JP2021012730A - File division and combination system and method thereof - Google Patents

Abstract

To enable the execution of division or combination of files with a simple operation.SOLUTION: Whether an uploaded file is a file of a combination object is determined by checking whether the uploaded file is identified by any of file division piece identification information included in a combination object file table. When it is not the combination object, the uploaded file is divided into file division pieces, and when it is the combination object, the uploaded file is combined with a stored file division piece.SELECTED DRAWING: Figure 1

Description

The present invention relates to a file division / combination system. More specifically, the present invention divides an uploaded file into a file that has not been divided in the past and causes a part of the divided pieces to be downloaded, and combines the uploaded file with the corresponding divided pieces if the file has been divided in the past. It is related to the file splitting / combining system that allows you to restore files.

From the viewpoint of security, it is required to transfer files safely. It is common practice to attach an encrypted file to an e-mail and send it, but if the e-mail address is incorrect or if the contents of the e-mail are leaked due to network eavesdropping, the encrypted file will be sent. It falls into the hands of a third party. In this case, if a cryptanalysis tool or the like is used, the password may be decrypted if the password length is short or if the password is simple, and the contents of the file may be leaked.

It is also common practice to upload a file to a storage with user authentication on a network such as the Internet and have it downloaded from the destination computer. However, for files on the server, there is a possibility that the file may be stolen by hacking the server that stores the file or other unauthorized human actions, and the password for user authentication may be decrypted by a third party. , There is a possibility that the contents of the file will be leaked to the third party. As described above, there are security problems in transferring files through storage on the Internet.

In order to reduce the risk of such file leakage, it is conceivable to divide the file and transmit the file via, for example, two routes, via the Internet and via e-mail. For example, the server machine 10 of the sender 1 is provided with an electronic tally generating means to divide the electronic information into the first tally information and the second tally information, and the first tally information is first communicated with the center machine 30 of the relay organization 3. The 20th tally information is sent to the client machine 20 of the receiver 2 through the second communication path while being sent through the road and stored in the storage device, and the center machine 30 receives the request from the client machine 20 and sends the 10th tally. When the information is sent, the client machine 20 is equipped with the electronic tally integration means and receives the second tally information, and when the electronic information is used, the first tally information is obtained from the center machine 30 and the electronic tally information is combined with the second tally information. A technique for integrating and restoring the original electronic information is known (Patent Document 1). With this technology, user members register in the electronic information delivery system managed by the distribution center, select the electronic information they want from the electronic information catalog published by the member store via the Internet communication network, etc., and place an order. The electronic information is taken out from the database and converted into electronic tally to generate two electronic tally, the first electronic tally is sent to the distribution center, and the second electronic tally is sent to the member who placed the order together with the electronic tally integration key. Then, the customer who receives the second electronic tally orders the first electronic tally from the distribution center, restores the original electronic information based on the integration key, and uses it (Patent Document 1, paragraph 0024). ..

Japanese Patent Application Laid-Open No. 2003-132229

However, in the conventional electronic information delivery system, when dividing electronic information, it takes time and effort to specify the electronic information to be divided and perform the division, or to send one of the divided electronic information to the distribution center. In addition, the operation is complicated and inconvenient because it is necessary to specify and order the divided electronic information from the distribution center when restoring the divided electronic information.

In order to solve the above problem, the present invention stores the file division piece identification information for identifying the offline file division piece in the file table to be combined in association with the online file division piece to be combined with the offline file division piece. , The online file split piece is stored in the file split piece storage part to be combined, the file upload is accepted from the client computer, and the uploaded file is identified by one of the file split piece identification information included in the file split piece table to be combined. By checking whether it is a file, it is determined whether the uploaded file is a file to be combined, and if it is determined that the uploaded file is not a file to be combined, the uploaded file is an online file. Divide into split pieces and offline file split pieces, download the split offline file split pieces to the client computer, identify the offline file split pieces, and associate the file split piece identification information with the split online file split pieces to be combined. It is stored in the file table, and the divided online file division pieces are stored in the file storage unit to be combined. If it is determined that the uploaded file is the file to be combined, the file storage unit to be combined is stored. It is characterized by combining the corresponding stored online file fragment with the uploaded file to generate the original file and downloading the generated original file to the client computer.

The present invention can also be configured to divide a file into a plurality of file division pieces. That is, the offline file division piece is composed of a plurality of lower file division pieces, and the file to be divided is restored by combining all of the online file division piece and the plurality of lower file division pieces, and the file division piece identification information. Identifyes each of a plurality of sub-file split pieces, accepts uploads of one or more files, and the uploaded file is identified by the file split piece identification information included in the file table to be combined. By checking whether it is a file, it is determined whether one or more uploaded files are files to be combined, and if it is determined that the uploaded file is not a file to be combined, it is uploaded. The file is divided into an online file division piece and a plurality of lower file division pieces, the plurality of lower file division pieces are downloaded to the client computer, and the file division piece identification information for identifying each of the divided multiple lower file division pieces is provided. The split online file split piece is associated with the split target file table and stored in the join target file table, and the split online file split piece is stored in the join target file storage unit. In the file join means, the uploaded file is the join target. If it is determined that all of the multiple sub-file split pieces have been uploaded, the corresponding online file split pieces stored in the file storage to be combined are combined with the uploaded multiple sub-file split pieces. Can be configured to generate the original file and download the generated original file to the client computer.

Further, the present invention can also be configured to divide a file into a plurality of file division pieces by the threshold method. That is, the offline file division piece is composed of a plurality of lower file division pieces, and the file to be divided includes the online file division piece and the number of file division pieces equal to or more than the threshold value k among the plurality of lower file division pieces. It is combined and restored, and the file division piece identification information identifies each of a plurality of lower file division pieces, accepts the upload of one or more files, and uploads one or more files. Determine if one or more uploaded files are files to be merged by checking if the file is identified by the file split piece identification information contained in the file table to be merged. If it is determined that the uploaded file is not the file to be combined, the uploaded file is divided into an online division and multiple sub-file divisions, and the multiple sub-file divisions are downloaded to the client computer. , File that identifies each of the multiple subdivided sub-files Divided pieces The identification information of the divided pieces is stored in the combined online file divided piece in association with the divided online file divided pieces, and the divided online file divided pieces are stored in the combined target file. It is stored in the storage unit, and it is determined that the uploaded file is the file to be combined, and that the number of file division pieces equal to or greater than the threshold k among the online file division piece and the plurality of lower file division pieces is complete. If so, the corresponding online file partition stored in the file storage to be combined is combined with the uploaded lower file segment to generate the original file, and the generated original file is downloaded to the client computer. Can be configured.

The present invention can also be configured to store some of the file division pieces divided by the threshold method on the server. That is, the offline file division piece is composed of a plurality of lower file division pieces, and the file to be divided includes the online file division piece and the number of file division pieces equal to or more than the threshold value k among the plurality of lower file division pieces. It is combined and restored, and the file division piece identification information identifies each of a plurality of lower file division pieces, accepts the upload of one or more files, and uploads one or more files. Determine if one or more uploaded files are files to be merged by checking if the file is identified by the file split piece identification information contained in the file table to be merged. If it is determined that the uploaded file is not the file to be combined, the uploaded file is divided into an online file division piece and multiple subdivision pieces, and the threshold value among the multiple subdivision pieces. Downloads less than k sub-file splices to the client computer and stores the file splinter identification information that identifies each of the downloaded sub-file splices in association with the online file splices split in the file table to be combined. The divided online file division piece and the lower file division piece that was not downloaded are stored in the file storage unit to be combined. The uploaded file is the file to be combined, and the online file division piece and the lower file If it is determined that the number of file divisions equal to or greater than the threshold k among the divisions is complete, the corresponding online file divisions stored in the file storage unit to be combined and the lower file divisions that were not downloaded are uploaded. It can be configured to combine with a subordinate file fragment to generate the original file and download the generated original file to the client computer.

Further, the present invention can be configured such that the number of downloaded lower file division pieces is smaller than the threshold value k when some of the file division pieces divided by the threshold method are stored in the server. ..

Further, in the present invention, the file division piece identification information can be used as the hash value of the file division piece to be identified.

Further, in the present invention, the file division piece identification information can be used as a hash value of the file division piece identified by the file division piece with unique information added.

Further, the present invention receives and stores the input of the recipient identification information that identifies the recipient of the divided file at the time of file division, acquires the recipient identification information at the time of file combination, and receives the stored file. It can be configured to decrypt the encrypted divided file fragment in the same case as the destination identification information. Further, the present invention can be configured to acquire the recipient identification information to be acquired from the device of the user who intends to combine the files via the network at the time of file combination. Further, the present invention accepts input of recipient identification information for identifying the recipient of the divided file from a user who intends to divide the file, and at least of the divided file division pieces based on the received recipient identification information. It encrypts either one, accepts input of recipient identification information from the user who is trying to combine files, and decrypts the encrypted divided file fragment based on the received recipient identification information. It can be configured to be a thing.

The present invention can also be configured to require user authentication for uploading.

In the present invention, the uploaded file is the file to be combined by checking whether the uploaded file is identified by any of the file fragment identification information contained in the file to be combined table. If it is not the file to be combined, divide the uploaded file into online file fragment and offline file fragment, download the offline file fragment to the client computer, and if it is the file to be combined. It is configured to combine the corresponding stored online file splits with the uploaded file to generate the original file and download it to the client computer, so just upload the file and it is still split The effect is that it is possible to automatically determine whether a file that does not exist and should be split this time, or a file that has already been split and should be combined this time.

Further, the present invention can be configured to divide a file into a plurality of file division pieces, and in this case, by further increasing the number of file division pieces to be downloaded, a third party illegally obtains the file division pieces. The effect is that the possibility of doing so can be reduced.

The present invention can also be configured to divide a file into a plurality of file divisions by a threshold method, in which case the original file is restored even from a part of the downloaded file divisions. The effect of being able to do is obtained.

The present invention can also be configured to store some of the file divisions divided by the threshold method on the server, in which case a third party illegally uses the downloaded file divisions. Even if it is obtained, it has the effect of reducing the possibility of restoring the original file.

Further, the present invention can be configured such that the number of downloaded lower file division pieces is smaller than the threshold value k when some of the file division pieces divided by the threshold method are stored in the server. In this case, even if a third party illegally obtains the downloaded file fragment, the possibility of restoring the original file can be reduced.

Further, the present invention can be configured so that the file division piece identification information is a hash value of the file division piece to be identified, and in this case, the identification information that is unlikely to overlap with other file division pieces is provided. The effect that it can be obtained by a simple calculation can be obtained.

Further, the present invention can be configured so that the file division piece identification information is a hash value of the file division piece identified by the file division piece with unique information added, and in this case, the identification information is another file division piece. The effect is that the possibility of overlapping with can be further reduced.

Further, the present invention receives and stores the input of the recipient identification information that identifies the recipient of the divided file at the time of file division, acquires the recipient identification information at the time of file combination, and receives the stored file. In the same case as the destination identification information, it can be configured to decrypt the encrypted divided file fragment, and the effect that the file can be compounded only to the authorized recipient can be obtained. Further, the present invention can be configured to acquire the recipient identification information to be acquired from the device of the user who intends to combine the files via the network at the time of file combination, and the recipient identification information can be automatically acquired. The effect is obtained. In addition, the present invention can be configured to encrypt the file split piece based on the recipient identification information that identifies the recipient of the split file, in which case the file split piece is only available to the authorized recipients. The effect is that it can be prevented from being decrypted.

Further, the present invention can be configured so that user authentication is required for uploading, and in this case, an effect that a third party cannot decrypt the file segment can be obtained.

It is a block diagram of the file division / combination system 100 which concerns on one Embodiment of this invention. It is an operation flow diagram of the division process of the file division / combination system 100 which concerns on one Embodiment of this invention. It is an operation flow diagram of the combination process of the file division / combination system 100 which concerns on one Embodiment of this invention. It is a structural diagram of the hash search table 401 which stored the offline file division piece identification information in the file table 111 to be combined. It is a structural diagram of the division piece management table 501 which stored the information which associates two divided files in the combination target file table 111. It is a block diagram of the encryption information table 601 which stores the information when the file division piece is encrypted. It is a block diagram of the registration ID table 701 which stores the identification information of the other party which permits the combination and the identification information of the device which the other party has. It is a structural diagram of the time division multiplexing table 801 using the threshold value. This is a screen image for uploading the divided files. This is a screen image for uploading the files to be combined. It is a conceptual diagram of the method of dividing a file.

(System configuration)
The configuration of the file division / combination system 100 according to the present invention will be described. FIG. 1 is a block diagram of a file division / combination system according to an embodiment of the present invention. Referring to FIG. 1, the file division / combination system 100 is largely composed of a division / combination server 101, a division request client 121, and a combination request client 131. The split / join server 101 includes functional blocks such as a join target file table 111, a join target file storage unit 112, a file upload means 113, a join determination means 114, a file split means 115, and a file join means 116. The split / join server 101 is connected to the split request client 121 and the join request client 131 via a network such as the Internet. The files divided or combined by the file division / combination system 100 are downloaded to the division request client 121 and the combination request client 131.

The division / combination server 101 is a component that divides and combines files. Although not shown, the split / combined server 101 is typically a general-purpose server composed of hardware such as a CPU, RAM, a storage device, a user interface, and a network interface, and having a hardware configuration in which they are connected via a bus. Is. The storage device stores the OS, applications for file division / combination, and the like in the storage area, and further provides a storage area for the combination target file table 111 and the combination target file storage unit 112. When the application operates on the CPU, the functional blocks of the file upload means 113, the combination determination means 114, the file division means 115, and the file combination means 116 are configured.

The split request client 121 is a component used for this purpose by a user who requests splitting of a file. The split request client 121 is typically a general-purpose personal computer composed of hardware such as a CPU, RAM, a storage device, a user interface, and a network interface, and having a hardware configuration in which they are connected via a bus.

The join request client 131 is a component used for this by a user requesting a join of files. The join request client 131 is typically a general-purpose personal computer composed of hardware such as a CPU, RAM, a storage device, a user interface, and a network interface, and having a hardware configuration in which they are connected via a bus.

When the file to be combined is divided into an online file division piece and an offline file division piece, the online file division piece is stored in the division / combination server 101, and the offline file division piece is downloaded to the division request client 121. , The configuration is such that the offline file split piece identification information for identifying the offline file split piece is stored. At that time, the offline file division piece identification information is stored in association with the online file division piece divided from the same file. The offline file split piece identification information is typically a hash value of the offline file split piece, but other techniques such as assigning the same unique number to each of the corresponding online file split piece and offline file split piece. It can also be used. In addition, the file to be divided can be divided into three or more file division pieces. In this case, it can be considered that the offline file division piece is divided into a plurality of lower file division pieces. Therefore, the file to be divided can be divided into an online file division piece and an offline file division piece composed of a plurality of lower file division pieces. In this case, identification information that identifies each of the lower file division pieces is required.

A specific configuration example of the file table 111 to be combined will be described. FIG. 4 is a structural diagram of the hash search table 401 that stores the offline file division piece identification information in the file table 111 to be combined. The structure of the hash search table 401 will be described. The hash search table 401 includes the number of divided files in which the set of data for the set of the online file division piece and the offline file division piece divided from the same file is one component. One component is an offline file split piece hash value 411, an online file split piece data number 412, and a deletion flag 413. In FIG. 4, the hash search table 401 is the nth offline file division hash value 411 from the component 1 composed of the data of the offline file division piece hash value 411, the online file division piece data number 412, and the deletion flag 413. , The component n composed of the data of the online file division piece data number 412 and the deletion flag 413 is included. The offline file split piece hash value 411 is a hash value that identifies the offline file split pieces that have been downloaded and are not stored in the split / join server 101 among the split online file split pieces and the offline file split pieces. .. The online file division piece data number 412 is information for specifying the online file division piece corresponding to the offline file division piece, and specifically, stores the storage location of the online file division piece corresponding to the offline file division piece. It is the number of the divided piece management table 501. The deletion flag 413 is a flag set when deleting a divided file.

FIG. 5 is a structural diagram of a divided piece management table 501 that stores information for associating two divided files in the combined target file table 111. The split piece management table 501 is a table that stores information for identifying the online file split piece stored in the split / join server 101, and can also be used as a component table of data that exists once for one split file. , May be a common table. A table may contain all the data in one table, or it may be in the form of a linear list in which independent data components are linked by pointers to the addresses of the next component. .. FIG. 5 shows an example of the form of a linear list. FIG. 5 is an example of a fragment management table 501 in which the components for the first managed fragment are explicitly shown. The split piece management table 501 includes data number 511, number of splits 512, split method 513, threshold value 514, survival time 515, number of joins 516, original file hash value 517, join permission partner registration table address 518, split file hash value. A table consisting of a set of data of 519, the actual data storage address of the divided file 520, the encryption information table address 521, the divided piece table address 522 when using the threshold, the deletion flag 523, and the next divided piece management table address 524. is there.
It will be described with reference to the component 1 for the first fragment specified in FIG. The data number 511 is a unique numerical value for identifying a component consisting of a set of data for one divided piece in the divided piece management table 501. Typically, an integer value of 1 is given for the first component. If the component of the divided piece is specified by an index other than the data number 511, the data number 511 is not always necessary.
The number of divisions 512 is a numerical value indicating how many file division pieces the file is divided into. If only a single number such as 2 is adopted as the number of divisions, the number of divisions 512 is not always necessary.
The division method 513 is a numerical value that specifies the division method of the file. For example, when the secret distribution method is used, it is specified whether to perform the basic distribution or the threshold distribution processing method. If other distribution methods are used, set a numerical value to specify them. For example, if it is 0, it is a basic distribution as a secret distribution method (a distribution method that requires all of the divided files for joining), and if it is 1, it is a threshold distribution as a secret distribution method (a divided file for joining). (Distribution method that requires files equal to or greater than the number of threshold k), 2 specifies another file distribution method (1), and 3 specifies another file distribution method (2). Can be. If only a single method such as simple distribution is used as the division method, the division method 513 is not always necessary.
The threshold value 514 is a numerical value that specifies the threshold value in the threshold value distribution, that is, the number of divided file division pieces required for restoration. If the threshold variance is not used as the division method, or if the threshold value is a single numerical value even if the threshold variance is used, the threshold value 514 is not always necessary.
The survival time 515 is a numerical value that specifies the time that allows the binding of the divided pieces. This is typically a number in seconds. The survival time 515 is not always necessary if the survival time is not used, or if it is used, if it is a single number.
The number of bindings is 516, which is a numerical value that specifies the maximum number of times that the divided pieces can be bound within the survival time. Further, when there are a plurality of binding partners, the maximum number of times for a single joining partner can be set. The bond order 516 is not always necessary if the bond order is not used, or if it is used, if it is a single number.
The original file hash value 517 is a hash value of the original file of the file to be divided. If the uploaded file is a split file, get the hash value and store it here. This is to check if the combined file is the same as the original file by using the hash value of the original file before splitting, but if you do not do such a check, the original file hash The value 517 is not always necessary.
The join permission partner registration table address 518 is the address of the registration ID 712 of the user who is permitted to perform the join processing on the divided pieces or the address of the component of the join permission partner registration table in which the registration ID information 713 is recorded. The user's registration ID 712 or registration ID information 713 stored in the join permission partner registration table is used to determine whether or not to allow the join process. When the join permission partner is not set, the join permission partner registration table address 518 is not always necessary.
The divided file hash value 519 is a hash value of the divided online file divided pieces. This makes it possible to check whether the data of the saved online file split piece has been tampered with, but if such check is not performed, the split file hash value 519 is not always necessary.
The online file division piece real data storage address 520 is the address of the place where the real data of the divided online file division piece is stored.
The encryption information table address 521 is an address of the encryption information table 601 that records information about the encryption method applied to the file segment. When encryption is not performed, the encryption information table address 521 is not always necessary if the encryption method or the like is fixed even if encryption is performed.
The threshold value usage time division fragment table address 522 is the address of the threshold value utilization time division fragment table 801. Split / join server when the number of download file split pieces in threshold distribution is limited, which is an additional function described later, using the information stored in the threshold split piece table 522. The offline file division piece and the like stored in 101 can be acquired through the threshold usage division piece table 801 and the original file can be restored. If the number of download file division pieces is not limited in the threshold distribution, the division piece table address 522 when using the threshold value is not always necessary.
The deletion flag 523 is a flag to be set when the file division piece is deleted. If the deletion is managed by another method, the deletion flag 523 is not always necessary.
The address 524 of the next data is the address of the component for the next managed (second in the case of FIG. 5) fragmented file fragment. The address 524 of the next data is not always necessary when accessing the next component by another method, or when the split piece management table is made into one table without having a linear list structure.

The file storage unit 112 to be combined has a configuration for storing the divided online file division pieces. The actual data of the online file division piece is stored here. The stored online file division piece is associated with the file division piece identification information that identifies the corresponding offline file division piece in the file table 111 to be combined. Specifically, the file storage unit 112 to be combined can be a data storage area indicated by the actual data storage address of the online file division piece of the division piece management table 501 shown in FIG.

The file upload means 113 has a configuration that accepts file uploads from the division request client 121 and the like. You can accept single or multiple files uploaded at one time. The file upload means 113 typically provides a website for providing a split / combine service on the Internet, and accepts a user's operation on the website in the split request client 121 to upload a file to the Internet. Provides a function of uploading to the split / join server 101 via.

The combination determining means 114 is configured to determine whether or not the uploaded file is a file to be combined. Typically, the join determination means 114 joins by checking whether the uploaded file is identified by any of the file split piece identification information contained in the file table 111 to be joined. Determine if it is the target file.

The file division means 115 has a configuration in which the file to be divided is divided into two file division pieces, an online file division piece and an offline file division piece. The file division means 115 divides the file to be divided by executing a predetermined division algorithm. The file dividing means 115 can also divide the file to be divided into three or more file dividing pieces. In this case, the file to be divided can be divided into an online file division piece and an offline file division piece composed of a plurality of lower file division pieces. In that case, a configuration that performs threshold division so that the original file can be generated by combining the number of file divisions equal to or more than the threshold k among all the lower file divisions from the online file division. It can also be.

The file combining means 116 typically has a configuration in which two file divided pieces, an online file divided piece and an offline file divided piece, are combined to generate an original file. The file combining means 116 combines the online file division piece and the offline file division piece when the file is divided into three or more file division pieces and a plurality of lower file division pieces constituting the offline file division piece are prepared. When the original file is generated, or when the number of file divisions equal to or greater than the threshold k among the plurality of lower file divisions constituting the online file division and the offline file division are prepared. It can also be configured to combine them into the original file.

(System operation-file division)
The operation of the file division / combination system 100 will be described below. First, the operation of dividing the file will be described. FIG. 2 is an operation flow diagram of the division process of the file division / combination system 100 according to the embodiment of the present invention. The file upload means 113 uploads the file to be divided to the division / combination server 101 (step S201). For this purpose, the user who intends to divide the file uses the division request client 121 to perform an operation of uploading the file to the division / combination server 101. Specifically, the split / join server 101 provides a website for providing the split / join service on the Internet, and the user accesses the website. FIG. 9 is a screen image for uploading a divided file. The user drags and drops the file to be divided into a predetermined area in the upload screen. As a result, the file uploading means 113 acquires the file from the split request client 121 via the network and uploads the file to the split / join server 101 as an upload file 201. Alternatively, a file can be uploaded by displaying a box for specifying a file from the upload screen and specifying a file or directory in the division request client 121.

It should be noted that user authentication is required to access the screen for uploading the divided file shown in FIG. 9 and the screen for uploading the combined file shown in FIG. 10 described later. Then it is suitable.

As another specific method, the upload function can be incorporated into the mail software or mail server. In this way, the file attached at the time of sending the mail is sent from the split request client 121 on which the mail server or mail software is installed. It can also be uploaded as an upload file 201 to the split / combined server 101 via the network.

Next, the join determination means 114 confirms whether the upload file 201 is identified by any of the file division piece identification information included in the join target file table 111, whereby the upload file 201 is Determine if the file is the one to be merged. For this purpose, the join determination means 114 generates a hash value of the upload file 201, and also acquires a list of hash values which are file division piece identification information from the join target file table 111 (step S202). Regarding the acquisition of the hash value list, specifically, from the hash search table 401, the first offline file split piece hash value 411, the second offline file split piece hash value 411, ... The last offline file split piece hash value 411. The one-sided hash value 411 is read out one after another.

Next, the join determination means 114 compares the generated hash value of the upload file 201 with each hash value included in the list of hash values obtained from the join target file table 111, and finds one that matches. Find out (step S203). If there is a matching hash value, the upload file 201 is determined to be an already split file split (referred to as an "offline file split") and the corresponding file split ("online file split"). ”) And branching to the joining process (step S204) for joining. If there is no matching hash value, the join determination means 114 determines that the upload file 201 is a file that has not been divided yet and should be divided this time, starts the division process, and saves the hash value (step). Branch to S205). The joining process will be described later with reference to FIG. 3, and the division process will be described below.

Specifically, when there is no matching hash value in step S203, the join determination means 114 determines that the upload file 201 is a file that has not yet been divided (not to be combined), and divides the upload file 201 into the file division means 115. Let the process be executed. That is, the file division means 115 first stores the hash value of the upload file 201 in the division piece management table 501 (step S205). At that time, a new component is added after the current last component of the split piece management table 501. Then, the hash value of the upload file 201 is saved as the original file hash value 517 in the added component in the divided piece management table 501. The original file hash value 517 is for confirming that the file combined and reconstructed after division is the same as the original file, but since this confirmation is not always necessary, step S205 is omitted. Is also possible.

Next, the file division means 115 divides the upload file 201 into a predetermined number of divisions by a predetermined division method (step S206). In this example, the file dividing means 115 divides the online file dividing piece 202 and the offline file dividing piece 203. The division method and the number of divisions can be registered in advance, or when the user uploads a file and it is determined that the file should be divided, the division method and the number of divisions can be specified. As the division method, known methods such as basic distribution, threshold distribution, and other file distribution methods can be used. Hereinafter, for example, a case of dividing into two files by basic distribution will be described. The file division means 115 divides the upload file 201 into an online file division piece 202 and an offline file division piece 203. FIG. 11 is a conceptual diagram of a method of dividing a file. At the time of division, as shown in FIG. 11, the bits can be divided into two files according to a predetermined rule.

Next, the file dividing means 115 saves the online file dividing piece 202 in the file storage unit 112 to be combined (step S207). Specifically, the file division means 115 stores the online file division piece 202 in an appropriate place in a storage area such as a memory or an HDD, and sets the storage address in the added component in the division piece management table 501. Online file division Save to the real data storage address 520. Further, at this time, preferably, the file dividing means 115 adds the number of divisions (2 in this case), which is a numerical value indicating how many file division pieces the file is divided into, to the number of divisions 512 in the added component. The numerical value that specifies the division method (in this case, the basic variance) is stored in the division method 513 in the added component. Further, when threshold distribution is used as the division method, the file division means 115 is a numerical value that specifies the threshold value in the threshold distribution, that is, the number of divided file division pieces required for restoration. Store the value at threshold 514 in the added component.

Next, the file division means 115 generates a hash value of the offline file division piece 203 and stores it in the file table 111 to be combined (step S208). Specifically, the file dividing means 115 first adds a new component after the current last component in the hash search table 401. Then, the hash value of the offline file division piece 203 is stored in the offline file division piece hash value 411 in the added component. At that time, the data number 511 of the component of the division management table 501 in which the information about the corresponding online file division 202 is stored is stored in the online file division piece data number 412 in the added component. As a result, the actual data of the online file division piece 202 generated from the same upload file 201 and the hash value of the offline file division piece 203 can be stored in association with each other.

When generating the hash value of the offline file division piece 203, the hash value is added after adding unique information after the offline file division piece 203 so as to ensure that the hash value is a unique value. It may be generated. In this case, as unique information, the data number 511 of the component of the division piece management table 501 of the corresponding online file division piece 202, the serial number, or a combination thereof can be used. Similar unique information may be added to other file dividers such as the online file divider 202.

Although not necessarily necessary, the file dividing means 115 can also store additional information in the divided piece management table 501 at this time. For example, the file dividing means 115 can store a numerical value in the survival time 515 that specifies the time for which the divided pieces are allowed to be combined. In addition, the file dividing means 115 can store in the number of bindings 516 a numerical value that specifies the upper limit of the number of times that the divided pieces can be combined within the survival time. Further, the file dividing means 115 can save the hash value of the original file of the file to be divided in the original file hash value 517. Further, the file dividing means 115 can save the hash value of the divided online file divided pieces in the divided file hash value 519. Further, the file dividing means 115 can record information about the applied encryption method in the encryption information table and store the address of the encryption information table in the encryption information table address 521. Further, the file division means 115 can save the address of the division piece table when the threshold value is used in the division piece table address 522 when the threshold value is used.

Next, the file division means 115 downloads the offline file division piece 203 to the division request client 121 (step S209). Specifically, the split / join server 101 displays a box to download the file in the screen image for uploading the split file shown in FIG. 9, and causes the user to download the download position on the split request client 121. Is specified, and the offline file division piece 203 is saved there via the Internet.

The user can transport the downloaded file division piece 203 to another user through a recording medium such as an e-mail, a memory card, a USB memory, or a CD-ROM. The other user can obtain the original file by using his / her information terminal as the join request client 131. At this time, even if the file division piece 203 is acquired by a malicious third party, the information of the original file 201 will not be leaked because the file division piece has no meaning by itself. In addition, since the size of the file division piece is smaller than that of the original file, it is easy to handle.

(System operation-file combination)
Next, the operation of combining files will be described. FIG. 3 is an operation flow diagram of the combination process of the file division / combination system 100 according to the embodiment of the present invention. The file upload means 113 uploads the files to be combined to the division / combination server 101 (step S301). For this purpose, the user who wants to combine the files uses the join request client 131 to perform an operation of uploading the file to the split / join server 101. Specifically, the split / join server 101 provides a website for providing the split / join service on the Internet, and the user accesses the website. FIG. 10 is a screen image for uploading the combined files. The user drags and drops the file to be combined into a predetermined area in the upload screen. As a result, the file upload means 113 acquires the file from the join request client 131 via the network and uploads the file to the split / join server 101 as an upload file 301. Alternatively, a file can be uploaded by displaying a box for specifying a file from the upload screen and specifying a file or directory in the join request client 131.

As another specific method, the upload function can be incorporated into the mail software or mail server. In this way, the file attached when the mail is received can be sent from the split request client 131 in which the mail server or mail software is installed. It can also be uploaded as an upload file 301 to the split / join server 101 via the network.

Next, the join determination means 114 confirms whether the upload file 301 is identified by any of the file division piece identification information included in the join target file table 111, so that the upload file 301 can be identified. Determine if the file is the one to be merged. For this purpose, the join determination means 114 generates a hash value of the upload file 301, and also acquires a list of hash values which are file division piece identification information from the join target file table 111 (step S302). Regarding the acquisition of the hash value list, specifically, from the hash search table 401, the first offline file split piece hash value 411, the second offline file split piece hash value 411, ... The last offline file split piece hash value 411. The one-sided hash value 411 is read out one after another.

Next, the join determination means 114 compares the generated hash value of the upload file 301 with each hash value included in the list of hash values obtained from the join target file table 111, and finds one that matches. Find out (step S303). If there is no matching hash value, the join determination means 114 determines that the upload file 301 is a file that has not been divided yet and should be divided this time, and branches to the division process (step S304). If there is a matching hash value, the upload file 301 is determined to be a file split piece that has already been split, and the join process for joining with the corresponding file split piece is started to acquire the online file split piece. Branch to the process (step S305). Since the division process has been described above with reference to FIG. 2, the combination process will be described below.

Specifically, when the matching offline file split piece hash value 411 exists in step S303, the join determination means 114 determines that the upload file 301 is already a split (join target) file, and the file join determination means Let 116 perform the join process with it. That is, the file joining means 116 first acquires the online file division piece 202 corresponding to the matched hash value in the joining target file table 111 (step S305).

Next, the file combining means 116 combines the acquired online file fragment 202 with the upload file 301 (which is the previously partitioned and downloaded offline file segment) to generate the restored file 302 (). Step S306). Further, at this time, preferably, the file combining means 116 obtains the number of divisions, which is a numerical value indicating how many file division pieces the file is divided into, from the number of divisions 512 in the division piece management table 501, and is a division method. A numerical value that specifies (basic distribution in this case) is obtained from the division method 513 in the division piece management table 501, and if the threshold distribution is used as the division method, the threshold in the threshold distribution The value is acquired from the threshold value 514 in the partition piece management table 501, and the join process is executed based on the acquired data. Also, the original file hash value 517 is acquired from the split piece management table 501, and it is compared with the hash value of the restored file 302 to confirm that the original file is reliably restored as the restored file 302. You may.

Although not necessarily necessary, at this time, the file joining means 116 may read additional information stored in the divided piece management table 501 to limit the joining process. For example, the file combining means 116 can read the survival time 515, which is a numerical value for specifying the time for allowing the joining of the divided pieces, and can prevent the joining process from being performed if the time for allowing the joining is overdue. .. Further, the file joining means 116 reads out the number of bindings 516, which is a numerical value for specifying the upper limit of the number of times that the divided pieces can be joined within the survival time, and the request for joining exceeds the upper limit. For example, it is possible to prevent the joining process from being performed. Further, the file combining means 116 reads the original file hash value 517, which is the hash value of the original file of the file to be divided, and if the hash value of the restored file after combining is different from the hash value of the original file, the restored file Processing can be stopped as if the generation of was failed. Further, the file combining means 116 reads the divided file hash value 519 which is the hash value of the divided online file divided pieces, and if it is different from the recalculated hash value of the online file divided pieces, it is online. The process can be stopped as if the file fragment was modified. Further, the file combining means 116 reads the address of the encryption information table from the encryption information table address 521 when the offline file division piece or the like is encrypted, and reads the information on the encryption method recorded in the encryption information table. It can be read and decrypted according to the encryption method for the offline file segment. Further, the file joining means 116 reads the address of the split piece table when using the threshold value from the split piece table address 522 when using the threshold value, and is an additional function described later, which is a download file division in threshold distribution. In order to restore some of the lower file division pieces stored in the division / join server 101 through the threshold usage division piece table 801 and restore the original file when the number of pieces is limited. All file splits can be aligned.

Although it is not always necessary, a virus check such as a virus check of the restored file 302 and a sandbox check may be performed. As a result, the virus can be found before being downloaded to the join request client 131, so that it is possible to prevent virus infection by the attached file in a targeted mail attack or the like. By performing a virus infection test on the combined restored files in this way, it is possible to prevent virus infection by the download file.

Next, the file combining means 116 downloads the restoration file 302 to the combining request client 131 (step S307). Specifically, the split / join server 101 displays a box to download the file in the screen image for uploading the file to be joined shown in FIG. 10, and causes the user to set the download position on the join request client 131. Let them specify and save the restore file 302 there via the Internet. At the time of download, encryption or compression may be performed.

(Additional function-encryption)
As an additional feature, file splits can be encrypted. FIG. 6 is a configuration diagram of an encryption information table 601 that stores information when encrypting such a file division piece. The types of data included in the cryptographic information table 601 will be described below. The encryption availability information 611 is information indicating whether or not encryption is performed. When common recognition information such as the ID information of the permitted combination partner and the password associated with the ID information is used as the encryption key, it is preferable that it can be further identified. The usage mode 612 is information indicating whether the encryption is performed in a block or a stream. The cipher type 613 is information indicating the type of cipher. The encryption function 614 is information indicating the type of the function used for encryption. The identification information 615 used for the encryption key is information for identifying the encryption key. As the encryption key, a unique numerical value such as the data number 511 of the divided piece management table or a combination of the data number 511 of the split piece management table and the destination identification information such as the registered ID data number of the registered ID table 701 can be used. .. The hash function used 616 is information for identifying the hash function when calculating the hash value.

Encryption is particularly preferred when performed on downloaded offline file dividers. In this case, after the offline file division piece is generated, the information in the encryption information table 601 is read out and encrypted according to the information in the encryption information table 601 before the hash value calculation or download, and after the offline file division piece is generated, the hash value calculation is performed. Is performed, and the file is stored in the offline file division piece hash value 411 of the hash search table 401.

The cryptographic information table 601 contains, for example, the following data.
・ Encryption availability information 611
0: No encryption 1: With encryption / Usage mode 612
0: Block 1: Stream cipher type 613
0: Private key (common key)
1: Public key 2: Both (public key and private key)
-Encryption function 614
Encryption function to be used (mcrypt function, etc.)
-Identification information 615 used for the encryption key
Fixed value (unique number))
Random value (ID information of permitted join partner, data number of split piece management table, etc.) / Hash function used 616
1: SHA256
2: SHA384
3: SHA512
4: SHA3 (Keccak), etc.

In the encryption information table 601 of FIG. 6, only one set of encryption availability information 611, usage mode 612, encryption type 613, encryption function 614, identification information 615 used for the encryption key, and usage hash function 616 is described. However, the cryptographic information table 601 may include a plurality of sets thereof. Then, the set of information to be used may be specified by the encryption information table address 521.

(Additional function-combination permission partner)
As an additional function, it is possible to register the recipient identification information that identifies the user who permits the combination of the divided pieces as the combination permission partner. Not only the user but also various information of the device used by the user can be used as information for permitting the combination. In order to do so, the file dividing means 115 receives and stores the input of the recipient identification information that identifies the recipient of the divided file, and the file combining means 116 acquires the recipient identification information and stores it. Is the same as the stored recipient identification information, the encrypted divided file division piece may be decrypted. FIG. 7 is a configuration diagram of a registration ID table 701 that stores the identification information of the other party that allows such a combination and the identification information of the device that the other party has. The types of data included in the registration ID table 701 will be described below. The registration ID data number 711 is a unique numerical value for identifying a component consisting of a set of data for one combination permission partner in the registration ID data number 711. Typically, an integer value of 1 is given for the first component. If the component is specified by an index other than the registration ID data number 711, the data number 711 is not always necessary. The registration ID 712 is information for identifying the other party who is an individual who is permitted to combine files. For example, the other party's e-mail address, the other party's mobile phone number, and a unique identification number (used for membership number or user authentication of this system). It can be a unique number associated with the login ID to be used). This information can be used to identify the join permission partner on an individual basis, and only registered individuals can be allowed to join files. The registration ID information 713 is information for identifying a group to which the other party, who is an individual who is permitted to combine files, belongs. For example, the other party's company name (corporate number), representative telephone number, department name (department code), and so on. It can be a department phone number, a department name (affiliation code), a group name (group number), a project name (project number), and the like. This information can be used to identify the join permission partner on a group basis, to identify the join permission partner on a group basis, and to allow only those in the same group as the registered individual to join the files. It is also possible to register a plurality of information for identifying the group. The first unique information 714 (1-1) of the first device to the third unique information 714 (3-3) of the third device identify the device used by the binding permission partner corresponding to a specific registration ID 712. Information. The b-th unique information of the a-th device is the b-th unique information 714 (ab) of the a-th device. This information can be used to allow the user corresponding to registration ID 712 to combine files when using the registered device. In this example, the binding permission partner corresponding to the registration ID 712 uses three devices from the first device to the third device, each of which receives three identification information from the first unique information to the third unique information. Have. As the device, a terminal such as a personal computer, a smartphone, or a mobile phone can be used. Further, as the unique information, a MAC address, a serial number, a CPU ID, an IP address, or the like can be used. The used individual information 715 is information indicating whether or not the unique information of the device is used for permitting the combination. For example, 0: not used, 1: individual information 1 is used, 2: individual information 1 and 2 are used. Use, 3: Use individual information 1, 2 and 3 and so on.

(Additional function-Registration of join permission partner)
Information that limits the parties to which files can be combined, such as registration ID 712, registration ID information 713, and device a-th unique information 714 (ab), is determined by the function of a predetermined program that operates on the division / combination server 101. , It is preferable to allow the user to register in advance. Further, the b-specific information 714 (ab) of the a-th device can be acquired from the a-th device via the network by the function of a predetermined program running on the division / combination server 101. The information of the other party can be obtained by having the registration ID 712 and the information of the registration ID 713 notified in advance from the combination permission partner. As described above, it is preferable that the file combining means 116 acquires the recipient identification information from the device of the user who intends to combine the files via the network.

(Additional function-Specify a join permission partner)
When the combination permission partner is specified, the user who divides the file can use the registration ID 712 and the registration ID information 713 as the recipient identification information when uploading the file to be divided. Further, when encrypting the divided offline file divided pieces or the like, the registration ID 712 or the like can be used as the encryption key. This ensures that only the registered join permission partner can upload and restore the offline file fragment.

(Identification of user by login ID authentication)
As an additional function, it is possible to authenticate the user who uses the file division / combination system 100 and determine whether or not it can be used. By associating the login ID used for authentication with the registration ID 712, it can also be used to identify the join permission partner. A fixed password, a one-time password, biometric information, an authentication server, or the like can be used for password determination.

When uploading a file for combining, the file combining means 116 prompts the user to input information corresponding to the registration ID 712, the registration ID information 713, etc., or corresponds to the individual information 714 (ab). Information is acquired from the user's device, the join request client 131, via the network. Then, the file joining means 116 confirms whether the input or acquired information is equal to the information registered in advance in the registration ID table 701 via the join permission partner registration table address 518 in the split piece management table 501. And only perform the merge of files if they are equal.

(Additional function-Limitation on the number of download file divisions in threshold distribution)
As an additional feature, when threshold distribution is used for file partitioning, the number of file split pieces downloaded can be reduced by leaving two or more file split pieces on the split / join server 101. This is to prevent the situation where the file can be restored without uploading the file to the split / join server 101 when the number of file split pieces exceeding the threshold value k is downloaded. is there. In this case, it is preferable that the number of file division pieces to be downloaded is smaller than the threshold value k. For this purpose, it is necessary to hold one or more lower file division pieces other than the online file division piece in the division / join server 101, and the threshold usage time division piece table 801 is a table used for that purpose. .. FIG. 8 is a structural diagram of the threshold time division multiplexing table 801. In the example of FIG. 8, assuming that the file is divided into n file division pieces and the offline file division piece is composed of the first to n-1th lower file division pieces, the first lower level Information for storing the m-th (0 <m <n-1) lower file division piece from the file division piece in the division / combination server 101 is stored in the threshold usage time division piece table 801. For example, suppose that a file is divided into n file division pieces consisting of an online file division piece and the first to (n-1) th lower file division pieces. Then, (n−m-1) number of lower file division pieces from the m + 1th lower file division piece to the nth lower file division piece are downloaded to the division request client 121, and the online file division piece and the first to m The lower file division pieces up to the third are stored in the division / combination server 101 without being downloaded. In this case, the number of lower file division pieces to be downloaded (nm-1) is preferably a number smaller than the threshold value k, which is the number of files whose files can be restored. In this way, even if all of the downloaded file fragments are obtained by a malicious third party, the original file cannot be restored by itself, and security can be enhanced. The types of data included in the threshold time division multiplexing table 801 will be described below. The lower file division piece hash value 811 (1) when the threshold value is used is the hash value of the first lower file division piece. This makes it possible to check whether the data of the first lower file split piece saved has been tampered with, but if such check is not performed, the hash value of the lower file split piece when using the threshold value. 811 (1) is not always necessary. When the threshold value is used, the lower file division piece storage address 812 (1) is the address of the place where the actual data of the first divided lower file division piece is stored. The first lower file division piece is stored in an appropriate storage area, and its address is stored in the lower file division piece storage address 812 (1) when the threshold value is used. Hereinafter, the same applies to the mth lower file division piece.

(Additional function-Limiting the number of server-stored file divisions in threshold distribution)
As an additional function, in threshold distribution, not only the number of file division pieces to be downloaded but also the number of file division pieces stored in the division / combination server 101 can be set to a value smaller than the threshold k. .. In this way, it is possible to ensure safety against leakage of file division pieces due to a server attack or the like. For example, when the number of divisions is 4, and the threshold value is 3, the number of file divisions stored in the division / combination server 101 is 2, and the number of file divisions to be downloaded is 2. And any number of them can be less than the threshold k. In this case, even if the server is attacked and the file fragment is stolen, the original file cannot be restored.

(Additional function-remove split pieces)
As an additional function, the split request client 121 sets the deletion flag 523 of the split piece management table 501 that refers to the online file split piece 201 divided by the split process 201, so that the restored file is restored before the start of the join process. The generation of 302 can be stopped. This can be used for the cancellation process when the wrong file fragment is sent.

100 File split / join system 101 Split / join server 111 Join target file table 112 Join target file storage 113 File upload means 114 Join judgment means 115 File split means 116 File join means 121 Split request client 131 Join request client 201 Upload file 202 Online file split piece 203 Offline file split piece 301 Upload file 302 Restore file 401 Hash search table 501 Split piece management table 601 Cryptographic information table 701 Registration ID table 801 Threshold usage split piece table

Claims (22)

It is a file division / combination system for dividing a file to be divided into an online file division piece and an offline file division piece, and then combining and restoring.
A file split target file table for storing the file split piece identification information for identifying the offline file split piece in association with the online file split piece to be joined with the offline file split piece.
A file storage unit to be combined that stores the online file division piece,
An upload method that accepts file uploads from client computers,
By confirming whether the uploaded file is identified by any of the file division piece identification information included in the file to be combined, the uploaded file is the file to be combined. A combination judgment means to judge whether or not
When it is determined that the uploaded file is not the file to be combined, the uploaded file is divided into an online file division piece and an offline file division piece, and the divided offline file division piece is downloaded to the client computer. , The file division piece identification information for identifying the offline file division piece is stored in the combination target file table in association with the divided online file division piece, and the divided online file division piece is stored in the combination target file storage unit. File division means to be stored in
When it is determined that the uploaded file is the file to be combined, the corresponding online file division stored in the combination target file storage unit is combined with the uploaded file to generate the original file. A file division / combination system including a file combination means for downloading the generated original file to the client computer. The offline file division piece is composed of a plurality of lower file division pieces, and the file to be divided is restored by combining all of the online file division piece and the plurality of lower file division pieces.
The file division piece identification information identifies each of the plurality of lower file division pieces, and
The uploading means accepts the upload of one or more files.
The join determination means is one or more of the uploaded files by confirming whether or not the uploaded file is identified by the file division piece identification information included in the file target file table to be joined. It determines whether the file is the file to be combined and
When the file division means determines that the uploaded file is not a file to be combined, the file division means divides the uploaded file into the online file division piece and the plurality of lower file division pieces, and the plurality of lower files. The split piece is downloaded to the client computer, and the file split piece identification information that identifies each of the plurality of divided lower file split pieces is stored in the combined target file table in association with the divided online file split piece. The divided online file division piece is stored in the combination target file storage unit.
When the file combining means determines that the uploaded file is the file to be combined and all of the plurality of lower file division pieces have been uploaded, the corresponding file combination means stored in the combination target file storage unit. The first aspect of claim 1, wherein the online file division is combined with the uploaded plurality of lower file divisions to generate an original file, and the generated original file is downloaded to the client computer. File splitting / combining system. The offline file division piece is composed of a plurality of lower file division pieces, and the file to be divided is a number of file divisions of the online file division piece and the plurality of lower file division pieces having a threshold value k or more. It is restored by combining pieces,
The file division piece identification information identifies each of the plurality of lower file division pieces, and
The uploading means accepts the upload of one or more files.
The join determination means is uploaded by confirming whether or not the uploaded one or more files are identified by the file division piece identification information included in the join target file table. It determines whether one or more files are files to be combined.
When the file division means determines that the uploaded file is not a file to be combined, the file division means divides the uploaded file into the online division piece and the plurality of lower file division pieces, and the plurality of lower file divisions. The piece is downloaded to the client computer, and the file division piece identification information for identifying each of the divided plurality of lower file division pieces is stored in the combined target file table in association with the divided online file division piece. , The divided online file division piece is stored in the combination target file storage unit.
In the file combining means, the uploaded file is a file to be combined, and the online file division piece and the number of file division pieces equal to or more than the threshold value k among the plurality of lower file division pieces are prepared. When it is determined, the corresponding online file division piece stored in the combination target file storage unit is combined with the uploaded lower file division piece to generate an original file, and the generated original file is used as the client. The file division / combination system according to claim 1, which is downloaded to a computer. The offline file division piece is composed of a plurality of lower file division pieces, and the file to be divided is a number of file divisions of the online file division piece and the plurality of lower file division pieces having a threshold value k or more. It is restored by combining pieces,
The file division piece identification information identifies each of the plurality of lower file division pieces, and
The uploading means accepts the upload of one or more files.
The join determination means is uploaded by confirming whether or not the uploaded one or more files are identified by the file division piece identification information included in the join target file table. It determines whether one or more files are files to be combined.
When the file division means determines that the uploaded file is not a file to be combined, the file division means divides the uploaded file into the online file division piece and the plurality of lower file division pieces, and the plurality of lower files. The lower file division pieces having a number less than the threshold value k among the division pieces are downloaded to the client computer, and the file division piece identification information for identifying each of the downloaded lower file division pieces is combined with the combination target. The divided online file division piece is stored in the file table in association with the divided online file division piece, and the divided online file division piece and the lower file division piece that has not been downloaded are stored in the combination target file storage unit.
The file combining means determines that the uploaded file is a file to be combined, and that the number of file division pieces equal to or more than the threshold value k among the online file division piece and the lower file division piece is prepared. In the case, the corresponding online file division piece stored in the combination target file storage unit and the lower file division piece that has not been downloaded are combined with the uploaded lower file division piece to generate an original file. The file division / combination system according to claim 1, wherein the original file is downloaded to the client computer. The file division / combination system according to claim 4, wherein the number of downloaded lower file division pieces is smaller than the threshold value k. The file division / combination system according to any one of claims 1 to 5, wherein the file division piece identification information is a hash value of the file division piece to be identified. The file division / combination system according to any one of claims 1 to 5, wherein the file division piece identification information is a hash value obtained by adding unique information to the file division piece to be identified. The file division means further receives and stores the input of the recipient identification information that identifies the recipient of the divided file.
The file combining means further obtains the recipient identification information and decrypts the encrypted divided file fragment when it is the same as the stored recipient identification information. The file division / combination system according to any one of 1 to 7. The file division / combination system according to claim 8, wherein the file combination means further acquires the recipient identification information to be acquired from a device of a user who intends to combine files via a network. The file division means further encrypts at least one of the file division pieces divided based on the received recipient identification information.
The file division / combination system according to claim 8 or 9, wherein the file combination means further decrypts the divided file division pieces encrypted based on the acquired recipient identification information. The file division / combination system according to any one of claims 1 to 10, wherein user authentication is required to access the upload means. A file division / combination method for dividing a file to be divided into an online file division piece and an offline file division piece and then combining and restoring the file, and the file division piece identification information for identifying the offline file division piece is described above. It is stored in the file table to be combined in association with the online file division piece to be combined with the offline file division piece, and the online file division piece is stored in the file storage unit to be combined.
The upload step where the split / join server accepts file uploads from the client computer,
The uploaded file is uploaded by the split / join server by checking whether the uploaded file is identified by any of the file split piece identification information included in the file table to be joined. A merge decision step to determine if the file is the file to be merged, and
When the split / join server determines that the uploaded file is not the file to be merged, the uploaded file is split into an online file split piece and an offline file split piece, and the offline file split piece is divided into the client. It is downloaded to a computer, the file division piece identification information for identifying the offline file division piece is associated with the divided online file division piece and stored in the file table to be combined, and the divided online file division piece is combined. The file division step to be stored in the target file storage, and
When the division / combination server determines that the uploaded file is the file to be combined, the corresponding online file division piece stored in the combination target file storage unit is combined with the uploaded file. A file division / combination method comprising a file combination step of generating an original file and downloading the generated original file to the client computer. The offline file division piece is composed of a plurality of lower file division pieces, and the file to be divided is restored by combining all of the online file division piece and the plurality of lower file division pieces.
The file division piece identification information identifies each of the plurality of lower file division pieces, and
The upload step accepts uploads of one or more files.
The join determination step is one or more of the uploaded files by confirming whether or not the uploaded file is identified by the file split piece identification information included in the file target file table to be joined. It determines whether the file is the file to be combined and
When the file division step determines that the uploaded file is not the file to be combined, the uploaded file is divided into the online file division piece and the plurality of lower file division pieces, and the plurality of lower files are divided. The split piece is downloaded to the client computer, and the file split piece identification information that identifies each of the plurality of divided lower file split pieces is stored in the combined target file table in association with the divided online file split piece. The divided online file division piece is stored in the combination target file storage unit.
When it is determined that the uploaded file is the file to be combined and all of the plurality of lower file division pieces have been uploaded, the file combination step corresponds to the file stored in the combination target file storage unit. The tenth aspect of claim 10, wherein the online file division piece is combined with the uploaded plurality of lower file division pieces to generate an original file, and the generated original file is downloaded to the client computer. File division / combination method. The offline file division piece is composed of a plurality of lower file division pieces, and the file to be divided is a number of file divisions of the online file division piece and the plurality of lower file division pieces having a threshold value k or more. It is restored by combining pieces,
The file division piece identification information identifies each of the plurality of lower file division pieces, and
The upload step accepts uploads of one or more files.
The join determination step was uploaded by checking whether the uploaded one or more files are identified by the file split piece identification information included in the join target file table. It determines whether one or more files are files to be combined.
When the file division step determines that the uploaded file is not the file to be combined, the uploaded file is divided into the online file division piece and the plurality of lower file division pieces, and the plurality of lower files are divided. The split piece is downloaded to the client computer, and the file split piece identification information for identifying each of the plurality of divided lower file split pieces is stored in the combined target file table in association with the divided online file split piece. The divided online file division piece is stored in the combination target file storage unit.
In the file combination step, the uploaded file is the file to be combined, and the online file division piece and the number of file division pieces equal to or more than the threshold value k among the plurality of lower file division pieces are prepared. When it is determined, the corresponding online file division piece stored in the combination target file storage unit is combined with the uploaded lower file division piece to generate an original file, and the generated original file is used as the client. The file division / combination method according to claim 10, which is downloaded to a computer. The offline file division piece is composed of a plurality of lower file division pieces, and the file to be divided is a number of file divisions of the online file division piece and the plurality of lower file division pieces having a threshold value k or more. It is restored by combining pieces,
The file division piece identification information identifies each of the plurality of lower file division pieces, and
The upload step accepts uploads of one or more files.
The join determination step was uploaded by checking whether the uploaded one or more files are identified by the file split piece identification information included in the join target file table. It determines whether one or more files are files to be combined.
When the file division step determines that the uploaded file is not the file to be combined, the uploaded file is divided into the online file division piece and the plurality of lower file division pieces, and the plurality of lower files are divided. The lower file division pieces having a number less than the threshold value k among the division pieces are downloaded to the client computer, and the file division piece identification information for identifying each of the downloaded lower file division pieces is combined with the combination target. The divided online file division piece is stored in the file table in association with the divided online file division piece, and the divided online file division piece and the lower file division piece that has not been downloaded are stored in the combination target file storage unit.
In the file combination step, it is determined that the uploaded file is the file to be combined, and that the number of file division pieces of the online file division piece and the lower file division piece, which is equal to or more than the threshold value k, is prepared. In the case, the corresponding online file division piece stored in the combination target file storage unit and the lower file division piece that has not been downloaded are combined with the uploaded lower file division piece to generate an original file. The file division / combination method according to claim 10, wherein the original file is downloaded to the client computer. The file division / combination method according to claim 15, wherein the number of downloaded lower file division pieces is smaller than the threshold value k. The file division / combination method according to any one of claims 12 to 16, wherein the file division piece identification information is a hash value of the file division piece to be identified. The file division / combination method according to any one of claims 12 to 16, wherein the file division piece identification information is a hash value obtained by adding unique information to the file division piece to be identified. The file division step further accepts and stores the input of the recipient identification information that identifies the recipient of the divided file.
The file combination step further obtains the recipient identification information and decrypts the encrypted divided file fragment when it is the same as the stored recipient identification information. The file division / combination method according to any one of 12 to 18. The file division / combination method according to claim 19, wherein the file combination step further acquires the recipient identification information to be acquired from a device of a user who intends to combine files via a network. The file split step further encrypts at least one of the split file split pieces using the received recipient identification information.
The file division / combination method according to claim 19 or 20, wherein the file combination step further decrypts an encrypted divided file division piece using the acquired recipient identification information. The file division / combination method according to any one of claims 12 to 21, which requires user authentication to execute the upload step.

Images