JP2012226544A - Information processing system and data backup method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To reproduce backup data even if one backup destination server encounters a disaster.SOLUTION: A data management system 10 includes a data acquisition part 13 which acquires data to be backed up from a client-side information processing system 20a, etc., a division management part 14 which performs control to divide the data to be backed up into a plurality of pieces of data on the basis of the predetermined number of divisions, and to back up respective division data double in at least two of a plurality of data backup servers, and a division data editing part 15 which combines the division data by the data backup servers at backup destinations, and transfers the combined division data to respective data backup servers 30A, etc., to back up the data.

Description

  The present invention relates to an information processing system and a data backup method for backing up data stored in a storage of an information processing system to a remote location, and in particular, a backup destination is a plurality of server devices and the data is divided into a plurality of In addition, the present invention relates to data processing that is related to an information processing system and a data backup method in which each divided data is backed up at least in two of the plurality of servers.

  Data backup is generally performed in case the contents of the disk storage of a computer system are lost due to unforeseen circumstances. Also, if the tapes that store the backed up data are stored near the computer to be backed up, the risk of being lost together in the event of a fire or earthquake increases, so it is stored remotely.

  For example, the following Patent Document 1 (Japanese Patent Laid-Open No. 2002-7304) discloses a backup method using a SAN (Storage Area Network), and the following Patent Document 2 (Japanese Patent Laid-Open No. 2000-82008). No.) discloses a backup method using shared data.

  However, the danger to computer systems and their data, such as large-scale earthquakes and simultaneous multiple virus damages, is increasing. For this reason, even if data backups are stored in remote locations, they cannot be said to be complete, and it is necessary to store copies of data in duplicate and triple, which increases the cost and performance of storage capacity. It is coming.

  Therefore, in order to increase the safety of data backup, the following Patent Document 3 (Japanese Patent Laid-Open No. 2003-316635) describes the storage service by intervening between the user side computer environment and the storage service side computer environment. Select a storage device that matches the user-side conditions from a plurality of storage devices that have computer means to support and have free space held by the storage service-side computer environment, and receive user data from the user-side computer environment A data backup technique is disclosed in which the user data is transmitted to a storage service computer environment to be stored in a selected storage device.

  In this data backup technology, a storage server server, a user server, and a storage service support server are connected via a network such as the Internet, and the storage service support server stores data held by a user server. The data is divided and stored in idle resources managed by a plurality of storage servers. The MSP server 101, the USR server 102, and the SSP server 103 are connected via a network such as the Internet.

Japanese Patent Laid-Open No. 2002-7304 Japanese Patent Laid-Open No. 2000-82008 JP 2003-316635 A

  FIG. 11 is a conceptual diagram for explaining the concept of the data backup technique disclosed in Patent Document 3. In this data backup technique, as shown in FIG. 11, the backup target disk 201 (data to be backed up) is divided into a plurality of records R1 to R8. The unit of each record illustrated by the symbol R is arbitrary such as a block unit, a character unit, or a bit unit. A block is data consisting of a plurality of characters. The data divided into a plurality of records is sequentially stored in the partitions of each disk according to the degree of distribution specified for each record.

  Here, it is assumed that the degree of dispersion is 5, and the data are sequentially stored in the five backup destination disks 211, 212, 213, 214, and 215. For example, the backup target disk 201 is divided into R1, R2, R3, R4, ECC, or parity and a plurality of records according to the disk capacity of the backup destination. ECC or parity is code information for restoring one of R1 to R4 when it is lost.

  Therefore, R1 is stored in the backup destination disk 211, R2 is stored in the backup destination disk 212, R3 is stored in the backup destination disk 213, R4 is stored in the backup destination disk 214, and ECC or parity is stored in the backup destination disk 215. The records divided in this way are stored in order on the backup destination disk. In addition to dividing data into a plurality of disks according to the degree of dispersion to improve access performance, data security at a certain level is guaranteed by combining parity check and ECC techniques.

  That is, according to the data backup technique disclosed in Patent Document 3, the data to be backed up is divided into arbitrary data amounts, and the divided data is each one of backup destinations (storage disk or server). It is intended to be backed up. However, in such a backup method, since one of the divided data is only backed up to any one of a plurality of backup destinations, a backup destination disk or server encountered a disaster and backed up. When the divided data is lost, it is difficult to restore the lost divided data, and it is difficult to restore the entire backed up data.

  In this data backup technology, no consideration is given to the security of data when communicating backed up data or divided backup data via a network such as the Internet, and the data leaks to a third party via the network. The problem of the possibility of doing so is also considered.

  The present invention has been made in view of the above-described problems. The backup destination is a plurality of server devices, the data is divided into a plurality of pieces, and the divided pieces of data are divided into at least two of the plurality of servers. It is a first object of the present invention to provide an information processing system and a data backup method capable of reproducing backup data even if a single backup destination server encounters a disaster by performing backups repeatedly. A second object of the present invention is to provide an information processing system and a data backup method that facilitate security (data protection) when divided backup data is leaked.

In order to solve the above-mentioned problem, the invention according to claim 1 of the present application is
An information processing system comprising a client side information processing system, a plurality of data backup servers, and a data management server,
The data management system includes a data acquisition unit that acquires backup data from the client-side information processing system, and divides the backup data into a plurality based on a predetermined number of divisions, and each of the divided divided data A division management unit that controls to be redundantly backed up by at least two of the plurality of data backup servers, and a divided data editing unit that combines the divided data for each backup data backup server, The combined divided data is transferred to each data backup server for backup.

  Also, the invention according to claim 2 of the present application is the invention according to claim 1, wherein the divided data editing unit includes a file name and a file size of the divided backup data in an extended area of the divided data. A dummy header including at least one of a compression method, a division ID, and a creation date, and a footer including a termination character string for the dummy header are added.

The invention according to claim 3 of the present application is
There is a data backup method in an information processing system comprising a client side information processing system, a plurality of data backup servers, and a data management server,
The data management system includes a data acquisition unit that acquires backup data from the client-side information processing system, and divides the backup data into a plurality based on a predetermined number of divisions, and each of the divided divided data A divided management unit that controls to be duplicated and backed up by at least two of the plurality of data backup servers, and a divided data editing unit that combines the divided data for each backup data backup server,
The data acquisition unit acquiring data to be backed up from the client-side information processing system;
The division management unit divides the data to be backed up into a plurality of divisions based on a predetermined number of divisions, and each of the divided pieces of divided data is backed up to at least two of the plurality of data backup servers. Step to control, and
The divided data editing unit combining the divided data for each backup data backup server;
Transferring the combined divided data to each data backup server.

  The invention according to claim 4 of the present application is the invention according to claim 3, wherein the step of editing processing by the divided data editing unit includes the step of editing the divided backup data in the divided area of the divided data. It includes processing for adding a dummy header including at least one or more of a file name, a file size, a compression method, a division ID, and a creation date, and a footer including a termination character string for the dummy header.

  In the first and third aspects of the invention, the backup destination is a plurality of server devices, the data is divided into a plurality of pieces, and each divided piece of data is backed up to at least two of the plurality of servers. Even if one backup destination server encounters a disaster, the backup data can be reproduced.

  In the inventions according to claims 2 and 4, in the inventions according to claims 1 and 3, dummy headers and footers are added to the divided backup data, so that when the divided backup data leaks Security can be increased.

1 is a system configuration diagram illustrating a configuration of an information processing system according to an embodiment of the present invention. It is a conceptual diagram for demonstrating the concept of the data backup in the information processing system concerning the Example of this invention. It is a schematic diagram which shows the data structure of the divided data concerning this invention. It is a block diagram which shows the structure of the data management server in the information processing system concerning the Example of this invention. It is a flowchart which shows the schematic procedure of the data backup process concerning this invention. It is a flowchart which shows the detailed process sequence of the flowchart of FIG. It is a flowchart which shows the detailed process sequence of the flowchart of FIG. It is a flowchart which shows the detailed process sequence of the flowchart of FIG. It is a flowchart which shows the detailed process sequence of the flowchart of FIG. 1 is a system configuration diagram of a personal authentication system to which a data backup process according to the present invention is applied. It is a conceptual diagram for demonstrating the concept of the conventional data backup technique.

  Hereinafter, specific examples of the present invention will be described in detail with reference to examples and drawings. However, the embodiments described below exemplify an information processing system and a data backup method for embodying the technical idea of the present invention, and specify the present invention as the information processing system and the data backup method. The present invention is equally applicable to the information processing system and the data backup method of other embodiments included in the scope of claims.

  FIG. 1 is a system configuration diagram showing a configuration of an information processing system according to an embodiment of the present invention. As shown in FIG. 1, an information processing system according to an embodiment of the present invention includes a plurality of client-side information processing systems 20a, 20b, and 20n, and backup information from these client-side information processing systems 20a, 20b, and 20n. The data management system 10 is configured to receive data, divide the received backup data, and divide and store the data in a plurality of data backup servers 30A to 30D (storage provided in each backup server). is there.

  Data communication between the information processing systems 20a, 20b, 20n on the client side and the data management system 10, and data communication between the data management system 10 and the plurality of data backup servers 30A to 30D are performed by a data communication network such as the Internet. However, in the information processing system according to the present embodiment, when the backup data is generated by dividing the backup data, each backup data (each divided data) is transferred to a third party through the network. Even if it is leaked, editing is performed so that data cannot be easily reproduced. The editing method will be described later in detail.

  In the information processing system according to the embodiment of the present invention, the data management system 10 overlaps each of the divided backup data with one of at least two backup servers among the plurality of backup servers 30A to 30D. The backup destination of each backup data is determined so that the backup is performed. The concept of data backup in the information processing system according to the embodiment of the present invention will be described below with reference to FIG.

  FIG. 2 is a conceptual diagram for explaining the concept of data backup in the information processing system according to the embodiment of the present invention. The data management server 10 acquires backup target data to be backed up from the information processing systems 20a to 20c on the client side. When the data management server acquires the backup data acquired from the information processing systems 20a to 20c on the client side, the backup data 101 is divided into a plurality of data A, B, C, and D as shown in FIG. To do. The unit of the record to be divided is arbitrary such as a block unit, a character unit, or a bit unit. A block is data consisting of a plurality of characters.

  The storage destinations of the divided data A, B, C, and D are determined so as to be stored in at least two data backup servers among the plurality of data backup servers 30A to 30D. In the example shown in FIG. 2, the divided data A is data backup servers 30A and 30C, the data B is data backup servers 30B and 30D, the data C is data backup servers 30A and 30B, and the data D is data backup server 30C. And the data 101-1 to 101-4 so as to be stored in 30D.

  The grouped data 101-1 to 101-4 are subjected to editing processing to be described later in order to enhance data security, and are then sent to and stored in each backup destination data backup server. As described above, since the divided data A, B, C, and D are stored in at least two data backup servers among the plurality of data backup servers 30A to 30D, one data backup server has a disaster. Even if the data is lost, the data management server 10 can acquire the same divided data stored in another data backup server and reproduce the data to be backed up.

  For example, in FIG. 2, when the data backup server 30C that backed up the data 101-3, that is, the divided data A and D, receives some disaster and the backed up divided data A and D are lost, the data management server 10 Since the divided data A can be obtained from the backup server 30A and the divided data D can be obtained from the data backup server C, the divided data 101 can be reproduced.

  Next, an editing process performed by the data management server 10 to increase data security for the divided data A to D when the divided data A to D are backed up to the data backup servers 30A to 30D will be described. In the following description, data transmission / reception between the client side information processing systems 20a to 20c and the like, the data management server 10, and the data management server 10 and the backup data backup servers 30A to 30D is performed by SQL (Structured Query). Language) is used for explanation.

  In general, data transmitted and received between SQL servers is compressed by a predetermined compression method, and a data format in which a header and a footer are added to the compressed data body is adopted. Information indicating the compression method added to the data body is recorded in the header, and checksum data corresponding to the compression method added to the data body (data when data is lost like parity check or ECC) is recorded in the footer. Information for restoration) is added.

  In the present invention, dummy headers and footers are further added to data using SQL (compressed data body, header, and footer). The dummy header includes data (for example, 8 bytes) in which the file size of the divided original data body is described in reverse, the correct file name at the time of restoration (for example, 128 bytes), and the compression method used for data compression (2 bytes) ), Divided data ID (for example, a division number expressed in 16 bytes, etc.), information on the creation date of divided data, and the like, and a free area in which each piece of information is recorded is filled with random data. The footer is a checksum of data including the dummy header, and is, for example, a 128-byte end character string.

  FIG. 3 is a schematic diagram showing the data structure of the divided data according to the present invention described above. As shown in FIG. 3, for example, the divided data A includes data A1 (data portion in a normal compressed data format using SQL) including a data body compressed by a predetermined compression method, a header, and a footer. The dummy header A2 and the dummy footer A3 described are included, and the divided data B to D are the same. The contents of the data in the dummy header A2 and the dummy footer A3 are as described above.

  The divided data A to D edited as shown in FIG. 3 are edited into the data as described above, and sent to the data backup servers 30A to 30D shown in FIG. 2 for backup. Even if the divided data A to D and the like leak to a third party when transmitted from the data management server 10 to the data backup servers 30A to 30D, dummy headers and footers (A2 and A3 in FIG. 3) are displayed. Since it is identified as the original header and footer, the compressed data body (the divided data A including the original header and footer cannot be restored, and the security of the data can be enhanced.

  FIG. 4 is a block diagram showing the configuration of the data management server 10 that backs up data as described above. As shown in FIG. 4, the data management server 10 includes a control unit 11, a backup management unit 12, a data acquisition unit 13, a division management unit 14, a divided data editing unit 15, a data transfer unit 16, a memory 17, and the like. Has been.

  Although not shown, the control unit 11 is a microprocessor having a RAM, a ROM, and a processor, and controls the operation of each unit by a control program stored in the ROM. The memory 17 is, for example, a hard disk, which stores data to be held by the data management server 10 and temporarily stores data processed by each unit of the data management server 10.

  The backup management unit 12 includes information on backup target data (backed up data) sent from the information processing system information processing systems 20a to 20c, such as the client side information processing systems 20a to 20c shown in FIG. Data amount, file name, etc.) Information indicating the interrelation between the data backup servers 30A to 30D that back up the backed up data is accumulated and managed. Management information is stored in a predetermined area of the memory 17.

  The data acquisition unit 13 acquires data to be backed up (backed up data) to be backed up from the information processing systems 20a to 20c on the client side. Data to be backed up is performed via a network such as the Internet, but may be configured to be acquired using a dedicated communication line.

  As described with reference to FIG. 2, the division management unit 14 divides backup target data (data to be backed up) acquired from the information processing systems 20 a to 20 c on the client side into a plurality of divided pieces. The data division is controlled so that the data is backed up redundantly to at least two of the plurality of servers. Management information indicating the interrelationship between the divided data and its backup destination data backup server is stored in a predetermined area of the memory 17. This management information is preferably made available to the backup management unit 12 as needed.

  The divided data editing unit 15 edits the backup data divided by the division management unit 14 by adding dummy headers and footers as described with reference to FIG. The edited divided data is temporarily stored in the memory 17 and transferred by the data transfer unit 16 to the backup data backup servers 30A to 30D. Data transfer is performed via a network such as the Internet, but may be configured to acquire using a dedicated communication line.

  Next, the data backup procedure according to the present invention described above will be described with reference to the flowcharts shown in FIGS. FIG. 5 is a flowchart showing an outline of the data backup processing according to the present invention, and FIGS. 6 to 11 are flowcharts showing detailed processing procedures of each processing procedure of FIG.

  In the data backup procedure according to the present invention shown in FIG. 5, the data management server 10 (backup management unit 12) creates a backup event as an event of the SQL server (step S101), and then the data acquisition unit 13 The latest data to be backed up (data to be backed up) to be backed up is acquired from the information processing systems 20a to 20c on the client side (step S102). Then, as described with reference to FIG. 2, the division management unit 14 divides the backup target data (backed up data) acquired from the information processing systems 20 a to 20 c on the client side into a plurality of divisions. In addition, the data is divided so that the individual data is backed up redundantly to at least two of the plurality of servers.

  Next, the divided data editing unit 15 edits the backup data divided by the division management unit 14 by adding dummy headers and footers as described with reference to FIG. 3 (step S1049). The edited divided data is temporarily stored in the memory 17 (step S105), and transferred to the backup destination data backup servers 30A to 30D by the data transfer unit 16. After the transfer, the information processing system on the client side The original backed up data acquired from 20a to 20c etc. is deleted (step S106).

  The flowchart shown in FIG. 6 shows the procedure of the backup data acquisition process in step S102 of FIG. The control unit 11 checks the backup folder, which is a predetermined area in the memory 17 used for data backup (step S201), accesses the backup folder from the backup target time, and confirms that the file has been created normally. Then, the data acquisition unit 13 acquires the latest backup data (data to be backed up (step S202). The latest backup file indicates that the file having an access error is monitored by monitoring the status of the backup file. After that, the acquired file is checked to be a backup file of the SQL server (step S203), and the check is prepared by the standard function of the SQL server. The latest battery that has been checked The backup data is moved to the backup folder (step S204), separated from the acquired backup data body (step S205), and at the end of the process, the event (backup) process of the SQL server is restarted (step S206).

  The flowchart shown in FIG. 7 shows the procedure of the backup data division processing in step S103 of FIG. The backup management unit 12 acquires the size of the data (data to be backed up) (step S301), and acquires a file of the data (data to be backed up) (step S301). Next, the backup management unit 12 determines that each file is 1024 Kbytes or more with the number of data backup servers (for example, four in FIG. 1) as the data backup destination and the number of divisions less than the number of data backup servers × 3. The divided file size is determined (step S303).

  Next, the division management unit 14 performs binary division on the data file based on the division number and the division file size determined as described above (step S304). When a divided file becomes 1024 Kbytes or less, it is defined as 1024 Kbytes, and at least two files having the same contents are created by duplication. Next, when each divided file is created, the division management unit 14 compresses the divided file with a compression method determined at random (step S305). At this time, the compression form is understood by the extension.

  Then, the divided data editing unit 15 performs the process of adding the above-described dummy header and footer to the divided file (step S306), and temporarily stores the processed divided file in a predetermined area of the memory 17 (step S306). S307). Detailed processing in step S306 will be described below with reference to the flowchart in FIG.

  FIG. 8 is a flowchart showing a detailed processing procedure of step S305 in FIG. In this process, as described above with reference to FIG. 3, dummy headers and footers are further added to data (compressed data body, header, and footer) using SQL. The dummy header includes data (for example, 8 bytes) in which the file size of the divided original data body is described in reverse, the correct file name at the time of restoration (for example, 128 bytes), and the compression method used for data compression (2 bytes) ), Divided data ID (for example, a division number expressed in 16 bytes, etc.), information on the creation date of divided data, and the like, and a free area in which each piece of information is recorded is filled with random data. The footer is a checksum of data including the dummy header, and is, for example, a 128-byte end character string.

  The divided data editing unit 15 first secures a work area of 640 bytes (step S401), and starts a process of creating a dummy header to be added to the divided data divided in the processing procedure of FIG. S402). When the creation of the dummy header is started, a dummy header is created in the procedure after step S403.

  The divided data editing unit 15 first assigns dummy header information from the position of 384 bytes in the dummy header (step S403), and describes the true file size of the divided file in 8 bytes from the reverse (step S404). The official name of the file is described with 128 bytes (step S405). Next, the data compression format is described in 2 bytes (step S406), the division number of the divided file is described in 2 bytes (step S407), the creation date is described in 16 bytes (step S408), Fill with random data (step S409).

  When a dummy header is created by the above processing, the divided data editing unit 15 creates a dummy footer in which a 128-byte termination character string is described for the created dummy header (step S410). ) Complete the editing process of one divided file.

  When the divided file editing process is completed, the divided data editing unit 15 prepares for data transfer to the data backup server 30A or the like according to the processing procedure shown in the flowchart of FIG. The divided data editing unit 15 first selects a data backup server, for example, the data backup server 30A with reference to the management information created by the division management unit 14 (step S501), and the divided data to be backed up to the data backup server 30A. For example, in FIG. 2, divided data A and C (divided data edited by adding dummy headers and footers by the process of FIG. 8) are prepared (step S502).

  Next, the prepared divided data A and C are combined (step S503), and dummy headers and footers for the combined divided data are created (S504). After creating the header and footer, the divided data editing unit 15 then transfers the combined divided data added with the dummy header and footer created in step S504 to the data backup server 30A via the data transfer unit 16 ( Step S505).

  If the above-mentioned split file combination and transfer processes are performed by looping as many as the number of split files, and further looping by the number of backup data backup servers, backup of the backed up data is completed.

  As described above in detail, according to the information processing system and the data backup back method according to the present invention, the upload destination is a plurality of server devices, the data is divided into a plurality of pieces, and the divided individual data is Since at least two of the plurality of servers are duplicated, backup data can be reproduced even if one backup destination server encounters a disaster. In addition, since the dummy backup and footer are added to the divided backup data, security when the divided backup data leaks can be improved.

  Such a backup method is preferably applied to a personal authentication system described below. FIG. 10 is a system configuration diagram showing a configuration of a personal authentication system to which the data field backup method described above is applied. The personal authentication system 40 is a personal authentication service in which organizations (organizations) 41 to 44 are clients (customers) and a plurality of (many) individuals belonging to the organizations and organizations 41 to 44 as members, members, and service subjects are users. System.

  Clients of this personal authentication system 40 include credit companies, banks, insurance companies, securities companies, post offices and other financial institutions, department stores, retail stores, etc., government offices, tax offices, police stations, electricity, gas, water, etc. Public institutions related to the living environment, communication facilities such as telephones, newspapers, magazines, TV and radio, educational institutions such as schools and training institutions, medical institutions such as hospitals and clinics, institutions related to employment, consignment, etc. All organizations and organizations in are eligible for service.

  The personal authentication system 40 uses each person such as person a and person b belonging to these groups and organizations as users, assigns a unique ID to each person, and issues an ID card. Here, an individual belongs to a group or organization. An individual who belongs to the company as an employee of the company, a person who is registered as a member to receive services for the group or organization, a residence and administrative service such as a government office. An individual who has the right to receive.

  Naturally, the person a and the person b may belong to a plurality of organizations and organizations. The personal authentication system 40 assigns a unique ID to the person a or person b and issues an ID card, and a plurality of IDs are not assigned to each organization or organization to which the person a or person b belongs. In the personal authentication system 40, an individual to whom an ID card is issued is referred to as a user. A user who has been issued an ID card registers and sets an arbitrary password for the ID in the personal authentication system 40. Here, the password may be a password, but is preferably a combination of numbers, English letters, various symbols, a predetermined number of digits, or biometric data. In the present invention, a password including a personal identification number and biometric data is referred to as a password.

  Accordingly, the personal authentication system 40 includes a user / client management database for managing IDs and passwords assigned to the client, the user, and the user. The personal authentication system 10 has functions such as ID card issuance, management, ID card authentication, authentication information provision, WEB authentication, and personal information browsing as described above. To provide.

  A client that has obtained a personal authentication result from the personal authentication system 40 extracts information related to the authenticated individual from personal information stored in the information processing system of the client and provides it to the individual (user). Service can be provided to users. In this case, the user reads ID information with an ID card reader installed in the client's facility, inputs a password, and transmits the information to the personal authentication system 10. The authentication result is provided to the information processing system of the client that has requested authentication from the personal authentication system 10.

  An authentication request and an authentication result between the personal authentication system 40 and the client are transmitted and received by communication using a network such as the Internet via a gateway. Therefore, the information processing system of the client can operate as a system independent of the system of the personal authentication system 10, and the personal information provided to the user can be limited to items corresponding to the actual situation of the client. For example, it is possible to operate so as to provide health check results and health guidance information without disclosing medical chart information in a hospital or clinic.

  Further, the user inputs ID card information (ID information, password) using a browser provided by the personal authentication system 40 and transmits it to the personal authentication system 10 to request personal authentication. It is possible to request browsing of personal information stored in the database. If the authentication result is correct, the personal authentication system 40 can acquire the personal information of the individual from the information processing system of the specified client for browsing, and can browse or print it out on the browser screen. This is abbreviated as WEB authentication.

  Also in this case, as described above, the transmission and reception of authentication information and browsing information between the personal authentication system 40 and the designated client are performed by communication using a network such as the Internet via a gateway. Therefore, the information processing system of the client can operate as a system independent of the system of the personal authentication system 10, and the personal information provided to the user can be limited to items according to the actual situation of the client.

  If this WEB authentication function is used, the user can collect and browse personal information held in various organizations and organizations to which the user belongs. For example, when regular medical examinations are received at a plurality of clinics, the results of the medical examinations received at each clinic can be acquired from each clinic and viewed together.

  If the personal authentication system relays personal information that can be browsed between clients, it is possible to collect and browse personal information held in other client systems at one client facility without using the WEB authentication function. become. Such a service can be realized if there is an agreement between each client, for example, between clinics that handle medical examinations. Of course, if an appropriate encryption technique is used for transmission / reception of ID information, a password, and personal information for browsing, security against leakage of personal information can be enhanced.

  According to such a personal authentication system 40, each user does not have an ID card or membership card for each organization and organization, and receives services of organizations and organizations belonging to a common ID card, or receives personal information. Be able to get. In addition, each client does not need to perform ID management or personal authentication independently, and the cost of the information processing system in the client can be suppressed, and the personal information is stored in the Kleinato information system as it is, It becomes possible to manage and use appropriately.

  By applying the data backup method according to the present invention to the organization, group or individual information acquired by the personal authentication system 40, the reliability and data security of the data backup can be improved. Can be increased.

10. Data management system (server)
20a to 20c ... Information processing system (client side)
30A-30D ··· Data backup server 11 ··· Control unit 12 ··· Backup management unit 13 ··· Data acquisition unit 14 ··· Division management unit 15 ··· Division data editing unit 16 ··· Data Transfer unit 17 ... memory

Claims (4)

An information processing system comprising a client side information processing system, a plurality of data backup servers, and a data management server,
The data management system includes a data acquisition unit that acquires backup data from the client-side information processing system, and divides the backup data into a plurality based on a predetermined number of divisions, and each of the divided divided data A division management unit that controls to be redundantly backed up by at least two of the plurality of data backup servers, and a divided data editing unit that combines the divided data for each backup data backup server, An information processing system for transferring the combined divided data to each data backup server for backup.   The divided data editing unit includes a dummy header including at least one or more of a file name, a file size, a compression method, a division ID, and a creation date of the divided backup data in the divided data extension area. The information processing system according to claim 1, wherein a footer including a termination character string for the dummy header is added. There is a data backup method in an information processing system comprising a client side information processing system, a plurality of data backup servers, and a data management server,
The data management system includes a data acquisition unit that acquires backup data from the client-side information processing system, and divides the backup data into a plurality based on a predetermined number of divisions, and each of the divided divided data A divided management unit that controls to be duplicated and backed up by at least two of the plurality of data backup servers, and a divided data editing unit that combines the divided data for each backup data backup server,
The data acquisition unit acquiring data to be backed up from the client-side information processing system;
The division management unit divides the data to be backed up into a plurality of divisions based on a predetermined number of divisions, and each of the divided pieces of divided data is backed up to at least two of the plurality of data backup servers. Step to control, and
The divided data editing unit combining the divided data for each backup data backup server;
Transferring the combined divided data to respective data backup servers. A data backup method comprising:   The step of editing processing by the divided data editing unit includes at least one or more of a file name, a file size, a compression method, a division ID, and a creation date of the divided backup data in the divided area of the divided data. 4. The data backup method according to claim 3, further comprising a process of adding a footer including a dummy header including and a terminal character string for the dummy header.

Images