JP6230461B2 - Communication terminal, communication system, communication method, and communication program - Google Patents

Description

  The present invention relates to a communication system having a communication terminal and a center apparatus capable of communicating with the communication terminal, and a communication method and a communication program executed in the communication system.

  Conventionally, in facilities such as offices, stores, and homes, security systems that install various sensors and monitoring cameras to monitor the safety status of buildings have been used. In the security service using such a security system, these communication terminals have come to be used with the spread of communication terminals such as smartphones and tablet terminals in recent years.

  FIG. 8 is a diagram for explaining an example of a security operation performed using the communication terminal 200 in the conventional security system 100. For example, as shown in FIG. 8 (a), a patrol security service for inspecting while patroling a predetermined patrol area in the security target facility, or as shown in FIG. 8 (b), installed in the security target facility. The communication terminal 200 such as a smartphone is used for an abnormality handling security operation that performs an emergency countermeasure such as an inspection based on an abnormality signal from the security device 400. The communication terminal 200 is mainly used for the purpose of managing and supporting the work of guards and the security work, and is configured to be able to communicate with the center apparatus 300 installed in the monitoring center via the communication network 500.

  For example, the communication terminal 200 stores security-related information related to security for supporting the security service, and a security guard can display and check the security-related information on the screen of the communication terminal as necessary. Security-related information includes information such as the security schedule that indicates the type, time zone, and location of the security service performed by the security guard, a map that indicates the location of the security target facility, a sketch of the security target facility, and the locations and items that should be inspected. And provided from the center apparatus 300 to the communication terminal 200 via the communication network 500.

  In addition, the communication terminal 200 receives the security staff's work situation, inspection records and evidence images, and the input data is transmitted to the center device 300. For example, the work status is input data indicating the start / end of the work of the guard, the express / arrival at the facility to be guarded, and the like. The inspection record is input data such as the state of the inspection location, the content of the abnormality, and a memorandum that the security guard inputs to the communication terminal while inspecting each inspection item. Further, when an evidence image or the like is required, the security guard takes a picture with the camera of the communication terminal 200, and the image data acquired by the photography is also transmitted to the center apparatus 300 as input data.

  As described above, highly confidential information including business confidential matters such as work status, inspection records, and evidence images, and customer personal information is input to a communication terminal used for security work. Therefore, it is necessary to ensure high confidentiality of the input data stored in the communication terminal.

  Japanese Patent Application Laid-Open No. 2004-133830 proposes a technique for ensuring the confidentiality of image data by encrypting image data of a photographed image obtained by photographing using a pre-stored encryption key. In order to decrypt the encrypted image data, for example, the user is authenticated by inputting a decryption key cipher corresponding to the encryption key. Therefore, it is possible to prevent a third party from decrypting and browsing or copying the encrypted data.

JP 2004-120301 A

  However, when a plurality of security guards use the communication terminal for taking over duties such as duty duties, the same communication terminal and the same encryption key may be reused among a plurality of persons in charge. In this case, for example, when a malicious third party obtains an encryption key for decryption by any method, the data input by all persons in charge using the communication terminal are encrypted and stored in the communication terminal. Even if stored, there is a problem in that there is a risk that the data will be decrypted and leaked with one encryption key. In particular, persons in charge who use the communication terminal are often informed in advance of the decryption key encryption so that the encrypted input data can be displayed or changed on the communication terminal. Therefore, in the unlikely event that one of the persons in charge becomes a malicious third party, there is a high risk that the input data entered by all security guards using the communication terminal will be leaked by entering the decryption key encryption. Therefore, it is necessary to take measures to prevent leakage of these data.

  In addition, if all of the input data encrypted to prevent data leakage cannot be decrypted on the communication terminal, there are some data that the person in charge must use on the communication terminal depending on the nature of the information and work. Will be hindered. For example, it is possible to improve the accuracy of information such as progress status during work and records of inspections performed during patrols by the person in charge looking back and adding many times during the work. It is not preferable to disable decoding on the terminal. On the other hand, information that is recorded as some sort of evidence, such as image information taken with a communication terminal, does not need to be reviewed many times if it is known that it has been recorded. It is preferable to prevent inadvertent decryption in order to reduce the risk of outflow.

  In view of the above problems, an object of the present invention is to provide a communication terminal, a communication system, a communication method, and a communication program that can reliably prevent leakage of input data input to the communication terminal.

  According to one aspect of the present invention for solving such a problem, a communication system is provided that includes a communication terminal having a terminal operation unit and a photographing unit, and a center device capable of communicating with the communication terminal. In such a communication system, the center apparatus has a center key generating unit that generates a pair of public key and secret key of the public key cryptosystem, a center communication unit that transmits the public key to the communication terminal, and a center storage that stores the secret key. And the communication terminal encrypts the input data input from the terminal operation unit using the first common key of the common key cryptosystem. The terminal communication unit receives the public key from the center device. A first encryption unit, a terminal key generation unit that generates a second common key of the common key encryption method, and the image data acquired by the photographing unit are encrypted using the second common key and encrypted. A second encryption unit that encrypts the second common key with a public key and uses it as an encryption key, and stores data encrypted by the first encryption unit, and a second The encrypted data encrypted by the encryption unit and the encryption key Has a terminal storage section for response with stores, the.

  In the communication system, the center key generation unit further generates a first common key, the center communication unit further transmits the first common key to the communication terminal, and the terminal communication unit receives the first common key from the center device. Preferably, the common key is further received.

  In the communication system, the terminal key generation unit preferably further generates the first common key.

  Furthermore, in the communication system, it is preferable that the terminal key generation unit generates the second common key when the image data is acquired by the photographing unit.

  Further, in such a communication system, the terminal key generation unit generates a first predetermined number of second common keys, and is not used by the second encryption unit among the generated first predetermined number of common keys. When the number of unused second common keys falls below a second predetermined number that is smaller than the first predetermined number, a second common key is newly set until the number of second common keys reaches the first predetermined number. It is preferable to generate a key.

  Further, in this communication system, the terminal operation unit inputs user authentication information of the user, and the center key generation unit uses the communication terminal when the center communication unit receives the user authentication information from the communication terminal. It is preferable to generate a pair of public key and secret key as the timing at which is started.

  In such a communication system, it is preferable that the communication terminal further includes a terminal control unit that prohibits acquisition of image data by the photographing unit when the public key is not stored in the terminal storage unit.

  Further, in such a communication system, the terminal communication unit transmits the encrypted data and the encryption key stored in the terminal storage unit to the center device, and the terminal control unit transmits the encrypted data that the terminal communication unit has completed transmission. The center storage unit receives the encrypted data and the encryption key from the communication terminal, and the center device receives the secret key stored in the center storage unit. It is preferable to further include a decrypting unit that decrypts the encrypted data received using the decrypted second common key.

  According to another aspect of the present invention, there is provided a communication method performed by a communication terminal having a terminal operation unit and a photographing unit, and a center device capable of communicating with the communication terminal. In this communication method, the center device generates a pair of public key and secret key of the public key cryptosystem, a step of transmitting the public key to the communication terminal, a step of storing the secret key in the center storage unit, And a communication terminal receives a public key from the center device, encrypts input data input from the terminal operation unit using a first common key of a common key cryptosystem, and a common key A step of generating a second common key of the encryption method, and encrypting the image data obtained by the photographing unit using the second common key to obtain encrypted data, and using the second common key as a public key And encrypting using the encryption key as an encryption key, storing the data encrypted by the first encryption unit in the terminal storage unit, and encrypting the encrypted data encrypted by the second encryption unit and the encryption Associate key Having the steps of storing in the terminal storage section Te.

  According to another aspect of the present invention, there is provided a communication program that is executed by a communication terminal that has a terminal operation unit and a photographing unit and can communicate with a center apparatus. The communication program includes a procedure of encrypting input data input from the terminal operation unit using a first common key of the common key encryption method, a procedure of generating a second common key of the common key encryption method, The image data acquired by the imaging unit is encrypted using the second common key to obtain encrypted data, and the second common key is encrypted using the public key of the public key cryptosystem received from the center device. And storing the data encrypted by the first encryption unit in the terminal storage unit and the encrypted data encrypted by the second encryption unit and the encryption key The control unit of the communication terminal is caused to execute the procedure of associating and storing it in the terminal storage unit.

  According to another aspect of the present invention, a communication terminal having a terminal operation unit and a photographing unit and capable of communicating with a center device is provided. The communication terminal includes a terminal communication unit that receives a public key of the public key cryptosystem from the center device, and a first encryption key that encrypts input data input from the terminal operation unit using the first common key of the common key cryptosystem. 1 encryption unit, a terminal key generation unit that generates a second common key of the common key encryption method, and image data acquired by the imaging unit using the second common key to encrypt data A second encryption unit that encrypts the second common key with a public key and uses it as an encryption key, stores data encrypted by the first encryption unit, and A terminal storage unit for storing the encrypted data encrypted by the encryption unit and the encryption key in association with each other.

  In such a communication terminal, the terminal key generation unit generates a second common key when the image data is acquired by the photographing unit, and the second encryption unit uses the second common key to generate the image data. When encrypted, it is preferable to delete the second common key.

  According to the present invention, it is possible to provide a communication terminal, a communication system, a communication method, and a communication program that can reliably prevent leakage of input data input to the communication terminal.

It is a lineblock diagram showing an example of a security system concerning one embodiment of the present invention. It is a block diagram of the communication terminal which concerns on one Embodiment of this invention. It is a block diagram of the center apparatus which concerns on one Embodiment of this invention. It is a figure which shows an example of a structure of the work management information which concerns on one Embodiment of this invention. It is an operation | movement sequence diagram of the communication terminal and center apparatus which concern on one Embodiment of this invention. It is an operation | movement sequence diagram of the communication terminal and center apparatus which concern on one Embodiment of this invention. It is an operation | movement sequence diagram of the communication terminal and center apparatus which concern on one Embodiment of this invention. It is a figure explaining the example of the security service performed using a communication terminal in the conventional security system.

  Hereinafter, a security system as one embodiment of a communication system of the present invention will be described with reference to the drawings.

  In the security system to which the present invention is applied, the user starts using the communication terminal so that the encryption key used for encrypting the input data of the communication terminal is changed every time the user of the communication terminal changes. It is generated at the timing. Of the data input to the communication terminal, the input data used by the user at the communication terminal is encrypted by an encryption method that can be decrypted on the communication terminal. On the other hand, input data that is not used by the user at the communication terminal (or the necessity thereof is low) is encrypted by an encryption method that cannot be decrypted on the communication terminal.

  In addition, the inventor of the present invention is able to encrypt large input data such as an image in a communication terminal with an encryption method with a small processing load such as a common key encryption method. We obtained the knowledge that it would take time if it was performed with a heavily loaded cryptosystem. Based on this knowledge, the center device according to the present invention generates a public key and private key pair of the public key cryptosystem, sends the public key of the key pair to the communication terminal, and sends the private key to the own device. Remember. Then, the communication terminal according to the present invention encrypts and stores the input data used by the user at the communication terminal using the first common key, and stores the first common key. Erase the original input data. On the other hand, the communication terminal encrypts and stores the input data that the user does not use in the communication terminal by using the second common key, and stores the second common key sent from the center apparatus. Using the key, it is encrypted and stored by the public key cryptosystem, and the original input data and the second common key are erased. Therefore, since the communication terminal does not have a secret key, the second common key encrypted with the public key cannot be decrypted, and input data that is not used by the user encrypted with the second common key is not used in the communication terminal. Since decryption cannot be performed, leakage of input data that is not used by the communication terminal can be reliably prevented.

  FIG. 1 is a configuration diagram illustrating an example of a security system 1 according to an embodiment of the present invention. As shown in FIG. 1, such a security system 1 includes a communication terminal 2 used for security work, a center device 3 that monitors and manages the security system 1, a suspicious person's intrusion or fire in a security target facility, and the like. There are a security device 4 connected to various sensors (not shown) for detecting abnormalities in the communication, and a communication network 5 connecting them.

  The communication terminal 2 is a portable information processing device such as a smartphone, a tablet PC, or a notebook PC used for security work. For example, the communication terminal 2 transmits a work start signal and a work end signal indicating the start and end of work of the security guard to the center device 3 via the communication network 5. In addition, the communication terminal 2 receives input data together with security-related information such as a map of a security target facility, a sketch, a security schedule, inspection points, and inspection items from the center device 3 that has received the work start signal via the communication network 5. A public key used for encrypting the common key to be encrypted can be received. Further, the communication terminal 2 encrypts the input data such as the evidence image photographed by the communication terminal 2 and the input inspection record with the common key, and the center through the communication network 5 together with the common key encrypted with the public key. It can be transmitted to the device 3.

  The center device 3 is provided in a monitoring center for monitoring the security device 4 installed in the facility to be guarded, a security headquarters for dispatching guards, a command headquarters for remotely issuing instructions to the guards, and a disaster prevention center in a large building It will be installed in facilities that manage security, such as the disaster prevention headquarters. When the center device 3 receives the abnormality detection signal from the security device 4 through the communication network 5, the center device 3 notifies the security target facility where the security device 4 that has transmitted the abnormality detection signal is installed and the content of the detected abnormality to the notification unit. And notify the monitor through the display. The monitor of the center device 3 notified of the abnormality contacts the communication terminal 2 carried by the guard, and goes to the property where the guard device 4 in which the abnormality has occurred is inspected by the guard. Instruct to take corrective action. In addition, the center device 3 manages work of guards using the communication terminal 2, provides security-related information and public keys to the communication terminals 2, and inspection records and evidence input to each communication terminal 2 during security. Collect and centrally manage input data such as images.

  The security device 4 is installed in each security target facility as a monitoring target for monitoring the safety situation, such as a house, an apartment dwelling unit, or a business office, and one or a plurality of sensors (not shown) for detecting an abnormality of each facility. Connected). The sensor is, for example, a heat sensor or smoke sensor for detecting a fire, a magnet sensor that is attached to an opening / closing part such as a window or a door, and detects the opening / closing thereof, or a detection range based on a change in the amount of received infrared light. An infrared sensor that detects the presence or absence of an intruder or the like. Alternatively, the sensor may be an image sensor that detects the presence or absence of an intruder or the like in the imaging range based on a difference signal between the captured image and a normal image stored in advance. When an abnormality is detected by the sensor, the security device 4 transmits an abnormality detection signal indicating that the abnormality has been detected and a signal indicating the identification number of the security device 4 to the center device 3 via the communication network 5.

  The communication network 5 connects the communication terminal 2 and the center device 3 and the center device 3 and the security device 4 in a communicable manner. The communication network 5 may have any form as long as communication is possible between them, and may be a single communication system network or a plurality of communication system networks connected via a gateway server (not shown). It may be configured. Further, the communication terminal 2 and the center device 3 and the center device 3 and the security device 4 may be simultaneously connected by a plurality of forms of communication networks.

  In the example shown in FIG. 1, the communication network 5 includes an IP network 51 such as the Internet, and W-CDMA, CDMA2000, LTE (Long Term Evolution) connected to the IP network 51 via a gateway server (not shown). And a mobile phone network 54 in accordance with a communication method such as WiMAX or PHS. The IP network 51 and the cellular phone network 54 include an access point (AP) 53 and base stations (BS) 55 to 57, and communication terminals are provided via at least one of the access point 53 and the base stations 55 to 57. 2 and wireless communication. In the following, the communication terminal 2 is connected to the mobile phone network 54 via the base station 55, and the center device 3 via the IP network 51 connected from the mobile phone network 54 to a gateway server (not shown). A case where communication is performed will be described.

  FIG. 2 is a configuration diagram of the communication terminal 2 according to an embodiment of the present invention. As illustrated in FIG. 2, the communication terminal 2 includes a terminal operation unit 21, a photographing unit 22, a terminal display unit 23, a terminal communication unit 24, a terminal storage unit 25, and a terminal control unit 26.

  The terminal operation unit 21 is an operation interface for a user of the communication terminal 2 to input information to the communication terminal 2 and includes an input device such as a button, a numeric keypad, and / or a touch panel. In addition, the terminal operation unit 21 may include a microphone that performs voice input. If there is an input operation from the user, the terminal operation unit 21 outputs a signal corresponding to the input operation to the terminal control unit 26. The user can input information such as instructions for processing to be performed by the communication terminal 2, start and end of work, and inspection records by an input operation to the terminal operation unit 21.

  The imaging unit 22 may be a known built-in camera or an external camera that includes an imaging element such as a CCD element or a C-MOS element, an optical system component, an A / D converter, an encoder, and the like. The image data acquired by the image capturing unit 22 may be either a still image or a moving image. For this reason, the image capturing unit 22 is an image in a format that can be processed by both the communication terminal 2 and the center device 3 such as JPEG or MPEG. It is preferable that data can be acquired.

  In the present embodiment, the data input unit of the terminal includes a terminal operation unit 21 and a photographing unit 22. The input data includes input data such as inspection record information in which inspection results are recorded for each inspection item input from the terminal operation unit 21 and image data such as evidence images input from the imaging unit 22. Have. In the following, the inspection record information input from the terminal operation unit 21 is an example of input data that the user uses on the communication terminal 2, and the image data input from the imaging unit 22 is not used on the communication terminal 2 ( Alternatively, it will be described as an example of input data whose necessity is low.

  The terminal display unit 23 includes a display device such as a liquid crystal display or a touch panel display. The terminal display unit 23 displays security-related information such as a security schedule, a security target facility map, a floor plan, and an inspection record input form that can be entered while checking the inspection location and inspection items to be inspected. In addition, the terminal display part 23 may be integrated with a part of the terminal operation part 21 by comprising a touch panel display.

  The terminal communication unit 24 includes a communication interface circuit for allowing the communication terminal 2 to perform wireless communication of a mobile phone with the base station 55 through an antenna according to a communication method such as W-CDMA, CDMA2000, or LTE. The terminal communication unit 24 sends information received from the center apparatus 3 via the base station 55 to the terminal control unit 26. Further, the terminal communication unit 24 transmits the information received from the terminal control unit 26 to the center device 3 via the base station 55. Note that the terminal communication unit 24 may include a communication interface circuit according to another communication method such as a wireless LAN, WiMAX, or PHS, or may include a plurality of communication interface circuits so as to correspond to a plurality of communication methods. May be.

  The terminal communication unit 24 sends a work start signal and a work end signal indicating the start and end of the user's work to the center device 3 via the communication network 5. Further, the terminal communication unit 24 receives the security related information and the public key sent from the center device 3 in response to the work start signal. At this time, the terminal communication unit 24 may receive from the center device 3 a recording common key for encrypting the inspection record information using a common key encryption method. Further, the terminal communication unit 24 encrypts input data such as inspection record information and image data stored in the terminal storage unit 25, and a recording common key and image data used for the encryption. The encrypted key obtained by encrypting the common key is associated with the encrypted key and sent to the center device 3 via the communication network 5.

  The terminal storage unit 25 includes a semiconductor memory such as a ROM (Read Only Memory), a RAM (Random Access Memory), and / or an EPROM (Erasable Programmable Read Only Memory). The terminal storage unit 25 stores a computer program and various data for controlling the communication terminal 2, and exchanges such information with the terminal control unit 26. The terminal storage unit 25 may include an auxiliary memory such as a micro SD card as necessary. The computer program and / or data may be provided from the communication network 5 or the like via the terminal communication unit 24 and stored in the terminal storage unit 25, or stored and provided as a firmware in a semiconductor memory such as ROM or EPROM. Also good.

  As illustrated in FIG. 2, the terminal storage unit 25 stores security related information, a public key, a recording common key, an image common key, encrypted data, and an encryption key.

  The security-related information includes, for example, a security schedule indicating the type, time zone, and location of the security service performed by the user of the communication terminal 2, a map indicating the location of the security target facility, and the arrangement of the monitoring target such as a safe. It has information that supports security, such as a sketch drawing, an inspection record input form for recording inspection results having inspection points and inspection items to be inspected. The security-related information stored in the terminal storage unit 25 is sent from the center device 3 in response to a work start signal indicating the start of work of the user being sent from the terminal communication unit 24 to the center device 3. The security-related information corresponding to the personal identification information of the user included in the work start signal. The security related information sent from the center device 3 is received by the terminal communication unit 24 and stored in the terminal storage unit 25.

  The public key is an encryption key used by the image encryption unit 263 to encrypt the image common key stored in the terminal storage unit 25 using the public key encryption method. The public key may be used by the recording / encrypting unit 262 to encrypt the recording common key using the public key cryptosystem. The public key is generated by the center apparatus 3 that has received a work start signal indicating the start of work of the user from the communication terminal 2 and is sent to the communication terminal 2. The public key thus sent from the center device 3 is received by the terminal communication unit 24 and stored in the terminal storage unit 25. It is necessary to prove that the public key sent to the communication terminal 2 is generated by the center device 3, that is, not sent by a malicious third party. Therefore, it is preferable to transmit the public key via a secure network such as an in-house LAN where security is protected, or to ensure safety using a public key certificate by a certificate authority.

  For the recording common key, the recording encryption unit 262 encrypts the inspection record information input from the terminal operation unit 21, which is an example of input data used by the user in the communication terminal 2, using the common key encryption method. This is the first common key used for. The common key for recording may be generated by the center device 3 that has received the work start signal from the communication terminal 2 and sent to the communication terminal 2 in the same manner as the public key. In this case, the recording common key sent from the center device 3 is received by the terminal communication unit 24 and stored in the terminal storage unit 25. The recording common key may not be generated by the center device 3 and transmitted to the communication terminal 2 but may be generated by the communication terminal 2 by the terminal key generation unit 261 and stored in the terminal storage unit 25.

  The image common key is a second common key used by the image encryption unit 263 to encrypt the image data input from the photographing unit 22 using a common key encryption method. The image common key is generated by the terminal key generation unit 261 and stored in the terminal storage unit 25 for each image data input from the photographing unit 22.

  The encrypted data includes data obtained by the record encryption unit 262 encrypting the inspection record information input from the terminal operation unit 21 by using the common key encryption method using the recording common key stored in the terminal storage unit 25; The image encryption unit 263 includes data obtained by encrypting the image data input from the photographing unit 22 using a common key for image stored in the terminal storage unit 25 using a common key encryption method.

  The encryption key is obtained by encrypting the image common key stored in the terminal storage unit 25 by the image encryption unit 263 using the public key stored in the terminal storage unit 25 using the public key encryption method. . Each encrypted data and the encryption key of the image common key used for encrypting the encrypted data are stored in the terminal storage unit 25 in association with each other. In addition, the recording common key used for encrypting the inspection record information by the recording encryption unit 262 may be encrypted by a public key encryption method using the public key and stored as an encryption key.

  The terminal control unit 26 includes one or more processors and their peripheral circuits, and the processor controls the operation of the communication terminal 2 by executing a program stored in the semiconductor memory of the terminal storage unit 25. . The processor and the semiconductor memory may include an independent integrated circuit, a microprocessor, or an ASIC.

  As illustrated in FIG. 2, the terminal control unit 26 includes a terminal key generation unit 261, a recording encryption unit 262, an image encryption unit 263, and a terminal decryption unit 264. Each unit of the terminal control unit 26 is a functional module realized by the processor reading and executing a program describing the processing procedure of each unit stored in the terminal storage unit 25.

  When image data is input from the photographing unit 22, the terminal key generation unit 261 generates an image common key for encrypting the image data using a common key encryption method, and stores the image common key in the terminal storage unit 25. In addition, the terminal key generation unit 261 may generate a recording common key for encrypting the inspection record information input from the terminal operation unit 21 using a common key encryption method and store the generated recording common key in the terminal storage unit 25. The terminal key generation unit 261 first generates a plurality of image common keys such as 30 for example, and the number of unused image common keys not used by the image encryption unit 263 is 15 for example. When the number is less than a predetermined number such as a book, a plurality of image common keys may be newly generated so that the number is the same as the number of image common keys generated first. The terminal key generation unit 261 can generate an encryption key efficiently by generating a plurality of encryption keys at the same time, and can reduce the processing load due to the generation of the encryption key.

  The recording encryption unit 262 encrypts the inspection record information input from the terminal operation unit 21 by using a common key for recording stored in the terminal storage unit 25 and stores it in the terminal storage unit 25. A first encryption unit. Since the record encryption unit 262 encrypts the inspection record information and stores the recording common key in the terminal storage unit 25, the inspection record information can be decrypted on the communication terminal 2. Further, the recording encryption unit 262 uses the common key for recording used to encrypt the inspection record information when the inspection record information encrypted by the terminal communication unit 24 is transferred to the center device 3. The public key stored in the storage unit 25 may be used for encryption and transfer using a public key cryptosystem. By transferring to the center device 3, the inspection record information does not need to be decrypted and used by the communication terminal 2, so that the recording common key can also be encrypted. In this case, the recording encryption unit 262 stores the encrypted recording common key in the terminal storage unit 25 in association with the encrypted data of the inspection record information stored in the terminal storage unit 25 as the encryption key. When the record encryption unit 262 encrypts the inspection record information or the recording common key and stores it in the terminal storage unit 25, the recording encryption unit 262 erases the original inspection record information or the recording common key. When the recording common key is generated and stored in the center storage unit 34 when the center device 3 is generated, only the encrypted inspection record information needs to be transferred to the center device 3. Since the recording common key does not have to be transferred, it may not be encrypted.

  The image encryption unit 263 encrypts the image data input from the photographing unit 22 by using a common key encryption method using the image common key stored in the terminal storage unit 25 to obtain encrypted data. Is Further, the image encryption unit 263 encrypts the image common key used for encrypting the image data with the public key encryption method using the public key stored in the terminal storage unit 25, and encrypts the encryption key. And Then, the image encryption unit 263 associates the encrypted data obtained by encrypting the image data with the encryption key of the image common key used for encrypting the encrypted data, and causes the terminal storage unit 25 to store the associated data. . When the image encryption unit 263 encrypts the image data and the image common key and stores them in the terminal storage unit 25, the image encryption unit 263 erases the original image data and the image common key before encryption. Therefore, since the image common key encrypted by the public key cryptosystem cannot be decrypted on the communication terminal 2 that does not have the secret key, the image data encrypted using the image common key is also stored on the communication terminal 2. Cannot be decrypted.

  In the present embodiment, the record encryption unit 262 and the image encryption unit 263 are configured to input data having relatively large data such as inspection record information and image data by simple processing such as replacement or transposition of AES, for example. Encryption is performed with a common key encryption method that is performed and has a small processing load. On the other hand, the recording common key and the image common key, which are relatively small data, involve a complicated calculation and thus have a large processing load. However, since the decryption cannot be performed on the communication terminal 2 that does not have the secret key, the security is high. For example, encryption is performed by a public key cryptosystem such as RSA (registered trademark).

  The terminal decryption unit 264 decrypts the encrypted inspection record information stored in the terminal storage unit 25 using the common key encryption method using the recording common key stored in the terminal storage unit 25. . The decoded inspection record information can be displayed on the terminal display unit 23 or updated.

  FIG. 3 is a configuration diagram of the center device 3 according to an embodiment of the present invention. As shown in FIG. 3, the center device 3 includes a center operation unit 31, a center display unit 32, a center communication unit 33, a center storage unit 34, and a center control unit 35.

  The center operation unit 31 includes operation devices such as buttons, a keyboard, and a mouse, and functions as an input device for a monitor to input information to the center device 3.

  The center display unit 32 is configured by a display device such as a liquid crystal display or a touch panel display, and serves as a notification unit that notifies the monitoring staff of the property where the security device 4 that has transmitted the abnormality detection signal is installed, the content of the detected abnormality, and the like. Function. The center display unit 32 displays input data to the communication terminal 2 such as inspection records and image data received from the communication terminal 2 via the center communication unit 33. The center display unit 32 may be integrated with a part of the center operation unit 31 by being configured with a touch panel display.

  The center communication unit 33 performs wireless communication with a communication interface circuit for connecting the center device 3 to the IP network 51 and / or a base station 57 of the mobile phone network 54 similar to the terminal communication unit 24 of the communication terminal 2. A communication interface circuit. The center communication unit 33 sends information received from the communication terminal 2 via the IP network 51 and / or the mobile phone network 54 to the center control unit 35. Further, the center communication unit 33 transmits the information received from the center control unit 35 to the communication terminal 2 via the IP network 51 and / or the mobile phone network 54. In the present embodiment, an example in which the center device 3 communicates with the communication terminal 2 from the IP network 51 via the mobile phone network 54 will be described.

  The center storage unit 34 includes a semiconductor memory such as a ROM and a RAM. The center storage unit 34 may include a magnetic storage medium such as a hard disk and / or an optical storage medium such as a CD-ROM and / or a DVD and an access device thereof. The center storage unit 34 may include a storage device connected from the center communication unit 33 via the communication network 5. The center storage unit 34 stores a computer program and various data for controlling the center device 3, and exchanges such information with the center control unit 35. The program may be provided from the communication network 5 via the center communication unit 33 and stored in the center storage unit 34, and may be provided by a computer-readable storage medium such as a CD-ROM and / or a DVD or firmware. Also good.

  As shown in FIG. 3, the center storage unit 34 stores user information, security related information, work management information, and a secret key.

  The user information includes personal identification information such as an employee number of an authorized user who can use the communication terminal 2. This personal identification information may be used as user authentication information for authenticating the user of the communication terminal 2. Further, the user information may include information such as a password, a user's fingerprint, a face, or a voiceprint as user authentication information corresponding to each legitimate user's personal identification information.

  The security-related information is the same information as that stored in the terminal storage unit 25 of the communication terminal 2 and is stored in the center storage unit 34 in association with the personal identification information of each authorized user.

The work management information is information for managing work such as attendance and leaving of each user.
FIG. 4 is a diagram showing an example of the configuration of work management information in the present embodiment. The work management information includes, for each user's work, personal identification information (ID) of the user who works, terminal identification information (ID) of the communication terminal 2 used for work, and whether he / she went to work / retired accordingly Information on work such as a work flag / no work flag indicating whether or not. Further, the work management information may include information on other work such as work place, work time, and work time, and whether or not a valid work time / work time is set instead of the work / work flag. It may be indicated whether or not he / she has gone to / from work. As illustrated in FIG. 4, the work management information may include a secret key generated for each work.

  The secret key is a decryption key used by the center decryption unit 352 to decrypt the encryption key sent from the communication terminal 2 using the public key cryptosystem. In this embodiment, the secret key is the center key when the center communication unit 33 receives a work start signal indicating the start of work of the user from the communication terminal 2 as the timing when the use of the communication terminal is started. Generated by the generation unit 351. The secret key is stored for each duty of the user in association with at least one of the personal identification information and terminal identification information of the user of the communication terminal 2. For example, the secret key may be stored as work management information as shown in FIG. Further, when the recording common key is generated by the center key generation unit 351, the recording common key may be stored in the center storage unit 34. This recording common key may also be stored as work management information.

  The center control unit 35 includes one or more processors and their peripheral circuits, and the processor controls the operation of the center device 3 by executing a program stored in the semiconductor memory of the center storage unit 34. .

  As illustrated in FIG. 3, the center control unit 35 includes a center key generation unit 351 and a center decryption unit 352. Each of these units is a functional module realized by the processor reading and executing a program describing the processing procedure of each unit stored in the center storage unit 34.

  When the center communication unit 33 receives a work start signal indicating the start of work of the user from the communication terminal 2, the center key generation unit 351 generates a key pair of a public key and a secret key used in encryption processing by a public key cryptosystem. To do. Of the key pair generated by the center key generation unit 351, the secret key is stored in the center storage unit 34, and the public key is sent to the communication terminal 2 by the center communication unit 33. The center key generation unit 351 also uses a public key key pair and a recording common key that the recording encryption unit 262 of the communication terminal 2 uses to encrypt the inspection record information input from the terminal operation unit 21. It may be generated. In this case, the recording common key is sent to the communication terminal 2 by the center communication unit 33 together with the public key. At this time, a copy of the recording common key may be stored in the center storage unit 34.

  The center decryption unit 352 decrypts the encryption key received by the center communication unit 33 from the communication terminal 2 using the public key encryption method using the secret key stored in the center storage unit 34, and the original recording common key And a common key for images. The center decryption unit 352 decrypts the encrypted data associated with each encryption key received from the communication terminal 2 by the center communication unit 33 using the decrypted recording common key and image common key. The inspection record information and the image data are restored. If the recording common key is stored in the center storage unit 34, the center decryption unit 352 may restore the inspection record information using this, and after the restoration, the recording common key is stored in the center. You may delete from the memory | storage part 34. FIG.

  5 to 7 are operation sequence diagrams of the communication terminal 2 and the center apparatus 3 according to an embodiment of the present invention. With reference to FIG. 5 to FIG. 7, an example of the operation of the communication terminal 2 and the center device 3 in the present embodiment will be described along the work flow of guards.

  When the security guard starts working using the communication terminal 2, in order to start using the communication terminal 2, the security guard inputs the personal ID such as an employee number identifying himself / herself from the terminal operation unit 21 and inputs the work start. . The personal ID can be user authentication information as an authorized user who uses the communication terminal 2.

  Referring to FIG. 5, the terminal control unit 26 of the communication terminal 2 determines based on the signal received from the terminal operation unit 21 whether or not an input for starting work has been performed on the terminal operation unit 21 (step A101). If there is no input for starting work (No in step A101), the process waits until input for starting work is performed. Then, when the start of work is input from the terminal operation unit 21 (Yes in Step A101), the terminal control unit 26, the personal ID input from the terminal operation unit 21 by the input of work start, and the terminal storage unit 25 A work start signal having a terminal ID that is identification information of itself read from a specific area is generated, and the generated work start signal is transmitted to the center device 3 by the terminal communication unit 24 (step A102). The terminal ID may be input from the terminal operation unit 21 by the user.

  The center control unit 35 of the center device 3 determines whether or not the center communication unit 33 has received a work start signal indicating the start of work of the user from the communication terminal 2, and the user uses the communication terminal 2. It is determined whether or not it has started (step B101). When the center communication unit 33 receives the work start signal from the communication terminal 2 (Yes in step B101), the center control unit 35 uses the personal ID of the work start signal received by the center communication unit 33 as the user authentication information. User authentication is performed by comparing with the personal ID of the user information stored in the storage unit (step B102). If this personal ID is present in the user information, the center control unit 35 authenticates the user who has entered the start of work at the communication terminal 2 as an authorized user of the communication terminal 2, and the center storage unit 34. The personal ID and terminal ID of the work start signal are registered in the work management information stored in, and the attendance of the user is registered by setting the corresponding attendance flag to ON (step B103). At this time, the center control unit 35 may register information such as work location and attendance time in the work management information. When user authentication information such as a password is input together with the personal ID in the start of work by the terminal operation unit 21 of the communication terminal 2, the center communication unit 33 displays the user authentication information together with the personal ID in step B101. In step B102, the center control unit 35 collates the user authentication information received by the center communication unit 33 with the user authentication information of the user information stored in the center storage unit 34. User authentication.

  When the center control unit 35 registers the attendance of the user in the work management information, the center key generation unit 351 checks and records the public key and private key pair used for encryption processing by the public key encryption method and the common key encryption method. A recording common key for encrypting information is generated (step B104). The center control unit 35 then transmits the public key and the recording common key of the key pair generated by the center key generation unit 351 together with the security related information corresponding to the personal ID read from the center storage unit 34, to the center communication. It transmits to the communication terminal 2 by the part 33 (step B105). Further, the center control unit 35 stores the secret key of the key pair generated by the center key generation unit 351 in the center storage unit 34 in association with at least one of the personal ID and the terminal ID (step B106). At this time, the center control unit 35 may register the secret key in the work management information of the center storage unit 34. Alternatively, the center control unit 35 may store the common key for recording in the center storage unit 34 as well.

  The terminal control unit 26 of the communication terminal 2 determines whether or not the terminal communication unit 24 has received the security related information, the public key, and the recording common key from the center device 3 (step A103). If the related information, the public key, and the recording common key have not been received (No in Step A103), the terminal communication unit 24 waits until receiving the security related information, the public key, and the recording common key. When the terminal communication unit 24 receives the security related information, the public key, and the recording common key (Yes in Step A103), the terminal control unit 26 receives the security related information, the public key, and the security information received by the terminal communication unit 24 from the center device 3. The recording common key is stored in the terminal storage unit 25 (step A104). As described above, the communication terminal 2 cannot input the security service input data that is required to be confidential until the public key is received. Thereby, the confidentiality of input data is ensured and data leakage is prevented.

  When the security guard inputs work start, the security guard performs security work while displaying the security related information sent from the center apparatus 3 to the communication terminal 2 on the terminal display unit 23 as necessary. The security guard inputs various data using a terminal input unit such as the terminal operation unit 21 and the photographing unit 22 when performing the security service. For example, the security guard displays an inspection record input form of security-related information stored in the terminal storage unit 25 on the terminal display unit 23 of the communication terminal 2, and each inspection item of each inspection location is displayed by the terminal operation unit 21. Enter the inspection results and memorandum.

  Referring to FIG. 5, the terminal control unit 26 of the communication terminal 2 determines whether an inspection record is input to the terminal operation unit 21 based on the signal received from the terminal operation unit 21 (step A105). . If it is determined that an inspection record is input from the terminal operation unit 21 (Yes in step A105), the terminal control unit 26 generates inspection record information based on the signal received from the terminal operation unit 21 (step A106). The record encryption unit 262 encrypts the generated inspection record information with the common key encryption method using the recording common key stored in the terminal storage unit 25 and stores the encrypted information in the terminal storage unit 25 (step A107). Note that the recording common key used for encryption of the inspection record information is the recording common key generated by the center key generation unit 351 in step B104, and the terminal communication unit 24 receives from the center apparatus 3 in step A103. The terminal controller 26 is not limited to storing the terminal storage unit 25 in A104 in A104, but before the recording encryption unit 262 encrypts the inspection record information in Step A107, the terminal key generation unit 261 obtains the recording common key. It may be generated and stored in the terminal storage unit 25.

  The security guard operates the terminal operation unit 21 while moving the place to be inspected, thereby reading out the inspection record information input to the communication terminal 2 and displaying it on the terminal display unit 23, or adding / correcting the inspection record The inspection record information can be updated.

  Referring to FIG. 6, the terminal control unit 26 of the communication terminal 2 determines whether or not an inspection record read-out input has been performed on the terminal operation unit 21 based on the signal received from the terminal operation unit 21 (step). A108). When the terminal control unit 26 determines that the inspection record read-out input has been made to the terminal operation unit 21 (Yes in step A108), the terminal decryption unit 264 uses the recording common key stored in the terminal storage unit 25. The encrypted inspection record information stored in the terminal storage unit 25 is decrypted using the common key encryption method (step A109). And the terminal control part 26 displays the decoded inspection record information on the terminal display part 23, and enables a user to update inspection record information by the terminal operation part 21 (step A110). The terminal control unit 26 updates the inspection record information based on the signal received from the terminal operation unit 21. The terminal control unit 26 encrypts the updated inspection record information with the common key encryption method using the recording common key stored in the terminal storage unit 25 and stores it in the terminal storage unit 25, and the original updated inspection record Information is erased (step A111). At the time of inputting the inspection record read in step A108, the terminal control unit 26 inputs the authentication information such as key encryption for decrypting the inspection record information to the terminal operation unit 21 by the user. Authentication may be performed.

  The guard operates the terminal operation unit 21 of the communication terminal 2 and inputs image data such as an evidence image from the photographing unit 22 during the security.

  Referring to FIG. 6, the terminal control unit 26 determines whether or not an instruction to capture an image has been input from the terminal operation unit 21 (step A112). When an instruction to capture an image is input from the terminal operation unit 21 (Yes in Step A112), the terminal control unit 26 captures an image by the capturing unit 22 and acquires image data (Step A113). The terminal key generation unit 261 generates an image common key for encrypting the image data by the common key encryption method, and stores the image common key in the terminal storage unit 25 (step A114). The image encryption unit 263 encrypts the image data by the common key encryption method using the image common key stored in the terminal storage unit 25 to obtain encrypted data, and erases the original image data (step A115). . The image encryption unit 263 encrypts the image common key used for encrypting the image data with the public key encryption method using the public key stored in the terminal storage unit 25 to obtain an encryption key, The original image common key is deleted (step A116). The image encryption unit 263 stores the encrypted data obtained by encrypting the image data in association with the encryption key obtained by encrypting the image common key used for encrypting the encrypted data in the terminal storage unit 25. (Step A117). When the imaging unit 22 acquires a plurality of image data, the terminal control unit 26 can repeatedly execute Step A112 to Step A117, and an image common key is generated for each acquired image data. In step A112, the terminal control unit 26 determines whether or not the public key is stored in the terminal storage unit 25. If the public key is not stored in the terminal storage unit 25, a shooting instruction is input. It can be determined that the image has not been taken (No in step A112), and image shooting can be prohibited.

  When the security guard performs input and addition / correction of the inspection record by the terminal operation unit 21 or shoots the evidence image by the photographing unit 22 and finishes inputting the input data, the input data is input to the terminal operation unit 21 of the communication terminal 2. By inputting the transfer instruction, the inspection record information input from the terminal operation unit 21 and the input data such as the image data captured by the imaging unit 22 can be transferred to the center device 3.

  Referring to FIG. 7, the terminal control unit 26 of the communication terminal 2 determines whether inspection record information and / or image data transfer instruction has been input from the terminal operation unit 21 (step A118). When the inspection record information and / or image data transfer instruction is input from the terminal operation unit 21 (Yes in Step A118), when the inspection record information is transferred (Yes in Step A119), the recording encryption unit 262 The recording common key stored in the storage unit 25 is encrypted by the public key cryptosystem using the public key stored in the terminal storage unit 25. Then, the recording encryption unit 262 stores the encryption key obtained by encrypting the recording common key in the terminal storage unit 25 in association with the encrypted data of the encrypted inspection record information, and stores the original recording common key. The key is deleted (step A120). The terminal communication unit 24 uses the encrypted data (inspection record information and image data) and the encryption key stored in association with the terminal storage unit 25 as at least one of the personal ID and terminal ID of the user of the communication terminal 2. At the same time, it is transmitted to the center device 3 (step A121). In step A121, when the recording common key is generated by the center key generation unit 351 and stored in the center storage unit 34, the terminal communication unit 24 does not have to transfer the recording common key to the center device 3. Also good. Therefore, in step A120, the recording / encrypting unit 262 may not encrypt the recording common key, and may simply delete it from the terminal storage unit 25. When the inspection record information is not transferred (No in Step A119), the encrypted data and the encryption key of the image data stored in association with each other are transmitted to the center device 3.

  The center control unit 35 of the center device 3 determines whether or not the center communication unit 33 has completed reception of the encrypted data and the encryption key from the communication terminal 2 (step B107), and the center communication unit 33 performs the communication terminal. When the reception of the encrypted data and the encryption key from 2 is completed (Yes in Step B107), the center control unit 35 transmits a reception completion signal to the communication terminal 2 by the center communication unit 33 (Step B108). Then, the center decryption unit 352 reads the secret key corresponding to the terminal ID of the communication terminal 2 or the user's personal ID received together with the encrypted data and the encryption key from the center storage unit 34. The center decryption unit 352 decrypts the encryption key received by the center communication unit 33 into the original recording common key and the image common key by the public key cryptosystem using the secret key read from the center storage unit 34. (Step B109). Further, the center decryption unit 352 decrypts the encrypted data into the original inspection record information and image data by the common key encryption method using the decrypted recording common key and the image common key (step B110). The center control unit 35 stores the decoded inspection record information and image data in the center storage unit 34 (step B111). Thereafter, the inspection record information and image data stored in the center storage unit 34 may be displayed on the center display unit 32 as needed, or may be stored in the database as a security record.

  The terminal control unit 26 of the communication terminal 2 determines whether or not the transmission of the encrypted data and the encryption key to the center device 3 is completed depending on whether or not the terminal communication unit 24 has received the reception completion signal from the center device 3. Is determined (step A122). If the transmission of the encrypted data and the encryption key is not completed (No in step A122), the terminal control unit 26 waits until the transmission is completed. When the transmission of the encrypted data and the encryption key is completed (Yes in step A122), the terminal control unit 26 can erase the transmitted encrypted data and encryption key stored in the terminal storage unit 25. (Step A123).

  During security, the security guard inputs input data such as inspection record input and addition / correction by the terminal operation unit 21 of the communication terminal 2 and photographing of evidence images by the imaging unit 22 and input after input as necessary. Transfer of data to the center device 3 can be repeated. When all the security work shown in the security schedule is finished and the work is finished, the security guard inputs the work end to the terminal operation unit 21 of the communication terminal 2.

  Referring to FIG. 7, the terminal control unit 26 of the communication terminal 2 determines whether or not the end of work has been input to the terminal operation unit 21 (step A124). When the end of work is input to the terminal operation unit 21 (Yes in step A124), the terminal control unit 26 has at least one of the personal ID and the terminal ID of the user of the communication terminal 2 by the terminal communication unit 24. A work end signal is transmitted to the center device 3 (step A125). At this time, the end of work may be received on condition that there is no encrypted data and encryption key that have not been transferred to the center device 3 in the terminal storage unit 25. Further, the terminal control unit 26 deletes the public key stored in the terminal storage unit 25 (step A126).

  The center control unit 35 of the center apparatus 3 determines whether the center communication unit 33 has received a work end signal indicating the end of the user's work from the communication terminal 2, and the user uses the communication terminal 2. It is determined whether or not the processing has been completed (step B112). When the center communication unit 33 receives the work end signal (Yes in Step B112), the center control unit 35 stores work management information corresponding to the personal ID or terminal ID of the work end signal stored in the center storage unit 34. Is set to ON, and the user's leave of work of the communication terminal 2 is registered (step B113). At this time, the center control unit 35 may register information such as leaving time in the work management information. The center control unit 35 deletes the secret key corresponding to the received personal ID or terminal ID from the center storage unit 34 (step B114). Here, when the center storage unit 34 stores the recording common key, the center control unit 35 stores the recording common key stored in the center storage unit 34 in association with the received personal ID or terminal ID. It may be erased.

  As described above, the communication terminal according to the present invention encrypts the data used by the user at the communication terminal among the data input to the communication terminal using an encryption method that can be decrypted on the communication terminal. On the other hand, data that the user does not use in the communication terminal is encrypted by an encryption method that cannot be decrypted on the communication terminal. In particular, the center device according to the present invention sends the public key of the generated public / private key pair to the communication terminal and stores the secret key in the center device. In addition, the communication terminal according to the present invention erases the original image data and the image common key when the user finishes encrypting the image data not used on the communication terminal and the image common key used for the encryption. . As a result, the image common key used for encrypting the image data encrypted using the public key by the public key cryptosystem cannot be decrypted even on the communication terminal having no private key. Therefore, the image data cannot be decoded. Therefore, it is possible to reliably prevent the input data that the user does not use on the communication terminal, such as image data input to the communication terminal, from being leaked by the user's hand.

  In addition, the center device according to the present invention newly generates a pair of public key and secret key used in the encryption process of the public key cryptosystem at the timing when the user starts using the communication terminal. Further, the center device is configured to delete the secret key from the center storage unit at the timing when the use of the communication terminal is finished by the user. Therefore, even if a malicious third party obtains the secret key, a different public key and secret key are used for recording the input data of the communication terminal encrypted each time the user of the communication terminal changes. Since it is used for encryption and decryption of the common key and the image common key, the leakage of the input data input to the communication terminal can be kept within the range of the input data input by one user. In addition, even if the user of the communication terminal becomes a malicious third party, it is possible to reliably prevent the leakage of input data input to the communication terminal by other users. Can be minimized.

  Furthermore, the communication terminal according to the present invention shares relatively large input data such as inspection record information input from the terminal operation unit and image data input from the imaging unit with a common key cryptosystem having a low processing load. Encrypt using a key, and encrypt the common key, which is relatively small data used to encrypt these input data, using a public key with a safer public key cryptosystem with a large processing load . Therefore, high confidentiality of input data can be ensured while suppressing the load on the communication terminal.

  Furthermore, according to the present invention, input of input data such as image data by the photographing unit can be prohibited when the public key is not stored in the terminal storage unit. Therefore, it is possible to prevent highly confidential input data such as image data input from the imaging unit from being stored in the terminal storage unit without being encrypted, and high confidentiality of input data such as image data. Can be secured.

  In addition, the communication terminal according to the present invention deletes the transmitted encrypted data and encryption key from the terminal storage unit when the encrypted data and encryption key stored in the terminal storage unit have been transferred to the center device. . Therefore, since the period during which the encrypted data is stored in the terminal storage unit is limited, input data such as image data may be leaked unless a malicious third party obtains the secret key in an extremely short time. Therefore, the confidentiality of the input data can be further improved.

  The preferred embodiments of the present invention have been described above, but the present invention is not limited to these embodiments. For example, the communication terminal may be configured to transmit a power-on notification signal indicating that the power is turned on to the center device when the power is turned on. In this case, the center device may be configured to generate a key pair of a public key and a secret key with the reception of the power-on notification signal from the communication terminal as the timing when the use of the communication terminal is started. Further, the communication terminal may erase the public key stored in the terminal storage unit when the power is turned off. And a communication terminal may be comprised so that the power-off notification signal which shows that the power supply was cut | disconnected at the time of a power-off may be transmitted to a center apparatus. In this case, the center device may delete the secret key stored in the center storage unit at the timing when the use of the communication terminal ends when the power-off notification signal is received.

  In the above-described embodiment, the encryption key used for the encryption processing of the input data is changed for each work of the user. For example, the center device generates a new encryption key for each work performed by the user during work. May be. In this case, for example, the communication terminal may be configured to transmit a work start signal indicating the start of work to the center device when the security guard selects a security work to be performed by the terminal operation unit. In addition, the communication terminal may transmit a job start signal to the center device when the current time is the start time of each security job indicated by the security schedule. The center device can generate a key pair of a public key and a secret key with the reception of the security service start signal as a timing when the use of the communication terminal is started.

  In the above-described embodiment, an example is described in which a security guard inputs work start to a communication terminal and transmits a work start signal from the communication terminal to the center apparatus. It is not limited to. For example, a security guard inputs work start to a communication device that is different from a communication terminal such as a personal computer installed at the office where he / she works. You may make it input the terminal ID of a terminal and transmit a work start signal from this communication apparatus to a center apparatus.

  Furthermore, in the above embodiment, the communication terminal used by the security guard for the security service in the security system has been described. However, the communication terminal according to the present invention includes other things such as building cleaning and maintenance, various equipment inspection, maintenance and repair, etc. May be used in other businesses. In this case, information relating to a work execution record, work progress, and the like may be input to the communication terminal as input data from the terminal operation unit.

DESCRIPTION OF SYMBOLS 1 Security system 2 Communication terminal 21 Terminal operation part 22 Image | photographing part 23 Terminal display part 24 Terminal communication part 25 Terminal memory | storage part 26 Terminal control part 261 Terminal key generation part 262 Recording encryption part 263 Image encryption part 264 Terminal decryption part 3 Center Device 31 Center operation unit 32 Center display unit 33 Center communication unit 34 Center storage unit 35 Center control unit 351 Center key generation unit 352 Center decryption unit 4 Security device 5 Communication network 51 Network 52 Router 53 Access point 54 Mobile phone network 55-57 base station

Claims (12)

A communication system having a communication terminal having a terminal operation unit and a photographing unit, and a center device capable of communicating with the communication terminal,
The center device is
A center key generation unit for generating a pair of public key and secret key of the public key cryptosystem;
A center communication unit that transmits the public key to the communication terminal;
A center storage unit for storing the secret key,
The communication terminal is
A terminal communication unit that receives the public key from the center device;
A first encryption unit that encrypts input data input from the terminal operation unit using a first common key of a common key cryptosystem;
A terminal key generator for generating a second common key of the common key cryptosystem;
The image data acquired by the photographing unit is encrypted with the second common key to be encrypted data, and the second common key is encrypted with the public key to be an encryption key. Two encryption units;
A terminal storage unit for storing the data encrypted by the first encryption unit, and storing the encrypted data encrypted by the second encryption unit and the encryption key in association with each other; A communication system comprising: The center key generation unit further generates the first common key,
The center communication unit further transmits the first common key to the communication terminal,
The communication system according to claim 1, wherein the terminal communication unit further receives the first common key from the center device.   The communication system according to claim 1, wherein the terminal key generation unit further generates the first common key.   The communication system according to any one of claims 1 to 3, wherein the terminal key generation unit generates the second common key when image data is acquired by the photographing unit.   The terminal key generation unit generates a first predetermined number of the second common keys, and unused unused ones of the generated first predetermined number of common keys are not used by the second encryption unit. When the number of second common keys falls below a second predetermined number that is smaller than the first predetermined number, the second common key is newly added until the second common key reaches the first predetermined number. The communication system according to any one of claims 1 to 4, wherein a common key is generated. The terminal operation unit inputs user authentication information of the user,
The center key generation unit generates the pair of public key and secret key when the center communication unit receives the user authentication information from the communication terminal as a timing when the use of the communication terminal is started. The communication system according to any one of claims 1 to 5.   The said communication terminal further has a terminal control part which prohibits acquisition of the said image data by the said imaging | photography part, when the said public key is not memorize | stored in the said terminal memory | storage part. The communication system described. The terminal communication unit transmits the encrypted data and the encryption key stored in the terminal storage unit to the center device,
The terminal control unit causes the terminal storage unit to erase the encrypted data and the encryption key that the terminal communication unit has completed transmission,
The center communication unit receives the encrypted data and the encryption key from the communication terminal,
The center device decrypts the received encryption key using the secret key stored in the center storage unit to form the second common key, and receives the received encryption key using the decrypted second common key. The communication system according to claim 7, further comprising a decryption unit that decrypts the encrypted data. A communication method performed by a communication terminal having a terminal operation unit and a photographing unit, and a center device capable of communicating with the communication terminal,
The center device is
Generating a pair of public and private keys for public key cryptography;
Transmitting the public key to the communication terminal;
Storing the secret key in a center storage unit,
The communication terminal is
Receiving the public key from the center device;
Encrypting input data inputted from the terminal operation unit using a first common key of a common key cryptosystem;
Generating a second common key of the common key cryptosystem;
Encrypting the image data acquired by the photographing unit with the second common key to be encrypted data, and encrypting the second common key with the public key to be an encryption key When,
The data encrypted by the first encryption unit is stored in a terminal storage unit, and the encrypted data encrypted by the second encryption unit and the encryption key are associated with each other in the terminal And a step of storing the data in a storage unit. A communication program executed by a communication terminal having a terminal operation unit and a photographing unit and capable of communicating with the center device,
A procedure of encrypting input data input from the terminal operation unit using a first common key of a common key cryptosystem;
A procedure for generating a second common key of the common key cryptosystem;
The image data acquired by the photographing unit is encrypted using the second common key to obtain encrypted data, and the second common key is obtained using the public key of the public key cryptosystem received from the center device. To encrypt the password into an encryption key,
The data encrypted by the first encryption unit is stored in a terminal storage unit, and the encrypted data encrypted by the second encryption unit and the encryption key are associated with each other in the terminal A communication program that causes a control unit of the communication terminal to execute a procedure to be stored in a storage unit. A communication terminal having a terminal operation unit and a photographing unit and capable of communicating with a center device,
A terminal communication unit that receives a public key of a public key cryptosystem from the center device;
A first encryption unit that encrypts input data input from the terminal operation unit using a first common key of a common key cryptosystem;
A terminal key generator for generating a second common key of the common key cryptosystem;
The image data acquired by the photographing unit is encrypted with the second common key to be encrypted data, and the second common key is encrypted with the public key to be an encryption key. Two encryption units;
A terminal storage unit for storing the data encrypted by the first encryption unit, and storing the encrypted data encrypted by the second encryption unit and the encryption key in association with each other; And a communication terminal. The terminal key generation unit generates the second common key when image data is acquired by the photographing unit,
The communication terminal according to claim 11, wherein the second encryption unit deletes the second common key when the image data is encrypted using the second common key.

Images