JP2020201605A - Network system, distribution server, distribution method, distribution program, cache server, cache method and cache program - Google Patents

Abstract

To provide technique of holding information in an encrypted state in a cache server and appropriately decrypting the information to a terminal that requests the information.SOLUTION: A distribution server comprises: a distribution control unit for transmitting, when a request to transmit a data file is received from a terminal, identification information associated with the requested data file to the terminal; and a key management unit for transmitting a key for decrypting an encrypted data file to the terminal. The cache server comprises a cache management unit for, when receiving the request to transmit the data file containing the identification information from the terminal, transmitting the data file to the terminal if the data file is cached in a storage device in association with the requested identification information, and receiving the encrypted data file from the distribution server to store it in the storage device if the data file is not cached in the storage device in association with the requested identification information.SELECTED DRAWING: Figure 1

Description

The present invention relates to a network system, a distribution server, a distribution method, a distribution program, a cache server, a cache method, and a cache program.

Conventionally, various techniques have been proposed for intermediately caching files transmitted between computers connected to a network. However, when encrypted communication is performed between the distribution source server and the distribution destination terminal, the cache server cannot read the distributed information, and it is generally difficult to cache. Further, a technique for caching the contents of encrypted communication has also been proposed (for example, Non-Patent Documents 1 and 2).

Jeremie Leguay, Georgios S. Paschos, Elizabeth A. Quaglia, Ben Smyth, “CryptoCache: Network Caching with Confidentiality” IEEE ICC, May 21-25, 2017, DOI: 10.1109 / ICC. 2017.7996866 Shujie Cui, Muhammad Rizwan Asghar, and Giovanni Russello, “Multi-CDN: Towards Privacy in Content Delivery Networks” IEEE TDSC, May 4, 2018, DOI: 10.1109 / TDSC. 2018.2833110

However, it has been difficult to keep the contents of the information held by the cache server and requested from the terminal secret from the cache server and to appropriately use the information for the terminal requesting the information. Therefore, an object of the present invention is to provide a technique for appropriately decrypting a terminal that is held by a cache server in an encrypted state and requests information.

The network system includes a distribution server that distributes the data file, a cache server that caches the data file, and a terminal that receives the data file. When the distribution server receives a data file transmission request from the terminal, the distribution control unit transmits the identification information associated with the requested data file to the terminal, and the distribution server decrypts the encrypted data file. It is equipped with a key management unit that sends the key of the above to the terminal. In addition, when the cache server receives a request for transmission of a data file containing identification information from the terminal and caches the data file in the storage device in association with the requested identification information, the cache server sends the data file to the terminal. When the data file is transmitted and associated with the requested identification information and the data file is not cached in the storage device, the cache management unit is provided to receive the encrypted data file from the distribution server and store the encrypted data file in the storage device.

Since the distribution server, cache server, and terminal identify the data file using the identification information, the data file itself can be cached on the network system even in the encrypted state, and the load on the distribution server can be reduced. .. In addition, information for identifying the original data file, such as a URI (Uniform Resource Identifier), can be kept secret from the cache server.

Further, the identification information may be a data file associated with the identification information or a value obtained from an address on the network of the data file using a predetermined one-way function. In this way, the distribution server can easily generate the identification information, and the cache server does not need to store the identification information in a large table.

Further, the distribution server and the terminal may establish a session for performing encrypted communication in the processing performed by the distribution control unit, and restart the session in the processing performed by the key management unit. In this way, information for decrypting the data file can be transmitted to the terminal at an appropriate timing.

Further, the distribution server according to another aspect of the present invention communicates with a cache server that distributes a data file and caches the data file, and a terminal that receives the data file. Then, when the distribution server receives the data file transmission request from the terminal, the distribution server transmits the identification information associated with the requested data file to the terminal, and caches the transmission request of the data file including the identification information. When received from the server, it includes a distribution control unit that transmits the encrypted data file to the cache server, and a key management unit that transmits the key for decrypting the encrypted data file to the terminal.

In this way, since the data file is specified using the identification information, even if the data file itself is encrypted, it can be cached on the network system to reduce the load on the distribution server.

In addition, the cache server communicates with the distribution server that distributes the data file and the terminal that receives the data file, and caches the data file. Then, when a request for transmission of a data file including the identification information of the requested data file is received from the terminal, and when the data file encrypted in association with the requested identification information is cached in the storage device, When the encrypted data file is sent to the terminal and the encrypted data file associated with the requested identification information is not cached in the storage device, the encrypted data file is sent from the distribution server. Receive and store in storage.

In this way, since the data file is specified using the identification information, the data file itself can be cached on the network system even in the encrypted state, and the load on the distribution server can be reduced.

The contents described in the means for solving the problems can be combined as much as possible without departing from the problems and technical ideas of the present invention. Further, the content of the means for solving the problem can be provided as a device such as a computer or a system including a plurality of devices, a method executed by the computer, or a program executed by the computer. A recording medium for holding the program may be provided.

According to the present invention, it is possible to provide a technique for appropriately decrypting a terminal that is held by a cache server in an encrypted state and requests information.

FIG. 1 is a diagram showing an example of a configuration of a network system according to an embodiment. FIG. 2 is a block diagram showing an example of the configuration of the distribution server, the cache server, and the terminal. FIG. 3 is a processing flow diagram showing an example of distribution processing. FIG. 4 is a diagram showing an example of a table stored in the storage device by the distribution server. FIG. 5 is a diagram showing an example of a table stored in the storage device by the cache server. FIG. 6 is a processing flow diagram showing an example of distribution processing. FIG. 7 is a processing flow diagram showing an example of distribution processing. FIG. 8 is a diagram showing an example of the configuration and processing of the network system according to the modified example.

Hereinafter, embodiments for carrying out the present invention will be described with reference to the drawings.

<System configuration>
FIG. 1 is a diagram showing an example of a configuration of a network system according to an embodiment. The network system 1 of FIG. 1 includes a distribution server 2 that distributes a data file such as a moving image content, a cache server 3 that caches the data file and transmits the cached data file in response to a request, and a user operation. Includes terminals 4 (4A-4C) that request data files accordingly. The distribution server 2, the cache server 3, and the terminal 4 are so-called computers, which are connected to other computers in a communicable manner and transmit and receive data files. In the present embodiment, encrypted communication is performed between the distribution server 2, the cache server 3, and the terminal 4 according to the SSL / TLS protocol and the like. The key used to encrypt the communication path can be generated using existing technology. For example, a common key for encrypting the data body is used independently for each session and is different each time. Further, apart from the encryption of the communication path, the data file itself is also encrypted, and the encrypted data file is held in the cache server 3. The Content in FIG. 1 represents a plaintext data file. Further, k is a common key used for encryption and decryption of content data. That is, a key independent of the communication path encryption is used for content data encryption. It is assumed that a different common key k is used for each content. Enc _k (Conte
nt) is a data file encrypted using the common key k. Further, Deck (Enck (Conent)) is a data file decrypted by using the common key k. The number of distribution servers 2, cache servers 3, and terminals 4 included in the network system 1 is not limited to that shown in FIG. 1, and may include, for example, a plurality of distribution servers 2 and cache servers 3. Good.

<Device configuration>
FIG. 2 is a block diagram showing an example of the configuration of the distribution server 2, the cache server 3, and the terminal 4.

<Distribution server>
The distribution server 2 includes a communication interface (I / F) 21, a storage device 22, an input / output device 23, a processor 24, and a bus 25. The communication I / F 21 is, for example, a communication module or a network card, and communicates with a computer such as a cache server 3 or a terminal 4 based on a predetermined protocol.

The storage device 22 includes a main storage device (primary storage device) such as RAM (Random Access Memory) and ROM (Read Only Memory), and auxiliary storage such as HDD (Hard-disk Drive), SSD (Solid State Drive), and flash memory. It is a device (secondary storage device). The main storage device temporarily stores programs and data read by the processor, and secures a work area for the processor. The auxiliary storage device stores programs executed by the processor, data files to be distributed, and the like. The input / output device 23 is, for example, an input device such as a keyboard or a mouse, an output device such as a monitor, or a user interface such as a touch panel.

The processor 24 is an arithmetic processing unit such as a CPU (Central Processing Unit), and performs each process according to the present embodiment by executing an application. The distribution server 2 shows a functional block in the processor 24. That is, the processor 24 functions as a distribution control unit 241 and a key management unit 242. The distribution control unit 241 transmits a data file and identification information associated with the data file in response to a request from the cache server 3 or the terminal 4. The identification information associated with the data file is referred to as a "tag" in the present embodiment. The tag may be a data file or a hash obtained from an address on the network of the data file using a predetermined hash function, or may be a random character string assigned independently of the data file. Good. Further, in the present embodiment, the data file is encrypted by a predetermined method, and a decryption key is required to read the data file at the terminal 4. The key management unit 242 transmits a decryption key for decrypting the data file to the terminal 4 at a predetermined timing. For example, after the encrypted data file is transmitted from the cache server 3 to the terminal 4, the key management unit 242 transmits the decryption key to the terminal 4.

The above components are connected via the bus 25.

<Cache server>
As shown in FIG. 2, the cache server 3 also includes a communication I / F 31, a storage device 32, an input / output device 33, a processor 34, and a bus 35.

The communication I / F 31 is, for example, a communication module or a network card, and communicates with another computer based on a predetermined protocol. For example, data files are transmitted and received between the terminal 4 and the distribution server 5. The storage device 32 is a main storage device such as a RAM or ROM and an auxiliary storage device such as an HDD, SSD, or flash memory. The main storage device temporarily stores programs and data read by the processor, and secures a work area for the processor. The auxiliary storage device stores the program executed by the processor and the encrypted data file in association with the above-mentioned tag. The input / output device 33 is, for example, an input device such as a keyboard or a mouse, an output device such as a monitor, or a user interface such as a touch panel.

The processor 34 is an arithmetic processing unit such as a CPU, and performs each process according to the present embodiment by executing an application. The cache server 3 also shows a functional block in the processor 34. That is, the processor 34 functions as a cache management unit 341 and a distribution management unit 342. The cache management unit 341 receives a transmission request for a data file including a tag from the terminal 4, and transmits data indicating whether or not a cache hit has occurred to the distribution server 2. The distribution management unit 342 transmits the encrypted data file to the terminal 4, and receives the encrypted data file from the distribution server 2 and caches it when the cache does not hit.

The above components are connected via the bus 35.

<Terminal>
The terminal 4 is a computer such as a PC (Personal Computer), a smartphone, or a tablet, and includes a communication I / F 41, a storage device 42, an input / output device 43, a processor 44, and a bus 45. The communication I / F 41 is, for example, a wired network card or a wireless communication module, and communicates with another computer based on a predetermined protocol.
For example, it receives an encrypted data file from the cache server 3. The storage device 42 is a main storage device such as a RAM or ROM, and an auxiliary storage device such as an HDD, SSD, or flash memory. The main memory temporarily stores programs and data files read by the processor, and secures a work area for the processor. The auxiliary storage device stores programs, data files, and the like executed by the processor. The input / output device 43 is, for example, an input device such as a keyboard or a mouse, an output device such as a monitor, or a user interface such as a touch panel. For example, the user requests the distribution server 2 to transmit the data file via the input / output device 43, or reads and displays the received data file.

The processor 44 is an arithmetic processing unit such as a CPU, and executes each process according to the present embodiment by executing a program. The terminal 4 also shows a functional block in the processor 44. That is, the processor 44 functions as a request processing unit 441 and a decoding processing unit 442. The request processing unit 441 requests the distribution server 2 to transmit the data file, receives the tag associated with the data file from the distribution server 2, and transmits the data file to the cache server 3 using the tag. Request. Further, the request processing unit 441 receives the encrypted data file corresponding to the tag from the cache server 3. The decryption processing unit 442 receives the decryption key from the distribution server 2, decrypts the encrypted data file, and reproduces the encrypted data file.

The above components are connected via the bus 45.

As described above, the network system 1 according to the present embodiment can make the cache server 3 hold the encrypted data file by specifying the data file by using the tag. Then, the traffic on the network can be reduced by delivering the transmission request for the data file from the cache server 3. Further, as described above, the tag is a value given regardless of the plaintext data or the address of the data file, such as a hash having difficulty in calculating the original image (one-way). Then, the decryption key of the data file is transmitted and received in the encrypted communication between the distribution server 2 and the terminal 4. Therefore, the cache server 3 cannot decrypt the contents of the data file requested by the terminal 4, and the privacy of the user of the terminal 4 is protected.

<Delivery process>
FIG. 3 is a processing flow diagram showing an example of distribution processing. When the user of the terminal 4 performs an operation of requesting the distribution of the content data file, for example, the distribution process as shown in FIGS. 3 and 3 is started. Further, in FIG. 3, the HTTPS session established between the two devices is shown by the rounded rectangle of the alternate long and short dash line. In the HTTPS session, the communication content is encrypted by an encryption method such as the AES method by using the common key shared between the two devices.

First, the request processing unit 441 of the terminal 4 transmits data to the effect that the data file is requested to the distribution server 2 via the communication I / F 41 (FIG. 3: S1). In this step, a data file transmission request is transmitted, including a data file ID (also referred to as a "content ID") such as a URI. Further, it is assumed that the above-mentioned HTTPS session has been started at the time of executing this step.

On the other hand, it is assumed that the distribution server 2 stores the ID of the data file, the tag, and the key used for encrypting the data file in the storage device 22 in advance in association with each other. FIG. 4 is a diagram showing an example of a table stored in the storage device 22 by the distribution server 2. The table shown in FIG. 4 includes attributes of "content", "tag", and "key". The content ID distributed by the distribution server 2 is registered in the "content" field. In the "tag" field, a tag that has one direction and can be obtained from a data file based on a predetermined function or by referring to a predetermined table and is used as identification information of the data file is registered. .. The tag may be, for example, a hash value created by using HMAC (Hash-based Message Authentication Code) from plain text of a URI or a data file, or a value randomly created by the distribution server 2 for the data file. It may be. In this embodiment, since the tag is used as the identification information of the data file, it is preferable that the tag has a sufficient size to avoid collision depending on the number of data files, for example, about 256 bits. .. A common key for encrypting and decrypting a data file is registered in the "key" field. The size of the key is preferably 128 bits or the like according to the encryption method.

When the distribution control unit 241 of the distribution server 2 receives a data file request from the terminal 4 via the communication I / F 21, the distribution control unit 241 reads the tag associated with the content ID included in the request from the table and communicates the communication I / F 21. Is transmitted to the terminal 4 via (FIG. 3: S2). In this step, the distribution control unit 241 extracts the tag corresponding to the requested content from the table shown in FIG. 4, for example, and transmits it to the terminal 4.

On the other hand, when the request processing unit 441 of the terminal 4 receives the tag from the distribution server 2 (FIG. 3: S3), the request processing unit 441 requests the cache server 3 to transmit the cache file using the tag (FIG. 3: S4). In this step, the request processing unit 441 transmits a request including the tag received in S3 to the cache server 3 via the communication I / F 41. Further, the request may further include the ID of the terminal 4 or the user who uses the terminal, and the ID of the distribution server 2. It is assumed that an HTTPS session is also started between the terminal 4 and the cache server 3 and encrypted communication is performed.

The cache server 3 has a function of caching the encrypted data file as described above, but does not necessarily cache all the data files distributed by the distribution server 2. FIG. 5 is a diagram showing an example of a table stored in the storage device 32 by the cache server 3. The table shown in FIG. 5 includes attributes of "encrypted content" and "tag". The ID of the encrypted data file cached by the cache server 3 is registered in the "encrypted content" field. The ID of the encrypted data file may be a file path indicating the location of the data file on the storage device 32, or may be identification information for uniquely identifying the file path. In the "tag" field, a tag associated with the data file by the distribution server 2 is registered. As described above, the contents of the data file cannot be decrypted from the information held by the cache server 3, and the original location of the data file cannot be specified.

When the cache management unit 341 of the cache server 3 receives a request for a cache file from the terminal 4 via the communication I / F 31, it determines whether the requested file is cached (FIG. 3: S5). In this step, for example, when the requested tag is registered in the table shown in FIG. 5, it is determined that the cache is hit, and when it is not registered, it is determined that the cache is not hit.

If the cache does not hit (S5: NO), the process proceeds to the process shown in FIG. 6 via the connector “A”. FIG. 6 is a processing flow diagram showing an example of distribution processing. Then, the distribution management unit 342 of the cache server 3 notifies the distribution server 2 of the cache error via the communication I / F 31 (FIG. 6: S6). In this step, for example, the tag of the data file requested from the terminal 4, the ID of the terminal 4 or the user who uses the terminal, and the information indicating that the cache hit has not occurred are notified. It is assumed that the HTTPS session is also started between the cache server 3 and the distribution server 2 and encrypted communication is performed.

On the other hand, when the distribution control unit 241 of the distribution server 2 receives a notification of a cache error from the cache server 3 via the communication I / F 21, the encrypted data file is sent to the cache server 3 via the communication I / F 21. (Also referred to as "encrypted content") is transmitted (FIG. 6: S7). In this step, the data file (content) registered in the "content" field of FIG. 4 is encrypted by the common key registered in the "key" field associated with the data file and distributed. It is transmitted by the control unit 241. In the distribution server 2, the encrypted content may be stored in the storage unit 22 in advance, and the content encryption process at the time of transmission may be omitted.

Further, when the cache management unit 341 of the cache server 3 receives the encrypted content from the distribution server 2 via the communication I / F 31, the cache management unit 341 stores the received encrypted content in the storage device 32 and the table shown in FIG. The encrypted content and the tag are stored in association with each other (FIG. 6: S8).

Further, the cache management unit 341 transmits the encrypted content to the terminal 4 via the communication I / F 31 (FIG. 6: S9). In this step, it is assumed that the HTTPS session started in S4 is restarted and encrypted communication is performed between the cache server 3 and the terminal 4. The session can be resumed by, for example, an existing session resumption method. On the other hand, the request processing unit 441 of the terminal 4 receives the encrypted content via the communication I / F 41 and stores it in the storage device 42.

Further, the key management unit 242 of the distribution server 2 receives a notification of a cache error in S6, transmits the encrypted content to the cache server 3, and then decrypts the encrypted content via the communication I / F 21. The key is transmitted to the terminal 4 (FIG. 6: S10). In this step, it is assumed that the HTTPS session started in S1 is restarted and encrypted communication is performed between the distribution server 2 and the terminal 4.

Then, the decryption processing unit 442 of the terminal 4 receives the common key via the communication I / F 41, and decrypts the encrypted content received in S9 using the common key (FIG. 6: S11). In this way, the terminal 4 can acquire a desired data file from the distribution server 2 and read the contents thereof.

In the case of a cache miss, the encrypted content may be directly transmitted from the distribution server 2 to the terminal 4. Further, the cache server 3 may determine whether or not to cache the encrypted content based on a predetermined rule, or the distribution server 2 or the like may control which encrypted content should be cached. You may.

If it is determined that a cache hit has occurred in S5 of FIG. 3 (S5: YES), the process proceeds to the process of FIG. 7 via the connector “B”. FIG. 7 is a processing flow diagram showing an example of distribution processing. Then, the distribution management unit 342 of the cache server 3 notifies the distribution server 2 of the cache hit via the communication I / F 31 (FIG. 7: S12). In this step, for example, identification information for uniquely identifying the terminal 4, a tag of the data file requested by the terminal 4, and information indicating a cache hit are notified. As a result, it is possible to know that the distribution server 2 also has a cache hit, and if the cache hit occurs, the encrypted content is not transmitted from the distribution server 2 to the cache server 3. Also in this step, an HTTPS session is started between the cache server 3 and the distribution server 2, and encrypted communication is performed.

Then, the cache management unit 341 of the cache server 3 transmits the encrypted content to the terminal 4 via the communication I / F 31 (FIG. 7: S13). This step is the same as S9 in FIG.

Further, the key management unit 242 of the distribution server 2 transmits a common key for decrypting the encrypted content to the terminal 4 via the communication I / F 21 after receiving the cache hit notification in S12 (FIG. 7). : S14). The cache hit notification may include a key transmission request to the terminal 4. This step is the same as S10 in FIG.

Then, the decryption processing unit 442 of the terminal 4 receives the common key via the communication I / F 41, and decrypts the encrypted content received in S13 using the common key (FIG. 7: S15). This step is the same as S11 in FIG. In this way, the terminal 4 can acquire a desired data file from the distribution server 2 and read the contents thereof.

<Effect>
When a cache hit occurs, the cache server 3 transmits the encrypted content to the terminal 4, so that the concentration of access to the distribution server 2 can be suppressed and the traffic on the network 1 can be reduced. Further, by using the above-mentioned tag, the data file can be cached on the network even when the encrypted communication by HTTPS or the like is performed, and the cache server 3 can cache the data file. The contents cannot be specified or read. The key for decrypting the encrypted content is transmitted from a host different from the encrypted content to the terminal at a timing after the distribution server grasps whether or not the cache hit has occurred in the cache server. At this time, the key can be managed appropriately by restarting the encrypted communication session and transmitting the key.

<Modification example>
In the network system according to the above-described embodiment, the communication path for transmitting the encrypted content and the communication path for transmitting the decryption key of the encrypted content are independent. Therefore, the distribution server 2 may limit the communication paths that can be used for the terminal 4. For example, in S2 of FIG. 3, after the distribution server 2 transmits the tag to the terminal 4, the cache server 3 is further specified and the encrypted content can be acquired only from the access to the designated cache server 3. Further, the distribution server 2 may further set an expiration date of the tag, and invalidate the tag if the terminal 4 does not acquire the encrypted content from the cache server 3 within a certain time. By setting the expiration date appropriately, even if a third party illegally acquires the key and tag, the acquisition of encrypted content from the cache server can be restricted.

FIG. 8 is a diagram showing an example of the configuration and processing of the network system according to the modified example. In this modification, when a request for content is transmitted from the terminal 4C used by a legitimate user (FIG. 8 (1)), the distribution server 2 has an alternative tag related to this modification and the access destination cache server 3. The identification information of is transmitted to the terminal 4C (FIG. 8 (2)).

The alternative tag shall include the tag, user ID and time. As described above, the tag is the identification information of the content generated by, for example, a one-way function or randomly. The user ID is the identification information of the user of the terminal 4C, and may be a part of the cookie, the IP address of the access source, or the like. The time is information indicating the start or end of the expiration date, and may be, for example, the date and time when the alternative tag was generated or the date and time when the alternative tag expires. Further, the alternative tag is encrypted with a predetermined key (referred to as a "tag key" for convenience), and the terminal 4C cannot decrypt it. Note that the distribution server 2 determines the cache server 3 to which the terminal 4C should request the transmission of the cache (that is, the access destination), and substitutes using the common key shared with the determined cache server 3A. The tag is encrypted and transmitted to the terminal 4C. Therefore, only the cache server 3A of the access destination determined by the distribution server 2 can decrypt the alternative tag.

Further, the terminal 4C transmits a request including an alternative tag to the cache server 3A of the designated access destination (FIG. 8 (3)). The cache server 3A decrypts the alternative tag with the tag key held in advance (FIG. 8 (4)). Then, the cache server 3A transmits a request for the content including the tag included in the alternative tag and the user ID to the distribution server 2 (FIG. 8 (5)). At this time, the cache server 3A may determine whether the decryption is successful, and interrupt the process if the decryption of the alternative tag fails with the tag key held in advance. Further, the cache server 3A may determine whether or not it is within the predetermined expiration date based on the time included in the alternative tag, and if it is not within the expiration date, the process may be interrupted. Further, the cache server 3A determines whether the requesting terminal 4C and the user ID are an appropriate combination determined in advance based on the user ID included in the alternative tag, and if not, performs processing. You may interrupt it.

On the other hand, the distribution server 2 that has received the content request reads the encrypted content associated with the tag and transmits it to the cache server 3A (FIG. 8 (6)). This step is the same as S7 in FIG. Then, the cache server 3A transmits the encrypted content to the terminal 4C (FIG. 8 (7)). This step is the same as S9 in FIG. Further, the distribution server 2 transmits the common key used for encrypting the content to the terminal 4C (FIG. 8 (8)). This step is the same as S10 in FIG. In this way, the encrypted content can be decrypted and played back on the terminal 4C.

Further, even if the terminal 4D used by an unauthorized user obtains the encrypted alternative tag, the alternative tag cannot be decrypted on the cache server 3B which is not an appropriate access destination, and the processing is interrupted. Further, even in the cache server 3A, which is an appropriate access destination, the processing of the request from the terminal 4D is interrupted due to the fact that it is not within the expiration date and the appropriate combination of the user ID and the terminal 4D. As described above, according to this modification, even if an unauthorized user acquires the key and the tag, the viewing of the content can be restricted.

<Others>
The configurations of the embodiments and modifications are exemplary, and the present invention is not limited to the configurations described above. In addition, the configurations shown in the embodiments and modifications can be combined as much as possible without departing from the problems and technical ideas of the present invention.

The cached data file is not limited to content such as moving images and music, and may be various electronic data generated, read, written, stored, etc. by a computer such as a document or an execution file of an application. Further, the distribution server 2 may further determine whether the user of the terminal 4 has the authority to access the data file, for example, based on an ID or password issued to the user.

Further, for encryption of the cached contents, an encryption method capable of detecting tampering by adding a MAC may be adopted, for example, AES128-GCM. Further, if the cached encrypted content cannot be decrypted by the terminal 4, the encrypted content may be cached again in the cache server 3.

The present invention includes a computer program that performs the above-mentioned processing. Further, a computer-readable recording medium on which the program is recorded also belongs to the category of the present invention. With respect to the recording medium on which the program is recorded, the above-mentioned processing can be performed by causing a computer to read and execute the program of the recording medium.

Here, the computer-readable recording medium means a recording medium in which information such as data and programs is stored by electrical, magnetic, optical, mechanical, or chemical action and can be read from a computer. Among such recording media, those that can be removed from a computer include flexible disks, magneto-optical disks, optical disks, magnetic tapes, memory cards, and the like. Further, examples of the recording medium fixed to the computer include a hard disk drive and a ROM.

1: Network system 2: Distribution server 21: Communication I / F
22: Storage device 23: Input / output device 24: Processor 241: Distribution control unit 242: Key management unit 25: Bus 3: Distribution server 31: Communication I / F
32: Storage device 33: Input / output device 34: Processor 341: Cache management unit 342: Distribution management unit 35: Bus 4: Terminal 41: Communication I / F
42: Storage device 43: Input / output device 44: Processor 441: Request processing unit 442: Decoding processing unit 45: Bus

Claims (10)

A network system including a distribution server that distributes a data file, a cache server that caches the data file, and a terminal that receives the data file.
The distribution server
When a data file transmission request is received from the terminal, a distribution control unit that transmits the identification information associated with the requested data file to the terminal, and
It is equipped with a key management unit that sends a key for decrypting an encrypted data file to the terminal.
The cache server
When a request for transmission of a data file containing the identification information is received from the terminal, and the data file is cached in the storage device in association with the requested identification information, the data file is transmitted to the terminal. A network system including a cache management unit that receives the encrypted data file from the distribution server and stores it in the storage device when the data file is not cached in the storage device in association with the requested identification information. .. The network system according to claim 1, wherein the identification information is a value obtained from a data file associated with the identification information or an address on the network of the data file using a predetermined one-way function. The network system according to claim 1 or 2, wherein the distribution server, the cache server, and the terminal perform encrypted communication with each other. Any one of claims 1 to 3 in which the distribution server and the terminal establish a session for performing encrypted communication in the process performed by the distribution control unit, and restart the session in the process performed by the key management unit. The network system described in paragraph 1. A cache server that distributes a data file and caches the data file, and a distribution server that communicates with a terminal that receives the data file.
When a data file transmission request is received from the terminal, the identification information associated with the requested data file is transmitted to the terminal, and a data file transmission request containing the identification information is received from the cache server. If so, the distribution control unit that sends the encrypted data file to the cache server, and
A distribution server including a key management unit that transmits a key for decrypting an encrypted data file to the terminal. A distribution method executed by a cache server that distributes a data file and caches the data file, and a distribution server that communicates with a terminal that receives the data file.
When a data file transmission request is received from the terminal, the identification information associated with the requested data file is transmitted to the terminal, and a data file transmission request containing the identification information is received from the cache server. If so, the encrypted data file is sent to the cache server,
A distribution method in which a key for decrypting an encrypted data file is transmitted to the terminal. A distribution program executed by a cache server that distributes a data file and caches the data file, and a distribution server that communicates with a terminal that receives the data file.
When a data file transmission request is received from the terminal, the identification information associated with the requested data file is transmitted to the terminal, and a data file transmission request containing the identification information is received from the cache server. If so, the encrypted data file is sent to the cache server,
A distribution program that causes a distribution server to execute a process of transmitting a key for decrypting an encrypted data file to the terminal. A distribution server that distributes a data file and a cache server that communicates with a terminal that receives the data file and caches the data file.
When a request for transmission of a data file including the identification information of the requested data file is received from the terminal, and when the data file encrypted in association with the requested identification information is cached in the storage device, When the encrypted data file is transmitted to the terminal and the encrypted data file associated with the requested identification information is not cached in the storage device, the encrypted data file is distributed. A cache server that receives data from a server and stores it in the storage device. A cache method executed by a cache server that communicates with a distribution server that distributes a data file and a terminal that receives the data file and caches the data file.
When a request for transmission of a data file including the identification information of the requested data file is received from the terminal, and when the data file encrypted in association with the requested identification information is cached in the storage device, When the encrypted data file is transmitted to the terminal and the encrypted data file associated with the requested identification information is not cached in the storage device, the encrypted data file is distributed. A cache method that receives data from a server and stores it in the storage device. A cache program executed by a distribution server that distributes a data file and a cache server that communicates with a terminal that receives the data file and caches the data file.
When a request for transmission of a data file including the identification information of the requested data file is received from the terminal, and when the data file encrypted in association with the requested identification information is cached in the storage device, When the encrypted data file is transmitted to the terminal and the encrypted data file associated with the requested identification information is not cached in the storage device, the encrypted data file is distributed. A cache program that causes a cache server to execute a process that receives data from a server and stores it in the storage device.

Images