JP2002215028A - Method, system and program for managing security of gene information - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a method, system and program for properly managing DNA information, especially gene information, considering the two contradictory issues of social utilization of gene information and protection of privacy of an individual. SOLUTION: Gene information of an individual is managed with a cipher system by a cryptographic key generated from the individual's own DNA information.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method and system for managing security of genetic information using DNA information of an individual.

[0002]

2. Description of the Related Art The human body is composed of about 50 trillion cells. Each cell has one cell nucleus having a diameter of about 5 microns and a plurality of mitochondria and the like, and about 3 billion base sequences are stored as digital information in the cell nucleus. Hereinafter, this base sequence is referred to as DNA information.

[0003] The base sequence has four bases as elements.
These four bases have the acronym A for each base.
(Adenine), G (guanine), C (cytosine), T
(Thymine). DNA information is also considered to be a cipher text using these four base characters, which is why it is also called a genetic code.

[0004] The basic sequence of DNA information is the same regardless of the cell of any part of the human body, and it is life-long.

[0005] In actual DNA information, the base sequence shown in FIG.
And they are in pairs.

The number of STR repetitions, which will be described later, that is, the number of repetitions of a four-base character of STR, is a pair of information per locus. One of the pair of information has inherited DNA information from the father and the other has inherited DNA information from the mother. For example, the person's S about the TH01 sitting position that is used most in forensic examination
When the number of times of TR repetition is examined, information of two numbers is obtained as in (11 times, 13 times). Each numerical value is obtained by inheriting one piece of information from the number of STR repetitions of the father and the mother.

In FIG. 3, a region indicated by G (hereinafter referred to as G)
G area),

(Equation 1) Is a portion generally referred to as genetic information and refers to a protein coding region. The amount of information is from several tens of bases to several thousands of bases.

[0008] Gene information is a set of three bases corresponding to amino acids, and these constitute a plurality of sets of information, which are information related to the structural design of the human body, such as the three-dimensional structure and control of proteins. ing. For example, base sequences such as ATG (start command) and TGA (stop command) are control information.

[0009] On the other hand, GT (protein non-coding region) is a base sequence called an intron, and a portion said to be unrelated to the structural design of a protein is included between genetic information. At present, only a part of the G region has completely elucidated the three-dimensional structure and function of the protein.

Although it is said that there are 100,000 regions of G ₁ , G ₂ , G ₃ , etc., it is considered that the presence of further new genes will be discovered as the analysis of gene functions proceeds in the future. Can be

[0011] As described above, DNA information, especially gene information, is absolute privacy information of an individual. If used properly, it will become an absolute personal identification ID, and as medical information it will also be the basic information for investigating the underlying etiology and performing the treatment and pharmaceutical affairs associated with it, but if applied incorrectly, personal dignity Will cause blasphemy of privacy.

[0012]

SUMMARY OF THE INVENTION However, DNA
The environment for using the information is DNA as shown in FIG.
The way of information management of information must be thoroughly discussed from the contradictory viewpoints of social utilization and privacy protection of individuals, but it is difficult to say that it is implemented at present, so DNA There is a need to establish a concept on how to manage information.

[0013] On the other hand, as social utilization of DNA information,
Although there is information for treatment information in the medical field, personal identification and appraisal information such as criminal investigations and confirmation of missing persons in the forensic field, we will disclose the information under some conditions and distribute DNA information in the future. If not, DN
A problem has also been pointed out that it is not possible to effectively utilize the information A.

The present invention has been made in view of the above-mentioned problems, and has been made in consideration of the two conflicting problems of social utilization and protection of personal privacy, and is a gene capable of appropriately managing DNA information, particularly gene information. It is an object to provide an information security management method, a system and a program therefor.

[0015]

In order to achieve the above-mentioned object, the invention according to claim 1 of the present invention uses an encryption method using an encryption key generated from DNA information of an individual. The point is to manage.

According to the first aspect of the present invention, security management is performed using an encryption (encryption / decryption) key generated from an individual's genetic information from the individual's DNA information.

According to a second aspect of the present invention, there is provided a security management method for managing genetic information of an individual, wherein an encryption key and a decryption key are generated from personal identification information included in DNA information of the individual, and The gist is that the gene information is encrypted by the encryption key, and the decryption is managed by an encryption method for decrypting the information by the decryption key.

According to the present invention, the genetic information of the individual is encrypted by using an encryption key generated from the personal identification information included in the DNA information of the individual, and the personal identification information included in the DNA information is decrypted upon decryption. The security management is performed by using the decryption key generated from the information.

According to a third aspect of the present invention, when the genetic information is obtained from the DNA information of the individual, the personal identification information included in the intergenic region of the DNA information is also collected, and the personal identification information is obtained from the personal identification information. The gist is to generate a public key of the public key and use the generated public key for confirmation of the individual.

According to the third aspect of the present invention, a public key of the individual is generated from the personal identification information included in the intergenic region of the DNA information, and the generated public key is used for identification of the individual. As a result, accidental or intentional replacement or impersonation of the person can be prevented.

The gist of the invention according to claim 4 is to generate a secret key from personal DNA information and to digitally sign all or part of the DNA information using the secret key.

According to the present invention, the DNA of an individual is
Security management is performed by digitally signing all or part of the DNA information using a secret key generated from the information.

According to the invention of claim 5, when distributing the genetic information of an individual, a digital signature incorporating the DNA information of the individual is created, and only the genetic information with the created digital signature is distributed. That is the gist.

According to the present invention, the DNA of an individual is
The security management is performed by creating a digital signature in which the information is embedded and distributing only the genetic information to which the created digital signature is assigned.

According to a sixth aspect of the present invention, when personal genetic information is transmitted from a medical institution to a related institution via a communication line, the information is encrypted with a public key of the relevant institution and transmitted.
The related institution decrypts the encrypted information with a private key corresponding to the public key, and only when the transmitted genetic information is digitally signed using the genetic information, The gist of the present invention is to prepare a response to the inquiry concerning the genetic information, encrypt the information with the public key of the medical institution, and return it to the medical institution.

According to the sixth aspect of the present invention, the encrypted information is decrypted with a secret key corresponding to the public key, and the gene information is used for the gene information transmitted via a communication line, for example, the Internet. Only when a digital signature has been made, create a response to the inquiry related to the genetic information from the medical institution and encrypt it,
Security management is performed by replying via a communication line, for example, the Internet. In this context, related institutions are medical institutions (such as specialized hospitals) different from the source medical institution, and higher-level institutions such as the public central hospital, the Red Cross Hospital, and university hospitals that have advanced medical equipment and technologies. An institution, or a university or research institution.

An encryption key is generated from personal identification information included in DNA information of an individual, and security management of the genetic information of the individual is performed using the encryption key.

According to a seventh aspect of the present invention, there is provided a security management system for genetic information when personal genetic information is transmitted from a medical institution to a related institution via a communication line. Each public key is registered in advance at a public key registration / certification institution, the genetic information is given a digital signature indicating the consent of the individual, and the medical institution sends the public key of Means for obtaining from the public key registration / certification institution, means for encrypting and transmitting the genetic information to be transmitted with the obtained public key, and secreting the received and encrypted information corresponding to the public key of the medical institution. Means for decrypting the information with a key, wherein the related organization decrypts the encrypted information with a secret key corresponding to the public key of the relevant organization, and checks the digital signature of the genetic information. Means for preparing an answer to the inquiry about the genetic information from the medical institution only when the digital signature is confirmed, and obtaining the public key of the medical institution from the public key registration / certification institution. And a means for encrypting the response information to be transmitted with the obtained public key and transmitting the encrypted response information.

According to the seventh aspect of the present invention, security management is performed by encrypting the transmission and reception and responding to the inquiry about the genetic information from the medical institution only when the digital signature is confirmed. In addition,
A digital signature for genetic information that is made in advance is an agreement for appropriate items such as transmission of genetic information and disclosure to the destination, and the signature time is before or after encryption of the transmitted genetic information. Either is acceptable.

[0030] The invention according to claim 8 is a security management program for genetic information when personal genetic information is transmitted from a medical institution to a related institution via a communication line. Each public key is registered in advance at a public key registration / certification institution, and the genetic information is given a digital signature indicating consent to the transmission of the individual, and the medical institution sends the relevant related institution to the relevant institution. Obtaining the public key from the public key registration / certification institution, enciphering the genetic information to be transmitted with the obtained public key, and transmitting the enciphered genetic information to the relevant institution. Receiving the encrypted information and decrypting it with a private key corresponding to the public key of the relevant organization, and a digital signature (presence or content of the genetic information) ) (Before or after decryption), a procedure for creating a response to the inquiry about the genetic information from the medical institution only when the digital signature is confirmed, and a public disclosure of the medical institution A procedure for obtaining a key from the public key registration / certification institution, a procedure for encrypting and transmitting response information to be transmitted with the obtained public key, and a step of: And a procedure for decrypting with a secret key corresponding to the public key.

Specifically, for the medical institution, a procedure for obtaining the public key of the related institution as the transmission destination from the public key registration / certification institution, and a step of encrypting the genetic information to be transmitted using the obtained public key. Providing a program including a step of encrypting and transmitting the encrypted answer information with a secret key corresponding to the public key of the medical institution, and transmitting the encrypted response information to the relevant organization. Receiving the encrypted information transmitted from the medical institution and decrypting it with a secret key corresponding to the public key of the relevant institution, and before or after decrypting the presence or content of the digital signature of the genetic information A step of confirming later, a step of preparing a response to the inquiry about the genetic information from the medical institution only when the digital signature is confirmed, and a step of registering the public key of the medical institution with the public key. · And procedures to obtain from a certificate authority, will provide individual program that includes a procedure for encrypting and transmitting the answer information to be transmitted with the public key that you obtained.
Therefore, these programs exist independently and are distributed.

According to the eighth aspect of the present invention, security management is performed by encrypting the data at the time of transmission and reception and responding to the inquiry about the gene information from the medical institution only when the digital signature is confirmed. In addition,
A digital signature for genetic information that is made in advance is an agreement for appropriate items such as transmission of genetic information and disclosure to the destination, and the signature time is before or after encryption of the transmitted genetic information. Either is acceptable.

Further, a security management program for genetic information when personal genetic information is transmitted between a medical institution and a related institution via a communication line is described. In addition to registering in advance with a registration and certification organization, the genetic information is given a digital signature indicating consent to the transmission of the individual, and when decoding the genetic information encrypted with the public key of the transmission destination, The computer may be made to execute a procedure for confirming the digital signature added to the genetic information and a procedure for decrypting the digital signature with the private key corresponding to the public key only when the digital signature is confirmed. Thereby, security management is performed by answering the inquiry about the genetic information from the medical institution only when the digital signature is confirmed upon encryption during transmission and reception.

[0034]

Embodiments of the present invention will be described below with reference to the drawings.

FIG. 1 is a block diagram showing a schematic configuration of a security management system to which a security management method for genetic information according to an embodiment of the present invention is applied.

Before describing the security management system, an outline of DNA information and gene information which are the premise thereof will be described. First, referring to the schematic diagram shown in FIG.
The outline of the portion of the NA information according to the present invention will be described.

In FIG. 3, an area indicated by L,

(Equation 2) Is a region called STR (Short Tandem Repeat) (hereinafter simply referred to as STR), which is a region in which a four-character base sequence is usually repeated several times to several tens of times (here, the number of regions is approximately There are various theories regarding the number, such as 5000, but 100,000). The number of repetitions is referred to as the STR repetition number, and is used as personal identification information in the present embodiment because there is a significant difference between individuals. There are thousands or more loci with DNA repeat sequences such as STR in the human body, but 16 loci actually used for identification have been put to practical use.
This relies on the development of enzyme reagents corresponding to each STR locus.

Each locus is given a name specifying its location. For example, TH01, which is most often used in forensic examination, is used.
STR locus, the repeated nucleotide sequence is AAT
G.

Next, the outline of gene information is shown in Tables 1 and 2.
This will be described with reference to FIG.

First, a classification table of the human genome for human DNA information is shown in Table 1 (note: in the table, b of Mb is a base (ba).
se))).

[0041]

[Table 1] As shown in Table 1, the genetic information (G region shown in FIG. 3)
The base sequence is a general term for a part related to the production of a protein, as it is called a design drawing of a human body. Table 2 summarizes these information attributes.

G _A1 is genetic information common to the main human being, which is a part corresponding to the basic design of the human body.
Most of the genetic information is included here.

G _A2 is a portion of genetic information that varies depending on the ethnic group, and corresponds to the fact that attributes such as skin color and hair color vary depending on the race.

It is assumed that G _A1 + G _A2 is G _A.

G _B1 is genetic information that differs depending on the family, and is a part indicating an attribute unique to the family.

_GB2 is genetic information completely unique to an individual.

[0047] The G _B1 + G _B2 and G _B.

G _C is genetic information of a disease caused by a genetic factor.

Here, the information security management is performed.
Gene information is included in individual privacy information in Table 2.
The area to which it belongs, that is, the family-specific area (G_B1), Personal unique area
(G _B2) And etiological information (G_C) Part.

[0050]

[Table 2] These areas of G _B + G _C are to be kept secret from the nature of the information, and are information that should be strictly secured based on the basic policy of the ethical guidelines. It becomes a security management target part.

On the other hand, for the portion of G _A (G _A1 and G _A2 ), that is, the genetic information common to all human beings and the portion having ethnic specificity, the genome database of the university research institution is already available on the Internet. As disclosed above to the world, information should be effectively shared and used as a common property of mankind in the future, so it is a part of information non-security management in this embodiment.

Hereinafter, the area of G _B + G _C (the part targeted for information security management) is simply referred to as gene information unless otherwise specified.

Next, with reference to FIGS. 1 and 2, a security management system and a program for supporting the above-described genetic information security management will be described.

Here, the medical institution D ₁ is assumed to be a doctor's office or the like. Other personal computer (PC) 11 for medical institution D _1, a database (DB) 13, IC
Card read / write (R / W) device 15 and patient D
A biological information input device 19 for collecting and analyzing NA information is installed and connected to a personal computer (PC) 11. Database 13 of this medical institution D ₁
Has a local system and program that manages patient genetic information as an extension of the clinic's medical record information management. The database 13 of the management system and the program mainly manages the etiological information (G _C ) of the patient.

CA is a public key registration / authentication institution that can handle registration and authentication of a public key in which biometric information is embedded. The public key registration / certification authority CA centrally manages all public keys related to encryption systems used in the present system and programs. Therefore, the public key registration and certification organization CA
Maintains interfaces with all the organizations listed in (1) and issues public keys with certificates in response to inquiries from each.

D ₂ is a higher-ranking institution of the medical institution D ₁ and has a comprehensive gene diagnosis function. For example, D ₂ is a comprehensive hospital equipped with advanced medical equipment and technology such as a public central hospital, the Red Cross Hospital, and a university hospital. This is a medical institution. If medical institution D ₁ it is determined as required undiagnosable of highly difficult genetic diagnosis in software diyne, with the consent of the patient, feeding the patient's genes to comprehensive medical institution D ₂ of the upper engine, diagnostic And request a prescription. The contents of the database DB of the overall medical institution D ₂ is G _C is the center, where a large also has a G _A and G _B.

Lab is a university or a research institution (hereinafter simply referred to as a research institution), equipped with a full-scale genome database,
Further appropriate by other universities and research institutes or comprehensive medical institution D ₂ of the databases and genome databases and networks, connected to search, and has a configuration it is possible to obtain information. The genome database of such a research institute Lab collects and accumulates not only G _A , G _B , and G _C but also abundant information on clinical cases in a searchable state as appropriate.

General Medical Institution D_TwoCollaborates with research institute Lab
Inquiries about rare SNPs and
Exchange information such as providing floor examples. However, here G_B,
G _CIt is a rule that anonymity should be managed.

M is a machine that manufactures and supplies drugs such as pharmaceutical manufacturers
Seki (hereinafter simply referred to as pharmaceutical manufacturer). Drug discovery research
Pharmaceutical maker M is comprehensive in addition to its own database DB
Medical institution D_TwoAnd research institutes Lab, and paid and free information exchange
Exchange. Medical institution D ₁Inquiry of drug administration
However, at this time, too, the individual-specific information of the gene with the patient's consent was obtained.
To get the medication information. Research Labs and Pharmaceuticals
G accumulated by maker M_BAnd G_CMust be kept anonymous
Is the condition. For the anonymization protocol, see here
I will not explain it.

RA shown in FIG. 3 indicates a biological information collecting and registering organization which collects and registers DNA information from a user, and based on the registered DNA information, the user establishes a public key. And registers the public key with the public key registration and certification organization CA. Note that this biological information collection and registration organization RA
The function of may be such that the above-mentioned medical institution D ₁ , general medical institution D _2, research institution Lab or the like acts as a proxy to collect biological information from the user and register it with the public key registration / authentication institution CA. .

In FIG. 1, the directional arrows indicate the network connection of each institution. In principle, all communication is performed using the public key cryptosystem, and the communication is performed using the public key of the other party and decrypted using the private key. In this embodiment, the use of the Internet is assumed. However, in addition to the Internet, any communication method and communication line such as a LAN or a public network or a wireless network can be used.

The digital signature may be before or after the encryption or decryption processing. For example, an encrypted digital signature obtained by encrypting only the digital signature with the secret key of the principal (source) is applied to the DNA information of the principal, and the whole (encrypted digital signature and DNA information) is further encrypted with the public key of the destination. After transmission, the transmission destination may decrypt with the private key of the transmission destination, and further decrypt the encrypted digital signature with the public key of the transmission source, and confirm whether or not there is consent or tampering of the person, Alternatively, the digital signature may be decrypted first, and if the consent of the individual is not confirmed, the decryption of the DNA information may not be performed.

The processing procedure will be described below with reference to FIGS.

Step S1: Creation and Registration of Public Key First, creation of a public key will be described. This public key is not created at the time of consultation at a doctor's office, etc., after the user has been affected, but the encryption key (private key / public key) is normally set beforehand.
Is created and recorded on the IC card 17.

First, the user goes to the biological information collecting organization RA and requests the user to collect the DNA information of the user. The collection manager of the biological information collection organization RA strictly performs identity verification using a passport or driver's license brought by the user, and then collects the user's own biological information.

Collection of this DNA information (step S11)
In this method, DNA information is collected, analyzed, and registered by rubbing the inner wall portion of the oral cavity of the user with a cotton swab and processing the oral cells attached to the cotton swab with the biological information input device 19.
Collection and analysis of DNA identification information is performed, for example, by PCR (Polyme
This is carried out by the equation (rase Chain Reaction), and counts the number of all repeats (allele) in a specific base sequence of DNA, specifically, a DNA repeat sequence such as STR. Here, as the number of patterns increases, the identification power improves, but the cost and the number of operations also increase. Therefore, in the present embodiment, 11 arbitrary patterns are selected from the 16 patterns described above, and 11 patterns are repeated. (One pair for each pattern, for example, the above-mentioned (11 times, 13 times)) is counted, but if there are 8 or more patterns, there is no practical problem.

The STR related to the disease is not used for protecting privacy. Further, these processing times currently require a maximum of three hours, but it is expected that real-time analysis will be possible in the future.

Next, an encryption key (private key / public key) is generated from the collected and analyzed DNA information with the consent of the individual (step S13) and recorded on the IC card 17.
The DNA information of the individual, specifically, STR information as personal identification information is embedded in the public key.

Thereafter, the created public key is sent to the public key registration and certification organization CA, and the public key is registered with the public key registration and certification organization CA (step S15).

[0070] Step S3; the person of genetic information collecting Then, the user who visited the medical institution D _1, the patient is specifically herein, to bring the IC card 17 generated in step S1. That is, at the time of individual consent, which will be described later, a personal signature (specifically, a digital signature based on STR information that is personal identification information) is performed using the IC card 17. In the security management system and its program according to the present embodiment, a method of leaving a proof of the consent by signing the consent of the individual using the IC card 17 (hereinafter, also referred to simply as "obtaining consent" may be used). is there).
In addition, in order to thoroughly use this confirmation method, it is necessary to state that it is illegal to handle genetic information of an individual without a signature.

After the consultation and medical treatment, steps S21 and S2
In 3, in the same manner as in step S11, after obtaining the consent of the individual about the collection of genetic information, the collection of genetic information is performed.

After the collection, an inquiry is made (step S2).
5), consent of the person about the propriety of the query of the public key to the comprehensive medical institution whether and, if necessary, public key registration and certification authority CA of the transfer of genetic information to the D ₂ of the higher-level institutions on the basis of further inquiry result (Step S2)
7). After obtaining the consent, the public key registration / certification institution CA is queried for the public key, and the genetic information is encrypted with the public key of the individual and stored in the in-hospital database DB (step S29). The query results are returned to the medical institution D ₁ of the transmission source (step S31).

When collecting the DNA information in steps S21 and S23, the DNA information is
STR information for personal identification together with the genetic information is also collected. The STR information is a basis for generating a public key in step S1 described above. Therefore, if the public key on the IC card 17 presented by the person can be generated from the personal identification information collected in steps S21 and S23, that is, if the same is authenticated by the public key registration and certification organization CA, the medical institution doctor of D ₁ is able to confirm that the user (the collection's) is an IC card holder of regular.

Further, at the medical institution D ₁ , when recording and storing the user's own genetic information, it is encrypted and stored using the user's public key. At this time, the decryption may require the IC card 17 containing the secret key of the person, so that even the doctor in charge agrees with the person, that is, the presentation of the IC card 17 or the use of the IC card 17. Without authentication, the genetic information of the individual cannot be checked, further ensuring security. In actual application, it is necessary to further consider the balance with the feasibility.

Also, a secret key is generated from the user's own DNA information, and all or a part of the DNA information, for example, genetic information is signed using the generated secret key, and a so-called digital watermark is inserted. Alternatively, the identity (right holder / owner) of the DNA information or the genetic information may be clarified, or the distribution status thereof may be monitored to perform security management.

[0076] Step S5; transfer and treatment methods query Subsequently upper engine in step S41 to step S45 of genetic information to related agencies, for example, comprehensive medical institution D ₂ or research institutions Lab
After obtaining the public key of the organization from the public key registration and certification organization CA and encrypting it using the obtained public key,
Send the person's genetic information and inquire about the treatment method.

General medical institution D ₂ or research institute Lab
Decrypts the transmitted encrypted information using its own private key corresponding to the public key, confirms the content, and creates a response such as a treatment method. At the time of this response, the medical institution receives the digital information from the medical institution only when a digital signature using the genetic information indicating the consent of the patient is added to the transmitted genetic information, specifically, when the IC card 17 is used for the signature. In response to the inquiry regarding the genetic information, a response may be created. The security management using the encryption and the digital signature can be similarly applied to the following processes.

When returning the response, the public key of the source medical institution D ₁ is obtained from the public key registration / certification institution CA, and the response is returned after encrypting using the obtained public key. I do. Medical institution D ₁ is to make sure the contents are decrypted by using its own secret key corresponding to the public key. The confirmation of the content at this time may be performed with the consent of the inquired genetic information person.

Based on the answer to the inquiry result, step S
In steps 47 and 49, the same information is similarly encrypted and transmitted to the pharmaceutical manufacturer M, and a pharmaceutical inquiry is performed. Further, the patient is asked for consent to the treatment based on the obtained information, and if the consent is obtained, treatment (including gene therapy) is performed (steps S51 and S53). Communication of such genetic information, etiological information, pharmaceutical information, and the like is performed by encryption using a public key cryptosystem.

[0080] Step S7; when viewed treatment cases provide therapeutic effects on agencies, medical institutions D ₁ is requested to register the treatment cases the upper engine. At this time, it is necessary to obtain the consent of the individual for providing the information. The fact that the person has actually agreed is confirmed by the person himself signing the genetic information digitally. As a result, the treatment case is registered in the upper institution, the general medical institution D ₂ , the research institution Lab, or the pharmaceutical manufacturer M (steps S55 to S6).
1).

As described above, the present invention relates to the subject's D
Since the security management of the individual's genetic information is performed using a secret key / public key generated from the NA information, it is possible to protect one's secret with one's own secret.

Next, the encryption technique used in this embodiment will be briefly described.

1. Collection of DNA information and generation of secret key / public key α _A : DNA-ID of principal A δ _A : = α _A + γ _A → secret key of principal A (γ
_A is the secret random number of A) Y _A : = g ^{δ A} modp → Principal A's public key → Public key registration / registration with the certification authority The encryption / decryption and signing method of the plaintext at the time of encrypted communication is as follows.
Adopt ElGamal encryption system. Note that p is a large prime number and g
Is a primitive element in the multiplicative group Z _p. The right side is a discrete logarithm, and it is difficult to calculate δ ^A from Y if p is large even if g ^{δ A} = Y is made public due to the property of the one-way function. (Okamoto and Yamamoto, "Modern Cryptography" No. 118-1
(19 pages, Sangyo Tosho, June 1997) Cryptosystems a) Digital signature M ₌ L security management system in the embodiment | G B | Gc S = D (δ A, M) where, L: STR information _{G B:} unique personal genetic information,
Gc: Personal pathogenesis Information [delta] _A: The secret key of A, S: Digital Signature, D: decoding function b) decrypting _{M = E (Y A, S} ) _{where, Y} A: A public key, E: Encryption Function c) collecting at identification L _| G B _| Gc _| (to produce more _{α a L, Y a '=} g δ a + YA mo
Calculate dp. If match is _{Y A} 'to _{Y A} recorded in the IC card authentication OK (biometrics authentication)) d) encrypting _{C = E (Y A, M} ) decoding M = D (δ _A, C Here, Y _A and δ _A indicate the public key and secret key of A, respectively.

As described above, in this embodiment, DN
A public key of the individual is generated from the personal identification information included in the intergenic region of the A information, and the generated public key is used for identification of the individual. This makes it possible to prevent accidental or intentional replacement or spoofing of the person, so that the intention of the person, such as a so-called surveillance examination at the time of enrollment in life insurance or a newborn baby or a patient at the time of surgery, can be prevented. Even in the case where it is difficult to confirm the identity, the identity of the identity can be surely confirmed while protecting the genetic information of the identity.

The security management program for genetic information as described above is usually provided via communication.
It is distributed, but it may be provided by being recorded on a recording medium or distributed in the form of a recording medium.

In the above embodiment, the STR is used for the personal identification information, but the present invention is not limited to this. For example, mitochondria provide the energy needed to produce proteins in cells,
There is other DNA information similar to that in the cell nucleus. Among them, the part with one base difference between individuals (SNPs: Si
Ngle Nucleotide Polymorphisms) is also being studied for use as personally identifiable information. Such S
NPs may be used.

[0087]

As described above, according to the present invention,
The DNA information of the user himself is embedded in the encryption key, and when the consent using this encryption key is obtained, the genetic information of the user can be used, so the social use of the genetic information and the protection of personal privacy It is possible to appropriately manage DNA information, especially gene information, while taking into account the two conflicting issues.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a schematic configuration of an embodiment of a security management system to which a security management method for genetic information according to the present invention is applied.

FIG. 2 is a sequence diagram showing a processing flow in the security management system shown in FIG.

FIG. 3 is a diagram schematically showing DNA information.

FIG. 4 is a diagram illustrating a relationship between an ethics index and information security management.

[Explanation of symbols]

DESCRIPTION OF SYMBOLS 11 Personal computer 13 Database (DB) 15 IC card read / write (R / W) device 17 IC card 19 Biological information input device CA Public key registration / authentication organization D ₁ Medical institution D ₂ General Medical Institution Lab Research Institution M Pharmaceutical Manufacturer

 ──────────────────────────────────────────────────続 き Continued on the front page F term (reference) 5B017 AA03 BA07 BB09 CA00 5J104 AA09 LA03 LA06 MA02 MA06 NA02 NA35 NA36 NA37 PA00 PA07 PA14

Claims (8)

[Claims] 1. A security management method for genetic information, wherein genetic information of an individual is managed by an encryption method using an encryption key generated from DNA information of the individual. 2. A security management method for managing genetic information of an individual, comprising: generating an encryption key and a decryption key from personal identification information included in DNA information of the individual; A method for managing security of genetic information, wherein encryption is performed using a key, and decryption is managed using an encryption method that decrypts using the decryption key. 3. When obtaining genetic information from DNA information of an individual, personal identification information included in an intergenic region of the DNA information is also collected, and a public key of the individual is generated from the personal identification information. And using the generated public key to confirm the individual. 4. A secret key is generated from personal DNA information,
A security management method for genetic information, wherein a digital signature is applied to all or part of the DNA information using the secret key. 5. A gene characterized in that, when distributing genetic information of an individual, a digital signature incorporating the DNA information of the individual is created, and only the genetic information with the created digital signature is distributed. Information security management method. 6. When transmitting genetic information of an individual from a medical institution to a related institution via a communication line, the medical institution encrypts and transmits the information using the public key of the relevant institution, and the related institution transmits the encrypted information. Is decrypted with the secret key corresponding to the public key, and only when the transmitted genetic information is digitally signed using the genetic information, A security management method for genetic information, wherein a response is created, encrypted with a public key of the medical institution, and returned to the medical institution. 7. A security management system for genetic information when transmitting personal genetic information from a medical institution to a related institution via a communication line, wherein the medical institution and the related institution publish their respective public keys. In addition to registering the genetic information in advance with a key registration / certification institution, the genetic information is given a digital signature indicating the consent of the individual, and the medical institution registers the public key of the related institution of the transmission destination with the public key registration / authentication. Means for obtaining from a certification organization, means for encrypting and transmitting genetic information to be transmitted with the obtained public key, and means for decrypting received and encrypted information with a private key corresponding to the public key of the medical institution Having a means for decrypting the encrypted information with a secret key corresponding to the public key of the related organization, a means for confirming a digital signature of the genetic information, Means for preparing a response to the inquiry related to the genetic information from the medical institution only when the signature is confirmed,
A genetic information security management system comprising: means for obtaining a public key of the medical institution from the public key registration / certification institution; and means for encrypting and transmitting response information to be transmitted with the obtained public key. . 8. A security management program for genetic information when transmitting personal genetic information from a medical institution to a related institution via a communication line, wherein the medical institution and the related institution disclose their respective public keys. The genetic information is registered in advance with a key registration / certification institution, and the genetic information is given a digital signature indicating consent for transmission of the individual, and the public key of the relevant institution of the transmission destination is disclosed in the medical institution. A procedure for obtaining from a key registration / certification institution, a procedure for encrypting the genetic information to be transmitted with the obtained public key and transmitting it to the related institution, and an encrypted information transmitted from the medical institution in the related institution. Receiving the relevant information and decrypting it with the private key corresponding to the public key of the relevant organization, confirming the digital signature of the genetic information, and verifying the digital signature. A procedure for preparing a response to the inquiry about the genetic information from the medical institution only when approved, a procedure for obtaining the public key of the medical institution from the public key registration / certification institution, and the obtained public key Causing the computer to execute a procedure of encrypting and transmitting the reply information to be transmitted in the medical institution, and a procedure of decrypting the received encrypted reply information with a secret key corresponding to the public key of the medical institution at the medical institution. A security management program for genetic information, characterized in that: