JP2006260224A - Backup method for data, backup processing system and computer program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To securely backup and store data, even when a common key encryption system is used. <P>SOLUTION: A backup object file is divided into a plurality of blocks (#13), the respective blocks are encrypted by using different cryptographic keys (#19), and the respective encrypted blocks are stored in a storage medium such as a magnetic tape (#20). The cryptographic key that is used is decided, based on the attributes of the blocks. Alternatively, a plurality of cryptographic keys are stored, and the cryptographic key to be used is decided from among them. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a method and system for encrypting and backing up data such as files.

  Conventionally, in the event that a storage device storing data becomes unusable due to a trouble such as a disaster, it is widely backed up and stored in a portable storage medium such as a magnetic tape. Has been done. Magnetic tapes with backed up data are stored under strict security, but nevertheless the possibility of being stolen by others is not zero. Also, the magnetic tape may be transported and stored in a remote location so that data can be restored at a location away from the affected area. In this case, the magnetic tape may be stolen during conveyance.

  Therefore, a method for encrypting and backing up data is widely used so that even if the magnetic tape is stolen, another person cannot restore the data. As described in Patent Document 1, there are public key cryptography and common key cryptography as encryption methods.

  According to the public key cryptosystem, since two types of keys, a public key and a secret key, are used properly, security is high. That is, for example, when backing up the data of the storage device of the Tokyo branch of a company to a storage medium and storing it in the Osaka branch, issue the public key and secret key in the Osaka branch, send the public key to the Tokyo branch, Store the private key at the Osaka branch. Then, the Tokyo branch may encrypt the data using the public key received from the Osaka branch and back it up to a storage medium. Encrypted data cannot be decrypted without a secret key, but since the secret key never leaves the Osaka branch as described above, it is highly secure.

However, the public key cryptosystem takes longer time for encryption and decryption than the common key cryptosystem. Therefore, when backing up a large amount of data at a high speed, a common key cryptosystem is often used.
JP 2004-355251 A

  However, according to the common key cryptosystem, both encryption and decryption are performed with one common encryption key. Therefore, an encryption key that can be used for decryption must be exchanged between the Tokyo branch and the Osaka branch at least once. Then, there is a risk that this encryption key will be stolen.

  As described above, the common key cryptosystem is superior in the processing speed of encryption and decryption compared to the public key cryptosystem, but has a problem that the security is low.

  In view of such a problem, an object of the present invention is to enable data to be backed up and stored safely even when a common key cryptosystem is used.

  The data backup method according to the present invention divides data to be backed up into a plurality of blocks, encrypts the divided blocks using mutually different encryption keys, and stores the encrypted blocks. It is memorized in.

  A plurality of encryption keys are stored in the encryption key storage means, and an encryption key to be used for encryption is determined from among the encryption keys stored in the encryption key storage means. Also good.

  According to the present invention, data can be backed up and stored safely even when a common key cryptosystem is used.

  FIG. 1 is a diagram showing an overview of the data management device 1 and an outline of data backup, FIG. 2 is a diagram showing an example of a hardware configuration of the data management device 1, and FIG. 3 is an example of a functional configuration of the data management device 1. FIG.

  A data management apparatus 1 shown in FIG. 1 manages data used by a user for business, and backs up (saves) these data to a removable recording medium 2 periodically or based on a user instruction.

  When the data managed by the data management device 1 becomes unusable due to a trouble such as a failure or a user operation mistake, the data management device stores the data backed up in the recording medium 2 after performing necessary repairs. 1 can be restored. Alternatively, it can be restored to another data management device 1. For example, if the user accidentally deletes data managed by the data management device 1A, the data backed up on the recording medium 2 can be restored to the data management device 1A. When the data management device 1A is broken due to a disaster or the like, the data backed up on the recording medium 2 can be restored to the data management device 1B.

  As shown in FIG. 2, the data management device 1 includes a CPU 10a, a RAM 10b, a ROM 10c, a magnetic disk device (hard disk) 10d, an input / output interface 10e, an input interface 10f, a video interface 10g, a communication interface 10h, and the like.

  The input / output interface 10e is an interface such as SCSI, IEEE1394, or USB, and is connected to a device (drive) that performs a process of writing data to the recording medium 2 and a process of reading data from the recording medium 2. In this embodiment, a case where a magnetic tape is used as the recording medium 2 and a magnetic tape device 15 is used as a drive will be described as an example.

  The input interface 10f is an interface such as PS / 2 or USB, and is connected to an input device 16 for user operation such as a keyboard and a mouse. The video interface 10g is a standard interface such as DDC (Display Data Channel) or D-Sub, and the display 17 is connected to the video interface 10g. The communication interface 10h is a LAN card or modem for Ethernet (registered trademark), and connects the data management apparatus 1 to a terminal device such as a personal computer via a communication line.

  The ROM 10c or the magnetic disk device 10d includes a backup file reading unit 101, a file dividing unit 102, a backup identification information generating unit 103, an encryption key determining unit 104, an encryption processing unit 105, an encryption block as shown in FIG. Writing unit 106, encrypted block reading unit 121, backup identification information reading unit 122, decryption key determination unit 123, decryption processing unit 124, decryption block combination unit 125, restore file output unit 126, encryption key information registration processing unit 131 , And a program and data for realizing functions such as the encryption key management unit 132 are stored. These programs and data are loaded into the RAM 10b as necessary, and the programs are executed by the CPU 10a.

  4 is a diagram showing an example of the encryption key management table TL1, FIG. 5 is a diagram showing an example of dividing the file FL, FIG. 6 is a diagram showing an example of the backup identification information 70, and FIG. 7 is a flow of the encryption key determination process FIG. 8 is a diagram illustrating an example of a backup file FLB stored in the recording medium 2.

  Next, the processing contents of each unit of the data management apparatus 1 shown in FIG. 3 will be roughly classified into processing relating to encryption key management, backup processing, and restoration processing.

[Processing related to encryption key management]
The encryption key management unit 132 has an encryption key management table TL1 as shown in FIG. 4, and manages the encryption key KY for encrypting the file FL to be backed up or decrypting the file FL to be restored. In the present embodiment, a case where a common key of a common key method is used as the encryption key KY will be described as an example. In the encryption key management table TL1, N (where N ≧ 2) encryption keys KY are prepared. A unique key number is associated with the encryption key KY to distinguish it from other encryption keys KY. However, the key numbers are assigned serial numbers such as 1, 2,...

  The encryption key information registration processing unit 131 performs a process for registering the encryption key KY in the encryption key management table TL1. Such processing is executed by the following procedure, for example. When the administrator operates the input device 16 to give an instruction for generating the encryption key KY, the encryption key information registration processing unit 131 generates the encryption key KY using a known algorithm or the like. Then, a key number is issued for the encryption key KY and registered in the encryption key management table TL1.

  The contents of the encryption key management table TL1 of the data management apparatus 1A and the contents of the encryption key management table TL1 of the data management apparatus 1B are exactly the same. That is, when the encryption key management table TL1 is generated in one data management apparatus 1, the encryption key management table TL1 is copied and provided in the other data management apparatus 1.

[Processing for backup]
The backup file reading unit 101 reads the backup target file FL from the magnetic disk device 10d. The file dividing unit 102 divides the read file FL into blocks BK by dividing the read file FL into predetermined blocks (block lengths) in order from the top as shown in FIG. Then, sequentially from the top block BK, sequential block numbers “00001”, “00002”,... Are given as identification information for identifying the blocks BK. The block length can be arbitrarily specified by the user.

  The backup identification information generation unit 103 generates backup identification information 70 as shown in FIG. 6 for the read file FL. In the backup identification information 70, “file name” indicates the file name of the file FL. “Backup date and time” indicates the date and time when execution of the current backup processing is started. “Media ID” is identification information for identifying the recording medium 2 that is the backup destination of the file FL. A positive integer value is used as the media ID. The backup identification information generation unit 103 issues a unique media ID each time a new recording medium 2 is set in the magnetic tape device 15. “Block length” indicates the data size of the block BK, that is, the block length.

  The encryption key determination unit 104 determines an encryption key KY to be used for encrypting the file FL. In this embodiment, since encryption is performed with a different encryption key KY for each block BK, the encryption key KY is determined for each block BK. The encryption key KY is determined by a procedure as shown in FIG. 7, for example.

A predetermined hash function prepared in advance is called (# 101). In the present embodiment, a hash function having three parameters p1 to p3 as shown in the following equation (1) is prepared.
y = MOD {(p1 × w1 + p2 × w2 + p3 × w3), N} (1)
However, w1, w2, and w3 are positive integer coefficients for weighting.
N is the number of encryption keys KY registered in the encryption key management table TL1 in FIG.
MOD (α, β) means the remainder when α is divided by β.

  The hash function parameters p1, p2, and p3 include the media ID value, backup date and time value of the backup identification information 70 generated by the backup identification information generation unit 103, and the block number of the block BK to be encrypted, respectively. A value is substituted (# 102). Then, the hash value (y) is obtained by calculating the right side. As the backup date and time, the total date from the reference date and time (for example, 0:00 (January 1, 1970 0:00, which is the base date and time) determined by GMT) to the backup date and time, that is, the epoch second is used. It is done.

  Then, the encryption key management table TL1 is referenced (# 103), and the encryption key KY having the same key number as the obtained hash value is determined as the encryption key KY used for encryption of the block BK (# 104). ).

For example, the file FL is divided into three blocks BK, the media ID of the recording medium 2 as the backup destination is “123456”, the epoch second of the backup date is “383866.5625”, and is stored in the encryption key management table TL1. It is assumed that the number N of registered encryption keys KY is “20”. It is assumed that “3”, “20000”, and “7” are set as the weighting coefficients w1, w2, and w3, respectively. In this case, the encryption key KY of the first block BK is determined as the encryption key KY having the key number “5” as shown in the following equation (2-A). The encryption key KY of the second block BK is determined as the encryption key KY having the key number “12” as shown in the following equation (2-B). The encryption key KY of the third block BK is determined as the encryption key KY having the key number “19” as shown in the following equation (2-C).
y = MOD {(123456 × 3 + 38386.5625 × 20000 + 00001 × 7) / 20} = 5 (2-A)
y = MOD {(123456 × 3 + 38386.5625 × 20000 + 00002 × 7) / 20} = 12 (2-B)
y = MOD {(123456 × 3 + 38386.5625 × 20000 + 00003 × 7) / 20} = 19 (2-C)

Returning to FIG. 3, the encryption processing unit 105 encrypts each block BK divided by the file dividing unit 102 using each encryption key KY determined by the encryption key determining unit 104. The encryption process may be performed using a known encryption algorithm, or may be performed using a uniquely determined encryption algorithm.

  The data management device 1A and the data management device 1B use the same encryption algorithm. That is, when the data management device 1A and the data management device 1B encrypt the same block BK using the same encryption key KY, the same encrypted data is generated. The decryption algorithm to be described later is also common to the data management device 1A and the data management device 1B.

  As shown in FIG. 8, the encryption block writing unit 106 stores the backup identification information 70 generated by the backup identification information generation unit 103 on the recording medium 2 set in the magnetic tape device 15 in the HDR record (heading label). Record) and the encrypted blocks BK are written in ascending order of block numbers. At this time, the block number is written together with the block BK. Thereby, the backup processing of the file FL is completed. Hereinafter, the set of backup identification information 70 and each block BK written in the recording medium 2 may be referred to as “backup file FLB”.

[Processing for restoration]
The encrypted block reading unit 121 reads the blocks BK from the backup file FLB backed up on the recording medium 2 in ascending order of block numbers. The backup identification information reading unit 122 reads the backup identification information 70 from the backup file FLB.

  The decryption key determination unit 123 determines an encryption key KY that is used to decrypt the read block BK. The procedure of the determination process is basically the same as the procedure for determining the encryption key KY used for encryption. That is, by calling the hash function of equation (1) (# 101) and substituting the values of the media ID, the backup date and time, and the block number of the block BK to be decrypted into the parameters p1, p2, and p3, respectively. A hash value is obtained (# 102). Then, referring to the encryption key management table TL1 in FIG. 4 (# 103), the encryption key KY having the same key number as the obtained hash value is determined as the encryption key KY used for decryption of the block BK ( # 104). However, the values shown in the backup identification information 70 read from the recording medium 2 by the backup identification information reading unit 122 are used as the media ID value and the backup date and time value. The backup date and time is used after being converted into epoch seconds.

  Thus, for a certain block BK, the hash function used to determine the encryption key KY for decryption, the encryption key management table, and each value substituted for the parameters p1 to p3 of the hash function are: They are all the same as those used to determine the encryption key KY for encryption. Therefore, the determined encryption key KY for encryption and encryption key KY for decryption are always the same.

  The decryption processing unit 124 decrypts the block BK read from the recording medium 2 using the encryption key KY determined by the decryption key determination unit 123 for the block BK. As a decryption algorithm, an algorithm corresponding to the encryption algorithm used in the encryption processing unit 105 is used. That is, the block BK is decrypted by performing a calculation process opposite to the step executed by the encryption processing unit 105.

  The decryption block combining unit 125 restores the file FL by combining the blocks BK decrypted by the decryption processing unit 124 in the order of block numbers. The restore file output unit 126 outputs the restored file FL to a predetermined storage location (for example, a predetermined directory of the magnetic disk device 10d).

  FIG. 9 is a flowchart for explaining an example of the flow of backup processing, and FIG. 10 is a flowchart for explaining an example of the flow of restore processing.

  Next, the flow of backup and restore processing of the file FL will be described with reference to a flowchart, taking as an example the case where the data management device 1A and the data management device 1B are used under the following conditions. A data management apparatus 1A is installed in a Tokyo branch of a company, and a data management apparatus 1B is installed in an Osaka branch. The file FL normally used in the data management apparatus 1A is periodically backed up to the recording medium 2. Then, in preparation for the case where the data management apparatus 1A becomes inoperable, the recording medium 2 on which these files FL are backed up is transported to the Osaka branch and stored.

  In FIG. 9, the data management device 1A determines a file FL to be backed up (# 11), and reads the file FL from the magnetic disk device 10d (# 12). The file FL is divided into blocks BK having a predetermined block length (# 13), backup identification information 70 of the file FL is generated (# 14), and the backup identification information 70 is written to the recording medium 2 as an HDR record. (# 15). Here, it is assumed that the file FL is divided into K blocks BK.

  The first block BK is read (# 16, # 17), and the encryption key KY used for encrypting the block BK is determined (# 18). The procedure of the determination process is as described above with reference to FIG. Using the determined encryption key KY, the block BK is encrypted (# 19) and written to the recording medium 2 (# 20).

  Thereafter, the second to Kth blocks BK are similarly encrypted by executing the processing of Steps # 17 to # 20, and writing to the recording medium 2 is performed. In this way, the file FL is stored in the recording medium 2 as the backup file FLB. Then, the recording medium 2 is conveyed to the Osaka branch.

  When the data management apparatus 1A becomes unusable due to a disaster or the like, the data management apparatus 1B in the Osaka branch restores the file FL in the procedure as shown in FIG. When the recording medium 2 is set in the magnetic tape device 15 (# 31), the backup identification information 70 of the HDR record of the backup file FLB is read from the recording medium 2 (# 32), and the first block BK is read (# 32). # 33, # 34). The encryption key KY used for decrypting the block BK is determined (# 35). The procedure of the determination process is as described above with reference to FIG.

  The block BK is decrypted using the determined encryption key KY (# 36). Thereafter, the second to Kth blocks BK are similarly decoded by executing the processes of steps # 34 to # 36. Further, every time the block BK is decoded, it is combined with the previous decoded block BK (# 37). By repeating decoding and combining in this manner, the backup file FLB stored in the recording medium 2 is restored to the data management device 1B as the file FL.

  Of course, the file FL can be restored to the data management apparatus 1A by executing the processing of FIG. 10 in the data management apparatus 1A.

  According to the present embodiment, the backup target file FL is divided into a plurality of blocks BK, and encryption is performed using different encryption keys KY for each block BK. Therefore, even if the encryption key KY is stolen, it is difficult to decrypt it, so that data can be backed up and stored more safely than before.

  Further, the combination pattern of the encryption keys KY is determined based on the attributes of the file FL and the block BK, and therefore differs for each file FL. Therefore, even if the combination of the encryption key KY of a certain file FL is known to another person, the combination of the encryption key KY of another file FL is not known, so that it is safe.

  In this embodiment, the file FL is backed up to the portable recording medium 2, but may be backed up to a magnetic disk device of another device via a network. In this case, when the hash value is obtained, the file name value of the file FL may be used as a hash function instead of the media ID. The value of the file name may be obtained, for example, by converting each character of the file name into a hexadecimal ASCII code and converting these total values into a decimal number.

  In this embodiment, a simple hash function such as equation (1) is used for the sake of simplicity of explanation, but a more complicated hash function may be used. Further, although the media ID, the backup date and time, and the block number are used as the parameters of the hash function, other attributes may be used.

  In the present embodiment, an encryption key management table TL1 as shown in FIG. 4 is prepared in advance, and is used for encryption and decryption of the block BK using a hash function that outputs one of the hash values 1 to N. Although the encryption key KY has been determined, a hash function that outputs a hash value with a certain number of digits may be prepared and the output hash value itself may be used as the encryption key KY.

  In the present embodiment, the common key cryptosystem is used, but a public key cryptosystem can also be used. In this case, a pair of public key and private key is registered in the encryption key management table TL1 for each key number. Then, when encrypting the block BK, one of the keys is used, and when decrypting the block BK, the other key may be used.

  11 is a diagram showing an example of the encryption key management table TL2, FIG. 12 is a flowchart for explaining a modification of the flow of backup processing, FIG. 13 is a diagram showing an example of backup identification information 70 ′, and FIG. FIG. 15 is a flowchart for explaining a modification of the flow of restore processing, and FIG. 16 is a diagram showing an example of the encryption key management table TL3.

  In this embodiment, the file FL is divided into blocks BK having a certain block length and encrypted. However, the block length may be changed for each block BK. In this case, an encryption key management table TL2 as shown in FIG. 11 is prepared instead of the encryption key management table TL1 in FIG. 4, and encryption is performed according to the procedure shown in FIG. A method of using the “block length adjustment value” will be described later.

  In FIG. 12, the data management device 1 determines a file FL to be backed up (# 51), and reads the file FL from the magnetic disk device 10d (# 52). Backup identification information 70 'as shown in FIG. 13 is generated (# 53), and this is written in the recording medium 2 as an HDR record (# 54). However, the backup identification information 70 ′ includes a “standard block length” that is a standard size of the block BK instead of the “block length”, as can be seen from comparison with the backup identification information 70 of FIG. . The value of the standard block length can be arbitrarily set according to the size of the file FL.

  “1” is set to the block counter CT (# 55). This block counter CT is used to indicate the block number of the block BK to be processed for encryption and writing to the recording medium 2.

  The encryption key KY used to encrypt the block BK having the block number indicated in the block counter CT is determined (# 56). The procedure of the determination process is as described above with reference to FIG. However, here, the value of the media ID of the recording medium 2 and the value of the epoch second of the backup date and time shown in the backup identification information 70 ′ are substituted into the parameters p1 and p2 of the hash function of the equation (1), respectively, A hash value is obtained by substituting the value of the block number indicated by the block counter CT into p3. Then, the encryption key KY is determined with reference to the encryption key management table TL2.

  Further, the block adjustment value having the same key number as the obtained hash value is extracted from the encryption key management table TL2 in FIG. 11, and the sum of this block adjustment value and the standard block length value is calculated. Then, the calculated sum is determined as the block length of the block BK having the block number indicated by the block counter CT (# 57). For example, when the calculated hash value is “4”, the block length is “50 M bytes + 1.5 M bytes = 51.5 M bytes”, and when it is “5”, “50 M bytes−0.5 M bytes”. = 49.5 Mbytes ”.

  The data for the block length determined in step # 57 is divided from the file FL, and this is used as the block BK having the block number indicated by the block counter CT (# 58). For example, if the hash value of the block number “1” is determined to be “4”, 51.5 Mbytes of data from the beginning of the file FL are extracted and divided as shown in FIG. When it is determined that the hash value of the block number “2” is “5”, 49.5 Mbytes of data from the head of the remaining file FL are extracted and divided. Similarly, when the block number is “3” or later, data is extracted from the remaining file FL and divided.

  The divided block BK is encrypted using the encryption key KY determined for the block in step # 56 (# 59) and written to the recording medium 2 (# 60). Then, “1” is added to the block counter CT (# 62), and the processing of steps # 56 to # 60 is performed until all the data included in the file FL is blocked, encrypted, and written to the recording medium 2. Execute.

  In this way, the file FL is backed up to the recording medium 2 as the backup file FLB.

  When restoring the file FL backed up to the recording medium 2, the data management device 1 executes the process according to the procedure shown in FIG.

  When the recording medium 2 is set in the magnetic tape device 15 (# 71), the backup identification information 70 'of the HDR record of the backup file FLB is read from the recording medium 2 (# 72). “1” is set to the block counter CR (# 73). This block counter CR is used to indicate the block number of the block BK to be decoded.

  The encryption key KY used for decrypting the block BK having the block number indicated in the block counter CR is determined (# 74). The procedure of the determination process is as described above with reference to FIG. However, here, as in the case of encryption, the values of the media ID and the backup date and time indicated in the backup identification information 70 ′ read from the recording medium 2 are respectively set in the parameters p1 and p2 of the hash function of the equation (1). The hash value is obtained by substituting the value of the epoch-second of, and substituting the value of the block number indicated by the block counter CR into the parameter p3. Then, the encryption key KY is determined with reference to the encryption key management table TL2 of FIG.

  Similarly to the case of encryption, a block adjustment value having the same key number as the obtained hash value is extracted from the encryption key management table TL2, and the block adjustment value and the standard block length value are extracted. By calculating the sum, the block length of the block BK having the block number indicated by the block counter CT is calculated (# 75).

  Data for the calculated block length is extracted from the backup file FLB, and this is used as a block BK having a block number indicated by the block counter CT (# 76). When the block number is “1”, data for the block length is extracted in order from the top of the backup file FLB. From the second onward, data is extracted in order from the beginning of the unextracted portion of the backup file FLB.

  The block BK obtained from the backup file FLB is decrypted using the encryption key KY determined in step # 74 (# 77). “1” is added to the block counter CR (# 80), and the second and subsequent blocks BK are similarly decoded by executing the processes of steps # 74 to # 77. Further, every time the block BK is decoded, it is combined with the previous decoded block BK (# 78). By repeating decoding and combining in this way, the backup file FLB stored in the recording medium 2 is restored to the data management apparatus 1 as the file FL.

  In the modification example of the encryption process and the decryption process described with reference to FIGS. 12 and 15, the standard block length is determined in advance, and the block length adjustment value (see FIG. 11) corresponding to the hash value obtained by the hash function is added. Then, the block length of the block BK is changed by increasing / decreasing the standard block length, but the block length may be changed by other methods. For example, without determining the standard block length, an encryption key management table TL3 as shown in FIG. 16 is prepared instead of the encryption key management table TL2. Then, in step # 57 of FIG. 12 and step # 75 of FIG. 15, the encryption key management table TL3 is referred to, and the “block length” of the key number having the same value as the hash value obtained in the encryption determination process is changed to block BK. The block length is determined.

  In the modification described with reference to FIGS. 12 and 15, the hash function for determining the encryption key KY of the block BK is shared when determining the block length, but a separate hash function for calculating the block length is prepared. You may keep it.

  The first block BK is encrypted and decrypted using the encryption key KY1 with the block length L1, and the second block BK is encrypted and decrypted using the encryption key KY2 with the block length L2. As described above, the block length and the encryption key KY to be used may be determined in advance for each block number.

  In addition, the configuration, processing contents, processing order, table contents, and the like of the entire data management apparatus 1 or each unit can be appropriately changed in accordance with the spirit of the present invention.

The following additional notes are disclosed with respect to the embodiment described above.
(Appendix 1)
Divide the data to be backed up into multiple blocks,
Each of the divided blocks is encrypted using different encryption keys,
Storing each encrypted block in a storage unit;
A data backup method characterized by the above.
(Appendix 2)
Divide the data to be backed up into multiple blocks,
For each of the divided blocks, an encryption key is determined based on the attribute of the block,
Encrypting the block using the determined encryption key;
Storing each encrypted block in a storage unit;
A data backup method characterized by the above.
(Appendix 3)
A data dividing means for dividing the data to be backed up into a plurality of blocks;
An encryption key determination unit that determines, for each of the divided blocks, an encryption key to be used for encryption based on an attribute of the block;
Encryption means for encrypting each block using an encryption key determined by the encryption key determination means for the block;
Storage processing means for storing the encrypted block in a storage unit;
A backup processing system comprising:
(Appendix 4)
Encryption key storage means for storing a plurality of encryption keys,
The encryption key determination means determines an encryption key to be used for encryption from among encryption keys stored in the encryption key storage means;
The backup processing system according to appendix 3.
(Appendix 5)
Block size determining means for determining the size of each block;
The data dividing means divides the data so that each block has a size determined by the block size determining means;
The backup processing system according to appendix 3 or appendix 4.
(Appendix 6)
Block reading means for reading out each of the encrypted blocks of the data from the storage unit;
A decryption key determination unit that determines an encryption key to be used for decryption for each read block based on the attribute of the block by the same determination method as the encryption key determination unit;
Decrypting means for decrypting each block using the encryption key determined by the decryption key determining means for the block;
Restore means for restoring the data based on the decrypted blocks;
The backup processing system according to any one of appendix 3 to appendix 5.
(Appendix 7)
The attribute of the block includes an identification number for identifying the block from other blocks,
The encryption key determining means determines an encryption key to be used for encrypting the block by substituting the value of the identification number of the block into a predetermined hash function,
The decryption key determination means determines an encryption key used for decrypting the block by substituting the value of the identification number of the block into the predetermined hash function.
The backup processing system according to appendix 6.
(Appendix 8)
A computer program used in a computer for backing up data to a storage unit,
A process of dividing the data into a plurality of blocks;
A process of encrypting each of the divided blocks using different encryption keys;
A process of storing each encrypted block in a storage unit;
A computer program for causing a computer to execute.

  The present invention is preferably used particularly when large-capacity data is backed up to a removable disk at high speed and safely.

It is a figure which shows the outline | summary of the external appearance of a data management apparatus, and data backup. It is a figure which shows the example of the hardware constitutions of a data management apparatus. It is a figure which shows the example of a functional structure of a data management apparatus. It is a figure which shows the example of an encryption key management table. It is a figure which shows the example of the division | segmentation of a file. It is a figure which shows the example of backup identification information. It is a flowchart explaining the example of the flow of an encryption key determination process. It is a figure which shows the example of the backup file preserve | saved at the recording medium. It is a flowchart explaining the example of the flow of a backup process. It is a flowchart explaining the example of the flow of a restore process. It is a figure which shows the example of an encryption key management table. It is a flowchart explaining the modification of the flow of a backup process. It is a figure which shows the example of backup identification information. It is a figure explaining the division | segmentation method of the file FL. It is a flowchart explaining the modification of the flow of a restore process. It is a figure which shows the example of an encryption key management table.

Explanation of symbols

1 Data management device (backup processing system)
2 Recording medium 102 File division unit (data division means)
104 Encryption key determination unit (encryption key determination means)
105 Encryption processing unit (encryption means)
106 Encryption block writing unit (storage processing means)
121 Encrypted block reading section (reading means)
123 Decryption key determination unit (Decryption key determination means)
124 Decoding processing unit (decoding means)
125 Decryption block combining unit (restoring means)
132 Encryption key management unit (encryption key storage means)
BK block FL file (data to be backed up)
KY encryption key

Claims (5)

Divide the data to be backed up into multiple blocks,
Each of the divided blocks is encrypted using different encryption keys,
Storing each encrypted block in a storage unit;
A data backup method characterized by the above. A data dividing means for dividing the data to be backed up into a plurality of blocks;
An encryption key determination means for determining an encryption key to be used for encryption based on an attribute of the block for each of the divided blocks;
Encryption means for encrypting each block using the encryption key determined by the encryption key determination means for the block;
Storage processing means for storing the encrypted block in a storage unit;
A backup processing system comprising: Encryption key storage means for storing a plurality of encryption keys,
The encryption key determination means determines an encryption key to be used for encryption from among encryption keys stored in the encryption key storage means.
The backup processing system according to claim 2. Block reading means for reading out each of the encrypted blocks of the data from the storage unit;
A decryption key determination unit that determines an encryption key to be used for decryption for each read block based on the attribute of the block by the same determination method as the encryption key determination unit;
Decrypting means for decrypting each block using the encryption key determined by the decryption key determining means for the block;
Restore means for restoring the data based on the decrypted blocks;
The backup processing system according to any one of claims 2 and 3. A computer program used in a computer for backing up data to a storage unit,
A process of dividing the data into a plurality of blocks;
A process of encrypting each of the divided blocks using different encryption keys;
A process of storing each encrypted block in a storage unit;
A computer program for causing a computer to execute.