WO2013065545A1 - Data sharing system - Google Patents

Data sharing system Download PDF

Info

Publication number
WO2013065545A1
WO2013065545A1 PCT/JP2012/077462 JP2012077462W WO2013065545A1 WO 2013065545 A1 WO2013065545 A1 WO 2013065545A1 JP 2012077462 W JP2012077462 W JP 2012077462W WO 2013065545 A1 WO2013065545 A1 WO 2013065545A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
divided data
divided
server
pieces
Prior art date
Application number
PCT/JP2012/077462
Other languages
French (fr)
Japanese (ja)
Inventor
佐藤 敦
壮一 最首
Original Assignee
株式会社野村総合研究所
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社野村総合研究所 filed Critical 株式会社野村総合研究所
Publication of WO2013065545A1 publication Critical patent/WO2013065545A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution

Definitions

  • the present invention relates to a technique for sharing data among a plurality of users, and in particular, based on divided data generated from a target original data by a secret sharing method and distributed and stored in a plurality of servers and the like, the other users share the original data.
  • the present invention relates to a technology that is effective when applied to a data sharing system that shares original data by restoration.
  • the risk of information leakage due to loss of the terminal due to the so-called thin client that stores data including important data in the terminal in an external data center or server where security measures are taken It is conceivable to reduce.
  • the important data is not stored in an external server or the like as it is, but for example, the so-called secret sharing technique described in Non-Patent Document 1 or the like is used, and the important data alone is meaningless. It has also been proposed to divide into non-important data (important data cannot be restored / inferred) and store these non-important data in a plurality of external servers. Thereby, for example, the risk of information leakage can be reduced even in the case of storage in a virtual data center or virtual server in a cloud computing environment.
  • each user individually manages the divided data. It leads to a decrease in convenience. For example, it is necessary for the user to know the number of divided data generated from the original data, each file name, on which server each divided data is stored, and to restore the original data. It is difficult to force the user to operate by specifying a server or the like in which each piece of divided data is stored.
  • the system performs processing such as secret sharing processing (processing for dividing and restoring original data) that is performed when the original data is stored and referenced, distributed storage of generated divided data, and collection of divided data. It is automatically performed to conceal parts related to these processes from the user.
  • secret sharing processing processing for dividing and restoring original data
  • an information processing apparatus that performs secret sharing processing for dividing user original data into a plurality of divided data, such as a client terminal of each user or a specific management server such as a file server, which server or the like Management information including the location information indicating whether or not it has been stored (hereinafter, sometimes referred to as “distributed management information”) is stored.
  • the distributed management information is associated with, for example, a dummy file representing the original data, and the user performs operations such as reference and editing on the dummy file.
  • the information processing apparatus Upon receiving an operation request for the original data from the user via the dummy file, the information processing apparatus refers to the distributed management information to identify the server where the necessary divided data is stored, and directly Access the server etc., collect the necessary divided data and restore the original data. As a result, the user can access the original data distributed and stored as a plurality of pieces of divided data by using an interface similar to a normal file operation.
  • Patent Document 1 stores tally folders A, B,... For storing tally files, a restoration destination folder for storing restoration files, and a tally object file by an information management computer.
  • a tally object folder, a tally engine folder containing a restoration engine program and a division engine program, and a tally parameter including information on a decoding boundary, which is a range that can be read by the tally application, are set as tally object files A, B,.
  • the tally file name / storage location and the object information of the restoration destination folder are stored in, the tally file is collected directly based on the tally file storage location and the decoding boundary, the restoration file is generated, and the restoration file is stored and opened.
  • Distributed information file management means for restoring efficiently locate and original data to prevent file is described.
  • the original data is divided into a plurality of divided data by secret sharing, and these are distributed and stored, so that the original data can be securely stored while increasing the availability.
  • the original data distributed and stored in the server or the like as a plurality of divided data is shared in the same manner as when sharing a normal file with other users by placing it on a file server or the like instead of on a local client terminal. There may naturally be a desire to share with other users.
  • the distribution management information and dummy files generated when the original data is divided by the secret sharing method for example, the tally object file in the example described in Patent Document 1
  • the creator of the original data and the sharer Sync online with or offline.
  • the sharer can collect necessary divided data based on the synchronized distributed management information, and can restore and refer to the original data.
  • the distributed management information held by each sharer specifies different versions of divided data for the same original data. Therefore, for example, a sharer other than the sharer who performed the edit cannot grasp that the edit has been performed, and the original data before the edit even if the original data is restored based on the distributed management information that the sharer has. Is restored, and the consistency of the original data among the sharers cannot be maintained. In order to solve this problem, it is necessary to perform processing such as re-synchronizing the distributed management information corresponding to the original data after editing between the sharers.
  • an object of the present invention is to divide original data into a plurality of divided data by a secret sharing method and distribute the original data in a plurality of servers etc. to securely store the original data among a plurality of users.
  • An object of the present invention is to provide a data sharing system that enables processing of editing and updating original data without requiring resynchronization processing for distributed management information and the like when sharing data.
  • a data sharing system is connected to a plurality of servers having storage devices and the servers via a network, and the original data is divided into (n + 1) pieces of divided data by a secret sharing method.
  • a data sharing system having a first information processing apparatus that divides and stores n pieces of the divided data in the storage devices of the n servers, respectively, and has the following characteristics: is there.
  • the first information processing apparatus divides the original data into n first divided data and one second divided data by a secret sharing method, and the second divided data is divided into the first divided data.
  • the division processing unit includes:
  • the second divided data has the same value even when the contents of the original data are updated, and it is essential to use the second divided data when restoring the original data.
  • the server includes a distributed storage unit that stores the first divided data transmitted from the first information processing apparatus in a storage device.
  • a mechanism for securely storing original data by dividing the original data into a plurality of divided data by the secret sharing method and distributing and storing them in a plurality of servers or the like.
  • the original data is shared among a plurality of users, it becomes possible to perform editing and update processing on the shared original data without requiring resynchronization processing for the distributed management information and the like.
  • the original data is divided into a plurality of divided data by the secret sharing method, and these are distributed and stored, so that the original data can be securely stored while increasing the availability.
  • the reference data is not edited or updated, only normal file sharing As in the case of, it can be realized relatively easily.
  • the distribution management information and dummy files generated when the original data is divided by the secret sharing method are synchronized online or offline between the creator of the original data and the sharer. Accordingly, the sharer can collect necessary divided data based on the synchronized distributed management information, and can restore and refer to the original data.
  • FIG. 7 is a diagram showing an outline of an example in the case of sharing with editing and updating of original data in the conventional technique.
  • n pieces of original data 150a for example, by (k, n) threshold secret sharing method
  • 7 is divided into four pieces) divided data 152a (version 1), and these are distributed and stored in n servers 200.
  • a plurality of divided data 152a is illustrated as being stored together in the server 200, but in reality, each divided data 152a is distributed and stored on n different servers 200.
  • the client terminal A (100a) specifies each divided data 152a corresponding to the original data 150a, and generates distributed management information 151a (version 1) including information relating to the location of each divided data 152a.
  • the distributed management information 151a may be associated with a dummy file (for example, a so-called shortcut or alias for the original data 150a) corresponding to the original data 150a.
  • the distributed management information 151a is synchronized with another client terminal B (100b).
  • the distributed management information 151a can be transmitted to the client terminal B (100b) via the network 300 and synchronized online, or can be manually transferred to the user of the client terminal B (100b) and synchronized offline. .
  • the client terminal B (100b) that has synchronized the distributed management information 151a
  • the client terminal B (100b) refers to the distributed management information 151a based on a request from the user or the like, and is k or more from the server 200 in which each divided data 152a is stored.
  • the divided data 152a is acquired and collected. Further, the original data 150a is restored by the (k, n) threshold secret sharing method based on the collected k or more pieces of divided data 152a.
  • the user of the client terminal B (100b) edits or updates the original data 150a with a predetermined application or the like to obtain the edited original data 150b (version 2).
  • the original data 150b is divided into n (four in the example of FIG. 7) divided data 152b (version 2) by, for example, the (k, n) threshold secret sharing method.
  • n servers 200 may be partly or entirely different from the n servers 200 in which the divided data 152a (version 1) is stored.
  • the client terminal B (100b) specifies each divided data 152b corresponding to the original data 150b, and generates distributed management information 151b (version 2) including information related to the location of the divided data 152b.
  • the data sharing system edits and updates the original data 150 when dividing the original data 150 into the plurality of divided data 152 by the (k, n) threshold secret sharing method or the like. Even if the contents are changed by performing the above, each divided data 152 is generated so that one divided data always has the same value every time, and it is essential to use the divided data at the time of restoration.
  • the essential divided data generated to have the same value every time (hereinafter may be referred to as “fixed divided data”) is not distributedly stored in the server 200 but secretly stored in this embodiment.
  • the original data 150 is held on each client terminal 100 divided into divided data 152 by distributed processing, and the original data 150 is shared among a plurality of users.
  • each server does not require the resynchronization processing of the distributed management information 151 accompanying the editing or updating of the original data 150.
  • the corresponding divided data 152 (that is, the latest version of the divided data 152) is collected from 200, and the latest version of the original data 150 can be restored.
  • FIG. 2 is a diagram showing an outline of an example in the case of sharing with editing or updating of original data in the data sharing system according to an embodiment of the present invention.
  • the original data 150a version 1
  • the client terminal A 100a
  • the (k, n) threshold secret sharing method etc.
  • the original data 150a is divided into n (three in the example of FIG. 2) divided data 152a (version 1) and one fixed divided data 153 (n + 1) in total (FIG. 2).
  • the data is divided into four pieces).
  • the fixed divided data 153 is generated so as to have the same value every time even when the content is changed by editing or updating the original data 150a, and the original data 150a is restored.
  • the divided data is indispensable to use the divided data.
  • FIG. 3 is a diagram showing an outline of an example of the original data dividing method in the present embodiment.
  • the original data 150 is divided into two data.
  • (2, 2) threshold value secret sharing is used to divide the original data 150 so that it is essential to use both of these two data.
  • one of the two data obtained by the division is set as fixed division data 153, and the other data (intermediate data 154) is further restored by the (k, n) threshold secret sharing method or the like.
  • the data is divided into n pieces (three pieces in the example of FIG. 3) that need k pieces or more.
  • a total of (n + 1) pieces of divided data of n pieces of divided data 152 and one piece of fixed divided data 153 can be obtained so that the fixed pieces of divided data 153 are essential when the original data 150 is restored.
  • the dividing method of the original data 150 is not limited to the above method, and other methods can be used.
  • n pieces of divided data 152a generated by the above procedure are distributed and stored in a plurality of servers 200.
  • a plurality of pieces of divided data 152 a are illustrated as being stored together in the server 200, but in reality, each piece of divided data 152 a is stored on n different servers 200. Shall be distributed and stored.
  • the client terminal A (100a) holds the fixed divided data 153.
  • the fixed division data 153 may be associated with a dummy file corresponding to the original data 150a (for example, a so-called shortcut or alias for the original data 150a).
  • the fixed division data 153 is synchronized with the other client terminal B (100b).
  • the fixed division data 153 can be transmitted to the client terminal B (100b) via the network 300 and synchronized online, or can be manually passed to the user of the client terminal B (100b) and synchronized offline. . If the client terminal B (100b) already has the fixed divided data 153 due to synchronization in the past or the like, the resynchronization process is unnecessary.
  • the client terminal B (100b) that has synchronized the fixed divided data 153 acquires and collects k or more corresponding divided data 152a from each server 200 based on the fixed divided data 153 based on a request from the user or the like. . Further, the original data 150a is restored based on the collected k or more pieces of divided data 152a and one fixed divided data 153 held by itself.
  • the intermediate data 154 is restored from the collected k or more pieces of divided data 152a by the (k, n) threshold secret sharing method. Further, the original data 150a is restored from the intermediate data 154 and the fixed divided data 153 by the (2, 2) threshold secret sharing method.
  • the user of the client terminal B edits or updates the original data 150a with a predetermined application or the like to obtain the edited original data 150b (version 2).
  • n pieces of original data 150b three pieces in the example of FIG. 2
  • one piece of divided data 152b version 2 are divided by the dividing method shown in FIG. 3, for example.
  • the value of the fixed division data 153 is unchanged from the value of the fixed division data 153 of the version before editing as described above.
  • the generated n pieces of divided data 152b are distributed and stored in the n servers 200.
  • the n servers 200 here may be partly or entirely different from the n servers 200 in which the divided data 152a (version 1) is stored.
  • the client terminal B (100b) holds the fixed divided data 153.
  • the fixed division data 153 may be associated with a dummy file or the like corresponding to the original data 150b.
  • the content of the fixed division data 153 is the same as that in the client terminal B (100b).
  • the latest latest divided data 152b (version 2) corresponding to the stored fixed divided data 153 is identified and collected based on the held fixed divided data 153 without the need for resynchronization processing, and the latest original data 150b (version 2) is collected. It is possible to restore. For this purpose, it is necessary to delete the old version of the divided data 152a in each server 200. That is, generation management cannot be performed, and it is necessary that each server 200 always has the latest version of the divided data 152.
  • FIG. 1 is a diagram showing an outline of a configuration example of a data sharing system according to an embodiment of the present invention.
  • a plurality of client terminals 100 sharing the original data 150 two in the example of FIG. 1, client terminal A (100 a) and client terminal B (100 b)) and a plurality of servers 200 are connected to the Internet or the like.
  • the client terminal 100 is an information processing apparatus such as a PC or a portable terminal that is used by the user to create, edit, and store original data 150 including important data.
  • the division processing unit 110 (110a, b), the distributed processing unit 120 (120a, b), the restoration processing unit 130 (130a, b), and the interface unit 140 (140a, b) implemented by the software program that operates on the above. Etc. have each part.
  • the above-described fixed divided data 153 generated from the original data 150 by the division processing unit 110 is held on a storage device such as an HDD (Hard Disk Disk Drive) (not shown).
  • HDD Hard Disk Disk Drive
  • the division processing unit 110 uses, for example, the (k, n) threshold secret sharing as illustrated in the example of FIG. 3 for the original data 150 instructed to be securely stored by the user via the interface unit 140 described later.
  • a total of (n + 1) pieces of n pieces of divided data 152 distributedly stored in each server 200 and one fixed piece of divided data 153 held on the client terminal 100 in accordance with a predetermined procedure using a method (k ⁇ n) or the like Divide into the divided data.
  • the secret sharing algorithm is not particularly limited, and a known method can be used. However, as shown in the example of FIG. 3, even if editing or updating is performed on certain original data 150, the same value is used each time. In addition, it has a function of generating one piece of fixed divided data 153 that is essential when the original data 150 is restored.
  • the function of generating the fixed divided data 153 having the same value every time can be realized relatively easily.
  • the value of a In this straight line, the data obtained based on the specific coordinate is set as fixed division data 153, and the intermediate data 154 which is the other data is determined based on the coordinates of one other point on the randomly selected straight line. be able to.
  • the fixed divided data 153 is generated so that the same value is obtained every time the original data 150 is edited or updated, but the same is applied to different original data 150.
  • the fixed division data 153 may be generated so as to be a value. That is, you may make it produce
  • the distributed processing unit 120 transmits, for example, each of the n pieces of divided data 152 generated from the original data 150 by the divided processing unit 110 to each server 200 according to a predetermined condition based on the contents of setting information (not shown) to be distributed and stored.
  • the setting information includes, for example, access information (IP address, host name, etc.) for each server 200 that is a distributed storage destination, and a criterion for selecting n servers 200 when there are more than n servers 200.
  • information such as the priority of the server 200, an ordered list, a rotation method, and the like can be set in advance by a file, a registry, or the like.
  • the distributed processing unit 120 restores the original data 150 from each server 200 based on a request from the restoration processing unit 130 when restoring the original data 150 by the restoration processing unit 130 described later.
  • the divided data 152 (k ⁇ m ⁇ n) is collected and transferred to the restoration processing unit 130.
  • each server 200 has the corresponding divided data 152 based on the fixed divided data 153 corresponding to the original data 150. It is collected from each server 200 having this by inquiring whether or not it exists.
  • n divided data 152 cannot be stored in each server 200 when the divided data 152 is distributed and stored due to a failure of the server 200 or the like, or more than k when the divided data 152 is collected. If the data cannot be collected, an error may be returned to the user. Further, when transmitting / receiving the divided data 152 to / from each server 200, the client terminal 100 and each server 200 perform transmission / reception after performing predetermined encryption on the divided data 152, thereby causing information leakage. This risk may be further reduced.
  • the restoration processing unit 130 stores k or more pieces of divided data 152 that are necessary for restoring the original data 150 instructed to be used for reference or editing by the user via the interface unit 140.
  • the request is acquired from the distributed processing unit 120.
  • the original data 150 is restored according to a predetermined procedure from the acquired k or more pieces of divided data 152 and one fixed divided data 153 held by itself.
  • the original data 150a is restored by the reverse procedure of the division method using the (k, n) threshold secret sharing method (k ⁇ n) as shown in the example of FIG.
  • the interface unit 140 has a user interface such as a screen display in the client terminal 100 and an input / output function such as data transmission / reception.
  • the user can use the functions of the client terminal 100 by using, for example, a file management screen of a general OS.
  • the division processing unit 110 and the distribution processing unit 120 automatically divide the important data as original data 150 into n division data 152 and one fixed division data 153, and each division data 152 or The fixed divided data 153 can be distributed and stored in each server 200 or the like without making the user aware of it.
  • the original data 150 is deleted from the client terminal 100, but the fixed divided data 153 can be specified corresponding to the original data 150, for example, so as not to make the user aware of it on the file management screen.
  • a dummy file or the like may be created and left.
  • the user performs operations such as reference and editing on the original data 150 by performing operations on the dummy file of the original data 150 managed in a specific folder on the file management screen.
  • the distributed processing unit 120 and the restoration processing unit 130 automatically m (k ⁇ m) from each server 200 based on the fixed division data 153 specified by the dummy file or the like.
  • ⁇ n) corresponding divided data 152 can be collected, and the original data 150 can be restored from these and the fixed divided data 153 and made available to the user.
  • the fixed divided data 153 generated from the original data 150 at the client terminal A (100a) is synchronized with the other client terminal 100B (100b) online or offline, and the client terminal B ( 100b), a dummy file or the like for the fixed divided data 153 is newly generated.
  • the client terminal B (100b) it is possible to perform operations such as reference and editing on the corresponding original data 150 by the same operation via the dummy file or the like, and the client terminal A (100a) and the original The data 150 can be shared.
  • the fixed divided data 153 may be used as it is, and the original data 150 may be restored and made available to the user in response to an operation instruction from the user.
  • each client terminal 100 individually performs processing such as division and restoration of the original data 150 by the secret sharing method, distributed storage in each server 200, etc. This process may be executed collectively on a specific server such as a file server that stores the original data 150.
  • each client terminal 100 has a configuration including both the division processing unit 110 and the restoration processing unit 130.
  • the configuration may include only one of the units 130 (the division processing unit 110 and the restoration processing unit 130 may be present in at least one client terminal 100, respectively).
  • the client terminal A (100a) that performs distributed storage of the original data 150 has only the division processing unit 110a
  • the client terminal B (100b) that restores and references the original data 150 has only the restoration processing unit 130b.
  • the functions of the distributed processing unit 120 can also be configured to have only portions corresponding to the respective functions of division (distributed storage of the divided data 152) and restoration (collection of the divided data 152).
  • the server 200 is an information processing apparatus having a storage device such as an HDD (not shown) that can store the divided data 152 transmitted from the client terminal 100, and includes, for example, a file server or a storage server. Moreover, the data center which has these information processing apparatuses may be sufficient. Further, it may be a virtual server or a virtual data center by a cloud computing service.
  • a storage device such as an HDD (not shown) that can store the divided data 152 transmitted from the client terminal 100
  • the data center which has these information processing apparatuses may be sufficient. Further, it may be a virtual server or a virtual data center by a cloud computing service.
  • the server 200 includes, for example, a distributed storage unit 210 that is implemented by a software program that runs on an OS (not shown).
  • the distributed storage unit 210 stores the divided data 152 transmitted from the client terminal 100 in the storage device. Further, in response to the inquiry about the divided data 152 from the client terminal 100, whether or not the divided data 152 corresponding to the designated fixed divided data 153 is stored is searched, and the corresponding divided data 152 is stored. In this case, the divided data 152 is returned to the client terminal 100. At this time, the divided data 152 may be deleted from the storage device (the old version of the divided data 152 is not left).
  • each stored divided data 152 corresponds to the designated fixed divided data 153. It can be applied as appropriate. For example, when the original data 150a is divided into the fixed divided data 153 and the divided data 152a by the secret sharing method at the client terminal A (100a), the original data 150 added to the header of the fixed divided data 153 and each divided data 152a, etc.
  • the divided data 152 having the same file ID as the fixed divided data 153 can be searched based on information such as the file ID for identifying the file.
  • FIG. 4 is a diagram showing an outline of an example of the flow of processing when the original data 150 is stored in the client terminal 100.
  • the original data 150 is divided into a plurality of divided data by the secret sharing method by the division processing unit 110a.
  • the data is divided into 152 and one fixed divided data 153 (S01).
  • the data is divided into a total of (n + 1) pieces of divided data including n pieces of divided data 152 and one fixed piece of divided data 153 by the procedure shown in the example of FIG.
  • the distributed processing unit 120a transmits n pieces of divided data 152 to each of n different servers 200 determined based on a predetermined rule (S02).
  • FIG. 4 shows an example in which the divided data 152 is transmitted to each server 200 including the server A (200a) and the server B (200b).
  • Each server 200 that receives the divided data 152 stores the received divided data 152 in the storage device by the distributed storage unit 210 (S03), and returns the processing result to the client terminal A (100a).
  • the distributed processing unit 120a determines whether all the n pieces of divided data 152 have been normally stored in the server 200 (S04). Here, if any one of the n pieces of divided data 152 cannot be stored normally, an error may be notified to the user via the interface unit 140a. At this time, the series of processes described above may be rolled back. In addition, even when there is divided data 152 that has not been normally stored, if the storage of k or more divided data 152 has been completed normally, the intermediate data 154 and the original data 150 can be restored, and an error will occur. You may not make it.
  • the division processing unit 110a stores the fixed division data 153 generated in step S01 in a storage device or the like (S05). At this time, a dummy file that can specify the fixed divided data 153 corresponding to the original data 150 may be generated.
  • the divided data 152 distributed and stored in each server 200 may be deleted from the storage device of the client terminal A (100a). Moreover, you may make it synchronize (transmit) the fixed division
  • FIG. 5 is a diagram showing an outline of an example of a processing flow when the original data 150 is restored in the client terminal 100.
  • the user references (edits or updates) the original data 150 by operating the dummy file via the interface unit 140b.
  • the restoration processing unit 130b acquires the fixed divided data 153 corresponding to the target original data 150 from the storage device (S11).
  • the corresponding fixed divided data 153 is specified and acquired based on information such as a dummy file operated by the user.
  • the distributed processing unit 120b inquires of each server 200 whether or not the divided data 152 corresponding to the fixed divided data 153 is held (S12).
  • an inquiry message is broadcast to each server 200 (or multicasted to servers 200 within a predetermined range).
  • FIG. 5 shows an example in which an inquiry message is broadcast (or multicast) to each server 200 including the server A (200a) and the server B (200b).
  • the distributed storage unit 210 searches whether the divided data 152 corresponding to the fixed divided data 153 is held (S13). For example, as described above, the file ID is the same as that of the fixed divided data 153 based on information such as the file ID for identifying the original data 150 added to the fixed divided data 153 and the header of each divided data 152. The divided data 152 is searched.
  • the corresponding divided data 152 when the corresponding divided data 152 is included as in the server A (200a), it is transmitted to the client terminal B (100b) (S14). On the other hand, when the corresponding divided data 152 is not included as in the server B (200b), the fact may be transmitted to the client terminal B (100b).
  • the distributed processing unit 120b determines whether or not the number m of the divided data 152 that can be collected is equal to or greater than the number required to restore the original data 150 (S15). For example, when the original data 150 is divided according to the procedure shown in FIG. 3 as in the present embodiment, the number m of pieces of divided data 152 that can be collected is determined by the (k, n) threshold secret sharing method. It is necessary that the number is k or more necessary for restoring the data 154. Here, if k or more pieces of divided data 152 cannot be collected, an error may be notified to the user via the interface unit 140b.
  • the restoration processing unit 130b uses the collected pieces of k or more pieces of divided data 152 and the fixed divided data 153 acquired in step S11, for example, as shown in the example of FIG.
  • the original data 150 is restored by the reverse procedure of the division method using the (k, n) threshold secret sharing method (k ⁇ n) or the like (S16).
  • the original data 150 restored here is the latest version as shown in FIG.
  • the original data 150 is presented to the user via the interface unit 140b, and the user can perform processing such as reference, editing, and updating.
  • the original data 150 When storing the original data 150 after being edited or updated, the original data 150 is again divided by secret sharing and the divided data 152 is sent to each server 200 by the series of processes shown in FIG. Distributed storage is performed. As a result, the user of the client terminal A (100a) also restores the latest version of the original data 150 based on the fixed division data 153 held by the client terminal A (100a), and refers to, edits, etc.
  • the original data 150 can be shared between the client terminal A (100a) and the client terminal B (100b).
  • the original data 150 is divided into the plurality of divided data 152 by the secret sharing method
  • the original data 150 is edited.
  • the fixed divided data 153 that always has the same value and is indispensable when the original data 150 is restored is generated.
  • the fixed divided data 153 is not stored in the server 200 in a distributed manner but is held on each client terminal 100 obtained by dividing the original data 150 into the divided data 152 by the secret sharing process and is shared among a plurality of users. .
  • each client terminal 100 collects the corresponding divided data 152 from each server 200 by using the fixed divided data 153 without requiring re-synchronization processing associated with editing or updating of the original data 150.
  • the latest version of the original data 150 can be restored, and sharing of the original data 150 can be realized.
  • the fixed division data 153 generated from the original data 150 by the secret sharing method is held on the client terminal 100 that has performed the secret sharing process.
  • the original data 150 can be shared with other users by synchronizing the fixed division data 153 with other users' client terminals 100 by individually transmitting / receiving them.
  • the data sharing system has a configuration in which the fixed divided data 153 is transmitted to a predetermined server and stored on the server.
  • a user who desires access to the original data 150 can restore the original data 150 in the same manner as in the first embodiment by acquiring the corresponding fixed divided data 153 from the server.
  • a user who has distributed and stored the original data 150 can share the original data 150 with a plurality of other users only by transmitting the fixed divided data 153 to the server once.
  • the load can be reduced. If the fixed divided data 153 is generated not only for the edit / update history of the same original data 150 but also for different types of original data 150 so as to have the same value, the reduction is further reduced. The effect can be enhanced.
  • FIG. 6 is a diagram showing an outline of a configuration example of the data sharing system according to the second embodiment of the present invention.
  • the fixed divided data storage server 400 is added to the network 300 as a predetermined server that stores the fixed divided data 153 transmitted from the client terminal 100. It has a configuration to be connected.
  • the fixed divided data storage server 400 is an information processing apparatus having a storage device such as an HDD (not shown) that can store the fixed divided data 153 transmitted from the client terminal 100, similar to the server 200, for example, a file server And a storage server.
  • the data center which has these information processing apparatuses may be sufficient. Further, it may be a virtual server or a virtual data center by a cloud computing service.
  • the fixed divided data storage server 400 includes, for example, a fixed divided data storage unit 410 and an authentication unit 420 that are implemented by a software program that runs on an OS (not shown).
  • the fixed divided data storage unit 410 stores the fixed divided data 153 transmitted from the client terminal 100 in the storage device.
  • the authentication unit 420 permits the authentication processing, the corresponding fixed division data 153 is transmitted to the client terminal 100.
  • the authentication unit 420 performs predetermined authentication processing such as user authentication and device authentication in response to an acquisition request for the fixed divided data 153 from the client terminal 410. Thereby, the access right to the fixed divided data 150 is controlled in accordance with the configuration in which the fixed divided data 150 is stored on the shared fixed divided data storage server 400.
  • the fixed divided data storage server 400 is provided separately from the server 200, but the function as the fixed divided data storage server 400 coexists for any one of the plurality of servers 200. You may make it make it. At this time, a different server 200 may be caused to function as the corresponding fixed divided data storage server 400 for each original data 150 (fixed divided data 153). In any configuration, it is assumed that each client terminal 100 holds destination information and the like for specifying and accessing the target fixed divided data storage server 400.
  • the client terminal 100 transmits the fixed divided data 153 to the fixed divided data storage server 400 and stores it using the distributed processing unit 120 or the like. Accordingly, as shown in FIG. 6, the client terminal 100 does not hold the fixed divided data 153, but the fixed divided data 153 generated or acquired from the fixed divided data storage server 400 is stored on the client terminal 100. You may make it hold
  • the fixed divided data storage server 400 is configured as a so-called “trusted third party (TTP)” such as a certificate authority, the certificate authority is always interposed when the original data 150 is restored. It is possible to improve security.
  • TTP trusted third party
  • the distributed processing unit 120a of the client terminal A (100a) transmits the fixed divided data 150 to the fixed divided data storage server 400 in the same manner as the processing of steps S02 to S04 for the divided data 152.
  • the fixed divided data storage unit 410 stores the received fixed divided data 150 in a storage device, and returns a processing result to the client terminal A (100a).
  • the distributed processing unit 120a determines whether or not the fixed divided data 153 is normally stored in the fixed divided data storage server 400. If the fixed division data 153 cannot be stored normally, an error may be notified to the user via the interface unit 140a. At this time, a series of processes up to that time may be rolled back.
  • the process of step S11 acquires the fixed divided data 150 from the fixed divided data storage server 400. It becomes processing to do. That is, on the client terminal B (100b), when the user instructs reference to the original data 150 by an operation on the dummy file via the interface unit 140b, for example, this is handled based on information such as the dummy file operated by the user.
  • the fixed division data 153 is specified.
  • the distributed processing unit 120b accesses the fixed divided data storage server 400 that stores the specified fixed divided data 153 and requests acquisition of the fixed divided data 153.
  • the authentication unit 420 performs a predetermined authentication process, and when permitted, the fixed divided data storage unit 410 transmits the fixed divided data 153 to the client terminal B (100b).
  • the distributed processing unit 120b of the client terminal B (100b) transfers the acquired fixed divided data 153 to the restoration processing unit 130b.
  • the subsequent processes in steps S12 to S16 are the same as in the example of FIG.
  • an error may be notified to the user via the interface unit 140b of the client terminal B (100b).
  • the fixed divided data storage server 400 is transmitted by sending the fixed divided data 153 to the fixed divided data storage server 400 and stored therein. This is shared among a plurality of users via a network. As a result, a user who has distributed and stored the original data 150 can share the original data 150 with a plurality of other users only by transmitting the fixed divided data 153 to the fixed divided data storage server 400 once. It becomes possible to reduce work load and network load. In addition, when the fixed divided data 153 is generated so as to have the same value not only with respect to the edit / update history of the same original data 150 but also with different types of original data 150, Further, the reduction effect can be enhanced.
  • the present invention relates to a data sharing system in which original data is shared by other users restoring original data based on divided data generated from a target original data by a secret sharing method and distributed and stored in a plurality of servers. Is available.
  • Data sharing system 100 (100a, b) ... Client terminal, 110 (110a, b) ... Split processing unit, 120 (120a, b) ... Distributed processing unit, 130 (130a, b) ... Restoration processing unit, 140 (140a, b) ... Interface unit, 150 (150a, b) ... Original data, 151 (151a, b) ... Distributed management information, 152 (152a, b) ... Divided data, 153 ... Fixed divided data, 154 ... Intermediate data, 200 ... server, 210 ... distributed storage unit, 300 ... Network, 400: fixed divided data storage server, 410: fixed divided data storage unit, 420: authentication unit.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

A data sharing system can perform processes such as editing on the original data shared among a plurality of users in a mechanism that divides the original data into a plurality of data divisions by a secret sharing scheme and saves the data in a distributed manner on a plurality of servers. A representative embodiment of the present invention has a plurality of servers (200) and a client terminal (100) that divides the original data into (n+1) data divisions by the secret sharing scheme, and saves n data distributed on n servers (200). The client terminal (100) has a division processor (110) that divides the original data into n data divisions (152) and one fixed data division (153), and stores the fixed data division (153) on the client terminal (100), and a distributed processor (120) to transmit n data divisions (152) to n servers (200). The division processor (110) generates the fixed data division (153) so that the value is the same even when the content of the original data was updated, and becomes essential when decoding the original data.

Description

データ共有システムData sharing system
 本発明は、複数ユーザによりデータを共有する技術に関し、特に、対象の元データから秘密分散法により生成され、複数のサーバ等に分散保管された分割データに基づいて、他のユーザが元データを復元することで元データを共有するデータ共有システムに適用して有効な技術に関するものである。 The present invention relates to a technique for sharing data among a plurality of users, and in particular, based on divided data generated from a target original data by a secret sharing method and distributed and stored in a plurality of servers and the like, the other users share the original data. The present invention relates to a technology that is effective when applied to a data sharing system that shares original data by restoration.
 近年では、情報セキュリティの観点から、ユーザが利用するPC(Personal Computer)等の情報処理装置において保持や処理されるファイル等のデータの取り扱いが重要視されている。特に、ノート型PCに加えて、ビジネス上での利用が拡がりつつあるいわゆるスマートフォンやタブレット型PCなどの携帯型端末では、これらの端末自体の盗難や紛失等に伴う情報漏洩のリスクを考慮する必要がある。 In recent years, from the viewpoint of information security, the handling of data such as files held and processed in information processing apparatuses such as PCs (Personal Computers) used by users has been regarded as important. In particular, in addition to notebook PCs, portable terminals such as so-called smartphones and tablet PCs that are increasingly used in business need to consider the risk of information leakage due to theft or loss of these terminals themselves. There is.
 これに対して、端末内の重要データを含むデータを、セキュリティ対策が施された外部のデータセンターやサーバ等に保管するようないわゆるシンクライアント化等により、端末の紛失等に伴う情報漏洩のリスクを低減することが考えられる。このとき、重要データをそのまま外部のサーバ等に保管するのではなく、例えば、非特許文献1等に記載されているようないわゆる秘密分散の技術を利用して、重要データをそれだけでは意味のない(重要データを復元・推測できない)非重要データに分割し、これら非重要データを外部の複数のサーバ等に分散保管するということも提案されている。これにより、例えば、クラウドコンピューティング環境における仮想データセンターや仮想サーバなどに保管するような場合においても情報漏洩のリスクを低減させることが可能である。 On the other hand, the risk of information leakage due to loss of the terminal due to the so-called thin client that stores data including important data in the terminal in an external data center or server where security measures are taken It is conceivable to reduce. At this time, the important data is not stored in an external server or the like as it is, but for example, the so-called secret sharing technique described in Non-Patent Document 1 or the like is used, and the important data alone is meaningless. It has also been proposed to divide into non-important data (important data cannot be restored / inferred) and store these non-important data in a plurality of external servers. Thereby, for example, the risk of information leakage can be reduced even in the case of storage in a virtual data center or virtual server in a cloud computing environment.
 また、秘密分散の技術により重要データを複数の分割データに分割した場合、分割データの一部が滅失した場合でも、所定の個数以上の分割データを集めることができれば元の重要データを復元できることから、データの可用性を向上させることもできる。例えば、いわゆる(k,n)閾値型の秘密分散により、重要データをn個の分割データに分割した場合、k個以上の分割データを集めることができれば重要データを復元することができる。換言すれば、(n-k)個までの分割データの滅失には耐えることが可能である。このような可用性の高さを利用して、分割データを遠隔地の複数の拠点に分散保管することで、災害対策も考慮したバックアップとして利用するということも検討されている。 In addition, when important data is divided into a plurality of divided data by a secret sharing technique, even if a part of the divided data is lost, the original important data can be restored if a predetermined number or more of divided data can be collected. Can also improve the availability of data. For example, when important data is divided into n pieces of divided data by so-called (k, n) threshold type secret sharing, the important data can be restored if k or more pieces of divided data can be collected. In other words, it is possible to withstand the loss of up to (n−k) pieces of divided data. Utilizing such high availability, it is also considered that the divided data is distributed and stored in a plurality of remote locations to be used as a backup considering disaster countermeasures.
 上記のように、元のデータを秘密分散の技術により分割して得られた複数の分割データを複数のサーバ等に分散保管する仕組みにおいて、各ユーザが分割データについての管理を個別に行うことは利便性の低下につながる。例えば、元データから生成された分割データの数やそれぞれのファイル名、各分割データがどのサーバ等に保管されているか、等のことをユーザが把握し、また、元データを復元する際に必要となる分割データを、各分割データが保管されているサーバ等を特定して取得するという運用をユーザに強いることは困難である。 As described above, in a mechanism in which a plurality of divided data obtained by dividing the original data by the secret sharing technique is distributed and stored in a plurality of servers, etc., each user individually manages the divided data. It leads to a decrease in convenience. For example, it is necessary for the user to know the number of divided data generated from the original data, each file name, on which server each divided data is stored, and to restore the original data. It is difficult to force the user to operate by specifying a server or the like in which each piece of divided data is stored.
 従って、通常は、元データの保管や参照の際に行われる秘密分散処理(元データの分割や復元の処理)や、生成された分割データの分散保管および分割データの収集等の処理をシステムが自動で行い、これらの処理に係る部分をユーザから隠蔽することが行われる。 Therefore, normally, the system performs processing such as secret sharing processing (processing for dividing and restoring original data) that is performed when the original data is stored and referenced, distributed storage of generated divided data, and collection of divided data. It is automatically performed to conceal parts related to these processes from the user.
 例えば、各ユーザのクライアント端末や、ファイルサーバ等の特定の管理サーバなど、ユーザの元データを複数の分割データに分割する秘密分散処理を行う情報処理装置において、生成した各分割データをどのサーバ等に保管したかという所在の情報を含む管理情報(以下では「分散管理情報」と記載する場合がある)を保持する。この分散管理情報は、例えば、元データを表象するダミーファイルなどと関連付けられており、ユーザはこのダミーファイルに対して参照や編集等の操作を行う。 For example, in an information processing apparatus that performs secret sharing processing for dividing user original data into a plurality of divided data, such as a client terminal of each user or a specific management server such as a file server, which server or the like Management information including the location information indicating whether or not it has been stored (hereinafter, sometimes referred to as “distributed management information”) is stored. The distributed management information is associated with, for example, a dummy file representing the original data, and the user performs operations such as reference and editing on the dummy file.
 ダミーファイルを介したユーザからの元データに対する操作要求等を受けて、情報処理装置は、分散管理情報を参照して必要な分割データがどのサーバ等に保管されているかを特定し、直接対象のサーバ等にアクセスして必要な分割データを収集して元データを復元する。これにより、ユーザは通常のファイル操作と同様のインタフェースを利用して、複数の分割データとして分散保管されている元データにアクセスすることができる。 Upon receiving an operation request for the original data from the user via the dummy file, the information processing apparatus refers to the distributed management information to identify the server where the necessary divided data is stored, and directly Access the server etc., collect the necessary divided data and restore the original data. As a result, the user can access the original data distributed and stored as a plurality of pieces of divided data by using an interface similar to a normal file operation.
 例えば、特開2007-213405号公報(特許文献1)には、情報管理コンピュータで、割符ファイルを納める割符フォルダA、B、・・と、復元ファイルを納める復元先フォルダと、割符オブジェクトファイルを納める割符オブジェクトフォルダと、復元エンジンプログラムと分割エンジンプログラムを納めた割符エンジンフォルダを備え、割符アプリケーションにそれが読込める範囲であるデコード境界の情報を含む割符パラメータを、割符オブジェクトファイルA、B、・・に割符ファイル名称・格納位置と復元先フォルダのオブジェクト情報を納め、割符ファイルの格納位置とデコード境界に基づいて割符ファイルを直接収集して復元ファイルを生成し、復元先フォルダに格納してオープンすることで、秘密分散法による分散ファイルを効率的に探し出して元データを復元する分散情報ファイル管理手段が記載されている。 For example, Japanese Patent Laid-Open No. 2007-213405 (Patent Document 1) stores tally folders A, B,... For storing tally files, a restoration destination folder for storing restoration files, and a tally object file by an information management computer. A tally object folder, a tally engine folder containing a restoration engine program and a division engine program, and a tally parameter including information on a decoding boundary, which is a range that can be read by the tally application, are set as tally object files A, B,. The tally file name / storage location and the object information of the restoration destination folder are stored in, the tally file is collected directly based on the tally file storage location and the decoding boundary, the restoration file is generated, and the restoration file is stored and opened. By the secret sharing method Distributed information file management means for restoring efficiently locate and original data to prevent file is described.
特開2007-213405号公報JP 2007-213405 A
 従来技術では、元データを秘密分散により複数の分割データに分割し、これらを分散保管することで、可用性を高めつつセキュアに元データを保管することが可能である。このとき、例えば、通常のファイルをローカルのクライアント端末上ではなくファイルサーバ等に置くことで他のユーザと共有するのと同様に、複数の分割データとしてサーバ等に分散保管されている元データを他のユーザと共有したいという要望が当然生じ得る。 In the prior art, the original data is divided into a plurality of divided data by secret sharing, and these are distributed and stored, so that the original data can be securely stored while increasing the availability. At this time, for example, the original data distributed and stored in the server or the like as a plurality of divided data is shared in the same manner as when sharing a normal file with other users by placing it on a file server or the like instead of on a local client terminal. There may naturally be a desire to share with other users.
 このとき、元データに対する編集や更新を行わない参照のみの共有であれば、通常のファイルの共有の場合と同様に、従来技術においても比較的容易に実現することができる。例えば、元データを秘密分散法により分割した際に生成される分散管理情報やダミーファイル等(例えば、特許文献1に記載された例では割符オブジェクトファイルなど)を、元データの作成者と共有者との間でオンラインもしくはオフラインで同期する。これにより、共有者は同期された分散管理情報に基づいて必要な分割データを収集し、元データを復元して参照することができる。 At this time, if only reference sharing is performed without editing or updating the original data, it can be realized relatively easily in the prior art as in the case of normal file sharing. For example, the distribution management information and dummy files generated when the original data is divided by the secret sharing method (for example, the tally object file in the example described in Patent Document 1) and the creator of the original data and the sharer Sync online with or offline. Accordingly, the sharer can collect necessary divided data based on the synchronized distributed management information, and can restore and refer to the original data.
 しかしながら、従来技術では、元データに対する編集や更新を伴う共有を整合性を維持しつつ実現することは困難である。例えば、上述のように分散管理情報等を複数のユーザ間で同期させることで共有する場合、共有者が同期された分散管理情報に基づいて元データを復元し、これに対して編集を行った後に再度秘密分散および分散保管の処理を行うと、新たに生成もしくは更新される分割データおよび分散管理情報はそれぞれ編集前のものとは異なるものとなる。また、システム構成によっては、各分割データが保管されるサーバ等の所在も、編集前とは異なるものとなり得る。 However, with the prior art, it is difficult to realize sharing with editing and updating of the original data while maintaining consistency. For example, when sharing distributed management information etc. by synchronizing multiple users as described above, the sharer restored the original data based on the synchronized distributed management information and edited this If secret sharing and distributed storage are performed again later, the newly generated or updated divided data and distributed management information will be different from those before editing. Further, depending on the system configuration, the location of a server or the like where each divided data is stored may be different from that before editing.
 すなわち、各共有者が有する分散管理情報は、同じ元データに対する異なるバージョンの分割データをそれぞれ特定することになる。従って、例えば、編集を行った共有者以外の他の共有者は、編集が行われたことを把握できず、自身が有する分散管理情報に基づいて元データを復元しても編集前の元データが復元されることになり、共有者間での元データの整合性が維持できなくなる。これを解消するためには、編集後の元データに対応する分散管理情報等を共有者間で再度同期させる等の処理が必要となってしまう。 That is, the distributed management information held by each sharer specifies different versions of divided data for the same original data. Therefore, for example, a sharer other than the sharer who performed the edit cannot grasp that the edit has been performed, and the original data before the edit even if the original data is restored based on the distributed management information that the sharer has. Is restored, and the consistency of the original data among the sharers cannot be maintained. In order to solve this problem, it is necessary to perform processing such as re-synchronizing the distributed management information corresponding to the original data after editing between the sharers.
 そこで本発明の目的は、元データを秘密分散法により複数の分割データに分割して、これらを複数のサーバ等に分散保管することで元データをセキュアに保管する仕組みにおいて、複数ユーザ間で元データを共有する際に、分散管理情報等についての再同期処理を要さずに共有された元データに対する編集や更新の処理を可能とするデータ共有システムを提供することにある。本発明の前記ならびにその他の目的と新規な特徴は、本明細書の記述および添付図面から明らかになるであろう。 Therefore, an object of the present invention is to divide original data into a plurality of divided data by a secret sharing method and distribute the original data in a plurality of servers etc. to securely store the original data among a plurality of users. An object of the present invention is to provide a data sharing system that enables processing of editing and updating original data without requiring resynchronization processing for distributed management information and the like when sharing data. The above and other objects and novel features of the present invention will be apparent from the description of this specification and the accompanying drawings.
 本願において開示される発明のうち、代表的なものの概要を簡単に説明すれば、以下のとおりである。 Of the inventions disclosed in this application, the outline of typical ones will be briefly described as follows.
 本発明の代表的な実施の形態によるデータ共有システムは、記憶装置を有する複数のサーバと、前記各サーバとネットワークを介して接続され、元データを秘密分散法により(n+1)個の分割データに分割して、前記各分割データのうちn個を、n個の前記サーバの記憶装置にそれぞれ分散保管する第1の情報処理装置とを有するデータ共有システムであって、以下の特徴を有するものである。 A data sharing system according to a representative embodiment of the present invention is connected to a plurality of servers having storage devices and the servers via a network, and the original data is divided into (n + 1) pieces of divided data by a secret sharing method. A data sharing system having a first information processing apparatus that divides and stores n pieces of the divided data in the storage devices of the n servers, respectively, and has the following characteristics: is there.
 すなわち、前記第1の情報処理装置は、前記元データを秘密分散法によりn個の第1の分割データと1個の第2の分割データに分割し、前記第2の分割データを前記第1の情報処理装置上に保持する分割処理部と、n個の前記第1の分割データをそれぞれ異なるn個の前記サーバに送信する第1の分散処理部とを有し、前記分割処理部は、前記第2の分割データを、前記元データの内容が更新された場合であっても同じ値となり、かつ、前記元データの復元の際に前記第2の分割データを用いることが必須となるように生成し、前記サーバは、前記第1の情報処理装置から送信された前記第1の分割データを記憶装置に格納する分散保管部を有する。 That is, the first information processing apparatus divides the original data into n first divided data and one second divided data by a secret sharing method, and the second divided data is divided into the first divided data. A division processing unit held on the information processing apparatus, and a first distributed processing unit that transmits n pieces of the first divided data to different n servers. The division processing unit includes: The second divided data has the same value even when the contents of the original data are updated, and it is essential to use the second divided data when restoring the original data. The server includes a distributed storage unit that stores the first divided data transmitted from the first information processing apparatus in a storage device.
 本願において開示される発明のうち、代表的なものによって得られる効果を簡単に説明すれば以下のとおりである。 Among the inventions disclosed in the present application, effects obtained by typical ones will be briefly described as follows.
 本発明の代表的な実施の形態によれば、元データを秘密分散法により複数の分割データに分割して、これらを複数のサーバ等に分散保管することで元データをセキュアに保管する仕組みにおいて、複数ユーザ間で元データを共有する際に、分散管理情報等についての再同期処理を要さずに共有された元データに対する編集や更新の処理を行うことが可能となる。 According to a typical embodiment of the present invention, in a mechanism for securely storing original data by dividing the original data into a plurality of divided data by the secret sharing method and distributing and storing them in a plurality of servers or the like. When the original data is shared among a plurality of users, it becomes possible to perform editing and update processing on the shared original data without requiring resynchronization processing for the distributed management information and the like.
本発明の実施の形態1であるデータ共有システムの構成例について概要を示した図である。It is the figure which showed the outline | summary about the structural example of the data sharing system which is Embodiment 1 of this invention. 本発明の実施の形態1における元データに対する編集や更新を伴う共有を行う場合の例について概要を示した図である。It is the figure which showed the outline | summary about the example in the case of performing the sharing accompanying the edit and update with respect to the original data in Embodiment 1 of this invention. 本発明の実施の形態1における元データの分割方法の例について概要を示した図である。It is the figure which showed the outline | summary about the example of the division | segmentation method of the original data in Embodiment 1 of this invention. 本発明の実施の形態1におけるクライアント端末において元データを保存する際の処理の流れの例について概要を示した図である。It is the figure which showed the outline | summary about the example of the flow of a process at the time of preserve | saving original data in the client terminal in Embodiment 1 of this invention. 本発明の実施の形態1におけるクライアント端末において元データを復元する際の処理の流れの例について概要を示した図である。It is the figure which showed the outline | summary about the example of the flow of a process at the time of decompress | restoring original data in the client terminal in Embodiment 1 of this invention. 本発明の実施の形態2であるデータ共有システムの構成例について概要を示した図である。It is the figure which showed the outline | summary about the structural example of the data sharing system which is Embodiment 2 of this invention. 従来の技術における元データに対する編集や更新を伴う共有を行う場合の例について概要を示した図である。It is the figure which showed the outline | summary about the example in the case of performing the sharing accompanying the edit and update with respect to the original data in a prior art.
 以下、本発明の実施の形態を図面に基づいて詳細に説明する。なお、実施の形態を説明するための全図において、同一部には原則として同一の符号を付し、その繰り返しの説明は省略する。また、以下においては、本発明の特徴を分かり易くするために、従来の技術と比較して説明する。 Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. Note that components having the same function are denoted by the same reference symbols throughout the drawings for describing the embodiment, and the repetitive description thereof will be omitted. In the following, in order to make the features of the present invention easier to understand, the description will be made in comparison with the prior art.
 <実施の形態1>
 [概要]
 上述したように、従来の技術では、元データを秘密分散法により複数の分割データに分割し、これらを分散保管することで、可用性を高めつつセキュアに元データを保管することが可能である。ここで、複数の分割データとしてサーバ等に分散保管されている元データを他のユーザと共有する場合に、元データに対する編集や更新を行わない参照のみの共有であれば、通常のファイルの共有の場合と同様に比較的容易に実現することができる。例えば、元データを秘密分散法により分割した際に生成される分散管理情報やダミーファイル等を、元データの作成者と共有者との間でオンラインもしくはオフラインで同期する。これにより、共有者は同期された分散管理情報に基づいて必要な分割データを収集し、元データを復元して参照することができる。 <Embodiment 1>
[Overview]
As described above, in the conventional technique, the original data is divided into a plurality of divided data by the secret sharing method, and these are distributed and stored, so that the original data can be securely stored while increasing the availability. Here, when sharing original data that is distributed and stored in a server or the like as a plurality of divided data with other users, if the reference data is not edited or updated, only normal file sharing As in the case of, it can be realized relatively easily. For example, the distribution management information and dummy files generated when the original data is divided by the secret sharing method are synchronized online or offline between the creator of the original data and the sharer. Accordingly, the sharer can collect necessary divided data based on the synchronized distributed management information, and can restore and refer to the original data.
 しかしながら、従来の技術では、元データに対する編集や更新を伴う共有を整合性を維持しつつ実現することは困難である。図7は、従来の技術における元データに対する編集や更新を伴う共有を行う場合の例について概要を示した図である。図7の例では、まず、クライアント端末A(100a)において、ユーザが元データ150a(バージョン1)を保管する際に、例えば(k,n)閾値秘密分散法により元データ150aをn個(図7の例では4個)の分割データ152a(バージョン1)に分割し、これらをn個のサーバ200に分散保管する。なお、ここでは説明の便宜上、複数の分割データ152aをまとめてサーバ200に保管するように図示しているが、実際は、各分割データ152aはそれぞれ異なるn個のサーバ200上に分散保管されるものとする。 However, with the conventional technology, it is difficult to realize sharing with editing and updating of the original data while maintaining consistency. FIG. 7 is a diagram showing an outline of an example in the case of sharing with editing and updating of original data in the conventional technique. In the example of FIG. 7, first, when the user stores the original data 150a (version 1) in the client terminal A (100a), n pieces of original data 150a (for example, by (k, n) threshold secret sharing method) (see FIG. 7). 7 is divided into four pieces) divided data 152a (version 1), and these are distributed and stored in n servers 200. Here, for convenience of explanation, a plurality of divided data 152a is illustrated as being stored together in the server 200, but in reality, each divided data 152a is distributed and stored on n different servers 200. And
 このとき、クライアント端末A(100a)では、元データ150aに対応して、各分割データ152aを特定し、かつ各分割データ152aの所在に係る情報を含む分散管理情報151a(バージョン1)を生成する。なお、分散管理情報151aは、元データ150aに対応するダミーファイル(例えば、元データ150aに対するいわゆるショートカットやエイリアス等からなる)などと関連付けられていてもよい。 At this time, the client terminal A (100a) specifies each divided data 152a corresponding to the original data 150a, and generates distributed management information 151a (version 1) including information relating to the location of each divided data 152a. . The distributed management information 151a may be associated with a dummy file (for example, a so-called shortcut or alias for the original data 150a) corresponding to the original data 150a.
 その後、分散管理情報151aを他のクライアント端末B(100b)との間で同期する。例えば、分散管理情報151aをネットワーク300を介してクライアント端末B(100b)に送信してオンラインで同期したり、手動でクライアント端末B(100b)のユーザに渡してオフラインで同期したりすることができる。 Thereafter, the distributed management information 151a is synchronized with another client terminal B (100b). For example, the distributed management information 151a can be transmitted to the client terminal B (100b) via the network 300 and synchronized online, or can be manually transferred to the user of the client terminal B (100b) and synchronized offline. .
 分散管理情報151aの同期を行ったクライアント端末B(100b)では、ユーザからの要求等に基づいて、分散管理情報151aを参照して、各分割データ152aが保管されているサーバ200からk個以上の分割データ152aを取得・収集する。さらに、収集したk個以上の分割データ152aに基づいて、(k,n)閾値秘密分散法により元データ150aを復元する。 In the client terminal B (100b) that has synchronized the distributed management information 151a, the client terminal B (100b) refers to the distributed management information 151a based on a request from the user or the like, and is k or more from the server 200 in which each divided data 152a is stored. The divided data 152a is acquired and collected. Further, the original data 150a is restored by the (k, n) threshold secret sharing method based on the collected k or more pieces of divided data 152a.
 その後、クライアント端末B(100b)のユーザは、元データ150aを所定のアプリケーション等により編集もしくは更新して、編集後の元データ150b(バージョン2)を得る。この元データ150bを保管する際にも同様に、例えば(k,n)閾値秘密分散法により元データ150bをn個(図7の例では4個)の分割データ152b(バージョン2)に分割し、これらをn個のサーバ200に分散保管する。なお、ここでのn個のサーバ200は、分割データ152a(バージョン1)が保管されていたn個のサーバ200とは一部もしくは全部が異なる場合もある。また、クライアント端末B(100b)では、元データ150bに対応して、各分割データ152bを特定し、かつ分割データ152bの所在に係る情報を含む分散管理情報151b(バージョン2)を生成する。 Thereafter, the user of the client terminal B (100b) edits or updates the original data 150a with a predetermined application or the like to obtain the edited original data 150b (version 2). Similarly, when storing the original data 150b, the original data 150b is divided into n (four in the example of FIG. 7) divided data 152b (version 2) by, for example, the (k, n) threshold secret sharing method. These are distributed and stored in n servers 200. The n servers 200 here may be partly or entirely different from the n servers 200 in which the divided data 152a (version 1) is stored. In addition, the client terminal B (100b) specifies each divided data 152b corresponding to the original data 150b, and generates distributed management information 151b (version 2) including information related to the location of the divided data 152b.
 この状態では、クライアント端末A(100a)において、分散管理情報151a(バージョン1)によって特定されるのは分割データ152a(バージョン1)であり、分割データ152b(バージョン2)ではない。従って、クライアント端末B(100b)と異なり、最新の元データ150b(バージョン2)を復元することができない状態となっている。これを整合させるためには、クライアント端末B(100b)で生成された分散管理情報151bをクライアント端末A(100a)に再度同期させる必要がある。 In this state, in the client terminal A (100a), what is specified by the distributed management information 151a (version 1) is the divided data 152a (version 1), not the divided data 152b (version 2). Therefore, unlike the client terminal B (100b), the latest original data 150b (version 2) cannot be restored. In order to make this consistent, it is necessary to synchronize the distributed management information 151b generated at the client terminal B (100b) with the client terminal A (100a) again.
 そこで本発明の実施の形態1であるデータ共有システムは、元データ150を(k,n)閾値秘密分散法等により複数の分割データ152に分割する際に、元データ150に対して編集や更新が行われて内容が変わった場合でも、1個の分割データについては毎回必ず同じ値となり、かつ、復元の際に当該分割データを用いることが必須となるように各分割データ152を生成する。この毎回同じ値となるように生成される必須の分割データ(以下では「固定分割データ」と記載する場合がある)については、本実施の形態では、サーバ200に分散保管するのではなく、秘密分散処理により元データ150を分割データ152に分割した各クライアント端末100上でそれぞれ保持するとともに、複数ユーザ間でこれを共有する。 Therefore, the data sharing system according to the first embodiment of the present invention edits and updates the original data 150 when dividing the original data 150 into the plurality of divided data 152 by the (k, n) threshold secret sharing method or the like. Even if the contents are changed by performing the above, each divided data 152 is generated so that one divided data always has the same value every time, and it is essential to use the divided data at the time of restoration. In the present embodiment, the essential divided data generated to have the same value every time (hereinafter may be referred to as “fixed divided data”) is not distributedly stored in the server 200 but secretly stored in this embodiment. The original data 150 is held on each client terminal 100 divided into divided data 152 by distributed processing, and the original data 150 is shared among a plurality of users.
 各クライアント端末100では、分散管理情報151の代わりにこの固定分割データを利用することで、元データ150の編集や更新等に伴う分散管理情報151の再同期処理等を要さずに、各サーバ200から対応する分割データ152(すなわち最新バージョンの分割データ152)を収集して最新バージョンの元データ150を復元することを可能とする。 In each client terminal 100, by using this fixed division data instead of the distributed management information 151, each server does not require the resynchronization processing of the distributed management information 151 accompanying the editing or updating of the original data 150. The corresponding divided data 152 (that is, the latest version of the divided data 152) is collected from 200, and the latest version of the original data 150 can be restored.
 図2は、本発明の一実施の形態であるデータ共有システムにおける元データに対する編集や更新を伴う共有を行う場合の例について概要を示した図である。図2の例では、図7の例と同様に、まず、クライアント端末A(100a)において、ユーザが元データ150a(バージョン1)を保管する際に、例えば(k,n)閾値秘密分散法等を用いて、後述するように元データ150aをn個(図2の例では3個)の分割データ152a(バージョン1)と1個の固定分割データ153からなる合計(n+1)個(図2の例では4個)の分割データに分割する。この固定分割データ153は、上述したように、元データ150aに対して編集や更新が行われて内容が変わった場合でも、毎回同じ値となるように生成され、かつ、元データ150aの復元の際に当該分割データを用いることが必須となる分割データである。 FIG. 2 is a diagram showing an outline of an example in the case of sharing with editing or updating of original data in the data sharing system according to an embodiment of the present invention. In the example of FIG. 2, as in the example of FIG. 7, first, when the user stores the original data 150a (version 1) in the client terminal A (100a), for example, the (k, n) threshold secret sharing method, etc. As described later, the original data 150a is divided into n (three in the example of FIG. 2) divided data 152a (version 1) and one fixed divided data 153 (n + 1) in total (FIG. 2). In this example, the data is divided into four pieces). As described above, the fixed divided data 153 is generated so as to have the same value every time even when the content is changed by editing or updating the original data 150a, and the original data 150a is restored. In this case, the divided data is indispensable to use the divided data.
 図3は、本実施の形態における元データの分割方法の例について概要を示した図である。図3の例では、まず、元データ150を2つのデータに分割する。ここでは、元データ150の復元の際にこれら2つのデータの双方を用いることが必須となるよう、例えば、(2,2)閾値秘密分散法等により分割する。その後、分割により得られた2つのデータのうちの一方を固定分割データ153とするとともに、他方のデータ(中間データ154)をさらに(k,n)閾値秘密分散法等により、復元するためにはk個以上が必要なn個(図3の例では3個)の分割データ152に分割する。これにより、元データ150の復元の際に固定分割データ153が必須となるような、n個の分割データ152と1個の固定分割データ153の合計(n+1)個の分割データを得ることができる。なお、元データ150の分割方法は上記のものに限られず、他の方法をとることも可能である。 FIG. 3 is a diagram showing an outline of an example of the original data dividing method in the present embodiment. In the example of FIG. 3, first, the original data 150 is divided into two data. Here, for example, (2, 2) threshold value secret sharing is used to divide the original data 150 so that it is essential to use both of these two data. After that, one of the two data obtained by the division is set as fixed division data 153, and the other data (intermediate data 154) is further restored by the (k, n) threshold secret sharing method or the like. The data is divided into n pieces (three pieces in the example of FIG. 3) that need k pieces or more. As a result, a total of (n + 1) pieces of divided data of n pieces of divided data 152 and one piece of fixed divided data 153 can be obtained so that the fixed pieces of divided data 153 are essential when the original data 150 is restored. . The dividing method of the original data 150 is not limited to the above method, and other methods can be used.
 図2の例では、上記の手順により生成されたn個の分割データ152aを複数のサーバ200に分散保管する。なお、図7の例と同様に、説明の便宜上、複数の分割データ152aをまとめてサーバ200に保管するように図示しているが、実際は、各分割データ152aはそれぞれ異なるn個のサーバ200上に分散保管されるものとする。このとき、クライアント端末A(100a)では、固定分割データ153を保持しておく。なお、固定分割データ153は、元データ150aに対応するダミーファイル(例えば、元データ150aに対するいわゆるショートカットやエイリアス等からなる)などと関連付けられていてもよい。 In the example of FIG. 2, n pieces of divided data 152a generated by the above procedure are distributed and stored in a plurality of servers 200. As in the example of FIG. 7, for convenience of explanation, a plurality of pieces of divided data 152 a are illustrated as being stored together in the server 200, but in reality, each piece of divided data 152 a is stored on n different servers 200. Shall be distributed and stored. At this time, the client terminal A (100a) holds the fixed divided data 153. Note that the fixed division data 153 may be associated with a dummy file corresponding to the original data 150a (for example, a so-called shortcut or alias for the original data 150a).
 その後、固定分割データ153を他のクライアント端末B(100b)との間で同期する。例えば、固定分割データ153をネットワーク300を介してクライアント端末B(100b)に送信してオンラインで同期したり、手動でクライアント端末B(100b)のユーザに渡してオフラインで同期したりすることができる。なお、クライアント端末B(100b)が、過去に同期を行った等により当該固定分割データ153を既に有している場合は、再同期の処理は不要である。 Thereafter, the fixed division data 153 is synchronized with the other client terminal B (100b). For example, the fixed division data 153 can be transmitted to the client terminal B (100b) via the network 300 and synchronized online, or can be manually passed to the user of the client terminal B (100b) and synchronized offline. . If the client terminal B (100b) already has the fixed divided data 153 due to synchronization in the past or the like, the resynchronization process is unnecessary.
 固定分割データ153の同期を行ったクライアント端末B(100b)では、ユーザからの要求等に基づいて、固定分割データ153に基づいて各サーバ200から対応する分割データ152aをk個以上取得・収集する。さらに、収集したk個以上の分割データ152aと、自身が保持する1個の固定分割データ153に基づいて元データ150aを復元する。ここでは、例えば、図3の例に示した分割方法の逆の処理として、まず、収集したk個以上の分割データ152aから(k,n)閾値秘密分散法により中間データ154を復元する。さらに、中間データ154と固定分割データ153から(2,2)閾値秘密分散法により元データ150aを復元する。 The client terminal B (100b) that has synchronized the fixed divided data 153 acquires and collects k or more corresponding divided data 152a from each server 200 based on the fixed divided data 153 based on a request from the user or the like. . Further, the original data 150a is restored based on the collected k or more pieces of divided data 152a and one fixed divided data 153 held by itself. Here, for example, as the reverse process of the division method shown in the example of FIG. 3, first, the intermediate data 154 is restored from the collected k or more pieces of divided data 152a by the (k, n) threshold secret sharing method. Further, the original data 150a is restored from the intermediate data 154 and the fixed divided data 153 by the (2, 2) threshold secret sharing method.
 固定分割データ153に基づいて対応する分割データ152aを収集する手法としてはいくつかのものが考えられ、これらを適宜適用することができる。例えば、クライアント端末A(100a)において元データ150aを秘密分散法により固定分割データ153および分割データ152aに分割した際に、元データ150を識別するファイルID等の情報を、固定分割データ153および各分割データ152aのヘッダ等に付加しておく。これにより、固定分割データ153のヘッダ等に含まれるファイルID情報と対応するファイルID情報をヘッダ等に含む分割データ152aを識別することができる。 There are several methods for collecting the corresponding divided data 152a based on the fixed divided data 153, and these can be applied as appropriate. For example, when the original data 150a is divided into the fixed divided data 153 and the divided data 152a by the secret sharing method in the client terminal A (100a), information such as a file ID for identifying the original data 150 is changed to the fixed divided data 153 and each It is added to the header of the divided data 152a. Thereby, the divided data 152a including the file ID information corresponding to the file ID information included in the header or the like of the fixed divided data 153 in the header or the like can be identified.
 その後、クライアント端末B(100b)のユーザは、元データ150aを所定のアプリケーション等により編集もしくは更新して、編集後の元データ150b(バージョン2)を得る。この元データ150bを保管する際にも同様に、例えば図3に示したような分割方法により元データ150bをn個(図2の例では3個)の分割データ152b(バージョン2)と1個の固定分割データ153からなる合計(n+1)個の分割データに分割する。なお、この固定分割データ153の値は、上述したように編集前のバージョンの固定分割データ153の値と変わらず不変である。 Thereafter, the user of the client terminal B (100b) edits or updates the original data 150a with a predetermined application or the like to obtain the edited original data 150b (version 2). Similarly, when the original data 150b is stored, n pieces of original data 150b (three pieces in the example of FIG. 2) and one piece of divided data 152b (version 2) are divided by the dividing method shown in FIG. 3, for example. Are divided into a total of (n + 1) pieces of divided data. Note that the value of the fixed division data 153 is unchanged from the value of the fixed division data 153 of the version before editing as described above.
 図2の例では、生成されたn個の分割データ152bをn個のサーバ200に分散保管する。なお、ここでのn個のサーバ200は、分割データ152a(バージョン1)が保管されていたn個のサーバ200とは一部もしくは全部が異なる場合もある。また、クライアント端末B(100b)では、固定分割データ153を保持しておく。このとき、固定分割データ153は、元データ150bに対応するダミーファイル等と関連付けられていてもよい。 In the example of FIG. 2, the generated n pieces of divided data 152b are distributed and stored in the n servers 200. The n servers 200 here may be partly or entirely different from the n servers 200 in which the divided data 152a (version 1) is stored. Further, the client terminal B (100b) holds the fixed divided data 153. At this time, the fixed division data 153 may be associated with a dummy file or the like corresponding to the original data 150b.
 この状態では、図7の例の場合と異なり、クライアント端末A(100a)において、固定分割データ153の内容はクライアント端末B(100b)におけるものと同じであるため、クライアント端末A(100a)においても、再同期処理等を要さずに、保持していた固定分割データ153に基づいて対応する最新の分割データ152b(バージョン2)を特定して収集し、最新の元データ150b(バージョン2)を復元することが可能である。なお、このためには、各サーバ200において、旧バージョンの分割データ152aは削除しておく必要がある。すなわち、世代管理を行うことはできず、各サーバ200には、常に最新バージョンの分割データ152が存在する状況である必要がある。 In this state, unlike the example of FIG. 7, in the client terminal A (100a), the content of the fixed division data 153 is the same as that in the client terminal B (100b). The latest latest divided data 152b (version 2) corresponding to the stored fixed divided data 153 is identified and collected based on the held fixed divided data 153 without the need for resynchronization processing, and the latest original data 150b (version 2) is collected. It is possible to restore. For this purpose, it is necessary to delete the old version of the divided data 152a in each server 200. That is, generation management cannot be performed, and it is necessary that each server 200 always has the latest version of the divided data 152.
 [システム構成]
 図1は、本発明の一実施の形態であるデータ共有システムの構成例について概要を示した図である。データ共有システム1は、元データ150を共有する複数のクライアント端末100(図1の例ではクライアント端末A(100a)とクライアント端末B(100b)の2つ)と、複数のサーバ200とがインターネット等のネットワーク300を介して互いに接続され通信可能な構成を有する。 [System configuration]
FIG. 1 is a diagram showing an outline of a configuration example of a data sharing system according to an embodiment of the present invention. In the data sharing system 1, a plurality of client terminals 100 sharing the original data 150 (two in the example of FIG. 1, client terminal A (100 a) and client terminal B (100 b)) and a plurality of servers 200 are connected to the Internet or the like. Are connected to each other via the network 300 and can communicate with each other.
 クライアント端末100は、ユーザが重要データ等からなる元データ150を作成・編集・保管等するために用いる、PCや携帯型端末等からなる情報処理装置であって、例えば、図示しないOS(Operating System)上で動作するソフトウェアプログラムによって実装される分割処理部110(110a、b)、分散処理部120(120a、b)、復元処理部130(130a、b)、およびインタフェース部140(140a、b)などの各部を有する。また、元データ150から分割処理部110により生成された、上述した固定分割データ153を、図示しないHDD(Hard Disk Drive)等の記憶装置上に保持している。 The client terminal 100 is an information processing apparatus such as a PC or a portable terminal that is used by the user to create, edit, and store original data 150 including important data. ) The division processing unit 110 (110a, b), the distributed processing unit 120 (120a, b), the restoration processing unit 130 (130a, b), and the interface unit 140 (140a, b) implemented by the software program that operates on the above. Etc. have each part. Further, the above-described fixed divided data 153 generated from the original data 150 by the division processing unit 110 is held on a storage device such as an HDD (Hard Disk Disk Drive) (not shown).
 分割処理部110は、例えば、後述するインタフェース部140を介してユーザからセキュアな保管を指示された元データ150を、例えば、図3の例に示したような、(k,n)閾値秘密分散法(k≦n)等を利用した所定の手順に従って、各サーバ200に分散保管するn個の分割データ152、およびクライアント端末100上に保持する1個の固定分割データ153の合計(n+1)個の分割データに分割する。なお、秘密分散のアルゴリズムは特に限定されず、公知の手法を用いることができるが、図3の例に示したように、ある元データ150について編集や更新等が行われても、毎回同じ値となり、かつ、元データ150の復元の際に必須となる固定分割データ153を1個生成する機能を有するものとする。 The division processing unit 110 uses, for example, the (k, n) threshold secret sharing as illustrated in the example of FIG. 3 for the original data 150 instructed to be securely stored by the user via the interface unit 140 described later. A total of (n + 1) pieces of n pieces of divided data 152 distributedly stored in each server 200 and one fixed piece of divided data 153 held on the client terminal 100 in accordance with a predetermined procedure using a method (k ≦ n) or the like Divide into the divided data. Note that the secret sharing algorithm is not particularly limited, and a known method can be used. However, as shown in the example of FIG. 3, even if editing or updating is performed on certain original data 150, the same value is used each time. In addition, it has a function of generating one piece of fixed divided data 153 that is essential when the original data 150 is restored.
 一般的に知られている秘密分散の手法において、毎回同じ値となるような固定分割データ153を生成する機能は比較的容易に実現することが可能である。例えば、多項式を用いた(2,2)閾値秘密分散法の場合、y=ax+Sの式により表される直線において、切片により表される秘密情報Sに対して必ず特定の座標を通るように傾きaの値を設定する。この直線において、当該特定の座標に基づいて得られるデータを固定分割データ153とするとともに、ランダムに選択した直線上の他の1点の座標に基づいて他方のデータである中間データ154を決定することができる。 In the generally known secret sharing technique, the function of generating the fixed divided data 153 having the same value every time can be realized relatively easily. For example, in the case of the (2, 2) threshold secret sharing method using a polynomial, the slope of the secret information S represented by the intercept always passes through a specific coordinate on the straight line represented by the equation y = ax + S. Set the value of a. In this straight line, the data obtained based on the specific coordinate is set as fixed division data 153, and the intermediate data 154 which is the other data is determined based on the coordinates of one other point on the randomly selected straight line. be able to.
 なお、ここでは、ある元データ150について、編集や更新等が行われても毎回同じ値となるように固定分割データ153を生成するものとしているが、さらに、異なる元データ150との間でも同じ値となるように固定分割データ153を生成するようにしてもよい。すなわち、複数種類の元データ150に対して共通に用いることができる固定分割データ153を生成するようにしてもよい。 Note that, here, the fixed divided data 153 is generated so that the same value is obtained every time the original data 150 is edited or updated, but the same is applied to different original data 150. The fixed division data 153 may be generated so as to be a value. That is, you may make it produce | generate the fixed division | segmentation data 153 which can be used in common with respect to multiple types of original data 150. FIG.
 分散処理部120は、例えば、分割処理部110により元データ150から生成されたn個の各分割データ152について、図示しない設定情報の内容に基づく所定の条件に従って各サーバ200に送信して分散保管する。設定情報としては、例えば、分散保管先となる各サーバ200に対するアクセス情報(IPアドレスやホスト名等)、n個より多数のサーバ200が存在する場合にn個のサーバ200を選択するための基準や条件(例えばサーバ200の優先順位や順序付けされたリスト、ローテーションする際の方法等)などの情報を、ファイルやレジストリ等により予め設定しておくことができる。 The distributed processing unit 120 transmits, for example, each of the n pieces of divided data 152 generated from the original data 150 by the divided processing unit 110 to each server 200 according to a predetermined condition based on the contents of setting information (not shown) to be distributed and stored. To do. The setting information includes, for example, access information (IP address, host name, etc.) for each server 200 that is a distributed storage destination, and a criterion for selecting n servers 200 when there are more than n servers 200. And information such as the priority of the server 200, an ordered list, a rotation method, and the like can be set in advance by a file, a registry, or the like.
 また、分散処理部120は、後述する復元処理部130による元データ150の復元の際に、復元処理部130からの要求に基づいて、各サーバ200から、元データ150を復元するためのm個(k≦m≦n)の分割データ152を収集して復元処理部130に受け渡す。m個の分割データ152を収集する手法としては、例えば、上述したように、元データ150に対応する固定分割データ153に基づいて、各サーバ200に対して、対応する分割データ152を有しているか否かを問い合わせることで、これを有している各サーバ200から収集する。 The distributed processing unit 120 restores the original data 150 from each server 200 based on a request from the restoration processing unit 130 when restoring the original data 150 by the restoration processing unit 130 described later. The divided data 152 (k ≦ m ≦ n) is collected and transferred to the restoration processing unit 130. As a method of collecting the m pieces of divided data 152, for example, as described above, each server 200 has the corresponding divided data 152 based on the fixed divided data 153 corresponding to the original data 150. It is collected from each server 200 having this by inquiring whether or not it exists.
 なお、サーバ200の障害等により、分割データ152の分散保管時にn個の分割データ152のうちいずれか1個以上を各サーバ200に保管できなかった場合や、分割データ152の収集時にk個以上収集できなかった場合は、ユーザに対してエラーを応答するようにしてもよい。また、各サーバ200との間で分割データ152の送受信を行う際に、クライアント端末100および各サーバ200がそれぞれ分割データ152に対して所定の暗号化を施した上で送受信することで、情報漏洩のリスクをさらに低減させるようにしてもよい。 If one or more of the n divided data 152 cannot be stored in each server 200 when the divided data 152 is distributed and stored due to a failure of the server 200 or the like, or more than k when the divided data 152 is collected. If the data cannot be collected, an error may be returned to the user. Further, when transmitting / receiving the divided data 152 to / from each server 200, the client terminal 100 and each server 200 perform transmission / reception after performing predetermined encryption on the divided data 152, thereby causing information leakage. This risk may be further reduced.
 復元処理部130は、例えば、インタフェース部140を介してユーザから参照や編集等の利用を指示された元データ150について、これを復元するために必要な数であるk個以上の分割データ152を分散処理部120に要求して取得する。さらに、取得したk個以上の分割データ152と、自身が保持している1個の固定分割データ153から、所定の手順に従って元データ150を復元する。例えば、図3の例に示したような(k,n)閾値秘密分散法(k≦n)等を利用した分割方法の逆の手順により元データ150aを復元する。 For example, the restoration processing unit 130 stores k or more pieces of divided data 152 that are necessary for restoring the original data 150 instructed to be used for reference or editing by the user via the interface unit 140. The request is acquired from the distributed processing unit 120. Further, the original data 150 is restored according to a predetermined procedure from the acquired k or more pieces of divided data 152 and one fixed divided data 153 held by itself. For example, the original data 150a is restored by the reverse procedure of the division method using the (k, n) threshold secret sharing method (k ≦ n) as shown in the example of FIG.
 インタフェース部140は、クライアント端末100における画面表示等のユーザインタフェースやデータの送受信などの入出力機能を有する。ユーザは、例えば、一般的なOSが有するファイル管理用の画面等を利用して、クライアント端末100の機能を利用することができる。 The interface unit 140 has a user interface such as a screen display in the client terminal 100 and an input / output function such as data transmission / reception. The user can use the functions of the client terminal 100 by using, for example, a file management screen of a general OS.
 例えば、ファイル管理用の画面においてユーザが重要データを特定のフォルダ等にドラッグ&ドロップなどの簡易な操作により移動する。これをトリガとして、分割処理部110および分散処理部120によって、自動的に当該重要データを元データ150としてn個の分割データ152と1個の固定分割データ153に分割し、各分割データ152や固定分割データ153をユーザに意識させずに各サーバ200等に分散保管することができる。なお、このとき元データ150はクライアント端末100から削除するが、ファイル管理用の画面上では、ユーザに意識させないよう、例えば、元データ150に対応して、固定分割データ153を特定することができる図示しないダミーファイル等を作成して残しておくようにしてもよい。 For example, on the file management screen, the user moves important data to a specific folder or the like by a simple operation such as drag and drop. With this as a trigger, the division processing unit 110 and the distribution processing unit 120 automatically divide the important data as original data 150 into n division data 152 and one fixed division data 153, and each division data 152 or The fixed divided data 153 can be distributed and stored in each server 200 or the like without making the user aware of it. At this time, the original data 150 is deleted from the client terminal 100, but the fixed divided data 153 can be specified corresponding to the original data 150, for example, so as not to make the user aware of it on the file management screen. A dummy file or the like (not shown) may be created and left.
 また、例えば、ユーザは、ファイル管理用の画面において特定のフォルダにて管理されている元データ150のダミーファイル等に対して操作を行うことで、元データ150に対する参照や編集等の操作を行うことができる。すなわち、ダミーファイル等に対する操作をトリガとして、分散処理部120および復元処理部130によって、ダミーファイル等によって特定される固定分割データ153に基づいて、自動的に各サーバ200からm個(k≦m≦n)の対応する分割データ152を収集し、これらと固定分割データ153とから元データ150を復元してユーザに利用可能とすることができる。 Further, for example, the user performs operations such as reference and editing on the original data 150 by performing operations on the dummy file of the original data 150 managed in a specific folder on the file management screen. be able to. That is, using the operation on the dummy file or the like as a trigger, the distributed processing unit 120 and the restoration processing unit 130 automatically m (k ≦ m) from each server 200 based on the fixed division data 153 specified by the dummy file or the like. ≦ n) corresponding divided data 152 can be collected, and the original data 150 can be restored from these and the fixed divided data 153 and made available to the user.
 また、後述するように、例えばクライアント端末A(100a)で元データ150から生成された固定分割データ153を、他のクライアント端末100B(100b)に対してオンラインもしくはオフラインで同期し、クライアント端末B(100b)上で当該固定分割データ153に対するダミーファイル等を新たに生成する。これにより、クライアント端末B(100b)上において、当該ダミーファイル等を介した同様な操作により、対応する元データ150に対する参照や編集等の操作を行うことができ、クライアント端末A(100a)と元データ150を共有することが可能となる。なお、ダミーファイル等を用いずに、固定分割データ153をそのまま用いて、これに対するユーザからの操作の指示により、元データ150を復元してユーザに利用可能とするようにしてもよい。 As will be described later, for example, the fixed divided data 153 generated from the original data 150 at the client terminal A (100a) is synchronized with the other client terminal 100B (100b) online or offline, and the client terminal B ( 100b), a dummy file or the like for the fixed divided data 153 is newly generated. Thereby, on the client terminal B (100b), it is possible to perform operations such as reference and editing on the corresponding original data 150 by the same operation via the dummy file or the like, and the client terminal A (100a) and the original The data 150 can be shared. Instead of using a dummy file or the like, the fixed divided data 153 may be used as it is, and the original data 150 may be restored and made available to the user in response to an operation instruction from the user.
 また、図1の例では、各ユーザのクライアント端末100がそれぞれ個別に、元データ150についての秘密分散法による分割や復元、各サーバ200への分散保管等の処理を行うものとしているが、これらの処理を、元データ150を保管するファイルサーバ等の特定のサーバ上で一括して実行するようにしてもよい。 In the example of FIG. 1, each client terminal 100 individually performs processing such as division and restoration of the original data 150 by the secret sharing method, distributed storage in each server 200, etc. This process may be executed collectively on a specific server such as a file server that stores the original data 150.
 また、図1の例では、各クライアント端末100がそれぞれ分割処理部110および復元処理部130の双方を有する構成となっているが、クライアント端末100の役割等に応じて分割処理部110もしくは復元処理部130のいずれか一方のみを有する構成であってもよい(分割処理部110と復元処理部130はそれぞれ少なくとも1つ以上のクライアント端末100に存在すればよい)。例えば、元データ150の分散保管を行うクライアント端末A(100a)は分割処理部110aのみ有し、元データ150の復元と参照を行うクライアント端末B(100b)は復元処理部130bのみ有する構成とすることができる。この場合、分散処理部120の機能についても、分割(分割データ152の分散保管)と復元(分割データ152の収集)のそれぞれの機能に対応する部分のみを有する構成とすることができる。 Further, in the example of FIG. 1, each client terminal 100 has a configuration including both the division processing unit 110 and the restoration processing unit 130. The configuration may include only one of the units 130 (the division processing unit 110 and the restoration processing unit 130 may be present in at least one client terminal 100, respectively). For example, the client terminal A (100a) that performs distributed storage of the original data 150 has only the division processing unit 110a, and the client terminal B (100b) that restores and references the original data 150 has only the restoration processing unit 130b. be able to. In this case, the functions of the distributed processing unit 120 can also be configured to have only portions corresponding to the respective functions of division (distributed storage of the divided data 152) and restoration (collection of the divided data 152).
 サーバ200は、クライアント端末100から送信された分割データ152を格納することができる図示しないHDD等の記憶装置を有する情報処理装置であり、例えば、ファイルサーバや、ストレージサーバなどにより構成される。また、これらの情報処理装置を有するデータセンターであってもよい。また、クラウドコンピューティングサービスによる仮想サーバや仮想データセンター等であってもよい。 The server 200 is an information processing apparatus having a storage device such as an HDD (not shown) that can store the divided data 152 transmitted from the client terminal 100, and includes, for example, a file server or a storage server. Moreover, the data center which has these information processing apparatuses may be sufficient. Further, it may be a virtual server or a virtual data center by a cloud computing service.
 サーバ200は、例えば、図示しないOS上で動作するソフトウェアプログラムによって実装される分散保管部210を有する。分散保管部210は、クライアント端末100から送信された分割データ152を記憶装置に格納する。また、クライアント端末100からの分割データ152の問い合わせに対して、指定された固定分割データ153に対応する分割データ152を保管しているか否かを検索し、該当する分割データ152を保管している場合は、当該分割データ152をクライアント端末100に応答する。このとき、当該分割データ152を記憶装置から削除する(旧バージョンの分割データ152を残さない)ようにしてもよい。 The server 200 includes, for example, a distributed storage unit 210 that is implemented by a software program that runs on an OS (not shown). The distributed storage unit 210 stores the divided data 152 transmitted from the client terminal 100 in the storage device. Further, in response to the inquiry about the divided data 152 from the client terminal 100, whether or not the divided data 152 corresponding to the designated fixed divided data 153 is stored is searched, and the corresponding divided data 152 is stored. In this case, the divided data 152 is returned to the client terminal 100. At this time, the divided data 152 may be deleted from the storage device (the old version of the divided data 152 is not left).
 ここで、保管している各分割データ152が指定された固定分割データ153に対応するものであるか否かを判定する手法としては、上述したように、いくつかのものが考えられ、これらを適宜適用することができる。例えば、クライアント端末A(100a)において元データ150aを秘密分散法により固定分割データ153および分割データ152aに分割した際に、固定分割データ153および各分割データ152aのヘッダ等に付加した、元データ150を識別するファイルID等の情報に基づいて、固定分割データ153と同一のファイルIDを有する分割データ152を検索することができる。 Here, as described above, there are several methods for determining whether or not each stored divided data 152 corresponds to the designated fixed divided data 153. It can be applied as appropriate. For example, when the original data 150a is divided into the fixed divided data 153 and the divided data 152a by the secret sharing method at the client terminal A (100a), the original data 150 added to the header of the fixed divided data 153 and each divided data 152a, etc. The divided data 152 having the same file ID as the fixed divided data 153 can be searched based on information such as the file ID for identifying the file.
 [処理の流れ]
 図4は、クライアント端末100において元データ150を保存する際の処理の流れの例について概要を示した図である。例えば、クライアント端末A(100a)上で、ユーザがインタフェース部140aを介した操作により元データ150の保管を指示すると、まず、分割処理部110aにより、元データ150を秘密分散法により複数の分割データ152および1個の固定分割データ153に分割する(S01)。例えば、図3の例に示したような手順により、n個の分割データ152および1個の固定分割データ153からなる合計(n+1)個の分割データに分割する。 [Process flow]
FIG. 4 is a diagram showing an outline of an example of the flow of processing when the original data 150 is stored in the client terminal 100. For example, when the user instructs storage of the original data 150 by an operation via the interface unit 140a on the client terminal A (100a), first, the original data 150 is divided into a plurality of divided data by the secret sharing method by the division processing unit 110a. The data is divided into 152 and one fixed divided data 153 (S01). For example, the data is divided into a total of (n + 1) pieces of divided data including n pieces of divided data 152 and one fixed piece of divided data 153 by the procedure shown in the example of FIG.
 次に、分散処理部120aにより、n個の分割データ152を、所定のルールに基づいて決定された異なるn個のサーバ200にそれぞれ送信する(S02)。図4では、サーバA(200a)およびサーバB(200b)を含む各サーバ200に対してそれぞれ分割データ152を送信する場合の例を示している。分割データ152を受信した各サーバ200では、それぞれ、分散保管部210により、受信した分割データ152を記憶装置に保管し(S03)、処理結果をクライアント端末A(100a)に応答する。 Next, the distributed processing unit 120a transmits n pieces of divided data 152 to each of n different servers 200 determined based on a predetermined rule (S02). FIG. 4 shows an example in which the divided data 152 is transmitted to each server 200 including the server A (200a) and the server B (200b). Each server 200 that receives the divided data 152 stores the received divided data 152 in the storage device by the distributed storage unit 210 (S03), and returns the processing result to the client terminal A (100a).
 クライアント端末A(100a)では、分散処理部120aにより、n個の分割データ152が全てサーバ200に正常に保管されたか否かを判定する(S04)。ここで、n個の分割データ152の1つでも正常に保管できなかったものがあった場合は、インタフェース部140aを介してユーザにエラーを通知するようにしてもよい。このとき、上記の一連の処理をロールバックするようにしてもよい。また、正常に保管されなかった分割データ152があった場合でも、k個以上の分割データ152の保管が正常に完了した場合は、中間データ154および元データ150の復元が可能であることからエラーとはしないようにしてもよい。 In the client terminal A (100a), the distributed processing unit 120a determines whether all the n pieces of divided data 152 have been normally stored in the server 200 (S04). Here, if any one of the n pieces of divided data 152 cannot be stored normally, an error may be notified to the user via the interface unit 140a. At this time, the series of processes described above may be rolled back. In addition, even when there is divided data 152 that has not been normally stored, if the storage of k or more divided data 152 has been completed normally, the intermediate data 154 and the original data 150 can be restored, and an error will occur. You may not make it.
 各サーバ200への分散保管が正常に完了した場合は、分割処理部110aにより、ステップS01で生成された固定分割データ153を記憶装置等に保管する(S05)。このとき、元データ150に対応して固定分割データ153を特定することができるダミーファイルを生成するようにしてもよい。また、各サーバ200に分散保管した分割データ152をクライアント端末A(100a)の記憶装置から削除するようにしてもよい。また、必要に応じて、元データ150を共有する他のクライアント端末100に対して、固定分割データ153を同期する(送信する)ようにしてもよい。このとき、対応するダミーファイル等も合わせて同期するようにしてもよい。 When the distributed storage to each server 200 is completed normally, the division processing unit 110a stores the fixed division data 153 generated in step S01 in a storage device or the like (S05). At this time, a dummy file that can specify the fixed divided data 153 corresponding to the original data 150 may be generated. The divided data 152 distributed and stored in each server 200 may be deleted from the storage device of the client terminal A (100a). Moreover, you may make it synchronize (transmit) the fixed division | segmentation data 153 with respect to the other client terminal 100 which shares the original data 150 as needed. At this time, the corresponding dummy file or the like may also be synchronized.
 一方、図5は、クライアント端末100において元データ150を復元する際の処理の流れの例について概要を示した図である。例えば、クライアント端末A(100a)から固定分割データ153の同期を受けたクライアント端末B(100b)上で、ユーザがインタフェース部140bを介したダミーファイルに対する操作等により元データ150の参照(編集や更新のための参照を含む)を指示すると、まず、復元処理部130bにより、対象の元データ150に対応する固定分割データ153を記憶装置から取得する(S11)。例えば、ユーザが操作したダミーファイル等の情報に基づいて対応する固定分割データ153を特定して取得する。 On the other hand, FIG. 5 is a diagram showing an outline of an example of a processing flow when the original data 150 is restored in the client terminal 100. For example, on the client terminal B (100b) that has received the synchronization of the fixed division data 153 from the client terminal A (100a), the user references (edits or updates) the original data 150 by operating the dummy file via the interface unit 140b. First, the restoration processing unit 130b acquires the fixed divided data 153 corresponding to the target original data 150 from the storage device (S11). For example, the corresponding fixed divided data 153 is specified and acquired based on information such as a dummy file operated by the user.
 次に、分散処理部120bにより、各サーバ200に対して、固定分割データ153に対応する分割データ152を保持しているかを問い合わせる(S12)。ここでは、例えば、問い合わせのメッセージを各サーバ200に対してブロードキャスト(もしくは所定の範囲のサーバ200に対してマルチキャスト)する。図5では、サーバA(200a)およびサーバB(200b)を含む各サーバ200に対してそれぞれ問い合わせのメッセージをブロードキャスト(もしくはマルチキャスト)する場合の例を示している。 Next, the distributed processing unit 120b inquires of each server 200 whether or not the divided data 152 corresponding to the fixed divided data 153 is held (S12). Here, for example, an inquiry message is broadcast to each server 200 (or multicasted to servers 200 within a predetermined range). FIG. 5 shows an example in which an inquiry message is broadcast (or multicast) to each server 200 including the server A (200a) and the server B (200b).
 問い合わせのメッセージを受信したサーバ200では、それぞれ、分散保管部210により、固定分割データ153に対応する分割データ152を保持しているかを検索する(S13)。例えば、上述したように、固定分割データ153および各分割データ152のヘッダ等に付加された、元データ150を識別するファイルID等の情報に基づいて、固定分割データ153と同一のファイルIDを有する分割データ152を検索する。 In the server 200 that has received the inquiry message, the distributed storage unit 210 searches whether the divided data 152 corresponding to the fixed divided data 153 is held (S13). For example, as described above, the file ID is the same as that of the fixed divided data 153 based on information such as the file ID for identifying the original data 150 added to the fixed divided data 153 and the header of each divided data 152. The divided data 152 is searched.
 例えば、サーバA(200a)のように、対応する分割データ152を有している場合は、これをクライアント端末B(100b)に対して送信する(S14)。一方、サーバB(200b)のように、対応する分割データ152を有していない場合は、その旨をクライアント端末B(100b)に対して送信するようにしてもよい。 For example, when the corresponding divided data 152 is included as in the server A (200a), it is transmitted to the client terminal B (100b) (S14). On the other hand, when the corresponding divided data 152 is not included as in the server B (200b), the fact may be transmitted to the client terminal B (100b).
 クライアント端末B(100b)では、分散処理部120bにより、収集できた分割データ152の数mが、元データ150を復元するために必要となる個数以上であるか否かを判定する(S15)。例えば、本実施の形態のように、元データ150を図3に示すような手順で分割している場合、収集できた分割データ152の数mは、(k,n)閾値秘密分散法により中間データ154を復元するために必要となるk個以上であることが必要である。ここで、k個以上の分割データ152を収集できなかった場合は、インタフェース部140bを介してユーザにエラーを通知するようにしてもよい。 In the client terminal B (100b), the distributed processing unit 120b determines whether or not the number m of the divided data 152 that can be collected is equal to or greater than the number required to restore the original data 150 (S15). For example, when the original data 150 is divided according to the procedure shown in FIG. 3 as in the present embodiment, the number m of pieces of divided data 152 that can be collected is determined by the (k, n) threshold secret sharing method. It is necessary that the number is k or more necessary for restoring the data 154. Here, if k or more pieces of divided data 152 cannot be collected, an error may be notified to the user via the interface unit 140b.
 k個以上の分割データ152が収集できた場合は、復元処理部130bにより、収集したk個以上の分割データ152、およびステップS11で取得した固定分割データ153から、例えば、図3の例に示したような(k,n)閾値秘密分散法(k≦n)等を利用した分割方法の逆の手順により元データ150を復元する(S16)。ここで復元された元データ150は、図2において示したように最新バージョンのものである。この元データ150は、インタフェース部140bを介してユーザに提示され、ユーザは、これに対して参照や編集、更新などの処理を行うことができる。 When k or more pieces of divided data 152 can be collected, the restoration processing unit 130b uses the collected pieces of k or more pieces of divided data 152 and the fixed divided data 153 acquired in step S11, for example, as shown in the example of FIG. The original data 150 is restored by the reverse procedure of the division method using the (k, n) threshold secret sharing method (k ≦ n) or the like (S16). The original data 150 restored here is the latest version as shown in FIG. The original data 150 is presented to the user via the interface unit 140b, and the user can perform processing such as reference, editing, and updating.
 編集や更新等を行った後の元データ150を保管する際には、上述の図4に示した一連の処理により、再度秘密分散による元データ150の分割と、分割データ152の各サーバ200への分散保管が行われる。これにより、クライアント端末A(100a)のユーザも、再同期処理等を要さずに、自身が保持する固定分割データ153に基づいて、最新バージョンの元データ150を復元して参照や編集等することができ、クライアント端末A(100a)とクライアント端末B(100b)との間での元データ150の共有を実現することができる。 When storing the original data 150 after being edited or updated, the original data 150 is again divided by secret sharing and the divided data 152 is sent to each server 200 by the series of processes shown in FIG. Distributed storage is performed. As a result, the user of the client terminal A (100a) also restores the latest version of the original data 150 based on the fixed division data 153 held by the client terminal A (100a), and refers to, edits, etc. The original data 150 can be shared between the client terminal A (100a) and the client terminal B (100b).
 以上に説明したように、本発明の実施の形態1であるデータ共有システム1によれば、元データ150を秘密分散法により複数の分割データ152に分割する際に、元データ150に対して編集や更新が行われて内容が変わった場合でも毎回必ず同じ値となり、かつ、元データ150の復元の際に必須となるような固定分割データ153を生成する。この固定分割データ153を、サーバ200に分散保管するのではなく、秘密分散処理により元データ150を分割データ152に分割した各クライアント端末100上でそれぞれ保持するとともに、複数ユーザ間でこれを共有する。これにより、各クライアント端末100では、固定分割データ153を利用することで、元データ150に対する編集や更新等に伴う再同期処理等を要さずに、各サーバ200から対応する分割データ152を収集して最新バージョンの元データ150を復元することが可能となり、元データ150の共有を実現することが可能となる。 As described above, according to the data sharing system 1 according to the first embodiment of the present invention, when the original data 150 is divided into the plurality of divided data 152 by the secret sharing method, the original data 150 is edited. Even when the content is changed due to the update, the fixed divided data 153 that always has the same value and is indispensable when the original data 150 is restored is generated. The fixed divided data 153 is not stored in the server 200 in a distributed manner but is held on each client terminal 100 obtained by dividing the original data 150 into the divided data 152 by the secret sharing process and is shared among a plurality of users. . As a result, each client terminal 100 collects the corresponding divided data 152 from each server 200 by using the fixed divided data 153 without requiring re-synchronization processing associated with editing or updating of the original data 150. Thus, the latest version of the original data 150 can be restored, and sharing of the original data 150 can be realized.
 <実施の形態2>
 上記の実施の形態1では、元データ150から秘密分散法により生成した固定分割データ153を、秘密分散処理を行ったクライアント端末100上に保持する構成をとっている。当該固定分割データ153を他のユーザのクライアント端末100との間でそれぞれ個別に送受信する等により同期することで、他のユーザとの間での元データ150の共有を実現している。 <Embodiment 2>
In the first embodiment, the fixed division data 153 generated from the original data 150 by the secret sharing method is held on the client terminal 100 that has performed the secret sharing process. The original data 150 can be shared with other users by synchronizing the fixed division data 153 with other users' client terminals 100 by individually transmitting / receiving them.
 これに対し、本発明の実施の形態2であるデータ共有システムは、固定分割データ153を所定のサーバに送信し、当該サーバ上で保管する構成をとる。元データ150へのアクセスを希望するユーザは、当該サーバから対応する固定分割データ153を取得することで、実施の形態1の場合と同様に元データ150を復元することができる。これにより、元データ150を分散保管したユーザは、固定分割データ153を一度サーバに送信するだけで他の複数のユーザとの間で元データ150を共有することが可能となり、作業負荷や、ネットワーク負荷を低減させることができる。同一の元データ150についての編集・更新履歴に対してだけでなく、異なる複数種類の元データ150との間でも同一の値となるよう固定分割データ153を生成するようにした場合は、さらに低減効果を高めることができる。 On the other hand, the data sharing system according to the second embodiment of the present invention has a configuration in which the fixed divided data 153 is transmitted to a predetermined server and stored on the server. A user who desires access to the original data 150 can restore the original data 150 in the same manner as in the first embodiment by acquiring the corresponding fixed divided data 153 from the server. As a result, a user who has distributed and stored the original data 150 can share the original data 150 with a plurality of other users only by transmitting the fixed divided data 153 to the server once. The load can be reduced. If the fixed divided data 153 is generated not only for the edit / update history of the same original data 150 but also for different types of original data 150 so as to have the same value, the reduction is further reduced. The effect can be enhanced.
 [システム構成]
 図6は、本発明の実施の形態2であるデータ共有システムの構成例について概要を示した図である。図6の例では、図1に示したデータ共有システム1の構成例に加えて、クライアント端末100から送信された固定分割データ153を保管する所定のサーバとして固定分割データ保管サーバ400がネットワーク300に接続される構成を有する。 [System configuration]
FIG. 6 is a diagram showing an outline of a configuration example of the data sharing system according to the second embodiment of the present invention. In the example of FIG. 6, in addition to the configuration example of the data sharing system 1 illustrated in FIG. 1, the fixed divided data storage server 400 is added to the network 300 as a predetermined server that stores the fixed divided data 153 transmitted from the client terminal 100. It has a configuration to be connected.
 固定分割データ保管サーバ400は、サーバ200と同様に、クライアント端末100から送信された固定分割データ153を格納することができる図示しないHDD等の記憶装置を有する情報処理装置であり、例えば、ファイルサーバや、ストレージサーバなどにより構成される。また、これらの情報処理装置を有するデータセンターであってもよい。また、クラウドコンピューティングサービスによる仮想サーバや仮想データセンター等であってもよい。 The fixed divided data storage server 400 is an information processing apparatus having a storage device such as an HDD (not shown) that can store the fixed divided data 153 transmitted from the client terminal 100, similar to the server 200, for example, a file server And a storage server. Moreover, the data center which has these information processing apparatuses may be sufficient. Further, it may be a virtual server or a virtual data center by a cloud computing service.
 固定分割データ保管サーバ400は、例えば、図示しないOS上で動作するソフトウェアプログラムによって実装される固定分割データ保管部410および認証部420を有する。固定分割データ保管部410は、クライアント端末100から送信された固定分割データ153を記憶装置に格納する。また、クライアント端末100からの固定分割データ153の取得要求に対して、認証部420での認証処理において許可された場合に、該当する固定分割データ153をクライアント端末100に送信する。認証部420は、クライアント端末410からの固定分割データ153の取得要求に対して、ユーザ認証や機器認証等の所定の認証処理を行う。これにより、共用の固定分割データ保管サーバ400上に固定分割データ150を保管する構成としたことに伴う、固定分割データ150へのアクセス権の制御を行う。 The fixed divided data storage server 400 includes, for example, a fixed divided data storage unit 410 and an authentication unit 420 that are implemented by a software program that runs on an OS (not shown). The fixed divided data storage unit 410 stores the fixed divided data 153 transmitted from the client terminal 100 in the storage device. In addition, in response to an acquisition request for fixed division data 153 from the client terminal 100, when the authentication unit 420 permits the authentication processing, the corresponding fixed division data 153 is transmitted to the client terminal 100. The authentication unit 420 performs predetermined authentication processing such as user authentication and device authentication in response to an acquisition request for the fixed divided data 153 from the client terminal 410. Thereby, the access right to the fixed divided data 150 is controlled in accordance with the configuration in which the fixed divided data 150 is stored on the shared fixed divided data storage server 400.
 なお、図6の例では、固定分割データ保管サーバ400をサーバ200とは別に設ける構成としているが、複数のサーバ200のうちいずれか1つに対して固定分割データ保管サーバ400としての機能を併存させるようにしてもよい。このとき、元データ150(固定分割データ153)毎に異なるサーバ200を対応する固定分割データ保管サーバ400として機能させるようにしてもよい。いずれの構成であっても、各クライアント端末100は、対象の固定分割データ保管サーバ400を特定してアクセスするための宛先情報等を保持しているものとする。 In the example of FIG. 6, the fixed divided data storage server 400 is provided separately from the server 200, but the function as the fixed divided data storage server 400 coexists for any one of the plurality of servers 200. You may make it make it. At this time, a different server 200 may be caused to function as the corresponding fixed divided data storage server 400 for each original data 150 (fixed divided data 153). In any configuration, it is assumed that each client terminal 100 holds destination information and the like for specifying and accessing the target fixed divided data storage server 400.
 また、上述したように、本実施の形態では、クライアント端末100は、分散処理部120等により固定分割データ153を固定分割データ保管サーバ400に送信して保管する。これに伴い、図6に示すように、クライアント端末100は、固定分割データ153を保持しないものとしているが、生成した、もしくは固定分割データ保管サーバ400から取得した固定分割データ153をクライアント端末100上に保持するようにしてもよい。 As described above, in the present embodiment, the client terminal 100 transmits the fixed divided data 153 to the fixed divided data storage server 400 and stores it using the distributed processing unit 120 or the like. Accordingly, as shown in FIG. 6, the client terminal 100 does not hold the fixed divided data 153, but the fixed divided data 153 generated or acquired from the fixed divided data storage server 400 is stored on the client terminal 100. You may make it hold | maintain.
 また、固定分割データ保管サーバ400を、認証局などのいわゆる“信頼できる第三者機関(Trusted Third Party:TTP)”として構成することで、元データ150の復元の際に必ず認証局を介在させることができ、セキュリティを向上させることも可能である。 In addition, by configuring the fixed divided data storage server 400 as a so-called “trusted third party (TTP)” such as a certificate authority, the certificate authority is always interposed when the original data 150 is restored. It is possible to improve security.
 [処理の流れ]
 上記のような構成をとるため、本実施の形態では、実施の形態1の図4に示した、クライアント端末A(100a)において元データ150を保存する際の処理において、分割データ152についてのステップS01~S04の一連の処理は同様であるが、ステップS05の処理は、固定分割データ150を固定分割データ保管サーバ400に保管するという処理になる。 [Process flow]
In order to adopt the above-described configuration, in the present embodiment, the steps for the divided data 152 in the process of storing the original data 150 in the client terminal A (100a) shown in FIG. 4 of the first embodiment. The series of processes of S01 to S04 is the same, but the process of step S05 is a process of storing the fixed divided data 150 in the fixed divided data storage server 400.
 すなわち、クライアント端末A(100a)の分散処理部120aは、分割データ152についてのステップS02~S04の処理と同様に、固定分割データ150を固定分割データ保管サーバ400に送信する。固定分割データ保管サーバ400は、固定分割データ保管部410により、受信した固定分割データ150を記憶装置に保管し、処理結果をクライアント端末A(100a)に応答する。このとき、クライアント端末A(100a)では、分散処理部120aにより、固定分割データ153が固定分割データ保管サーバ400に正常に保管されたか否かを判定する。固定分割データ153が正常に保管できなかった場合は、インタフェース部140aを介してユーザにエラーを通知するようにしてもよい。このとき、それまでの一連の処理をロールバックするようにしてもよい。 That is, the distributed processing unit 120a of the client terminal A (100a) transmits the fixed divided data 150 to the fixed divided data storage server 400 in the same manner as the processing of steps S02 to S04 for the divided data 152. In the fixed divided data storage server 400, the fixed divided data storage unit 410 stores the received fixed divided data 150 in a storage device, and returns a processing result to the client terminal A (100a). At this time, in the client terminal A (100a), the distributed processing unit 120a determines whether or not the fixed divided data 153 is normally stored in the fixed divided data storage server 400. If the fixed division data 153 cannot be stored normally, an error may be notified to the user via the interface unit 140a. At this time, a series of processes up to that time may be rolled back.
 また、実施の形態1の図5に示した、クライアント端末B(100b)において元データ150を復元する際の処理において、ステップS11の処理は、固定分割データ150を固定分割データ保管サーバ400から取得するという処理になる。すなわち、クライアント端末B(100b)上で、ユーザがインタフェース部140bを介したダミーファイルに対する操作等により元データ150の参照を指示すると、例えば、ユーザが操作したダミーファイル等の情報に基づいて対応する固定分割データ153を特定する。分散処理部120bは、特定された固定分割データ153を保管している固定分割データ保管サーバ400にアクセスして固定分割データ153の取得を要求する。 In the process of restoring the original data 150 in the client terminal B (100b) shown in FIG. 5 of the first embodiment, the process of step S11 acquires the fixed divided data 150 from the fixed divided data storage server 400. It becomes processing to do. That is, on the client terminal B (100b), when the user instructs reference to the original data 150 by an operation on the dummy file via the interface unit 140b, for example, this is handled based on information such as the dummy file operated by the user. The fixed division data 153 is specified. The distributed processing unit 120b accesses the fixed divided data storage server 400 that stores the specified fixed divided data 153 and requests acquisition of the fixed divided data 153.
 固定分割データ保管サーバ400では、認証部420により所定の認証処理を行い、許可された場合は、固定分割データ保管部410により固定分割データ153をクライアント端末B(100b)に送信する。クライアント端末B(100b)の分散処理部120bは、取得した固定分割データ153を復元処理部130bに受け渡す。以降のステップS12~S16での処理は図5の例と同様である。一方、固定分割データ保管サーバ400での認証処理が拒否された場合は、クライアント端末B(100b)のインタフェース部140bを介してユーザにエラーを通知するようにしてもよい。 In the fixed divided data storage server 400, the authentication unit 420 performs a predetermined authentication process, and when permitted, the fixed divided data storage unit 410 transmits the fixed divided data 153 to the client terminal B (100b). The distributed processing unit 120b of the client terminal B (100b) transfers the acquired fixed divided data 153 to the restoration processing unit 130b. The subsequent processes in steps S12 to S16 are the same as in the example of FIG. On the other hand, when the authentication process in the fixed divided data storage server 400 is rejected, an error may be notified to the user via the interface unit 140b of the client terminal B (100b).
 以上に説明したように、本発明の実施の形態2であるデータ共有システム1によれば、固定分割データ153を固定分割データ保管サーバ400に送信して保管することで、固定分割データ保管サーバ400を介して複数ユーザ間でこれを共有する形態をとる。これにより、元データ150を分散保管したユーザは、固定分割データ153を一度固定分割データ保管サーバ400に送信するだけで他の複数のユーザとの間で元データ150を共有することが可能となり、作業負荷や、ネットワーク負荷を低減させることが可能となる。また、同一の元データ150についての編集・更新履歴に対してだけでなく、異なる複数種類の元データ150との間で同一の値となるよう固定分割データ153を生成するようにした場合は、さらに低減効果を高めることが可能となる。 As described above, according to the data sharing system 1 according to the second embodiment of the present invention, the fixed divided data storage server 400 is transmitted by sending the fixed divided data 153 to the fixed divided data storage server 400 and stored therein. This is shared among a plurality of users via a network. As a result, a user who has distributed and stored the original data 150 can share the original data 150 with a plurality of other users only by transmitting the fixed divided data 153 to the fixed divided data storage server 400 once. It becomes possible to reduce work load and network load. In addition, when the fixed divided data 153 is generated so as to have the same value not only with respect to the edit / update history of the same original data 150 but also with different types of original data 150, Further, the reduction effect can be enhanced.
 以上、本発明者によってなされた発明を実施の形態に基づき具体的に説明したが、本発明は前記実施の形態に限定されるものではなく、その要旨を逸脱しない範囲で種々変更可能であることはいうまでもない。 As mentioned above, the invention made by the present inventor has been specifically described based on the embodiment. However, the present invention is not limited to the embodiment, and various modifications can be made without departing from the scope of the invention. Needless to say.
 本発明は、対象の元データから秘密分散法により生成され、複数のサーバ等に分散保管された分割データに基づいて、他のユーザが元データを復元することで元データを共有するデータ共有システムに利用可能である。 The present invention relates to a data sharing system in which original data is shared by other users restoring original data based on divided data generated from a target original data by a secret sharing method and distributed and stored in a plurality of servers. Is available.
 1…データ共有システム、
 100(100a、b)…クライアント端末、110(110a、b)…分割処理部、120(120a、b)…分散処理部、130(130a、b)…復元処理部、140(140a、b)…インタフェース部、150(150a、b)…元データ、151(151a、b)…分散管理情報、152(152a、b)…分割データ、153…固定分割データ、154…中間データ、
 200…サーバ、210…分散保管部、
 300…ネットワーク、
 400…固定分割データ保管サーバ、410…固定分割データ保管部、420…認証部。 1 ... Data sharing system,
100 (100a, b) ... Client terminal, 110 (110a, b) ... Split processing unit, 120 (120a, b) ... Distributed processing unit, 130 (130a, b) ... Restoration processing unit, 140 (140a, b) ... Interface unit, 150 (150a, b) ... Original data, 151 (151a, b) ... Distributed management information, 152 (152a, b) ... Divided data, 153 ... Fixed divided data, 154 ... Intermediate data,
200 ... server, 210 ... distributed storage unit,
300 ... Network,
400: fixed divided data storage server, 410: fixed divided data storage unit, 420: authentication unit.

Claims (8)

  1.  記憶装置を有する複数のサーバと、
     前記各サーバとネットワークを介して接続され、元データを秘密分散法により(n+1)個の分割データに分割して、前記各分割データのうちn個を、n個の前記サーバの記憶装置にそれぞれ分散保管する第1の情報処理装置とを有するデータ共有システムであって、
     前記第1の情報処理装置は、
     前記元データを秘密分散法によりn個の第1の分割データと1個の第2の分割データに分割し、前記第2の分割データを前記第1の情報処理装置上に保持する分割処理部と、
     n個の前記第1の分割データをそれぞれ異なるn個の前記サーバに送信する第1の分散処理部とを有し、
     前記分割処理部は、前記第2の分割データを、前記元データの内容が更新された場合であっても同じ値となり、かつ、前記元データの復元の際に前記第2の分割データを用いることが必須となるように生成し、
     前記サーバは、
     前記第1の情報処理装置から送信された前記第1の分割データを記憶装置に格納する分散保管部を有することを特徴とするデータ共有システム。     A plurality of servers having storage devices;
    The server is connected to each server via a network, the original data is divided into (n + 1) pieces of divided data by a secret sharing method, and n pieces of the pieces of divided data are respectively stored in the storage devices of the n pieces of servers. A data sharing system having a first information processing apparatus for distributed storage,
    The first information processing apparatus includes:
    A division processing unit which divides the original data into n first divided data and one second divided data by a secret sharing method, and holds the second divided data on the first information processing apparatus When,
    a first distributed processing unit that transmits n pieces of the first divided data to different n pieces of the servers,
    The division processing unit has the same value as the second divided data even when the content of the original data is updated, and uses the second divided data when the original data is restored. To make it mandatory,
    The server
    A data sharing system comprising: a distributed storage unit that stores the first divided data transmitted from the first information processing apparatus in a storage device.
  2.  請求項1に記載のデータ共有システムにおいて、
     前記第1の情報処理装置もしくは前記各サーバと前記ネットワークを介して接続される他の第2の情報処理装置は、
     k個以上の前記第1の分割データと1個の前記第2の分割データとから秘密分散法により前記元データを復元する復元処理部と、
     復元する前記元データに対応する前記第2の分割データを指定して、前記各サーバに対して前記第2の分割データに対応する前記第1の分割データを保持しているか否かを問い合わせるメッセージをブロードキャストし、k個以上の前記第1の分割データを収集して前記復元処理部に受け渡す第2の分散処理部とを有し、
     前記各サーバの前記分散保管部は、
     前記メッセージに指定された前記第2の分割データに対応する前記第1の分割データが自身の記憶装置に保管されているかを検索し、保管されている場合は該当する前記第1の分割データを、前記メッセージを送信した前記第1もしくは前記第2の情報処理装置に送信することを特徴とするデータ共有システム。     The data sharing system according to claim 1,
    The second information processing apparatus connected to the first information processing apparatus or each of the servers via the network is:
    a restoration processing unit that restores the original data from the k or more pieces of the first divided data and one piece of the second divided data by a secret sharing method;
    A message for designating the second divided data corresponding to the original data to be restored and inquiring whether or not each server holds the first divided data corresponding to the second divided data A second distributed processing unit that collects k or more pieces of the first divided data and delivers them to the restoration processing unit,
    The distributed storage unit of each server is
    A search is performed to determine whether the first divided data corresponding to the second divided data specified in the message is stored in its own storage device. If the first divided data is stored, the corresponding first divided data is retrieved. A data sharing system that transmits the message to the first or second information processing apparatus that has transmitted the message.
  3.  記憶装置を有する複数の第1のサーバと、
     前記各第1のサーバとネットワークを介して接続され、元データを秘密分散法により(n+1)個の分割データに分割して、前記各分割データのうちn個を、n個の前記第1のサーバの記憶装置にそれぞれ分散保管する第1の情報処理装置とを有するデータ共有システムであって、
     さらに、(n+1)個の前記分割データのうち、n個の前記第1のサーバの記憶装置に分散保管したもの以外の他の1個の前記分割データを保管する記憶装置を有する第2のサーバを有し、
     前記第1の情報処理装置は、
     前記元データを秘密分散法によりn個の第1の分割データと1個の第2の分割データに分割する分割処理部と、
     n個の前記第1の分割データをそれぞれ異なるn個の前記第1のサーバに送信し、前記第2の分割データを前記第2のサーバに送信する第1の分散処理部とを有し、
     前記分割処理部は、前記第2の分割データを、前記元データの内容が更新された場合であっても同じ値となり、かつ、前記元データの復元の際に前記第2の分割データを用いることが必須となるように生成し、
     前記第1のサーバは、
     前記第1の情報処理装置から送信された前記第1の分割データを記憶装置に格納する分散保管部を有し、
     前記第2のサーバは、
     前記第1の情報処理装置から送信された前記第2の分割データを記憶装置に格納する固定分割データ保管部と、
     前記固定分割データ保管部による前記第2の分割データの記憶装置への保管、および記憶装置に保管された前記第2の分割データへのアクセスの際の認証処理を行う認証部とを有することを特徴とするデータ共有システム。     A plurality of first servers having a storage device;
    The first data is connected to each first server via a network, the original data is divided into (n + 1) divided data by a secret sharing method, and n pieces of the divided data are divided into n first pieces of the first data. A data sharing system having a first information processing device distributed and stored in a storage device of a server,
    Further, a second server having a storage device for storing one piece of the divided data other than those distributed and stored in the storage devices of the n first servers among the (n + 1) pieces of divided data Have
    The first information processing apparatus includes:
    A division processing unit that divides the original data into n first divided data and one second divided data by a secret sharing method;
    a first distributed processing unit that transmits n pieces of the first divided data to different n first servers, and transmits the second divided data to the second server,
    The division processing unit has the same value as the second divided data even when the content of the original data is updated, and uses the second divided data when the original data is restored. To make it mandatory,
    The first server is
    A distributed storage unit that stores the first divided data transmitted from the first information processing apparatus in a storage device;
    The second server is
    A fixed divided data storage unit for storing the second divided data transmitted from the first information processing apparatus in a storage device;
    An authentication unit that performs authentication processing when storing the second divided data in the storage device by the fixed divided data storage unit and accessing the second divided data stored in the storage device. Characteristic data sharing system.
  4.  請求項3に記載のデータ共有システムにおいて、
     前記第1の情報処理装置もしくは前記各サーバと前記ネットワークを介して接続される他の第2の情報処理装置は、
     k個以上の前記第1の分割データと1個の前記第2の分割データとから秘密分散法により前記元データを復元する復元処理部と、
     復元する前記元データに対応する前記第2の分割データを前記第2のサーバから取得し、取得した前記第2の分割データを指定して、前記各第1のサーバに対して前記第2の分割データに対応する前記第1の分割データを保持しているか否かを問い合わせるメッセージをブロードキャストし、k個以上の前記第1の分割データを収集して前記復元処理部に受け渡す第2の分散処理部とを有し、
     前記各サーバの前記分散保管部は、
     前記メッセージに指定された前記第2の分割データに対応する前記第1の分割データが自身の記憶装置に保管されているかを検索し、保管されている場合は該当する前記第1の分割データを、前記メッセージを送信した前記第1もしくは前記第2の情報処理装置に送信することを特徴とするデータ共有システム。     The data sharing system according to claim 3,
    The second information processing apparatus connected to the first information processing apparatus or each of the servers via the network is:
    a restoration processing unit that restores the original data from the k or more pieces of the first divided data and one piece of the second divided data by a secret sharing method;
    The second divided data corresponding to the original data to be restored is acquired from the second server, the acquired second divided data is designated, and the second data is specified to each first server. A second distribution that broadcasts a message inquiring whether or not the first divided data corresponding to the divided data is held, collects k or more pieces of the first divided data, and delivers them to the restoration processing unit A processing unit,
    The distributed storage unit of each server is
    A search is performed to determine whether the first divided data corresponding to the second divided data specified in the message is stored in its own storage device. If the first divided data is stored, the corresponding first divided data is retrieved. A data sharing system that transmits the message to the first or second information processing apparatus that has transmitted the message.
  5.  請求項2または4に記載のデータ共有システムにおいて、
     前記分割処理部は、前記元データを秘密分散法によりn個の前記第1の分割データと1個の前記第2の分割データに分割する際、
     前記元データを(2,2)閾値秘密分散法により分割して得た2つの分割データのうち一方を前記第2の分割データとし、他方をさらに(k,n)閾値秘密分散法により分割して得たn個の分割データを前記第1の分割データとすることを特徴とするデータ共有システム。     The data sharing system according to claim 2 or 4,
    The division processing unit divides the original data into n pieces of the first divided data and one piece of the second divided data by a secret sharing method.
    One of the two divided data obtained by dividing the original data by the (2, 2) threshold secret sharing method is used as the second divided data, and the other is further divided by the (k, n) threshold secret sharing method. A data sharing system, wherein the n pieces of divided data obtained as described above are used as the first divided data.
  6.  請求項5に記載のデータ共有システムにおいて、
     前記復元処理部は、k個以上の前記第1の分割データと1個の前記第2の分割データとから秘密分散法により前記元データを復元する際、
     k個以上の前記第1の分割データから(k,n)閾値秘密分散法によりデータを復元し、さらに、復元した当該データと前記第2の分割データとから(2,2)閾値秘密分散法により前記元データを復元することを特徴とするデータ共有システム。     The data sharing system according to claim 5, wherein
    When the restoration processing unit restores the original data from the k or more pieces of the first divided data and one piece of the second divided data by a secret sharing method,
    Data is restored from the k or more pieces of the first divided data by the (k, n) threshold secret sharing method, and (2, 2) threshold secret sharing method from the restored data and the second divided data. A data sharing system, wherein the original data is restored.
  7.  請求項1または3に記載のデータ共有システムにおいて、
     前記第1の情報処理装置は、
     前記分割処理部により前記元データをn個の前記第1の分割データと1個の前記第2の分割データに分割する際に、前記元データに対応して、前記第2の分割データを特定することができるダミーファイルを生成して保持することを特徴とするデータ共有システム。     The data sharing system according to claim 1 or 3,
    The first information processing apparatus includes:
    When the division processing unit divides the original data into n first divided data and one second divided data, the second divided data is identified corresponding to the original data. A data sharing system that generates and holds a dummy file that can be stored.
  8.  請求項2に記載のデータ共有システムにおいて、
     前記第1の情報処理装置は、
     前記分割処理部により生成された前記第2の分割データを、前記第2の分割データを有していない前記第2の情報処理装置に送信することを特徴とするデータ共有システム。     The data sharing system according to claim 2,
    The first information processing apparatus includes:
    A data sharing system, wherein the second divided data generated by the division processing unit is transmitted to the second information processing apparatus that does not have the second divided data.
PCT/JP2012/077462 2011-11-01 2012-10-24 Data sharing system WO2013065545A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
PCT/JP2011/075213 WO2013065135A1 (en) 2011-11-01 2011-11-01 Data sharing system
JPPCT/JP2011/075213 2011-11-01

Publications (1)

Publication Number Publication Date
WO2013065545A1 true WO2013065545A1 (en) 2013-05-10

Family

ID=48191529

Family Applications (2)

Application Number Title Priority Date Filing Date
PCT/JP2011/075213 WO2013065135A1 (en) 2011-11-01 2011-11-01 Data sharing system
PCT/JP2012/077462 WO2013065545A1 (en) 2011-11-01 2012-10-24 Data sharing system

Family Applications Before (1)

Application Number Title Priority Date Filing Date
PCT/JP2011/075213 WO2013065135A1 (en) 2011-11-01 2011-11-01 Data sharing system

Country Status (1)

Country Link
WO (2) WO2013065135A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI667909B (en) * 2018-07-31 2019-08-01 國立高雄科技大學 Method for protecting numeric data and computer program product
JP2019523955A (en) * 2016-06-09 2019-08-29 アンフォルマティック・ホリステック・インコーポレーテッド Data storage system and method for performing data storage
US10608949B2 (en) 2005-03-16 2020-03-31 Iii Holdings 12, Llc Simple integration of an on-demand compute environment

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9946894B2 (en) * 2014-06-27 2018-04-17 Panasonic Intellectual Property Management Co., Ltd. Data processing method and data processing device
CN104331496B (en) * 2014-11-19 2018-09-18 杭州网易云音乐科技有限公司 Picture sharing method and equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005141436A (en) * 2003-11-05 2005-06-02 Nippon Telegr & Teleph Corp <Ntt> Information distribution storing method and information distribution storing system and its device and its program and recording medium
JP2006185184A (en) * 2004-12-27 2006-07-13 Nomura Research Institute Ltd Authority management system, authentication server, authority management method, and authority management program
JP2007072643A (en) * 2005-09-06 2007-03-22 Toshiba Corp Data storage system
JP2007072216A (en) * 2005-09-07 2007-03-22 Global Friendship Inc Electronic information division method utilizing shared divided data
JP2007300157A (en) * 2006-04-27 2007-11-15 Toshiba Corp System, apparatus and program for secret distribution
JP2007334417A (en) * 2006-06-12 2007-12-27 Nippon Telegr & Teleph Corp <Ntt> Distributed information sharing method and terminal equipment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005141436A (en) * 2003-11-05 2005-06-02 Nippon Telegr & Teleph Corp <Ntt> Information distribution storing method and information distribution storing system and its device and its program and recording medium
JP2006185184A (en) * 2004-12-27 2006-07-13 Nomura Research Institute Ltd Authority management system, authentication server, authority management method, and authority management program
JP2007072643A (en) * 2005-09-06 2007-03-22 Toshiba Corp Data storage system
JP2007072216A (en) * 2005-09-07 2007-03-22 Global Friendship Inc Electronic information division method utilizing shared divided data
JP2007300157A (en) * 2006-04-27 2007-11-15 Toshiba Corp System, apparatus and program for secret distribution
JP2007334417A (en) * 2006-06-12 2007-12-27 Nippon Telegr & Teleph Corp <Ntt> Distributed information sharing method and terminal equipment

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10608949B2 (en) 2005-03-16 2020-03-31 Iii Holdings 12, Llc Simple integration of an on-demand compute environment
JP2019523955A (en) * 2016-06-09 2019-08-29 アンフォルマティック・ホリステック・インコーポレーテッド Data storage system and method for performing data storage
JP7000422B2 (en) 2016-06-09 2022-01-19 アンフォルマティック・ホリステック・インコーポレーテッド Data storage system and how to run data storage
TWI667909B (en) * 2018-07-31 2019-08-01 國立高雄科技大學 Method for protecting numeric data and computer program product

Also Published As

Publication number Publication date
WO2013065135A1 (en) 2013-05-10

Similar Documents

Publication Publication Date Title
US11740975B2 (en) System and method for managing blockchain nodes
JP5727020B2 (en) Cloud computing system and data synchronization method thereof
JP6795684B2 (en) Malware detection and content item restoration
US9596134B2 (en) Synchronization of configuration file of virtual application distribution chassis
US9195685B2 (en) Multi-tier recovery
US11159439B1 (en) Agent message delivery fairness
EP2575045B1 (en) Distributed computing backup and recovery system
EP2803006B1 (en) Cloud-based distributed data system
US8769310B2 (en) Encrypting data objects to back-up
EP3777014B1 (en) Encryption by default in an elastic computing system
US20120191969A1 (en) System and method for netbackup data decryption in a high latency low bandwidth environment
US9031906B2 (en) Method of managing data in asymmetric cluster file system
US8977891B2 (en) Optimized recovery
US20100161550A1 (en) File synchronization based on intercepting file system calls
US20180060348A1 (en) Method for Replication of Objects in a Cloud Object Store
EP3278225B1 (en) Disaster recovery as a service
WO2013065545A1 (en) Data sharing system
US9390101B1 (en) Social deduplication using trust networks
US10924275B1 (en) Creating multiple encrypted volumes from a single source
CN106341371A (en) Cloud storage data encryption method and cloud storage system
JP5795554B2 (en) File synchronization system using differential encryption, method and program thereof
WO2013065544A1 (en) Data distribution management system
US11662928B1 (en) Snapshot management across cloud provider network extension security boundaries
JP6272546B2 (en) Data storage device, data processing method, and data processing program
JP2017174000A (en) Dispersion storage system, dispersion storage program and dispersion storage method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12846003

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 14/08/2014)

NENP Non-entry into the national phase

Ref country code: JP

122 Ep: pct application non-entry in european phase

Ref document number: 12846003

Country of ref document: EP

Kind code of ref document: A1