JP2000040031A - File enciphering method and information processing system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To ensure the confidentiality of data exchanged between a host device and an external storage device without damaging the throughput of an information processing system. SOLUTION: This information processing system makes a magnetic tape controller 2 exist between a host device 1 and a magnetic tape unit 12, connects a data key enciphering device 11 with the device 1, also connects the controller 2 with a data key storage mechanism 8. When data are written to the unit 12, it sets a raw data key to the mechanism 8, enciphers write data at an encryption adapter 5 and writes it on a magnetic tape after enciphering the raw data key produced by the device 1 by means of the device 11 and writing it in a magnetic tape header. At the time of reading out, an enciphered data key of the magnetic tape header is read, decoded by the device 11 and set to the mechanism 8. The adapter 5 decodes read data and transfers it to the device 1.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a file encryption technique, and more particularly to a technique suitable for keeping confidentiality of data files in an external storage device of a computer system.

[0002]

2. Description of the Related Art In recent years, with the rapid enlargement and networking of computer systems, the number of opportunities for a large number of people to access a single system has increased. There is a growing demand for management and this is an important technical issue in this field.

[0003] Against this background, a technology for maintaining confidentiality by encrypting a data file has been devised for an external storage device of a computer system that records and reproduces a large amount of data.

For example, Japanese Patent Laying-Open No. 54-87032 discloses a technique for encrypting and decrypting data using an encryption device connected to a higher system such as a channel.

That is, in this technique, ordinary data is sent to an encryption device of a host system, where the data is encrypted into a meaningless data by a predetermined algorithm using a key, and then sent to an external storage device. Then, the data is read out from the storage medium, and the data is read out by the host system in the reverse procedure when the data is read out.

An algorithm disclosed in Japanese Patent Application Laid-Open No. 52-130505 is known as an algorithm for controlling data encryption and decryption processing using a key.

Further, by transferring the key, the medium on which the encrypted data created in the system is recorded is transported to another system, where the encrypted data can be read and restored.

[0008]

However, in the former prior art described above, when writing data to an external storage device, the data is once sent to an encryption device connected to the channel and encrypted, and after encryption, In order to take the procedure of reading the encrypted data again from the encryption device and writing the encrypted data to the external storage device via the channel, the channel and the portion of the encryption device connected thereto are A bottleneck in input / output processing, data transfer capability (throughput) per unit time between a channel and various external storage devices connected to the channel
However, there is a problem in that the performance is reduced.

Further, as shown in the above-mentioned prior art, when data is encrypted by an algorithm that performs control using a key, the encrypted data uses the contents of the key. It can be decrypted and read by anyone who knows it, and by any particular system. That is, the confidentiality of the data encrypted by the algorithm using the key depends solely on the management of the key. Therefore, strict management by converting the key into a more complicated form of encryption, for example, is an essential condition for ensuring high confidentiality of an encrypted file system for data using the key.

Accordingly, an object of the present invention is to provide an information processing system without impairing the system throughput.
It is an object of the present invention to provide a file encryption method capable of realizing confidentiality of data exchanged between a host device and an external storage device.

Another object of the present invention is to provide an information processing system capable of realizing confidentiality of data transmitted and received between a host device and an external storage device without impairing the throughput of the system. Is to do.

It is another object of the present invention to provide an information processing system capable of ensuring the security of a key for controlling a data encryption algorithm and improving the security performance of the entire system. .

It is another object of the present invention to provide an information processing system capable of achieving both efficient use of an external storage device by data compression and securing of data confidentiality by encryption.

Another object of the present invention is to provide an information processing system capable of safely and easily managing a data key and data encrypted by the data key.

The above and other objects and novel features of the present invention will become apparent from the description of the present specification and the accompanying drawings.

[0016]

SUMMARY OF THE INVENTION Among the inventions disclosed in the present application, the outline of a representative one will be briefly described.
It is as follows.

That is, the file encryption method according to the present invention includes a host device, a key encryption device connected to the host device, an external storage device for exchanging data with the host device, and the host device. A file encryption method in an information processing system comprising an external storage device and a control device for an external storage device interposed between the device and the external storage device, the key being encrypted from the key encryption device. A second step in which the control device of the external storage device receives the encrypted key, and the control device performs the encryption on the data from the higher-level device. A third step of performing encryption using the previous key.

In the file encryption method of the present invention, the file encryption method may further include storing the encrypted key and the encrypted data in a storage medium of the external storage device. Having the following steps.

Further, the information processing system of the present invention includes a host device, an encryption device connected to the host device, and having a function of encrypting and outputting a key for decrypting a code, and communicating with the host device. An external storage device for exchanging data, and a function for controlling the exchange of data interposed between the host device and the external storage device; and an encrypted key and an encrypted key before being encrypted from the host device. Receives the key of
A control device having a function of encrypting data from the higher-level device using the key before the encryption.

Further, the information processing system according to the present invention, in the above information processing system, further comprises:
It has a function of storing the encrypted key and the encrypted data in the external storage device.

The file encryption method according to the present invention comprises a host device, a key encryption device connected to the host device, an external storage device for exchanging data with the host device, the host device, A file encryption method in an information processing system comprising an external storage device control device interposed between the external storage devices and controlling transmission and reception of data, wherein the encryption is stored in a storage medium of the external storage device. A first step of reading out an encrypted key, a second step of restoring a key before being encrypted from the encrypted key in the encryption device, and controlling the key before being encrypted in the encryption device. A third step of storing the data in the device, and a fourth step of, in the control device, decrypting the data from the external storage device using the key before being encrypted. Those having.

The information processing system according to the present invention may further comprise an upper device, an encryption device connected to the upper device, having a function of restoring an encrypted key and outputting a key before being encrypted. An external storage device for transmitting and receiving data to and from a higher-level device; a function for controlling data transmission and reception between the higher-level device and the external storage device; and an encryption function stored in the external storage device Receiving the decrypted key and the key before encryption restored from the encryption device, and decrypts the data from the external storage device using the key before encryption. It has a control device having functions.

According to the above-described file encryption method of the present invention, the higher-level device is not involved in complicated processing such as normal data encryption and decryption. The burden is greatly reduced, and the confidentiality of the data stored in the external storage device can be ensured without impairing the throughput of the entire system.

According to the information processing system of the present invention described above, for example, in the encryption function and the decryption function provided in the external storage device, the upper-level device is connected to the higher-level device by an algorithm controlled by a desired raw data key. By encrypting and decrypting data transmitted and received between the external storage device and encrypting and decrypting the raw data key used by the external storage device in an encryption device connected to a higher-level device, The upper device does not need to be involved in complicated processes such as encryption and decryption of data
The burden on the host device involved in data encryption and decryption is greatly reduced, and the confidentiality of data stored in the external storage device can be ensured without impairing the throughput of the entire system.

Further, the raw data key used for encrypting and decrypting data and affecting the confidentiality performance of the data is securely and securely stored by converting the raw data key into a more sophisticated and complicated encryption by an encryption device. Therefore, the confidentiality performance of the entire system can be improved.

Although data redundancy is generally lost by encryption, in the case of the present invention, compression is performed in an external storage device prior to encryption of data coming from a higher-level device. As in the case where normal encryption is not performed, significant data volume reduction can be achieved by effective data compression, efficient use of external storage devices by data compression, and data confidentiality by encryption. Can be achieved at the same time.

Also, by encrypting the data key in the encryption device on the host device side in a complicated manner, the data key is stored on the same recording medium together with ordinary data encrypted in the external storage device based on the data key. The data key and the data encrypted by the data key can be managed safely and easily.

[0028]

DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, an example of a file encryption method and an information processing system according to an embodiment of the present invention will be described in detail with reference to the drawings.

FIG. 1 is a block diagram showing an example of the configuration of an information processing system according to the present embodiment. FIGS. 2 and 3 show examples of the file encryption method and the operation of the information processing system according to the present embodiment. FIG.

First, the configuration of the information processing system according to the present embodiment will be described with reference to FIG.

In the following description, a case of a magnetic tape subsystem will be described as an example of an external storage device constituting an information processing system.

For example, a host device 1 such as a central processing unit in an information processing system such as a computer system has a channel (not shown) for performing an operation of controlling input / output of data with the outside in place of the host device 1. The magnetic tape device 12 is connected to this channel via the magnetic tape control device 2.

The magnetic tape control device 2 controls the transfer of information between the host device 1 and the magnetic tape device 12, and the magnetic tape device 12 controls the actual operation of a storage medium such as a magnetic tape (not shown). An information recording / reproducing operation is performed.

In this case, a data key encryption device 11 that performs the following operation is connected to the host device 1 via a channel (not shown).

The magnetic tape controller 2 has a control memory 10
, A channel interface control unit 3 that controls the exchange of information with the host device 1 under the control of the microprocessor 9, and a magnetic tape device 1.
And a device interface control unit 7 for controlling the exchange of information with the second side.

Further, between the channel interface control unit 3 and the device interface control unit 7, if necessary, compression / expansion processing of data exchanged between the host device 1 and the magnetic tape device 12 is performed. A compression circuit 4 for performing the processing and a buffer 6 for temporarily storing the data are sequentially provided.

The buffer 6 is made of, for example, a semiconductor memory, and forms a well-known storage hierarchy between the high-speed device 1 that operates at a high speed and the magnetic tape device 12 that operates at a relatively low speed. By temporarily storing the data transmitted and received by the host device, a large gap in the operation speed between the host device 1 and the magnetic tape device 12 is absorbed, and the efficiency of data transfer between the two devices is improved. I have.

In this case, between the compression circuit 4 on the channel interface control unit 3 side and the buffer 6 on the device interface control unit 7 side, an encryption adapter 5
A data key storage mechanism 8 accessed by the cryptographic adapter 5 is provided.

The encryption adapter 5 is connected to the host device 1 and the magnetic tape device by a desired algorithm controlled by a raw data key set in the data key storage mechanism 8 from the host device 1 as described later. 12 is encrypted and decrypted.

That is, in the case of the present embodiment, the data arriving from the host device 1 to be stored in the magnetic tape device 12 is once subjected to compression processing by the compression circuit 4 as necessary, The data is encrypted by the encryption adapter 5 and written to the magnetic tape device 12 via the buffer 6 and the device interface control unit 7.

Conversely, when reading the encrypted data stored in the magnetic tape device 12, target data is read from the magnetic tape device 12 to the buffer 6 via the device interface control unit 7. ,
After the read data in the encrypted state is decrypted by the encryption adapter 5, the data is further decrypted by the compression circuit 4 if necessary.
, And is sent to the host device 1 via the channel interface control unit 3.

Hereinafter, an example of the operation of the information processing system according to the present embodiment will be described with reference to FIGS.

First, an example of an operation of writing data sent from the host device 1 to the magnetic tape device 12 will be described.

First, the higher-level device 1 generates a raw data key required for encryption / decryption of data exchanged with the lower-level magnetic tape device 12 in the magnetic tape control device 2, and this key is generated. Given to the attached data key encryption device 11,
Indicates encryption.

It should be noted that the generation of the raw data key is not limited to being performed in the higher-level device 1, but may be performed inside the data key encryption device 11 in accordance with an instruction from the higher-level device 1. Absent.

The data key encryption device 11 receives this and performs complicated and high-level encryption of the raw data key to generate an encrypted data key.

Next, the higher-level device 1 reads the encrypted data key from the data key encryption device 11 via a channel (not shown) or the like, and sends it to the magnetic tape device 12 via the magnetic tape control device 2. An instruction is given to write the encrypted data key in a header portion or the like before a normal data recording area in a loaded magnetic tape medium (not shown).

The host device 1 sends the raw data key to the magnetic tape control device 2 and sets the raw data key in the data key storage mechanism 8 for the microprocessor 9 of the magnetic tape control device 2. To do so.

Although not particularly limited, in the data key encryption device 11, when generating and sending a raw data key to be set in the magnetic tape control device 2, the data key encryption device 11 encrypts the raw data key with the encryption key of the magnetic tape control device 2. The data may be encrypted to such an extent that it can be decrypted by the adapter 5, decrypted into a complete raw data key by the magnetic tape control device 2, and set in the data key storage mechanism 8.

In response to this, after the magnetic tape control device 2 sets the raw data key in the data key storage mechanism 8, the host device 1 transfers the write data to the channel interface of the magnetic tape control device 2 via a channel (not shown). It is sent to the control unit 3.

For data compression, for example, data arriving at the channel interface control unit 3 is first sent to the compression circuit 4 in accordance with an instruction from the microprocessor 9 and subjected to compression processing by a desired algorithm. .

After that, the compressed data is sent to the encryption adapter 5 according to the instruction of the microprocessor 9, and
The encryption adapter 5 performs data encryption according to a desired algorithm controlled by the raw data key set in the data key storage mechanism 8 as described above.

The data which has been subjected to the compression processing and the encryption in this manner are sequentially written to a magnetic tape medium (not shown) loaded in the magnetic tape device 12 via the buffer 6 and the device interface control unit 7.

After completion of the predetermined writing process, the host device 1 instructs the magnetic tape control device 2 to reset the raw data key, and upon receiving the instruction, resets the microprocessor 9 of the magnetic tape control device 2. Performs the erasing process of the raw data key set in the data key storage mechanism 8.

FIG. 2 shows an example of a series of operations of each of the higher-level device 1, the data key encryption device 11, and the magnetic tape control device 2 in the data write process in association with each other.

On the other hand, an example of the read operation of the encrypted data stored in the magnetic tape medium of the magnetic tape device 12 by the host device 1 is as follows.

First, the higher-level device 1 stores the encrypted data key encrypted as described above in the magnetic tape medium loaded in the magnetic tape device 12 with respect to the magnetic tape controller 2. The reading of the header part that is present.

In response to this, the microprocessor 9 of the magnetic tape control device 2 transmits the encrypted data written from the magnetic tape medium of the magnetic tape device 12 to the medium as described above at the time of previous recording or the like. Read the key.

Next, the higher-level device 1 sends the encrypted data key read by the magnetic tape control device 2 to the data key encryption device 11 via the channel, decrypts the encrypted data key, and Is generated.

In response, data key encryption device 11
Performs an operation of performing a decryption process on an encrypted data key to generate a raw data key.

The raw data key thus obtained is transmitted again to the magnetic tape control device 2 via a channel (not shown) in accordance with an instruction from the host device 1, and the magnetic tape control device 2 transmits the raw data key to the data key storage mechanism 8. Set this raw data key.

Although not particularly limited, in the data key encryption device 11, the decryption of the raw data key to be set in the magnetic tape control device 2 from the encrypted data key is performed by the encryption adapter of the magnetic tape control device 2. 5, the data may be kept in an encryption state that can be decrypted, and the magnetic tape control device 2 may decrypt the data into a complete raw data key and set the data in the data key storage mechanism 8.

Next, the higher-level device 1 reads the data encrypted and recorded on the magnetic tape medium loaded in the magnetic tape device 12 as described above to the magnetic tape controller 2. Instruct.

The microprocessor 9 of the magnetic tape controller 2 receiving the instruction instructs the device interface controller 7 to read data.

The data read from the magnetic tape device 12 is temporarily stored in the buffer 6, and thereafter, the encryption adapter 5 reads the encrypted data from the buffer 6 and sends the data to the data key storage mechanism 8. Decryption is performed by an algorithm controlled by the set raw data key.

Thereafter, the data thus decrypted is
For example, in the case of data that has been subjected to compression processing at the time of recording, the microprocessor 9 passes the decoded data through the compression circuit 4, performs decompression processing, and returns uncompressed data.

The restored data is transmitted to the host device 1 via the channel interface control unit 3 in accordance with an instruction from the host device 1.

When the host device 1 completes the process of reading a series of data from the magnetic tape medium of the magnetic tape device 12, the magnetic tape controller 2 instructs the magnetic tape controller 2 according to the instruction of the host device 1. The raw data key set in the data key storage mechanism 8 is reset and deleted.

An example of a series of operations of each of the host device 1, the data key encryption device 11, and the magnetic tape control device 2 in the process of reading data from the magnetic tape device 12 is shown in association with each other. Is shown in FIG.

As described above, according to the file encryption method and the information processing system of the present embodiment, the encryption of data recorded / reproduced on / from the magnetic tape storage medium of the magnetic tape device 12 is performed by magnetic The encryption adapter 5 and the data key storage mechanism 8 provided in the tape control device 2 perform the processing according to a desired algorithm controlled by the raw data key set in the data key storage mechanism 8, so that normal data The host device 1 does not need to be involved in complicated encryption / decryption processing, and an increase in the load on the host device 1 due to data confidentiality can be suppressed.

As a result, a high degree of confidentiality of data in the system can be realized without deteriorating the performance such as the throughput in the host device 1.

The encryption / decryption of the raw data key used for controlling the encryption / decryption of data in the magnetic tape control device 2 is independently performed by the data key encryption device 11 connected to the host device 1. Therefore, the raw data key, which is important for maintaining data confidentiality, is subjected to more complicated and advanced encryption processing than ordinary data, and is strictly managed without concern about a decrease in throughput in the host device 1 or the like. Thus, an information processing system having high confidentiality performance can be realized.

Further, in the magnetic tape control device 2, data compression processing is performed as necessary before data encryption, and therefore, before the data loses redundancy due to encryption, the same as in a normal case is performed. Data can be compressed at a high compression ratio, and both efficient use of the magnetic tape medium loaded in the magnetic tape device 12 by data compression and high data confidentiality by encryption can be achieved. .

Further, the data key encrypted by the data key encryption device 11 by the complicated encryption and the normal data encrypted by the magnetic tape control device 2 based on the data key are encrypted. Can be safely stored on the same recording medium.

As a result, for example, when a large amount of data is encrypted and stored for a long period of time, or when encrypted data is exchanged between a plurality of specific information processing facilities, the data is used. Key management can be performed safely and easily.

Although the invention made by the inventor has been specifically described based on the embodiment, the invention is not limited to the embodiment, and various modifications can be made without departing from the gist of the invention. Needless to say, there is.

For example, in the above description, the case of the magnetic tape subsystem has been described as an example of the external storage device constituting the information processing system. However, the present invention is not limited to this, and another external storage device may be used.

The configuration of the magnetic tape subsystem for encrypting / decrypting data is not limited to the one described in the above embodiment, but may be another configuration as long as the same function can be realized. It goes without saying that this may be done.

[0079]

Advantageous effects obtained by typical ones of the inventions disclosed in the present application will be briefly described.
It is as follows.

That is, according to the file encryption method of the present invention, confidentiality of data exchanged between a higher-level device and an external storage device can be ensured without impairing system throughput in an information processing system. Can be obtained.

Further, according to the information processing system of the present invention, it is possible to secure the confidentiality of data exchanged between the host device and the external storage device without impairing the throughput of the system. The effect is obtained.

Further, according to the information processing system of the present invention, it is possible to obtain the effect that the security of the key for controlling the data encryption algorithm can be secured and the security performance of the entire system can be enhanced. .

Further, according to the information processing system of the present invention, there is obtained an effect that both efficient use of an external storage device by data compression and securing of data confidentiality by encryption can be achieved.

Further, according to the information processing system of the present invention, there is an effect that management of a data key and data encrypted by the data key can be performed safely and easily.

[Brief description of the drawings]

FIG. 1 is a block diagram illustrating an example of a configuration of an information processing system according to an embodiment of the present invention.

FIG. 2 is an explanatory diagram showing an example of an operation of a file encryption method and an information processing system according to an embodiment of the present invention.

FIG. 3 is an explanatory diagram showing an example of an operation of a file encryption method and an information processing system according to an embodiment of the present invention.

[Explanation of symbols]

1 ... host device, 2 ... magnetic tape control device, 3
..Channel interface control section, 4 ... compression circuit, 5 ... encryption adapter, 6 ... buffer, 7 ...
· Device interface control unit, 8 ··· data key storage mechanism, 9 ··· microprocessor, 10 ··· control memory, 11 ··· data key encryption device, 12 ···
Magnetic tape device.

 ──────────────────────────────────────────────────続 き Continuing on the front page (72) Inventor Toshifumi Nishimura 2880 Kozu, Kozuhara, Odawara City, Kanagawa Prefecture Inside the Odawara Plant, Hitachi, Ltd. In-plant (72) Inventor Tokuhiro Tsukiyama 2880 Kofu, Odawara-shi, Kanagawa Prefecture In-house Odawara Plant, Hitachi, Ltd. Inventor Yasuhiro Ishii 1 Horiyamashita, Hadano-shi, Kanagawa Prefecture Inside Kanagawa Plant, Hitachi, Ltd. Person Yasushi Hisayoshi 5030 Totsuka-cho, Totsuka-ku, Yokohama-shi, Kanagawa Hitachi software in the factory (72) inventor Fujio Fujita, Kanagawa Prefecture, Totsuka-ku, Yokohama-shi Totsuka-cho, 5030 address Co., Ltd. Hitachi software in the factory

Claims (6)

[Claims] A host device, a key encryption device connected to the host device, an external storage device that exchanges data with the host device, and an intervening device between the host device and the external storage device. A file encryption method in an information processing system comprising: a control device of an external storage device for controlling transmission and reception of data, wherein a first step of outputting an encrypted key from the key encryption device; A second step in which the control device of the external storage device receives the encrypted key, and in the control device, encrypts the data from the higher-level device using the key before being encrypted. Third
File encryption method comprising the steps of: 2. The file encryption method according to claim 1, further comprising: a fourth step of storing the encrypted key and the encrypted data in a storage medium of the external storage device. Method. 3. An upper-level device, an encryption device connected to the upper-level device and having a function of encrypting and outputting a key for decrypting a code, and an external storage device for exchanging data with the upper-level device And a function of intervening between the higher-level device and the external storage device to control data transmission and reception, receiving an encrypted key and a key before being encrypted from the higher-level device, An information processing system comprising: a control device having a function of encrypting data from the device using the key before the data is encrypted. 4. The information processing system according to claim 3, wherein the control device further has a function of storing the encrypted key and the encrypted data in the external storage device. . 5. An upper device, a key encryption device connected to the upper device, an external storage device for exchanging data with the upper device, and an intervening device between the upper device and the external storage device A file encryption method in an information processing system, comprising: a control device for an external storage device that controls data transmission and reception, wherein a first key for reading an encrypted key stored in a storage medium of the external storage device is provided. A second step of restoring a key before encryption from the encrypted key in the encryption device; and a third step of storing the key before encryption in the control device.
And a fourth step in which the control device decrypts the data from the external storage device using the key before being encrypted, in the control device. 6. A higher-level device, an encryption device connected to the higher-level device and having a function of restoring an encrypted key and outputting a key before being encrypted, An external storage device that performs transmission and reception, and a function of interposing between the higher-level device and the external storage device to control the transmission and reception of data; and a function of reading an encrypted key stored in the external storage device, A control device having a function of receiving a key before encryption restored from the encryption device and performing decryption on data from the external storage device using the key before encryption. Information processing system.