JP2011135512A - Image output device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To perform image output control without complicated user authentication. <P>SOLUTION: It is determined whether an image is encrypted image data (S10) and if the image is the encrypted image data, a determination (S11) of apparatus authentication is performed. If it is not the encrypted image data, image output (S14) is performed in accordance with the setting of an output destination. In the determination (S11) of the apparatus authentication, if the apparatus authentication is permitted, the encrypted image data are decrypted (S12) and if not permitted, output failure processing (S15) is performed. In the image output (14), output is performed in accordance with the output destination of the image. In the decryption (S12) of the encrypted image data, the encrypted image data are decrypted and an output determination (S13) is made. In the output determination (S13), a decrypted image or a decrypted image file is controlled in accordance with the output destination. If output is permitted, the image output (S14) is performed. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to an image output apparatus that outputs encrypted image data to the outside.

  In recent years, there has been widespread use of digital information that can be processed electronically and stored as image data in a recording medium such as a memory card. Since the image data is electronic data, the image data can be carried or transferred relatively easily. Contrary to its convenience, there is a problem that image data with high confidentiality can be carried outside or transferred relatively easily.

  On the other hand, encryption technology has been developed in recent years and has been effective in protecting the confidentiality of users. It is considered that such technology can be solved by introducing encryption technology to devices such as digital cameras. It is done. For example, by encrypting an image taken with a digital camera, even if the image data is stolen, if the image data cannot be decrypted, the secret can be protected. Patent Document 1 describes a digital camera that encrypts image data to improve confidentiality.

  Another advantage of a digital camera is that a captured image can be confirmed with a built-in display device or the like. In order to confirm an encrypted image, the image must be decrypted. In order to strictly protect confidentiality, it is required to authenticate whether the user has the authority to decrypt (user authentication) when decrypting. As a technique for permitting reproduction by performing user authentication, there are a technique of inputting a password of Patent Document 2 into a target device and a technique of inputting biometric information of Patent Document 3.

JP 2000-299847 A JP 2000-125237 A JP 2006-86795 A

  However, password authentication with a portable device such as a digital camera involves complicated operations due to the relationship of operation members and the like. If a part for inputting biometric information is introduced, user authentication can be performed without complicated operations, but this is expensive and increases the cost.

  Therefore, in view of solving these conventional problems, the present invention provides an image output apparatus that can protect confidentiality according to the purpose and reduce user operations without introducing expensive parts. Objective.

  An image output apparatus according to the present invention has an encrypted image determination unit that determines that image data is encrypted encrypted image data, and a function of decrypting the image data determined to be encrypted image data. A decoding function determining unit for determining the image data, a decoding unit for decoding the image data determined to have the function and determined to be encrypted image data by the encrypted image determining unit, and the image data An image output apparatus comprising: an image output determination unit that determines whether to output according to an output destination; and an image output unit that outputs the image data according to a format of the output destination.

  ADVANTAGE OF THE INVENTION According to this invention, when reproducing | regenerating encrypted image data, confidentiality can be protected according to the objective and user operability can be improved.

It is a schematic block diagram of Embodiment 1 of the present invention. It is the schematic of encryption / decryption. It is a flowchart of Embodiment 1 of this invention. It is another example a of the flowchart of Embodiment 1 of this invention. It is another example b of the flowchart of Embodiment 1 of this invention. It is another example c of the flowchart of Embodiment 1 of this invention. It is an example of an output determination table. It is the schematic of the output control by output possible level information. It is an example of an output level table. It is a flowchart of Embodiment 3 of this invention.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

[Embodiment 1]
FIG. 1 is a schematic configuration block diagram of a digital camera (image output apparatus) according to Embodiment 1 of the present invention.

  In FIG. 1, reference numeral 100 denotes a digital camera that images a subject. A power source 110 supplies power to each circuit in the digital camera 100. Reference numeral 120 denotes a card slot A into which a memory card (detachable recording medium) 121 can be inserted. With the memory card 121 inserted into the card slot A 120, the memory card 121 is electrically connected to the card input / output unit 119. Reference numeral 122 denotes a card slot B into which an encryption authentication card (detachable recording medium with an IC card function) 123 can be inserted. The cryptographic authentication card 123 is electrically connected to the card input / output unit 119 while the cryptographic authentication card 123 is inserted into the card slot B122. In this embodiment, the memory card 121 is employed as a recording medium. However, other recording media such as a hard disk, an optical disk, a magneto-optical disk, a magnetic disk, and other solid-state memories may be used.

  Reference numeral 101 denotes a focusing lens that adjusts the focus by advancing and retreating in the optical axis direction. Reference numeral 103 denotes an aperture for adjusting the amount of light to the image sensor. The focusing lens 101, the zooming lens 102, and the diaphragm 103 constitute an imaging optical system.

  The image sensor 104 is a photoelectric conversion unit configured by a CCD image sensor, a CMOS image sensor, or the like. The image sensor 104 photoelectrically converts a subject image formed by the image pickup optical system including the optical elements 101 to 103, and outputs an image signal. The preprocessing circuit 105 includes a CDS (correlated double sampling) circuit, an AGC (auto gain control) circuit, and the like, and removes noise from the output image signal of the image sensor 104 and controls the gain.

  The A / D converter 106 converts the analog image signal output from the preprocessing circuit 105 into a digital image signal. The image signal processing device 107 performs known image signal processing on a digital image signal with a camera such as γ correction and AWB (auto white balance). In other words, the image signal processing device 107 corrects the non-linearity of the image density due to the characteristics of the image sensor 104 and the image color deviation due to the light source. The frame memory 108 functions as a buffer memory that temporarily stores image signals generated by the image sensor 104 to the image signal processing device 107.

  A portion including the image sensor 104 to the frame memory 108 is a photoelectric conversion system that converts an optical image of a subject formed by the imaging optical system into a digital image signal or image data.

  The CPU 109 is connected to a power source 110, a nonvolatile memory 111, a compression unit 112, a RAM memory 113, and a display control device 114. The main switch 116, the first release switch 117, the second release switch 118, and the operation buttons 124 to 126 are also connected to the CPU 109. A card input / output unit 119, a USB control device 127, and a LAN control device 129 are also connected to the CPU 109. The CPU 109 transmits a clock signal for controlling the image signal reading of the image sensor 104 and controls the operation timing of the image sensor 104 to the frame memory 108.

  The nonvolatile memory 111 is composed of an EEPROM or the like, and does not lose recorded data even when the power supply 110 is turned off.

  The compression unit 112 compresses the input image signal to reduce the data amount, specifically, the image file size. The CPU 109 encrypts the encryption target part including the image of the compressed image file. Encryption may be performed by dedicated hardware instead of the CPU 109.

  The RAM memory 113 temporarily stores data when the CPU 109 performs various processes. The display control device 114 drives and controls the TFT 115 composed of a liquid crystal display element. The display control device 114 detects the insertion / extraction of the VIDEO connector at the VIDEO output terminal 132. The display control device 114 also detects insertion / extraction of the connector of the D terminal at the D terminal 133. The display control device 114 also detects insertion / removal of the HDMI terminal connector at the HDMI terminal 134. The USB control device 127 detects the insertion / extraction of the USB connector at the USB terminal 128 and performs signal driving and control of communication for USB connection. The LAN control device 129 detects the insertion / extraction of the wired LAN terminal 130, performs signal driving and control of communication for wired LAN connection, and performs signal driving and control of wireless LAN communication of the wireless LAN 131.

  When the user turns on the main switch 116, the CPU 109 executes a predetermined program related to shooting. The first release switch 117 is turned on by the first stroke (half-pressed state) of the release button, and the second release switch 118 is turned on by the second stroke (full-pressed state) of the release button. The CPU 109 also performs control according to pressing of the left selection button 124, the right selection button 125, and the setting button 126 and the operation state of the digital camera. For example, if the operation state of the digital camera is the playback state, the previous image is displayed with the left selection button 124 and the next image is displayed with the right selection button 125. As a display destination, a currently connected display device (TFT, VIDEO output, D terminal output, HDMI terminal output) can be displayed on the TFT 115 with a graphical user interface. The display destination is selected using a left selection button 124, a right selection button 125, and a setting button 126. If a USB connection is established, an image can be sent to an external device such as a PC by USB communication through a menu operation. The same applies to a wired LAN and a wireless LAN.

  The card input / output unit 119 can transmit commands to the memory card 121 inserted into the card slot A 120, and can transmit / receive various data to / from the memory card 121. The memory card 121 has a function of recording or storing an encrypted compressed image signal or an unencrypted compressed image signal, and includes a semiconductor memory such as a flash memory, a magnetic disk, an optical disk, or the like. Further, the card input / output unit 119 can transmit a command to the encryption authentication card 123 inserted into the card slot B122, and can transmit / receive various data to / from the encryption authentication card 123.

  The encryption authentication card 123 has a function of recording or storing a compressed image signal and an IC card function having a damper property, and includes a semiconductor memory such as a flash memory. The cryptographic authentication card 123 can hold at least one set of an administrator user ID and password, a set of cryptographic user ID and password, and an authentication device individual ID.

  The administrator user ID and password can be set from a dedicated application installed on the PC when the use of the encryption authentication card 123 is started. The encryption authentication card 123 generates and holds the first key 200 at the time of setting. The encryption user ID and the initial password can be registered in the encryption authentication card 123 when the user inputs the administrator user ID and password with a dedicated application. In addition, the administrator user can similarly change the user password of the administrator user, delete the combination of the encrypted user ID and password, change the password of the encrypted user, or register the authentication device individual ID. The password of the encryption user can be changed by the user inputting the encryption user ID and the password with a dedicated application. In the authentication device individual ID, a unique number of the digital camera such as a product serial number is set by a dedicated application on the PC.

  When the encryption authentication card 123 is inserted into the card slot B 122, the CPU 109 transmits the authentication device command and the authentication device individual ID recorded in the nonvolatile memory 111 to the encryption authentication card 123. The cryptographic authentication card 123 performs device authentication by determining whether it has the same ID as the device authentication solid ID from the CPU 109, and returns an authentication result to the CPU 109.

  Also, when the encrypted user authentication command, the encrypted user ID, and the password are transmitted to the encrypted authentication card 123, the encrypted authentication card 123 verifies whether there is the same combination of the encrypted user ID and password stored therein. User authentication is performed and the authentication result is returned.

  The cryptographic authentication card 123 can encrypt and decrypt several bytes of data using the first key 200 as a key. The encryption function and the decryption function of the encryption authentication card 123 can be used by performing device authentication or user authentication. Even if different digital cameras are used, the same function can be used as long as they are the same encryption authentication card 123 and can perform device authentication or user authentication. That is, the image data encrypted by the digital camera A using a certain device authentication card can be decrypted by the digital camera B using the same device authentication card.

  The basic operation of this embodiment will be described. In the present embodiment, when the cryptographic authentication card 123 is inserted into the card slot B122, device authentication is performed, and if it is authenticated, the captured image data is encrypted. If the device is authenticated, the encrypted image data can be decrypted. Here, whether or not the captured image file is to be encrypted may be made variable according to the information about whether or not to encrypt that is recorded in the nonvolatile memory 111 that can be changed by the user.

  The image encryption and decryption operations will be described with reference to FIG. The CPU 109 generates the second key 201 by converting a random number or an image to be encrypted. The CPU 109 converts the image into encrypted image data using the second key. When the CPU 109 transmits the encryption command and the second key 201 to the encryption authentication card 123, the encryption authentication card 123 encrypts the second key 201 using the first key 200 and generates an encryption second key.

  The CPU 109 includes the encrypted second key 202 in the image information and connects it with the encrypted image data to generate an image file. Here, the encryption authentication card 123 does not accept the two-key encryption command unless the device authentication is possible. For decryption, the CPU 109 acquires the encrypted second key 202 from the image file, and transmits the decryption command and the encrypted second key 202 in the image information to the encryption authentication card 123. The encryption authentication card 123 that has received the decryption command decrypts the encrypted second key 202 into the second key 201 using the first key 200 and sends it back to the CPU 109.

  The CPU 109 decrypts the encrypted image portion of the encrypted image file into the original image using the second key 201. Here, the encryption authentication card 123 does not accept a decryption command unless device authentication or user authentication is possible. When the encrypted image data is viewed on the PC, it must be decrypted on the PC. On the PC, the encryption authentication card 123 is connected to the PC, and the user inputs the user ID and password to the dedicated application. Can be decrypted.

  FIG. 3 shows a flowchart of an image output operation in the present embodiment. With reference to the flowchart shown in FIG. 2, the operation of outputting a plurality of images including encrypted image data will be described.

  The CPU 109 determines that the image to be output is encrypted image data (S10). If it is encrypted image data, the device authentication is determined (S11). If it is not encrypted image data, image output (S14) is performed according to the setting of the output destination. Here, the determination of the encrypted image data is the encrypted image data if the image file has the encrypted second key 202, and not the encrypted image data. The encryption second key 202 is described in the portion of the image information portion of the image file that is not the encryption target portion. More specifically, it is described in the manufacturer note of Exif information.

  In the device authentication determination (S11), if the device authentication is permitted, the encrypted image data is decrypted (S12). If not permitted, an output failure process (S15) is performed. Device authentication is performed when the digital camera is started, and is stored in the device authentication result and the RAM memory 113 or the nonvolatile memory 111. The device authentication determination (S11) may be determined based on the stored device authentication result, or device authentication may be performed every time device authentication is determined (S11).

  The image output (S14) is performed according to the output destination of the image. Specifically, if the output destination is a display system output (TFT 115, VIDEO output terminal 132, D terminal 133, HDMI terminal 134), the image is decoded / resized to a resolution suitable for each standard and stored in the RAM memory 113. The display control device is driven according to the output destination. If the output destination is the USB terminal 128 and connected to the PC, the image file is transmitted by driving the USB control device 127. If the output destination is connected to the printer, the image file is output in an output format corresponding to the printer. If the output destination is the wired LAN terminal 130 and the wireless LAN, the image file is driven by driving the LAN control device.

  In the decryption of the encrypted image data (S12), the encrypted image data is decrypted and an output determination (S13) is performed.

  The output failure process (S15) performs an operation according to the state of the digital camera. In the case of displaying an image, the fact that the image is an encrypted image is displayed on the display system output by a graphical user interface with characters and icons. If the image is transferred, the transfer failure is displayed on the display system output by a graphical user interface. Alternatively, the encrypted image data is transferred as it is. The user may be allowed to set which operation is to be performed from a menu or the like.

  The output determination (S13) controls the decoded image or the decoded image file according to the output destination. If output is permitted, image output (S14) is performed. If output is not permitted, output failure processing (S15) is performed. In the output determination (S13), whether or not output is possible from the output destination is determined based on the table of the relationship between the output destination and the output possible / impossible of output from the nonvolatile memory 111 or the RAM memory 113. decide.

  FIG. 7 is an example of an output determination table showing the relationship between the output destination and output enable / disable. In this example, TFT output and VIDEO output can be output, but D terminal output, HDMI output, printing, PC transfer, wired LAN transfer, and wireless LAN transfer cannot be output. Here, the relationship between the output destination and output enable / disable may be made changeable after user authentication is performed by a user's menu operation or the like. Further, the output determination (S13) may be performed according to the resolution at the time of output. For example, an output having a resolution of 640 × 480 as a threshold is not permitted. Not only the resolution of the output device but also the resolution of the original image such as USB or printing may be used.

  In the flowchart of FIG. 3, the order of determining that the image to be output is encrypted image data (S10) and the device authentication determination (S11) may be reversed. Differences will be described with reference to the flowchart of FIG.

  The CPU 109 performs device authentication determination (S10a). In the device authentication determination (S10a), if the device authentication is permitted, it is determined that the image to be output is encrypted image data (S11a). If not permitted, image output (S14) is performed according to the setting of the output destination. It is determined that the image to be output is encrypted image data (S11a), and if it is encrypted image data, the encrypted image data is decrypted (S12). If it is not encrypted image data, image output (S14) is performed according to the setting of the output destination. Other flows are the same as those in the flowchart of FIG.

  By implementing the present invention with the flowchart of FIG. 4, when device authentication cannot be performed, it is not necessary to determine whether or not the image data is an encrypted image, thereby reducing processing.

  In the flowchart of FIG. 3 or FIG. 4, the order of decryption of encrypted image data (S12) and output determination (S13) may be reversed.

  FIG. 5 is a flowchart in which the decryption (S12) flow of encrypted image data and the output determination (S13) flow are reversed with respect to the flowchart of FIG. The flowchart of FIG. 5 will be described using the differences of FIG.

  In the device authentication determination (S11), if device authentication is permitted, an output determination (S12b) is performed. The output determination (S12b) controls the image file according to the output destination. If the output is permitted, the encrypted image data is decrypted (S13b). If output is not permitted, output failure processing (S15) is performed. In the decryption of the encrypted image data (S13b), the encrypted image data is decrypted and the image output (S14) is performed. Other flows are the same as those in the flowchart of FIG.

  FIG. 6 is a flowchart in which decryption of encrypted image data (S12) and output determination (S13) are reversed with respect to the flowchart of FIG. The flowchart of FIG. 6 will be described using the differences of FIG.

  It is determined that the image to be output is encrypted image data (S11a), and if it is encrypted image data, output determination (S12b) is performed. The output determination (S12b) controls the image file according to the output destination. If the output is permitted, the encrypted image data is decrypted (S13b). If output is not permitted, output failure processing (S15) is performed. In the decryption of the encrypted image data (S13b), the encrypted image data is decrypted and the image output (S14) is performed. Other flows are the same as those in the flowchart of FIG.

  Since the output determination is performed without decoding by implementing the present invention in the flowchart of FIG. 5 or FIG. 6, the decoding (S13b) process can be omitted if the output determination is not permitted in the output determination (S12b).

  As described above, in the first embodiment, the encrypted image data can be automatically decrypted according to the output destination of the digital camera. Therefore, complicated user authentication is performed for the output destination that is not a problem even if it is displayed confidentially. Output can be done without doing.

  In addition, by performing user authority authentication from a menu or the like, detailed settings can be made by changing the output determination for each output, so that detailed user requests can be met.

[Embodiment 2]
FIG. 8 is a schematic explanatory diagram of Embodiment 2 of the present invention. In the second embodiment, as shown in FIG. 8, the image and the output possible level information are encrypted with the second key 201 to create an image file. Outputable level information is similarly decoded when an image is decoded. The output possible level information is created as an encrypted image file together with an image when creating encrypted image data at the time of shooting. The output possible level of the output possible level information added to the encrypted image file at the time of shooting is set in advance using a menu or the like. It is also possible to make a setting so that outputable level information is not added to the encrypted image file by using a menu. Further, the outputable level information of the encrypted image file can be added / changed / deleted after authentication by user authentication using a menu or the like.

  In the second embodiment, output control based on output available level information is performed in the output determination (S13) of the flowchart of FIG. FIG. 9 is a table showing the relationship between the output possible level and the output destination that can be output. For example, at level 1, only TFT output is permitted, and output to other output destinations (VIDEO, D terminal, printing, PC transfer, wired LAN, wireless LAN) is not permitted. In Level 2, in addition to TFT output, VIDEO output is permitted, but output to other output destinations (D terminal, printing, PC transfer, wired LAN, wireless LAN) is not permitted. Whether or not the output judgment (S13) can be output from the output possible level based on the table of the relationship between the output possible level developed from the nonvolatile memory 111 or the nonvolatile memory 111 onto the RAM memory 113 and the output destination capable of output To decide. Here, whether or not output is possible for each level of the table may be editable using a menu or the like. Also, the user may create a new level, such as level 7 or level 8 shown in FIG.

  As described above, in the second embodiment, the output destination can be controlled for each encrypted image file, and the user can perform finer control.

[Embodiment 3]
FIG. 10 shows a flowchart of the third embodiment of the present invention. The flow in the case where the output determination (S13) does not permit is different from the flowchart of FIG. If the output determination (S13) does not permit, user authentication (S16) is performed. In the user authentication (S16), the user is prompted to input a user ID and a password by using a menu or the like, and the user authentication is performed. If not authenticated, decrypted image data conversion (S17) is performed. In the decoded image data conversion (S17), the decoded image is converted into an image that may be determined for output, and the converted image is output as an image (S14). More specifically, the conversion content lowers the resolution of the image to a specific resolution. Also, a watermark may be inserted with large characters over the entire image.

  In the first and second embodiments, even if a user with decryption authority is not allowed to determine the output destination, the output operation must be performed again by changing the setting of the output destination using a menu or the like. However, in the third embodiment, when the output determination does not permit, it is possible to reduce the complicated operation of the user having the decryption authority by automatically prompting the user ID and password to be input.

100 Digital camera (image output device)
DESCRIPTION OF SYMBOLS 101 Focusing lens 102 Zooming lens 103 Diaphragm 104 Image pick-up element 105 Preprocessing circuit 106 A / D converter 107 Image signal processing apparatus 108 Frame memory 109 CPU
110 Power supply 111 Non-volatile memory 112 Compression unit 113 RAM memory 114 Display control device 115 TFT
116 Main switch 117 First release switch 118 Second release switch 119 Card input / output unit 120 Card slot A
121 Memory card 122 Card slot B
123 Encryption Authentication Card 124 Left Selection Button 125 Right Selection Button 126 Setting Button 127 USB Controller 128 USB Terminal 129 LAN Controller 130 Wired LAN Terminal 131 Wireless LAN
132 VIDEO output terminal 133 D terminal 134 HDMI terminal 200 1st key 201 2nd key 202 2nd encryption key

Claims (6)

Determining means for determining whether the image data is encrypted image data;
Decrypting means for decrypting encryption of the image data when the image data is the encrypted image data;
When the image data is the encrypted image data, the image output device determines whether or not to output the image data decrypted by the decrypting means according to a format of an output destination .   The image output apparatus according to claim 1, wherein output determination is performed based on an output determination table indicating a relationship between an output destination of the image data and whether to output to the output destination.   The image output apparatus according to claim 1, wherein output determination is performed according to outputable level information.   The image output apparatus according to claim 3, further comprising a changing unit that changes the output level information. User authentication means for authenticating that the user has a decryption authority capable of decrypting the image data determined to be encrypted image data;
5. The output of the image data is permitted when the user authentication unit can authenticate that the user has a decryption authority when the output of the image data is not permitted. The image output device described in 1.   The image data is converted into image data that can be output when the output of the image data is not permitted or when the user authentication means cannot authenticate that the user has the authority to decrypt. Item 6. The image output device according to any one of Items 1 to 5.

Images