JP2009021739A - Encryption unit, and portable device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a technology capable of improving security in various portable devices while suppressing cost increase as much as possible. <P>SOLUTION: In an encryption unit 100, a random number generator 37 generates a random number. A microcomputer 43 includes an encryption function for encrypting data and a decryption function for decoding data using an encryption key formed based on the random number generated by the random number generator 37. A USB (Universal Serial Bus) plug 31 is connected to a computer machine for transmitting and receiving data in an attachment and detachment enable fashion. A USB connector 38 is connected in an attachment and detachment enable fashion to a first option unit chosen from a plurality of kinds of option units, which can add a function different from the encryption unit 100 by connecting with the encryption unit 100. The microcomputer 43 directs an encryption/decryption means to encrypt data inputted from the computer machine connected to the USB plug 31. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to an encryption unit capable of encrypting data and a portable device including the same, and more particularly to a portable device in which a plurality of functions are unitized.

  In recent years, non-volatile flash memory devices that are used by connecting to a USB (Universal Serial Bus) connector, which is a standard interface of a computer, have become widespread. Various methods for protecting files in the flash memory device by encryption or the like have been proposed.

For example, Patent Document 1 discloses a portable storage medium such as a flash memory or a smart medium, an SD card, a micro-media card, etc., in which other people cannot access the stored data unless the password entered from the outside is correct. An adapter for a storage medium connected to the above is disclosed. Further, in the conventional file protection system as described above, authentication is performed by inputting a password from a keyboard or the like for file protection.
Japanese Patent Laid-Open No. 2004-211956

  Incidentally, the flash memory is not only used for carrying a file like a USB memory, but also used for storing audio data and image data in a portable device such as a voice recorder or a digital camera. Even in such a portable device, it is necessary to protect the stored audio data and image data by encryption or the like depending on the application. However, in such a case, it is necessary to provide the portable device with a function for performing encryption, which causes an increase in cost. In particular, when a plurality of types of portable devices are owned in accordance with the purpose, the overall cost increase is greater.

  On the other hand, in recent years, with the demand for higher functionality of electronic devices, there are some devices in which a plurality of functions are provided. And in connection with it, the size of an apparatus may enlarge and cost may become high. However, necessary functions differ depending on the user, and some functions are not used at all even if a plurality of functions are provided in one apparatus. In the case of such a device, an unnecessary function for the user is added, and thus the size of the device is unnecessarily increased and the cost is increased.

  The present invention has been made in view of such circumstances, and an object of the present invention is to provide a technique capable of increasing security in various portable devices while suppressing an increase in cost as much as possible.

  In order to solve the above-described problems, an encryption unit according to an aspect of the present invention is configured to be detachable from a computer device, and encrypts data output from the computer device and decrypts the encrypted data. An encryption unit that can output to a computer device, a random number generating means for generating a random number, an encryption function for encrypting data with an encryption key generated based on the random number generated by the random number generating means, Encryption / decryption means having a decryption function for decrypting data, a first connection unit detachably connected to the computer device, and a computer device connected to the first connection unit The data is encrypted by the encryption / decryption means, and the encrypted data is decrypted by the encryption / decryption means under a predetermined condition. And a second connection in which a first option unit selected from a plurality of types of option units that can be added to a function different from that of the encryption unit by being connected to the encryption unit is detachably connected A section.

  According to this aspect, by attaching an encryption unit to a computer device such as a personal computer or a server, data input from the computer device can be encrypted and decrypted under a predetermined condition. Moreover, the 1st option unit which can add a function different from an encryption unit can be connected to a 2nd connection part so that attachment or detachment is possible. Here, the option unit is a unit in which various functions requested by the user can be individually united and selected.

  The second connection part may have a shape in which a connection part provided at one end of the first option unit and having the same shape as the first connection part is detachable. The first connection unit is detachably connected to a second option unit selected from a plurality of types of option units that can be added to a function different from the encryption unit by being connected to the encryption unit. May be provided. The control means causes the encryption / decryption means to encrypt data input from the second option unit connected by the first connection unit, and the encrypted data is transmitted under a predetermined condition. The encryption / decryption means may decrypt the data. Further, the control means may enable cooperation of functions of the encryption unit and the first option unit. Thereby, since the encryption unit can detachably connect a plurality of option units having different functions from the encryption unit, the combination of the units can have variations. Further, not only computer equipment but also data input from the second option unit can be encrypted.

  Device authentication means for authenticating the computer device may be further provided. Here, the device authentication means may be configured to authenticate the first option unit and the second option unit in addition to or instead of the computer device. When the device authentication unit authenticates the computer device, the control unit may cause the encryption / decryption unit to decrypt the data encrypted by the encryption / decryption unit. As a result, the encrypted data is decrypted when the connected computer device or option unit is authenticated, so that the security of the data can be improved.

  Another aspect of the present invention is a portable device. The apparatus includes an encryption unit and the first option unit connected to a second connection unit of the encryption unit. According to this aspect, the portable device can be provided by connecting the first option unit having a function desired by the user to the encryption unit. Therefore, the apparatus size can be increased and the cost can be increased by providing an unnecessary function. Can be suppressed. The first option unit is, for example, any one of a memory unit that stores encrypted data, an authentication unit that acquires authentication data from a user, and an application unit that stores an application used in the computer device. It may be.

  The first option unit is detachably connected to a third connection unit detachably connected to the encryption unit and a third option unit selected from a plurality of types of option units having different functions. A fourth connecting portion. As a result, the first option unit can connect not only the encryption unit but also the third option unit.

  You may further provide the said 3rd option unit connected to the said 4th connection part. The third option unit may be a unit different from the unit selected as the first option unit among the memory unit, the authentication unit, and the application unit. Thereby, a portable apparatus provided with two option units having different functions apart from the encryption unit can be provided. Further, by providing a plurality of option units having different functions, it is possible to realize a portable device having various functions required by the user.

  The third option unit is detachably connected to a fifth connection unit detachably connected to the first option unit and a fourth option unit selected from a plurality of types of option units having different functions. A sixth connecting portion. The fourth option unit connected to the sixth connection portion may further be provided. The fourth option unit may be a unit different from the unit selected as the first option unit and the third option unit among the memory unit, the authentication unit, and the application unit. . Thereby, a portable apparatus provided with three option units having different functions apart from the encryption unit can be provided. Further, by providing a plurality of option units having different functions, it is possible to realize a portable device having various functions required by the user. Examples of such a portable device include a memory unit, an authentication unit, and an application unit as optional units, so that the portable device can be connected to a computer device to use an application, or the encryption stored in the memory unit. When the digitized data is read, the user can be authenticated by the authentication unit.

  You may further provide the 2nd option unit connected to the 1st connection part of the said encryption unit. The second option unit has a seventh connection unit detachably connected to the encryption unit and an eighth connection unit detachably connected to the computer device, and is activated by the computer device. It may be a unit equipped with an operating system configured as described above. As a result, when the portable device is used by connecting it to a computer device, the OS stored in the unit can be used instead of the operating system (OS) of the computer device, and the computer device is infected with a virus. Less affected.

  Yet another aspect of the present invention is also a portable device. This apparatus includes an encryption unit, a fifth option unit connected to the encryption unit and having A / D conversion means capable of converting analog data into digital data, and encryption performed by the encryption / decryption means. Storage means for storing the digital data. According to this aspect, analog data can be encrypted and stored in the storage means, so that security of not only data generated in a computer device but also various data can be improved. The storage unit may be, for example, a flash memory provided in the encryption unit or the fifth option unit, or a memory unit connected to the encryption unit.

  The fifth option unit includes a voice recorder unit having an A / D conversion means capable of converting an audio signal from analog data to digital data and a D / A conversion means capable of converting digital data to analog data, and analog image signals. Digital camera unit having A / D conversion means capable of converting data to digital data, A / D conversion means capable of converting audio signals and / or image signals from analog data to digital data, and conversion from digital data to analog data Any of the communication units having a D / A conversion means. Thereby, the voice recorded by the voice recorder, the image taken by the digital camera unit, or the voice or image in the telephone unit are encrypted and stored in the storage means as digital data. Therefore, security can be enhanced for these data.

  When the storage means is a memory unit connected to the encryption unit, the memory unit is connected to a second connection portion of the encryption unit, and a voice recorder unit or a digital camera as the fifth option unit The unit may be connected to a first connection of the encryption unit. The control unit of the encryption unit may encrypt the digital data converted by the A / D conversion unit with the encryption / decryption unit and store the encrypted data in the storage unit. Thereby, analog data acquired by a voice recorder or a digital camera is converted into digital data by the A / D conversion means, and the digital data is encrypted by the encryption unit and stored in the storage means. The interface can be simplified.

  Yet another aspect of the present invention is an encryption unit. This unit is a unit for processing encryption and decryption of data on the computer as a device to be used by connecting to an external input port of the computer, and comprises a random number generating means for generating a random number, and an encryption based on the random number. Encryption / decryption means having functions of encryption processing and decryption processing using a key, a first connection unit detachably connected to an external input port of the computer, for example, a USB port, and the first The encryption / decryption means encrypts the data input from the computer that is the connection destination of the connection unit, and the encrypted data is decrypted by the encryption / decryption means under a predetermined condition. And a control means for converting the control means. The encryption unit further comprises a second connection configured to add the different function to the encryption unit when an option unit having a function different from that of the encryption unit is connected. The functions of the encryption unit and the option unit can be linked.

  A plug and socket having the same shape as the first connection portion and the second connection portion can be obtained by giving the second connection portion a socket shape in which a plug having the same shape as the first connection portion can be attached and detached. It is preferable that the plurality of optional units and the encryption unit be connected in a daisy chain. The control means may control functions in the option unit.

  According to the present invention, it is possible to increase security in various portable devices while suppressing an increase in cost as much as possible.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. In the description of the drawings, the same elements are denoted by the same reference numerals, and repeated descriptions are omitted as appropriate. Moreover, the structure described below is an illustration and does not limit the scope of the present invention at all.

(First embodiment)
The portable device according to the present embodiment is a device that can be carried and carried, represented by a USB memory. The portable device includes a single unit or a plurality of connected optional units, and is configured by a unit selected according to a user's request from a plurality of types of optional units having different functions. Examples of such optional units include the following units depending on functions. Each unit is provided with a plug and a socket so that they can be detachably connected to each other.

{Encryption unit}
FIG. 1 is a block diagram showing a schematic configuration of the encryption unit 100. As shown in FIG. 1, the encryption unit 100 includes a USB plug 31, a USB controller 33, a USB host controller 36, a random number generator 37, a USB connector 38, a timer 39, a battery 41, and a microcomputer 43. In the encryption unit 100, data input / output between the microcomputer 43 and other external optional units, and data output from the random number generator 37 to the microcomputer 43 are transmitted in a secure state. That is, these data cannot be monitored from the outside of the encryption unit 100. Further, the microcomputer 43 is a tamper-resistant module, and processing and data in the microcomputer 43 cannot be monitored from the outside and cannot be tampered with.

  The USB plug 31 is detachably connected to the USB connector of the USB interface 21 of the computer 10 shown in FIG. The USB controller 33 controls the microcomputer 43 to communicate via the USB plug 31 based on the USB protocol. Note that the USB plug 31 is connected to the encryption unit 100 instead of the USB connector of the computer device, so that the USB plug 31 of another unit selected from a plurality of types of option units that can add functions different from the encryption unit 100 can be added. The connector is configured to be detachable. The USB connector 38 is also configured to be detachable from a unit selected from a plurality of types of option units that can be connected to the encryption unit 100 to add functions different from the encryption unit 100. This makes it possible to encrypt data input from various option units as well as computer equipment. The USB host controller 36 also controls the microcomputer 43 to communicate based on the USB protocol via the USB connector 38. Such USB controller 33 and USB host controller 36 are commercially available.

  As the random number generator 37 as the random number generating means, for example, a device that generates a natural random number using a weak radioactive ray source and a sensor as disclosed in Japanese Patent No. 2926539 can be used. In addition, you may use the random number generator by the hardware of another system, or the random number generator which has a function which generate | occur | produces a pseudorandom number with software. The timer 39 has a timekeeping function including, for example, a crystal oscillator, is backed up by the battery 41, and is configured to continue operation even when the encryption unit 100 is disconnected from the computer 10 and power is not supplied from the USB plug 31. Has been.

  The microcomputer 43 is a well-known one-chip computer including a CPU, RAM, ROM, flash memory, external interface port (bus), and the like. The microcomputer 43 is connected to the USB controller 33, the USB host controller 36, the random number generator 37, and the timer 39, and the built-in CPU executes a program stored in the ROM. The processing of the microcomputer 43 described in the present embodiment is executed based on the above program. The ROM also stores a serial number unique to the microcomputer 43.

  The microcomputer 43 has encryption / decryption means and control means. The encryption / decryption means is an encryption key generated based on the random number generated by the random number generation means, an encryption function for encrypting data stored in a flash memory such as a memory unit described later, and encryption in the flash memory And having a decoding function for decoding the stored data. The control means has a control function for comprehensively controlling the operation of the encryption unit 100 and the option unit connected to the encryption unit 100, and from a computer device or an option unit connected to the USB plug 31 or the USB connector 38. The input data is encrypted by the encryption / decryption means.

  File management information is stored in the flash memory in the microcomputer 43 shown in FIG. As file management information, for example, the name (file name) of data (file) stored in flash memory such as a memory unit or voice recorder unit described later, file size, file storage address in the flash memory, file update date, There are an encryption method, an encryption key, a decryption condition, update history information and the like of data stored in the flash memory. Decryption conditions include a decryption permission period, a decryption permission time limit, the number of decryption permission times, necessity of deletion in the case of expiration, etc., processing at the time of unauthorized use, and the like.

{Memory unit}
FIG. 3 is a block diagram showing a schematic configuration of the memory unit 200. As shown in FIG. 3, the memory unit 200 includes a USB plug 102, a USB 2-port HUB 104, a flash memory controller 106, a flash memory 108, and a USB connector 110. The memory unit 200 can store the data encrypted in the encryption unit 100 in the flash memory 108 in a state where the USB plug 102 and the USB connector 38 of the encryption unit 100 are detachably connected. In the memory unit 200, data input / output between the flash memory 108 and the microcomputer 43 of the encryption unit 100 is transmitted in a secure state. That is, these data cannot be monitored from the outside of the memory unit 200.

  The USB plug 102 is connected to, for example, the USB connector 38 of the encryption unit 100 shown in FIG. The USB connector 110 is configured to be connectable to a USB connector of another unit selected from a plurality of types of option units having different functions. The flash memory controller 106 performs an operation of writing and reading an encrypted file (data) to the flash memory 108 based on an instruction from the microcomputer 43. The flash memory controller 106 stores a serial number unique to the memory unit 200. The flash memory 108 stores the encrypted file. The USB 2-port HUB 104 is a branching device for enabling data transmission not only with the flash memory 108 but also with other option units connected to the USB connector 110.

{Biometric authentication unit}
FIG. 4 is a block diagram showing a schematic configuration of the biometric authentication unit. As shown in FIG. 4, the biometric authentication unit 300 includes a USB plug 202, a USB 2-port HUB 204, a USB controller 206, a microcomputer 208, a fingerprint sensor 210, and a USB connector 212. For example, the USB plug 202 is detachably connected to the USB connector 110 of the memory unit 200 shown in FIG. The USB 2-port HUB 204 is a branching device for enabling data transmission not only with the microcomputer 208 but also with other option units connected to the USB connector 212. The USB controller 206 controls the microcomputer 208 to communicate based on the USB protocol via the USB plug 202. The microcomputer 208 collates the acquired biometric data with biometric data registered in advance in a storage area such as its own ROM, and outputs an authentication result to the outside. The USB connector 212 is provided so as to be connectable to another unit selected from a plurality of types of option units having different functions.

  For example, when the encryption unit 100 is connected directly or indirectly, the biometric authentication unit 300 acquires biometric data using the fingerprint sensor 210 based on an instruction from the microcomputer 43 of the encryption unit 100. To do. Then, the microcomputer 208 compares the biometric data stored in advance with the acquired biometric data, and authenticates the authorized user. Note that the biometric authentication unit 300 according to the present embodiment can authenticate the biometric data of a legitimate user in the microcomputer 208 in advance, so that the biometric authentication unit 300 alone can be authenticated. Even if biometric data is stored in the device, the user can be authenticated.

  For example, when the encryption unit 100 is directly or indirectly connected to the biometric authentication unit 300, the microcomputer 43 of the encryption unit 100 uses the biometric data acquired from the biometric authentication unit 300 and the flash memory of the microcomputer 43. Alternatively, the authentication result may be output by collating with storage means such as the flash memory 108 of the connected memory unit 200 or biometric data registered (stored) in the server 4 in advance. In addition to the fingerprint, examples of the living body to be authenticated include a blood vessel (vein) pattern, an eye glow pattern, and the like. In this case, a sensor that can acquire each biological data may be used instead of the fingerprint sensor 210. Further, only one user may be registered as biometric data, or a plurality of users may be registered.

{Operating system unit}
An operating system unit (hereinafter referred to as an OS unit) is a unit that stores an OS different from an operating system (hereinafter referred to as an OS) installed in a connected computer device, and is activated by the connected computer device. It is configured as follows. The schematic configuration of the OS unit is substantially the same as that of the memory unit 200 described above. However, the difference is that the OS is stored in the flash memory 108 shown in FIG. Thereby, a portable device provided with an OS unit can be connected to a computer device, and the device or unit can be used using an OS different from the OS installed in the computer device. Further, even if the computer device is infected with a virus, it is possible to prevent the portable device from being affected. As a result, the security of the portable device can be improved. Further, the type of OS stored in the OS unit may be the same type as the OS installed in the computer device to be connected, but more preferably, it is different. Thereby, even if the computer device connected to the portable device is infected with a virus, the possibility of being affected by the virus can be further reduced.

{Application unit}
The application unit is a unit that stores application software selected corresponding to the user to use. The schematic configuration of the application unit is substantially the same as the memory unit 200 described above. However, the point that an application is stored in the flash memory 108 shown in FIG. By connecting the portable device provided with the application unit to the computer device, it is not necessary to install an application to be used for each computer device. Further, it is possible to avoid a reduction in the memory capacity of data in the memory unit 200 as compared with the case where the application is stored in the flash memory 108 of the memory unit 200. Further, versatility can be maintained as compared with the case where the application is stored in the flash memory of the OS unit.

Next, some examples of uses and operations of the portable device in which functions required by the user are selected and combined from the above-described optional units will be described.
At this time, as shown in FIG. 5, the portable device 6 exemplified below is assumed to constitute the data processing system 1 with the computer 10 and the server 4.
Here, as shown in FIG. 2, the computer 10 is a personal computer having a well-known configuration including a USB connector that is a well-known interface, and is connected via a bus 20 to a USB interface 21, a display 22, and an operation. Unit 23, memory 24, network interface 25, and processing circuit 26.

The server 4 includes, for example, an authentication server, a file server, a content management server, a gateway server, and a history database. The authentication server manages user information and authority. FIG. 6 shows a schematic configuration of this authentication server. As shown in FIG. 6, the authentication server 460 includes a network interface 451, an operation unit 452, a memory 453, a USB interface 454, a random number generator 455, and a processing circuit 457 connected via a bus 450. As with the random number generator 37, the random number generator 455 can use, for example, a device that generates a natural random number using a weak radioactive ray source and a sensor as disclosed in Japanese Patent No. 2926539. . It should be noted that the present invention can also be implemented using a random number generator based on other types of hardware or a pseudo random number generation function based on software. The file server stores a file created by the user. The content management server manages usage authority and automatic processing settings for files. The gateway server executes file encryption / decryption processing using an encryption key in communication with an arbitrary computer. The history database stores and manages the history of users and files.
The server 4 and the computer 10 can communicate with each other via an arbitrary communication network 9 such as the Internet, a LAN (Local Area Network), and a data communication line.

<Encryption unit alone>
An example of operation when the encryption unit 100 is used alone as a portable device will be described. The portable device executes the following initial operation when a user issues a request to start an application to the computer 10 on which the portable device is mounted. That is, when the USB plug 31 of the encryption unit 100 is inserted into the USB connector of the USB interface of the computer 10, an OS (Operating System) executed by the computer 10 connects the encryption unit 100 as a portable device to a normal USB. Like a memory device, it is recognized as an external device and assigned a drive.

  When the OS of the computer 10 is Windows (registered trademark) XP, for example, a drive corresponding to the portable device 6 is allocated in a folder of My Computer. Then, when the user double-clicks the icon assigned to the drive of the portable device 6 based on the screen displayed on the display of the computer 10, the microcomputer 43 of the encryption unit 100 performs user authentication processing. An example of the user authentication process is a mode in which the user inputs an ID and password, and the microcomputer 43 determines whether the input ID and password match data registered in advance.

  If the result of the user authentication process is OK (when it is determined that the user is a valid user), the microcomputer 43 transmits the information to the computer 10. The computer 10 authenticates that the user is a valid user based on the transmitted information, and permits use of the computer 10 and access to the server 4 that can communicate with the computer 10 via the communication network 9. Thereby, since use of the computer 10 and access to the server 4 can be limited to authorized users, unauthorized use of the computer 10 and unauthorized access to the server 4 can be prevented. In addition, since such authentication can be realized by the portable device 6 that is easy to carry, even in an environment where many users use a plurality of computers, it is not necessary to register a legitimate user for each computer. .

<Encryption unit + memory unit>
An example of operation when the memory unit 200 is connected to the encryption unit 100 as the portable device 6 will be described. Note that the description of user authentication is the same as in the case of the encryption unit 100 alone, and is omitted.

  The portable device 6 includes an encryption unit 100 and a memory unit 200 selected from a plurality of types of option units having different functions connected to the USB connector 38 of the encryption unit 100. That is, the USB plug 102 of the memory unit 200 is inserted into the USB connector 38 of the encryption unit 100. Therefore, the portable device 6 can connect the memory unit 200 to the encryption unit 100 when the user desires, and can remove the memory unit 200 when the user does not need it, so that the storage capacity of the storage area of the encryption unit 100 can be removed. For users who do not need a storage capacity enough to connect a memory unit, it is possible to suppress an increase in device size and cost due to the provision of functions.

  When the portable device 6 is connected to the computer 10, the USB plug 31 of the encryption unit 100 is inserted into the USB connector of the computer 10. When the authentication by the portable device 6 is performed as described above, the subsequent use of the computer 10 is permitted, and the file data stored in the computer 10 can be stored in the memory unit 200. More specifically, when a user operates the computer 10 to copy desired file data to the portable device 6, the file data is encrypted by the microcomputer 43 of the encryption unit 100 and stored in the flash memory 108 of the memory unit 200. Remembered.

  Further, when the user operates the computer 10 to read the file data stored in the portable device 6 or copy it to the computer 10, the encrypted file data is stored only when a valid user is authenticated. The data is decrypted by the microcomputer 43 and read into the computer 10. As a result, it is possible to prevent the data stored in the portable device 6 from being illegally copied to the computer and to prevent the contents from being decoded even if the file data is accessed. In addition, since the memory unit 200 can be separated from the encryption unit 100, the portable device 6 can be easily replaced with a memory unit 200 having a memory capacity required by the user. As a result, users who often carry large amounts of data choose a large memory unit, and users who carry only a minimum amount of data choose a standard or small capacity memory unit as an encryption unit. By combining them, a portable device having an optimal function can be created.

<Encryption unit + Memory unit + Authentication unit>
FIG. 7 is a schematic diagram illustrating an example of a portable device according to the present embodiment. As described above, the user can be authenticated by the ID / password only with the encryption unit 100, but the security can be further improved by combining the biometric authentication unit 300. Therefore, an operation example in the case where the encryption unit 100, the memory unit 200, and the biometric authentication unit 300 are connected and used as the portable device 6 as shown in FIG. 7 will be described. Note that the description of user authentication using an ID or password is the same as that for the encryption unit 100 alone, and thus will be omitted in the following various combinations of portable devices.

  The memory unit 200 includes a USB plug 102 detachably provided with the encryption unit 100, a biometric authentication unit 300 selected from a plurality of types of option units having different functions, and a USB connector 110 provided detachably. Have. Thereby, the memory unit 200 can connect not only the encryption unit 100 but also the biometric authentication unit 300. In the portable device 6, the USB plug 102 of the memory unit 200 is inserted into the USB connector 38 of the encryption unit 100, and the USB plug 202 of the biometric authentication unit 300 is inserted into the USB connector 110 of the memory unit 200. Is. Here, each unit includes a rectangular parallelepiped housing, and a plurality of option units and the encryption unit 100 can be connected in a daisy chain by giving each connector a socket shape to which each plug can be attached and detached.

  When the portable device 6 is connected to the computer 10, the USB plug 31 of the encryption unit 100 is inserted into the USB connector of the computer 10. Here, the authentication by the portable device 6 is performed by collating the data acquired by the fingerprint sensor 210 of the biometric authentication unit 300 with the biometric data of a legitimate user stored in advance. As a result, unauthorized users who know the ID and password can be prevented from being authenticated by the portable device 6, and unauthorized use of the computer 10 and unauthorized access to the server 4 can be prevented. The portable device 6 may not include the memory unit 200 if only the authentication function is required. Further, if the storage capacity of the storage area of the encryption unit 100 is sufficient, the memory unit 200 may not be provided.

<Encryption unit + Memory unit + OS unit>
The portable device 6 may include an OS unit instead of the biometric authentication unit 300 of the portable device 6 shown in FIG. In this case, the OS unit is connected to the USB plug 31 of the encryption unit 100. The OS unit includes a USB connector (not shown) provided to be detachable from the encryption unit 100 and a USB plug provided to be detachable from the computer 10. Then, the OS of the OS unit is activated by the connected computer 10, and the encryption unit 100 is recognized by this OS.

  Accordingly, the user can perform an operation using an OS different from the OS stored in the computer 10 to which the portable device 6 is connected. For example, even if the OS of the computer 10 is infected with a virus, the user can save it. File data to be affected can be suppressed. In addition, the portable device 6 is very convenient because it is easy to carry as compared with the case where a CD-ROM storing the OS is used, and the data created by the OS of the OS unit can be carried at the same time by providing the memory unit 200. is there.

<Encryption unit + Memory unit + Application unit>
The portable device 6 may include an application unit instead of the biometric authentication unit 300 of the portable device 6 shown in FIG. In this case, the USB plug of the application unit is inserted into the USB connector 110 of the memory unit 200.

  Thereby, even if the user does not store necessary applications in the computer 10 to which the portable device 6 is connected, the user can perform operations using the application software stored in the application unit. Further, as compared with the case where application software is stored in the memory unit 200, it is not necessary to reduce the data storage capacity in the memory unit 200. In other words, a large number of application software can be stored by storing the application software in an application unit separate from the memory unit 200. In such a portable device, the user appropriately selects an application unit in which application software necessary for the user is stored and a memory unit having a storage capacity necessary for storing file data created by use. Therefore, an increase in cost due to the addition of unnecessary functions can be suppressed. For example, since drawing software for creating and converting images tends to increase the capacity of file data to be created, a large-capacity memory unit 200 should be connected to an application unit in which such software is stored. Is possible. On the other hand, since the capacity of file data to be created is not so large in word processing software that creates text, a standard or small-capacity memory unit 200 can be connected to an application unit in which such software is stored. It is.

<Encryption unit + Memory unit + Authentication unit + Application unit>
The portable device 6 may include an application unit in addition to the portable device 6 shown in FIG. The biometric authentication unit 300 includes a USB plug 202 provided so as to be connectable to the memory unit 200, an application unit selected from a plurality of types of option units having different functions, and a USB connector 212 provided detachably. ing. The application unit is connected to the USB connector 212 of the biometric authentication unit 300. Thereby, the portable apparatus 6 provided with the three option units having different functions from the encryption unit 100 can be provided. Further, by providing a plurality of option units having different functions, it is possible to realize a portable device having various functions required by the user. And by providing the memory unit 200, the biometric authentication unit 300, and the application unit as optional units, when the portable device 6 is connected to a computer device and an application is used, the encrypted unit stored in the memory unit 200 is used. When reading data, the biometric authentication unit 300 can authenticate the user.

  As described above, some examples of the portable device in which units selected from a plurality of option units are combined have been described. However, the portable device is not limited to the above-described combination, and various functions that a user requests for each unit. Any combination may be used depending on the case. In the case of such a portable device, the effects obtained by the above-described units can be naturally obtained even when they are combined.

  In addition, the connectors and plugs of each option unit may have the same shape. At this time, the connector of each option unit may have a socket shape to which a plug of each option unit can be attached and detached. As a result, the degree of freedom of combination when connecting each option unit to configure the portable device is increased, and a plurality of option units can be linked to the cryptographic unit in any order by daisy chain connection.

(Second Embodiment)
In the second embodiment, a portable device including a voice recorder unit will be described as an optional unit capable of converting analog data into digital data. FIG. 8 is a schematic diagram illustrating an example of a portable device according to the second embodiment.

  The portable device 306 includes an encryption unit 100, a memory unit 200, and a voice recorder unit 400. The voice recorder unit 400 includes an A / D conversion unit that can convert audio data from analog data to digital data, a D / A conversion unit that can convert digital data to analog data, a microphone that acquires audio data, A display unit 402 that displays audio data information and reproduction / recording information, and an operation unit 404 that performs operations for reproduction and recording. Since the function and configuration as a voice recorder unit are almost the same as those of a commercially available USB type voice recorder, description thereof is omitted.

  However, the portable device 306 according to the present embodiment is configured to store the recorded voice data in the memory unit 200 which is a separate unit from the voice recorder unit 400. That is, it is not necessary to provide the flash memory for storing the voice data in the voice recorder unit 400, so that the cost can be reduced. In addition, since the portable device 306 includes the encryption unit 100, the voice data acquired by the voice recorder unit 400 can be encrypted and stored in the memory unit 200. The audio data stored in the memory unit 200 need not be all encrypted, and the user may be able to select whether or not to encrypt as necessary. As a result, the portable device 306 can encrypt and store highly confidential data such as audio data of a conference, for example, so that it can be carried safely. Note that a memory for storing audio data may be provided in the voice recorder unit 400 instead of the memory unit 200.

  The connection order of the encryption unit 100, the memory unit 200, and the voice recorder unit 400 in the portable device 306 is not particularly limited, but is connected in an appropriate order depending on the configuration of each unit. For example, the memory unit 200 may be connected to the USB connector 38 of the encryption unit 100, and the voice recorder unit 400 may be connected to the USB plug 31 of the encryption unit 100.

  A method for reproducing recorded audio data for the portable device 306 having such a configuration will be described. When audio data is reproduced in the portable device 306, audio is output from an earphone or the like connected to a speaker or an output terminal by a user's operation without particularly requiring authentication. However, when audio data is transferred to an external device such as a computer and played back, authentication may be requested at the time of transfer.

  Specifically, the voice recorder unit 400 is removed from the encryption unit 100 of the portable device 306 and the encryption unit 100 is connected to the computer 10. That is, when the USB plug 31 of the encryption unit 100 is inserted into the USB connector of the USB interface of the computer 10, the OS executed by the computer 10 recognizes the portable device 306 as an external device in the same way as a normal USB memory device. And assign a drive.

  When the user double-clicks the icon assigned to the drive of the portable device 306 based on the screen displayed on the display of the computer 10, the microcomputer 43 of the encryption unit 100 performs user authentication processing. In the user authentication process, the user inputs an ID and password, and the microcomputer 43 determines whether or not the input ID and password match data registered in advance. Note that the biometric authentication unit 300 may be coupled to the portable device 306 to perform user authentication based on biometric data instead of authentication using an ID and a password.

  If the result of the user authentication process is OK, the microcomputer 43 permits the decryption of the encrypted voice data and the transfer (copy) of the decrypted voice data to the computer 10. As a result, unauthorized copying of audio data to the computer 10 can be prevented. When the portable device 306 is used connected to the computer 10, the above-described effects can be obtained by appropriately connecting the OS unit and the application unit.

(Third embodiment)
In the third embodiment, a portable device including a digital camera unit will be described as an optional unit capable of converting analog data into digital data.

  The portable device according to the present embodiment includes an encryption unit 100, a memory unit 200, and a digital camera unit. The digital camera unit includes a lens, a CCD sensor or a CMOS sensor as A / D conversion means capable of converting light entering from the lens into digital data, a display unit for displaying digital data as an image, and for reproduction and recording. An operation unit for performing the operations described above. The main function and configuration of the digital camera unit is that a USB plug is provided in a commercially available digital camera.

  However, the portable device according to the present embodiment is configured to store the recorded image data in the memory unit 200 which is a separate unit from the digital camera unit. That is, since it is not necessary to provide a flash memory for storing image data in the digital camera unit, the cost can be reduced. In addition, since the portable apparatus according to the present embodiment includes the encryption unit 100, the image data acquired by the digital camera unit can be encrypted and stored in the memory unit 200. The image data stored in the memory unit 200 need not be all encrypted, and the user may be able to select whether or not to encrypt as necessary. As a result, the portable device according to the present embodiment, for example, can encrypt and store highly confidential data such as image data of a new product, so that it can be carried with peace of mind. Note that a memory for storing image data in the digital camera unit may be provided instead of the memory unit 200.

  The connection order of the encryption unit 100, the memory unit 200, and the digital camera unit in the portable device according to the present embodiment is not particularly limited, but is connected in an appropriate order depending on the configuration of each unit. For example, the memory unit 200 may be connected to the USB connector 38 of the encryption unit 100, and the digital camera unit may be connected to the USB plug 31 of the encryption unit 100.

  A method for reproducing recorded image data for the portable apparatus having such a configuration will be described. When the image data is reproduced in the portable device according to the present embodiment, the image is displayed on the display unit by the user's operation without particularly requiring authentication. However, when image data is transferred to an external device such as a computer and played back, authentication may be requested at the time of transfer.

  Specifically, the digital camera unit is removed from the encryption unit 100 of the portable device and connected to the computer 10. That is, when the USB plug 31 of the encryption unit 100 is inserted into the USB connector of the USB interface of the computer 10, the OS executed by the computer 10 recognizes the portable device as an external device in the same way as a normal USB memory device. Assign a drive.

  When the user double-clicks the icon assigned to the drive of the portable device based on the screen displayed on the display of the computer 10, the microcomputer 43 of the encryption unit 100 performs user authentication processing. In the user authentication process, the user inputs an ID and password, and the microcomputer 43 determines whether or not the input ID and password match data registered in advance. The biometric authentication unit 300 may be coupled to the portable device according to the present embodiment, and the user may be authenticated based on the biometric data instead of the authentication using the ID and password.

  When the result of the user authentication process is OK, the microcomputer 43 permits the decryption of the encrypted image data and the transfer (copy) of the decrypted image data to the computer 10. Thereby, unauthorized copying of the image data to the computer 10 can be prevented. When the portable device according to the present embodiment is used while connected to the computer 10, the above-described effects can be obtained by appropriately connecting the OS unit and the application unit.

(Fourth embodiment)
In the fourth embodiment, a portable device including a call unit will be described as an optional unit capable of converting analog data into digital data. FIG. 9 is a block diagram showing a schematic configuration of the call unit 500.

  The portable device according to this embodiment includes an encryption unit 100 and a call unit 500. The call unit 500 includes A / D conversion means that can convert voice and images from analog data to digital data, and D / A conversion means that can convert digital data to analog data. Specifically, the call unit 500 includes a USB plug 502, a USB 2-port HUB 504, USB controllers 506 and 508, an audio processing unit 510, an image processing unit 512, and USB connectors 514 and 516. The USB plug 502 is connected to, for example, the USB connector 38 of the encryption unit 100 shown in FIG. The USB 2-port HUB 504 is a branching device for enabling data transmission with a plurality of other option units connected to the USB connectors 514 and 516. The USB controllers 506 and 508 control the audio processing unit 510 and the image processing unit 512 to communicate via the USB plug 502 based on the USB protocol.

  The voice processing unit 510 has an A / D / D / A conversion function, a voice compression / decompression function, and an IP packet processing function. The image processing unit 512 has an A / D / D / A conversion function, an image compression / decompression function, and an IP packet processing function. A headset is connected to the USB connector 514 as necessary. A camera is connected to the USB connector 516 as necessary. The portable device according to the present embodiment is connected to the computer 10 in a state where the USB connector 38 of the encryption unit 100 and the USB plug 502 of the call unit 500 are connected.

  Next, a method for using the portable device according to the present embodiment will be described. As described above, the portable device connected to the computer 10 is authenticated by the encryption unit 100 or the biometric authentication unit 300 as a valid user.

  Specifically, the encryption unit 100 of the portable device is connected to the computer 10. That is, when the USB plug 31 of the encryption unit 100 is inserted into the USB connector of the USB interface of the computer 10, the OS executed by the computer 10 recognizes the portable device as an external device in the same way as a normal USB memory device. Assign a drive.

  When the user double-clicks the icon assigned to the drive of the portable device based on the screen displayed on the display of the computer 10, the microcomputer 43 of the encryption unit 100 performs user authentication processing. In the user authentication process, the user inputs an ID and password, and the microcomputer 43 determines whether or not the input ID and password match data registered in advance. Note that the biometric authentication unit 300 may be coupled to the portable device, and the user may be authenticated based on the biometric data instead of the authentication using the ID and password.

  Furthermore, when the user double-clicks an icon assigned to a VoIP (Voice over Internet Protocol) call control program based on the screen displayed on the display of the computer 10, the program is activated and the telephone unit can operate. Become. Note that the VoIP call control program may be stored in the hard disk of the computer 10 or may be stored in advance in the added application unit.

  If the result of the user authentication process is OK, the microcomputer 43 permits the voice and / or image digital data acquired by the headset or camera to be encrypted and transferred (copied) to the computer 10. As a result, encrypted audio data and image data are transmitted to the communication network 9. Therefore, even if the communication network 9 is eavesdropped, it is difficult to decrypt the encrypted voice data and image data, so that security can be improved. When the portable device according to the present embodiment is used while connected to the computer 10, the above-described effects can be obtained by appropriately connecting a memory unit, an OS unit, an application unit, and the like.

  For example, the memory unit 200 can be connected between the encryption unit 100 and the call unit 500. Thereby, the portable device can encrypt the audio data and / or digital data of the image data acquired by the headset or the camera and transfer the encrypted data to the computer 10 and also store the encrypted audio data and / or image data in the memory. It can also be stored in the unit 200. Therefore, such a portable device can have not only a telephone call but also functions of a voice recorder and a digital camera.

  When transferring the data stored in the memory unit 200 to the computer 10, the call unit 500 is removed from the memory unit 200 of the portable device and connected to the computer 10. When the predetermined authentication process is performed and the authentication result is OK, the portable device can decrypt the encrypted audio data and / or image data and transfer the decrypted audio data and / or image data to the computer 10.

(Fifth embodiment)
In each of the above-described embodiments, the method for improving security by the functions and combinations of various option units constituting the portable device has been described with specific examples. In this embodiment, a method for further improving security by a data processing system using these portable devices will be described. In the data processing system of this embodiment, the portable device 6 in which the encryption unit 100, the memory unit 200, and the biometric authentication unit 300 described in the third embodiment are connected will be described as an example.

Hereinafter, an operation example of the data processing system 1 shown in FIG. 5 will be described.
[Registration of the first portable device 6]
Before starting the memory unit operation, the encryption unit 100 of the portable device 6 is registered with the server, and the encryption key is shared between the server 4 and the portable device 6. The encryption key is a random number generated by the random number generator 455 of the server 4 by directly connecting the server 4 and the encryption unit 100, that is, inserting the USB plug 31 of the encryption unit 100 into the slot of the USB interface 454 of the server 4. And the random number generated by the random number generator 37 of the encryption unit 100. The generation and sharing can be exemplified in the following manner. (1) In the microcomputer 43 of the encryption unit 100, an encryption key is used by using an arbitrary algorithm based on the random number generated by its own random number generator 37 and the random number generated and input by the random number generator 455 of the server 4. And (2) a random number generated by its own random number generator 455 in the server 4 and a random number generator 37 of the encryption unit 100. A mode in which an encryption key is generated using an arbitrary algorithm based on the generated random number and is input and shared by outputting the encryption key to the encryption unit 100. (3) The encryption unit 100 and the server 4 Each of them generates a cryptographic key using a predetermined algorithm based on the random number generated by its own random number generators 37 and 455 and the random number generated and input by the other random number generator. Aspect to.

  Then, the server 4 stores the shared encryption key in association with the identification data of the encryption unit 100. On the other hand, the encryption unit 100 stores a shared encryption key in a storage area such as a flash memory in the microcomputer 43. Further, this encryption key is used for encryption of data transmitted / received first when data is transmitted / received between the server 4 and the portable device 6 via the communication network 9.

Below, the aspect of said (3) is demonstrated more concretely. FIG. 10 is a flowchart for explaining the registration process of the first encryption unit 100.
Step S11: The USB plug 31 shown in FIG. 1 is inserted into the slot of the USB interface 454 of the server 4.
Step S12: A random number is generated in the random number generator 455 of the server 4 shown in FIG.
Further, a random number is generated in the random number generator 37 of the encryption unit 100 shown in FIG.
Step S13: Input and output random numbers generated between the server 4 and the encryption unit 100, respectively.
Step S14: In the processing circuit 457 of the server 4, an encryption key is generated using a predetermined algorithm based on the random number generated by the random number generator 455 in step S12 and the random number input from the encryption unit 100 in step S13. .

On the other hand, the microcomputer 43 of the encryption unit 100 generates an encryption key using a predetermined algorithm based on the random number generated by the random number generator 37 in step S12 and the random number input from the server 4 in step S13. The algorithm is set so that the encryption key is the same as the encryption key generated by the server 4.
Step S15: The server 4 registers (stores) the encryption key generated in step S14 in association with the identification data of the encryption unit 100. The encryption unit 100 also stores the encryption key generated in step S14 in a storage area such as a flash memory in the microcomputer 43.

[Cryptographic key generation process for the second and subsequent times]
When data is transmitted and received between the portable device 6 and the server 4 via the communication network 9, a new encryption key different from the already shared encryption key is shared for each communication, and the encryption key Send and receive data encrypted with. The new encryption key is generated by connecting the portable device 6 to the computer 10 and generating the random number generated by the random number generator 455 of the server 4 and the random number generator 37 of the encryption unit 100 between the server 4 and the portable device 6. The generated random number is transmitted / received via the communication network 9, and is generated based on them. When transmitting and receiving data such as a random number for sharing a new encryption key, the data is encrypted with the already-shared encryption key. The generation and sharing can be exemplified in the following manner. (1) In the microcomputer 43 of the encryption unit 100, an encryption key is obtained using an arbitrary algorithm based on the random number generated by its own random number generator 37 and the received random number generated by the random number generator 455 of the server 4. (2) A random number generated by its own random number generator 455 and a random number generator 37 of the encryption unit 100 received by the server 4 A mode in which an encryption key is generated by using an arbitrary algorithm based on the random number generated in step 1 and is shared by transmitting the encryption key to the portable device 6 (encryption unit 100); (3) a portable device 6 (encryption unit 100) and server 4 using a predetermined algorithm based on the random number generated by its own random number generator and the random number generated by the other party's random number generator. Aspect that Les is to generate an encryption key.

  Then, the server 4 stores a shared encryption key in association with the identification data of the portable device 6 (encryption unit 100). On the other hand, the portable device 6 stores a shared encryption key in a storage area such as a flash memory in the microcomputer 43 of the encryption unit 100.

Below, the aspect of said (3) is demonstrated more concretely. FIG. 11 is a flowchart for explaining encryption key registration processing for the second and subsequent times. This process is performed with the portable device 6 mounted on the computer 10 as shown in FIG.
Step S21: A random number is generated by the random number generator 455 of the server shown in FIG. Further, a random number is generated in a random number generator 37 of the portable device 6 shown in FIG.
Step S22: The processing circuit 457 of the server shown in FIG. 6 encrypts the random number generated in Step S21 using the already shared encryption key and transmits it to the portable device 6 via the communication network 9. On the other hand, the microcomputer 43 of the portable device 6 encrypts the random number generated in step S <b> 21 using the already shared encryption key and transmits it to the server via the communication network 9.

Step S23: Each of the server 4 and the portable device 6 generates a new encryption key using a predetermined algorithm based on the random number generated by itself and the random number received from the other party.
Step S24: The server 4 registers (stores) the new encryption key generated in step S23 in association with the identification data of the portable device 6. The portable device 6 also stores the new encryption key generated in step S23 in a flash memory or the like in the microcomputer 43. The new encryption key is used for encryption of data to be transmitted / received at the next data transmission / reception performed between the server 4 and the portable device 6.

[Initial operation]
The portable device 6 executes the following initial operation when the user issues a request to start an application to the computer 10 shown in FIG. That is, when the USB plug 31 of the portable device 6 shown in FIG. 7 is inserted into the USB connector of the USB interface 21 of the computer 10 shown in FIG. 2, the OS (Operating System) executed by the processing circuit 26 of the computer 10 is The portable device 6 is recognized as the same external storage device as a normal USB memory device, and a drive is assigned. When the OS executed by the processing circuit 26 is Windows (registered trademark) XP, for example, a drive corresponding to the portable device 6 is allocated in a folder of My Computer. When the user double-clicks the icon assigned to the drive of the portable device 6 by operating the operation unit 23 based on the screen displayed on the display 22 of the computer 10, the microcomputer of the portable device 6 is used. 43 performs an initial operation. Note that the OS executed by the processing circuit of the computer 10 may be another OS such as the CD-ROM version knoppix inserted in the CD-ROM drive. Alternatively, the above-described OS unit on which knoppix or other OS is mounted may be connected to the portable device 6.

FIG. 12 is a flowchart for explaining an initial operation performed by the portable device 6.
Step S41: The microcomputer 43 shown in FIG. 1 determines whether or not a biometric (for example, fingerprint) authentication process should be started. If the determination is affirmative, the process proceeds to step S42. If the determination is negative, the process ends. To do.
When the initial operation is started, the processing circuit 26 of the computer 10 illustrated in FIG. 2 displays a biometric authentication screen on which icons of “biometric authentication start” and “cancel” are displayed on the display 22. When the user double-clicks the “start biometric authentication” icon, the microcomputer 43 shown in FIG. 1 determines that the biometric authentication process should be started. On the other hand, when the “cancel” icon is double-clicked, the microcomputer 43 determines that the biometric authentication process should not be started and ends the process.

Step S42: The microcomputer 43 executes biometric authentication processing. The biometric authentication process will be described in detail later.
Step S43: The microcomputer 43 determines whether or not the result of the biometric authentication process performed in step S42 is biometric authentication OK. If the determination is affirmative, the process proceeds to step S44. If the determination is negative, the process ends.
Step S44: The microcomputer 43 of the portable device 6 performs device authentication processing. Although the device authentication process will be described in detail later, the microcomputer 43 functions as a device authentication unit that authenticates whether or not the computer 10 is a registered device in the device authentication process.

Step S45: If the microcomputer 43 authenticates that the computer 10 is a registered device in the device authentication process of step S44, the microcomputer 43 proceeds to step S46, otherwise proceeds to step S47.
Step S46: The microcomputer 43 performs a predetermined process when the computer 10 is a registered device. That is, the microcomputer 43 performs the following processing as device authentication OK processing. For example, the microcomputer 43 displays a main menu screen on which icons of “file management” and “file transmission / reception” are displayed on the display 22 of the computer 10. When “file management” is selected on the main menu screen (the icon is double-clicked), the microcomputer 43 executes file management processing described later. In the file management process, as will be described later, the file can be opened and edited. On the other hand, when “file transmission / reception” is selected (the icon is double-clicked) on the main menu screen, the microcomputer 43 executes file transmission / reception processing described later.
Step S47: The microcomputer 43 performs a NG process defined in advance when the computer 10 is not a registered device. That is, a file transmission / reception process described later is automatically performed as the device authentication NG process.

[Biometric authentication process (step S42, etc.)]
FIG. 13 is a flowchart for explaining the biometric authentication process such as step S42 shown in FIG.
Step S51: The microcomputer 43 requests biometric (for example, fingerprint) authentication from the user.
At this time, the microcomputer 43 issues a predetermined request to the computer 10 on which the portable device 6 is mounted, and the network interface of the computer 10 displays an image corresponding to the request on the display 22.

  Step S52: The microcomputer 43 includes biometric data in which biometric data obtained by the fingerprint sensor 210 of the biometric authentication unit 300 in response to the request of Step S51 from the microcomputer 208 of the biometric authentication unit 300 is registered (recorded) in advance. Information that determines whether or not they match is acquired. Then, the microcomputer 43 proceeds to step S53 when it obtains the coincidence determination result (affirmative determination), and proceeds to step S54 when it is negative determination. The biometric data may be registered (stored) in the memory area of the microcomputer 208 of the biometric authentication unit 300 or may be registered (stored) in the server. If it is registered (stored) in the server, the microcomputer 43 transmits the biometric data obtained by the fingerprint sensor 210 of the biometric authentication unit 300 to the server in response to the request in step S51, and whether the data matches from the server. The determination result of whether or not is received.

Step S53: Since the biometric data obtained by the fingerprint sensor 210 matches the biometric data registered in advance, the microcomputer 43 ends the process assuming that biometric authentication is OK.
Step S54: The microcomputer 43 determines whether or not the number of times the process of step S52 has been performed is within a prescribed number. If the determination is affirmative, the process proceeds to step S55. If the determination is negative, the process proceeds to step S56.
Step S55: The microcomputer 43 displays authentication failure and requests re-authentication, and returns to step S52.
Step S56: The microcomputer 43 determines whether or not countermeasures against unauthorized use are set. As measures against unauthorized use, measures such as deleting data stored in the flash memory 108 of the memory unit 200 when a person other than a legitimate user whose biometric data is registered try to use it are set. Is. In addition, whether or not countermeasures against unauthorized use are set is included in the file management information. Further, the countermeasure against unauthorized use may be set for the flash memory 108 as one unit, or for each folder or file provided in the flash memory 108.
If the determination is affirmative in this step, the process proceeds to step S57. If the determination is negative, the process proceeds to step S61.

Step S57: The microcomputer 43 determines whether or not deletion designation is set. If the determination is affirmative, the process proceeds to step S58. On the other hand, if a negative determination is made, the process proceeds to step S59.
Step S58: The microcomputer 43 performs a process of deleting the file stored in the flash memory 108. The deletion process will be described later.
Step S59: The microcomputer 43 performs a process of invalidating the file stored in the flash memory 108. An example of the invalidation process is a process that makes the file unusable.
Step S60: The microcomputer 43 records a history.
Step S61: The microcomputer 43 ends the process as biometric authentication / NG.

[Device Authentication Processing (Step S44)]
FIG. 14 is a flowchart for explaining the device authentication processing in step S44 shown in FIG. 12, and this processing is executed by the microcomputer 43 that also functions as device (computer) authentication means.
Step S301: The microcomputer 43 of the encryption unit 100 shown in FIG. 1 acquires hardware (device) information from the computer 10 via the USB plug 31. As the hardware information, for example, any one of a serial number of a hard disk device in the computer 10, a serial number of a CPU, or a combination thereof is used.
Step S302: The microcomputer 43 determines whether the hardware information acquired in step S301 is the same as the pre-registered device information based on information stored in a storage area such as a built-in flash memory, for example. Is determined. Then, the microcomputer 43 proceeds to step S303 when it is determined in the determination that it is the same as that registered in advance (in the case of an affirmative determination), and proceeds to step S304 otherwise.
Step S303: The microcomputer 43 ends the process as device authentication OK.

  Step S304: The microcomputer 43 connects to a server on the LAN or the Internet based on a preset address in the LAN or a predetermined URL. In the present embodiment, the microcomputer 43 is connected to the server 4 shown in FIG. At that time, the microcomputer 43 encrypts the hardware information of the computer 10 acquired in step S301 by using the encryption key shared with the server 4 stored in the storage area such as the built-in flash memory. . The microcomputer 43 transmits the encrypted hardware information, the ID (hard number) information of the portable device 6, and the network information to the server 4 via the USB plug 31.

Step S305: The microcomputer 43 determines whether or not the server authentication is OK. The server 4 determines whether or not the information received from the portable device 6 in step S304 matches the hardware information, network information, etc. of the registered device held by itself. Then, the server 4 transmits to the microcomputer 43 that the server authentication is OK when it is determined to match, and that the server authentication is NG when it is determined that they do not match. In this step, the microcomputer 43 determines whether or not it is server authentication OK received from the server 4, and if the determination is affirmative, the process proceeds to S303, and if the determination is negative, the process proceeds to S306.
Step S306: The microcomputer 43 requests the user to input a one-time ID and password. For example, the user accesses a server having a predetermined URL using a Web browser of a mobile phone and requests the issuance of a one-time ID and password. Then, when the mobile phone that has been accessed is a registered user, the server 4 sends a one-time ID and password by e-mail to the pre-registered e-mail address of the mobile phone.

The user inputs the one-time ID and password received from the server 4 to the computer 10 by operating the operation unit 23 shown in FIG.
Step S307: The microcomputer 43 determines whether or not the one-time authentication is OK. The microcomputer 43 transmits the one-time ID and password input in step S306 to the server 4. Then, when the received one-time ID and password are the one-time ID and password notified to the user, the server 4 determines that the one-time authentication is OK as a legitimate user, and determines the result. It transmits to the microcomputer 43. On the other hand, if the received one-time ID and password are not the one-time ID and password notified to the user, the server 4 determines that the one-time authentication is NG as not being a legitimate user, and the result is It transmits to the microcomputer 43. In this step, the microcomputer 43 determines whether or not the one-time authentication OK is received from the server 4. If the determination is affirmative, the microcomputer 43 proceeds to step S303. If the determination is negative, the microcomputer 43 proceeds to step S308.
Although the microcomputer 43 requests the user to input a one-time ID and password in S306, the server 4 does not input the one-time ID and password within a predetermined time and the server 4 performs one-time authentication OK / NG. When not transmitting to the microcomputer 43, the microcomputer 43 may determine with one time authentication NG in S307.
Step S308: The microcomputer 43 ends the process as device authentication NG.
In the above-described device authentication processing, after negative in S302 and S305, the process proceeds to S306, and in S307, it is determined whether or not the one-time authentication is OK. Then, the process proceeds to S304, and after connecting to the server, the processes after S306 may be executed.

[File Management Process (Step S46)]
FIG. 15 is a flowchart for explaining the file management process performed in step S46 shown in FIG.
Step S71: The microcomputer 43 displays a file management screen on the display 22 of the computer 10 shown in FIG. On the file management screen, a list of files stored in the flash memory 108 of the memory unit 200 shown in FIG. 3 is displayed.
Step S72: The microcomputer 43 acquires information indicating which file is selected from the file list displayed on the file management screen when the user operates the operation unit 23 shown in FIG.
Step S73: The microcomputer 43 determines whether or not biometric authentication is necessary to use (read out) the file selected by the user in Step S72. If the determination is affirmative, the process proceeds to S74. If the determination is negative, the process proceeds to step S76.
Step S74: The microcomputer 43 executes the biometric authentication process described above.
Step S75: The microcomputer 43 determines whether or not the result of the biometric authentication process in step S74 is biometric authentication OK. If the determination is affirmative, the process proceeds to step S76. On the other hand, if a negative determination is made, the process ends.

Step S76: The microcomputer 43 calls an application corresponding to the file selected by the user in Step S72, and opens the file selected in Step S72. At this time, the microcomputer 43 decrypts the file read from the flash memory 108 with the corresponding encryption key.
Step S77: The microcomputer 43 causes the random number generator 37 to generate a new random number, and generates an encryption key based on the random number.
Step S78: The microcomputer 43 monitors the update status of the file until the application that opened the file ends.
Step S79: The microcomputer 43 determines whether or not the file has been updated when the use of the file is terminated. If the determination is affirmative, the microcomputer 43 proceeds to step S80. On the other hand, if a negative determination is made, the process proceeds to step S81.
Step S80: The microcomputer 43 encrypts the updated file with the encryption key newly generated in Step S77 and writes it in the flash memory 108.
Step S81: The microcomputer 43 updates the file management information.
Step S82: The microcomputer 43 records the above-described processing history.

[File Transmission / Reception Processing (Step S46)]
FIG. 16 is a flowchart for explaining the file transmission / reception process performed in step S46.
Step S101: The microcomputer 43 of the encryption unit 100 shown in FIG. 1 can transmit a file from the computer 10 to which the portable device 6 is mounted to the server and can the portable device 6 receive a file from the server, in other words. It is determined whether or not the file transmission / reception function can be used, that is, whether or not the environment is accessible to the server. If the determination is negative, the process proceeds to step S102. If the determination is affirmative, the process proceeds to step S103.
Step S102: The microcomputer 43 displays on the display 22 of the computer 10 that the file transmission / reception function cannot be used, and ends the process.
Step S103: The microcomputer 43 transmits the user authentication data encrypted with a server and a shared encryption key stored in advance and the identification data of the portable device 6 to the server 4 via the computer 10. The server 4 decrypts the received user authentication data with a shared encryption key stored in advance, performs authentication processing, and transmits the result to the portable device 6 via the computer 10.

Step S104: The microcomputer 43 proceeds to step S105 if the result of the authentication process received in step S103 is affirmative, and proceeds to step S102 if it is negative.
Step S105: A new encryption key is shared between the server 4 and the portable device 6 using the method described above.
Step S106: The microcomputer 43 performs automatic transmission / reception processing. This process will be described in detail later.
Step S107: The microcomputer 43 determines which one of the transmission process and the reception process is selected, and proceeds to step S108 when the transmission process is selected, and proceeds to step S109 when the reception process is selected. . This is because a main menu screen on which icons of “transmission process” and “reception process” are displayed is displayed on the display 22 of the computer 10, and if “transmission process” is selected by the user, the process proceeds to step S108. If processing is selected, the process proceeds to step S109.
Step S108: The microcomputer 43 performs transmission processing. This process will be described in detail later.
Step S109: The microcomputer 43 performs reception processing. This process will be described in detail later.

[Automatic transmission / reception]
FIG. 17 is a flowchart for explaining an automatic transmission / reception process executed by the portable device 6.
Step S111: The microcomputer 43 of the portable device 6 determines whether or not the server 4 has lost / stolen contact for the portable device 6. If the determination is affirmative, the microcomputer 43 proceeds to Step S112. Ends the process.
Step S112: The microcomputer 43 performs an unauthorized use process described later.

[Unauthorized Use Process (Step S112 in FIG. 17)]
FIG. 18 is a flowchart for explaining the unauthorized use process in step S112 shown in FIG.
Step S131: The microcomputer 43 shown in FIG. 1 determines whether or not all files stored in the flash memory 108 (and its own flash memory) of the memory unit 200 have been checked. And the microcomputer 43 complete | finishes execution of this process by affirmation determination, and progresses to step S132 by negative determination.
Step S132: The microcomputer 43 selects one unchecked file among the files stored in the flash memory.
Step S133: The microcomputer 43 deletes the file selected in step S132. This process will be described in detail later.
Step S134: The microcomputer 43 records the deletion history in step S133.

[Deleting Process (Step S58 in FIG. 13, Step S133 in FIG. 18, etc.)]
FIG. 19 is a flowchart for explaining a deletion process such as step S58 shown in FIG. 13, step S133 of FIG.
Step S141: The microcomputer 43 acquires the file length from the header information of the file selected in step S132 shown in FIG.
Step S142: The microcomputer 43 overwrites all information areas of the file with NULL data according to the file length.
Step S143: The microcomputer 43 overwrites the header of the file with NULL data.
Step S144: The microcomputer 43 deletes the file management information.

[Transmission Process (Step S108 in FIG. 16)]
FIG. 20 is a flowchart for explaining the transmission process.
Step S161: The microcomputer 43 displays a file transmission screen on the display 22 of the computer 10 shown in FIG. A list of files stored in the flash memory 108 shown in FIG. 3 is displayed on the file transmission screen.
Step S162: The microcomputer 43 acquires information indicating which file has been selected from the file list displayed on the file transmission screen by the user operating the operation unit 23.
Step S163: The microcomputer 43 determines whether or not biometric authentication is necessary to transmit the file selected in Step S162. If the determination is affirmative, the process proceeds to S164. If the determination is negative, the process proceeds to step S165.
Step S164: The microcomputer 43 executes the biometric authentication process described above.

Step S165: The microcomputer 43 determines whether or not the biometric authentication in step S164 is OK. If the determination is affirmative, the process proceeds to step S167. On the other hand, if a negative determination is made, the process proceeds to step S166.
Step S166: The microcomputer 43 ends this process without transmitting the selected file.
Step S167: The microcomputer 43 transmits the encrypted file read from the flash memory 108 to the server 4 via the computer 10 as it is.
Step S168: The microcomputer 43 proceeds to step S169 when the file is moved, and proceeds to step S170 when the file is a copy.
Step S169: The microcomputer 43 deletes the selected file. The process described above is used as the deletion process.
Step S170: The microcomputer 43 stores a history of the processing described above.

[Reception Processing (Step S109 in FIG. 16)]
FIG. 21 is a flowchart for explaining the reception process.
Step S181: The microcomputer 43 accesses the content management server in the server via the computer 10 and stores a list of files stored in the file server that can be used by the user using the portable device 6. The file reception screen to be displayed is displayed on the display 22 of the computer 10 shown in FIG.
Step S182: The microcomputer 43 operates the operation unit 23 shown in FIG. 2 to acquire information indicating which file has been selected from the file list displayed on the file reception screen.
Step S183: The microcomputer 43 determines whether or not biometric authentication is necessary to use (read out) the file selected in Step S182. If the determination is affirmative, the process proceeds to step S184. If the determination is negative, the process proceeds to step S187.

Step S184: The microcomputer 43 executes biometric authentication processing. As the biometric authentication process, the above-described one is used.
Step S185: The microcomputer 43 determines whether or not the biometric authentication in step S184 is OK. If the determination is affirmative, the process proceeds to step S187. On the other hand, if a negative determination is made, the process proceeds to step S186.
Step S186: The microcomputer 43 ends this process without receiving the selected file.
Step S187: The microcomputer 43 receives the file stored in the file server. At that time, the file is encrypted with the encryption key generated based on the random number generated by the random number generator 455 of the server. Then, the encryption key is encrypted with the already-shared encryption key and transmitted to the portable device 6.
Step S188: The microcomputer 43 stores the above-described processing history.

  As described above, in the data processing system 1 according to this embodiment, the microcomputer 43 is stored in the flash memory 108 of the memory unit 200 when the computer 10 authenticates that it is registered and valid. The file is decrypted and displayed on the display 22 of the computer 10 so that the data can be confirmed and edited. On the other hand, on the computer 10 that is not authenticated, the file stored in the flash memory 108 is not decrypted. As a result, it is possible to avoid that the portable device 6 is accessed by an unauthorized device and the confidential information stored in the portable device 6 is leaked, and the data is decrypted only by the registered highly reliable computer 10. Since it can be confirmed and edited, it can be prevented from being edited on a computer already infected with a virus and transmitted to a server, and security can be improved.

  Even if the computer 10 to which the portable device 6 is attached is not registered, the user is issued a one-time ID / password, and the authenticated user is allowed to edit data. Therefore, when a large number of unemployed employees use a terminal called a thin client that does not have a hard disk and has only a terminal function, or when the data is stored on a computer that is not registered on the server at a company outside the company, etc. Even when it is desired to use, security can be improved without reducing convenience.

  Note that the microcomputer 43 allows transmission and reception of files between the portable device 6 and the server 4 even when the computer 10 is not authenticated. Thereby, even when the portable device 6 is mounted on the unauthenticated computer 10, data can be transmitted to and received from the server, which is convenient. At that time, since the data is transmitted and received between the flash memory 108 of the memory unit 200 and the server 4 while being encrypted, it is possible to prevent the data from being falsified or illegally read.

  As the encryption method used in the present embodiment, any known method such as scramble can be adopted. Alternatively, each time encryption is performed, a random number may be used to randomly select an encryption method from among a plurality of encryption methods, and encryption may be performed using an encryption key generated using the random number. In this case, the encryption method is also recorded in the file management information. In the portable device 6, since the encryption key is changed every time the file (data) stored in the flash memory 108 is used, the security can be improved.

In addition, when a natural random number is the basis of the encryption key, it cannot be predicted unlike a pseudo-random number created by an expression, and thus security can be improved as compared with the case of using a pseudo-random number. Further, since operations such as calculation and duplication inspection are unnecessary, random numbers can be generated at high speed.
In addition, since the portable device 6 stores data not in the computer 10 but in a secure module outside the computer 10, it is possible to provide a powerful data protection function for data files.
Further, in the portable device 6, even if only the memory unit is lost or stolen, the data cannot be decrypted without the corresponding encryption key, so that the risk of data leakage is low.
In addition, the portable device 6 can set a plurality of types of authentication necessity, decryption conditions such as deletion conditions, expiration dates, and the like. The protection function can be set arbitrarily according to the needs of the company.
Further, according to the portable device 6 of the present embodiment, since the user authentication is performed by biometric authentication instead of the password, the user does not need to remember the password. In addition, unauthorized use due to password leakage can be eliminated.
In the data processing system 1, when the computer 10 connected to the communication network 9 tries to use the portable device 6, the data processing system 1 automatically connects to the server and checks for loss / theft. Then, by registering in the server that the portable device 6 has been lost or stolen, all data in the memory unit is erased by remote control. Thereby, even when the portable device 6 is stolen, the confidentiality of the stored data can be maintained.

The present invention is not limited to the embodiment described above.
That is, those skilled in the art may make various modifications, combinations, subcombinations, and alternatives regarding the components of the above-described embodiments within the technical scope of the present invention or an equivalent scope thereof.
The device authentication OK process and the device authentication NG process shown in FIG. 14 described in the above-described embodiment are examples, and are not limited to the above-described processes.
Further, although the flash memory 108 is exemplified as the memory in the present invention, other recording media such as a semiconductor memory other than the flash memory 108, an optical disk, and an HDD (Hard Disk Drive) may be used.
In the above-described embodiment, the microcomputer 43 has exemplified the case where the encryption function, the decryption function, and the control function are realized. However, these functions may be realized by a plurality of circuits.
In the above-described embodiment, the case where data input / output between the computer 10 and the portable device 6 is performed by the USB method is exemplified, but a protocol of other methods may be adopted.
In the above-described embodiment, as illustrated in FIG. 1, the case where the portable device 6 includes the timer 39 and the battery 41 is illustrated. However, when the file expiration handling processing is not performed, these are included. It does not have to be.

In the above-described embodiment, the case where the portable device 6 includes the flash memory 108 in the memory unit 200, which is a unit different from the encryption unit 100, is illustrated. However, the encryption unit 100 includes the flash memory. The encrypted data may be stored in the flash memory.
Further, in each of the above-described embodiments, the case where the units are connected by the plug and connector conforming to the USB standard is illustrated, but other standards such as the IEEE (Institute of Electrical and Electronics Engineers) 1394 standard may be used. It may be a case where it is connected by an original standard.
In the embodiment described above, the case where the computer 10 to which the microcomputer 43 of the portable device 6 is connected is exemplified, but the microcomputer 43 may authenticate other optional units to be connected. Good. When the microcomputer 43 authenticates the computer 10 and / or the memory unit 200, the microcomputer 43 may cause the encryption / decryption means to decrypt the data encrypted by the encryption / decryption means. Thereby, since the encrypted data is decrypted when the connected computer 10 or the option unit is authenticated, the security of the data can be improved.

  The present invention can be applied to a data processing system using a portable memory.

It is the block diagram which showed schematic structure of the encryption unit. It is a block diagram of a computer. It is the block diagram which showed schematic structure of the memory unit. It is the block diagram which showed schematic structure of the biometrics unit. It is a functional block diagram of a data processing system concerning this embodiment. It is a block diagram of the authentication server which concerns on embodiment. It is the schematic which shows an example of the portable apparatus which concerns on this embodiment. It is the schematic which shows an example of the portable apparatus which concerns on 2nd Embodiment. It is the block diagram which showed schematic structure of the call unit. It is a flowchart for demonstrating the registration process of the 1st memory unit. It is a flowchart for demonstrating the encryption key registration process after the 2nd time. It is a flowchart for demonstrating the initial operation | movement which a portable apparatus performs. It is a flowchart for demonstrating a biometrics authentication process. It is a flowchart for demonstrating a device authentication process. It is a flowchart for demonstrating a file management process. It is a flowchart for explaining file transmission / reception processing. It is a flowchart for demonstrating a transmission / reception automatic process. It is a flowchart for demonstrating an unauthorized use process. It is a flowchart for demonstrating a deletion process. It is a flowchart for demonstrating a transmission process. It is a flowchart for demonstrating a reception process.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 Data processing system, 4 Server, 6 Portable apparatus, 9 Communication network, 10 Computer, 31 USB plug, 33 USB controller, 35 Flash memory, 36 USB host controller, 37 Random number generator, 38 USB connector, 39 Timer, 41 Battery, 43 Microcomputer, 100 Encryption unit, 102 USB plug, 106 Flash memory controller, 108 Flash memory, 110 USB connector, 200 Memory unit, 202 USB plug, 206 USB controller, 208 Microcomputer, 210 Fingerprint sensor, 212 USB Connector, 300 biometric authentication unit, 306 portable device, 400 voice recorder unit, 402 Radical 113, 404 operation unit, 500 call units, 502 USB plug, 506 USB controller, 510 audio processor, 512 an image processing unit, 514 USB connector, 602 biometric authentication unit.

Claims (14)

An encryption unit configured to be attachable to and detachable from a computer device, encrypting data output from the computer device and decrypting the encrypted data and outputting the decrypted data to the computer device,
Random number generating means for generating a random number;
An encryption / decryption means having an encryption function for encrypting data with an encryption key generated based on a random number generated by the random number generation means, and a decryption function for decrypting data;
A first connection unit detachably connected to the computer device;
The encryption / decryption means encrypts data input from a computer device connected to the first connection unit, and the encrypted data is decrypted by the encryption / decryption means under a predetermined condition. Control means for
A second connection unit to which a first option unit selected from a plurality of types of option units that can be added to a function different from the encryption unit by being connected to the encryption unit is detachably connected;
An encryption unit comprising: The second connection portion has a shape in which a connection portion having the same shape as the first connection portion provided at one end of the first option unit is detachable,
The first connection unit is detachably connected to a second option unit selected from a plurality of types of option units that can be added to a function different from the encryption unit by being connected to the encryption unit. Provided in
The control means causes the encryption / decryption means to encrypt data input from the second option unit connected by the first connection unit, and the encrypted data is transmitted under a predetermined condition. The encryption unit according to claim 1, wherein the encryption / decryption means decrypts the data. Device authentication means for authenticating the computer device;
When the device authentication unit authenticates the computer device, the control unit causes the encryption / decryption unit to decrypt the data encrypted by the encryption / decryption unit. The encryption unit according to claim 2. The encryption unit according to any one of claims 1 to 3,
The first optional unit connected to the second connection of the encryption unit;
A portable device comprising: The first optional unit is:
A memory unit for storing encrypted data,
An authentication unit that obtains authentication data from the user,
An application unit in which an application used in the computer device is stored;
The portable device according to claim 4, wherein the portable device is any one of the following. The first optional unit is:
A third connection unit detachably connected to the encryption unit;
The portable device according to claim 5, further comprising a third connection unit detachably connected to a third option unit selected from a plurality of types of option units having different functions. And further comprising the third option unit connected to the fourth connection part,
The third option unit is a unit different from the unit selected as the first option unit among the memory unit, the authentication unit, and the application unit. Portable device. The third optional unit is:
A fifth connecting portion detachably connected to the first option unit;
A sixth connection unit detachably connected to a fourth option unit selected from a plurality of types of option units having different functions;
Further comprising the fourth option unit connected to the sixth connection part,
The fourth option unit is a unit different from the unit selected as the first option unit and the third option unit among the memory unit, the authentication unit, and the application unit. The portable device according to claim 7. A second optional unit connected to the first connection of the encryption unit;
The second option unit has a seventh connection unit detachably connected to the encryption unit and an eighth connection unit detachably connected to the computer device, and is activated by the computer device. The portable device according to claim 4, wherein the portable device is a unit on which an operating system configured as described above is mounted. The encryption unit according to any one of claims 1 to 3,
A fifth option unit connected to the encryption unit and having A / D conversion means capable of converting analog data into digital data;
Storage means for storing the digital data encrypted by the encryption / decryption means;
A portable device comprising:   11. The portable device according to claim 10, wherein the storage means is a flash memory provided in the encryption unit or the fifth option unit, or a memory unit connected to the encryption unit. . The fifth optional unit is:
A voice recorder unit having an A / D converter capable of converting an audio signal from analog data to digital data and a D / A converter capable of converting digital data into analog data;
A digital camera unit having A / D conversion means capable of converting an image signal from analog data to digital data;
A telephone unit having an A / D conversion means capable of converting an audio signal and / or an image signal from analog data to digital data, and a D / A conversion means capable of converting digital data to analog data;
The portable device according to claim 10 or 11, wherein the portable device is any one of the above.   When the storage means is a memory unit connected to the encryption unit, the memory unit is connected to a second connection portion of the encryption unit, and a voice recorder unit or a digital camera as the fifth option unit The portable device according to claim 12, wherein the unit is connected to a first connection of the encryption unit.   14. The control unit of the encryption unit causes the encryption / decryption unit to encrypt the digital data converted by the A / D conversion unit and store the encrypted digital data in the storage unit. The portable device according to any one of the above.

Images