JP2009218710A - Imaging device, information processor, imaging method, and information processing method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an imaging device which can determine the necessity for processing image data appropriately, and to provide an information processor, an imaging method, and an information processing method. <P>SOLUTION: The imaging device comprises a means for picking up image data, a means for generating a hash value of the image data, a means for generating an electronic signature by enciphering the hash value by a secret key, a means for transferring a public key corresponding to the secret key to a predetermined computer, and a means for associating the image data with identification information capable of identifying the location of the public key and the electronic signature. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to an imaging device, an information processing device, an imaging method, and an information processing method, and more particularly, to an imaging device, an information processing device, an imaging method, and an information processing method that execute processing related to image data.

  With the recent increase in the bandwidth of networks, the distribution of image data captured by a digital camera or the like has dramatically improved. As a result, such image data is used for various purposes. For example, image data picked up by a digital camera is used by a contracting contractor to confirm the construction content, progress status, etc. at a construction site.

  FIG. 1 is a diagram illustrating an example of a distribution route of image data when confirming the progress status of a construction site. In the figure, the orderer, the main contractor, the contractor, and the order construction site are indicated by rectangles.

  At the order receiving work site, the order contractor takes an image of the construction site. The contractor creates data for delivery to the orderer. At this time, image data obtained by imaging the construction site is included in the delivery data. The created delivery data is transferred via a network or the like in the order of the contractor → primary contractor → order supplier. Therefore, the captured image data is distributed through the path indicated by the arrow shown in the figure.

As a result, the orderer can check the progress of the construction by browsing the image data. When the delivery data is transferred via the network, the time lag between the image data capturing by the contractor and the browsing of the image data by the contractor is shortened, and the orderer can confirm a relatively timely situation. .
JP 2006-13776 A

  However, the image data is not necessarily falsified in the distribution process. According to recent image processing techniques, it is possible to perform tampering so fine that it is difficult to detect at first glance. In view of such a point, there is a problem that the orderer cannot always trust the image data 100%.

  In the above, for convenience of explanation, an image of a construction site is taken as an example. However, there is a possibility that image data may be falsified in the distribution process, and its reliability is suspected. It is common regardless.

  The present invention has been made in view of the above points, and provides an imaging device, an information processing device, an imaging method, and an information processing method that can appropriately determine whether or not image data is processed. With the goal.

  Accordingly, in order to solve the above-described problem, the present invention provides an image capturing unit that captures image data, a hash value generation unit that calculates a hash value of the image data, and an electronic signature by encrypting the hash value with a secret key. Signature generating means for generating the public key, public key transferring means for transferring a public key corresponding to the secret key to a predetermined computer, identification information for identifying the location of the public key, and the electronic signature. And an associating means for associating with.

  In such an imaging apparatus, it is possible to appropriately determine whether or not image data is processed.

  According to the present invention, it is possible to provide an imaging apparatus, an information processing apparatus, an imaging method, and an information processing method that can appropriately determine whether or not image data is processed.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. FIG. 2 is a diagram showing a system configuration example according to the embodiment of the present invention. In the figure, a camera 10, a PC 20, and a key management server 30 are shown.

  The camera 10 is a so-called digital camera. The camera 10 includes an imaging unit 11 and a communication interface 12 as main hardware. The main software includes a hash value generation unit 13, an encryption processing unit 14, a key management unit 15, and the like.

  The imaging unit 11 is a set of hardware that captures an image of a subject and generates image data of the image. The interface unit 12 is a communication device for realizing communication with the key management server 30 and the PC 20. The communication may be wired or wireless. In the present embodiment, the communication interface 12 represents not only an interface for network communication but also an interface for communication by USB (Universal Serial Bus) or the like.

  The hash value generation unit 13 calculates a hash value of the image data captured by the imaging unit 11. The encryption processing unit 14 generates an electronic signature for the image data by encrypting the hash value calculated by the hash value generation unit 13. The key management unit 15 generates or manages an encryption key used by the encryption processing unit 14. Note that each software implements its function through processing that a program recorded in a recording medium (not shown) included in the camera 10 causes a CPU (not shown) to execute.

  On the other hand, the PC 20 is a computer used for browsing image data captured by the camera 10, and includes an image data acquisition unit 21, a decryption processing unit 22, a key management unit 23, a hash value generation unit 24, a processing detection unit 25, And software such as a UI unit 26.

  The image data acquisition unit 21 acquires image data captured by the camera 10 and develops it in a memory (not shown). Acquisition of image data may be performed via a network, or may be performed from a recording medium such as an HDD of the PC 20. The decryption processing unit 22 decrypts the digital signature added to the image data. The key management unit 23 manages or generates an encryption key used for decryption by the decryption processing unit 22. The hash value generation unit 24 calculates the hash value of the image data using the same hash function as that of the camera 10. The processing detection unit 25 detects the presence or absence of processing (falsification) on the image data by collating the value decrypted by the decryption processing unit 22 with the hash value calculated by the hash value generation unit 24. The UI unit 26 displays a GUI (Graphical User Interface) on a display device (not shown) connected to the PC 20.

  The key management server 30 manages an encryption key used by the PC 20 for decrypting image data or an encryption key used by the camera 10 for encrypting image data.

  By the way, in this embodiment, encryption is performed by a public key encryption method. The public key / private key pair is generated (or recorded in advance) in either the camera 10 or the PC 20.

  FIG. 3 is a diagram for explaining a case where a pair of a public key and a secret key is generated by the camera.

  In this case, the camera 10 encrypts the hash value with the secret key 51 and transfers the public key 52 to the key management server 30 (S11). The key management server 10 records and stores the transferred public key 52 in a storage device. The PC 20 is notified of the key correspondence keyword 53 which is information for obtaining the public key 52 (S12). The key corresponding keyword 53 is information that can identify the location (storage location) of the public key 52, and may be a URL (Uniform Resource Locator), for example. The PC 20 acquires the public key 52 from the key management server 30 based on the key corresponding keyword 53 (S13), and decrypts the electronic signature added to the image data using the public key 52.

  On the other hand, FIG. 4 is a diagram for explaining a case where a public key / private key pair is generated by the PC.

  In this case, the PC 20 transfers the public key 52 to the key management server 30 (S21). The key management server 10 records and stores the transferred public key 52 in a storage device. The camera 10 is notified of a key correspondence keyword 53 for obtaining the public key 52 (S22). The camera 10 acquires the public key 52 from the key management server 30 based on the key corresponding keyword 53 (S23), and encrypts the hash value using the public key 52.

  Thus, in this embodiment, as shown in FIG. 5, in any case, the public key 52 is not directly exchanged between the camera 10 and the PC 20 which are the users. Thereby, security can be improved in handling the public key 52. Hereinafter, the case of FIG. 3 will be described more specifically as a first embodiment, and the case of FIG. 4 will be described as a second embodiment.

  FIG. 6 is a flowchart for explaining a processing procedure by the camera according to the first embodiment. FIG. 7 is a diagram illustrating a data flow in the camera according to the first embodiment. Note that the step numbers in FIG. 7 match the step numbers of the corresponding steps in FIG.

  When the image data 60 is imaged (input, generated) by the imaging unit 11 and recorded on the recording medium in the camera 10, the key management unit 15 determines whether communication with the key management server 30 is possible (S101). Note that the URL or IP address of the key management server 30 may be recorded in the camera 10 in advance, or may be input by the user via an operation button or the like before or after imaging. If communication is possible (YES in S101), the key management unit 15 generates a pair of the private key 51 and the public key 52 (S102). Subsequently, the key management unit 15 transfers the public key 52 to the key management server 30 via the network (S103).

  When the transfer of the public key 52 is completed normally (YES in S104), the key management unit 15 generates the key corresponding keyword 53 based on the information on the transfer destination of the public key 52 (S105). When information indicating the storage location of the public key 52 is returned from the key management server 30, the key corresponding keyword 53 may be generated using the information.

  Subsequently, the hash value generation unit 13 calculates the hash value 54 of the image data 60 recorded on the recording medium in the camera 10 (S106). Subsequently, the encryption processing unit 14 generates an electronic signature 55 by encrypting the hash value 54 generated by the hash value generation unit 13 with the private key 51 (S107). Note that the encryption processing unit 14 may also encrypt the image data 60 using the secret key 51. Subsequently, the encryption processing unit 14 attaches or associates the key correspondence keyword 53 and the electronic signature 55 to the image data 60 (S108). More specifically, the key correspondence keyword 53 and the electronic signature 55 are stored in the same file as the image data 60. For example, the key correspondence keyword 53 and the electronic signature 55 may be recorded in the header portion (Exif header or the like) of the image data 60.

  When communication with the key management server 30 cannot be performed (NO in S101), or when transfer of the public key to the key management server 30 fails (NO in S104), the key management unit 15 uses the key corresponding keyword 53. A warning message indicating that the electronic signature 55 is not attached to the image data 60 is displayed on the liquid crystal panel of the camera 10 (S109), and the process is terminated.

  Thereafter, the image data 60 recorded on the recording medium of the camera 10 is transferred to the PC 20 via a recording medium such as a network or an SD card.

  Next, processing in the PC 20 that has obtained the image data 60 will be described. FIG. 8 is a flowchart for explaining the processing procedure by the PC in the first embodiment. FIG. 9 is a diagram illustrating a data flow in the PC according to the first embodiment. In addition, the step number in FIG. 9 corresponds to the step number of the corresponding step in FIG.

  When the image data acquisition unit 21 acquires the image data 60 via a network or a recording medium, the key management unit 23 acquires the key corresponding keyword 53 and the electronic signature 55 added to the image data 60 (S151). ). Subsequently, the key management unit 23 determines whether communication with the key management server 30 specified based on the key correspondence keyword 53 is possible (S152). If communication is possible (YES in S152), the key management unit 23 acquires (downloads) the public key 52 from the key management server 30 based on the key corresponding keyword 53, and records it on the recording medium of the PC 20 (S153). ). Subsequently, the decryption processing unit 22 outputs the hash value 54 by decrypting the electronic signature 55 with the public key 52 (S154). If the image data 60 is also encrypted, the decryption processing unit 22 also decrypts the image data 60 with the public key 52.

  Subsequently, the hash value generation unit 24 calculates the hash value 61 of the image data 60 using the same hash function as the hash value generation unit 13 of the camera 10 (S155). Subsequently, the processing detection unit 25 collates (compares) the hash value 54 and the hash value 61 to determine whether the image data 60 is processed (S156). That is, if both hash values do not match, it is determined that processing has been performed, and if both hash values match, it is determined that processing has not been performed.

  If communication with the key management server 30 cannot be performed (NO in S152), the key management unit 23 causes the display device to display a warning message indicating that verification of the presence / absence of processing on the image data 60 cannot be performed. End.

  By the way, in the first embodiment, the key correspondence keyword is added to the image data 60 and transmitted to the PC 20 together with the image data 60. However, the key-corresponding keyword may be transferred from the camera 10 to the PC 20 via the network separately from the image data 60.

  Next, a second embodiment (case in FIG. 4) will be described. FIG. 10 is a flowchart for explaining key generation processing by the PC according to the second embodiment. That is, the process of FIG. 10 is executed before the camera 10 captures an image.

  In step S <b> 201, the key management unit 23 determines whether communication with the key management server 30 is possible. If communication is possible (YES in S201), the key management unit 23 generates a pair of the private key 51 and the public key 52 (S202). Subsequently, the key management unit 23 transfers the public key 52 to the key management server 30 via the network.

  When the transfer of the public key 52 is completed normally (YES in S204), the key management unit 23 generates the key corresponding keyword 53 based on the information on the transfer destination of the public key 52, and records (stores) it in the recording medium. (S205). When information indicating the storage location of the public key 52 is returned from the key management server 30, the key corresponding keyword 53 may be generated using the information. The key management unit 23 records the secret key 51 on the recording medium of the PC 20 (S206).

  Subsequently, the key management unit 23 determines whether or not the camera 10 is connected to the PC 20 (S207). Here, “connection” may be wired or wireless. Further, not only network connection but also one-to-one connection such as USB connection is included. When the camera 10 is connected to the PC 20 (YES in S207), the key management unit 23 transfers the key corresponding keyword 53 to the camera 10 (S208). The camera 10 records the transferred key correspondence keyword 53 on a recording medium.

  If notification with the key management server 30 cannot be made (NO in S204), or if the camera 10 is not connected (NO in S207), the key management unit 23 displays a warning message on the display device (S209). .

  By the way, the process of FIG. 10 may be executed in response to an input to the following setting screen displayed on the display device by the UI unit 26.

  FIG. 11 is a diagram illustrating an example of a setting screen displayed on the PC. In the drawing, the setting screen 510 has a key management server URL input area 511, a connected camera display area 512, a key-corresponding keyword transfer destination display area 513, and the like.

  In the key management server URL input area 511, the URL of the key management server 30 is input by the user. The key management unit 23 performs communication with the key management server 30, generation of the key corresponding keyword 53, and the like based on the URL input in the key management server URL input area 511.

  In the connected camera display area 512, the UI unit 26 displays a list of cameras 10 connected to the PC 20. When the button 514 is clicked, the camera 10 selected in the connected camera display area 512 is set as the key-corresponding keyword transfer destination, and the name moves to the key-corresponding keyword transfer destination display area 513. When the button 513 is clicked, the camera 10 selected in the key corresponding keyword transfer destination display area 513 is excluded from the key corresponding keyword transfer destination. In step S208, the key corresponding keyword 53 is transferred to the camera 10 whose name is displayed in the key corresponding keyword transfer destination display area 513.

  When the key generation button 516 is clicked, the processing in FIG. 10 is started.

  Next, FIG. 12 is a flowchart for explaining a processing procedure by the camera according to the second embodiment. The process of FIG. 10 is performed by the camera 10 that has executed the process of FIG. Therefore, the key-corresponding keyword 53 is recorded in the camera 10 at the start of the processing of FIG.

  When the image data 60 is imaged (input, generated) by the imaging unit 11 and recorded on the recording medium in the camera 10, the key management unit 15 determines whether communication with the key management server 30 is possible (S251). If communication is possible (YES in S251), the key management unit 15 determines whether or not the key correspondence keyword 53 has been updated in the camera 10 (S252). When the key corresponding keyword 53 is recorded for the first time, it is determined that it has been updated.

  When the key corresponding keyword 53 has been updated (YES in S252), or when the corresponding keyword 53 has not been updated (NO in S252), the public key 52 has been updated in the key management server 30 (in S253). YES), the key management unit 15 acquires (downloads) the public key 52 from the key management server 30 based on the key corresponding keyword 53, and records it in the recording medium of the camera 10 (S254).

  Subsequently, the hash value generation unit 13 calculates the hash value 54 of the image data 60 recorded on the recording medium in the camera 10 (S255). Subsequently, the encryption processing unit 14 generates an electronic signature 55 by encrypting the hash value 54 generated by the hash value generation unit 13 with the public key 52 (S256). Note that the encryption processing unit 14 may also encrypt the image data 60 using the public key 52. Subsequently, the encryption processing unit 14 attaches or associates the electronic signature 55 with the image data 60 (S257). More specifically, the electronic signature 55 is stored in the same file as the image data 60. For example, the electronic signature 55 may be recorded in the header portion (Exif header or the like) of the image data 60. In the second embodiment, the key corresponding keyword 53 is not necessarily added to the image data 60. This is because the key correspondence keyword 53 is stored on the PC 20 side. However, the key correspondence keyword 53 may be added to the image data 60.

  On the other hand, when communication with the key management server 30 cannot be performed (NO in S251), the key management unit 15 displays a warning message indicating that the electronic signature 55 is not attached to the image data 60 on the liquid crystal panel or the like of the camera 10. (S258), and the process is terminated.

  Thereafter, the image data 60 recorded on the recording medium of the camera 10 is transferred to the PC 20 via a recording medium such as a network or an SD card.

  Note that the processing in the PC 20 that has obtained the image data 60 is omitted because it is obvious from the first embodiment (FIG. 8). However, in the second embodiment, the PC 20 does not necessarily need to acquire the key correspondence keyword 53. The electronic signature 55 is decrypted by the secret key 51.

  As described above, according to the present embodiment, an encryption key (public key) is not directly exchanged between the camera 10 and the PC 20. Therefore, it is possible to verify whether or not the image data is processed in a more secure state with respect to handling of the encryption key.

  As mentioned above, although the Example of this invention was explained in full detail, this invention is not limited to such specific embodiment, In the range of the summary of this invention described in the claim, various deformation | transformation・ Change is possible.

It is a figure which shows the example of the distribution route of the image data at the time of confirming the progress of a construction site, etc. It is a figure which shows the system configuration example of embodiment of this invention. It is a figure for demonstrating the case where the pair of a public key and a private key is produced | generated by a camera. It is a figure for demonstrating the case where the pair of a public key and a private key is produced | generated by PC. It is a figure which shows the management form of the encryption key in this Embodiment. It is a flowchart for demonstrating the process sequence by the camera in 1st embodiment. It is a figure which shows the data flow in the camera in 1st embodiment. It is a flowchart for demonstrating the process sequence by PC in 1st embodiment. It is a figure which shows the data flow in PC in 1st embodiment. It is a flowchart for demonstrating the key production | generation process by PC in 2nd embodiment. It is a figure which shows the example of the setting screen displayed in PC. It is a flowchart for demonstrating the process sequence by the camera in 2nd embodiment.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 Camera 11 Image pick-up part 12 Communication interface 13 Hash value generation part 14 Encryption processing part 15 Key management part 20 PC
21 Image data acquisition unit 22 Decryption processing unit 23 Key management unit 24 Hash value generation unit 25 Processing detection unit 26 UI unit 30 Key management server

Claims (12)

Imaging means for imaging image data;
Hash value generation means for calculating a hash value of the image data;
Signature generating means for generating an electronic signature by encrypting the hash value with a secret key;
Public key transfer means for transferring a public key corresponding to the secret key to a predetermined computer;
An imaging apparatus comprising: identification information that can identify a location of the public key; and an association unit that associates the electronic signature with the image data.   The imaging apparatus according to claim 1, wherein the association unit stores the identification information and the electronic signature in the same file as the image data. Public key acquisition means for acquiring the public key from the predetermined computer based on the identification information associated with the image data captured by the imaging device according to claim 1 or 2,
Decryption means for decrypting the electronic signature associated with the image data with the public key;
Hash value generation means for calculating a hash value of the image data;
An information processing apparatus comprising: a determination unit that determines whether or not the image data is processed by collating a value decoded by the decoding unit with a hash value calculated by the hash value generation unit. Imaging means for imaging image data;
Public key acquisition means for acquiring the public key from a predetermined computer based on identification information recorded in the storage device and capable of identifying the location of the public key;
Hash value generation means for calculating a hash value of the image data;
Signature generating means for generating an electronic signature by encrypting the hash value with the public key;
An imaging apparatus comprising association means for associating the electronic signature with the image data.   The imaging apparatus according to claim 4, wherein the association unit stores the electronic signature in the same file as the image data. Public key transfer means for transferring a public key to the predetermined computer according to claim 4 or 5,
Identification information transmitting means for transmitting identification information capable of identifying the location of the public key to the imaging device;
Decrypting means for decrypting the electronic signature associated with the image data with a private key corresponding to the public key;
Hash value generation means for calculating a hash value of the image data;
An information processing apparatus comprising: a determination unit that determines whether or not the image data is processed by collating a value decoded by the decoding unit with a hash value calculated by the hash value generation unit. An imaging method executed by an imaging device,
An imaging procedure for imaging image data;
A hash value generation procedure for calculating a hash value of the image data;
A signature generation procedure for generating an electronic signature by encrypting the hash value with a secret key;
A public key transfer procedure for transferring a public key corresponding to the secret key to a predetermined computer;
An imaging method comprising: identification information that can identify a location of the public key and an association procedure that associates the electronic signature with the image data.   The imaging method according to claim 7, wherein the associating step stores the identification information and the electronic signature in the same file as the image data. An information processing method executed by a computer,
A public key acquisition procedure for acquiring the public key from the predetermined computer based on the identification information associated with the image data imaged by the imaging device according to claim 7 or 8,
A decryption procedure for decrypting the electronic signature associated with the image data with the public key;
A hash value generation procedure for calculating a hash value of the image data;
An information processing method comprising: a determination procedure for determining whether or not the image data is processed by comparing the value decrypted by the decryption procedure with the hash value calculated by the hash value generation procedure. An imaging method executed by an imaging device,
An imaging procedure for imaging image data;
A public key acquisition procedure for acquiring the public key from a predetermined computer based on identification information recorded in a storage device and capable of identifying the location of the public key;
A hash value generation procedure for calculating a hash value of the image data;
A signature generation procedure for generating an electronic signature by encrypting the hash value with the public key;
And an association procedure for associating the electronic signature with the image data.   The imaging method according to claim 10, wherein the associating step stores the electronic signature in the same file as the image data. An information processing method executed by a computer,
A public key transfer procedure for transferring a public key to the predetermined computer according to claim 10 or 11,
An identification information transmission procedure for transmitting identification information capable of identifying the location of the public key to the imaging device;
A decryption procedure for decrypting the electronic signature associated with the image data with a private key corresponding to the public key;
A hash value generation procedure for calculating a hash value of the image data;
An information processing method comprising: a determination procedure for determining whether or not the image data is processed by comparing the value decrypted by the decryption procedure with the hash value calculated by the hash value generation procedure.

Images