JP2005285020A - Method for guaranteeing originality, information processor, program, and recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To guarantee originality in a way that ensures the consistency of data parts, without being affected by changes to format parts of files where the data parts and format parts coexist. <P>SOLUTION: An originality guaranteeing system 10 causes files where format information 53 and data 82 arriving from an application server 20 in response to write requests coexist to be stored in a format file 70 and a data file 80, with the format information 53 and the data 82 separated from each other, individually encrypted, and given respective electronic signatures 70-1, 80-1. In response to a read request from the application server 20, the system restores the original file for sending to the application server 20 after checking the originality of the format file 70 and the data file 80. In this way, the originality of the data file 80 is unaffected by changes, if any, to the format file 70 and the originality of the data 82 is guaranteed in a consistent way. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a technique for assuring the originality of a file, and more particularly to a technique that is effective when applied to an originality assurance technique that is connected to an application program that handles electronic data and performs information leakage, falsification prevention, detection, etc. of electronic data. .

  With the progress of the information society, securing confidentiality and reliability of information handled by the government and general industries has become an important issue. On the other hand, with the widespread use of information networks, characters and images in files, etc., as represented by markup languages such as HTML and XML, to enable general-purpose information resources to be handled by various applications on the network. It has become common to process the net data with format information for controlling the display mode of the data.

  For example, in a plant system or the like, a file may be created by embedding measurement data collected from various sensors and field devices such as meters in a file format. In this case, it may be necessary to guarantee the originality of the created file from the viewpoint of ensuring accurate data recording.

  In the conventional originality assurance system, for example, as disclosed in Patent Document 1, the entire original document composed of a plurality of files is collectively guaranteed, and the access control level is changed for each derived version. It has been known.

  However, in the conventional originality assurance system method, the file format and the data embedded in it are handled as one file, so even if the data itself has not changed, the application that creates the file If the format changes or the same data is used in multiple formats, the file is considered to be different from the previously saved file, and the file is considered to have been tampered with. It was supposed to be impossible. As a result, the following problems occur.

First, a file created in the past becomes invalid when the file format is changed, and it is necessary to create a new file and manage it as an original. Therefore, technical problems such as complicated application processing by managing the same data by a plurality of files, resulting in an increase in management cost, and compression of hardware resources (disk capacity) occur.
Second, there is a technical problem that it becomes difficult to guarantee continuous invariance of data by changing a file.
JP 2001-5728 A

  An object of the present invention is to create a file in which a data part and a format part used for controlling the data part are mixed without causing complexity of application processing, an increase in management cost, and waste of hardware resources such as disk capacity. The object is to provide a technique capable of realizing the originality guarantee.

  Another object of the present invention is to ensure consistent originality of the data part without being affected by the change of the format part when handling a file in which the data part and the format part used to control the data part are mixed. It is to provide a technology capable of realizing the above.

  A first aspect of the present invention is a method for assuring the originality of a file in which a data part and a format part used for controlling the data part are mixed, and a step of separating the data part and the format part. A method for guaranteeing originality, including the step of individually storing and storing originality assurance processing for each of the data portion and the format portion.

  A second aspect of the present invention is a method for assuring the originality of a file in which a data part and a format part used for controlling the data part are mixed, and the originality assurance process is individually performed and stored. A step of performing originality confirmation processing based on the originality assurance processing for each of the data portion and the formatting portion, and a step of restoring the file using the data portion and the formatting portion that have undergone the confirmation processing; , Including originality guarantee methods.

  A third aspect of the present invention is an information processing apparatus that handles a file in which a data part and a format part used for controlling the data part are mixed, and a function of separating the data part and the format part. A function of individually performing originality guarantee processing for each of the data portion and the format portion and storing the same in the storage means, and the originality guarantee for each of the data portion and the format portion stored in the storage means There is provided an information processing apparatus including a function of performing an originality confirmation process based on a process and a function of restoring the file using the data part and the format part that have undergone the confirmation process.

  A fourth aspect of the present invention is a program for controlling a computer that handles a file in which a data portion and a format portion used for controlling the data portion are mixed, and separates the data portion and the format portion. Provided is a program for causing a computer to realize a function and a function of individually storing and storing originality assurance processing for each of the data portion and the format portion.

  According to a fifth aspect of the present invention, there is provided a program for controlling a computer that handles a file in which a data portion and a format portion used for controlling the data portion are mixed. A function of performing originality confirmation processing based on the originality assurance processing for each of the data portion and the format portion that has been performed, and restoring the file using the data portion and the formatting portion that have undergone the confirmation processing A program for causing the computer to realize the functions is provided.

  According to a sixth aspect of the present invention, there is provided a computer that handles a file in which a data part and a format part used for controlling the data part are mixed, a function of separating the data part and the format part, and the data part And a computer-readable recording medium storing a program for realizing the originality guarantee processing for each of the format sections and storing the same.

  According to a seventh aspect of the present invention, there is provided the data unit stored in a computer that handles a file in which a data unit and a format unit used for controlling the data unit are mixed and subjected to originality assurance processing. And a function of performing an originality confirmation process based on the originality guarantee process for each of the format parts, and a function of restoring the file using the data part and the format part that have undergone the confirmation process. A computer-readable recording medium in which a program for storing data is stored is provided.

According to the present invention described above, the data portion and the format portion of the file are separated, and the originality of the data and the format constituting the file is individually guaranteed, so that it is possible to continue without being affected by the change of the file format. Therefore, it is possible to guarantee the originality of data.
In addition, even if a part of the format is changed, complicated processing such as generation management of the change history is not required for the entire file including both data and format, and the complexity of the application processing that handles the file and the management cost are eliminated. The originality of a file in which a data portion and a format portion used for control of the data portion are mixed can be realized without causing a waste of hardware resources such as increase in disk capacity and disk capacity.

  In this case, as a process of guaranteeing the originality to prevent impersonation of the creator of a file such as an electronic file, forgery or falsification of the file, or denial of contents after file creation (post-rejection), for example, a public key An electronic signature using a cryptographic technique can be generated to perform identity authentication, ensure integrity, and prevent non-repudiation.

  Here, the electronic signature refers to a signature using public key cryptography. The electronic signature is generated by generating a fixed-length hash value called a message digest from the write file and encrypting the value with the secret key of the originality assurance system. Since the message digest has the feature that it is impossible to generate the same value from different data, the message digest generated from the file changes when the file is changed, so it can be used for document alteration detection. I can do it. This document alteration detection is called electronic signature verification.

  According to the present invention, a file including a data portion and a format portion used for controlling the data portion can be mixed without complicating application processing, increasing management costs, and wasting hardware resources such as disk capacity. It is possible to realize originality guarantee.

  In addition, when handling a file in which the data part and the format part used to control the data part are handled, it is possible to guarantee consistent originality of the data part without being affected by changes in the format part. It becomes.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.
FIG. 1 is a conceptual diagram showing an example of the operation of the originality assurance method according to an embodiment of the present invention, and FIGS. 2 to 6 show various information used in the originality assurance method of the present embodiment. FIG. 7 is a conceptual diagram showing an example of the configuration of an information processing system including a file server which is an example of an information processing apparatus in which an originality assurance method according to an embodiment of the present invention is implemented. It is.

  In the originality assurance method according to the present embodiment, for example, in a plant system, data collected from field devices such as sensors installed in the field is stored in the database system of the application server 20 and stored in the database system or the like. The original data can be applied to guarantee the originality of a file such as an electronic file such as a report created by embedding the data in an arbitrary hypertext format such as HTML or XML.

  It can also be applied to guaranteeing the originality of electronic data consisting of application data and its format, which is handled by an electronic application system using a public line such as the Internet. In addition, the present invention can be applied to all systems that require guarantee of the originality of electronic data such as electronic files.

  As illustrated in FIG. 7, the originality assurance system 10 of this embodiment that functions as a file server includes a microprocessor 11, a main memory 12, an external storage device 15, a network interface 16, and a portable medium. A drive 17 and a bus 18 for connecting them are provided.

  The main memory 12 includes an operating system 30 executed by the microprocessor 11, a program such as an originality assurance processing program 31 having a function of executing an originality assurance method described later, and various data and tables described later. Stored.

  The external storage device 15 permanently holds the above-described operating system 30 and originality assurance processing program 31 loaded into the main memory 12, and stores various tables and the like to be used by the originality assurance processing program 31 described later. Is done.

  The network interface 16 functions as a connection interface for connecting the originality assurance system 10 and the external application server 20 via an information network.

  The portable medium drive 17 has a function of recording / reproducing data with respect to a removable portable medium 19. Then, the originality guarantee processing program 31 is stored and distributed in the portable medium 19, for example, read by the portable medium drive 17 and mounted in the external storage device 15, and read into the main memory 12 as necessary. It is issued and executed. The originality guarantee processing program 31 can also be installed in the external storage device 15 from an external information network via the network interface 16. It can also be directly loaded into the originality assurance processing program 31 from an external information network and executed.

  In addition, as necessary, the display 13 and an input device 14 such as a keyboard and a mouse are used as a user interface for visualizing and presenting information to the system administrator and receiving information input such as commands from the system administrator. Can be provided.

Next, an example of various types of information used by the originality assurance processing program 31 in the originality assurance system 10 of this embodiment will be described.
FIG. 2 shows an example of the format management table 50. Individual format information 53, a file type 52 for identifying the type of file in which the format information 53 is used, and a format identifier 51 for identifying each of the format information 53 are stored in association with each other.

  FIG. 3 shows an example of a format-data correspondence management table 60 that defines the correspondence between the format file 70 in which the format information constituting each file is stored together and the data file 80 in which the data is stored together. The file identification information 61 for distinguishing individual files, the format file identification information 62 for distinguishing individual format files 70, and the data file identification information 63 for distinguishing individual data files 80 are stored in association with each other. .

  FIG. 4 shows an example of the format file 70 in which the format information included in the specific file is stored together. The format file identification information 62, the format identifier 51 corresponding to each of the plurality of format information, and Is stored.

A format storage memory 70a described later has the same configuration as the format file 70.
FIG. 5 shows an example of a data file 80 in which data included in a specific file is stored together. Data file identification information 63 for identifying the data file 80, a plurality of data 82, A data identifier 81 is stored. A data storage memory 80a described later has the same configuration as the data file 80.

  FIG. 6 shows an example of a file configuration management table 90 for recording the format information and data configuration in each file. The file identification information 61 and the format identifier 51 indicating the format information included in the file. A data identifier 81 indicating data is recorded in the order of appearance of format information and data.

  The format management table 50, the format-data correspondence management table 60, the format file 70, the data file 80, and the file configuration management table 90 are stored permanently in the external storage device 15, for example, and the originality guarantee processing program 31 is stored. Thus, it is read out to the main memory 12 and updated as necessary. The format storage memory 70a and the data storage memory 80a are arranged in the main memory 12 or the external storage device 15.

Hereinafter, an example of the operation of the present embodiment will be described with reference to the flowcharts of FIGS. 1, 8, and 9.
Prior to writing a file from the application server 20 to the originality assurance system 10, the format and file type used in the file for the originality assurance system 10 are prepared in advance in the format management table 50 illustrated in FIG. register. The format registered here is, for example, tag information used in the case of an XML file or an HTML file, and the file type is information that can be identified from the file extension or the like. In the case of an XML file, “xml” is used. In the case of an HTML file, “html”. After registering the file type and format, the file is written from the application server 20 to the originality assurance system 10.

  First, referring to FIG. 1, the overall flow of originality assurance processing in the present embodiment will be described. In the file writing process, the application server 20 embeds data 82 in the file format (format information 53) (step 101), transfers the file generated in step 101 to the originality assurance system 10 as a file server, and requests writing. (Step 102).

  Upon receiving this write request, the originality assurance system 10 side separates the format information 53 and data 82 of the file to be written that arrives from the application server 20 (step 103), and further each of the format information 53 and data 82. Are stored in the format file 70 and the data file 80 and individually encrypted, and an electronic signature is generated for each of them, and an electronic signature 70-1 and an electronic signature 80-1 are respectively added to the format file 70 and the data file 80. Attached, separated and stored (step 104).

  On the other hand, in the file reading process, when the application server 20 issues a file reading request to the originality assurance system 10 (step 105), the originality assurance system 10 decrypts the data file 80 and the format file 70 of the requested file. At the same time, file tampering verification is performed using the electronic signature 80-1 and the electronic signature 70-1 (step 106), and then the file is restored by combining the format information 53 and the data 82 (step 107). To the application server 20 (step 108).

Next, the operation at the time of file writing in steps 101 to 104 in FIG. 1 will be described in detail with reference to the flowchart in FIG.
As illustrated in FIG. 8, the originality assurance system 10 receives a file to be written in response to a file write request from the application server 20, confirms the type of the written file by an extension, and the like. From the top, the presence / absence of the format (format information 53) registered in the format management table 50 of FIG. 2 is searched and confirmed (step 201).

  When the format information 53 is found (step 202), the format is stored in the format storage memory 70a (step 203). The format storage memory 70a has the same configuration as the format file 70 illustrated in FIG.

  Information in the file that is not registered in the format management table 50 is determined as data and stored in the data storage memory 80a (step 204). The configuration of the data storage memory 80a is the same as that of the data file 80 illustrated in FIG.

  When registering in the data storage memory 80a, a data identifier 81 is assigned to the data to be stored and stored together with the data 82 itself. By searching from the beginning of the file, the format (format information 53) and data (data 82) appear alternately. The identifiers (format identifier 51, data identifier 81) are assigned in the order of appearance of the format and data. The file is recorded in the file configuration management table 90 illustrated in FIG. 6 (step 205).

  After searching the entire file, the contents of the format storage memory 70a are encrypted and an electronic signature 70-1 is generated. The encrypted file is the format file 70 illustrated in FIG. 4, and the electronic signature 70-1 is the format file. 70 as an electronic signature file (step 207).

  Further, the contents of the data storage memory 80a are encrypted and an electronic signature 80-1 is generated. The encrypted file is the data file 80 illustrated in FIG. Save as a signature file (step 208).

  At this time, as information for managing the original file, the format file 70 and the data file 80 in association with each other, file identification information 61 (for example, the file name of the original file), format file identification information 62 (for example, the format file) And the data file identification information 63 (for example, the file name of the data file) are recorded in the format-data correspondence management table 60 illustrated in FIG. 3 (step 209).

  In FIG. 10, as an example of the original file, the format file 70 when separating the electronic file 40, which is an HTML file, into the format and data for writing to the originality assurance system 10 from the application server 20 as described above. The contents of the data file 80 and the file configuration management table 90 are specifically shown.

  As illustrated in FIG. 10, an electronic file 40 such as an HTML file in which data and tags as format information for controlling the display mode of the data are mixed is based on the format management table 50 or the like. As a result, a format file 70 to a file configuration management table 90 relating to the electronic file 40 are generated. Each of the format file 70 and the data file 80 is individually subjected to originality assurance processing such as generation and attachment of the electronic signature 70-1 and the electronic signature 80-1.

Next, the file reading operation in steps 105 to 108 in FIG. 1 will be described in detail with reference to the flowchart in FIG.
As shown in the flowchart of FIG. 9, after receiving the file read request from the application server 20, the originality assurance system 10 refers to the format-data correspondence management table 60 (FIG. 3) and reads the file name of the read request file. The format file 70 (FIG. 4) and the data file 80 (FIG. 5) of the corresponding file are read from the file identification information 61 such as (step 301).

  The read format file 70 (FIG. 4) is subjected to decryption processing and electronic signature verification using the electronic signature 70-1 (step 302). When tampering is detected (step 303), the format file 70 (FIG. 4) is displayed. The falsification error information of 4) is recorded on the memory of the main memory 12 (step 304).

  Similarly, decryption processing and electronic signature verification using the electronic signature 80-1 are performed on the read data file 80 (FIG. 5) (step 305), and if tampering is detected (step 306), the data file The falsification error information shown in FIG. 5 is recorded on the memory of the main memory 12 (step 307).

  If no alteration is detected in either the format file 70 or the data file 80, the format identifier 51 and the data identifier recorded in the file configuration management table 90 (FIG. 6) are referred to the file configuration management table 90 (FIG. 6). According to the configuration 81, the contents of the format file 70 (FIG. 4) and the data file 80 (FIG. 5) are combined (step 309) to restore the original file. The restored file responds to the read request source (step 310).

  In the specific example of FIG. 10, the above-described reading process includes a process of restoring the original electronic file 40 using the format file 70 to the file configuration management table 90 on the lower side and the format management table 50 on the upper side. Will be done.

  When falsification is detected in either the format file 70 or the data file 80, or both files, error information recorded in the memory of the main memory 12 is returned to the application server 20 that is the file read request source (step 311). .

  As described above, in the originality assurance method of the present embodiment, the format constituting the file such as the electronic file 40 and the data embedded therein are separated into the format file 70 and the data file 80, respectively. Since each is managed as an original with an electronic signature, for example, when only the file format is changed, it is possible to prove that data mixed in the format has not been changed.

As a result, it is possible to guarantee continuous invariance of data included in the file such as the electronic file 40.
In addition, even if the file format is changed, it is guaranteed that the data has not been changed. Therefore, each time the file format is changed, a process of generating a new original file generation and managing a plurality of generations is performed. It becomes unnecessary. That is, it is not necessary to hold and manage the same data in a plurality of generation files, and the application processing for handling the electronic file 40 is simplified. As a result, it is possible to reduce the management cost of the original electronic file 40 and to effectively use hardware resources by reducing the usage amount of the external storage device 15 such as the disk capacity.

It is a conceptual diagram which shows an example of an effect | action of the originality guarantee method which is one embodiment of this invention. It is a conceptual diagram which shows an example of the format management table used with the originality guarantee method which is one embodiment of this invention. It is a conceptual diagram which shows an example of the format-data corresponding | compatible management table used with the originality guarantee method which is one embodiment of this invention. It is a conceptual diagram which shows an example of the format file used with the originality guarantee method which is one embodiment of this invention. It is a conceptual diagram which shows an example of the data file used with the originality guarantee method which is one embodiment of this invention. It is a conceptual diagram which shows an example of the file structure management table used with the originality guarantee method which is one embodiment of this invention. It is a conceptual diagram which shows an example of a structure of the information processing system with which the originality guarantee method which is one embodiment of this invention is implemented. It is a flowchart which shows an example of an effect | action of the originality guarantee method which is one embodiment of this invention. It is a flowchart which shows an example of an effect | action of the originality guarantee method which is one embodiment of this invention. It is a conceptual diagram at the time of applying an example of the effect | action of the originality guarantee method which is one embodiment of this invention to a specific electronic file.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 Originality guarantee system 11 Microprocessor 12 Main memory 13 Display 14 Input device 15 External storage device 16 Network interface 17 Portable medium drive 18 Bus 19 Portable medium 20 Application server 30 Operating system 31 Originality guarantee processing program 40 Electronic file 50 Format management table 51 Format identifier 52 File type 53 Format information 60 Format-data correspondence management table 61 File identification information 62 Format file identification information 63 Data file identification information 70 Format file 70-1 Electronic signature 70a Format storage memory 80 Data file 80- 1 Electronic signature 80a Data storage memory 81 Data identifier 82 Data 90 File configuration management table Le

Claims (11)

A method for guaranteeing the originality of a file in which a data part and a format part used for controlling the data part are mixed,
Separating the data portion and the format portion;
A process of performing originality assurance processing for each of the data portion and the format portion and storing the data portion and the format portion individually;
A method for guaranteeing originality, comprising: A method for guaranteeing the originality of a file in which a data part and a format part used for controlling the data part are mixed,
A step of performing originality confirmation processing based on the originality assurance processing for each of the data portion and the format portion that are stored after being subjected to originality assurance processing;
Restoring the file using the data part and the format part that have undergone the confirmation process;
A method for guaranteeing originality, comprising:   3. The originality assurance method according to claim 1, wherein the originality assurance process is an electronic signature attachment process using a public key encryption technique. An information processing apparatus that handles a file in which a data part and a format part used for controlling the data part are mixed,
A function of separating the data part and the format part;
A function of performing originality guarantee processing for each of the data part and the format part and storing them in a storage means;
A function of performing originality confirmation processing based on the originality guarantee processing for each of the data portion and the format portion stored in the storage means;
A function of restoring the file using the data part and the format part that have undergone the confirmation process;
An information processing apparatus comprising:   5. The information processing apparatus according to claim 4, further comprising a function of performing an electronic signature attachment process using public key cryptography as the originality guarantee process. A program for controlling a computer that handles a file in which a data portion and a format portion used for controlling the data portion are mixed,
A function of separating the data part and the format part;
A function of performing originality guarantee processing for each of the data part and the format part and storing them individually;
A program for causing the computer to realize the above. A program for controlling a computer that handles a file in which a data portion and a format portion used for controlling the data portion are mixed,
A function of performing originality confirmation processing based on the originality assurance processing for each of the data portion and the format portion that have been individually subjected to originality assurance processing and stored;
A function of restoring the file using the data part and the format part that have undergone the confirmation process;
A program for causing the computer to realize the above.   The program according to claim 6 or 7, further causing the computer to realize a function of attaching a digital signature using a public key encryption technique as the originality guarantee processing. In a computer that handles a file in which a data part and a format part used for controlling the data part are mixed,
A function of separating the data part and the format part;
A function of performing originality guarantee processing for each of the data part and the format part and storing them individually;
A computer-readable recording medium storing a program for realizing the above. In a computer that handles a file in which a data part and a format part used for controlling the data part are mixed,
A function of performing originality confirmation processing based on the originality assurance processing for each of the data portion and the format portion that have been individually subjected to originality assurance processing and stored;
A function of restoring the file using the data part and the format part that have undergone the confirmation process;
A computer-readable recording medium storing a program for realizing the above.   The computer-readable recording according to claim 9 or 10, wherein the program further causes the computer to realize a function of attaching an electronic signature using a public key encryption technique as the originality guarantee processing. Medium.

Images