JP2023009403A - Computer system and program - Google Patents

Abstract

To secure security when adding new application software to a computer system operating off-line.SOLUTION: A computer system 10 operating in an off-line environment comprises a platform 22 used when executing a newly added application 25. The platform 22 acquires information for identifying the application 25 inputted by an end user 93 as application information. The platform 22 acquires application authentication information included in the application 25. The platform 22 generates a development password on the basis of the acquired application information, and authenticates the application 25 on the basis of the generated development password and the acquired development password. The platform 22 permits execution of the application 25 when authentication of the application 25 is successful.SELECTED DRAWING: Figure 5

Description

The present invention relates to a computer system and program that operate offline.

A technology has been developed that allows a computer system to execute only application software downloaded from a specific download service operated by a provider of a platform (e.g., iOS) configured in a computer system (e.g., mobile terminal) (patent Paragraph 0007 of Document 1, etc.).

Japanese Patent Publication No. 2014-512611

According to the conventional technology described above, unauthorized application software that is not permitted by the platform provider is prevented from being added to the computer system and executed. Therefore, the conventional technology described above cannot prevent unauthorized application software from being executed in a computer system that operates offline. For this reason, the conventional technology described above cannot ensure security when new application software is added to a computer system that operates offline.

SUMMARY OF THE INVENTION An object of the present invention is to ensure security when new application software is added to a computer system that operates offline.

In order to solve the above problems, a computer system according to the present invention is a computer system that operates in an offline environment and includes a platform that is configured to be used when executing application software newly added to the computer system. wherein the platform acquires, as application information, information identifying the application software input by the user into the computer system, and application authentication information for authenticating the application software included in the application software, obtaining from the application software when the application software is newly added to the computer system, generating application authentication information based on at least part of the obtained application information, and generating the generated application authentication information and the obtained application authentication information; and application authentication information, and if the application software authentication fails, execution of the application software is not permitted, and if the application software authentication succeeds, the application software is authenticated. is configured to allow execution.

The application authentication information included in the application software is issued based on at least part of the application information, and the platform receives the application information included in the application software based on at least part of the obtained application information. may be configured to generate the application authentication information with the same algorithm as the application authentication information received.

The platform is configured to obtain user authentication information entered by the user into the computer system along with the application information for authenticating the user, the platform including a user identification identifying the user. information is configurable, the user authentication information is issued based on at least a portion of application information and user identification information, and the platform acquires the user identification information set in the platform and generating user authentication information with the same algorithm as the acquired user authentication information based on at least part of the application information obtained, and determining the user based on the generated user authentication information and the acquired user authentication information It may be configured to authenticate.

A program according to the present invention is executed by a computer system that operates in an offline environment, and is a platform that is used when executing application software that is newly added to the computer system. acquires, as application information, information identifying the application software input to the computer system by the application software, and transmits application authentication information for authenticating the application software included in the application software to the computer system; Acquired from the application software when newly added, generates application authentication information based on at least part of the acquired application information, and generates application authentication information based on the generated application authentication information and the acquired application authentication information a platform that authenticates the application software, does not permit execution of the application software if authentication of the application software fails, and permits execution of the application software if authentication of the application software succeeds; Constitute.

According to the present invention, security is ensured when adding new application software to a computer system that operates offline.

FIG. 1 is a configuration diagram of a computer system according to an embodiment of the present invention. FIG. 2 is a configuration diagram of the computer system according to the embodiment of the present invention from a viewpoint different from that of FIG. FIG. 3 is a flowchart for explaining the development stages of an application. FIG. 4 is a flow chart for explaining the delivery stage of the application. FIG. 5 is a flowchart for explaining the app authentication stage.

A computer system 10 according to an embodiment of the present invention will be described below with reference to the drawings.

(Configuration of computer system 10)
As shown in FIG. 1, a computer system 10 according to the present embodiment includes a processor 11 such as a CPU (Central Processing Unit), a RAM (Random Access Memory) 12 functioning as a main memory of the processor 11, a hard disk, an SSD ( and a non-volatile storage device 13 such as a Solid State Drive. The computer system 10 further comprises a display 14 such as a liquid crystal display, an operating device 15 such as a keyboard, and a drive 16 such as a DVD drive. The storage device 13 stores software 21 and 25 executed by the processor 11, data used by the processor 11, and the like.

The computer system 10 is used in a building automation system (hereinafter referred to as BAS) that comprehensively controls and manages building demand facilities (electrical facilities including air conditioning systems, lighting systems, etc.) such as buildings. and To ensure security, the computer system 10 is not connected to a public network such as the Internet and operates in an offline environment. Note that the offline environment refers to an environment that is not connected to a public network. Therefore, the computer system 10 may communicate with other devices of the BAS (eg, an air conditioning controller, etc.) via a LAN (Local Area Network) isolated from public networks.

1 operates as a software platform (hereinafter simply referred to as platform) 22 of the computer system 10 shown in FIG. 2 by executing basic software 21 such as an OS (Operating System) stored in the storage device 13. do. Further, the processor 11 of FIG. 1 executes application software 25 (hereinafter also referred to as application 25) stored in the storage device 13 on the basic software 21, that is, by using the platform 22, thereby executing the application shown in FIG. 25 functions as an application unit 26. The application unit 26 operates on the platform 22 to add various functions to the BAS.

A new application 25 may be added to the computer system 10 . A new application 25 is added to the computer system 10 (specifically, stored in the storage device 13) from a drive 16 that reads a storage medium such as a DVD (Digital Versatile Disc), for example. The application 25 may be added by a CD-ROM (Compact Disc Read only memory), a USB (Universal Serial Bus) memory, or the like. The addition of the application 25 adds a new application section 26 to the computer system 10 , thereby adding a new function to the computer system 10 . The addition of the application 25, that is, the addition of the application section 26 is performed offline. When the application 25 is added, the platform 22 performs authentication, which will be described later. When the authentication is successful, the application 25 can be executed by the processor 11, that is, the application unit 26 can operate. Hereinafter, this point will be explained while explaining each stage of development of the application 25, delivery of the application 25 to the user by selling the application 25, and authentication of the application 25. FIG.

(Development stage of application 25)
As shown in FIG. 3, an application developer 91 who develops an application 25 provides the platform 22 (FIG. 2) with the application name, which is the name of the application 25 to be developed, the specifications of the application, the application under development, and the like. (step S11) to obtain permission for the application 25 to be developed. Note that if the application developer 91 has a certain level of trust from the platform provider 92, the application developer 91 may be treated as not developing an illegal application. In this case, the application developer 91 may pass only the application name to the platform provider 92 . When the platform provider 92 permits the development of the application 25, it issues an application ID that identifies the application 25 with this application name. The platform provider 92 inputs the issued application ID and application name to the development password issuing tool 31 (step S12). The development password issuing tool 31 consists of a computer or the like, and issues a development password for this application 25 by a predetermined algorithm based on the input application ID and application name.

The platform provider 92 supplies the issued development password and application ID to the application developer 91 (step S14). The application developer 91 completes the application 25 by incorporating the application name, application ID, and development password into the application to be developed. The development password and the like are incorporated into the application 25 so that the platform 22 reads it when the application 25 is started on the platform 22 as described later.

If the application developer 91 has a certain level of trust from the platform provider 92, the application developer 91 may be treated as not developing an illegal application. In this case, the application developer 91 may pass only the application name to the platform provider 92 .

(Transfer stage of application 25)
When the end user 93 who owns the computer system 10 purchases the application 25, the application developer 91 inputs the user ID and the application ID to the user password issuing tool 32 (step S21), as shown in FIG. ). The user password issuing tool 32 is composed of a computer or the like, and issues a user password for the end user 93 using a predetermined algorithm based on the input user ID and application ID (step S22). A user ID is information for identifying a user issued by the platform provider 92 to each end user 93 . A user ID is also set in the platform 22 of each computer system 10 owned by the end user 93 . The application developer 91, for example, inquires of the platform provider 92 and acquires the user ID. A user password is issued for each end user 93 .

After that, the application developer 91 delivers the application 25, application ID, application name, and user password to the end user 93 (step S23). The application developer 91 stores the application 25 in a storage medium such as a DVD, CD-ROM, USB memory, etc., and delivers it to the end user 93 .

(Authentication stage of application 25)
As shown in FIG. 5, the end user 93 inputs the application ID, application name, and user password handed over from the application developer 91 to his computer system 10, and adds the application 25 (step S41). ). The application 25 is added by being stored in the storage device 13 . The application ID, application name, and user password are input by the end user 93 operating the operation device 15, for example. The application 25 is stored in a storage medium such as a DVD and read by the drive 16 . The application ID, application name, and user password may be stored in the storage medium together with the application 25 and read by the drive 16 .

The application ID, application name, and user password are input to the platform 22 constructed in the computer system 10 .

The platform 22 includes an application information setting section 22A, a user authentication section 22B, a user password issuing section 22C, an application authentication section 22D, and a development password issuing section 22E.

The application ID, application name, and user password input to the platform 22 are acquired by the application information setting unit 22A (step S31). The application information setting unit 22A sends the acquired application ID and user password to the user authentication unit 22B (step S32). User authentication unit 22B inputs the application ID to user password issuing unit 22C (step S33). As described above, the user ID of the end user 93 is set (registered) in the platform 22, and the user password issuing unit 22C, based on this user ID and the application ID from the user authentication unit 22B, A user password is issued (step S34). 22 C of user password issuing parts issue a user password with the same algorithm as the user password issuing tool 32. FIG. Therefore, when the same user ID and application ID are input to the user password issuing unit 22C and the user password issuing tool 32, both issue the same user password.

The user authentication section 22B authenticates the end user 93 by verifying both user passwords sent in steps S32 and S34, and sends the authentication result to the application information setting section 22A (step S35). If both user passwords are the same and the authentication is successful, the user password entered by the end user 93 is correct and the end user 93 is a valid user.

If the authentication is successful, the application information setting unit 22A sets the application ID and the application name input in step S31 as application information that identifies the application 25 in the platform 22 (step S36). The application information is information that identifies the application 25 . If the authentication fails, the application information setting unit 22A displays that fact on the display 14 .

When application information is set, the application authentication unit 22D inputs the set application information to the development password issuing unit 22E (steps S37 and S38). The development password issuing unit 22E issues a development password based on the input application information, that is, the application ID and the application name (step S39). The development password issuing unit 22E issues a development password using the same algorithm as the development password issuing tool 31. FIG. Therefore, when the same application ID and application name are input to the user password issuing unit 22C and the user password issuing tool 32, both issue the same user password.

The application authentication unit 22D receives the development password issued by the development password issuing unit 22E, and acquires the application ID, the application name, and the development password included in the application 25 added to the storage device 13. (Step S40).

The application authentication unit 22D authenticates the application 25 by verifying both the development passwords issued or obtained in steps S39 and S40. If both development passwords are the same and the authentication is successful, the application 25 has been authenticated as a legitimate application developed by a legitimate application developer 91 permitted by the platform provider 92 . If the authentication is successful, the application authentication unit 22D performs settings to permit execution of the application 25 on the platform 22 (step S41). Thereby, the processor 11 can execute the application 25 and operate on the platform 22 as the application section 26 (FIG. 2). If the two development passwords are different and the authentication fails, the application authentication unit 22D determines that the application 25 is not a valid application, prohibits execution of the application 25, and displays a message to that effect on the display 14. FIG.

In order to improve authentication accuracy, the application authentication unit 22D may perform authentication by checking at least one of the application ID and the application name of the application information acquired in steps S37 and S40 in addition to checking the development password. good. In this case, if all of the collation matches, the authentication is successful.

(effect, etc.)
As described above, the platform 22 according to the present embodiment acquires, as application information, the application ID and the application name, which are information identifying the application 25 and are input to the computer system 10 by the end user 93 . Furthermore, the platform 22 acquires a development password as application authentication information for authenticating the application 25 included in the application 25 from the application 25 when the application 25 is newly added to the computer system 10 . Further, the platform 22 generates a development password based on at least part of the acquired application information (here, the application ID and the application name, but may be either one of them), and generates the development password and the acquired App 25 is authenticated based on the development password. If the authentication of the application 25 fails, the platform 22 does not permit execution of the application 25 (activation of the application section 26). When the application 25 is successfully authenticated, the platform 22 permits execution of the application 25 (activation of the application section 26). With such a configuration, the computer system 10 that operates offline can only execute applications 25 that are permitted by the platform provider 92, and execution of unauthorized unauthorized applications 25 is not permitted. Therefore, in this embodiment, security is ensured when adding a new application 25 to the computer system 10 that operates offline. In addition, the platform provider 92 can permit or deny the application developer 91 who can create the application 25 .

As one mode in which the execution of the application 25 is not permitted in the event of authentication failure, the platform 22 basically does not permit the execution of the application 25. , and execution of the application 25 may be permitted only when the end user 93 approves the use of the application 25 via the operation device 15 after the warning. This also ensures security.

In this embodiment, the development password included in the application 25 is issued by the platform provider 92 based on at least part of the application information (here, application ID and application name, but either one may be sufficient). Based on at least a part of the application information, the platform 22 generates a development password to be verified in the above authentication using the same algorithm as the development password included in the application 25 . Thereby, a different development password can be generated for each new application 25, and security is further ensured.

Further, in this embodiment, platform 22 obtains a user password as user authentication information for authenticating end user 93 entered by end user 93 into computer system 10 along with application information. A user ID as user identification information for identifying the end user 93 can be set in the platform 22 . The user password is issued based on at least part of the application information (here, the application ID, but may be the application name and the application ID) and the user ID. The platform 22 generates a user password based on the user ID set in the platform 22 and at least part of the obtained application information, using the same algorithm as the obtained user password. Platform 22 authenticates end user 93 based on the generated user password and the obtained user password. With such a configuration, the end user 93 is also authenticated, so security is further ensured.

Further, in this embodiment, when the end user 93 is successfully authenticated, the application information setting and the development password are authenticated, and when the end user 93 is not authenticated, these are not performed. Furthermore, in this embodiment, a development password is generated based on the application information. Therefore, even if one development password is leaked, a malicious third party cannot obtain application information and cannot create an application that runs on the platform 22 . Therefore, the influence of leakage of the development password is limited. It also prevents end users 93 from illegally copying apps 25 for use on other platforms.

In addition, if the same application 25 has a common development password, there is no need to include different development passwords in each application 25, and the rebuilding and deployment of the application 25 becomes unnecessary.

Furthermore, the application developer 91 can authorize the end user 93 by operating the user password issuing tool 32 by the application developer 91 . Furthermore, the user password issuing tool 32 can be restricted so that it only accepts application information of the applications 25 that can be created by the application developer 91 .

(Modification)
The hardware configuration of the computer system 10 is arbitrary. At least a portion of platform 22 may be configured with one or more logic circuits. Logic circuits include ASICs (Application Specific Integrated Circuits) and FPGAs (Field Programmable Gate Arrays). The processor 11 may be configured including a plurality of CPUs operating in cooperation. The computer system 10 may be configured as one device housed in one housing, or may be configured from a plurality of devices in which functional components are distributed and accommodated in multiple housings. The computer system 10 may include various computers, such as personal computers, and various controllers, such as integrated controllers of multiple facilities, such as air conditioning systems, that communicate with the computers. It may be constructed.

Although the present invention has been described with reference to the embodiments and modifications, the present invention is not limited to the above embodiments and modifications. For example, the present invention includes various modifications to the above embodiments and modifications that can be understood by those skilled in the art within the scope of the technical idea of the present invention. The configurations described in the above embodiments and modified examples can be appropriately combined within a consistent range.

10... Computer system, 21... Basic software, 22... Platform, 25... Application software (application), 26... Application part.

Claims (4)

A computer system that operates in an offline environment,
A platform configured to be used when executing application software newly added to the computer system,
The platform is
Acquiring information identifying the application software input by the user into the computer system as application information;
acquiring application authentication information for authenticating the application software included in the application software from the application software when the application software is newly added to the computer system;
generating application authentication information based on at least part of the obtained application information, authenticating the application software based on the generated application authentication information and the obtained application authentication information;
disallowing execution of the application software if authentication of the application software fails;
configured to permit execution of the application software if authentication of the application software is successful;
computer system. the application authentication information included in the application software is issued based on at least part of the application information;
The platform is configured to generate the application authentication information with the same algorithm as the application authentication information included in the application software, based on at least part of the obtained application information.
2. The computer system of claim 1. the platform is configured to obtain user authentication information entered by the user into the computer system along with the application information for authenticating the user;
User identification information that identifies the user can be set in the platform,
The user authentication information is issued based on at least part of application information and user identification information,
The platform generates user authentication information with the same algorithm as the acquired user authentication information based on the user identification information set in the platform and at least part of the acquired application information, and the generated user authenticating the user based on the authentication information and the obtained user authentication information;
3. A computer system according to claim 1 or 2. By being executed by a computer system that operates in an offline environment, on the computer system,
A platform used when executing application software newly added to the computer system,
Acquiring information identifying the application software input by the user into the computer system as application information;
acquiring application authentication information for authenticating the application software included in the application software from the application software when the application software is newly added to the computer system;
generating application authentication information based on at least part of the obtained application information, authenticating the application software based on the generated application authentication information and the obtained application authentication information;
not permitting execution of the application software if authentication of the application software fails;
configure a platform that allows execution of the application software if the application software is successfully authenticated;
program.

Images