JP2005063399A - File/key/data management system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a file/key/data management system that can prevent unauthorized use even when a file or the like including important contents leaks out. <P>SOLUTION: The file/key/data management system comprises an information processing apparatus for at least saving, backing up, reading and editing, or reproducing a file or the like including at least a file, a key or data, specific information detecting means for detecting specific information about hardware and/or software forming the information processor, and encrypting means for encrypting and/or compressing the file or the like according to the specific information detected by the specific information detecting means. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a file / key / data management system, and more particularly to a file / key / data management system capable of preventing unauthorized use even when files containing important contents leak to the outside.

  Files / keys / data, etc. created and stored on a computer are disadvantageous if they are not managed at all and the files are altered by a third party or they are leaked and used illegally. There was a risk of suffering. For this reason, in order to prevent unauthorized use of files containing important contents, a method in which the user restricts the use of the file with a password or the like has been conventionally known.

However, in the password management method, if the password is leaked to a third party, there is a possibility that fraud is immediately performed.
The present invention has been made in view of such a conventional problem, and provides a file / key / data management system capable of preventing unauthorized use even when files containing important contents leak to the outside. The purpose is to do.

  For this reason, the present invention (Claim 1) performs at least one of storage, backup, reading and editing, reproduction, data transmission / reception, etc. of files including at least one of a file, a key, and data. Information processing device, unique information detection means for detecting at least one unique information such as hardware, software, ID of ID-added recording medium and biometrics information constituting the information processing device, and the unique information Data conversion means for converting the files into data based on the unique information detected by the detection means.

Since the files are converted into data such as encryption and compression based on the unique information, unique processing such as encryption is possible. For this reason, even when files containing important contents are leaked to the outside, the information processing apparatus that is the drain destination cannot perform restoration such as decryption or decompression.
In addition, the unique information may be completely identical, but priority may be taken into consideration for the unique information. Furthermore, the number of weighted points may be taken into account, for example, information having a high probability of being used in a fixed manner or information having a serial number or the like may be set high.

The unique information is information that can be read from existing hardware, existing systems, etc., so even if the information processing device is re-setup, the same unique information can be acquired and information can be read. is there.
As described above, a system that is less susceptible to changes in specific information, changes in hardware, etc. by the user can be obtained.
Note that information used for encryption or the like may include time data or a random number as unique information. Further, only time data or random numbers may be used as the unique information. The time data is, for example, the detection time of the unique information, the transmission time of the unique information to the center, or the like. In this case, the value of the generated unique information key is a variable value that changes every time data conversion (encryption) of files is performed.
Such data conversion of files may be performed by a server connected to the Internet, in addition to being performed by an information processing apparatus owned by the user. However, even in this case, the unique information is detected by the information processing apparatus owned by the user, and the detected unique information is transmitted to a server or the like. Thereafter, file data conversion is performed by the server or the like. In this case, the files may be HTML files, applications, or the like.

  The present invention (Claim 2) is an information processing apparatus for performing at least one of storage, backup, reading, and editing of files including at least one of a file, a key, data, and the like; Specific information detecting means for detecting at least one specific information such as hardware and software constituting the information processing apparatus, ID of recording medium with ID and biometric information, and the specific information detected by the specific information detecting means Data conversion means for data conversion of the files based on information, storage means for saving the files converted by the data conversion means and the unique information, and reading of the files saved by the storage means And / or when performing editing, the unique information detection means uses the hardware and software that constitute the information processing apparatus. , Detecting again at least one unique information such as ID and biometric information of the ID-added recording medium, and comparing with the unique information stored in the storage means, based on the determination result of the comparison means A restoration judging means for judging permission or non-permission of restoration of files, and when the restoration judging means permits the restoration, the data converting means converts the data based on the unique information saved by the saving means. And a restoring means for restoring the files.

  When time data or a random number is added as specific information, for example, as information used for data conversion (encryption), the time data and the random number are stored together with the specific information in the storage means.

  Further, according to the present invention (claim 3), the unique information detected by the unique information detection means and the files converted by the data conversion means are combined to generate one file or to have a predetermined association with each other. And a file generation means for generating a file that has been processed, wherein the unique information detected by the unique information detection means and / or the file generated by the file generation means is data-converted.

  The unique information and the files may be combined into one file, or may be an independent file with a predetermined association. The predetermined association is, for example, a common file name. Information is extremely safe because it is encrypted in multiple layers. In addition, since the data conversion (encryption) key can be set by the software manufacturer or the like, it can be designed uniquely by the manufacturer.

  Furthermore, the present invention (Claim 4) provides at least one information processing apparatus and at least one specific information such as hardware, software, ID of a recording medium with ID, biometric information, and the like constituting the information processing apparatus. Registration means for registering information, an information processing apparatus registered by the registration means, storage means for storing unique information of the information processing apparatus, hardware, software, and ID-recording constituting the information processing apparatus Unique information detection means for detecting at least one unique information such as medium ID and biometric information, and the unique information detected by the unique information detection means are compared with the unique information stored in the storage means. When it is determined that the same information processing apparatus exists as a result of comparison between the comparison means and the comparison means, the data conversion means It was constructed with a restoring means for restoring the data converted file class.

  The presence determination of the same information processing apparatus may be determined based on a complete match, but a weighted score may be considered. It is safe because files converted (encrypted or the like) can be restored (decrypted or the like) only by at least one information processing apparatus in which the unique information is registered.

  Furthermore, the present invention (Claim 5) determines whether or not the information processing apparatus and / or the designation means for designating a person capable of restoring the files, the information processing apparatus designated by the designation means, and the like. A designated information processing device or the like judging means for judging, and when the information processing device or the like designated by the designated information processing device etc. judging means is judged to be restored by the restoring means.

The determination as to whether the information processing device is designated by the designation means can be made based on the unique information, the name assigned to the information processing device, or the like. In addition, it is possible to determine whether or not the person is designated based on, for example, biometric information.
As described above, confidential information can be managed more strictly, and a partner who can read information can be specified.

  Furthermore, the present invention (Claim 6) includes an information processing apparatus stored in the storage means, an ID / password setting means for setting an ID and / or password for unique information of the information processing apparatus, and the ID / password. ID and / or password determining means for determining whether or not the ID and / or password set by the setting means matches the input ID and / or password, and when the ID or the like determining means determines that they match, It is characterized by being restored by restoring means.

  By determining the coincidence with the ID or password, a person who can access the information can be identified.

  Further, according to the present invention (Claim 7), when the restoration judgment unit prohibits the restoration of the files, the unique information stored in the storage unit is newly detected by the unique information detection unit. Unique information updating means for updating to at least one unique information such as hardware, software, ID of ID-added recording medium and biometrics information constituting the information processing apparatus, and the unique information updated by the unique information update means And registration means for registering information.

  The unique information stored in the storage means is updated to the unique information of the newly detected hardware or software. Then, the updated unique information is registered. Registration is desirable at a predetermined site. At this time, it is desirable to update or register new unique information after confirming that they are the same information processing apparatus.

As described above, after the unique information is updated, the unique information extracted from the information processing apparatus is compared with the unique information stored in the storage unit, and as a result, is not determined to be inconsistent.
Therefore, after the unique information is updated, the files can be restored (decrypted or the like).

  Further, according to the present invention (claim 8), when it is determined that restoration of the files is not permitted by the registered unique information storage means in which the registered unique information that has been registered is saved, and the restoration judgment means A registered unique information comparing means for comparing the unique information used for comparison by the comparing means with the registered unique information stored in the registered unique information storing means, and determining the registered unique information comparing means Based on the result, it is determined whether the restoration of the files is permitted or not, and when the restoration is permitted, the files converted by the data conversion unit based on the unique information stored by the storage unit It is characterized by restoring.

  As a result of comparing the unique information extracted from the information processing device with the unique information stored in the storage means by having the registered unique information exist, the registered unique information If they are matched by comparison, they can be relieved. Since the registered unique information can be stored in the information processing apparatus of the user, a plurality of files included in the information processing apparatus of the user can be easily restored (decoded or the like). It should be noted that when the files are re-data converted (encrypted or the like), it is preferable to use the registered unique information and update the unique information stored in the storage unit to the registered unique information. In addition, it is desirable to update or register new registered specific information after confirming that they are the same information processing apparatus.

  Further, the present invention (Claim 9) provides a use permission password for permitting use of the copyrighted work installed in the information processing apparatus, the information processing apparatus and the information unique to the information processing apparatus. And a password granting unit for granting, a presence unit for the presence of the use permission password, or a built-in password built in the work in advance, and a judgment unit for judging whether the built-in password matches the use permission password.

  Copyrighted works are applications, digital contents, music files, and the like. The copyright of files whose data has been converted (encrypted, etc.) can be managed using unique information.

  Further, the present invention (Claim 10) is a storage in which information and at least one unique information such as hardware, software, ID of an ID-added recording medium, and biometric information are stored in advance. Means, detecting means for detecting the unique information, comparing means for comparing the unique information detected by the detecting means and the unique information stored in the storing means, and the comparing means has a predetermined ratio or more. The data conversion of the information is performed when they match.

  Data conversion of information is performed when the comparison means matches a predetermined ratio or more. The data conversion is, for example, encryption or decryption, compression or decompression, embedding in a specific image file or the like as watermark information. Since it is determined whether or not a predetermined ratio or more matches, information can be restored even when the information processing apparatus is partially modified.

  Furthermore, the present invention (Claim 11) is characterized in that the data conversion of the information is performed by a predetermined algorithm based on the unique information detected by the detection means or the unique information stored by the storage means. And

  Since it is based on the unique information, only the unique information may be used, or the unique information may be combined with a variation value such as a date and a random number. If the unique information key is changed in this way, the decryption is more difficult and extremely safe. The predetermined algorithm may be settable.

  Furthermore, the present invention (Claim 12) is based on information and at least one unique information such as hardware, software, ID of a recording medium with ID, and biometric information. Data conversion means for converting data according to a predetermined algorithm, file storing the unique information, transmission / reception means for transmitting / receiving the file, and unique information acquired from the file transmitted / received by the transmission / reception means belong to a valid user An authentication means for authenticating whether or not the data is authentic, and data restoration in which the information is restored by a predetermined algorithm based on the unique information acquired from the file when the authentication means authenticates the user. Means.

  The unique information used for data conversion is temporarily saved in a file and sent and received. Since the unique information is acquired from this file and restored, the information can be restored without being affected by changes in the environment.

  Further, the present invention (Claim 13) is based on information and at least one unique information such as hardware, software, ID of a recording medium with ID, biometric information, etc. that constitutes the information processing apparatus. A data conversion means for converting data by a predetermined algorithm, a detection means for detecting the unique information, and a data restoration means for restoring data by a predetermined algorithm based on the unique information detected by the detection means did.

  Information is directly restored by a predetermined algorithm based on the unique information detected by the detection means, so that information can be easily restored.

  Furthermore, the present invention (Claim 14) includes specific information detecting means for detecting at least one specific information such as hardware, software, ID of an ID-added recording medium, biometric information, and the like constituting the information processing apparatus, Conversion key generation means for generating a conversion key by a predetermined algorithm based on the unique information detected by the unique information detection means, transmission / reception means for transmitting / receiving the conversion key generated by the conversion key generation means, and the transmission / reception means Data conversion means for converting information based on the conversion key transmitted and received in step (a), recovery key generation means for generating a recovery key by a predetermined algorithm based on the unique information detected by the unique information detection means, and the restoration And data restoration means for restoring information based on the restoration key generated by the key generation means.

  As described above, browsing can be performed only by the information processing apparatus requested to browse. Even if information is moved to another information processing apparatus, it cannot be browsed. Even if the communication is intercepted, the contents cannot be analyzed.

  Further, according to the present invention (Claim 15), information, data conversion means for converting the information according to a predetermined algorithm, transmission / reception software for transmitting / receiving the information converted by the data conversion means, and the information And a data restoring means for restoring data by a predetermined algorithm, wherein the data restoring means and the information are associated or integrated under a predetermined association and attached to the transmission / reception software.

The transmission / reception software may be integrated with the data restoration means. The predetermined association means that, for example, when information is converted into a document file, the association is performed so that the data restoration unit performs a series of processes for data restoration when the information is activated. . The information may be filed or a document.
As described above, data restoration is possible even if specific software for data restoration is not installed on the other side. Also, this system does not require a certificate authority. Therefore, since information and unique information are exchanged only between users who exchange information and no third party is involved, information is not leaked to the outside and is extremely safe.
Note that personal authentication may be performed when data is restored. Further, when restoring data of information, a password is basically unnecessary, but only the person himself / herself may open it by entering a password or the like.

  Furthermore, the present invention (Claim 16) is characterized in that the data conversion and the data restoration are performed by at least one of unique information such as hardware, software, ID of a recording medium with ID, and biometric information constituting the information processing apparatus. It is characterized by being performed by a predetermined algorithm based on the above.

The unique information may be stored in the database in association with each user and automatically selected when the user is selected. A predetermined algorithm may be specified.
Since data conversion and data restoration are performed based on the unique information, the information processing apparatus other than the unique information cannot perform data restoration.

  Furthermore, the present invention (Claim 17) has specific information including acquisition means for acquiring at least one specific information such as hardware, software, ID of a recording medium with ID, biometric information, etc. constituting the information processing apparatus. Acquisition software and transmission / reception software to which the specific information acquisition software is attached or integrated, and the specific information acquired by the specific information acquisition software or a file including the specific information is returned via the transmission / reception software It is characterized by being.

  As described above, the specific information can be acquired even if the specific information acquisition software is not installed on the other side. When the specific information acquisition software is attached, it is also possible to acquire specific information other than the information processing apparatus in which the transmission / reception software is installed. Unique information of a plurality of information processing devices may be acquired.

  As described above, according to the present invention, since the files are converted based on the unique information, unique processing such as encryption is possible. For this reason, even if files containing important contents are leaked to the outside, the information processing apparatus to which the leaked data cannot restore.

  The unique information is information that can be read from existing hardware, existing systems, etc., so even if the information processing device is re-setup, the same unique information can be acquired and information can be read. is there.

  In addition, by performing the unique information matching determination process by score evaluation, weighting, or the like, it is possible to make the system less susceptible to changes in specific information, changes in hardware, etc. by the user. .

The first embodiment of the present invention will be described below. A configuration diagram of a file / key / data management system according to the first embodiment of the present invention is shown in FIG.
In FIG. 1, a personal computer 100 is installed with file / key / data management software 150 (hereinafter simply referred to as software 150). The personal computer 100 may be an information processing device such as a mobile phone, a PDA, a mobile information processing terminal, a car navigation system, a CD, and a DVD recording / reproducing device. The software 150 is provided by a CD-ROM or the like (not shown), or is provided in the form of download from the server or the like (not shown) through the Internet 200.

  .. Are connected to the Internet 200 as shown. In the case of the present embodiment, each of the plurality of personal computers 100 may not be connected to the Internet 200. This is because it is sufficient that data can be exchanged between the personal computers 100 using a DVD, CD, magnetic disk, flexible disk, memory card, or the like.

  The personal computer 100 is also provided with a keyboard 101 for inputting characters and a mouse 103 for operating a pointer and the like. Further, the personal computer 100 has keys (music files, image files, character files, files for these files, applications, etc.) that are acquired by the personal computer 100 via the Internet 200 or the like, or created and edited by the user. A storage device 107 for storing files / keys / data 105 (hereinafter referred to as files 105) such as public data, common keys, etc.), music data, image data, character data, application data, file header information, etc. Is provided. As described above, the file 105 applicable to the management system of the present invention does not matter.

  Here, the storage device 107 is, for example, a hard disk drive built in or externally attached to the personal computer 100, a writable DVD, a writable CD, an optical disk, a magnetic disk, a flexible disk, a memory card, or the like. When the files 105 are stored / backed up in the storage device 107 or when the files 105 are read / edited from the storage device 107, the software 150 performs encryption and decryption. It has become.

  The software 150 detects the unique information 109 from hardware information of the personal computer 100, system information thereof, software information installed in the personal computer 100, and the like. Specific information 109 includes, for example, personal computer information, CPU information, PCI information, MAC address, hard disk information, OS information, mail address, IP address, IPv6 address (Internet Protocol version 6), cookie, SCSI information, software. Or file system information or the like.

  The personal computer main body information is, for example, a personal computer model such as FMVT423B for a Fujitsu personal computer and PC9821Xa16W30 for a NEC personal computer, and is information that can be acquired by software from existing hardware information. However, this type is not necessarily a full type, and may be partial information such as PC9821 and FMV. The information on the hard disk drive includes, for example, the capacity of the hard disk drive and the name of stored software.

  Furthermore, the OS information includes, for example, a user name, a product ID number, and an OS installation execution date / time set when Windows (registered trademark) 95 is installed. When using this OS installation execution date and time, for example, it is possible to refer to the update date and time of each directory of the basic drive in which the OS is installed.

  In addition, when using e-mail address, IP address, cookie information, SCSI information, etc. as the specific information 109, it may be the same in other personal computers 100, etc., so it is desirable to use it in combination with hardware information etc. .

  As described above, the unique information 109 is not recorded and prepared for the present invention, but may be information that can be read from existing hardware, an existing system, or the like. Therefore, the unique information 109 can be detected for various OSs (from Win95 to XP). The unique information 109 may include information such as ID information set on a recording medium such as a memory card or biometric information although a separate device is required. Further, the information is not necessarily limited to information that can be read from the existing information, and may be information that can be read by being newly modified or incorporated.

  Further, as the unique information 109, information that can be easily changed even if it can be read as described above is not preferable. For example, it is not preferable to easily or frequently assume parts replacement.

The software 150 detects a plurality of pieces of unique information 1 to N (numbers 1 to N are numbers corresponding to the pieces of unique information) from the unique information 109. At this time, the unique information 1 to N is converted into a hash value. However, the data may be used as it is without being hashed.
Furthermore, a key for encrypting and decrypting the files 105 is generated based on the unique information 1 to N. The unique information 109 detected by the software 150 is preferably plural, but may be one.

With this configuration, the operation of the software 150 will be described. First, the storage / backup operation of the files 105 will be described. A flowchart showing this operation is shown in FIG.
In FIG. 2, when saving / backing up files 105 acquired, created, and edited by the personal computer 100 using the software 150, first, step 101.
The storage destination is designated by (abbreviated as S101 in the figure. The same shall apply hereinafter). For example, the storage device 107 described above is designated.

  In step 103, specific information 1 to N is detected from the personal computer 100 that performs the saving / backup operation of the files 105 together with the designation of the saving destination in step 101. The unique information 1 to N detected from the personal computer 100 is referred to as personal computer unique information 1p to Np (the subscript p is a subscript meaning that the personal information is detected from the personal computer).

Next, in step 105, the personal computer specific information 1p to Np detected in step 103 and the files 105 to be saved / backed up in the storage device 107 are combined into one file.
On the other hand, in step 106, a key for encrypting the files 105 is generated based on the personal computer specific information 1p to Np. A key generated based on such unique information 1 to N is referred to as a unique information key.

When generating the unique information key, the unique information 1 to N may be rearranged in a predetermined order, or a result obtained by calculating the unique information 1 to N through a predetermined function may be used. Alternatively, the unique information key may be generated by extracting a part of the unique information 1 to N or by overlapping a part of the unique information 1 to N.
Furthermore, information used for encryption may include, for example, time data or random numbers in addition to the unique information. The time data is, for example, the detection time of the unique information, the transmission time of the unique information to the center, or the like. In this case, the value of the generated unique information key is a variable value that changes each time the files 105 are encrypted. Note that the information used for encryption may be such that the unique information is omitted and only time data or random numbers are used.
As described above, when time data or the like is also used to generate the unique information key, these data are also stored / backed up in the storage device 107 in step 105.

  In step 107, among the personal computer unique information 1 p to Np and the files 105 collected in step 105, the file 105 portion is encrypted with the unique information key generated in step 106. The files 105 encrypted with such a unique information key are referred to as encrypted files 105c (subscript c is a subscript meaning encryption). However, for example, the text portion excluding the tag may be encrypted without encrypting the entire files 105.

  In step 109, the personal computer specific information 1p to Np of the personal computer specific information 1p to Np and the files 105 collected in step 105 are encrypted with the second common key. Here, unlike the first common key described later, the second common key is used to encrypt the personal computer unique information 1p to Np. For example, the second common key is a manufacturer of the software 150 or a form incorporating the software 150. This is a common key set by the manufacturer that provides the application.

  In step 111, the encrypted files 105c encrypted in step 107 and the personal computer specific information 1p to Np encrypted in step 109 are formed into one file, and the structure as shown in FIG. A file FA having is completed. The personal computer unique information 1p to Np filed as one file FA is referred to as file FA unique information 1f to Nf (subscript f is a subscript meaning being included in the file FA).

  At this time, if the encrypted files 105c of the file FA are music files, image files, and text files, they may be independent files, or the encrypted files 105c may be configured as a plurality of files. Also good. Further, the file FA unique information and the encrypted file 105c may be configured as independent files.

Thereafter, in step 113, the file FA completed in step 111 is encrypted with the first common key. The file FA encrypted in this way is called an encrypted file FAc. Here, the first common key is used to encrypt the file FA, and, like the second common key, for example, the manufacturer of the software 150 or the manufacturer that provides the application in a form in which the software 150 is incorporated. Is a common key to be set.
Thereby, in step 115, the encrypted file FAc is saved and backed up in the storage device 107.

In the storage / backup operation of the files 105, it has been described that the encrypted files 105c are encrypted and the personal computer specific information 1p to Np are encrypted in steps 107 and 109, respectively. Either of these may be omitted.
That is, the structure of the file FA may be a combination of the unencrypted files 105 and the encrypted personal computer specific information 1p to Np (the whole is encrypted with the first common key), or an encrypted file. A combination of the class 105c and the unencrypted personal computer specific information 1p to Np may be used.

  If the file FA is composed of a combination of the encrypted file 105c and the unencrypted personal computer specific information 1p to Np, the entire file FA is not encrypted in step 113, but the personal computer specific information 1p. Only ~ Np may be encrypted. This also applies to the following reading / editing operations.

  It should be noted that when the data is stored / backed up in the storage device 107 in step 115, it is preferably further compressed. In this case, it is desirable not to use a general-purpose compression method such as the LZH format, but to perform special compression that requires a password or the like at the time of compression.

Next, read / edit operations and re-save / re-backup operations for saved / backed up files will be described. A flow chart showing this operation is shown in FIG.
In FIG. 4, when reading the files 105 saved / backed up by the personal computer 100, first, in step 201, input of a password for starting up the software 150 is requested. In step 202, the storage device 107 that is the storage source of the encrypted file FAc is specified, and the encrypted file FAc to be read is specified.

  In step 203, the encrypted file FAc designated in step 202 is decrypted with the first common key to obtain the file FA. In step 205, personal computer specific information 1p to Np is detected from the personal computer 100 reading the encrypted file FAc. The personal computer specific information 1p to Np is converted into a hash value.

  In step 207, the file FA unique information 1f to Nf is extracted from the file FA decrypted and generated in step 203, and the file FA unique information 1f to Nf is decrypted with the second common key.

  Further, in step 209, the personal computer unique information 1p to Np detected from the personal computer 100 in step 205 and the file FA unique information 1f to Nf decrypted in step 207 are compared. Then, the following steps 211 and 213 determine whether or not the saved / backed-up personal computer 100 is the same as the personal computer 100 that is currently performing the reading operation.

  That is, in step 211, by using the fact that the personal computer unique information 1p to Np and the file FA unique information 1f to Nf are a collection of a plurality of unique information 109, each unique information 1, 2,. Make individual contrasts. As a result, if the number of N pieces of unique information 1 to N is equal to, for example, more than half (four or more pieces of unique information 1 to N are a collection of eight pieces of unique information), storage / backup is performed. Assuming that there is a high possibility that the personal computer 100 and the personal computer 100 on which the reading operation is performed are the same, the process proceeds to the next step 213.

  On the other hand, when the matching unique information 1 to N is less than half, it is considered that the saved / backed-up personal computer 100 is different from the personal computer 100 on which the reading operation is performed. The personal computer 100 is determined to be a personal computer 100 used by a person who illegally uses the files 105. As a result, the personal computer 100 cannot proceed to step 219 and the like, and the file 105 cannot be read or edited.

  Here, the reason why it is determined that the personal computers 100 are the same not by the perfect match of the N pieces of unique information 1 to N but by the match of more than half of them will be described. For example, it is assumed that the CPU information is changed after the file 105 is saved / backed up, and the CPU information is included in the file FA unique information 1f to Nf.

  Then, the file FA unique information 1f to Nf saved by the save / backup operation and the personal computer unique information 1p to Np after the CPU information change do not completely match. However, if it is requested that the unique information 109 such as the CPU information can be changed relatively easily, it is extremely troublesome for a user who uses the information normally.

  On the other hand, the CPU information is important as the unique information 1 to N. Therefore, the identity of the personal computer 100 is determined with high accuracy by determining whether or not the number of the N pieces of unique information 1 to N is equal to or more than half, and bothering the user who is normally using the system. Is eliminated.

  Subsequently, in step 213, it is determined whether or not there is a discrepancy between the unique information 109 having higher priority among the personal computer unique information 1p to Np and the file FA unique information 1f to Nf. Here, the unique information 109 having a high priority is preferably unique information 109 that is not easily changed. Among the above-described information, for example, information on the personal computer main body, MAC address, and the like. As a result, if the unique information 109 with high priority matches, the saved / backed-up personal computer 100 and the personal computer 100 on which the reading operation is performed are the same as the result of step 211. Judge and proceed to the next step 215.

  On the other hand, if the high-priority unique information 109 does not match, the number of unique information 1 to N that matches in step 211 is large, but the unique information 109 that is inherently difficult to change is different. / It is determined that the backed-up personal computer 100 is different from the personal computer 100 that is performing the reading operation. Therefore, in this case, it becomes impossible to proceed to reading, editing, or the like in step 219 or the like.

  Note that, in these branches of steps 211 and 213, the determination is made based only on the number of matched unique information 1 to N and the matching of unique information 109 having a high priority, but is not limited thereto. For example, it may be determined only at step 211, or the unique information 1 to N is given a weight having a weight based on the priority order, and the total points of the matched unique information 109 are all matched. You may judge by whether it becomes more than a predetermined ratio with respect to all the scores. The priority weighting may be set, for example, such that information having a high probability of being used fixedly or information having a serial number or the like is set high.

  If it is determined in step 215 that the personal computer 100 is the same as the personal computer 100 stored / backed up in the branches of steps 211 and 213, the file FA decrypted and generated in step 203 (encrypted with the encrypted file 105c is encrypted). Only the portion of the encrypted file 105c is extracted from the personal computer unique information 1p to Np).

  In step 216, a unique information key for decrypting the encrypted files 105c is generated based on the file FA unique information 1f to Nf decrypted in step 207. When generating the unique information key, as described above, the unique information 1 to N is rearranged in a predetermined order, or the unique information 1 to N is calculated through a predetermined function. A key may be generated. Alternatively, the unique information key may be generated by extracting a part of the unique information 1 to N or by overlapping a part of the unique information 1 to N.

In step 217, the encrypted files 105c extracted in step 215 are decrypted with the unique information key generated in step 216 to obtain the files 105.
Thereby, in step 219, the file 105 is read and edited.
Thereafter, when the editing of the files 105 is completed in step 219, the files 105 are stored and backed up again in step 251 and subsequent steps. This operation is called re-save / re-backup operation.

  In the re-save / re-backup operation, first, in step 251, the file FA unique information 1f to Nf decrypted in step 207 and the files 105 read and edited in step 219 are combined into one file. To summarize. In step 253, a unique information key for encrypting the files 105 is generated based on the file FA unique information 1f to Nf. In step 255, the file 105 part of the file FA unique information 1 f to Nf and the file 105 collected in step 251 is encrypted with the unique information key generated in step 253.

  Note that steps 251, 253, and 255 are similar to the processing of steps 105, 106, and 107 of the storage / backup operation described above, but the personal computer specific information 1 p to Np detected by steps 105, 106, and 107 from the personal computer 100. However, the steps 251, 253, and 255 are processed based on the file FA unique information 1f to Nf.

  When the files 105 are encrypted in step 255, the same processing as in step 109 and subsequent steps in the save / backup operation shown in FIG. 2 is performed, and the files 105 are saved and backed up.

  As described above, even if the file 105 containing important contents is leaked to the outside, if it is saved / backed up by the software 150, it is determined that the personal computer 100 is not the same as the leaked personal computer 100. Therefore, the leaked files 105 cannot be decrypted, and as a result, unauthorized use of the files 105 can be prevented. Even other computers connected to the network cannot be decrypted.

Further, when it is determined that the personal computers 100 are the same by matching more than half of the unique information 1 to N, the file 105 is read when a part of the unique information 1 to N is changed or the hardware is changed by the user. Etc. are not prevented, and the troublesomeness to the user who is normally using can be eliminated.
Furthermore, since the files 105 are encrypted with the unique information 1 to N and the unique information 1 to N are encrypted with the second common key and further multiplexed with the first common key, it is extremely safe.

In addition, since the unique information 1 to N is information that can be read from existing hardware or an existing system, the same unique information 1 to N can be acquired even when the personal computer 100 or the like is re-setup. Furthermore, the first common key and the second common key can be set by the manufacturer of the software 150 or the manufacturer that provides the application in a form in which the software 150 is incorporated.

Next, a second embodiment of the present invention will be described.
In the file / key / data management system according to the first embodiment, when it is determined that the saved / backed-up personal computer and the personal computer to be read / edited are not the same, reading of the files is completely prohibited. However, even if it is determined that the file / key / data management system according to the present embodiment is not the same, the stored / backed up files are read / edited while preventing unauthorized use by a third party. (This operation that enables reading / editing is referred to as a relief operation).

  In other words, even if it is determined that the personal computer is not the same because a large-scale part has been remodeled or replaced with a personal computer that has been stored / backed up, it is possible to read the files 105 on the personal computer. Is.

FIG. 5 shows a configuration diagram of a file / key / data management system according to the second embodiment of the present invention. Note that the same elements as those in FIG. 1 are denoted by the same reference numerals and description thereof is omitted.
5, a center 300 and a plurality of personal computers 100, 100,... Are connected to the Internet 200. In the center 300, file / key / data management software 150 for the center 300 is installed. However, the software 150 may be provided by a CD-ROM or the like (not shown) or may be provided by downloading from a server (not shown) through the Internet 200.

  Then, the first personal computer specific information 1pi to Npi and the encrypted file FAc, which will be described later, are transmitted from the personal computers 100, 100,... To the center 300 via a recording medium such as the Internet 200 or a flexible disk. ing. In the center 300, registration from a user who uses the personal computers 100, 100,..., Issuance of a user ID for the user, authentication thereof, and the like are performed. On the other hand, the center 300 can also transmit unique information stored in the center 300 to an authenticated user when, for example, partial data corruption occurs. It has become.

  Further, the center 300 is provided with a database 301 in which the registered user ID and the received first-time personal computer specific information 1pi to Npi and the like are stored while being associated with each other. When the unique information is stored in the database 301 or when the unique information is read from the database 301, predetermined control is performed by the software 150.

  With this configuration, the operation of the software 150 will be described. First, a registration intention confirmation operation, a storage / backup operation (with an initial storage operation), and a registration operation will be described. Flow charts showing this operation are shown in FIGS. Note that the same elements as those in FIG.

6 and 7, before performing the save / backup operation (with the initial save operation), it is confirmed whether or not the user has the intention of registration in the registration intention confirmation operation.
First, in step 301, it is determined whether or not the personal computer 100 is using the software 150 for the first time.
If it is determined in step 301 that it is the first time, the process proceeds to step 303. On the other hand, if it is determined in step 301 that it is not the first time, it can be determined that the intention to register has been confirmed before, so the storage / backup operation in and after step 311 is started.

  Thereafter, in step 303, a user registration screen is displayed on the personal computer 100 determined to be the first time in step 301. However, this user registration screen may be arbitrarily displayed by selection later. In step 305, whether or not to actually register the user registration screen displayed in step 303 is selected. If there is an intention to register, a selection to that effect is made, and the intention to register is confirmed in step 307.

  On the other hand, if there is no intention to register in step 305, this flow is once ended by selecting to that effect. Thereafter, when it is determined in step 301 that it is not the first time, the storage / backup operation after step 311 is started. Thereafter, only the same control as in the first embodiment is performed on the personal computer 100 that has selected not to register in step 305. That is, if it is determined that the saved / backed-up personal computer 100 and the personal computer 100 to be read / edited are not the same, reading of the files 105 is prohibited at all, and no relief is performed.

When the intention of registration is confirmed in step 307, the storage / backup operation with the initial storage operation is started.
This storage / backup operation with the initial storage operation is similar to the storage / backup operation of the first embodiment, but step 103 (detection of personal computer specific information 1p to Np) and step 105 (computer specific information 1p to Np). Are different from each other in that steps 309 and 311 are inserted.

  That is, when the intention of registration is confirmed in step 305, after the personal computer specific information 1p to Np is detected in step 103, the personal computer specific information 1p to Np is stored in step 309 in the storage device 107 of the personal computer 100. Save to. The personal computer unique information 1p to Np stored when it is determined to be the first time is referred to as the first personal computer unique information 1pi to Npi (subscript i is a subscript meaning the first time). It should be noted that it is desirable to store the initial personal computer specific information 1pi to Npi in an area in the storage device 107 that cannot be easily rewritten.

In step 311, the personal computer unique information 1 p to Np used in the storage / backup operation after step 105 is overwritten with the initial personal computer unique information 1 pi to Npi saved in step 309.
That is, if it is determined in step 301 that it is the first time, the personal computer unique information 1p to Np detected in step 103 and the first personal computer unique information 1pi to Npi are the same, and the subsequent flow is first. This is exactly the same as the storage / backup operation of the embodiment.

On the other hand, if it is determined in step 301 that it is not the first time, the subsequent saving / backup operation is performed as if the current personal computer 100 is the personal computer 100 that is determined in step 301 to be the first time. Done.
When the personal computer specific information 1p to Np is overwritten in step 311, the encrypted file FAc is generated based on the files 105, the personal computer specific information 1p to Np, and the like by the same flow as in the first embodiment. The storage / backup operation of the class 105 is performed (from step 105 to step 115).

  It should be noted that when the data is stored / backed up in the storage device 107 in step 115, it is preferably further compressed. In this case, it is desirable not to use a general-purpose compression method such as the LZH format, but to perform special compression that requires a password or the like at the time of compression.

Next, when the save / backup operation of the files 105 is completed, a user registration operation is performed in step 351 and subsequent steps shown in FIG.
First, in step 351, the personal computer 100 determines again whether or not the software 150 is used for the first time. If it is determined in step 351 that it is the first time, the process proceeds to step 353. On the other hand, if it is determined in step 351 that it is not the first time, this flow is ended as it is.

  In step 353, whether or not to connect to the center 300 is selected for the personal computer 100 determined to be the first time in step 351. Thereby, in step 353, the user's intention to register is indirectly reconfirmed. If there is an intention to register, the process proceeds to step 355 by selecting connection to the center 300. On the other hand, if there is an intention to register at the stage of step 305, but the intention disappears thereafter, this flow is ended by selecting not to connect to the center 300.

  In step 355, connection to the user registration site is performed for the personal computer 100 selected to connect to the center 300 in step 353. In step 357, information such as the user's e-mail address, name, and address is entered at the user registration site connected in step 355.

  Further, in step 359, after the input of the mail address or the like in step 357, the encrypted file FAc generated in step 115 and the initial personal computer specific information 1pi to Npi stored in step 309 are transmitted to the center 300. The Of course, the personal computer specific information 1p to Np overwritten in step 311 may be transmitted instead of the initial personal computer specific information 1pi to Npi stored in step 309.

In this case, only the first-time personal computer specific information 1pi to Npi may be transmitted.
In step 361, the center 300 receives the encrypted file FAc and the initial personal computer specific information 1pi to Npi transmitted in step 359.

  Thereafter, in step 363, the initial personal computer specific information 1pi to Npi is stored in the database 301 from the encrypted file FAc received in step 361 and the initial personal computer specific information 1pi to Npi. At this time, in the database 301, the initial personal computer specific information 1pi to Npi is stored in a structure as shown in FIG. 8 while being associated with the user ID and the like returned to the personal computer 100 in step 365 described later. The initial personal computer specific information 1pi to Npi stored in the database 301 of the center 300 is referred to as storage specific information 1d to Nd (the subscript d is a subscript meaning that it has been stored).

  For example, as shown in FIG. 8, in the database 301, a higher category is formed for each user ID. In the case of a new user, a new user ID category is formed by registration. Also, the storage unique information 1d to Nd is stored in the lower level of each user ID category. Furthermore, a plurality of sets of stored unique information 1d to Nd may be provided below the category for each user ID by performing the relief operation described below (illustrated by user ID = bbbb).

  In step 365, a user ID and a password are assigned to the personal computer 100. By using this user ID, password, etc., individual communication with the center 300 becomes possible. For example, when the personal computer specific information 1p to Np stored in the storage device 107 of the personal computer 100 has been deleted, the stored specific information 1d to Nd stored in the center 300 can be obtained. . Thereafter, in step 367, a confirmation mail is transmitted to the personal computer 100. This completes the user registration in step 369.

  Next, a reading / editing operation, a re-saving / re-backup operation, and a relief operation for saved / backed up files will be described. Flow charts showing this operation are shown in FIGS. Note that the same components as those in FIG. 4 are denoted by the same reference numerals and description thereof is omitted.

  9 to 11, when reading / editing files, steps 201 to 209 are the same as those in the first embodiment. However, in step 203, if the data is compressed and saved in step 115 of FIG. 6, it is necessary to perform decompression. Also, in the following step 255, the same compression may be performed conversely.

  In the present embodiment, even when it is determined in the branches of steps 211 and 213 that the saved / backed-up personal computer 100 is different from the personal computer 100 on which the reading operation is performed, step 401 in FIG. 10 is performed. move on. Then, reading is enabled by adding the processing after step 401. In this respect, in the reading / editing operation of the first embodiment, when it is determined in steps 211 and 213 that the personal computer 100 is different, the processing proceeds directly to the saving / backup operation in step 109 and thereafter. ing.

Hereinafter, large-scale parts are remodeled, personal computers are replaced, transferred, etc. for the saved / backed-up personal computer (PC 100A). At the branch of steps 211 and 213, the current reading or the like is attempted. A description will be given assuming that the existing personal computers (for convenience of explanation, the personal computer 100B) are not the same.
First, in step 401, a selection is made as to whether or not a relief operation for the files 105 is to be performed on the personal computer 100B that is about to perform reading or the like. At this time, an inquiry window “whether or not to rescue” is activated in the personal computer 100B.

If it is selected in step 401 that relief is to be performed, the process proceeds to step 403. On the other hand, if it is selected in step 401 that no relief is performed, the storage / backup operation from step 109 onward in FIG. 9 is performed. In this case, the file 105 cannot be read / edited.
If the selection to perform the repair is made in step 401, the operation proceeds to the repair operation, and the encrypted file FAc including the file 105 to be repaired is selected in step 403. In step 405, personal computer specific information 1p to Np is detected from the personal computer 100B in which the encrypted file FAc to be saved is stored.

  Thereafter, in step 407, whether or not to connect to the center 300 is selected for the personal computer 100B in which the personal computer specific information 1p to Np is detected in step 405. Thereby, in step 407, it is reconfirmed whether or not the relief operation is indirectly performed. Therefore, when performing a relief operation, the process proceeds to step 409 by selecting connection to the center 300. On the other hand, although there was an intention to perform the relief operation in the stage of step 401, when the intention disappears thereafter, this flow is ended by selecting not to connect to the center 300.

  In step 409, the personal computer 100B selected to connect to the center 300 in step 407 is requested to input a user ID and password. In step 411, it is confirmed whether or not the user ID and password input in step 409 exist in the center 300. Here, when the user ID does not exist in the center 300 or when password authentication cannot be obtained, the process returns to step 407 again to request input of the user ID and password. However, this flow may be terminated in this case. Therefore, when user registration is not performed in the registration operation described above, it is not possible to proceed to the subsequent flow.

  If the confirmation is obtained in step 411, the encrypted file FAc specified in step 403 and the personal computer unique information 1p to Np of the personal computer 100B detected in step 405 are stored in the center 300 in step 413. Sent. Correspondingly, in step 415, the center 300 receives the encrypted file FAc and the personal computer specific information 1p to Np transmitted in step 413. In step 417, the user ID and password are confirmed.

  Further, in step 418 of FIG. 11, the encrypted file FAc received at the center 300 is decrypted with the first common key and the second common key, and the file of the personal computer 100A that has saved / backed up from the encrypted file FAc. FA unique information 1f to Nf is extracted. The operation of Step 418 is the same as Steps 203 and 207 of the reading / editing operation of the first embodiment. Here, the file FA unique information 1f to Nf extracted from the encrypted file FAc is the personal computer unique information 1p to Np overwritten with the initial personal computer unique information 1pi to Npi in step 311.

  In step 419, the file FA unique information 1f to Nf of the personal computer 100A extracted in step 418 and the stored unique information 1d to Nd stored in the database 301 belong to the category of the user ID confirmed in step 417. The stored unique information 1d to Nd is compared. Then, the following steps 421 and 423 determine whether or not to allow the file 105 to be rescued.

  That is, in step 421, the file FA unique information 1f to Nf and the stored unique information 1d to Nd are individually compared for each unique information 1, 2,. If all match, it is determined in step 359 or the like that the personal computer 100A has been registered in the center 300, and the process proceeds to the next step 423.

  On the other hand, if it is determined in step 421 that the file FA unique information 1f to Nf and the stored unique information 1d to Nd do not all match, the rescue operation is being performed illegally or there is an error during the rescue operation. Since this is considered to have occurred, an error is returned and this flow is terminated.

  Subsequently, in step 423, if there is a limit on the number of times to perform this relief operation, it is determined whether or not the limit on the number of times has been exceeded. In this case, it is desirable that the database 301 of the center 300 stores the number of times of performing the relief operation in association with each user ID. Also, in this step 423, it is determined whether or not payment has been made when charging is performed for performing the relief operation. In this case, the user may be charged directly or the vendor may be charged. When charging the user for charging, the user may be requested to input a number such as a credit card.

  If the above confirmation is obtained in step 423, it is determined that the relief of the files 105 is permitted, and the process proceeds to step 424. On the other hand, if the above confirmation cannot be obtained in step 423, it can be determined that the intention of the rescue operation has been lost, and therefore an error is returned and the present flow is terminated.

  Thereafter, in step 424, the center 300 generates a unique information key from the file FA unique information 1f to Nf in the encrypted file FAc transmitted from the personal computer 100B, and decrypts the encrypted file 105c. Do. The operation of step 424 is the same as that of steps 215, 216, and 217 of the reading / editing operation of the first embodiment.

  In step 425, the file 300 unique information 1f to Nf extracted from the personal computer 100A is overwritten with the personal computer unique information 1p to Np transmitted from the personal computer 100B on the center 300 side.

  Further, in step 427, the personal computer unique information 1p to Np in which the file FA unique information 1f to Nf is overwritten in step 425 is stored in the database 301 of the center 300. In this case, a separate category is provided and stored so as not to overwrite the storage-specific information 1d to Nd of the existing personal computer 100A. This is the same as when the registration of the personal computer 100B is performed without performing the registration operation again.

  Further, in step 429, the center 300 side uses the file FA unique information 1f to Nf of the personal computer 100B overwritten in step 425, and the same storage / backup operation as in the first embodiment (from step 105 to step 115). To generate an encrypted file FAc. In step 431, the encrypted file FAc generated in step 429 is downloaded from the center 300 to the user's personal computer 100B.

  As a result, in step 433, the encrypted file FAc can be decrypted using the personal computer specific information 1p to Np of the personal computer 100B, so that the file 105 can be read / edited, and the file 105 is rescued. The

  Next, in step 435, the personal computer unique information 1pi to Npi of the personal computer 100 is overwritten with the personal computer unique information 1p to Np registered in the center 300. Therefore, in the subsequent data storage or the like, the files 105 are encrypted with the personal computer unique information 1p to Np newly registered in the center 300.

  As described above, even in the personal computer 100B determined not to be the same, the file 105 can be read / edited. Since this processing is performed on the center 300 side, the saved / backed up files 105 can be relieved while preventing unauthorized use by a third party.

Next, a third embodiment of the present invention will be described.
The file / key / data management system according to the first embodiment enables the reading / editing operation of the files 105 on a single personal computer 100, but the file / key / data according to the present embodiment. The management system enables a file 105 to be read / edited by a plurality of personal computers 100, 100,.

FIG. 12 shows a configuration diagram of a file / key / data management system according to the third embodiment of the present invention. Note that the same elements as those in FIG. 1 are denoted by the same reference numerals and description thereof is omitted.
12, a file F2 server 500 and a plurality of personal computers 100A, 100B,... Are connected to the Internet 200. In the file F2 server 500, file / key / data management software 150 for the file F2 server 500 is installed.

  And the personal computer specific information 1p to Np and the stored file F2d are transmitted and received between the file F2 server 500 and the personal computers 100A, 100B,... (Contents of the file F2 and the stored file F2d) Is shown below). In the file F2 server 500, the storage file F2d is stored in the database 501 or read from the database 501 under the control of the software 150.

  On the other hand, between the personal computer 100A and the personal computer 100B, the file F1, the file F2, etc. are transmitted / received via the Internet 200.

By the way, in the file / key / data management system of the present embodiment, unlike the first embodiment, the file FA does not exist, and instead has a file F1 and a file F2. The structures of the file F1 and the file F2 are shown in FIG.
In FIG. 13, a file F1 is similar to the encrypted files 105c of the first embodiment, and the files 105 are encrypted with a unique information key based on the personal computer unique information 1p to Np. Yes. However, it is different in that it is associated with the following file F2 on a one-to-one basis. That is, one file F2 is always generated in association with one file F1.

  On the other hand, a plurality of sets of personal computer specific information 1p to Np from a plurality of personal computers 100A, 100B,... Registered by a file F2 registration operation described later are recorded in the file F2. In each personal computer specific information 1p to Np, an encryption source flag CF indicating that the file F1 is an encryption source is recorded.

  For example, when the encryption source flag CF is “1”, it indicates that the file F1 is encrypted with the unique information key based on the personal computer unique information 1p to Np. On the other hand, when the encryption source flag CF is “0”, it indicates that the file F1 is not encrypted with the unique information key based on the personal computer unique information 1p to Np.

  With this configuration, the operation of the software 150 will be described. First, the file F2 registration operation, the file F2 sharing operation, and the storage / backup operation will be described. Flow charts showing this operation are shown in FIGS. Note that the same elements as those in FIG.

14 and 15, the file F2 registration operation is performed before the save / backup operation, the read / edit operation, and the like of the present embodiment.
For example, when the file F2 registration operation is performed on a certain personal computer 100 (referred to as personal computer 100A), the personal computer 100A is connected to the file F2 server 500 in step 501. In step 503, personal computer specific information 1p to Np of the personal computer 100A is detected.

Further, in step 505, the personal computer specific information 1p to Np extracted in step 503 is transmitted to the file F2 server 500, and in step 507, the file F2 server 500 side receives it.
Thereafter, in step 509, the file F2 server 500 stores the received personal computer specific information 1p to Np of the personal computer 100A in the database 501. Note that the file F2 stored in the database 501 of the file F2 server 500 is referred to as a stored file F2d.

  Thereby, in step 511, the file F2 registration operation for the personal computer 100A is terminated. Then, by repeating this file F2 registration operation on a plurality of personal computers 100B,..., 100X, a plurality of sets of personal computer specific information 1p to Np are recorded in the storage file F2d. Centrally managed. The accumulated file F2d of the file F2 server 500 is always in the latest state by managing the accumulated file F2d in the file F2 server 500 in an integrated manner.

Next, when the other personal computer 100 (referred to as personal computer 100B) performs the storage / backup operation of the files 105, the file F2 sharing operation is performed in advance.
In this file F2 sharing operation, first, in step 531, the personal computer 100 </ b> B is connected to the file F2 server 500. On the other hand, in step 533, the file F2 server 500 reads the accumulated file F2d from the database 501.

In step 535, the storage file F2d read in step 533 is downloaded to the personal computer 100B. The stored file F2d downloaded to the personal computer 100 is referred to as a personal computer file F2p.
When the personal computer file F2p is stored in the storage device 107 of the personal computer 100B, the sharing operation of the file F2 ends in step 537.

  The file F2 sharing operation is not limited to the case where the stored file F2d is downloaded in response to a request from the personal computer 100B. For example, the latest storage file F2d may be distributed all at once to the personal computers 100A, 100B,... Already registered in the storage file F2d every time the file F2 registration operation is performed.

  As described above, the file F2 sharing operation is performed before the save / backup operation, so that the latest stored file F2d stored in the file F2 server 500 is owned as the personal computer file F2p in the personal computer 100B. become.

Next, the storage / backup operation of the files 105 will be described. In the storage backup operation of the files 105, the steps 101 to 107 (encrypting the files with the unique information key) are the same as those in the first embodiment. In step 551, the file F1 is completed.
Next, in step 553, it is determined whether the personal computer unique information 1p to Np detected in step 103 exists in the personal computer file F2p shared in step 537. In this case, it is determined whether there is unique information that completely matches.

Then, when the personal computer information F of the personal computer 100B does not exist in the personal computer file F2p, it is considered that the personal computer 100B has not been registered in the storage file F2d, and thus this flow ends. Therefore, in this case, only the storage / backup operation similar to the first embodiment can be performed.
On the other hand, if the personal computer information 1p to Np of the personal computer 100B exists in the personal computer file F2p, it is considered that the personal computer 100B has been registered in the storage file F2d.

  In step 555, the encryption source flag CF is written into the personal computer file F2p. That is, since the file F1 is encrypted with the unique information key generated from the personal computer unique information 1p to Np of the personal computer 100B, the encryption source flag CF for the personal computer 100B in the personal computer file F2p is set to “1”. On the other hand, the encryption source flag CF for the other personal computers (the personal computers 100A,..., 100X) is set to “0”.

Thereby, it is determined which personal computer 100 has the unique information key obtained by encrypting the file F1 generated based on the personal computer unique information 1p to Np.
In step 557, the personal computer file F2p in which the encryption source flag CF has been written is encrypted with the second common key. Thereby, in step 559, the file F2 is completed.

Further, in step 561, the file F1 completed in step 551 and the file F2 completed in step 559 are associated with each other. That is, the file F1 and the file F2 have a one-to-one correspondence. As a method of this association, for example, the file F1 and the file F2 have the same file name, common data is recorded in the header, or time data at the time of completion (update) of the file F1 is incorporated in the file F2. Is possible.
In step 563, the file F1 and the file F2 associated one-to-one in step 561 are encrypted with the first common key. Thereby, the storage / backup operation of the files 105 is completed.

Next, the read / edit relief operation using the file F2 will be described.
In FIG. 16, when reading the saved / backed up files 105, first, as in the first embodiment, input of a password for starting up the software 150 is requested in step 201. In step 581, the storage device 107 that is the storage source of the file F 1 is specified, and the file F 1 to be read is specified. At this time, in step 583, the file F2 associated with the file F1 designated in step 581 on a one-to-one basis is also read.

  In step 585, the file F1 and the file F2 are decrypted with the first common key. On the other hand, in step 205, personal computer specific information 1p to Np is detected from the personal computer 100 (referred to as personal computer 100C) that is reading the file F1 as in the first embodiment. In step 587, the decrypted file F2 is decrypted with the second common key.

  Thereafter, in step 591, it is determined whether or not the MAC address or the like of the personal computer 100 </ b> C detected in step 205 matches information such as the MAC address or the like of any personal computer in the file F <b> 2. However, it may be determined whether the personal computer name matches before determining the match with the information such as the MAC address. As the personal computer name, a unique personal computer name is registered in advance. If it is determined that the MAC addresses or the like do not match, after re-encrypting the file F2 with the second common key in step 593, this flow ends.

  On the other hand, if the MAC addresses match, the process further proceeds to step 211. In step 211, the same processing as in the first embodiment is performed on the personal computer specific information 1p to Np belonging to the personal computer where the MAC addresses and the like match, but the description thereof will be omitted. If it is determined in step 211 that more than half of the unique information 1 to N match, the process proceeds to step 595.

In step 595, in the personal computer 100C, a unique information key is generated based on the personal computer unique information 1p to Np whose encryption source flag CF in the file F2 is “1”. Thus, a unique information key is generated based on the personal computer unique information 1p to Np of the personal computer 100B that has performed the storage / backup operation.
Therefore, the file F1 can be decrypted in step 217. Accordingly, as in the first embodiment, the file 105 can be read, edited, re-saved / re-backuped.

  As described above, by including the plurality of personal computer specific information 1p to Np in the file F2, the files 105 can be read and edited between the plurality of personal computers 100A, 100B,. Become. Further, since the files 105 are stored / backed up by the same flow as in the first embodiment, unauthorized use of the files 105 can be prevented.

In the present embodiment, the storage file F2d has been described as being centrally managed by the file F2 server 500, but is not limited thereto. That is, the storage file F2d may be physically managed by storing it in a recording medium such as a single flexible disk.
Further, the file F2 server 500 in which the storage file F2d including the personal computer data to be shared exists may be sequentially referred to for each process via the Internet 200.

Next, a fourth embodiment of the present invention will be described.
In the file / key / data management system according to the fourth embodiment, a personal computer read flag is further set in the file F2 used in the file / key / data management system according to the third embodiment.

FIG. 17 shows the structure of the file F1 and the file F2 used in the fourth embodiment. The structure of the file F1 is the same as that shown in FIG.
In FIG. 17, in the file F2, a personal computer reading flag PF is set in each personal computer specific information 1p to Np.
For example, when the personal computer reading flag PF is “1”, it indicates that the file F 1 is set to be readable by the personal computer 100. On the other hand, when the personal computer reading flag PF is “0”, it indicates that the file F1 is set to be unreadable by the personal computer 100.

With this configuration, the operation of the software 150 of this embodiment will be described.
In FIG. 18, in the save / backup operation (the processing of FIG. 14 is the same as that of the third embodiment), an operation of setting a personal computer reading flag PF in the personal computer file F2p is added as step 601 after step 555. ing. In this step 601, the personal computer reading flag PF is written for each of the personal computers 100A, 100B,... Stored in the personal computer file F2p.

  For example, the personal computer reading flag PF may be set to “1” for the personal computer 100 that wants to permit reading, and the personal computer reading flag PF may be set to “0” for the personal computer 100 that wants to prohibit reading. Thereby, it is possible to give the read permission of the files 105 only to an arbitrary personal computer 100 in the encryption source of the file F1. Of course, all the PC reading flags PF may be set to “1”, but in this case, the operation is the same as that of the third embodiment.

  On the other hand, in FIG. 19, in the reading / editing operation, after step 211, a determination as to whether or not the personal computer 100 </ b> C that is performing the reading is enabled is added as step 631. In step 631, it is determined whether the personal computer reading flag PF corresponding to the personal computer specific information 1p to Np of the personal computer 100C in the file F2 is “1” or “0”. When the personal computer reading flag PF of the personal computer 100C is “1”, the process proceeds to the subsequent steps 595 and thereafter (the same as in the third embodiment and the like thereafter). If the personal computer reading flag PF of the personal computer 100C is “0”, the process proceeds to step 593.

After step 587, a computer name may first be searched in the computer file F2p, and a step of determining whether or not a matching computer name exists may be added.
As described above, it is possible to give the read permission of the files 105 only to an arbitrary personal computer 100 in the encryption source of the file F1.
Note that a personal read flag may be further set in the file F2. The structure of the file F1 and the file F2 in this case is shown in FIG. The structure of the file F1 is the same as that shown in FIG.

In FIG. 20, a personal read flag IF is set in the file F2.
When the personal read flag IF is “1”, it indicates that the file F1 is set to be readable by the user. On the other hand, when the personal read flag IF is “0”, it indicates that the file F1 is set to be unreadable by the user.

The personal read flag IF is set for each user in the above-described step 601 during the storage / backup operation (similar to setting the personal computer read flag PF for each of the personal computers 100, 100,...). It ’s fine.
Then, in the reading / editing operation, it may be determined in step 631 whether or not the user who reads the file F1 can read.

In this case, the user may be identified from the biometric information by using the biometric information as the personal computer specific information 1p to Np. Then, it may be determined whether the personal read flag IF for the specified user is “1” or “0”.
As described above, it is possible to give permission to read the files 105 not only to the personal computer but also to a specific individual.

Next, a fifth embodiment of the present invention will be described.
In the file / key / data management system according to the fifth embodiment, an ID and a password are further set in the file F2 used in the file / key / data management system according to the fourth embodiment.

FIG. 21 shows the structure of the file F1 and the file F2 used in the fifth embodiment. The structure of the file F1 is the same as that shown in FIG.
In FIG. 21, an ID and a password are set in the file F2. The ID and password are determined for each file F2.
With this configuration, the operation of the software 150 of this embodiment will be described.

  In FIG. 22, in the save / backup operation (the processing of FIG. 14 is the same as that of the third embodiment), an ID and password setting operation is added as step 651 after step 601 of the fourth embodiment. Yes. In this step 651, the personal computer file F2p is set with the ID and password that the user who wants to permit reading of the files 105 knows or will inform the user. The setting of the ID and password in step 651 may be performed before the setting of the personal computer reading flag PF or the like in step 601.

  On the other hand, in FIG. 23, in the reading / editing operation, an ID and password input operation is added as step 681 after step 631 of the fourth embodiment. In step 683, the ID and password input in step 681 are confirmed to match or do not match the ID and password set in the file F2. As a result, when it is determined that the ID and the password match, the process proceeds to the subsequent steps 595 and thereafter (the same as in the third embodiment and the like thereafter). On the other hand, if it is determined that the ID and password do not match, the process proceeds to step 593.

As described above, by setting a specific ID and password in the encryption source of the file F1, only the user who knows the ID and password can be given permission to read the files 105.
Note that the processing of the reading / editing operation in each of the above-described embodiments may be executed by processing using drag and drop as shown in FIG.

  That is, in step 701, the file F1 is dragged and dropped onto the icon of the software 150. Thereby, in step 703, the processing of the reading / editing operation in each embodiment is automatically performed. When the processing in step 703 is completed, in step 705, the file F1 is decrypted and the file 105 is read.

Next, a sixth embodiment of the present invention will be described.
In the file / key / data management system according to the sixth embodiment, a storage mode is further set to the file F2 used in the file / key / data management system according to the fifth embodiment.

FIG. 25 shows the structure of the file F1 and the file F2 used in the sixth embodiment. The structure of the file F1 is the same as that shown in FIG.
In FIG. 25, the save mode SM is set for the file F2. This storage mode SM is determined for each file F2. By setting the storage mode SM, a priority order or the like is provided between the personal computer reading flag PF as shown below and the ID / password match / mismatch determination. An example of the operation according to the storage mode SM is shown in FIG.

  In FIG. 26, when the storage mode SM is mode 1, the file 105 can be read only when the personal computer reading flag PF is “1” and the ID and password match. This mode 1 is the same process as in the fifth embodiment.

On the other hand, in the case of the mode 2, the file 105 can be read only by the personal computer reading flag PF being “1”. In other words, this mode 2 is the same processing as that of the fourth embodiment because it is not confirmed that the ID and password match or do not match.
In the case of mode 3, the file 105 can be read and the like only by matching the ID and password. That is, in this mode 3, the personal computer reading flag PF is not confirmed.

Further, in the case of mode 4, when the personal computer reading flag PF is “1” or the ID and the password match, the file 105 can be read. That is, the file 105 cannot be read only when the personal computer reading flag PF is “0” and the ID and password do not match.
Thus, by appropriately setting the storage mode SM, the authentication level (that is, the difficulty of authentication) at the time of reading the files 105 can be changed.

With this configuration, the operation of the software 150 of this embodiment will be described.
In FIG. 27, in the storage / backup operation (the processing of FIG. 14 is the same as that of the third embodiment), the setting operation of the storage mode SM is added as step 751 after step 651 of the fifth embodiment. ing. In this step 751, by setting the storage mode SM in the file F2, it is possible to set what authentication level is required at the reading destination.
This step 751 may be performed before step 601. Thereby, for example, when the storage mode SM is mode 2, the setting of the ID and password in step 651 can be omitted.

  On the other hand, in FIG. 28 and FIG. 29, in the reading / editing operation, operations corresponding to each storage mode SM are performed after step 211 of the fifth embodiment. FIG. 28A shows the reading / editing operation in mode 1, which is the same as in the fifth embodiment. FIG. 28B shows the reading / editing operation in mode 2, which is the same as in the fourth embodiment.

  Further, FIG. 29A shows a mode 3 reading / editing operation. In this mode 3, after the step 211, the personal computer reading flag PF is not confirmed in the step 631, but only the ID and password in the steps 681 and 683 are confirmed. If the ID and password match, the process proceeds to step 595, where the files 105 are read.

FIG. 29B shows a mode 4 reading / editing operation. In this mode 4, unlike the other modes 1 to 3, the branches of step 631 and step 683 are reversed. Then, unless it is not readable in step 631 and the ID and password do not match, the process proceeds to step 595, where the files 105 are read and the like.
As described above, by setting the storage mode SM in the file F2, the authentication level can be appropriately changed when reading the file 105 using the file F2.

  Note that after the read / edit operation in each mode, the file 105 is re-saved / re-backuped. At this time, a save mode SM different from the save mode SM in the read / edit operation may be set. Is possible. For example, when the file 105 is read in mode 2 in the read / edit operation, the file 105 may be re-saved by setting mode 1 in the re-save / re-backup operation.

Next, a seventh embodiment of the present invention will be described.
The file / key / data management system according to the second embodiment performs a relief operation on the center connection for each file type, but the file / key / data management system according to the present embodiment Even if there are a large number of files to be relieved, it is possible to easily relieve them.

FIG. 30 shows a configuration diagram of a file / key / data management system according to the seventh embodiment of the present invention. The same elements as those in FIG.
In FIG. 30, the file / key / data management system of the present embodiment is similar to the file / key / data management system of the second embodiment, but only the initial personal computer specific information 1pi to Npi is transmitted to the center 350. (That is, the encrypted file FAc is not transmitted). In addition, the personal computer 100 stores not only the initial personal computer specific information 1pi to Npi but also registration specific information 1r to Nr described later. The registered unique information 1r to Nr may be configured in the same file as the initial personal computer specific information 1pi to Npi, or may be configured as an independent file.

With this configuration, the operation of the software 150 of this embodiment will be described. The registration intention confirmation operation, storage / backup operation (with initial storage operation), and registration operation of the present embodiment are the same as those of the second embodiment (FIGS. 6 and 7).
Further, the file relief operation is shown in FIGS. FIG. 9 is the same as that of the second embodiment. 10 and 11 are denoted by the same reference numerals and description thereof is omitted.

  31 to 33, if it is determined that the personal computers to be read are not the same at the branches of steps 211 and 213 in FIG. 9, in step 701, the registration unique information 1r described later in the personal computer 100 is stored. It is determined whether or not .about.Nr exists. At this time, when the relief operation is performed for the first time in the personal computer 100, it is determined in step 701 that the registration unique information 1r to Nr does not exist.

  In step 401, in the same way as in the second embodiment, a selection is made as to whether or not to perform the relief operation for the files 105 in the personal computer 100 that is about to perform reading or the like. If the selection to perform the repair is made in step 401, the initial personal computer specific information 1pi to Npi is automatically selected in step 703. Thereafter, similarly to the second embodiment, the processes of steps 405, 407, 409, and 411 are performed.

  If it is confirmed in step 411 that the user ID and password exist in the center 350, in step 705, the first personal computer unique information 1pi to Npi automatically selected in step 703 and detected in step 405 are detected. The personal computer specific information 1p to Np thus transmitted is transmitted to the center 350. Correspondingly, in step 707, the center 350 receives the initial personal computer specific information 1pi to Npi and the personal computer specific information 1p to Np transmitted in step 705. In step 417, the user ID and password are confirmed.

Further, in step 709 of FIG. 32, the initial personal computer unique information 1pi to Npi received at the center 350 is decrypted with the first common key and the second common key, and the initial personal computer unique information 1pi to Npi is extracted.
In step 711, the stored unique information belonging to the category of the user ID confirmed in step 417 out of the initial personal computer unique information 1pi to Npi extracted in step 709 and the stored unique information 1 d to Nd stored in the database 301. Contrast 1d to Nd.

Then, in steps 421 and 423 similar to those in the second embodiment, it is determined whether or not the file 105 is to be relieved. After that, when the file 105 is relieved in steps 421 and 423, the personal computer specific information 1 p to Np is added to the database 301 of the center 350 in step 427.
In step 713, the personal computer unique information 1p to Np added to the database 301 in step 427 is encrypted with the first common key and the second common key. The encrypted personal computer specific information 1p to Np is referred to as registration specific information 1r to Nr (the subscript r is a subscript indicating that the information has been registered).

In step 715, the registration unique information 1r to Nr encrypted in step 713 is downloaded to the personal computer 100. In step 717, the registration unique information 1 r to Nr downloaded in step 715 is stored in the personal computer 100. In this case, it is desirable that the storage destinations of the registration unique information 1r to Nr are stored in an area that cannot be easily rewritten in the storage device 107.
Thereafter, similarly to the second embodiment, in step 435, the personal computer unique information 1p to Np newly registered in the center this time is overwritten with the initial personal computer unique information 1pi to Npi.

And the flow of this embodiment is once complete | finished by the above operation | movement. Thereafter, the file 105 is read once again, so that it is determined that the personal computers to be read at the branches of steps 211 and 213 in FIG. 9 are not the same.
At this time, in step 701, since the registration unique information 1r to Nr is stored in the personal computer 100 in step 717, it is determined that the registration unique information 1r to Nr exists.

  In step 731 of FIG. 33, the encrypted registration unique information 1r to Nr is decrypted with the first common key and the second common key. In step 733, the decrypted registration unique information 1 r to Nr is read out to the personal computer 100. Thereafter, in step 735, the personal computer unique information 1p to Np detected from the personal computer 100 is compared with the registered unique information 1r to Nr decrypted in step 731. In this case, the personal computer unique information 1p to Np and the registered unique information 1r to Nr are compared by the same method as in steps 211 and 213 of the first embodiment.

  As a result, if it is determined that the personal computer specific information 1p to Np and the registered specific information 1r to Nr are the same, the personal computer 100 reading the files 105, for example, steps 421 and 423 in FIG. Thus, it is determined that the personal computer 100 is allowed to be relieved. On the other hand, if it is determined that the personal computer unique information 1p to Np and the registered unique information 1r to Nr are not the same, the process proceeds to step 401 and subsequent steps in FIG. As in the second embodiment, in the personal computer 100 that is about to perform reading or the like, it is asked again whether or not the file 105 is to be rescued.

If the file 105 is selected to be rescued, the process of registering new unique information in the center and updating the registered unique information 1r to Nr registered in the center in the personal computer 100 is performed again. The same is repeated.
On the other hand, if it is determined in steps 211 and 213 in FIG. 33 that the personal computer unique information 1p to Np is the same as the registered unique information 1r to Nr, the file FA unique information 1f is obtained in the subsequent steps 215, 216, and 217. A unique information key is generated from .about.Nf, and in step 219, the files 105 are read and edited.

When the editing or the like of the file 105 is completed in step 219, the registered unique information 1r to Nr decrypted in step 731 in step 737 and the file 105 read and edited in step 219 are edited. Are combined into one file.
In steps 739 and 255, a unique information key for encrypting the files 105 is generated based on the registered unique information 1r to Nr, and the files 105 are encrypted with the unique information key. Thereafter, the process after step 109 of the save / backup operation is performed on the encrypted files 105.

If a large number of files 105 exist, after performing the above-described rescue operation for a certain file 105, the rescue operation is performed again with another file 105.
In this case, since it is determined in step 701 that the registered unique information 1r to Nr exists, the file 105 can be relieved without performing communication with the center 300 as in the second embodiment. .

Further, in steps 211 and 213, it can be determined that the personal computer 100 is allowed to rescue the file 105, so that the rescue of the file 105 is prevented while preventing unauthorized use by a third party, as in the second embodiment. It can be performed.
As described above, even when there are a large number of files 105 to be repaired, the repair can be easily performed.

Next, an eighth embodiment of the present invention will be described.
This embodiment shows an example when the file / key / data management system of the first to seventh embodiments is applied to copyright protection. The file / key / data management system of each embodiment is incorporated in a predetermined application.

The operation of the eighth embodiment will be described.
First, the usage right registration application operation is shown in FIG. 34, in step 801, the file FA is transmitted from the personal computer 100 to the center. The file FA is a file for which copyright protection is desired. The file FA is obtained by encrypting the files 105 based on the personal computer unique information 1p to Np, as described in the embodiments. The files 105 and the personal computer specific information 1p to Np may be integrated, or may be configured as separate files. When configured as a separate file, only the personal computer specific information 1p to Np may be transmitted to the center.

In step 803, the file FA transmitted from the personal computer at the center is accepted.
Thereafter, in step 805, the personal computer specific information 1p to Np is extracted from the file FA received at the center, and the file FB is generated based on the personal computer specific information 1p to Np.
Here, the file FB refers to a file generated based on a part or all of the unique information 109 among the personal computer unique information 1p to Np in the file FA. In step 807, the password set in the center (hereinafter referred to as a registered password) is put in the file FB generated in step 805 and returned to the personal computer 100.

  On the other hand, in step 809, the personal computer 100 compares the file FB returned in step 807 with the personal computer specific information 1p to Np in the file FA. If it is determined in step 811 that the file FB and the personal computer specific information 1p to Np in the file FA match, the process proceeds to the subsequent step 813. On the other hand, if it is determined in step 811 that the file FB and the personal computer specific information 1p to Np in the file FA do not match, an error is returned and this flow is terminated.

  Thereafter, in step 813, the personal computer 100 stores the registered password included in the file FB returned in step 807 in the file FA. Thereby, in step 815, the registration of the right to use the file FA is ended.

Next, FIG. 35 shows the usage right registration confirmation operation. In FIG. 35, in step 851, an application for reading and editing the file 105 is started.
In step 853, it is confirmed whether the file FA exists in the personal computer. If it is determined in step 853 that the file FA does not exist, an error is returned and this flow ends. On the other hand, if it is determined in step 853 that the file FA exists, it is determined in step 855 whether the registered password exists in the file FA.

  If it is determined in step 855 that the registered password does not exist in the file FA, it is considered that the use right registration application operation has not been performed. move on. On the other hand, when it is determined that the registered password exists in the file FA, it is considered that the use right registration application operation is performed, and therefore the use right of the file FA is confirmed in step 857.

  Thereafter, in step 859, it is selected whether to manage the files 105 according to any of the first to seventh embodiments described above. As a result, in step 861, the files 105 in the selected form are managed. In step 859 and subsequent steps, an arbitrary operation by the application is performed after confirming the right to use the file FA in step 857.

  As described above, the encryption method using the file / key / data management system of the first to seventh embodiments can be applied to copyright protection of text data, image data, music data, etc. provided on a CD or the like. In other words, these data may be illegally copied and used if they are raw data, but by adopting the file / key / data management system of the first to seventh embodiments, only with a personal computer that has applied for registration, Data becomes available.

  In addition, since it is not a system that protects copyrights by inserting watermarks or the like, it is possible to prevent deterioration of images and sound quality. Furthermore, if biometric information is used as the personal computer specific information 1p to Np, not only personal computer protection but also personal protection is possible.

Next, a ninth embodiment of the present invention will be described.
This embodiment shows an example when the file / key / data management system of the first to seventh embodiments is applied to the use restriction of information in the center. That is, access to the center homepage is permitted only to those registered in advance, and only the registered one is permitted to use information browsing.
The information is, for example, sales management information such as sales data, etc., and access and browsing through the Internet 200 of a third party should be restricted.
A user's personal computer (which may be a mobile phone or the like) is provided with software for acquiring specific information, performing file transmission / reception, decryption, and the like. Further, the center server is provided with software for storing and encrypting information, determining user identity, etc., and performing transmission / reception processing.

Next, the operation of the ninth embodiment will be described.
Sales data transmission operation is shown in FIGS. 36, first, in step 901, the personal computer specific information 1P to NP is detected by software, and in step 903, the detected personal computer specific information 1P to NP is stored in the file F2. This file F2 is stored in the storage device. The personal computer specific information 1P to NP is preferably converted into a hash value.
On the other hand, when the user wants to confirm information such as sales data at the center, the user presses an information browsing button not shown in step 905. At this time, after being connected to the Internet 200, a password input screen appears in step 907.

  Further, in step 909, the user inputs a user ID and password to the password input screen displayed in step 907. At this time, the user has registered in advance to request the center to browse and obtain information, and has received a user ID and password by this registration. At the time of registration, the personal computer specific information 1p to Np is registered in the center, and the personal computer specific information 1p to Np (that is, the stored specific information 1d to Nd) is stored in correspondence with the user ID. Yes.

  Thereafter, in step 911, the input user ID and password are transmitted from the personal computer to the center. In step 913, the file F2 saved in step 903 is automatically transmitted to the center.

  On the other hand, in step 915, the center receives the user ID and password transmitted in step 911 and the file F2 transmitted in step 913. In step 917, it is confirmed whether there is a user ID and password registered in advance in the center that matches the user ID and password received in step 915. Specifically, if it is determined in step 919 that the matching user ID and password exist, the process proceeds to the next step 921. On the other hand, if it is determined that there is no matching user ID and password, the request for browsing or obtaining information from the user is rejected, and this flow is terminated.

  Further, when it is determined in step 919 that the matching user ID and password exist, in step 921, the reception date and time of the file F2 is recorded. The “date” data of the reception date and time is, for example, year / month / day data, and the “hour” data is, for example, hour / minute / second data.

  However, the transmission date and time of the file F2 may be recorded instead of this reception date and time (or together with the reception date and time). Further, instead of (or together with) the reception date / time and transmission date / time of the file F2, a random number set by the center or the user's personal computer may be recorded.

  That is, it is desirable that the data recorded in this step 921 is a variable value and is different from the data recorded in the operation of another user. Therefore, the fluctuation value can be easily generated by using the reception date / time, the transmission date / time, the random number, or the like of the file F2.

Thereafter, in step 923, the file F2 received in step 915 is compared with the stored unique information 1d to Nd belonging to the category of the user ID confirmed in step 919 among the stored unique information 1d to Nd previously stored in the center. Is done.
Specifically, in step 925, it is determined whether the MAC address or the like in the file F2 received in step 915 matches the MAC address or the like of the personal computer in the stored unique information 1d to Nd.

In step 927, if it is determined in step 925 that the MAC addresses and the like match, it is determined whether or not the unique information 1 to N matches more than half of the file F2 in which the MAC addresses match. If it is determined in step 927 that the unique information 1 to N is equal to or more than half, the process proceeds to step 929. However, the process of step 925 may be omitted and only the process of step 927 may be performed.
On the other hand, when it is determined in step 925 that the MAC addresses do not match or in step 927 that the unique information 1 to N does not match more than half, the request for browsing or obtaining information from the user is rejected, and this flow is Is terminated.

  Thereafter, in step 929, a unique information key is generated from the unique information of the file F2 received in step 915 and the reception date and time of the file F2 recorded in step 921 based on a predetermined algorithm. When generating the unique information key, a key generation logical value indicating a logical value for generating the unique information key may be defined. The key generation logical value a indicates a logical procedure for generating a unique information key. For example, in this key generation logical value a, what number digit and what number digit are extracted from the top of the unique information data, what kind of calculation is performed, or how this extracted data is processed Logical procedure data such as whether to generate keys by arranging them is shown. The logical procedure may be variable, and command data for this variable may be recorded in the key generation logical value.

  However, by specifying the key generation logical value a by a number or the like, one logical procedure for generating the unique information key may be determined. In this case, a plurality of logical procedures for generating the unique information key are prepared, and each logical procedure is programmed in advance corresponding to each key generation logical value. Since the unique information key is generated from the unique information (fixed value) of the file F2 and the reception date and time (variable value: random number or the like) of the file F2, it is a key that varies as a whole.

  In step 931, the information is encrypted using the unique information key generated in step 929. Information encrypted with such a unique information key is called a file F8. Note that the information may be compressed in addition to encryption, or may be compressed in place of encryption. At this time, the unique information key is used as a password for processing such as compression and decompression. However, the information may be embedded as a watermark information in a specific image file.

In step 933, the unique information is extracted from the file F2, and this unique information is stored in the file F9 together with the reception date and time and the decryption permission code of the file F2. If the key generation logical value a is set, this data is also saved in the file F9.
Here, the decryption permission code means that this operation is performed when it is determined that the unique information 1 to N match a predetermined ratio or more in the matching of the user ID and the password in step 919 and the unique information in steps 925 and 927. It is a code | symbol which shows permitting the decoding of information with respect to the user who is performing. The decryption permission code may be set such as the number of times that information is permitted to be decrypted, a period, and whether or not to delete the file when a predetermined time is reached. The decryption permission code may be used as a personal identification key manually input by the user at the time of decryption. At this time, the decoding permission code is set to be different for each user.

Thereafter, in step 935, the file F9 saved in step 933 is encrypted with the first common key and the second common key.
In step 937, the information (file F8) encrypted in step 931 and the file F9 encrypted in step 935 are transmitted from the center to the user's personal computer.
As described above, information is transmitted from the center to the user in response to a request for browsing or obtaining information from the user.

  Next, the sales data confirmation operation is shown in FIG. In FIG. 38, in step 951, the file F8 and the file F9 transmitted from the center are received by the user's personal computer. The received file F8 and file F9 may be immediately decrypted, but may be temporarily stored and decrypted when necessary. In step 953, the file F9 (encrypted) received in step 951 is decrypted with the first common key and the second common key.

  Thereafter, in step 955, it is confirmed whether or not a decoding permission code exists in the file F9 decoded in step 953. If it is determined that there is a decoding permission code, it can be determined that the user is permitted to decode information, and the process proceeds to the subsequent step 957. Note that these conditions are determined when there is information set in the decoding permission code. On the other hand, if it is determined that there is no decryption permission code, the flow is terminated without decrypting the file F8 in step 965. However, the setting of the decoding permission code in step 933 and the processing in step 955 may be omitted.

  In step 957, the file F2 stored in the user's personal computer in step 903 is compared with the unique information included in the file F9 decrypted in step 953.

Specifically, in step 959, individual comparison for each of the unique information 1, 2,..., N is performed on the file F2 saved in the personal computer and the unique information included in the file F9. If all of the unique information 1 to N match, it is determined that the personal computer has been matched with the unique information at step 923 or the like, and the process proceeds to the next step 961.
On the other hand, if it is determined in step 959 that not all of the unique information 1 to N match, this flow is terminated without decrypting the file F8 in step 965.

In step 957, the file F2 stored in the user's personal computer in step 903 is used. However, the personal computer specific information 1P to NP is detected again from the user's personal computer, and the matching of the unique information 1 to N is determined. May be.
Further, the unique information 1 to N is not determined to match, a unique information key is generated under a predetermined algorithm based on the personal computer unique information 1P to NP newly detected by the user's personal computer, and the file F8 is directly decrypted. You may do it. In this case, the reception date and time, random numbers, etc. may be omitted.

  Thereafter, in step 961, a unique information key for decrypting the file F8 is generated under a predetermined algorithm from the unique information included in the file F9 decrypted in step 953 and the reception date and time of the file F2. . When the key generation logical value a is set, the logical procedure is set according to this data. In step 963, the file F8 is decrypted with this unique information key.

Although not shown, authentication using an ID and password as shown in the fifth embodiment (FIG. 23) may be performed before the decryption of the file F8 in step 963. Moreover, you may make it authenticate the user by biometric information.
As a result, in step 967, information (for example, sales data) is confirmed. When confirming the information, the software may have a dedicated browsing function, but predetermined commercial software associated with the decrypted file may be activated to enable browsing. Further, the decrypted file may be left in an encrypted state again.

  As a result, even when important information (for example, sales data) is leaked, this information is encrypted with the unique information key and cannot be decrypted by other personal computers. There is no. Further, since the unique information key is a fluctuating key generated based on the reception date and time or a random number, it is difficult to decipher the unique information key and it is extremely safe.

Next, a tenth embodiment of the present invention will be described.
In the tenth embodiment of the present invention, by registering the personal computer specific information 1p to Np in the center, the center side can encrypt necessary information any number of times based on the personal computer specific information 1p to Np. On the other hand, on the user side, the information transmitted from the center side can be decoded based on the personal computer unique information 1p to Np.
The same elements as those in FIG. 36, FIG. 37 and FIG.

  In the flowchart of FIG. 39, personal computer specific information 1p to Np is extracted by software installed on the user's personal computer and stored in the file F2. When the user inputs the user ID and password, the file F2 is transmitted to the center together with the user ID and password. In step 971, the center stores and registers the received personal computer specific information 1p to Np at the position to which the corresponding user ID belongs in the database.

The sales data transmission operation will be described based on the flowchart of FIG.
If the user wishes to obtain information from the center, a request is made to the center in step 905. If the input of the user ID and password is registered, the reception date and time is recorded in step 973. However, a random number or the like may be used instead of the reception date and time. In step 975, a unique information key is generated from the unique information already registered in the center and the reception date and time based on a predetermined algorithm. When generating the unique information key, a key generation logical value indicating a logical value for generating the unique information key may be defined. In step 931, the information is encrypted with the unique information key, and a file F8 is created.

In step 977, the registered unique information is extracted, and this unique information is stored in the file F9 together with the reception date and time and the decryption permission code. Various settings may be made for the decryption permission code in the same manner as in step 933 described above. If the key generation logical value a is set, this data is also saved in the file F9. Thereafter, the file F8 and the file F9 are transmitted to the user's personal computer.
The flowchart in FIG. 41 relates to the sales data confirmation operation.
If the file F8 and the file F9 are received by the user's personal computer and the decryption permission code exists, the personal computer specific information 1p to Np is detected from the user's personal computer in step 979. However, the setting of the decoding permission code in step 977 and the processing in step 955 may be omitted. In step 981, the detected personal computer unique information 1p to Np is compared with the registered unique information stored in the file F9.

If it is determined in steps 925 and 927 that the unique information is equal to or greater than a predetermined ratio, the registered unique information stored in the file F9 in step 961 and the reception date and time are used based on a predetermined algorithm. A unique information key is generated. Thereafter, in step 963, the file F8 is decrypted with this unique information key.
Note that the comparison of the unique information 1 to N is omitted, a unique information key is generated under a predetermined algorithm based on the personal computer unique information 1P to NP detected again from the user's personal computer in step 979, and the file F8 is directly stored. You may make it decode. In this case, the reception date and time, random numbers, etc. may be omitted.

On the other hand, if it is determined in steps 925 and 927 that the unique information does not match a predetermined ratio or more, the file F8 is not decrypted in step 965. In this case, a screen that prompts the user to change the registered unique information to new unique information and apply for change registration may be displayed.
As described above, on the center side, information can be encrypted and transmitted any number of times using registered unique information. Since the transmission of the unique information to the center is basically performed only once, the burden on the user can be reduced. Decoding is possible even when a part of the user's personal computer is replaced or modified. Also, decryption is not possible if the personal computer is different from the registered personal computer. The registered personal computer is not limited to a personal computer currently connected to the Internet. By registering an arbitrary personal computer in advance, it can be decrypted only by that personal computer. At this time, the registered unique information of the arbitrary personal computer is stored in the file F9. Further, by registering a plurality of personal computers in advance, any of the plurality of personal computers can be decrypted. At this time, the registered unique information of the plurality of personal computers needs to be stored in the file F9.

Next, an eleventh embodiment of the present invention will be described.
In the eleventh embodiment of the present invention, instead of passing the unique information to the other party, a unique information key that is a data conversion key for information encryption or the like is generated, and then this unique information key is sent to the other party. It is something that is passed. Information that has been subjected to data conversion such as encryption on the other side is sent to the user side, and is restored after a unique information key is generated again on the user side. FIG. 47 shows a flowchart of the eleventh embodiment of the present invention.

  In FIG. 47, in step 1101, software installed in, for example, a personal computer that is an information processing apparatus on the user side is activated, and a request for browsing or obtaining information is made. At this time, the personal computer specific information 1P to NP is detected in step 1103. In step 1105, a unique information key is generated from the detected personal computer unique information 1P to NP based on a predetermined algorithm.

  In step 1107, this unique information key is transmitted to the other party, for example, the center. However, at this time, in addition to the unique information key, a key generation theoretical value indicating a logical procedure for generating the unique information key may be similarly transmitted. If the key generation theoretical value is also transmitted in this way, the generation method of the unique information key is not always the same, so that it is difficult to analyze. It is desirable that the key generation theoretical value be different for each transmission. The transmitted unique information key is received by the center in step 1109. Note that random numbers and date / time data may be taken into consideration when generating the unique information key.

  In step 1111, the file F <b> 8 in which information is entered with this unique information key is encrypted at the center. Then, the file F8 encrypted in step 1113 is transmitted to the user's personal computer. If a key generation theoretical value or the like exists, it may be transmitted in the same manner as this file F8. In step 1115, the file F8 is received by the user's personal computer. In step 1117, an inquiry is made as to whether or not to immediately view the file F8. If “Do not browse immediately” is selected, the file F8 is stored in the user's personal computer in step 1119. If there is a key generation theoretical value or the like, it is stored together with this file F8. If the user wants to decrypt this file F8, the processing from step 1121 is performed.

On the other hand, if “read immediately” is selected in step 1117, the personal computer specific information 1 P to NP is detected again in step 1121. However, when the personal computer specific information 1P to NP detected in step 1103 remains in the memory or the like, the personal computer specific information 1P to NP may be referred to. In step 1123, a unique information key is generated from the detected personal computer unique information 1P to NP based on a predetermined algorithm. If a key generation theoretical value or the like exists, the key generation theoretical value or the like is read, and a unique information key is generated according to the logical procedure recorded in the key generation theoretical value. In step 1125, the file F8 is decrypted with this unique information key.
As described above, browsing is possible only on a personal computer requested to be browsed. Even if the file F8 is moved to another computer, it cannot be browsed. Even if the communication is intercepted, the contents cannot be analyzed.

Next, a twelfth embodiment of the present invention will be described.
In the present embodiment, the confidential information can be confirmed without being limited to the environment of the user who wants to confirm the confidential information. FIG. 42 shows a configuration diagram of the file / key / data management system according to this embodiment.

In FIG. 42, software for managing confidential information according to this embodiment is installed in a personal computer 100A of a user who transmits confidential information (hereinafter referred to as user A in this embodiment). Customer information is managed by a customer information database. On the other hand, the software for managing confidential information is not installed in the personal computer 100B of the user who confirms the confidential information (hereinafter referred to as user B in the present embodiment). The personal computer 100B may be a mobile phone or the like.
The personal computer 100A and the personal computer 100B are communicated by mail.

Next, the operation of the twelfth embodiment of the present invention will be described. First, the specific information acquisition operation is shown in FIG. This unique information acquisition operation is an operation for the user A to acquire the personal computer specific information 1p to Np of the personal computer 100B of the user B.
In FIG. 43, in step 1001, software for managing confidential information is activated on the personal computer 100A of the user A. In step 1003, a user (that is, user B) who wants to confirm confidential information is selected from the customer information in the customer information database. For the user selected in step 1003, the mail address is stored in the customer information in the customer information database in advance.

  Thereafter, in step 1005, it is determined whether the user B selected in step 1003 does not exist in the customer information database. If user B exists in the customer information database, it can be determined that the user has already performed the unique information acquisition operation (operation up to step 1029), and therefore, the operation after step 1041 (FIG. 44) is performed. move on. On the other hand, if the user B does not exist in the customer information database, the process proceeds to step 1007 below.

  In step 1007, a unique information acquisition request mail is created. In this unique information acquisition request mail, as shown in FIG. 46 (a), the executable file A.N. exe is attached. In addition, the specific information acquisition request mail includes, as the content of the text, a text requesting the description of the destination user's name and address, or the user ID and password desired by the user. The user ID, the user's name and address, and the like may be extracted from the data existing in the customer information database and described. Furthermore, as the contents of the text, an executable file A. The usage of exe is described. However, this executable file A. exe may be integrated with mail software.

  Thereafter, in step 1009, the unique information acquisition request mail created in step 1007 is transmitted to the user B. On the other hand, in step 1011, the user B receives a unique information acquisition request mail. In step 1013, the executable file A. attached to the unique information acquisition request mail in the personal computer 100B of the user B is displayed. exe is executed. This executable file A. The execution of the executable file A.exe described in the unique information acquisition request mail is executed. It is done according to how to use exe.

At this time, in step 1015, the personal computer from which the personal computer specific information 1p to Np is acquired is designated.
For example, when the user B has only the personal computer 100B that has received the unique information acquisition request mail, this personal computer 100B is designated.

If user B owns a personal computer in addition to personal computer 100B, one of them may be designated as a personal computer for checking confidential information in step 1015. In this case, the executable file A. exe is moved. And this executable file A. When exe is activated, the personal computer is designated as a personal computer for confirming confidential information. Furthermore, a plurality of personal computers 100 may be designated at this time.
In step 1017, the personal computer specific information 1p to Np is acquired from the designated personal computer 100. As described above, when a plurality of personal computers 100 are designated in step 1015, a plurality of sets of personal computer specific information 1p to Np are sequentially acquired.

In step 1019, the files of the personal computer specific information 1p to Np acquired in step 1017 are encrypted.
Thereafter, in step 1021, a reply mail (hereinafter referred to as a unique information mail) is created. As shown in FIG. 46B, files of personal computer specific information 1p to Np are attached to the specific information mail. In addition, in the unique information mail, the name and address of the user B, the user ID desired by the user B, and the password thereof are entered in response to the request for the unique information acquisition request mail. Further, biometric information, recording medium ID, and the like may be attached to the specific information mail as necessary.

  In step 1023, the unique information mail created in step 1021 is transmitted to the user A. On the other hand, in step 1025, the user A receives the unique information mail. As a result, in step 1027, the personal computer specific information 1p to Np of the user B is acquired in the personal computer 100A of the user A. At this time, the encryption performed in step 1019 is decrypted.

  Note that the attachment of the personal computer specific information 1p to Np to the specific information mail in step 1021 and the transmission of the specific information mail in step 1023 are not performed manually by the user B, but the execution file A.N. It may be automatically performed by executing exe. Further, in the creation of the unique information mail in step 1021, it has been described that the user B's name and address, the user ID desired by the user B, and the password thereof are entered, but this entry may be omitted.

  In step 1029, a customer information database is created based on the personal computer specific information 1p to Np acquired in step 1027. In this customer information database, as shown in FIG. 46 (c), upper categories are formed for each user's mail address. In the case of a new user, a new mail address category is formed by acquiring the personal computer specific information 1p to Np in step 1027.

  In addition, the personal computer specific information 1p to Np acquired in step 1027 is arranged below the category of the mail address. Furthermore, the name and address of the user B entered in the specific information mail, the user ID of the user B, a password, and the like are arranged below the category of the mail address.

  When the personal computer specific information 1p to Np is acquired from a plurality of personal computers in step 1017, a plurality of sets of personal computer specific information 1p to Np are arranged (illustrated by e-mail address = 33333). In addition, in the creation of the unique information mail, when entry of the name and address of the user B is omitted, this field may be omitted (illustrated by mail address = 22222). When these pieces of information are registered in advance on the user A side, these pieces of information are supplemented.

Next, FIG. 44 shows confidential information transmission operation. This confidential information transmission operation is an operation for transmitting confidential information from the user A to the user B.
44, in step 1041, software for managing confidential information is activated on the personal computer 100A of the user A. In step 1043, the user B who wants to confirm and browse the confidential information is selected from the customer information database created in step 1029.

  Thereafter, in step 1045, the personal computer specific information 1p to Np of user B selected in step 1043 is acquired from the customer information database. At this time, in addition to the personal computer specific information 1p to Np, the transmission / reception date / time of the specific information mail, the random number set in the personal computer 100A (or 100B), and the like are acquired.

In step 1047, a unique information key is generated based on a predetermined algorithm from the personal computer unique information 1p to Np acquired in step 1045, the transmission / reception date and time, a random number, etc., and the confidential information transmitted to the user B using this unique information key Is encrypted. However, biometric information, an ID of a recording medium, or the like may be used as the unique information key. Further, the confidential information may be an attached file attached to the mail, or may be a part or all of the mail text. Since the unique information key is generated from a combination of the personal computer unique information 1p to Np (fixed value) and the transmission / reception date and time, random numbers, etc. (variation value), the unique information key changes as a whole. However, the unique information key may be generated only from the personal computer unique information 1p to Np (fixed value), or may be generated from any combination of unique information. In addition to the combination with the transmission / reception date / time or the random number, the transmission / reception date / time or the random number may be used. When generating the unique information key, a key generation logical value indicating the logical value of the unique information key generation described above may be defined.
The confidential information may be compressed in addition to encryption, or may be compressed instead of encryption.

  After that, in step 1049, the confidential file encrypted in step 1047 and the execution file B.P for processing the personal computer unique information 1p to Np in the personal computer 100B of the user B are compared. exe is associated one-to-one.

  In step 1051, a confidential information mail is created. As shown in FIG. 46D, the confidential information mail is attached with the confidential information encrypted in step 1047. The confidential information mail is attached with the personal computer specific information 1p to Np acquired in step 1045, the transmission date and time, a random number, and the like. Further, the confidential information mail includes an executable file B.B. exe is attached, and the confidential information and the executable file B. A file indicating the association with exe is attached.

Furthermore, in the confidential information mail, as the contents of the text, the executable file B.B. The usage of exe is described.
Note that the confidential information attached to the confidential information mail, the personal computer specific information 1p to Np, etc. exe, confidential information and executable file The association file with exe is not created as a separate file, but may be configured as a single executable file. In this case, the association file may be unnecessary. The execution file may be described in, for example, a Java script or the like and may be in an html format or the like. Executable file B.B. exe may be integrated with e-mail software.

  In step 1053, the confidential information mail created in step 1051 is transmitted to the user B. On the other hand, in step 1055, the user B receives the confidential information mail.

Next, FIG. 45 shows the confidential information confirmation operation. This confidential information confirmation operation is an operation for confirming confidential information on the user B side.
45, in step 1071, the executable file B.B attached to the confidential information mail in the personal computer 100B of the user B is shown. exe is executed. This executable file B. exe is executed by executing the executable file B.B. It is done according to how to use exe. In this case, a pre-registered password or the like may be input, and subsequent processing may be enabled if they match.

  Thereafter, in step 1073, the personal computer specific information 1p to Np is acquired from the personal computer 100B of the user B. In step 1075, the personal computer specific information 1p to Np acquired from the personal computer of the user B is compared with the personal computer specific information 1p to Np attached to the confidential information mail.

  Specifically, in step 1077, the unique information 1, 2,... Is obtained from the personal computer unique information 1p to Np acquired from the personal computer of user B and the personal computer unique information 1p to Np attached to the confidential information mail.・ Conduct individual contrasts for each N. If all of the unique information 1 to N match, it is determined that the personal computer on the user B side is a personal computer included in the customer information database of the user A. move on.

  On the other hand, if it is determined in step 1077 that all of the unique information 1 to N do not match, this flow is terminated without decryption of the confidential information. However, in this case, the unique information acquisition operation (step 1001 and subsequent steps) may be performed again so that the current personal computer unique information 1p to Np is added to the user A customer information database.

Thereafter, in step 1079, a unique information key for decrypting the confidential information is generated based on a predetermined algorithm from the personal computer unique information 1p to Np attached to the confidential information mail, the transmission / reception date and time, a random number, and the like. In step 1081, the confidential information is decrypted with this unique information key.
As a result, in step 1083, confidential information is confirmed.

  As described above, even when important confidential information is leaked, since the confidential information is encrypted with the unique information key, it cannot be decrypted by other personal computers and the confidential information is not illegally used. Even if intercepted in the middle of communication, analysis is not possible.

  In particular, for the user B who confirms confidential information, the execution file A.1 is transmitted from the user A side who transmits confidential information. When exe is attached and transmitted by e-mail, personal computer specific information 1p to Np on the user B side is acquired. Further, from the user A side, the executable file B.B. The exe is attached and transmitted by e-mail, so that the unique information is compared. Therefore, even if special software is not installed on the user B side, unauthorized use of confidential information can be prevented. Therefore, the confidential information can be confirmed safely without being limited to the environment of the confidential information transmitting party.

  Furthermore, in the case of the present embodiment, since the customer information database is created and stored on the user A side, no certificate authority is required. Accordingly, since confidential information and personal computer specific information 1p to Np are exchanged only between users (user A and user B) who communicate confidential information, and no third party is involved, it is extremely safe and secure. .

In the present embodiment, although it has been described in step 1077 that all matches of the unique information 1 to N are determined, the present invention is not limited to this. As shown in the above-described embodiments, each unique information may be determined based on whether weighting or the like is taken into account and whether or not a predetermined ratio or more matches.
That is, in step 1077, the MAC address or the like in the personal computer specific information 1p to Np acquired from the personal computer of user B is matched with the MAC address or the like of the personal computer in the personal computer specific information 1p to Np attached to the confidential information mail. You may judge. Further, when it is determined that the MAC addresses and the like match, it may be determined whether more than half of the unique information 1 to N match. Note that these operations are the same as steps 591 and 211 (FIG. 16) of the third embodiment.

As a result, it is possible to avoid the non-permission of decoding due to a partial change or the like of the unique information 1 to N, and it is possible to eliminate the annoyance to the user who is performing normal use.
Therefore, once the personal computer specific information 1p to Np on the user B side is acquired, it can be applied any number of times as long as there is no change in the specific information or unless there is a significant change in the specific information.
In this embodiment, the personal computer specific information 1p to Np is described as being attached to the confidential information mail. However, the personal computer specific information 1p to Np may be attached without being attached. In this case, the processing of step 1075 and step 1077 is omitted, and in step 1079, a unique information key is obtained based on a predetermined algorithm from the transmission / reception date and time, random numbers, etc. based on the personal computer unique information 1p to Np acquired from the personal computer of user B. Generated. Thereafter, the confidential information transmitted to the user B is decrypted with this unique information key.

1 is a configuration diagram of a file / key / data management system according to a first embodiment of the present invention. Flow chart (save / backup operation) Structure of file FA according to the first embodiment of the present invention Flow chart (read / edit operation and re-save / re-backup operation) The block diagram of the file / key / data management system which is 2nd Embodiment of this invention Flow chart (registration intention confirmation operation, storage / backup operation (with initial storage operation) and registration operation) Same as above Database structure according to the second embodiment of the present invention Flow chart (read / edit and rescue operation) Same as above Same as above The block diagram of the file / key / data management system which is 3rd Embodiment of this invention Structure of file F1 and file F2 according to the third embodiment of the present invention Flow chart (file F2 registration operation, file F2 sharing operation, and storage / backup operation using file F2) Same as above Flow chart (read / edit operation using file F2) Structure of file F1 and file F2 according to the fourth embodiment of the present invention Flow chart (Operation with PC reading flag set) Same as above Another example of the structure of the file F1 and the file F2 according to the fourth embodiment of the present invention Structure of file F1 and file F2 according to the fifth embodiment of the present invention Flow chart (Operation with ID and password set) Same as above Same as above Structure of file F1 and file F2 according to the sixth embodiment of the present invention Example of operation according to the save mode flag Flow chart (Operation with save mode set) Same as above Same as above The block diagram of the file / key / data management system which is 7th Embodiment of this invention Flow chart (Relief operation) Same as above Same as above Flow chart (applies to copyright protection) Same as above Flow chart (Sales data transmission operation / Sales data confirmation operation) Same as above Same as above Flow chart (Center registration operation for unique information) Flow chart (Sales data transmission operation) Flow chart (Sales data check operation) The block diagram of the file / key / data management system which is 12th Embodiment of this invention Flow chart (unique information acquisition operation / confidential information transmission operation / confidential information confirmation operation) Same as above Same as above Structure of unique information acquisition request mail, unique information mail, customer information database, confidential information mail Flowchart of the eleventh embodiment of the present invention

Explanation of symbols

100 PC
105 Files
107 storage device
109 Specific information
150 software
200 Internet
300, 350 center
301,501 database
500 servers

Claims (17)

An information processing apparatus for performing at least one of storage, backup, reading and editing, reproduction, data transmission / reception, and the like of files including at least one of files, keys, data, and the like;
Unique information detection means for detecting at least one unique information such as hardware, software, ID of ID-added recording medium and biometrics information constituting the information processing apparatus;
A file / key / data management system comprising data conversion means for converting data of the files based on the unique information detected by the unique information detection means. An information processing apparatus for performing at least one of storage, backup, reading, and editing of files including at least one of files, keys, data, and the like;
Unique information detecting means for detecting at least one unique information such as hardware, software, ID of ID-added recording medium and biometrics information constituting the information processing apparatus;
Data conversion means for converting data of the files based on the unique information detected by the unique information detection means;
Storage means for storing the files converted by the data conversion means and the unique information;
When reading and / or editing the files stored in the storage unit, the unique information detection unit causes the hardware, software, ID of the ID-added recording medium, biometric information, etc. Contrast means for detecting again at least one of the unique information and comparing with the unique information stored in the storage means;
A restoration judging means for judging permission or non-permission of restoration of the files based on a judgment result of the comparing means;
A restoration unit that restores files converted by the data conversion unit based on the unique information stored by the storage unit when the restoration determination unit permits the restoration. File / key / data management system. File generation means for generating one file by combining the unique information detected by the unique information detection means and the files whose data has been converted by the data conversion means, or for generating a predetermined associated file with each other With
3. The file / key / data management system according to claim 1 or 2, wherein the unique information detected by the unique information detection means and / or the file generated by the file generation means is data-converted. . At least one information processing device;
Registration means for registering at least one specific information such as hardware, software, ID of ID-added recording medium and biometrics information constituting the information processing apparatus;
An information processing apparatus registered by the registration means, and storage means for storing unique information of the information processing apparatus;
Specific information detecting means for detecting at least one specific information such as hardware, software, ID of ID-added recording medium and biometrics information constituting the information processing apparatus;
Comparison means for comparing the unique information detected by the unique information detection means with the unique information stored in the storage means;
3. A restoring means for restoring files converted by the data converting means when it is determined that the same information processing apparatus exists as a result of the comparison by the comparing means. Or the file / key / data management system according to 3. A designation means for designating an information processing apparatus and / or a person capable of restoring the files;
A designated information processing device etc. judging means for judging whether or not the information processing device designated by the designating means,
5. The file / key / data management system according to claim 4, wherein when the information processing device or the like designated by the designated information processing device or the like judgment unit is judged, the restoration unit restores the file / key / data management system. An ID / password setting means for setting an ID and / or password for the information processing apparatus stored in the storage means and the unique information of the information processing apparatus;
An ID and / or determination means for determining whether the ID and / or password set by the ID / password setting means matches the input ID and / or password;
6. The file / key / data management system according to claim 4 or 5, wherein when the ID or the like determining means determines that they match, the restoring means restores. Hardware and software constituting an information processing apparatus in which unique information stored in the storage means is newly detected by the unique information detection means when restoration of the files is not permitted by the restoration determination means Specific information update means for updating to at least one specific information such as ID and biometric information of the recording medium with ID,
3. The file / key / data management system according to claim 2, further comprising registration means for registering the unique information updated by the unique information update means. A registered unique information storage means for storing the registered unique information already registered;
When the restoration judging means judges that restoration of the files is not permitted, the registration for comparing the unique information used for comparison by the comparing means with the registered unique information stored in the registered unique information saving means Specific information comparison means,
Based on the determination result of the registered unique information comparison means, permission or non-permission of restoration of the files is determined, and when the restoration is permitted, the data is based on the unique information saved by the saving means. 8. The file / key / data management system according to claim 2, wherein the files converted by the conversion means are restored. A copyrighted work installed in the information processing apparatus;
Password granting means for granting a use permission password for permitting use of the copyrighted work for the information processing apparatus and the unique information of the information processing apparatus;
9. The apparatus according to claim 1, further comprising: a presence / absence of the use permission password or a built-in password preliminarily built in the copyrighted work, and a determination unit that determines whether the built-in password matches the use permission password. The file / key / data management system according to any one of the above. Information and
Storage means in which at least one specific information such as hardware, software, ID of ID-added recording medium and biometrics information constituting the information processing apparatus is stored in advance;
Detecting means for detecting the unique information;
A comparison means for comparing the unique information detected by the detection means with the unique information stored in the storage means;
A file / key / data management system characterized in that the data conversion of the information is performed when the comparison means matches a predetermined ratio or more. 11. The file / key / file according to claim 10, wherein the data conversion of the information is performed by a predetermined algorithm based on the unique information detected by the detection means or the unique information stored by the storage means. Data management system. Information and
Data conversion means for converting the information into data by a predetermined algorithm based on at least one unique information such as hardware, software, ID of recording medium with ID, biometric information, etc. constituting the information processing apparatus;
A file in which the unique information is stored;
Sending and receiving means for sending and receiving the file;
Authentication means for authenticating whether the unique information acquired from the file sent and received by the sending and receiving means belongs to a legitimate user;
A file restoring means for restoring the data of the information by a predetermined algorithm based on the unique information acquired from the file when the authenticating means authenticates the user. / Key / data management system. Information and
Data conversion means for converting the information into data by a predetermined algorithm based on at least one unique information such as hardware, software, ID of recording medium with ID, biometric information, etc. constituting the information processing apparatus;
Detecting means for detecting the unique information;
A file / key / data management system comprising: data restoration means for restoring data by a predetermined algorithm based on the unique information detected by the detection means. Unique information detecting means for detecting at least one unique information such as hardware, software, ID of recording medium with ID, biometric information, etc. constituting the information processing apparatus;
Conversion key generation means for generating a conversion key by a predetermined algorithm based on the unique information detected by the unique information detection means;
Transmission / reception means for transmitting / receiving the conversion key generated by the conversion key generation means;
Data conversion means for converting data based on the conversion key transmitted and received by the transmission / reception means;
A restoration key generation means for generating a restoration key by a predetermined algorithm based on the unique information detected by the unique information detection means;
A file / key / data management system comprising: data restoration means for restoring data based on the restoration key generated by the restoration key generation means. Information and
Data conversion means for converting the information into data according to a predetermined algorithm;
Transmission / reception software for transmitting / receiving the information converted by the data conversion means;
Data restoration means for restoring the information by a predetermined algorithm,
A file / key / data management system characterized in that the data restoration means and the information are associated or integrated under a predetermined association and attached to the transmission / reception software. The data conversion and the data restoration are performed by a predetermined algorithm based on at least one unique information such as hardware, software, ID of ID-added recording medium, biometric information, etc. constituting the information processing apparatus. 16. The file / key / data management system according to claim 15, characterized in that: Specific information acquisition software having acquisition means for acquiring at least one specific information such as hardware, software, ID of ID-added recording medium and biometrics information constituting the information processing apparatus;
And the transmission / reception software with which the specific information acquisition software is attached or integrated,
A file / key / data management system, wherein the unique information acquired by the unique information acquisition software or a file including the unique information is returned via the transmission / reception software.

Images