JP2010282606A - Information processing control program and information processing apparatus - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To strengthen information security when a file is treated in a personal computer in comparison with the conventional manner. <P>SOLUTION: The information processing control program makes a computer execute a storage-management means for performing storage and management of file data instead of an operating system when the file data is downloaded from a server device at a predetermined location via a predetermined viewer, specifying a second storage area as a storage destination of the file data instead of a first storage area which is preliminarily specified by the operating system, and storing the file data in an encrypted virtual file. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a technique for improving information security in a computer apparatus.

  When a worker at a company takes his / her home to work and uses a personal computer at home or the like to work, store files necessary for work in a storage medium such as a USB (Universal Serial Bus) memory. Is taken home and connected to a personal computer at home.

  In addition, by using the Internet VPN (Virtual Private Network) technology, a company server device and a personal computer at home are connected via the Internet, and files necessary for work are downloaded from the server device to a personal computer at home. Is also possible. In this case, SSL (Secure Socket Layer) technology is used for encryption (SSL-VPN technology) to prevent information leakage on the Internet.

JP 2008-250797 A

  However, when a necessary file is taken home using a USB memory or the like, if the USB memory is transferred to a third party, information on a company or the like may be leaked to the outside. As a countermeasure, there is also known a technique for permitting access to a USB memory on the condition that user authentication is performed by biometric authentication such as password input or fingerprint authentication (see Patent Document 1, etc.). However, there is a problem that user authentication must be performed every time the USB memory is connected to the personal computer.

  Even if information leakage on the Internet can be prevented using SSL-VPN technology, the downloaded file is saved on the hard disk of a personal computer such as the worker's home, so the information security of the personal computer such as the home If this is insufficient, there is a risk that information about companies and the like will be leaked to the outside through this personal computer.

  An object of the present invention is to make it possible to reinforce information security when handling a file in a personal computer as compared with the prior art.

  In order to solve the above-mentioned problems, in the present invention, when file data is downloaded from a server device at a predetermined location via a predetermined viewer, the storage and management of the file data is replaced with an operating system. The second storage area is specified as the storage destination of the file data in place of the first storage area specified in advance by the operating system, and the file data is stored in the encrypted virtual file. The storage / management means is executed by a computer.

  In the information processing control program and the information processing apparatus according to the present invention, the second storage area is designated as the storage destination of the data in place of the first storage area designated in advance by the operating system, and is encrypted. Since the file data is stored in the virtual file, the file data can be accessed only from a dedicated program, and information security can be enhanced.

It is a block diagram explaining the system configuration | structure of one Embodiment of this invention. It is a figure which shows the structural example of the software function part implement | achieved by the information processing control program. It is a functional block diagram explaining the process which the information processing control program concerning one Embodiment of this invention performs. It is a flowchart (the 1) which shows the more detailed process example of embodiment. It is a flowchart (the 2) which shows the more detailed process example of embodiment. It is a flowchart (in the case of a file creation function) which shows the process example of a hook module. It is a flowchart (in the case of a file end function) showing an example of processing of a hook module. It is a flowchart (in the case of a file read function) which shows the process example of a hook module. It is a flowchart (in the case of a file write function) which shows the example of a process of a hook module.

  Hereinafter, preferred embodiments of the present invention will be described.

<Configuration>
FIG. 1 is a block diagram illustrating a system configuration according to an embodiment of the present invention.

  The server device 1 is an information processing device (computer device) operated by a specific company or the like (in this example, “Company A”) for its employees, etc., and is connected to a network 2 such as the Internet. Yes. The company A provides the USB memory 4 as a tool used for work at home or the like to a company employee who uses the personal computer 3 at home or the like (in this example, “a employee”). The USB memory 4 is a storage device that can be easily attached to and detached from the personal computer 3 via a USB port connector. Note that various types of media can be used in place of the USB memory 4 as long as it is a removable storage device that is detachable from the personal computer 3 via a connector.

  The personal computer 3 is an information processing apparatus used by a employee for work at home or the like. The personal computer 3 performs various calculations and centrally controls each part, a CPU (Central Processing Unit) 31, a read-only ROM (Read Only Memory) 32, and a RAM (Random Access Memory) 33 that serves as a work area for the CPU 31. Are connected via a bus 34. Further, the bus 34 has an input device 35 such as a mouse and a keyboard, a display device 36 such as an LCD (Liquid Crystal Display), a storage device 37 such as an HDD (Hard Disk Drive), and a network via a predetermined interface. 2 is connected to a communication interface (I / F) 38 serving as a communication means for communicating with 2. As an example used in the following description, Windows (registered trademark of Microsoft Corporation) is used as the operating system (OS) of the personal computer 3.

  On the other hand, the storage device 37 stores an information processing control program 301 downloaded from the server device 1 based on an operation described later. The information processing control program 301 stores setting information by the user, but is downloaded every time it is connected to the server device 1 in order to obtain the latest program. The information processing control program 301 is set up by a user of the personal computer 3 from a medium such as a CD-ROM (Compact Disk Read-Only Memory) without being downloaded from the server device 1 on condition that the update is appropriately performed. May be.

  FIG. 2 is a diagram illustrating a configuration example of a software function unit realized by the information processing control program 301.

  In FIG. 2, the information processing control program 301 includes a viewer program 302, a local control program 306, and a VPN control program 312.

  The viewer program 302 registers the application program 321 to be controlled by the information processing control program 301 and manages its activation, and various files actually saved in the virtual files of the USB memory 4 and the storage device 37. Is displayed as if it exists in a normal directory location (C drive or the like in the case of Windows). The viewer program 302 includes a launcher control unit 303, a viewer control unit 304, and a hook module 305.

  The launcher control unit 303 registers an application program by dragging the application program icon to a predetermined window, and activates the application program icon displayed in the predetermined window by double-clicking with the mouse. have. The registered application program is stored internally as a list. The predetermined window is displayed with a special display such as a red frame on the outline of the window by dialog control (DC), so that the user can know that the security is protected by the virtual file.

  The viewer control unit 304 has a function of displaying a viewer screen via the file system 309 of the local control program 306. The viewer screen has the same screen as Windows Explorer. The difference is that various file data stored in the virtual files of the USB memory 4 and the storage device 37 are actually displayed as if they existed in a normal directory position. Note that the window of the viewer screen is displayed with a special display such as a red frame on the outline of the window by dialog control so that the user can know that the security is protected by the virtual file. In addition, when the viewer provided by the viewer control unit 304 is connected to an external server device via VPN, the viewer control unit 304 performs communication using a unique protocol under the control of the VPN control program 312 and the server device 1 corresponding to the protocol. Without it, communication is impossible. As a result, data can be downloaded only from the server device 1 at a predetermined location.

  The hook module 305 has a function of hooking (detecting) that an instruction such as a file operation function has been executed in the viewer program 302 and performing a predetermined process. Details of the processing of the hook module 305 will be described later. Here, it is assumed that the hook module 305 is inserted in the viewer program 302 in advance and the special display by the dialog control described above is also performed in advance. However, the dialog control is corrected in the application program 321 described later and the hook module is changed. The same mechanism as the insertion may be used, and when the viewer program 302 is activated, the dialog control may be dynamically corrected and the hook module may be inserted.

  The local control program 306 dynamically corrects the dialog control and inserts the hook module when the application program 321 to be controlled is started, and is a unique file different from the unique file system 333 of the operating system 331. A system 309 is provided. The local control program 306 includes a dialog control (DC) correction unit 307, a hook module (FM) insertion unit 308, a file system 309, and a hook module 311.

  The dialog control correction unit 307 corrects the dialog control for the application program 321 that is started under the management of the information processing control program 301, and gives a special display such as a red frame to the window displayed by the application program 321. It has a function. The dialog control is corrected by rewriting the window display property data in the program code of the application program 321.

  The hook module insertion unit 308 has a function of inserting the hook module 322 into the application program 321 that is activated under the management of the information processing control program 301. The hook module 322 inserted into the application program 321 has a function of hooking (detecting) that a command such as a file operation function or copying or printing has been executed in accordance with the execution of the application program 321 and performing a predetermined process. is doing. Details of the processing of the hook module 322 will be described later.

  The file system 309 has a function of providing a unique file system different from the unique file system 333 included in the operating system 331, and a virtual file to the storage device 37 or the USB memory 4 via the operating system 331. Has a function of writing / reading. Similar to the file system 333 of the operating system 331, the file system 309 hierarchically manages file paths as directory data. The handle map 310 manages the file handle, the displayed file path, and the file position in the virtual file in association with each other. Here, it is assumed that the file system 309 also has a function of creating / updating a virtual file itself stored on the storage device 37 or the USB memory 4, but the file system 309 is similar to the normal file system 333. The hook modules 305, 311, 314, and 322 may create and update the virtual file itself by providing only specified file write / read and directory management functions.

  The hook module 311 has a function of hooking (detecting) execution of a command such as a file operation function in the local control program 306 and performing a predetermined process. Details of the processing of the hook module 311 will be described later.

  The VPN control program 312 provides a function of controlling access to an external server (such as the server device 1) via the VPN. The VPN control program 312 includes a VPN control unit 313 and a hook module 314.

  The VPN control unit 313 has a function of performing server access control using a unique protocol based on a protocol such as SMB (Server Message Block) via the VPN via the operating system 331 and the communication interface 38.

  The hook module 314 has a function of hooking (detecting) execution of a command such as a file operation function in the VPN control program 312 and performing a predetermined process. Details of the processing of the hook module 305 will be described later.

  The operating system 331 is provided with a files function 332 for performing file operations using the file system 333, but is not used for managing virtual files.

<Overview of operation>
In FIG. 1, when the employee a works at home or the like, the USB memory 4 is connected through the connector of the USB port of the personal computer 3. The employee a uses the personal computer 3 as a client of the server device 1. In other words, the Web browser of the personal computer 3 is activated, a specific URL (Uniform Resource Locator) is input, and the Web page provided to the employee by the server device 1 by the company A is displayed on the display device 36. The employee a can download the information processing control program 301 from the server device 1 by receiving predetermined authentication (collation processing based on password input or the like) on the Web page or the like. By downloading the information processing control program 301 and setting it up in the storage device 37 of the personal computer 3, basic preparations for the employee a to work at home or the like are completed.

  As a result, the employee a is provided for at least himself / herself of the server apparatus 1 through the VPN control program 312 from the viewer program provided by the information processing control program 301 or the application program 321 registered by the launcher control unit 303. Various files stored in the stored area can be used. When this file is downloaded, the data is encrypted by the SSL technology and transmitted by the SSL-VPN technology, so there is no possibility that the data leaks on the network 2.

  FIG. 3 is a functional block diagram for explaining processing executed by the information processing control program 301 according to the embodiment of the present invention.

  The information processing control program 301 provides a viewer function by the viewer control unit 304 of the viewer program 302 and a hook function for commands such as a file operation function and copy / print. The information processing control program 301 also includes a unique file system 309. In general, a file system defines a method for storing and managing files on a storage medium, and the operating system 331 includes a unique file system 333, which is normally included in the operating system 331. The system 333 saves and manages the file. However, under predetermined conditions to be described later, the file is stored and managed by the unique file system 309 provided by the information processing control program 301 instead of the file system 333 included in the operating system 331. Is called.

  As described above, the employee “a” who has received the predetermined authentication on the Web page provided to the employee by the server device 1 by the company A is stored in at least the area provided for the server device 1 itself. It is possible to download various files. Normally, when a personal computer 3 tries to download some file from the network 2, the file is usually stored in the storage device 37 or the like by the file function 332 of the operating system 331. The file is stored and managed by the file system 333 of the operating system 331.

  On the other hand, when the employee a tries to download a file stored in the server device 1, the hook modules 305 and 322 that realize the above hook function are originally stored in the storage device 37 by the file function 332. The file to be executed is intercepted, and the file is stored as data in the virtual file encrypted in the storage device 37 or the USB memory 4 by the original file system 309. That is, the file system 309 saves and manages files saved in the storage device 37 and the USB memory 4. The virtual file is stored in a predetermined file hierarchy, but a specific format is applied to a predetermined area in the storage device 37 or the USB memory 4 so that the existence of the virtual file itself cannot be recognized from the outside. You may make it preserve | save a virtual file.

  For example, a C drive used as a normal storage area is constructed in the storage device 37, the USB memory 4 is recognized as a G drive as a removable disk, and a file downloaded from the network 2 is normally stored in the C drive. In this case, the file stored in the USB memory 4 should be displayed as being stored in the G drive. However, as described above, a file downloaded from the server device 1 to a specific area of the USB memory 4 is not a G drive in which a virtual file is actually stored by the unique file system 309, but as if it is a single drive in the C drive. It is displayed on the display device 36 as if stored as a file. When the downloaded file is stored as a file data in a virtual file in the predetermined directory hierarchy of the storage device 37, even if it is the C drive, if it is different from the normal directory hierarchy, the normal directory hierarchy of the C drive is stored. It is displayed on the display device 36 as if it was stored as a single file.

  This is because the file system 309 recognizes what file data is included in a virtual file stored in a specific area of the USB memory 4 or the storage device 37, and the file is virtually stored in the C drive. It is displayed as being done. For example, an icon indicating the file is not displayed even when the G drive is opened, but an icon indicating the file is displayed when the C drive is opened.

  When the icon displayed in the C drive is clicked, an application program 321 for opening the file displayed by the icon is launched, and the hook module 322 intercepts the place where the application program 321 tries to access the file. Then, the file stored in the USB memory 4 or the storage device 37 as data in the virtual file is opened by the file system 309. Similarly, when trying to save the opened file, the hook module 322 intercepts that the application program 321 is to be saved in the storage device 37 that is the C drive, and the file system 309 causes the USB memory 4 or the storage device 37 to be saved. As data in the virtual file.

  As described above, the file downloaded from the server device 1 of the company A is not stored in the normal area of the storage device 37 of the personal computer 3 but is a virtual file encrypted in the USB memory 4 or a predetermined area in the storage device 37. Since it is stored as file data, even if the information security of the personal computer 3 is insufficient, it is possible to prevent the information of the company A from leaking from the personal computer 3. In addition, even if the employee a loses the USB memory 4 or is stolen, the file stored in the USB memory 4 cannot be read by another personal computer or the like in which the information processing control program 301 has not been downloaded. It is also possible to prevent information on company A from leaking from 4.

  Further, the file downloaded from the server device 1 to the USB memory 4 or a specific area of the storage device 37 is normally stored in the normal directory hierarchy of the C drive of the storage device 37 downloaded from the network 2. Since it is displayed, the employee a can handle the file in the same way as a normal file, and the work becomes easier.

<Detailed operation>
FIG. 4 is a flowchart showing a more detailed processing example of the embodiment. In addition, when performing server access via VPN, the process and authentication for VPN construction shall be completed in advance. In this case, when an authentication process is performed by connecting to the server device 1 from a normal browser, the viewer program 302 is automatically activated.

  In FIG. 4, when the viewer program 302 is started (step S101) and the viewer controlled by the viewer control unit 304 is started from the launcher controlled by the launcher control unit 303 (step S102), various file operations can be performed. .

  When a file operation such as copying a file on the network locally in the viewer is performed (step S103), this is hooked (detected) by the hook module 305 (step S104), and the file operation function is processed by the hook module 305. Processing according to the above is performed (step S105). After a predetermined process, return to the hooked instruction or other instructions. Details of the processing of the hook module 305 will be described later.

  On the other hand, when the file is opened during the operation of the viewer (Yes in step S106), the viewer program 302 starts the application program 321 corresponding to the file (step S107). This is done based on the file extension. Also, when the application program 321 is started from the launcher controlled by the launcher control unit 303 of the viewer program 302, the subsequent operation is the same as the following.

  Next, the viewer program 302 activates the local control program 306 (step S108).

  The activated local control program 306 loads a hook module template from a predetermined storage area (step S109).

  The local control program 306 corrects the dialog control of the application program 321 and corrects the program code (mainly property data) so as to display a red frame outside the window, for example (step S110).

  Next, the local control program 306 inserts the hook module 322 into the application program 321 based on the hook module template loaded earlier (step S111).

  Then, the inserted hook module 322 is activated (step S112), and the application program 321 is executed (step S113).

  FIG. 5 is a flowchart showing a processing example of the hook module 322 inserted into the application program 321.

  In FIG. 5, when a file operation or the like is performed in the application program 321 (step S201), this is hooked (detected) by the hook module 322 (step S202), and the hook module 322 performs processing corresponding to the file operation function or the like. (Step S203). After a predetermined process, return to the hooked instruction or other instructions. The processing contents of the hook module 322 will be described next.

  FIG. 6 is a flowchart (in the case of a file creation function) showing a processing example of the hook modules 305, 311, 314, and 322.

  In FIG. 6, when the hook module hooks the CreateFile function (step S301), the hook module acquires the file path name from the argument of the CreateFile function (step S302).

  Next, the hook module determines whether it is a network file other than via VPN (step S303). If it is a network file other than via VPN (Yes in step S303), it rejects execution of the CreateFile function (step S304). ), Return to the original state (step S317), and shift to the subsequent processing. The reason why the creation of a network file other than via VPN is prohibited is that if a file can be created on an arbitrary network, it will cause a security leak.

  If it is not a network file other than via VPN (No in step S303), it is then determined whether the file is a file on the CD-ROM from the file path name (step S305). If it is not a file on the CD-ROM (step S305) Next, it is determined whether or not the application program corresponding to the file extension is an uncontrolled application program (step S306). If the application program is not an uncontrolled application program (No in step S306). Subsequently, it is determined whether the file path is permitted (step S307). The permitted file path is determined by checking with a list of file paths held internally.

  If it is a file on the CD-ROM (Yes in step S305), if it is an application program outside the control (Yes in step S306), or if it is a permitted file path (Yes in step S307), the original A function is called (step S308), and the process returns (step S317).

  On the other hand, if the file path is not permitted (No in step S307), it is subsequently determined whether the file is on the server via the VPN (step S309). If the file is on the server via the VPN (Yes in step S309), the original function is called, the process via the SMB by the VPN control program 312 is performed (step S310), and the process returns (step S317). The execution of the CreateFile function is permitted when the file is on the server via the VPN because there is no problem even if the creation of the file is permitted to the server that has been protected by the VPN.

  If the file is not on the server via VPN (No in step S309), the file system 309 of the local control program 306 is called (step S311).

  The called file system 309 determines whether or not the same file exists in the virtual file by referring to the handle map 310 (step S312).

  When the same file does not exist in the virtual file (No in step S312), the file is created in the virtual file (step S313).

  Next, a display file path is generated (step S314). For example, even if a virtual file exists in the USB memory 4 recognized as the G drive, a file path on the C drive used as a normal work area is generated.

  Next, a new file handle, a file path on the display, and a file position in the virtual file are added to the handle map 310 (step S315).

  If there is the same file in the virtual file (Yes in step S312), file creation (step S313), file path generation for display (step S314), and addition to the handle map 310 (step S315) are not performed. .

  Next, the next instruction is called (step S316), and the process returns (step S317).

  FIG. 7 is a flowchart showing an example of processing in the case of the file end function of the hook modules 305, 311, 314, and 322.

  In FIG. 7, when the hook module hooks the CloseHandle function (step S321), the hook module calls the file system 309 of the local control program 306 (step S322).

  The called file system 309 determines whether or not the same file handle exists in the virtual file by referring to the handle map 310 (step S323).

  When the same file handle does not exist in the virtual file (No in step S323), the original function is called (step S324), and the process returns (step S328).

  When the same file handle exists in the virtual file (Yes in step S323), the file handle is deleted from the handle map 310 (step S325), the file handle is closed (step S326), and the next instruction is called (step S326). S327) and return (step S328).

  FIG. 8 is a flowchart showing a processing example in the case of the file read function of the hook modules 305, 311, 314, and 322.

  In FIG. 8, when the hook module hooks the ReadFile function (step S331), the hook module calls the file system 309 of the local control program 306 (step S332).

  The called file system 309 determines whether or not the same file handle exists in the virtual file by referring to the handle map 310 (step S333).

  If the same file handle does not exist in the virtual file (No in step S333), the original function is called (step S334), and the process returns (step S337).

  If the same file handle exists in the virtual file (Yes in step S333), the corresponding file is read from the virtual file (step S335), the next instruction is called (step S336), and the process returns (step S337).

  FIG. 9 is a flowchart showing an example of processing in the case of the file write function of the hook modules 305, 311, 314, and 322.

  In FIG. 9, when the hook module hooks the WriteFile function (step S341), the hook module calls the file system 309 of the local control program 306 (step S342).

  The called file system 309 determines whether or not the same file handle exists in the virtual file by referring to the handle map 310 (step S343).

  If the same file handle does not exist in the virtual file (No in step S343), the original function is called (step S344), and the process returns (step S348).

  If the same file handle exists in the virtual file (Yes in step S343), the file data in the virtual file is updated (step S345), and the handle map 310 is updated if the file position or the like in the virtual file changes. (Step S346). Then, the next instruction is called (step S347), and the process returns (step S348).

  In addition, when a partial copy operation or print operation of file data is prohibited, the hook module rejects the execution of these instructions when hooked.

<Summary>
As described above, this embodiment has the following advantages.

  (1) Instead of a predetermined area of a storage device such as a C drive specified in advance by the operating system, another area of the same storage device or a predetermined area of a removable storage device such as a G drive is stored in the data storage destination. Since the file data is stored in the encrypted virtual file, the file data can be accessed only from a dedicated program, and information security can be enhanced.

  (2) By saving the encrypted virtual file to a removable storage device such as a USB memory and removing the storage device from the personal computer, the virtual file itself will not remain on the personal computer, further enhancing information security. can do.

  (3) From the dedicated viewer, unlike the actual storage area of the virtual file, the file appears to exist alone on the C drive used in the normal operating environment, so work with the downloaded file Is easier to do.

  (4) A special display indicating that the file is under control is attached to a window of an application program or the like that operates a file managed as a virtual file, so that the user can easily know that the security is protected. be able to.

  (5) In addition to downloading a file from the server device, the file can be saved in a removable storage device such as a USB memory and used for browsing (prohibition of copying and printing).

  The present invention has been described above by the preferred embodiments of the present invention. While the invention has been described with reference to specific embodiments, various modifications and changes may be made to the embodiments without departing from the broad spirit and scope of the invention as defined in the claims. Obviously you can. In other words, the present invention should not be construed as being limited by the details of the specific examples and the accompanying drawings.

1 Server device 2 Network 3 Personal computer 31 CPU
32 ROM
33 RAM
34 Bus 35 Input device 36 Display device 37 Storage device 38 Communication interface 301 Information processing control program 302 Viewer program 303 Launcher control unit 304 Viewer control unit 305 Hook module 306 Local control program 307 Dialog control correction unit 308 Hook module insertion unit 309 File system 310 Handle Map 311 Hook Module 312 VPN Control Program 313 VPN Control Unit 314 Hook Module 321 Application Program 322 Hook Module 331 Operating System 332 File Function 333 File System 4 USB Memory

Claims (5)

  When downloading file data from a server device at a predetermined location via a predetermined viewer, the file data is stored and managed in place of the operating system, and the operating system designates the first Computer-readable information that designates the second storage area instead of the storage area as the storage destination of the file data, and causes the computer to execute storage / management means for storing the file data in the encrypted virtual file Processing control program.   The computer further executes display means for displaying the file data saved in the second storage area by the saving / managing means on the display device with the save destination as the first storage area. Information processing control program.   3. The computer according to claim 1, further causing the computer to execute code correction means for attaching a special display indicating that the program is operated in a file displayed by a program for operating file data managed as a virtual file. Information processing control program. Hook means for realizing a hook function for a file operation function of a program;
A storage and management means for storing and managing file data;
To the computer,
The hook means uses the hook function to store and manage the file data when the operating system downloads the file data from a server device at a predetermined location via a predetermined viewer. Instead, the storage / management means causes the second storage area to be specified as the storage destination of the file data instead of the first storage area specified in advance by the operating system, and the encrypted virtual file A computer-readable information processing control program for storing the file data. Hook means for realizing a hook function for a file operation function of a program;
A storage and management means for storing and managing file data;
With
The hook means uses the hook function to store and manage the file data when the operating system downloads the file data from a server device at a predetermined location via a predetermined viewer. Instead, the storage / management means causes the second storage area to be specified as the storage destination of the file data instead of the first storage area specified in advance by the operating system, and the encrypted virtual file An information processing apparatus for storing the file data.

Images