JP2023048659A - System comprising protection function of file, method for protecting file and protection program of file - Google Patents

Abstract

To provide a technology which protects a file on a network.SOLUTION: A system 100 which protects files of each user of a plurality of terminals 150A, 150B, 150C, is used as a server or cloud service, and usable from the plurality of terminals 150A, 150B, 150C. The system 100 comprises: a communication unit 130 for communicating with each of the plurality of terminals 150A, 150B, 150C through a network; a file system 126 for managing the files of each user of the plurality of terminals 150A, 150B, 150C; an encryption unit 124 for encrypting metadata referred by the file system 126; and a decode unit 123 for decoding the metadata.SELECTED DRAWING: Figure 1

Description

FIELD OF THE DISCLOSURE The present disclosure relates to systems used by multiple users, and more particularly to file encryption.

BACKGROUND ART In recent years, cloud services and the like that allow users to borrow computer resources such as computing power of CPUs (Central Processing Units) and data storage from remote data centers via the Internet have become widespread. Such cloud services have advantages such as allowing users to flexibly change computer resources to be used as needed. On the other hand, since cloud services are always connected to the Internet, unauthorized access to data on cloud services is a problem. As a countermeasure against unauthorized access, for example, there is a method of encrypting data on cloud services.

Regarding countermeasures against unauthorized access to data on cloud services, for example, Japanese National Publication of International Patent Application No. 2012-527838 (Patent Document 1) states, "Any data that reliably stores data in a cloud computing resource and communicates data with it. A robust data parser that can be integrated into any suitable system." The data parser "parses the data and then splits the data into multiple parts that are stored or communicated separately. Encryption of the original data, multiple parts of the data, or both may provide additional security." The encryption of the data may be performed before or after the first analysis, division and/or separation of the data.In addition, the encryption step may be performed by one or more may be repeated for the data part” (see [Summary]).

Japanese Patent Publication No. 2012-527838

As mentioned above, cloud services are always connected to the Internet. Therefore, according to the technique disclosed in Patent Document 1, there is a possibility that a malicious third party will have time to make a brute-force attack to identify the private key. Therefore, there is a need for techniques to protect files on networks. There is also a need for techniques for reducing the load of encryption processing. Further, there is a need for techniques to facilitate updating private keys.

The present disclosure has been made in view of the above background, and an object in one aspect is to provide technology for protecting files on a network.

An object in another aspect is to provide a technique for reducing the load of encryption processing.
An object in still another aspect is to provide a technique for facilitating updating of a private key.

According to one embodiment, a system is provided that can be used from multiple terminals. The system includes a communication unit for communicating with each of a plurality of terminals, a file system for managing files of each user of the plurality of terminals, and an encryption unit for encrypting metadata referenced by the file system. and a decoding unit for decoding the metadata.

According to one embodiment, techniques can be provided for protecting files on a network.

According to another embodiment, it is possible to provide a technique for reducing the load of encryption processing.
According to yet another embodiment, techniques can be provided for facilitating private key updating.

The above and other objects, features, aspects and advantages of this disclosure will become apparent from the following detailed description of the disclosure taken in conjunction with the accompanying drawings.

1 illustrates an example configuration of a system 100 according to an embodiment; FIG. 3 is a diagram showing an example of the configuration of files stored in the storage 110. FIG. FIG. 4 is a diagram showing an example of metadata used by the file system 126; FIG. 4 is a diagram showing an example of the relationship between metadata and data (files) on the storage medium 400. FIG. 4 is a sequence diagram showing an example of an encryption and decryption processing procedure of the system 100; FIG. FIG. 3 is a diagram showing an example of the flow of metadata decoding in system 100. FIG. 4 is a diagram showing an example of the flow of metadata encryption in system 100. FIG. 8 illustrates an example configuration of another system 800 according to an embodiment. FIG. 8 is a sequence diagram showing an example of the encryption and decryption processing procedures of system 800. FIG. 8 is a diagram illustrating an example of a metadata decoding flow in system 800. FIG. 1 is a diagram showing an example of a hardware configuration of an information processing device 1100 used as systems 100 and 800; FIG.

Hereinafter, embodiments of the technical concept according to the present disclosure will be described with reference to the drawings. In the following description, the same parts are given the same reference numerals. Their names and functions are also the same. Therefore, detailed description thereof will not be repeated.

FIG. 1 is a diagram showing an example of the configuration of system 100 according to this embodiment. Each configuration included in system 100 according to the present embodiment and the application of system 100 will be described with reference to FIG. The system 100 is, for example, a cloud service, a server, or the like built in a data center, and can provide storage areas, computing resources, various applications, and the like to remote user terminals and the like. The system 100 also includes functionality to protect the user's files from unauthorized access. A file in this disclosure may contain any type of data, directory, or the like. Therefore, files may be read as data. In one aspect, system 100 may be implemented by one or more information processing devices 1100 (see FIG. 11).

System 100 comprises storage 110 and network interface 130 . Storage 110 also includes application 120 . The application 120 includes a client operation application 121 , a login system 122 , a client area decryption system 123 , a client area encryption system 124 and an OS (Operating System) 125 . OS 125 manages file system 126 and data area 140 .

Also, system 100 may communicate with any number of clients 150 via network 170 . In the following description, a plurality of identical configurations may be individually referred to as client A_150A, client B_150B, and client C_150C. In addition, when collectively referring to these configurations, they may be referred to as the client 150 . Also, in the following description, the client 150 will be described as a terminal used by a user. However, client A_150A is not necessarily one terminal. Client A_150A may include multiple terminals that user A uses. System 100 may determine that both terminals A1 and A2 are clients A_150A when user A accesses system 100 using user A's account via certain terminals A1 and A2. That is, the system 100 may regard all terminals (used by user A) associated with user A's account as client A_150A. Therefore, each client 150 may be read as each user, each user account, or each user's terminal having an account of the system 100 . It can also be said that the files of each client 150 stored by the system 100 are the files of each user.

The storage 110 stores various programs and data. In one aspect, the storage 110 includes one or more HDD (Hard Disk Drive), SSD (Solid State Drive), EPROM (Erasable Programmable Read Only Memory), EEPROM (Electrically Erasable Programmable Read Only Memory) or flash memory, and may be realized by a combination of

Applications 120 include various applications executed by system 100 . The application 120 includes, for example, a client operation application 121, a login system 122, a client area decryption system 123, and a client area encryption system 124 provided by the cloud service, as an instance that can be used by the user on the storage 110. Contains an implemented OS 125 . Applications 120 may also include any application other than the configuration shown in FIG.

The client operation application 121 communicates with each of the multiple clients 150 . The client operation application 121 provides operation functions for various services such as version management service and online storage service. In one aspect, the client operation application 121 may provide the client 150 with a web application screen as a UI (User Interface). In this case, the client 150 can use the browser function to display operation screens for various services delivered from the client operation application 121 on the display of the client 150 . In other aspects, client operations application 121 may communicate with a client application installed on client 150 . In this case, client 150 may download and install a client application from system 100 or any other server or the like.

The client 150 can access data stored in the data area 140 in addition to using various applications provided by the system 100 via the client operation application 121 .

The login system 122 performs authentication processing for each client 150 . In one aspect, the login system 122 may provide a user authentication function using an ID (Identifier) and password. In other aspects, login system 122 may provide user authentication functionality using one-time passwords. In other aspects, login system 122 may also provide user authentication functionality using software tokens or hardware tokens. Also, in another aspect, the login system 122 may provide a user authentication function using biometric information. In yet another aspect, the login system 122 may provide a user authentication function that combines arbitrary multiple methods.

OS 125 provides a file system for managing the file structure of files stored in storage 110 by the user. The storage 110 includes a file body and metadata including information such as ownership, location, size and name of the file. A file system provides a function of quickly accessing files by referring to the metadata. As a file system, for example, ext2 (Second Extended File System), ext3 (Third Extended File System), ext4 (Fourth Extended File System), JFS (Journaled File System), XFS (Extents File System), FAT32 (File Allocation Table 32 ), NTFS (NT File System), and the like. System 100 may support the above file systems, other file systems, and any combination of file systems.

File system 126 provides file management and quick access to files. File system 126 may be provided as a function of OS 125 . A group of files saved in the data area 140 usually has a hierarchical structure using directories (also called folders). The data area 140 can also include a server file group 141 used by the system 100, a file group of each user (client A file group 142A, client B file group 142B, client C file group 142C), and the like.

The file system 126 can quickly search for an arbitrary file among the hierarchically structured files in the data area 140 by referring to the metadata for managing the files stored in the data area 140 . The metadata includes information for managing a hierarchically structured file group, and the metadata itself may also have a hierarchical structure. The metadata includes so-called pointers, indexes, addresses, or keys indicating files, such as the address of each file, the address of each directory, and the address of each file directly under each directory. As an example, Linux (registered trademark) manages files in a data structure or area called an i-node. Windows (registered trademark) manages files in NTFS using a data structure or area called MFT (Master File Table).

The file system 126 may manage metadata corresponding to each of a group of files in the data area 140 (a group of files stored in an area allocated for each system or user). For example, the file system 126 includes a server file area 127 that is metadata of the server file group 141, a client A file structure 128A that is metadata of the client A file group 142A, and a client file area 128A that is metadata of the client B file group 142B. The B file structure 128B and the client C file structure 128C, which is the metadata of the client C file group 142C, may be managed. In this case, the file system 126 may refer to the client A file configuration 128A, for example, when receiving an access request to the client A file group 142A.

Access rights are set for each file or directory. File system 126 may allow or prohibit access to each file for each user based on the access rights. For example, the server file group 141 can be read, written, and updated only by the administrator account, and cannot be referred to by other accounts. The client A file group 142A can be read, written, and updated only by the client A_150A and the administrator, and cannot be referred to by other users (client B_150B, client C_150C, etc.).

The data area 140 is an area where files are saved. The system 100 may allocate a storage area within the data area 140 to the system and each client 150 (each user). Each client 150 can store files only in the allocated area. For example, the server files 141 are stored in the area allocated to system 100, and similarly the client A files 142A are stored in the area allocated to client A_150A.

The client area encryption system (encryption unit) 124 provides metadata (client A file configuration 128A, Encrypt client B file configuration 128B, client C file configuration 128C). That is, the system 100 encrypts the metadata of each client 150 file without encrypting the file body of each client 150 .

If the metadata is encrypted, file system 126 cannot reference the file. Therefore, as a result, the system 100 can protect the file itself from unauthorized access by encrypting the metadata. For example, client domain cryptosystem 124 may have encrypted client A file configuration 128A. In this case, the file system 126 cannot refer to the pointer of each file in the client A file group 142A. Therefore, even if the unauthorized client 160 invades the system 100, it cannot use the functions of the file system 126 to unauthorizedly access the files in the client A file group 142A.

Also, the metadata has a very small data size compared to the file itself. Therefore, compared to encrypting each client's file group (client A file group 142A, client B file group 142B, client C file group 142C), metadata (client A file configuration 128A, client B file configuration 128B, client Encryption of the C file structure 128C) can be performed in a very short time. In the prior art, the file group of each client 150 is directly encrypted, which requires an enormous amount of time for encryption processing. Therefore, the conventional technology cannot frequently update the private key. In contrast, the technique of the present disclosure reduces the time required to generate the private key by encrypting only the metadata, so that the private key can be updated frequently. As a result, system 100 may provide increased security against brute force attacks and the like.

The client area decryption system (decryption unit) 123 provides metadata (client A file configuration 128A, client B file structure 128B, client C file structure 128C) are decoded. Client domain decryption system 123 may decrypt client A file configuration 128A, for example, based on the completion of the authentication process for client A_150A. This allows client A file configuration 128A to remain encrypted except when client A_150A is logged into system 100, preventing unauthorized access to client A file group 142A.

A network interface (communication unit) 130 communicates with each client 150 via the network 170 . Network interface 130 may forward received messages to client operation application 121, login system 122, and the like.

Client 150 is a personal computer, smart phone, tablet or any other information processing device. The client 150 includes a secret key 151 (secret key A_151A, secret key B_151C, secret key C_151C), a secret key generation system 152 (secret key generation system 152A, secret key generation system 152B, secret key generation system 152C), and a network interface. 153 (network interface 153A, network interface 153B, network interface 153C).

Private key 151 is used to encrypt and decrypt the metadata of client 150 files. Client 150 transmits private key 151 to system 100 in a secure communication after successful authentication of client 150 by system 100 . The client area decryption system 123 uses the received private key 151 to decrypt the file group. As an example, assume that client A_150A has logged into system 100 . Client A_150A transmits private key A_151A to system 100 after completing the authentication process. Client area decryption system 123 decrypts client A file configuration 128A using private key A_151A. After the decryption process, the client A_150A can access the client A file group 142A via the client operation application 121 and the file system 126. FIG.

A secret key generation system 152 generates a secret key 151 . The secret key generation system 152 can generate a new secret key 151 at the timing when the authentication of the client 150 is completed or at any predetermined timing. As an example, the predetermined timing is after a certain period of time has elapsed since the previous secret key was generated, after each client 150 has successfully authenticated, after each client 150 has transmitted a disconnection request to the system 100, and after each client 150 has Any timing, such as after the logout process ends, may be included. Network interface 130 receives new private key 151 . Network interface 153 A transmits newly generated private key 151 to system 100 . The system 100 uses the received private key 151 for decryption when the client 150 accesses it next time. As an example, assume that client A_150A has logged into system 100 . The client A_150A transmits the newly generated private key A_151A to the system 100 after completing the authentication process or before disconnecting the session with the system 100. FIG. System 100 uses the received private key A_151A to encrypt client A file configuration 128A. That is, system 100 encrypts client A file configuration 128A with a new private key each time it communicates with client A_150A. Therefore, the system 100 does not allow the unauthorized client 160 to brute-force attack.

Network interface 153 communicates with system 100 via network 170 . The network interface 153 can send and receive, for example, private keys, authentication processing messages, access requests for files, files, and the like.

The network 170 can be implemented by any network such as a LAN (Local Area Network), the Internet, a public telephone network, or a combination thereof. Each client 150 and system 100 can communicate via network 170 using any protocol such as TCP/IP (Transmission Control Protocol/Internet Protocol), UDP (User Datagram Protocol), http (Hyper Text Transfer Protocol), or the like.

FIG. 2 is a diagram showing an example of the configuration of files stored in the storage 110. As shown in FIG. The configuration of files stored in the storage 110 will be described with reference to FIG.

The server file group 141 includes, for example, a root 201 , an OS area 202 , an application area 203 and a client data area 204 . Each area may be expressed as a directory such as a root directory and an OS area directory.

A root 201 is the highest directory for all files managed by the OS 125 . All directories managed by the OS 125 are stored directly under the root 201 or within subdirectories within the root 201 .

The OS area 202 stores files related to the OS 125 . Files related to the OS 125 are, for example, kernel, middleware, and drivers. The OS area 202 may also include system setting files and the like.

The application area 203 stores application files installed in the OS 125 and their setting files. For example, applications stored in application area 203 may be web servers, database applications, or any other applications. Access to the OS area 202 and the application area 203 usually requires administrator authority. Applications used individually by each client 150 are installed below the client area of each client 150 .

The client data area 204 stores files for each client 150 . In the example shown in FIG. 2, the client data area 204 includes a client A area 210A for client A_150A, a client B area 210B for client B_150B, and a client C area 210C for client C_150C. For example, the area below the client A area 210A is an area that can be used by the client A_150A.

Each client 150 has access to files contained below its own client data area. As an example, client A_150A has access rights to files under client A area 210A. Specifically, client A_150A has access rights to data 211, data 212, subdirectory 213, and data under subdirectory 213 and below.

Also, clients 150 typically do not have access to the directories of other clients 150 . As an example, client A_150A does not have access to client B area 210B and client C area 210C.

FIG. 3 is a diagram showing an example of metadata used by the file system 126. As shown in FIG. The metadata shown in FIG. 3 is an example, and in practice the OS 125 can store metadata described in any format.

As shown in FIG. 3, the metadata manages the location of files using pointers (addresses). For example, by referring to the metadata, the OS 125 has an OS area 202 whose position is indicated by the pointer "0x1000", an application area 203 whose position is indicated by the pointer "0x2000", and a pointer "0x2000" directly below the root 201. 0x3000” and that there is a client data area 204 located there. A pointer may indicate the top address of a file or directory.

In addition, the OS 125 creates, immediately below the client data area 204, the highest directory of the client A area 210A indicated by the pointer "0x3100" and the highest directory of the client B area 210B indicated by the pointer "0x3200". , and the top-level directory of client C area 210C located by pointer "0x4100".

Furthermore, the OS 125 places data 211 whose position is indicated by the pointer "0x3110", data 212 whose position is indicated by the pointer "0x3120", and subdirectory 213 exist.

As described above, the OS 125 can access any file in the storage 110 by recursively referring to metadata. Metadata of each file (including data and directory) includes a key 310 indicating the file, an address 320 indicating the position of the file, a pointer (address) of each file directly under the file (directory), and further and any other information (sometimes called attribute information).

The system 100 encrypts metadata below the client area of each client 150 . This makes it impossible for the unauthorized client 160 to access the client area via the OS 125 or file system 126 . The system 100 can realize security equivalent to encrypting a file group in the client area only by encrypting metadata with a small data size.

FIG. 4 is a diagram showing an example of the relationship between metadata and data (files) on the storage medium 400. As shown in FIG. The storage 110 is composed of arbitrary storage media 400 such as one or more HDDs or SSDs. When the storage medium 400 is an HDD, the storage medium 400 stores data in units called sectors. If the storage medium 400 is an SSD, the storage medium 400 stores data in units called pages (blocks). By formatting the storage medium 400, an address is assigned to each sector or page (block). The file system 126 can identify files on the storage medium 400 by associating and managing pointers and sectors.

The metadata contains pointers corresponding to each sector or page (block). For example, when the storage medium 400 is an HDD, the pointer “0x3110” corresponds to sector 401 , the pointer “0x3120” corresponds to sector 402 , and the pointer “0x3130” corresponds to sector 403 . If the metadata is encrypted, the OS 125 cannot identify the sectors or pages (blocks) in which the data is stored, and recognizes that the file has been corrupted. As a result, the unauthorized client 160 cannot use the functions of the file system 126, making it difficult for the unauthorized client 160 to access files.

FIG. 5 is a sequence diagram showing an example of an encryption and decryption processing procedure of system 100. As shown in FIG. Referring to FIG. 5, the operation of system 100 will be described using the encryption and decryption of files of client A_150A as an example.

In step S505, client A_150A accepts a login operation to system 100 from the user. The login operation is, for example, inputting a user ID and password. In one aspect, client A_150A may accept a login operation to system 100 from a user via a browser. In another aspect, client A_150A may accept a login operation to system 100 from a user via an application that communicates with system 100. FIG.

In step S510, client A_150A sends login information to system 100. FIG. In one aspect, the login information may include private key A_151A. In another aspect, client A_150A may send private key A_151A to system 100 after completing the authentication process.

In step S515, the system 100 (login system 122) executes client authentication processing. System 100 (login system 122) may authenticate client A_150A (or a user of client A_150A) by comparing the received login information with the login information stored in storage 110. FIG.

In step S520, the system 100 (client area decryption system 123) reads the encrypted client A file configuration 128A (metadata) from the storage 110. FIG.

At step S525, system 100 (client area decryption system 123) decrypts encrypted client A file configuration 128A (metadata) using private key A_151A received from client A_150A.

In step S530, system 100 (client area decryption system 123) writes decrypted client A file configuration 128A (metadata) to storage 110. FIG.

In step S535, the system 100 (login system 122) completes the login process.

In step S540, system 100 (login system 122) transmits a login processing completion notice to client A_150A.

In step S545, the client A_150A receives an operation input for the client operation application 121 from the user. For example, the user can execute an application provided by the system 100 and read/write the client A file group 142A via the client operation application 121 .

In step S550, client A_150A transmits a message regarding the user's operation input to system 100. FIG.

In step S555, the system 100 (client operation application 121) executes read or write processing of the client A file group 142A based on the user's operation input. The processing from step S545 to step S555 can be repeatedly executed until client A_150A receives an input operation of a logout request from the user.

At step S560, client A_150A generates private key A' (new private key). In one aspect, the client A_150A may generate the private key A' at any timing after the login operation. In another aspect, client A_150A may generate private key A' based on accepting a logout operation from the user.

In step S565, client A_150A receives input of a logout operation from the user.

In step S570, client A_150A sends system 100 the newly generated private key A' along with a logout request. In one aspect, client A_150A may send newly generated private key A' to system 100 at any time after the completion of the authentication process.

In step S575, the system 100 (login system 122) executes logout processing.

At step S580, system 100 (client area cryptographic system 124) reads decrypted client A file configuration 128A (metadata) from storage 110. FIG.

At step S585, system 100 (client area cryptographic system 124) encrypts client A file configuration 128A (metadata) using private key A' received from client A_150A.

In step S590, system 100 (client area cryptosystem 124) writes encrypted client A file configuration 128A (metadata) to storage 110. FIG. In one aspect, system 100 (client area cryptographic system 124) may execute the process from step S580 onwards after receiving the logout request and before executing the logout process. In another aspect, system 100 (client area cryptographic system 124) may execute the processes from step S580 onward at any timing after client A_150A finishes operating or referring to client A file group 142A.

FIG. 6 is a diagram showing an example of the metadata decoding flow in the system 100. As shown in FIG. Referring to FIG. 6, the operation of system 100 will be described using the decoding of metadata in client A area 210A as an example.

As an example, when the client A_150A authentication process is completed, the client area decryption system 123 decrypts the encrypted metadata 610 of the client A area 210A using the private key A_151A to obtain the decrypted (plaintext) Create metadata 620 for client A area 210A. Private key A_151A was sent to system 100 from client A_150A in the previous communication.

Decryptor 600 in client domain decryption system 123 uses private key A_151A to read and decrypt encrypted metadata 610 stored in ciphertext memory 630 . Decoder 600 outputs decrypted (plaintext) metadata 620 to plaintext memory 640 . In one aspect, ciphertext memory 630 and plaintext memory 640 may reside in storage 110 or in the main memory (not shown) of system 100 .

FIG. 7 is a diagram showing an example of the flow of metadata encryption in the system 100. As shown in FIG. Referring to FIG. 7, the operation of system 100 will be described using encryption of metadata in client A area 210A as an example.

As an example, when the client A_150A logout process is completed, the client area encryption system 124 uses the private key A′_750 to encrypt the decrypted (plaintext) metadata 620 of the client A area 210A, and encrypts it. create metadata 610 for client A area 210A. Private key A'_750 was sent from client A_150A to system 100 in this communication.

Encryptor 700 in client domain cryptosystem 124 reads and encrypts decrypted (plaintext) client A domain 210A metadata 620 stored in plaintext memory 640 using private key A'_750. . Encryptor 700 outputs encrypted metadata 610 of client A area 210 A to ciphertext memory 630 .

In one aspect, the metadata to be encrypted and decrypted may be only the top-level directory metadata of the client A area 210A. At least the metadata of the top level directory of client A area 210A is encrypted so that file system 126 cannot retrieve files below client A area 210A. As a result, system 100 can protect files located below client A area 210A from unauthorized access. In another aspect, the metadata to be encrypted may include metadata for all files and directories contained in client A area 210A.

FIG. 8 is a diagram showing an example of the configuration of another system 800 according to this embodiment. System 800 differs from system 100 in that it generates private keys instead of receiving private keys from each client 150 . System 800 includes a secret key generation system 810 , a secret key periodical update system 820 , and a secret key file group 830 in addition to the configuration of system 100 . In addition, system 800 includes client area decryption system 823 and client area encryption system 824 in place of client area decryption system 123 and client area encryption system 124 . Unlike the client 150, the client 850 does not have to have the function of generating a private key.

The private key generation system 810 generates a private key for encrypting and decrypting each of the metadata of each client 150 (Client A File Configuration_128A, Client B File Configuration_128B, Client C File Configuration_128C).

The private key periodic update system 820 outputs a private key generation instruction to the private key generation system 810 at a predetermined timing. As an example, the predetermined timing is after a certain period of time has elapsed since the previous secret key was generated, after each client 150 has successfully authenticated, after each client 150 has transmitted a disconnection request to the system 100, and after each client 150 has Any timing, such as after the logout process ends, may be included.

Private key file group 830 stores private keys generated by private key generation system 810 . The client area decryption system 823 decrypts the metadata of each client 150 using the private key stored in the private key file group 830 . Similarly, the client area encryption system 824 uses the private key stored in the private key file group 830 to encrypt metadata of each client 150 .

As described above, the system 800 has all the configurations necessary for encrypting and decrypting metadata, thereby saving the trouble of installing a private key generation system on each client 850 and the like.

Client area decryption system 823 and client area encryption system 824 use the private key generated by private key generation system 810 unlike client area decryption system 123 and client area encryption system 124 .

FIG. 9 is a sequence diagram showing an example of the encryption and decryption processing procedure of system 800. As shown in FIG. Referring to FIG. 9, the operation of system 800 will be described using the encryption and decryption of files of client A_850A as an example.

In step S905, client A_850A accepts a login operation to system 800 from the user. The login operation is, for example, inputting a user ID and password. In one aspect, client A_850A may accept a login operation to system 800 from a user via a browser. In another aspect, client A_850A may accept a login operation to system 800 from a user via an application that communicates with system 800. FIG.

In step S910, client A_850A sends login information to system 800. FIG.

In step S915, the system 800 (login system 122) executes client authentication processing. System 800 (login system 122) may authenticate client A_850A (or a user of client A_850A) by comparing the received login information with login information stored in storage 110. FIG.

In step S920, system 800 (client area decryption system 823) reads encrypted client A file configuration 128A (metadata) from storage 110. FIG.

At step S925, system 800 (client area decryption system 823) uses private key A generated by private key generation system 810 to decrypt encrypted client A file structure 128A (metadata).

In step S930, system 800 (client area decryption system 823) writes decrypted client A file structure 128A (metadata) to storage 110. FIG.

In step S935, the system 800 (login system 122) completes the login process.

In step S940, system 800 (login system 122) transmits a login processing completion notification to client A_850A.

In step S945, client A_850A receives an operation input for client operation application 121 from the user. For example, the user can execute an application provided by the system 800 and read/write the client A file group 142A via the client operation application 121 .

In step S950, client A_850A sends system 800 a message regarding the user's operation input.

In step S955, the system 800 (client operation application 121) executes read or write processing of the client A file group 142A based on the user's operation input. The processing from step S945 to step S955 can be repeatedly executed until client A_850A receives an input operation of a logout request from the user.

In step S960, client A_850A receives input of a logout operation from the user.

At step S965, client A_850A sends a logout request to system 800. FIG.

In step S970, system 800 (login system 122) executes logout processing.

In step S975, system 800 (secret key generation system 810) generates secret key A' (new secret key). In one aspect, system 800 (secret key generation system 810) may generate secret key A' at any timing after login processing. In another aspect, system 800 (secret key generation system 810) may generate secret key A' based on acceptance of a logout operation from the user. In another aspect, system 800 (secret key generation system 810 ) may generate secret key A′ at any timing when an instruction is received from secret key periodic update system 820 . The system 800 (secret key generation system 810 ) stores the generated secret key A′ (new secret key) in the secret key file group 830 .

In step S980, system 800 (client area cryptographic system 824) reads decrypted client A file configuration 128A (metadata) from storage 110. FIG.

At step S985, system 800 (client domain encryption system 824) encrypts client A file configuration 128A (metadata) using private key A' generated by private key generation system 810.

In step S990, system 800 (client area cryptographic system 824) writes encrypted client A file configuration 128A (metadata) to storage 110. In one aspect, system 800 (client area cryptographic system 824) may execute processing from step S980 onward after receiving a logout request and before executing logout processing. In another aspect, system 100 (client area cryptographic system 124) may execute the processes from step S980 onward at any time after client A_150A finishes operating or referring to client A file group 142A.

FIG. 10 is a diagram illustrating an example of a metadata decoding flow in system 800. As shown in FIG. Referring to FIG. 10, the operation of system 800 will be described using the decoding of metadata in client A area 210A as an example.

As an example, the client area decryption system 823 decrypts the encrypted metadata 610 of the client A area 210A using the secret key A generated by the secret key generation system 810 when the authentication process of the client A_150A is completed. to create metadata 620 of the decrypted (plaintext) client A area 210A. In some aspects, ciphertext memory 630 and plaintext memory 640 may be in storage 110 or in main memory of system 100 .

As an example, client area decryption system 823 obtains login ID 1010 of client A_150A from login system 122 . The client area decryption system 823 acquires the private key A associated with the login ID 1010 from the private key file group 830 . The client area decryption system 823 can use the private key A to decrypt the client A area 210A. The same applies to encryption processing.

Decryptor 600 in client domain decryption system 823 uses private key A to read and decrypt encrypted metadata 610 stored in ciphertext memory 630 . Decoder 600 outputs decrypted (plaintext) metadata 620 to plaintext memory 640 .

In one aspect, the metadata to be decrypted (and encrypted) may be only the top-level directory metadata of the client A area 210A. At least the metadata of the top level directory of client A area 210A is encrypted so that file system 126 cannot retrieve files below client A area 210A. As a result, the system 800 can protect files located below the client A area 210A from unauthorized access. In other aspects, the metadata to be decrypted (and encrypted) may include metadata for all files and directories contained in client A area 210A.

FIG. 11 is a diagram showing an example of a hardware configuration of an information processing apparatus 1100 used as systems 100 and 800. As shown in FIG. In one aspect, system 100 and system 800 can be implemented by one or more information processing devices 1100 . For example, the system 100 and the system 800 can be implemented by a server, cluster, or cloud made up of one or more information processing devices 1100 .

Information processing apparatus 1100 includes CPU 1 , primary storage device 2 , secondary storage device 3 , external equipment interface 4 , input interface 5 , output interface 6 , and communication interface 7 .

The CPU 1 can execute programs for realizing various functions of the information processing device 1100 . The CPU 1 is composed of, for example, at least one integrated circuit. The integrated circuit may be composed of, for example, at least one CPU, at least one FPGA (Field Programmable Gate Array), or a combination thereof.

The primary storage device 2 stores programs executed by the CPU 1 and data referenced by the CPU 1 . In one aspect, the primary storage device 2 may be realized by a DRAM (Dynamic Random Access Memory), an SRAM (Static Random Access Memory), or the like.

The secondary storage device 3 is a non-volatile memory and may store programs executed by the CPU 1 and data referred to by the CPU 1 . In that case, the CPU 1 executes the program read from the secondary storage device 3 to the primary storage device 2 and refers to the data read from the secondary storage device 3 to the primary storage device 2 . In one aspect, the secondary storage device 3 may be implemented by an HDD, SSD, EPROM, EEPROM, flash memory, or the like.

The external device interface 4 can be connected to arbitrary external devices such as printers, scanners and external HDDs. In one aspect, the external device interface 4 may be realized by a USB (Universal Serial Bus) terminal or the like.

The input interface 5 can be connected to any input device such as a keyboard, mouse, touchpad or gamepad. In one aspect, the input interface 5 may be realized by a USB terminal, a PS/2 terminal, a Bluetooth (registered trademark) module, or the like.

The output interface 6 can be connected to any output device such as a CRT display, a liquid crystal display, or an organic EL (Electro-Luminescence) display. In one aspect, the output interface 6 may be realized by a USB terminal, a D-sub terminal, a DVI (Digital Visual Interface) terminal, an HDMI (registered trademark) (High-Definition Multimedia Interface) terminal, or the like.

The communication interface 7 is connected to wired or wireless network equipment. In one aspect, the communication interface 7 may be realized by a wired LAN (Local Area Network) port, a Wi-Fi (registered trademark) (Wireless Fidelity) module, or the like. In other aspects, communication interface 7 may transmit and receive data using communication protocols such as TCP/IP, UDP, and the like.

In one aspect, CPU 1 may load a program for performing the processing of FIG. 5 or FIG. 9 from secondary storage device 3 to primary storage device 2 and execute the program. In other aspects, part or all of the process may also be implemented as a combination of circuit elements configured to perform the process.

As described above, system 100 or system 800 according to this embodiment encrypts the metadata used by file system 126 instead of encrypting the file body in storage 110 . This allows system 100 or system 800 to achieve security equivalent to encryption of client files. Furthermore, since the data size of metadata is extremely small compared to the data size of a file group, system 100 or system 800 can update the private key with high frequency.

It should be considered that the embodiments disclosed this time are illustrative in all respects and not restrictive. The scope of the present disclosure is indicated by the scope of the claims rather than the above description, and is intended to include all modifications within the meaning and scope of equivalents of the scope of the claims. In addition, it is intended that the disclosure content described in the embodiment and each modified example can be implemented singly or in combination as much as possible.

1 CPU, 2 primary storage device, 3 secondary storage device, 4 external device interface, 5 input interface, 6 output interface, 7 communication interface, 100,800 system, 110 storage, 120 application, 121 client operation application, 122 login system, 123,823 client area decryption system, 124,824 client area encryption system, 126 file system, 127 server file area, 128A client A file configuration, 128B client B file configuration, 128C client C file configuration, 130, 153 network interface , 140 data area, 141 server file group, 142A client A file group, 142B client B file group, 142C client C file group, 150, 850 client, 150A, 850A client A, 150B client B, 150C client C, 151A secret key A, 151B private key B, 151C private key C, 152,810 private key generation system, 160 unauthorized client, 170 network, 201 root, 202 OS area, 203 application area, 204 client data area, 210A client A area, 210B client B area, 210C client C area, 211, 212 data, 213 subdirectory, 310 key, 320 address, 400 storage medium, 401, 402, 403 sector, 600 decoder, 610, 620 metadata, 630 ciphertext memory, 640 Plaintext memory 700 Encryptor 820 Private key periodic update system 830 Private key file group 1010 Login ID 1100 Information processing device.

Claims (15)

A system that can be used from multiple terminals,
a communication unit for communicating with each of the plurality of terminals;
a file system for managing files of each user of the plurality of terminals;
an encryption unit for encrypting metadata referenced by the file system;
a decoder for decoding said metadata. The encryption unit encrypts metadata of a user's file;
The decryption unit decrypts metadata of the file of the certain user with a private key based on the login of the certain user to the system,
2. The system according to claim 1, wherein said encryption unit encrypts the metadata of said certain user's file with a private key different from said private key after said certain user finishes referring to the file. 3. The system according to claim 2, wherein said communication unit receives said another secret key from a terminal of said certain user who has logged into said system at a predetermined timing. further comprising a private key generation unit,
3. The system according to claim 2, wherein said secret key generation unit generates said another secret key at a predetermined timing. 5. The system according to claim 3 or 4, wherein said predetermined timing is after said certain user's terminal logs into said system. 5. The system according to claim 3 or 4, wherein said predetermined timing is after receiving a disconnection request from said certain user's terminal. 7. The system according to any one of claims 1 to 6, wherein said encryption unit encrypts, from among said metadata, metadata of a top-level directory of files of each user of said plurality of terminals. A method for protecting files in a system accessible from multiple terminals, comprising:
encrypting metadata of files of each user of said plurality of terminals stored in said system;
communicating with a terminal of a user;
and decoding metadata of said one user's file during communication with said one user's terminal. Decrypting metadata of the file of the user includes decrypting metadata of the file of the user with a private key based on the user logging into the system;
9. The method of claim 8, wherein the method further comprises encrypting metadata of the file of the certain user with a private key different from the private key after the user has finished viewing the file. . 10. The method according to claim 9, further comprising receiving said another private key from said certain user's terminal logged into said system at a predetermined timing. 10. The method of claim 9, further comprising generating said another private key at predetermined timings. 12. The method according to claim 10 or 11, wherein said predetermined timing is after said certain user's terminal has logged into said system. 12. A method according to claim 10 or 11, wherein said predetermined timing is after receiving a disconnection request from said certain user's terminal. The step of encrypting the metadata of the files of the users of the plurality of terminals stored in the system includes encrypting the metadata of the top-level directory of the files of the users of the plurality of terminals from among the metadata. A method according to any one of claims 8 to 13, comprising the step of converting. A program for causing a computer to execute the method according to any one of claims 8 to 14.

Images