JP2005209181A - File management system and management method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To enhance security of file sharing via a network by minimizing change of the existing network environment. <P>SOLUTION: This file management system 1 is constituted of: a shared file server 3 having a file storage part which stores a file encrypted by a user private key and a file transmitting part which retrieves and transmits a file with respect to a file access request from a user; and an encryption management server 4 having a client public key storage part which stores a user public key by associating it with a user ID, a file encryption information acquisition part which acquires the user private key encrypted by a server public key, a file ID and the user ID from the user, a client public key retrieval part which retrieves the user public key from the client public key storage part based on the user ID and a client private key storage part which encrypts the user private key decrypted by the server private key by the user public key and stores the user private key by associating it with the user ID and the file ID. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a file management system and a management method in which a file server acquires and manages an encrypted electronic file from a client via a network.

  In recent years, from the viewpoint of saving computer resources due to distributed management and business efficiency within a company, electronic data can be transferred between multiple client terminals via a dedicated file management server connected to a network such as a LAN or WAN within the company. Sharing files has become a common practice.

  In such a file sharing management system, there is a possibility that the shared file may be eavesdropped by a malicious person (client, server administrator, etc.) in the network or a third party who has illegally infiltrated the network from the outside. In particular, in a network using a public line network such as the Internet or an extranet, there is a possibility of unauthorized access from an unspecified number of persons, and communication is performed via a plurality of nodes (provider WEB servers, etc.). The risk of eavesdropping increases dramatically.

  For this reason, for example, Patent Documents 1 to 4 propose various devices that prevent a third party from seeing the contents of a file when the client accesses the file management server to write or read the file. .

Japanese Patent Laid-Open No. 11-16281 JP 2001-5746 A JP 2002-342144 A JP2003-303126A

  By the way, in the prior art, communication such as encryption communication between a client that transmits / receives a file and a file transfer (management) server, such as SSL (Secure Socket Layer) on the Internet, is mainstream. In addition, strict authentication of connection authority to the file management server is also used.

  However, even if such communication encryption and connection authority authentication are thoroughly performed, the file transmitted from the client is delivered in plain text to a program on the file management server side represented by CGI (Common Gateway Interface). Therefore, not only a third party who accesses the file management server but also a server administrator or a system administrator (Administrator) can easily read the file.

  In this regard, for example, a system has been proposed in which the file itself in the file transfer (shared management) server is encrypted so that the file cannot be decrypted unless it is a private key of a specific client. Yes.

  However, the system of Patent Document 2 needs to construct a system by newly designing a server for sharing and managing files. That is, even if you already have a file management server, the client identification information for each encrypted file, the file storage location (folder name, URL, etc.), the file identification information, the storage expiration date, etc. It is necessary to design a program for management and rebuild the server. Such introduction of an encrypted file system and changing an existing non-encrypted server to an encrypted server may greatly affect the network control function and the OS (Operation System). In addition, the cost, personnel load, and business interruption required for the system change are significant.

  In addition, even if the user encrypts an electronic file created by application software such as document creation or spreadsheet with an encryption key set by himself / herself, if the electronic file and the encryption key are stored in the same computer (PC), There is a risk that the electronic file may be decrypted due to leakage of the encryption key or unauthorized acquisition. On the other hand, when a complicated encryption key is set to increase the encryption strength, or when the encryption process is repeated twice or three times on the entire file, it takes time to encrypt / decrypt the file, which is practical. There's a problem.

  The present invention has been made in order to solve the above-mentioned problems. A third party can improve the security when sending and receiving files over the network while minimizing changes in the existing network environment, and the contents of the files can be obtained by a third party. It is an object of the present invention to provide a file management system and method for preventing unauthorized browsing of files.

  Another object of the present invention is to provide a file management system and method that can effectively prevent leakage of electronic files and the like without complicated encryption processing.

  According to a first main aspect of the present invention, there is provided a file management system in which a file server acquires and manages an encrypted electronic file from a client via a network, the file server including a secret of the client File storage means for storing a file encrypted with a secret key of a key encryption method in association with the identification information of the file acquired from this client, and access to the encrypted file by acquiring the file identification information from the client And a file transmission unit that retrieves the file from the file storage unit based on the file identification information and transmits the file to the client when the request is received, and the client encrypts / decrypts the file. Connected to the encryption management server that manages the network The encryption management server obtains, from the client, the private key of the client encrypted with the public key of the encryption management server, the identification information of the encrypted file stored in the file server, and the identification information of the client A file encryption information acquisition unit for performing the operation, a client public key acquisition unit for acquiring the public key of the client, a decryption of the acquired private key of the client with a private key of the encryption management server, and a decrypted client private key A file management system is provided, comprising: a client secret key storage unit that encrypts the client with the acquired client public key and stores the encrypted information in association with the client identification information and the file identification information.

  According to such a configuration, the encryption / decryption information of the encrypted file stored in the file server is managed by the encryption management server independent of the file server. That is, the file server has a simple structure in which the encrypted file acquired from the client is stored as it is, and the encrypted file is transmitted as it is when an access request is received from the client. Also, all file and encryption key information was encrypted before communicating over the network. This makes it possible to construct a new encrypted file system using an existing file server as it is. Therefore, it is possible to minimize the human, time, and cost burden for constructing the encryption file system, and it is possible to reduce the influence on the network environment, other systems, and daily work accompanying the design change.

  Further, even an unauthorized person accessing the file server or the encryption management server or a server administrator cannot read the encrypted file, thereby improving security. As a result, for example, a file sharing system can be constructed using an existing storage service provided on the Internet.

  Further, by using both the secret key encryption method and the public key encryption method, it is possible to reduce the time for encrypting the file while maintaining the encryption strength, the complexity of the delivery of the encryption key, and the risk of leakage.

  According to a preferred embodiment of the present invention, when the client requests access to the encrypted file stored in the file server, the encryption management server further sends the client identification information and the file from the client. Client authentication means for acquiring identification information and collating it with information in the client secret key storage means to authenticate the client's authority to decrypt the file is provided. Here, when the authentication by the client authentication unit is valid, the encryption management server searches the client secret key storage unit for the client secret key related to the corresponding file based on the file identification information and transmits it to the client It is preferable to provide a client private key search / transmission means.

  According to such a configuration, since it is confirmed that the client accessing the encrypted file has the authority to decrypt the file and the decryption private key is transmitted, it is possible to prevent impersonation of the client. Security can be improved. Further, since the client exchanges encryption information with the encryption management server, the server can be authenticated at the same time.

  According to another embodiment of the present invention, the client includes a user terminal and an encryption proxy server connected to the user terminal, and the file server and the encryption management server are connected to the user via the encryption proxy server. It is connected to the terminal.

  According to such a configuration, it is possible to perform all of encryption / decryption of files and management of encryption information not by the user terminal operated by the user but by the encryption proxy server. As a result, the encrypted file system can be used without changing the settings of the existing user terminal or installing a complicated program. In addition, even a user who is unfamiliar with a computer can easily read and encrypt a shared file encrypted by a computer operation similar to the conventional one.

  According to another embodiment of the present invention, the client public key obtaining means obtains together with the identification information of the file when the client accesses the encrypted file of the file server.

  According to such a configuration, it is not necessary to register a public key in advance, and the computer resources of the encryption management server can be saved. In addition, the client public key can be changed frequently, which leads to an improvement in security.

  According to another embodiment of the present invention, the client and the file server are connected via a network conforming to HTTP (Hypertext Transfer Protocol).

  According to such a configuration, for example, a network can be constructed in accordance with WEBDAV (Web-based Distributed Authoring and Versioning WEB-based distributed authoring and version management), which is a standardized extension set of the HTTP protocol. This WEBDAV is a communication protocol that forms the core of the WWW, and enables joint editing and management of files on a remote WEB server. Currently supported by a wide range of vendors, many web browsers, editors, file systems, databases, and document repositories support WBDAV. By connecting a WBDAV-compatible client to a WBDAV-compatible server, the method of interaction between the read-only WWW and the user changes, and the Internet can be used as a writable medium that supports collaborative work and distributed file sharing. become able to.

  In addition, WEBDAV can communicate using an http80 port that is always open for WWW connection, and can read and write files without being blocked by a firewall installed on the client. When WEDAV is adopted, the shared file server functions as a WEDAV file server, and the client functions as a WEDAV client.

  According to another embodiment of the present invention, the encryption management server further provides the identification information of the other client (B) to which the decryption authority for the encrypted file is to be given from the client (A), and the disclosure of the encryption management server. A decryption authority setting application accepting means for obtaining a secret encryption method private key of the client (A) encrypted with the key and accepting an application for setting the decryption authority for the file; identification information of the client (A); The identification information of the file is compared with the information in the client secret key storage means, and the decryption authority authenticating means for authenticating the decryption authority of the client (A) regarding the file, and the acquired client (A ) And a secret key decryption means for decrypting the secret key of the client (A) with the secret key of the public key cryptosystem of the cipher management server. , Comprising: a secret key encryption means for encrypting the public key of the other clients (B), and a client secret key transmitting means for transmitting the private key of the encrypted client (A) to the client (B).

  According to such a configuration, the encrypted file stored in the shared file server can be transferred by using both the secret key encryption method and the public key encryption method. As a result, even when the file server is installed on a public network such as the Internet, for example, a file can be shared (transferred) between a plurality of clients with high security.

  According to another embodiment of the present invention, the client secret key storage means executes decryption and encryption of the client secret key by a predetermined algorithm written on the board of the encryption management server.

  According to such a configuration, it is possible to simultaneously improve security and improve processing speed by reducing the load on the encryption management server. It is conceivable that the encryption management server is simultaneously accessed from a plurality of clients (user terminals or proxies) and requires simultaneous encryption / decryption processing. In particular, when a public key cryptosystem such as RSA (Rivest Shamir Adleman) is used for data communication between a client and a file server or a cipher management server, the encryption / decryption algorithm is complicated, which imposes a burden on the CPU. It can be considered that the processing time increases and it takes time. Such a problem of processing speed may become a bottleneck when an encryption file system is implemented in a large company having a large number of users. Therefore, it is extremely effective to reduce the burden on the CPU and increase the processing speed by executing the encryption / decryption algorithm on hardware.

  According to the second main aspect of the present invention, in a client system that sends an encrypted electronic file to a file server for management via a network, the client system creates and modifies the file. It consists of a user terminal and an encryption proxy server that is connected to the user terminal and executes encryption / decryption of the file. The encryption proxy server manages the file server and information for encrypting / decrypting the file. The encryption proxy server is connected to the encryption management server via the network, and when receiving a file transmission request from the user to the file server, the encryption proxy server transmits the file acquired from the user to the secret key encryption method of the client system. File encryption processing means to encrypt with the private key of File transmission means for generating file identification information of the file and transmitting it to the file server together with the encrypted file, and encrypting the secret key of the client system with the public key of the encryption management server, A client system is provided, comprising: secret key transmission means for transmitting to the encryption management server together with identification information of the client system.

  According to such a configuration, it is possible to obtain a client system that can suitably cooperate with the file management system in the first main aspect described above.

  According to a third main aspect of the present invention, there is provided a file management method in which a file server acquires and manages an encrypted electronic file from a client via a network, the file server including the client A file storage step of storing a file encrypted with a secret key of the secret key encryption method in the file storage unit in association with the identification information of the file acquired from the client, and acquiring the file identification information from the client A file transmission step of searching for an appropriate file from the file storage unit based on the file identification information and transmitting the file to the client when an access request to the encrypted file is received, the client encrypting the file Management server and network for managing information to be encrypted / decrypted The encryption management server connects from the client, the client's private key encrypted with the encryption management server's public key, the encrypted file identification information stored in the file server, and A file encryption information acquisition step of acquiring client identification information, a client public key acquisition step of acquiring a client public key, and decrypting the acquired client private key with a secret key of the encryption management server; A client secret key storing step of encrypting the decrypted client secret key with the acquired client public key and storing the encrypted client secret key in the client secret key storage unit in association with the client identification information and the file identification information. A file management method is provided.

  According to such a configuration, it is possible to obtain a file management method that suitably uses the file management system according to the first main aspect described above.

  According to a fourth main aspect of the present invention, there is provided a file management system for managing an electronic file by a computer system for storing the encrypted electronic file and an external storage device connected to the computer system. The computer system uses an authentication encryption key generation unit that generates an authentication encryption key of a secret key encryption method based on predetermined basic information and stores the authentication encryption key in the authentication encryption key storage unit. A user encryption key generating means for generating a user encryption key of a secret key encryption method based on user information input by the user, and encrypting the user encryption key with an authentication encryption key, and storing the encrypted user encryption key User encryption key output means for outputting to and storing the external storage device and an encrypted user encryption key from the external storage device A file encryption unit that encrypts the electronic file with the user encryption key and stores the encrypted file in the file storage unit; and when the read request for the encrypted file is received, the external storage device is accessed to access the user encryption key. And an encryption key acquisition means for acquiring an authentication encryption key from the authentication encryption key storage means, a user encryption key decryption means for decrypting the acquired user encryption key with an authentication encryption key, and the decryption There is provided a system characterized by comprising a file decrypting means for decrypting an encrypted file related to a read request with the user encryption key thus made.

  According to such a configuration, the user encryption key based on the user information input by the user is stored in an external storage device (USB memory, IC card, other computer system on the network, etc.). Separately, an authentication encryption key generated based on basic information such as a random number based on the serial number of the computer system is stored in this computer. Then, the created electronic file is encrypted or decrypted on the condition that the storage device is connected to the computer system and the user encryption key and the authentication encryption key are prepared.

  Thus, if the user himself / herself keeps the storage device storing the user encryption key, the electronic file is decrypted even if the authentication encryption key in the computer system or the encrypted electronic file is obtained illegally. Security and security can be kept high. Even in this case, the encryption / decryption process of the electronic file can be performed instantaneously using the user encryption key or the authentication encryption key, so that there is no problem in practical use.

  According to a fifth main aspect of the present invention, there is provided a file management method for managing an electronic file by a computer system for storing the encrypted electronic file and an external storage device connected to the computer system. The computer system generates an encryption key for authentication of a secret key cryptosystem based on predetermined basic information and stores it in an authentication encryption key storage means, and uses the computer system A user encryption key generating step of generating a user encryption key of a secret key encryption method based on user information input by the user, encrypting the user encryption key with an authentication encryption key, and encrypting the encrypted user encryption key A user encryption key output step for outputting to and storing the external storage device, and obtaining an encrypted user encryption key from the external storage device A file encryption step of encrypting an electronic file with this user encryption key and storing it in a file storage means; and when a read request for the encrypted file is received, accessing the external storage device to obtain a user encryption key And an encryption key acquisition step of acquiring an authentication encryption key from the authentication encryption key storage means, a user encryption key decryption step of decrypting the acquired user encryption key with the authentication encryption key, and the decrypted And a file decrypting step of decrypting the encrypted file according to the read request with the user encryption key.

  According to such a configuration, it is possible to obtain a file management method that suitably uses the file management system according to the fourth main aspect described above.

  According to a sixth main aspect of the present invention, in a client system for storing and managing an encrypted electronic file in a recording medium, file creation means for creating / modifying the electronic file, and the client system Based on the user information input by the user using the user, the user encryption key generation means for generating the user encryption key of the secret key encryption method, the electronic file is encrypted with the generated user encryption key, and the file of this encrypted file A file encryption unit that generates identification information and stores it in the recording medium together with the encrypted file; an authentication encryption key generation unit that generates an authentication encryption key of a secret key encryption method based on predetermined basic information; Encryption key encryption means for encrypting the user encryption key with an authentication encryption key and storing it in the recording medium together with the identification information of the file. The client system is provided, characterized in that the.

  According to such a configuration, it is possible to obtain a client system that can suitably cooperate with the file management system in the fourth main aspect described above.

  As described above, according to the present invention, a third party cannot illegally view the contents of a file by increasing security when transmitting and receiving the file through the network while minimizing changes in the existing network environment. A file management system and method can be obtained.

  Further, according to the present invention, it is possible to obtain a file management system and method that can effectively prevent leakage of electronic files and the like without using complicated encryption processing.

  Other features and remarkable effects of the present invention will be understood more clearly by referring to the description of the best mode section for carrying out the present invention and the attached drawings.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. In the following, an example will be described in which RSA (Rivest Shamir Adleman) is used as the public key encryption method and DES (Data Encryption Standard) is used as the secret key encryption method. Each encryption key is different between the client and the encryption management server, and for RSA, different encryption keys are used for encryption and decryption. Therefore, in the following description, for the sake of convenience, they will be referred to as a client (user) RSA encryption key and RSA decryption key, a server RSA encryption key and RSA decryption key, a client (user) DES key, and a server DES key.

(Network configuration)
FIG. 1 is a diagram schematically showing a network configuration according to an embodiment of the present invention.

  In the present embodiment, the file management system 1 is configured by a shared file server 3 connected to the client 2 via the Internet, and a cipher management server 4 connected to the client 2 via a dedicated network such as an in-house LAN or WAN. Has been.

  The client 2 includes a plurality of user terminals 5 in which a user such as an employee of a client company creates / modifies a file, and an encryption proxy server 6 (hereinafter referred to as “encryption proxy server 6”) connected to the user terminal 5 to execute encryption / decryption of the file. (Referred to as “proxy 6”). In the present embodiment, the user terminal 5 receives the user ID (identification information) from the IC card 7 (recording medium) carried by the user, the identification information of the shared file server 3 to which the user can connect, and the identification information of the file. (ID, folder name, etc.) and user's public key information (set of encryption key and decryption key) are acquired. The IC card 7 is distributed offline after the above-described user information and the like are described to the user registered by the system management server 8 that manages the in-house network environment. When a user's connection authority is changed due to personnel changes or organizational changes, information is overwritten by the user terminal 5 or a new IC card whose information is updated by the system management server 8 is distributed to the target person. Is done. The recording medium for storing the user information is not limited to the IC card 7, but various storage devices such as an optical disk such as a CD-ROM or DVD-R, a magnetic disk such as HD or FD, a USB memory, or the user terminal 5 It may be a recording device of another terminal 5 connected to.

  When the user inserts the IC card 7 into the card slot of the user terminal 5, the user terminal 5 reads the information stored in the IC card 7 and passes it to the proxy 6. The proxy 6 automatically performs processing such as authenticating the access authority to the shared file server 3 and the connection authority to the encrypted file based on the acquired information. This eliminates the need for operations such as user ID and password input.

  The shared file server 3 is installed by a storage service provider entrusted with storage and management of files from a plurality of clients 2 such as companies, and the user terminal 5 (client terminal 5) of the client 2 that has concluded a predetermined file storage contract. The proxy 6) can be connected via the Internet. The shared file server 3 includes an encrypted file storage unit 9 that stores various types of electronic files created by the client 2 and encrypted with an encryption key, which will be described later, and the file ID from the client 2. A file search / output unit 10 that searches for the corresponding file from the encrypted file storage unit 9 based on the file ID and transmits it to the client 2 when receiving an access request to the encrypted file. I have. In the present embodiment, the client 2 is configured to be able to connect to any of the shared file servers 3 and 3 by concluding a file storage contract for each of the plurality of shared file servers 3 and 3 installed on the Internet.

  In the present embodiment, the connection between the client 2 and the shared file server 3 conforms to WEBDAV (standardized extension set of HTTP protocol). This makes it possible to use the Internet as a writable medium that supports collaborative work and distributed file sharing. In addition, communication using an http80 port that is always open for WWW connection is possible, and files can be read / written without being blocked by a firewall installed in the client 2. As the shared file server 3 of this embodiment, an existing WEBBD file server can be used as it is.

  The encryption management server 4 functions to manage file encryption / decryption information (public key, secret key, etc.) stored in the encrypted file storage unit 9 of the shared file server 3, as will be described in detail later. It has. The encryption management server 4 is connected to the proxy 6 through a connection different from the shared file server 3. In this way, by setting the encryption management server 4 separately from the shared file server 3 so as to manage file encryption / decryption, the setting of the existing shared file server 3 or the general-purpose shared file server 3 is set. It is possible to construct a highly secure file management system at low cost without changing the file. As a result of improved security, external storage services can be used, minimizing the cost and human load required for the construction and design changes of file sharing systems within the company, the placement of server administrators and system maintenance. To the limit.

  In the present embodiment, encryption / decryption algorithms and the like managed by the encryption management server 4 are stored in a dedicated encryption board 11 (substrate). As a result, the processing load is increased by reducing the load on the CPU of the encryption management server 4. Writing of the algorithm and the like to the encryption board 11 is also executed by the system management server 8. As shown in FIG. 1, when installing a plurality of encryption management servers 4, different information is stored in the encryption board 11 and distributedly processed for each user terminal 5, each shared file server 3, and each client 2. Alternatively, the same information may be stored and one server 4 may be used as a buffer or backup server at the time of overflow.

(Configuration of encryption management server)
Next, the schematic configuration of the encryption management server 4 will be described with reference to the block diagram of FIG.
The encryption management server 4 is composed of a general-purpose computer system installed inside or outside the company serving as the client 2, and has a well-known hardware / software configuration such as a CPU, RAM, and input / output interface (not shown). Yes. Hereinafter, the characteristic configuration and function of the present invention will be mainly described.

  The encryption management server 4 includes a data storage unit A including a client information storage unit 12, a client public key storage unit 13, a client secret key storage unit 14, and a server secret key storage unit 15, a file encryption information acquisition unit 16, Client public key search unit 17, client secret key generation unit 18, client authentication unit 19 (decryption authority authentication unit), client secret key search unit 20, client secret key encryption / decryption processing unit 21, client secret key transmission unit 22 and decryption A program storage unit B including an authority setting application reception / processing unit 23 is connected by a system bus C.

  The client information storage unit 12 stores the ID of the user who uses the user terminal 5, the authority to connect to the shared file server 3, and the authority to decrypt each file. As shown in FIG. 1, when a plurality of shared file servers 3 are installed, connection authority for each server is stored.

  The client public key storage unit 13 stores a user's public key (a set of RSA encryption key and decryption key) in association with the user ID. This public key is issued and stored by the client 2 when the user is registered with the client 2. The RSA encryption key will be described later when the user accesses the encrypted file of the shared file server 3. What is acquired by the file encryption information acquisition unit 16 may be stored.

  The client secret key storage unit 14 stores the user DES key encrypted with the user RSA encryption key in association with the user ID and the file ID. This DES key is used to encrypt a file stored in the shared file server 3.

  The server secret key storage unit 15 stores a randomly generated DES key of the encryption management server 4 in association with a file ID, a user ID, or the like.

  Next, the file encryption information acquisition unit 16 sends the user DES key encrypted with the server RSA encryption key and the ID of the encrypted file stored in the shared file server 3 from the client 2 (proxy 6). The user ID is acquired and stored in the client information storage unit 12.

  The client public key search unit 17 searches the client public key storage unit for the RSA encryption key of the user based on the acquired user ID. When the file encryption information acquisition unit 16 is set to always acquire the user's RSA encryption key, the search unit 17 can be omitted.

  The client authentication unit 19 (decryption authority authentication unit) obtains the user ID and the ID of the file from this user (proxy 6) when the user requests access to the encrypted file stored in the shared file server 3. Then, the user's decryption authority regarding the file is authenticated by comparing with the information in the client secret key storage unit 14. Further, when the user requests a change (including deletion) of the decryption authority, the user (A) having the authority to set the decryption authority is similarly authenticated.

  When the authentication by the client authentication unit 19 is valid, the client secret key search unit 20 searches the user secret key storage unit 14 for the user DES key related to the corresponding file based on the file ID, and performs decryption. To the next client secret key encryption / decryption processing unit 21.

  The client secret key encryption / decryption processing unit 21 writes the DES key of the user acquired by the file encryption information acquisition unit 16 in the encryption management server 4 when the authentication by the client authentication unit 19 is valid when writing the file. In addition to decrypting with the RSA decryption key, the decrypted user DES key is encrypted with the RSA encryption key of this user. The user DES key encrypted in this way is stored in the client secret key storage unit 14.

  The client secret key transmission unit 22 transmits the user DES key encrypted by the client secret key encryption / decryption processing unit 21 to the user (proxy 6). When changing the decryption authority, the client secret key transmission unit 22 transmits the encrypted user DES key to another user (B).

  The decryption authority setting application reception / processing unit 23 receives the ID of another user (B) who wants to change (grant, delete, restrict, etc.) the decryption authority setting of the encrypted file from the user (A) who has the authority to set the decryption authority. And the DES key of the user (A) encrypted with the RSA encryption key of the encryption management server 4 and accepting an application for setting the authority to decrypt the file, and the client information storage unit based on the contents of the change 12 information is updated.

  The above-described components 12 to 23 are actually a certain area secured in the storage medium of the computer system and a program installed in this area, and are called and executed on the RAM by a CPU (not shown). The functions of the present invention are achieved in cooperation with an OS (operation system).

(Configuration of user terminal and cryptographic proxy server)
Next, a schematic configuration of the user terminal 5 and the proxy 6 will be described with reference to FIG. In addition, since the user terminal 5 and the proxy 6 are also comprised by the general purpose computer system, below, it demonstrates focusing on the characteristic structure and function of this invention.

  First, the user terminal 5 transmits / receives information such as a user ID read by the card reader / writer 25 from the user's IC card 7 inserted into the card slot 26 of the card reader / writer 25 to the proxy 6. 27, an interface (I / F) control unit 28 that provides an interface for setting a processing menu and decryption authority and accepts a processing request from a user, and generates and shares an ID of a file created by the user A file writing / reading control unit 29 that controls writing and reading of files stored in the file server 3 is provided. These functions are executed as options such as dedicated software installed in the user terminal 5 or existing document creation software.

  The proxy 6 includes a user terminal control unit 31, a file encryption / decryption processing unit 32, a file transmission unit 33 (file access application unit), an encryption key transmission unit 34, a secret key encryption / decryption processing unit 35, and a user authentication unit 36. A client secret key generation unit 37, a request transmission unit 38, a connection authority update unit 39, a connection authority storage unit 40, and an encryption key information storage unit 41.

  The user terminal control unit 31 controls the transfer of files and user information with the user terminal 5 and instructs the user terminal 5 to execute predetermined processing.

  The file encryption / decryption processing unit 32 encrypts the target file acquired from the user with the user DES key when the user selects file writing to the shared file server 3 on the process menu screen. Also, the encrypted file acquired from the shared file server 3 is decrypted with the user DES key acquired from the encryption management server 4.

  The file transmission unit 33 transmits the file encrypted by the file encryption / decryption processing unit 32 to the shared file server 3 together with the file ID generated by the user terminal 5.

  The encryption key transmission unit 34 encrypts the user's DES key with the RSA encryption key of the encryption management server 4 and transmits it to the encryption management server 4 together with the file ID and the user ID. The encryption key transmission unit 34 transmits the user's RSA encryption key key and the ID of the file to the encryption management server 4 when a file access request is received from the user.

  The private key encryption / decryption processing unit 35 obtains the user's DES key encrypted with the user's RSA encryption key from the encryption management server 4, and decrypts the DES key with the user RSA decryption key. . The file encryption / decryption processing unit 32 decrypts the file with the decrypted DES key. The secret key encryption / decryption processing unit 35 encrypts a user DES key obtained by encrypting the target file by using the RSA encryption key of the encryption management server 4 when writing the file.

  When the user authentication unit 36 receives an access request to the shared file server 3 from the user, the user authentication unit 36 verifies the access authority to the shared file server 3 by comparing the ID of the user with information in a connection authority storage unit 40 described later. To do. When a plurality of folders are set in the shared file server 3, the access authority is authenticated for each folder.

  The client secret key generation unit 37 generates a random user DES key by applying a user ID and a file ID to a predetermined algorithm when writing a file to the shared file server 3.

  The request transmission unit 38 transmits a request received from the user and a request accompanying the request to the encryption management server 4.

  When the access authority to the shared file server 3 and the encryption management server 4 acquired from the IC card 7 and the authority to decrypt the file have been changed, the connection authority update unit 39 stores the information in the connection authority storage unit 40. It is to be updated. These authority changes also occur when a decryption authority setting change is received by the user, an organizational change, personnel changes, or the like.

  The connection authority storage unit 40 stores the access authority to the shared file server 3 and the encryption management server 4 and the decryption authority for each encrypted file stored in the shared file server 3 in association with the user ID. is there.

  The encryption key information storage unit 41 stores the user DES key generated by the client secret key generation unit 37 in association with the user ID.

  The above-described components 31 to 41 are a certain area secured in the storage medium of the computer system that constitutes the proxy server 6 and a program installed in this area, and are called on the RAM by a CPU (not shown). As a result, the functions of the present invention are achieved in cooperation with an OS (operation system).

(Processing process of this system)
Hereinafter, detailed functions of the system 1 will be described together with actual operations with reference to FIGS. In addition, S1-S48 of these figures is a code | symbol which shows a process order, and respond | corresponds to step S1-S48 of the following description.

(File reading process)
FIG. 4 is a flowchart showing processing steps when an encrypted file stored in the shared file server 3 is read.
First, when the IC card 7 is inserted into the card slot 26 of the card reader / writer 25 connected to the user terminal 5 (step S1), the card information input / output unit 27 stores the user information and files stored in the IC card 7. The ID is acquired and transferred to the proxy 6 (step S2). Further, the I / F control unit 28 of the user terminal 5 displays a processing menu screen (not shown) on the display of the terminal 5 and accepts a processing application from the user (step S3). When the user selects “read file” on this menu screen (step S4), the ID of the target file acquired from the IC card 7 is transferred to the proxy 6, and the following file reading process starts. When a user creates a file using document creation software, spreadsheet software, or the like installed on the user terminal 5, "File encryption menu display" can be performed by clicking "Option" on the toolbar or right-clicking the mouse. The processing menu screen may be displayed by selecting. The steps up to here are the same in other processing flows to be described later.

  When “read file” is selected, the user authentication unit 36 of the proxy 6 is activated, and the user ID and server access authority read from the IC card 7 and the information in the connection authority storage unit 40 are collated to check this user's Authentication of server access authority is performed (step S5). When the authentication is valid, the file ID read from the IC card 7 and the user ID are transmitted to the shared file server 3 to request transmission of the encrypted file (step S6). When the shared file server 3 accepts the request, the file search / output unit 10 searches for the corresponding file based on the file ID and transmits it to the proxy 6 (step S7).

  If the authentication in step S5 is valid, the user authentication unit 36 compares the file ID and the user ID with the information in the connection authority storage unit 40 to authenticate the user's authority to decrypt the file ( Step S8). If this authentication is valid, the request transmission unit 38 requests the encryption management server 4 to acquire the user DES key obtained by encrypting the encrypted file (step S9).

  When the cipher management server 4 accepts the request, the client authentication unit 19 is activated, and the user ID and file ID acquired from the proxy 6 are collated with the information stored in the client information storage unit 12 to check the user's corresponding to the target file. Authentication of decryption authority is performed (step S10). If the authentication is valid, the client secret key search unit 20 searches the client secret key storage unit 14 for a user DES key associated with the target file based on the file ID (step S11). The retrieved DES key is encrypted with the RSA encryption key of the user by the client private key encryption / decryption processing unit 35 (step S12). If the user RSA encryption key is stored in the client public key storage unit 13, the user RSA encryption key is used, and if not stored, the user RSA encryption key transmitted from the proxy 6 in step S9 is used. The encrypted user DES key is transmitted to the proxy 6 by the client secret key transmission unit 22 (step S13).

  Next, the secret key encryption / decryption processing unit 35 of the proxy 6 decrypts the user DES key with the user RSA decryption key (step S14). The file encryption / decryption processing unit 32 decrypts the encrypted file acquired in step S7 using the decrypted user DES key (step S15). Finally, the decrypted plaintext file is transferred to the user terminal 5 and can be read (step S16).

  As described above, when the encrypted file is read, the user authentication is performed by both the proxy 6 and the cryptographic management server 4, so that the user can be prevented from impersonating and the security can be improved. In addition, since the RSA key and DES key communicated between the proxy 6 (client 2) and the encryption management server 4 are used to encrypt / decrypt the encryption key on both sides, the file can be decrypted for the first time. The mutual authentication of the proxy 6 and the encryption management server 4 can also be performed.

(File writing process)
FIG. 5 is a flowchart showing processing steps for writing an encrypted file to the shared file server 3. This file write flow starts when “file write” is selected in the process menu of the user terminal 5 in step S4.

  First, similarly to the above, the user authentication unit 36 of the proxy 6 is activated to perform user authentication (step S5). At this time, the file to be written created by the user terminal 5 and the file ID attached to the file are acquired.

  Next, the client secret key generation unit 37 of the proxy 6 applies a user ID or file ID to a predetermined algorithm to generate a random user DES key (step S20). Further, the file encryption / decryption processing unit 32 encrypts the target file by using the generated DES key (step S21). The encrypted file is transmitted to the shared file server 3 by the file transmission unit 33 together with the file ID (step S22). The shared file server 3 stores the acquired encrypted file in the encrypted file storage unit 9 in association with the file ID (step S23).

  The secret key encryption / decryption processing unit 35 searches the server RSA encryption key from the encryption key information storage unit 41, and encrypts the user DES key generated in step S20 with the server RSA encryption key (step S24). ). The encrypted user DES key is transmitted to the encryption management server 4 by the encryption key transmitting unit 34 together with the file ID and the user ID.

  When the encryption management server 4 obtains the user DES key, the client secret key encryption / decryption processing unit 21 is activated to decrypt the DES key with the server RSA decryption key (step S25), and to decrypt the decrypted DES key. Encryption is performed with the user RSA encryption key (step S26). As this user RSA encryption key, either the one acquired together with the user DES key or the one retrieved from the client public key storage unit 13 by the client public key retrieval unit 17 may be used. The encrypted user DES key is stored in the client secret key storage unit 14 in association with the user ID and the file ID (step S27), and the connection authority for the file is stored in the client information storage unit 12 ( Step S28).

  When the processing completion notification is received from the encryption management server 4, the connection authority update unit 42 of the proxy 6 updates the file decryption authority of the connection authority storage unit 40 (step S 29), and the IC card 7 is sent to the user terminal 5. An instruction to write the decryption authority is given (step S30).

  In step S5, if the user has only the access right to a part of the folders of the shared file server 3, it is preferable to refuse writing of the file.

(Process to delete files)
Next, the process of deleting the encrypted file stored in the shared file server 3 will be described with reference to FIG. This file deletion flow starts when “file deletion” is selected in the process menu of the user terminal 5 in step S4.

  First, similarly to the above, the user authentication unit 36 of the proxy 6 is activated to perform user authentication (step S5). At this time, the ID of the file to be deleted is acquired from the user terminal 5 in advance. If the authentication is valid, the user authentication unit 36 further verifies the file ID and the user ID against the information in the connection authority storage unit 40 and authenticates the user's authority to decrypt the file (step S8). . If any authentication is valid, the request transmission unit 38 transmits the ID of the file to be deleted and the user ID to the encryption management server 4 and stores the information related to the file secret key (client DES key). Request for deletion (step S32).

  The encryption management server 4 that has accepted the request compares the acquired file ID and user ID with the information in the client private key storage unit 14 to authenticate the decryption authority (step S33). When the authentication is valid, the decryption authority setting application reception / processing unit 23 searches the user DES key and file decryption authority of the target file based on the file ID, and the client secret key storage unit 14 and the client information storage unit 12 is deleted and updated (step S35). The user RSA encryption key associated with the target file is also deleted when stored in the client public key storage unit 13.

  When the cryptographic management server 4 completes all the processes and sends a completion notification to the proxy 6, the request transmission unit 38 of the proxy 6 accesses the shared file server 3 and designates the ID of the file to be deleted to specify the encrypted file. Is requested to be deleted (step S36). In the shared file server 3 that has received the request, the file search / output unit 10 searches for the target file and deletes it from the encrypted file storage unit 9 (step S37).

  As described above, when deleting a file, the encryption management server 4 first authenticates the decryption authority for the target file of the user and then instructs the shared file server 3 to delete the file. Prevents file deletion.

(Rewriting process of file decryption authority)
FIG. 7 is a flowchart showing the process of rewriting the decryption right. This decryption authority rewrite flow starts when “authority change” is selected in the process menu of the user terminal 5 in step S4. Here, in the “rewriting of decryption authority”, for example, when a decryption authority is newly granted to another user for the target file, the granted authority is deleted or partly restricted (viewing) Only permission and modification and deletion are not permitted, browsing is permitted / not permitted only from a specific user terminal, browsing period and limit of pages that can be browsed, and the like.

  First, similarly to the above, the user authentication unit 36 of the proxy 6 is activated to perform user authentication (step S5). At this time, the ID of the file whose authority is to be changed is acquired from the user terminal 5. When the authentication is valid, the user authentication unit 36 further verifies the file ID and the user ID against the information stored in the connection authority storage unit 40 to authenticate the user's authority to decrypt the file (step S8). . If any authentication is valid, the request transmission unit 38 transmits a file ID and a user ID to the encryption management server 4 to request a change in the decryption authority of the file (step S41).

  The encryption management server 4 that received the request compares the acquired file ID and user ID with the information in the client secret key storage unit 14 to authenticate the decryption authority (step S42). When the authentication is valid, the decryption authority setting application reception / processing unit 23 assigns the file decryption authority (such as the user list and the file access authority for each user) of the target file based on the file ID to the client private key storage unit. 14 is searched and transmitted to the proxy (step S43). The proxy 6 that has acquired the retrieved information instructs the user terminal 5 to accept input for changing the decryption authority (step S44).

  In the user terminal 5, the I / F control unit 28 displays the decryption authority setting screen shown in FIG. 8 on the display and receives an authority change input from the user (step S45). Here, the ownership shown in the screen of FIG. 8 indicates the same authority as the user (super owner) who created the file with respect to the target file. For example, a user having ownership can not only correct / read (view) the target file, but can also grant or restrict the decryption authority to other users and delete the file. On the other hand, the decryption right is simply a right to browse all or a part of the target file, and cannot give the decryption right to other users.

  When the inputted change contents of the decryption authority are transferred to the proxy 6, the connection authority update unit 42 of the proxy 6 transmits to the encryption management server 4 together with the file ID and the user ID (step S46). The decryption authority setting application reception / processing unit 23 of the encryption management server 4 updates the information in the client information storage unit 12 based on the acquired decryption authority (step S47). When the update process of the cryptographic management server 4 is completed and a completion notification is transmitted, the connection authority update unit 42 of the proxy 6 updates the information in the connection authority storage unit 40 and ends this process (step S48). When a user who is newly set with decryption authority inserts his IC card 7 into the user terminal 5, the file can be read in accordance with the processing flow described with reference to FIG. In this case, the user (A) needs to inform the other user (B) of the ID of the target file.

  At the time of rewriting the decryption authority, the user RSA encryption key used for encrypting the secret key stored in the client secret key storage unit 14 of the encryption management server 4 may be changed. In this case, in accordance with steps S24 to S30 in FIG. 5, a new client public key that is common to all rights holders after the change is newly generated and stored in the client secret key storage unit 14 using this public key. Encrypt the private key. As a result, it is possible to more effectively prevent the administrator of the encryption management server 4 or a third party who has illegally accessed the encryption management server 4 from falsifying or obtaining unauthorized access.

  If “authority change” is selected in step S4, the process may immediately jump to step S45 to accept the authority change without waiting for authentication by the proxy 6 or the encryption management server 4. In this case, the proxy 6 performs server authentication (step S5) and decryption authority authentication (step S8) after acquiring the changed content.

  Further, when changing the decryption authority, the client secret key encryption / decryption processing unit 21 decrypts the DES key of the user (A) in the same manner as described above, and another user (B) to which the decryption authority is given. The RSA encryption key may be used for encryption. When the file encryption information acquisition unit 16 acquires the RSA encryption key of the other user (B), the RSA encryption key is used. Otherwise, the client public key search unit 17 determines that the other user (B) Based on the ID of (B), the client public key storage unit 13 is searched for and obtained. Then, the decryption authority setting application reception / processing unit 23 transmits the encrypted DES key of the user (A) together with the file ID to the other user (B). As a result, the other user (B) can immediately access the file.

(Second Embodiment)
Next, a second embodiment of the present invention will be described with reference to FIGS. In this embodiment, the user terminal 5 generates a user encryption key and an authentication encryption key, and stores and manages the user encryption key in an external storage device such as an IC card carried by the user. It is characterized in that the user terminal itself performs the encryption / decryption processing of the electronic file regardless of the proxy 6 and the encryption management server 4 on condition that the encryption keys are prepared.

  (overall structure)

  In this embodiment, a file management system 50 is configured by a user terminal 51 and an external storage device 52 connected to the terminal 51 via a card reader / writer 25. As the external storage device 52, a general-purpose portable memory device (recording medium) such as an IC card, a USB memory, or a flash memory, or another computer connected to the user terminal 51 via a network such as a LAN or the Internet ( A storage device such as the encryption proxy server 6 or the encryption management server 4 can be appropriately employed. In the following, an example in which an encryption key is stored in the IC card 52 as an external storage device will be described. In addition, since the user terminal 51 of this embodiment is configured by a general-purpose computer system, the following description focuses on the characteristic configuration and functions of this embodiment.

  (User terminal configuration)

  In the user terminal 51 of this embodiment, a file storage unit 54, an authentication encryption key storage unit 55, and a program storage unit 56 are connected to a bus 53 to which a CPU, RAM, input / output device and communication device (not shown) are connected. Composed.

  The file storage unit 54 is a text file created by a user using various known application software (file creation unit), a spreadsheet file such as CSV format, a database file, an image file (moving image, still image), audio Various electronic files such as a file, a file obtained by combining these files, and an e-mail file are stored in association with identification information (such as a management serial number) of the file. As will be described later, these electronic files are encrypted with a user encryption key. In the present embodiment, a hash value described later is also stored in the file storage unit 54.

  The encryption key storage unit 55 stores the authentication encryption key generated by the authentication encryption key generation unit 60 described later.

  The program storage unit 56 mainly includes an authentication encryption key generation unit 60, a user encryption key generation unit 61, a user encryption key output unit 62, a file encryption processing unit 63, a hash value calculation unit 64, and a group as an encryption processing function. Encryption key generation unit 65, encryption key acquisition unit 66 as a decryption processing function, user encryption key decryption unit 67 and file decryption processing unit 68, interface (I / F) control unit 28 as a common function and file writing / reading Each program of the control unit 29 is stored. These functions are executed as optional functions such as dedicated software installed in the user terminal 51 or existing application software. Hereinafter, each functional unit will be described in order.

  First, the authentication encryption key generation unit 60 as the encryption processing function uses a secret key encryption method based on basic information such as a serial number of the user terminal 51 and a random number generated based on license information of software constituting the system. The authentication encryption key is generated and stored in the authentication encryption key storage unit 55. As the secret key encryption method, a known method such as DES or AES (Advanced Encryption Standard) can be adopted as in the above embodiment. The basic information for generating the encryption key may be license information itself.

  The user encryption key generation unit 61 uses a user information (password) such as an arbitrary character string / symbol / number input by the user using the user terminal 51 through the user information input interface of FIG. 11 generated by the I / F control unit 28. And the like, a user encryption key of a secret key encryption method (DES, etc.) is generated, and the user encryption key is encrypted with the authentication encryption key acquired from the authentication encryption key storage unit 55.

  The user encryption key output unit 62 transmits the user encryption key encrypted with the authentication encryption key to the IC card 52 for storage. The file encryption processing unit 63 is notified that the transmission to the IC card 52 has been completed. As a result, file encryption is executed.

  In this embodiment, the authentication encryption key is also output to the IC card 52 and stored as a backup. By storing the authentication encryption key separately from the user terminal 51, even if the authentication encryption key is erased for reasons such as initialization of the terminal 51, the authentication encryption key is read out from the IC card 52. It can be stored in the terminal 51 again.

  The encryption key generated as described above and a group encryption key described later are stored in the IC card 52 in the state shown in FIG.

  The file encryption processing unit 63 obtains a user encryption key from the IC card 52 and encrypts the electronic file selected by the encryption / decryption file selection interface of FIG. 13 generated by the I / F control unit 28, and encrypts the file. The data is stored in the storage unit 54. Specifically, a file icon displayed on a folder such as a desktop of the user terminal 51 is dragged with a mouse and dropped on the “encryption” box of this interface, so that the file encryption processing unit 63 is executed. Encrypt electronic files. An example of an encrypted file format is shown in FIG. As described above, by performing the electronic file encryption process only when the IC card 52 is connected to the user terminal 51, the security is improved by the distributed management of the user encryption key and the authentication encryption key. . Note that file encryption can be executed by right-clicking or double-clicking the mouse, or by selecting from a menu such as “Edit” or “Save Option” of the document creation software.

  The hash value calculation unit 64 applies a hash function to a part of the input user information, user encryption key, or electronic file in order to verify a user encryption key by a decryption verification unit 70 (to be described later) when decrypting the electronic file. Thus, the hash value is calculated. As this hash function, a conventionally known one-way function such as SHA-1, MD2, and MD5 can be appropriately employed. The calculated hash value is output to the IC card 52 by the user encryption key output unit 62 and stored together with the encrypted user encryption key. In FIG. 12, the hash value is not shown.

  When generating a hash value from a part of an electronic file, for example, in the case of a text file, a hash function is applied to a character string corresponding to the first or last preset block size. In the format example shown in FIG. 14, the block size of the calculated hash value is set to the same size as the encryption block size, but may be a different size. In this embodiment, since the hash value is used to confirm the validity of the user encryption key, the hash value of the entire file is calculated at the time of encryption, or the entire file is calculated at the time of decryption. It is not necessary to calculate the hash value after decrypting with, and it is sufficient to execute a part of the hash value.

  The group encryption key generation unit 65 is a group identification information such as an arbitrary character string / symbol / number input by the user through the group identification information input interface of FIG. 15 generated by the I / F control unit 28 (group name, group password, etc. ) To generate a group encryption key of a secret key encryption method (DES or the like) for sharing an electronic file between specific groups, and encrypt the generated group encryption key with the authentication encryption key. is there. The encrypted group encryption key is output to the IC card 52 and stored together with the user encryption key by the user encryption key output unit 62 as shown in FIG. In this case, it is preferable that the hash value calculation unit 64 generates a hash value based on the group specifying information.

  Here, there is a possibility that the group specifying information specified by the user coincides with the user specifying information (password or the like) of another user accidentally or intentionally. In this case, all the members in the group share the user encryption key of the other user, which is not preferable in terms of security. Therefore, the group encryption key generation unit 65 of the present embodiment generates a group encryption key by adding, deleting, or changing a symbol that can be identified from the user encryption key. For example, Y is added to the beginning of the user encryption key, and G is added to the beginning of the group encryption key. As a result, even if the user information input by the user and the group identification information are the same, different encryption keys are generated, and the user encryption key and the group encryption key are clearly identified when the file is decrypted. The encrypted file that is not shared is not decrypted with the group encryption key. As shown in the format example of FIG. 14, Y is added to the head of the user encryption key that encrypted the electronic file, and the identification flag of 0 for the user encryption key and 1 for the group encryption key is stored in the IC card 52. Is done.

  Also, as shown in the group encryption key list screen of FIG. 16, a plurality of group encryption keys can be set, and an electronic file shared for each group can be selected. When a plurality of group encryption keys are set, it is possible to select which group encryption key is used (which group shares the file) in the encryption key selection interface of FIG. The file encryption processing unit 63 encrypts the electronic file with the selected user encryption key or group encryption key and stores it in the file storage unit 54.

  Next, the encryption key acquisition unit 66 as a decryption processing function receives an encrypted file read request through the encryption / decryption file selection interface (FIG. 13) generated by the I / F control unit 28. The user encryption key, the group encryption key, and the hash value information read from the user's IC card 52 inserted into the card slot 26 of the card reader / writer 25 are acquired, and from the authentication encryption key storage unit 55 An authentication encryption key is obtained. If multiple group encryption keys are stored, all encryption keys are acquired. Even when the e-mail software receives a read (decryption) request for an e-mail file, it similarly accesses the IC card 52 and the authentication encryption key storage unit 55 to acquire all encryption keys.

  The user encryption key decryption unit 67 decrypts the user encryption key and group encryption key acquired by the encryption key acquisition unit 66 with the authentication encryption key. At this time, the user encryption key or the plurality of group encryption keys are sequentially decrypted, and the process is terminated when the decryption is possible with any one of the encryption keys. As a result, the file can be automatically decrypted without causing the user who has instructed reading the file to select the encryption key (unconsciously).

  Here, the user encryption key decryption unit 67 of the present embodiment applies a hash function to the same information as the basic information (user encryption key, user information, etc.) obtained by the hash value calculation unit 64 calculating the hash value. A decryption verification unit 70 that calculates a hash value and verifies whether the user encryption key is normally decrypted based on whether the hash value acquired from the IC card 52 matches or not is provided. When the hash value is calculated for a part of the file, the decryption verification unit 70 decrypts the part of the file with the user encryption key, calculates the hash value, and verifies the user encryption key. . Thereby, even when a cryptographic key that has been tampered with is stored in the IC card 52, leakage (decryption) of the electronic file can be effectively prevented. This decryption verification is also automatically performed without waiting for an instruction from the user.

  The file decryption processing unit 68 decrypts the encrypted file related to the read request with the user encryption key or the group encryption key that the decryption verification unit 70 determines to have been decrypted normally.

  The I / F control unit 28 and the file writing / reading control unit 29 have the same functions as those in the first embodiment in addition to the functions described above.

(Processing process)
Next, each function in the second embodiment will be described together with processing steps with reference to the flowcharts of FIGS.

(Encryption key generation flow)
First, the encryption key generation process of FIG. 18 will be described. This processing step is executed when the user installs software related to the present system stored in a recording medium such as a CD-ROM in the user terminal 51.

  When software installation starts, the authentication encryption key generation unit 60 acquires basic information such as the serial number of the user terminal 51 and generates an authentication encryption key (steps S50 and S51). The generated authentication encryption key is stored in the authentication encryption key storage unit 30. Further, the user encryption key generation unit 61 acquires a user name and password through the user information input screen shown in FIG. 12, and generates a user encryption key (steps S52 and S53). The generated user encryption key is encrypted with the authentication encryption key by the user encryption key output unit 62 (step S54).

  If the user wishes to register a group (Yes in step S55), the group registration information input interface shown in FIG. 14 is displayed, and the group encryption key generation is performed based on the information input through the input screen. The unit 65 generates a group encryption key (steps S56 and S57). The generated group encryption key is encrypted with the authentication encryption key (step S58). When the user registers a plurality of group encryption keys, the processes in steps S56 to S58 are repeated.

  When all the encryption keys are generated, the hash value calculation unit 64 is activated and calculates a hash value by applying a hash function to the user encryption key or the like (step S59). The calculated hash value is output to the IC card 52 by the user encryption key output unit 62 and stored together with the generated encryption keys (step S60). Even if the encryption key and the hash value are stored in the same IC card 52, there is no security problem because the encryption key cannot be decrypted from the hash value.

  When the IC card 52 is not connected to the user terminal 51 (when the user encryption key or hash value cannot be stored), the software installation process is stopped. Thereby, distributed management of a plurality of encryption keys can be reliably performed.

(Electronic file encryption flow)
Next, an electronic file encryption flow will be described with reference to FIG. The following steps are executed by the file encryption processing unit 63.

  In this process, first, the file encryption processing unit 63 acquires the identification information of the file to be encrypted through the encryption / decryption file selection interface shown in FIG. 13 and accepts an encryption instruction (step S61). At this time, selection of a user encryption key or a group encryption key is also accepted (step S62).

  Next, the user encryption key or group encryption key to be selected is acquired from the IC card 52, and the authentication encryption key is acquired from the authentication encryption key storage unit 55 (steps S63 and S64). The selected encryption key is decrypted with the authentication encryption key (step S65), and the encryption target file is encrypted with the encryption key (step S66). The encrypted electronic file is stored in the file storage unit 54 together with the file identification information (step S67).

  As described above, since the electronic file cannot be encrypted unless the IC card 52 is connected to the user terminal 51, the distributed management of a plurality of encryption keys is surely performed to improve security. Can do.

(Decryption flow of electronic file)
Next, an electronic file decryption flow will be described with reference to FIG.
In this process, first, when the file decryption processing unit 68 acquires the identification information of the electronic file to be decrypted and receives a file decryption instruction through the encryption / decryption file selection interface shown in FIG. (Step S68), the encryption key acquisition unit 66 accesses the IC card 52 connected to the user terminal 51 via the card reader / writer 25 and acquires the user encryption key, the group encryption key, and the hash value (Step S68). S69). The encryption key acquisition unit 66 acquires an authentication encryption key from the authentication encryption key storage unit 55 (step S70), and sequentially decrypts the user encryption key and / or group encryption key (1 or 2 or more). (Step S71).

  When the decryption process is completed for all the encryption keys, the decryption verification unit 70 is activated to calculate the hash value of the decrypted user encryption key (step S72), and the hash value acquired from the IC card 52 matches. Based on the above, it is verified whether the decryption has been performed normally, that is, whether the user encryption key has been tampered with (step S73). If it is determined that the decryption is successful (Yes in step S73), the file decryption unit 69 is handed over the information of the user encryption key to instruct decryption (step S74).

  The file decryption processing unit 69 decrypts the target file with the acquired user encryption key (Yes in step S74, S75). When decryption cannot be performed using the user encryption key (No in step S74), decryption is performed using the group encryption key (steps S76 and S77). If the target file cannot be decrypted even when decryption is performed with all the encryption keys (No in step S76, No in S77), this process is terminated.

  On the other hand, if the hash values do not match (No in step S73), it is determined that the user encryption key has not been successfully decrypted, and the file decryption processing unit 69 executes error processing (step S78). Specifically, a warning message and an encryption key re-creation dialog box are displayed on the user terminal 51. Note that even if the hash values of the user encryption keys do not match, the group encryption keys may match, or vice versa, but any one of the encryption keys may be tampered with and can be decrypted normally. It is not preferable to decrypt the file with a part of the encryption key.

  As described above, since the encryption key for file decryption and the hash value for verification are acquired from the IC card 52 connected to the user terminal 51 when decrypting the encrypted file, the distributed management of the encryption key is performed. Therefore, information leakage / falsification can be suitably prevented.

(Example applied to e-mail file)
Next, an example of encrypting / decrypting an electronic mail between groups using the file management system 50 of the second embodiment will be described with reference to FIG.

  In this embodiment, an e-mail file (including an attached file) created by using e-mail software (mailer) installed in the user terminal 51a of the mail transmission side user is encrypted with the group encryption key, and the same group. To the receiving user terminal 51b, and the receiving user terminal 51b can decrypt and read the e-mail file using the group encryption key.

  Specifically, an e-mail file created by the mailer of the sending user terminal 51a is encrypted with the encryption key of group A by the file encryption processing unit 63, and the recipients (receiving user terminal 51b of the same group) are sent by the mailer. ). In the user terminal 51b that has received the mail, the file decryption processing unit 68 acquires the group encryption key from the IC card 52 and sequentially decrypts it. As a result, since the encryption key of group A can be specified, the electronic mail file is decrypted using this encryption key.

  On the other hand, when another user terminal 51c not set as a recipient receives this e-mail accidentally or illegally on the network, the encryption key of group A is stored in the IC card 52 of this user. Therefore, the e-mail file cannot be decrypted (read).

  Thereby, even when an electronic mail is transmitted / received between specific groups via an open network, information leakage / falsification can be effectively prevented. Since the mail file stored in the user terminal on the receiving side is in an encrypted state other than the mail header (the mail body and attached file), it can be read without the IC card 52 storing the user encryption key. It is possible to effectively prevent e-mail file leakage.

  It should be noted that a file encryption processing unit 63 and a file decryption processing unit 68 are provided in a local proxy on the transmission side / reception side (not shown), respectively, and the mail files are collectively encrypted / decrypted at the time of mail transmission / reception by these proxies. You may make it do. In this case, when the user selects the group A encryption key for the mail file created by the mailer of the transmission-side user terminal 51a and instructs “transmission”, the mail file is transferred to the transmission-side proxy, and the file encryption process is performed. The unit 63 encrypts the data with the group A encryption key. The encrypted mail file is received by the reception side proxy via the network, decrypted by the file decryption processing unit 68, and then transmitted to the reception side user terminal 51b. As a result, the receiver (the receiving user terminal 51b) does not need to be aware of the decryption of the mail file. Note that the method of instructing decryption each time the received mail file is read as described above and the method of this automatic decryption can be switched by selecting the option “Decrypt automatically when receiving”. it can. As a result, the user can use the security level and utility depending on the importance of the mail, the attribute of the group, and the like.

  In addition, by registering the keywords included in the e-mail title and body text, the recipient's address, etc. in association with a specific group encryption key, the user can automatically select the group encryption key each time. Mail can be encrypted.

  In addition, a specific character string to be included in the mail title is registered in advance in association with the group encryption key, and this character string is automatically added to the encrypted mail title and sent to the receiving side. In the user terminal 51b, the group encryption key can be instantly specified. Thereby, since it is not necessary to decrypt all the encryption keys, the time required for reading (decrypting) the mail can be further shortened.

  Furthermore, the e-mail file decrypted by the user terminal 51b on the receiving side is stored in a temporary folder, but it is preferable that the e-mail file is automatically deleted after a predetermined time or simultaneously with the decryption.

(Modification)
The present invention is not limited to the above-described embodiment, and various modifications can be made without departing from the scope of the invention.

  For example, the encryption key is not limited to the above. As public key cryptosystems, ElGamal cryptosystem, elliptic curve cryptography, etc., and as secret key cryptosystems, systems such as Triple DES, FEAL, Rijndael, MISTY, etc. may be adopted as appropriate based on encryption strength, encryption speed, etc. it can.

  In the first embodiment, an example of a network using the WBDAV protocol has been described. However, the present invention is not limited to this. The present invention can also be applied to various file transfer protocols such as FTP (File Transfer Protocol) and MICROSOFT NETWORK.

  Furthermore, when the proxy 6 is set to the user terminal 5 that is the WEBDAV client as in the first embodiment, depending on the type of OS (Operation System) of the user terminal 5, the proxy setting may be integrated with the WEB browser. There is something that is composed by fusing. For this reason, browser settings are also changed by the proxy 6 settings, which may affect browser functions. In this case, it is effective to adopt a multi-stage proxy structure as shown in FIG. 9, for example. Here, the multistage proxy is a method for transmitting information via a plurality of proxy servers having different functions. Specifically, all accesses except the access to the WEBDAV server (shared file server 3 etc.) that requires processing by the cryptographic proxy server 6 in the above embodiment are transmitted to the existing proxy (proxy etc. fused with the browser). To do. As a result, the OS (browser) as described above can be integrated with the client environment while maintaining the independence of the encrypted portion in the present invention.

In order to further improve the security level, the encryption management server 4 of the first embodiment can be changed as follows.
1) During file writing processing to the shared file server 3, the ID of the file to be written and the user RSA encryption key are acquired from the client 2, and a server DES key is generated based on the file ID. The generated DES key is encrypted with the user RSA encryption key and transmitted to the client 2. The client 2 decrypts the transmitted server DES key with the user RSA decryption key, encrypts the file with the server DES key, and transmits the encrypted file to the shared file server 3.

  2) The client private key storage unit 14 is encrypted with the user RSA encryption key. When the user RSA encryption key is generated for each file, only the corresponding record is encrypted for each file. When the RSA encryption key is generated for each client, a plurality of records related to the client 2 are set. Encrypt. As a result, in the case where distributed processing is performed, for example, by encrypting records on another server, it is only necessary to pass the user RSA encryption key to that server, so that the expandability of the system is improved.

  In the second embodiment, a lock mechanism may be added to prevent tampering of the authentication encryption key stored in the user terminal 51. Specifically, when the authentication encryption key stored in the user terminal 51 is changed after the user registers the unlock password and sets the lock mechanism to ON, the authentication encryption key is locked. It is assumed that encryption / decryption processing using this encryption key is not permitted. In order to release the lock, the password for the release is requested.

  In addition, the group encryption key and the group password are registered in association with each other, and when the electronic file is encrypted / decrypted using the group encryption key, the password is required to further improve the security. Also good. In this case, it is necessary to share the group encryption key and password between the groups.

FIG. 1 is a diagram schematically showing a network configuration according to an embodiment of the present invention. FIG. 2 is a block diagram showing a schematic configuration of the encryption management server. FIG. 3 is a block diagram showing a schematic configuration of the client and the proxy. FIG. 4 is a flowchart showing a process of reading a file from the file server. FIG. 5 is a flowchart showing a process of writing a file to the file server. FIG. 6 is a flowchart showing a process of deleting a file from the file server. FIG. 7 is a flowchart showing the process of rewriting the decryption right. It is a figure which shows an example of the setting screen of a decryption right. FIG. 9 is a diagram for explaining the concept of the multistage proxy. FIG. 10 is a block diagram showing a schematic configuration of a file management system according to the second embodiment of the present invention. FIG. 11 is a diagram showing an example of the user information input interface. FIG. 12 is a diagram schematically showing an encryption key stored in the IC card. FIG. 13 is a diagram showing an example of the encryption / decryption file selection interface. FIG. 14 is a diagram showing an example of an encrypted file format. FIG. 15 is a diagram showing an example of the group specifying information input interface. FIG. 16 is a diagram showing an example of the group encryption key list screen. FIG. 17 is a diagram showing an example of the encryption key selection interface. FIG. 18 is a flowchart showing the encryption key generation process. FIG. 19 is a flowchart showing the file encryption process. FIG. 20 is a flowchart showing the file decryption process. FIG. 21 is a diagram showing an example applied to electronic mail.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 ... File management system 2 ... Client 3 ... Shared file server 4 ... Encryption management server 5 ... User terminal 6 ... Encryption proxy server (proxy)
DESCRIPTION OF SYMBOLS 7 ... IC card 8 ... System management server 9 ... Encrypted file storage part 10 ... File search and output part 11 ... Encryption board 12 ... Client information storage part 13 ... Client public key storage part 14 ... Client private key storage part 15 ... Server Secret key storage unit 16 ... File encryption information acquisition unit 17 ... Client public key search unit 18 ... Client secret key generation unit 19 ... Client authentication unit 20 ... Client secret key search unit 21 ... Client secret key encryption / decryption processing unit 22 ... Client secret key transmission unit 23 ... Decryption authority setting application reception / processing unit 25 ... Card reader / writer 26 ... Card slot 27 ... Card information input / output unit 28 ... Interface (I / F) control unit 29 ... File write / read control unit 31 ... User terminal control unit 32 ... File encryption / decryption processing Unit 33 ... File transmission unit 34 ... Encryption key transmission unit 35 ... Secret key encryption / decryption processing unit 36 ... User authentication unit 37 ... Client secret key generation unit 38 ... Request transmission unit 39 ... Connection authority update unit 40 ... Connection authority storage unit DESCRIPTION OF SYMBOLS 41 ... Encryption key information storage part 50 ... File management system 51 ... User terminal 51a ... Transmission side user terminal 51b ... Reception side user terminal 51c ... User terminal other than reception side 52 ... IC card (external storage device)
53 ... Bus 54 ... File storage unit 55 ... Authentication encryption key storage unit 56 ... Program storage unit 60 ... Authentication encryption key generation unit 61 ... User encryption key generation unit 62 ... User encryption key output unit 63 ... File encryption processing unit 64 ... Hash value calculation unit 65 ... Group encryption key generation unit 66 ... Encryption key acquisition unit 67 ... User encryption key decryption processing unit 69 ... File decryption processing unit 70 ... Decryption verification unit

Claims (29)

A file management system in which a file server acquires and manages an encrypted electronic file from a client via a network,
The file server is
A file storage means for storing a file encrypted with a secret key of the client's secret key cryptosystem in association with identification information of the file acquired from the client;
A file transmission unit that retrieves the file identification information from the client and retrieves the file from the file storage unit based on the file identification information when the access request to the encrypted file is received and transmits the file to the client With
The client is connected via a network to a cryptographic management server that manages information for encrypting / decrypting files.
This encryption management server
File encryption information acquisition for acquiring the client private key encrypted with the public key of the encryption management server, the identification information of the encrypted file stored in the file server, and the identification information of the client from the client Means,
Client public key acquisition means for acquiring the public key of the client;
The acquired client private key is decrypted with the secret key of the encryption management server, and the decrypted client private key is encrypted with the acquired client public key and stored in association with the client identification information and the file identification information. A file management system comprising a client secret key storage means. The system of claim 1, wherein
The encryption management server further includes:
When the client requests access to the encrypted file stored in the file server, the client identification information and the identification information of the file are acquired from the client and collated with the information in the client secret key storage unit. A file management system comprising client authentication means for authenticating a client's authority to decrypt a file. The system of claim 2, wherein
The encryption management server further includes:
When authentication by the client authentication unit is valid, a client secret key search / transmission unit that searches the client secret key storage unit for a client secret key related to the corresponding file based on file identification information and transmits the client secret key to the client A file management system characterized by that. The system of claim 1, wherein
The client comprises a user terminal and a cryptographic proxy server connected to the user terminal,
The file server and the encryption management server are connected to a user terminal via the encryption proxy server. The system of claim 1, wherein
The file management system according to claim 1, wherein the client public key acquisition means acquires the identification information of the file when the client accesses the encrypted file of the file server. The system of claim 1, wherein
The file management system, wherein the client and the file server are connected via a network conforming to HTTP (Hypertext Transfer Protocol). The system of claim 1, wherein
The encryption management server further includes:
From the client (A), the identification information of the other client (B) to whom the decryption authority for the encrypted file is to be given, and the secret key of the secret encryption method of the client (A) encrypted with the public key of the encryption management server Obtaining and decryption authority setting application acceptance means for accepting an application for decryption authority setting of the file,
A decryption authority authenticating means for verifying the decryption authority of the client (A) related to the file by comparing the identification information of the client (A) and the identification information of the file with the information of the client secret key storage means;
A secret key decrypting means for decrypting the acquired secret key of the client (A) with the secret key of the encryption key of the encryption management server when the authentication is valid;
Secret key encryption processing means for encrypting the decrypted secret key of the client (A) with the public key of the other client (B);
A file management system comprising: client secret key transmission means for transmitting the encrypted client (A) secret key to the client (B). The system of claim 1, wherein
The file management system, wherein the client secret key storage means executes decryption and encryption of a client secret key by a predetermined algorithm written on a board of the encryption management server. In a client system that sends an encrypted electronic file to a file server via a network for management,
The client system includes a user terminal that creates and modifies a file, and an encryption proxy server that is connected to the user terminal and executes encryption / decryption of the file.
The cryptographic proxy server is connected to the file server and a cryptographic management server that manages information for encrypting / decrypting a file via a network,
This cryptographic proxy server
A file encryption processing means for encrypting a file acquired from the user with a secret key of the secret key encryption method of the client system when a file transmission request from the user to the file server is received;
File transmission means for generating file identification information of an encrypted file and transmitting the file identification information together with the encrypted file;
And a secret key transmitting means for encrypting the secret key of the client system with the public key of the encryption management server and transmitting the encrypted information to the encryption management server together with the identification information of the file and the identification information of the client system. system. The client system according to claim 9, wherein
The cryptographic proxy server further includes:
A file access application means for requesting file access by sending identification information of the file to the file server when receiving an access request to the file of the file server from the user;
Public key transmission means for transmitting the client public key and the identification information of the file to the encryption management server when the file access request is received;
A secret key decryption processing means for obtaining the secret key of the client system's secret encryption method encrypted with the client system's public key from the encryption management server, and decrypting with the secret key of the client system's public key encryption method;
File decryption processing means for decrypting the encrypted file obtained from the file server with the secret key of the decrypted secret encryption method;
A client system comprising: file transmission means for transmitting a decrypted file to a user terminal. The client system according to claim 9, wherein
The proxy server can be connected to a plurality of file servers via a network,
This proxy server further
A connection authority storing means for storing a file server to which a user can connect in association with the user identification information;
User authentication for determining whether a user can connect to the file server according to the request by comparing the user identification information acquired from the user with the information in the connection authority storage means when a connection request from the user to the file server is accepted A client system comprising: means. The client system according to claim 9, wherein
The user terminal obtains user identification information, file server identification information and file identification information connectable to the user from an external recording medium connected to the user terminal. system. A file management method in which a file server acquires and manages an encrypted electronic file from a client via a network,
The file server is
A file storage step of storing a file encrypted with a secret key of the client's secret key cryptosystem in a file storage unit in association with the identification information of the file acquired from the client;
A file transmission step of acquiring the file identification information from the client and receiving a request for access to the encrypted file, searching for the corresponding file from the file storage unit based on the file identification information, and transmitting the file to the client; With
The client is connected via a network to a cryptographic management server that manages information for encrypting / decrypting files.
This encryption management server
File encryption information acquisition for acquiring the client private key encrypted with the public key of the encryption management server, the identification information of the encrypted file stored in the file server, and the identification information of the client from the client Process,
A client public key acquisition step of acquiring a client public key;
The obtained client private key is decrypted with the secret key of the encryption management server, and the decrypted client private key is encrypted with the obtained client public key, and the client secret is associated with the client identification information and the file identification information. A file management method comprising: a client secret key storing step of storing in a key storage unit. 14. The method of claim 13, wherein
Furthermore, the encryption management server
When the client requests access to the encrypted file stored in the file server, the client identification information and the identification information of the file are acquired from the client and collated with the information in the client secret key storage unit. A file management method comprising a client authentication process for authenticating a client's authority to decrypt a file. The method of claim 14, wherein
Further, when the authentication by the client authentication step is valid, the encryption management server retrieves a client secret key related to the corresponding file from the client secret key storage unit based on file identification information and transmits it to the client. A file management method comprising a key search / transmission step. 14. The method of claim 13, wherein
The client comprises a user terminal and a cryptographic proxy server connected to the user terminal,
The file server and the encryption management server are connected to a user terminal via the encryption proxy server. 14. The method of claim 13, wherein
In the file management method, the client public key obtaining step obtains together with the identification information of the file when the client accesses the encrypted file of the file server. 14. The method of claim 13, wherein
The file management method, wherein the client and the file server are connected via a network compliant with HTTP (Hypertext Transfer Protocol). 14. The method of claim 13, wherein
Furthermore, the encryption management server
From the client (A), the identification information of the other client (B) to whom the decryption authority for the encrypted file is to be given, and the secret key of the secret encryption method of the client (A) encrypted with the public key of the encryption management server Obtaining and accepting the decryption authority setting application acceptance process for accepting the decryption authority setting application of the file,
A decryption authority authentication step for verifying the decryption authority of the client (A) related to the file by comparing the identification information of the client (A) and the identification information of the file with the information of the client secret key storage unit;
A secret key decrypting step of decrypting the acquired secret key of the client (A) with the secret key of the public key cryptosystem of the encryption management server when the authentication is valid;
Secret key encryption processing means for encrypting the decrypted secret key of the client (A) with the public key of the other client (B);
A file management method comprising: a client secret key transmission step of transmitting an encrypted secret key of the client (A) to the client (B). 14. The method of claim 13, wherein
The file management method characterized in that the client secret key storing step executes decryption and encryption of the client secret key by a predetermined algorithm written on the board of the encryption management server. A file management system for managing the electronic file by a computer system for storing the encrypted electronic file and an external storage device connected to the computer system,
The computer system includes:
An authentication encryption key generating means for generating an encryption key for authentication of a secret key cryptosystem based on predetermined basic information and storing it in the authentication encryption key storage means;
User encryption key generation means for generating a user encryption key of a secret key encryption method based on user information input by a user using this computer system;
User encryption key output means for encrypting the user encryption key with an authentication encryption key, and outputting and storing the encrypted user encryption key to the external storage device;
A file encryption unit that obtains an encrypted user encryption key from the external storage device, encrypts an electronic file with the user encryption key, and stores the encrypted file in a file storage unit;
An encryption key obtaining unit for obtaining a user encryption key by accessing the external storage device when receiving a request for reading the encrypted file, and obtaining an authentication encryption key from the authentication encryption key storage unit;
User encryption key decryption means for decrypting the acquired user encryption key with an authentication encryption key;
And a file decrypting means for decrypting an encrypted file related to the read request with the decrypted user encryption key. The file management system according to claim 21, wherein
further,
A hash value calculation means for calculating a hash value by applying a hash function to the user information;
The user encryption key output means outputs the calculated hash value together with the encrypted user encryption key to an external storage device, and stores it.
The encryption key acquisition unit acquires the encrypted user encryption key and the hash value from the external storage device when receiving a request to read an encrypted file,
The user encryption key decryption unit calculates a hash value by applying a hash function of the decrypted user encryption key, and based on whether the hash value acquired from the external storage device matches, the user encryption key A verification means for verifying whether or not is successfully decrypted,
The file decrypting means decrypts the encrypted file related to the read request with the user encryption key that the verification means determines to have been decrypted normally. The file management system according to claim 21, wherein
further,
A hash value calculation means for calculating a hash value by applying a hash function to a predetermined block size of the electronic file;
The user encryption key output means outputs the calculated hash value together with the encrypted user encryption key to an external storage device, and stores it.
The encryption key acquisition unit acquires the encrypted user encryption key and the hash value from the external storage device when receiving a request to read an encrypted file,
The user encryption key decryption means decrypts at least the predetermined block size of the electronic file acquired from the external storage device with a user encryption key, calculates a hash value by applying a hash function to the decrypted portion, Verification means for verifying whether the user encryption key is a valid encryption key based on whether the hash value acquired from the external storage device matches,
The file decrypting means decrypts the remaining portion of the encrypted file with the user encryption key determined by the verification means to have been decrypted normally. The file management system according to claim 21, wherein
The user encryption key output means encrypts the user encryption key with an authentication encryption key, encrypts the authentication encryption key with a user encryption key, and stores the encrypted user encryption key and authentication encryption key. A system characterized by being output to and stored in the external storage device. The file management system according to claim 21, wherein
further,
Group encryption key generating means for generating a group encryption key of a secret key encryption method for sharing an electronic file between specific groups based on group specifying information input by a user;
The user encryption key output means encrypts a user encryption key and a group encryption key with an authentication encryption key, and outputs the encrypted user encryption key and group encryption key to the external storage device for storage. ,
The file encryption unit obtains a user encryption key and a group encryption key from the external storage device, encrypts an electronic file with the user encryption key or the group encryption key, and stores the encrypted file in the file storage unit.
The encryption key acquisition means, when receiving a read request for the encrypted file, accesses the external storage device to acquire a user encryption key and a group encryption key,
The user encryption key decryption means decrypts the acquired user encryption key or group encryption key with an authentication encryption key,
The file decrypting means decrypts the encrypted file related to the read request with the decrypted user encryption key or group encryption key. The file management system according to claim 25,
The group encryption key generation means generates a group encryption key by adding, deleting, or changing a symbol that can be identified from a user encryption key. The file management system according to claim 25,
The file encryption means encrypts the created e-mail file and / or attached file of the e-mail with a group encryption key,
The encryption key acquisition means is for acquiring a user encryption key and a group encryption key by accessing the external storage device when an email file and / or an attached file of an email is received. system. A file management method for managing an electronic file by a computer system for storing the encrypted electronic file and an external storage device connected to the computer system,
The computer system is
An authentication encryption key generation step of generating an encryption key for authentication of a secret key encryption method based on predetermined basic information and storing it in an authentication encryption key storage means;
A user encryption key generating step for generating a user encryption key of a secret key encryption method based on user information input by a user using this computer system;
A user encryption key output step of encrypting the user encryption key with an authentication encryption key, and outputting and storing the encrypted user encryption key to the external storage device;
A file encryption step of obtaining an encrypted user encryption key from the external storage device, encrypting an electronic file with the user encryption key, and storing the encrypted file in a file storage unit;
An encryption key acquisition step of obtaining a user encryption key by accessing the external storage device when receiving a request to read the encrypted file, and acquiring an authentication encryption key from the authentication encryption key storage unit;
A user encryption key decrypting step of decrypting the acquired user encryption key with an authentication encryption key;
A file decrypting step of decrypting an encrypted file related to a read request with the decrypted user encryption key. In a client system that stores and manages encrypted electronic files on a recording medium,
File creation means for creating and modifying electronic files;
User encryption key generation means for generating a user encryption key of a secret key encryption method based on user information input by a user using this client system;
A file encryption unit that encrypts an electronic file with the generated user encryption key, generates file identification information of the encrypted file, and stores the encrypted file together with the encrypted file in the recording medium;
An authentication encryption key generation means for generating an authentication encryption key of a secret key encryption method based on predetermined basic information;
A client system comprising: an encryption key encryption unit configured to encrypt the user encryption key with an authentication encryption key and store the encryption key together with the file identification information on the recording medium.

Images