JP2003298832A - Method for keeping information secret and method for extracting information - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a method for keeping information secret in which personal information is hardly leaked from a document distributed through the Internet, etc., and the document is hardly illegally used as secondary use and tertiary use, and a portion of the document is kept secret without making the entire document secret to minimize the use restriction of the document, and to provide a method for extracting the information. <P>SOLUTION: These methods for keeping information secret and extracting the information are provided with the steps of processing for setting a dedicated key for managing security, mask processing for keeping secret information having a high security degree secret among pieces of secret information including a part to be partially kept secret, processing for embedding the secret information in disguised image data by steganography, and processing for extracting the secret information from the disguised image data by the steganography. <P>COPYRIGHT: (C)2004,JPO

Description

Detailed Description of the Invention

The present invention relates to an information concealment method for concealing a concealed portion of a document that partially contains a concealed portion (information), and an information extraction method for extracting concealed information.

[0002]

2. Description of the Related Art There are many documents (documents) that have a part to be kept secret. When publishing such a document, the corresponding portion is painted black with Magic Ink (R). Also, keep the entire document private. In addition, considering the disclosure / non-disclosure, at the stage of creation, create multiple documents for the same target, such as public documents and private documents (documents to be sent to individuals). To do.

[0003]

However, if the entire document is kept secret while the document only needs to be kept secret, the use of the document is restricted. In addition, in order to keep the whole secret, waste may occur. Further, as described above, in consideration of disclosure / nondisclosure, it is necessary to create and manage documents in different versions for the same target. In addition, personal information may be leaked when a document is sent by e-mail or mail. Further, a document distributed on the Internet or the like may be targeted for unauthorized secondary use or tertiary use.

[0004] The main object of the present invention is to solve such a problem for a document including a part to be kept secret.

[0005]

According to the present invention, which has solved the above-mentioned problems, information of a part to be kept secret is embedded in a mask image. Also, the information embedded in this mask image is extracted.

[0006]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described in detail below.

[Information Concealment Device] An information concealment device embodying the information concealment method of the present invention will be described with reference to FIGS. 1 and 2. FIG. 1 is a block diagram showing the configuration and functions of the information concealment device. FIG. 2 is a flowchart showing processing of the information concealment device of FIG.

The configuration of the information concealment device will be described. As shown in FIG. 1, an information concealment device according to an embodiment includes a CPU,
A control device including a RAM and the like, a storage device including a hard disk, a communication device including a LAN adapter and a modem, an input / output device including a monitor, a keyboard, a mouse, and the like are connected to a bus. Have a composition. That is, the information concealment device has the same configuration as a personal computer (personal computer).

The control device has a document input function for inputting a document as the secret information 20, a mask processing function for masking a portion selected as a secret portion of the document, and a masked portion (mask image portion).
In addition, a steganographic embedding processing function for embedding information on a secret part of a document by steganographic processing has been activated and expanded. These functions are positioned as an information concealment processing program. Note that the control device also starts up and deploys an OS, word processing software, a mailer that sends and receives electronic mail, and the like. If necessary, We
b WWW browsers for browsing information have also been launched and deployed.
Incidentally, the information concealment processing program has a role as add-in software for word processing software. Here, the steganography processing applied in this embodiment is a well-known processing (technology) for embedding information in an image. Therefore, the detailed description of the steganography processing is omitted.

The operation of the information concealment device of FIG. 1 will be described.
As shown in FIG. 2, the information concealment device of one embodiment inputs a document in step S111. The document is a result of a medical examination, etc., which will be described later, and includes a part to be kept secret. Note that the word processor software has been started before step S111, and the health examination result as a word processor document is input. In other words, the health examination result as the word processing document is input as the processing target document of the information concealment device.

In step S112, the secret portion of the document is selected by, for example, the mouse operation or key operation of the operator. For example, a personal name or the like is selected. Note that, for example, a person who performs the concealment process determines whether or not the character string or the like of the document corresponds to the “section to be concealed”.

In step S113, the selected portion (character string in this case) is masked and an image is pasted.
By the way, the size of the image is a size in which at least a character string can be embedded (size as data capacity). In view of the layout of the document, the size (length, height) viewed may be the same (character string length / height = image length / height).

In step S114, the information (character string) of the selected portion is embedded in the pasted image. At this time, steganography technology is used. At this time, a key and password are set for each embedded part. In addition,
The setting of the key and the password can be performed before the processing of step S111 is started or at the time of saving of step S117.

In step S115, the secret data is deleted. Just masking in step S113
This is because the character string to be processed remains in the document. In step S116, it is determined whether or not the process is finished. If the process is to be continued (no), the process proceeds to step S112 to continue the process. If it ends (yes), step S1
In step 17, the document in which the confidential information is embedded is stored as a processed document (word processing document).

Note that in this embodiment, step S1
The processing from 11 to step S117 is performed by the functions shown in FIG. 1 and the functions of the word processor software in cooperation with each other. By the way, the processed document is attached to an e-mail by a mailer or the like and transmitted on the Internet. At this time, a key for extracting the embedded information and a password are transmitted separately.

By doing so, it is possible to open a document to the public that is not desired to be known to the outside. In this respect, the partial use of the document becomes possible, unlike the case where a password is applied to the whole document to keep the whole document secret. In addition, in advance,
At the time of creating a document, such as for personal use (non-disclosure), it is not necessary to create a plurality of documents in consideration of disclosure / non-disclosure, and document management becomes easy. Also, when sending a document by email, even if you send it incorrectly, you can not see the information without the key and password, so you can eliminate the risk of leaking personal information etc.
Will be reduced.

[Information Extraction Device] An information extraction device according to an embodiment that embodies the information extraction method of the present invention will be described with reference to FIGS. 3 and 4. FIG. 3 is a block diagram showing the configuration and functions of the information extraction device. FIG. 4 is a flowchart showing the processing of the information extraction device of FIG.

The configuration of the information extraction device will be described. As shown in FIG. 3, the information extraction device according to the embodiment is similar to the information concealment device shown in FIG. 1, and is a control device including a CPU and RAM, a storage device including a hard disk, and a LAN adapter. An input / output device composed of a communication device composed of a computer, a modem, etc., a monitor, a keyboard, a mouse, etc. is connected to the bus.

The control device inputs a processed document (general information 22) processed by the information concealment device, a processed document input function, and information (characters) embedded in the processed part (embedded part) of the document. A steganographic information extraction processing function for extracting a column) and an information extraction partial display function for displaying the extracted information are activated and expanded. These functions are positioned as an information extraction processing program. Note that the control device also starts up an OS, word processing software, mailer that sends and receives e-mail, etc.
It is being deployed. In addition, a WWW browser for browsing Web information is also started and deployed as needed. By the way, the information extraction processing program has a role as add-in software for word processing software.

The operation of the information extraction device of FIG. 3 will be described. As shown in FIG. 4, the information extraction device of one embodiment inputs the processed document in step S121. The secret document is a health check result processed by the information concealment device. This processed document is transmitted and received as, for example, an attached document of an electronic mail. Note that the word processing software has been started before step S121, and the processed document as a word processing document is input. In other words, the processed medical examination result as a word processing document is input as the processing target document of the information extraction device.

In step S122, the embedded portion (mask image portion) of the document is selected by the mouse operation or key operation of the operator. Personal names, disease names, etc. are embedded in the embedded part. In step S123, the embedded information (character string) is extracted from the selected portion. At this time, the key or password notified in advance is input. Then, the information embedded by the steganography technique is extracted in the completely reverse procedure to that when the information was embedded.

In step S124, the extracted information (character string) is displayed, for example, on a pop-up screen. This allows the operator to know the content of the embedded information. Next, in step S125, it is determined whether or not the process has ended, and if the process is to continue (no), the process proceeds to step S122 to continue the process. When ending (yes), the process exits (END).

In this embodiment, step S1
The processing from 21 to step S125 is performed by the respective functions shown in FIG. 3 and the functions of the word processing software in cooperation with each other.

By doing so, the risk of leakage of confidential information is eliminated. In addition, if the embedded information is displayed only on the pop-up screen, the embedded portion cannot be read by just delivering the information even if the recipient makes an illegal secondary or tertiary delivery. From this point as well, confidential information is protected. It is also effective against illegal secondary distribution.

Incidentally, for example, in the above-mentioned step S123,
When the processing of 124 or the like is performed, a notification to that effect may be sent as an electronic mail to the sender of the processed document via the mailer. In this way, the sender can determine whether the processed document has been viewed. In this case, the processed document has an email address embedded in it.

[Application to health certificate] Next, an embodiment in which the present invention is applied to transmission and reception of a health certificate will be described with reference to FIGS. FIG. 5 shows a health certificate acquisition system 10.
FIG. 7 is a diagram illustrating the operation of FIG. FIG. 6 is a diagram for explaining the operation in the case where the data is erroneously transmitted in FIG.

FIG. 5 shows a medical certificate acquisition system 1 according to the present invention.
It is an explanatory diagram when it is carried out as 0 and a health certificate is sent to a proper person, and the health management information center 1 installed in a large-scale hospital etc. is a business, and the patient and the examinee himself and their agents (hereinafter, The step of arrow 18 indicates the process of transmitting the medical certificate by e-mail to “the person etc.” or “appropriate person” or “citizen A” 2). Appropriate person 2 is arrow 1
The opening notification shown in step 7 may be returned to the health care information center 1. This is what is normally done in the communication of electronic mail in telecommunications using a network that can be relatively easily intercepted, and it is assumed that the information to be communicated is composed of characters, documents and images. Continue.

The health management information center 1 displays the result 11 of the health examination.
Based on the above, in the step shown by the arrow 12, a health certificate for which information processing for privacy protection is processed is created. At that time, a mask image (hatched portion) as shown in the health check result 13 is pasted, and the secret information is embedded therein by steganography processing. In this medical certificate acquisition system 10, the name 14, the disease name 15, and other confidential information (partially confidential) of the person concerned are embedded so that they cannot be read by a third party. Therefore, the secret information cannot be extracted from the mask image as shown in the health examination result 13 except for the person who has the predetermined access right. Only the mask part (hatched part) is a camouflaged image.

However, the proper person 2 can extract the masking information (hatched portion) as shown in the health examination result 13 by using a key or password notified separately, and can browse the confidential information. The method is as described above, and the duplicated description will be omitted.

FIG. 6 erroneously transmits the medical certificate to the improper person 3 (“citizen B” including statistical use etc.) who is not the proper person 2 by the health certificate acquisition system 10 according to the present invention shown in FIG. It is an explanatory diagram when doing so. Since there is no key or password, the confidential information cannot be extracted from the mask image, and the confidential information cannot be browsed. Therefore, it is suitable for the security purpose of preventing the secret information from being read by a third party.

If this kind of information is used for analysis of social phenomena by an appropriate mathematical statistical method, it may be possible to support an administrative purpose or an academic purpose. Therefore, a document (processed document) in which the information is embedded may be used. It is desirable to open the database and promote the use as appropriate. For that reason, only the name 14 cannot extract the confidential information, but only the disease name 15 may be able to extract the confidential information.
That is, the restricted condition for accessing the processed document is rated, and the access right and the key, etc., which are reasonably rated, are set to give a considerable access permission. However, detailed description of a method of setting access rights and keys graded in several stages and an operation method thereof will be omitted.

FIG. 7 is an overall configuration diagram of the health certificate acquisition system 10 of FIGS. 5 and 6, and enables the health management information center 1 and citizens A to C to exchange electronic mail via the Internet I. . Specifically, the health certificate delivery server 19 provided in the health management information center 1 and citizens A to
The personal computers 2A to 2C owned by C are connected to the Internet, and the information manager M appropriately operates the health certificate delivery server 19 to send an electronic mail to the personal computers 2A to 2C of the citizens A to C. To deliver.

The present invention distinguishes and conceals confidential information with a high degree of security in telecommunications using a network that can be relatively easily intercepted, and conversely, restricts access conditions for the information that can be disclosed. The present invention relates to an information masking method for disclosing and a method of restoring the masking information, and the communication of electronic mail via the ordinary Internet I is applicable and included. here,
A detailed description of ordinary electronic mail communication via the Internet I will be omitted.

In addition to the health certificate acquisition system 10 described above, the present invention is applicable to governments, prefectures, municipal offices,
Police, social insurance offices and other administrative agencies, courts, legal affairs offices,
Judicial institutions such as notary public offices, medical institutions such as hospitals, financial institutions such as banks, educational institutions such as schools, that is, most public institutions handle confidential information including personal privacy. May also be rated for access depending on their confidentiality and stage of importance.
For example, the resident's card can be obtained by anyone, but there are restrictions on viewing and copying the family register, and a strict check is imposed when updating the contents of the family register.

Further, it may be convenient that the secret information 20 can be partially or wholly accessed due to research and development, investigation of the cause of the accident, or administrative reasons. For example,
It is possible to easily realize that the address name of the party is hidden from the secret information 20 and used for various statistical data. This is as described in detail by the health certificate acquisition system 10.

The present invention is not limited to the above-described embodiment, but can be widely modified and implemented. For example, steganography with embedded information is an example,
Other image embedding techniques can also be applied. Also,
Although the character string is embedded in the image, a person image such as a certificate may be embedded in another image (camouflage image). Further, distribution of documents by a floppy (R) disk or the like, which does not go through the Internet, also belongs to the category of the present invention.

[0037]

As described above, according to the present invention, it is possible to properly handle a document including a part to be hidden.

[Brief description of drawings]

FIG. 1 is a block diagram showing a configuration and a function of an information concealment device.

FIG. 2 is a flowchart showing processing of the information concealment device of FIG.

FIG. 3 is a block diagram showing a configuration and functions of an information extraction device.

FIG. 4 is a flowchart showing a process of the information extraction device of FIG.

FIG. 5 is a diagram illustrating the operation of the health certificate acquisition system.

FIG. 6 is a diagram for explaining an operation in the case of erroneous transmission in FIG.

FIG. 7 is a diagram considering the Internet.

[Explanation of symbols]

1 Health management center 2 Appropriate person 2A, 2B, 2C PC 3 Inappropriate 10 Health certificate acquisition system 11,13 Health checkup result 14 names 15 Disease name 19 Health certificate delivery server 20 confidential information 22 General information A, B, C citizen M information manager

─────────────────────────────────────────────────── ─── Continuation of front page (51) Int.Cl. ⁷ Identification code FI theme code (reference) H04N 1/38 H04L 9/00 673A (72) Inventor Mitsuro Maeda 2-4 Toyo, Koto-ku, Tokyo No. 18 Hitachi Kyodo System Engineering Co., Ltd. (72) Inventor Kenichi Shozuka 2-4-18 Toyo, Koto-ku, Tokyo F-Term (inside) Hitachi Kyodo System Engineering Co., Ltd. (reference) 5B057 CA12 CA16 CB12 CB16 CC01 CE08 CE09 CH08 5C076 AA02 AA14 BA06 5J104 AA12 PA14

Claims (2)

[Claims] 1. A step of inputting or creating on a computer a document containing a part to be concealed, a step of selecting a part to be concealed of the document, an image is masked on the selected part. And pasting, embedding the information of the selected location in the image, deleting the information of the selected location, setting a password or key for extracting the embedded information, An information concealment method comprising: 2. A step of inputting a processed document processed by the information concealment method of claim 1 into a computer, a step of selecting a mask image in which information of the processed document is embedded, A step of extracting the embedded information by a password or key notified separately.
An information extraction method comprising: