JP2022053338A - Storage apparatus, storage method, and program - Google Patents

Abstract

To properly store videos of locations.SOLUTION: A storage apparatus includes: a location information acquisition unit which acquires location information of a user; an image acquisition unit which acquires an image of the surroundings of the user from an imaging unit; an encryption unit which encrypts the image of the surroundings of the user by block encryption; and a storage control unit which causes a storage unit to store the image encrypted by the encryption unit. When the location information of the user moves a predetermined distance or more, the encryption unit generates an encryption key for encryption on the basis of the location information of the user.SELECTED DRAWING: Figure 3

Description

The present invention relates to storage devices, storage methods, and programs.

Wearable devices worn by users are coming out in a wide variety of forms, such as HMD (Head Mounted Display) type and eyeglass type. Some such wearable devices have a function of capturing a moving image in the direction of the user's line of sight with a camera and recording the captured image.

For example, Patent Document 1 describes a technique for matching a place where a photographer is looking with a place where a photographer is taking a picture in an image pickup device worn on an ear or a head. Patent Document 2 describes a device having a function of preventing eavesdropping and falsification of digitally recorded image data.

Japanese Patent Application Laid-Open No. 2003-184351 Japanese Unexamined Patent Publication No. 2000-341632

It is assumed that the user captures and stores an image of the surrounding area centered on the user while moving around with the wearable device attached. In this case, it is desired that the captured image is appropriately stored in each place.

It is an object of the present invention to provide a storage device, a storage method, and a program capable of appropriately storing images in each place.

The storage device according to one aspect of the present invention has a position information acquisition unit that acquires the user's position information, an image acquisition unit that acquires an image obtained by photographing the periphery of the user from the imaging unit, and an image of the user's surroundings. The encryption unit includes an encryption unit that encrypts an image with block encryption and a storage control unit that stores the image encrypted by the encryption unit in a storage unit. The encryption unit has a predetermined user's position information. When the user travels a distance or more, an encryption key for encryption is generated based on the user's location information.

The storage method according to one aspect of the present invention includes a step of acquiring the user's position information, a step of acquiring an image of the user's surroundings from the image pickup unit, and a block cipher for the image of the user's surroundings. The step of encrypting, the step of storing the encrypted image in the storage unit, and the encryption key for encrypting when the user's position information moves by a predetermined distance or more are based on the user's position information. Includes steps to generate.

The program according to one aspect of the present invention has a step of acquiring the user's position information, a step of acquiring an image of the user's surroundings from the image pickup unit, and a block cipher encryption of the image of the user's surroundings. A step of encrypting, a step of storing the encrypted image in the storage unit, and a step of storing the encrypted image in the storage unit, and when the user's position information moves by a predetermined distance or more, an encryption key for encryption is generated based on the user's position information. And let the computer perform the steps to do.

According to the present invention, it is possible to appropriately store images for each place.

FIG. 1A is a schematic diagram showing a first example of the storage device according to the first embodiment. FIG. 1B is a schematic diagram showing a first example of the storage device according to the first embodiment. FIG. 2 is a schematic diagram showing a second example of the storage device according to the first embodiment. FIG. 3 is a block diagram showing a configuration example of the storage device according to the first embodiment. FIG. 4 is a flowchart showing an example of the processing flow of the storage device according to the first embodiment. FIG. 5 is a flowchart showing an example of the processing flow of the storage device according to the second embodiment. FIG. 6 is a block diagram showing a configuration example of the storage device according to the third embodiment. FIG. 7A is a diagram for explaining encryption in the ECB mode. FIG. 7B is a diagram for explaining decoding in the ECB mode. FIG. 8A is a diagram for explaining encryption in OFB mode. FIG. 8B is a diagram for explaining decoding in the OFB mode. FIG. 9 is a flowchart showing a processing flow of the storage device according to the third embodiment. FIG. 10 is a diagram for explaining a method of determining whether or not the storage device has moved by a predetermined distance or more. FIG. 11 is a diagram showing a configuration example of the storage device according to the fourth embodiment. FIG. 12 is a flowchart showing an example of the processing flow of the storage device according to the fourth embodiment.

Hereinafter, embodiments according to the present invention will be described in detail with reference to the accompanying drawings. It should be noted that the present invention is not limited to this embodiment, and when there are a plurality of embodiments, the present invention also includes a combination of the respective embodiments. Further, in the following embodiments, the same parts are designated by the same reference numerals, so that duplicate description will be omitted.

[First Embodiment]
1A and 1B are schematic views showing a first example of the storage device according to the first embodiment. 1A shows the front surface of the user U, and FIG. 1B shows the rear surface of the user U. As shown in FIGS. 1A and 1B, the storage device 10 is a wearable device worn on the body of the user U. As shown in FIGS. 1A and 1B, the storage device 10 includes a device 10A worn in the eyes of the user U, a device 10B provided in the device 10A, and a device _10CL worn in the left ear of the user U. It includes a device _10CR mounted on the right ear of the user U and a device 10D mounted on the back of the head of the user U. The device 10A is a spectacle-shaped display unit that displays an image. The device 10B is a camera that captures an image in the line-of-sight direction of the user U. The device _10CL is a microphone that picks up the sound from the left direction of the user U. The device _10CR is a microphone that picks up the sound from the right direction of the user U. The device 10C _L and the device 10C _R can be binaural microphones. The device 10D is a camera that captures an image behind the user U.

FIG. 2 is a schematic diagram showing a second example of the storage device according to the first embodiment. FIG. 2 shows the front of the user U. As shown in FIG. 2, the storage device 10 includes a device 10E worn in the eyes of the user U, a device 10B provided in the device 10D, a device _10CL worn in the left ear of the user U, and a user U. It includes a device _10CR mounted on the right ear and a device 10F mounted overhead of the user U. The device 10D is a goggle-type display unit that displays an image, and is a so-called HMD. The device 10F is a camera with a fisheye lens that captures a 360-degree image centered on the user U. The device 10F can be a so-called all-sky camera.

[Storage device]
A configuration example of the storage device according to the first embodiment will be described with reference to FIG. FIG. 3 is a block diagram showing a configuration example of the storage device according to the first embodiment.

As shown in FIG. 3, the storage device 10 includes a microphone 12, a camera 14, a biosensor 16, an input unit 18, an output unit 20, a communication unit 22, a storage unit 24, and a control unit 26. including.

The microphone 12 is a microphone that detects voice (sound wave information) around the storage device 10 (user U). The microphone 12 includes, for example, a left microphone 12A and a right microphone 12B.

The left microphone 12A is attached to, for example, the left ear of the user U. The left microphone 12A detects the voice in the left direction of the storage device 10 (user U). The right microphone 12B is attached to, for example, the right ear of the user U. The right microphone 12B detects the voice in the right direction of the storage device 10 (user U). The left microphone 12A and the right microphone 12B can be, for example, binaural microphones. The microphone included in the microphone 12 is not limited to the left microphone 12A and the right microphone 12B. The position, number, and the like of the microphones 12 provided in the storage device 10 may be arbitrary. For example, by using the microphone 12 and the directional microphone having directivity, the front, rear, left, and right sounds can be multiplexed and stored around the storage device 10 (user U).

The camera 14 is an image pickup device, and captures the periphery of the storage device 10 by detecting visible light around the storage device 10 (user U). The camera 14 may be a video camera that captures images at predetermined frame rates. The camera 14 includes a line-of-sight direction camera 14A and a peripheral camera 14B.

The line-of-sight direction camera 14A captures the line-of-sight direction of the user U. The line-of-sight direction camera 14A is provided, for example, on the display unit 20A of the output unit 20 so that the line-of-sight direction of the user U can be imaged. The line-of-sight direction camera 14A may be provided at a place other than the display unit 20A of the output unit 20.

The peripheral camera 14B captures a range other than the line-of-sight direction of the user U around the storage device 10 (user U). The peripheral camera 14B is attached to the back of the head of the user U, for example, and images the rear of the user U.

The line-of-sight direction camera 14A and the peripheral camera 14B may be provided at any position, number, and the like in the storage device 10. The line-of-sight direction camera 14A and the peripheral camera 14B may be integrally configured. In this case, the camera 14 may be an all-sky camera mounted overhead of the user U. The all-sky camera captures a 360-degree range centered on the storage device 10 (user U). The camera 14 is composed of a plurality of cameras, and the plurality of cameras may capture a range of 360 degrees centered on the storage device 10 (user U). The camera 14 has, for example, a gimbal mechanism or the like, and may image a range of 360 degrees around the storage device 10 (user U) while rotating by the gimbal mechanism.

The biosensor 16 is a sensor that detects the biometric information of the user U. The biosensor 16 may be provided at any position as long as it can detect the biometric information of the user U. The biometric information acquired by the biometric sensor 16 can be universal information unique to the user U. In the present embodiment, the biological information includes, but is not limited to, personally identifiable information such as fingerprints, iris patterns of eyes, and vein shapes such as fingers and hands. The biometric information may be a combination of information such as fingerprints and facial features. The biological information may be the genetic information of the user U. The biosensor 16 is realized by, for example, a fingerprint sensor, a vein sensor, a camera, or the like.

The input unit 18 receives various operations on the storage device 10. The input unit 18 is realized by, for example, a button and a touch panel.

The output unit 20 outputs various information. The output unit 20 includes, for example, a display unit 20A and an audio output unit 20B. The display unit 20A displays various images. In the present embodiment, the display unit 20A is, for example, a spectacle-type display or an HMD. The voice output unit 20B outputs various voices. The audio output unit 20B is a speaker.

The communication unit 22 executes communication with another external device. The communication unit 22 is realized by, for example, a communication module such as Wi-Fi (registered trademark) and Bluetooth (registered trademark). The communication unit 22 may have, for example, a function of executing communication with another external device by wire.

The storage unit 24 is a memory that stores various information such as calculation contents and programs of the control unit 26. For example, a RAM (Random Access Memory), a main storage device such as a ROM (Read Only Memory), and an HDD ( Includes at least one of external storage devices such as Hard Disk Drive).

The learning model 24A and the biological information 24B are stored in the storage unit 24. A learning model 24BA, an AI model used to recognize a specific object contained in an image based on the image. The learning model 24A may be, for example, a trained model using a CNN (Convolutional Neural Network). The learning model 24A is used to recognize privacy information related to privacy such as a person's face, a car license plate, and a house nameplate. The learning model 24A may be trained to recognize, for example, a copyrighted work. The biometric information 24B is biometric information including, for example, the fingerprint of the user U, the iris pattern of the eye, and the vein shape of a finger, a hand, or the like. That is, the biometric information 24B may be biometric information of a person who is authorized to use the storage device 10.

The control unit 26 controls the operation of each unit of the storage device 10. The control unit 26 is realized by, for example, using a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or the like to execute a program stored in a storage unit (not shown) using a RAM or the like as a work area. The control unit 26 may be realized by, for example, an integrated circuit such as an ASIC (Application Specific Integrated Circuit) or an FPGA (Field Programmable Gate Array). The control unit 26 may be realized by a combination of hardware and software.

The control unit 26 includes a voice acquisition unit 30, an image acquisition unit 32, a biometric information acquisition unit 34, an authentication unit 36, a voice processing unit 38, an image processing unit 40, an image recognition unit 42, and an image processing unit. It includes 44, a multiplexing unit 46, an encryption unit 48, a storage control unit 50, an output control unit 52, and a communication control unit 54.

The voice acquisition unit 30 controls the microphone 12 to detect the voice around the storage device 10 (user U). The voice acquisition unit 30 acquires the voice detected by the microphone 12. Details of the processing of the voice acquisition unit 30 will be described later.

The image acquisition unit 32 controls the camera 14 to image the periphery of the storage device 10 (user U). The image acquisition unit 32 acquires an image captured by the camera 14. Details of the processing of the image acquisition unit 32 will be described later.

The biological information acquisition unit 34 controls the biological sensor 16 to detect the biological information of the storage device 10 (user U). The biological information acquisition unit 34 acquires the biological information detected by the biological sensor 16. Details of the processing of the biological information acquisition unit 34 will be described later.

The authentication unit 36 authenticates the user U. The authentication unit 36 authenticates whether or not the user U is permitted to use the storage device 10 based on the biometric information acquired by the biometric information acquisition unit 34. The details of the processing of the authentication unit 36 will be described later.

The voice processing unit 38 performs various voice signal processing on the voice acquired from the microphone 12 by the voice acquisition unit 30. The details of the processing of the voice processing unit 38 will be described later.

The image processing unit 40 performs various image processing on the image acquired from the camera 14 by the image acquisition unit 32. The details of the processing of the image processing unit 40 will be described later.

The image recognition unit 42 recognizes a specific target from the image acquired by the image acquisition unit 32. The details of the processing of the image recognition unit 42 will be described later.

The image processing unit 44 performs various processing processes on the image acquired by the image acquisition unit 32. The image processing unit 44 performs processing on a specific target recognized by the image recognition unit 42. The processing of the image processing unit 44 will be described later.

The multiplexing unit 46 multiplexes the voice acquired by the voice acquisition unit 30 and the voice acquired by the image acquisition unit 32. The method of multiplexing may be arbitrary. Details of the processing of the multiplexing unit 46 will be described later.

The encryption unit 48 encrypts the data multiplexed by the multiplexing unit 46. The encryption unit 48 encrypts the data multiplexed by the multiplexing unit 46 using a predetermined encryption method and an encryption key. The details of the processing of the encryption unit 48 will be described later.

The storage control unit 50 stores various information in the storage unit 24. The details of the processing of the memory control unit 50 will be described later.

The output control unit 52 controls the output unit 20 to output various information. The output control unit 52 controls the display unit 20A to display various images. The output control unit 52 controls the voice output unit 20B to output various voices.

The communication control unit 54 controls the communication unit 22. The communication control unit 54 controls the communication unit 22 to send and receive various information to and from an external device.

[Processing of storage device]
The processing of the storage device according to the first embodiment will be described with reference to FIG. FIG. 4 is a flowchart showing an example of the processing flow of the storage device according to the first embodiment.

The control unit 26 acquires voice information related to voice around the storage device 10 (user U) (step S10). Specifically, the voice acquisition unit 30 acquires the voice in the left direction of the storage device 10 (user U) detected by the left microphone 12A. The voice acquisition unit 30 acquires the voice in the right direction of the storage device 10 (user U) detected by the right microphone 12B. Then, the process proceeds to step S12.

The control unit 26 performs voice compression processing on the voice information acquired by the voice acquisition unit 30 (step S12). Specifically, the voice processing unit 38 performs voice compression signal processing on the voice acquired from the left microphone 12A and the voice acquired from the right microphone 12B by the voice acquisition unit 30, for example, in stereo such as MP3 format. Generate a signal. Then, the process proceeds to step S14.

The control unit 26 acquires image information regarding an image around the storage device 10 (user U) (step S14). Specifically, the image acquisition unit 32 acquires an image in the line-of-sight direction regarding the image in the line-of-sight direction of the user U captured by the line-of-sight direction camera 14A. The image acquisition unit 32 acquires peripheral images related to peripheral images other than the line-of-sight direction of the user U captured by the peripheral camera 14B. Then, the process proceeds to step S16.

The control unit 26 determines whether or not the image to be processed is a line-of-sight direction image (step S16). Specifically, the image processing unit 40 uses the image acquired by the image acquisition unit 32 as the line-of-sight image direction and the peripheral direction image in order to perform image processing independently for the line-of-sight image direction and the peripheral direction image. Separate into. If it is determined that the image is in the line-of-sight direction (step S16; Yes), the process proceeds to step S18. If it is determined that the image is a peripheral image (step S16; No), the process proceeds to step S32. That is, in the present embodiment, if Yes is determined in step S16, image processing is performed for the line-of-sight image direction, and if No is determined in step S16, image processing is performed for the peripheral image.

If it is determined to be Yes in step S16, the control unit 26 performs image compression processing on the line-of-sight direction image (step S18). Specifically, the image processing unit 40 may use MPEG-4 (Moving Picture Experts Group) or H.M. Compress with any codec such as 264 and convert to any file format such as MP4 format. Then, the process proceeds to step S20.

The control unit 26 multiplexes the sound and the image (step S20). Specifically, the multiplexing unit 46 multiplexes the image compressed in step S18 and the voice compressed in the corresponding step S12 to generate one compressed data. More specifically, the multiplexing unit 46 packs the compressed data of the image and the sound into predetermined sizes. The multiplexing unit 46 performs multiplexing processing by an MPEG multiplexing method in which packs to be reproduced at the same time are time-stamped at the same time based on a synchronization timer signal of a counter (not shown) such as 90 kHz or 27 MHz, for example. .. Then, the process proceeds to step S22.

The control unit 26 acquires the biometric information of the user U (step S22). Specifically, the biometric information acquisition unit 34 acquires biometric information such as a fingerprint of the user U from the biosensor 16. Then, the process proceeds to step S24.

The control unit 26 determines whether or not to authenticate the user U (step S24). Specifically, the authentication unit 36 compares and matches the biometric information of the user U acquired in step S22 with the biometric information 24B stored in the storage unit 24, and determines that the user U is authenticated. If it is determined to authenticate the user U (step S24; Yes), the process proceeds to step S26. If it is determined that the user U is not authenticated (step S24; No), the process proceeds to step S42.

If it is determined to be Yes in step S24, the control unit 26 generates an encryption key (step S26). Specifically, the encryption unit 48 generates a unique encryption key of the user U based on the biometric information of the user U so that the person can be authenticated without management. That is, in the present embodiment, since the encryption key is generated from the biometric information that even the person himself / herself cannot be aware of, the information of the key itself cannot be stolen by a third party. Then, the process proceeds to step S28.

The control unit 26 encrypts the compressed data (step S28). Specifically, the encryption unit 48 encrypts the compressed data multiplexed in step S20, for example, in units of several times. For encryption, an encryption method called DES (Data Encryption Standard) or AES (Advanced Encryption Standard) is used. DES and AES are algorithms for data encryption by a common key cryptosystem. DES is a block cipher that divides data into 64-bit units and encrypts them all together. The DES has a key length of 56 bits and is treated as 64 bits by adding 8 bits for the parity chuck. AES is the same as DES in that it is a common key cryptosystem. The key length of AES can be selected from 128 bit, 192 bit, and 252 bit, which is longer than the key length of DES. Therefore, AES is safer than DES. In this embodiment, the encryption unit 48 uses a 256-bit AES to encrypt the compressed data. Then, the process proceeds to step S30.

The control unit 26 stores the encrypted compressed data (step S30). Specifically, the storage control unit 50 stores the compressed data encrypted in step S28 in the storage unit 24. Then, the process proceeds to step S42.

If No is determined in step S16, the control unit 26 recognizes a specific target included in the peripheral image (step S32). Specifically, the image recognition unit 42 uses the learning model 24A to recognize privacy information related to privacy such as a person's face, a car license plate, and a house nameplate included in a peripheral image. The image recognition unit 42 may recognize other privacy information. In step S32, the image recognition unit 42 may recognize the copyright information regarding the copyrighted work included in the peripheral image by using, for example, the learning model 24A. Then, the process proceeds to step S34.

The control unit 26 performs a machining process on the recognized specific target (step S34). Specifically, the image processing unit 44 processes the privacy information recognized from the peripheral image so that it cannot be recognized. For example, the image processing unit 44 performs image processing on an area containing privacy information to reduce the distinctiveness to the extent that the privacy information cannot be specified. The image processing that reduces the distinctiveness is, for example, a mosaic processing. The mosaic process is a process of replacing a predetermined image area with data of the average value. The image processing unit 44 may perform various filter processing including a Gaussian filter and a median filter on the area including the privacy information, for example. For example, the image processing unit 44 may perform a conversion accompanied by a target modification path or a specific hue change, such as a color tone change process and a brightness change process, on a region containing privater information. The image processing unit 44 may perform, for example, blurring processing, point cloud processing, and processing such as deleting a part. Then, the process proceeds to step S36.

The control unit 26 performs image compression processing on the peripheral image after processing (step S36). Specifically, the image processing unit 40 may refer to, for example, the peripheral image after processing, or H. Compress with any codec such as 264 and convert to any file format such as MP4 format. Then, the process proceeds to step S38.

The control unit 26 multiplexes the sound and the image (step S38). Specifically, the multiplexing unit 46 multiplexes the image compressed in step S36 and the voice compressed in the corresponding step S12 to generate one compressed data. More specifically, the multiplexing unit 46 packs the compressed data of the image and the sound into predetermined sizes. The multiplexing unit 46 performs multiplexing processing by an MPEG multiplexing method in which packs to be reproduced at the same time are time-stamped at the same time based on a synchronization timer signal of a counter (not shown) such as 90 kHz or 27 MHz, for example. .. Then, the process proceeds to step S40.

The control unit 26 stores the encrypted compressed data (step S40). Specifically, the storage control unit 50 stores the compressed data compressed in step S38 in the storage unit 24. Then, the process proceeds to step S42.

The control unit 26 determines whether or not to end the process (step S42). Specifically, the control unit 26 determines that the process is terminated when it receives an operation to end the process or when it receives an operation to turn off the power. When it is determined to end the process (step S42; Yes), the process of FIG. 4 is terminated. If it is determined that the process is not completed (step S42; No), the process proceeds to step S10.

As described above, in the first embodiment, the image in the line-of-sight direction of the user U is stored in the internal storage unit 24 of the storage device 10 by using the encryption key generated based on the biometric information of the user U. As a result, in the first embodiment, the privacy information including the facts of interest of the user U and the object in the line-of-sight direction of the user U are also encrypted and stored, so that the image is appropriately stored while protecting the privacy of both parties. can do.

Further, in the first embodiment, with respect to the peripheral image of the user U, the privacy information included in the peripheral image is recognized, the privacy information is subjected to image processing, and the privacy information included in the peripheral image is stored indistinguishably. It is stored in the storage unit 24 inside the device 10. Thereby, in the first embodiment, the peripheral image of the user U can be stored as one's own action history, and the image can be appropriately stored while protecting the privacy information included in the peripheral image.

Further, in the first embodiment, since only the image in the line-of-sight direction of the user U is encrypted, it is possible to suppress an increase in the buffer memory in the storage process and a delay in the storage process. As a result, the first embodiment can reproduce the stored line-of-sight image and peripheral image at high speed while protecting the privacy information.

[Second Embodiment]
Next, the second embodiment will be described. Since the configuration of the storage device according to the second embodiment is the same as that of the storage device 10 shown in FIG. 3, the description thereof will be omitted.

The storage device 10 according to the second embodiment is different from the first embodiment in that the time of the image in the line-of-sight direction of the user U and the peripheral image are synchronized. The second embodiment is different from the first embodiment in that the peripheral image is stored in an external device different from the storage device 10.

[Processing of storage device]
The processing of the storage device according to the second embodiment will be described with reference to FIG. FIG. 5 is a flowchart showing an example of the processing flow of the storage device according to the second embodiment.

Since the processes of steps S50 to S54 are the same as the processes of steps S10 to S14 shown in FIG. 4, the description thereof will be omitted.

The control unit 26 synchronizes the time between the line-of-sight direction image and the peripheral image (step S56). Specifically, the image acquisition unit 32 makes it possible to discriminate between the line-of-sight direction image and the peripheral image taken at the same time by adding a time stamp to the line-of-sight direction image and the peripheral image. Then, the process proceeds to step S58.

Since the processes of steps S58 to S80 are the same as the processes of steps S16 to S38 shown in FIG. 4, the description thereof will be omitted.

The control unit 26 stores the encrypted compressed data in the external device (step S82). Specifically, the storage control unit 50 stores the compressed data compressed in step S80 in an external device different from the storage device 10 via the communication unit 22. Then, the process proceeds to step S84.

Since the process of step S84 is the same as the process of step S42 shown in FIG. 4, the description thereof will be omitted.

As described above, in the second embodiment, a time stamp is added to the line-of-sight direction image and the peripheral direction image, and each image is stored. As a result, in the second embodiment, the correspondence between the line-of-sight direction image and the peripheral direction image becomes clear, so that the image can be stored more appropriately.

Further, in the second embodiment, the peripheral image is stored in an external device different from the storage device 10. As a result, in the second embodiment, the security of the peripheral image is further strengthened, so that the image can be stored more appropriately.

[Third Embodiment]
Next, the third embodiment will be described. The third embodiment executes a process of resetting the encryption chain of the block cipher every time the user U moves a predetermined distance in a storage device that captures an image while moving a place and stores the image in a time series.

The configuration of the storage device according to the third embodiment will be described with reference to FIG. FIG. 6 is a block diagram showing a configuration example of the storage device according to the third embodiment.

As shown in FIG. 6, the storage device 10a is different from the storage device 10 shown in FIG. 3 in that the storage unit 24a stores the map information 24C. The storage device 10a is different from the storage device 10 shown in FIG. 3 in that it includes a GNSS (Global Navigation Satellite System) receiving unit 28. The storage device 10a is different from the storage device 10 shown in FIG. 3 in that the control unit 26a includes the position information acquisition unit 56. It is assumed that the storage unit 24a stores the map information 24C, but the present invention is not limited to this. The storage unit 24a may acquire the map information 24C via the communication unit 22 and store the map information 24C. That is, the storage unit 24a does not have to store the map information 24C in advance, and may store the map information 24C as needed.

The GNSS receiving unit 28 is a device that detects the position information of the storage device 10a (user U). The position information here is the earth coordinates. In the present embodiment, the GNSS receiving unit 28 is a so-called GNSS module, which receives radio waves from satellites and detects the position information of the storage device 10a.

The map information 24C is data including position information of an actual building part or a natural object, and can be said to be data including the earth coordinates and the position information of an actual building or a natural object.

The position information acquisition unit 56 acquires position information from the GNSS receiving unit 28. The position information acquisition unit 56 determines whether or not the storage device 10a (user) U is located in a predetermined area based on the position information acquired by the GNSS receiving unit 28 and the map information 30B. In the present embodiment, the accuracy of the position information is preferably within about 100 m.

In the second embodiment, the encryption unit 48a encrypts an image taken around the user with a block cipher. The block cipher is a method of dividing an image into predetermined blocks and performing encryption, and this block cipher has two methods as rules for handling block data other than encryption processing. One is an ECB (Electric CodeBook) mode, and the other is an OFB (Output FeedBack) mode. In this embodiment, the OFB mode is used.

Before explaining the OFB mode, the ECB mode will be described with reference to FIGS. 7A and 7B. FIG. 7A is a diagram for explaining encryption in the ECB mode. FIG. 7B is a diagram for explaining decoding in the ECB mode.

As shown in FIG. 7A, in the ECB mode, the ciphertext block data 102 can be obtained by encrypting the plaintext block data 100 with a predetermined encryption key. When decrypting the ciphertext block data 102, as shown in FIG. 7B, the same encryption key as the encryption key used for encrypting the plain text block data 100 is used for the ciphertext block data 102. By decrypting, the plain text block data 100 can be obtained. In the ECB mode, if the plaintext block data 100 is the same data, the same result can be obtained. ECB mode applies the same encryption to all block data, so it is simple, easy to understand, easy to implement, and fast, so it randomly accesses and decrypts any block data of encrypted data. Can be started. However, in the ECB mode, the pattern is analyzed by a third party by comparing the plaintext block data 100 and the ciphertext block data 102, the ciphertext is easily decrypted illegally, and the data is replaced in block data units. There is also a demerit that it can be improved.

The OFB mode will be described with reference to FIGS. 8A and 8B. FIG. 8A is a diagram for explaining encryption in OFB mode. FIG. 8B is a diagram for explaining decoding in the OFB mode.

A method of encrypting three plaintext block data of the first plaintext block data 120, the second plaintext block data 122, and the third plaintext block data 124 will be described with reference to FIG. 8A. As shown in FIG. 8A, in the OFB mode, the first encryption vector 112 is generated by encrypting the initial vector 110 with a predetermined encryption key. The first ciphertext block data 130 is obtained by calculating the exclusive OR of the first plaintext block data 120 and the first encryption vector 112. In the OFB mode, in order to encrypt the second plaintext block data 122, the first encryption vector 112 is further encrypted with a predetermined encryption key, and the second encryption vector 114 is generated. The second ciphertext block data 132 is obtained by calculating the exclusive OR of the second plaintext block data 122 and the second encryption vector 114. In the OFB mode, in order to encrypt the third plaintext block data 124, the second encryption vector 114 is further encrypted with a predetermined encryption key to generate the third encryption vector 116. The third ciphertext block data 134 is obtained by performing the exclusive OR of the third plaintext block data 124 and the third encryption vector 116. The initial vector 110, the first encryption vector 112, the second encryption vector 114, and the third encryption vector 116 are called a keystream. The initial vector 110, the first encryption vector 112, the second encryption vector 114, and the third encryption vector 116 are also referred to as an encryption chain.

A method of decrypting the three ciphertext block data of the first ciphertext block data 130, the second ciphertext block data 132, and the third ciphertext block data 134 will be described with reference to FIG. 8B. As shown in FIG. 8B, in the OFB mode, the first encryption vector 112 is generated by encrypting the initial vector 110 with a predetermined encryption key. The first plaintext block data 120 is obtained by calculating the exclusive OR of the first ciphertext block data 130 and the first encryption vector 112. In the OFB mode, in order to decrypt the second ciphertext block data 132, the first encryption vector 112 is further encrypted with a predetermined encryption key to generate the second encryption vector 114. The second plaintext block data 122 is obtained by calculating the exclusive OR of the second ciphertext block data 132 and the second encryption vector 114. In the OFB mode, in order to encrypt the third ciphertext block data 134, the second encryption vector 114 is further encrypted with a predetermined encryption key to generate the third encryption vector 116. The third plaintext block data 124 is obtained by performing the exclusive OR of the third ciphertext block data 134 and the third encryption vector 116. The initial vector 110, the first encryption vector 112, the second encryption vector 114, and the third encryption vector 116 are called a keystream. The initial vector 110, the first encryption vector 112, the second encryption vector 114, and the third encryption vector 116 are also referred to as an encryption chain.

[Processing of storage device]
The processing of the storage device according to the third embodiment will be described with reference to FIG. 9. FIG. 9 is a flowchart showing a processing flow of the storage device according to the third embodiment.

The control unit 26a acquires the current position information of the storage device 10a (user U) (step S90). Specifically, the position information acquisition unit 56 acquires the current position information of the storage device 10a (user U) based on the position information acquired by the GNSS receiving unit 28 and the map information 30B. Then, the process proceeds to step S92.

Since the processes of steps S92 to S100 are the same as the processes of steps S10 to S18 shown in FIG. 4, the description thereof will be omitted.

The control unit 26a multiplexes the sound and the image (step S102). Specifically, the multiplexing unit 46a multiplexes the image compressed in step S18 and the voice compressed in step S12 corresponding to the image. In addition, the position information acquired in step S90 is added to generate one compressed data. More specifically, the multiplexing unit 46a packs the compressed data of the image and the sound to which the position information is associated into a predetermined size. The multiplexing unit 46a performs multiplexing processing by an MPEG multiplexing method in which packs to be reproduced at the same time are time-stamped at the same time based on a synchronization timer signal of a counter (not shown) such as 90 kHz or 27 MHz, for example. .. Then, the process proceeds to step S104.

Since the processing of step S104 and step S106 is the same as the processing of step S22 and step S24 shown in FIG. 4, the description thereof will be omitted.

If it is determined to be Yes in step S106, the control unit 26a generates an encryption key (step S108). Specifically, the encryption unit 48a generates a key stream of the encryption key of each encryption block included in the encryption chain based on an initial vector prepared in advance. Then, the process proceeds to step S110.

The control unit 26a encrypts the compressed data (step S110). Specifically, the encryption unit 48a uses the key stream generated in step S106 to calculate the exclusive logic between the compressed data and the key stream, so that the encryption block data in which a plurality of encrypted block data are connected are encrypted. Encrypt compressed data with a chain. Then, the process proceeds to step S112.

Since the process of step S112 is the same as the process of step S30 shown in FIG. 3, the description thereof will be omitted.

The control unit 26a determines whether or not the vehicle has moved by a predetermined distance or more (step S114). Specifically, the position information acquisition unit 56 determines whether or not the storage device 10a (user U) has moved by a predetermined distance or more based on the position information acquired by the GNSS receiving unit 28 and the map information 24C.

FIG. 10 is a diagram for explaining a method of determining whether or not the storage device 10a (user U) has moved by a predetermined distance or more. FIG. 10 shows a locus on the map of the storage device 10a (user U). It is assumed that the storage device 10a moves from the point P1 to the point P5. The storage device 10a captures an image in the line-of-sight direction of the user U while the user U goes around the tourist spot between the points P1 and P5, and encrypts and stores the captured image.

The position information acquisition unit 56 acquires the position information of the storage device 10a (user U) until the storage device 10a (user U) moves from the point P1 to the point P5. In this case, for example, the map information 24C has area information of area A1, area A2, area A3, area A4, and area A5. In other words, the map information 24C is associated with the areas A1 to A5 in advance. The position information acquisition unit 56 can determine in which area the storage device 10a (user U) is located, based on the position information acquired by the GNSS receiving unit 28 and the map information 24C.

The position information acquisition unit 56 determines, for example, whether or not the storage device 10a (user U) has moved between areas. The position information acquisition unit 56 determines, for example, whether or not the storage device 10a (user U) has moved from the point P1 in the area A1 to the point P2 in the area A2. The position information acquisition unit 56 determines, for example, whether or not the storage device 10a (user U) has moved from the point P2 in the area A2 to the point P3 in the area A3. The position information acquisition unit 56 determines, for example, whether or not the storage device 10a (user U) has moved from the point P3 in the area A3 to the point P4 in the area A4. The position information acquisition unit 56 determines, for example, whether or not the storage device 10a (user U) has moved from the point P4 in the area A4 to the point P5 in the area A5. In the present embodiment, the position information acquisition unit 56 determines that, for example, when the storage device 10a (user U) moves in the area, the storage device 10a (user U) has moved by a predetermined distance or more.

When it is determined that the storage device 10a (user U) has moved by a predetermined distance or more (step S114; Yes), the process proceeds to step S116. If it is determined that the storage device 10a (user U) has not moved by a predetermined distance or more (step S114; No), the process proceeds to step S128.

If it is determined to be Yes in step S114, the control unit 26a resets the encryption chain (step S116). Specifically, the encryption unit 48a resets the value of the initial vector for generating the encryption key according to a predetermined rule. That is, in the present embodiment, for example, each time the storage device 10a (user U) moves in an area, the initial vector is reset, and the encrypted image for each area is independently stored in the storage device 10a. Then, the process proceeds to step S128.

Since the processes of steps S118 to S128 are the same as the processes of steps S32 to S42 shown in FIG. 4, the description thereof will be omitted.

As described above, the third embodiment resets the initial vector for generating the encryption key when the storage device 10a (user U) moves by a predetermined distance or more. Thereby, in the third embodiment, the security is improved and the image can be stored more appropriately.

Further, in the third embodiment, images for each predetermined distance, for example, for each area are stored independently. As a result, in the third embodiment, when the image of the specific area is reproduced, it is not necessary to decode all of the images, so that the image of the specific area can be reproduced.

[Fourth Embodiment]
Next, the fourth embodiment will be described. FIG. 11 is a block diagram showing a configuration example of the storage device according to the fourth embodiment. The storage device 10b according to the fourth embodiment has a different function from the storage device 10a shown in FIG. 6 in the function of the encryption unit 48b of the control unit 26b.

In the fourth embodiment, when the position information acquisition unit 56 determines that the storage device 10b (user U) has moved by a predetermined distance or more, the encryption unit 48b resets the initial vector and is based on the position information after the movement. To generate an initial vector and an encryption key.

[Processing of storage device]
A process of the storage device according to the fourth embodiment will be described with reference to FIG. FIG. 12 is a flowchart showing an example of the processing flow of the storage device according to the fourth embodiment.

Since the processes of steps S130 to S156 are the same as the processes of steps S90 to S116 shown in FIG. 9, the description thereof will be omitted.

The control unit 26b generates an encryption key based on the current position information of the storage device 10b (user U) (step S158). Specifically, in the present embodiment, the size of the block cipher is 128 bits, the size of the encryption key is 256 bits, and the initial vector is 128 bits, using the AES encryption method. The encryption unit 48b preferably generates an initial vector with a random numerical value in order to make it difficult to decrypt the encryption. In the present embodiment, the encryption unit 48b generates a numerical value of the initial vector based on the current position information. For example, the encryption unit 48b may generate an initial vector based on the latitude and longitude of the current position. The encryption unit 48b may also generate an encryption key based on the current position information of the storage device 10b (user U). The encryption unit 48b may generate an encryption key based on the current position information of the storage device 10b (user U) and the biometric information of the user U. It is preferable that the encryption unit 48b generates an initial vector with a different numerical value for each message to be encrypted. Then, the process proceeds to step S170.

Since the processes of steps S160 to S170 are the same as the processes of steps S118 to S128 shown in FIG. 9, the description thereof will be omitted.

As described above, in the fourth embodiment, the initial vector and the encryption key are generated based on the current position information of the storage device 10b (user U). Thereby, in the fourth embodiment, the algorithm for generating the initial vector and the encryption key can be made more complicated, so that the security can be further improved.

Further, in the fourth embodiment, images for each predetermined distance, for example, for each area are stored independently. Further, in the fourth embodiment, since the image for each specific area can be encrypted using the initial vector generated according to the position information of the area and the encryption key, the initial vector and the encryption key can be encrypted. More patterns can be generated. Thereby, the fourth embodiment can further improve the safety.

Although the embodiments of the present invention have been described above, the present invention is not limited to the contents of these embodiments. Further, the above-mentioned components include those that can be easily assumed by those skilled in the art, those that are substantially the same, that is, those in a so-called equal range. Furthermore, the components described above can be combined as appropriate. Further, various omissions, replacements or changes of the components can be made without departing from the gist of the above-described embodiment.

10, 10a, 10b Storage device 12 Microphone 12A Left microphone 12B Right microphone 14 Camera 14A Line-of-sight camera 14B Peripheral camera 16 Biosensor 18 Input unit 20 Output unit 20A Display unit 20B Audio output unit 22 Communication unit 24 Storage unit 24A Learning model 24B Biometric information 24C Map information 26, 26a, 26b Control unit 28 GNSS receiving unit 30 Voice acquisition unit 32 Image acquisition unit 34 Biometric information acquisition unit 36 Authentication unit 38 Voice processing unit 40 Image processing unit 42 Image recognition unit 44 Image processing unit 46, 46a Multiplexing unit 48, 48a, 48b Encryption unit 50 Storage control unit 52 Output control unit 54 Communication control unit 56 Position information acquisition unit

Claims (5)

The location information acquisition unit that acquires the user's location information, and
An image acquisition unit that acquires an image of the user's surroundings from the image pickup unit, and an image acquisition unit.
An encryption unit that encrypts the image taken around the user with a block cipher,
A storage control unit that stores the image encrypted by the encryption unit in the storage unit,
Equipped with
The encryption unit generates an encryption key for encryption based on the user's location information when the user's location information moves by a predetermined distance or more.
Storage device. The encryption unit encrypts the block cipher when it is determined that the user has moved between predetermined areas based on the user's location information and the map information stored in the storage unit. Reset the cipher chain,
The storage device according to claim 1. A biosensor for detecting the biometric information of the user is provided.
The encryption unit generates the encryption key based on the user's location information and biometric information.
The storage device according to claim 1 or 2. The step to get the user's location information and
A step of acquiring an image of the user's surroundings from the image pickup unit, and
The step of encrypting the image taken around the user with a block cipher,
A step of storing the encrypted image in the storage unit,
A step of generating an encryption key for encryption based on the user's location information when the user's location information moves by a predetermined distance or more, and
Storage methods, including. The step to get the user's location information and
A step of acquiring an image of the user's surroundings from the image pickup unit, and
The step of encrypting the image taken around the user with a block cipher,
A step of storing the encrypted image in the storage unit,
A step of generating an encryption key for encryption based on the user's location information when the user's location information moves by a predetermined distance or more, and
A program that lets your computer run.

Images