JP2011203820A - Electronic file management system and electronic file management program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To secure safety of an electronic file by as easy as possible technique.SOLUTION: In this electronic file management system, (1) a data storage area is defined in a USB memory 10a externally attached to a PC 12, and the whole is encrypted, and (2) information about an encryption key necessary for access to the data storage area or encryption of data files F1-F3 is stored in the USB memory 10a. In the system, (3) in the case of movement from the USB memory 10a to a local drive of the PC 12, the data files F1-F3 are converted into electronic confidential files FL1-FL3 wherein the data files F1-F3 are encrypted. (4) In the case of movement from the local drive to the USB memory 10a, the electronic confidential files FL1-FL3 are decrypted.

Description

  The present invention relates to an electronic file management system and an electronic file management program suitable for managing an electronic file in which, for example, secret information is recorded.

  Conventionally, an online data security transmission system is known as a prior art relating to security management of electronic files (see, for example, Patent Document 1). In this prior art, a virtual disk area is set in a built-in disk of a computer, and data stored in the virtual disk area is transmitted to a virtual disk area of another computer while maintaining security. In particular, in the prior art, only authorized application program modules can access the virtual disk area, and when the data is transferred from the virtual disk area or when the data is transferred, the application program encrypts or decrypts the data. It has been done.

  According to the above-described prior art, a computer device in which a specific application program permitted in advance is not installed is excluded as an outsider, and substantial data is transferred only between computer devices in which the specific application program is installed. Communication is possible. For this reason, even if data flows to an outsider, the computer device cannot receive the data, so it is considered that a certain level of security can be ensured in online data transmission.

Special table 2008-522279 gazette

  However, in the above-described prior art method, it is necessary to install application programs one by one in all computer devices in advance and secure a virtual disk area for each built-in disk. The effort is extremely enormous.

  Moreover, even if an application program has been installed in the past, if an error occurs in the disk drive in the computer device and the application program does not start, access to the virtual drive area becomes impossible at that time. In this case, the data cannot be used in the computer device, and it takes time and effort to recover the disk error or reinstall the program. For this reason, there is a problem that the prior art method lacks rapid operation when a failure occurs.

  Therefore, the present invention intends to provide a technique capable of ensuring the safety of an electronic file by a method as simple as possible.

  The present invention provides an electronic file management system. This electronic file management system (1) defines a data storage area in a storage medium that can be accessed by a computer device, and encrypts the entire data. (2) Access to the data storage area and encryption of an electronic file The encryption key information necessary for the storage is stored. In addition, the system (3) converts the electronic file into an encrypted electronic confidential file in the case of moving or copying from the data storage area to the normal storage area, while (4) moving or copying from the normal storage area to the data storage area. In the case of duplication, the electronic confidential file is decrypted.

  According to the electronic file management system of the present invention, an electronic file to be used by a user can be used only within a predefined data storage area ((1) above). When the electronic file is taken out of the data storage area, it is always encrypted as an electronic confidential file ((3) above). For this reason, for example, even if an electronic confidential file leaks to the outside in the process of transmission / reception using network communication, an outsider who does not have encryption key information cannot decrypt the electronic confidential file ((2 )).

  On the other hand, for example, when a certain computer device receives an electronic confidential file from another computer device via a network, if the computer device has the configuration of the system of the present invention, the electronic confidential file is stored in the computer device. Can be used as a user's usage target ((4) above).

  For this reason, the electronic file management system of the present invention has bidirectionality when exchanging electronic files between a plurality of computer devices each having a system configuration. For example, when an electronic file is created by one computer device and transmitted to another computer device, it is of course possible to ensure safety during the transmission process (above (3)) Similarly, in the case where an electronic file is transmitted from a computer device to the original computer device, safety in the transmission process is secured ((3) above). Each of the plurality of computer devices can easily make the electronic file a user's use target by decrypting the electronic confidential file received from the other party in the respective data storage area ((4) above). (1) above.

  Regarding (1) above, preferably, a data storage area is defined for a portable external storage medium detachably connected to a computer device. Regarding (2) above, preferably, by further defining a control information area different from the data storage area for the external storage medium, the data storage encryption key and the transmission data encryption key are stored in the control information area. save.

  Preferably, in (3) above, only when a portable external storage medium is connected to a computer device, the electronic file is converted into an electronic confidential file encrypted using the transmission data encryption key. . In the case of (4), the electronic confidential file is decrypted using the transmission data encryption key only when the portable external storage medium is connected to the computer device.

  If the electronic file management system of the present invention uses a portable external storage medium, a portable external storage medium is used for each of them even when electronic files are exchanged using a plurality of computer devices. Once connected, the data storage area (above (1)) and the encryption key information (above (2)) can be used immediately by computer equipment. For this reason, it is not necessary to install any application on each computer device or form a disk area, and the system can be operated easily and quickly.

  Further, the function (program module for causing a computer device to function as the above-described encryption means and decryption means) of the electronic file encryption (above (3)) and decryption (above (4)) is portable externally. If it is incorporated in a storage medium, the system operation can be started easily and quickly simply by connecting the external storage medium to the computer device.

  For (1) above, a data storage area may be defined for an internal storage medium built in the computer device. For (2) above, by defining a control information area different from the data storage area for a portable external storage medium detachably connected to the computer device, the data storage encryption is stored in the control information area. The encryption key and the transmission data encryption key can also be stored.

  In this case, by defining a data storage area in an internal storage medium (for example, an internal hard disk drive), it becomes easy to ensure a large capacity compared to an external storage medium. Even so, if the external storage medium is not connected, the electronic confidential file cannot be decrypted as an electronic file ((2), (4) above), and conversely, the electronic file is converted into an electronic confidential file. Since it cannot be performed ((2), (3) above), the security of the electronic file can still be maintained at a high level.

  Alternatively, for both (1) and (2) above, a data storage area is defined for an internal storage medium built in a computer device, and a control information area separate from the data storage area for the internal storage medium. By further defining this, the data storage encryption key and the transmission data encryption key can be stored in this control information area.

  In this case, by defining both the data storage area and the control information area in the internal storage medium, the electronic confidential information encrypted from the electronic file on the same internal storage medium while securing a large capacity compared to the external storage medium. Conversion to a file can be performed, or an electronic confidential file can be decrypted to generate an electronic file. For this reason, the electronic file management system can be quickly operated without requiring connection of an external storage medium.

  In this case, it is necessary to define both the data storage area and the control information area in the internal storage medium. However, once these areas are defined, a plurality of computer devices can be used without executing a special application. Electronic files can be exchanged safely between them. In addition, even if the data storage area and the control information area may not be used normally, the present invention does not require the execution of a special application. This can be stored in the normal storage area. After that, if the data storage area and control information area can be used normally, the electronic file can be opened quickly by simply moving or copying the stored electronic confidential file to the data storage area. Therefore, the superiority over the prior art can be ensured.

  The electronic file management system of the present invention assumes the use of a plurality of storage media. In this case, the electronic file management system individually defines a data storage area for storing an electronic file to be used by the user for a plurality of storage media accessible by at least the first and second computer devices. In addition, a data storage area defining means for encrypting the data storage area, a data storage encryption key necessary for accessing the data storage area by the first and second computer devices, and an electronic file are encrypted. A key information storage means for storing a necessary transmission data encryption key and group information set in common to the plurality of storage media, and a first storage medium that is one of the plurality of storage media. Along with access by the computer device, the electronic file is encrypted separately from the data storage area in the first computer device. An encryption unit that converts an electronic file into an encrypted electronic confidential file using the transmission data encryption key and group information when the file is moved or copied to a normal storage area, and electronic transmission by transmission from the first computer device. In a state where the confidential file is stored in the normal storage area in the second computer device, the electronic confidential file is normally stored when the second computer device accesses a storage medium different from any one of the storage media. Decryption means for decrypting an electronic confidential file using a transmission data encryption key on condition that common group information is stored in the key information storage means when moving or copying from the area to the data storage area It becomes the composition provided with.

  According to the electronic file management system of the present invention, while a plurality of computer devices (first and second) respectively have separate storage media, the group information is shared, thereby ensuring safety. Electronic files can be exchanged in units of groups. In other words, if there are a plurality of computer devices (first and second) and they have common group information, transmission and decryption of the electronic confidential file can be realized in both directions. On the other hand, if there are a plurality of computer devices (first and second) and they do not have common group information, other configurations (data storage area definition, electronic file encryption, electronic confidential file Even if possessing (decryption), the electronic file exchange between the two is not established.

  Thereby, since the concept of “grouping” can be established in the system and the operation of the system can be realized, various usage forms of the user can be provided and the convenience thereof can be improved.

  The encryption means uses the transmission data encryption key and the group information even when the electronic file is moved or copied to the normal storage area in accordance with the access by the second computer device to another storage medium. The electronic file is converted into an encrypted electronic confidential file, and the decrypting means is in a state where the electronic confidential file is stored in the normal storage area in the first computer device by transmission from the second computer device. Even when the electronic confidential file is moved or copied from the normal storage area to the data storage area in association with the access by the first computer device to the one storage medium, the common group information is stored in the key information storage means. The electronic confidential file can be decrypted using the transmission data encryption key and group information. That.

  In this case, it is possible to realize a usage mode in which an electronic file is bidirectionally transmitted between a plurality of computer devices (first and second) having common group information.

  The data storage area defining means individually defines the data storage areas for a plurality of portable external storage media detachably connected to the first or second computer device, and the key information storage means By further defining a control information area different from the data storage area for each of the plurality of external storage media, the data storage encryption key, the transmission data encryption key, and the group information are stored in each control information area You can also.

  Preferably, the encrypting means converts the electronic file into an electronic confidential file obtained by encrypting the electronic file using the transmission data encryption key only when any of the external storage media is connected to the first and second computer devices. Convert. Also, the decryption means decrypts the electronic confidential file using the transmission data encryption key only in a state where any one of the portable external storage media is connected to the first and second computer devices. .

  If the electronic file management system of the present invention is a form that uses a portable external storage medium, even when electronic files are exchanged using a plurality of computer devices (first and second), If a portable external storage medium is connected, the data storage area, encryption key, and group information can be immediately used in each computer device. For this reason, it is not necessary to install any application on each computer device or form a disk area, and the system can be operated easily and quickly.

  Furthermore, if a function for encrypting and decrypting an electronic file (a program module for causing a computer device to function as the above-mentioned encryption means and decryption means) is incorporated in a portable external storage medium, each computer device By simply connecting an external storage medium, computer equipment can acquire encryption and decryption functions from the external storage medium and use each function, so system operations can be started easily and quickly. it can.

  The data storage area defining means defines data storage areas for the internal storage media respectively incorporated in the first and second computer devices, and the key information storage means is for each of the plurality of external storage media. By defining a control information area different from the data storage area, the data storage encryption key, the transmission data encryption key, and the group information can be stored in each control information area.

  In this case, by defining a data storage area in an internal storage medium (for example, an internal hard disk drive), it becomes easy to ensure a large capacity compared to an external storage medium. Even so, if the external storage medium is not connected, the electronic confidential file cannot be decrypted as an electronic file by the first and second computer devices, and conversely, the electronic file can be changed to an electronic confidential file. Therefore, the security of electronic files can still be maintained at a high level.

  Alternatively, as another form, the data storage area defining means defines the data storage areas for the internal storage media respectively built in the first and second computer devices, and the key information storage means is the first and second By further defining a control information area different from the data storage area for each of the internal storage media incorporated in the computer equipment, a data storage encryption key, a transmission data encryption key, and Group information can also be saved.

  In this case, each of the first and second computer devices defines both the data storage area and the control information area in the internal storage medium, so that a large capacity is ensured compared to the external storage medium and the same internal storage Conversion from an electronic file to an encrypted electronic confidential file on the medium can be performed, and conversely, the electronic confidential file can be decrypted to generate an electronic file. For this reason, the electronic file management system can be quickly operated without requiring connection of an external storage medium.

  In this case, it is necessary for each computer device to define both the data storage area and the control information area in the internal storage medium. However, once these areas are defined, the first application can be executed without executing a special application. The electronic file can be safely exchanged between the first and second computer devices. Even if the data storage area and the control information area cannot be used normally, the present invention does not require execution of a special application. Confidential files can be exchanged and saved in the normal storage area. After that, if the data storage area and control information area can be used normally, the electronic file can be opened quickly by simply moving or copying the stored electronic confidential file to the data storage area. Therefore, the superiority over the prior art can be ensured.

  In the electronic file management system of the present invention, the encryption unit can encrypt a plurality of electronic files stored in the data storage area into one electronic confidential file. In addition, when a plurality of electronic files are collectively encrypted in one electronic confidential file, the decrypting means can decrypt the one electronic confidential file and generate a plurality of electronic files.

  In this case, for example, even if there are a plurality of electronic files created by a user, they can be transmitted to another user's computer device in a state where they are combined into one electronic confidential file. In addition, if the user who has received the electronic confidential file moves or copies one electronic confidential file to the data storage area, a plurality of electronic files can be extracted therefrom. Thereby, reversibility can be realized when encrypting and decrypting an electronic file, and convenience when exchanging electronic files between a plurality of computer devices can be improved.

[Electronic file management program]
The present invention provides an electronic file management program. This program causes a computer device capable of accessing a storage medium to execute the following steps.

(1) A step of defining a data storage area for storing an electronic file to be used by a user on a storage medium and encrypting the data storage area using a data storage encryption key prepared in advance.
(2) A control information area different from the data storage area is defined for the storage medium, and a data storage encryption key and a transmission data encryption key necessary for encrypting the electronic file are stored in the control information area. Each step is memorized.
(3) To convert an electronic file into an encrypted electronic confidential file using a transmission data encryption key in the process of moving or copying the electronic file to an unencrypted normal storage area separate from the data storage area A step of incorporating the above function (a control program for causing a computer device to function as the encryption means) in the control information area.
(4) A function for decrypting the electronic confidential file using the transmission data encryption key in the process of moving or copying the electronic confidential file from the normal storage area to the data storage area (the computer device as the above-described decrypting means) A step of incorporating a control program) for functioning into the control information area.

  The electronic file management program of the present invention can generate a storage medium necessary for the operation of the electronic file management system, for example, by causing a computer device to execute the above steps (1) to (4). And the storage medium produced | generated through execution of a program can be easily constructed | assembled by connecting this to arbitrary computer apparatuses, and the electronic file management system mentioned above.

  When the system assumes the use of a plurality of storage media (portable external storage media), the electronic file management program of the present invention can cause a computer device to execute the following steps.

[1] Data storage areas for storing electronic files to be used by users are individually defined on a plurality of storage media, and the data storage areas are encrypted using a data storage encryption key prepared in advance. Step to turn.
[2] A control information area different from the data storage area is defined for each of the plurality of storage media, and a data storage encryption key and a transmission data encryption necessary for encrypting the electronic file are stored in each control information area. A step of storing a grouping key and group information set in common for a plurality of storage media.
[3] In the process of moving or copying the electronic file to an unencrypted normal storage area different from the data storage area, the electronic file is converted into an electronic confidential file encrypted using the transmission data encryption key and group information. A step of incorporating a function for conversion (a control program for causing a computer device to function as the encryption means) into the control information area.
[4] Function for decrypting the electronic confidential file using the transmission data encryption key and group information in the process of moving or copying the electronic confidential file from the normal storage area to the data storage area A control program for causing the control information area to function).

  The electronic file management program of the present invention can generate a plurality of storage media necessary for the operation of the electronic file management system, for example, by causing a computer device to execute the above steps [1] to [4]. Since a plurality of storage media are grouped according to group information, a plurality of storage media generated as belonging to the same group are distributed to a plurality of computer devices so that electronic files can be exchanged between these computers. Can be realized safely and easily.

  Further, when a data storage area encrypted using a data storage encryption key prepared in advance is already defined for the storage medium, the electronic file management program may cause the computer device to execute the following steps: Good.

[1] A step of referring to an unencrypted normal storage area different from the data storage area while referring to the data storage area using the data storage encryption key when accessing the storage medium.
[2] A step of converting the electronic file into an electronic confidential file encrypted using a transmission data encryption key prepared in advance in the process of moving or copying the electronic file from the data storage area to the normal storage area.
[3] Decrypting the electronic confidential file using the transmission data encryption key in the process of moving or copying the electronic confidential file from the normal storage area to the data storage area.

  A program for causing a computer device to execute the above steps [1] to [3] has a storage medium (internal storage medium or portable external storage medium) in which a data storage area is defined in advance. Even in such a case, functions necessary for the operation of the electronic file management system can be provided. For example, it is possible to refer to stored electronic files for a computer device with a data storage area encrypted by hardware, export to a normal storage area by encrypting electronic files, or electronic confidentiality. It is possible to provide a function that enables import into a data storage area by decrypting a file.

  In the step [2], a plurality of electronic files stored in the data storage area are collectively encrypted into one electronic confidential file, and in the step [3], a plurality of electronic files are added to one electronic confidential file. When files are encrypted together, it is possible to decrypt a single electronic confidential file and generate a plurality of electronic files.

  By executing the above program on a computer device, for example, even if there are a plurality of electronic files created by a user, they are sent to another user's computer device in a single electronic confidential file. Is possible. In addition, the user who has received the electronic confidential file can also move or copy one electronic confidential file to the data storage area by executing the above-mentioned program, and take out a plurality of electronic files therefrom. Thereby, the convenience at the time of exchanging an electronic file between several computer apparatuses can be improved.

Since the electronic file management system of the present invention encrypts the electronic file on the transmission / reception path, the electronic file including the confidential information can be safely distributed between different computers.
Further, since the received electronic confidential file cannot be decrypted unless it has key information stored in the system in advance, it is possible to prevent information leakage due to theft or erroneous transmission by an external computer device.

  Furthermore, if the electronic file management system uses a portable external storage medium, the external storage medium can be easily used as a system operation machine simply by connecting the external storage medium to an arbitrary computer. .

  Moreover, the electronic file management program of this invention can produce | generate the storage medium (external storage medium) required for system operation | movement easily by performing this with computer equipment. Thereby, the construction work of the electronic file management system can be facilitated and the convenience can be enjoyed in a wide range.

It is a figure which shows schematically the operation | use form of the electronic file management system of one Embodiment. It is the conceptual diagram which showed the utilization form of the electronic file management system roughly. It is the figure which showed roughly the 1st form of the basic composition required for operation | movement of an electronic file management system. It is the figure which showed schematically the 2nd form of the basic composition required for operation | movement of an electronic file management system. It is a figure which shows the outline | summary of the dedicated graphical interface provided by the control program. It is the conceptual diagram which showed an example of the encryption process in relation to said basic structure. It is the conceptual diagram which showed an example of the decoding process in relation to said basic structure. It is a flowchart which shows the example of a procedure of the management program (setup) performed by management PC. It is a flowchart which shows the example of a procedure of the management program (initial setting of a portable medium) performed by management PC. It is a flowchart which shows the example of a procedure of the program performed with the computer apparatus (PC) which is going to be used as a host PC or guest PC of an electronic file management system. It is a figure which shows the outline | summary of the application case 1 of an electronic file management system. It is a figure which shows the outline | summary of the application case 2 of an electronic file management system. It is a figure which shows the outline | summary of the application case 3 of an electronic file management system.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
FIG. 1 is a diagram schematically illustrating an operation mode of an electronic file management system according to an embodiment. The electronic file management system is constructed using, for example, a computer device 100 for management (hereinafter abbreviated as “management PC”). The outline of the electronic file management system will be described below.

[System Overview]
For example, a management program is installed in the management PC 100 in advance. This management program initializes (formats) a portable external storage medium suitable for use in the electronic file management system, such as a USB memory, a card-type memory, an external hard disk drive, and the like.

  That is, as shown in FIG. 1, when the above management program is executed in a state where the USB memory (reference numeral 10) is connected to the management PC 100, the USB memory 10 is suitable for use in the electronic file management system. It is initialized to. Note that a commercially available general-purpose storage medium (nonvolatile memory) can be used for the USB memory 10.

  Furthermore, the management program can group and initialize a plurality of USB memories (reference numerals 10a and 10b). “Grouping” means, for example, that some USB memories 10a are classified as belonging to “group A”, and some other USB memories 10b are those belonging to “group B”. And some other USB memories (not shown) are classified as belonging to “Group C”, “Group D”, “Group E”,. .

  In any case, the plurality of USB memories 10a, 10b and the like grouped and initialized by the management PC 100 are portable memory devices (storage media) suitable for use in the electronic file management system.

[Usage form]
FIG. 2 is a conceptual diagram schematically showing how the electronic file management system is used. The electronic file management system is not limited to the above-described management PC 100, but other guest computer devices 12, 14, 16 (hereinafter abbreviated as “guest PC”, but may be registered as “host PC”). Can be used. The host PC refers to a PC registered in advance in the policy information as a host PC, and an unregistered PC is called a guest PC. The host PC is controlled (restricted) only for password setting, and is not subjected to control (restricted) for browsing, editing, printing, and the like. The guest PC is applied with policies defined in advance, such as password setting, browsing, editing, and printing.

  For example, it is assumed that one guest PC 12 stores data files F1, F2, and F3 in the USB memory 10a connected thereto. These data files F1, F2, and F3 are electronic files (for example, document files, image data, and the like) to be used by system users. The format of the electronic file (so-called extension) is not particularly limited here.

  When the user uses (views, edits, prints, etc.) the data files F1, F2, F3, etc., the guest PC 12 can open these data files F1, F2, F3 only on the USB memory 10a. When the data files F1, F2, F3, etc. are moved (or duplicated) outside the USB memory 10a (for example, a local drive), all the data files F1, F2, F3, etc. are encrypted at that time, and are electronic confidential files. Converted to FL1, FL2, and FL3. That is, these electronic confidential files FL1, FL2, FL3, etc. cannot be opened outside the USB memory 10a (on the local drive).

  However, the electronic confidential files FL1, FL2, FL3, etc. can be transmitted from the guest PC 12 to other guest PCs 14, 16, etc. (for example, attached as an e-mail). On this transmission path (for example, the Internet or a wide area network), the electronic confidential files FL1, FL2, FL3, etc. are always in an encrypted format.

[Intra-group transmission / reception]
For example, it is assumed that the user of the guest PC 12 uses the USB memory 10a belonging to “Group A” and the user transmits the electronic confidential file FL1 to another guest PC 14 (another user in the same group). . At this time, it is assumed that the USB memory 10 a belonging to the same “group A” is previously given to the user of the guest PC 14 by the administrator.

  The user of the guest PC 14 can save the received electronic confidential file FL1 on the local drive of the guest PC 14 as a temporary file, for example. However, this user also cannot open the electronic confidential file FL1 on the local drive of the guest PC 14.

  The received electronic confidential file FL1 can be used only after it is moved (or copied) to the USB memory 10a connected to the guest PC. When the user performs an operation of moving (or copying) the electronic confidential file FL1 to the USB memory 10a in the guest PC 14, the electronic confidential file FL1 is decrypted accordingly. As a result, the received electronic confidential file FL1 is stored in the USB memory 10a as the original data file F1.

  The user of the guest PC 14 can use the data file F1 on the USB memory 10a. That is, the guest PC 14 can open the data file F1 stored in the USB memory 10a within the directory (for example, “G: ¥”). In the USB memory 10a, a lower directory (for example, “G: ¥ USER ¥”) can be constructed. In this case, the data file F1 may be moved to the lower directory.

[Outside group transmission / reception]
The above example is a usage mode when the USB memory 10a belongs to the same “group A”, but the USB memory 10b belonging to another “group B” cannot basically be used.

  For example, it is assumed that the user (group A) of the guest PC 12 transmits the electronic confidential file FL1 to another guest PC 16 (user of another group). At this time, it is assumed that the USB memory 10b belonging to another “group B” is previously given to the user of the guest PC 16 by the administrator.

  The user (group B) of the guest PC 16 can save the received electronic confidential file FL1 on the local drive of the guest PC 16, but cannot move or copy it to the USB memory 10b. Further, as described above, the electronic confidential file FL1 cannot be opened on the local drive of the guest PC 16. Therefore, even if the user of the guest PC 16 receives the electronic confidential file FL1, it cannot open, browse, edit, or print it at all.

[Error transmission / theft]
Up to this point, transmission to a user authorized to operate the electronic file management system (users of guest PCs 14 and 16) has been assumed. However, in the transmission of electronic data, for example, erroneous transmission due to a human error can occur, and theft by a malicious third party (reference numeral H3 in the figure) can also occur.

  Therefore, a case is assumed where the electronic confidential file FL1 is received by the outside PC 18 of the third party H3, for example, due to erroneous transmission or theft. The third party H3 can store the received electronic confidential file FL1 on the local drive of the external PC 18 as a temporary file, for example. However, since the third party H3 does not have the USB memories 10a and 10b, the electronic confidential file FL1 cannot be decrypted and opened.

[Encryption key]
A unique transmission data encryption key and group information are used for encryption of the electronic confidential files FL1, FL2, FL3, etc. by the electronic file management system. For this reason, the safety is high as compared with a simple data lock method using a password. Even if the electronic confidential file FL1 etc. is passed to the hand of the third party H3, the decryption by the password input is impossible.

[Basic configuration]
FIG. 3 is a diagram schematically showing a first form of a basic configuration necessary for operation of the electronic file management system. The basic configuration can be divided into two forms (first form and second form) according to the setting at the time of initialization, and FIG. 3 shows the first form.

[First form (same casing)]
For example, in the USB memory 10a, a control information area 40 and a data storage area 42 are defined based on settings at the time of initialization. Of these, the control information area 40 is defined as an area that cannot be changed by a user other than the administrator (guest user) except for the password.

[Control information area]
In the control information area 40, for example, a control program 44 is stored. The control program 44 is an application that controls access to the data storage area 42 by the host PC or guest PC, encryption / decryption of the data storage area, encryption / decryption of the electronic confidential file, and the like. The OS (operating system) of the guest PC cannot access the data storage area 42 unless this control program 44 is mediated.

  In the control information area 40, transmission data encryption key information 46 (transmission data encryption key), group information 48, data storage encryption key information 50 (data storage encryption key), and data storage area information are various information. 52, policy information 54, and the like are stored.

  Among these, the transmission data encryption key information 46 is key information used when encrypting the data files F1, F2, F3 and the like as described above.

  The group information 48 is information for identifying the “group A” to which the USB memory 10a belongs. The plurality of USB memories 10 a are grouped in advance by setting the group information 48 to be common (for example, “group A”). Here, the USB memory 10a belonging to “Group A” is taken as an example. However, if the USB memory 10b belongs to “Group B”, information for identifying “Group B” is set in the group information 48. ing.

  The next data storage encryption key information 50 is key information for encrypting the entire data storage area 42. Since the data storage area 42 itself is encrypted (for each area), the presence of the data storage area 42 cannot be recognized from the OS such as the guest PC 12 without the data storage encryption key information 50.

  The data storage area information 52 is information for designating the location of the data storage area 42. In the first form, the data storage area 42 is defined in the same housing (that is, the USB memory 10a) as the control information area 40. Therefore, the data storage area information 52 stores, for example, the physical address of the data storage area 42 defined in the USB memory 10a. In FIG. 3, an arrow directed from the data storage area information 52 to the data storage area 42 indicates that the data storage area information 52 specifies the location of the data storage area 42 (the same applies thereafter). .

  The policy information 54 corresponds to restriction information associated with the data files F1, F2, F3, etc. in the data storage area 42. That is, the policy information 54 is restriction information such as copy prohibition, print prohibition, edit prohibition, and expiration date. In FIG. 3, an arrow directed from the policy information 54 to the data storage area 42 indicates that the policy information 54 is applied to the data storage area 42 (the same applies to the following).

[Data storage area]
The data storage area 42 is a work area which can be read (Read), written (Write), and erased (Erase) by the user, for example. However, the entire data storage area 42 is encrypted for each area as described above.

[Second form (separate housing)]
Next, FIG. 4 is a diagram schematically showing a second form of the basic configuration necessary for the operation of the electronic file management system.

  In the case of the second mode, for example, only the control information area 40 is defined in the USB memory 10b based on the setting at the time of initialization. On the other hand, the data storage area 42 cannot be defined when the USB memory 10b is initialized. Therefore, when the use of the second form is assumed, a function for defining the data storage area 42 is incorporated in the control program 44 at the time of initialization.

  Therefore, in the second form, when the initialized USB memory 10b is first connected to the guest PC 12 or the like, the control program 44 is executed and the data storage area 42 is automatically generated (defined). In this case, the control program 44 registers the location where the data storage area 42 is defined (for example, a local drive directory) in the data storage area information 52. Note that the correspondence between each of the above forms and grouping is merely an example, and is not limited thereto.

[Dedicated interface]
FIG. 5 is a diagram showing an outline of a dedicated graphical interface provided by the control program 44. For example, when the USB memory 10a is connected to the guest PC 12 or the like, the control program 44 is executed and the interface screen (window) shown in FIG. 5 is displayed. The control program 44 encrypts the data files F1, F2, F3, etc. through this dedicated interface.

  The dedicated interface is displayed, for example, in a form in which windows are divided into left and right. In the left and right divided windows, for example, the left window is an area for displaying a list of distribution files (electronic confidential files), and the right window is an area for displaying a list of data files. In addition, an “address bar” is displayed at the top of each of the left and right windows, and the current directory is displayed in each “address bar”. In addition, although said 1st form is assumed here, the 2nd form can be considered similarly.

[Refer to data storage area]
When the control program 44 specifies the location of the data storage area 42 based on the data storage area information 52, for example, the control program 44 accesses the data storage area 42 using the data storage encryption key information 50 and stores the data file stored therein. To list. Each data file listed here is displayed in a list in the right window of the dedicated interface, for example.

[Refer to delivery file storage location]
In parallel, the control program 44 accesses a local drive such as the guest PC 12 and lists distribution files stored in an appropriate directory. The distribution files listed here are displayed in a list in the left window of the dedicated interface, for example.

[Encryption processing]
The user can create a distribution file from a desired data file through the dedicated interface of FIG. For example, it is assumed that a data file “XXX.doc” created by the user is stored in the data storage area 42. When the user selects a file name “XXX.doc” and its icon in the right window using a pointing device (mouse, touchpad, etc.) (not shown), and drags and drops it to the left window, the data A distribution file “XXX.issd” is created from the file “XXX.doc”. The file name to be created may be “XXX.doc.issd”.

  The control program 44 encrypts the data file “XXX.doc” in the background in accordance with the above-described operation by the user, converts this to the distribution file “XXX.issd”, and stores the distribution file on the local drive (normally Save to storage area. The data file “XXX.doc” here corresponds to the data files F1, F2, F3, etc., and the distribution file “XXX.issd” corresponds to the electronic confidential files FL1, FL2, FL3, etc.

  Further, the control program 44 can collectively encrypt a plurality of data files and convert them into one distribution file. For example, when the user selects icons of two data files “YYY.doc” and “ZZZ.doc” in the right window and drags and drops them to the left window, these are one distribution file. It is encrypted together in “YYZZ.issd”. Note that the control program 44 can also encrypt three or more data files into a single distribution file.

[Decryption process]
Further, the user can move (or copy) a desired distribution file (received electronic confidential file) to the data storage area 42 through the dedicated interface shown in FIG. For example, it is assumed that the received distribution file “XXX.issd” is stored in the distribution file storage location. At this time, when the user selects the file name “XXX.issd” or its icon in the left window and drags and drops it to the right window, the distribution file “XXX.issd” becomes the data file “XXX.doc”. Is converted to.

  The control program 44 decrypts the distribution file “XXX.issd” in the background in accordance with the above operation by the user, and stores it in the data storage area 42 as the data file “XXX.doc”.

  In addition, when a plurality of data files are collectively encrypted in one distribution file, the control program 44 can reversibly generate a plurality of data files by decryption. For example, when the user selects an icon of one data file “YYZZ.issd” in the left window and drags and drops the icon to the right window, a plurality of (for example, two) data files “YYY.doc” are generated therefrom. , “ZZZ.doc” is generated. The control program 44 can also generate three or more data files by decrypting them from one distribution file. How many data files are generated from one distribution file depends on the number of data files selected at the time of encryption.

Thus, the control program 44 can cause the guest PC (or host PC) to execute the following steps, for example.
[1] A step of activating a dedicated interface to display a list of data files in the data storage area 42 and simultaneously displaying a list of distribution files at a distribution file storage location.
[2] A step of encrypting the data file and converting it into a distribution file in the process of data movement (or duplication) from the data storage area 42 to the distribution file storage location. Here, as described above, a plurality of data files can be combined into one distribution file and encrypted.
[3] Conversely, in the process of data movement (or duplication) from the distribution file storage location to the data storage area 42, a step of decrypting the distribution file to generate a data file. Again, as described above, a plurality of data files can be generated from one delivery file.

FIG. 6 is a conceptual diagram showing an example of the encryption process in association with the above basic configuration.
For example, a case where a plurality of data files F1 to F5 are stored in the data storage area 42 is assumed. Each of the data files F1 to F5 is a document file or image data created by the user. Then, it is assumed that the user selects two data files F4 and F5 using the dedicated interface and creates one distribution file by combining them.

  At this time, the control program 44 executes an encryption process using the transmission data encryption key information 46 and the group information 48 as encryption keys. For this reason, the transmission data encryption key information 46 and the group information 48 described above are stored in the encryption logic in one distribution file (two data files encrypted together: including reference codes FL4 and FL5). It is reflected.

Next, FIG. 7 is a conceptual diagram showing an example of the decoding process in association with the above basic configuration.
For example, assume that the guest PC 14 receives the distribution files (FL4, FL5) and stores them in the distribution file storage location (local drive). Since the distribution file cannot be opened as it is, the user of the guest PC 14 performs an operation of selecting the distribution file using the dedicated interface and moving (or copying) the distribution file to the USB memory 10a.

  In this case, the control program 44 executes a decryption process using the transmission data encryption key information 46 and the group information 48 as encryption keys. Decryption is performed on condition that the transmission data encryption key information 46 and the group information 48 both match. For this reason, the transmission data encryption key information 46 matches, but if the group information 48 does not match, the decryption process is stopped. Thereby, the exchange of the delivery file (electronic confidential file) between different groups can be regulated.

  On the other hand, when the transmission data encryption key information 46 and the group information 48 match, the control program 44 decrypts the distribution file using these as encryption keys. As a result, the original data files F4 and F5 are newly stored in the data storage area 42. The user can open the data files F4 and F5 only in the data storage area 42. Here, a case where a plurality of data files are encrypted together in one distribution file is described as an example, but the same applies to a case where data files are individually encrypted.

[Additional functions based on policy information]
Note that the policy information 54 is applied to the data storage area 42. In the policy information 54, usage restrictions on the data files F4, F5, etc. can be set. Therefore, for example, if a password is set in the policy information 54, an expiration date is set, or a prohibition clause such as copy prohibition or print prohibition is set, the policy information is used when the data files F4 and F5 are used. 54 will be applied.

[Management program (policy setting)]
FIG. 8 is a flowchart illustrating a procedure example of a management program (setup) executed by the management PC.

Step S10: First, the management program is installed on the management PC.
Step S12: After the installation is completed, the management program requests the administrator to select whether or not to manage the organization information. For example, the management program displays a dialog box (not shown) on the screen, and appropriately displays a selection radio button, a check box, and the like together with a message such as “Do you want to manage organization information?”.

  Step S14: When the administrator selects to manage the organization information (step S12: Yes), the management program executes the import of the organization information. In particular, when the administrator does not select to manage the organization information (step S12: No), the management program does not import the organization information.

  Step S16: Next, the management program requests selection of whether to create a group. For example, the management program similarly displays a dialog box on the screen, where a radio button for selection, a check box, etc. are appropriately displayed together with a message such as “Do you want to create a group?”.

  Step S18: When the administrator selects to create group information (step S16: Yes), the management program sets group information. The group information is set by inputting the number of groups to be created and the name of each group, for example. At this time, the management program appropriately displays an interface (not shown) for setting group information on the screen.

  Step S20: Following the setting of the group information, the management program sets policy information to be applied to the host PC. The policy information of the host PC set here includes, for example, presence / absence of password authentication, password rule (number of digits, etc.), log items to be acquired, expiration date, and the like.

  Step S22: Next, the management program sets policy information to be applied to the guest PC. The guest PC policy information includes, for example, the above-mentioned usage restrictions, usage time limits, and passwords.

Step S24: On the other hand, if the administrator has not selected to create a group (step S16: No), the management program sets policy information to be applied to the host PC.
Step S26: The management program sets policy information to be applied to the guest PC. Note that the processing in steps S24 and S26 may be the same as the processing in steps S20 and S22, but if there is a possibility that the relationship with the group information is reflected in the policy information, it is preferable to separate the processing.

  When the above procedure is completed, policy setting work (setup) by the management program is completed.

[Management program (initial setting of portable media)]
Next, FIG. 9 is a flowchart showing a procedure example of a management program (initial setting of a portable medium) executed by the management PC. The management program executes initialization of, for example, the USB memories 10a and 10b through the following program.

  Step S30: The management PC activates the installed management program. If the above setup (policy setting work) has already been completed, the management program is executed not from the setup procedure again but from the initialization procedure.

  Step S32: With the start of the management program, the management PC requests connection of a portable medium. For example, the management program displays a dialog box on the screen and appropriately displays a message such as “Please connect the external storage medium to be initialized to the USB port”. If the external storage medium is already connected, the management program confirms the connection and proceeds to the next step S34.

  Step S34: Next, the management program inquires of the administrator whether the group is selected. For example, the management program displays a dialog box on the screen, and appropriately displays a selection radio button, a check box, and the like together with a message such as “Which group should be selected?”. In the management program, if no group is registered, the selection screen is not displayed.

  Step S36: When the administrator selects any group (step S34: Yes), the management program stores the control information area including the policy information together with the specified group information (for example, “Group A”) on the external storage medium. Create (define). As a result, for example, the control information area 40 including the group information 48 specifying the “group A” and the policy information 54 is created in the storage area of the USB memory 10a. Along with this, the control program 44, other transmission data encryption key information 46, data storage encryption key information 50, etc. are written in the control information area 40.

  Step S37: Note that, in particular, if the administrator does not select a group (step S34: No), the management program creates (defines) a control information area that does not include group information in the external storage medium. At this time, the management program can set only policy information. Along with this, the control program 44, other transmission data encryption key information 46, data storage encryption key information 50, etc. are written in the control information area 40.

  Step S38: Subsequently, the management program requests the administrator to select the data storage area type. For example, the management program displays a dialog box on the screen, and displays a selection radio button, a check box, etc. as appropriate together with a message such as “Please select the location of the data storage area to be created”. Examples of options in this case include “create a data storage area on the external storage medium (same casing)”, “create a data storage area on the local disk of the PC (separate casing)”, and the like.

Step S40: When the administrator selects the same casing (step S38: Yes), the management program sets data storage area information specifying the external storage medium in the control information area.
Step S42: The management program creates a data storage area in the free area of the external storage medium. Thus, for example, in the case of the USB memory 10a, the control information area 40 and the data storage area 42 are created (defined) in the same casing.

  Step S44: On the other hand, when the administrator selects another case (Step S38: No), the management program sets the data storage area information specifying the local drive in the control information area. Note that the data storage area information specified here is not the local drive of the management PC itself, but the local drive of the guest PC to which the external storage medium is to be connected (for example, “C: \ distribution file \”). ing.

  When the above procedure is executed, the management program (initial setting of the portable medium) is terminated. Thereby, the initialization operation of the external storage medium by the management program is completed. When the administrator groups and sets a plurality of external storage media, the above procedure is executed for each external storage medium, and a common group may be selected in the process.

[Operation on PC]
FIG. 10 is a flowchart showing a procedure example of a program executed on a computer device (PC) scheduled to be used as a host PC or guest PC of the electronic file management system. An administrator or another user can execute the following program on an arbitrary PC and register the PC as a host PC or a guest PC.

Step S50: The connection of the initialized external storage medium is started in an arbitrary PC.
Step S52: When the connection of the external storage medium is confirmed, the PC activates the control program 44 stored in the control information area 40. The control program 44 is created in the form of an automatic execution file.

Step S56: The PC checks whether it is registered as a host PC in the management program.
Step S58: If not yet registered as a host PC (step S56: No), the PC makes an inquiry to the administrator as to whether or not to register itself (the PC) as the host PC. For example, the PC displays a dialog box on the screen, and appropriately displays a radio button for selection, a check box, and the like together with a message such as “Do you want to register as a host PC?”. In this case, options such as “register as a guest PC” are also displayed.

  Step S60: If the administrator chooses to register the PC as a host PC (step S58: Yes), the PC generates a communication command and registers itself as a host PC in the management program. If an error occurs in the communication command, the process ends.

  Step S62: Here, the PC registers computer-specific information (for example, a MAC address) as a host PC in the control information area 40.

  If the above procedure is executed or if the self has already been registered as the host PC (step S56: Yes), the administrator selects not to register the PC as the host PC (step S58: No), the next The process proceeds to step S64.

  Step S64: Next, the PC confirms the setting status of the data storage area. Specifically, it is confirmed whether the data storage area 42 has been set in the connected external storage medium (same casing) or not set (separate casing).

  Step S66: If the setting status is another case, the PC creates (defines) the data storage area 42 in the designated local drive. At this time, the data storage area 42 is encrypted based on the data storage encryption key information 50. Note that if the setting status is the same casing, or if it has already been set, the PC skips step S66.

  By executing the above procedure on an arbitrary PC, only a PC that can communicate with the management program can be registered as a “host PC”. All computers other than the “host PC” are recognized as “guest PCs”. Therefore, for example, when an electronic file management system is operated in a company, only the in-house PC can be registered as a host PC, and an external PC can be registered as a guest PC.

[Other forms]
The above system can also be realized by using only an internal storage medium (internal HDD, internal SSD) of each PC without using an external storage medium (USB memory 10a, 10b). That is, by previously defining both the data storage area 42 and the control information area 40 in the internal storage medium and exchanging electronic confidential files between a plurality of PCs, the above-described system can be operated.

  In this case, it is necessary to execute a management program on each PC and initialize a partial area of the internal storage medium. However, since the control program 44 is incorporated in the control information area 40 after the initialization, Electronic confidential files can be exchanged safely without executing a special application on each PC (without requiring the user to perform application execution).

  In addition, since no special application is required, even if the data storage area 42 and the control information area 40 are temporarily unavailable, other storage areas (delivery file storage locations) are normal on each PC. If there is, it is possible to receive and store the electronic confidential file for the time being and to transmit the stored electronic confidential file without any problem. After that, if the data storage area 42 and the control information area 40 can be used, the electronic confidential file stored in the distribution file storage location can be decrypted and used quickly. become.

[Summary of system]
The following utility can be obtained by the electronic file management system of this embodiment.
(1) For example, a data file (F1, F2, F3, etc.) is created in-house, and once converted into a distribution file (electronic confidential files FL1, FL2, FL3, etc.), then stored in the data storage area 42 It will not be viewable until For this reason, even if a delivery file (electronic confidential files FL1, FL2, FL3, etc.) is exchanged via the network, the external storage medium (USB memory 10a, 10b in which the control information area 40 is defined) initialized by the management program Alternatively, the delivery file cannot be opened unless the other party has an initialized internal storage medium (such as an internal HDD in which the control information area 40 is defined).

(2) In any case, the control information area 40, which is a key for decryption, can define necessary settings only by the system management program. The conversion (encryption) from the data file to the distribution file and the decryption from the distribution file to the data file are all performed under the conditions (transmission data encryption key information 46, group information 48) defined in the initialization settings. Allowed only if the combination is satisfied. Therefore, the authentication of the authorized user is made more strict and the security of the data file can be improved while not requiring the input of a password or the like.

(3) A plurality of storage media can be grouped and registered. Therefore, a group can be set for each department within the same company, or an internal user or an external user can be set for each business project.

(4) Even if a distribution file is transferred from an external user to a third party, the distribution file is not decrypted unless it has a storage medium initialized by the system.

(5) On the other hand, even if an external user is provided with a storage medium initialized by the system, the external user can be entrusted with updating the data file. For this reason, business consignment to the outside which requires confidentiality can be realized safely.

  The following are some examples of application cases of the electronic file management system, which will contribute to industrial use.

[Applicable case 1]
FIG. 11 is a diagram showing an outline of application case 1 of the electronic file management system. This application case 1 assumes a usage example in which the data file F1 is safely transmitted from the company to, for example, the employee H2 who is out.

[Preparation for transmission]
For example, the user H1 in the company moves the data file F1 created in the USB memory 10a belonging to “Group A” to a local drive (delivery file storage location) of the guest PC 12 (or host PC). At this time, the data file F1 is encrypted by the control program 44 as described above and converted into a distribution file FL1 (electronic confidential file).

[Send]
The user H1 in the company transmits the distribution file FL1 from the guest PC 12 to the employee H2 through the network 60, for example. This transmission means is, for example, a general electronic mail. Since the encrypted distribution file FL1 passes through the network 60, the security against erroneous transmission and theft is ensured as described above.

[Receive]
The employee H2 who is going out receives an e-mail, for example, with the guest PC 14 for taking out. A distribution file FL1 is attached to the received electronic mail.

[Browse]
The employee H2 connects the USB memory 10a of “Group A”, which has been granted (lent) in advance, to the guest PC 14, and moves the distribution file FL1 to the data storage area 42. At this time, since the control program 44 automatically decrypts the distribution file FL1, the employee H2 can immediately browse the data file F1 without requiring the password (however, according to the policy information 54). You can also use a password.)

[Applicable case 2]
Next, FIG. 12 is a diagram showing an outline of application case 2 of the electronic file management system. In this application case 2, for example, it is assumed that the data file F1 received by the employee H2 who has gone out is edited (for example, data input), and then the updated data file F′1 is sent back to the user H1 in the company. Yes.

[Preparation for transmission]
The employee H2 who has gone out moves the data file F′1 edited and updated in the USB memory 10a belonging to “group A” to the local drive (delivery file storage location) of the guest PC. At this time, the updated data file F′1 is encrypted by the control program 44 as described above, and converted into a distribution file FL′1 (electronic confidential file).

[Send]
Then, the employee H2 transmits the distribution file FL′1 from the guest PC 14 to the in-house user H1 through the network 60. This transmission means may also be a general electronic mail, for example.

[Receive]
An in-house user H1 receives an email at the guest PC 12. The distribution file FL′1 sent back from the employee H2 is attached to the received e-mail.

[Browse]
The user H1 in the company moves the distribution file FL′1 to the data storage area 42 of the USB memory 10a, for example. Also at this time, the control program 44 automatically decrypts the distribution file FL′1, so that the user H1 can immediately view and print the updated data file F′1.

[Bidirectional transmission according to application cases 1 and 2]
In addition, although it demonstrated supposing the continuation of the application case 1 here, the application cases 1 and 2 may assume the following use. For example, when a company or a public office solicits bids from a plurality of companies for some ordering work, the orderer can safely transmit a related file such as a bid specification to the bidder in application case 1. It is assumed that the prospective bidder has previously lend the USB memory 10a from the orderer.

  Next, the bidder should create a distribution file after creating his own design documents and price materials in the data storage area 42, and securely transmit the distribution file to the orderer in Application Case 2. Can do.

[Applicable case 3]
FIG. 13 is a diagram showing an outline of application case 3 of the electronic file management system. In this application case 3, for example, it is assumed that the collaborator H2 who has received the data file F1 as an outsourcing destination further securely transmits (transfers) the data file F1 to another subcontractor as a subcontracting destination. .

  For example, the in-house user who appeared in the application case 1 is the orderer H1, and the data file F1 created by the orderer H1 is securely transmitted to the collaborator H2 of the outsourcer. In application case 3, the collaborator H2 can safely transmit the data file F1 to the subcontractor H4, which is another subcontractor. The orderer H1, the collaborator H2, and the subcontractor H4 all use the USB memory 10a belonging to the same “group A”.

  In the application case 3, the subcontractor H4 that has received the data file F1 can safely return an updated data file (not shown in particular) that has been edited or processed to the collaborator H2. it can. In this case, the partner partner H2 can safely transmit the received data file to the orderer H1.

  The present invention is not limited to the embodiments described above, and can be implemented with various modifications. For example, although a USB memory is used in one embodiment, a card-type memory, an external hard disk, a rewritable flexible disk, or the like may be used as an external storage medium.

10, 10a, 10b USB memory 12, 14, 16 Guest PC
18 External PC
40 Control information area 42 Data storage area 44 Control program 46 Transmission data encryption key information 48 Group information 50 Data storage encryption key information 52 Data storage area information 54 Policy information 100 Host PC

Claims (14)

A data storage area defining means for defining a data storage area for storing an electronic file to be used by a user for a storage medium accessible from a computer device, and for encrypting the data storage area;
Key information storage means for storing a data storage encryption key required for accessing the data storage area by a computer device, and a transmission data encryption key required for encrypting the electronic file, respectively;
When the electronic file stored in the data storage area is moved or copied to a non-encrypted normal storage area different from the data storage area as the computer device accesses the storage medium, An encryption means for converting the electronic file into an encrypted electronic confidential file using a transmission data encryption key;
When the electronic confidential file is moved or copied from the normal storage area to the data storage area by using the data storage encryption key when the computer device accesses the storage medium, the transmission data encryption key is An electronic file management system comprising: decrypting means for decrypting the electronic confidential file. The electronic file management system according to claim 1,
The data storage area defining means includes
Defining the data storage area for a portable external storage medium detachably connected to a computer device;
The key information storage means includes
By further defining a control information area different from the data storage area for the external storage medium, the data storage encryption key and the transmission data encryption key are stored in the control information area. Electronic file management system. The electronic file management system according to claim 1,
The data storage area defining means includes
Defining the data storage area for an internal storage medium built in the computer device;
The key information storage means includes
By defining a control information area different from the data storage area for a portable external storage medium detachably connected to a computer device, the data storage encryption key and the transmission are stored in the control information area. An electronic file management system for storing a data encryption key. The electronic file management system according to claim 1,
The data storage area defining means includes
Defining the data storage area for an internal storage medium built in the computer device;
The key information storage means includes
By further defining a control information area different from the data storage area for the internal storage medium, the data storage encryption key and the transmission data encryption key are stored in the control information area. Electronic file management system. Data storage areas for storing electronic files to be used by users are individually defined for a plurality of storage media accessible by at least the first and second computer devices, and the data storage areas are encrypted. Data storage area defining means to be
A data storage encryption key required for accessing the data storage area by the first and second computer devices, a transmission data encryption key required for encrypting the electronic file, and the plurality of storage media Key information storage means for storing group information set in common;
As the first computer device accesses any one of the plurality of storage media, the electronic file is encrypted separately from the data storage area in the first computer device. An encryption means for converting the electronic file into an encrypted electronic confidential file using the transmission data encryption key and the group information,
In a state where the electronic confidential file is stored in the normal storage area in the second computer device by transmission from the first computer device, the electronic confidential file is stored in a storage medium other than the one storage medium. When the electronic confidential file is moved or copied from the normal storage area to the data storage area with access by the second computer device, the common group information is stored in the key information storage means. An electronic file management system comprising, as a condition, decryption means for decrypting the electronic confidential file using the transmission data encryption key and the group information. The electronic file management system according to claim 5,
The encryption means includes
When the second computer device accesses the other storage medium, the electronic file is moved or copied to the normal storage area, and the transmission data encryption key and the group information are used. Convert the electronic file into an encrypted electronic confidential file,
The decoding means includes
In the state where the electronic confidential file is stored in the normal storage area in the first computer device by transmission from the second computer device, by the first computer device to the one storage medium With the access, even when the electronic confidential file is moved or copied from the normal storage area to the data storage area, on the condition that the group information common to the key information storage means is stored. An electronic file management system, wherein the electronic confidential file is decrypted using a transmission data encryption key and the group information. The electronic file management system according to claim 5,
The data storage area defining means includes
Individually defining the data storage areas for a plurality of portable external storage media detachably connected to the first or second computer device;
The key information storage means includes
By further defining a control information area different from the data storage area for each of the plurality of external storage media, the data storage encryption key, the transmission data encryption key, An electronic file management system for storing the group information. The electronic file management system according to claim 5,
The data storage area defining means includes
Defining the data storage area for an internal storage medium built in each of the first and second computer devices;
The key information storage means includes
By defining a control information area different from the data storage area for each of the plurality of external storage media, the data storage encryption key, the transmission data encryption key, and the An electronic file management system characterized by storing group information. The electronic file management system according to claim 5,
The data storage area defining means includes
Defining the data storage area for an internal storage medium built in each of the first and second computer devices;
The key information storage means includes
By further defining a control information area different from the data storage area for each of the internal storage media incorporated in the first and second computer devices, the data is stored in each control information area. An electronic file management system for storing an encryption key, the transmission data encryption key, and the group information. The electronic file management system according to any one of claims 1 to 9,
The encryption means includes
A plurality of the electronic files stored in the data storage area are collectively encrypted into one electronic confidential file,
The decoding means includes
When a plurality of the electronic files are collectively encrypted in one electronic confidential file, the electronic file management system generates the plurality of electronic files by decrypting the one electronic confidential file . To computer equipment that can access storage media,
Defining a data storage area for storing an electronic file to be used by a user on the storage medium, and encrypting the data storage area using a data storage encryption key prepared in advance;
A control information area different from the data storage area is defined for the storage medium, and the data storage encryption key and the transmission data encryption key necessary for encrypting the electronic file are encrypted in the control information area. Each of which is memorized,
In the process of moving or copying the electronic file to an unencrypted normal storage area different from the data storage area, the electronic file is converted into an encrypted electronic confidential file using the transmission data encryption key. Incorporating a function for the control information area;
In the process of moving or copying the electronic confidential file from the normal storage area to the data storage area, incorporating a function for decrypting the electronic confidential file into the control information area using the transmission data encryption key An electronic file management program that executes To computer equipment that can access storage media,
Data storage areas for storing electronic files to be used by the user are individually defined for a plurality of storage media, and the data storage areas are encrypted using a data storage encryption key prepared in advance. Steps,
A control information area different from the data storage area is defined for each of the plurality of storage media, and the data storage encryption key and the transmission necessary for encrypting the electronic file are stored in each control information area. Storing a data encryption key and group information set in common in the plurality of storage media, respectively;
Electronic confidential information obtained by encrypting the electronic file using the transmission data encryption key and the group information in the process of moving or copying the electronic file to an unencrypted normal storage area different from the data storage area Incorporating a function for converting into a file into the control information area;
In the process of moving or copying the electronic confidential file from the normal storage area to the data storage area, a function for decrypting the electronic confidential file using the transmission data encryption key and the group information is provided as the control information. An electronic file management program for executing the steps to be incorporated into the area. A data storage area for storing an electronic file to be used by a user is defined in advance, and access to a storage medium in which the data storage area is encrypted using a data storage encryption key prepared in advance is possible. Possible computer equipment,
When accessing the storage medium, referring to the data storage area using the data storage encryption key, while referring to an unencrypted normal storage area different from the data storage area;
In the process of moving or copying the electronic file from the data storage area to the normal storage area, converting the electronic file into an electronic confidential file encrypted using a transmission data encryption key prepared in advance;
An electronic file management program for executing the step of decrypting the electronic confidential file using the transmission data encryption key in the process of moving or copying the electronic confidential file from the normal storage area to the data storage area. The electronic file management program according to claim 13,
In the step of converting the electronic file into the electronic confidential file,
A plurality of the electronic files stored in the data storage area are collectively encrypted into one electronic confidential file,
In the step of decrypting the electronic confidential file,
An electronic file management program for generating a plurality of electronic files by decrypting the one electronic confidential file when a plurality of the electronic files are collectively encrypted in one electronic confidential file .