JP2003114828A - Communication terminal device and information protection method therefor - Google Patents

Abstract

PROBLEM TO BE SOLVED: To protect the information stored in the inner part of a communication terminal device when it is taken off from an owner. SOLUTION: When the communication terminal device 100 is taken off from a user by theft or loss, authentication information and a request related to protection of information data are transmitted from an information data protection request device through a network 200. A communication means 110 receives the request related to protection of information data and the authentication information and transmits them to an information data processing means 130. The information data processing means 130 transmits the authentication information to an authentication means 140 to ask the authentication of the information data protection request device. The authentication means 140 performs the authentication of the information data protection request device and transmits the result to the information processing means 130. The information processing means 130 erases, when the validity of the information data protection request device is confirmed, the information data stored in an information data storage means 120 according to the request related to protection of information data to protect the information data from reading.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a communication terminal device and an information protection method thereof, and more particularly to a communication terminal device which is connected to a predetermined network to send and receive information data and an information protection method thereof.

[0002]

2. Description of the Related Art In recent years, mobile phones and PHS (Personal H
andy-phone System) terminals, electronic notebooks and personal digital assistants (PDA: Personal) equipped with communication functions via mobile radio.
Portable communication terminal devices such as digital assistants) or notebook type personal computers have become widespread.

Such a communication terminal device is downsized and lightened, can be easily carried, and is used as a personal property. The owner carries the communication terminal device in a pocket, a bag, or the like and carries it with him or her to talk on the way or to input / output data. The communication terminal device has a storage means such as a memory for storing various information data together with the communication means, and in many cases, personal information of the owner is stored therein. For example, a mobile phone or PHS terminal is provided with a telephone directory function, in which personal information that the owner's family and friends or work-related telephone numbers and email addresses do not want to be known to others is stored. It is often done. In addition, various types of personal information or confidential information can be stored in the electronic notebook and PDA.

An information terminal device, such as an information terminal device installed in an office, which is supposed to be shared by a plurality of people, accesses highly confidential information such as personal information stored in the device. If so, a mechanism is provided to protect the information, such as requiring the system to enter the password so that only those who enter the correct password can see the information. On the other hand, the communication terminal device is mainly used as a property of an individual and is not rented or borrowed to another person, so that it often has no function for protecting the stored personal information. The communication means of the communication terminal device is the same whether it is wireless or wired.

[0005]

Many of the conventional communication terminal devices do not have a function for protecting stored personal information, so that the communication terminal device has come into the hands of others against the will of the owner. In this case, there is a problem that the information stored inside cannot be protected.

Since communication terminal devices, especially portable communication terminal devices, can be easily carried around, they may be stolen in the middle of movement, inadvertently lost or misplaced, which is contrary to the owner's will. There is a high possibility that it will be transferred to the hand of another person, and secret information such as personal information stored in the device can be seen by another person, and there is a high risk of misuse. However, at present, there is no means to protect the information stored therein.

As described above, as a method of protecting the stored information, there is a method of protecting it by using a password. However, when the owner himself holds it,
It is inconvenient because you have to enter the password after each use. Therefore, even if such a function is provided, it is difficult to use it under the present circumstances.

Even if the communication terminal device is protected, for example, if the communication terminal device is in the hands of another person, it is undeniable that the information may be retrieved by some means. The present invention has been made in view of the above circumstances, and a communication terminal device and an information protection method therefor capable of protecting information stored therein when the communication terminal device leaves the owner's hand. The purpose is to provide.

[0009]

According to the present invention, in order to solve the above-mentioned problems, in a communication terminal device which is connected to a predetermined network and transmits and receives information data, an address peculiar to the device which is determined by a protocol of the predetermined network. A communication unit which is connected to the predetermined network by using the communication unit and which transmits and receives arbitrary information data to and from another device; and an information data storage unit which stores and holds predetermined information data among the information data, In the case where the authenticity of the information data protection requesting device is confirmed by the authenticating means for authenticating the information data protection requesting device that has made a request for protection of the information data acquired via the communication means, The predetermined information data stored in the information data storage means in response to a request for protection of the information data. Communication terminal apparatus comprising: the information data processing means for protecting the reading and, is provided.

In the communication terminal device having such a configuration, the information data storage means stores predetermined information data including the personal information of the user, etc., and the communication means is connected to a predetermined network to communicate with other devices. Send and receive arbitrary information data between the two. The authentication means authenticates the information data protection requesting device that has made a request for protection of the information data acquired via the communication means, and sends the result to the information data processing means. The information data processing means protects the information data stored in the information data storage means from being read in response to the request when the authenticity of the information data protection requesting device is confirmed by the authentication means. When the communication terminal device is stolen or lost, the information data protection request device stores the information data in order to prevent reading of any information data stored in the information data storage means of the communication terminal device. A request for protection is sent to the communication terminal device via the communication means. The communication terminal device authenticates the information data protection requesting device by the authentication means, and if it is confirmed to be valid, protects the predetermined information data stored in the information data processing means from being read.

In order to solve the above-mentioned problems, in an information protection method for a communication terminal device which is connected to a predetermined network and transmits and receives information data, a predetermined data stored in the information data storage means of the communication terminal device is used. A procedure in which an information data protection requesting device for requesting protection of information data transmits a request for protection of the information data to the communication terminal device together with authentication information for authenticating the information data protection requesting device; Receives the authentication information and a request for protection of the information data from the information data protection requesting device, authenticates the information data protection requesting device based on the authentication information, and validates the data information protection requesting device. If it is confirmed that the data is stored in the information data storage means in response to a request for protection of the information data, Information protection method characterized by having, a step of protecting the read predetermined information data, are provided.

In the method for protecting information of a communication terminal device according to such a procedure, information for connecting to the communication terminal device through a predetermined network and requesting protection of predetermined information data stored in the information data storage means of the communication terminal device is provided. The data protection requesting device transmits, to the communication terminal device, authentication information for authenticating the information data protection requesting device and a request for protection of the information data as necessary. The communication terminal device receives a request regarding the protection of information data from the information data protection requesting device and the authentication information via a predetermined network. Then, the information data protection request device is authenticated based on the authentication information. When it is authenticated and the legitimacy of the information data protection requesting device is confirmed, the predetermined information data stored in the information data storage means is protected from being read in response to the request for protection of the information data.

[0013]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described below with reference to the drawings. FIG. 1 is a configuration diagram of a communication terminal device according to an embodiment of the present invention.

The communication terminal device 100 according to the present invention is a portable personal property, and personal information of the owner is stored inside the device. If necessary, the network 200 is connected to perform processing such as transmission of information data stored in the device and storage of information data acquired via the network 200.

The network 200 is an information communication network for transmitting information data between a large number of connected devices, for example, the Internet. Here, it is assumed that the Internet is IPv6 compliant, in which individual IP addresses can be assigned to all devices connected to the network. In IPv6, each communication terminal device 100 connected to the network can be specified by an IP address.

The communication terminal device 100 includes a network 20.
Communication means 110 connected to 0, information data storage means 120 for storing information data such as user's personal information, information data processing means 130 for performing processing relating to the information data,
It is composed of an authentication means 140 for performing authentication, an operation input means 150, and a display means 160.

The communication means 110 is connected to the network 200 to perform transmission / reception processing of information data. That is,
After acquiring a signal transmitted from another device to the own device via the network 200 and performing signal processing such as decoding,
The information data is transmitted to the information data processing means 130. The information data processing unit 130 encodes the information data requested to be transmitted, and then transmits the information data to the destination via the network 200. The device is assigned a device-specific IP address determined by a network protocol (IPv6 in this case), and the communication unit 110 receives a signal sent to the device's IP address.

The information data storage means 120 is a memory for storing information data such as general information, user personal information and confidential information, or authentication information for authenticating the user. These pieces of information data are made up of several files, each of which has a different security level to be protected. In the following, in particular, information that the user does not want other people to know, such as personal information and confidential information, will be described. It is desirable that such information can be used as freely as possible when the communication terminal device 100 is in the user's hand, but it is protected from being read by a third party when it is separated from the user's hand due to theft or loss. Will be required.

The information data processing means 130 processes the information data in its own device in response to a user's instruction input from the operation input means 150 or an instruction from another device input via the communication means 110. For example, the operation input means 1
In accordance with an instruction input from 50, the information data stored in the information data storage unit 120 is read out and the display unit 1
It is displayed on 60 or is transmitted to another device via the communication means 110. Further, when a request for protection of information data is input via the communication means 110, if the authenticity of the information data protection requesting device making the request is authenticated by the authentication means 140, the information data is protected from being read according to the instruction. . For example, a file of information data to be protected is erased to protect the information data from being read by a third party. If necessary, before erasing the information data, the information data stored in the information data storage unit 120 is read and transmitted to the information data protection requesting device or the destination specified by the information data protection requesting device. Moreover, the protection of the information data may be performed by destruction. In addition, a suitable one of the methods for preventing the reading of the original information data by a third party is selected.

The authentication means 140 is the information data processing means 1
In accordance with 30, the information data protection requesting device that has requested the protection of the information data is authenticated based on the acquired authentication information. For example, authentication information such as a personal identification number and a password is stored in advance in the information data storage means 120, this is compared with the authentication information transmitted by the information data protection requesting device, and authentication is performed depending on whether they match. . The authentication result is sent to the information data processing means 130.

The operation input means 150 inputs a user's operation such as displaying the information data stored in the information data storage means 120 and starting or ending communication, and sends the instruction to the information data processing means 130.

The display means 160 is the information data processing means 1
According to 30, the information data desired by the user is displayed on the display screen. The operation of communication terminal apparatus 100 having such a configuration will be described. In the normal state, the operation input means 15
The information data processing unit 130 starts processing by inputting the user's instruction input from 0 or the information data acquired by the communication unit 110 via the network 200 to the information data processing unit 130. The information data processing means 130 is, for example, as necessary, for example, the information data acquired via the communication means 110 or the information data storage means 1
The information data is read from 20 and displayed on the display unit 160, or conversely, the information data is transmitted via the communication unit 110.

When the communication terminal device 100 is separated from the user's hand due to theft or loss, in order to protect the communication terminal device 100 from reading information data by a third party, the communication terminal device 100 is protected from the information data protection request device. 100
A request regarding the protection of the information data and the authentication information for authenticating the information data protection requesting device is transmitted via the network 200. The communication unit 110 receives the request for the protection of the information data and the authentication information, and sends it to the information data processing unit 130. Information data processing means 130
Sends the authentication information to the authentication means 140 and requests authentication of the information data protection requesting device. In the authentication means 140, for example, the authentication information from the information data protection request device acquired from the information data processing means 130 and the information data storage means 12
0 is compared with the authentication information stored in 0 to authenticate the information data protection requesting device, and the result is sent to the information data processing means 130. Information data processing means 13 receiving the result
When the validity of the information data protection requesting device is confirmed, 0 erases the information data stored in the information data storage unit 120 according to the request for protection of the information data, and protects the information data from being read. Upon request, the entire information data can be erased or only the designated file can be erased. Further, if necessary, the information data stored in the information data storage means 120 can be read out before erasing and transmitted to the designated destination via the communication means 110.

As described above, even when the communication terminal device is separated from the user's hand, the information data of the communication terminal device can be erased by making a request for protection of the information data via the network. Therefore, it is possible to protect personal information and confidential information.

Here, the relationship between the communication terminal device and the information data protection request device will be described. FIG. 2 is a configuration example of the first operation system in the information protection method for the communication terminal device according to the embodiment of the present invention. The same parts as those in FIG. 1 are designated by the same reference numerals and the description thereof will be omitted. This is the case when the communication carrier makes a request for protection of information data.

The user 300 is the owner of the communication terminal device 100, and the user 300 is inside the communication terminal device 100.
Information data such as personal information is stored. The telecommunications carrier 400 is a telecommunications carrier that manages the network 200 to which the user 300 connects using the communication terminal device 100, and makes an information data protection request device 410 that requests the communication terminal device 100 to protect information data. Holding The information data protection request device 410 is a management server or the like that manages the network 200.

In this case, the stolen user 300 of the owned communication terminal device 100 requests the telecommunications carrier 400 to erase the information data of the communication terminal device 100 (and download the information data if necessary). To do. This request may also be made via the network 200. The communication carrier 400 specifies the communication terminal device 100 using the information data protection requesting device 410, and if communication is possible, a command to erase the information data of the communication terminal device 100 via the network 200 (protection of information data). Request). If the communication is not possible because the communication terminal device 100 is not powered on, the above procedure is executed after waiting for the communication to become possible.

In this way, by automatically issuing an instruction to erase information data after waiting for communication to become possible,
When a third party turns on the communication terminal device 100 to retrieve personal information, that is, when communication becomes possible,
A command for deleting the information data reaches the communication terminal device 100, and the information data can be deleted.

FIG. 3 shows a configuration example of a second operation system in the information protection method for a communication terminal device according to an embodiment of the present invention. The same parts as those in FIGS. 1 and 2 are designated by the same reference numerals and the description thereof will be omitted. This is a case where the user who is the owner of the communication terminal device makes a request for protection of information data.

The user 300 is the owner of the communication terminal device 100 and holds the information data protection request device 310. Information data protection requesting device 310 in this case
Is a personal computer or the like that can be connected to the network 200, for example, the Internet.

In this case, the stolen user 300 of the possessed communication terminal device 100 uses the information data protection requesting device 310 such as his own personal computer to erase the information data of the communication terminal device 100 (and needs it). If so, download of information data) is requested. If the communication terminal device 100 can communicate, the information data protection requesting device 310 issues a command (request for protection of information data) to erase the information data of the communication terminal device 100 via the network 200. If the communication is not possible because the communication terminal device 100 is not powered on, the above procedure is executed after waiting for the communication to become possible.

Next, an information protection method of the communication terminal device according to the present invention will be described. Here, as an information protection method, a first procedure of only erasing information data and a second procedure of transmitting information data before erasing will be described.

A procedure for erasing the first information data will be described. FIG. 4 is a flowchart showing a first procedure in the information protection method for the communication terminal device according to the embodiment of the present invention.

First, the communication terminal device 100 is in a standby state waiting for data reception from another device (S11). When data is received from another device (S12), data processing is started and the sender of the data is authenticated. It is determined whether or not the sender has passed the authentication (S13). If the sender has not passed the authentication, that is, if the validity is not confirmed, other processing such as error processing is executed (S16), and the standby state is resumed (S11). Return to. If it has passed, that is, if the validity is confirmed, it is determined whether the received data is a memory clear request (S14), and if it is a memory clear request, the contents of the memory are erased (S15), and the memory is again cleared. Return to the standby state (S11). In other cases, other processing (S16) is executed, and the process returns to the standby state (S11) again.

Next, a procedure for transmitting the second information data and then deleting it will be described. FIG. 5 shows a second part of the information protection method of the communication terminal device according to the embodiment of the present invention.
It is a flow chart showing the procedure of.

Similar to the first procedure, the communication terminal device 100
Is in a standby state waiting for data reception from another device (S21). When data is received from another device (S2
2) Start data processing and authenticate the sender of the data. It is determined whether or not the sender has passed the authentication (S23). If the sender has not passed the authentication, that is, if the validity is not confirmed, other processing such as error processing is executed (S28), and the standby state is resumed (S21). Return to. If it has passed, that is, if the validity is confirmed, it is judged whether or not there is a request for transmitting the memory content (S24), and if there is a request, the memory content is transmitted (S25). Then, it is determined whether the received data is a memory clear request (S
26), if it is a memory clear request, the contents of the memory are erased (S27), and the process returns to the standby state (S21) again. In other cases, other processing (S28) is executed, and the process returns to the standby state (S21) again.

In the above description, the authentication is performed before determining what the request for the received data is, but it is also possible to perform the authentication as needed after determining the request for the received data.

[0038]

As described above, in the communication terminal device of the present invention, when it is necessary to prevent the information data stored in the communication terminal device from being read, the information data protection request device sends the information data. A protection request is sent.
The communication terminal device authenticates the information data protection requesting device based on the received data, and when it is confirmed to be valid, protects the information data from being read.

In this way, when it is necessary to prevent the information data stored in the communication terminal device from being read out due to theft or loss, the communication terminal device can be protected from the information data using communication. Since the command can be issued, it is possible to prevent others from seeing personal information and confidential information.

Further, in the information protection method of the communication terminal device of the present invention, the information data protection requesting device for requesting protection of predetermined information data issues a request for authentication information and protection of information data as necessary. Send to. Upon receiving this, the communication terminal device authenticates the information data protection requesting device based on the authentication information, and if the validity is confirmed, a predetermined value stored in the information data storage means in response to the request for protection of the information data. Protect information data from reading.

As described above, when it is necessary to prevent the information data stored in the communication terminal device from being read out due to theft or loss, the information data protection request device sends the information data to the communication terminal device. Since the protection can be ordered, it is possible to prevent others from seeing personal information and confidential information.

[Brief description of drawings]

FIG. 1 is a configuration diagram of a communication terminal device according to an embodiment of the present invention.

FIG. 2 is a configuration example of a first operation system in an information protection method for a communication terminal device according to an embodiment of the present invention.

FIG. 3 is a configuration example of a second operation system in the information protection method for the communication terminal device according to the embodiment of the present invention.

FIG. 4 is a flowchart showing a first procedure in an information protection method for a communication terminal device according to an embodiment of the present invention.

FIG. 5 is a flowchart showing a second procedure in the information protection method for the communication terminal device according to the embodiment of the present invention.

[Explanation of symbols]

100 ... communication terminal device, 110 ... communication means, 120 ...
・ Information data storage means, 130 ... Information data processing means,
140 ... Authentication means, 150 ... Operation input means, 160 ...
.Display means, 200 ... Network

Claims (6)

[Claims] 1. A communication terminal device which is connected to a predetermined network to transmit and receive information data, is connected to the predetermined network by using a device-specific address determined by a protocol of the predetermined network, and is connected to another device. A communication means for transmitting and receiving arbitrary information data between the information data, an information data storage means for storing and holding predetermined information data of the information data, and a request for protection of the information data acquired via the communication means. An authenticating means for authenticating the information data protection requesting device, and the information data storing means in response to a request for protection of the information data, when the authenticity of the information data protection requesting device is confirmed by the authenticating means. Information data processing means for protecting the predetermined information data stored in Communication terminal device according to claim Rukoto. 2. The communication terminal device according to claim 1, wherein the information data processing unit deletes the predetermined information data in response to a request for protection of the information data from the information data storage unit. 3. The predetermined information data stored and held in the information data storage means is composed of several files, and the information data processing means is designated in a request for protection of the information data. The communication terminal device according to claim 1, wherein the file is protected from being read. 4. The information data processing means further reads the predetermined information data stored and held in the information data storage means before protecting the predetermined information data from being read out, and the information data processing means uses the communication means. The communication terminal device according to claim 1, wherein the communication terminal device transmits to the information data protection requesting device or a destination specified by the information data protection requesting device. 5. The protocol of the predetermined network is Internet Protocol version 6 (IPv6).
6. The communication terminal device according to claim 1, which is Internet Protocol Version 6). 6. An information protection method for a communication terminal device, which is connected to a predetermined network to transmit and receive information data, comprising: information requesting protection of predetermined information data stored in an information data storage means of the communication terminal device. A procedure in which a data protection requesting device transmits a request for protection of the information data to the communication terminal device together with authentication information for authenticating the information data protection requesting device; and the communication terminal device, the information data protection requesting device When receiving the authentication information and a request for protection of the information data from the, authentication of the information data protection request device based on the authentication information, if the validity of the data information protection request device is confirmed, the Whether the predetermined information data stored in the information data storage means is read in response to a request for protection of the information data. Information protection method characterized by having a procedure to protect.