JP2008017167A - Data processing system, data processor, instruction performing method, and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To make it hard to steal or alter data in case of a leakage of personal information. <P>SOLUTION: A key management table 127 contains a user ID and a secret key which are related to each other. A user information management table 122 contains encrypted personal information (transfer destination, password, etc.) and a user ID which are related to each other. A storage section 125 stores an instruction which shows processing contents of data and includes a user ID related to a user terminal to which data having been processed are to be transmitted. Equipment selectively performs predetermined instructions stored in the storage section 125. At this point, the encrypted personal information corresponding to the user ID included in an instruction is acquired from the table 122. A secret key corresponding to the user ID is acquired from the key management table 127. Then the encrypted personal information is decrypted with the secret key, and data obtained by performing the instructions are transmitted to the predetermined user terminal relating to the user ID by using the decrypted personal information. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a data processing system, a data processing device, an instruction execution method, and a program. More specifically, according to the present invention, when an instruction is executed by a device such as a scanner or a copier (data processing apparatus), encrypted personal information corresponding to the user identifier included in the instruction is acquired from the user information management table. A private key corresponding to the user identifier is acquired from the key management table, the encrypted personal information is decrypted with the private key, and the data obtained by executing the instruction using the decrypted personal information is transmitted to a predetermined user. The present invention relates to a data processing system or the like in which data eavesdropping and tampering are less likely to occur due to leakage of personal information by adopting a configuration for transmission to a terminal.

2. Description of the Related Art Conventionally, data obtained by executing instructions with a device (data processing apparatus) such as a scanner or a copier is transmitted to a predetermined user terminal connected to a network. In order to transmit data to a predetermined user terminal, personal information such as the name and password of the user terminal is required. However, such personal information is embedded in the instruction sheet.

For example, in Patent Document 1, a function of registering a scanned document in a PC (Personal Computer) connected to a network is realized by a job template (instruction). For example, in Patent Document 2, an applet having an electronic mail transmission / reception function (with encryption / decryption function) is defined as a workflow file (instruction). Further, for example, in Patent Document 3, in order to create a job definition sentence (XML), it is possible to easily create a repetitive process or the like by using a template for job definition (XML).
JP 2001-217980 A JP 2000-215120 A JP 2004-265101 A

  In Patent Document 1, when the folder name or address of the registration destination is changed, a function for changing the job template in conjunction with this is not provided.

  In Patent Document 2, data transmission / reception is said to be secure, but a secret key (or a common key) is required for encryption / decryption, and key distribution is not considered and secure. Is hard to say. Although it is difficult to decipher the transmission address by making it an applet, it is necessary to recreate the applet to change the transmission destination, and editing is very complicated.

  Further, in Patent Document 3, it is not considered to change the job definition after creation, and the user must directly update the job definition sentence.

  As described above, in the conventional workflow, when inputting the data transmission destination (file server, mail address, etc.), it is necessary to know the address of the transmission destination, the password and the like in advance. In other words, there is a problem that the password must be taught to the workflow editor and is not secure.

  An object of the present invention is to make it difficult for wiretapping and falsification of data.

The concept of this invention is
A data processing system in which a user terminal and a device for processing data are connected via a network,
The above equipment
A key management table associating a user identifier with a secret key;
An instruction document storage unit that stores at least an instruction document indicating a processing content of the data, including a user identifier related to a predetermined user terminal to which the processed data is to be transmitted;
A user information management table for storing the personal information used when transmitting data to the predetermined user terminal encrypted with the public key related to the predetermined user terminal and the user identifier related to the predetermined user terminal; ,
An instruction execution unit that selectively executes a predetermined instruction stored in the instruction storage unit;
The instruction execution unit, when executing the predetermined instruction,
Encrypted personal information corresponding to the user identifier included in the predetermined instruction is obtained with reference to the user information management table,
Obtaining a secret key corresponding to the user identifier included in the predetermined instruction by referring to the key management table;
Decrypt the acquired encrypted personal information with the acquired private key,
In the data processing system, the data obtained by executing the instruction is transmitted to a predetermined user terminal using the decrypted personal information.

  In the present invention, devices (data processing devices) such as multi-function machines, scanners, copiers, and personal computers that process data include a key management table and a user information management table. In the key management table, a user identifier and a secret key are stored in association with each other. In the user information management table, personal information (transfer destination, password, etc.) used when transmitting data to the predetermined user terminal encrypted with the public key associated with the predetermined user terminal, and the predetermined user terminal Are stored in association with each other.

  Registration of personal information in the user information management table can be performed by the user, for example, on the device (data processing apparatus) itself or on the user terminal. When registering personal information at the user terminal, the user terminal encrypts the personal information of the predetermined user terminal with the public key related to the predetermined user terminal, and stores the encrypted personal information and the predetermined user terminal. The user identifier is associated and registered in the user information management table of the device. Thus, by registering personal information with the user terminal, the user can easily register and change personal information.

  In addition, the device (data processing apparatus) includes an instruction sheet storage unit. This instruction sheet indicates the processing contents of the data, and includes at least a user identifier related to a predetermined user terminal to which the processed data is to be transmitted. This instruction can be accumulated by the user using, for example, the device (data processing apparatus) itself or the user terminal. When accumulating instructions in the user terminal, the user terminal creates an instruction and accumulates the instruction in the instruction accumulation unit of the device. As described above, by allowing the user terminal to accumulate the instruction sheet, the user can easily change the instruction sheet accumulation.

  A predetermined instruction stored in the instruction storage unit is selectively executed by the device (data processing apparatus). At this time, encrypted personal information corresponding to the user identifier included in the instruction sheet is acquired with reference to the user information management table. Further, a secret key corresponding to the user identifier included in this instruction is acquired with reference to the key management table. Then, the encrypted personal information is decrypted with the secret key, and the data obtained by executing the instruction using the decrypted personal information is transmitted to a predetermined user terminal.

  In this way, it is only necessary to include the user identifier associated with the predetermined user terminal to which the processed data is to be transmitted in the instruction sheet, and the encryption of the predetermined user terminal corresponding to the user identifier within the device (data processing apparatus). Personal information is decrypted with a private key and used, and no personal information is required when creating instructions. Also, since personal information is encrypted, data is stolen and altered due to leakage of personal information. Is unlikely to occur.

  According to the present invention, when an instruction sheet is executed by a device (data processing apparatus) such as a multifunction machine, a scanner, or a copier, the encrypted personal information corresponding to the user identifier included in the instruction sheet is stored from the user information management table. Obtaining a private key corresponding to the user identifier from the key management table, decrypting the encrypted personal information with the private key, and using the decrypted personal information to obtain the data obtained by executing the instructions E.g., data eavesdropping and alteration due to leakage of personal information are less likely to occur.

Hereinafter, embodiments of the present invention will be described with reference to the drawings. FIG. 1 shows a configuration of an information processing system 100 as an embodiment. In this information processing system 100, user terminals (personal computers) 101 and 102, and multifunction devices 103 to 105 including a scanner unit, a printer unit, a facsimile unit, and the like as devices (data processing devices) are connected to a network 106. Configured. User terminals 101 and 102 are user terminals used by users A and B, respectively.
Each of the multifunction peripherals 103 to 105 includes an instruction sheet storage unit that stores an instruction sheet indicating data processing contents. The instruction storage unit is configured by, for example, an HDD (Hard Disk Drive) (not shown) built in the multi-function peripherals 103 to 105. In the MFPs 103 to 105, it is possible to selectively execute a predetermined instruction stored in the instruction storage unit. That is, the multi-function peripherals 103 to 105 have an instruction form execution unit configured by a CPU (not shown).

  This instruction can be accumulated by the user operating the multifunction machine itself or by a user terminal. In the HDD (not shown) of the user terminals 101 and 102, an instruction book creation program 110 is installed. As shown in FIG. 2, the instruction creation program 110 includes an instruction creation / editing unit 111, a public key management table 112, a data input unit 113, and a data transmission unit 114.

  The data input unit 113 acquires a public key and a user identifier (ID: identification), and supplies the public key and ID to the instruction creation / editing unit 111. The data transmission unit 114 transmits the instruction created by the instruction creation / editing unit 111, data encrypted with the public key, and the like to the multi-function peripheral.

  As shown in FIG. 3, the public key management table 112 includes an ID, a public key, and a name. An ID is a unique number assigned throughout the system. The public key is a Base64-encoded version issued from a device, in this embodiment, a multifunction device. The user assigns a name that is easy to remember to the public key.

  The instruction book creation / editing unit 111 creates and edits the instruction book. FIG. 4 shows an example of the instruction sheet. At this time, the transfer destination part (the smb tag part in FIG. 4) in the instruction sheet is encrypted as necessary. The encryption method can be obtained by searching the public key management table 112 using the name as a key, so that the corresponding ID and public key can be obtained. Embed in the book (see FIG. 4).

  In addition, the instruction book management program 120 is installed in the HDD (not shown) of the multifunction peripherals 103 to 105. As shown in FIG. 5, the instruction management program 120 includes an instruction editing unit 121, a user information management table 122, a data input unit 123, a data transmission unit 124, an instruction storage unit 125, a key generation unit 126, a key management. It consists of a table 127.

  The data input unit 123 receives an instruction sheet, data encrypted with a public key, and the like from the user terminal. The data transmission unit 124 transmits the public key, ID, and the like to the user terminal that requests the public key and ID.

  As shown in FIG. 6, the user information management table 122 includes ID, public key, and personal information encrypted with the public key. The ID is a unique number assigned throughout the system as described above, and is the same ID as the public key management table 112 shown in FIG. The public key is Base64 encoded. The data encrypted with the public key is information in which the transfer destination, password, etc. of the smb transfer are encrypted. These transfer destination, password, and the like constitute personal information used when transmitting data to a predetermined user terminal.

  The instruction sheet editing unit 121 edits the instruction sheet. Editing operations are performed when the instruction is executed. Since the transfer destination part (smb tag part in FIG. 4) in the instruction sheet is encrypted with the public key, the encrypted data is referred to the user information management table 122 based on the corresponding ID. Obtain the corresponding secret key by referring to the key management table 127, and decrypt the encrypted data using this secret key.

  As shown in FIG. 7, the key management table 127 includes an ID, a public key, a secret key, and a user. The key generation unit 126 generates a public key and a secret key. The key generated by the key generation unit 126 is stored in the key management table 127 described above.

  The operation of the information processing system 100 shown in FIG. 1 will be described with reference to the flowchart shown in FIG. Here, (1) an operation of registering personal information such as a transfer destination and a password from the user terminal, for example, the user terminal 102 used by the user B, to the user information management table 122 of the multifunction device, for example, the multifunction device 105, (2) the user Operation of storing instructions in the instruction sheet storage unit 125 of a multifunction device, for example, the multifunction device 105, from the user terminal 101 used by the user A, for example, (3) Accumulation in the instruction sheet storage unit 125 by the multifunction device, for example, 105 An operation when selectively executing the predetermined instruction is described.

  The personal information registration operation (1) will be described. First, in step ST1, the user B operates the user terminal 102, and uses the authentication function of the multifunction device 105 to cause the multifunction device 105 to use the ID (Key-b) corresponding to the public key (Key-b) for the user B. Request and obtain ID-b). At this time, the MFP 105 refers to the key management table 127. If there is no corresponding key, the key generation unit 126 newly adds a secret key (Key-b ') for user B, a public key. (Key-b) and ID (ID-b) are newly created.

  Next, in step ST2, the user B operates the user terminal 102 to encrypt the personal information (transfer destination, password, etc.) of the user B with the public key (Key-b). In step ST 3, the user B operates the user terminal 102 to transmit the encrypted personal information of the user B together with the ID (ID-b) to the multi-function peripheral 105 and register it in the user information management table 122. To do.

  FIG. 9 shows the acquisition of the public key (Key-b) and ID (ID-b) from the MFP 105 of the user terminal 102, and the encrypted personal information and ID (ID-ID) to the MFP 105 of the user terminal 102. The state of registration in b) is shown.

  Note that, for example, when changing personal information such as a password, the user B operates the user terminal 102 and performs the above-described steps ST1 to ST3 again.

  In this way, the user B can easily register and change personal information and ID (ID-b) in the multi-function peripheral 105 by operating the user terminal 102.

  The instruction book accumulation operation (2) will be described. In step ST4, the user A acquires the public key (Key-b) and ID (ID-b) of the user B using means such as mail. In this case, for example, as shown in FIG. 10, the user B obtains the public key (Key-a) from the user A, and the user B uses the public key (Key-a) and the public key (Key-b) and The ID (ID-b) is encrypted and transmitted to the user A.

  Next, in step ST5, the user A operates the user terminal 101 to create an instruction sheet for transmitting data to the user terminal 102 of the user B. In this case, for the transmission destination (smb etc.) part, the public key (Key-b) and ID (ID-b) of the user B are used to create an instruction as shown in FIG. Here, the part of the transmission destination is encrypted with the public key (Key-b) and associated with the ID (ID-b). At this stage, it is only necessary to associate the ID (ID-b) with the transmission destination, and it is not necessary to encrypt the transmission destination with the public key (Key-b). That is, the transmission destination part may be empty data.

  Next, in step ST <b> 6, the user A operates the user terminal 101 to transmit the created instruction (DD-b) to the multi-function peripheral 105 and accumulate it in the instruction accumulation unit 125. In this case, the entire instruction (DD-b) may be encrypted with the public key (Key-a) of user A and transmitted to the multi-function peripheral 105.

  In the above-described step ST4, the user B's personal information is encrypted separately from the user B's user terminal 102 and transmitted to the user A's user terminal using the user B's public key (Key-b). Then, it may be embedded in the instructions as it is.

  In addition, the user A can also change and delete the instructions stored in the multifunction machine 105 using the user terminal 101.

  As described above, the user A can easily accumulate and change the instruction sheet in the multi-function peripheral 105 by operating the user terminal 101.

  The instruction form execution operation of (3) will be described. In step ST7, for example, the user A operates the multi-function device 105 to execute the instruction (DD-b) stored in the instruction storage unit 125. Next, when this instruction (DD-b) is executed, in step ST8, the multi-function peripheral 105 determines the figure from the ID (ID-b) of user B embedded in the instruction (DD-b). 11, the user B encrypted personal information is acquired with reference to the user information management table 122, and the secret key (Key-b ′) for the user B is acquired from the key management table 127 and encrypted. The decrypted personal information part is decrypted. Thereby, the multi-function device 105 can obtain personal information such as the transfer destination and password of the user B, and transmits the data obtained by executing the instruction to the user terminal 102 of the user B in step ST9.

  In the above-described operation, the case where the data obtained by executing the instruction (DD-b) in the MFP 105 is transmitted to the data terminal 102 of the user B has been described. The user terminal 101 can also be added. In that case, not only user B's ID (ID-b) but also user A's ID (ID-a) is embedded in the instruction sheet at step ST5. FIG. 12 shows an example of an instruction sheet in which the ID of user B (ID-b) and the ID of user A (ID-a) are embedded. As described above, when the user terminal 101 of the user A is added to the transmission destination, the secret key (Key-a ′) and the public key (Key-a) for the user A are also used in the series of processes described above. Become.

  As described above, according to the information processing system 100 illustrated in FIG. 1, for example, when the MFP 105 executes an instruction, the encrypted personal information (transfer destination, password, etc.) corresponding to the ID included in the instruction ) Is obtained from the user information management table 122 and a secret key corresponding to the ID is obtained from the key management table 127, the encrypted personal information is decrypted with the secret key, and the instruction form is decrypted using the decrypted personal information. Data obtained by execution is transmitted to a predetermined user terminal, and only the ID of the destination user terminal needs to be known at the time of creating the instruction, and the personal information related to the destination user terminal is known. It is not necessary, and it becomes difficult for eavesdropping and falsification of data due to leakage of encrypted personal information.

  In the above-described embodiment, the device (data processing device) is the multi-function peripheral 103 to 105. However, the device (data processing device) executes the instruction sheet, and the data obtained by the execution is displayed. Any device may be used as long as it can be sent to a predetermined user terminal, such as a scanner, a copier, or a personal computer.

  This invention makes it difficult for wiretapping and falsification of data due to leakage of personal information. Data obtained by executing instructions on a device such as a scanner or a copier (data processing device) is connected to a network. The present invention can be applied to a data processing system that transmits data to a predetermined user terminal.

It is a block diagram which shows the structure of the information processing system as embodiment. It is a block diagram which shows the structure of the instruction creation program installed in the user terminal. It is a figure for demonstrating the memory content of a public key management table. It is a figure which shows the example of an instruction document. It is a block diagram which shows the structure of the instruction book management program installed in the apparatus (data processing apparatus). It is a figure for demonstrating the memory content of a user information management table. It is a figure for demonstrating the memory content of a key management table. It is a flowchart for demonstrating personal information registration operation | movement, instruction | indication book accumulation | storage operation | movement, and instruction | indication book execution operation. It is a figure for demonstrating acquisition of the public key and registration of encryption personal information in personal information registration operation | movement. It is a figure for demonstrating transmission of the public key and ID from a data transmission destination to an instruction book creator in an instruction book accumulation operation. It is a figure for demonstrating acquisition of the encryption personal information based on ID embedded in the said instruction in the instruction execution operation. It is a figure which shows the example of the instruction document with which two ID which concerns on two transmission destinations was embedded.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 100 ... Information processing system 101, 102 ... User terminal, 103-105 ... Multifunction machine, 106 ... Network, 110 ... Instruction creation program, 111 ... Instruction creation / edit , 112 ... Public key management table, 113 ... Data input part, 114 ... Data transmission part, 120 ... Instruction book management program, 121 ... Instruction book editing part, 122 ... User Information management table 123... Data input unit 124... Data transmission unit 125. Instruction storage unit 126. Key generation unit 127 127 Key management table

Claims (8)

A data processing system in which a user terminal and a device for processing data are connected via a network,
The above equipment
A key management table associating a user identifier with a secret key;
An instruction document storage unit that stores at least an instruction document indicating a processing content of the data, including a user identifier related to a predetermined user terminal to which the processed data is to be transmitted;
A user information management table for storing personal information associated with data transmitted to the predetermined user terminal encrypted with a public key related to the predetermined user terminal and a user identifier related to the predetermined user terminal in association with each other; ,
An instruction execution unit that selectively executes a predetermined instruction stored in the instruction storage unit;
The instruction execution unit, when executing the predetermined instruction,
Encrypted personal information corresponding to the user identifier included in the predetermined instruction is obtained with reference to the user information management table,
Obtaining a secret key corresponding to the user identifier included in the predetermined instruction by referring to the key management table;
Decrypt the acquired encrypted personal information with the acquired private key,
A data processing system, wherein data obtained by executing the instruction is transmitted to a predetermined user terminal using the decrypted personal information. The user terminal is
The personal information of the predetermined user terminal is encrypted with the public key associated with the predetermined user terminal, and the encrypted personal information and the user identifier associated with the predetermined user terminal are associated with each other in the user information management table of the device. The data processing system according to claim 1, further comprising a personal information registration unit for registration. The user terminal is
The data processing system according to claim 1, further comprising an instruction creation / storage unit that creates the instruction and stores the created instruction in the instruction storage unit of the device. A data processing apparatus used by being connected to a network to which a user terminal is connected,
A key management table associating a user identifier with a secret key;
An instruction document storage unit that stores at least an instruction document indicating a processing content of the data, including a user identifier related to a predetermined user terminal to which the processed data is to be transmitted;
A user information management table for storing personal information associated with data transmitted to the predetermined user terminal encrypted with a public key related to the predetermined user terminal and a user identifier related to the predetermined user terminal in association with each other; ,
An instruction execution unit that selectively executes a predetermined instruction stored in the instruction storage unit;
The instruction execution unit, when executing the predetermined instruction,
Encrypted personal information corresponding to the user identifier included in the predetermined instruction is obtained with reference to the user information management table,
Obtaining a secret key corresponding to the user identifier included in the predetermined instruction by referring to the key management table;
Decrypt the acquired encrypted personal information with the acquired private key,
A data processing apparatus, wherein data obtained by executing the instruction is transmitted to a predetermined user terminal using the decrypted personal information. A personal information writing unit that writes the encrypted personal information of the predetermined user terminal and the user identifier related to the predetermined user terminal, which are transmitted from the predetermined user terminal, in association with the user information management table of the device; The data processing apparatus according to claim 4, further comprising: The data processing apparatus according to claim 4, further comprising: an instruction writing unit that writes the instruction sent from a predetermined user terminal into the instruction storing unit. A key management table that is used by being connected to a network to which a user terminal is connected and associates a user identifier with a secret key, and includes at least a user identifier related to a predetermined user terminal to which processed data is to be transmitted. An instruction storage unit that stores an instruction indicating processing contents, personal information used when transmitting data to the predetermined user terminal encrypted with a public key associated with the predetermined user terminal, and the predetermined user In a data processing apparatus comprising a user information management table that stores a user identifier associated with a terminal, a method for executing a predetermined instruction stored in the instruction storage unit,
A data processing step for processing data according to the processing content of the predetermined instruction;
A personal information acquisition step of acquiring encrypted personal information corresponding to a user identifier included in the predetermined instruction with reference to the user information management table;
A secret key acquisition step of acquiring a secret key corresponding to the user identifier included in the predetermined instruction with reference to the key management table;
A decryption step of decrypting the encrypted personal information acquired in the personal information acquisition step with the secret key acquired in the secret key acquisition step;
A data transmission step of transmitting data obtained by processing in the data processing step using the personal information decrypted in the decryption step to a predetermined user terminal. A key management table that is used by being connected to a network to which a user terminal is connected and associates a user identifier with a secret key, and includes at least a user identifier related to a predetermined user terminal to which processed data is to be transmitted. An instruction storage unit that stores an instruction indicating processing contents, personal information used when transmitting data to the predetermined user terminal encrypted with a public key associated with the predetermined user terminal, and the predetermined user In a data processing apparatus comprising a user information management table associated with a user identifier related to a terminal, in order to execute a predetermined instruction stored in the instruction storage unit,
A data processing step for processing data according to the processing content of the predetermined instruction;
A personal information acquisition step of acquiring encrypted personal information corresponding to a user identifier included in the predetermined instruction with reference to the user information management table;
A secret key acquisition step of acquiring a secret key corresponding to the user identifier included in the predetermined instruction with reference to the key management table;
A decryption step of decrypting the encrypted personal information acquired in the personal information acquisition step with the secret key acquired in the secret key acquisition step;
In order to cause a computer to execute an instruction form execution method including a data transmission step of transmitting data obtained by processing in the data processing step to the predetermined user terminal using the personal information decrypted in the decryption step Program.

Images