JP2003092567A - System and device for managing file and client terminal - Google Patents

Abstract

PROBLEM TO BE SOLVED: To prevent a person other than a person having his/her original key from reading contents of a file. SOLUTION: A file management system is provided with a one-time information history 22 for issuing new one-time information 100 corresponding to a transmitted file 20 each time a managing device 2 transmits the file 20 to a client terminal 3, issuing new one-time information 100 corresponding to a received file 20 each time the managing device 2 receives the file 20 from the client terminal 3, associating the file 20 received from the client terminal 3 with the one-time information 100, associating the file 20 transmitted to the client terminal 3 with the one-time information 100 and recording the files 20 associated with the one-time information.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a file management system connected by a network.

[0002]

2. Description of the Related Art Heretofore, in order to ensure security, it has been mainly decided by examining individual specifications and performances of hardware, software and the like. Further, the security function of the document management system has conventionally focused on the confidentiality of file access. For example, the database management mechanism is managed to set access rights individually.

[0003]

However, it is difficult to say that the management based on the access right can sufficiently secure the security because the spoofing of the password causes the spoofing. Therefore, the purpose is to prevent the contents of the file from being viewed by anyone who has unique information or who has been authenticated.

[0004]

In order to solve the above-mentioned problems, according to claim 1 of the file management system of the present invention, a file management device for managing a file retrieves and stores the file from a client terminal. In the system, new one-time information corresponding to the file transmitted each time the file is transmitted from the file management device to the client terminal is issued, and received each time the file management device receives the file from the client terminal. One-time information issuing means for issuing new one-time information corresponding to a file, associates the file received from the client terminal with the one-time information, and associates the file transmitted to the client terminal with the one-time information. One-time information history to be recorded as And a 憶 means.

In the above configuration, each time a file is transmitted and received between the file management device and the client terminal, the file management device issues one-time information corresponding to the new file and transmits it to the client terminal. File access can be managed from the history of one-time information issued for each file. Here, the one-time information is issued corresponding to a file and is managed separately from the file, but which file corresponds to can be uniquely (single) identified. In addition, each time a file is transmitted or received between the file management device and the client terminal, the file management device issues new one-time information every time. Furthermore, the file and the one-time information are associated with each other so that it can be known which one-time information corresponds to which file is transmitted or received, and is recorded in the one-time information history of the transmitted and received file.

According to a second aspect, in the file management system according to the first aspect, the one-time information received from the client terminal corresponds to the file received from the client terminal based on the one-time information history storage means. Management means for determining whether or not the one-time information received from the client terminal corresponds to a file to be transmitted to the client terminal.

In the above configuration, the one-time information is transmitted to the file management device when transmitting / receiving the file, and the file management device looks at the history of the one-time information issued corresponding to the file and handles the file properly. The person sends and receives the file by judging whether the person has connected from the client terminal.

According to a third aspect of the present invention, in the file management system according to the first or second aspect, the client terminal stores the one-time information in a portable storage medium.

In the above configuration, at the client terminal, the one-time information is stored in the portable storage medium so that the file handler can carry it, and the client terminal must be the file handler who has the portable storage medium for storing the one-time information. Do not retrieve or save the corresponding file.

According to a fourth aspect of the present invention, in the file management system according to any one of the first to third aspects, the file management device encrypts a file to be transmitted to a client terminal with an encryption key according to a file handler. The client terminal is provided with a decryption means for decrypting the received file with the decryption key of the file handler.

In the above configuration, the file management apparatus encrypts the file according to the person handling the file and sends it to the client terminal. Therefore, the client terminal can only decrypt the file unless the person who handles the file possesses the decryption key. In addition, there is no fear of wiretapping or tampering during transmission / reception.

According to a fifth aspect, in the file management system according to the fourth aspect, the encryption processing means of the file management device provides a file operator who is connected from the client terminal with the one-time information to be transmitted to the client terminal. It is characterized in that it is encrypted with a corresponding encryption key and transmitted.

In the above configuration, the one-time information can be prevented from being stolen by further encrypting it and transmitting it.

According to a sixth aspect of the present invention, in the file management system according to the fourth or fifth aspect, the client terminal stores a decryption key for decrypting a file in a portable storage medium.

In the above configuration, since the decryption key is stored in the portable storage medium at the client terminal, the file can be decrypted only by the file handler who possesses the portable storage medium storing the decryption key.

According to a seventh aspect of the present invention, in the file management system according to any one of the first to sixth aspects, the client terminal is connected to a file handler who connects the file to be transmitted to the file management device from the client terminal. The file management apparatus is provided with an encryption means for performing encryption with an encryption key, and the file management apparatus is provided with a decryption processing means for decrypting a file received from the client terminal with a decryption key according to the file handler. .

In the above configuration, the file handler who possesses the encryption key in the client terminal encrypts the file and sends it to the file management apparatus, and the file management apparatus decrypts the file according to the connected file handler, so that transmission / reception is possible. There is no fear of eavesdropping or tampering.

According to claim 8, in the file management system according to claim 7, the encryption means of the client terminal connects the one-time key transmitted to the file management device from the client terminal to a file handler. It is characterized in that it is encrypted with the encryption key of and transmitted.

In the above configuration, the one-time information can be prevented from being stolen by further encrypting it and transmitting it.

A ninth aspect of the present invention is the file management system according to the seventh or eighth aspect, wherein the client terminal stores an encryption key for encrypting a file in a portable storage medium.

In the above configuration, since the encryption key is stored in the portable storage medium at the client terminal, the file can be encrypted only by the file handler who possesses the portable storage medium storing the encryption key.

According to a tenth aspect of the present invention, in the file management system according to any of the seventh to ninth aspects, the client terminal searches for a plaintext file stored in the client terminal and encrypts it with an encryption key at any time. It is characterized by being converted and stored.

In the above configuration, since the client terminal always searches for the plain text and encrypts it, those who do not have the decryption key cannot use the file remaining on the client terminal.

[0024] According to claim 11, in the file management system according to any one of claims 1 to 10, the one-time information and the MAC address of the client terminal are associated with each other.

In the above configuration, since the MAC address and the one-time information are associated with each other, it is possible to limit the client terminals to be connected.

According to a twelfth aspect of the present invention, in the file management system according to any one of the first to eleventh aspects, based on an access right management table for managing the access right of each file of a file handler connected from the client terminal. , Receiving a file from the client terminal and transmitting the file to the client terminal.

In the above configuration, one-time information and encryption /
It can be handled more safely by managing the file access right in combination with compounding.

According to a thirteenth aspect of the present invention, the file management device that manages the file retrieves and stores the file, and the file is received from the file management device each time the file is received from the file management device. One-time information storage for receiving corresponding one-time information and receiving one-time information corresponding to the file transmitted to the file management device each time the file is transmitted to the file management device, and storing the received one-time information Means for storing a file corresponding to the one-time information from the file management apparatus and transmitting a file corresponding to the one-time information to the file management apparatus. One-time information transmission for transmitting time information to the file management device And means.

In the client terminal having the above-mentioned structure, each time a file is transmitted to and received from the file management device, one-time information is transmitted to the file management device, and the file is transmitted and received after certifying that it is a valid file handler. .

According to a fourteenth aspect, in the client terminal according to the thirteenth aspect, the one-time information storage means is a portable storage medium.

In the client terminal having the above structure, the one-time information is stored in the portable storage medium so that the file handler possesses it, and it is applicable unless the file handler possesses the portable storage medium storing the one-time information. Disable the retrieval and storage of the files that you want to save.

According to a fifteenth aspect, in the client terminal according to the thirteenth or fourteenth aspect, a plaintext file stored in the client terminal is searched and encrypted with an encryption key stored in a portable storage medium at any time. And an encryption means for performing the same.

In the above configuration, since the plain text is always encrypted and stored on the client terminal, a file that is not a legitimate file handler cannot be handled.

In the sixteenth aspect, the thirteenth to fifteenth aspects are provided.
In any one of the client terminals described above, the encrypted file on the client terminal is provided with a decryption unit that decrypts with the decryption key stored in the portable storage medium.

In the above configuration, the encrypted ciphertext on the client terminal cannot be handled unless it is a valid file handler who has the decryption key stored in the portable storage medium.

According to a seventeenth aspect of the present invention, there is provided a file management device which manages a file so that the file can be retrieved and stored from the client terminal, and a new file corresponding to the file transmitted every time the file is transmitted to the client terminal Issuing one-time information and issuing new one-time information corresponding to the received file each time the file is received from the client terminal, a file received from the client terminal and the one-time information And a one-time information history storage unit for associating and recording the file transmitted to the client terminal and the one-time information,
Based on the one-time information history storage means, it is determined whether the one-time information received from the client terminal corresponds to the file received from the client terminal, and the one-time information received from the client terminal is transferred to the client terminal. Management means for determining whether or not the file corresponds to the file to be transmitted is provided.

In the file management device having the above configuration, each time a file is sent and received between client terminals, the file management device issues one-time information corresponding to a new file and sends it to the client terminal to handle the file. It records the history of one-time information issued and manages file access.

In the eighteenth aspect, the file management apparatus according to the seventeenth aspect further comprises encryption processing means for encrypting a file to be transmitted to the client terminal with an encryption key corresponding to a file handler connected from the client terminal. Is characterized by.

In the above configuration, the file is made the client terminal so that the file can be decrypted only by the authorized file handler.

According to a nineteenth aspect, in the file management apparatus according to the seventeenth aspect or the eighteenth aspect, the encrypted file is received from the client terminal and decrypted by the decryption key according to the file handler connected from the client terminal. It is characterized in that it is provided with a decoding processing means for converting into a code.

In the above configuration, the file is encrypted and received by the legitimate file handler so that it cannot be eavesdropped.

According to a twentieth aspect, in the file management apparatus according to any one of the seventeenth to nineteenth aspects, the file reception from the client terminal and the file transmission to the client terminal are performed by the file connected from the client terminal. It is characterized in that it is managed based on an access right management table that manages the access right of each file to the handler.

In the above configuration, one-time information and encryption /
It can be handled more safely by managing the file access right in combination with compounding.

[0044]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS A first embodiment according to the present invention will be described below with reference to the drawings. As shown in FIG. 1, the file management system 1 according to the first embodiment includes a file management device 2, a client terminal 3, and a network 4.
It is composed of

The file management device 2 has a function of storing the file 20 and allowing a file handler (hereinafter referred to as a user) to connect from the client terminal 3 to retrieve and store the file 20. Further, the file management device 2 has a file 2 which is transmitted / received with the client terminal 3.
The one-time information 100 corresponding to 0 is issued, and the one-time information 10 is sent to the client terminal 3 together with the file 20.
It has a function of transmitting 0. Also, one-time information 10
0 has a function of recording a one-time information history in the log file 22 as to which file it corresponds to.

The client terminal 3 retrieves the file 20 from the file management device 2 and stores it in the client terminal 3. The client terminal 3 also stores the one-time information 100 received from the file management device 2 in the portable storage medium 31. Further, it has a function of transmitting the one-time information 100 extracted from the portable storage medium 31 when transmitting / receiving the file 20 to / from the file management device 2.
The client terminal 3 may be configured to carry the file 20 as a portable terminal.

Further, the file 20 is configured to be encrypted and transmitted / received between the file management device 2 and the client terminal 3.

The file 20 includes not only character data but also graphic data, sound data and the like.

Here, the term "encryption" means that the meaning of information is normally lost by performing encryption processing using a key.
Decryption, on the other hand, refers to returning to the original with the key corresponding to the encryption. In addition, plain text refers to information that is not encrypted.

The one-time information (hereinafter referred to as a one-time key) 100 is issued in correspondence with the file 20 and can uniquely identify the file.

Further, as shown in FIG. 2, the one-time key 100 sends the file 20 to the file management device 2 to store the file 20 in the file management device 2 (FIG. 2), and then the file 20 The one-time key (1) 100 corresponding to is transmitted from the file management device 2 (in FIG. 2). The one-time key (1) 100 is moved to and stored in the portable storage medium 31. Same file 20
When taking out the one-time key 100 stored in the portable storage medium 31, the one-time key 100 is transmitted to the file management device 2 (see FIG. 2), and the one-time key (1) 100 issues the one-time key 100 issued last time. Time key (1) 10
If it is 0, the file 20 is transmitted to the client terminal 3. After sending the file 20, a new one-time key 1
00 is issued and transmitted to the client terminal. Each time the file 20 is transmitted and received in this way, the client terminal 3
It has a function to prove that the user connected from is a legitimate user.

The file management device 2 has a function of storing the file 20 used by the client terminal 3 in an internal large-capacity storage unit, and transmits the corresponding file 20 to the client terminal 3 in response to a request from the client terminal 3. With function.

Further, the file management device 2 does not simply store and retrieve the file 20 received from the client terminal 3, but rather the access right management table 2 describing access restrictions on the file 20.
1 is used for management.

Therefore, a specific configuration of the file management device 2 according to the present embodiment will be described. FIG. 3 is a functional block diagram of the file management device 2 of this embodiment. In the file management device 2, an access right management table 21 that manages the access right of each file of the user, a document storage unit 23 that manages the file 20 and its log file 22, and an encryption key and a decryption key of the user are issued. Key issuing unit 24, management unit (management unit) 25, one-time key issuing unit (one-time information issuing unit) 26, and encryption / decryption processing unit 2
7 and the client terminal 3 to communicate with.

The document storage unit 23 stores the encrypted file 2
0 is stored, and the log file 22 is stored according to each file 20. In addition, when transmitting to the client terminal, the file 20 is encrypted according to the user, and only the legitimate user can decrypt the file 20 into plaintext using the correct key and use it. Also, the plaintext file 20 may be stored together with the encrypted file 20.

Each file 20 stored in the document storage 23 is stored together with the log file 22. The log file 22 stores a history of users who have accessed each file 20 and a one-time key (one-time information) history 220 which is a history of the one-time key 100 (one-time information history storage means).

The key issuing unit 24 issues a public key and a secret key according to each user by using an encryption key method such as a public key encryption method, and manages the public key and the secret key under a predetermined security policy. In the public key cryptosystem, this public key and private key are used as an encryption key and a decryption key. The encryption / decryption key is preferably managed by an asymmetric cryptosystem such as a public key cryptosystem, but can also be managed by a symmetric cryptosystem according to the operation method.

The management unit 25 uses the access right management table 2
The function of checking whether the user has the authority to access the file 20 by referring to 1 and the file 20 requested by the user and the user by referring to the log file 22 of each file 20 and the access right management table 21 The file 20 is transmitted and received only when the user is an authorized user of the file 20 from the received one-time key 100.

Further, the management unit 25, when transmitting / receiving (transmitting and receiving) the file 20 to / from the client terminal 3,
One-time key 10 corresponding to the transmitted / received file 20
0 is issued and the one-time key 100 is sent to the client terminal 3.
To send. When the client terminal 3 requests transmission / reception of the same file 20 next time, the one-time key 100 is received from the client terminal 3 and is the user valid as compared with the previously issued one-time key 100? It has a function to confirm.

Further, the management unit 25 uses the one-time key 1
Both 00 and the user are checked to determine whether the file can be accessed. Therefore, when the user who uses the file 20 is changed, the user who is currently using the file 20 can be configured to change the user who accesses the file 20 by notifying the file management device 2 of the change of the user. Is.

Furthermore, in the management unit 25, the MAC address (Medi) attached to the communication unit of the client terminal 3 is added.
a Access Control Address) together with the one-time key 100 to manage the hardware of the client terminal (personal computer, portable personal computer, mobile phone, or other communication unit). Is also possible. At this time, in the log file 22,
The MAC address may be stored together with the one-time key 100.

The one-time key issuing unit 26 issues a unique one-time key each time there is a transmission / reception request for storing or retrieving the file 20 from the client terminal 3. The one-time key is issued by using a function, for example. The one-time key 100 is sent to the client terminal 3 every time it is sent and received, and the new one-time key 1 is added to the log file 22.
Record 00.

In the encryption / decryption processing unit 27, an encryption key for managing the file 20 and the one-time key 100, etc., transmitted / received between the client terminal (hereinafter, referred to as login) and the client terminal 3 are managed by the key issuing unit 24.・
An encryption processing unit (encryption processing means) 271 that encrypts with a decryption key
And a decoding processing unit (decoding processing means) 272 for decoding. The encryption / decryption is performed according to the record that the user has accessed the log file 22 and the client who has logged in.

Next, the client terminal 3 will be described. The client terminal 3 has a file edit processing function of editing and browsing the file 20, a function of transmitting the created file 20 to the file management device 2 and storing the created file 20 in the file management device 2, and an encryption and encryption of the file 20. It has a decoding function. In addition, the file 20 is always encrypted and stored in the client terminal 3 except when performing file editing processing such as file editing and browsing.

Therefore, a specific configuration of the client terminal 3 will be described. FIG. 4 is a functional block diagram of the client terminal 3. The client terminal 3 has a file edit processing unit 32 for editing and browsing the file 20.
An encryption / decryption unit 33 that encrypts / decrypts the file 20, the one-time key 100, etc., a communication unit 34 that transmits / receives to / from the file management device 2, a portable storage medium connection unit 35 that connects to the portable storage medium 31, And a one-time key transmission unit (one-time information transmission means) 36.

The portable storage medium 31 stores the one-time key 100 sent from the file management device 2 when the file 20 is sent. Usually, this portable storage medium 31
Is owned by a user who is detached from the client terminal 3 and has the authority to use the file 20, and is used by connecting to the client terminal 3 when storing or retrieving the file 20 managed by the file management device 2 from the client terminal 3. Is.

Further, the portable storage medium 31 has a decryption key for decrypting the encrypted file 20 received from the file management device 2 so that the client terminal 3 can perform file editing processing such as editing and browsing. To store. Except when the file is edited or browsed on the client terminal 3, the file is removed from the client terminal 3 and owned by the user.

Further, the portable storage medium 31 stores an encryption key for transmitting the encrypted file 20 to the file management device 2. With this encryption key, the file 20 edited or viewed in plaintext is encrypted and the client terminal 3
Store in a storage medium such as the above hard disk.

The portable storage medium 31 is a memory stick,
These are IC cards, CD-ROMs, CD-RWs, FDs (flexible disks) and the like.

The encryption / decryption processing unit 33 encrypts the file 20 and the one-time key 100 by using the encryption key stored in the portable storage medium 31 (encryption means).
331, and a decryption unit (decryption means) 332 that decrypts using the decryption key stored in the portable storage medium 31. The encryption / decryption processing unit 33 is often provided as a dynamic library or a static library, and is located between the operating system and the application. Alternatively, it may be provided as a system call.

The decryption unit 332 has a function of decrypting the file 20 received from the file management device 2 into a plain text and delivering it to the file edit processing unit 32. The file edit processing unit 32 is an application or the like activated on the client terminal 3.

The encryption unit 331 is the client terminal 3
When the power is turned on, when the operating system is started, when the application is started, when the application is shut down, and when an error occurs, the plain text remaining on the client terminal 3 is searched and the key stored in the portable storage medium 31 is used. And sequentially encrypt. Alternatively, the plaintext is searched during application startup and sequentially encrypted.

Further, when the one-time key 100 stored in the portable storage medium 31 is transmitted / received to / from the file management device 2, the one-time key 100 is encrypted by the encryption unit 331 and transmitted to the encryption unit 331. The decrypting unit 332 has a function of decrypting the one-time key 100.

The portable storage medium connection unit 35 has a function of extracting and storing the one-time key 100 and the key for encryption / decryption from the portable storage medium 31, and the portable storage medium 31 is a USB. Read / write is performed via a port, Bluetooth, serial port, RS232C, etc.

Further, the one-time key transmitting unit 36 transmits the encrypted one-time key 100 in connection with the transmission / reception of the file 20. Furthermore, the one-time key 100 is
It is also possible to configure so that the MAC address attached to the communication unit of the client terminal 3 is transmitted together.

FIG. 5 shows an example of the access right management table 21. The access right 212 corresponding to the file name 211 of the file is recorded for each file.

The storage process and the extraction process of the file 20 will be specifically described below. FIG. 6 shows a file 20
FIG. 3 is a conceptual diagram showing the concept of the storage processing of and the extraction processing from the client terminal 3. 7 to 11 are flowcharts showing the storage process of the file 20 and the extraction process from the client terminal 3. The case where the file 20 and the one-time key 100 are encrypted / decrypted by the public key method will be described below as an example.

From the client terminal 3, the user A selects "Sa
An example of extracting and storing "mple1.doc" will be described. Note that, here, as shown in FIG. 6, the access right management table 21 indicates “User (A) RW, User (B) RW, User”.
(C) R ”indicates that user A can read / write, user B can read / write, and user C can read only. User A logs in to the file management device 2 from the client terminal 3 (S100). The file management device 2 authenticates the user A (S120) and permits the login if the user is a valid user.

Next, the logged-in user A requests the file 20 of "Sample1.doc" from the file management device 2 (S101). When the file 20 of "Sample1.doc" is taken out for the first time, an initial code is generated and transmitted to the file management device (S102). This initial code is issued by the client terminal 3 so as to be unique by a random function or the like. Therefore, the file management device 2 has the management unit 2
In step 5, since it is known from the initial code that this is the first access, it is confirmed by referring to the access right management table 21 whether the user A can access “Sample1.doc” (S121). Here, the user A is “User (A) RW”
The public key (A) of the user A managed by the key issuing unit 24 after determining that the data can be transmitted to the client terminal 3.
Then, "Sample1.doc" is encrypted and transmitted to the client terminal 3 (S122, see FIG. 6). In addition, the transmission to the user A is recorded in the log file 22 of "Sample1.doc" (S123).

Therefore, the file management device 2 displays "Sample1.
The one-time key 100 (1) corresponding to "doc" is issued by the one-time key issuing unit 26, encrypted by the public key (A) managed by the key issuing unit 24, and transmitted to the client terminal 3 (S124). . Also, the one-time key (1) 100 is recorded in the log file 22 of "Sample1.doc" (S
125).

At the client terminal 3, "Sample1.do
c ”and the one-time key 100 is received (S102), the one-time key 100 is transferred to and stored in the portable storage medium 31 such as a memory stick via the portable storage medium connection unit 35 such as a USB port. (S103), log off (S104). In addition, the decryption unit 332 of the encryption / decryption processing unit 33 transfers “Sample1.doc” to the portable storage medium 31.
The plain text decrypted by using the private key (A) 101 stored in the file is edited or browsed by the file edit processing unit 32 (S105). The one-time key encrypted and transmitted from the file management device 2 with the public key (A) is decrypted with the secret key (A) at the client terminal 3.

Normally, in the client terminal 3, the user carries the portable storage medium 31 such as a memory stick by removing it from the client terminal 3 except when editing or browsing the file 20 or connecting to the file management device 2. To do. In other words, only the user who possesses the portable storage medium 31 that stores the key for decryption can read "Sample1.
It is possible to edit and browse "doc".

Next, a case where the file 20 is stored in the file management device 2 from the client terminal 3 will be described. The user A logs in from the client terminal 3 (S140), and the file management device 2 authenticates the user A (S160) and permits the login even if it is a valid user. Therefore, the one-time key 100 stored in the portable storage medium 31 from the client terminal 3 is encrypted with the secret key (A) and transmitted to the file management device 2, and the file 20 is stored in the file management device 2 (S14).
1). First, the management unit 25 of the file management device 2 refers to the access right management table 21 to check the access right of the user A, and confirms whether the user A is writable (S161).

Further, the management unit 25 of the file management device 2
Then, the one-time key (1) 100 recorded in the log file 22 of “Sample1.doc” and the encrypted one-time key 100 received from the client terminal 3 are decrypted by the public key (A) of the user A. And confirms that they match (S162). If they do not match (S163), an error occurs (S165). If they match (S16)
3) request the client terminal 3 to send "Sample1.doc" (S164), and the client terminal 3 sends "Sample1.doc"
User A who has stored "1.doc" in the portable storage medium 31.
File management device 2 encrypted using the private key (A) of
(S142). In the file management device 2,
"Sample1.doc" is stored in the document storage unit 23 (S16).
6). Further, it is recorded that the file 20 received from the user A is stored in the log file 22 of "Sample1.doc" (S167).

In the file management device 2, when the storage is completed, the one-time key issuing unit 26 issues a new one-time key (2) 100 (S168), and the public key (A) managed by the key issuing unit 24. And one-time key 100 (2)
Is encrypted and transmitted to the client terminal 3. Also,
The one-time key 100 is recorded in the log file 22 of "Sample1.doc" (S169).

The client terminal 3 receives the one-time key (2) 100 (S143) and sends the one-time key 1
00 is moved to and stored in the portable storage medium 31 via the portable storage medium connection unit 35 such as a USB port (S14).
4) and log off (S145).

Next, a case where the same file 20 is extracted again will be described. User A logs in to the file management device 2 from the client terminal 3 (S200). The file management device 2 authenticates the user A (S22
0) Even a valid user permits login.

Therefore, the one-time key 100 stored in the portable storage medium 31 is encrypted from the client terminal 3 with the secret key (A) and transmitted to the file management apparatus 2 (S201), and the logged-in user A makes a file. Request the file 20 of "Sample1.doc" from the management device 2 (S
202).

Therefore, the file management device 2 has the management unit 25.
Then, it is confirmed whether the user A can access "Sample1.doc" by referring to the access right management table 21 (S22).
1). Here, it is determined that the user A can transmit to the client terminal 3 of “User (A) RW”.

Further, the management unit 25 of the file management device 2
Then, it is confirmed whether the one-time key (2) 100 recorded in the log file 22 of "Sample1.doc" and the one-time key 100 received from the client terminal 3 match (S222). If they do not match (S223),
An error occurs (S225).

Further, "Sample1.doc" is encrypted with the public key (A) of the user A managed by the key issuing unit 24 and transmitted to the client terminal 3 (S224). In addition, the encrypted public key (A) and the fact that it was sent to user A are displayed in "Sample1.
It is recorded in the log file 22 of "doc" (S226). Hereinafter, as described in the flowchart of FIG.
The same processing as S106 and S124 to S125 is performed.

As described above, it is possible to access the file 20 by confirming whether the one-time key 100 issued at the previous logoff and the one-time key 100 transmitted from the client terminal 3 at the next login match. .

Next, the operation of the client terminal 3 alone will be described. In the client terminal 3, in order to extract the key stored in the portable storage medium 31 for encryption, the encryption unit 331 of the encryption / decryption processing unit 33 further performs the decryption stored in the portable storage medium 31. The key is taken out and decrypted by the decryption unit 332 of the encryption / decryption processing unit 33.

When the file edit processing unit 32 edits a file, the encryption / decryption processing unit 33 is always called, and the file encrypted by the encryption / decryption processing unit 33 is passed to the file edit processing unit 32 as a plaintext. The encrypted file received from the file management device 2 and stored on the client terminal, or the file edited on the client terminal 3 is encrypted when stored again on the client terminal 3. There is.

The file 20 edited by the file edit processing unit 32 is always called from the file edit processing unit 32 to the encryption unit 331 of the encryption / decryption processing unit 33 to be encrypted and stored on the client terminal 3. It is preferable to encrypt only the changed portion of the file being edited so that it can be stored at any time.

In the client terminal 3, in order for the user A to repeatedly perform the encryption / decryption in the file edit processing section 32 for editing, the public key method allows the secret key and public key of the user A to be portable. It should be stored in the storage medium 31. Further, except when the file 20 is used in the file edit processing section 32, the portable storage medium 31 is isolated from the client terminal 3 and is owned by the user A, and the portable storage medium is used only when the file 20 is used in the file edit processing section 32. The medium 31 is connected.

Also, a plaintext file stored in the client terminal is periodically searched, and if detected, it is encrypted as needed. The plaintext search is performed by energizing the encryption unit 331 of the encryption / decryption processing unit 33 when the power is turned on, when the operating system is started up, when the application is started up, when the application is shut down, or when an error occurs, and the plaintext is searched for.
That is, when the encryption / decryption processing unit 33 is in the middle of storage on the client terminal 3 due to a malfunction of the application or the operating system, or when the encryption / decryption processing unit 33 is stored in a state before being called, the plaintext is displayed. It may remain. Therefore, as described above, the plaintext file is searched at every timing, and if detected, it is encrypted as needed.

As described above, the client terminal 3
In order to edit or browse the file 20, the key for encryption / decryption stored in the portable storage medium 31 is always required, so that a person who does not have the key cannot use the file.

The key for encrypting / decrypting the file on the client terminal may be the same as the key used when transmitting / receiving with the file management device, or the key for encrypting / decrypting on the client terminal. May be another.

In the first embodiment, the case where the same user accesses the file 20 has been described, but in the second embodiment, the case where the user A and the user B access the same file 20 will be described with reference to FIG. This will be explained using the conceptual diagram of. Since the configuration is the same as that described in the first embodiment, detailed description will be omitted.

The case where the user B retrieves and uses the file 20 stored by the user A will be described. First,
User A logs in from the client terminal 3. Therefore, the one-time key (1) 100 stored in the portable storage medium 31 owned by the user A is transmitted to the file management device 2, and the file 20 is stored in the file management device 2. The file management device 2 confirms whether the file 20 can be changed from the access right management table 21, the one-time key (1) 100, and the log file 22 of the corresponding file 20 and stores it (S240). In the file management device 2, the one-time key (2) 100 corresponding to the stored file 20 is issued, and the user A receives it at the client terminal 3 (S241). Further, the one-time key (2) 100 is recorded in the log file 22 corresponding to the file 20 (S242).

In order to make the file 20 available to the user B, the user A notifies the file management device 2 of the change of the user (S243). File management device
In step 2, user B receives this notification and this file 2
Access right management table 21
Check with. If the user B has the access right to the file 20, the user of the file 20 is changed. User changes may be recorded in the log file 22 (S
244).

Further, the user A transfers the decrypted one-time key (2) 100 to the user B (S245). The user B logs in from the client terminal 3, transmits the one-time key (2) 100 to the file management device 2, and requests transmission of the file 20 (S246). File 2
0 decrypts what the user A encrypted with the private key with the public key of the user A, further encrypts it with the public key (B) of the user B, and sends it to the user B.

As described above, when the user who accesses the file is changed, the change of the user is notified, and the one-time key 100 received from the user is further notified.
The file 20 can be accessed after confirming that they match.

In the above-described embodiment, the file management device 2
In the above, the case has been described in which the public key according to the user is used for encryption / decryption to transmit / receive data, but in the third embodiment, the public key according to the user is transmitted to another user for management. The case will be described. Since the configuration is the same as that described in the first embodiment, detailed description will be omitted.

In the third embodiment, as shown in FIG. 13, when the encrypted data (file, one-time key, etc.) of user A is sent to user B, the public key (A) of user A together with the data is sent. Can be attached. Also,
It is preferable that the user A's public key (A) attached is also encrypted. User B decrypts with user A's public key (A).

The one-time key 100 issues a new one-time key 100 for each transmission and reception and records it in the log file 22 of the corresponding file 20 for management, as in the above-described embodiment.

As in the above-described embodiment, the access right management table 21 is checked and the file 20 is taken out and stored.

Further, a fourth embodiment will be described. Since the configuration is the same as that described in the first embodiment, detailed description will be omitted. In the fourth embodiment,
As shown in FIG. 14, when the data is passed from the user A to the user B, the user A receives the public key (B) of the user B, encrypts it with the public key (B) of the user B, and then the file management apparatus 2 To the user B. User B decrypts with user B's private key (B). Further, it is preferable that the public key (B) of the user B is also encrypted and transmitted to the user A.

The one-time key 100 issues a new one-time key 100 for each transmission and reception and records it in the log file 22 of the corresponding file 20 for management, as in the above-described embodiment.

Further, as in the above-described embodiment, the access right management table 21 is checked and the file 20 is taken out and stored.

As described above in the first to fourth embodiments, not only the method of operating the public key / secret key, but the operation can be performed so that the received data can be decrypted only by the corresponding user. .

An asymmetric encryption method such as a public key method is preferable in order to prevent theft, but a symmetric encryption method may be used. In the symmetric encryption method, a key is issued for each user, and the same key is stored by the file management device 2 and the user.
In the file management device 2, the file 20 is encrypted and transmitted / received according to the connected user. Further, the client terminal 3 uses a key of each user to perform encryption / decryption to perform file editing processing and transmission / reception of data (file, one-time key, etc.).

Although the encryption of the file 20 has been described above by taking the public key method as an example, another encryption method may be used.

[0115] Also, the case where the data is encrypted and transmitted / received in order to prevent wiretapping that occurs during transmission / reception has been described. However, if there is no fear of wiretapping while being transported on the network, a one-time key is used. You can also use to manage only file access. For example, when using a VPN (Virtual private network) or the like, it is possible to use a one-time key to manage only file access.

Further, it is preferable to store the file in the file management device 2 in an encrypted form in order to prevent hacking, but it may be stored in plain text.

The issued encryption / decryption key is preferably stored in a portable recording medium by each user and stored in a state of being isolated from the terminal, but it may be stored in the client terminal. .

Further, together with the one-time key 100, the MAC of the client terminal 3 from the client terminal 3
It is also possible to limit the device that uses each file 20 by transmitting the address together. That is, when the file 20 of the file management device 2 is accessed, the MAC address may be checked together with the check of the one-time key 100, and if the MAC addresses do not match, it may be managed so that the file cannot be accessed.

Further, a new one-time key 100 is transmitted from the file management device 2 to the client terminal 3 when logging off, and this one-time key 1 is transmitted when logging in.
The case has been described where 00 is transmitted from the client terminal 3 to the file management device 2 to manage access to the file 20. However, the one-time key is issued not only at the login / logoff timing but also after the file 20 is accessed (transmitted or received) by issuing a new one-time key 100 by the file management device 2 and transmitting it to the client terminal 3. It is sufficient that the one-time key 100 can be transmitted from the client terminal 3 to the file management device 2 before the access (transmission or reception) of the file 20 to manage the access to the file 20.

As for the association between the file and the one-time key, the example in which the history of the one-time key is stored in the file management device 2 has been described, but the one-time key may include file information. Alternatively, the file may include one-time key information.

Further, as shown in FIG. 15, the file management device 2 may be divided into a certificate authority server 2 ′ for key issue management and a file management server 2 ″ for file storage.

[0122]

As described above in detail, according to the present invention, the file managed by the file management device is obtained by removing the one-time key stored in the portable storage medium from the portable terminal and carrying it. In order to access the portable terminal from the portable terminal, the portable storage medium cannot be accessed unless the portable terminal is connected to the portable terminal. Also, when files are taken out or stored, they are encrypted and transmitted / received, so there is no fear of eavesdropping or tampering.

Furthermore, even when an encrypted file is always stored and carried around in a portable terminal, the key for encryption is stored in a portable storage medium and is carried away in isolation from the file. Others will not be able to see your files if they are stolen or lost.

[Brief description of drawings]

FIG. 1 is a schematic configuration diagram of a file management system.

FIG. 2 is a diagram for explaining a function of one-time information.

FIG. 3 is a functional block diagram of a file management device.

FIG. 4 is a functional block diagram of a client terminal.

FIG. 5 is an example of an access right management table.

FIG. 6 is a conceptual diagram (No. 1) for explaining file storage processing and file extraction processing.

FIG. 7 is a flowchart (part 1) of file storage processing and file extraction processing.

FIG. 8 is a flowchart (part 2) of file storage processing and file extraction processing.

FIG. 9 is a flowchart (part 3) of file storage processing and file extraction processing.

FIG. 10 is a flowchart (part 4) of file storage processing and file extraction processing.

FIG. 11 is a flowchart (No. 5) of file storage processing and file extraction processing.

FIG. 12 is a conceptual diagram (part 2) for explaining file storage processing and file extraction processing.

FIG. 13 is a diagram (No. 1) for explaining a method of operating a key for encryption / decryption.

FIG. 14 is a diagram (part 2) for explaining a method of operating a key for encryption / decryption.

FIG. 15 is a diagram for explaining an example of the configuration of a file management device.

[Explanation of symbols]

1 File management system 2 File management device 3 client terminals 4 network 20 files 21 Access Right Management Table 22 log files 23 Document Storage Department 24 Key issuing department 25 Management Department 26 One-time key issuing department 27 encryption / decryption processing unit 28 Communications Department 31 Portable storage medium 32 file editing processor 33 encryption / decryption processing unit 34 Communications Department 35 Portable storage medium connection unit 36 One-time key transmitter 271 Cryptographic processing unit 272 Decoding processing unit 331 Cryptographic unit 332 decryption unit

─────────────────────────────────────────────────── ─── Continuation of front page (51) Int.Cl. ⁷ Identification code FI theme code (reference) G06F 17/30 120 G09C 1/00 660D G09C 1/00 660 H04L 9/00 673D H04L 9/08 601A 673A F Terms (reference) 5B017 AA03 BA07 BA09 BB09 CA16 5B075 KK07 KK13 KK33 KK37 KK43 KK54 KK63 ND23 ND40 PR03 UU05 UU40 5B082 EA07 FA11 GA11 5B085 AA08 AE03 AE12 AE23 AE29 BA14 NA04A01 BB03 A02 A07 BA02 NA03A07

Claims (20)

[Claims] 1. A file management system that retrieves and stores files from a client terminal to a file management device that manages files, the file management system corresponding to a file transmitted every time the file management device transmits a file to the client terminal. One-time information issuing means for issuing new one-time information and issuing new one-time information corresponding to the received file each time the file management device receives the file from the client terminal; A file management system comprising: a one-time information history storage means for associating a file with the one-time information, and for associating and recording the file transmitted to the client terminal and the one-time information. 2. The file management system according to claim 1, wherein the one-time information history storage means determines whether the one-time information received from the client terminal corresponds to a file received from the client terminal. The file management system includes a management unit that determines whether the one-time information received from the client terminal corresponds to a file to be transmitted to the client terminal. 3. The file management system according to claim 1, wherein the client terminal stores one-time information in a portable storage medium. 4. The file management system according to claim 1, wherein the file management device encrypts a file to be transmitted to the client terminal with an encryption key according to a file handler connected from the client terminal. A file management system comprising: an encryption processing unit for converting the received file into a decryption unit for decrypting the received file with a decryption key of the file handler. 5. The file management system according to claim 4, wherein the encryption processing means of the file management device uses one-time information to be transmitted to the client terminal with an encryption key according to a file operator connected from the client terminal. A file management system characterized by being encrypted and transmitted. 6. The file management system according to claim 4, wherein the client terminal stores a decryption key for decrypting a file in a portable storage medium. 7. The file management system according to claim 1, wherein the client terminal encrypts a file to be transmitted to the file management device with an encryption key of a file handler connected from the client terminal. Equipped with encryption means to
The file management system, wherein the file management device includes a decryption processing unit that decrypts a file received from the client terminal with a decryption key according to the file handler. 8. The file management system according to claim 7, wherein the encryption means of the client terminal encrypts a one-time key transmitted to the file management device with an encryption key of a file handler connected from the client terminal. A file management system characterized by transmitting after converting. 9. The file management system according to claim 7, wherein the client terminal stores an encryption key for encrypting a file in a portable storage medium. 10. The file management system according to claim 7, wherein the client terminal searches for a plaintext file stored in the client terminal, and encrypts the plaintext file at any time to store the file. A file management system characterized by. 11. The file management system according to claim 1, wherein the one-time information and the MAC address of the client terminal are associated with each other. 12. The file management system according to any one of claims 1 to 11, wherein from the client terminal, based on an access right management table that manages the access right of each file of a file handler connected from the client terminal. A file management system for receiving a file and transmitting the file to the client terminal. 13. A client terminal for extracting and storing a file in a file management device that manages the file, wherein one-time information corresponding to the file received from the file management device each time the file is received from the file management device. Receiving one-time information corresponding to the file transmitted to the file management device each time the file is transmitted to the file management device and storing the received one-time information; The one-time information stored in the one-time information storage means is used for receiving the file corresponding to the one-time information from the management device and transmitting the file corresponding to the one-time information to the file management device. A client equipped with a one-time information transmitting means for transmitting to the management device. Ianto terminal. 14. The client terminal according to claim 13, wherein the one-time information storage means is a portable storage medium. 15. The client terminal according to claim 13 or 14, further comprising an encryption means for searching a plaintext file stored in the client terminal and encrypting the plaintext file with an encryption key stored in a portable storage medium at any time. A client terminal comprising: 16. The client terminal according to claim 13, further comprising a decryption unit that decrypts an encrypted file stored in the client terminal with a decryption key stored in a portable storage medium. A client terminal characterized by the above. 17. A file management device that manages a file so that the file can be retrieved and stored from a client terminal, and new one-time information corresponding to the file transmitted every time the file is transmitted to the client terminal. Issued,
One-time information issuing means for issuing new one-time information corresponding to a received file each time a file is received from the client terminal, and a file received from the client terminal and the one-time information are associated with each other, and the one-time information is sent to the client terminal. A one-time information history storage unit that records the transmitted file and the one-time information in association with each other, and a file that the one-time information received from the client terminal is received from the client terminal based on the one-time information history storage unit A file management device comprising: management means for determining whether or not the one-time information received from the client terminal corresponds to a file to be transmitted to the client terminal. 18. The file management device according to claim 17, further comprising encryption processing means for encrypting a file to be transmitted to the client terminal with an encryption key according to a file handler connected from the client terminal. File management device. 19. The file management device according to claim 17 or 18, wherein an encrypted file is received from the client terminal and decrypted with a decryption key according to a file handler connected from the client terminal. A file management device comprising processing means. 20. The file management device according to claim 17, wherein reception of a file from the client terminal and transmission of the file to the client terminal are performed by each file handler connected from the client terminal. A file management device that manages a file access right based on an access right management table.