit based on a user's position designation operation,
The position determination unit has a function of determining whether or not each specified position matches the set position for each position-set content,
After the restoration stage content reproduction unit reproduces the first content data file, the content of the i-th (1 ≦ i <m) content data file has been set among the position setting and password setting. The content of the (i + 1) -th content data file is played back on condition that all items are matched.
The file restoration unit outputs the restoration data file on condition that a match determination is made for all the set contents of the position setting and the password setting for the contents of the mth content data file. A data file disguise processing device. A camouflage processing unit that creates a camouflaged data file by performing camouflage processing on the original data file to be camouflaged; and a restoration processing unit that restores the original data file by performing restoration processing on the camouflaged data file. A data file impersonation processing device comprising:
The camouflage processing unit is
An original data file input unit for inputting an original data file to be camouflaged based on a user's file designation operation;
A content data file input unit for inputting a content data file used for impersonation based on a user's file designation operation;
A disguise stage content reproduction unit that reproduces content based on the content data file input by the content data file input unit and presents the content to the user;
A position setting unit that sets a predetermined position in time or space and creates position setting data for specifying a setting position for the content being played by the camouflaged stage content playback unit based on a user position setting operation;
An impersonation stage password input unit that inputs a password based on a user input operation;
Applying a predetermined encryption algorithm using the password input by the impersonation stage password input unit, applying an encryption process to the original data file, and creating an encrypted original data file; ,
A file camouflaging unit that creates a camouflaged data file by incorporating management data including the position setting data or information indicating the location thereof and the encrypted original data file into the content data file and outputs the file. ,
With
The restoration processing unit is
A camouflaged data file input unit for inputting a camouflaged data file to be restored based on a user file designation operation;
A restoration stage content reproduction unit that reproduces content based on the content data file included in the impersonation data file and presents the content to the user;
A position designating unit for designating a predetermined position in time or space for the content being played back by the restoration stage content playback unit based on the user's position designating operation;
A position determination unit that determines whether or not a specified position by the position specifying unit matches a setting position specified by position setting data obtained based on the camouflaged data file;
A restoration stage password input unit for inputting a password based on a user input operation;
The encrypted original data file extracted from the camouflaged data file is decrypted by executing a decryption algorithm corresponding to the predetermined encryption algorithm using the password input by the restoration stage password input unit A decryption processing unit for performing processing;
A data restoration unit that outputs the data file decrypted by the decryption processing unit as a restoration data file;
With
Data in which both the decoding process by the decoding processing unit and the output process of the restored data file by the file restoring unit are performed on condition that the match judgment by the position judging unit is made File impersonation processing device. The camouflage processing device according to claim 5,
The file impersonation unit incorporates the encrypted data obtained by encrypting the password input by the impersonation stage password input unit into the content data file or management data including information indicating the location thereof, thereby the encrypted password Create a fake data file containing
The restoration processing unit
A password determination unit that determines whether or not the password entered by the restoration stage password input unit and the password obtained by decrypting the encrypted password obtained based on the fake data file match. In addition,
Both the decryption processing on the encrypted original data file by the decryption processing unit and the output processing of the restored data file by the file restoration unit on condition that the match determination is made in both the position determination unit and the password determination unit A data file disguise processing device characterized in that processing is performed together. The camouflage processing device according to claim 5,
The content data file input unit has a function of inputting a total of m content data files (m ≧ 2) based on a user file designation operation,
The camouflaged stage content playback unit has a function of playing back the m content data files and presenting them to the user,
The position setting unit creates position setting data for each content being played based on the user's position setting operation,
The file disguise unit incorporates the management data including the position setting data or information indicating the location thereof, the encrypted original data file, and the second to m-th content data files into the first content data file. Create a fake data file,
A restoration stage content reproduction unit has a function of sequentially reproducing the contents of the m content data files and presenting them to the user;
The position designation unit has a function of performing position designation for each content being played based on the user's position designation operation,
The position determination unit has a function of determining whether or not each specified position matches the set position for each content,
After the restoration stage content playback unit plays back the first content data file, the position determination unit makes a match determination on the content of the i-th (1 ≦ i <m) content data file. The content of the (i + 1) th content data file is reproduced on the condition that
A data file impersonation processing apparatus, wherein a file restoration unit outputs a restoration data file on condition that a match determination is made by the position determination unit for the content of the m-th content data file. The camouflage processing device according to claim 5,
The content data file input unit has a function of inputting a total of m content data files (m ≧ 2) based on a user file designation operation,
The camouflaged stage content playback unit has a function of playing back the m content data files and presenting them to the user,
The position setting unit sets a predetermined position in time or space during playback for a part or all of the m content data files based on a user position setting operation, and specifies the set position Create each data,
The camouflage processing unit further includes a camouflage stage password input unit that inputs and sets individual passwords for some or all of the m content data files based on user input operations,
The encryption processing unit executes encryption processing using a part or all of the password input by the impersonation stage password input unit,
A file disguise unit, in the first content data file, the management data including the position setting data or information indicating the location and the encrypted password obtained by encrypting the password or the information indicating the location; By incorporating the encrypted original data file and the second to m-th content data files, a fake data file is created,
The restoration processing unit
Based on the user's input operation, for the password-set content for which password setting has been performed by the impersonation step password input unit, a restoration step password input unit that inputs a password during playback,
Whether the password for each password-set content input by the restoration stage password input unit matches with the password for each password-set content included in the fake data file to determine whether or not they match A password determination unit for determining;
Further comprising
The decryption processing unit executes a decryption process using a part or all of the password input by the restoration stage password input unit;
A restoration stage content reproduction unit has a function of sequentially reproducing the contents of the m content data files and presenting them to the user;
The position designation unit has a function of performing position designation during reproduction of each position-set content for which position setting has been performed by the position setting unit based on a user's position designation operation,
The position determination unit has a function of determining whether or not each specified position matches the set position for each position-set content,
After the restoration stage content reproduction unit reproduces the first content data file, the content of the i-th (1 ≦ i <m) content data file has been set among the position setting and password setting. The content of the (i + 1) -th content data file is played back on condition that all items are matched.
Decryption processing for the encrypted original data file by the decryption processing unit on the condition that the match determination is made for all the set contents of the position setting and password setting for the contents of the mth content data file And a data file impersonation processing apparatus characterized in that both processing of the restoration data file output processing by the file restoration unit is performed. In the camouflage processing device according to any one of claims 5 to 8,
A data file disguise processing device, wherein the encryption processing unit and the decryption processing unit execute encryption or decryption processing using a password or a part thereof as an encryption key or part thereof. In the camouflage processing device according to any one of claims 5 to 8,
Data in which the encryption processing unit and the decryption processing unit execute encryption or decryption processing using a part of the data in the content data file specified by the password as an encryption key or a part thereof File impersonation processing device. The camouflage processing device according to claim 10,
The encryption processing unit and the decryption processing unit have a calculation function for obtaining a predetermined unique value unique to the character string by applying a predetermined numerical algorithm to the character string constituting the password, and constitute a content data file Execute encryption or decryption processing using a predetermined length of data starting from the predetermined reference position of the data string at the subsequent position corresponding to the eigenvalue as an encryption key or part thereof A data file disguise processing device characterized by the above. The camouflage processing apparatus according to claim 7 or 8,
The encryption processing unit applies a predetermined encryption algorithm using the password input by the impersonation stage password input unit, performs encryption processing on a part or all of the second to m-th content data files, It has a function to create an encrypted content data file,
The file impersonation unit creates an impersonation data file by incorporating the encrypted content data file for the encrypted files among the second to m-th content data files,
The decryption processing unit executes the decryption algorithm corresponding to the predetermined encryption algorithm, using the password input by the restoration stage password input unit, with respect to the encrypted content data file extracted from the camouflaged data file And has a function of performing a decryption process,
A restoration stage content playback unit plays back content based on the content data file decrypted by the decryption processing unit for the content data file that has been encrypted. Camouflage processing device. In the camouflage processing device according to any one of claims 2, 4, 5-8,
The restoration stage password input unit has a function of displaying a password input window for the user when a position designation operation is performed by the user and, as a result, a match determination is performed by the position determination unit, the password A data file disguise processing device, wherein a password is input by a user input operation to an input window. The camouflage processing apparatus according to claim 13,
The restoration stage password input unit has a function of displaying a fake password input window for the user when a position designation operation is performed by the user and as a result, a match determination is not performed by the position determination unit. The data file disguise processing device is characterized in that information input by a user input operation to the fake password input window is not handled as a password. The camouflage processing apparatus according to claim 13 or 14,
If the content data file is an image data file or a video data file,
Based on the position specifying operation by the user, the position specifying unit specifies a predetermined position on the image or the frame for displaying the moving image,
A data file disguise processing device, wherein the restoration stage password input unit displays a password input window or a fake password input window in the vicinity of a designated position on a frame for displaying an image or a moving image. In the camouflage processing device according to any one of claims 2, 4, 5-8,
Impersonation stage password input part or restoration stage password input part was made by the user,
(a) Input operation via the keyboard of the character string constituting the password,
(b) Drag-and-drop operation of “file containing data that constitutes password” or “file that derives data that constitutes password” to the password input window,
(c) Read instruction operation of “data composing password” or “data deriving data composing password” from external storage device,
(d) a collection instruction operation for collecting a password composed of biodata indicating the biological characteristics of the user body from the user body;
A data file impersonation processing apparatus, wherein a password is input by any of the above. The camouflage processing apparatus according to any one of claims 1, 2, 5, and 6,
The file disguise section creates an additional data string that includes the management data and the data that makes up the original data file or the encrypted original data file, and adds the additional data string to the end of the data string that makes up the content data file A data file camouflage processing device, characterized in that a camouflaged data file is created. The camouflage processing apparatus according to claim 17,
The restoration processing unit recognizes the end of the data string constituting the content data file based on the information of the header portion of the content data file included in the head portion of the camouflaged data file, and manages the management data following the end. A data file disguise processing device for recognizing and recognizing an original data file or an encrypted original data file following the management data. The camouflage processing device according to claim 18,
The restoration processing unit recognizes the end of the data string that makes up the content data file based on the data indicating the file length included in the header of the content data file included in the beginning of the fake data file A data file camouflage processing apparatus. The camouflage processing device according to claim 18,
The restoration processing unit recognizes an identifier code indicating the end of the file based on the data indicating the file type included in the information of the header portion of the content data file included in the head portion of the camouflaged data file, A data file disguise processing device for recognizing the end of a data string constituting a content data file by searching for an identifier code. The camouflage processing apparatus according to any one of claims 3, 4, 7, and 8,
The file disguise section creates an additional data string including management data, data that forms the original data file or encrypted original data file that follows this, and data that forms the second to m-th content data files. In this case, the configuration information indicating the configuration of the additional data string is included in the management data, and the additional data string is added to the end of the data string constituting the first content data file, A data file impersonation processing apparatus, characterized by creating a camouflaged data file. The camouflage processing device according to claim 21,
The restoration processing unit recognizes the end of the data string constituting the first content data file based on the information of the header portion of the first content data file included in the head portion of the camouflaged data file, Recognizing the management data following the end, using the configuration information included in the management data, the original data file or the encrypted original data file and the second to m-th content data following the management data A data file disguise processing apparatus characterized by recognizing a file. The camouflage processing apparatus according to claim 22,
The restoration processing unit converts the first content data file based on the data indicating the file length included in the header part information of the first content data file included in the head portion of the camouflaged data file. A data file disguise processing device for recognizing the end of a data string constituting a data file. The camouflage processing apparatus according to claim 22,
Based on the data indicating the file type included in the header information of the first content data file included in the head part of the fake data file, the restoration processing unit sets an identifier code indicating the end of the file. A data file disguise processing device for recognizing the end of a data string constituting a first content data file by recognizing and searching for the identifier code. The camouflage processing apparatus according to any one of claims 3, 4, 7, and 8,
A content server unit that provides content data files to the impersonation processing unit and the restoration processing unit via a network;
A content data file input unit has a function of inputting a desired content data file by downloading the file from the content server unit;
The file camouflaging unit selects part or all of the second to m-th content data files as externally introduced files, and for the content data file selected as the externally installed file, the file itself is impersonated data file. In order to download the file from the content server unit, the external introduction information necessary for downloading the file from the content server unit is incorporated into the fake data file,
The restoration stage content reproduction unit has a function of reproducing the externally introduced file after downloading from the content server unit based on the externally introduced information when reproducing the externally introduced file. Data file disguise processing device. The camouflage processing apparatus according to claim 25,
A data file disguise processing device, wherein the content server unit has a function of permitting or prohibiting only a specific content data file from being downloaded to a predetermined specific network address. The camouflage processing apparatus according to claim 25,
A data file disguise processing device, wherein the content server unit has a function of performing a process of permitting or prohibiting download of a specific content data file only in a predetermined specific time zone. The camouflage processing apparatus according to claim 25,
When the content server unit receives a download request based on the same external introduction information, the content data file to be downloaded is changed according to the request source network address or the requested time zone. Data file disguise processing device. In the camouflage processing device according to any one of claims 1 to 8,
The original data file input unit has a function of inputting a plurality of n original data files based on a user's file designation operation,
A data file disguise processing apparatus, wherein a file disguise section creates a disguise data file including the plurality of n original data files or encrypted original data files. In the camouflage processing device according to any one of claims 1 to 8,
The position setting unit has a function of setting a plurality of different positions for one content,
A data file disguise processing device, wherein the position determination unit performs a match determination when the position specified by the position specifying unit matches any of a plurality of set positions. In the camouflage processing device according to any one of claims 1 to 8,
A data file impersonation process in which the file impersonation unit creates a fake data file having an extension indicating the same file format as the content data file (the first content data file if there are a plurality of content data files) apparatus. In the camouflage processing device according to any one of claims 1 to 8,
If the match determination is not performed by the position determination unit, or if the match determination is not performed by the password determination unit, the file restoration unit may cause the user to restore failure instead of outputting the restored data file. A data file camouflage processing apparatus characterized by presenting a message to be displayed. In the camouflage processing device according to any one of claims 1 to 8,
The file disguise part embeds the file name of the original data file in part of the management data,
A data file disguise processing device, wherein the file restoration unit outputs a restoration data file having a file name embedded in the management data. In the camouflage processing device according to any one of claims 1 to 8,
A data file disguise processing apparatus, wherein the disguise stage content reproduction unit and the restoration stage content reproduction unit are configured by a common combined content reproduction unit. In the camouflage processing device according to any one of claims 1 to 8,
The content data file input unit has a function of inputting an image data file as a content data file,
The impersonation stage content playback unit and the restoration stage content playback unit have a function of presenting an image to the user based on the image data file,
The position setting unit has a function of creating position setting data having a point or region on the image as a setting position;
The position specifying unit has a function of specifying the position of the point on the image;
The position determination unit determines whether the point specified by the position specifying unit is “within a predetermined vicinity range of the point specified by the position setting data” or “within an area specified by the position setting data”. A data file camouflage processing device characterized in that: The camouflage processing device according to claim 35,
The position setting unit has a function of creating hint information for displaying a hint at a predetermined position on the image based on a user operation,
The file disguise part has a function of creating a disguise data file by incorporating management data including the hint information,
A data file disguise processing device, wherein the restoration stage content reproduction unit has a function of displaying a hint on an image based on the hint information. The camouflage processing device according to claim 36,
A data file disguise processing device, wherein the restoration stage content reproduction unit has a function of displaying a hint related to a designated position when a user designates a position. In the camouflage processing device according to any one of claims 1 to 8,
The content data file input unit has a function of inputting an audio data file as a content data file,
The impersonation stage content reproduction unit and the restoration stage content reproduction unit have a function of presenting audio to the user based on the audio data file,
The position setting unit has a function of creating position setting data for specifying a point or region on the time axis for reproducing the sound as a setting position;
The position specifying unit has a function of specifying the position of a point on the time axis for reproducing the sound;
The position determination unit determines whether the point specified by the position specifying unit is “within a predetermined vicinity range of the point specified by the position setting data” or “within an area specified by the position setting data”. A data file camouflage processing device characterized in that: In the camouflage processing device according to any one of claims 1 to 8,
The content data file input unit has a function of inputting a video data file as a content data file,
The impersonation stage content playback unit and the restoration stage content playback unit have a function of presenting a video to the user based on the video data file,
The position setting unit has a function of creating position setting data for specifying a point or region on a frame for displaying the moving image as a setting position;
The position specifying unit has a function of specifying the position of a point on the frame for displaying the moving image;
The position determination unit determines whether the point specified by the position specifying unit is “within a predetermined vicinity range of the point specified by the position setting data” or “within an area specified by the position setting data”. A data file camouflage processing device characterized in that: In the camouflage processing device according to any one of claims 1 to 8,
The content data file input unit has a function of inputting a video data file as a content data file,
The impersonation stage content playback unit and the restoration stage content playback unit have a function of presenting a video to the user based on the video data file,
The position setting unit has a function of creating position setting data for specifying a point or region on the time axis for reproducing the moving image as a setting position;
The position specifying unit has a function of specifying the position of a point on the time axis for reproducing the moving image;
The position determination unit determines whether the point specified by the position specifying unit is “within a predetermined vicinity range of the point specified by the position setting data” or “within an area specified by the position setting data”. A data file camouflage processing device characterized in that: In the camouflage processing device according to any one of claims 1 to 8,
The content data file input unit has a function of inputting a video data file as a content data file,
The impersonation stage content playback unit and the restoration stage content playback unit have a function of presenting a video to the user based on the video data file,
Spatial position setting data for specifying a position or point on a time axis for reproducing the moving image as a setting position, and a spatial setting for specifying a point or region on a frame for displaying the moving image as a setting position It has a function to create position setting data including both position setting data and
The position specifying unit has a function of specifying both the position of a point on the time axis for reproducing the moving image and the position of a point on a frame for displaying the moving image;
The position determination unit determines that the point on the time axis specified by the position specifying unit is “within a predetermined vicinity of the point specified by the temporal position setting data” or “specified by the temporal position setting data” A point on the frame that is in the region and specified by the position specifying unit is specified as “within a predetermined neighborhood of the point specified by the spatial position setting data” or “specified by the spatial position setting data”. A data file camouflage processing device that performs a match determination when the data is in a “region”.   A camouflage processing unit or a restoration processing unit in the camouflage processing device according to any one of claims 1 to 41.   A program for causing a computer to function as a camouflage processing unit or a restoration processing unit in the camouflage processing device according to any one of claims 1 to 41. An impersonation processing method for creating an impersonation data file by performing an impersonation process on an original data file to be impersonated,
The computer inputs the original data file to be impersonated,
A computer inputting a content data file used for impersonation;
Additional data including management data including information necessary for restoration processing and a data string constituting the original data file at the end of the data string constituting the content data file by the computer To create a camouflaged data file by adding
A computer outputting the fake data file;
A data file impersonation processing method characterized by comprising:

Images