JP2019053146A - Source program protection system and method - Google Patents

Abstract

To effectively protect a source program by making it hard to estimate contents of an encryption object part in the source program.SOLUTION: A source program protection system comprises: a first device that detects a description surrounded by a designation mark in a source program as a first character string to generate first association information having the first character string associated with a first replacement character string, replaces the first character string with the first replacement character string in the source program on the basis of the first association information to output the source program as a first partially encrypted source program, encrypts the first association information to output the encrypted first association information as a first confidential information file; and a second device that decrypts the first confidential information file to extract the first association information, replaces the first replacement character string with the first character string in the first partially encrypted source program on the basis of the first association information to generate a decrypted source program, excludes the designation mark from the decrypted source program to conduct prescribed processing, and outputs a result of the processing.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a source program protection system and method, and more particularly, to a source program protection system and method for partially encrypting and decrypting a source program.

  In the maintenance work of the compiler, when a problem (difference in calculation, incorrect operation, etc.) is reported from the user, the source module and the execution module (object program) created by the compiler are investigated to investigate the cause. There is a need.

  Here, in the investigation, the configuration of the source program and the execution module is complicated, and there is a possibility of being influenced by a plurality of conditions. Therefore, it is desirable that the person in charge of compiler maintenance obtains the user's source program and reproduces it in the investigation environment. However, if confidential information is included in a part of the user's source program, it cannot be obtained and may affect the investigation.

  In Patent Document 1, a provider of a source program for controlling a robot controller or the like encrypts a part of the know-how of the source program and compiles it appropriately from a partially encrypted source program at the provider Techniques for performing are disclosed. First, the provider makes a description specifying a part of the encryption target line of the source program. Then, the conversion program of the provider generates a partially encrypted source program in which the encryption target line of the specified source program is replaced with an encrypted program part that performs predetermined encryption. Thereafter, the provider receives provision of the partial encryption source program. Then, the providing compiler decrypts the encrypted program part of the partially encrypted source program, compiles it, and generates an object program.

JP 2005-202663 A

  However, Patent Document 1 has a problem in that the protection of secret information in the source program is insufficient. The reason is that in Patent Document 1, there is a correlation between the amount of the encryption target line and the encryption program part, and when the user of the provision destination browses the partial encryption source program, the description content before encryption is estimated. It is because there is a risk of being.

  The present invention has been made in order to solve such a problem, and it is difficult to estimate the contents of a portion to be encrypted in the source program, so that the source program can be effectively protected. It is an object to provide a system and method.

A source program protection system according to a first aspect of the present invention includes:
Accepts input of a source program containing a description in which an arbitrary character string is enclosed by a predetermined designation symbol,
A description enclosed by the specified symbols in the source program is detected as a first character string;
Generating first association information in which a first replacement character string is associated with the first character string;
Based on the first association information, the first character string is replaced with the first replacement character string in the source program and output as a first partially encrypted source program,
Encrypting the first association information and outputting it as a first secret information file;
A first device;
Receiving input of the first partial encryption source program and the first secret information file;
Decrypting the first secret information file to extract the first association information;
Based on the first association information, the first replacement character string is replaced with the first character string in the first partial encryption source program to generate a decryption source program,
Perform a predetermined process by excluding the designated symbol from the decoding source program, and output a result of the process;
A second device;
Is provided.

A source program protection method according to a second aspect of the present invention includes:
In the first device:
Accepts input of a source program containing a description in which an arbitrary character string is enclosed by a predetermined designation symbol,
A description enclosed by the specified symbols in the source program is detected as a first character string;
Generating first association information in which a first replacement character string is associated with the first character string;
Based on the first association information, the first character string is replaced with the first replacement character string in the source program and output as a first partially encrypted source program,
The first association information is encrypted and output as a first secret information file,
In the second device:
Receiving input of the first partial encryption source program and the first secret information file;
Decrypting the first secret information file to extract the first association information;
Based on the first association information, the first replacement character string is replaced with the first character string in the first partial encryption source program to generate a decryption source program,
The specified symbol is excluded from the decoding source program, a predetermined process is performed, and the result of the process is output.

  According to the present invention, it is possible to provide a source program protection system and method for effectively protecting a source program by making it difficult to estimate the contents of a portion to be encrypted in the source program.

It is a block diagram which shows the structure of the source program protection system concerning Embodiment 1 of this invention. It is a flowchart which shows the flow of the source program protection method (partial encryption process) concerning Embodiment 1 of this invention. It is a flowchart which shows the flow of the source program protection method (decoding process) concerning Embodiment 1 of this invention. It is a block diagram which shows the structure of the source program protection system concerning Embodiment 2 of this invention. It is a block diagram which shows the structure of the partial encryption process module concerning Embodiment 2 of this invention. It is a block diagram which shows the structure of the decoding process module concerning Embodiment 2 of this invention. It is a figure which shows the example of the secret information list concerning Embodiment 2 of this invention. It is a flowchart for demonstrating the flow of the partial encryption process concerning Embodiment 2 of this invention. It is a flowchart for demonstrating the flow of the decoding process concerning Embodiment 2 of this invention. It is a flowchart for demonstrating the flow of the compilation process concerning Embodiment 2 of this invention. It is a flowchart for demonstrating the flow of the partial encryption process of the program list concerning Embodiment 2 of this invention. It is a block diagram which shows the structure of the source program editing apparatus concerning Embodiment 3 of this invention. It is a flowchart for demonstrating the flow of the source program edit process concerning Embodiment 3 of this invention. It is a block diagram which shows the structure of the source program analysis apparatus concerning Embodiment 4 of this invention. It is a flowchart for demonstrating the flow of the source program analysis process concerning Embodiment 4 of this invention.

  Hereinafter, specific embodiments to which the present invention is applied will be described in detail with reference to the drawings. In the drawings, the same elements are denoted by the same reference numerals, and redundant description will be omitted as necessary for the sake of clarity.

<Embodiment 1>
FIG. 1 is a block diagram showing a configuration of a source program protection system 100 according to Embodiment 1 of the present invention. The source program protection system 100 includes a first device 10 and a second device 20. The first apparatus 10 performs a partial encryption process according to the first embodiment on the source program 31. The first apparatus 10 is an information processing apparatus such as a computer operated by a user who provides the source program 31. Here, the source program 31 is a computer program including a description in which an arbitrary character string is surrounded by a predetermined designation symbol. Note that an arbitrary character string is not limited to a set of sentences in a program, and includes a part of a program code. The arbitrary character string is a description including secret information that cannot be disclosed to the provider by the provider. That is, the arbitrary character string is information to be encrypted. The designation symbol is a reserved word in a programming language or a combination of specific characters, and is a character string that can be distinguished from a normal program code. Further, the user of the provider may develop the source program 31 using the first device 10. Then, the user of the providing source may additionally write an arbitrary character string in the source program 31 by using the first device 10 so as to be surrounded by a predetermined designation symbol.

  The first apparatus 10 receives an input from the source program 31. Then, the first device 10 detects the description enclosed by the designation symbol in the source program 31 as the first character string. Subsequently, the first device 10 generates first association information in which the first replacement character string is associated with the first character string. The first replacement character string is a character string different from at least the first character string. Further, the first replacement character string itself does not need to be encrypted. The first replacement character string may be a numeric string having a predetermined number of digits, for example. Then, the first device 10 replaces the first character string with the first replacement character string in the source program 31 based on the first association information to obtain the first partial encryption source program 32. Output. The first device 10 encrypts the first association information and outputs it as the first secret information file 33.

  The first device 10 includes a control unit (not shown), a storage unit (not shown), and the like as a hardware configuration. The storage unit of the first device 10 stores a computer program in which the partial encryption process described above is implemented. The control unit of the first device 10 implements partial encryption processing by reading out and executing a computer program from the storage unit.

  The second device 20 uses the first secret information file 33 to perform the decryption processing according to the first embodiment on the first partial encryption source program 32. The second apparatus 20 is an information processing apparatus such as a computer operated by a user to whom the source program 31 is provided. For example, the second device 20 reads the first partial encryption source program 32 provided from the first device 10 and performs predetermined processing such as compilation or analysis.

  The second device 20 receives input of the first partial encryption source program 32 and the first secret information file 33. Then, the second device 20 decrypts the first secret information file 33 and extracts the first association information. Thereafter, the second device 20 replaces the first replacement character string with the first character string in the first partial encryption source program 32 based on the first association information, and decrypts the source program. Is generated. Then, the second device 20 performs a predetermined process by excluding the designated symbol from the decoding source program, and outputs a result 34 of the process.

  The second device 20 includes a control unit (not shown), a storage unit (not shown), and the like as a hardware configuration. The storage unit of the second device 20 stores a computer program in which the above-described decoding process is implemented. The control unit of the second device 20 reads the computer program from the storage unit and executes it to realize the decoding process.

  FIG. 2 is a flowchart showing a flow of partial encryption processing in the source program protection method according to the first exemplary embodiment of the present invention. First, the first device 10 receives an input of the source program 31 (S111). Next, the first device 10 detects the description enclosed by the designation symbol in the source program 31 as a first character string (S112). Then, the first device 10 generates first association information in which the first replacement character string is associated with the first character string (S113).

  Thereafter, the first device 10 replaces the first character string with the first replacement character string in the source program 31 based on the first association information (S114). Then, the first device 10 outputs the replaced source program as the first partial encryption source program 32 (S115).

  In addition, after step 113, the first device 10 encrypts the first association information (S116). Then, the first device 10 outputs the encrypted information as the first secret information file 33 (S117).

  FIG. 3 is a flowchart showing a flow of decryption processing in the source program protection method according to the first exemplary embodiment of the present invention. First, the second apparatus 20 receives input of the first partial encryption source program 32 and the first secret information file 33 (S121). Next, the second device 20 decrypts the first secret information file 33 and extracts the first association information (S122). Then, the second device 20 replaces the first replacement character string with the first character string in the first partial encryption source program 32 based on the first association information, and decrypts the source program. Is generated (S123). Here, the decryption source program has the same contents as the source program 31. The second device 20 performs a predetermined process by excluding the designated symbol from the decoding source program (S124). And the 2nd apparatus 20 outputs the result 34 of the said process (S125).

  Thus, the first device 10 of the providing source replaces the first character string in the source program 31 with the first replacement character string that is different from the first character string, and the first character string before the replacement The first association information between one character string and the first replacement character string after replacement is encrypted. For this reason, the user of the providing destination cannot grasp the character string to be encrypted even if the description content of the first partial encryption source program 32 is viewed. Then, the second device 20 acquires the first partial encryption source program 32 and the first secret information file 33 and decrypts them for internal processing, but outputs the decryption source program itself. Not done. Therefore, it is difficult to estimate the description content of the encryption target portion by the user of the providing destination, and the source program can be effectively protected.

<Embodiment 2>
The second embodiment is an improved example of the first embodiment described above. In the second embodiment, the second device 20 of the first embodiment is applied to a compiler device. Here, when investigating a failure of a compiler product, a source program in which a phenomenon occurs may be required. However, if a source program containing confidential information is sent to the provider in plain text, there is a possibility that information will be leaked due to the following risks.

  First, if source program information that needs to be investigated together with important calculation methods, numbers, definitions, and the like is displayed in a mixed manner, the user of the providing destination can directly view and store it as it is. For this reason, even if the user is unwilling, the secret information in the source program that he / she sees may be remembered, leading to information leakage. In addition, since the security environment of the provider is outside the scope of control by the provider, absolute safety is not guaranteed.

  Therefore, in general, it is operated by a method in which secret information is removed from a source program including secret information or a method in which only a compiled execution module is sent. These methods can prevent information leakage. However, there is a possibility that the investigation of the cause may be hindered due to the influence on the investigation target due to the modification of the source program or the lack of information by sending only the execution module. For example, in some cases, it is efficient for the provider to investigate the failure by modifying the program such as writing debugging code in the provided source program, generating an execution module, and trying it. However, the provided source program cannot be compiled because it is incomplete program code from which confidential information is excluded. Further, when only a compiled execution module is sent, the providing destination cannot embed debugging code or the like. Therefore, the efficiency of failure investigation is reduced.

  Therefore, the second embodiment has the following features. That is, the first device further receives an input of the designation symbol, and outputs the first secret information file further including the designation symbol. Then, the second device uses, as the first replacement character string, a description enclosed by the designation symbol included in the received first secret information file in the first partial encryption source program. Based on the first association information, the detected first replacement character string is replaced with the first character string in the first partial encryption source program. Thus, since an arbitrary character string can be used as the designation symbol, it is possible to increase the degree of freedom in designating the encryption target portion.

  The second device has a predetermined secret key. Then, the first device acquires a first public key corresponding to the secret key from the second device, and encrypts the first association information using the first public key. . It is preferable that the second device decrypts the first secret information file using the secret key. Thus, since the secret information file can be decrypted only with the secret key in the compiler device (second device 20), the first partial encryption source program and the secret information file can be protected more safely.

  Further, when a plurality of descriptions surrounded by the specified symbols are detected in the source program, the first device compares the character strings at the plurality of locations, and the character strings match. It is desirable to replace with the common first replacement character string. Thereby, duplication registration to the secret information list can be suppressed, and the sizes of the secret information list and the secret information file can be reduced.

  The second apparatus compiles as the predetermined process and outputs an object program generated by the compile as a result of the process. That is, the second device can be applied to a compiler device.

  In this case, the second device generates a program list that is a source program for compilation from the decrypted source program by the preprocessing of the compilation, and describes the description enclosed by the designated symbol in the program list. Detecting the second character string, generating second association information in which the second replacement character string is associated with the second character string, and generating the program list based on the second association information The second character string is replaced with the second replacement character string and output as a second partial encryption source program, and the second association information is encrypted as a second secret information file. It is desirable to output. Thereby, the encryption object location in the browsing program list can be appropriately protected.

  Further, the second device may encrypt the second association information using a public key corresponding to the secret key used when decrypting the first secret information file. As a result, even if the second partial encryption source program is modified at the provider, the second device 20 uses the second secret information file and the second partial encryption source program. Can be decrypted, and the efficiency of fault investigation can be improved.

  FIG. 4 is a block diagram showing a configuration of the source program protection system 200 according to the second exemplary embodiment of the present invention. The source program protection system 200 includes a source program partial encryption device 40 and a compiler device 50. The source program partial encryption device 40 is an example of the first device 10 and includes a partial encryption processing module 41. The source program partial encryption device 40 receives the source program C1, the secret information designator C0, and the public key K1, performs partial encryption processing, and outputs the source program C4 and the secret information file C3. The source program C4 and the secret information file C3 are sent to the compiler device 50.

  Here, the secret information designation mark C0 is an example of a predetermined designation symbol. The secret information designation mark C0 is a set of a start symbol C0-1 and an end symbol C0-2. Here, the start symbol C0-1 is illustrated as “[:”, and the end symbol C0-2 is illustrated as “:]”. However, the start symbol C0-1 and the end symbol C0-2 are not limited to this.

  The source program C1 is an example of the source program 31, and a part of the program code described in the COBOL language is described as an example. However, the computer language of the source program C1 is not limited to this, and it goes without saying that the program code described is not limited to these. The source program C1 includes a description of secret information, and the secret information is described between the start symbol C0-1 and the end symbol C0-2. That is, the secret information is surrounded by the start symbol C0-1 and the end symbol C0-2. In the source program C1, secret information may be described at a plurality of locations. In this case, each secret information is surrounded by a start symbol C0-1 and an end symbol C0-2. Further, the secret information in the source program C1 may be different information or the same information.

  The public key K1 is a public key corresponding to a secret key H1 built in the compiler device 50 described later. The public key K1 is provided in advance from the compiler device 50 side to the source program partial encryption device 40 side.

  The source program C4 is an example of the first partial encryption source program 32, and the description of the secret information in the source program C1 is replaced with a predetermined numeric string (item number). The secret information file C3 is an example of the first secret information file 33, and is information encrypted with the public key K1. The secret information file C3 includes information in which secret information is associated with an item number, and a secret information designation mark C0.

  In FIG. 4, “01 A1 PIC 9 (3) USAGE IS DISPLAY.” In the source program C1 is an example of confidential information (first character string), and “000000000000001” in the source program C4 is an item number. It is an example of (first replacement character string), and “%? $ ^ W $ & $ o $% h% 2 & + & Q $” in the secret information file C3 is the first association information “000000000000001: 01 An example of information encrypted with the public key K1 for “A1 PIC 9 (3) USAGE IS DISPLAY.” Is shown.

  FIG. 5 is a block diagram showing a configuration of the partial encryption processing module 41 according to the second embodiment of the present invention. The partial encryption processing module 41 includes a secret information list creation unit 411 and a secret information file creation unit 412. The secret information list creation unit 411 receives the secret information designator C0 and the source program C1, generates the secret information list C2 and the source program C4, and outputs them.

  Specifically, the secret information list creation unit 411 detects the secret information text that is a description surrounded by the start symbol C0-1 and the end symbol C0-2 in the source program C1. Then, the secret information list creation unit 411 assigns a different item number to each secret information body and registers it in the secret information list C2. That is, the secret information list C2 is an example of association information in which the secret information text that is the first character string is associated with the item number that is the first replacement character string. Also, the secret information list creation unit 411 registers a secret information designation mark C0 that is a set of the start symbol C0-1 and the end symbol C0-2 in the secret information list C2.

  FIG. 7 is a diagram showing an example of the secret information list C2 according to the second embodiment of the present invention. Here, the start symbol C0-1 is registered in the first record of the secret information list C2, and the end symbol C0-2 is registered in the second record. However, the registration position of the secret information designation mark C0 and the registration method are not limited to this. The third and subsequent records in the secret information list C2 indicate that a plurality of item numbers C2-1 and a plurality of secret information texts C2-2 are registered in association with each other. The item number C2-1 is a 16-digit unique number assigned to each secret information body C2-2. However, the item number C2-1 is an example of a replacement character string, and the number of digits and the notation are not limited to this. The replacement character string is a description different from at least the secret information text C2-2, and may be information that can be uniquely identified in the secret information list C2. The secret information text C2-2 is a character string indicating secret information that cannot be disclosed to the provider by the user of the provider.

  Returning to FIG. The secret information list creation unit 411 refers to the secret information list C2 and replaces the secret information text detected in the source program C1 with an item number associated with the secret information text. Then, the secret information list creation unit 411 outputs the replaced source program C4. The secret information list C2 is stored in at least the internal memory of the source program partial encryption device 40, but is not output to the outside of the source program partial encryption device 40. On the other hand, the source program C4 is stored in an external storage device or the like.

  The secret information file creation unit 412 receives the public key K1 and the secret information list C2, encrypts the secret information list C2 using the public key K1, generates a secret information file C3, and outputs it. The secret information file C3 is stored in an external storage device or the like, similar to the source program C4.

  Returning to FIG. The compiler device 50 is an example of the second device 20 and includes a decryption processing module 51, a compilation processing module 52, and a partial encryption processing module 53. Further, the compiler device 50 holds the secret key H1 therein. However, the secret key H1 may be input from outside the compiler apparatus 50. The compiler device 50 receives the source program C4, the secret information file C3, and the public key K1, performs decryption processing, compilation processing, and partial encryption processing, and outputs an object program C5, a program list C7, and a secret information file C8.

  The public key K1 is a public key corresponding to the secret key H1 built in the compiler device 50 as described above.

  FIG. 6 is a block diagram showing a configuration of the decryption processing module 51 according to the second embodiment of the present invention. The decryption processing module 51 includes a decryption unit 511 and a secret information combining unit 512. The decryption unit 511 inputs the secret information file C3 and the secret key H1, and uses the secret key H1 to decrypt the secret information file C3 and extract the secret information list C2. The secret information list C2 is stored at least in the built-in memory of the compiler apparatus 50, but is not output to the outside of the compiler apparatus 50. As described above, since the public key K1 and the secret key H1 correspond to each other, the decryption processing module 51 can obtain the same information as the secret information list C2 generated by the partial encryption processing module 41. Become.

  The secret information combining unit 512 receives the source program C4 and the secret information list C2, and outputs the source program C1 and the secret information designator C0. Specifically, the secret information combining unit 512 extracts a secret information designation mark C0 (a combination of a start symbol C0-1 and an end symbol C0-2) from the secret information list C2, and starts the symbol C0− in the source program C4. An item number which is a description surrounded by 1 and the end symbol C0-2 is detected. Then, the secret information combining unit 512 refers to the secret information list C2, extracts the secret information text associated with the detected item number, and replaces the item number in the source program C4 with the extracted secret information text. To do. Then, the secret information combining unit 512 outputs the source program after replacement, that is, the source program C1 that is a decryption source program. At the same time, the secret information combining unit 512 outputs a secret information designation mark C0. It is assumed that the source program C1 and the secret information designator C0 are stored at least in the built-in memory of the compiler apparatus 50, but are not output to the outside of the compiler apparatus 50. In addition, the same information as the source program C1 and the secret information designator C0 that are the inputs of the source program partial encryption device 40 is obtained in the compiler device 50 as the decrypted source program and the secret information designator C0.

  Returning to FIG. The compile processing module 52 inputs the source program C1 and the secret information designation mark C0, and outputs an object program C5 and a program list C6. Specifically, the compile processing module 52 generates a program list C6 that is an actual source program to be compiled from the source program C1 as preprocessing for compilation. For example, the compile processing module 52 acquires a description of another source program referred to in the source program C1, replaces it with the corresponding description in the source program C1, generates a program list C6, and outputs it. The program list C6 is stored at least in the built-in memory of the compiler apparatus 50, but is not output to the outside of the compiler apparatus 50.

  The compile processing module 52 compiles the program list C6 and outputs an object program C5 generated by the compile. At this time, the compile processing module 52 compiles by excluding the secret information designation mark C0 in the program list C6. In other words, compilation is an example of the predetermined process of the first embodiment, and the object program C5 is an example of the result of the process of the first embodiment. The object program C5 is stored in an external storage device or the like.

  The partial encryption processing module 53 receives the program list C6, the secret information designator C0, and the public key K1, performs a partial encryption process on the program list C6, and outputs the program list C7 and the secret information file C8. Specifically, the partial encryption processing module 53 detects the description enclosed by the secret information designator C0 in the program list C6 as the second character string. Then, the partial encryption processing module 53 generates second association information in which the second replacement character string is associated with the second character string. Then, the partial encryption processing module 53 replaces the second character string with the second replacement character string in the program list C6 based on the second association information, and uses the second partial encryption source program. Output as a program list C7. Further, the partial encryption processing module 53 encrypts the second association information using the public key K1, and outputs it as the second secret information file C8. The program list C7 and the secret information file C8 are stored in an external storage device or the like.

  4 is an example of a description (second character string) in which “A1” in the program list C6 is replaced with “01 A1 PIC 9 (3) USAGE IS DISPLAY.” In the source program C1. “000000000000001” in the program list C7 is an example of the item number (second replacement character string), and “% 2 & + & $ o%” in the secret information file C8 is the second association information “000000000000001: An example of information encrypted with the public key K1 for A1 "is shown.

  FIG. 8 is a flowchart for explaining the flow of the partial encryption processing in the partial encryption processing module 41 according to the second embodiment of the present invention. First, the partial encryption processing module 41 receives input of the public key K1, the source program C1, and the secret information designator C0 (S211). Next, the secret information list creation unit 411 extracts secret information from the source program C1 (S212). Specifically, the secret information list creation unit 411 scans the source program C1 and searches for the start symbol C0-1. When the start symbol C0-1 is searched, the secret information list creation unit 411 continues to store the character string immediately after the start symbol C0-1 until the end symbol C0-2 is searched. When the end symbol C0-2 is searched, the secret information list creation unit 411 extracts the character string stored up to that point as secret information (first character string).

  Subsequently, the secret information list creation unit 411 assigns an item number to each secret information, and generates a secret information list C2 (S213). At this time, when a plurality of secret information is extracted, the secret information list creation unit 411 compares the secret information and assigns a common item number if they match. That is, the secret information list creation unit 411 does not register duplicate records in the secret information list C2.

  Then, the secret information list creation unit 411 refers to the secret information list C2, and replaces each secret information in the source program C1 with an item number associated with the secret information (S214). Then, the secret information list creation unit 411 outputs the replaced source program C4 (S215).

  Also, the secret information list creation unit 411 adds a secret information designation mark C0 to the secret information list C2 (S216). Then, the secret information file creation unit 412 encrypts the secret information list C2 with the public key K1, and generates a secret information file C3 (S217). Thereafter, the secret information file creation unit 412 outputs the secret information file C3 (S218).

  FIG. 9 is a flowchart for explaining the flow of the decoding process according to the second embodiment of the present invention. First, the decryption processing module 51 receives input of the source program C4 and the secret information file C3 (S221). Next, the decryption unit 511 decrypts the secret information file C3 with the secret key H1, and extracts the secret information list C2 (S222).

  Subsequently, the secret information combining unit 512 extracts the secret information designation mark C0 from the secret information list C2 (S223). Then, the secret information combining unit 512 generates the source program C1 by replacing the item number with the secret information based on the secret information list C2 (S223). Specifically, the secret information combining unit 512 specifies a description surrounded by a start symbol C0-1 and an end symbol C0-2 in the source program C4. At this time, the specified description is an item number. Therefore, the secret information combining unit 512 extracts the secret information text associated with the specified item number from the secret information list C2. Then, the secret information combining unit 512 replaces the item number specified in the source program C4 with the extracted secret information text. The replaced source program is the source program C1. The secret information combining unit 512 outputs the source program C1 (S224). Further, the secret information combining unit 512 outputs the secret information designation mark C0 (S226).

  FIG. 10 is a flowchart for explaining the flow of the compiling process according to the second embodiment of the present invention. First, the compile processing module 52 receives an input of the source program C1 and the secret information designator C0 (S231). Next, the compile processing module 52 performs preprocessing on the source program C1, and generates a program list C6 for compilation (S232).

  Then, the compile processing module 52 compiles by excluding the secret information designation mark C0 from the program list C6 (S233). Thereafter, the compilation processing module 52 outputs the object program C5 generated by the compilation (S234). The compile processing module 52 outputs the program list C6 within the compiler device 50 (S235).

  FIG. 11 is a flowchart for explaining the flow of the program list partial encryption processing according to the second embodiment of the present invention. First, the partial encryption processing module 53 receives the input of the public key K1, the program list C6, and the secret information designation mark C0 (S241). Next, the partial encryption processing module 53 extracts secret information from the program list C6 (S242). Specifically, the partial encryption processing module 53 specifies a description surrounded by a start symbol C0-1 and an end symbol C0-2 in the program list C6. At this time, the specified description becomes secret information.

  Subsequently, the partial encryption processing module 53 assigns an item number to each secret information, and generates a secret information list C2 (S243). Then, the partial encryption processing module 53 refers to the secret information list C2, and replaces each secret information in the program list C6 with an item number associated with the secret information (S244). Then, the partial encryption processing module 53 outputs the replaced program list C7 (S245).

  Further, the partial encryption processing module 53 adds the secret information designation mark C0 to the secret information list C2 (S246). Then, the partial encryption processing module 53 encrypts the secret information list C2 with the public key K1, and generates a secret information file C8 (S247). Thereafter, the partial encryption processing module 53 outputs the secret information file C8 (S248).

  From the above, the providing user cannot directly refer to the description contents of the original source program, and can prevent leakage of secret information. In addition, the risk of information leakage can be reduced, and at the same time, necessary source logic can be referred to in a plain text program, so that an efficient and safe source program can be sent to the provider.

  Moreover, the following can be said about this embodiment. In other words, by encrypting only the designated range for a source program in which an important description range is designated in advance, it is possible to send the source program to a provider for conducting an investigation. Since the compiler apparatus 50 decodes the item number in the source program C4 into the original secret information and compiles it, the object program C5 can be normally generated. Therefore, the provider can compile and execute debugging after editing such as embedding a debugging code in the source program C4.

  Further, the decryption to the secret information is completed inside the compiler apparatus 50, and the source program C1 after the decryption is not output to the outside, so that the providing destination cannot directly refer to the secret information.

  Furthermore, since the secret information file C3 encrypted with the public key K1 can be decrypted only by the compiler apparatus 50 in which the secret key H1 is incorporated, the security of the encrypted secret information is guaranteed.

  In addition, since any secret information designation mark C0 can be used, the location of the secret information can be easily designated in the plaintext source program. And since an arbitrary location can be designated, the degree of freedom for designating a concealed location is high.

<Embodiment 3>
The third embodiment is an improved example of the first or second embodiment described above. In the third embodiment, the first apparatus 10 of the first embodiment or the source program partial encryption apparatus 40 of the second embodiment is applied to a source program editing apparatus. For example, the description enclosed by the secret information designator C0 in the source program C4 cannot be edited by the provider. In such a case, it is desirable that the provider can edit the description of the confidential information. Then, after editing, it is necessary to perform partial encryption processing again.

  That is, the first device displays the source program, updates and redisplays the source program in response to an edit request, and is surrounded by the designated symbols in the updated source program in response to a save request. The third description is detected as a third character string, and third correspondence information in which the third replacement character string is associated with the third character string is generated. Based on the third correspondence information , Replacing the third character string with the third replacement character string in the updated source program and outputting it as a third partially encrypted source program, and encrypting the third association information This is output as a third secret information file.

  FIG. 12 is a block diagram showing the configuration of the source program editing apparatus 60 according to the third embodiment of the present invention. Note that the source program protection system 300 according to the third embodiment includes the second device 20 or the compiler device 50 as a configuration (not shown) in addition to the source program editing device 60.

  The source program editing device 60 can perform partial encryption processing and output the source program C4 and the secret information file C3 when the secret information designator C0 is added to the normal source program. . In addition, the source program editing device 60 performs a partial encryption process on the source program C1 in which the secret information designator C0 has been described in the same manner as in the first or second embodiment, and the source program C4 and the secret information file C3. Is output. Further, the source program editing device 60 inputs the partially encrypted source program C4 and the secret information file C3, performs a decryption process, performs a predetermined editing, and then performs the editing on the edited source program. The partial encryption process is performed, and the source program C4 and the secret information file C3 are output.

  The source program editing device 60 includes an input receiving unit 61, a display processing unit 62, an editing processing unit 63, a partial encryption processing module 64, and a decryption processing module 65. The input receiving unit 61 receives input of the source program C1, public key K1, secret information designation C0, secret key H1, secret information file C3, and source program C4. It is assumed that the secret key H1 has been acquired in advance from the compiler device 50 side. Similar to the decryption processing module 51, the decryption processing module 65 performs the decryption processing based on the secret key H1 and the secret information file C3 when the partially encrypted source program C4 is input. The display processing unit 62 displays the input source program on the screen. However, the display processing unit 62 displays the content after the decryption processing by the decryption processing module 65 for the source program C4 that has been subjected to the partial encryption processing. The editing processing unit 63 performs editing processing of the source program to be displayed in accordance with an editing operation from the user. Similar to the partial encryption processing module 41, the partial encryption processing module 64 performs partial encryption processing on the source program to be displayed (edited) in response to a storage request from the user, and the source program C4 and The secret information file C3 is output.

  FIG. 13 is a flowchart for explaining the flow of the source program editing process according to the third embodiment of the present invention. First, the input receiving unit 61 appropriately receives input of an arbitrary combination among the source program C1, the public key K1, the secret information designation C0, the secret key H1, the secret information file C3, and the source program C4 (S301). Next, the decryption processing module 65 determines whether or not the input source program has been partially encrypted (S302). For example, when the source program C4 is input, the decryption processing module 65 performs a decryption process on the source program C4 (S303). As an example, the decryption processing module 65 may execute steps S222, S223, and S224 of FIG.

  Then, the display processing unit 62 displays the source program on the screen (S304). At this time, the source program originally having no description of the secret information designation mark C0 or the source program having the description of the secret information designation mark C0 but having been decrypted is displayed on the screen. Therefore, the user can visually recognize the secret information. Therefore, the user can freely edit the source program.

  Thereafter, the edit processing unit 63 determines whether an edit request has been received from the user (S305). When the edit request is received, the edit processing unit 63 updates the source program to be displayed in response to the edit request (S306). Thereafter, the display processing unit 62 displays the updated source program on the screen (S304).

  In addition, when the edit processing unit 63 receives a save request (NO in S <b> 307) instead of an edit request from the user (NO in S <b> 305), the edit processing unit 63 notifies the partial encryption processing module 64 to that effect. Then, the partial encryption processing module 64 performs partial encryption processing on the source program to be displayed in response to the notification (S308). That is, when the partial encryption processing module 64 has been updated for the source program C4, the partial encryption processing module 64 performs partial encryption processing for the updated source program. As an example, the partial encryption processing module 64 may execute steps S212, S213, S214, S216, and S217 of FIG. Thereafter, the partial encryption processing module 64 outputs the updated source program C4 and secret information file C3 (S309).

  As described above, according to the third embodiment, it is possible to realize a mechanism in which secret information in a source program can be edited only by a specific editor possessed only by a provider. Therefore, even if it is necessary to edit the secret information in the source program, the source program can be safely updated on the provider side, and the partially encrypted source program can be provided again to the provider.

<Embodiment 4>
The fourth embodiment is an improved example of the first to third embodiments described above. In the fourth embodiment, the second device 20 of the first embodiment is applied to a source program analysis device. For example, a source program to be investigated may be analyzed in a survey at a provider. Here, in order to analyze the source program C4 that has been subjected to the partial encryption process, the decryption process is performed in the analysis apparatus, and the analysis process is performed on the decrypted source program. However, if the decrypted secret information is displayed in the analysis result, the secret information cannot be concealed. Therefore, in the fourth embodiment, partial encryption processing is also performed on the analysis result.

  That is, the second device performs a predetermined analysis on the decryption source program as the predetermined processing, and detects a description enclosed by the specified symbol in the analysis result as a fourth character string. Then, fourth association information in which a fourth replacement character string is associated with the fourth character string is generated, and the fourth association information is generated in the analysis result based on the fourth association information. A partial encryption analysis result obtained by replacing the character string with the fourth replacement character string is output as a result of the processing.

  FIG. 14 is a block diagram showing a configuration of a source program analyzing apparatus 70 according to the fourth embodiment of the present invention. The source program protection system 400 according to the fourth embodiment includes, in addition to the source program analysis device 70, the first device 10, the source program partial encryption device 40, or the source program editing device 60 as a configuration not shown. It is to be prepared.

  The source program analysis device 70 includes a decryption processing module 71 and an analysis processing unit 72. The decryption processing module 71 receives the secret key H 1, the secret information file C 3, and the source program C 4, and performs decryption processing in the same manner as the decryption processing module 51. The analysis processing unit 72 performs an analysis process on the decrypted source program, performs a partial encryption process on the analysis result, and outputs a partial encryption analysis result C9.

  FIG. 15 is a flowchart for explaining the flow of the source program analysis process according to the fourth embodiment of the present invention. First, the decryption processing module 71 receives input of the secret key H1, the secret information file C3, and the source program C4 (S401). Next, the decryption processing module 71 performs decryption processing on the source program C4 (S402). As an example, the decryption processing module 71 may execute steps S222, S223, and S224 of FIG.

  Subsequently, the analysis processing unit 72 performs an analysis process on the decrypted source program C1 (S403). The analysis process may use a known technique. And the analysis process part 72 produces | generates the analysis result which is a result of an analysis process inside. Here, secret information may be included in the analysis result, but it is not output outside the source program analysis device 70.

  Thereafter, the analysis processing unit 72 performs partial encryption processing on the analysis result (S404). As an example, the analysis processing unit 72 may execute steps S212, S213, S214, S216, and S217 of FIG. Thereafter, the analysis processing unit 72 outputs a partial encryption analysis result C9 that is a processing result of the partial encryption processing (S405). Here, the partial encryption analysis result C9 may include a description enclosed by the secret information designation mark C0. However, there is a replacement character string between the start symbol C0-1 and the end symbol C0-2. It will be described.

  From the above, in the fourth embodiment, the secret information subjected to the partial encryption process is decrypted only in the source program analysis device 70, and the decrypted source program C1 and the analysis result including the secret information are obtained. It is not output to the outside. Therefore, the providing destination user does not visually check the secret information, and information leakage of the secret information in the source program can be prevented.

  Furthermore, when the partial encryption analysis result C9 is sent to the provider, the provider may input the partial encryption analysis result C9 to the source program editing device 60 of the third embodiment. Thereby, the analysis result after the decryption process can be displayed on the screen, and the providing user can safely browse the analysis result including the secret information.

<Other embodiments>
Note that the present invention is not limited to the above-described embodiment, and can be changed as appropriate without departing from the spirit of the present invention.

  In the above-described embodiments, the present invention has been described as a hardware configuration, but the present invention is not limited to this. The present invention can also realize arbitrary processing by causing a CPU (Central Processing Unit) to execute a computer program.

  In the above example, the program can be stored and supplied to a computer using various types of non-transitory computer readable media. Non-transitory computer readable media include various types of tangible storage media. Examples of non-transitory computer-readable media include magnetic recording media (for example, flexible disks, magnetic tapes, hard disk drives), magneto-optical recording media (for example, magneto-optical disks), CD-ROMs (Read Only Memory), CD-Rs, CD-R / W, DVD (Digital Versatile Disc), BD (Blu-ray (registered trademark) Disc), semiconductor memory (for example, mask ROM, PROM (Programmable ROM), EPROM (Erasable PROM), flash ROM, RAM ( Random Access Memory)). The program may also be supplied to the computer by various types of transitory computer readable media. Examples of transitory computer readable media include electrical signals, optical signals, and electromagnetic waves. The temporary computer-readable medium can supply the program to the computer via a wired communication path such as an electric wire and an optical fiber, or a wireless communication path.

DESCRIPTION OF SYMBOLS 100 Source program protection system 10 1st apparatus 20 2nd apparatus 31 Source program 32 1st partial encryption source program 33 1st secret information file 34 Processing result 200 Source program protection system 40 Source program partial encryption apparatus 41 Partial Encryption Processing Module 411 Secret Information List Creation Unit 412 Secret Information File Creation Unit 50 Compiler Device 51 Decryption Processing Module 511 Decryption Unit 512 Secret Information Combined Unit 52 Compile Processing Module 53 Partial Encryption Processing Module C0 Secret Information Designation C0− 1 Start symbol C0-2 End symbol C1 Source program C2 Secret information list C2-1 Item number C2-2 Secret information body C3 Secret information file C4 Source program C5 Object program C Program list C7 Program list C8 Secret information file C9 Partial encryption analysis result K1 Public key H1 Private key 300 Source program protection system 60 Source program editing device 61 Input reception unit 62 Display processing unit 63 Editing processing unit 64 Partial encryption processing module 65 Decryption processing module 400 Source program protection system 70 Source program analysis device 71 Decryption processing module 72 Analysis processing unit

Claims (10)

Accepts input of a source program containing a description in which an arbitrary character string is enclosed by a predetermined designation symbol,
A description enclosed by the specified symbols in the source program is detected as a first character string;
Generating first association information in which a first replacement character string is associated with the first character string;
Based on the first association information, the first character string is replaced with the first replacement character string in the source program and output as a first partially encrypted source program,
Encrypting the first association information and outputting it as a first secret information file;
A first device;
Receiving input of the first partial encryption source program and the first secret information file;
Decrypting the first secret information file to extract the first association information;
Based on the first association information, the first replacement character string is replaced with the first character string in the first partial encryption source program to generate a decryption source program,
Perform a predetermined process by excluding the designated symbol from the decoding source program, and output a result of the process;
A second device;
A source program protection system comprising: The first device includes:
Further accepting input of the specified symbol,
Including the designated symbol in the first secret information file, and outputting,
The second device includes:
In the first partial encryption source program, a description surrounded by the designation symbol included in the received first secret information file is detected as the first replacement character string,
The source program protection according to claim 1, wherein the first replacement character string detected in the first partial encryption source program is replaced with the first character string based on the first association information. system. The second device has a predetermined secret key;
The first device includes:
Obtaining a public key corresponding to the secret key from the second device;
Encrypting the first association information using the public key;
The second device includes:
The source program protection system according to claim 1 or 2, wherein the first secret information file is decrypted using the secret key. The first device includes:
When a plurality of descriptions enclosed by the specified symbols are detected in the source program, the character strings at the plurality of places are compared with each other, and when the character strings match, the common first replacement character string The source program protection system according to any one of claims 1 to 3. The second device includes:
Compile as the predetermined processing, and output the object program generated by the compilation as a result of the processing,
The source program protection system according to any one of claims 1 to 4. The second device includes:
A program list which is a source program for compilation is generated from the decrypted source program by the preprocessing of the compilation,
A description enclosed by the specified symbol in the program list is detected as a second character string;
Generating second association information in which a second replacement character string is associated with the second character string;
Based on the second association information, replace the second character string with the second replacement character string in the program list and output as a second partial encryption source program,
Encrypting the second association information and outputting it as a second secret information file;
The source program protection system according to claim 5. The second device includes:
The source program protection system according to claim 6, wherein the second association information is encrypted using a public key corresponding to a secret key used when decrypting the first secret information file. The first device includes:
Displaying the source program;
Update and redisplay the source program in response to the edit request,
In response to the save request, the description enclosed by the specified symbol in the updated source program is detected as a third character string,
Generating third association information in which a third replacement character string is associated with the third character string;
Based on the third association information, the third character string is replaced with the third replacement character string in the updated source program and output as a third partially encrypted source program,
Encrypting the third association information and outputting it as a third secret information file;
The source program protection system according to any one of claims 1 to 4. The second device includes:
Performing a predetermined analysis on the decoding source program as the predetermined processing;
A description surrounded by the specified symbol in the result of the analysis is detected as a fourth character string;
Generating fourth association information in which a fourth replacement character string is associated with the fourth character string;
The partial encryption analysis result obtained by replacing the fourth character string with the fourth replacement character string in the analysis result based on the fourth association information is output as a result of the processing. 5. The source program protection system according to any one of items 1 to 4. In the first device:
Accepts input of a source program containing a description in which an arbitrary character string is enclosed by a predetermined designation symbol,
A description enclosed by the specified symbols in the source program is detected as a first character string;
Generating first association information in which a first replacement character string is associated with the first character string;
Based on the first association information, the first character string is replaced with the first replacement character string in the source program and output as a first partially encrypted source program,
The first association information is encrypted and output as a first secret information file,
In the second device:
Receiving input of the first partial encryption source program and the first secret information file;
Decrypting the first secret information file to extract the first association information;
Based on the first association information, the first replacement character string is replaced with the first character string in the first partial encryption source program to generate a decryption source program,
Perform a predetermined process by excluding the designated symbol from the decoding source program, and output a result of the process;
Source program protection method.

Images